We use cookies and similar technologies (also from third parties) to collect your device and browser information for a better understanding on how you use our online offerings. This enables us to optimize and personalize your experience with Infineon and to provide you with additional services and information based on your individual profile. Details are available in our privacy policy.
Privacy Policyand Imprint
View and change cookie settings
Accept
Reject
Ask the Community
Close
Ask the Community
nav search Icon
Forums gray-arrow gray-arrow
Resources gray-arrow gray-arrow
About gray-arrow gray-arrow
Groups gray-arrow gray-arrow
ques icon Help
ques icon
nav-user Account

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

Issue in script "python reprov_helper.py"

Sachin_Patel
Level 3
Level 3
25 sign-ins 10 questions asked 10 replies posted
‎Aug 02, 2022 08:00 AM
‎Aug 02, 2022 08:00 AM
Jump to solution

Hi  @AlenAn14  currently i am running the AWS_OTA using the MQTT example in that I run the "reprov_helper.py"  script and found the below issue.

 

key: {'crv': 'P-256', 'kty': 'EC', 'use': 'sig', 'kid': '1', 'x': 'UR9hgEqcFo14PbkuvIgSpJA0pncbktCZGInvjo0bgbk', 'y': 'Tm3vNOIh8dRBmaj_VS4UyWRfuwf4Whs9CTOqarcczuI'} Device public key has been read successfully. Device certificate generated successfully. 2022-08-02 15:46:56,158 : C : WARN  : There is gap between regions 269926400:270254080 and 270303232:270336000 (49152 bytes) 2022-08-02 15:46:56,158 : C : WARN  : Policy validation finished with warnings Traceback (most recent call last):   File "reprov_helper.py", line 305, in <module>     main(sys.argv[1:])   File "reprov_helper.py", line 297, in main     create_provisioning_packet()   File "reprov_helper.py", line 166, in create_provisioning_packet     cytools.create_provisioning_packet()   File "C:\Users\Engibrains\ModusToolbox\tools_2.4\python\lib\site-packages\cysecuretools\main.py", line 250, in create_provisioning_packet     image_cert=image_cert, dev_cert=dev_certs)   File "C:\Users\Engibrains\ModusToolbox\tools_2.4\python\lib\site-packages\cysecuretools\core\strategy_context\prov_packet_strategy_ctx.py", line 54, in create     return self._strategy.create(**kwargs)   File "C:\Users\Engibrains\ModusToolbox\tools_2.4\python\lib\site-packages\cysecuretools\execute\provisioning_packet_mxs40v1.py", line 176, in create     complete=True)   File "C:\Users\Engibrains\ModusToolbox\tools_2.4\python\lib\site-packages\cysecuretools\execute\provisioning_lib\cyprov_hsm.py", line 57, in pack_provision_cmd     x509.load_pem_x509_certificate(barr, default_backend())   File "C:\Users\Engibrains\ModusToolbox\tools_2.4\python\lib\site-packages\cryptography\x509\base.py", line 514, in load_pem_x509_certificate     return rust_x509.load_pem_x509_certificate(data) TypeError: argument 'data': 'bytearray' object cannot be converted to 'PyBytes'

 

Thanks.

0 Likes
Subscribe
1 Solution

Re: Issue in script "python reprov_helper.py"

LeoMathews
Moderator
Moderator
Moderator
500 replies posted 100 solutions authored 5 likes given
‎Sep 22, 2022 06:09 AM
‎Sep 22, 2022 06:09 AM
Jump to solution

Hi @Sachin_Patel 

Please install cysecuretools 3.1.0 using the following command

 

pip install cysecuretools

 

 Before running the command

 

python reprov_helper.py

 

Please verify whether the cysecuretools version installed is 3.1.0

Thanks and Regards
Leo

View solution in original post

0 Likes
5 Replies

Re: Issue in script "python reprov_helper.py"

nin
Moderator
Moderator
Moderator
First like given 10 likes received 100 sign-ins
‎Aug 02, 2022 11:00 PM
‎Aug 02, 2022 11:00 PM
Jump to solution

Hi @Sachin_Patel ,

 

Could you please tell us which PSoC 6 board you are using in this example code?

Also please share the example code link or send the example project file.

 

Thank you!

 

Best regards,

Ninad

0 Likes

Re: Issue in script "python reprov_helper.py"

Sachin_Patel
Level 3
Level 3
25 sign-ins 10 questions asked 10 replies posted
‎Aug 03, 2022 01:21 AM
‎Aug 03, 2022 01:21 AM
Jump to solution

Hi @nin ,

I am using "CY8CKIT-064S0S2-4343W" EVK.

Please find example code in below link.

https://github.com/Infineon/mtb-example-aws-iot-ota-mqtt

Thanks.

 

0 Likes

Re: Issue in script "python reprov_helper.py"

AlenAn14
Moderator
Moderator
Moderator
500 replies posted 100 solutions authored 250 replies posted
In response to Sachin_Patel
‎Aug 03, 2022 04:45 AM
‎Aug 03, 2022 04:45 AM
Jump to solution

HI @Sachin_Patel ,

Can you please let me know if you are running the "reprov_helper.py" script manually or are you using some cysecure tools commands?

Can you also let me know if you made any modifications in the policy file in the project as well?

Warm Regards
Alen

0 Likes

Re: Issue in script "python reprov_helper.py"

Sachin_Patel
Level 3
Level 3
25 sign-ins 10 questions asked 10 replies posted
‎Aug 03, 2022 10:09 PM
‎Aug 03, 2022 10:09 PM
Jump to solution

Hi @AlenAn14,

I ran it in Modus-shell1.3.0 at this project folder "mtb_shared\trusted-firmware-m\release-v1.3.3\security".

yes, I did some changes as per provisioning steps by readme. md  , You can see below are provisioning steps in readme.md 

 

 

 

  1. Open a CLI terminal.

    On Linux and macOS, you can use any terminal application. On Windows, open the "modus-shell" app from the Start menu.

  2. Navigate the terminal to the <mtb_shared>/trusted-firmware-m/<tag>/security folder.

  3. Run the following command.

    cysecuretools --target CY8CKIT-064S0S2-4343W init

  4. In the same directory create a folder called certificates and navigate the terminal to the new directory.

    mkdir certificates
cd certificates

  5. Create a root CA key pair.

    openssl genrsa -out rootCA.key 2048

  6. Create a root CA certificate. When you run the following command you will be asked to enter some fields, fill them. You can leave the Common Name and Email Address fields empty.

    openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem

  7. Download the Amazon Root CA certificate and place it in the certificates directory. Keep the file name as AmazonRootCA1.pem.

  8. Open the file <mtb_shared>/trusted-firmware-m/<tag>/security/policy/policy_multi_CM0_CM4_tfm_dev_certs.json in a text editor.

  9. Edit the value of set_img_ok key to false.

  10. Edit the value of chain_of_trust key to ["../certificates/device_cert.pem", "../certificates/AmazonRootCA1.pem"]. Save the file and close it.

  11. If you already have a provisined kit, skip to step 13.

  12. Run the following commands in the modus-shell from <mtb_shared>/trusted-firmware-m/<tag>/security directory.

    cysecuretools -t CY8CKIT-064S0S2-4343W -p policy/policy_multi_CM0_CM4_tfm.json create-keys
cysecuretools -t CY8CKIT-064S0S2-4343W -p policy/policy_multi_CM0_CM4_tfm.json provision-device

  13. Run the following command in the modus-shell from <mtb_shared>/trusted-firmware-m/<tag>/security directory, to re-provision the device. Select yes for all the questions asked.

    python reprov_helper.py

    Note that this step generates a device_cert.pem certificate file in the certificates folder that you created in step 4. This is a self-signed device certificate. This certificate should be attached to the AWS IoT Thing when it is created; do not let AWS create ceritficates for you.

    The device_cert.pem file will be regenerated every time you run the reprov_helper.py python file. Take care to update the new device certificate to the AWS IoT Thing.

 

 

0 Likes

Re: Issue in script "python reprov_helper.py"

LeoMathews
Moderator
Moderator
Moderator
500 replies posted 100 solutions authored 5 likes given
‎Sep 22, 2022 06:09 AM
‎Sep 22, 2022 06:09 AM
Jump to solution

Hi @Sachin_Patel 

Please install cysecuretools 3.1.0 using the following command

 

pip install cysecuretools

 

 Before running the command

 

python reprov_helper.py

 

Please verify whether the cysecuretools version installed is 3.1.0

Thanks and Regards
Leo

0 Likes