private static Certificate getClientCertificate(LwM2mObjectInstance securityInstance) { byte[] encodedCert = (byte[]) securityInstance.getResource(SEC_PUBKEY_IDENTITY).getValue(); try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); try (ByteArrayInputStream in = new ByteArrayInputStream(encodedCert)) { return cf.generateCertificate(in); } } catch (CertificateException | IOException e) { LOG.debug("Failed to decode X.509 certificate", e); return null; } }
private static Certificate getServerCertificate(LwM2mObjectInstance securityInstance) { byte[] encodedCert = (byte[]) securityInstance.getResource(SEC_SERVER_PUBKEY).getValue(); try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); try (ByteArrayInputStream in = new ByteArrayInputStream(encodedCert)) { return cf.generateCertificate(in); } } catch (CertificateException | IOException e) { LOG.debug("Failed to decode X.509 certificate", e); return null; } }
private Tlv encodeResource(LwM2mResource resource, LwM2mPath resourcePath) { ResourceModel rSpec = model.getResourceModel(path.getObjectId(), resource.getId()); Type expectedType = rSpec != null ? rSpec.type : resource.getType(); Tlv rTlv; if (resource.isMultiInstances()) { Tlv[] instances = new Tlv[resource.getValues().size()]; int i = 0; for (Entry<Integer, ?> entry : resource.getValues().entrySet()) { LwM2mPath resourceInstancePath = resourcePath.append(entry.getKey()); Object convertedValue = converter.convertValue(entry.getValue(), resource.getType(), expectedType, resourceInstancePath); instances[i] = new Tlv(TlvType.RESOURCE_INSTANCE, null, this.encodeTlvValue(convertedValue, expectedType, resourceInstancePath), entry.getKey()); i++; } rTlv = new Tlv(TlvType.MULTIPLE_RESOURCE, instances, null, resource.getId()); } else { Object convertedValue = converter.convertValue(resource.getValue(), resource.getType(), expectedType, resourcePath); rTlv = new Tlv(TlvType.RESOURCE_VALUE, null, this.encodeTlvValue(convertedValue, expectedType, resourcePath), resource.getId()); } return rTlv; }
public static String getPskIdentity(LwM2mObjectInstance securityInstance) { byte[] pubKey = (byte[]) securityInstance.getResource(SEC_PUBKEY_IDENTITY).getValue(); return new String(pubKey); }
this.setResourceValue(converter.convertValue(resource.getValue(), resource.getType(), expectedType, lwM2mResourcePath), expectedType, jsonResourceElt, lwM2mResourcePath);
private static PrivateKey getPrivateKey(LwM2mObjectInstance securityInstance) { byte[] encodedKey = (byte[]) securityInstance.getResource(SEC_SECRET_KEY).getValue(); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey); String algorithm = "EC"; try { KeyFactory kf = KeyFactory.getInstance(algorithm); return kf.generatePrivate(keySpec); } catch (NoSuchAlgorithmException e) { LOG.warn("Failed to instantiate key factory for algorithm " + algorithm, e); } catch (InvalidKeySpecException e) { LOG.warn("Failed to decode RFC5958 private key with algorithm " + algorithm, e); } return null; }
} else { o.add("kind", "singleResource"); o.add("value", ValueSerDes.jSerialize(r.getValue(), r.getType()));
public static byte[] getPskKey(LwM2mObjectInstance securityInstance) { return (byte[]) securityInstance.getResource(SEC_SECRET_KEY).getValue(); }
} else { o.add("kind", "singleResource"); o.add("value", ValueSerDes.jSerialize(r.getValue(), r.getType()));
private static PublicKey getPublicKey(LwM2mObjectInstance securityInstance) { byte[] encodedKey = (byte[]) securityInstance.getResource(SEC_PUBKEY_IDENTITY).getValue(); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey); String algorithm = "EC"; try { KeyFactory kf = KeyFactory.getInstance(algorithm); return kf.generatePublic(keySpec); } catch (NoSuchAlgorithmException e) { LOG.debug("Failed to instantiate key factory for algorithm " + algorithm, e); } catch (InvalidKeySpecException e) { LOG.debug("Failed to decode RFC7250 public key with algorithm " + algorithm, e); } return null; }
private static PublicKey getServerPublicKey(LwM2mObjectInstance securityInstance) { byte[] encodedKey = (byte[]) securityInstance.getResource(SEC_SERVER_PUBKEY).getValue(); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey); String algorithm = "EC"; try { KeyFactory kf = KeyFactory.getInstance(algorithm); return kf.generatePublic(keySpec); } catch (NoSuchAlgorithmException e) { LOG.debug("Failed to instantiate key factory for algorithm " + algorithm, e); } catch (InvalidKeySpecException e) { LOG.debug("Failed to decode RFC7250 public key with algorithm " + algorithm, e); } return null; }
public static SecurityMode getSecurityMode(LwM2mObjectInstance securityInstance) { return SecurityMode.fromCode((long) securityInstance.getResource(SEC_SECURITY_MODE).getValue()); }
@Override public String getIdentity(InetSocketAddress inetAddress) { if (inetAddress == null) return null; LwM2mObject securities = (LwM2mObject) securityEnabler.read(SYSTEM, new ReadRequest(SECURITY)).getContent(); for (LwM2mObjectInstance security : securities.getInstances().values()) { long securityMode = (long) security.getResource(SEC_SECURITY_MODE).getValue(); if (securityMode == SecurityMode.PSK.code) { try { URI uri = new URI((String) security.getResource(SEC_SERVER_URI).getValue()); if (inetAddress.equals(ServerInfo.getAddress(uri))) { byte[] pskIdentity = (byte[]) security.getResource(SEC_PUBKEY_IDENTITY).getValue(); return new String(pskIdentity); } } catch (URISyntaxException e) { LOG.error(String.format("Invalid URI %s", (String) security.getResource(SEC_SERVER_URI).getValue()), e); } } } return null; }
@Override public WriteResponse write(int resourceid, LwM2mResource value) { switch (resourceid) { case 14: // utc offset utcOffset = (String) value.getValue(); fireResourcesChange(resourceid); return WriteResponse.success(); case 15: // timezone timezone = (String) value.getValue(); fireResourcesChange(resourceid); return WriteResponse.success(); default: return super.write(resourceid, value); } }
@Override public byte[] getKey(String identity) { if (identity == null) return null; byte[] res = null; LwM2mObject securities = (LwM2mObject) securityEnabler.read(SYSTEM, new ReadRequest(SECURITY)).getContent(); for (LwM2mObjectInstance security : securities.getInstances().values()) { long securityMode = (long) security.getResource(SEC_SECURITY_MODE).getValue(); if (securityMode == SecurityMode.PSK.code) // psk { byte[] pskIdentity = (byte[]) security.getResource(SEC_PUBKEY_IDENTITY).getValue(); if (Arrays.equals(identity.getBytes(), pskIdentity)) { if (res == null) { // we continue to check if the is duplication res = (byte[]) security.getResource(SEC_SECRET_KEY).getValue(); } else { LOG.warn("There is several security object instance with the same psk identity : '{}'", identity); // we find 1 duplication and warn for it no need to continue. return res; } } } } return res; }
public static boolean isBootstrapServer(LwM2mInstanceEnabler instance) { ReadResponse response = instance.read(LwM2mId.SEC_BOOTSTRAP); if (response == null || response.isFailure()) { return false; } LwM2mResource isBootstrap = (LwM2mResource) response.getContent(); return (Boolean) isBootstrap.getValue(); } }
@Override public WriteResponse write(int resourceid, LwM2mResource value) { LOG.info("Write on Device Resource " + resourceid + " value " + value); switch (resourceid) { case 13: return WriteResponse.notFound(); case 14: setUtcOffset((String) value.getValue()); fireResourcesChange(resourceid); return WriteResponse.success(); case 15: setTimezone((String) value.getValue()); fireResourcesChange(resourceid); return WriteResponse.success(); default: return super.write(resourceid, value); } }
@Override public void visit(LwM2mResource resource) { if (resource.isMultiInstances()) { throw new CodecException("Multiple instances resource %s cannot be encoded in opaque format", path); } ResourceModel rSpec = model.getResourceModel(path.getObjectId(), resource.getId()); if (rSpec != null && rSpec.type != Type.OPAQUE) { throw new CodecException("Only single opaque resource can be encoded in opaque format. [%s]", path); } LOG.trace("Encoding resource {} into text", resource); Object value = converter.convertValue(resource.getValue(), resource.getType(), Type.OPAQUE, path); encoded = (byte[]) value; } }
Object val = converter.convertValue(resource.getValue(), resource.getType(), expectedType, path);