Skip to content

Update to CoAP version 1.6 #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jimsch wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update to CoAP version 1.6 #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 19 additions & 16 deletions TestServer/AuthZ.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@
using Com.AugustCellars.WebToken;
using Com.AugustCellars.CoAP.Log;
using Com.AugustCellars.CoAP.OSCOAP;
using Com.AugustCellars.WebToken.Common;
using Com.AugustCellars.WebToken.CWT;
using server;
using Request = Com.AugustCellars.CoAP.Request;

Expand Down Expand Up @@ -66,29 +68,29 @@ public AuthZ(KeySet myKeys, KeySet asSigningKeys, DTLSEndPoint ep) : base("authz
ep.TlsEventHandler += AuthzForPsk;
}

private List<CWT> _activeTokens = new List<CWT>();
private List<Cwt> _activeTokens = new List<Cwt>();

protected override void DoPost(CoapExchange exchange)
{
try {
exchange.Accept();

Request req = exchange.Request;
CWT cwt = null;
Cwt cwt = null;

switch (req.ContentFormat) {
case MediaType.Undefined: // No Media type in the message
// Don't know if this is correct.
cwt = CWT.Decode(req.Payload, _myKeys, _asSigningKeys);
cwt = Cwt.Decode(req.Payload, _myKeys, _asSigningKeys);
break;

case MediaType.ApplicationCwt:
cwt = CWT.Decode(req.Payload, _myKeys, _asSigningKeys);
cwt = Cwt.Decode(req.Payload, _myKeys, _asSigningKeys);
break;

case MediaType.ApplicationAceCbor:
CBORObject obj = CBORObject.DecodeFromBytes(req.Payload);
cwt = CWT.Decode(obj[CBORObject.FromObject(Oauth_Parameter.Access_Token.Key)].GetByteString(), _myKeys, _asSigningKeys);
cwt = Cwt.Decode(obj[CBORObject.FromObject(Oauth_Parameter.Access_Token.Key)].GetByteString(), _myKeys, _asSigningKeys);
break;

default:
Expand All @@ -111,8 +113,8 @@ protected override void DoPost(CoapExchange exchange)
}

if (cwt.HasClaim(ClaimId.ExpirationTime)) {
_logger.Info(m => m("Token expires at {0}", cwt.ExperationTime));
if (cwt.ExperationTime <= DateTime.Now) {
_logger.Info(m => m("Token expires at {0}", cwt.ExpirationTime));
if (cwt.ExpirationTime <= DateTime.Now) {
exchange.Respond(StatusCode.Unauthorized);
return;
}
Expand Down Expand Up @@ -163,8 +165,8 @@ protected override void DoPost(CoapExchange exchange)

// Is this a CWT that I have already seen? If so then I can safely ignore it

List<CWT> matches = new List<CWT>();
foreach (CWT have in _activeTokens) {
List<Cwt> matches = new List<Cwt>();
foreach (Cwt have in _activeTokens) {
// Exact same token - replay
if (have.HasClaim(ClaimId.CwtId) && cwt.HasClaim(ClaimId.CwtId) && have.Issuer == cwt.Issuer &&
have.CwtId == cwt.CwtId) {
Expand Down Expand Up @@ -260,17 +262,18 @@ protected override void DoPost(CoapExchange exchange)
oscoreContext[CBORObject.FromObject(3)].GetByteString(),
newSalt, alg, kdf);

oscoapContext.UserData = new List<CWT>() {cwt};
oscoapContext.UserData = new List<Cwt>() {cwt};
Program.OscoapContexts.Add(oscoapContext);
SecurityContextSet.AllContexts.Add(oscoapContext);

// SecurityContextSet.AllContexts.Add(oscoapContext);

CBORObject cborReturn = CBORObject.NewMap();
cborReturn.Add((CBORObject) Oauth_Parameter.CNonce, serverSalt);
exchange.Respond( StatusCode.Created, cborReturn.EncodeToBytes(), MediaType.ApplicationAceCbor);
}
else if (cwt.Profile == (int) ProfileIds.Coap_Dtls) {
OneKey newKey = cwt.Cnf.Key;
newKey.UserData = new List<CWT>() {cwt};
newKey.UserData = new List<Cwt>() {cwt};
Program.DtlsValidateKeys.AddKey(newKey);

exchange.Respond(StatusCode.Created);
Expand Down Expand Up @@ -380,12 +383,12 @@ private byte[] TryIntrospection(CoapExchange exchange)

OneKey newKey = new OneKey(iResponse.Cnf.Key.AsCBOR());

CWT cwt = new CWT();
Cwt cwt = new Cwt();
cwt.Profile = iResponse.Profile;
cwt.Cnf = iResponse.Cnf;
cwt.Audience = iResponse.Audience;
cwt.SetClaim(ClaimId.Scope, iResponse.Scope);
newKey.UserData = new List<CWT>() {cwt};
newKey.UserData = new List<Cwt>() {cwt};

byte[] kid = newKey[CoseKeyKeys.KeyIdentifier].GetByteString();

Expand Down Expand Up @@ -418,7 +421,7 @@ public void AuthzForPsk(Object obj, TlsEvent tlsEvent)
}

try {
CWT cwt = CWT.Decode(tlsEvent.PskName, _myKeys, _asSigningKeys);
Cwt cwt = Cwt.Decode(tlsEvent.PskName, _myKeys, _asSigningKeys);

// M00TODO - fill in a default value if there is no profile in the token
if (cwt.Profile == null) {
Expand All @@ -433,7 +436,7 @@ public void AuthzForPsk(Object obj, TlsEvent tlsEvent)
// M00TODO - Actually process the CWT.

OneKey newKey = new OneKey(cwt.Cnf.Key.AsCBOR());
newKey.UserData = new List<CWT> {cwt};
newKey.UserData = new List<Cwt> {cwt};
tlsEvent.KeyValue = newKey;

}
Expand Down
21 changes: 11 additions & 10 deletions TestServer/AuthorizationEvaluate.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,9 @@
using Com.AugustCellars.CoAP;
using Com.AugustCellars.CoAP.OSCOAP;
using Com.AugustCellars.COSE;
using Com.AugustCellars.WebToken;
using Com.AugustCellars.WebToken.CWT;
using Com.AugustCellars.CoAP.OAuth;
using Com.AugustCellars.WebToken.Common;

namespace TestServer
{
Expand All @@ -16,28 +17,28 @@ class AuthorizationEvaluate

public bool CheckAccess(Method operation, string url, OneKey keyIdentity)
{
return CheckAccess(operation, url, (List<CWT>)keyIdentity.UserData);
return CheckAccess(operation, url, (List<Cwt>)keyIdentity.UserData);
}

public bool CheckAccess(Method operation, string url, SecurityContext context)
{
return CheckAccess(operation, url, (List<CWT>)context.UserData);
return CheckAccess(operation, url, (List<Cwt>)context.UserData);
}

public bool CheckAccess(Method operation, string url, List<CWT> cwtList)
public bool CheckAccess(Method operation, string url, List<Cwt> cwtList)
{
foreach (CWT cwt in cwtList) {
foreach (Cwt cwt in cwtList) {
if (CheckAccess(operation, url, cwt)) return true;
}
return false;
}

public bool CheckAccess(Method operation, string audience, string scope, OneKey context)
{
return CheckAccess(operation, audience, scope, (List<CWT>) context.UserData);
return CheckAccess(operation, audience, scope, (List<Cwt>) context.UserData);
}

public bool CheckAccess(Method operation, string url, CWT cwt)
public bool CheckAccess(Method operation, string url, Cwt cwt)
{
Permission p = new Permission(url, operation);
PermissionSet permissionSet = new PermissionSet(cwt.GetClaim(ClaimId.Scope));
Expand All @@ -50,17 +51,17 @@ public bool CheckAccess(Method operation, string audience, string scope, Securit
return false;
}

public bool CheckAccess(Method operation, string audience, string scope, List<CWT> cwtList)
public bool CheckAccess(Method operation, string audience, string scope, List<Cwt> cwtList)
{
if (cwtList == null) return false;

foreach (CWT cwt in cwtList) {
foreach (Cwt cwt in cwtList) {
if (CheckAccess(operation, scope, cwt)) return true;
}
return false;
}

public bool CheckAccess(Method operation, string audience, string scope, CWT cwt)
public bool CheckAccess(Method operation, string audience, string scope, Cwt cwt)
{
Permission p = new Permission(scope, operation);
PermissionSet permissionSet = new PermissionSet(cwt.GetClaim(ClaimId.Scope));
Expand Down
43 changes: 28 additions & 15 deletions TestServer/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
using System;
using System.CodeDom;
using System.IO;
using System.Linq;
using System.Net;
Expand All @@ -10,6 +9,7 @@
using Com.AugustCellars.CoAP;
using Com.AugustCellars.CoAP.DTLS;
using Com.AugustCellars.CoAP.Log;
using Com.AugustCellars.CoAP.Net;
using Com.AugustCellars.CoAP.Server;
using Com.AugustCellars.CoAP.Server.Resources;
#if DEV_VERSION
Expand All @@ -21,7 +21,6 @@
using Com.AugustCellars.COSE;
using Com.AugustCellars.CoAP.OSCOAP;
using PeterO.Cbor;
using Com.AugustCellars.CoAP.Net;
#if INCLUDE_RD
using Com.AugustCellars.CoAP.ResourceDirectory;
#endif
Expand Down Expand Up @@ -63,7 +62,7 @@ class Program
private static readonly TlsKeyPairSet DtlsSignKeys = new TlsKeyPairSet();
public static readonly KeySet DtlsValidateKeys = new KeySet();
private static readonly KeySet edhocKeys = new KeySet();
private static OneKey edhocSign = null;
private static OneKey edhocSign;


public static SecurityContextSet OscoapContexts;
Expand Down Expand Up @@ -94,17 +93,29 @@ static void GenerateKeys(string fileName)
for (int i = 0; i < 4; i++) {
key = new OneKey();
key.Add(CoseKeyKeys.KeyType, GeneralValues.KeyType_Octet);
if (i == 3) key.Add(CoseKeyKeys.KeyIdentifier, CBORObject.FromObject(Encoding.UTF8.GetBytes("Key#2")));
else
if (i == 3) {
key.Add(CoseKeyKeys.KeyIdentifier, CBORObject.FromObject(Encoding.UTF8.GetBytes("Key#2")));
}
else {
key.Add(CoseKeyKeys.KeyIdentifier,
CBORObject.FromObject(Encoding.UTF8.GetBytes("Key#" + i.ToString())));
if (i == 3) key.Add(CoseKeyKeys.Algorithm, AlgorithmValues.AES_CCM_64_128_128);
else key.Add(CoseKeyKeys.Algorithm, AlgorithmValues.AES_CCM_64_64_128);
CBORObject.FromObject(Encoding.UTF8.GetBytes("Key#" + i.ToString())));
}

if (i == 3) {
key.Add(CoseKeyKeys.Algorithm, AlgorithmValues.AES_CCM_64_128_128);
}
else {
key.Add(CoseKeyKeys.Algorithm, AlgorithmValues.AES_CCM_64_64_128);
}

key.Add(CBORObject.FromObject("KDF"), AlgorithmValues.dir_kdf);
key.Add(CBORObject.FromObject("SenderID"), CBORObject.FromObject(Encoding.UTF8.GetBytes("client")));
key.Add(CBORObject.FromObject("RecipID"), CBORObject.FromObject(Encoding.UTF8.GetBytes("server")));
byte[] keyValue = new byte[35];
for (int j = 0; j < keyValue.Length; j++) keyValue[j] = (byte) (((i + 1) * (j + 1)));
for (int j = 0; j < keyValue.Length; j++) {
keyValue[j] = (byte) (((i + 1) * (j + 1)));
}

key.Add(CoseKeyParameterKeys.Octet_k, CBORObject.FromObject(keyValue));

keys.AddKey(key);
Expand All @@ -121,6 +132,8 @@ static void GenerateKeys(string fileName)

static KeySet CwtVerifiers = new KeySet();

static SecurityContextSet ProgramContexts = new SecurityContextSet();

static KeySet LoadKeys(string fileName)
{
if (fileName == null) fileName = "ServerKeys.cbor";
Expand All @@ -145,7 +158,7 @@ static KeySet LoadKeys(string fileName)
key[CBORObject.FromObject("RecipID")].GetByteString(),
key[CBORObject.FromObject("SenderID")].GetByteString(), null,
key[CoseKeyKeys.Algorithm]);
SecurityContextSet.AllContexts.Add(ctx);
ProgramContexts.Add(ctx);
break;
}
#if DEV_VERSION
Expand Down Expand Up @@ -187,7 +200,7 @@ static KeySet LoadKeys(string fileName)
new OneKey(recipient["sign"]));
}

SecurityContextSet.AllContexts.Add(ctx);
ProgramContexts.Add(ctx);
Console.WriteLine(ctx.ToString());
}
#endif
Expand Down Expand Up @@ -242,8 +255,8 @@ static KeySet LoadKeys(string fileName)
return keys;
}

static EndPoint ServerEndPoint = null;
static bool AsDemon = false;
static EndPoint ServerEndPoint;
static bool AsDemon;

static void Main(string[] args)
{
Expand Down Expand Up @@ -426,7 +439,7 @@ static CoapServer SetupServer(ICoapConfig config, EndPoint endPoint, int port, T
AceOAuthTest r = new AceOAuthTest("ace-echo", true, true, UseAsServer);
r.AuthTokenProcessor = authZ;
server.Add(r);
OscoapContexts = SecurityContextSet.AllContexts;
server.SecurityContexts.Add(ProgramContexts);
#endif

// ep2.Add(new AceOAuthTest("ace/echo", true, true, null));
Expand Down Expand Up @@ -470,7 +483,7 @@ static void OnTlsEvent(Object o, TlsEvent e)
case TlsEvent.EventCode.ClientCertificate:
switch (e.CertificateType) {
case CertificateType.X509:
Console.WriteLine($"TLS Event => Client Certificate {((Certificate) e.Certificate).GetCertificateAt(0).SubjectPublicKeyInfo.ToString()}");
Console.WriteLine($"TLS Event => Client Certificate {((Certificate) e.Certificate).GetCertificateAt(0).SubjectPublicKeyInfo}");
e.Processed = true;
break;

Expand Down
2 changes: 1 addition & 1 deletion TestServer/server.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@


<ItemGroup>
<PackageReference Include="Com.AugustCellars.CoAP" Version="1.4.0" />
<PackageReference Include="Com.AugustCellars.CoAP" Version="1.6.0" />
<PackageReference Include="Com.AugustCellars.CoAP.TLS" Version="0.2.0" />
<PackageReference Include="CommandLineParser" Version="2.5.0" />
</ItemGroup>
Expand Down