Example 6 with DTLSConnector
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecurityTest method dont_sent_request_if_identity_change.
@Test
public void dont_sent_request_if_identity_change() throws NonUniqueSecurityInfoException, InterruptedException, IOException {
// Create PSK server & start it
// default server support PSK
helper.createServer();
helper.server.start();
// Create PSK Client
helper.createPSKClient();
// Add client credentials to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
// Check client is not registered
helper.assertClientNotRegisterered();
// Start it and wait for registration
helper.client.start();
helper.waitForRegistration(1);
// Check client is well registered
helper.assertClientRegisterered();
// Ensure we can send a read request
helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1));
// Pause the client
// helper.client.stop(false);
// Add new credential to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, "anotherPSK", GOOD_PSK_KEY));
// Get connector
Endpoint endpoint = helper.client.getCoapServer().getEndpoint(helper.client.getSecuredAddress());
DTLSConnector connector = (DTLSConnector) ((CoapEndpoint) endpoint).getConnector();
// Clear DTLS session to force new handshake
connector.clearConnectionState();
// Change PSK idea
helper.setNewPsk(helper.client, "anotherPSK");
// restart connector
connector.start();
// send and empty message to force a new handshake with new credentials
SimpleMessageCallback callback = new SimpleMessageCallback();
connector.send(RawData.outbound(new byte[0], new AddressEndpointContext(helper.server.getSecuredAddress()), callback, false));
// Wait until new handshake DTLS is done
EndpointContext endpointContext = callback.getEndpointContext(1000);
assertEquals(endpointContext.getPeerIdentity().getName(), "anotherPSK");
// Try to send a read request this should failed with an SendFailedException.
try {
helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1), 1000);
fail("send must failed");
} catch (SendFailedException e) {
assertTrue("must be caused by an EndpointMismatchException", e.getCause() instanceof EndpointMismatchException);
} finally {
connector.stop();
helper.client.destroy(false);
helper.client = null;
}
}
Also used :
SendFailedException(org.eclipse.leshan.core.request.exception.SendFailedException)
EndpointMismatchException(org.eclipse.californium.elements.EndpointMismatchException)
CoapEndpoint(org.eclipse.californium.core.network.CoapEndpoint)
Endpoint(org.eclipse.californium.core.network.Endpoint)
AddressEndpointContext(org.eclipse.californium.elements.AddressEndpointContext)
EndpointContext(org.eclipse.californium.elements.EndpointContext)
AddressEndpointContext(org.eclipse.californium.elements.AddressEndpointContext)
SimpleMessageCallback(org.eclipse.californium.elements.util.SimpleMessageCallback)
DTLSConnector(org.eclipse.californium.scandium.DTLSConnector)
ReadRequest(org.eclipse.leshan.core.request.ReadRequest)
Test(org.junit.Test)
Example 7 with DTLSConnector
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecureIntegrationTestHelper method createX509CertClient.
// TODO implement X509 support for client
public void createX509CertClient(PrivateKey privatekey, Certificate[] trustedCertificates) {
ObjectsInitializer initializer = new ObjectsInitializer();
// TODO security instance with certificate info
initializer.setInstancesForObject(LwM2mId.SECURITY, Security.noSec("coaps://" + server.getSecuredAddress().getHostString() + ":" + server.getSecuredAddress().getPort(), 12345));
initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, LIFETIME, BindingMode.U, false));
initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", MODEL_NUMBER, "12345", "U"));
List<LwM2mObjectEnabler> objects = initializer.createMandatory();
objects.add(initializer.create(2));
InetSocketAddress clientAddress = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
DtlsConnectorConfig.Builder config = new DtlsConnectorConfig.Builder().setAddress(clientAddress);
// TODO we should read the config from the security object
config.setIdentity(privatekey, clientX509CertChain, false);
config.setTrustStore(trustedCertificates);
CoapServer coapServer = new CoapServer();
CoapEndpoint.CoapEndpointBuilder coapBuilder = new CoapEndpoint.CoapEndpointBuilder();
coapBuilder.setConnector(new DTLSConnector(config.build()));
coapBuilder.setNetworkConfig(new NetworkConfig());
coapServer.addEndpoint(coapBuilder.build());
LeshanClientBuilder builder = new LeshanClientBuilder(getCurrentEndpoint());
builder.setLocalAddress(clientAddress.getHostString(), clientAddress.getPort());
builder.setObjects(objects);
client = builder.build();
}
Also used :
LwM2mObjectEnabler(org.eclipse.leshan.client.resource.LwM2mObjectEnabler)
CoapServer(org.eclipse.californium.core.CoapServer)
Server(org.eclipse.leshan.client.object.Server)
ObjectsInitializer(org.eclipse.leshan.client.resource.ObjectsInitializer)
Device(org.eclipse.leshan.client.object.Device)
InetSocketAddress(java.net.InetSocketAddress)
LeshanClientBuilder(org.eclipse.leshan.client.californium.LeshanClientBuilder)
NetworkConfig(org.eclipse.californium.core.network.config.NetworkConfig)
CoapServer(org.eclipse.californium.core.CoapServer)
DtlsConnectorConfig(org.eclipse.californium.scandium.config.DtlsConnectorConfig)
DTLSConnector(org.eclipse.californium.scandium.DTLSConnector)
CoapEndpoint(org.eclipse.californium.core.network.CoapEndpoint)
Example 8 with DTLSConnector
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecureIntegrationTestHelper method createRPKClient.
// TODO implement RPK support for client
public void createRPKClient() {
ObjectsInitializer initializer = new ObjectsInitializer();
initializer.setInstancesForObject(LwM2mId.SECURITY, Security.rpk("coaps://" + server.getSecuredAddress().getHostString() + ":" + server.getSecuredAddress().getPort(), 12345, clientPublicKey.getEncoded(), clientPrivateKey.getEncoded(), serverPublicKey.getEncoded()));
initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, LIFETIME, BindingMode.U, false));
initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", MODEL_NUMBER, "12345", "U"));
List<LwM2mObjectEnabler> objects = initializer.createMandatory();
objects.add(initializer.create(2));
InetSocketAddress clientAddress = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
DtlsConnectorConfig.Builder config = new DtlsConnectorConfig.Builder().setAddress(clientAddress);
// TODO we should read the config from the security object
// TODO no way to provide a dynamic config with the current scandium API
config.setIdentity(clientPrivateKey, clientPublicKey);
CoapServer coapServer = new CoapServer();
CoapEndpoint.CoapEndpointBuilder coapBuilder = new CoapEndpoint.CoapEndpointBuilder();
coapBuilder.setConnector(new DTLSConnector(config.build()));
coapBuilder.setNetworkConfig(new NetworkConfig());
coapServer.addEndpoint(coapBuilder.build());
LeshanClientBuilder builder = new LeshanClientBuilder(getCurrentEndpoint());
builder.setLocalAddress(clientAddress.getHostString(), clientAddress.getPort());
builder.setObjects(objects);
client = builder.build();
}
Also used :
LwM2mObjectEnabler(org.eclipse.leshan.client.resource.LwM2mObjectEnabler)
CoapServer(org.eclipse.californium.core.CoapServer)
Server(org.eclipse.leshan.client.object.Server)
ObjectsInitializer(org.eclipse.leshan.client.resource.ObjectsInitializer)
Device(org.eclipse.leshan.client.object.Device)
InetSocketAddress(java.net.InetSocketAddress)
LeshanClientBuilder(org.eclipse.leshan.client.californium.LeshanClientBuilder)
NetworkConfig(org.eclipse.californium.core.network.config.NetworkConfig)
CoapServer(org.eclipse.californium.core.CoapServer)
DtlsConnectorConfig(org.eclipse.californium.scandium.config.DtlsConnectorConfig)
DTLSConnector(org.eclipse.californium.scandium.DTLSConnector)
CoapEndpoint(org.eclipse.californium.core.network.CoapEndpoint)
Aggregations
DTLSConnector (org.eclipse.californium.scandium.DTLSConnector)8
InetSocketAddress (java.net.InetSocketAddress)7
CoapEndpoint (org.eclipse.californium.core.network.CoapEndpoint)7
DtlsConnectorConfig (org.eclipse.californium.scandium.config.DtlsConnectorConfig)7
Device (org.eclipse.leshan.client.object.Device)3
Server (org.eclipse.leshan.client.object.Server)3
LwM2mObjectEnabler (org.eclipse.leshan.client.resource.LwM2mObjectEnabler)3
ObjectsInitializer (org.eclipse.leshan.client.resource.ObjectsInitializer)3
URI (java.net.URI)2
URISyntaxException (java.net.URISyntaxException)2
CoapServer (org.eclipse.californium.core.CoapServer)2
NetworkConfig (org.eclipse.californium.core.network.config.NetworkConfig)2
Builder (org.eclipse.californium.scandium.config.DtlsConnectorConfig.Builder)2
StaticPskStore (org.eclipse.californium.scandium.dtls.pskstore.StaticPskStore)2
LeshanClientBuilder (org.eclipse.leshan.client.californium.LeshanClientBuilder)2
Lwm2mEndpointContextMatcher (org.eclipse.leshan.core.californium.Lwm2mEndpointContextMatcher)2
TradfriCoapClient (org.eclipse.smarthome.binding.tradfri.internal.TradfriCoapClient)2
TradfriCoapEndpoint (org.eclipse.smarthome.binding.tradfri.internal.TradfriCoapEndpoint)2
TradfriGatewayConfig (org.eclipse.smarthome.binding.tradfri.internal.config.TradfriGatewayConfig)2
JsonObject (com.google.gson.JsonObject)1
