###  Connect your PC to the ESP32 via a serial connection 

In [5]:
%rebootdevice

repl is in normal command mode
[\r\x03\x03] b'\r\nMicroPython v1.11-571-g7e374d231 on 2019-11-15; ESP32 module with ESP32\r\nType "help()" for more information.\r\n>>> \r\n>>> \r\nMPY: soft reboot\r\nMicroPython v1.11-571-g7e374d231 on 2019-11-15; ESP32 module with ESP32\r\nType "help()" for more information.\r\n>>> \r\n>>> \r\n>>> '
[\r\x01] b'\r\n>>> \r\nraw REPL; CTRL-B to exit\r\n>'

In [1]:
%serialconnect -p COM3

[34mConnecting to --port=COM3 --baud=115200 [0m
MicroPython v1.11-571-g7e374d231 on 2019-11-15; ESP32 module with ESP32
Type "help()" for more information.
>>>[reboot detected 0]repl is in normal command mode
[\r\x03\x03] b'\r\n>>> '
[\r\x01] b'\r\n>>> \r\nraw REPL; CTRL-B to exit\r\n>' [34mReady.
[0m

In [7]:
%disconnect

[34mattempt to exit paste mode
[0m[34m[\r\x03\x02] [0mb''[34m
Closing serial Serial<id=0x1e8d14fb208, open=True>(port='COM3', baudrate=115200, bytesize=8, parity='N', stopbits=1, timeout=0.5, xonxoff=False, rtscts=False, dsrdtr=False)
[0m

### A couple of sanity checks - check firmware version and list of installed modules. 

In [2]:
import os 
print(os.uname())

(sysname='esp32', nodename='esp32', release='1.11.0', version='v1.11-571-g7e374d231 on 2019-11-10', machine='ESP32 module with ESP32')


In [2]:
help('modules')



__main__          btree             logging           umqtt/simple
_boot             builtins          machine           uos
_onewire          cmath             math              upip
_thread           cryptoauthlib/__init__              micropython       upip_utarfile
_webrepl          cryptoauthlib/basic                 neopixel          urandom
apa106            cryptoauthlib/constant              network           ure
ateccX08a/__init__                  cryptoauthlib/device                ntptime           uselect
ateccX08a/tests_info                cryptoauthlib/exceptions            onewire           usocket
ateccX08a/tests_lock                cryptoauthlib/host                  sys               ussl
ateccX08a/tests_nonce               cryptoauthlib/packet                uarray            ustruct
ateccX08a/tests_random              cryptoauthlib/status                ubinascii         utime
ateccX08a/tests_read                cryptoauthlib/util                  ucollections     

### 'ampy' or 'upip' to move files/scripts onto the ESP32

In [11]:
!ampy --help

Usage: ampy [OPTIONS] COMMAND [ARGS]...

  ampy - Adafruit MicroPython Tool

  Ampy is a tool to control MicroPython boards over a serial connection.
  Using ampy you can manipulate files on the board's internal filesystem and
  even run scripts.

Options:
  -p, --port PORT    Name of serial port for connected board.  Can optionally
                     specify with AMPY_PORT environment variable.  [required]
  -b, --baud BAUD    Baud rate for the serial connection (default 115200).
                     Can optionally specify with AMPY_BAUD environment
                     variable.
  -d, --delay DELAY  Delay in seconds before entering RAW MODE (default 0).
                     Can optionally specify with AMPY_DELAY environment
                     variable.
  --version          Show the version and exit.
  --help             Show this message and exit.

Commands:
  get    Retrieve a file from the board.
  ls     List contents of a directory on the board.
  mkdir  Create a directory on

In [2]:
!ampy -p COM3 ls -l lib

/lib/config.py - 1140 bytes
/lib/create_token.py - 2848 bytes
/lib/gcpIoTCore_mqtt.py - 1477 bytes
/lib/wifi.py - 570 bytes


In [6]:
!ampy -p COM3 get lib/config.py

# Copyright 2019 Google Inc.

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#         http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

#

# Configuration File

device_config = {

  'led_pin': 2

}



google_cloud_config = {

    'project_id':'stoked-axle-258910',

    'cloud_region':'asia-east1',

    'registry_id':'secure_device_auth',

    'device_id':'esp32_w_atecc608a',

    'mqtt_bridge_hostname':'mqtt.googleapis.com',

    'mqtt_bridge_port':8883

}



jwt_config = {

    'algorithm':'ES256',

    'token_ttl': 43200, #12 hours

   

In [13]:
!ampy -p COM3 mkdir lib

In [1]:
!ampy -p COM3 put C:\Users\Nil\devspace\gcp-iot-core\gcpIoTCore_mqtt.py lib/gcpIoTCore_mqtt.py

In [20]:
import upip

upip.install("micropython-base64")

Installing to: /lib/
mbedtls_ssl_handshake error: -4290
Error installing 'micropython-base64': [Errno 5] EIO, packages may be partially installed


### i2c interface code snippets: test the "i2c interface" between the ESP32 and ATECC608A, a couple of memory checks

In [2]:
import micropython
import gc

gc.collect()
#print(gc.mem_free())
print(micropython.mem_info())

stack: 720 out of 15360
GC: total: 119040, used: 4624, free: 114416
 No. of 1-blocks: 7, 2-blocks: 2, max blk sz: 264, max free sz: 7129
None


In [3]:
import machine

i2c = machine.I2C(scl=machine.Pin(22), sda=machine.Pin(21), freq=133000)
print('Scan i2c bus...')

addresses = i2c.scan()

if len(addresses) == 0:
  print("No i2c device !")
else:
  print('i2c devices found:',len(addresses))

  for device in addresses:  
    print("Decimal address: ",device," | Hexa address: ",hex(device))

Scan i2c bus...
i2c devices found: 1
Decimal address:  96  | Hexa address:  0x60


### ucryptoauthlib set-up and pubkey formatting for GCP upload

In [3]:
from cryptoauthlib.device import ATECCX08A

device = ATECCX08A()
print(device)

b'0730000000035d'
<ATECC608A address=0x60 retries=20>


In [8]:
from ubinascii import hexlify

packets = device.atcab_read_config_zone()

config = b''.join([bytes(packet.response_data[1:-2])

                    for packet in packets])

print("atcab_read_config_zone, %d, %s", len(config), hexlify(config))

b'070280000009ad'
b'07028008000a4d'
b'07028010000a1d'
b'070280180009fd'
atcab_read_config_zone, %d, %s 128 b'012310ba0000600268e82c53ee013500c000a100af2fc4448720c4f48f0f0f0f9f8f8364c444c4640f0f0f0f0f0f0f0f0f0f0f0fffffffff00000000ffffffff00000000ff8403bc09697600000000000000000000000000ffff0e400000000033001c0013001c003c003e001c0033003c003c003c003c003c003c003c001c00'


In [3]:
import ubinascii

public_key = bytearray(64)
public_key = device.atcab_get_pubkey(2)
print(ubinascii.hexlify(public_key.response_data[1:-2]))

# Convert to the key to PEM format
public_key_pem = ubinascii.unhexlify('3059301306072A8648CE3D020106082A8648CE3D03010703420004') + public_key.response_data[1:-2]
public_key_pem = '-----BEGIN PUBLIC KEY-----\n' + ubinascii.b2a_base64(public_key_pem).decode('ascii') + '\n-----END PUBLIC KEY-----'

print(public_key_pem)

b'07400002000685'
b'390ecbd69cca62bba25848e40257085faf158b19c0a03af5d3be753c14c267fd8eb8a086330f7b9dd769f7ea1e55886b407ad4410d7d5152c70a7df6ed971cff'
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEOQ7L1pzKYruiWEjkAlcIX68VixnAoDr10751PBTCZ/2OuKCGMw97nddp9+oeVYhrQHrUQQ19UVLHCn327Zcc/w==

-----END PUBLIC KEY-----


### Ex: Implement 'secure device authentication' for an esp32 running micropython connected to an atecc608a.

In [4]:
import wifi

wifi.connect()

Connecting...
Connection successful


In [6]:
import machine
from machine import Pin
import esp32, utime
import gcpIoTCore_mqtt
import create_token
import config
import ujson

led_pin = machine.Pin(config.device_config['led_pin'], Pin.OUT) #built-in LED pin
led_pin.value(0)

create_token.set_time()
jwt = create_token.create_token(config.google_cloud_config['project_id'], 
                                config.jwt_config['token_ttl'],
                                device,
                                config.atecc608a_dzone_slot['slot'])
client = gcpIoTCore_mqtt.get_mqtt_client(jwt)

for _ in range(20):
    message = {
        "device_id": config.google_cloud_config['device_id'],
        "temp": esp32.raw_temperature()
    }
    print("publishing message " + str(ujson.dumps(message)))
    led_pin.value(1)
    mqtt_topic ='/devices/{}/{}'.format(config.google_cloud_config['device_id'], 'events')
    client.publish(mqtt_topic.encode('utf-8'), ujson.dumps(message).encode('utf-8'))

    #client.check_msg() # Check for new messages on subscription
    utime.sleep(2)  # Delay for 2 seconds
    led_pin.value(0)
    utime.sleep(2)

current time: (2019, 11, 16, 10, 25, 13, 5, 320)
b'07470000002e85'
b'474701400065794a30655841694f694a4b563151694c434a68624763694f694a46557a49314e694a392e65794a6c654841694f6941784e54637a4f54517a4d54457a4c4341ede9'
b'4647023f00695958566b496a6f67496e4e306232746c5a4331686547786c4c5449314f446b784d43497349434a70595851694f6941784e54637a4f446b354f54457a665109d1'
b'2716430000ae22fc2991ba3b0c8b4dadc4eb2fa68915f809f265237abbe8e6c4a1de614f69c631'
b'0741a002007d05'
b'07400002000685'
b'2716430000ae22fc2991ba3b0c8b4dadc4eb2fa68915f809f265237abbe8e6c4a1de614f69c631'
b'8745220400a1107ea752967147fc06ab90b8b2256de7f1863fc247cafc5a64b87233a70d02666b4eb5e4907347e3ea4cd4f4a68985477504743f7de998d34bb484ef285311390ecbd69cca62bba25848e40257085faf158b19c0a03af5d3be753c14c267fd8eb8a086330f7b9dd769f7ea1e55886b407ad4410d7d5152c70a7df6ed971cffd235'
Sending message with password eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJleHAiOiAxNTczOTQzMTEzLCAiYXVkIjogInN0b2tlZC1heGxlLTI1ODkxMCIsICJpYXQiOiAxNTczODk5OTEzfQ.oRB-p1KWcUf