Skip to content

Commit

Permalink
Remove ID Context inputs for OSCORE
Browse files Browse the repository at this point in the history
The possibility to input an ID Context for OSCORE on the
client-demo, bsserver-demo and server demo has now been removed.

Signed-off-by: Rikard Höglund <rikard.hoglund@ri.se>
  • Loading branch information
rikard-sics authored and sbernard31 committed Nov 2, 2020
1 parent 6149aa1 commit 4488653
Show file tree
Hide file tree
Showing 11 changed files with 8 additions and 76 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,6 @@
oscoreAeadAlgorithm : bsserverOscore.aeadAlgorithm,
oscoreHmacAlgorithm : bsserverOscore.hkdfAlgorithm,
oscoreMasterSalt : bsserverOscore.masterSalt,
oscoreIdContext : bsserverOscore.idContext
}
var bsOscoreSecurityMode = 0; // link to bs oscore object
bsserver.secmode = "NO_SEC"; // act as no_sec from here
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,17 +20,7 @@
<p class="help-block" if={masterSalt.toolong}>The master salt is too long</p>
</div>
</div>

<div class={ form-group:true, has-error: idContext.error }>
<label for="idContext" class="col-sm-4 control-label">ID Context</label>
<div class="col-sm-8">
<textarea class="form-control" style="resize:none" rows="1" id="idContext" ref="idContext" oninput={validate_idContext} onblur={validate_idContext} disabled={true}></textarea>
<p class="text-right text-muted small" style="margin:0">Not supported</p>
<p class="help-block" if={idContext.nothexa}>Hexadecimal format is expected</p>
<p class="help-block" if={idContext.toolong}>The ID context is too long</p>
</div>
</div>


<div class={ form-group:true, has-error: senderId.error }>
<label for="senderId" class="col-sm-4 control-label">Sender ID</label>
<div class="col-sm-8">
Expand Down Expand Up @@ -78,7 +68,6 @@
// Tag internal state
tag.masterSecret={};
tag.masterSalt={};
tag.idContext={};
tag.senderId={};
tag.recipientId={};
tag.aeadAlgorithm={};
Expand All @@ -87,7 +76,6 @@
tag.defaultHkdfAlgorithm = "HKDF_HMAC_SHA_256";
tag.validate_masterSecret = validate_masterSecret;
tag.validate_masterSalt = validate_masterSalt;
tag.validate_idContext = validate_idContext;
tag.validate_senderId = validate_senderId;
tag.validate_recipientId = validate_recipientId;
tag.validate_aeadAlgorithm = validate_aeadAlgorithm;
Expand Down Expand Up @@ -129,22 +117,6 @@
tag.onchange();
}

function validate_idContext(e){
var str = tag.refs.idContext.value;
tag.idContext.error = false;
tag.idContext.toolong = false;
tag.idContext.nothexa = false;
var isEmpty = !str || 0 === str.length;
if (str.length > 32){
tag.idContext.error = true;
tag.idContext.toolong = true;
}else if (!isEmpty && ! /^[0-9a-fA-F]+$/i.test(str)){
tag.idContext.error = true;
tag.idContext.nothexa = true;
}
tag.onchange();
}

function validate_senderId(e){
var str = tag.refs.senderId.value;
tag.senderId.error = false;
Expand Down Expand Up @@ -202,7 +174,6 @@
function has_error(){
return typeof tag.masterSecret.error === "undefined" || tag.masterSecret.error
|| tag.masterSalt.error
|| tag.idContext.error
|| tag.senderId.error
|| tag.recipientId.error
|| tag.aeadAlgorithm.error
Expand Down Expand Up @@ -248,7 +219,6 @@
function get_value(){
return { masterSecret:tag.refs.masterSecret.value,
masterSalt:tag.refs.masterSalt.value,
idContext:tag.refs.idContext.value,
senderId:tag.refs.senderId.value,
recipientId:tag.refs.recipientId.value,
aeadAlgorithm:parse_aeadAlgorithm(tag.refs.aeadAlgorithm.value),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,6 @@

config.oscore.masterSecret = oscoreVals.masterSecret;
config.oscore.masterSalt = oscoreVals.masterSalt;
config.oscore.idContext = oscoreVals.idContext;
config.oscore.senderId = oscoreVals.senderId;
config.oscore.recipientId = oscoreVals.recipientId;
config.oscore.aeadAlgorithm = oscoreVals.aeadAlgorithm;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -177,8 +177,9 @@ public boolean isTrusted(RawPublicKeyIdentity id) {
}

try {
byte[] idContext = null;
OSCoreCtx ctx = new OSCoreCtx(serverInfo.masterSecret, true, aeadAlg, serverInfo.senderId,
serverInfo.recipientId, hkdfAlg, 32, serverInfo.masterSalt, serverInfo.idContext);
serverInfo.recipientId, hkdfAlg, 32, serverInfo.masterSalt, idContext);
db.addContext(serverInfo.getFullUri().toASCIIString(), ctx);

// Also add the context by the IP of the server since requests may use that
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,6 @@ public class Oscore extends BaseInstanceEnabler {
private int aeadAlgorithm;
private int hkdfAlgorithm;
private String masterSalt;
// TODO OSCORE : never used and not part of OSCORE object
private String idContext;

public Oscore() {

Expand All @@ -68,7 +66,6 @@ public Oscore(int instanceId, String masterSecret, String senderId, String recip
this.aeadAlgorithm = aeadAlgorithm;
this.hkdfAlgorithm = hkdfAlgorithm;
this.masterSalt = masterSalt;
this.idContext = "";
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,6 @@ public class ServerInfo {
public long aeadAlgorithm;
public long hkdfAlgorithm;
public byte[] masterSalt;
public byte[] idContext;

public InetSocketAddress getAddress() {
return getAddress(serverUri);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,6 @@ public static ServersInfo getInfo(Map<Integer, LwM2mObjectEnabler> objectEnabler
info.aeadAlgorithm = getAeadAlgorithm(oscoreInstance);
info.hkdfAlgorithm = getHkdfAlgorithm(oscoreInstance);
info.masterSalt = getMasterSalt(oscoreInstance);
info.idContext = getIdContext(oscoreInstance);
} else if (info.secureMode == SecurityMode.PSK) {
info.pskId = getPskIdentity(security);
info.pskKey = getPskKey(security);
Expand Down Expand Up @@ -157,7 +156,6 @@ public static ServersInfo getInfo(Map<Integer, LwM2mObjectEnabler> objectEnabler
info.aeadAlgorithm = getAeadAlgorithm(oscoreInstance);
info.hkdfAlgorithm = getHkdfAlgorithm(oscoreInstance);
info.masterSalt = getMasterSalt(oscoreInstance);
info.idContext = getIdContext(oscoreInstance);
} else if (info.secureMode == SecurityMode.PSK) {
info.pskId = getPskIdentity(security);
info.pskKey = getPskKey(security);
Expand Down Expand Up @@ -363,8 +361,4 @@ public static byte[] getMasterSalt(LwM2mObjectInstance oscoreInstance) {
return Hex.decodeHex(value.toCharArray());
}
}

public static byte[] getIdContext(LwM2mObjectInstance oscoreInstance) {
return null;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -247,8 +247,6 @@ public static void main(final String[] args) {
"The OSCORE pre-shared key used between the Client and LwM2M Server/Bootstrap Server.");
options.addOption("msalt", true,
"The OSCORE master salt used between the Client and LwM2M Server or Bootstrap Server.\nDefault: Empty");
options.addOption("idctx", true,
"The OSCORE ID Context used between the Client and LwM2M Server or Bootstrap Server.\nDefault: Empty");
options.addOption("sid", true,
"The OSCORE Sender ID used by the client to the LwM2M Server or Bootstrap Server.");
options.addOption("rid", true,
Expand Down Expand Up @@ -630,13 +628,6 @@ public static void main(final String[] args) {
mastersaltStr = "";
}

String idcontextStr = cl.getOptionValue("idctx");
if (idcontextStr != null) {
System.err.println("The OSCORE ID Context parameter is not yet supported");
formatter.printHelp(USAGE, options);
return;
}

String senderidStr = cl.getOptionValue("sid");
if (senderidStr == null) {
System.err.println("The OSCORE Sender ID must be indicated");
Expand Down Expand Up @@ -692,7 +683,7 @@ public static void main(final String[] args) {
}

// Save the configured OSCORE parameters
oscoreSettings = new OSCoreSettings(mastersecretStr, mastersaltStr, idcontextStr, senderidStr,
oscoreSettings = new OSCoreSettings(mastersecretStr, mastersaltStr, senderidStr,
recipientidStr, aeadInt, hkdfInt);
}

Expand Down Expand Up @@ -1051,7 +1042,7 @@ private static class OSCoreSettings {
public int aeadAlgorithm;
public int hkdfAlgorithm;

public OSCoreSettings(String masterSecret, String masterSalt, String idContext, String senderId,
public OSCoreSettings(String masterSecret, String masterSalt, String senderId,
String recipientId, int aeadAlgorithm, int hkdfAlgorithm) {
this.masterSecret = masterSecret;
this.masterSalt = masterSalt;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -131,14 +131,8 @@ public SecurityInfo deserialize(JsonElement json, Type typeOfT, JsonDeserializat
}
}

// ID Context not supported
byte[] idContext = null;
if (oscore.get("idContext") != null) {
idContext = Hex.decodeHex(oscore.get("idContext").getAsString().toCharArray());

if (idContext.length == 0) {
idContext = null;
}
}

// Parse AEAD Algorithm
AlgorithmID aeadAlgorithm = null;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -105,8 +105,8 @@ angular.module('securityControllers', [])
} else if($scope.securityMode == "oscore") {
// Information for OSCORE
var security = {endpoint: $scope.endpoint, oscore : { masterSecret : $scope.masterSecret, masterSalt : $scope.masterSalt,
idContext : $scope.idContext, senderId : $scope.senderId, recipientId : $scope.recipientId,
aeadAlgorithm : $scope.aeadAlgorithm || $scope.defaultAeadAlgorithm, hkdfAlgorithm : $scope.hkdfAlgorithm || $scope.defaultHkdfAlgorithm }};
senderId : $scope.senderId, recipientId : $scope.recipientId, aeadAlgorithm : $scope.aeadAlgorithm || $scope.defaultAeadAlgorithm,
hkdfAlgorithm : $scope.hkdfAlgorithm || $scope.defaultHkdfAlgorithm }};
} else {
var security = {endpoint: $scope.endpoint, x509 : true};
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,6 @@ <h4>The Leshan Public Key <small>(SubjectPublicKeyInfo der encoded)</small>
<td ng-if="security.oscore">
Master Secret : <code>{{ security.oscore.masterSecret }}</code><br/>
Master Salt : <code>{{ security.oscore.masterSalt }}</code><br/>
ID Context : <code>{{ security.oscore.idContext }}</code><br/>
Sender ID : <code>{{ security.oscore.senderId }}</code><br/>
Recipient ID : <code>{{ security.oscore.recipientId }}</code><br/>
AEAD Algorithm : <code>{{ security.oscore.aeadAlgorithm }}</code><br/>
Expand Down Expand Up @@ -162,17 +161,6 @@ <h4 class="modal-title">New security configuration</h4>
</div>
</div>

<div class="form-group" ng-class="{'hidden': securityMode!='oscore'}" show-errors>
<label for="idContextValue" class="col-sm-4 control-label">ID Context</label>
<div class="col-sm-8">
<textarea class="form-control" style="resize:none" rows="1" id="idContextValue" name="idContext"
ng-model="idContext" ng-pattern="/^[0-9a-fA-F]+$/" ng-maxlength="32" disabled={true}></textarea>
<p class="text-right text-muted small" style="margin:0">Not supported</p>
<p class="help-block" ng-if="form.idContext.$error.pattern">Hexadecimal format is expected</p>
<p class="help-block" ng-if="form.idContext.$error.maxlength">ID Context is too long</p>
</div>
</div>

<div class="form-group" ng-class="{'hidden': securityMode!='oscore'}" show-errors>
<label for="senderIdValue" class="col-sm-4 control-label">Sender ID</label>
<div class="col-sm-8">
Expand Down

0 comments on commit 4488653

Please sign in to comment.