demo/secure_element/resources/generation_scripts/provision_device.py

1 #

2 # EVALUATION AND USE OF THIS SOFTWARE IS SUBJECT TO THE TERMS AND

3 # CONDITIONS OF THE CONTROLLING LICENSE AGREEMENT FOUND AT LICENSE.md

4 # IN THIS SDK. IF YOU DO NOT AGREE TO THE LICENSE TERMS AND CONDITIONS,

5 # PLEASE RETURN ALL SOURCE FILES TO SILICON LABORATORIES.

6 # (c) Copyright 2018, Silicon Laboratories Inc. All rights reserved.

7 #

8 from __future__ import print_function

9 import datetime

10 import traceback

11 import binascii

12 import optparse

13 

14 from secure_element_common import *

15 from secure_element_device import secure_element_device

16 

17 

18 def provision_device(hostname):

19  print('\nOpening connection to Device')

20  with secure_element_device() as device:

21  _provision_device(device, hostname)

22 

23 

24 def _provision_device(device, hostname):

25  print('\nInitializing Device')

26  device_info = device.init()

27  print(' MAC Address: %s' % device_info.mac)

28  print(' ATECC608A SN: %s' % device_info.se.serial_number)

29  print(' ATECC608A Public Key:')

30 

31 

32  public_key = binascii.hexlify(device_info.se.public_key)

33  int_size = len(public_key) / 2

34  print(' X: %s' % public_key[:int_size])

35  print(' Y: %s' % public_key[int_size:])

36 

37  print('\nLoading root CA certificate')

38  if not os.path.isfile(CREDENTIAL_PATH(ROOT_CA_CERT_FILENAME)):

39  raise Exception('Failed to find root CA certificate file, ' + ROOT_CA_CERT_FILENAME + '. Have you run the script: create_root_ca.py first?')

40 

41  root_ca_cert = read_pem_cert(CREDENTIAL_PATH(ROOT_CA_CERT_FILENAME))

42 

43 

44  print('\nLoading signer CA certificate')

45  if not os.path.isfile(CREDENTIAL_PATH(SIGNER_CA_CERT_FILENAME)):

46  raise Exception('Failed to find signer CA certificate file, ' + SIGNER_CA_CERT_FILENAME + '. Have you run the script: ca_create_signer.py first?')

47 

48  signer_ca_cert = read_pem_cert(CREDENTIAL_PATH(SIGNER_CA_CERT_FILENAME))

49 

50  print('\nLoading device certificate')

51  if not os.path.isfile(CREDENTIAL_PATH(DEVICE_CERT_FILENAME)):

52  raise Exception('Failed to find device certificate file, ' + DEVICE_CERT_FILENAME + '. Have you run the script: create_device_cert.py first?')

53 

54  device_cert = read_pem_cert(CREDENTIAL_PATH(DEVICE_CERT_FILENAME))

55 

56  print('\nProvisioning device with credentials')

57 

58  device.save_credentials(

59  device_cert=device_cert.public_bytes(encoding=serialization.Encoding.DER),

60  signer_cert=signer_ca_cert.public_bytes(encoding=serialization.Encoding.DER),

61  signer_ca_pub=pub_key_to_bytes(root_ca_cert.public_key()),

62  hostname=hostname)

63 

64  print('\nRebooting device')

65  device.reboot()

66 

67  print('\nDone')

68 

69 

70 

71 

72 if __name__ == '__main__':

73  parser = optparse.OptionParser(description='Uses secure element to generate device certificate and provisions device. NOTE: The device must be connected and programmed with the app running to use this script')

74  parser.add_option('--hostname',

75  help='Required, Hostname of server device should connect to, if you\'re using the local setting server, this should be your computer\'s IP address')

76 

77  options, _ = parser.parse_args()

78 

79  if not options.hostname:

80  raise Exception('Must provide --hostname argument')

81 

82  try:

83  provision_device(options.hostname)

84  except Exception as e:

85  traceback.print_exc()

86  print(e)

87