async Task SetConfigToEdgeDaemon(Option <string> manifestTrustBundle, CancellationToken token) { // This is a temporary solution see ticket: 9288683 if (!Context.Current.ISA95Tag) { TestCertificates testCerts; (testCerts, this.ca) = await TestCertificates.GenerateCertsAsync(this.device.Id, token); this.startTime = DateTime.Now; await this.ConfigureDaemonAsync( config => { testCerts.AddCertsToConfigForManifestTrust(config, manifestTrustBundle, Option.None <Dictionary <string, string> >()); config.SetManualSasProvisioning(this.IotHub.Hostname, Context.Current.ParentHostname, this.device.Id, this.device.SharedAccessKey); config.Update(); return(Task.FromResult(( "with connection string for device '{Identity}'", new object[] { this.device.Id }))); }, this.device, this.startTime, token); } }
public async Task X509ProvisionEdgeAsync() { await Profiler.Run( async() => { using (var cts = new CancellationTokenSource(Context.Current.SetupTimeout)) { CancellationToken token = cts.Token; DateTime startTime = DateTime.Now; string deviceId = DeviceId.Current.Generate(); (X509Thumbprint thumbprint, string certPath, string keyPath) = await this.CreateIdentityCertAsync( deviceId, token); EdgeDevice device = await EdgeDevice.GetOrCreateIdentityAsync( deviceId, this.GetNestedEdgeConfig(this.IotHub), this.IotHub, AuthenticationType.SelfSigned, thumbprint, token); Context.Current.DeleteList.TryAdd(device.Id, device); this.runtime = new EdgeRuntime( device.Id, Context.Current.EdgeAgentImage, Context.Current.EdgeHubImage, Context.Current.EdgeProxy, Context.Current.Registries, Context.Current.OptimizeForPerformance, this.IotHub); TestCertificates testCerts; (testCerts, this.ca) = await TestCertificates.GenerateCertsAsync(device.Id, token); await this.ConfigureDaemonAsync( config => { testCerts.AddCertsToConfig(config); config.SetDeviceManualX509( this.IotHub.Hostname, Context.Current.ParentHostname, device.Id, certPath, keyPath); config.Update(); return(Task.FromResult(( "with x509 certificate for device '{Identity}'", new object[] { device.Id }))); }, device, startTime, token); } }, "Completed edge manual provisioning with self-signed certificate"); }
protected virtual async Task SasProvisionEdgeAsync(bool withCerts = false) { using (var cts = new CancellationTokenSource(Context.Current.SetupTimeout)) { CancellationToken token = cts.Token; DateTime startTime = DateTime.Now; this.device = await EdgeDevice.GetOrCreateIdentityAsync( Context.Current.DeviceId.GetOrElse(DeviceId.Current.Generate()), this.GetNestedEdgeConfig(this.IotHub), this.IotHub, AuthenticationType.Sas, null, token); Log.Information($"Device ID {this.device.Id}"); Context.Current.DeleteList.TryAdd(this.device.Id, this.device); this.runtime = new EdgeRuntime( this.device.Id, Context.Current.EdgeAgentImage, Context.Current.EdgeHubImage, Context.Current.EdgeProxy, Context.Current.Registries, Context.Current.OptimizeForPerformance, this.IotHub); // This is a temporary solution see ticket: 9288683 if (!Context.Current.ISA95Tag) { TestCertificates testCerts; (testCerts, this.ca) = await TestCertificates.GenerateCertsAsync(this.device.Id, token); await this.ConfigureDaemonAsync( config => { testCerts.AddCertsToConfig(config); config.SetManualSasProvisioning(Context.Current.ParentHostname.GetOrElse(this.device.HubHostname), this.device.Id, this.device.SharedAccessKey); config.Update(); return(Task.FromResult(( "with connection string for device '{Identity}'", new object[] { this.device.Id }))); }, this.device, startTime, token); } } }
public async Task DpsSymmetricKey() { string idScope = Context.Current.DpsIdScope.Expect(() => new InvalidOperationException("Missing DPS ID scope")); string groupKey = Context.Current.DpsGroupKey.Expect(() => new InvalidOperationException("Missing DPS enrollment group key")); string registrationId = DeviceId.Current.Generate(); string deviceKey = this.DeriveDeviceKey(Convert.FromBase64String(groupKey), registrationId); CancellationToken token = this.TestToken; (TestCertificates testCerts, _) = await TestCertificates.GenerateCertsAsync(registrationId, token); await this.daemon.ConfigureAsync( config => { testCerts.AddCertsToConfig(config); config.SetDpsSymmetricKey(idScope, registrationId, deviceKey); config.Update(); return(Task.FromResult(( "with DPS symmetric key attestation for '{Identity}'", new object[] { registrationId }))); }, token); await this.daemon.WaitForStatusAsync(EdgeDaemonStatus.Running, token); var agent = new EdgeAgent(registrationId, this.iotHub); await agent.WaitForStatusAsync(EdgeModuleStatus.Running, token); await agent.PingAsync(token); Option <EdgeDevice> device = await EdgeDevice.GetIdentityAsync( registrationId, Context.Current.ParentDeviceId, this.iotHub, token, takeOwnership : true); Context.Current.DeleteList.TryAdd( registrationId, device.Expect(() => new InvalidOperationException( $"Device '{registrationId}' should have been created by DPS, but was not found in '{this.iotHub.Hostname}'"))); }
public async Task DpsX509() { (string, string, string)rootCa = Context.Current.RootCaKeys.Expect(() => new InvalidOperationException("Missing DPS ID scope (check rootCaPrivateKeyPath in context.json)")); string caCertScriptPath = Context.Current.CaCertScriptPath.Expect(() => new InvalidOperationException("Missing CA cert script path (check caCertScriptPath in context.json)")); string idScope = Context.Current.DpsIdScope.Expect(() => new InvalidOperationException("Missing DPS ID scope (check dpsIdScope in context.json)")); string registrationId = DeviceId.Current.Generate(); CancellationToken token = this.TestToken; CertificateAuthority ca = await CertificateAuthority.CreateAsync( registrationId, rootCa, caCertScriptPath, token); IdCertificates idCert = await ca.GenerateIdentityCertificatesAsync(registrationId, token); (TestCertificates testCerts, _) = await TestCertificates.GenerateCertsAsync(registrationId, token); // Generated credentials need to be copied out of the script path because future runs // of the script will overwrite them. string path = Path.Combine(FixedPaths.E2E_TEST_DIR, registrationId); string certPath = Path.Combine(path, "device_id_cert.pem"); string keyPath = Path.Combine(path, "device_id_cert_key.pem"); Directory.CreateDirectory(path); File.Copy(idCert.CertificatePath, certPath); OsPlatform.Current.SetOwner(certPath, "aziotcs", "644"); File.Copy(idCert.KeyPath, keyPath); OsPlatform.Current.SetOwner(keyPath, "aziotks", "600"); await this.daemon.ConfigureAsync( config => { testCerts.AddCertsToConfig(config); config.SetDpsX509(idScope, registrationId, certPath, keyPath); config.Update(); return(Task.FromResult(( "with DPS X509 attestation for '{Identity}'", new object[] { registrationId }))); }, token); await this.daemon.WaitForStatusAsync(EdgeDaemonStatus.Running, token); var agent = new EdgeAgent(registrationId, this.iotHub); await agent.WaitForStatusAsync(EdgeModuleStatus.Running, token); await agent.PingAsync(token); Option <EdgeDevice> device = await EdgeDevice.GetIdentityAsync( registrationId, this.iotHub, token, takeOwnership : true); Context.Current.DeleteList.TryAdd( registrationId, device.Expect(() => new InvalidOperationException( $"Device '{registrationId}' should have been created by DPS, but was not found in '{this.iotHub.Hostname}'"))); }