Package ch.ethz.inf.vs.scandium.dtls

Examples of ch.ethz.inf.vs.scandium.dtls.DTLSSession


   * Close the DTLS session with the given peer.
   *
   * @param peerAddress the remote endpoint of the session to close
   */
  public void close(InetSocketAddress peerAddress) {
    DTLSSession session = dtlsSessions.get(addressToKey(peerAddress));
   
    if (session != null) {
      DTLSMessage closeNotify = new AlertMessage(AlertLevel.WARNING, AlertDescription.CLOSE_NOTIFY);
     
      DTLSFlight flight = new DTLSFlight();
      flight.addMessage(new Record(ContentType.ALERT, session.getWriteEpoch(), session.getSequenceNumber(), closeNotify, session));
      flight.setRetransmissionNeeded(false);
     
      cancelPreviousFlight(peerAddress);
 
      flight.setPeerAddress(peerAddress);
View Full Code Here


    if (packet.getLength() == 0)
      return null;

    InetSocketAddress peerAddress = new InetSocketAddress(packet.getAddress(), packet.getPort());
    LOGGER.finest(" => find handshaker for key "+peerAddress.toString());
    DTLSSession session = dtlsSessions.get(addressToKey(peerAddress));
    Handshaker handshaker = handshakers.get(addressToKey(peerAddress));
    byte[] data = Arrays.copyOfRange(packet.getData(), packet.getOffset(), packet.getLength());

    try {
      List<Record> records = Record.fromByteArray(data);

      for (Record record : records) {
        record.setSession(session);

        RawData raw = null;

        ContentType contentType = record.getType();
        LOGGER.finest(" => contentType: "+contentType);
        DTLSFlight flight = null;
        switch (contentType) {
        case APPLICATION_DATA:
          if (session == null) {
            // There is no session available, so no application data
            // should be received, discard it
            LOGGER.info("Discarded unexpected application data message from " + peerAddress.toString());
            return null;
          }
          // at this point, the current handshaker is not needed
          // anymore, remove it
          handshakers.remove(addressToKey(peerAddress));

          ApplicationMessage applicationData = (ApplicationMessage) record.getFragment();
          raw = new RawData(applicationData.getData());
          break;

        case ALERT:
          AlertMessage alert = (AlertMessage) record.getFragment();
          switch (alert.getDescription()) {
          case CLOSE_NOTIFY:
            session.setActive(false);
           
            LOGGER.fine("Received CLOSE_NOTIFY from " + peerAddress.toString());
           
            // server must reply with CLOSE_NOTIFY
            if (!session.isClient()) {
              DTLSMessage closeNotify = new AlertMessage(AlertLevel.WARNING, AlertDescription.CLOSE_NOTIFY);
              flight = new DTLSFlight();
              flight.addMessage(new Record(ContentType.ALERT, session.getWriteEpoch(), session.getSequenceNumber(), closeNotify, session));
              flight.setRetransmissionNeeded(false);
            }
           
            if (dtlsSessions.remove(addressToKey(peerAddress))!=null) {
              LOGGER.info("Closed session with peer: " + peerAddress.toString());
            } else {
              LOGGER.warning("Session to close not found: " + peerAddress.toString());
            }
           
            break;
         
          // remote implementation might use any alert (e.g., against padding oracle attack)
          default:
            LOGGER.warning(alert.getDescription() + " with " + peerAddress.toString());

            // cleaning up
            cancelPreviousFlight(peerAddress);
            dtlsSessions.remove(addressToKey(peerAddress));
            handshakers.remove(addressToKey(peerAddress));
            break;
           
            //TODO somehow tell CoAP endpoint to cancel
          }
          break;
        case CHANGE_CIPHER_SPEC:
        case HANDSHAKE:
          LOGGER.finest(" => handshaker: "+handshaker);
          if (handshaker == null) {
            /*
             * A handshake message received, but no handshaker
             * available: this must mean that we either received
             * a HelloRequest (from server) or a ClientHello
             * (from client) => initialize appropriate
             * handshaker type
             */

            HandshakeMessage handshake = (HandshakeMessage) record.getFragment();

            switch (handshake.getMessageType()) {
            case HELLO_REQUEST:
              /*
               * Client side: server desires a re-handshake
               */
              if (session == null) {
                // create new session
                session = new DTLSSession(peerAddress, true);
                // store session according to peer address
                dtlsSessions.put(addressToKey(peerAddress), session);

                LOGGER.info("Created new session as client with peer: " + peerAddress.toString());
              }
              handshaker = new ClientHandshaker(peerAddress, null, session);
              handshakers.put(addressToKey(peerAddress), handshaker);
              LOGGER.finest("Stored re-handshaker: " + handshaker.toString() + " for " + peerAddress.toString());
              break;

            case CLIENT_HELLO:
              /*
               * Server side: server received a client hello:
               * check first if client wants to resume a
               * session (message must contain session
               * identifier) and then check if particular
               * session still available, otherwise conduct
               * full handshake with fresh session.
               */

              if (!(handshake instanceof FragmentedHandshakeMessage)) {
                // check if session identifier set
                ClientHello clientHello = (ClientHello) handshake;
                session = getSessionByIdentifier(clientHello.getSessionId().getSessionId());
              }
             
              if (session == null) {
                // create new session
                session = new DTLSSession(peerAddress, false);
                // store session according to peer address
                dtlsSessions.put(addressToKey(peerAddress), session);

                LOGGER.info("Created new session as server with peer: " + peerAddress.toString());
                handshaker = new ServerHandshaker(peerAddress, session);
              } else {
                handshaker = new ResumingServerHandshaker(peerAddress, session);
              }
              handshakers.put(addressToKey(peerAddress), handshaker);
              LOGGER.finest("Stored handshaker: " + handshaker.toString() + " for " + peerAddress.toString());
              break;

            default:
              LOGGER.severe("Received unexpected first handshake message (type="+handshake.getMessageType()+") from " + peerAddress.toString() + ":\n" + handshake.toString());
              break;
            }
          }
          flight = handshaker.processMessage(record);
          break;

        default:
          LOGGER.severe("Received unknown DTLS record from " + peerAddress.toString() + ":\n" + ByteArrayUtils.toHexString(data));
          break;
        }

        if (flight != null) {
          cancelPreviousFlight(peerAddress);

          flight.setPeerAddress(peerAddress);
          flight.setSession(session);

          if (flight.isRetransmissionNeeded()) {
            flights.put(addressToKey(peerAddress), flight);
            scheduleRetransmission(flight);
          }

          sendFlight(flight);
        }

        if (raw != null) {

          raw.setAddress(packet.getAddress());
          raw.setPort(packet.getPort());

          return raw;
        }
      }

    } catch (Exception e) {
      /*
       * If it is a known handshake failure, send the specific Alert,
       * otherwise the general Handshake_Failure Alert.
       */
      DTLSFlight flight = new DTLSFlight();
      flight.setRetransmissionNeeded(false);
      flight.setPeerAddress(peerAddress);
      flight.setSession(session);
     
      AlertMessage alert;
      if (e instanceof HandshakeException) {
        alert = ((HandshakeException) e).getAlert();
        LOGGER.severe("Handshake Exception (" + peerAddress.toString() + "): " + e.getMessage());
      } else {
        alert = new AlertMessage(AlertLevel.FATAL, AlertDescription.HANDSHAKE_FAILURE);
        LOGGER.log(Level.SEVERE, "Unknown Exception (" + peerAddress + ").", e);
      }

      LOGGER.log(Level.SEVERE, "Datagram which lead to exception (" + peerAddress + "): " + ByteArrayUtils.toHexString(data), e);
     
      if (session == null) {
        // if the first received message failed, no session has been set
        session = new DTLSSession(peerAddress, false);
      }
      cancelPreviousFlight(peerAddress);
     
      flight.addMessage(new Record(ContentType.ALERT, session.getWriteEpoch(), session.getSequenceNumber(), alert, session));
      sendFlight(flight);
    } // receive()
    return null;
  }
View Full Code Here

  protected void sendNext(RawData message) throws Exception {
   
    InetSocketAddress peerAddress = message.getInetSocketAddress();
    LOGGER.fine("Sending message to " + peerAddress);

    DTLSSession session = dtlsSessions.get(addressToKey(peerAddress));
   
    /*
     * When the DTLS layer receives a message from an upper layer, there is
     * either a already a DTLS session available with the peer or a new
     * handshake must be executed. If a session is available and active, the
     * message will be encrypted and send to the peer, otherwise a short
     * handshake will be initiated.
     */
    Record encryptedMessage = null;
    Handshaker handshaker = null;

    if (session == null) {
      // no session with endpoint available, create new empty session,
      // start fresh handshake
      session = new DTLSSession(peerAddress, true);
      dtlsSessions.put(addressToKey(peerAddress), session);
      handshaker = new ClientHandshaker(peerAddress, message, session);

    } else {

      if (session.isActive()) {
        // session to peer is active, send encrypted message
        DTLSMessage fragment = new ApplicationMessage(message.getBytes());
        encryptedMessage = new Record(ContentType.APPLICATION_DATA, session.getWriteEpoch(), session.getSequenceNumber(), fragment, session);
       
      } else {
        // try resuming session
        handshaker = new ResumingClientHandshaker(peerAddress, message, session);
      }
View Full Code Here

TOP

Related Classes of ch.ethz.inf.vs.scandium.dtls.DTLSSession

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.