Created
April 15, 2021 21:31
-
-
Save CIPop/b719c12798461d5fad614b0148f6243a to your computer and use it in GitHub Desktop.
Azure IoT SAS Enrollment Group
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Security.Cryptography; | |
using System.Text; | |
namespace dps_group_sas | |
{ | |
class Program | |
{ | |
public static string ComputeDerivedSymmetricKey(byte[] masterKey, string registrationId) | |
{ | |
using (var hmac = new HMACSHA256(masterKey)) | |
{ | |
return Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(registrationId))); | |
} | |
} | |
static void Main(string[] args) | |
{ | |
if (args.Length < 2) | |
{ | |
Console.WriteLine("dps_group_sas <masterKey> <registrationID>"); | |
return; | |
} | |
Console.WriteLine(ComputeDerivedSymmetricKey(Convert.FromBase64String(args[0]), args[1])); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
To deploy:
dotnet new
within the folder.To create a device identity run
dotnet run "SharedAccessKey_From_Group_Enrollment" device-registration-id
E.g.
dotnet run "8abcdefghz.....==" my-sasgroup1-device1
where the first quoted string is one of the two keys available in the Provisioning portal:

The output can be used as the shared access key for DPS authentication and, after provisioning, for IoT Hub operations.
References:
https://docs.microsoft.com/azure/iot-dps/how-to-legacy-device-symm-key?tabs=linux
https://docs.microsoft.com/azure/iot-dps/concepts-symmetric-key-attestation#group-enrollments