From 3036bae0b3198abf690b557efd0fb8258ed139b5 Mon Sep 17 00:00:00 2001 From: delaplan Date: Fri, 11 Jun 2021 09:32:34 -0700 Subject: [PATCH 1/2] Added Iot credential usage to producer c samples --- samples/KvsAudioVideoStreamingSample.c | 23 ++++ samples/KvsVideoOnlyRealtimeStreamingSample.c | 27 +++++ scripts/generate-iot-credential.sh | 107 ++++++++++++++++++ tst/.CallbacksProviderPublicApiTest.cpp.swp | Bin 0 -> 16384 bytes 4 files changed, 157 insertions(+) create mode 100755 scripts/generate-iot-credential.sh create mode 100644 tst/.CallbacksProviderPublicApiTest.cpp.swp diff --git a/samples/KvsAudioVideoStreamingSample.c b/samples/KvsAudioVideoStreamingSample.c index 7f001aa37..c64992914 100644 --- a/samples/KvsAudioVideoStreamingSample.c +++ b/samples/KvsAudioVideoStreamingSample.c @@ -216,10 +216,20 @@ INT32 main(INT32 argc, CHAR* argv[]) CHK(FALSE, STATUS_INVALID_ARG); } +#ifdef IOT_CORE_ENABLE_CREDENTIALS + PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; + CHK_ERR((pIotCoreCredentialEndPoint = getenv(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, + "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); + CHK_ERR((pIotCoreCert = getenv(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); + CHK_ERR((pIotCorePrivateKey = getenv(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); + CHK_ERR((pIotCoreRoleAlias = getenv(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); + CHK_ERR((pIotCoreThingName = getenv(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); +#else if ((accessKey = getenv(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = getenv(SECRET_KEY_ENV_VAR)) == NULL) { printf("Error missing credentials\n"); CHK(FALSE, STATUS_INVALID_ARG); } +#endif MEMSET(data.sampleDir, 0x00, MAX_PATH_LEN + 1); if (argc < 4) { @@ -309,8 +319,21 @@ INT32 main(INT32 argc, CHAR* argv[]) data.startTime = GETTIME(); data.firstFrame = TRUE; +#ifdef IOT_CORE_ENABLE_CREDENTIALS + CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndPoint, + pIotCoreCert, + pIotCorePrivateKey, + cacertPath, + pIotCoreRoleAlias, + pIotCoreThingName, + region, + NULL, + NULL, + &pClientCallbacks)); +#else CHK_STATUS(createDefaultCallbacksProviderWithAwsCredentials(accessKey, secretKey, sessionToken, MAX_UINT64, region, cacertPath, NULL, NULL, &pClientCallbacks)); +#endif if (NULL != getenv(ENABLE_FILE_LOGGING)) { if ((retStatus = addFileLoggerPlatformCallbacksProvider(pClientCallbacks, FILE_LOGGING_BUFFER_SIZE, MAX_NUMBER_OF_LOG_FILES, diff --git a/samples/KvsVideoOnlyRealtimeStreamingSample.c b/samples/KvsVideoOnlyRealtimeStreamingSample.c index a5e3d2efc..e765f438a 100644 --- a/samples/KvsVideoOnlyRealtimeStreamingSample.c +++ b/samples/KvsVideoOnlyRealtimeStreamingSample.c @@ -76,10 +76,21 @@ INT32 main(INT32 argc, CHAR* argv[]) CHK(FALSE, STATUS_INVALID_ARG); } + +#ifdef IOT_CORE_ENABLE_CREDENTIALS + PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; + CHK_ERR((pIotCoreCredentialEndPoint = getenv(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, + "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); + CHK_ERR((pIotCoreCert = getenv(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); + CHK_ERR((pIotCorePrivateKey = getenv(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); + CHK_ERR((pIotCoreRoleAlias = getenv(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); + CHK_ERR((pIotCoreThingName = getenv(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); +#else if ((accessKey = getenv(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = getenv(SECRET_KEY_ENV_VAR)) == NULL) { DLOGE("Error missing credentials"); CHK(FALSE, STATUS_INVALID_ARG); } +#endif MEMSET(frameFilePath, 0x00, MAX_PATH_LEN + 1); if (argc < 5) { @@ -88,6 +99,7 @@ INT32 main(INT32 argc, CHAR* argv[]) STRNCPY(frameFilePath, argv[4], MAX_PATH_LEN); } + cacertPath = getenv(CACERT_PATH_ENV_VAR); sessionToken = getenv(SESSION_TOKEN_ENV_VAR); streamName = argv[1]; @@ -122,8 +134,23 @@ INT32 main(INT32 argc, CHAR* argv[]) // adjust members of pStreamInfo here if needed startTime = GETTIME(); + + +#ifdef IOT_CORE_ENABLE_CREDENTIALS + CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndPoint, + pIotCoreCert, + pIotCorePrivateKey, + cacertPath, + pIotCoreRoleAlias, + pIotCoreThingName, + region, + NULL, + NULL, + &pClientCallbacks)); +#else CHK_STATUS(createDefaultCallbacksProviderWithAwsCredentials(accessKey, secretKey, sessionToken, MAX_UINT64, region, cacertPath, NULL, NULL, &pClientCallbacks)); +#endif if (NULL != getenv(ENABLE_FILE_LOGGING)) { if ((retStatus = addFileLoggerPlatformCallbacksProvider(pClientCallbacks, FILE_LOGGING_BUFFER_SIZE, MAX_NUMBER_OF_LOG_FILES, diff --git a/scripts/generate-iot-credential.sh b/scripts/generate-iot-credential.sh new file mode 100755 index 000000000..ae3b3c720 --- /dev/null +++ b/scripts/generate-iot-credential.sh @@ -0,0 +1,107 @@ +#!/bin/bash +# You need to setup your aws cli first, because this script is based on aws cli. +# You can use this script to setup environment variables in the shell which samples run on. +# https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/how-iot.html +thingName="webrtc_iot_thing" +thingTypeName="webrtc_iot_thing_type" +iotPolicyName="webrtc_iot_policy" +kvsPolicyName="webrtc_policy" +iotRoleName="webrtc_iot_role" +iotRoleAlias="webrtc_iot_role_alias" +iotCert="webrtc_iot_certifcate.pem" +iotPublicKey="webrtc_iot_public.key" +iotPrivateKey="webrtc_iot_private.key" + +# Step 1: Create an IoT Thing Type and an IoT Thing +# The following example command creates a thing type $thingTypeName +aws --profile default iot create-thing-type --thing-type-name $thingTypeName > iot-thing-type.json +# And this example command creates the $thingName thing of the $thingTypeName thing type: +aws --profile default iot create-thing --thing-name $thingName --thing-type-name $thingTypeName > iot-thing.json + +# Step 2: Create an IAM Role to be Assumed by IoT +# You can use the following trust policy JSON for the iam-policy-document.json: +echo '{ + "Version":"2012-10-17", + "Statement":[ + { + "Effect":"Allow", + "Principal":{ + "Service":"credentials.iot.amazonaws.com" + }, + "Action":"sts:AssumeRole" + } + ] +}' > iam-policy-document.json +# Create an IAM role. +aws --profile default iam create-role --role-name $iotRoleName --assume-role-policy-document 'file://iam-policy-document.json' > iam-role.json + +# You can use the following IAM policy JSON for the iam-permission-document.json: +echo '{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "kinesisvideo:DescribeSignalingChannel", + "kinesisvideo:CreateSignalingChannel", + "kinesisvideo:DeleteSignalingChannel", + "kinesisvideo:GetSignalingChannelEndpoint", + "kinesisvideo:GetIceServerConfig", + "kinesisvideo:ConnectAsMaster", + "kinesisvideo:ConnectAsViewer" + ], + "Resource": "arn:aws:kinesisvideo:*:*:channel/${credentials-iot:ThingName}/*" + } + ] +}' > iam-permission-document.json +# Next, you must attach a permissions policy to the IAM role you created above. +aws --profile default iam put-role-policy --role-name $iotRoleName --policy-name $kvsPolicyName --policy-document 'file://iam-permission-document.json' +# Next, create a Role Alias for your IAM Role +aws --profile default iot create-role-alias --role-alias $iotRoleAlias --role-arn $(jq --raw-output '.Role.Arn' iam-role.json) --credential-duration-seconds 3600 > iot-role-alias.json + +# You can use the following command to create the iot-policy-document.json document JSON: +cat > iot-policy-document.json < certificate +# Attach the policy for IoT (KvsCameraIoTPolicy created above) to this certificate. +aws --profile default iot attach-policy --policy-name $iotPolicyName --target $(jq --raw-output '.certificateArn' certificate) +# Attach your IoT thing (kvs_example_camera_stream) to the certificate you just created: +aws --profile default iot attach-thing-principal --thing-name $thingName --principal $(jq --raw-output '.certificateArn' certificate) +# In order to authorize requests through the IoT credentials provider, you need the IoT credentials endpoint which is unique to your AWS account ID. You can use the following command to get the IoT credentials endpoint. +aws --profile default iot describe-endpoint --endpoint-type iot:CredentialProvider --output text > iot-credential-provider.txt +# In addition to the X.509 cerficiate created above, you must also have a CA certificate to establish trust with the back-end service through TLS. You can get the CA certificate using the following command: +curl --silent 'https://www.amazontrust.com/repository/SFSRootCAG2.pem' --output cacert.pem + + +export AWS_IOT_CORE_CREDENTIAL_ENDPOINT=$(cat iot-credential-provider.txt) +export AWS_IOT_CORE_CERT=$(pwd)"/"$iotCert +export AWS_IOT_CORE_PRIVATE_KEY=$(pwd)"/"$iotPrivateKey +export AWS_IOT_CORE_ROLE_ALIAS=$iotRoleAlias +export AWS_IOT_CORE_THING_NAME=$thingName + + + diff --git a/tst/.CallbacksProviderPublicApiTest.cpp.swp b/tst/.CallbacksProviderPublicApiTest.cpp.swp new file mode 100644 index 0000000000000000000000000000000000000000..591e9f4b6b75883ede3cbcca4ca936e04ebe822e GIT binary patch literal 16384 zcmeI2Z)_7~9LFCKMPw6#yfB*JF_PH{ZMW&dq)I&6>vmAudcAIgy|`U(x9nWkHoYqt zCK`yZOdyW<#xPBEzT%D1WUrJL2GDo%N)tlV@KQnMpZF)D;PHhuNu$uSl zMp2c=b$_9lA1*0s(XRvz-3W%|Y&Ih+V|ucfHwzY%rA$^+*n%dix)D$ch3dZOf7Adq z;5E=pp6cvqH&ZvaY+@c>pY|4@->Cs=fEu6%r~zt#8lVQK0czkbHeeK1kymkiE9_&; z+n@J%KCj!`n4Ru~+D^G^cK(o^f5B7#Z#&;i=cu@3ZTj^yFW)^ZV`mm3D`n z`uE!D8|}|QPrjW@Kd1p}fEu6%r~zt#8lVQK0cwC6pa!UcWobYjCS*O1{ChKy#`}LK zKL2(tA>V-GU=r*CJs=8xc!-co;0!noh5!pTfnS>m`3lT{H$fKc1HIr0&h#E`Sff8z2wjpcQNYE5Mc2=o^>73zXd!F%8^7y{j(6>I>%+)v2Q;9YP8WIz&hfOTN@K0-bR zGhiAV0f#{VtOc_x3Hbti0#1N~KmgB!0B8nH;A2c?Oo5ldAb1u$308xPnAbQ5PJtLD5+yz%N?c#W0cPuVYO&z zBbtJeKH}<7YayJ~)LgY@TU*Fgz}%C&kF_bjWVn|V+L#CzWz#WHV*68)!1eHnxVvWM z=*3<>-Xq1?J)FBhZPQkjFe^3kMTOs#@XCnP^H*m?ZpS%p?jy?bF)nhKo#hRsH#q6% z8IwjoljV6?S*-9%{jy$x?_)(y+Rg2~!4-U-!J+c&-xC*biC=(x&p_4OUaNz1>+Y!L zKK|32XhlN3Yr0k7_6V=^<&HV`tsbRQoFK71ob!C;Jfe9rrDP%{M)?8vL&}mp?NsFa zj|M8j3wRPu2zw>S!(a1xRN@37A<&z&>$$lyxJz)^s{pArmd`QIF>G4wmBMT+wv!F-PD$ak zAYlGL>f?kI-V(XrI5m7FWrdrIn!>SKs6PX?&>0^0@s?+aY9cpqK_MkJ2{`_LB> u6}znZ7G;{*!gPengH`RQH7i;Z*x%qipm$pHjv0t0n%DJ+woKoorhfqbrd)ae literal 0 HcmV?d00001 From 408396675533444014144487749182ef2d4003fa Mon Sep 17 00:00:00 2001 From: Divya Sampath Kumar Date: Wed, 6 Dec 2023 11:54:25 -0800 Subject: [PATCH 2/2] Refactor samples to include IoT usage and update readme --- README.md | 9 ++ samples/KvsAudioOnlyStreamingSample.c | 50 ++++++--- samples/KvsAudioVideoStreamingSample.c | 73 +++++++------ samples/KvsVideoOnlyOfflineStreamingSample.c | 39 +++++-- samples/KvsVideoOnlyRealtimeStreamingSample.c | 55 +++++----- samples/Samples.h | 28 +++++ scripts/generate-iot-credential.sh | 99 ++++++++++-------- tst/.CallbacksProviderPublicApiTest.cpp.swp | Bin 16384 -> 0 bytes 8 files changed, 216 insertions(+), 137 deletions(-) create mode 100644 samples/Samples.h delete mode 100644 tst/.CallbacksProviderPublicApiTest.cpp.swp diff --git a/README.md b/README.md index e49af0f3e..f8c0d8403 100644 --- a/README.md +++ b/README.md @@ -133,6 +133,15 @@ For audio only, run `./kvsAudioOnlyStreamingSample +#include "Samples.h" #define DEFAULT_RETENTION_PERIOD 2 * HUNDREDS_OF_NANOS_IN_AN_HOUR #define DEFAULT_BUFFER_DURATION 120 * HUNDREDS_OF_NANOS_IN_A_SECOND @@ -15,8 +15,7 @@ #define NUMBER_OF_AUDIO_FRAME_FILES 582 -#define FILE_LOGGING_BUFFER_SIZE (100 * 1024) -#define MAX_NUMBER_OF_LOG_FILES 5 +// #define IOT_CORE_ENABLE_CREDENTIALS 1 typedef struct { PBYTE buffer; @@ -110,21 +109,32 @@ INT32 main(INT32 argc, CHAR* argv[]) STRNCPY(audioCodec, AUDIO_CODEC_NAME_AAC, STRLEN(AUDIO_CODEC_NAME_AAC)); // aac audio by default - if (argc >= 5) { - if (!STRCMP(argv[2], AUDIO_CODEC_NAME_ALAW)) { - STRNCPY(audioCodec, AUDIO_CODEC_NAME_ALAW, STRLEN(AUDIO_CODEC_NAME_ALAW)); - } - } +#ifdef IOT_CORE_ENABLE_CREDENTIALS + PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; + CHK_ERR((pIotCoreCredentialEndpoint = GETENV(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, + "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); + CHK_ERR((pIotCoreCert = GETENV(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); + CHK_ERR((pIotCorePrivateKey = GETENV(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); + CHK_ERR((pIotCoreRoleAlias = GETENV(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); + CHK_ERR((pIotCoreThingName = GETENV(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); +#else if (argc < 2) { printf("Usage: AWS_ACCESS_KEY_ID=SAMPLEKEY AWS_SECRET_ACCESS_KEY=SAMPLESECRET %s \n", argv[0]); CHK(FALSE, STATUS_INVALID_ARG); } - - if ((accessKey = getenv(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = getenv(SECRET_KEY_ENV_VAR)) == NULL) { + if ((accessKey = GETENV(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = GETENV(SECRET_KEY_ENV_VAR)) == NULL) { printf("Error missing credentials\n"); CHK(FALSE, STATUS_INVALID_ARG); } + sessionToken = GETENV(SESSION_TOKEN_ENV_VAR); +#endif + + if (argc >= 5) { + if (!STRCMP(argv[2], AUDIO_CODEC_NAME_ALAW)) { + STRNCPY(audioCodec, AUDIO_CODEC_NAME_ALAW, STRLEN(AUDIO_CODEC_NAME_ALAW)); + } + } MEMSET(data.sampleDir, 0x00, MAX_PATH_LEN + 1); if (argc < 4) { @@ -146,10 +156,16 @@ INT32 main(INT32 argc, CHAR* argv[]) } printf("Done loading audio frames.\n"); - cacertPath = getenv(CACERT_PATH_ENV_VAR); - sessionToken = getenv(SESSION_TOKEN_ENV_VAR); + cacertPath = GETENV(CACERT_PATH_ENV_VAR); + sessionToken = GETENV(SESSION_TOKEN_ENV_VAR); + +#ifdef IOT_CORE_ENABLE_CREDENTIALS + streamName = pIotCoreThingName; +#else streamName = argv[1]; - if ((region = getenv(DEFAULT_REGION_ENV_VAR)) == NULL) { +#endif + + if ((region = GETENV(DEFAULT_REGION_ENV_VAR)) == NULL) { region = (PCHAR) DEFAULT_AWS_REGION; } @@ -202,10 +218,16 @@ INT32 main(INT32 argc, CHAR* argv[]) data.startTime = GETTIME(); data.firstFrame = TRUE; + +#ifdef IOT_CORE_ENABLE_CREDENTIALS + CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, cacertPath, + pIotCoreRoleAlias, pIotCoreThingName, region, NULL, NULL, &pClientCallbacks)); +#else CHK_STATUS(createDefaultCallbacksProviderWithAwsCredentials(accessKey, secretKey, sessionToken, MAX_UINT64, region, cacertPath, NULL, NULL, &pClientCallbacks)); +#endif - if (NULL != getenv(ENABLE_FILE_LOGGING)) { + if (NULL != GETENV(ENABLE_FILE_LOGGING)) { if ((retStatus = addFileLoggerPlatformCallbacksProvider(pClientCallbacks, FILE_LOGGING_BUFFER_SIZE, MAX_NUMBER_OF_LOG_FILES, (PCHAR) FILE_LOGGER_LOG_FILE_DIRECTORY_PATH, TRUE) != STATUS_SUCCESS)) { printf("File logging enable option failed with 0x%08x error code\n", retStatus); diff --git a/samples/KvsAudioVideoStreamingSample.c b/samples/KvsAudioVideoStreamingSample.c index c64992914..84f299a5a 100644 --- a/samples/KvsAudioVideoStreamingSample.c +++ b/samples/KvsAudioVideoStreamingSample.c @@ -1,4 +1,4 @@ -#include +#include "Samples.h" #define DEFAULT_RETENTION_PERIOD 2 * HUNDREDS_OF_NANOS_IN_AN_HOUR #define DEFAULT_BUFFER_DURATION 120 * HUNDREDS_OF_NANOS_IN_A_SECOND @@ -22,8 +22,7 @@ #define NUMBER_OF_VIDEO_FRAME_FILES 403 #define NUMBER_OF_AUDIO_FRAME_FILES 582 -#define FILE_LOGGING_BUFFER_SIZE (100 * 1024) -#define MAX_NUMBER_OF_LOG_FILES 5 +// #define IOT_CORE_ENABLE_CREDENTIALS 1 UINT8 gEventsEnabled = 0; @@ -195,6 +194,28 @@ INT32 main(INT32 argc, CHAR* argv[]) STRNCPY(audioCodec, AUDIO_CODEC_NAME_AAC, STRLEN(AUDIO_CODEC_NAME_AAC)); // aac audio by default STRNCPY(videoCodec, VIDEO_CODEC_NAME_H264, STRLEN(VIDEO_CODEC_NAME_H264)); // h264 video by default +#ifdef IOT_CORE_ENABLE_CREDENTIALS + PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; + CHK_ERR((pIotCoreCredentialEndpoint = GETENV(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, + "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); + CHK_ERR((pIotCoreCert = GETENV(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); + CHK_ERR((pIotCorePrivateKey = GETENV(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); + CHK_ERR((pIotCoreRoleAlias = GETENV(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); + CHK_ERR((pIotCoreThingName = GETENV(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); +#else + if (argc < 2) { + printf("Usage: AWS_ACCESS_KEY_ID=SAMPLEKEY AWS_SECRET_ACCESS_KEY=SAMPLESECRET %s " + "[audio_codec] [video_codec] [events_enabled]\n", + argv[0]); + CHK(FALSE, STATUS_INVALID_ARG); + } + if ((accessKey = GETENV(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = GETENV(SECRET_KEY_ENV_VAR)) == NULL) { + printf("Error missing credentials\n"); + CHK(FALSE, STATUS_INVALID_ARG); + } + sessionToken = GETENV(SESSION_TOKEN_ENV_VAR); +#endif + if (argc == 7) { if (!STRCMP(argv[6], "1")) { gEventsEnabled = 1; @@ -209,27 +230,6 @@ INT32 main(INT32 argc, CHAR* argv[]) videoCodecID = VIDEO_CODEC_ID_H265; } } - if (argc < 2) { - printf("Usage: AWS_ACCESS_KEY_ID=SAMPLEKEY AWS_SECRET_ACCESS_KEY=SAMPLESECRET %s " - "[audio_codec] [video_codec] [events_enabled]\n", - argv[0]); - CHK(FALSE, STATUS_INVALID_ARG); - } - -#ifdef IOT_CORE_ENABLE_CREDENTIALS - PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; - CHK_ERR((pIotCoreCredentialEndPoint = getenv(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, - "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); - CHK_ERR((pIotCoreCert = getenv(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); - CHK_ERR((pIotCorePrivateKey = getenv(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); - CHK_ERR((pIotCoreRoleAlias = getenv(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); - CHK_ERR((pIotCoreThingName = getenv(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); -#else - if ((accessKey = getenv(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = getenv(SECRET_KEY_ENV_VAR)) == NULL) { - printf("Error missing credentials\n"); - CHK(FALSE, STATUS_INVALID_ARG); - } -#endif MEMSET(data.sampleDir, 0x00, MAX_PATH_LEN + 1); if (argc < 4) { @@ -261,10 +261,15 @@ INT32 main(INT32 argc, CHAR* argv[]) } printf("Done loading video frames.\n"); - cacertPath = getenv(CACERT_PATH_ENV_VAR); - sessionToken = getenv(SESSION_TOKEN_ENV_VAR); + cacertPath = GETENV(CACERT_PATH_ENV_VAR); + +#ifdef IOT_CORE_ENABLE_CREDENTIALS + streamName = pIotCoreThingName; +#else streamName = argv[1]; - if ((region = getenv(DEFAULT_REGION_ENV_VAR)) == NULL) { +#endif + + if ((region = GETENV(DEFAULT_REGION_ENV_VAR)) == NULL) { region = (PCHAR) DEFAULT_AWS_REGION; } @@ -320,22 +325,14 @@ INT32 main(INT32 argc, CHAR* argv[]) data.startTime = GETTIME(); data.firstFrame = TRUE; #ifdef IOT_CORE_ENABLE_CREDENTIALS - CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndPoint, - pIotCoreCert, - pIotCorePrivateKey, - cacertPath, - pIotCoreRoleAlias, - pIotCoreThingName, - region, - NULL, - NULL, - &pClientCallbacks)); + CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, cacertPath, + pIotCoreRoleAlias, pIotCoreThingName, region, NULL, NULL, &pClientCallbacks)); #else CHK_STATUS(createDefaultCallbacksProviderWithAwsCredentials(accessKey, secretKey, sessionToken, MAX_UINT64, region, cacertPath, NULL, NULL, &pClientCallbacks)); #endif - if (NULL != getenv(ENABLE_FILE_LOGGING)) { + if (NULL != GETENV(ENABLE_FILE_LOGGING)) { if ((retStatus = addFileLoggerPlatformCallbacksProvider(pClientCallbacks, FILE_LOGGING_BUFFER_SIZE, MAX_NUMBER_OF_LOG_FILES, (PCHAR) FILE_LOGGER_LOG_FILE_DIRECTORY_PATH, TRUE) != STATUS_SUCCESS)) { printf("File logging enable option failed with 0x%08x error code\n", retStatus); diff --git a/samples/KvsVideoOnlyOfflineStreamingSample.c b/samples/KvsVideoOnlyOfflineStreamingSample.c index 9424eeedc..b67463819 100644 --- a/samples/KvsVideoOnlyOfflineStreamingSample.c +++ b/samples/KvsVideoOnlyOfflineStreamingSample.c @@ -1,4 +1,4 @@ -#include +#include "Samples.h" #define DEFAULT_RETENTION_PERIOD 2 * HUNDREDS_OF_NANOS_IN_AN_HOUR #define DEFAULT_BUFFER_DURATION 120 * HUNDREDS_OF_NANOS_IN_A_SECOND @@ -14,8 +14,8 @@ #define NUMBER_OF_FRAME_FILES 403 -#define FILE_LOGGING_BUFFER_SIZE (100 * 1024) -#define MAX_NUMBER_OF_LOG_FILES 5 +// #define IOT_CORE_ENABLE_CREDENTIALS 1 + STATUS readFrameData(PFrame pFrame, PCHAR frameFilePath, PCHAR videoCodec) { STATUS retStatus = STATUS_SUCCESS; @@ -66,17 +66,27 @@ INT32 main(INT32 argc, CHAR* argv[]) STRNCPY(videoCodec, VIDEO_CODEC_NAME_H264, STRLEN(VIDEO_CODEC_NAME_H264)); // h264 video by default VIDEO_CODEC_ID videoCodecID = VIDEO_CODEC_ID_H264; +#ifdef IOT_CORE_ENABLE_CREDENTIALS + PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; + CHK_ERR((pIotCoreCredentialEndpoint = GETENV(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, + "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); + CHK_ERR((pIotCoreCert = GETENV(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); + CHK_ERR((pIotCorePrivateKey = GETENV(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); + CHK_ERR((pIotCoreRoleAlias = GETENV(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); + CHK_ERR((pIotCoreThingName = GETENV(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); +#else if (argc < 2) { DLOGE("Usage: AWS_ACCESS_KEY_ID=SAMPLEKEY AWS_SECRET_ACCESS_KEY=SAMPLESECRET %s " "\n", argv[0]); CHK(FALSE, STATUS_INVALID_ARG); } - - if ((accessKey = getenv(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = getenv(SECRET_KEY_ENV_VAR)) == NULL) { + if ((accessKey = GETENV(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = GETENV(SECRET_KEY_ENV_VAR)) == NULL) { DLOGE("Error missing credentials"); CHK(FALSE, STATUS_INVALID_ARG); } + sessionToken = GETENV(SESSION_TOKEN_ENV_VAR); +#endif MEMSET(frameFilePath, 0x00, MAX_PATH_LEN + 1); if (argc < 5) { @@ -85,10 +95,15 @@ INT32 main(INT32 argc, CHAR* argv[]) STRNCPY(frameFilePath, argv[4], MAX_PATH_LEN); } - cacertPath = getenv(CACERT_PATH_ENV_VAR); - sessionToken = getenv(SESSION_TOKEN_ENV_VAR); + cacertPath = GETENV(CACERT_PATH_ENV_VAR); + +#ifdef IOT_CORE_ENABLE_CREDENTIALS + streamName = pIotCoreThingName; +#else streamName = argv[1]; - if ((region = getenv(DEFAULT_REGION_ENV_VAR)) == NULL) { +#endif + + if ((region = GETENV(DEFAULT_REGION_ENV_VAR)) == NULL) { region = (PCHAR) DEFAULT_AWS_REGION; } @@ -119,10 +134,16 @@ INT32 main(INT32 argc, CHAR* argv[]) // adjust members of pStreamInfo here if needed startTime = GETTIME(); + +#ifdef IOT_CORE_ENABLE_CREDENTIALS + CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, cacertPath, + pIotCoreRoleAlias, pIotCoreThingName, region, NULL, NULL, &pClientCallbacks)); +#else CHK_STATUS(createDefaultCallbacksProviderWithAwsCredentials(accessKey, secretKey, sessionToken, MAX_UINT64, region, cacertPath, NULL, NULL, &pClientCallbacks)); +#endif - if (NULL != getenv(ENABLE_FILE_LOGGING)) { + if (NULL != GETENV(ENABLE_FILE_LOGGING)) { if ((retStatus = addFileLoggerPlatformCallbacksProvider(pClientCallbacks, FILE_LOGGING_BUFFER_SIZE, MAX_NUMBER_OF_LOG_FILES, (PCHAR) FILE_LOGGER_LOG_FILE_DIRECTORY_PATH, TRUE) != STATUS_SUCCESS)) { printf("File logging enable option failed with 0x%08x error code\n", retStatus); diff --git a/samples/KvsVideoOnlyRealtimeStreamingSample.c b/samples/KvsVideoOnlyRealtimeStreamingSample.c index e765f438a..36769d5a8 100644 --- a/samples/KvsVideoOnlyRealtimeStreamingSample.c +++ b/samples/KvsVideoOnlyRealtimeStreamingSample.c @@ -1,4 +1,4 @@ -#include +#include "Samples.h" #define DEFAULT_RETENTION_PERIOD 2 * HUNDREDS_OF_NANOS_IN_AN_HOUR #define DEFAULT_BUFFER_DURATION 120 * HUNDREDS_OF_NANOS_IN_A_SECOND @@ -14,8 +14,8 @@ #define NUMBER_OF_FRAME_FILES 403 -#define FILE_LOGGING_BUFFER_SIZE (100 * 1024) -#define MAX_NUMBER_OF_LOG_FILES 5 +// #define IOT_CORE_ENABLE_CREDENTIALS 1 + STATUS readFrameData(PFrame pFrame, PCHAR frameFilePath, PCHAR videoCodec) { STATUS retStatus = STATUS_SUCCESS; @@ -69,27 +69,27 @@ INT32 main(INT32 argc, CHAR* argv[]) STRNCPY(videoCodec, VIDEO_CODEC_NAME_H264, STRLEN(VIDEO_CODEC_NAME_H264)); // h264 video by default VIDEO_CODEC_ID videoCodecID = VIDEO_CODEC_ID_H264; +#ifdef IOT_CORE_ENABLE_CREDENTIALS + PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; + CHK_ERR((pIotCoreCredentialEndpoint = GETENV(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, + "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); + CHK_ERR((pIotCoreCert = GETENV(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); + CHK_ERR((pIotCorePrivateKey = GETENV(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); + CHK_ERR((pIotCoreRoleAlias = GETENV(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); + CHK_ERR((pIotCoreRoleAlias = GETENV(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); + CHK_ERR((pIotCoreThingName = GETENV(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); +#else if (argc < 2) { DLOGE("Usage: AWS_ACCESS_KEY_ID=SAMPLEKEY AWS_SECRET_ACCESS_KEY=SAMPLESECRET %s " "\n", argv[0]); CHK(FALSE, STATUS_INVALID_ARG); } - - -#ifdef IOT_CORE_ENABLE_CREDENTIALS - PCHAR pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, pIotCoreRoleAlias, pIotCoreThingName; - CHK_ERR((pIotCoreCredentialEndPoint = getenv(IOT_CORE_CREDENTIAL_ENDPOINT)) != NULL, STATUS_INVALID_OPERATION, - "AWS_IOT_CORE_CREDENTIAL_ENDPOINT must be set"); - CHK_ERR((pIotCoreCert = getenv(IOT_CORE_CERT)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_CERT must be set"); - CHK_ERR((pIotCorePrivateKey = getenv(IOT_CORE_PRIVATE_KEY)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_PRIVATE_KEY must be set"); - CHK_ERR((pIotCoreRoleAlias = getenv(IOT_CORE_ROLE_ALIAS)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_ROLE_ALIAS must be set"); - CHK_ERR((pIotCoreThingName = getenv(IOT_CORE_THING_NAME)) != NULL, STATUS_INVALID_OPERATION, "AWS_IOT_CORE_THING_NAME must be set"); -#else - if ((accessKey = getenv(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = getenv(SECRET_KEY_ENV_VAR)) == NULL) { + if ((accessKey = GETENV(ACCESS_KEY_ENV_VAR)) == NULL || (secretKey = GETENV(SECRET_KEY_ENV_VAR)) == NULL) { DLOGE("Error missing credentials"); CHK(FALSE, STATUS_INVALID_ARG); } + sessionToken = GETENV(SESSION_TOKEN_ENV_VAR); #endif MEMSET(frameFilePath, 0x00, MAX_PATH_LEN + 1); @@ -99,11 +99,13 @@ INT32 main(INT32 argc, CHAR* argv[]) STRNCPY(frameFilePath, argv[4], MAX_PATH_LEN); } - - cacertPath = getenv(CACERT_PATH_ENV_VAR); - sessionToken = getenv(SESSION_TOKEN_ENV_VAR); + cacertPath = GETENV(CACERT_PATH_ENV_VAR); +#ifdef IOT_CORE_ENABLE_CREDENTIALS + streamName = pIotCoreThingName; +#else streamName = argv[1]; - if ((region = getenv(DEFAULT_REGION_ENV_VAR)) == NULL) { +#endif + if ((region = GETENV(DEFAULT_REGION_ENV_VAR)) == NULL) { region = (PCHAR) DEFAULT_AWS_REGION; } @@ -135,24 +137,15 @@ INT32 main(INT32 argc, CHAR* argv[]) startTime = GETTIME(); - #ifdef IOT_CORE_ENABLE_CREDENTIALS - CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndPoint, - pIotCoreCert, - pIotCorePrivateKey, - cacertPath, - pIotCoreRoleAlias, - pIotCoreThingName, - region, - NULL, - NULL, - &pClientCallbacks)); + CHK_STATUS(createDefaultCallbacksProviderWithIotCertificate(pIotCoreCredentialEndpoint, pIotCoreCert, pIotCorePrivateKey, cacertPath, + pIotCoreRoleAlias, pIotCoreThingName, region, NULL, NULL, &pClientCallbacks)); #else CHK_STATUS(createDefaultCallbacksProviderWithAwsCredentials(accessKey, secretKey, sessionToken, MAX_UINT64, region, cacertPath, NULL, NULL, &pClientCallbacks)); #endif - if (NULL != getenv(ENABLE_FILE_LOGGING)) { + if (NULL != GETENV(ENABLE_FILE_LOGGING)) { if ((retStatus = addFileLoggerPlatformCallbacksProvider(pClientCallbacks, FILE_LOGGING_BUFFER_SIZE, MAX_NUMBER_OF_LOG_FILES, (PCHAR) FILE_LOGGER_LOG_FILE_DIRECTORY_PATH, TRUE) != STATUS_SUCCESS)) { printf("File logging enable option failed with 0x%08x error code\n", retStatus); diff --git a/samples/Samples.h b/samples/Samples.h new file mode 100644 index 000000000..0d1de4357 --- /dev/null +++ b/samples/Samples.h @@ -0,0 +1,28 @@ +/******************************************* +Shared include file for the samples +*******************************************/ +#ifndef __KINESIS_VIDEO_PRODUCER_SAMPLE_INCLUDE__ +#define __KINESIS_VIDEO_PRODUCER_SAMPLE_INCLUDE__ + +#pragma once + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +#define IOT_CORE_CREDENTIAL_ENDPOINT ((PCHAR) "AWS_IOT_CORE_CREDENTIAL_ENDPOINT") +#define IOT_CORE_CERT ((PCHAR) "AWS_IOT_CORE_CERT") +#define IOT_CORE_PRIVATE_KEY ((PCHAR) "AWS_IOT_CORE_PRIVATE_KEY") +#define IOT_CORE_ROLE_ALIAS ((PCHAR) "AWS_IOT_CORE_ROLE_ALIAS") +#define IOT_CORE_THING_NAME ((PCHAR) "AWS_IOT_CORE_THING_NAME") +#define IOT_CORE_CERTIFICATE_ID ((PCHAR) "AWS_IOT_CORE_CERTIFICATE_ID") + +#define FILE_LOGGING_BUFFER_SIZE (100 * 1024) +#define MAX_NUMBER_OF_LOG_FILES 5 + +#ifdef __cplusplus +} +#endif +#endif /* __KINESIS_VIDEO_PRODUCER_SAMPLE_INCLUDE__ */ \ No newline at end of file diff --git a/scripts/generate-iot-credential.sh b/scripts/generate-iot-credential.sh index ae3b3c720..31b9ab0b0 100755 --- a/scripts/generate-iot-credential.sh +++ b/scripts/generate-iot-credential.sh @@ -2,15 +2,17 @@ # You need to setup your aws cli first, because this script is based on aws cli. # You can use this script to setup environment variables in the shell which samples run on. # https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/how-iot.html -thingName="webrtc_iot_thing" -thingTypeName="webrtc_iot_thing_type" -iotPolicyName="webrtc_iot_policy" -kvsPolicyName="webrtc_policy" -iotRoleName="webrtc_iot_role" -iotRoleAlias="webrtc_iot_role_alias" -iotCert="webrtc_iot_certifcate.pem" -iotPublicKey="webrtc_iot_public.key" -iotPrivateKey="webrtc_iot_private.key" + +prefix=$1 +thingName="producerc_thing" +thingTypeName="producerc_thing_type" +iotPolicyName="producerc_policy" +kvsPolicyName="producerc_policy" +iotRoleName="producerc_role" +iotRoleAlias="producerc_role_alias" +iotCert="producerc_certificate.pem" +iotPublicKey="producerc_public.key" +iotPrivateKey="producerc_private.key" # Step 1: Create an IoT Thing Type and an IoT Thing # The following example command creates a thing type $thingTypeName @@ -20,71 +22,82 @@ aws --profile default iot create-thing --thing-name $thingName --thing-type-nam # Step 2: Create an IAM Role to be Assumed by IoT # You can use the following trust policy JSON for the iam-policy-document.json: -echo '{ +cat > iam-policy-document.json < iam-policy-document.json +} +EOF + # Create an IAM role. aws --profile default iam create-role --role-name $iotRoleName --assume-role-policy-document 'file://iam-policy-document.json' > iam-role.json # You can use the following IAM policy JSON for the iam-permission-document.json: -echo '{ +cat > iam-permission-document.json < iam-permission-document.json -# Next, you must attach a permissions policy to the IAM role you created above. -aws --profile default iam put-role-policy --role-name $iotRoleName --policy-name $kvsPolicyName --policy-document 'file://iam-permission-document.json' +} +EOF + +# Next, you must attach a permissions policy to the IAM role you created above. +aws --profile default iam put-role-policy --role-name $iotRoleName --policy-name $kvsPolicyName --policy-document 'file://iam-permission-document.json' # Next, create a Role Alias for your IAM Role aws --profile default iot create-role-alias --role-alias $iotRoleAlias --role-arn $(jq --raw-output '.Role.Arn' iam-role.json) --credential-duration-seconds 3600 > iot-role-alias.json # You can use the following command to create the iot-policy-document.json document JSON: -cat > iot-policy-document.json < iot-policy-document.json << EOF { "Version":"2012-10-17", "Statement":[ { - "Effect":"Allow", - "Action":[ - "iot:Connect" - ], - "Resource":"$(jq --raw-output '.roleAliasArn' iot-role-alias.json)" + "Effect":"Allow", + "Action":[ + "iot:Connect" + ], + "Resource":"*" }, { - "Effect":"Allow", - "Action":[ - "iot:AssumeRoleWithCertificate" - ], - "Resource":"$(jq --raw-output '.roleAliasArn' iot-role-alias.json)" + "Effect":"Allow", + "Action":[ + "iot:AssumeRoleWithCertificate" + ], + "Resource":"$(jq --raw-output '.roleAliasArn' iot-role-alias.json)" } ] } EOF + # Now you can create the policy that will enable IoT to assume role with the certificate (once it is attached) using the role alias. -aws --profile default iot create-policy --policy-name $iotPolicyName --policy-document 'file://iot-policy-document.json' +aws --profile default iot create-policy --policy-name $iotPolicyName --policy-document 'file://iot-policy-document.json' -# Step 3: Create and Configure the X.509 Certificate # Create the certificate to which you must attach the policy for IoT that you created above. aws --profile default iot create-keys-and-certificate --set-as-active --certificate-pem-outfile $iotCert --public-key-outfile $iotPublicKey --private-key-outfile $iotPrivateKey > certificate # Attach the policy for IoT (KvsCameraIoTPolicy created above) to this certificate. @@ -94,14 +107,10 @@ aws --profile default iot attach-thing-principal --thing-name $thingName --prin # In order to authorize requests through the IoT credentials provider, you need the IoT credentials endpoint which is unique to your AWS account ID. You can use the following command to get the IoT credentials endpoint. aws --profile default iot describe-endpoint --endpoint-type iot:CredentialProvider --output text > iot-credential-provider.txt # In addition to the X.509 cerficiate created above, you must also have a CA certificate to establish trust with the back-end service through TLS. You can get the CA certificate using the following command: -curl --silent 'https://www.amazontrust.com/repository/SFSRootCAG2.pem' --output cacert.pem - +curl 'https://www.amazontrust.com/repository/SFSRootCAG2.pem' --output cacert.pem export AWS_IOT_CORE_CREDENTIAL_ENDPOINT=$(cat iot-credential-provider.txt) export AWS_IOT_CORE_CERT=$(pwd)"/"$iotCert export AWS_IOT_CORE_PRIVATE_KEY=$(pwd)"/"$iotPrivateKey export AWS_IOT_CORE_ROLE_ALIAS=$iotRoleAlias -export AWS_IOT_CORE_THING_NAME=$thingName - - - +export AWS_IOT_CORE_THING_NAME=$thingName \ No newline at end of file diff --git a/tst/.CallbacksProviderPublicApiTest.cpp.swp b/tst/.CallbacksProviderPublicApiTest.cpp.swp deleted file mode 100644 index 591e9f4b6b75883ede3cbcca4ca936e04ebe822e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 16384 zcmeI2Z)_7~9LFCKMPw6#yfB*JF_PH{ZMW&dq)I&6>vmAudcAIgy|`U(x9nWkHoYqt zCK`yZOdyW<#xPBEzT%D1WUrJL2GDo%N)tlV@KQnMpZF)D;PHhuNu$uSl zMp2c=b$_9lA1*0s(XRvz-3W%|Y&Ih+V|ucfHwzY%rA$^+*n%dix)D$ch3dZOf7Adq z;5E=pp6cvqH&ZvaY+@c>pY|4@->Cs=fEu6%r~zt#8lVQK0czkbHeeK1kymkiE9_&; z+n@J%KCj!`n4Ru~+D^G^cK(o^f5B7#Z#&;i=cu@3ZTj^yFW)^ZV`mm3D`n z`uE!D8|}|QPrjW@Kd1p}fEu6%r~zt#8lVQK0cwC6pa!UcWobYjCS*O1{ChKy#`}LK zKL2(tA>V-GU=r*CJs=8xc!-co;0!noh5!pTfnS>m`3lT{H$fKc1HIr0&h#E`Sff8z2wjpcQNYE5Mc2=o^>73zXd!F%8^7y{j(6>I>%+)v2Q;9YP8WIz&hfOTN@K0-bR zGhiAV0f#{VtOc_x3Hbti0#1N~KmgB!0B8nH;A2c?Oo5ldAb1u$308xPnAbQ5PJtLD5+yz%N?c#W0cPuVYO&z zBbtJeKH}<7YayJ~)LgY@TU*Fgz}%C&kF_bjWVn|V+L#CzWz#WHV*68)!1eHnxVvWM z=*3<>-Xq1?J)FBhZPQkjFe^3kMTOs#@XCnP^H*m?ZpS%p?jy?bF)nhKo#hRsH#q6% z8IwjoljV6?S*-9%{jy$x?_)(y+Rg2~!4-U-!J+c&-xC*biC=(x&p_4OUaNz1>+Y!L zKK|32XhlN3Yr0k7_6V=^<&HV`tsbRQoFK71ob!C;Jfe9rrDP%{M)?8vL&}mp?NsFa zj|M8j3wRPu2zw>S!(a1xRN@37A<&z&>$$lyxJz)^s{pArmd`QIF>G4wmBMT+wv!F-PD$ak zAYlGL>f?kI-V(XrI5m7FWrdrIn!>SKs6PX?&>0^0@s?+aY9cpqK_MkJ2{`_LB> u6}znZ7G;{*!gPengH`RQH7i;Z*x%qipm$pHjv0t0n%DJ+woKoorhfqbrd)ae