@startuml
autonumber
box "Demo" #LightGreen
participant "Demo" as demo
endbox
participant "Fleet Provisioning\nLibrary" as library
participant "tinyCBOR" as cbor
box "MQTT Client" #LightPink
participant "corePKCS11\nLibrary" as pkcs11
participant "coreMQTT\nLibrary" as mqtt
endbox
box "AWS" #LightBlue
participant "AWS IoT" as aws
endbox
== Establish MQTT over TLS connection with Claim Credentials ==
demo->pkcs11: Import "Claim Credentials" to device.
demo->mqtt: Establish MQTT connection
mqtt->aws: MQTT CONNECT
aws->mqtt: CONNACK
== Generate new key-pair and\n Certificate Signing Request (CSR) ==
demo->pkcs11: Generate new-key pair and CSR
pkcs11->demo
== Request AWS IoT Core for new certificate from CSR ==
demo->mqtt: Subscribe to CreateCertitificateFromCsr response topics
mqtt->aws: Subscribe request for\nCreateCertitificateFromCsr\nreponse topics
aws->mqtt: SUBACK
demo->cbor: Serialize CSR request
cbor->demo
demo->mqtt: Publish to CreateCertitificateFromCsr request topic
mqtt->aws: Publish operation
aws->mqtt: PUBACK
aws->aws: Create Certificate\nfor CSR
aws->mqtt: Publish created certificate on\nCreateCertitificateFromCsr\nresponse topic
mqtt->demo
demo->cbor: De-serializer service response
cbor->demo
demo->pkcs11: Store provisioned certificate
demo->mqtt: Unsubcribe from CreateCertitificateFromCsr response topics
mqtt->aws: Unsubscibe request
aws->mqtt: UNSUBACK
== Request AWS IoT Core to Register Thing ==
demo->mqtt: Subscribe to RegisterThing response topics
mqtt->aws: Subscribe request
aws->mqtt: SUBACK
demo->cbor: Serialize RegisterThing request
cbor->demo
demo->mqtt: Publish to RegisterThing request topic
mqtt->aws: Publish operation
aws->mqtt: PUBACK
aws->aws: Register IoT Thing with\nprovisioned certificate
aws->mqtt: Publish on RegiserThing accepted topic
mqtt->demo
demo->mqtt: Unsubcribe from RegisterThing response topics
mqtt->aws: Unsubscibe request
aws->mqtt: UNSUBACK
demo->mqtt: Disconnect from IoT Core
mqtt->aws: Disconnect
== Establish new MQTT connection with provisioned certificate ==
demo->mqtt: Re-establish MQTT connection\nwith provisioned cert
mqtt->aws: MQTT CONNECT
aws->mqtt: CONNACK
@enduml