IoT Hub assigns a unique product ID to each created product. You can customize the DeviceName
to identify devices and use the product ID + device ID + device certificate/key to authenticate devices. Devices need to store such identity information. The C-SDK provides APIs for reading and writing the device information and reference implementations for adaptation as needed.
Device information burning is divided into preset burning and dynamic burning, which differ in terms of convenience and security.
After a product is created, you can create devices one by one in the IoT Hub console or through TencentCloud API, get their corresponding device information, and burn the above three or four pieces of information into a non-volatile medium in a specific step of device production, so that the device SDK can read the stored device information during running for device authentication.
Note:For dynamic registration, you should ensure the security of the product key (ProductSecret); otherwise, major security risks may arise.
The SDK provides HAL APIs for reading and writing device information, which must be implemented. For more information on how to implement device information read/write, please see HAL_Device_Linux.c
on Linux.
Device information HAL APIs:
HAL_API | Description |
---|---|
HAL_SetDevInfo | Writes device information |
HAL_GetDevInfo | Reads device information |
After a device is created, you need to configure its information (ProductID/DeviceName/DeviceSecret/Cert/Key
file) in the SDK first before the demo can run properly. In the development phase, the SDK provides two methods of storing the device information:
DEBUG_DEV_INFO_USED
= ON
), you should modify the device information in platform/os/xxx/HAL_Device_xxx.c
. This method can be used on platforms without a file system./* product Id */
static char sg_product_id[MAX_SIZE_OF_PRODUCT_ID + 1] = "PRODUCT_ID";
/* device name */
static char sg_device_name[MAX_SIZE_OF_DEVICE_NAME + 1] = "YOUR_DEV_NAME";
#ifdef DEV_DYN_REG_ENABLED
/* product secret for device dynamic Registration */
static char sg_product_secret[MAX_SIZE_OF_PRODUCT_SECRET + 1] = "YOUR_PRODUCT_SECRET";
#endif
#ifdef AUTH_MODE_CERT
/* public cert file name of certificate device */
static char sg_device_cert_file_name[MAX_SIZE_OF_DEVICE_CERT_FILE_NAME + 1] = "YOUR_DEVICE_NAME_cert.crt";
/* private key file name of certificate device */
static char sg_device_privatekey_file_name[MAX_SIZE_OF_DEVICE_SECRET_FILE_NAME + 1] = "YOUR_DEVICE_NAME_private.key";
#else
/* device secret of PSK device */
static char sg_device_secret[MAX_SIZE_OF_DEVICE_SECRET + 1] = "YOUR_IOT_PSK";
#endif
DEBUG_DEV_INFO_USED
= OFF
), you should modify the device information in the device_info.json
file with no need to recompile the SDK. This method is recommended for development on Linux and Windows.{
"auth_mode":"KEY/CERT",
"productId":"PRODUCT_ID",
"productSecret":"YOUR_PRODUCT_SECRET",
"deviceName":"YOUR_DEV_NAME",
"key_deviceinfo":{
"deviceSecret":"YOUR_IOT_PSK"
},
"cert_deviceinfo":{
"devCertFile":"YOUR_DEVICE_CERT_FILE_NAME",
"devPrivateKeyFile":"YOUR_DEVICE_PRIVATE_KEY_FILE_NAME"
},
"subDev":{
"sub_productId":"YOUR_SUBDEV_PRODUCT_ID",
"sub_devName":"YOUR_SUBDEV_DEVICE_NAME"
}
}
static DeviceInfo sg_devInfo;
static int _setup_connect_init_params(MQTTInitParams* initParams)
{
int ret;
ret = HAL_GetDevInfo((void *)&sg_devInfo);
if(QCLOUD_ERR_SUCCESS != ret){
return ret;
}
initParams->device_name = sg_devInfo.device_name;
initParams->product_id = sg_devInfo.product_id;
......
}
static int _serialize_connect_packet(unsigned char *buf, size_t buf_len, MQTTConnectParams *options, uint32_t *serialized_len) {
......
......
int username_len = strlen(options->client_id) + strlen(QCLOUD_IOT_DEVICE_SDK_APPID) + MAX_CONN_ID_LEN + cur_timesec_len + 4;
options->username = (char*)HAL_Malloc(username_len);
get_next_conn_id(options->conn_id);
HAL_Snprintf(options->username, username_len, "%s;%s;%s;%ld", options->client_id, QCLOUD_IOT_DEVICE_SDK_APPID, options->conn_id, cur_timesec);
#if defined(AUTH_WITH_NOTLS) && defined(AUTH_MODE_KEY)
if (options->device_secret != NULL && options->username != NULL) {
char sign[41] = {0};
utils_hmac_sha1(options->username, strlen(options->username), sign, options->device_secret, options->device_secret_len);
options->password = (char*) HAL_Malloc (51);
if (options->password == NULL) IOT_FUNC_EXIT_RC(QCLOUD_ERR_INVAL);
HAL_Snprintf(options->password, 51, "%s;hmacsha1", sign);
}
#endif
......
}
Was this page helpful?