use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecurityTest method dont_sent_request_if_identity_change.
@Test
public void dont_sent_request_if_identity_change() throws NonUniqueSecurityInfoException, InterruptedException, IOException {
// Create PSK server & start it
// default server support PSK
helper.createServer();
helper.server.start();
// Create PSK Client
helper.createPSKClient();
// Add client credentials to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
// Check client is not registered
helper.assertClientNotRegisterered();
// Start it and wait for registration
helper.client.start();
helper.waitForRegistration(1);
// Check client is well registered
helper.assertClientRegisterered();
// Ensure we can send a read request
helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1));
// Pause the client
// helper.client.stop(false);
// Add new credential to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, "anotherPSK", GOOD_PSK_KEY));
// Get connector
Endpoint endpoint = helper.client.getCoapServer().getEndpoint(helper.client.getSecuredAddress());
DTLSConnector connector = (DTLSConnector) ((CoapEndpoint) endpoint).getConnector();
// Clear DTLS session to force new handshake
connector.clearConnectionState();
// Change PSK idea
helper.setNewPsk(helper.client, "anotherPSK");
// restart connector
connector.start();
// send and empty message to force a new handshake with new credentials
SimpleMessageCallback callback = new SimpleMessageCallback();
connector.send(RawData.outbound(new byte[0], new AddressEndpointContext(helper.server.getSecuredAddress()), callback, false));
// Wait until new handshake DTLS is done
EndpointContext endpointContext = callback.getEndpointContext(1000);
assertEquals(endpointContext.getPeerIdentity().getName(), "anotherPSK");
// Try to send a read request this should failed with an SendFailedException.
try {
helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1), 1000);
fail("send must failed");
} catch (SendFailedException e) {
assertTrue("must be caused by an EndpointMismatchException", e.getCause() instanceof EndpointMismatchException);
} finally {
connector.stop();
helper.client.destroy(false);
helper.client = null;
}
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecureIntegrationTestHelper method createX509CertClient.
// TODO implement X509 support for client
public void createX509CertClient(PrivateKey privatekey, Certificate[] trustedCertificates) {
ObjectsInitializer initializer = new ObjectsInitializer();
// TODO security instance with certificate info
initializer.setInstancesForObject(LwM2mId.SECURITY, Security.noSec("coaps://" + server.getSecuredAddress().getHostString() + ":" + server.getSecuredAddress().getPort(), 12345));
initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, LIFETIME, BindingMode.U, false));
initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", MODEL_NUMBER, "12345", "U"));
List<LwM2mObjectEnabler> objects = initializer.createMandatory();
objects.add(initializer.create(2));
InetSocketAddress clientAddress = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
DtlsConnectorConfig.Builder config = new DtlsConnectorConfig.Builder().setAddress(clientAddress);
// TODO we should read the config from the security object
config.setIdentity(privatekey, clientX509CertChain, false);
config.setTrustStore(trustedCertificates);
CoapServer coapServer = new CoapServer();
CoapEndpoint.CoapEndpointBuilder coapBuilder = new CoapEndpoint.CoapEndpointBuilder();
coapBuilder.setConnector(new DTLSConnector(config.build()));
coapBuilder.setNetworkConfig(new NetworkConfig());
coapServer.addEndpoint(coapBuilder.build());
LeshanClientBuilder builder = new LeshanClientBuilder(getCurrentEndpoint());
builder.setLocalAddress(clientAddress.getHostString(), clientAddress.getPort());
builder.setObjects(objects);
client = builder.build();
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecureIntegrationTestHelper method createRPKClient.
// TODO implement RPK support for client
public void createRPKClient() {
ObjectsInitializer initializer = new ObjectsInitializer();
initializer.setInstancesForObject(LwM2mId.SECURITY, Security.rpk("coaps://" + server.getSecuredAddress().getHostString() + ":" + server.getSecuredAddress().getPort(), 12345, clientPublicKey.getEncoded(), clientPrivateKey.getEncoded(), serverPublicKey.getEncoded()));
initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, LIFETIME, BindingMode.U, false));
initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", MODEL_NUMBER, "12345", "U"));
List<LwM2mObjectEnabler> objects = initializer.createMandatory();
objects.add(initializer.create(2));
InetSocketAddress clientAddress = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
DtlsConnectorConfig.Builder config = new DtlsConnectorConfig.Builder().setAddress(clientAddress);
// TODO we should read the config from the security object
// TODO no way to provide a dynamic config with the current scandium API
config.setIdentity(clientPrivateKey, clientPublicKey);
CoapServer coapServer = new CoapServer();
CoapEndpoint.CoapEndpointBuilder coapBuilder = new CoapEndpoint.CoapEndpointBuilder();
coapBuilder.setConnector(new DTLSConnector(config.build()));
coapBuilder.setNetworkConfig(new NetworkConfig());
coapServer.addEndpoint(coapBuilder.build());
LeshanClientBuilder builder = new LeshanClientBuilder(getCurrentEndpoint());
builder.setLocalAddress(clientAddress.getHostString(), clientAddress.getPort());
builder.setObjects(objects);
client = builder.build();
}
Aggregations