search

microchip-pic-avr-solutions / microchip-iot-developer-guides-for-aws

Microchip IoT Developer Guides for AWS is a set of tutorials tailored to get started with your IoT Design, from embedded to cloud. Starting with the sandbox, you can play around with sending and receiving data to the cloud with almost no setup.
34 stars 6 forks source link

Resources for Arduino Based Development boards #2

Open gannaramu opened 3 years ago

gannaramu commented 3 years ago

Hello Team,

I am working on a project using Teensy4.0 Development board. I have been able to successfully connect to AWS IoT. But I want to implement the JITR using the Microchip ATECC608 Trust and Go Device. I see a lot of functionality is built into the IoT Provisioning Tool. Are there any resources where I can look at how the tool works or if you can point to the Github repository if it is open source?

Thanks Ram Rohit

johanlofstad commented 3 years ago

The provisioning tool, as of now, is closed source. We're hoping to open source it down the line, but I can't give any timeline. On the question of resources, we have a couple:

A More Thorough Look Into The Provisioning Process This guide explains what the provisioning tool does in some more detail. It's more high level and doesn't go into the implementation details.

https://github.com/microchip-pic-avr-solutions/microchip-iot-developer-guides-for-aws/tree/master/a-more-thorough-look-into-the-provisioning-process

Zero Touch Secure Provisioning Kit for AWS IoT

This is a user guide for the "Zero Touch Secure Provisioning Kit", and is a document focused on the ECC608 provisioning and not the IoT Board itself. However, the IoT Board uses the ECC608, so this document can be highly applicable. It might help you, especially if you're willing to dig into the source code.

User Guide: https://microchipdeveloper.com/iot:ztpk Source Code: https://github.com/MicrochipTech/aws-iot-zero-touch-secure-provisioning-kit

I'd especially recommend you to have a look at https://github.com/MicrochipTech/aws-iot-zero-touch-secure-provisioning-kit, as it's the code a lot of the functionality the IoT Provisioning Tool is based on.

lharing commented 3 years ago

Note that JITR is not possible with a Trust&Go by using the certificates that are stored in the device itself because you don't have the private key that was used to sign these devices. Trust&Go devices are suited for AWS Multi Account Registration. If you still want to do JITR you will need to create a new chain of trust down to a new device certificate with the public key of the ECC608. The provisioning tool offers such a way for prototyping purposes. In a end user scenario a Trust&Flex or Trust&Custom device would be used.