-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Features - Added provisioning script for `demo` examples - Added nRF52840dk_nRF52840 with OpenThread support - Added automatic handling of connection link state - Added option for use of non-secure WiFi networks - Added configuration for software-based security on nRF9160DK Improvements - Updated Zephyr to 3.2.0 - Updated sdk-nrf to 2.1.1 - Refactored network connection handling - Firmware update success status can be now persisted across reboots until actual delivery Bugfixes - Fixed critical memory corruption bug in the factory provisioning app - Fixed problem with push buttons IID
- Loading branch information
Showing
85 changed files
with
2,511 additions
and
511 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
build | ||
.vscode | ||
__pycache__ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,7 +4,7 @@ Project containing all implemented features, intended to be a showcase. | |
## Supported hardware and overview | ||
|
||
This folder contains LwM2M Client application example, which targets | ||
[B-L475E-IOT01A Discovery kit](https://www.st.com/en/evaluation-tools/b-l475e-iot01a.html), [nRF9160 Development kit](https://www.nordicsemi.com/Software-and-Tools/Development-Kits/nRF9160-DK), [Nordic Thingy:91 Prototyping kit](https://www.nordicsemi.com/Products/Development-hardware/Nordic-Thingy-91) and [ESP32-DevKitC](https://www.espressif.com/en/products/devkits/esp32-devkitc). | ||
[B-L475E-IOT01A Discovery kit](https://www.st.com/en/evaluation-tools/b-l475e-iot01a.html), [nRF9160 Development kit](https://www.nordicsemi.com/Software-and-Tools/Development-Kits/nRF9160-DK), [Nordic Thingy:91 Prototyping kit](https://www.nordicsemi.com/Products/Development-hardware/Nordic-Thingy-91), [ESP32-DevKitC](https://www.espressif.com/en/products/devkits/esp32-devkitc) and [nRF52840 Development kit](https://www.nordicsemi.com/Products/Development-hardware/nrf52840-dk). | ||
|
||
There's an alternative configuration for nRF9160DK, revisions 0.14.0 and up, which utilizes external flash chip to perform firmware updates. | ||
|
||
|
@@ -18,6 +18,7 @@ The following LwM2M Objects are supported: | |
| B-L475E-IOT01A | **Firmware Update (/5)** (experimental)<br>Temperature (/3303)<br>Humidity (/3304)<br>Accelerometer (/3313)<br>Magnetometer (/3314)<br>Barometer (/3315)<br>Distance (/3330)<br>Gyrometer (/3334)<br>Push button (/3347) | | ||
| nRF9160DK | Connectivity Monitoring (/4)<br>**Firmware Update (/5)**<br>Location (/6, configurable in Kconfig)<br>On/Off switch (/3342)<br>Push button (/3347)<br>ECID-Signal Measurement Information (/10256)<br>Location Assistance (/50001, experimental) | | ||
| Thingy:91 | Connectivity Monitoring (/4)<br>**Firmware Update (/5)**<br>Location (/6, configurable in Kconfig)<br>Temperature (/3303)<br>Humidity (/3304)<br>Accelerometer (/3313)<br>Barometer (/3315)<br>Buzzer (/3338)<br>Push button (/3347)<br>LED color light (/3420)<br>ECID-Signal Measurement Information (/10256)<br>Location Assistance (/50001, experimental) | | ||
| nRF52840DK | Push button (/3347) | | ||
|
||
## Compilation | ||
|
||
|
@@ -30,7 +31,7 @@ west update | |
|
||
You can now compile the project for B-L475E-IOT01A using `west build -b disco_l475_iot1` in `demo` directory. | ||
|
||
### Compilation guide for nRF9160DK and Thingy:91 | ||
### Compilation guide for nRF9160DK, Thingy:91 and nRF52840DK | ||
|
||
Because NCS uses different Zephyr version, it is necessary to change our Zephyr workspace, it is handled by using different manifest file. | ||
Set West manifest path to `Anjay-zephyr-client/demo`, and manifest file to `west-nrf.yml` and do `west update`. | ||
|
@@ -39,7 +40,7 @@ west config manifest.path Anjay-zephyr-client/demo | |
west config manifest.file west-nrf.yml | ||
west update | ||
``` | ||
Now you can compile the project using `west build -b nrf9160dk_nrf9160_ns` or `west build -b thingy91_nrf9160_ns` in `demo` directory, respectively. | ||
Now you can compile the project using `west build -b nrf9160dk_nrf9160_ns`, `west build -b thingy91_nrf9160_ns` or `west build -b nrf52840dk_nrf52840` in `demo` directory, respectively. The last command compiles project for use with the OpenThread network, more about this can be found in the section `Connecting to the LwM2M Server with OpenThread`. | ||
|
||
|
||
> **__NOTE:__** | ||
|
@@ -57,6 +58,14 @@ For nRF9160DK hardware revisions 0.14.0 and up, an alternate configuration that | |
|
||
To compile in this configuration, use `west build -b [email protected] -- -DCONF_FILE=prj_extflash.conf`. | ||
|
||
### Compiling with software-based cryptography | ||
|
||
On Nordic boards, security is provided using the (D)TLS sockets implemented in modem firmware and provided by nrfxlib. | ||
|
||
However, on nRF9160DK revisions 0.14.0 and up, it is possible to switch to software-based implementation based on Mbed TLS instead. This is not recommended due to lowered security and performance, but may be desirable if you require some specific (D)TLS features (e.g. ciphersuites) that are not supported by the modem. | ||
|
||
To compile in this configuration, use `west build -b [email protected] -- -DCONF_FILE=prj_extflash.conf -DOVERLAY_CONFIG=overlay_nrf_mbedtls.conf`. | ||
|
||
## Flashing the target | ||
|
||
After successful build you can flash the target using `west flash`. | ||
|
@@ -98,12 +107,22 @@ LwM2M Server, please register at https://eu.iot.avsystem.cloud/. Then have | |
a look at the Configuration menu to configure security credentials and other | ||
necessary settings (like Wi-Fi SSID etc.). | ||
|
||
[Guide showing basic usage of Coiote DM](https://iotdevzone.avsystem.com/docs/Coiote_DM_Device_Onboarding/Quick_start/) | ||
[Guide showing basic usage of Coiote DM](https://iotdevzone.avsystem.com/docs/IoT_quick_start/Device_onboarding/) | ||
is available on IoT Developer Zone. | ||
|
||
NOTE: You may use any LwM2M Server compliant with LwM2M 1.0 TS. The server URI | ||
can be changed in the Configuration menu. | ||
|
||
## Connecting to the LwM2M Server with OpenThread | ||
|
||
To use this project on the nRF52840dk board, in addition to the configuration shown in the previous paragraph, you will need to configure the OpenThread Border Router and Commissioner as described in the guides from the links below. | ||
You can change default `CONFIG_OPENTHREAD_JOINER_PSKD` value in the `boards/nrf52840dk_nrf52840.conf`. In same file, replace `CONFIG_OPENTHREAD_FTD=y` with `CONFIG_OPENTHREAD_MTD=y` if you want your device to run as an MTD. | ||
|
||
Resources: | ||
- [Introduction to OpenThread](https://openthread.io/guides) | ||
- [Border Router guide](https://openthread.io/guides/border-router) | ||
- [Commissioner guide](https://openthread.io/guides/commissioner) | ||
|
||
## Configuration menu | ||
|
||
Using serial port terminal, you can manage Anjay client using built-in Zephyr shell. Use `anjay` command to list possible options. | ||
|
@@ -142,5 +161,73 @@ to which the user is able to pre-provision credentials to the device using a spe | |
tailored version of the application. This feature allows to easily pre-provision large | ||
quantities of devices in a semi-automatic manner. | ||
|
||
To use this feature, generate a special file containing the credentials using our [Factory Provisioning Tool](https://avsystem.github.io/Anjay-doc/Tools/FactoryProvisioning.html). | ||
Then, follow the flow described in `src/factory_provisioning/factory_flash.c` file to finish the process. | ||
To use this feature, one can use a script `tools/provisioning-tools/ptool.py`. | ||
It might be used in the similar manner as the script of the same name described in the documentation: | ||
[Factory Provisioning Tool](https://avsystem.github.io/Anjay-doc/Tools/FactoryProvisioning.html). | ||
There are a few new and important command-line arguments: | ||
|
||
* `--board` (`-b`) - the board for which the images should be built, | ||
* `--image_dir` (`-i`) - directory for the cached Zephyr hex images, | ||
* `--serial` (`-s`) - serial number of the device to be used, | ||
* `--baudrate` (`-B`) - baudrate for the used serial port, when it is not provided the default value is 115200. | ||
|
||
If the image `initial.hex` exists in the given `image_dir` the initial provisioning image won't be built and the same works for | ||
final image and `final.hex`. When `image_dir` path is provided, but some images are missing, they will be built in the given directory. | ||
If `image_dir` is not provided then the images will be built in `$(pwd)/provisioning_builds`. | ||
|
||
Before using the script make sure that in the shell in which you run it the `west build` command would work and | ||
that all of the configs passed to the script are valid - in particular, make sure that you changed `<YOUR_DOMAIN>` in `lwm2m_server.json` | ||
config file to your actual domain in EU cloud Coiote installation (or fill the whole file with some different valid server configuration). | ||
|
||
Currently the script is designed only for Nordic boards, and it was tested with nRF 9160DK. | ||
|
||
Example script invocation from the `demo` for provisioning some nRF 9160DK board directory may look like: | ||
|
||
```bash | ||
../tools/provisioning-tool/ptool.py -b nrf9160dk_nrf9160_ns -s <SERIAL> -c ../tools/provisioning-tool/configs/endpoint_cfg -t <TOKEN> -S ../tools/provisioning-tool/configs/lwm2m_server.json | ||
``` | ||
|
||
where `<SERIAL>` should be replaced by our board's serial number and `<TOKEN>` should be replaced by some valid authentication token for the Coiote server provided in the `lwm2m_server.json` file. | ||
|
||
### Using Certificate Mode with factory provisioning | ||
|
||
If supported by the underlying (D)TLS backend (if using Mbed TLS, make sure that | ||
it is configured appropriately), the application can authenticate with the | ||
server using certificate mode. | ||
|
||
You will need to download the server certificate first. One possible way to do | ||
it is with `openssl`: | ||
|
||
```bash | ||
openssl s_client -showcerts -connect eu.iot.avsystem.cloud:5684 | openssl x509 -outform der -out eu-cloud-cert.der | ||
``` | ||
|
||
> **__NOTE:__** | ||
> Only servers that use self-signed certificates are reliably supported by | ||
> default. You can change this behavior by setting the Certificate Usage | ||
> resource in the endpoint configuration file. However, this might not be | ||
> supported by all (D)TLS backends. | ||
> | ||
> In particular, when `CONFIG_ANJAY_COMPAT_ZEPHYR_TLS` is enabled (which is the | ||
> default for Nordic boards), the Certificate Usage are only approximated by | ||
> adding the server certificate to traditional PKIX trust store if Certificate | ||
> Usage is set to 2 or 3 (note that 3 is the default) and ignoring it otherwise. | ||
You should then modify the `cert_info.json` file that's located in | ||
`tools/provisioning-tool/configs` for the desired self-signed certificate | ||
configuration. | ||
|
||
Once you have the server certificate, you can now provision the board. Example | ||
script invocation may look like: | ||
|
||
```bash | ||
../tools/provisioning-tool/ptool.py -b nrf9160dk_nrf9160_ns -s <SERIAL> -c ../tools/provisioning-tool/configs/endpoint_cfg_cert -p eu-cloud-cert.der -C ../tools/provisioning-tool/configs/cert_info.json | ||
``` | ||
|
||
> **__NOTE:__** | ||
> Coiote DM currently does not support registering devices together with | ||
> uploading dynamically generated self-signed certificates using command-line | ||
> tools. | ||
> | ||
> You will need to manually add the new device on Coiote DM via GUI and upload | ||
> the certificate during the "Add device credentials" step. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
&wifi { | ||
status = "okay"; | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
# anjay-zephyr-client | ||
CONFIG_ANJAY_CLIENT_DEVICE_MANUFACTURER="Nordic Semiconductor" | ||
CONFIG_ANJAY_CLIENT_MODEL_NUMBER="nRF52840DK" | ||
|
||
# Anjay Settings | ||
CONFIG_ANJAY_COMPAT_TIME=y | ||
CONFIG_ANJAY_COMPAT_MBEDTLS=y | ||
CONFIG_ANJAY_COMPAT_NET=y | ||
|
||
# General Settings | ||
CONFIG_MAIN_STACK_SIZE=2048 | ||
CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=2048 | ||
|
||
# Logging | ||
CONFIG_LOG_BLOCK_IN_THREAD=y | ||
CONFIG_LOG_MODE_DEFERRED=y | ||
|
||
# Clock synchronization | ||
CONFIG_DATE_TIME=y | ||
CONFIG_DATE_TIME_AUTO_UPDATE=n | ||
|
||
# Networking | ||
CONFIG_NET_IPV4=n | ||
CONFIG_NET_IPV6=y | ||
CONFIG_NET_IPV6_NBR_CACHE=n | ||
CONFIG_NET_IPV6_MLD=n | ||
CONFIG_NET_CONFIG_NEED_IPV4=n | ||
CONFIG_NET_MGMT_EVENT_INFO=y | ||
CONFIG_NET_L2_OPENTHREAD=y | ||
|
||
# DNS | ||
CONFIG_DNS_RESOLVER=y | ||
CONFIG_DNS_SERVER_IP_ADDRESSES=y | ||
CONFIG_DNS_SERVER1="fdaa:bb:1::2" | ||
|
||
# OpenThread | ||
CONFIG_OPENTHREAD_JOINER=y | ||
CONFIG_OPENTHREAD_JOINER_AUTOSTART=y | ||
CONFIG_OPENTHREAD_MANUAL_START=y | ||
CONFIG_OPENTHREAD_SLAAC=y | ||
CONFIG_OPENTHREAD_JOINER_PSKD="J01NME" | ||
CONFIG_OPENTHREAD_FTD=y | ||
|
||
# MbedTLS and security | ||
CONFIG_MBEDTLS=y | ||
CONFIG_MBEDTLS_KEY_EXCHANGE_PSK_ENABLED=y | ||
CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y | ||
CONFIG_MBEDTLS_DTLS=y | ||
CONFIG_MBEDTLS_ENTROPY_ENABLED=y | ||
|
||
# Shell settings | ||
CONFIG_SHELL_MINIMAL=y | ||
CONFIG_SHELL_WILDCARD=n | ||
CONFIG_SHELL_VT100_COMMANDS=y | ||
CONFIG_SHELL_VT100_COLORS=n | ||
CONFIG_SHELL_STATS=n | ||
CONFIG_SHELL_CMDS=n | ||
CONFIG_SHELL_TAB=y | ||
CONFIG_SHELL_TAB_AUTOCOMPLETION=y | ||
CONFIG_SHELL_CMDS_RESIZE=n | ||
CONFIG_DEVICE_SHELL=n | ||
CONFIG_DATE_SHELL=n | ||
CONFIG_DEVMEM_SHELL=n | ||
CONFIG_MCUBOOT_SHELL=n | ||
CONFIG_KERNEL_SHELL=y | ||
CONFIG_OPENTHREAD_SHELL=y |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
/ { | ||
aliases { | ||
push-button-0 = &button0; | ||
push-button-1 = &button1; | ||
push-button-2 = &button2; | ||
push-button-3 = &button3; | ||
status-led = &led0; | ||
}; | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.