ma2shita/ATECC608A_shell.py

## ATECC608A_shell.py
"""
Usage:
$ cd Core2-for-AWS-IoT-EduKit/Blinky-Hello-World/
$ curl -O ATECC608A_shell.py
$ source ~/esp/esp-idf/export.sh
$ PYTHONSTARTUP=ATECC608A_shell.py python
"""

port = "/dev/ttyUSB0"

import sys
import os
sys.path.insert(0, os.path.join(os.getenv("IDF_PATH"), "components", "esptool_py", "esptool"))
import esptool
esp = esptool.ESP32ROM(port, baud=115200)

sys.path.append(os.path.abspath(os.path.join("components", "esp-cryptoauthlib", "esp_cryptoauth_utility")))
import helper_scripts as esp_hs
esp_hs.serial.load_app_stub('sample_bins/secure_cert_mfg_esp32.bin', esp)
init_mfg = esp_hs.serial.cmd_interpreter()
init_mfg.wait_for_init(esp._port)
init_mfg.exec_cmd(esp._port, "init")

from cryptography import x509
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat

def hexed_der(retval):
    return retval[1]['Return'].split(":")[2].strip()

def x509_cert(hexed_der):
    return x509.load_der_x509_certificate(bytearray.fromhex(hexed_der), default_backend())

def x509_pem(x509_cert):
    return x509_cert.public_bytes(encoding=Encoding.PEM).decode('utf-8')

if __name__ == "__main__":
    print("# --- Ready !!")
    print()
    print('Communicate to ATECC608A:')
    print('> init_mfg.exec_cmd(esp._port, "print-chip-info")')
    print('> init_mfg.exec_cmd(esp._port, "get-tngtls-root-cert")')
    print('> init_mfg.exec_cmd(esp._port, "get-tngtls-signer-cert")')
    print('> init_mfg.exec_cmd(esp._port, "get-tngtls-device-cert") # Must be run after get-tngtls-signer-cert')
    print()
    print('Utilities:')
    print('> hexed_der(retval)')
    print('> x509_cert(hexed_der)')
    print('> x509_pem(x509_cert)')
    print()
    print('Example for get device cert. from ATECC608A:')
    print('> _ = init_mfg.exec_cmd(esp._port, "get-tngtls-signer-cert")')
    print('> r = init_mfg.exec_cmd(esp._port, "get-tngtls-device-cert")')
    print('> print(x509_pem(x509_cert(hexed_der(r))))')
    print()
	"""
	Usage:
	$ cd Core2-for-AWS-IoT-EduKit/Blinky-Hello-World/
	$ curl -O ATECC608A_shell.py
	$ source ~/esp/esp-idf/export.sh
	$ PYTHONSTARTUP=ATECC608A_shell.py python
	"""

	port = "/dev/ttyUSB0"

	import sys
	import os
	sys.path.insert(0, os.path.join(os.getenv("IDF_PATH"), "components", "esptool_py", "esptool"))
	import esptool
	esp = esptool.ESP32ROM(port, baud=115200)

	sys.path.append(os.path.abspath(os.path.join("components", "esp-cryptoauthlib", "esp_cryptoauth_utility")))
	import helper_scripts as esp_hs
	esp_hs.serial.load_app_stub('sample_bins/secure_cert_mfg_esp32.bin', esp)
	init_mfg = esp_hs.serial.cmd_interpreter()
	init_mfg.wait_for_init(esp._port)
	init_mfg.exec_cmd(esp._port, "init")

	from cryptography import x509
	from cryptography.hazmat.backends import default_backend
	from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat

	def hexed_der(retval):
	return retval[1]['Return'].split(":")[2].strip()

	def x509_cert(hexed_der):
	return x509.load_der_x509_certificate(bytearray.fromhex(hexed_der), default_backend())

	def x509_pem(x509_cert):
	return x509_cert.public_bytes(encoding=Encoding.PEM).decode('utf-8')

	if __name__ == "__main__":
	print("# --- Ready !!")
	print()
	print('Communicate to ATECC608A:')
	print('> init_mfg.exec_cmd(esp._port, "print-chip-info")')
	print('> init_mfg.exec_cmd(esp._port, "get-tngtls-root-cert")')
	print('> init_mfg.exec_cmd(esp._port, "get-tngtls-signer-cert")')
	print('> init_mfg.exec_cmd(esp._port, "get-tngtls-device-cert") # Must be run after get-tngtls-signer-cert')
	print()
	print('Utilities:')
	print('> hexed_der(retval)')
	print('> x509_cert(hexed_der)')
	print('> x509_pem(x509_cert)')
	print()
	print('Example for get device cert. from ATECC608A:')
	print('> _ = init_mfg.exec_cmd(esp._port, "get-tngtls-signer-cert")')
	print('> r = init_mfg.exec_cmd(esp._port, "get-tngtls-device-cert")')
	print('> print(x509_pem(x509_cert(hexed_der(r))))')
	print()