dendi-wang/thingsboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Lwm2m: DeviceProfile validate securityKey JsonNode

Browse Source
This commit is contained in:
nickAS21 2021-08-10 16:58:32 +03:00
parent e4941fdd10
commit b40d0a7ac2
2 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
application/src/main/java/org/thingsboard/server/service/lwm2m/LwM2MServerSecurityInfoRepository.java
View File

@ -17,7 +17,7 @@ package org.thingsboard.server.service.lwm2m;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.node.ObjectNode; import com.fasterxml.jackson.databind.JsonNode;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.eclipse.leshan.core.SecurityMode; import org.eclipse.leshan.core.SecurityMode;
@ -84,13 +84,13 @@ public class LwM2MServerSecurityInfoRepository {
} }
public void verifySecurityKeyDevice(DeviceCredentials deviceCredentials) throws InvalidConfigurationException, JsonProcessingException { public void verifySecurityKeyDevice(DeviceCredentials deviceCredentials) throws InvalidConfigurationException, JsonProcessingException {
ObjectNode nodeCredentialsValue = deviceCredentials.getNodeCredentialsValue(); JsonNode nodeCredentialsValue = deviceCredentials.getNodeCredentialsValue();
checkClientKey ((ObjectNode) nodeCredentialsValue.get("client")); checkClientKey (nodeCredentialsValue.get("client"));
checkServerKey ((ObjectNode) nodeCredentialsValue.get("bootstrap").get("bootstrapServer"), "Client`s by bootstrapServer"); checkServerKey (nodeCredentialsValue.get("bootstrap").get("bootstrapServer"), "Client`s by bootstrapServer");
checkServerKey ((ObjectNode) nodeCredentialsValue.get("bootstrap").get("lwm2mServer"), "Client`s by lwm2mServer"); checkServerKey (nodeCredentialsValue.get("bootstrap").get("lwm2mServer"), "Client`s by lwm2mServer");
} }
private void checkClientKey (ObjectNode node) throws InvalidConfigurationException { private void checkClientKey (JsonNode node) throws InvalidConfigurationException {
String modeName = node.get("securityConfigClientMode").asText(); String modeName = node.get("securityConfigClientMode").asText();
// checks security config // checks security config
@ -108,7 +108,7 @@ public class LwM2MServerSecurityInfoRepository {
} }
private void checkServerKey (ObjectNode node, String serverType) throws InvalidConfigurationException { private void checkServerKey (JsonNode node, String serverType) throws InvalidConfigurationException {
String modeName = node.get("securityMode").asText(); String modeName = node.get("securityMode").asText();
// checks security config // checks security config
if (SecurityMode.RPK.name().equals(modeName)) { if (SecurityMode.RPK.name().equals(modeName)) {
@ -118,7 +118,7 @@ public class LwM2MServerSecurityInfoRepository {
} }
} }
protected void checkRPKServer(ObjectNode node, String serverType) throws InvalidConfigurationException { protected void checkRPKServer(JsonNode node, String serverType) throws InvalidConfigurationException {
String value = node.get("clientSecretKey").textValue(); String value = node.get("clientSecretKey").textValue();
assertIf(decodeRfc5958PrivateKey(Hex.decodeHex(value.toCharArray())) == null, assertIf(decodeRfc5958PrivateKey(Hex.decodeHex(value.toCharArray())) == null,
"raw-public-key mode, " + serverType + " secret key must be RFC5958 encoded private key"); "raw-public-key mode, " + serverType + " secret key must be RFC5958 encoded private key");
@ -127,7 +127,7 @@ public class LwM2MServerSecurityInfoRepository {
"raw-public-key mode, " + serverType + " public key or id must be RFC7250 encoded public key"); "raw-public-key mode, " + serverType + " public key or id must be RFC7250 encoded public key");
} }
protected void checkX509Server(ObjectNode node, String serverType) throws InvalidConfigurationException { protected void checkX509Server(JsonNode node, String serverType) throws InvalidConfigurationException {
String value = node.get("clientSecretKey").textValue(); String value = node.get("clientSecretKey").textValue();
assertIf(decodeRfc5958PrivateKey(Hex.decodeHex(value.toCharArray())) == null, assertIf(decodeRfc5958PrivateKey(Hex.decodeHex(value.toCharArray())) == null,
"x509 mode " + serverType + " secret key must be RFC5958 encoded private key"); "x509 mode " + serverType + " secret key must be RFC5958 encoded private key");

6
common/data/src/main/java/org/thingsboard/server/common/data/security/DeviceCredentials.java
View File

@ -16,8 +16,8 @@
package org.thingsboard.server.common.data.security; package org.thingsboard.server.common.data.security;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import lombok.EqualsAndHashCode; import lombok.EqualsAndHashCode;
import org.thingsboard.server.common.data.BaseData; import org.thingsboard.server.common.data.BaseData;
import org.thingsboard.server.common.data.id.DeviceCredentialsId; import org.thingsboard.server.common.data.id.DeviceCredentialsId;
@ -90,9 +90,9 @@ public class DeviceCredentials extends BaseData<DeviceCredentialsId> implements
+ id + "]"; + id + "]";
} }
public ObjectNode getNodeCredentialsValue () throws JsonProcessingException { public JsonNode getNodeCredentialsValue () throws JsonProcessingException {
ObjectMapper mapper = new ObjectMapper(); ObjectMapper mapper = new ObjectMapper();
return (ObjectNode) mapper.readTree(this.credentialsValue); return mapper.readTree(this.credentialsValue);
} }
} }