Search in sources :

Example 1 with PskSecretResult

use of org.eclipse.californium.scandium.dtls.PskSecretResult in project hono by eclipse.

the class DeviceRegistryBasedPskStore method loadCredentialsForDevice.

/**
 * Load credentials for an identity used by a device in a PSK based DTLS handshake.
 *
 * @param cid the connection id to report the result.
 * @param identity the psk identity of the device.
 */
private void loadCredentialsForDevice(final ConnectionId cid, final PskPublicInformation identity) {
    final String publicInfo = identity.getPublicInfoAsString();
    LOG.debug("getting PSK secret for identity [{}]", publicInfo);
    final Span span = tracer.buildSpan("look up pre-shared key").withTag(Tags.SPAN_KIND.getKey(), Tags.SPAN_KIND_CLIENT).withTag(Tags.COMPONENT.getKey(), adapter.getTypeName()).start();
    final PreSharedKeyDeviceIdentity handshakeIdentity = getHandshakeIdentity(publicInfo, span);
    if (handshakeIdentity == null) {
        TracingHelper.logError(span, "could not determine auth-id from PSK identity");
        span.finish();
        return;
    }
    TracingHelper.TAG_TENANT_ID.set(span, handshakeIdentity.getTenantId());
    TracingHelper.TAG_AUTH_ID.set(span, handshakeIdentity.getAuthId());
    applyTraceSamplingPriority(handshakeIdentity, span).compose(v -> adapter.getCredentialsClient().get(handshakeIdentity.getTenantId(), handshakeIdentity.getType(), handshakeIdentity.getAuthId(), new JsonObject(), span.context())).map(credentials -> {
        final String deviceId = credentials.getDeviceId();
        TracingHelper.TAG_DEVICE_ID.set(span, deviceId);
        final SecretKey key = getCandidateKey(credentials);
        if (key == null) {
            TracingHelper.logError(span, "PSK credentials for device do not contain proper key");
            return new PskSecretResult(cid, identity, null, null);
        } else {
            span.log("successfully retrieved PSK for device");
            // set AdditionalInfo as customArgument here
            final AdditionalInfo info = DeviceInfoSupplier.createDeviceInfo(new Device(handshakeIdentity.getTenantId(), credentials.getDeviceId()), handshakeIdentity.getAuthId());
            return new PskSecretResult(cid, identity, key, info);
        }
    }).otherwise(t -> {
        TracingHelper.logError(span, "could not retrieve PSK credentials for device", t);
        LOG.debug("error retrieving credentials for PSK identity [{}]", publicInfo, t);
        return new PskSecretResult(cid, identity, null, null);
    }).onSuccess(result -> {
        span.finish();
        californiumResultHandler.apply(result);
    });
}
Also used : Arrays(java.util.Arrays) AdvancedPskStore(org.eclipse.californium.scandium.dtls.pskstore.AdvancedPskStore) LoggerFactory(org.slf4j.LoggerFactory) PskSecretResult(org.eclipse.californium.scandium.dtls.PskSecretResult) Tags(io.opentracing.tag.Tags) SecretUtil(org.eclipse.californium.scandium.util.SecretUtil) PskPublicInformation(org.eclipse.californium.scandium.dtls.PskPublicInformation) DeviceCredentials(org.eclipse.hono.adapter.auth.device.DeviceCredentials) ServerNames(org.eclipse.californium.scandium.util.ServerNames) JsonObject(io.vertx.core.json.JsonObject) TracingHelper(org.eclipse.hono.tracing.TracingHelper) PskSecretResultHandler(org.eclipse.californium.scandium.dtls.PskSecretResultHandler) Logger(org.slf4j.Logger) Tracer(io.opentracing.Tracer) AdditionalInfo(org.eclipse.californium.elements.auth.AdditionalInfo) InetSocketAddress(java.net.InetSocketAddress) Future(io.vertx.core.Future) Device(org.eclipse.hono.auth.Device) CredentialsConstants(org.eclipse.hono.util.CredentialsConstants) Objects(java.util.Objects) TenantTraceSamplingHelper(org.eclipse.hono.tracing.TenantTraceSamplingHelper) ConnectionId(org.eclipse.californium.scandium.dtls.ConnectionId) Span(io.opentracing.Span) SecretKey(javax.crypto.SecretKey) CredentialsObject(org.eclipse.hono.util.CredentialsObject) AdditionalInfo(org.eclipse.californium.elements.auth.AdditionalInfo) SecretKey(javax.crypto.SecretKey) PskSecretResult(org.eclipse.californium.scandium.dtls.PskSecretResult) Device(org.eclipse.hono.auth.Device) JsonObject(io.vertx.core.json.JsonObject) Span(io.opentracing.Span)

Aggregations

Span (io.opentracing.Span)1 Tracer (io.opentracing.Tracer)1 Tags (io.opentracing.tag.Tags)1 Future (io.vertx.core.Future)1 JsonObject (io.vertx.core.json.JsonObject)1 InetSocketAddress (java.net.InetSocketAddress)1 Arrays (java.util.Arrays)1 Objects (java.util.Objects)1 SecretKey (javax.crypto.SecretKey)1 AdditionalInfo (org.eclipse.californium.elements.auth.AdditionalInfo)1 ConnectionId (org.eclipse.californium.scandium.dtls.ConnectionId)1 PskPublicInformation (org.eclipse.californium.scandium.dtls.PskPublicInformation)1 PskSecretResult (org.eclipse.californium.scandium.dtls.PskSecretResult)1 PskSecretResultHandler (org.eclipse.californium.scandium.dtls.PskSecretResultHandler)1 AdvancedPskStore (org.eclipse.californium.scandium.dtls.pskstore.AdvancedPskStore)1 SecretUtil (org.eclipse.californium.scandium.util.SecretUtil)1 ServerNames (org.eclipse.californium.scandium.util.ServerNames)1 DeviceCredentials (org.eclipse.hono.adapter.auth.device.DeviceCredentials)1 Device (org.eclipse.hono.auth.Device)1 TenantTraceSamplingHelper (org.eclipse.hono.tracing.TenantTraceSamplingHelper)1