private void ServerEventHandler(object o, OscoreEvent e) { _callbackCode = e.Code; switch (_serverEventChoice) { case 0: break; case 1: e.SecurityContext = SecurityContext.DeriveGroupContext(secret, groupId1, serverId, AlgorithmValues.EdDSA, _serverSign1, new byte[][] { clientId }, new OneKey[] { _clientSign1 }); break; case 2: e.SecurityContext.AddRecipient(clientId, _clientSign1); e.RecipientContext = e.SecurityContext.Recipients[clientId]; break; case 3: e.SecurityContext.ReplaceSender(serverId2, _serverSign1); break; case 4: e.SecurityContext = SecurityContext.DeriveGroupContext(secret2, groupId2, serverId, AlgorithmValues.EdDSA, _serverSign1, new byte[][] { clientId }, new OneKey[] { _clientSign1 }); break; default: Assert.Fail(); break; } }
public void PivExhaustion() { SecurityContext context = SecurityContext.DeriveGroupContext(secret, groupId1, clientId, AlgorithmValues.EdDSA, _clientSign1, null, null); SecurityContext context2 = SecurityContext.DeriveGroupContext(secret2, groupId2, clientId, AlgorithmValues.EdDSA, _clientSign1, null, null); for (int i = 0; i < 10; i++) { context.Sender.IncrementSequenceNumber(); } context.Sender.MaxSequenceNumber = 10; context.OscoreEvents += ClientEventHandler; CoapClient client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, Timeout = 20 }; Response r = client.Get(); Assert.IsTrue(trigger.WaitOne(1000)); Assert.AreEqual(OscoreEvent.EventCode.PivExhaustion, _clientCallbackCode); _clientEventChoice = 1; client.Timeout = 1000 * 60; r = client.Get(); Assert.AreEqual(OscoreEvent.EventCode.UnknownGroupIdentifier, _callbackCode); }
public void ServerNewSenderGroup() { SecurityContext context = SecurityContext.DeriveGroupContext(secret, groupId1, clientId, AlgorithmValues.EdDSA, _clientSign1, new byte[][] { serverId, serverId2 }, new OneKey[] { _serverSign1, _serverSign1 }); SecurityContext serverContext = SecurityContext.DeriveGroupContext(secret, groupId1, serverId, AlgorithmValues.EdDSA, _serverSign1, new byte[][] { clientId2, clientId }, new OneKey[] { _clientSign2, _clientSign1 }); _server.SecurityContexts.Add(serverContext); serverContext.OscoreEvents += ServerEventHandler; serverContext.Sender.SequenceNumber = 10; serverContext.Sender.MaxSequenceNumber = 10; CoapClient client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, Timeout = 60 * 1000 }; _serverEventChoice = 4; client.Observe(o => { Assert.AreEqual("/abc", o.PayloadString); }); Assert.AreEqual(OscoreEvent.EventCode.PivExhaustion, _callbackCode); }
private static SecurityContextSet LoadContextSet(string fileName) { if (fileName == null) { fileName = "ServerKeys.cbor"; } KeySet keys = new KeySet(); SecurityContextSet newSet = new SecurityContextSet(); FileStream fs = new FileStream(fileName, FileMode.Open); using (BinaryReader reader = new BinaryReader(fs)) { byte[] data = reader.ReadBytes((int)fs.Length); CBORObject obj = CBORObject.DecodeFromBytes(data); for (int i = 0; i < obj.Count; i++) { OneKey key = new OneKey(obj[i]); string[] usages = key[_UsageKey].AsString().Split(' '); foreach (String usage in usages) { if (usage == "oscoap") { SecurityContext ctx = SecurityContext.DeriveContext( key[CoseKeyParameterKeys.Octet_k].GetByteString(), null, key[CBORObject.FromObject("RecipID")].GetByteString(), key[CBORObject.FromObject("SenderID")].GetByteString(), null, key[CoseKeyKeys.Algorithm]); newSet.Add(ctx); break; } else if (usage == "oscoap-group") { SecurityContext ctx = SecurityContext.DeriveGroupContext( key[CoseKeyParameterKeys.Octet_k].GetByteString(), key[CBORObject.FromObject(2)].GetByteString(), key[CBORObject.FromObject("SenderID")].GetByteString(), null, null, null, null, null, key[CoseKeyKeys.Algorithm]); foreach (CBORObject recipient in key[CBORObject.FromObject("recipients")].Values) { ctx.AddRecipient(recipient[CBORObject.FromObject("RecipID")].GetByteString(), new OneKey(recipient[CBORObject.FromObject("sign")])); } newSet.Add(ctx); } } if ((usages.Length != 1) || (usages[0] != "oscoap")) { keys.AddKey(key); } } reader.Close(); } // return(newSet); }
public void NoGroupId() { SecurityContext context = SecurityContext.DeriveGroupContext(secret, groupId1, clientId, AlgorithmValues.EdDSA, _clientSign1, null, null); CoapClient client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, // Timeout = 60 }; Console.WriteLine($"--Server port = {_serverPort}"); Response r = client.Get(); Assert.AreEqual(OscoreEvent.EventCode.UnknownGroupIdentifier, _callbackCode); }
/// <summary> /// What the CBOR structure needs to look like: /// /// </summary> /// <param name="cmds"></param> private static void AddGroupOscoreKey(string[] cmds) { if (cmds.Length != 3) { Console.WriteLine("Incorrect number of arguments: " + cmds.Length); return; } CBORObject cbor = CBORDiagnostics.Parse(cmds[2]); byte[] salt = null; if (cbor.ContainsKey(CoseKeyKeys.slt)) { salt = cbor[CoseKeyKeys.slt].GetByteString(); } SecurityContext ctx = SecurityContext.DeriveGroupContext(cbor[CoseKeyParameterKeys.Octet_k].GetByteString(), cbor[CBORObject.FromObject("GroupID")].GetByteString(), cbor[CBORObject.FromObject("sender")][CBORObject.FromObject("ID")].GetByteString(), cbor["sender"]["sign"][CoseKeyKeys.Algorithm], new OneKey(cbor["sender"]["sign"]), null, null, salt, cbor[CoseKeyKeys.Algorithm]); ctx.CountersignParams = cbor["ParCS"]; ctx.CountersignKeyParams = cbor["ParCSKey"]; foreach (CBORObject recipient in cbor[CBORObject.FromObject("recipients")].Values) { OneKey signKey = null; if (recipient.ContainsKey("sign")) { signKey = new OneKey(recipient["sign"]); } ctx.AddRecipient(recipient[CBORObject.FromObject("ID")].GetByteString(), signKey); } ctx.Locate = (context, kid) => { Console.WriteLine("Looking for a kid with a value of " + ByteArrayUtils.ToHexString(kid)); return(null); }; Program._OscoreKeys.Add(cmds[1], ctx); }
public void SetGroupId() { SecurityContext context = SecurityContext.DeriveGroupContext(secret, groupId1, clientId, AlgorithmValues.EdDSA, _clientSign1, new byte[][] { serverId }, new OneKey[] { _serverSign1 }); CoapClient client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, Timeout = 60 * 1000 }; Console.WriteLine($"--Server port = {_serverPort}"); _serverEventChoice = 1; Response r = client.Get(); Assert.IsNotNull(r); Assert.AreEqual("/abc", r.PayloadString); }
private void ClientEventHandler(object o, OscoreEvent e) { _clientCallbackCode = e.Code; switch (_clientEventChoice) { case 0: _callbackCode = e.Code; break; case 1: _callbackCode = e.Code; e.SecurityContext = SecurityContext.DeriveGroupContext(secret2, groupId2, clientId, AlgorithmValues.EdDSA, _clientSign1, null, null); break; default: Assert.Fail(); break; } }
public void MissingKeyId() { SecurityContext context = SecurityContext.DeriveGroupContext(secret, groupId1, clientId, AlgorithmValues.EdDSA, _clientSign1, new byte[][] { serverId }, new OneKey[] { _serverSign1 }); SecurityContext serverContext = SecurityContext.DeriveGroupContext(secret, groupId1, serverId, AlgorithmValues.EdDSA, _serverSign1, new byte[][] { clientId2 }, new OneKey[] { _clientSign2 }); _server.SecurityContexts.Add(serverContext); serverContext.OscoreEvents += ServerEventHandler; CoapClient client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, Timeout = 60 * 1000 }; _serverEventChoice = 0; Response r = client.Get(); Assert.AreEqual(OscoreEvent.EventCode.UnknownKeyIdentifier, _callbackCode); }
public void SupplyMissingKeyId() { SecurityContext context = SecurityContext.DeriveGroupContext(secret, groupId1, clientId, AlgorithmValues.EdDSA, _clientSign1, new byte[][] { serverId }, new OneKey[] { _serverSign1 }); SecurityContext serverContext = SecurityContext.DeriveGroupContext(secret, groupId1, serverId, AlgorithmValues.EdDSA, _serverSign1, new byte[][] { clientId2 }, new OneKey[] { _clientSign2 }); _server.SecurityContexts.Add(serverContext); serverContext.OscoreEvents += ServerEventHandler; CoapClient client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, Timeout = 60 * 1000 }; _serverEventChoice = 2; Response r = client.Get(); Assert.IsNotNull(r); Assert.AreEqual("/abc", r.PayloadString); }
public void ServerIvExhaustion() { SecurityContext context = SecurityContext.DeriveGroupContext(secret, groupId1, clientId, AlgorithmValues.EdDSA, _clientSign1, new byte[][] { serverId }, new OneKey[] { _serverSign1 }); SecurityContext serverContext = SecurityContext.DeriveGroupContext(secret, groupId1, serverId, AlgorithmValues.EdDSA, _serverSign1, new byte[][] { clientId2, clientId }, new OneKey[] { _clientSign2, _clientSign1 }); _server.SecurityContexts.Add(serverContext); serverContext.OscoreEvents += ServerEventHandler; for (int i = 0; i < 10; i++) { serverContext.Sender.IncrementSequenceNumber(); } serverContext.Sender.MaxSequenceNumber = 10; CoapClient client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, Timeout = 60 * 1000 }; _serverEventChoice = 0; Response r = client.Get(); Assert.IsNotNull(r); Assert.AreEqual("/abc", r.PayloadString); client = new CoapClient($"coap://localhost:{_serverPort}/abc") { OscoreContext = context, Timeout = 30 * 1000, }; client.Observe(); Assert.AreEqual(OscoreEvent.EventCode.PivExhaustion, _callbackCode); }
public static void RunTest(int test) { if (_oscoreContext == null) { _oscoreContext = SecurityContext.DeriveContext( new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }, null, new byte[0], new byte[] { 1 }, new byte[] { 0x9e, 0x7c, 0xa9, 0x22, 0x23, 0x78, 0x63, 0x40 }); } if (_oscoreGroupContext == null) { _oscoreGroupContext = SecurityContext.DeriveGroupContext( new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }, new byte[] { 0x37, 0xcb, 0xf3, 0x21, 0x00, 0x17, 0xa2, 0xd3 }, new byte[0], null, null, new byte[][] { new byte[] { 0x1 } }, null, new byte[] { 0x9e, 0x7c, 0xa9, 0x22, 0x23, 0x78, 0x63, 0x40 }); } switch (test) { case 0: RunTest0(); break; case 1: RunTest1(); break; case 2: RunTest2(); break; case 3: RunTest3(); break; case 4: RunTest4(); break; case 5: RunTest5(); break; case 6: RunTest6(); break; case 7: RunTest7(); break; case 8: RunTest8(); break; case 9: RunTest9(); break; case 10: RunTest10(); break; case 11: RunTest11(); break; case 12: RunTest51(); break; case 13: RunTest52(); break; case 14: RunTest53(); break; case 15: RunTest5_2_2(); break; case 16: RunTest5_3_1(); break; case 17: RunTest5_4_1(); break; } }
static void RunCommand(string[] commands) { if (commands.Length == 0) { return; } switch (commands[0].ToUpper()) { default: _dispatchTable.Execute(commands); break; case "SCRIPT": TextReader x = new StreamReader(commands[1]); RunScript(x); x.Dispose(); break; case "COMMENT": break; case "EXIT": Environment.Exit(0); break; case "PAUSE": Console.ReadLine(); break; case "TIMEOUT": break; case "LOG-LEVEL": if (commands.Length != 2) { Console.WriteLine("Incorrect number of args"); return; } switch (commands[1].ToUpper()) { case "INFO": LogManager.Level = LogLevel.Info; break; case "NONE": LogManager.Level = LogLevel.None; break; case "FATAL": LogManager.Level = LogLevel.Fatal; break; default: Console.WriteLine("Unknown level"); break; } break; case "LOG-TO": break; case "OPTION": OptionType typ = GetOptionType(commands[1]); switch (typ) { case OptionType.ContentFormat: case OptionType.Accept: if (commands.Length == 2) { _Options.Add(Option.Create(typ)); } else { for (int i = 2; i < commands.Length; i++) { int val = MediaType.ApplicationLinkFormat; if (int.TryParse(commands[i], out val)) { _Options.Add(Option.Create(typ, val)); } else { Console.WriteLine($"Bad option value '{commands[i]}'"); } } } break; case OptionType.Unknown: Console.WriteLine("Unrecognized type string"); return; default: if (commands.Length == 2) { _Options.Add(Option.Create(typ)); } else { for (int i = 2; i < commands.Length; i++) { _Options.Add(Option.Create(typ, commands[i])); } } break; } break; case "CLEAR-OPTION": if (commands.Length == 1) { _Options.Clear(); return; } typ = GetOptionType(commands[1]); List <Option> del = new List <Option>(); foreach (Option op in _Options) { if (op.Type == typ) { del.Add(op); } } foreach (Option op in del) { _Options.Remove(op); } break; case "BODY": if (commands.Length == 1) { break; } byte[] b = File.ReadAllBytes(commands[1]); Body = b; break; #if false case "EDHOC": RunEdhoc(commands); break; #endif case "ADD-OSCOAP": if (commands.Length != 3) { Console.WriteLine("Incorrect number of arguments: " + commands.Length); return; } CBORObject cbor = CBORDiagnostics.Parse(commands[2]); SecurityContext ctx = SecurityContext.DeriveContext( cbor[CoseKeyParameterKeys.Octet_k].GetByteString(), cbor[CBORObject.FromObject("RecipID")].GetByteString(), cbor[CBORObject.FromObject("SenderID")].GetByteString(), null, cbor[CoseKeyKeys.Algorithm]); _OscopKeys.Add(commands[1], ctx); break; #if DEV_VERSION case "ADD-OSCOAP-GROUP": if (commands.Length != 3) { Console.WriteLine("Incorrect number of arguments: " + commands.Length); return; } cbor = CBORDiagnostics.Parse(commands[2]); ctx = SecurityContext.DeriveGroupContext(cbor[CoseKeyParameterKeys.Octet_k].GetByteString(), cbor[CoseKeyKeys.KeyIdentifier].GetByteString(), cbor[CBORObject.FromObject("sender")][CBORObject.FromObject("ID")].GetByteString(), null, null, cbor[CoseKeyKeys.Algorithm]); ctx.Sender.SigningKey = new OneKey(cbor["sender"]["sign"]); foreach (CBORObject recipient in cbor[CBORObject.FromObject("recipients")].Values) { ctx.AddRecipient(recipient[CBORObject.FromObject("ID")].GetByteString(), new OneKey(recipient["sign"])); } _OscopKeys.Add(commands[1], ctx); break; #endif case "USE-OSCOAP": if (commands.Length != 2) { Console.WriteLine("Incorrect number of arguments: " + commands.Length); return; } if (commands[1] == "NONE") { _CurrentOscoap = null; return; } if (!_OscopKeys.ContainsKey(commands[1])) { Console.WriteLine($"OSCOAP Key {commands[1]} is not defined"); return; } _CurrentOscoap = _OscopKeys[commands[1]]; break; case "OSCOAP-TEST": OscoapTests.RunTest(Int32.Parse(commands[1])); break; case "OSCOAP-PIV": _CurrentOscoap.Sender.SequenceNumber = Int32.Parse(commands[1]); break; case "EDHOC-ADD-SERVER-KEY": if (commands.Length != 2) { Console.WriteLine("Incorrect number of arguments: " + commands.Length); return; } cbor = CBORDiagnostics.Parse(commands[2]); _EdhocServerKeys.AddKey(new OneKey(cbor)); break; case "EDHOC-ADD-USER-KEY": if (commands.Length != 3) { Console.WriteLine("Incorrect number of arguments: " + commands.Length); return; } cbor = CBORDiagnostics.Parse(commands[2]); _EdhocValidateKeys.Add(commands[1], new OneKey(cbor)); break; } }
static KeySet LoadKeys(string fileName) { if (fileName == null) { fileName = "ServerKeys.cbor"; } KeySet keys = new KeySet(); FileStream fs = new FileStream(fileName, FileMode.Open); using (BinaryReader reader = new BinaryReader(fs)) { byte[] data = reader.ReadBytes((int)fs.Length); CBORObject obj = CBORObject.DecodeFromBytes(data); for (int i = 0; i < obj.Count; i++) { OneKey key = new OneKey(obj[i]); string[] usages = key[_UsageKey].AsString().Split(' '); foreach (String usage in usages) { if (usage == "oscoap") { SecurityContext ctx = SecurityContext.DeriveContext( key[CoseKeyParameterKeys.Octet_k].GetByteString(), key[CBORObject.FromObject("RecipID")].GetByteString(), key[CBORObject.FromObject("SenderID")].GetByteString(), null, key[CoseKeyKeys.Algorithm]); SecurityContextSet.AllContexts.Add(ctx); break; } #if DEV_VERSION else if (usage == "oscoap-group") { SecurityContext ctx = SecurityContext.DeriveGroupContext( key[CoseKeyParameterKeys.Octet_k].GetByteString(), key[CoseKeyKeys.KeyIdentifier].GetByteString(), key[CBORObject.FromObject("sender")][CBORObject.FromObject("ID")].GetByteString(), null, null, key[CoseKeyKeys.Algorithm]); ctx.Sender.SigningKey = new OneKey(obj[i]["sign"]); foreach (CBORObject recipient in key[CBORObject.FromObject("recipients")].Values) { ctx.AddRecipient(recipient[CBORObject.FromObject("ID")].GetByteString(), new OneKey(recipient["sign"])); } SecurityContextSet.AllContexts.Add(ctx); } #endif else if (usage == "dtls") { if (key.HasPrivateKey()) { DtlsSignKeys.AddKey(key); } else { DtlsValidateKeys.AddKey(key); } } else if (usage == "edhoc") { if (key[CoseKeyKeys.KeyType].Equals(GeneralValues.KeyType_EC) || key[CoseKeyKeys.KeyType].Equals(GeneralValues.KeyType_OKP)) { if (key.ContainsName(CoseKeyParameterKeys.EC_D)) { edhocSign = key; } else { edhocKeys.AddKey(key); } } else { edhocKeys.AddKey(key); } } } if ((usages.Length != 1) || (usages[0] != "oscoap")) { keys.AddKey(key); } } reader.Close(); } return(keys); }