@Override public SecurityInfo remove(String endpoint) { writeLock.lock(); try { SecurityInfo info = securityByEp.get(endpoint); if (info != null) { if (info.getIdentity() != null) { securityByIdentity.remove(info.getIdentity()); } securityByEp.remove(endpoint); } return info; } finally { writeLock.unlock(); } } }
@Override public SecurityInfo remove(String endpoint) { try (Jedis j = pool.getResource()) { byte[] data = j.get((SEC_EP + endpoint).getBytes()); if (data != null) { SecurityInfo info = deserialize(data); if (info.getIdentity() != null) { j.hdel(PSKID_SEC.getBytes(), info.getIdentity().getBytes()); } j.del((SEC_EP + endpoint).getBytes()); return info; } } return null; }
@Override public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException { writeLock.lock(); try { String identity = info.getIdentity(); if (identity != null) { SecurityInfo infoByIdentity = securityByIdentity.get(info.getIdentity()); if (infoByIdentity != null && !info.getEndpoint().equals(infoByIdentity.getEndpoint())) { throw new NonUniqueSecurityInfoException("PSK Identity " + info.getIdentity() + " is already used"); } securityByIdentity.put(info.getIdentity(), info); } SecurityInfo previous = securityByEp.put(info.getEndpoint(), info); String previousIdentity = previous == null ? null : previous.getIdentity(); if (previousIdentity != null && !previousIdentity.equals(identity)) { securityByIdentity.remove(previousIdentity); } return previous; } finally { writeLock.unlock(); } }
@Override public SecurityInfo remove(String endpoint) { try (Jedis j = pool.getResource()) { byte[] data = j.get((SEC_EP + endpoint).getBytes()); if (data != null) { SecurityInfo info = deserialize(data); if (info.getIdentity() != null) { j.hdel(PSKID_SEC.getBytes(), info.getIdentity().getBytes()); } j.del((SEC_EP + endpoint).getBytes()); return info; } } return null; }
@Override public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException { byte[] data = serialize(info); try (Jedis j = pool.getResource()) { if (info.getIdentity() != null) { // populate the secondary index (security info by PSK id) String oldEndpoint = j.hget(PSKID_SEC, info.getIdentity()); if (oldEndpoint != null && !oldEndpoint.equals(info.getEndpoint())) { throw new NonUniqueSecurityInfoException("PSK Identity " + info.getIdentity() + " is already used"); } j.hset(PSKID_SEC.getBytes(), info.getIdentity().getBytes(), info.getEndpoint().getBytes()); } byte[] previousData = j.getSet((SEC_EP + info.getEndpoint()).getBytes(), data); SecurityInfo previous = previousData == null ? null : deserialize(previousData); String previousIdentity = previous == null ? null : previous.getIdentity(); if (previousIdentity != null && !previousIdentity.equals(info.getIdentity())) { j.hdel(PSKID_SEC, previousIdentity); } return previous; } }
protected boolean checkPskIdentity(String endpoint, Identity clientIdentity, SecurityInfo securityInfo) { // Manage PSK authentication // ---------------------------------------------------- if (!securityInfo.usePSK()) { LOG.debug("Client '{}' is not supposed to use PSK to authenticate", endpoint); return false; } if (!matchPskIdentity(endpoint, clientIdentity.getPskIdentity(), securityInfo.getIdentity())) { return false; } LOG.trace("Authenticated client '{}' using DTLS PSK", endpoint); return true; }
@Override public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException { byte[] data = serialize(info); try (Jedis j = pool.getResource()) { if (info.getIdentity() != null) { // populate the secondary index (security info by PSK id) String oldEndpoint = j.hget(PSKID_SEC, info.getIdentity()); if (oldEndpoint != null && !oldEndpoint.equals(info.getEndpoint())) { throw new NonUniqueSecurityInfoException("PSK Identity " + info.getIdentity() + " is already used"); } j.hset(PSKID_SEC.getBytes(), info.getIdentity().getBytes(), info.getEndpoint().getBytes()); } byte[] previousData = j.getSet((SEC_EP + info.getEndpoint()).getBytes(), data); SecurityInfo previous = previousData == null ? null : deserialize(previousData); String previousIdentity = previous == null ? null : previous.getIdentity(); if (previousIdentity != null && !previousIdentity.equals(info.getIdentity())) { j.hdel(PSKID_SEC, previousIdentity); } return previous; } }
@Override public String getIdentity(InetSocketAddress inetAddress) { if (clientRegistry == null) return null; for (Client c : clientRegistry.allClients()) { if (inetAddress.getPort() == c.getPort() && inetAddress.getAddress().equals(c.getAddress())) { SecurityInfo securityInfo = securityStore.getByEndpoint(c.getEndpoint()); if (securityInfo != null) { return securityInfo.getIdentity(); } return null; } } return null; } }
@Override public String getIdentity(InetSocketAddress inetAddress) { if (registrationStore == null) return null; Registration registration = registrationStore.getRegistrationByAdress(inetAddress); if (registration != null) { SecurityInfo securityInfo = securityStore.getByEndpoint(registration.getEndpoint()); if (securityInfo != null) { return securityInfo.getIdentity(); } return null; } return null; }
if (src.getIdentity() != null) { JsonObject psk = new JsonObject(); psk.addProperty("identity", src.getIdentity()); psk.addProperty("key", Hex.encodeHexString(src.getPreSharedKey())); element.add("psk", psk);
if (src.getIdentity() != null) { JsonObject psk = new JsonObject(); psk.addProperty("identity", src.getIdentity()); psk.addProperty("key", Hex.encodeHexString(src.getPreSharedKey())); element.add("psk", psk);
public static byte[] serialize(SecurityInfo s) { JsonObject o = Json.object(); o.set("ep", s.getEndpoint()); if (s.getIdentity() != null) { o.set("id", s.getIdentity());
public static byte[] serialize(SecurityInfo s) { JsonObject o = Json.object(); o.set("ep", s.getEndpoint()); if (s.getIdentity() != null) { o.set("id", s.getIdentity());