def test_GET(logFixture,snoopyDispatcher,twoEndPoints): (coap1,coap2,securityEnabled) = twoEndPoints clientOptions = [] buggyRes = buggyResource() if securityEnabled: clientContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET, senderID=DUMMYSERVERID, recipientID=DUMMYCLIENTID) clientOptions = [o.ObjectSecurity(context=clientContext)] serverContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET, senderID=DUMMYCLIENTID, recipientID=DUMMYSERVERID) buggyRes.addSecurityBinding((serverContext, d.METHOD_ALL)) coap1.addResource(buggyRes) # have coap2 do a get with pytest.raises(e.coapRcInternalServerError): reply = coap2.GET( uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,'buggy'), confirmable = True, options=clientOptions )
def securityContextLookup(self, kid): kidBuf = u.str2buf(kid) eui64 = kidBuf[:-1] senderID = eui64 + [0x01] # sender ID of JRC is reversed recipientID = eui64 + [0x00] # if eui-64 is found in the list of joined nodes, return the appropriate context # this is important for replay protection for dict in self.joinResource.joinedNodes: if dict['eui64'] == u.buf2str(eui64): log.info( "Node {0} found in joinedNodes. Returning context {1}.". format(binascii.hexlify(dict['eui64']), str(dict['context']))) return dict['context'] # if eui-64 is not found, create a new tentative context but only add it to the list of joined nodes in the GET # handler of the join resource context = oscoap.SecurityContext( masterSecret=self.MASTERSECRET, senderID=u.buf2str(senderID), recipientID=u.buf2str(recipientID), aeadAlgorithm=oscoap.AES_CCM_16_64_128()) log.info( "Node {0} not found in joinedNodes. Instantiating new context based on the master secret." .format(binascii.hexlify(u.buf2str(eui64)))) return context
def test_GET(logFixture, snoopyDispatcher, twoEndPoints): (coap1, coap2, securityEnabled) = twoEndPoints options = [] if securityEnabled: context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET, senderID=OSCOAPSERVERID, recipientID=OSCOAPCLIENTID) options = [o.ObjectSecurity(context=context)] # have coap2 do a get reply = coap2.GET(uri='coap://[{0}]:{1}/{2}/'.format( IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE), confirmable=False, options=options) assert reply == DUMMYVAL
def test_METHODNOTALLOWED(logFixture, snoopyDispatcher, twoEndPoints, confirmableFixture): (coap1, coap2, securityEnabled) = twoEndPoints options = [] if securityEnabled: context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET, senderID=OSCOAPSERVERID, recipientID=OSCOAPCLIENTID) options = [o.ObjectSecurity(context=context)] # have coap2 do a post with pytest.raises(e.coapRcMethodNotAllowed): reply = coap2.POST(uri='coap://[{0}]:{1}/{2}/'.format( IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE), confirmable=confirmableFixture, options=options)
def test_BADREQUEST(logFixture, snoopyDispatcher, twoEndPoints, confirmableFixture): (coap1, coap2, securityEnabled) = twoEndPoints options = [] if securityEnabled: # have coap2 do a get with the right IDs but wrong master secret clientContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET, senderID=OSCOAPSERVERID, recipientID=OSCOAPCLIENTID) clientOptions = [o.ObjectSecurity(context=clientContext)] with pytest.raises(e.coapRcBadRequest): reply = coap2.GET(uri='coap://[{0}]:{1}/{2}/'.format( IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE), confirmable=confirmableFixture, options=clientOptions) else: pass
def test_UNAUTHORIZED_2(logFixture, snoopyDispatcher, twoEndPoints, confirmableFixture): (coap1, coap2, securityEnabled) = twoEndPoints options = [] if securityEnabled: # have coap2 do a get with wrong context clientContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET, senderID=DUMMYSERVERID, recipientID=DUMMYCLIENTID) clientOptions = [o.ObjectSecurity(context=clientContext)] with pytest.raises(e.coapRcUnauthorized): reply = coap2.GET( uri='coap://[{0}]:{1}/{2}/'.format(IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE), confirmable=confirmableFixture, options=clientOptions ) else: pass
def test_GET(logFixture, snoopyDispatcher, twoEndPoints): (coap1, coap2, securityEnabled) = twoEndPoints # adjust timeouts so test is faster coap2.ackTimeout = 2 coap2.respTimeout = 2 options = [] if securityEnabled: context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET, senderID=OSCOAPSERVERID, recipientID=OSCOAPCLIENTID) options = [o.ObjectSecurity(context=context)] # have coap2 do a get with pytest.raises(e.coapTimeout): reply = coap2.GET(uri='coap://[{0}]:{1}/{2}/'.format( IPADDRESS_INVALID, d.DEFAULT_UDP_PORT, RESOURCE), confirmable=False, options=options)
def twoEndPoints(request): # start two coap endpoints coap1 = coap.coap(ipAddress=IPADDRESS1, testing=True) coap2 = coap.coap(ipAddress=IPADDRESS2, testing=True) # create new resource newResource = dummyResource() if request.param == True: # if testing with security, protect the resource with security context context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET, senderID=OSCOAPCLIENTID, recipientID=OSCOAPSERVERID) # add resource - context binding with authorized methods newResource.addSecurityBinding((context, d.METHOD_ALL)) # install resource on coap1 coap1.addResource(newResource) f = lambda: twoEndPointsTeardown(coap1, coap2) request.addfinalizer(f) return (coap1, coap2, request.param)
respCode = d.COAP_RC_2_05_CONTENT respOptions = [] respPayload = [ord(b) for b in 'hello world 1 2 3 4 5 6 7 8 9 0'] return (respCode, respOptions, respPayload) # open c = coap.coap(ipAddress='::1') testResource = testResource() context = oscoap.SecurityContext( masterSecret=binascii.unhexlify('000102030405060708090A0B0C0D0E0F'), senderID=binascii.unhexlify('736572766572'), recipientID=binascii.unhexlify('636c69656e74'), aeadAlgorithm=oscoap.AES_CCM_16_64_128()) # add resource - context binding with authorized methods testResource.addSecurityBinding((context, d.METHOD_ALL)) # install resource c.addResource(testResource) for t in threading.enumerate(): print t.name # let the server run raw_input('\n\nServer running. Press Enter to close.\n\n')