Provisioning sketch

example-embed.toml

@@ -0,0 +1,13 @@
+[default]
+gdb.enabled = true
+
+[default.rtt]
+enabled = true
+
+up_channels = [
+  { channel = 1, mode = "BlockIfFull", format = "Defmt", socket = "[::1]:1338" },
+]
+
+tabs = [
+    { up_channel = 1, name = "defmt" },
+]

examples/coap/src/main.rs

@@ -22,6 +22,14 @@ static A: Bump<[u8; 1 << 16]> = Bump::uninit();
 
 #[riot_rs::task(autostart)]
 async fn coap_run() {
+    use riot_rs::identity::DeviceId;
+    info!(
+        "Device provisioned: board={}\tdevice_id={}\tedhoc_kccs={}",
+        riot_rs::buildinfo::BOARD,
+        riot_rs::identity::device_identity().unwrap().bytes(),
+        &[1, 2, 3]
+    );
+
     let stack = network::network_stack().await.unwrap();
 
     // FIXME trim to CoAP requirements

examples/hello-world/src/main.rs

@@ -7,8 +7,9 @@ use riot_rs::debug::{exit, log::*};
 #[riot_rs::thread(autostart)]
 fn main() {
     info!(
-        "Hello from main()! Running on a {} board.",
+        "Hello from main()! Running on {} board identified as {:x}.",
         riot_rs::buildinfo::BOARD,
+        riot_rs::identity::device_identity(),
     );
 
     exit(Ok(()));

laze-project.yml

@@ -85,6 +85,19 @@ contexts:
         cmd:
           - cd ${appdir} && ${CARGO_ENV} cargo ${CARGO_ARGS} run --${PROFILE} ${FEATURES}
 
+      embed:
+        build: false
+        cmd:
+          # why not PROBE_RS_PROTOCOL?
+          - cd ${appdir} && ${CARGO_ENV} cargo ${CARGO_ARGS} embed --${PROFILE} ${FEATURES} --chip ${PROBE_RS_CHIP}
+
+      provision:
+        build: false
+        cmd:
+          - ./scripts/provisioning-processor
+          # just like embed
+          - cd ${appdir} && ${CARGO_ENV} cargo ${CARGO_ARGS} embed --${PROFILE} ${FEATURES} --chip ${PROBE_RS_CHIP} --config-file ../../example-embed.toml
+
       cargo-test:
         cmd:
           - cd ${relpath} && ${CARGO_ENV} cargo test --${PROFILE} --features=riot-rs-boards/${builder},riot-rs-rt/debug-console --manifest-path ${app}/Cargo.toml

scripts/provisioning-processor

@@ -0,0 +1,57 @@
+#!/usr/bin/env python3
+
+"""Helper to take provisioning data from another process.
+
+This binds to [::1]:1338, where it parses text from there for provisioning data
+(semantically a statement that "This is a device with board=... and
+DeviceId=..., and the public key it has generated is ...").
+
+So far, that information is merely logged; on the long run, this should store
+keys in a local Authorization Server, revoking earlier identities of that
+device.
+
+To play race-free with other scripts, it terminates its main process when
+everything is ready to connect, and listens for up to 60 seconds for a
+connection on :1338. Other input methods than TCP sockets might be added if
+they are needed for where there is no `cargo embed` that pipes around stdout.
+At that point, the input method will be guided by arguments.
+"""
+
+import json
+import logging
+import os
+import socket
+import sys
+
+logging.basicConfig(level=logging.INFO)
+
+s = socket.create_server(("::1", 1338), family=socket.AF_INET6, backlog=1)
+s.settimeout(60)
+logging.info("Provisioning processor ready, listening on %s", s)
+if os.fork() != 0:
+    sys.exit(0)
+
+(conn, addr) = s.accept()
+s.close()
+logging.info("Connection received from %s", addr)
+needle = "Device provisioned: "
+for line in socket.SocketIO(conn, "r"):
+    line = line.decode('utf-8')
+    (_, _, found) = line.partition(needle)
+    if not found:
+        logging.debug("Ignoring line without provisioning information: %r", line)
+        continue
+    remaining = found.strip()
+    logging.info("Processing provisioning line: %r", remaining)
+
+    details = {}
+    while remaining:
+        current, _, remaining = remaining.partition('\t')
+        key, _, value = current.partition('=')
+        if value.startswith('['):
+            value = json.loads(value)
+        details[key] = value
+
+    logging.error("No method for provisioning established yet, discarding data %r", details)
+    break
+conn.close()

src/riot-rs-embassy-common/Cargo.toml

@@ -10,8 +10,8 @@ repository.workspace = true
 workspace = true
 
 [dependencies]
-defmt = { workspace = true, optional = true }
-fugit = { workspace = true, optional = true }
+defmt = { workspace = true }
+fugit = { workspace = true, optional = true, features = ["defmt"] }
 embassy-futures = { workspace = true }
 embassy-time = { workspace = true }
 embedded-hal = { workspace = true }
@@ -23,5 +23,3 @@ external-interrupts = []
 
 ## Enables I2C support.
 i2c = ["dep:fugit"]
-
-defmt = ["dep:defmt", "fugit?/defmt"]

src/riot-rs-embassy-common/src/identity.rs

@@ -0,0 +1,112 @@
+//! Tools and traits for describing device identities.
+//!
+//! See `riot_rs::identity` for general documentation.
+#![deny(missing_docs)]
+
+/// Trait desribing the unique identifier available on a board.
+///
+/// See the module level documentation on the characteristics of the identifier.
+///
+/// # Evolution
+///
+/// In its current state, this type is mainly a wrapper around a binary identifier with a
+/// length constant at build time.
+///
+/// As it is used more, additional methods can be provided for concrete types of identifiers, such
+/// as MAC addresses. By default, those would be generated in some way from what is available in
+/// the identifier -- but boards where the identifier already *is* a MAC address (or possibly a
+/// range thereof) can provide their official addresses.
+pub trait DeviceId: Sized + core::fmt::Debug + defmt::Format {
+    /// Error type indicating that no identifier is available.
+    ///
+    /// This is part of the return type of the [`::get()`][Self::get] constructor.
+    ///
+    /// It is encouraged to be [`core::convert::Infallible`] where possible.
+    ///
+    /// # Open questions
+    ///
+    /// Some architectures will have to read this (eg. at QSPI initialization time); is there guidance
+    /// on how to report "Not yet available"?
+    type Error: core::error::Error + defmt::Format;
+
+    /// Some `[u8; N]` type, returned by [`.bytes()`][Self::bytes].
+    ///
+    /// This may not represent all the identifying information available on the board, but can
+    /// represent a unique portion thereof.
+    ///
+    /// (For example, if a device has two consecutive MAC addresses assigned, the type as a whole
+    /// may represent both, but the conventional serialized identity of the board may just be one
+    /// of them).
+    ///
+    /// # Evolution
+    ///
+    /// On the long run, it will be preferable to add a `const BYTES_LEN: usize;` and enforce the
+    /// type `[u8; Self::BYTES_LEN]` as the return value of [`.bytes(_)]`][Self::bytes]. This can
+    /// not be done yet as it depends on the `generic_const_exprs` featureVg
+    type Bytes: AsRef<[u8]>;
+
+    /// Obtains a unique identifier of the device.
+    ///
+    /// For callers, there is the convenience function `riot_rs::identity::device_identity()`
+    /// available, which just calls this trait method on `riot_rs::arch::identity::DeviceId`.
+    ///
+    /// # Errors
+    ///
+    /// This produces an error if no device ID is available on this board, or is not implemented.
+    fn get() -> Result<Self, Self::Error>;
+
+    /// The device identifier in serialized bytes format.
+    fn bytes(&self) -> Self::Bytes;
+}
+
+/// An uninhabited type implementing [`DeviceId`] that always errs.
+///
+/// This can be used both on architectures that do not have a unique identifier on their boards,
+/// and when it has not yet been implemented.
+///
+/// Typical types for `E` are [`NotImplemented`] or [`NotAvailable`].
+#[derive(Debug, defmt::Format)]
+pub struct NoDeviceId<E: core::error::Error + defmt::Format + Default>(
+    core::convert::Infallible,
+    core::marker::PhantomData<E>,
+);
+
+impl<E: core::error::Error + defmt::Format + Default> DeviceId for NoDeviceId<E> {
+    type Error = E;
+
+    // We could also come up with a custom never type that AsRef's into [u8], but that won't fly
+    // once there is a BYTES_LEN.
+    type Bytes = [u8; 0];
+
+    fn get() -> Result<Self, Self::Error> {
+        Err(Default::default())
+    }
+
+    fn bytes(&self) -> [u8; 0] {
+        match self.0 {}
+    }
+}
+
+/// Error indicating that a [`DeviceId`] may be available on this platform, but is not implemented.
+#[derive(Debug, Default, defmt::Format)]
+pub struct NotImplemented;
+
+impl core::fmt::Display for NotImplemented {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+        f.write_str("Device ID not implemented on this platform")
+    }
+}
+
+impl core::error::Error for NotImplemented {}
+
+/// Error indicating that a [`DeviceId`] is not available on this platform.
+#[derive(Debug, Default, defmt::Format)]
+pub struct NotAvailable;
+
+impl core::fmt::Display for NotAvailable {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+        f.write_str("Device ID not available on this platform")
+    }
+}
+
+impl core::error::Error for NotAvailable {}

src/riot-rs-embassy-common/src/lib.rs

@@ -13,6 +13,8 @@ pub mod executor_swi;
 #[cfg(feature = "i2c")]
 pub mod i2c;
 
+pub mod identity;
+
 pub mod reexports {
     //! Crate re-exports.
 

src/riot-rs-embassy/Cargo.toml

@@ -114,7 +114,6 @@ defmt = [
   "embassy-net?/defmt",
   "embassy-time?/defmt",
   "embassy-usb?/defmt",
-  "riot-rs-embassy-common/defmt",
   "riot-rs-esp/defmt",
   "riot-rs-nrf/defmt",
   "riot-rs-rp/defmt",

src/riot-rs-embassy/src/arch/mod.rs

@@ -15,6 +15,12 @@ pub mod hwrng;
 #[cfg(feature = "i2c")]
 pub mod i2c;
 
+pub mod identity {
+    use riot_rs_embassy_common::identity;
+
+    pub type DeviceId = identity::NoDeviceId<identity::NotImplemented>;
+}
+
 #[cfg(feature = "usb")]
 pub mod usb;
 

src/riot-rs-esp/src/lib.rs

@@ -11,6 +11,12 @@ pub mod gpio;
 #[cfg(feature = "i2c")]
 pub mod i2c;
 
+pub mod identity {
+    use riot_rs_embassy_common::identity;
+
+    pub type DeviceId = identity::NoDeviceId<identity::NotImplemented>;
+}
+
 #[cfg(feature = "wifi")]
 pub mod wifi;
 

src/riot-rs-nrf/Cargo.toml

@@ -30,12 +30,15 @@ riot-rs-random = { workspace = true, optional = true }
 
 [target.'cfg(context = "nrf52832")'.dependencies]
 embassy-nrf = { workspace = true, features = ["nrf52832"] }
+nrf52832-pac = "0.12.2"
 
 [target.'cfg(context = "nrf52840")'.dependencies]
 embassy-nrf = { workspace = true, features = ["nrf52840"] }
+nrf52840-pac = "0.12.2"
 
 [target.'cfg(context = "nrf5340")'.dependencies]
 embassy-nrf = { workspace = true, features = ["nrf5340-app-s"] }
+nrf5340-app-pac = "0.12.2"
 
 [features]
 ## Enables GPIO interrupt support.

src/riot-rs-nrf/src/identity.rs

@@ -0,0 +1,30 @@
+#[derive(Debug, defmt::Format)]
+pub struct DeviceId(u64);
+
+impl riot_rs_embassy_common::identity::DeviceId for DeviceId {
+    type Error = core::convert::Infallible;
+
+    fn get() -> Result<Self, Self::Error> {
+        // Embassy does not wrap the FICR register, and given that all we need from there is a register
+        // read that is perfectly fine to do through a stolen register, let's do that rather than
+        // thread the access through several layers.
+
+        // SAFETY: The register is used for read-only operations on constant values.
+        #[cfg(context = "nrf52840")]
+        let ficr = unsafe { nrf52840_pac::Peripherals::steal().FICR };
+        #[cfg(context = "nrf52832")]
+        let ficr = unsafe { nrf52832_pac::Peripherals::steal().FICR };
+        #[cfg(context = "nrf5340")]
+        let ficr = &unsafe { nrf5340_app_pac::Peripherals::steal().FICR_S }.info;
+
+        let low = ficr.deviceid[0].read().bits();
+        let high = ficr.deviceid[1].read().bits();
+        Ok(Self((u64::from(high) << u32::BITS) | u64::from(low)))
+    }
+
+    type Bytes = [u8; 8];
+
+    fn bytes(&self) -> Self::Bytes {
+        self.0.to_le_bytes()
+    }
+}

src/riot-rs-nrf/src/lib.rs

@@ -16,6 +16,8 @@ pub mod hwrng;
 #[cfg(feature = "i2c")]
 pub mod i2c;
 
+pub mod identity;
+
 #[cfg(feature = "usb")]
 pub mod usb;
 

src/riot-rs-rp/src/lib.rs

@@ -21,6 +21,12 @@ pub mod hwrng;
 #[cfg(feature = "i2c")]
 pub mod i2c;
 
+pub mod identity {
+    use riot_rs_embassy_common::identity;
+
+    pub type DeviceId = identity::NoDeviceId<identity::NotImplemented>;
+}
+
 #[cfg(feature = "usb")]
 pub mod usb;
 

src/riot-rs-stm32/src/identity.rs

@@ -0,0 +1,16 @@
+#[derive(Debug, defmt::Format)]
+pub struct DeviceId(&'static [u8; 12]);
+
+impl riot_rs_embassy_common::identity::DeviceId for DeviceId {
+    type Bytes = &'static [u8; 12];
+
+    type Error = core::convert::Infallible;
+
+    fn get() -> Result<Self, Self::Error> {
+        Ok(Self(embassy_stm32::uid::uid()))
+    }
+
+    fn bytes(&self) -> Self::Bytes {
+        self.0
+    }
+}