static async Task TestKeyDistributionBuilder() { string abonentKey = "b14ca5898a4e4133bbce2ea2315a1916"; string serviceKey = "b14ca5898a4e4132bbce2ea2315a1915"; string abonent = "device_emulator"; string keyService = "test"; string authority = "test"; string[] abonentAttributes = new string[] { "test" }; var cpabe = new MockCPAbe(); var keys = await cpabe.Setup(); var encryptor = new DataSymmetricEncryption(); var serializer = new ProtobufDataSerializer(); var builder = new KeyDistributionBuilder(serializer, encryptor); var(firstStepData, abonenNonce) = builder.BuildStepOne(abonentKey, abonent, keyService, authority, abonentAttributes); var deserializedFirstStep = builder.GetStepData <KeyDistrubutionStepOne>(firstStepData); var(secondStepData, serviceNonce) = builder.BuildStepTwo(serviceKey, abonent, keyService, authority, abonentAttributes, deserializedFirstStep.Payload); var deserializedSecondStep = builder.GetStepData <KeyDistributionStepTwo>(secondStepData); var deserializedAbonentPayload = builder.GetPayload <KeyDistributionRequestPayload>(deserializedSecondStep.AbonentPayload, abonentKey); var deserializedServicePayload = builder.GetPayload <KeyDistributionRequestPayload>(deserializedSecondStep.KeyServicePayload, serviceKey); var secretKey = await cpabe.Generate(keys.MasterKey, keys.PublicKey, new MockAttributes(deserializedAbonentPayload.Attributes)); var thirdStepData = builder.BuildStepThree(abonentKey, serviceKey, deserializedAbonentPayload.Nonce, deserializedServicePayload.Nonce, keys.PublicKey.Value, secretKey.Value); var deserializedThirdStep = builder.GetStepData <KeyDistributionStepThree>(thirdStepData); var abonentResult = builder.GetPayload <KeyDistributionAuthToAbonent>(deserializedThirdStep.AbonentPayload, abonentKey); var serviceResult = builder.GetPayload <KeyDistributionAuthToService>(deserializedThirdStep.ServicePayload, serviceKey); MockSecretKey abonentPrivateKey = new MockSecretKey(); abonentPrivateKey.Value = new byte[abonentResult.SecretKey.Length]; abonentResult.SecretKey.CopyTo(abonentPrivateKey.Value, 0); MockPublicKey authorityPublicKey = new MockPublicKey(); authorityPublicKey.Value = new byte[abonentResult.PublicKey.Length]; abonentResult.PublicKey.CopyTo(authorityPublicKey.Value, 0); var ct = await cpabe.Encrypt("TestKeyDistributionBuilder", authorityPublicKey, new MockAttributes(abonentAttributes)); string message = await cpabe.Decrypt(ct, authorityPublicKey, abonentPrivateKey); Console.WriteLine(message); }
static async Task TestKeyDistributionService() { string keyServiceUrl = "http://localhost:5000/api/keys"; HttpClient client = new HttpClient(); string abonentKey = "b14ca5898a4e4133bbce2ea2315a1916"; string abonent = "device_emulator"; string keyService = "MachineService"; string authority = "AttributeAuthority"; string[] abonentAttributes = new string[] { "teapot", "iot", "science" }; var encryptor = new DataSymmetricEncryption(); var serializer = new ProtobufDataSerializer(); var builder = new KeyDistributionBuilder(serializer, encryptor); var(firstRequestData, abonentNonce) = builder.BuildStepOne(abonentKey, abonent, keyService, authority, abonentAttributes); Console.WriteLine($"Generated nonce = {abonentNonce}"); var requestContent = new ByteArrayContent(firstRequestData); var response = await client.PostAsync(keyServiceUrl, requestContent); Console.WriteLine($"Http response status code = {response.StatusCode}"); var responseData = await response.Content.ReadAsByteArrayAsync(); var payload = builder.GetPayload <KeyDistributionAuthToAbonent>(responseData, abonentKey); Console.WriteLine($"Received nonce = {payload.Nonce}"); var cpabe = new MockCPAbe(); MockSecretKey abonentPrivateKey = new MockSecretKey(); abonentPrivateKey.Value = new byte[payload.SecretKey.Length]; payload.SecretKey.CopyTo(abonentPrivateKey.Value, 0); MockPublicKey authorityPublicKey = new MockPublicKey(); authorityPublicKey.Value = new byte[payload.PublicKey.Length]; payload.PublicKey.CopyTo(authorityPublicKey.Value, 0); var ct = await cpabe.Encrypt("TestKeyDistributionService", authorityPublicKey, new MockAttributes(abonentAttributes)); string message = await cpabe.Decrypt(ct, authorityPublicKey, abonentPrivateKey); Console.WriteLine(message); }
static void KeyServiceScenario(string prefix, int copies, int duration) { string abonent = "test_runner"; string keyServiceUrl = "http://localhost:5000/api/keys"; string abonentKey = "b14ca5898a4e4133bbce2ea2315a1916"; string keyService = "MachineService"; string authority = "AttributeAuthority"; var testRunnerData = GetTestRunnerAttrbutePackages(); foreach (var attrsData in testRunnerData) { var scenarionName = $"{prefix}_scenario_{attrsData.Length}"; var stepName = $"{prefix}_step_{attrsData.Length}"; var step = Step.Create(stepName, async context => { var client = new HttpClient(); var encryptor = new DataSymmetricEncryption(); var serializer = new ProtobufDataSerializer(); var builder = new KeyDistributionBuilder(serializer, encryptor); var(firstRequestData, abonentNonce) = builder.BuildStepOne(abonentKey, abonent, keyService, authority, attrsData); //Console.WriteLine($"Generated nonce = {abonentNonce}"); var requestContent = new ByteArrayContent(firstRequestData); var response = await client.PostAsync(keyServiceUrl, requestContent); //Console.WriteLine($"Http response status code = {response.StatusCode}"); //var responseData = await response.Content.ReadAsByteArrayAsync(); //var payload = builder.GetPayload<KeyDistributionAuthToAbonent>(responseData, abonentKey); //Console.WriteLine($"Received nonce = {payload.Nonce}"); return(Response.Ok()); }); var scenario = ScenarioBuilder .CreateScenario(scenarionName, new[] { step }) .WithConcurrentCopies(copies) .WithDuration(TimeSpan.FromSeconds(duration)); NBomberRunner .RegisterScenarios(scenario) .RunTest(); } }
static void ProtocolScenario(string prefix, int copies, int duration) { var testRunnerData = GetTestRunnerAttrbutePackages(); foreach (var attrsData in testRunnerData) { var scenarionName = $"{prefix}_scenario_{attrsData.Length}"; var stepName = $"{prefix}_step_{attrsData.Length}"; var step = Step.Create(stepName, async context => { // Initialization HttpClient client = new HttpClient(); const string SessionHeader = "X-Session"; const string HmacHeader = "X-HMAC"; string[] tgsAttr = new string[] { "iot", "sgt" }; string abonentKey = "b14ca5898a4e4133bbce2ea2315a1916"; string abonent = $"testEntity_{attrsData.Length}"; var abonentAttributes = attrsData; string entityName = $"testEntity_{attrsData.Length}"; string keyService = "MachineService"; string authority = "AttributeAuthority"; string tgsUrl = "http://localhost:5011/api/tokens"; string iotaUrl = $"http://localhost:5010/api/fiware/{entityName}"; string keyServiceUrl = "http://localhost:5000/api/keys"; var decorator = AbeDecorator.Factory.Create(abonentKey, abonent, keyService, authority, abonentAttributes, keyServiceUrl); await decorator.Setup(); var encryptor = new DataSymmetricEncryption(); var builder = new AbeAuthBuilder(new ProtobufDataSerializer(), decorator, encryptor); // Init request to start AbeAuth protocol -> any data without session var initRequest = new byte[] { 1 }; // Request to IoTA to get access policy var stepOneResponse = await client.PostAsync(iotaUrl, new ByteArrayContent(initRequest)); // Reading response from IoTA var stepOneData = await stepOneResponse.Content.ReadAsByteArrayAsync(); var stepOne = builder.GetStepData <AbeAuthStepOne>(stepOneData); var iotaSessionId = stepOneResponse.Headers.GetValues(SessionHeader).First(); // First request to TGS to start Token Generation Procedure var(stepTwoData, nonceR1) = await builder.BuildStepTwo(stepOne.AccessPolicy, abonentAttributes, tgsAttr, stepOne.Z); var stepTwoRequest = new ByteArrayContent(stepTwoData); var stepTwoResponse = await client.PostAsync(tgsUrl, stepTwoRequest); // Reading first response from TGS var stepThreeData = await stepTwoResponse.Content.ReadAsByteArrayAsync(); var stepThree = builder.GetStepData <AbeAuthStepThree>(stepThreeData); var tgsSessionId = stepTwoResponse.Headers.GetValues(SessionHeader).First(); // Second request to TGS to confirm nonce values var abonentNonceBytes = await decorator.Decrypt(stepThree.CtAbonent); var abonentNonce = BitConverter.ToInt32(abonentNonceBytes); var accesNonceBytes = await decorator.Decrypt(stepThree.CtAccess); var accessNonce = BitConverter.ToInt32(accesNonceBytes); var stepFourData = await builder.BuildStepFour(abonentNonce, accessNonce); var stepFourRequest = new ByteArrayContent(stepFourData); stepFourRequest.Headers.Add(SessionHeader, tgsSessionId); var stepFourResponse = await client.PostAsync(tgsUrl, stepFourRequest); // Reading second response from TGS var stepFiveData = await stepFourResponse.Content.ReadAsByteArrayAsync(); var stepFive = builder.GetStepData <AbeAuthStepFive>(stepFiveData); // Send final request to IoTA var sharedKey = await decorator.Decrypt(stepFive.CtAbonent); var(stepSixData, hmac) = builder.BuildStepSix(stepFive.CtPep, stepFive.Z, sharedKey); var stepSixRequest = new ByteArrayContent(stepSixData); stepSixRequest.Headers.Add(SessionHeader, iotaSessionId); var stepSixResponse = await client.PostAsync(iotaUrl, stepSixRequest); // Read final response from IoTA var stepSevenData = await stepSixResponse.Content.ReadAsByteArrayAsync(); var stepSeven = builder.GetStepData <AbeAuthStepSeven>(stepSevenData); var iotaHMAC = CryptoHelper.ComputeHash(hmac, sharedKey); if (!iotaHMAC.SequenceEqual(stepSeven.HMAC)) { throw new ProtocolArgumentException("HMAC is incorrect!"); } return(Response.Ok()); }); var scenario = ScenarioBuilder .CreateScenario(scenarionName, new[] { step }) .WithConcurrentCopies(copies) .WithDuration(TimeSpan.FromSeconds(duration)); NBomberRunner .RegisterScenarios(scenario) .RunTest(); } }
static async Task TestAbeAuth() { // Initialization HttpClient client = new HttpClient(); const string SessionHeader = "X-Session"; const string HmacHeader = "X-HMAC"; string[] tgsAttr = new string[] { "iot", "sgt" }; string abonentKey = "b14ca5898a4e4133bbce2ea2315a1916"; string abonent = "device_emulator"; string[] abonentAttributes = new string[] { "teapot", "iot", "science" }; string entityName = "teapot2"; string keyService = "MachineService"; string authority = "AttributeAuthority"; string tgsUrl = "http://localhost:5011/api/tokens"; string iotaUrl = $"http://localhost:5010/api/fiware/{entityName}"; string keyServiceUrl = "http://localhost:5000/api/keys"; var decorator = AbeDecorator.Factory.Create(abonentKey, abonent, keyService, authority, abonentAttributes, keyServiceUrl); await decorator.Setup(); var encryptor = new DataSymmetricEncryption(); var builder = new AbeAuthBuilder(new ProtobufDataSerializer(), decorator, encryptor); // Init request to start AbeAuth protocol -> any data without session var initRequest = new byte[] { 1 }; // Request to IoTA to get access policy var stepOneResponse = await client.PostAsync(iotaUrl, new ByteArrayContent(initRequest)); Console.WriteLine($"First step Http response status code = {stepOneResponse.StatusCode}"); // Reading response from IoTA var stepOneData = await stepOneResponse.Content.ReadAsByteArrayAsync(); var stepOne = builder.GetStepData <AbeAuthStepOne>(stepOneData); var iotaSessionId = stepOneResponse.Headers.GetValues(SessionHeader).First(); Console.WriteLine($"Access policy: {String.Join(" ", stepOne.AccessPolicy)}"); // First request to TGS to start Token Generation Procedure var(stepTwoData, nonceR1) = await builder.BuildStepTwo(stepOne.AccessPolicy, abonentAttributes, tgsAttr, stepOne.Z); var stepTwoRequest = new ByteArrayContent(stepTwoData); var stepTwoResponse = await client.PostAsync(tgsUrl, stepTwoRequest); Console.WriteLine($"Second step, http response from TGS status code = {stepTwoResponse.StatusCode}"); // Reading first response from TGS var stepThreeData = await stepTwoResponse.Content.ReadAsByteArrayAsync(); var stepThree = builder.GetStepData <AbeAuthStepThree>(stepThreeData); var tgsSessionId = stepTwoResponse.Headers.GetValues(SessionHeader).First(); // Second request to TGS to confirm nonce values var abonentNonceBytes = await decorator.Decrypt(stepThree.CtAbonent); var abonentNonce = BitConverter.ToInt32(abonentNonceBytes); var accesNonceBytes = await decorator.Decrypt(stepThree.CtAccess); var accessNonce = BitConverter.ToInt32(accesNonceBytes); var stepFourData = await builder.BuildStepFour(abonentNonce, accessNonce); var stepFourRequest = new ByteArrayContent(stepFourData); stepFourRequest.Headers.Add(SessionHeader, tgsSessionId); var stepFourResponse = await client.PostAsync(tgsUrl, stepFourRequest); Console.WriteLine($"Fourth step, http response from TGS status code = {stepFourResponse.StatusCode}"); // Reading second response from TGS var stepFiveData = await stepFourResponse.Content.ReadAsByteArrayAsync(); var stepFive = builder.GetStepData <AbeAuthStepFive>(stepFiveData); // Send final request to IoTA var sharedKey = await decorator.Decrypt(stepFive.CtAbonent); var(stepSixData, hmac) = builder.BuildStepSix(stepFive.CtPep, stepFive.Z, sharedKey); Console.WriteLine($"Final protocol step length: {stepSixData.Length}"); var stepSixRequest = new ByteArrayContent(stepSixData); stepSixRequest.Headers.Add(SessionHeader, iotaSessionId); var stepSixResponse = await client.PostAsync(iotaUrl, stepSixRequest); Console.WriteLine($"Second request to IoTA http status code: {stepSixResponse.StatusCode}"); // Read final response from IoTA var stepSevenData = await stepSixResponse.Content.ReadAsByteArrayAsync(); var stepSeven = builder.GetStepData <AbeAuthStepSeven>(stepSevenData); var iotaHMAC = CryptoHelper.ComputeHash(hmac, sharedKey); if (!iotaHMAC.SequenceEqual(stepSeven.HMAC)) { throw new ProtocolArgumentException("HMAC is incorrect!"); } // Fiware request var jsonCreate = JsonSerializer.Serialize(new { id = entityName, type = "Science", metric = new { value = 25, type = "Float" } }); Console.WriteLine(jsonCreate); var jsonPatch = JsonSerializer.Serialize(new { metric = new { value = 32, type = "Float" } }); Console.WriteLine(jsonPatch); // Send create request with hmac and sessionId in header var content = new StringContent(jsonCreate, Encoding.UTF8, "application/json"); var contentBytes = await content.ReadAsByteArrayAsync(); content.Headers.Add(SessionHeader, iotaSessionId); var hmacString = Convert.ToBase64String(CryptoHelper.ComputeHash(contentBytes, sharedKey)); Console.WriteLine(hmacString); content.Headers.Add(HmacHeader, hmacString); var response = await client.PostAsync(iotaUrl, content); Console.WriteLine($"Fiware data create response status code: {response.StatusCode}"); var responseData = await response.Content.ReadAsStringAsync(); Console.WriteLine(responseData); // Send patch request content = new StringContent(jsonPatch, Encoding.UTF8, "application/json"); contentBytes = await content.ReadAsByteArrayAsync(); content.Headers.Add(SessionHeader, iotaSessionId); hmacString = Convert.ToBase64String(CryptoHelper.ComputeHash(contentBytes, sharedKey)); content.Headers.Add(HmacHeader, hmacString); response = await client.PatchAsync(iotaUrl, content); Console.WriteLine($"Fiware data edit response status code: {response.StatusCode}"); responseData = await response.Content.ReadAsStringAsync(); Console.WriteLine(responseData); }