example-client: added flag for secure provider, simplified schemes

Author: szysas

example-client/README.md

@@ -6,26 +6,23 @@ This is an example coap client application, that can be use with any LwM2M Serve
 Usage
 -----
 
-    ./run.sh [-k KEYSTORE_FILE] <scheme>://<registration-url>
+    ./run.sh [-k KEYSTORE_FILE] [-s SSL_PROVIDER] <scheme>://<registration-url>
 
 ### Schemes
 
-- `coap://` (UDP)
-- `coap+tcp://` (TCP)
-- `coaps+tcp://` (TLS)
-- `coaps+tcp-d2://` (TLS)
-- `openssl-coap://` (DTLS)
-- `stdio-coap://`
-- `stdio-coap+tcp://`
+- `coap://` (RFC 7252)
+- `coaps://` (RFC 7252)
+- `coap+tcp://` (RFC 8323)
+- `coaps+tcp://` (RFC 8323)
 
 ### Examples
         
     ./run.sh 'coap://localhost:5683/rd?ep=device007&lt=3600&b=U'    
 
 
-#### Running with openssl (dtls):
+#### Running with openssl:
 
-    ./run.sh -k device01.jks 'openssl-coaps://localhost:5684/rd?ep=device001'
+    ./run.sh -k device01.jks -s openssl 'coaps://localhost:5684/rd?ep=device001'
 
 _Note: this requires openssl installed in your system that support dtls. 
 Use environment variable `OPENSSL_BIN_PATH` to point to specific location of `openssl` binary._
@@ -34,10 +31,10 @@ Use environment variable `OPENSSL_BIN_PATH` to point to specific location of `op
 #### Running with standard io (bidirectional pipe):
 
     mkfifo fifo
-    ./run.sh  "stdio-coap://127.0.0.1:5683/rd?ep=test&aid=dm&lt=60" < fifo | \
+    ./run.sh -s stdio "coaps://127.0.0.1:5683/rd?ep=test&aid=dm&lt=60" < fifo | \
     socat -d -d - udp-sendto:localhost:5683 > fifo
 
 or
 
-    ./run.sh  "stdio-coap://127.0.0.1:5683/rd?ep=test&aid=dm&lt=60" < fifo | \
+    ./run.sh -s stdio "coaps://127.0.0.1:5683/rd?ep=test&aid=dm&lt=60" < fifo | \
     openssl s_client -connect localhost:5684 -cipher PSK-AES128-CBC-SHA -psk 01010101010101010101010101010101 -psk_identity device-0000000001  -quiet > fifo

example-client/src/main/java/com/mbed/coap/cli/CoapCli.java

@@ -26,18 +26,29 @@
 import java.io.IOException;
 import java.net.InetSocketAddress;
 import java.net.URI;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Created by szymon
  */
 public class CoapCli {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(CoapCli.class);
+
     public static void main(String[] args) {
+        main(args, new CoapSchemes());
+    }
+
+    public static void main(String[] args, CoapSchemes providers) {
         if (args.length == 0) {
             System.out.println("Usage: [options...] <method> <scheme>://<host>:<port>/<uri-path> [<payload>]");
             System.out.println("Method: GET | POST | PUT | DELETE");
-            System.out.println("Schemes: " + CoapSchemes.INSTANCE.supportedSchemas().replaceAll("\n", "\n         "));
+            System.out.println("Schemes: " + providers.supportedSchemes().replaceAll("\n", "\n         "));
             System.out.println("Options:");
+            System.out.println("     -s <ssl provider>  jdk <default>,");
+            System.out.println("                        openssl (requires installed openssl that supports dtls),");
+            System.out.println("                        stdio (standard IO)");
             System.out.println("     -k <file>          KeyStore file");
             System.out.println("     -b <block size>    Block size, one of: 16, 32, 64, 128, 256, 512, 1024");
             System.out.println("     -p <proxy>         Proxy-Uri");
@@ -51,6 +62,7 @@ public static void main(String[] args) {
             String keystoreFile = null;
             String proxyUri = null;
             BlockSize blockSize = null;
+            TransportProvider transportProvider = providers.defaultProvider();
             int i;
             for (i = 0; i < args.length; i++) {
                 if (args[i].equals("-k")) {
@@ -59,6 +71,10 @@ public static void main(String[] args) {
                     proxyUri = args[++i];
                 } else if (args[i].equals("-b")) {
                     blockSize = BlockSize.valueOf("S_" + args[++i]);
+                } else if (args[i].equals("-s")) {
+                    transportProvider = providers.transportProviderFor(args[++i]);
+                } else if (args[i].charAt(0) == '-') {
+                    throw new IllegalArgumentException("Unrecognised flag: " + args[i]);
                 } else {
                     break;
                 }
@@ -69,16 +85,18 @@ public static void main(String[] args) {
 
             String payload = (args.length > i) ? args[i] : null;
 
-            new CoapCli(keystoreFile, blockSize, proxyUri, method, uri, payload);
+            new CoapCli(providers, transportProvider, keystoreFile, blockSize, proxyUri, method, uri, payload);
+        } catch (IllegalArgumentException ex) {
+            LOGGER.error(ex.getMessage());
         } catch (Exception ex) {
             ex.printStackTrace();
         }
         System.exit(0);
     }
 
-    public CoapCli(String keystoreFile, BlockSize blockSize, String proxyUri, String method, URI uri, String payload) throws IOException, InterruptedException, CoapException {
+    public CoapCli(CoapSchemes providers, TransportProvider transportProvider, String keystoreFile, BlockSize blockSize, String proxyUri, String method, URI uri, String payload) throws IOException, InterruptedException, CoapException {
 
-        CoapServer cliServer = CoapSchemes.INSTANCE.create(keystoreFile, uri).build().start();
+        CoapServer cliServer = providers.create(transportProvider, keystoreFile, uri).build().start();
 
         InetSocketAddress destination = new InetSocketAddress(uri.getHost(), uri.getPort());
         CoapClient cli = CoapClientBuilder.clientFor(destination, cliServer);
@@ -92,8 +110,10 @@ public CoapCli(String keystoreFile, BlockSize blockSize, String proxyUri, String
                 .payload(payload)
                 .sync().invokeMethod(Method.valueOf(method));
 
-        System.out.println("");
-        System.out.println(resp.getPayloadString());
+        if (resp.getPayload().length > 0) {
+            System.out.println();
+            System.out.println(resp.getPayloadString());
+        }
 
         cliServer.stop();
     }

example-client/src/main/java/com/mbed/coap/cli/CoapSchemes.java

@@ -15,194 +15,103 @@
  */
 package com.mbed.coap.cli;
 
+import com.mbed.coap.cli.providers.JdkProvider;
+import com.mbed.coap.cli.providers.OpensslProvider;
+import com.mbed.coap.cli.providers.PlainTextProvider;
+import com.mbed.coap.cli.providers.StandardIoProvider;
 import com.mbed.coap.server.CoapServerBuilder;
 import com.mbed.coap.transport.javassl.CoapSerializer;
-import com.mbed.coap.transport.javassl.SSLSocketClientTransport;
-import com.mbed.coap.transport.javassl.SocketClientTransport;
-import com.mbed.coap.transport.stdio.OpensslProcessTransport;
-import com.mbed.coap.transport.stdio.StreamBlockingTransport;
-import com.mbed.coap.transport.udp.DatagramSocketTransport;
-import java.io.File;
 import java.io.FileInputStream;
-import java.io.FileWriter;
 import java.io.IOException;
 import java.net.InetSocketAddress;
 import java.net.URI;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
 import java.util.ArrayList;
-import java.util.Base64;
 import java.util.Collections;
-import java.util.Enumeration;
-import javax.net.SocketFactory;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManagerFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 public class CoapSchemes {
-    private static final Logger LOGGER = LoggerFactory.getLogger(CoapSchemes.class);
+    public static char[] secret() {
+        return "secret".toCharArray();
+    }
 
-    static final CoapSchemes INSTANCE;
-    static final char[] SECRET = "secret".toCharArray();
+    public final CoapServerBuilder create(TransportProvider transportProvider, String keystoreFile, URI uri) {
 
-    static {
         try {
-            Class coapTransportBuilderClass = Class.forName(System.getProperty("coap.cli.CoapSchemes", "com.mbed.coap.cli.CoapSchemes"));
-            INSTANCE = ((CoapSchemes) coapTransportBuilderClass.newInstance());
-
-        } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e) {
+            return create(transportProvider, loadKeystore(keystoreFile), uri);
+        } catch (GeneralSecurityException | IOException e) {
             throw new RuntimeException(e);
         }
     }
 
-    public final CoapServerBuilder create(String keystoreFile, URI uri) {
-        return create(loadKeystore(keystoreFile), uri);
+    public String supportedSchemes() {
+        return "coap, coap+tcp, coaps, coaps+tcp, coaps+tcp-d2 (draft 2)";
     }
 
-    public String supportedSchemas() {
-        return "coap, coap+tcp, coaps+tcp, coaps+tcp-d2 (draft 2), \nopenssl-coap (requires installed openssl that supports dtls), \nstdio-coap (standard IO), stdio-coap+tcp";
-    }
+    protected CoapServerBuilder create(TransportProvider transportProvider, KeyStore ks, URI uri) throws GeneralSecurityException, IOException {
+        InetSocketAddress destAdr = addressFromUri(uri);
 
-    protected CoapServerBuilder create(KeyStore ks, URI uri) {
-        InetSocketAddress destAdr = new InetSocketAddress(uri.getHost(), uri.getPort());
         switch (uri.getScheme()) {
             case "coap":
-                return coapOverUdp();
+                return CoapServerBuilder.newBuilder()
+                        .transport(new PlainTextProvider().createUDP(CoapSerializer.UDP, destAdr, ks));
 
             case "coap+tcp":
-                return coapOverTcp(destAdr);
+                return CoapServerBuilder.newBuilderForTcp()
+                        .transport(new PlainTextProvider().createTCP(CoapSerializer.TCP, destAdr, ks));
+
+            case "coaps":
+                return CoapServerBuilder.newBuilder()
+                        .transport(transportProvider.createUDP(CoapSerializer.UDP, destAdr, ks));
 
             case "coaps+tcp":
-                return coapOverTls(destAdr, ks);
+                return CoapServerBuilder.newBuilderForTcp()
+                        .transport(transportProvider.createTCP(CoapSerializer.TCP, destAdr, ks));
 
             case "coaps+tcp-d2":
-                return coapOverTlsDraft2(destAdr, ks);
-
-            case "openssl-coap":
-                return coapOverDtls(destAdr, ks);
-
-            case "stdio-coap":
-                return stdIoCoap(destAdr, CoapSerializer.UDP);
-
-            case "stdio-coap+tcp":
-                return stdIoCoap(destAdr, CoapSerializer.TCP);
-
+                return CoapServerBuilder.newBuilder()
+                        .transport(transportProvider.createTCP(CoapSerializer.UDP, destAdr, ks));
 
             default:
-                throw new IllegalArgumentException("Protocol not supported: " + uri.getScheme());
+                throw new IllegalArgumentException("Scheme not supported: " + uri.getScheme());
         }
     }
 
+    protected static InetSocketAddress addressFromUri(URI uri) {
+        return new InetSocketAddress(uri.getHost(), uri.getPort());
+    }
 
     private static KeyStore loadKeystore(String keystoreFile) {
         KeyStore ks = null;
         if (keystoreFile != null) {
             try (FileInputStream f = new FileInputStream(keystoreFile)) {
                 ks = KeyStore.getInstance("JKS");
-                ks.load(f, SECRET);
+                ks.load(f, secret());
             } catch (Exception e) {
                 throw new RuntimeException(e);
             }
         }
         return ks;
     }
 
-    private CoapServerBuilder coapOverTcp(InetSocketAddress destAdr) {
-        return CoapServerBuilder.newBuilderForTcp().transport(
-                new SocketClientTransport(destAdr, SocketFactory.getDefault(), CoapSerializer.TCP, true)
-        );
-    }
-
-    private CoapServerBuilder coapOverTlsDraft2(InetSocketAddress destAdr, KeyStore ks) {
-        SSLContext sslContext = sslContextFromKeystore(ks);
-        return CoapServerBuilder.newBuilder().transport(
-                new SSLSocketClientTransport(destAdr, sslContext.getSocketFactory(), CoapSerializer.UDP, true)
-        );
-    }
-
-    private CoapServerBuilder coapOverTls(InetSocketAddress destAdr, KeyStore ks) {
-        SSLContext sslContext = sslContextFromKeystore(ks);
-        return CoapServerBuilder.newBuilderForTcp().transport(
-                new SSLSocketClientTransport(destAdr, sslContext.getSocketFactory(), CoapSerializer.TCP, true)
-        );
-    }
-
-    private CoapServerBuilder coapOverUdp() {
-        return CoapServerBuilder.newBuilder().transport(new DatagramSocketTransport(0));
-    }
-
-    private CoapServerBuilder stdIoCoap(InetSocketAddress destAdr, CoapSerializer serializer) {
-        return CoapServerBuilder.newBuilder().transport(StreamBlockingTransport.forStandardIO(destAdr, serializer));
-    }
-
-    protected static SSLContext sslContextFromKeystore(KeyStore ks) {
-        try {
-
-            final KeyManagerFactory kmf;
-            kmf = KeyManagerFactory.getInstance("SunX509");
-            kmf.init(ks, SECRET);
-            TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-            tmf.init(ks);
-
-            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
-            sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
-
-            //print all certificates subject
-            Enumeration<String> aliases = ks.aliases();
-            while (aliases.hasMoreElements()) {
-                String alias = aliases.nextElement();
-                String certCN = ((X509Certificate) ks.getCertificate(alias)).getSubjectDN().toString();
-
-                if (ks.isKeyEntry(alias)) {
-                    LOGGER.info("Using certificate: " + certCN);
-                } else {
-                    LOGGER.info("Using trusted certificate: " + certCN);
-                }
-            }
-
-            return sslContext;
-        } catch (Exception e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    private CoapServerBuilder coapOverDtls(InetSocketAddress destAdr, KeyStore ks) {
-        try {
-            String alias = findKeyAlias(ks);
-            File temp = keyPairToTempFile(alias, ks);
-
-            OpensslProcessTransport transport = OpensslProcessTransport.create(temp.getAbsolutePath(), destAdr);
-            return CoapServerBuilder.newBuilder().transport(transport);
-        } catch (IOException | GeneralSecurityException e) {
-            throw new RuntimeException(e);
+    public TransportProvider transportProviderFor(String transport) {
+        switch (transport.toLowerCase()) {
+            case "jdk":
+                return new JdkProvider();
+            case "openssl":
+                return new OpensslProvider();
+            case "stdio":
+                return new StandardIoProvider();
+            default:
+                throw new IllegalArgumentException("Not supported transport: " + transport);
         }
-
-
     }
 
-    private static File keyPairToTempFile(String alias, KeyStore ks) throws KeyStoreException, IOException, CertificateEncodingException, NoSuchAlgorithmException, UnrecoverableKeyException {
-        File temp = File.createTempFile("client", ".pem");
-        try (FileWriter writer = new FileWriter(temp)) {
-            writer.write("-----BEGIN CERTIFICATE-----\n");
-            writer.write(Base64.getEncoder().encodeToString(ks.getCertificate(alias).getEncoded()));
-            writer.write("\n-----END CERTIFICATE-----\n");
-            writer.write("-----BEGIN PRIVATE KEY-----\n");
-            writer.write(Base64.getEncoder().encodeToString(ks.getKey(alias, SECRET).getEncoded()));
-            writer.write("\n-----END PRIVATE KEY-----\n");
-            writer.flush();
-        }
-        temp.deleteOnExit();
-        return temp;
+    public TransportProvider defaultProvider() {
+        return new JdkProvider();
     }
 
-
     public static String findKeyAlias(KeyStore ks) throws KeyStoreException {
         ArrayList<String> aliases = Collections.list(ks.aliases());