Skip to content

README.md

Latest commit

Β 

History

History
79 lines (56 loc) Β· 2.34 KB

README.md

File metadata and controls

79 lines (56 loc) Β· 2.34 KB

πŸ«‚ Astarte Pairing (pg)

Pairing takes care of Device Authentication and Authorization. It interacts with Astarte's CA and orchestrates the way devices connect and interact with Transports. It also handles Device Registration. Agent, Device and Pairing interaction is described in detail in the astarte documentation.

πŸ”§ Build

to build pg you can follow the usual elixir flow

mix deps.get
mix compile

to lint pg code and get some insights on pattern matching and typing you can run dialyzer.

mix dialyzer

nb: all PRs have to be linter-approved, so running mix dialyzer before making a pull request saves everyone some precious review time!

πŸ§‘β€πŸ”¬ Test

to test pg you need a running instance of CFSSL and a cassandra-compatible database, (we suggest scylla)

docker run --rm -d -p 9042:9042 --name scylla scylladb/scylla
docker run --rm  -d -p 5672:5672 -p 15672:15672 --name rabbit rabbitmq:3.12.0-management
docker run --rm -d --net=host -p 8080/tcp ispirata/docker-alpine-cfssl-autotest:astarte
docker run --rm -d -p 8200:8200 --name openbao openbao/openbao:latest server -dev -dev-root-token-id=astarte_token
docker run -rm -d -p 8041:8041 --name rendezvous astarte/go-fdo-server:ade68cda47-20251128 --log-level=debug rendezvous 0.0.0.0:8041 --db-type sqlite --db-dsn "file:/var/lib/fdo/rendezvous.db"

by default CASSANDRA_NODES and CFSSL_API_URL environment variables map to localhost, so that

mix test

just works. In more complex scenarios you might need to tell to astarte where these resources are located.

CASSANDRA_NODES=localhost CFSSL_API_URL=http://localhost:8080 mix test

Test FDO

The feature is experimental and PAIRING_ENABLE_FDO must be set to true

To test FDO, the manufacturer and Device CA keys are required and can be generated from the following tools:

Generate manufacturer keys

docker run --rm
-v $(pwd)/compose/fdo-keys:/keys
quay.io/fido-fdo/admin-cli:latest
generate-key-and-cert manufacturer
--destination-dir /keys

Generate device CA keys

docker run --rm
-v $(pwd)/compose/fdo-keys:/keys
quay.io/fido-fdo/admin-cli:latest
generate-key-and-cert device-ca
--destination-dir /keys

Set permissions

chmod 644 compose/fdo-keys/.pem chmod 600 compose/fdo-keys/.der