- Newest
- Most votes
- Most comments
Hi. I hadn't tried to use custom code signing before, but I am able to pass the (once) base 64 encoded string MEQCIA3uHwnTTetoarFqfVdc7JqSnoYobjVd6WkiC9vCxQpEAiAkxRsrHlahDmSCJPlOxiiz4EXYhfeeHnQ4IPWBAA8fwA==
to any of the console, CLI or boto3 SDK. All 3 methods create a job with the same job document, containing:
"sig-sha256-ecdsa": "MEQCIA3uHwnTTetoarFqfVdc7JqSnoYobjVd6WkiC9vCxQpEAiAkxRsrHlahDmSCJPlOxiiz4EXYhfeeHnQ4IPWBAA8fwA=="
If I get the OTA job (aws iot get-ota-update
) the inline document returned is the twice encoded string:
"signature": {
"inlineDocument": "TUVRQ0lBM3VId25UVGV0b2FyRnFmVmRjN0pxU25vWW9ialZkNldraUM5dkN4UXBFQWlBa3hSc3JIbGFoRG1TQ0pQbE94aWl6NEVYWWhmZWVIblE0SVBXQkFBOGZ3QT09"
},
I don't know why that's reencoded. Regardless, I don't see a problem nor any difference between the console, CLI or SDK behaviour.
I'm wondering if you have a problem with the file encoding: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters-file.html . Also what version of the CLI are you using? This is mine:
aws-cli/2.6.1 Python/3.9.11 Linux/5.15.0-41-generic exe/x86_64.ubuntu.20 prompt/off
Could you perhaps try boto3 to see if that works for you? The boto3 script would be similar to:
import boto3
iot = boto3.client('iot')
response = iot.create_ota_update(
otaUpdateId = 'repost-1',
targets = ['arn:aws:iot:us-east-1:012345678901:thing/myThing'],
files = [
{
'fileName': '/path/to/update.bin',
'fileLocation': {
's3Location': {
'bucket': 'bucketName',
'key': 'fileName'
}
},
'codeSigning': {
'customCodeSigning': {
'signature': {
'inlineDocument': 'MEQCIA3uHwnTTetoarFqfVdc7JqSnoYobjVd6WkiC9vCxQpEAiAkxRsrHlahDmSCJPlOxiiz4EXYhfeeHnQ4IPWBAA8fwA=='
},
'hashAlgorithm': 'SHA256',
'signatureAlgorithm': 'ECDSA',
'certificateChain': {
'certificateName': '/path/to/fw_signing_public_key.pem'
}
}
}
}
],
roleArn = 'arn:aws:iam::012345678901:role/afr-ota-update'
)
Relevant content
- Accepted Answerasked 7 months ago
- Accepted Answerasked 8 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 22 days ago
- AWS OFFICIALUpdated 3 years ago