use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class LeshanClientBuilder method build.
/**
* Creates an instance of {@link LeshanClient} based on the properties set on this builder.
*/
public LeshanClient build() {
if (localAddress == null) {
localAddress = new InetSocketAddress(0);
}
if (objectEnablers == null) {
ObjectsInitializer initializer = new ObjectsInitializer();
initializer.setInstancesForObject(LwM2mId.SECURITY, Security.noSec("coap://leshan.eclipseprojects.io:5683", 12345));
initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, 5 * 60));
initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", "model12345", "12345", EnumSet.of(BindingMode.U)));
objectEnablers = initializer.createAll();
}
if (encoder == null)
encoder = new DefaultLwM2mEncoder();
if (decoder == null)
decoder = new DefaultLwM2mDecoder();
if (linkSerializer == null)
linkSerializer = new DefaultLinkSerializer();
if (attributeParser == null)
attributeParser = new DefaultLwM2mAttributeParser();
if (coapConfig == null) {
coapConfig = createDefaultCoapConfiguration();
}
if (engineFactory == null) {
engineFactory = new DefaultRegistrationEngineFactory();
}
if (endpointFactory == null) {
endpointFactory = new DefaultEndpointFactory("LWM2M Client", true) {
@Override
protected Connector createSecuredConnector(DtlsConnectorConfig dtlsConfig) {
DTLSConnector dtlsConnector = new DTLSConnector(dtlsConfig);
if (executor != null) {
dtlsConnector.setExecutor(executor);
}
return dtlsConnector;
}
};
}
if (bootstrapConsistencyChecker == null) {
bootstrapConsistencyChecker = new DefaultBootstrapConsistencyChecker();
}
// handle dtlsConfig
if (dtlsConfigBuilder == null) {
dtlsConfigBuilder = DtlsConnectorConfig.builder(coapConfig);
}
DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
// Handle secure address
if (incompleteConfig.getAddress() == null) {
if (localAddress == null) {
localAddress = new InetSocketAddress(0);
}
dtlsConfigBuilder.setAddress(localAddress);
} else if (localAddress != null && !localAddress.equals(incompleteConfig.getAddress())) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for address: %s != %s", localAddress, incompleteConfig.getAddress()));
}
return createLeshanClient(endpoint, localAddress, objectEnablers, coapConfig, dtlsConfigBuilder, this.trustStore, endpointFactory, engineFactory, bootstrapConsistencyChecker, additionalAttributes, bsAdditionalAttributes, encoder, decoder, executor, linkSerializer, attributeParser);
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecurityTest method server_initiates_dtls_handshake_timeout.
@Test
public void server_initiates_dtls_handshake_timeout() throws NonUniqueSecurityInfoException, InterruptedException {
// Create PSK server & start it
// default server support PSK
helper.createServer();
helper.server.start();
// Create PSK Client
helper.createPSKClient();
// Add client credentials to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
// Check for registration
helper.assertClientNotRegisterered();
helper.client.start();
helper.waitForRegistrationAtServerSide(1);
Registration registration = helper.getCurrentRegistration();
helper.assertClientRegisterered();
// Remove DTLS connection at server side.
((DTLSConnector) helper.server.coap().getSecuredEndpoint().getConnector()).clearConnectionState();
// stop client
helper.client.stop(false);
// try to send request synchronously
ReadResponse readResponse = helper.server.send(registration, new ReadRequest(3), 1000);
assertNull(readResponse);
// try to send request asynchronously
Callback<ReadResponse> callback = new Callback<>();
helper.server.send(registration, new ReadRequest(3), 1000, callback, callback);
callback.waitForResponse(1100);
assertTrue(callback.getException() instanceof TimeoutException);
assertEquals(TimeoutException.Type.DTLS_HANDSHAKE_TIMEOUT, ((TimeoutException) callback.getException()).getType());
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecurityTest method server_initiates_dtls_handshake.
@Test
public void server_initiates_dtls_handshake() throws NonUniqueSecurityInfoException, InterruptedException {
// Create PSK server & start it
// default server support PSK
helper.createServer();
helper.server.start();
// Create PSK Client
helper.createPSKClient();
// Add client credentials to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
// Check for registration
helper.assertClientNotRegisterered();
helper.client.start();
helper.waitForRegistrationAtServerSide(1);
Registration registration = helper.getCurrentRegistration();
helper.assertClientRegisterered();
// Remove DTLS connection at server side.
((DTLSConnector) helper.server.coap().getSecuredEndpoint().getConnector()).clearConnectionState();
// try to send request
ReadResponse readResponse = helper.server.send(registration, new ReadRequest(3), 1000);
assertTrue(readResponse.isSuccess());
// ensure we have a new session for it
DTLSSession session = ((DTLSConnector) helper.server.coap().getSecuredEndpoint().getConnector()).getSessionByAddress(registration.getSocketAddress());
assertNotNull(session);
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class SecurityTest method dont_sent_request_if_identity_change.
@Test
public void dont_sent_request_if_identity_change() throws NonUniqueSecurityInfoException, InterruptedException, IOException {
// Create PSK server & start it
// default server support PSK
helper.createServer();
helper.server.start();
// Create PSK Client
helper.createPSKClient();
// Add client credentials to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
// Check client is not registered
helper.assertClientNotRegisterered();
// Start it and wait for registration
helper.client.start();
helper.waitForRegistrationAtServerSide(1);
// Check client is well registered
helper.assertClientRegisterered();
// Ensure we can send a read request
helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1));
// Add new credential to the server
helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, "anotherPSK", GOOD_PSK_KEY));
// Create new session with new credentials at client side.
// Get connector
Endpoint endpoint = helper.client.coap().getServer().getEndpoint(helper.client.getAddress(helper.getCurrentRegisteredServer()));
DTLSConnector connector = (DTLSConnector) ((CoapEndpoint) endpoint).getConnector();
// Clear DTLS session to force new handshake
connector.clearConnectionState();
// Change PSK id
helper.setNewPsk("anotherPSK", GOOD_PSK_KEY);
// restart connector
connector.start();
// send and empty message to force a new handshake with new credentials
SimpleMessageCallback callback = new SimpleMessageCallback();
// create a ping message
Request request = new Request(null, Type.CON);
request.setToken(Token.EMPTY);
request.setMID(0);
byte[] ping = new UdpDataSerializer().getByteArray(request);
// sent it
connector.send(RawData.outbound(ping, new AddressEndpointContext(helper.server.getSecuredAddress()), callback, false));
// Wait until new handshake DTLS is done
EndpointContext endpointContext = callback.getEndpointContext(1000);
assertEquals(((PreSharedKeyIdentity) endpointContext.getPeerIdentity()).getIdentity(), "anotherPSK");
// Try to send a read request this should failed with an SendFailedException.
try {
helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1), 1000);
fail("send must failed");
} catch (SendFailedException e) {
assertTrue("must be caused by an EndpointMismatchException", e.getCause() instanceof EndpointMismatchException);
} finally {
connector.stop();
helper.client.destroy(false);
helper.client = null;
}
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class LeshanServer method createConnectionCleaner.
protected void createConnectionCleaner(SecurityStore securityStore, CoapEndpoint securedEndpoint) {
if (securedEndpoint != null && securedEndpoint.getConnector() instanceof DTLSConnector && securityStore instanceof EditableSecurityStore) {
final ConnectionCleaner connectionCleaner = new ConnectionCleaner((DTLSConnector) securedEndpoint.getConnector());
((EditableSecurityStore) securityStore).setListener(new SecurityStoreListener() {
@Override
public void securityInfoRemoved(boolean infosAreCompromised, SecurityInfo... infos) {
if (infosAreCompromised) {
connectionCleaner.cleanConnectionFor(infos);
}
}
});
}
}
Aggregations