Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add generated device certificate, device private key and code signing key usage to aws-iot-example #7

Merged
merged 14 commits into from
Sep 25, 2023
Merged

Add generated device certificate, device private key and code signing key usage to aws-iot-example #7

merged 14 commits into from
Sep 25, 2023

Commits on Sep 22, 2023

  1. aws-iot-example: Add provisioning data to binary 

    The keyCLIENT_CERTIFICATE_PEM, keyCLIENT_PRIVATE_KEY_PEM
and keyJITR_DEVICE_CERTIFICATE_AUTHORITY_PEM macros are used
in the new provisioning binary. They are loaded into a predefined
address and the dev_mode_key_provisioning.c can use it directly.

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
    @bence-balogh @urutva
    bence-balogh authored and urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    2dfd75a View commit details
    Browse the repository at this point in the history

  2. aws-iot-example: Check if prov-bundle is loaded 

    Check the provisioning magic before and after the provisioning
data to see whethet the bundle is loaded and valid.

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
    @bence-balogh @urutva
    bence-balogh authored and urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    85938c3 View commit details
    Browse the repository at this point in the history

  3. aws-iot-example: Generate credentials header 

    The credentials header that's used in the provisioning
binary blob is generated by the generate_credentials_header.py
python script. The script uses pem files to generate the header.
The pem files' paths can be passed with cmake definitions during
the cmake configuration.

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
    @bence-balogh @urutva
    bence-balogh authored and urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    0123f8e View commit details
    Browse the repository at this point in the history

  4. aws-iot-example: Preprocess the linkerscript 

    The .ld and .sct linker scripts for the provisioning_data
can include the provisioning_config.h this way, so the
addresses will always by in-sync.

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
    @bence-balogh @urutva
    bence-balogh authored and urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    39ce738 View commit details
    Browse the repository at this point in the history

  5. aws-iot-example: Update docs with cert generation 

    Signed-off-by: Bence Balogh <bence.balogh@arm.com>
    @bence-balogh @urutva
    bence-balogh authored and urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    4048d12 View commit details
    Browse the repository at this point in the history

  6. ci: Use new provisioning in the CI scripts 

    Signed-off-by: Bence Balogh <bence.balogh@arm.com>
    @bence-balogh @urutva
    bence-balogh authored and urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    2966d51 View commit details
    Browse the repository at this point in the history

  7. docs: Add pyelftools as dependency 

    Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    ea57f90 View commit details
    Browse the repository at this point in the history

  8. tf-m: Update TF-M to get provisioning bundle 

    The latest changes in TF-M includes the possiblity to disable TF-M dummy
provisioning and enabling provisioning bundle to provision OTA update
verification key.

In addition, create a patch to fix the following cmake build error.

Direct dependency on generated_private_key_s.pem causes build failure as
the generated file is in a different location than what CMake is
expecting.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    5be9c46 View commit details
    Browse the repository at this point in the history

  9. aws-iot-example: Disable TF-M dummy provisioning 

    The corstone-300 target supports provisioning bundle in TF-M, therefore,
disable dummy provisioning and enable provisioning bundle.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    c2920c4 View commit details
    Browse the repository at this point in the history

  10. ci: Install python module pyelftools 

    The `pyelftools` is needed by TF-M to generate provisioning bundle.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    29ea83e View commit details
    Browse the repository at this point in the history

  11. ci: Pass provisioning bundle to FVP 

    Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    2e8823d View commit details
    Browse the repository at this point in the history

  12. ci: save encrypted_provisioning_bundle.bin to artifacts 

    Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    baa5035 View commit details
    Browse the repository at this point in the history

  13. ci: Pass device credentials to the build script in the ci 

    Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    e9325b1 View commit details
    Browse the repository at this point in the history

  14. ci: Update spell-check dictionary 

    Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
    @urutva
    urutva committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    4028476 View commit details
    Browse the repository at this point in the history