Brillo: 使用curl进行初步调试 (device pairing)

设备具有wifi AP的功能, 手机可以通过wifi进行连接和控制

设备是具有web server(webservd)的功能,提供http(80)和https(443)服务

手机连接设备后使用http连接, 可以访问如下连接:(external/libweave/src/privet/privet_handler.cc@brillo-m8-dev):

  1. /privet/info (scope: kNone)
  2. /privet/v3/pairing/start (scope: kNone)
  3. /privet/v3/pairing/confirm (scope: kNone)
  4. /privet/v3/pairing/cancel (scope: kNone)

如果使用https连接,还可以访问如下连接:

  1. /privet/v3/auth (scope: kNone)
  2. /privet/v3/setup/start (scope: kOwner)
  3. /privet/v3/setup/status (scope: kOwner)
  4. /privet/v3/state (scope: kViewer)
  5. /privet/v3/commandDefs (scope: kViewer)
  6. /privet/v3/commands/execute (scope: kViewer)
  7. /privet/v3/commands/status (scope: kViewer)
  8. /privet/v3/commands/cancel (scope: kViewer)
  9. /privet/v3/commands/list (scope: kViewer)
  10. /privet/v3/commands/checkForUpdates (scope: kViewer)
  11. /privet/v3/traits (scope: kViewer)
  12. /privet/v3/components (scope: kViewer)

准备工作(下载,编译代码,运行模似器):

$ brilloemulator-x86 -m 256

forward设备的80和443端口(实际上只需要443端口):

$ adb forward tcp:8000 tcp:80
$ adb forward tcp:8001 tcp:443

查看设备的基本信息:

$ curl -H "Authorization: Privet anonymous" https://localhost:8001/privet/info

可以知道服务器使用的是自签名证书, 使用 -k 参数关闭证书验证

$ curl -H "Authorization: Privet anonymous" -k https://localhost:8001/privet/info

可以得到包含authentication, basicModelManifest, description, endpoints, gcd, id, modelManifestId, name, services, uptime, version, wifi

关于anonymous, 是一个特珠的scope (kNone), weave定义了四种类型的scope: kNone(0), kViewer(1), kUser(2), kOwer(3), 具备的权限也是逐渐增大(external/libweave/include/weave/settings.h)

paring start:

$ curl -H "Authorization: Privet anonymous" -H "Content-Type: application/json" -X POST --data '{ "pairing": "embeddedCode", "crypto": "p224_spake2" }' -k https://localhost:8001/privet/v3/pairing/start

可以得到sessionId和deviceCommitment (clientCommitment)

Screen Shot 2015-12-11 at 10.33.05 PM

pairing confirm(传入由paring start得到的sessionId和deviceCommitment):

$ curl -H "Authorization: Privet anonymous" -H "Content-Type: application/json" -X POST --data '{ "sessionId": "0588E45C-C759-4F2A-8F15-0D34EA212D10", "clientCommitment": "m9wluyfSJP4AoX1JOH+bUMJJOEErF1i5yveHZbGPhnfef04JpvWMuL9Tckk8gHPVpm7D9t/kVw4=" }' -k https://localhost:8001/privet/v3/pairing/confirm

就可以得到certFingerprint和certSignature

Screen Shot 2015-12-11 at 10.34.10 PM

评论

Be the First to Comment!

提醒我
avatar

wpDiscuz