static void ProtocolScenario(string prefix, int copies, int duration)
{
var testRunnerData = GetTestRunnerAttrbutePackages();
foreach (var attrsData in testRunnerData)
{
var scenarionName = $"{prefix}_scenario_{attrsData.Length}";
var stepName = $"{prefix}_step_{attrsData.Length}";
var step = Step.Create(stepName, async context =>
{
// Initialization
HttpClient client = new HttpClient();
const string SessionHeader = "X-Session";
const string HmacHeader = "X-HMAC";
string[] tgsAttr = new string[] { "iot", "sgt" };
string abonentKey = "b14ca5898a4e4133bbce2ea2315a1916";
string abonent = $"testEntity_{attrsData.Length}";
var abonentAttributes = attrsData;
string entityName = $"testEntity_{attrsData.Length}";
string keyService = "MachineService";
string authority = "AttributeAuthority";
string tgsUrl = "http://localhost:5011/api/tokens";
string iotaUrl = $"http://localhost:5010/api/fiware/{entityName}";
string keyServiceUrl = "http://localhost:5000/api/keys";
var decorator = AbeDecorator.Factory.Create(abonentKey, abonent, keyService, authority, abonentAttributes, keyServiceUrl);
await decorator.Setup();
var encryptor = new DataSymmetricEncryption();
var builder = new AbeAuthBuilder(new ProtobufDataSerializer(), decorator, encryptor);
// Init request to start AbeAuth protocol -> any data without session
var initRequest = new byte[] { 1 };
// Request to IoTA to get access policy
var stepOneResponse = await client.PostAsync(iotaUrl, new ByteArrayContent(initRequest));
// Reading response from IoTA
var stepOneData = await stepOneResponse.Content.ReadAsByteArrayAsync();
var stepOne = builder.GetStepData <AbeAuthStepOne>(stepOneData);
var iotaSessionId = stepOneResponse.Headers.GetValues(SessionHeader).First();
// First request to TGS to start Token Generation Procedure
var(stepTwoData, nonceR1) = await builder.BuildStepTwo(stepOne.AccessPolicy, abonentAttributes, tgsAttr, stepOne.Z);
var stepTwoRequest = new ByteArrayContent(stepTwoData);
var stepTwoResponse = await client.PostAsync(tgsUrl, stepTwoRequest);
// Reading first response from TGS
var stepThreeData = await stepTwoResponse.Content.ReadAsByteArrayAsync();
var stepThree = builder.GetStepData <AbeAuthStepThree>(stepThreeData);
var tgsSessionId = stepTwoResponse.Headers.GetValues(SessionHeader).First();
// Second request to TGS to confirm nonce values
var abonentNonceBytes = await decorator.Decrypt(stepThree.CtAbonent);
var abonentNonce = BitConverter.ToInt32(abonentNonceBytes);
var accesNonceBytes = await decorator.Decrypt(stepThree.CtAccess);
var accessNonce = BitConverter.ToInt32(accesNonceBytes);
var stepFourData = await builder.BuildStepFour(abonentNonce, accessNonce);
var stepFourRequest = new ByteArrayContent(stepFourData);
stepFourRequest.Headers.Add(SessionHeader, tgsSessionId);
var stepFourResponse = await client.PostAsync(tgsUrl, stepFourRequest);
// Reading second response from TGS
var stepFiveData = await stepFourResponse.Content.ReadAsByteArrayAsync();
var stepFive = builder.GetStepData <AbeAuthStepFive>(stepFiveData);
// Send final request to IoTA
var sharedKey = await decorator.Decrypt(stepFive.CtAbonent);
var(stepSixData, hmac) = builder.BuildStepSix(stepFive.CtPep, stepFive.Z, sharedKey);
var stepSixRequest = new ByteArrayContent(stepSixData);
stepSixRequest.Headers.Add(SessionHeader, iotaSessionId);
var stepSixResponse = await client.PostAsync(iotaUrl, stepSixRequest);
// Read final response from IoTA
var stepSevenData = await stepSixResponse.Content.ReadAsByteArrayAsync();
var stepSeven = builder.GetStepData <AbeAuthStepSeven>(stepSevenData);
var iotaHMAC = CryptoHelper.ComputeHash(hmac, sharedKey);
if (!iotaHMAC.SequenceEqual(stepSeven.HMAC))
{
throw new ProtocolArgumentException("HMAC is incorrect!");
}
return(Response.Ok());
});
var scenario = ScenarioBuilder
.CreateScenario(scenarionName, new[] { step })
.WithConcurrentCopies(copies)
.WithDuration(TimeSpan.FromSeconds(duration));
NBomberRunner
.RegisterScenarios(scenario)
.RunTest();
}
}
static async Task TestAbeAuth()
{
// Initialization
HttpClient client = new HttpClient();
const string SessionHeader = "X-Session";
const string HmacHeader = "X-HMAC";
string[] tgsAttr = new string[] { "iot", "sgt" };
string abonentKey = "b14ca5898a4e4133bbce2ea2315a1916";
string abonent = "device_emulator";
string[] abonentAttributes = new string[] { "teapot", "iot", "science" };
string entityName = "teapot2";
string keyService = "MachineService";
string authority = "AttributeAuthority";
string tgsUrl = "http://localhost:5011/api/tokens";
string iotaUrl = $"http://localhost:5010/api/fiware/{entityName}";
string keyServiceUrl = "http://localhost:5000/api/keys";
var decorator = AbeDecorator.Factory.Create(abonentKey, abonent, keyService, authority, abonentAttributes, keyServiceUrl);
await decorator.Setup();
var encryptor = new DataSymmetricEncryption();
var builder = new AbeAuthBuilder(new ProtobufDataSerializer(), decorator, encryptor);
// Init request to start AbeAuth protocol -> any data without session
var initRequest = new byte[] { 1 };
// Request to IoTA to get access policy
var stepOneResponse = await client.PostAsync(iotaUrl, new ByteArrayContent(initRequest));
Console.WriteLine($"First step Http response status code = {stepOneResponse.StatusCode}");
// Reading response from IoTA
var stepOneData = await stepOneResponse.Content.ReadAsByteArrayAsync();
var stepOne = builder.GetStepData <AbeAuthStepOne>(stepOneData);
var iotaSessionId = stepOneResponse.Headers.GetValues(SessionHeader).First();
Console.WriteLine($"Access policy: {String.Join(" ", stepOne.AccessPolicy)}");
// First request to TGS to start Token Generation Procedure
var(stepTwoData, nonceR1) = await builder.BuildStepTwo(stepOne.AccessPolicy, abonentAttributes, tgsAttr, stepOne.Z);
var stepTwoRequest = new ByteArrayContent(stepTwoData);
var stepTwoResponse = await client.PostAsync(tgsUrl, stepTwoRequest);
Console.WriteLine($"Second step, http response from TGS status code = {stepTwoResponse.StatusCode}");
// Reading first response from TGS
var stepThreeData = await stepTwoResponse.Content.ReadAsByteArrayAsync();
var stepThree = builder.GetStepData <AbeAuthStepThree>(stepThreeData);
var tgsSessionId = stepTwoResponse.Headers.GetValues(SessionHeader).First();
// Second request to TGS to confirm nonce values
var abonentNonceBytes = await decorator.Decrypt(stepThree.CtAbonent);
var abonentNonce = BitConverter.ToInt32(abonentNonceBytes);
var accesNonceBytes = await decorator.Decrypt(stepThree.CtAccess);
var accessNonce = BitConverter.ToInt32(accesNonceBytes);
var stepFourData = await builder.BuildStepFour(abonentNonce, accessNonce);
var stepFourRequest = new ByteArrayContent(stepFourData);
stepFourRequest.Headers.Add(SessionHeader, tgsSessionId);
var stepFourResponse = await client.PostAsync(tgsUrl, stepFourRequest);
Console.WriteLine($"Fourth step, http response from TGS status code = {stepFourResponse.StatusCode}");
// Reading second response from TGS
var stepFiveData = await stepFourResponse.Content.ReadAsByteArrayAsync();
var stepFive = builder.GetStepData <AbeAuthStepFive>(stepFiveData);
// Send final request to IoTA
var sharedKey = await decorator.Decrypt(stepFive.CtAbonent);
var(stepSixData, hmac) = builder.BuildStepSix(stepFive.CtPep, stepFive.Z, sharedKey);
Console.WriteLine($"Final protocol step length: {stepSixData.Length}");
var stepSixRequest = new ByteArrayContent(stepSixData);
stepSixRequest.Headers.Add(SessionHeader, iotaSessionId);
var stepSixResponse = await client.PostAsync(iotaUrl, stepSixRequest);
Console.WriteLine($"Second request to IoTA http status code: {stepSixResponse.StatusCode}");
// Read final response from IoTA
var stepSevenData = await stepSixResponse.Content.ReadAsByteArrayAsync();
var stepSeven = builder.GetStepData <AbeAuthStepSeven>(stepSevenData);
var iotaHMAC = CryptoHelper.ComputeHash(hmac, sharedKey);
if (!iotaHMAC.SequenceEqual(stepSeven.HMAC))
{
throw new ProtocolArgumentException("HMAC is incorrect!");
}
// Fiware request
var jsonCreate = JsonSerializer.Serialize(new {
id = entityName,
type = "Science",
metric = new {
value = 25,
type = "Float"
}
});
Console.WriteLine(jsonCreate);
var jsonPatch = JsonSerializer.Serialize(new {
metric = new {
value = 32,
type = "Float"
}
});
Console.WriteLine(jsonPatch);
// Send create request with hmac and sessionId in header
var content = new StringContent(jsonCreate, Encoding.UTF8, "application/json");
var contentBytes = await content.ReadAsByteArrayAsync();
content.Headers.Add(SessionHeader, iotaSessionId);
var hmacString = Convert.ToBase64String(CryptoHelper.ComputeHash(contentBytes, sharedKey));
Console.WriteLine(hmacString);
content.Headers.Add(HmacHeader, hmacString);
var response = await client.PostAsync(iotaUrl, content);
Console.WriteLine($"Fiware data create response status code: {response.StatusCode}");
var responseData = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseData);
// Send patch request
content = new StringContent(jsonPatch, Encoding.UTF8, "application/json");
contentBytes = await content.ReadAsByteArrayAsync();
content.Headers.Add(SessionHeader, iotaSessionId);
hmacString = Convert.ToBase64String(CryptoHelper.ComputeHash(contentBytes, sharedKey));
content.Headers.Add(HmacHeader, hmacString);
response = await client.PatchAsync(iotaUrl, content);
Console.WriteLine($"Fiware data edit response status code: {response.StatusCode}");
responseData = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseData);
}
