diff --git a/libraries/provisioning/provisioning.c b/libraries/provisioning/provisioning.c index b8da2270..2a3a0580 100644 --- a/libraries/provisioning/provisioning.c +++ b/libraries/provisioning/provisioning.c @@ -291,7 +291,7 @@ provisioning_res_e process_data_packet(void) } } - else if (m_conf.method == PROV_METHOD_SECURED) + else if (m_conf.method == PROV_METHOD_SECURED || m_conf.method == PROV_METHOD_EXTENDED_UID) { if (pdu->data.key_index == 1) { @@ -415,7 +415,7 @@ static uint32_t state_idle(void) /* Generate IV for Secured method. The same IV will be used even * for retries. */ - if (m_conf.method == PROV_METHOD_SECURED) + if (m_conf.method == PROV_METHOD_SECURED || m_conf.method == PROV_METHOD_EXTENDED_UID) { for(int i=0; i < AES_128_KEY_BLOCK_SIZE; i++) { diff --git a/libraries/provisioning/provisioning.h b/libraries/provisioning/provisioning.h index 16e06475..df0ee271 100644 --- a/libraries/provisioning/provisioning.h +++ b/libraries/provisioning/provisioning.h @@ -44,6 +44,7 @@ typedef enum { PROV_METHOD_UNSECURED = 0, /**< Unsecured provisioning method. */ PROV_METHOD_SECURED = 1, /**< Secured provisioning method. */ + PROV_METHOD_EXTENDED_UID = 3 /**< Extended UID provisioning method. */ } provisioning_method_e; /** diff --git a/libraries/provisioning/provisioning_int.h b/libraries/provisioning/provisioning_int.h index 5c898446..538b4d63 100644 --- a/libraries/provisioning/provisioning_int.h +++ b/libraries/provisioning/provisioning_int.h @@ -43,10 +43,10 @@ #define PROV_DATA_MAX_USER_ID 255 /** Network address for sending and receiving joining beacons */ -#define JOINING_NETWORK_ADDRESS 0x89d3b8 // "JBTX" +#define JOINING_NETWORK_ADDRESS 0x9E4ADC // "JBTX" /** Network channel for sending and receiving joining beacons */ -#define JOINING_NETWORK_CHANNEL 4 +#define JOINING_NETWORK_CHANNEL 36 /** Time to scan for joining beacons, in milliseconds. * \ref JOINING_RX_TIMEOUT and \ref JOINING_TX_INTERVAL needs to diff --git a/source/unitary_apps/provisioning_joining_node/config.yml b/source/unitary_apps/provisioning_joining_node/config.yml index 2157e48b..72635a8b 100644 --- a/source/unitary_apps/provisioning_joining_node/config.yml +++ b/source/unitary_apps/provisioning_joining_node/config.yml @@ -1,15 +1,25 @@ # This is an example file to customize a node running the provisioning joining node appliation +# using the ExtendedUID method. # Hex array must start with 0x otherwise it is treated as a string. # Format is: # # provisioning : -# uid : Ex: test_node -# factory_key : (32 bytes string, [0:15 Auth key][16:31 Enc Key]) Needed for sercured method. -# method : (Unsecured:0 or Secured:1) Ex: 0 +# device_uid: (16 bytes string, Representing the UID of the device to be provisioned) +# device_uid_type: (1 byte string, Representing the UID type of device_uid) +# authenticator_uid: (16 bytes string, Representing the UID of the authenticator) +# authenticator_uid_type: (1 byte string, Representing the UID type of authenticator_uid) +# Instead of specifying uid components individually, you can specify the whole uid as follows: +# uid: (34 bytes string, [0:1 device_uid_type][1:16 device_uid][16:17 authenticator_uid_type][17:33 authenticator_uid]) +# factory_key : (32 bytes string, [0:15 Auth key][16:31 Enc Key]) Needed for secured method. +# method : (Unsecured:0, Secured:1, Extended:3) Ex: 0 provisioning: - uid: test_node + uid: 0x01 0xb3 0x43 0x33 0x00 0x93 0x81 0x08 0x4a 0x8d 0xb3 0xaa 0x9e 0x53 0xd2 0x2a 0x1e 0x01 0x7e 0x71 0xe5 0xd7 0x22 0xef 0x0f 0x4b 0xa8 0x7d 0x44 0xd4 0xe0 0xe5 0xb5 0x7d + node_uid: 0x7e 0x71 0xe5 0xd7 0x22 0xef 0x0f 0x4b 0xa8 0x7d 0x44 0xd4 0xe0 0xe5 0xb5 0x7d + node_uid_type: 0x01 + authenticator_uid: 0xb3 0x43 0x33 0x00 0x93 0x81 0x08 0x4a 0x8d 0xb3 0xaa 0x9e 0x53 0xd2 0x2a 0x1e + authenticator_uid_type: 0x01 factory_key : 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 0x08 0X09 0X0A 0X0B 0X0C 0X0D 0X0E 0X0F 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 0x08 0X09 0X0A 0X0B 0X0C 0X0D 0X0E 0X0F - method: 1 + method: 0x03 diff --git a/source/unitary_apps/provisioning_joining_node/config_insecure.yml b/source/unitary_apps/provisioning_joining_node/config_insecure.yml new file mode 100644 index 00000000..5a4b4f2b --- /dev/null +++ b/source/unitary_apps/provisioning_joining_node/config_insecure.yml @@ -0,0 +1,14 @@ +# This is an example file to customize a node running the provisioning joining node appliation +# using the insecure method. + +# Hex array must start with 0x otherwise it is treated as a string. + +# Format is: +# +# provisioning : +# uid: (bytes string, less than 79 bytes long) +# method : (Unsecured:0, Secured:1, Extended:3) Ex: 0 + +provisioning: + uid: 0x41 0xb1 0x85 0x7a 0x0f 0xb6 0xb1 0x48 0xa5 0xe4 0xb9 0xb6 0x03 0x53 0x1b 0x3b + method: 0x00 diff --git a/source/unitary_apps/provisioning_joining_node/config_secure.yml b/source/unitary_apps/provisioning_joining_node/config_secure.yml new file mode 100644 index 00000000..d52968ce --- /dev/null +++ b/source/unitary_apps/provisioning_joining_node/config_secure.yml @@ -0,0 +1,16 @@ +# This is an example file to customize a node running the provisioning joining node appliation +# using the secure method. + +# Hex array must start with 0x otherwise it is treated as a string. + +# Format is: +# +# provisioning : +# uid: (bytes string, less than 79 bytes long) +# factory_key : (32 bytes string, [0:15 Auth key][16:31 Enc Key]) Needed for secured method. +# method : (Unsecured:0, Secured:1, Extended:3) Ex: 0 + +provisioning: + uid: 0x58 0xc8 0x12 0xad 0x37 0xe8 0x36 0x4a 0xa1 0x1f 0x1c 0xbc 0x63 0x3e 0x8e 0x34 + factory_key : 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 0x08 0X09 0X0A 0X0B 0X0C 0X0D 0X0E 0X0F 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 0x08 0X09 0X0A 0X0B 0X0C 0X0D 0X0E 0X0F + method: 0x01 diff --git a/source/unitary_apps/provisioning_joining_node/genConfigHex.py b/source/unitary_apps/provisioning_joining_node/genConfigHex.py index 7092c730..39fd4bee 100644 --- a/source/unitary_apps/provisioning_joining_node/genConfigHex.py +++ b/source/unitary_apps/provisioning_joining_node/genConfigHex.py @@ -41,7 +41,7 @@ def to_bytes(param): else: param = bytes(param, 'utf-8') elif type(param) is int: - param.to_bytes((param.bit_length() + 7) // 8, byteorder='big') + param = param.to_bytes(max(1, (param.bit_length() + 7) // 8), byteorder='big') else: if type(param) is str: if param.upper().startswith("0X"): @@ -79,7 +79,7 @@ def main(): provisioning.")) parser.add_argument("infilespec", - metavar="INFILESPEC", help="yml personalization file") + metavar="INFILESPEC", default="config.yml", help="yml personalization file") parser.add_argument("--output", "-o", metavar="OUTFILESPEC", help="The output file") @@ -116,7 +116,17 @@ def main(): return -1 try: - uid = to_bytes(cfg['provisioning']['uid']) + if "uid" in cfg['provisioning'].keys(): + uid = to_bytes(cfg['provisioning']["uid"]) + elif cfg['provisioning']["method"] == 3: + node_uid = to_bytes(cfg['provisioning']['node_uid']) + node_uid_type = to_bytes(cfg['provisioning']['node_uid_type']) + authenticator_uid = to_bytes(cfg['provisioning']['authenticator_uid']) + authenticator_uid_type = to_bytes(cfg['provisioning']['authenticator_uid_type']) + uid = authenticator_uid_type + authenticator_uid + node_uid_type + node_uid + else: + raise KeyError + method = to_bytes(cfg['provisioning']['method']) except KeyError: sys.stdout.write("%s: UID and Method are mandatory\n" % (pgmname)) @@ -126,14 +136,14 @@ def main(): except KeyError: key = b'' - sys.stdout.write("%s - UID: %s (len: %d)\n" % (pgmname, uid, len(uid))) + sys.stdout.write("%s - UID: %s (len: %d)\n" % (pgmname, uid.hex(), len(uid))) sys.stdout.write( "%s - KEY: %s (len: %d)\n" % (pgmname, "".join("{:02X}".format(to_int(x)) for x in key), len(key))) - sys.stdout.write("%s - Method: %d\n" % (pgmname, method)) + sys.stdout.write("%s - Method: %d\n" % (pgmname, int.from_bytes(method, byteorder='big'))) data = struct.pack("