async def test_group_of_devices_register_with_no_device_id_for_a_x509_ca_authentication_group_enrollment(
protocol):
group_id = "e2e-ca-ilvermorny" + str(uuid.uuid4())
common_device_id = device_common_name
devices_indices = type_to_device_indices.get("group_ca")
device_count_in_group = len(devices_indices)
reprovision_policy = ReprovisionPolicy(migrate_device_data=True)
try:
DPS_GROUP_CA_CERT = os.getenv("PROVISIONING_ROOT_CERT")
attestation_mechanism = AttestationMechanism.create_with_x509_ca_refs(
ref1=DPS_GROUP_CA_CERT)
enrollment_group_provisioning_model = EnrollmentGroup.create(
group_id,
attestation=attestation_mechanism,
reprovision_policy=reprovision_policy)
service_client.create_or_update(enrollment_group_provisioning_model)
count = 0
intermediate_cert_filename = "demoCA/newcerts/intermediate_cert.pem"
common_device_key_input_file = "demoCA/private/device_key"
common_device_cert_input_file = "demoCA/newcerts/device_cert"
common_device_inter_cert_chain_file = "demoCA/newcerts/out_inter_device_chain_cert"
for index in devices_indices:
count = count + 1
device_id = common_device_id + str(index)
device_key_input_file = common_device_key_input_file + str(
index) + ".pem"
device_cert_input_file = common_device_cert_input_file + str(
index) + ".pem"
device_inter_cert_chain_file = common_device_inter_cert_chain_file + str(
index) + ".pem"
filenames = [device_cert_input_file, intermediate_cert_filename]
with open(device_inter_cert_chain_file, "w") as outfile:
for fname in filenames:
with open(fname) as infile:
logging.debug("Filename is {}".format(fname))
content = infile.read()
logging.debug(content)
outfile.write(content)
registration_result = await result_from_register(
registration_id=device_id,
device_cert_file=device_inter_cert_chain_file,
device_key_file=device_key_input_file,
protocol=protocol,
)
assert_device_provisioned(device_id=device_id,
registration_result=registration_result)
device_registry_helper.try_delete_device(device_id)
# Make sure space is okay. The following line must be outside for loop.
assert count == device_count_in_group
finally:
service_client.delete_enrollment_group_by_param(group_id)
async def test_group_of_devices_register_with_no_device_id_for_a_x509_intermediate_authentication_group_enrollment(
protocol):
group_id = "e2e-intermediate-durmstrang" + str(uuid.uuid4())
common_device_id = device_common_name
devices_indices = type_to_device_indices.get("group_intermediate")
device_count_in_group = len(devices_indices)
reprovision_policy = ReprovisionPolicy(migrate_device_data=True)
try:
intermediate_cert_filename = "demoCA/newcerts/intermediate_cert.pem"
with open(intermediate_cert_filename, "r") as intermediate_pem:
intermediate_cert_content = intermediate_pem.read()
attestation_mechanism = AttestationMechanism.create_with_x509_signing_certs(
intermediate_cert_content)
enrollment_group_provisioning_model = EnrollmentGroup.create(
group_id,
attestation=attestation_mechanism,
reprovision_policy=reprovision_policy)
service_client.create_or_update(enrollment_group_provisioning_model)
count = 0
common_device_key_input_file = "demoCA/private/device_key"
common_device_cert_input_file = "demoCA/newcerts/device_cert"
common_device_inter_cert_chain_file = "demoCA/newcerts/out_inter_device_chain_cert"
for index in devices_indices:
count = count + 1
device_id = common_device_id + str(index)
device_key_input_file = common_device_key_input_file + str(
index) + ".pem"
device_cert_input_file = common_device_cert_input_file + str(
index) + ".pem"
device_inter_cert_chain_file = common_device_inter_cert_chain_file + str(
index) + ".pem"
filenames = [device_cert_input_file, intermediate_cert_filename]
with open(device_inter_cert_chain_file, "w") as outfile:
for fname in filenames:
with open(fname) as infile:
outfile.write(infile.read())
registration_result = await result_from_register(
registration_id=device_id,
device_cert_file=device_inter_cert_chain_file,
device_key_file=device_key_input_file,
protocol=protocol,
)
assert_device_provisioned(device_id=device_id,
registration_result=registration_result)
device_registry_helper.try_delete_device(device_id)
# Make sure space is okay. The following line must be outside for loop.
assert count == device_count_in_group
finally:
service_client.delete_enrollment_group_by_param(group_id)
def create_individual_enrollment(registration_id, device_id=None):
"""
Create an individual enrollment record using the service client
:param registration_id: The registration id of the enrollment
:param device_id: Optional device id
:return: And individual enrollment record
"""
reprovision_policy = ReprovisionPolicy(migrate_device_data=True)
attestation_mechanism = AttestationMechanism(type="symmetricKey")
individual_provisioning_model = IndividualEnrollment.create(
attestation=attestation_mechanism,
registration_id=registration_id,
device_id=device_id,
reprovision_policy=reprovision_policy,
)
return service_client.create_or_update(individual_provisioning_model)
def create_individual_enrollment_with_x509_client_certs(device_index, device_id=None):
registration_id = device_common_name + str(device_index)
reprovision_policy = ReprovisionPolicy(migrate_device_data=True)
device_cert_input_file = "demoCA/newcerts/device_cert" + str(device_index) + ".pem"
with open(device_cert_input_file, "r") as in_device_cert:
device_cert_content = in_device_cert.read()
attestation_mechanism = AttestationMechanism.create_with_x509_client_certs(device_cert_content)
individual_provisioning_model = IndividualEnrollment.create(
attestation=attestation_mechanism,
registration_id=registration_id,
reprovision_policy=reprovision_policy,
device_id=device_id,
)
return service_client.create_or_update(individual_provisioning_model)
