1.
실행 예시 바탕으로 설명을 계속 하겠다.
2.
다음 과정은 이렇게 부른다. 서버 온보드 및 프로비저닝
3.
맨처음 ./onboarding_tool를 입력한다. 그리고 숫자 1를 입력한다.
pi@raspberrypi:~/iot-lite/iotivity-lite/port/linux $ ./onboarding_tool
Started device with ID: 0ecadecb-6966-4a92-7c24-90a48da8c83c
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
1
Plain Text
복사
1.
위에서 1를 입력한 이유는 소유하지 않은 장치를 검색하려면 Enter 키를 누르기 위함이다. 그러면 다음과 같은 화면이 나온다.
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Discovered unowned device: 42c5df6c-9e31-4ac4-7d48-c4ddbcc7cc0e at:
coap://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:54163
coaps://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:48833
Plain Text
복사
1.
위에 처럼 Discoverd.... coap.... coaps... 이런 내용이 안나오면 help.md 를 참고해라. 정상적으로 나오면 숫자 8를 입력한다. 그러면 다음과 같은 화면이 나올 것이다. 이유는 유형 장치의 소유권을 가져오려면 입력하기 위함으로 장치를 불러오기 위한 작업을 나타낸다.
################################################
Select option:
Discovered unowned device: 42c5df6c-9e31-4ac4-7d48-c4ddbcc7cc0e at:
coap://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:54163
coaps://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:48833
8
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 0을 눌러준다. 소유자가 없는 장치가 여러 개 있는 경우 목록에서 올바른 장치를 선택해야 하기 떄문이다.
Unowned Devices:
[0]: 42c5df6c-9e31-4ac4-7d48-c4ddbcc7cc0e - Lamp
Select device: 0
Successfully issued request to perform ownership transfer
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 4을 눌러준다. Enter to Discover 소유 장치를 검색하려면 방금 소유권을 획득한 장치가 나열되어야 한다.
Successfully performed OTM on device with UUID efea2ce6-16f1-4462-70e7-0e2c283ba65d
4
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Discovered owned device: efea2ce6-16f1-4462-70e7-0e2c283ba65d at:
coap://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:54163
coaps://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:48833
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 13을 눌러준다. 타입 ACE2 프로비전하려면 Enter. 장치를 적절하게 프로비저닝하는 방법은 여러 가지가 있다. 이것은 와일드카드 프로비저닝 사용에 대한 지침을 제공할 것이다.
13
Provision ACL2
My Devices:
[0]: efea2ce6-16f1-4462-70e7-0e2c283ba65d - Lamp
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 0을 눌러준다. 소유자가 없는 장치가 여러 개 있는 경우 목록에서 올바른 장치를 선택해야 하기 떄문이다.
Select device for provisioning: 0
Subjects:
[0]: anon-clear
[1]: auth-crypt
[2]: Role
[3]: efea2ce6-16f1-4462-70e7-0e2c283ba65d - Lamp
[4]: 0ecadecb-6966-4a92-7c24-90a48da8c83c - (OBT)
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 1을 눌러준다. [1]: auth-crypt를 선택하는 작업이다.
Select subject: 1
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 1을 눌러준다. 1번의 의미는 ACE의 리소스 수를 입력하기위함이다.
Enter number of resources in this ACE: 1
Resource properties
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 0을 눌러준다. 0번의 의미는 리소스 href를 사용을 하기 위함이다.
Have resource href? [0-No, 1-Yes]: 0
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 1을 눌러준다. 와일드카드 리소스 설정에 대한 응답으로 입력하기 위함이다.
Set wildcard resource? [0-No, 1-Yes]: 1
[1]: All NCRs '*'
[2]: All NCRs with >=1 secured endpoint '+'
[3]: All NCRs with >=1 unsecured endpoint '-'
Plain Text
복사
1.
여기서 부터 순서가 조금 다를수 있다. 입력하는 이미지 순서가 공식 2->0->0->0으로 안내되어있다.
•
매우중요 1->1->1->1->0->1 순으로 입력을 해야한다.
Select wildcard resource: 1
Set ACE2 permissions
CREATE [0-No, 1-Yes]: 1
RETRIEVE [0-No, 1-Yes]: 1
UPDATE [0-No, 1-Yes]: 1
DELETE [0-No, 1-Yes]: 0
NOTIFY [0-No, 1-Yes]: 1
Successfully issued request to provision ACE
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 1을 눌러준다. 입력하는 이미지 순서가 공식 2->0->0->0으로 안내되어있다.
•
매우중요 1->1->1->1->0->1 순으로 입력을 해야한다.
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 1을 눌러준다. 이 작업부터는 Client 측 온보딩 작업이다. 소유하지 않는 검색을 위해 1를 입력한다.
Successfully provisioned ACE to device efea2ce6-16f1-4462-70e7-0e2c283ba65d
1
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Discovered unowned device: d3dfd350-4e6f-459a-7e14-54e7b491a96a at:
coap://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:53032
coaps://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:48862
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 8을 눌러준다. 기기의 소유권을 얻기위해서 8를 입력한다.
8
Unowned Devices:
[0]: d3dfd350-4e6f-459a-7e14-54e7b491a96a - Kishen's IPhone
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 0을 눌러준다. 소유하지 않은 장치가 여러 개 있는 경우 목록에서 올바른 장치를 선택해야 합니다.
Select device: 0
Successfully issued request to perform ownership transfer
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 4을 눌러준다. 메뉴얼에서는 2번을 누르라고 하는데 무시하고 클라이언트를 쌍으로 구성을 하기 위하여 4를 눌러준다.
Successfully performed OTM on device with UUID 4da24e24-b2ed-4b5f-530e-dfa293f8ad82
4
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Discovered owned device: efea2ce6-16f1-4462-70e7-0e2c283ba65d at:
coap://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:54163
coaps://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:48833
Discovered owned device: 4da24e24-b2ed-4b5f-530e-dfa293f8ad82 at:
coap://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:53032
coaps://[fe80:0000:0000:0000:0941:baaa:f0dc:09f0]:48862
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 12을 눌러준다. 서버와 클라이언트 자격증명을 프로비저닝 하기위해서 다음처럼 진행한다.
12
My Devices:
[0]: efea2ce6-16f1-4462-70e7-0e2c283ba65d - Lamp
[1]: 4da24e24-b2ed-4b5f-530e-dfa293f8ad82 - Kishen's IPhone
Plain Text
복사
1.
그 다음에는 다음 처럼 숫자 0과 1를 눌러준다. 클라이언트와 서버를 디바이스로 구성을 하며 만약에 장치가 여러개일 경우 해당 디바이스에 알맞게 맞추어 진행한다.
Select device 1: 0
Select device 2:1
Successfully issued request to provision credentials
################################################
OCF 2.x Onboarding Tool
################################################
[0] Display this menu
-----------------------------------------------
[1] Discover un-owned devices
[2] Discover un-owned devices in the realm-local IPv6 scope
[3] Discover un-owned devices in the site-local IPv6 scope
[4] Discover owned devices
[5] Discover owned devices in the realm-local IPv6 scope
[6] Discover owned devices in the site-local IPv6 scope
[7] Discover all resources on the device
-----------------------------------------------
[8] Just-Works Ownership Transfer Method
[9] Request Random PIN from device for OTM
[10] Random PIN Ownership Transfer Method
[11] Manufacturer Certificate based Ownership Transfer Method
-----------------------------------------------
[12] Provision pair-wise credentials
[13] Provision ACE2
[14] Provision auth-crypt RW access to NCRs
[15] RETRIEVE /oic/sec/cred
[16] DELETE cred by credid
[17] RETRIEVE /oic/sec/acl2
[18] DELETE ace by aceid
[19] RETRIEVE own creds
[20] DELETE own cred by credid
[21] Provision role RW access to NCRs
[22] Provision identity certificate
[23] Provision role certificate
[24] Set security domain info
-----------------------------------------------
[96] Install new manufacturer trust anchor
[97] RESET device
[98] RESET OBT
-----------------------------------------------
[99] Exit
################################################
Select option:
Plain Text
복사
1.
다음 문구가 나오면 정상적으로 진행이 되었다는걸 의미한다.
Successfully provisioned pair-wise credentials
Plain Text
복사
공식 문서
Onboarding and Provisioning
Runing the onboarding tool
At this time there are three versions of the onboarding tool. The command line C version, the
command line Java version, and the GUI Android version. Both command line versions are identical.
It does not matter which version of the onboarding tool is used.
The C version of the onboarding tool can be found in ``<iotivity-lite>/port/linux`` see Linux build
instructions.
A Java version of the onboarding-tool can be found in
``<iotivity-lite>/swig/apps/java_onboarding_tool``
The following instructions assume the onboarding tool has been built and can run.
Simple Step-by-Step guide for onboarding and provisioning
Plain Text
복사
This guide assumes you are starting one discoverable device at a time. Multiple devices can be
discovered and onboarded at the same time however it becomes the responsibility of the user to
figure out which UUID belongs to which device.
Once you have successfully onboarded the samples the first time using the following step-by-step
options feel free to RESET the devices and play around with different provisioning options.
The below steps use the command line version of the onboarding tool. The steps for the Android
onboarding tool is very similar but are not described here.
(Step 1) Onboard and Provision the Server
There are multiple methods to onboard and provision server and client samples. Below is given one
of the many possible ways the this could be done.
- start the server sample
- start onboarding tool it will print a menu with many option
- Type ``1`` **Enter** to ``Discover un-owned devices``
- Type ``8`` **Enter** to *Take ownership of device*
+ Type ``0`` **Enter**. If you have multiple unowned devices you will have to select the correct
device from the list.
- Type ``4`` **Enter** to ``Discover owned devices`` the device you just took ownership of should be
listed.
- Type ``13`` **Enter** to ``Provision ACE2``. There are many ways to properly provision the device.
This will give instruction for using wildcard provisioning.
+ Type ``0`` **Enter**. If you have multiple unowned devices you will have to select the correct
device from the list.
+ Type ``1`` **Enter** for an ``auth-crypt`` ACE
+ Type ``1`` **Enter** in response to ``Enter number of resources in this ACE:``
+ Type ``0`` **Enter** in response to ``Have resource href? [0-No, 1-Yes]:``
+ Type ``1`` **Enter** in response to ``Set wildcard resource? [0-No, 1-Yes]:``
+ Type ``2`` **Enter** to select the ``All discoverable resources`` option
+ Type ``0`` **Enter** in response to ``Enter number of resource types [0-None]:``
+ Type ``0`` **Enter** in response to ``Enter number of interfaces [0-None]``
+ Type ``0`` **Enter** for CREATE, ``1`` **Enter** for RETRIEVE, ``1`` **Enter** for UPDATE,
``0`` **Enter** for DELETE, and ``1`` **Enter** for NOTIFY.
+ ``Successfully issued request to provision ACE`` should be printed on the screen upon success
(Step 2) Onboard the client
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- start the client sample
- Type ``1`` **Enter** to ``Discover un-owned devices``
- Type ``8`` **Enter** to *Take ownership of device*
+ Type ``0`` **Enter**. If you have multiple unowned devices you will have to select the correct
device from the list.
- Type ``2`` **Enter** to ``Discover owned devices`` the server and client should be listed
(Step 3) Pair Server and Client
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Start the client and server samples
- Type ``12`` **Enter** to ``Provision pair-wise credentials``
- Type ``0`` **Enter** ``1`` **Enter** to pair the client and server. If you have multiple owned
devices you will have to select the correct devices from the list.
(Step 4) Restart and Test
~~~~~~~~~~~~~~~~~~~~~~~~~~
The samples should be onboarded and provisioned. Restart the server and then the client they should
discover each other and run without difficulty.
Send Feedback
-------------------------------------------------
Questions
`IoTivity-Lite Developer Mailing List <https://iotivity.groups.io/g/iotivity-dev>`_
Bugs
`Gitlab issues <https://gitlab.iotivity.org/iotivity/iotivity-lite/issues>`_
Plain Text
복사