Search in sources :

Example 26 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.

the class LeshanClientBuilder method build.

/**
 * Creates an instance of {@link LeshanClient} based on the properties set on this builder.
 */
public LeshanClient build() {
    if (localAddress == null) {
        localAddress = new InetSocketAddress(0);
    }
    if (objectEnablers == null) {
        ObjectsInitializer initializer = new ObjectsInitializer();
        initializer.setInstancesForObject(LwM2mId.SECURITY, Security.noSec("coap://leshan.eclipseprojects.io:5683", 12345));
        initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, 5 * 60));
        initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", "model12345", "12345", EnumSet.of(BindingMode.U)));
        objectEnablers = initializer.createAll();
    }
    if (encoder == null)
        encoder = new DefaultLwM2mEncoder();
    if (decoder == null)
        decoder = new DefaultLwM2mDecoder();
    if (linkSerializer == null)
        linkSerializer = new DefaultLinkSerializer();
    if (attributeParser == null)
        attributeParser = new DefaultLwM2mAttributeParser();
    if (coapConfig == null) {
        coapConfig = createDefaultCoapConfiguration();
    }
    if (engineFactory == null) {
        engineFactory = new DefaultRegistrationEngineFactory();
    }
    if (endpointFactory == null) {
        endpointFactory = new DefaultEndpointFactory("LWM2M Client", true) {

            @Override
            protected Connector createSecuredConnector(DtlsConnectorConfig dtlsConfig) {
                DTLSConnector dtlsConnector = new DTLSConnector(dtlsConfig);
                if (executor != null) {
                    dtlsConnector.setExecutor(executor);
                }
                return dtlsConnector;
            }
        };
    }
    if (bootstrapConsistencyChecker == null) {
        bootstrapConsistencyChecker = new DefaultBootstrapConsistencyChecker();
    }
    // handle dtlsConfig
    if (dtlsConfigBuilder == null) {
        dtlsConfigBuilder = DtlsConnectorConfig.builder(coapConfig);
    }
    DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
    // Handle secure address
    if (incompleteConfig.getAddress() == null) {
        if (localAddress == null) {
            localAddress = new InetSocketAddress(0);
        }
        dtlsConfigBuilder.setAddress(localAddress);
    } else if (localAddress != null && !localAddress.equals(incompleteConfig.getAddress())) {
        throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for address: %s != %s", localAddress, incompleteConfig.getAddress()));
    }
    return createLeshanClient(endpoint, localAddress, objectEnablers, coapConfig, dtlsConfigBuilder, this.trustStore, endpointFactory, engineFactory, bootstrapConsistencyChecker, additionalAttributes, bsAdditionalAttributes, encoder, decoder, executor, linkSerializer, attributeParser);
}
Also used : UDPConnector(org.eclipse.californium.elements.UDPConnector) DTLSConnector(org.eclipse.californium.scandium.DTLSConnector) Connector(org.eclipse.californium.elements.Connector) DefaultRegistrationEngineFactory(org.eclipse.leshan.client.engine.DefaultRegistrationEngineFactory) CoapServer(org.eclipse.californium.core.CoapServer) Server(org.eclipse.leshan.client.object.Server) ObjectsInitializer(org.eclipse.leshan.client.resource.ObjectsInitializer) InetSocketAddress(java.net.InetSocketAddress) Device(org.eclipse.leshan.client.object.Device) DefaultLwM2mEncoder(org.eclipse.leshan.core.node.codec.DefaultLwM2mEncoder) DefaultLinkSerializer(org.eclipse.leshan.core.link.DefaultLinkSerializer) DefaultLwM2mAttributeParser(org.eclipse.leshan.core.link.lwm2m.attributes.DefaultLwM2mAttributeParser) DefaultLwM2mDecoder(org.eclipse.leshan.core.node.codec.DefaultLwM2mDecoder) DtlsConnectorConfig(org.eclipse.californium.scandium.config.DtlsConnectorConfig) DTLSConnector(org.eclipse.californium.scandium.DTLSConnector) DefaultBootstrapConsistencyChecker(org.eclipse.leshan.client.californium.bootstrap.DefaultBootstrapConsistencyChecker) DefaultEndpointFactory(org.eclipse.leshan.core.californium.DefaultEndpointFactory)

Example 27 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.

the class SecurityTest method server_initiates_dtls_handshake_timeout.

@Test
public void server_initiates_dtls_handshake_timeout() throws NonUniqueSecurityInfoException, InterruptedException {
    // Create PSK server & start it
    // default server support PSK
    helper.createServer();
    helper.server.start();
    // Create PSK Client
    helper.createPSKClient();
    // Add client credentials to the server
    helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
    // Check for registration
    helper.assertClientNotRegisterered();
    helper.client.start();
    helper.waitForRegistrationAtServerSide(1);
    Registration registration = helper.getCurrentRegistration();
    helper.assertClientRegisterered();
    // Remove DTLS connection at server side.
    ((DTLSConnector) helper.server.coap().getSecuredEndpoint().getConnector()).clearConnectionState();
    // stop client
    helper.client.stop(false);
    // try to send request synchronously
    ReadResponse readResponse = helper.server.send(registration, new ReadRequest(3), 1000);
    assertNull(readResponse);
    // try to send request asynchronously
    Callback<ReadResponse> callback = new Callback<>();
    helper.server.send(registration, new ReadRequest(3), 1000, callback, callback);
    callback.waitForResponse(1100);
    assertTrue(callback.getException() instanceof TimeoutException);
    assertEquals(TimeoutException.Type.DTLS_HANDSHAKE_TIMEOUT, ((TimeoutException) callback.getException()).getType());
}
Also used : Callback(org.eclipse.leshan.integration.tests.util.Callback) SimpleMessageCallback(org.eclipse.californium.elements.util.SimpleMessageCallback) ReadResponse(org.eclipse.leshan.core.response.ReadResponse) Registration(org.eclipse.leshan.server.registration.Registration) DTLSConnector(org.eclipse.californium.scandium.DTLSConnector) ReadRequest(org.eclipse.leshan.core.request.ReadRequest) TimeoutException(org.eclipse.leshan.core.request.exception.TimeoutException) Test(org.junit.Test)

Example 28 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.

the class SecurityTest method server_initiates_dtls_handshake.

@Test
public void server_initiates_dtls_handshake() throws NonUniqueSecurityInfoException, InterruptedException {
    // Create PSK server & start it
    // default server support PSK
    helper.createServer();
    helper.server.start();
    // Create PSK Client
    helper.createPSKClient();
    // Add client credentials to the server
    helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
    // Check for registration
    helper.assertClientNotRegisterered();
    helper.client.start();
    helper.waitForRegistrationAtServerSide(1);
    Registration registration = helper.getCurrentRegistration();
    helper.assertClientRegisterered();
    // Remove DTLS connection at server side.
    ((DTLSConnector) helper.server.coap().getSecuredEndpoint().getConnector()).clearConnectionState();
    // try to send request
    ReadResponse readResponse = helper.server.send(registration, new ReadRequest(3), 1000);
    assertTrue(readResponse.isSuccess());
    // ensure we have a new session for it
    DTLSSession session = ((DTLSConnector) helper.server.coap().getSecuredEndpoint().getConnector()).getSessionByAddress(registration.getSocketAddress());
    assertNotNull(session);
}
Also used : ReadResponse(org.eclipse.leshan.core.response.ReadResponse) Registration(org.eclipse.leshan.server.registration.Registration) DTLSSession(org.eclipse.californium.scandium.dtls.DTLSSession) DTLSConnector(org.eclipse.californium.scandium.DTLSConnector) ReadRequest(org.eclipse.leshan.core.request.ReadRequest) Test(org.junit.Test)

Example 29 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.

the class SecurityTest method dont_sent_request_if_identity_change.

@Test
public void dont_sent_request_if_identity_change() throws NonUniqueSecurityInfoException, InterruptedException, IOException {
    // Create PSK server & start it
    // default server support PSK
    helper.createServer();
    helper.server.start();
    // Create PSK Client
    helper.createPSKClient();
    // Add client credentials to the server
    helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(helper.getCurrentEndpoint(), GOOD_PSK_ID, GOOD_PSK_KEY));
    // Check client is not registered
    helper.assertClientNotRegisterered();
    // Start it and wait for registration
    helper.client.start();
    helper.waitForRegistrationAtServerSide(1);
    // Check client is well registered
    helper.assertClientRegisterered();
    // Ensure we can send a read request
    helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1));
    // Add new credential to the server
    helper.getSecurityStore().add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, "anotherPSK", GOOD_PSK_KEY));
    // Create new session with new credentials at client side.
    // Get connector
    Endpoint endpoint = helper.client.coap().getServer().getEndpoint(helper.client.getAddress(helper.getCurrentRegisteredServer()));
    DTLSConnector connector = (DTLSConnector) ((CoapEndpoint) endpoint).getConnector();
    // Clear DTLS session to force new handshake
    connector.clearConnectionState();
    // Change PSK id
    helper.setNewPsk("anotherPSK", GOOD_PSK_KEY);
    // restart connector
    connector.start();
    // send and empty message to force a new handshake with new credentials
    SimpleMessageCallback callback = new SimpleMessageCallback();
    // create a ping message
    Request request = new Request(null, Type.CON);
    request.setToken(Token.EMPTY);
    request.setMID(0);
    byte[] ping = new UdpDataSerializer().getByteArray(request);
    // sent it
    connector.send(RawData.outbound(ping, new AddressEndpointContext(helper.server.getSecuredAddress()), callback, false));
    // Wait until new handshake DTLS is done
    EndpointContext endpointContext = callback.getEndpointContext(1000);
    assertEquals(((PreSharedKeyIdentity) endpointContext.getPeerIdentity()).getIdentity(), "anotherPSK");
    // Try to send a read request this should failed with an SendFailedException.
    try {
        helper.server.send(helper.getCurrentRegistration(), new ReadRequest(3, 0, 1), 1000);
        fail("send must failed");
    } catch (SendFailedException e) {
        assertTrue("must be caused by an EndpointMismatchException", e.getCause() instanceof EndpointMismatchException);
    } finally {
        connector.stop();
        helper.client.destroy(false);
        helper.client = null;
    }
}
Also used : SendFailedException(org.eclipse.leshan.core.request.exception.SendFailedException) EndpointMismatchException(org.eclipse.californium.elements.exception.EndpointMismatchException) CoapEndpoint(org.eclipse.californium.core.network.CoapEndpoint) Endpoint(org.eclipse.californium.core.network.Endpoint) AddressEndpointContext(org.eclipse.californium.elements.AddressEndpointContext) EndpointContext(org.eclipse.californium.elements.EndpointContext) ReadRequest(org.eclipse.leshan.core.request.ReadRequest) Request(org.eclipse.californium.core.coap.Request) AddressEndpointContext(org.eclipse.californium.elements.AddressEndpointContext) SimpleMessageCallback(org.eclipse.californium.elements.util.SimpleMessageCallback) DTLSConnector(org.eclipse.californium.scandium.DTLSConnector) ReadRequest(org.eclipse.leshan.core.request.ReadRequest) UdpDataSerializer(org.eclipse.californium.core.network.serialization.UdpDataSerializer) Test(org.junit.Test)

Example 30 with DTLSConnector

use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.

the class LeshanServer method createConnectionCleaner.

protected void createConnectionCleaner(SecurityStore securityStore, CoapEndpoint securedEndpoint) {
    if (securedEndpoint != null && securedEndpoint.getConnector() instanceof DTLSConnector && securityStore instanceof EditableSecurityStore) {
        final ConnectionCleaner connectionCleaner = new ConnectionCleaner((DTLSConnector) securedEndpoint.getConnector());
        ((EditableSecurityStore) securityStore).setListener(new SecurityStoreListener() {

            @Override
            public void securityInfoRemoved(boolean infosAreCompromised, SecurityInfo... infos) {
                if (infosAreCompromised) {
                    connectionCleaner.cleanConnectionFor(infos);
                }
            }
        });
    }
}
Also used : EditableSecurityStore(org.eclipse.leshan.server.security.EditableSecurityStore) SecurityStoreListener(org.eclipse.leshan.server.security.SecurityStoreListener) SecurityInfo(org.eclipse.leshan.server.security.SecurityInfo) DTLSConnector(org.eclipse.californium.scandium.DTLSConnector)

Aggregations

DTLSConnector (org.eclipse.californium.scandium.DTLSConnector)39 CoapEndpoint (org.eclipse.californium.core.network.CoapEndpoint)29 DtlsConnectorConfig (org.eclipse.californium.scandium.config.DtlsConnectorConfig)28 InetSocketAddress (java.net.InetSocketAddress)15 Configuration (org.eclipse.californium.elements.config.Configuration)15 Endpoint (org.eclipse.californium.core.network.Endpoint)9 CoapServer (org.eclipse.californium.core.CoapServer)8 AdvancedSinglePskStore (org.eclipse.californium.scandium.dtls.pskstore.AdvancedSinglePskStore)7 URI (java.net.URI)5 Builder (org.eclipse.californium.scandium.config.DtlsConnectorConfig.Builder)5 IOException (java.io.IOException)4 URISyntaxException (java.net.URISyntaxException)4 StaticPskStore (org.eclipse.californium.scandium.dtls.pskstore.StaticPskStore)4 CoapClient (org.eclipse.californium.core.CoapClient)3 NetworkConfig (org.eclipse.californium.core.network.config.NetworkConfig)3 Connector (org.eclipse.californium.elements.Connector)3 DtlsHealthLogger (org.eclipse.californium.scandium.DtlsHealthLogger)3 MdcConnectionListener (org.eclipse.californium.scandium.MdcConnectionListener)3 AdvancedPskStore (org.eclipse.californium.scandium.dtls.pskstore.AdvancedPskStore)3 AsyncAdvancedPskStore (org.eclipse.californium.scandium.dtls.pskstore.AsyncAdvancedPskStore)3