Examples with DTLSConnector org.eclipse.californium.scandium.DTLSConnector used on opensource projects

Example 1 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project smarthome by eclipse.

the class TradfriGatewayHandler method obtainIdentityAndPreSharedKey.

/**
 * Authenticates against the gateway with the security code in order to receive a pre-shared key for a newly
 * generated identity.
 * As this requires a remote request, this method might be long-running.
 *
 * @return true, if credentials were successfully obtained, false otherwise
 */
protected boolean obtainIdentityAndPreSharedKey() {
    TradfriGatewayConfig configuration = getConfigAs(TradfriGatewayConfig.class);
    String identity = UUID.randomUUID().toString().replace("-", "");
    String preSharedKey = null;
    CoapResponse gatewayResponse;
    String authUrl = null;
    String responseText = null;
    try {
        DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder(new InetSocketAddress(0));
        builder.setPskStore(new StaticPskStore("Client_identity", configuration.code.getBytes()));
        DTLSConnector dtlsConnector = new DTLSConnector(builder.build());
        CoapEndpoint authEndpoint = new CoapEndpoint(dtlsConnector, NetworkConfig.getStandard());
        authUrl = "coaps://" + configuration.host + ":" + configuration.port + "/15011/9063";
        CoapClient deviceClient = new CoapClient(new URI(authUrl));
        deviceClient.setTimeout(TimeUnit.SECONDS.toMillis(10));
        deviceClient.setEndpoint(authEndpoint);
        JsonObject json = new JsonObject();
        json.addProperty(CLIENT_IDENTITY_PROPOSED, identity);
        gatewayResponse = deviceClient.post(json.toString(), 0);
        authEndpoint.destroy();
        deviceClient.shutdown();
        if (gatewayResponse == null) {
            // seems we ran in a timeout, which potentially also happens
            updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, "No response from gateway. Might be due to an invalid security code.");
            return false;
        }
        if (gatewayResponse.isSuccess()) {
            responseText = gatewayResponse.getResponseText();
            json = new JsonParser().parse(responseText).getAsJsonObject();
            preSharedKey = json.get(NEW_PSK_BY_GW).getAsString();
            if (isNullOrEmpty(preSharedKey)) {
                logger.error("Received pre-shared key is empty for thing {} on gateway at {}", getThing().getUID(), configuration.host);
                updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, "Pre-shared key was not obtain successfully");
                return false;
            } else {
                logger.info("Received pre-shared key for gateway '{}'", configuration.host);
                logger.debug("Using identity '{}' with pre-shared key '{}'.", identity, preSharedKey);
                Configuration editedConfig = editConfiguration();
                editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_CODE, null);
                editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_IDENTITY, identity);
                editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_PRE_SHARED_KEY, preSharedKey);
                updateConfiguration(editedConfig);
                return true;
            }
        } else {
            logger.warn("Failed obtaining pre-shared key for identity '{}' (response code '{}', response text '{}')", identity, gatewayResponse.getCode(), isNullOrEmpty(gatewayResponse.getResponseText()) ? "<empty>" : gatewayResponse.getResponseText());
            updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, String.format("Failed obtaining pre-shared key with status code '%s'", gatewayResponse.getCode()));
        }
    } catch (URISyntaxException e) {
        logger.error("Illegal gateway URI '{}'", authUrl, e);
        updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, e.getMessage());
    } catch (JsonParseException e) {
        logger.warn("Invalid response recieved from gateway '{}'", responseText, e);
        updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, String.format("Invalid response recieved from gateway '%s'", responseText));
    }
    return false;
}

Example 2 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project smarthome by eclipse.

the class TradfriGatewayHandler method establishConnection.

private void establishConnection() {
    TradfriGatewayConfig configuration = getConfigAs(TradfriGatewayConfig.class);
    this.gatewayURI = "coaps://" + configuration.host + ":" + configuration.port + "/" + DEVICES;
    this.gatewayInfoURI = "coaps://" + configuration.host + ":" + configuration.port + "/" + GATEWAY + "/" + GATEWAY_DETAILS;
    try {
        URI uri = new URI(gatewayURI);
        deviceClient = new TradfriCoapClient(uri);
    } catch (URISyntaxException e) {
        logger.error("Illegal gateway URI '{}': {}", gatewayURI, e.getMessage());
        updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, e.getMessage());
        return;
    }
    DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder(new InetSocketAddress(0));
    builder.setPskStore(new StaticPskStore(configuration.identity, configuration.preSharedKey.getBytes()));
    dtlsConnector = new DTLSConnector(builder.build());
    endPoint = new TradfriCoapEndpoint(dtlsConnector, NetworkConfig.getStandard());
    deviceClient.setEndpoint(endPoint);
    updateStatus(ThingStatus.UNKNOWN);
    // schedule a new scan every minute
    scanJob = scheduler.scheduleWithFixedDelay(this::startScan, 0, 1, TimeUnit.MINUTES);
}

Example 3 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project hono by eclipse.

the class CoapTestBase method getCoapsClient.

/**
 * Creates the client to use for uploading data to the secure endpoint
 * of the CoAP adapter.
 *
 * @param dtlsConnectorConfig The configuration of the DTLS connector to use for connecting
 *                            to the adapter.
 * @return The client.
 */
protected CoapClient getCoapsClient(final DtlsConnectorConfig.Builder dtlsConnectorConfig) {
    // listen on wildcard to support non-localhost docker daemons
    dtlsConnectorConfig.setAddress(new InetSocketAddress(0));
    dtlsConnectorConfig.setMaxRetransmissions(1);
    final CoapEndpoint.Builder builder = new CoapEndpoint.Builder();
    builder.setNetworkConfig(NetworkConfig.createStandardWithoutFile());
    builder.setConnector(new DTLSConnector(dtlsConnectorConfig.build()));
    return new CoapClient().setEndpoint(builder.build());
}

Example 4 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.

the class LeshanClientBuilder method build.

/**
 * Creates an instance of {@link LeshanClient} based on the properties set on this builder.
 */
public LeshanClient build() {
    if (localAddress == null) {
        localAddress = new InetSocketAddress(0);
    }
    if (objectEnablers == null) {
        ObjectsInitializer initializer = new ObjectsInitializer();
        initializer.setInstancesForObject(LwM2mId.SECURITY, Security.noSec("coap://leshan.eclipse.org:5683", 12345));
        initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, 5 * 60, BindingMode.U, false));
        initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", "model12345", "12345", "U"));
        objectEnablers = initializer.createMandatory();
    }
    if (coapConfig == null) {
        coapConfig = createDefaultNetworkConfig();
    }
    // handle dtlsConfig
    DtlsConnectorConfig dtlsConfig = null;
    if (dtlsConfigBuilder == null) {
        dtlsConfigBuilder = new DtlsConnectorConfig.Builder();
    }
    DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
    // Handle PSK Store
    LwM2mObjectEnabler securityEnabler = this.objectEnablers.get(LwM2mId.SECURITY);
    if (securityEnabler == null) {
        throw new IllegalArgumentException("Security object is mandatory");
    }
    if (incompleteConfig.getPskStore() == null) {
        dtlsConfigBuilder.setPskStore(new SecurityObjectPskStore(securityEnabler));
    } else {
        LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
    }
    // Handle secure address
    if (incompleteConfig.getAddress() == null) {
        if (localSecureAddress == null) {
            localSecureAddress = new InetSocketAddress(0);
        }
        dtlsConfigBuilder.setAddress(localSecureAddress);
    } else if (localSecureAddress != null && !localSecureAddress.equals(incompleteConfig.getAddress())) {
        throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", localSecureAddress, incompleteConfig.getAddress()));
    }
    // Handle active peers
    if (incompleteConfig.getMaxConnections() == null)
        dtlsConfigBuilder.setMaxConnections(coapConfig.getInt(Keys.MAX_ACTIVE_PEERS));
    if (incompleteConfig.getStaleConnectionThreshold() == null)
        dtlsConfigBuilder.setStaleConnectionThreshold(coapConfig.getLong(Keys.MAX_PEER_INACTIVITY_PERIOD));
    // Use only 1 thread to handle DTLS connection by default
    if (incompleteConfig.getConnectionThreadCount() == null) {
        dtlsConfigBuilder.setConnectionThreadCount(1);
    }
    dtlsConfig = dtlsConfigBuilder.build();
    // create endpoints
    CoapEndpoint unsecuredEndpoint = null;
    if (!noUnsecuredEndpoint) {
        if (endpointFactory != null) {
            unsecuredEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, null);
        } else {
            CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
            builder.setInetSocketAddress(localAddress);
            builder.setNetworkConfig(coapConfig);
            unsecuredEndpoint = builder.build();
        }
    }
    CoapEndpoint securedEndpoint = null;
    if (!noSecuredEndpoint) {
        if (endpointFactory != null) {
            securedEndpoint = endpointFactory.createSecuredEndpoint(dtlsConfig, coapConfig, null);
        } else {
            CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
            builder.setConnector(new DTLSConnector(dtlsConfig));
            builder.setNetworkConfig(coapConfig);
            securedEndpoint = builder.build();
        }
    }
    if (securedEndpoint == null && unsecuredEndpoint == null) {
        throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
    }
    return new LeshanClient(endpoint, unsecuredEndpoint, securedEndpoint, objectEnablers, coapConfig, additionalAttributes);
}

Example 5 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.

the class LeshanBootstrapServerBuilder method build.

public LeshanBootstrapServer build() {
    if (localAddress == null)
        localAddress = new InetSocketAddress(LwM2m.DEFAULT_COAP_PORT);
    // TODO we should have default implementation for BootstrapStore in leshan.server project.
    if (configStore == null)
        throw new IllegalStateException("BootstrapStore is mandatory");
    if (sessionManager == null)
        sessionManager = new DefaultBootstrapSessionManager(securityStore);
    if (model == null)
        model = new LwM2mModel(ObjectLoader.loadDefault());
    if (coapConfig == null) {
        coapConfig = createDefaultNetworkConfig();
    }
    // handle dtlsConfig
    DtlsConnectorConfig dtlsConfig = null;
    if (!noSecuredEndpoint) {
        if (dtlsConfigBuilder == null) {
            dtlsConfigBuilder = new DtlsConnectorConfig.Builder();
        }
        DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
        // Handle PSK Store
        if (incompleteConfig.getPskStore() == null && securityStore != null) {
            dtlsConfigBuilder.setPskStore(new LwM2mBootstrapPskStore(securityStore));
        } else {
            LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
        }
        // Handle secure address
        if (incompleteConfig.getAddress() == null) {
            if (localAddressSecure == null) {
                localAddressSecure = new InetSocketAddress(0);
            }
            dtlsConfigBuilder.setAddress(localAddressSecure);
        } else if (localAddressSecure != null && !localAddressSecure.equals(incompleteConfig.getAddress())) {
            throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", localAddressSecure, incompleteConfig.getAddress()));
        }
        // Handle active peers
        if (incompleteConfig.getMaxConnections() == null)
            dtlsConfigBuilder.setMaxConnections(coapConfig.getInt(Keys.MAX_ACTIVE_PEERS));
        if (incompleteConfig.getStaleConnectionThreshold() == null)
            dtlsConfigBuilder.setStaleConnectionThreshold(coapConfig.getLong(Keys.MAX_PEER_INACTIVITY_PERIOD));
        // we try to build the dtlsConfig, if it fail we will just not create the secured endpoint
        try {
            dtlsConfig = dtlsConfigBuilder.build();
        } catch (IllegalStateException e) {
        }
    }
    CoapEndpoint unsecuredEndpoint = null;
    if (!noUnsecuredEndpoint) {
        if (endpointFactory != null) {
            unsecuredEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, null);
        } else {
            CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
            builder.setInetSocketAddress(localAddress);
            builder.setNetworkConfig(coapConfig);
            unsecuredEndpoint = builder.build();
        }
    }
    CoapEndpoint securedEndpoint = null;
    if (!noSecuredEndpoint && dtlsConfig != null) {
        if (endpointFactory != null) {
            securedEndpoint = endpointFactory.createSecuredEndpoint(dtlsConfig, coapConfig, null);
        } else {
            CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
            builder.setConnector(new DTLSConnector(dtlsConfig));
            builder.setNetworkConfig(coapConfig);
            builder.setEndpointContextMatcher(new Lwm2mEndpointContextMatcher());
            securedEndpoint = builder.build();
        }
    }
    if (securedEndpoint == null && unsecuredEndpoint == null) {
        throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
    }
    return new LeshanBootstrapServer(unsecuredEndpoint, securedEndpoint, configStore, securityStore, sessionManager, model, coapConfig);
}