feat: add CLI to flash certificates

bifravst · Aug 28, 2019 · bfca423 · bfca423
1 parent 76fa039
commit bfca423
Show file tree

Hide file tree

Showing 5 changed files with 445 additions and 39 deletions.
diff --git a/@types/modemtalk.d.ts b/@types/modemtalk.d.ts
@@ -0,0 +1 @@
+declare module '@bifravst/modemtalk'
diff --git a/cli/bifravst.ts b/cli/bifravst.ts
@@ -11,6 +11,7 @@ import { reactConfigCommand } from './commands/react-config'
 import { infoCommand } from './commands/info'
 import { registerCaCommand } from './commands/register-ca'
 import { historicalDataCommand } from './commands/historical-data'
+import { flashCertificate } from './commands/flash-cert'
 
 const stackId = process.env.STACK_ID || 'bifravst'
 const region = process.env.AWS_DEFAULT_REGION || ''
@@ -58,6 +59,7 @@ const bifravstCLI = async () => {
 
  const commands = [
  registerCaCommand({ stackId, certsDir, region }),
+ flashCertificate({ certsDir }),
  generateCertCommand({ endpoint }),
  connectCommand({ endpoint, deviceUiUrl, certsDir }),
  reactConfigCommand({ stackId, region }),

diff --git a/cli/commands/flash-cert.ts b/cli/commands/flash-cert.ts
@@ -0,0 +1,84 @@
+import { ComandDefinition } from './CommandDefinition'
+import { ModemPort } from '@bifravst/modemtalk'
+import chalk from 'chalk'
+import { deviceFileLocations } from '../jitp/deviceFileLocations'
+import { promises as fs } from 'fs'
+import * as path from 'path'
+
+export const flashCertificate = ({
+ certsDir,
+}: {
+ certsDir: string
+}): ComandDefinition => ({
+ command: 'flash <deviceId>',
+ options: [
+ {
+ flags: '-p, --port <port>',
+ description: 'Serial port, defaults to /dev/ttyACM0',
+ },
+ {
+ flags: '-t, --sectag <secTag>',
+ description: 'sec tag, defaults to 42',
+ },
+ ],
+ action: async (
+ deviceId: string,
+ { port, secTag }: { port?: string; secTag?: string },
+ ) => {
+ const deviceFiles = deviceFileLocations({ certsDir, deviceId })
+ const PORT = port || '/dev/ttyACM0'
+ const SEC_TAG = parseInt(secTag || '', 10) || 42
+ const device = new ModemPort(PORT, {
+ writeCallback: (data: string) => {
+ console.log(chalk.magenta(data.trim()))
+ },
+ })
+
+ device.on('event', (...args: any) => {
+ console.log('even', JSON.stringify(args))
+ })
+ device.on('error', (err: Error) => {
+ console.error(chalk.red(`Serial port error: ${err.message}`))
+ })
+ device.on('disconnect', () => {
+ console.log(chalk.magenta('Serial port has been disconnected'))
+ })
+ device.on('rx', (data: string) => {
+ console.debug(chalk.grey.bold('device <<'), chalk.grey(data.trim()))
+ })
+
+ await device.open()
+
+ const [caCert, clientCert, privateKey] = await Promise.all([
+ fs.readFile(
+ path.join(process.cwd(), 'data', 'AmazonRootCA1.pem'),
+ 'utf-8',
+ ),
+ fs.readFile(deviceFiles.certWithCA, 'utf-8'),
+ fs.readFile(deviceFiles.key, 'utf-8'),
+ ])
+
+ console.log(chalk.yellow('Port:'), chalk.cyan(PORT))
+ console.log(chalk.yellow('SecTag:'), chalk.cyan(`${SEC_TAG}`))
+
+ await device.writeAT('+CGSN', {
+ timeout: 2000,
+ })
+ // FIXME: How to read the response?
+
+ console.log(chalk.cyan('Turning off modem'))
+ await device.writeAT('+CFUN=4', {
+ timeout: 2000,
+ })
+
+ console.log(chalk.cyan('Writing credentials'))
+ await device.writeTLSCredential(SEC_TAG, 0, caCert) // CA certificate
+ await device.writeTLSCredential(SEC_TAG, 1, clientCert) // client certificate
+ await device.writeTLSCredential(SEC_TAG, 2, privateKey) // private key
+
+ await device.close()
+
+ console.log(chalk.yellow('Done. Restart the device now.'))
+ },
+ help: 'Flash the certificate onto the device',
+})