WPC provisioning for MWCT2xxxS using models#
This Notebook should give a rough idea what to expect WPC Provisioning in production.
Both WPC Target WPC Service are replaced by model and mock-up respectively.
Nonetheless you may still use nxpwpc application to interact with these models. NXPWPC allows to use different types of Targets/Services.
You may even create your own (more in custom_wpc_service_plugin notebook)
1. Model preparation#
SPSDK ships scripts (located in: <repo_root>/tools/wpc) that will set up models for you.
Unfortunately, these scripts can’t run within a Jupyter Notebook. So please open new shell and activate virtual environment with SPSDK already installed. (Instructions on how to install SPSDK are available here)
Please make sure to install the examples extras: pip install spsdk[examples]
1.1 WPC Service model setup#
Assuming your shell is open in the root of the SPSDK repository, run:
$ python tools/wpc/setup_service_models.py
Follow the prompts, you may create multiple models at the same time
1.2 WPC Target model setup#
$ python tools/wpc/setup_target_models.py
Follow the prompts, you may crete multiple models at the same time
1.3 Running EdgeLock2GO mock-up aka FakeLock2GO#
$ python tools/wpc/fl2go.py <path/to/service/model/from/1.1>
2 NXPWPC setup#
The easiest way how to use nxpwpc application is via configuration file.
To create a configuration file template use nxpwpc get-template
NOTE: There’s an already existing config file prepared for you, but feel free to create your own.
# setup this notebook
%run ../init_notebook.ipynb
env: JUPYTER_SPSDK=1
Created `%!` as an alias for `%execute`.
%! nxpwpc get-template --service-type el2go --target-type model --family mwct2xxxs --output custom_config.yaml --force
nxpwpc get-template --service-type el2go --target-type model --family mwct2xxxs --output custom_config.yaml
Creating C:\_projects\mcu_boot\repo\bsdk-master\examples\wpc_provisioning\custom_config.yaml template file.
Notes on configuration file:
url: you can see it in shell after step 1.3qi_id: number you provided during step 1.1 (also it’s a name of a directory created in step 1.1)auth_key: each Service model comes with few randomly generated tokes, you may choose any of them. For examplemodel_dir: path to device model, for exampletarget_model/dev2
3 Running WPC Provisioning#
To run the whole WPC provisioning process use nxpwpc insert-cert command.
When the operation successfully ends, you’ll find WPC Certificate Chain binary in the models directory.
Apart from the chain, you’ll also find parsed Manufacturer certificate and Product certificate there.
%! nxpwpc --verbose insert-cert --config model_config.yaml
nxpwpc --verbose insert-cert --config model_config.yaml
INFO:spsdk.wpc.utils:Getting WPC ID
INFO:spsdk.wpc.target_model:Reading low level WPC ID
INFO:spsdk.wpc.utils:Computing CSR
INFO:spsdk.wpc.target_model:Signing CSR-TBS data
INFO:spsdk.wpc.service_el2go:Handling url: http://localhost:5000/api/v1/wpc/product-unit-certificate/000002/request-puc
INFO:spsdk.wpc.service_el2go:Service response:
{
"pucType": {
"certificate": "-----BEGIN CERTIFICATE-----\nMIIBVDCB+6ADAgECAhQPkm/TT55H90lhhSgaN8XLYT92jDAKBggqhkjOPQQDAjAS\nMRAwDgYDVQQDDAdDQUNBLTJCMCAXDTAwMDEwMTAwMDAwMFoYDzk5OTkxMjMxMDAw\nMDAwWjAkMSIwIAYDVQQDDBkwMDAwMDItZXh0cmEtdGV4dC10by1jZXJ0MFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEYveHr2SRGQFsSCiTKyrB0PubMt+AMmht9J2Z\nhluAuXzpbldJc3ba/7r625f6U+vjwj2sgcEUlAw4mMxv+clOjKMbMBkwFwYFZ4EU\nAQIBAf8ECwQJANlzV0+UGeW0MAoGCCqGSM49BAMCA0gAMEUCIQC8jQ9yBV7O7msj\n0mTlR8hJoP+jIn/as8JiI/+Ef85pEwIgWNgcoF/CVGLaQg9dY0uehr4sqjbERMSR\nKfEToFPzDPw=\n-----END CERTIFICATE-----\n",
"productManufacturingCertificate": "-----BEGIN CERTIFICATE-----\nMIIBOzCB46ADAgECAhQ0C5YkehLweBy9I3ahJRULd27B1DAKBggqhkjOPQQDAjAR\nMQ8wDQYDVQQDDAZXUENDQTEwIBcNMDAwMTAxMDAwMDAwWhgPOTk5OTEyMzEwMDAw\nMDBaMBIxEDAOBgNVBAMMB0NBQ0EtMkIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\nAARCANU74V7Kk4VaUMrSXZvOqClKfkxmsgyGCyMVbqIX+hei3xU6etHajRJiHBVM\nOe0qP8jAu0D0309s4OdyzUu/oxYwFDASBgVngRQBAQEB/wQGBAQAAAAMMAoGCCqG\nSM49BAMCA0cAMEQCIEa3MiXOWjDlRqHXOu+EVFF4/TbRC+ElxRyvvdW7FhCPAiBT\nYR3P0G1l9uM2/zkK6yej3GZp4N13WlSy+jJJ4Hhy/Q==\n-----END CERTIFICATE-----\n",
"rootCaHash": "6e291e88abca2a0abb535aba69e44d2494a27720088cf98c80b7d7d14aeac47d"
}
}
INFO:spsdk.wpc.target_model:Inserting WPC certificate
Inserting WPC certificate finished successfully.