Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix #COAP-42: Make hkdfDeriveParameter a public method #25

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Fix #COAP-42: Make hkdfDeriveParameter a public method #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bfa1a53
COAP-41: Return a tuple of (code, options, payload) to the client as …
malishav Jul 26, 2018
dd90fbb
COAP-42: Make hkdfDeriveParameter a public method
malishav Jul 26, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions bin/test_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
from coap import coap
from coap import coapOption as o
from coap import coapObjectSecurity as oscoap
from coap import coapUtils as u

import logging_setup

Expand All @@ -26,13 +27,15 @@

try:
# retrieve value of 'test' resource
p = c.GET('coap://[{0}]/test'.format(SERVER_IP),
(respCode, respOptions, respPayload) = c.GET('coap://[{0}]/test'.format(SERVER_IP),
confirmable=True,
options=[objectSecurity])

print '====='
print ''.join([chr(b) for b in p])
print ''.join([chr(b) for b in respPayload])
print binascii.hexlify(u.buf2str(respPayload))
print '====='

except Exception as err:
print err

Expand Down
6 changes: 3 additions & 3 deletions coap/coap.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ def GET(self,uri,confirmable=True,options=[]):
options = options,
)
log.debug('response: {0}'.format(response))
return response['payload']
return (response['code'], response['options'], response['payload'])

def PUT(self,uri,confirmable=True,options=[],payload=None):
response = self._transmit(
Expand All @@ -87,7 +87,7 @@ def PUT(self,uri,confirmable=True,options=[],payload=None):
payload = payload
)
log.debug('response: {0}'.format(response))
return response['payload']
return (response['code'], response['options'], response['payload'])

def POST(self,uri,confirmable=True,options=[],payload=None):
response = self._transmit(
Expand All @@ -98,7 +98,7 @@ def POST(self,uri,confirmable=True,options=[],payload=None):
payload = payload
)
log.debug('response: {0}'.format(response))
return response['payload']
return (response['code'], response['options'], response['payload'])

def DELETE(self,uri,confirmable=True,options=[]):
self._transmit(
Expand Down
59 changes: 21 additions & 38 deletions coap/coapObjectSecurity.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -345,7 +345,7 @@ class AES_CCM_16_64_128(CCMAlgorithm):

class SecurityContext:
REPLAY_WINDOW_SIZE = 64
def __init__(self, masterSecret, senderID, recipientID, aeadAlgorithm = AES_CCM_64_64_128(), masterSalt = '', hashFunction = hashlib.sha256):
def __init__(self, masterSecret='', senderID='', recipientID='', aeadAlgorithm=AES_CCM_64_64_128(), masterSalt='', hashFunction=hashlib.sha256):

# Common context
self.aeadAlgorithm = aeadAlgorithm
Expand All @@ -355,43 +355,27 @@ def __init__(self, masterSecret, senderID, recipientID, aeadAlgorithm = AES_CCM_

# Sender context
self.senderID = senderID
self.senderKey = self._hkdfDeriveParameter(self.hashFunction,
self.masterSecret,
self.masterSalt,
self.senderID,
self.aeadAlgorithm.value,
'Key',
self.aeadAlgorithm.keyLength
)

self.senderIV = self._hkdfDeriveParameter(self.hashFunction,
self.masterSecret,
self.masterSalt,
self.senderID,
self.aeadAlgorithm.value,
'IV',
self.aeadAlgorithm.ivLength
self.senderKey = self.hkdfDeriveParameter(self.senderID,
'Key',
self.aeadAlgorithm.keyLength
)

self.senderIV = self.hkdfDeriveParameter(self.senderID,
'IV',
self.aeadAlgorithm.ivLength
)
self.sequenceNumber = 0

# Recipient context
self.recipientID = recipientID
self.recipientKey = self._hkdfDeriveParameter(self.hashFunction,
self.masterSecret,
self.masterSalt,
self.recipientID,
self.aeadAlgorithm.value,
'Key',
self.aeadAlgorithm.keyLength
self.recipientKey = self.hkdfDeriveParameter(self.recipientID,
'Key',
self.aeadAlgorithm.keyLength
)
self.recipientIV = self.hkdfDeriveParameter(self.recipientID,
'IV',
self.aeadAlgorithm.ivLength
)
self.recipientIV = self._hkdfDeriveParameter(self.hashFunction,
self.masterSecret,
self.masterSalt,
self.recipientID,
self.aeadAlgorithm.value,
'IV',
self.aeadAlgorithm.ivLength
)
self.replayWindow = [0]

# ======================== public ==========================================
Expand Down Expand Up @@ -423,19 +407,18 @@ def replayWindowUpdate(self, sequenceNumber):

self.replayWindow += [sequenceNumber]

# ======================== private ==========================================

def _hkdfDeriveParameter(self, hashFunction, masterSecret, masterSalt, id, algorithm, type, length):
def hkdfDeriveParameter(self, id='', type='', length=16):

info = cbor.dumps([
id,
algorithm,
self.aeadAlgorithm.value,
unicode(type), # encode as text string
length
])

extract = hkdf.hkdf_extract(salt=masterSalt, input_key_material=masterSecret, hash=hashFunction)
expand = hkdf.hkdf_expand(pseudo_random_key=extract, info=info, length=length, hash=hashFunction)
extract = hkdf.hkdf_extract(salt=self.masterSalt, input_key_material=self.masterSecret, hash=self.hashFunction)
expand = hkdf.hkdf_expand(pseudo_random_key=extract, info=info, length=length, hash=self.hashFunction)

return expand

# ======================== private ==========================================
2 changes: 1 addition & 1 deletion tests/func/test_BADREQUEST.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ def test_BADREQUEST(logFixture, snoopyDispatcher, twoEndPoints, confirmableFixtu
clientOptions = [o.ObjectSecurity(context=clientContext)]

with pytest.raises(e.coapRcBadRequest):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri='coap://[{0}]:{1}/{2}/'.format(IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=confirmableFixture,
options=clientOptions
Expand Down
2 changes: 1 addition & 1 deletion tests/func/test_INTERNALSERVERERROR.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ def test_GET(logFixture,snoopyDispatcher,twoEndPoints):

# have coap2 do a get
with pytest.raises(e.coapRcInternalServerError):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,'buggy'),
confirmable = True,
options=clientOptions
Expand Down
2 changes: 1 addition & 1 deletion tests/func/test_METHODNOTALLOWED.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ def test_METHODNOTALLOWED(logFixture,snoopyDispatcher,twoEndPoints,confirmableFi

# have coap2 do a post
with pytest.raises(e.coapRcMethodNotAllowed):
reply = coap2.POST(
(respCode, respOptions, respPayload) = coap2.POST(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,RESOURCE),
confirmable = confirmableFixture,
options=options
Expand Down
2 changes: 1 addition & 1 deletion tests/func/test_NOTFOUND.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ def test_NOTFOUND(logFixture,snoopyDispatcher,twoEndPoints,confirmableFixture):

# have coap2 do a get
with pytest.raises(e.coapRcNotFound):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,RESOURCE_INVALID),
confirmable = confirmableFixture,
options=options,
Expand Down
4 changes: 2 additions & 2 deletions tests/func/test_UNAUTHORIZED.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ def test_UNAUTHORIZED_1(logFixture,snoopyDispatcher,twoEndPoints,confirmableFixt
if securityEnabled:
# have coap2 do a get without including an Object-Security option
with pytest.raises(e.coapRcUnauthorized):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,RESOURCE),
confirmable = confirmableFixture,
options=[]
Expand All @@ -61,7 +61,7 @@ def test_UNAUTHORIZED_2(logFixture, snoopyDispatcher, twoEndPoints, confirmableF
clientOptions = [o.ObjectSecurity(context=clientContext)]

with pytest.raises(e.coapRcUnauthorized):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri='coap://[{0}]:{1}/{2}/'.format(IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=confirmableFixture,
options=clientOptions
Expand Down
4 changes: 2 additions & 2 deletions tests/func/test_multiple_CON.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,10 @@ def test_GET(logFixture,snoopyDispatcher,twoEndPoints):

# have coap2 do a get
for _ in range(20):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,RESOURCE),
confirmable = False,
options=options
)
assert reply==DUMMYVAL
assert respPayload==DUMMYVAL

4 changes: 2 additions & 2 deletions tests/func/test_multiple_NON.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,9 @@ def test_GET(logFixture,snoopyDispatcher,twoEndPoints):

# have coap2 do a get
for _ in range(20):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,RESOURCE),
confirmable = False,
options = options
)
assert reply==DUMMYVAL
assert respPayload==DUMMYVAL
4 changes: 2 additions & 2 deletions tests/func/test_single_CON.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,10 @@ def test_GET(logFixture,snoopyDispatcher,twoEndPoints):
options = [o.ObjectSecurity(context=context)]

# have coap2 do a get
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri='coap://[{0}]:{1}/{2}/'.format(IPADDRESS1, d.DEFAULT_UDP_PORT, RESOURCE),
confirmable=False,
options=options
)
assert reply == DUMMYVAL
assert respPayload == DUMMYVAL

4 changes: 2 additions & 2 deletions tests/func/test_single_NON.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,10 @@ def test_GET(logFixture,snoopyDispatcher,twoEndPoints):
options = [o.ObjectSecurity(context=context)]

# have coap2 do a get
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS1,d.DEFAULT_UDP_PORT,RESOURCE),
confirmable = False,
options=options,
)
assert reply==DUMMYVAL
assert respPayload==DUMMYVAL

2 changes: 1 addition & 1 deletion tests/func/test_timeout_CON.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ def test_GET(logFixture,snoopyDispatcher,twoEndPoints):

# have coap2 do a get
with pytest.raises(e.coapTimeout):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS_INVALID,d.DEFAULT_UDP_PORT,RESOURCE),
confirmable = True,
options=options,
Expand Down
2 changes: 1 addition & 1 deletion tests/func/test_timeout_NON.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ def test_GET(logFixture,snoopyDispatcher,twoEndPoints):

# have coap2 do a get
with pytest.raises(e.coapTimeout):
reply = coap2.GET(
(respCode, respOptions, respPayload) = coap2.GET(
uri = 'coap://[{0}]:{1}/{2}/'.format(IPADDRESS_INVALID,d.DEFAULT_UDP_PORT,RESOURCE),
confirmable = False,
options=options
Expand Down