Examples with RPKClientCredential org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential used on opensource projects

Search in sources :

Example 1 with RPKClientCredential

use of org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential in project thingsboard by thingsboard.

the class LwM2mCredentialsSecurityInfoValidator method createClientSecurityInfoRPK.

private void createClientSecurityInfoRPK(TbLwM2MSecurityInfo result, String endpoint, LwM2MClientCredential clientCredentialsConfig) {
    RPKClientCredential rpkConfig = (RPKClientCredential) clientCredentialsConfig;
    try {
        if (rpkConfig.getDecoded() != null) {
            PublicKey key = SecurityUtil.publicKey.decode(rpkConfig.getDecoded());
            result.setSecurityInfo(SecurityInfo.newRawPublicKeyInfo(endpoint, key));
            result.setSecurityMode(RPK);
        } else {
            log.error("Missing RPK key");
        }
    } catch (IllegalArgumentException | IOException | GeneralSecurityException | DecoderException e) {
        log.error("RPK: Invalid security info content: " + e.getMessage());
    }
}
Also used : DecoderException(org.apache.commons.codec.DecoderException) PublicKey(java.security.PublicKey) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) RPKClientCredential(org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential)

Example 2 with RPKClientCredential

use of org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential in project thingsboard by thingsboard.

the class RpkLwM2MIntegrationTest method testWithRpkConnectBsSuccess_UpdateTwoSectionsBootstrapAndLm2m_ConnectLwm2mSuccess.

// Bootstrap + Lwm2m
@Test
public void testWithRpkConnectBsSuccess_UpdateTwoSectionsBootstrapAndLm2m_ConnectLwm2mSuccess() throws Exception {
    String clientEndpoint = CLIENT_ENDPOINT_RPK_BS;
    X509Certificate certificate = clientX509CertTrust;
    PrivateKey privateKey = clientPrivateKeyFromCertTrust;
    RPKClientCredential clientCredentials = new RPKClientCredential();
    clientCredentials.setEndpoint(clientEndpoint);
    clientCredentials.setKey(Base64.encodeBase64String(certificate.getPublicKey().getEncoded()));
    Security securityBs = rpkBootstrap(SECURE_URI_BS, certificate.getPublicKey().getEncoded(), privateKey.getEncoded(), serverX509CertBs.getPublicKey().getEncoded());
    Lwm2mDeviceProfileTransportConfiguration transportConfiguration = getTransportConfiguration(OBSERVE_ATTRIBUTES_WITHOUT_PARAMS, getBootstrapServerCredentialsSecure(RPK, BOTH));
    LwM2MDeviceCredentials deviceCredentials = getDeviceCredentialsSecure(clientCredentials, clientPrivateKeyFromCertTrust, certificate, RPK, false);
    this.basicTestConnection(securityBs, deviceCredentials, COAP_CONFIG_BS, clientEndpoint, transportConfiguration, "await on client state (RpkBS two section)", expectedStatusesRegistrationBsSuccess, true, ON_REGISTRATION_SUCCESS, true);
}
Also used : PrivateKey(java.security.PrivateKey) LwM2MDeviceCredentials(org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MDeviceCredentials) Lwm2mDeviceProfileTransportConfiguration(org.thingsboard.server.common.data.device.profile.Lwm2mDeviceProfileTransportConfiguration) Security(org.eclipse.leshan.client.object.Security) X509Certificate(java.security.cert.X509Certificate) RPKClientCredential(org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential) Test(org.junit.Test) AbstractSecurityLwM2MIntegrationTest(org.thingsboard.server.transport.lwm2m.security.AbstractSecurityLwM2MIntegrationTest)

Example 3 with RPKClientCredential

use of org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential in project thingsboard by thingsboard.

the class RpkLwM2MIntegrationTest method testWithRpkConnectLwm2mSuccess.

// Lwm2m only
@Test
public void testWithRpkConnectLwm2mSuccess() throws Exception {
    String clientEndpoint = CLIENT_ENDPOINT_RPK;
    X509Certificate certificate = clientX509CertTrust;
    PrivateKey privateKey = clientPrivateKeyFromCertTrust;
    RPKClientCredential clientCredentials = new RPKClientCredential();
    clientCredentials.setEndpoint(clientEndpoint);
    clientCredentials.setKey(Base64.encodeBase64String(certificate.getPublicKey().getEncoded()));
    Security securityBs = rpk(SECURE_URI, shortServerId, certificate.getPublicKey().getEncoded(), privateKey.getEncoded(), serverX509Cert.getPublicKey().getEncoded());
    Lwm2mDeviceProfileTransportConfiguration transportConfiguration = getTransportConfiguration(OBSERVE_ATTRIBUTES_WITHOUT_PARAMS, getBootstrapServerCredentialsSecure(RPK, NONE));
    LwM2MDeviceCredentials deviceCredentials = getDeviceCredentialsSecure(clientCredentials, privateKey, certificate, RPK, false);
    this.basicTestConnection(securityBs, deviceCredentials, COAP_CONFIG, clientEndpoint, transportConfiguration, "await on client state (Rpk_Lwm2m)", expectedStatusesRegistrationLwm2mSuccess, false, ON_REGISTRATION_SUCCESS, true);
}
Also used : PrivateKey(java.security.PrivateKey) LwM2MDeviceCredentials(org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MDeviceCredentials) Lwm2mDeviceProfileTransportConfiguration(org.thingsboard.server.common.data.device.profile.Lwm2mDeviceProfileTransportConfiguration) Security(org.eclipse.leshan.client.object.Security) X509Certificate(java.security.cert.X509Certificate) RPKClientCredential(org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential) Test(org.junit.Test) AbstractSecurityLwM2MIntegrationTest(org.thingsboard.server.transport.lwm2m.security.AbstractSecurityLwM2MIntegrationTest)

Example 4 with RPKClientCredential

use of org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential in project thingsboard by thingsboard.

the class RpkLwM2MIntegrationTest method testWithRpkValidationPrivateKeyBase64format_BAD_REQUEST.

@Test
public void testWithRpkValidationPrivateKeyBase64format_BAD_REQUEST() throws Exception {
    String clientEndpoint = CLIENT_ENDPOINT_RPK + "BadPrivateKey";
    X509Certificate certificate = clientX509CertTrust;
    PrivateKey privateKey = clientPrivateKeyFromCertTrust;
    RPKClientCredential clientCredentials = new RPKClientCredential();
    clientCredentials.setEndpoint(clientEndpoint);
    clientCredentials.setKey(Base64.encodeBase64String(certificate.getPublicKey().getEncoded()));
    Lwm2mDeviceProfileTransportConfiguration transportConfiguration = getTransportConfiguration(OBSERVE_ATTRIBUTES_WITHOUT_PARAMS, getBootstrapServerCredentialsSecure(RPK, NONE));
    LwM2MDeviceCredentials deviceCredentials = getDeviceCredentialsSecure(clientCredentials, privateKey, certificate, RPK, true);
    createDeviceProfile(transportConfiguration);
    MvcResult result = createDeviceWithMvcResult(deviceCredentials, clientEndpoint);
    assertEquals(HttpServletResponse.SC_BAD_REQUEST, result.getResponse().getStatus());
    String msgExpected = "Bootstrap server client RPK secret key must be in PKCS#8 format (DER encoding, standard [RFC5958]) and then encoded to Base64 format!";
    assertTrue(result.getResponse().getContentAsString().contains(msgExpected));
}
Also used : PrivateKey(java.security.PrivateKey) LwM2MDeviceCredentials(org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MDeviceCredentials) Lwm2mDeviceProfileTransportConfiguration(org.thingsboard.server.common.data.device.profile.Lwm2mDeviceProfileTransportConfiguration) MvcResult(org.springframework.test.web.servlet.MvcResult) X509Certificate(java.security.cert.X509Certificate) RPKClientCredential(org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential) Test(org.junit.Test) AbstractSecurityLwM2MIntegrationTest(org.thingsboard.server.transport.lwm2m.security.AbstractSecurityLwM2MIntegrationTest)

Example 5 with RPKClientCredential

use of org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential in project thingsboard by thingsboard.

the class RpkLwM2MIntegrationTest method testWithRpkValidationPublicKeyBase64format_BAD_REQUEST.

@Test
public void testWithRpkValidationPublicKeyBase64format_BAD_REQUEST() throws Exception {
    String clientEndpoint = CLIENT_ENDPOINT_RPK + "BadPublicKey";
    X509Certificate certificate = clientX509CertTrust;
    PrivateKey privateKey = clientPrivateKeyFromCertTrust;
    RPKClientCredential clientCredentials = new RPKClientCredential();
    clientCredentials.setEndpoint(clientEndpoint);
    clientCredentials.setKey(Hex.encodeHexString(certificate.getPublicKey().getEncoded()));
    Lwm2mDeviceProfileTransportConfiguration transportConfiguration = getTransportConfiguration(OBSERVE_ATTRIBUTES_WITHOUT_PARAMS, getBootstrapServerCredentialsSecure(RPK, NONE));
    LwM2MDeviceCredentials deviceCredentials = getDeviceCredentialsSecure(clientCredentials, privateKey, certificate, RPK, false);
    createDeviceProfile(transportConfiguration);
    MvcResult result = createDeviceWithMvcResult(deviceCredentials, clientEndpoint);
    assertEquals(HttpServletResponse.SC_BAD_REQUEST, result.getResponse().getStatus());
    String msgExpected = "LwM2M client RPK key must be in standard [RFC7250] and support only EC algorithm and then encoded to Base64 format!";
    assertTrue(result.getResponse().getContentAsString().contains(msgExpected));
}
Also used : PrivateKey(java.security.PrivateKey) LwM2MDeviceCredentials(org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MDeviceCredentials) Lwm2mDeviceProfileTransportConfiguration(org.thingsboard.server.common.data.device.profile.Lwm2mDeviceProfileTransportConfiguration) MvcResult(org.springframework.test.web.servlet.MvcResult) X509Certificate(java.security.cert.X509Certificate) RPKClientCredential(org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential) Test(org.junit.Test) AbstractSecurityLwM2MIntegrationTest(org.thingsboard.server.transport.lwm2m.security.AbstractSecurityLwM2MIntegrationTest)

Aggregations

RPKClientCredential (org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredential)6 PrivateKey (java.security.PrivateKey)4 X509Certificate (java.security.cert.X509Certificate)4 Test (org.junit.Test)4 LwM2MDeviceCredentials (org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MDeviceCredentials)4 Lwm2mDeviceProfileTransportConfiguration (org.thingsboard.server.common.data.device.profile.Lwm2mDeviceProfileTransportConfiguration)4 AbstractSecurityLwM2MIntegrationTest (org.thingsboard.server.transport.lwm2m.security.AbstractSecurityLwM2MIntegrationTest)4 Security (org.eclipse.leshan.client.object.Security)2 MvcResult (org.springframework.test.web.servlet.MvcResult)2 IOException (java.io.IOException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 PublicKey (java.security.PublicKey)1 DecoderException (org.apache.commons.codec.DecoderException)1 ConstraintViolationException (org.hibernate.exception.ConstraintViolationException)1 PSKClientCredential (org.thingsboard.server.common.data.device.credentials.lwm2m.PSKClientCredential)1 X509ClientCredential (org.thingsboard.server.common.data.device.credentials.lwm2m.X509ClientCredential)1 DataValidationException (org.thingsboard.server.dao.exception.DataValidationException)1 DeviceCredentialsValidationException (org.thingsboard.server.dao.exception.DeviceCredentialsValidationException)1 Validator.validateString (org.thingsboard.server.dao.service.Validator.validateString)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial