@@ -48,6 +48,76 @@ constexpr int FleetProvisioning::DEFAULT_WAIT_TIME_SECONDS;
48
48
49
49
FleetProvisioning::FleetProvisioning () : collectSystemInformation(false ) {}
50
50
51
+ bool FleetProvisioning::WriteKeyAndCertToDirectory (CreateKeysAndCertificateResponse *response, string fileName)
52
+ {
53
+ ostringstream certPathStream, keyPathStream;
54
+ certPathStream << keyDir << fileName << " -certificate.pem.crt" ;
55
+ keyPathStream << keyDir << fileName << " -private.pem.key" ;
56
+
57
+ certPath = FileUtils::ExtractExpandedPath (certPathStream.str ().c_str ()).c_str ();
58
+ keyPath = FileUtils::ExtractExpandedPath (keyPathStream.str ().c_str ()).c_str ();
59
+
60
+ if (FileUtils::StoreValueInFile (response->CertificatePem ->c_str (), certPath.c_str ()) &&
61
+ FileUtils::StoreValueInFile (response->PrivateKey ->c_str (), keyPath.c_str ()))
62
+ {
63
+ LOGM_INFO (
64
+ TAG, " Stored certificate and private key in %s and %s files" , certPath.c_str (), keyPath.c_str ());
65
+
66
+ LOG_INFO (TAG, " Attempting to set permissions for certificate and private key..." );
67
+ chmod (certPath.c_str (), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
68
+ chmod (keyPath.c_str (), S_IRUSR | S_IWUSR);
69
+
70
+ if (FileUtils::ValidateFilePermissions (certPath.c_str (), Permissions::PUBLIC_CERT) &&
71
+ FileUtils::ValidateFilePermissions (keyPath.c_str (), Permissions::PRIVATE_KEY))
72
+ {
73
+ LOG_INFO (TAG, " Successfully set permissions on provisioned public certificate and private key" );
74
+ return true ;
75
+ }
76
+ else
77
+ {
78
+ return false ;
79
+ }
80
+ }
81
+ else
82
+ {
83
+ LOGM_ERROR (
84
+ TAG,
85
+ " Failed to store public certificate and private key in files %s and %s" ,
86
+ certPath.c_str (),
87
+ keyPath.c_str ());
88
+ return false ;
89
+ }
90
+ }
91
+
92
+ bool FleetProvisioning::WriteCSRCertToDirectory (CreateCertificateFromCsrResponse *response, string fileName)
93
+ {
94
+ ostringstream certPathStream;
95
+ certPathStream << keyDir << fileName << " -certificate.pem.crt" ;
96
+ certPath = FileUtils::ExtractExpandedPath (certPathStream.str ().c_str ()).c_str ();
97
+
98
+ if (FileUtils::StoreValueInFile (response->CertificatePem ->c_str (), certPath.c_str ()))
99
+ {
100
+ LOGM_INFO (TAG, " Stored certificate in %s file" , certPath.c_str ());
101
+
102
+ LOG_INFO (TAG, " Attempting to set permissions for certificate..." );
103
+ chmod (certPath.c_str (), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
104
+ if (FileUtils::ValidateFilePermissions (certPath.c_str (), Permissions::PUBLIC_CERT))
105
+ {
106
+ LOG_INFO (TAG, " Successfully set permissions on provisioned public certificate" );
107
+ return true ;
108
+ }
109
+ else
110
+ {
111
+ return false ;
112
+ }
113
+ }
114
+ else
115
+ {
116
+ LOGM_ERROR (TAG, " Failed to store public certificate in file %s" , certPath.c_str ());
117
+ return false ;
118
+ }
119
+ }
120
+
51
121
bool FleetProvisioning::CreateCertificateAndKey (Iotidentity::IotIdentityClient identityClient)
52
122
{
53
123
LOG_INFO (TAG, " Provisioning new device certificate and private key using CreateKeysAndCertificate API" );
@@ -93,44 +163,8 @@ bool FleetProvisioning::CreateCertificateAndKey(Iotidentity::IotIdentityClient i
93
163
LOGM_INFO (TAG, " CreateKeysAndCertificateResponse certificateId: %s." , response->CertificateId ->c_str ());
94
164
certificateOwnershipToken = *response->CertificateOwnershipToken ;
95
165
Aws::Crt::String certificateID = response->CertificateId ->c_str ();
96
-
97
- ostringstream certPathStream, keyPathStream;
98
- certPathStream << keyDir << certificateID << " -certificate.pem.crt" ;
99
- keyPathStream << keyDir << certificateID << " -private.pem.key" ;
100
-
101
- certPath = FileUtils::ExtractExpandedPath (certPathStream.str ().c_str ()).c_str ();
102
- keyPath = FileUtils::ExtractExpandedPath (keyPathStream.str ().c_str ()).c_str ();
103
-
104
- if (FileUtils::StoreValueInFile (response->CertificatePem ->c_str (), certPath.c_str ()) &&
105
- FileUtils::StoreValueInFile (response->PrivateKey ->c_str (), keyPath.c_str ()))
106
- {
107
- LOGM_INFO (
108
- TAG, " Stored certificate and private key in %s and %s files" , certPath.c_str (), keyPath.c_str ());
109
-
110
- LOG_INFO (TAG, " Attempting to set permissions for certificate and private key..." );
111
- chmod (certPath.c_str (), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
112
- chmod (keyPath.c_str (), S_IRUSR | S_IWUSR);
113
-
114
- if (FileUtils::ValidateFilePermissions (certPath.c_str (), Permissions::PUBLIC_CERT) &&
115
- FileUtils::ValidateFilePermissions (keyPath.c_str (), Permissions::PRIVATE_KEY))
116
- {
117
- LOG_INFO (TAG, " Successfully set permissions on provisioned public certificate and private key" );
118
- keysCreationCompletedPromise.set_value (true );
119
- }
120
- else
121
- {
122
- keysCreationCompletedPromise.set_value (false );
123
- }
124
- }
125
- else
126
- {
127
- LOGM_ERROR (
128
- TAG,
129
- " Failed to store public certificate and private key in files %s and %s" ,
130
- certPath.c_str (),
131
- keyPath.c_str ());
132
- keysCreationCompletedPromise.set_value (false );
133
- }
166
+ bool writeSucceeded = WriteKeyAndCertToDirectory (response, certificateID.c_str ()) && WriteKeyAndCertToDirectory (response, " active" );
167
+ keysCreationCompletedPromise.set_value (writeSucceeded);
134
168
}
135
169
else
136
170
{
@@ -260,32 +294,8 @@ bool FleetProvisioning::CreateCertificateUsingCSR(Iotidentity::IotIdentityClient
260
294
LOGM_INFO (TAG, " CreateCertificateFromCsrResponse certificateId: %s. ***" , response->CertificateId ->c_str ());
261
295
certificateOwnershipToken = *response->CertificateOwnershipToken ;
262
296
Aws::Crt::String certificateID = response->CertificateId ->c_str ();
263
-
264
- ostringstream certPathStream;
265
- certPathStream << keyDir << certificateID << " -certificate.pem.crt" ;
266
- certPath = FileUtils::ExtractExpandedPath (certPathStream.str ().c_str ()).c_str ();
267
-
268
- if (FileUtils::StoreValueInFile (response->CertificatePem ->c_str (), certPath.c_str ()))
269
- {
270
- LOGM_INFO (TAG, " Stored certificate in %s file" , certPath.c_str ());
271
-
272
- LOG_INFO (TAG, " Attempting to set permissions for certificate..." );
273
- chmod (certPath.c_str (), S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
274
- if (FileUtils::ValidateFilePermissions (certPath.c_str (), Permissions::PUBLIC_CERT))
275
- {
276
- LOG_INFO (TAG, " Successfully set permissions on provisioned public certificate" );
277
- csrCreationCompletedPromise.set_value (true );
278
- }
279
- else
280
- {
281
- csrCreationCompletedPromise.set_value (false );
282
- }
283
- }
284
- else
285
- {
286
- LOGM_ERROR (TAG, " Failed to store public certificate in file %s" , certPath.c_str ());
287
- csrCreationCompletedPromise.set_value (false );
288
- }
297
+ bool writeSucceeded = WriteCSRCertToDirectory (response, certificateID.c_str ()) && WriteCSRCertToDirectory (response, " active" );
298
+ csrCreationCompletedPromise.set_value (writeSucceeded);
289
299
}
290
300
else
291
301
{
@@ -519,8 +529,7 @@ bool FleetProvisioning::ProvisionDevice(shared_ptr<SharedCrtResourceManager> fpC
519
529
LOG_INFO (TAG, " Fleet Provisioning Feature has been started." );
520
530
collectSystemInformation = config.fleetProvisioning .collectSystemInformation ;
521
531
522
- bool didSetup = FileUtils::CreateDirectoryWithPermissions (keyDir.c_str (), S_IRWXU) &&
523
- FileUtils::CreateDirectoryWithPermissions (
532
+ bool didSetup = FileUtils::CreateDirectoryWithPermissions (keyDir.c_str (), S_IRWXU) && FileUtils::CreateDirectoryWithPermissions (
524
533
Config::DEFAULT_CONFIG_DIR, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IROTH | S_IXOTH);
525
534
if (!didSetup)
526
535
{
0 commit comments