简柏林 / thingskit · Commits

Commit d0928e4d815038e7094c63deb90d7c11fb3cef2e

Authored by nickAS21
Committed by Andrew Shvayka
1 parent 9b4a155e

Lwm2m: back: DTLS - 5.2.9.1. Pre-Shared Keys, 5.2.9.2. Raw Public Keys

Inline Side-by-side
Showing 2 changed files with 18 additions and 37 deletions
@@ -53,15 +53,9 @@ import java.security.spec.PKCS8EncodedKeySpec; @@ -53,15 +53,9 @@ import java.security.spec.PKCS8EncodedKeySpec;
53 import java.util.Arrays; 53 import java.util.Arrays;
54 54
55 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256; 55 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
56 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM;  
57 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8; 56 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
58 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;  
59 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA;  
60 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;  
61 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM;  
62 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8;  
63 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;  
64 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256; 57 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256;
  58 +import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_PSK_WITH_AES_128_CCM_8;
65 import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.getCoapConfig; 59 import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.getCoapConfig;
66 60
67 @Slf4j 61 @Slf4j
@@ -117,18 +111,16 @@ public class LwM2MTransportBootstrapServerConfiguration { @@ -117,18 +111,16 @@ public class LwM2MTransportBootstrapServerConfiguration {
117 dtlsConfig.setRecommendedSupportedGroupsOnly(this.contextS.getCtxServer().isRecommendedSupportedGroups()); 111 dtlsConfig.setRecommendedSupportedGroupsOnly(this.contextS.getCtxServer().isRecommendedSupportedGroups());
118 dtlsConfig.setRecommendedCipherSuitesOnly(this.contextS.getCtxServer().isRecommendedCiphers()); 112 dtlsConfig.setRecommendedCipherSuitesOnly(this.contextS.getCtxServer().isRecommendedCiphers());
119 if (this.pskMode) { 113 if (this.pskMode) {
120 - dtlsConfig.setSupportedCipherSuites(TLS_PSK_WITH_AES_128_CBC_SHA256);  
121 - } else {  
122 - dtlsConfig.setSupportedCipherSuites(TLS_PSK_WITH_AES_128_CBC_SHA256,  
123 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,  
124 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 114 + dtlsConfig.setSupportedCipherSuites(
  115 + TLS_PSK_WITH_AES_128_CCM_8,
  116 + TLS_PSK_WITH_AES_128_CBC_SHA256);
  117 + }
  118 + else {
  119 + dtlsConfig.setSupportedCipherSuites(
  120 + TLS_PSK_WITH_AES_128_CCM_8,
  121 + TLS_PSK_WITH_AES_128_CBC_SHA256,
125 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 122 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
126 - TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,  
127 - TLS_ECDHE_ECDSA_WITH_AES_128_CCM,  
128 - TLS_ECDHE_ECDSA_WITH_AES_256_CCM,  
129 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,  
130 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,  
131 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384); 123 + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256);
132 } 124 }
133 125
134 /** Set DTLS Config */ 126 /** Set DTLS Config */
@@ -54,15 +54,9 @@ import java.security.spec.PKCS8EncodedKeySpec; @@ -54,15 +54,9 @@ import java.security.spec.PKCS8EncodedKeySpec;
54 import java.util.Arrays; 54 import java.util.Arrays;
55 55
56 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256; 56 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
57 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM;  
58 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8; 57 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
59 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;  
60 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA;  
61 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;  
62 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM;  
63 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8;  
64 -import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;  
65 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256; 58 import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256;
  59 +import static org.eclipse.californium.scandium.dtls.cipher.CipherSuite.TLS_PSK_WITH_AES_128_CCM_8;
66 import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.getCoapConfig; 60 import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.getCoapConfig;
67 61
68 @Slf4j 62 @Slf4j
@@ -112,21 +106,16 @@ public class LwM2MTransportServerConfiguration { @@ -112,21 +106,16 @@ public class LwM2MTransportServerConfiguration {
112 dtlsConfig.setRecommendedSupportedGroupsOnly(this.context.getCtxServer().isRecommendedSupportedGroups()); 106 dtlsConfig.setRecommendedSupportedGroupsOnly(this.context.getCtxServer().isRecommendedSupportedGroups());
113 dtlsConfig.setRecommendedCipherSuitesOnly(this.context.getCtxServer().isRecommendedCiphers()); 107 dtlsConfig.setRecommendedCipherSuitesOnly(this.context.getCtxServer().isRecommendedCiphers());
114 if (this.pskMode) { 108 if (this.pskMode) {
115 - dtlsConfig.setSupportedCipherSuites(TLS_PSK_WITH_AES_128_CBC_SHA256); 109 + dtlsConfig.setSupportedCipherSuites(
  110 + TLS_PSK_WITH_AES_128_CCM_8,
  111 + TLS_PSK_WITH_AES_128_CBC_SHA256);
116 } 112 }
117 else { 113 else {
118 -// dtlsConfig.setSupportedCipherSuites(TLS_PSK_WITH_AES_128_CBC_SHA256,  
119 -// TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);  
120 - dtlsConfig.setSupportedCipherSuites(TLS_PSK_WITH_AES_128_CBC_SHA256,  
121 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,  
122 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 114 + dtlsConfig.setSupportedCipherSuites(
  115 + TLS_PSK_WITH_AES_128_CCM_8,
  116 + TLS_PSK_WITH_AES_128_CBC_SHA256,
123 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 117 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
124 - TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,  
125 - TLS_ECDHE_ECDSA_WITH_AES_128_CCM,  
126 - TLS_ECDHE_ECDSA_WITH_AES_256_CCM,  
127 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,  
128 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,  
129 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384); 118 + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256);
130 } 119 }
131 120
132 121