def test_GET(logFixture,snoopyDispatcher,twoEndPoints):
(coap1,coap2,securityEnabled) = twoEndPoints
clientOptions = []
buggyRes = buggyResource()
if securityEnabled:
clientContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET,
senderID=DUMMYSERVERID,
recipientID=DUMMYCLIENTID)
clientOptions = [o.ObjectSecurity(context=clientContext)]
serverContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET,
senderID=DUMMYCLIENTID,
recipientID=DUMMYSERVERID)
buggyRes.addSecurityBinding((serverContext, d.METHOD_ALL))
coap1.addResource(buggyRes)
# have coap2 do a get
with pytest.raises(e.coapRcInternalServerError):
reply = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,'buggy'),
confirmable = True,
options=clientOptions
)
def securityContextLookup(self, kid):
kidBuf = u.str2buf(kid)
eui64 = kidBuf[:-1]
senderID = eui64 + [0x01] # sender ID of JRC is reversed
recipientID = eui64 + [0x00]
# if eui-64 is found in the list of joined nodes, return the appropriate context
# this is important for replay protection
for dict in self.joinResource.joinedNodes:
if dict['eui64'] == u.buf2str(eui64):
log.info(
"Node {0} found in joinedNodes. Returning context {1}.".
format(binascii.hexlify(dict['eui64']),
str(dict['context'])))
return dict['context']
# if eui-64 is not found, create a new tentative context but only add it to the list of joined nodes in the GET
# handler of the join resource
context = oscoap.SecurityContext(
masterSecret=self.MASTERSECRET,
senderID=u.buf2str(senderID),
recipientID=u.buf2str(recipientID),
aeadAlgorithm=oscoap.AES_CCM_16_64_128())
log.info(
"Node {0} not found in joinedNodes. Instantiating new context based on the master secret."
.format(binascii.hexlify(u.buf2str(eui64))))
return context
def test_GET(logFixture, snoopyDispatcher, twoEndPoints):
(coap1, coap2, securityEnabled) = twoEndPoints
options = []
if securityEnabled:
context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET,
senderID=OSCOAPSERVERID,
recipientID=OSCOAPCLIENTID)
options = [o.ObjectSecurity(context=context)]
# have coap2 do a get
reply = coap2.GET(uri='coap://[{0}]:{1}/{2}/'.format(
IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=False,
options=options)
assert reply == DUMMYVAL
def test_METHODNOTALLOWED(logFixture, snoopyDispatcher, twoEndPoints,
confirmableFixture):
(coap1, coap2, securityEnabled) = twoEndPoints
options = []
if securityEnabled:
context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET,
senderID=OSCOAPSERVERID,
recipientID=OSCOAPCLIENTID)
options = [o.ObjectSecurity(context=context)]
# have coap2 do a post
with pytest.raises(e.coapRcMethodNotAllowed):
reply = coap2.POST(uri='coap://[{0}]:{1}/{2}/'.format(
IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=confirmableFixture,
options=options)
def test_BADREQUEST(logFixture, snoopyDispatcher, twoEndPoints,
confirmableFixture):
(coap1, coap2, securityEnabled) = twoEndPoints
options = []
if securityEnabled:
# have coap2 do a get with the right IDs but wrong master secret
clientContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET,
senderID=OSCOAPSERVERID,
recipientID=OSCOAPCLIENTID)
clientOptions = [o.ObjectSecurity(context=clientContext)]
with pytest.raises(e.coapRcBadRequest):
reply = coap2.GET(uri='coap://[{0}]:{1}/{2}/'.format(
IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=confirmableFixture,
options=clientOptions)
else:
pass
def test_UNAUTHORIZED_2(logFixture, snoopyDispatcher, twoEndPoints, confirmableFixture):
(coap1, coap2, securityEnabled) = twoEndPoints
options = []
if securityEnabled:
# have coap2 do a get with wrong context
clientContext = oscoap.SecurityContext(masterSecret=DUMMYMASTERSECRET,
senderID=DUMMYSERVERID,
recipientID=DUMMYCLIENTID)
clientOptions = [o.ObjectSecurity(context=clientContext)]
with pytest.raises(e.coapRcUnauthorized):
reply = coap2.GET(
uri='coap://[{0}]:{1}/{2}/'.format(IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=confirmableFixture,
options=clientOptions
)
else:
pass
def test_GET(logFixture, snoopyDispatcher, twoEndPoints):
(coap1, coap2, securityEnabled) = twoEndPoints
# adjust timeouts so test is faster
coap2.ackTimeout = 2
coap2.respTimeout = 2
options = []
if securityEnabled:
context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET,
senderID=OSCOAPSERVERID,
recipientID=OSCOAPCLIENTID)
options = [o.ObjectSecurity(context=context)]
# have coap2 do a get
with pytest.raises(e.coapTimeout):
reply = coap2.GET(uri='coap://[{0}]:{1}/{2}/'.format(
IPADDRESS_INVALID, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=False,
options=options)
def twoEndPoints(request):
# start two coap endpoints
coap1 = coap.coap(ipAddress=IPADDRESS1, testing=True)
coap2 = coap.coap(ipAddress=IPADDRESS2, testing=True)
# create new resource
newResource = dummyResource()
if request.param == True: # if testing with security, protect the resource with security context
context = oscoap.SecurityContext(masterSecret=OSCOAPMASTERSECRET,
senderID=OSCOAPCLIENTID,
recipientID=OSCOAPSERVERID)
# add resource - context binding with authorized methods
newResource.addSecurityBinding((context, d.METHOD_ALL))
# install resource on coap1
coap1.addResource(newResource)
f = lambda: twoEndPointsTeardown(coap1, coap2)
request.addfinalizer(f)
return (coap1, coap2, request.param)
respCode = d.COAP_RC_2_05_CONTENT
respOptions = []
respPayload = [ord(b) for b in 'hello world 1 2 3 4 5 6 7 8 9 0']
return (respCode, respOptions, respPayload)
# open
c = coap.coap(ipAddress='::1')
testResource = testResource()
context = oscoap.SecurityContext(
masterSecret=binascii.unhexlify('000102030405060708090A0B0C0D0E0F'),
senderID=binascii.unhexlify('736572766572'),
recipientID=binascii.unhexlify('636c69656e74'),
aeadAlgorithm=oscoap.AES_CCM_16_64_128())
# add resource - context binding with authorized methods
testResource.addSecurityBinding((context, d.METHOD_ALL))
# install resource
c.addResource(testResource)
for t in threading.enumerate():
print t.name
# let the server run
raw_input('\n\nServer running. Press Enter to close.\n\n')
