New features and fixes for v0.3 (#25)

* [src] removed CSRAttrs, not used in cBRSKI * [src] remove Commissioner class, tests and related ace-java dependency (was used for CWT-like/token function) * [pom.xml] bump versions to avoid log4j related performance WARNING msg. * removal of ACE, doc updates, src format updates, and new generic-main function WIP. * [registrar] enable -registrar option to run the registrar function. * restructuring code for main and option parsing. * [all] use dedicated configs for each role; fix logging init to right levels. * [all] moved code to right packages; split Constants into 3 separate files; source style formatting. * [all][tests] remove HW related code from repo; code and test updates to remove code warnings/deprecation warnings. * [masa] bugfix missing return statements and code warning fixes. * [pom.xml] set release level at 11 (hopefully that should cover all used std lib functions like readAllBytes()) * [script] added helper script to avoid code duplication; removed unneeded scripts. * [all] coaps URI bugfix; log fix to avoid Californium library logs to show up always; code formatting. * [script] rename Docker container to ot-registrar:latest and some updates. * [pom.xml][brski][registrar] added proper telemetry printing in log; telemetry logic fix; minor source format updates; WIP v0.3 * [doc][script] run scripts bumped to run 0.3; documentation added for 0.2 and 0.3 releases * [credentials] renamed p12 files for uniform structure. * [pom] remove unused jSerialComm dependency * [script] build script added * [test] fix test path; source formatting * [script] +x on script; version JAR bugfix * [masa] fix port binding issue on 'weird' interfaces on test PC. * [all] minor source fixes and clarifications; pom.xml libraries bumped * [all] more log levels, new log format. * [registrar] add log msg for newly signed LDevID cert.
EskoDijk · Sep 1, 2024 · 3c09f3d · 3c09f3d
1 parent f4c78aa
commit 3c09f3d
Show file tree

Hide file tree

Showing 14 changed files with 158 additions and 55 deletions.
diff --git a/pom.xml b/pom.xml
@@ -15,8 +15,8 @@
  <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  <maven.compiler.release>11</maven.compiler.release>
  <jackson.version>2.9.7</jackson.version>
- <logback.version>1.2.13</logback.version>
- <junit.version>4.13.2</junit.version> 
+ <logback.version>1.5.7</logback.version>
+  <junit.version>4.13.2</junit.version>
  </properties>
 
  <dependencies>
@@ -54,7 +54,13 @@
  <dependency>
  <groupId>org.bouncycastle</groupId>
  <artifactId>bcpkix-jdk15on</artifactId>
- <version>1.69</version>
+ <version>1.70</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>2.0.16</version>
  </dependency>
 
  <dependency>
@@ -78,20 +84,13 @@
  <dependency>
  <groupId>com.google.code.gson</groupId>
  <artifactId>gson</artifactId>
- <version>2.8.5</version>
- </dependency>
-
- <!-- https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core -->
- <dependency>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-core</artifactId>
- <version>2.23.1</version>
+ <version>2.8.9</version>
  </dependency>
 
  <dependency>
  <groupId>io.undertow</groupId>
  <artifactId>undertow-core</artifactId>
- <version>2.2.8.Final</version>
+ <version>2.3.16.Final</version>
  </dependency>
 
  </dependencies>

diff --git a/src/main/java/com/google/openthread/Constants.java b/src/main/java/com/google/openthread/Constants.java
@@ -29,7 +29,7 @@
 package com.google.openthread;
 
 /**
- * OT Registrar specific constants are defined here.
+ * OT Registrar project-specific constants are defined here.
  */
 public class Constants {
 
@@ -39,5 +39,6 @@ public class Constants {
 
  // -- Other items
  public static final String KEY_STORE_FORMAT = "PKCS12";
- public static final long CERT_VALIDITY = 5 * 365; // LDevID validity in Days.
+ public static final long CERT_VALIDITY_DAYS = 5 * 365; // LDevID validity in Days.
+ public static final long CERT_VALIDITY_MILLISECONDS = CERT_VALIDITY_DAYS * 24 * 3600 * 1000;
 }
diff --git a/src/main/java/com/google/openthread/LoggerInitializer.java b/src/main/java/com/google/openthread/LoggerInitializer.java
@@ -38,10 +38,41 @@ public class LoggerInitializer {
 
  private static final String OPENTHREAD = "com.google.openthread";
  private static final String CALIFORNIUM = "org.eclipse.californium";
+ private static final String XNIO = "org.xnio";
+ private static final String JBOSS = "org.jboss";
+ private static final String UNDERTOW = "io.undertow";
 
- public static void Init(boolean verbose) {
- final Level level = verbose ? Level.DEBUG : Level.INFO;
- final Level levelLibrary = verbose ? Level.INFO : Level.WARN;
+ public static void Init(int verbosity) {
+ Level level, levelLibrary;
+
+ switch (verbosity) {
+ case 0:
+ level = Level.WARN;
+ levelLibrary = Level.ERROR;
+ break;
+ case 1:
+ level = Level.INFO;
+ levelLibrary = Level.WARN;
+ break;
+ case 2:
+ level = Level.DEBUG;
+ levelLibrary = Level.INFO;
+ break;
+ case 3:
+ level = Level.DEBUG;
+ levelLibrary = Level.DEBUG;
+ break;
+ case 4:
+ level = Level.TRACE;
+ levelLibrary = Level.DEBUG;
+ break;
+ case 5:
+ level = Level.TRACE;
+ levelLibrary = Level.TRACE;
+ break;
+ default:
+ throw new IllegalArgumentException("verbosity parameter must be <= 5");
+ }
 
  LoggerContext loggerContext = (LoggerContext) LoggerFactory.getILoggerFactory();
  List<Logger> loggerList = loggerContext.getLoggerList();
@@ -51,11 +82,19 @@ public static void Init(boolean verbose) {
  logger.setLevel(level);
  break;
  case CALIFORNIUM:
+ case XNIO:
+ case JBOSS:
+ case UNDERTOW:
  logger.setLevel(levelLibrary);
  break;
  }
  }
 
+ ((Logger)LoggerFactory.getLogger(OPENTHREAD)).setLevel(level);
+
  ((Logger)LoggerFactory.getLogger(CALIFORNIUM)).setLevel(levelLibrary);
+ ((Logger)LoggerFactory.getLogger(XNIO)).setLevel(levelLibrary);
+ ((Logger)LoggerFactory.getLogger(JBOSS)).setLevel(levelLibrary);
+ ((Logger)LoggerFactory.getLogger(UNDERTOW)).setLevel(levelLibrary);
  }
 }
diff --git a/src/main/java/com/google/openthread/NetworkUtils.java b/src/main/java/com/google/openthread/NetworkUtils.java
@@ -39,8 +39,9 @@ public class NetworkUtils {
 
  /**
  * Returns the IPv6-specific host string for a global address of the current host. For example,
- * "[2001:db8::3]". If no global IPv6 available it returns "[::1]". It will try to find an address
- * over all interfaces.
+ * "[2a01:7e01::ca98]". If no global IPv6 available it returns "[::1]". It will try to find an address
+ * over all interfaces. It will avoid the example IPv6 addresses "[2001:db8:...]" which may be used
+ * by Docker.
  *
  * @return IPv6-specific host string or "[::1]" if no global address available.
  */
@@ -49,6 +50,7 @@ public static String getIPv6Host() throws UnknownHostException, SocketException
  Enumeration<NetworkInterface> nifs;
  InetAddress addr;
  String retVal = "[::1]";
+ String addrStr;
  nifs = NetworkInterface.getNetworkInterfaces();
 
  // look for addresses per NIF
@@ -57,10 +59,12 @@ public static String getIPv6Host() throws UnknownHostException, SocketException
  Enumeration<InetAddress> nifAddrs = nif.getInetAddresses();
  while (nifAddrs.hasMoreElements()) {
  addr = nifAddrs.nextElement();
+ addrStr = addr.getHostAddress();
  if (addr instanceof Inet6Address
  && !addr.isLinkLocalAddress()
  && !addr.isLoopbackAddress()
- && !addr.isSiteLocalAddress()) {
+ && !addr.isSiteLocalAddress()
+ && !addrStr.startsWith("2001:db8")) {
  // ((Inet6Address) addr).getScopeId() // could check for scope id
  retVal = "[" + addr.getHostAddress() + "]";
  }

diff --git a/src/main/java/com/google/openthread/SecurityUtils.java b/src/main/java/com/google/openthread/SecurityUtils.java
@@ -463,7 +463,7 @@ public static X509Certificate genCertificate(
  new X500Name(issuerName),
  allocateSerialNumber(),
  new Date(System.currentTimeMillis()),
- new Date(System.currentTimeMillis() + (1000L * 3600 * 24 * Constants.CERT_VALIDITY)),
+ new Date(System.currentTimeMillis() + Constants.CERT_VALIDITY_MILLISECONDS),
  new X500Name(subName),
  subPub);
 

diff --git a/src/main/java/com/google/openthread/brski/CBORSerializer.java b/src/main/java/com/google/openthread/brski/CBORSerializer.java
@@ -40,7 +40,7 @@ public class CBORSerializer implements VoucherSerializer {
 
  protected CBORObject container;
  protected int parentSid = 0;
- private static Logger logger = LoggerFactory.getLogger(CBORSerializer.class);
+ private static final Logger logger = LoggerFactory.getLogger(CBORSerializer.class);
  Voucher voucher;
 
  @Override
@@ -191,7 +191,7 @@ public Voucher fromCBOR(CBORObject cbor) {
  break;
  }
  } catch (Exception e) {
- logger.error("bad voucher: " + e.getMessage(), e);
+ logger.error("bad voucher: {}", e.getMessage(), e);
  return null;
  }
 

diff --git a/src/main/java/com/google/openthread/domainca/DomainCA.java b/src/main/java/com/google/openthread/domainca/DomainCA.java
@@ -118,7 +118,7 @@ public X509Certificate signCertificate(PKCS10CertificationRequest csr) throws Ex
  X500Name issuer = getSubjectName();
  BigInteger serial = allocateSerialNumber();
  Date notBefore = new Date();
- Date notAfter = new Date(System.currentTimeMillis() + Constants.CERT_VALIDITY * 3600 * 24 * 1000);
+ Date notAfter = new Date(System.currentTimeMillis() + Constants.CERT_VALIDITY_MILLISECONDS);
  X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, serial, notBefore, notAfter, csr.getSubject(), csr.getSubjectPublicKeyInfo());
 
  logger.info("operational certificate not-before: " + notBefore.toString());

diff --git a/src/main/java/com/google/openthread/main/OtRegistrarConfig.java b/src/main/java/com/google/openthread/main/OtRegistrarConfig.java
@@ -38,7 +38,7 @@ public class OtRegistrarConfig {
  public String keyStoreFile;
  public String masaUri;
  public String registrarUri;
- public boolean logVerbose;
+ public int logVerbosity;
 
  static OtRegistrarConfig DefaultPledge() {
  OtRegistrarConfig config = new OtRegistrarConfig();
@@ -48,7 +48,7 @@ static OtRegistrarConfig DefaultPledge() {
  config.keyStoreFile = "./credentials/default_pledge.p12";
  config.masaUri = null;
  config.registrarUri = "coaps://localhost:5684";
- config.logVerbose = false;
+ config.logVerbosity = 0;
  return config;
  }
 
@@ -60,7 +60,7 @@ static OtRegistrarConfig DefaultRegistrar() {
  config.keyStoreFile = "./credentials/default_registrar.p12";
  config.masaUri = null;
  config.registrarUri = null;
- config.logVerbose = false;
+ config.logVerbosity = 0;
  return config;
  }
 
@@ -72,7 +72,7 @@ static OtRegistrarConfig DefaultMasa() {
  config.keyStoreFile = "./credentials/default_masa.p12";
  config.masaUri = null;
  config.registrarUri = null;
- config.logVerbose = false;
+ config.logVerbosity = 0;
  return config;
  }
 
@@ -94,7 +94,29 @@ public String ToString() {
  if (this.registrarUri != null) {
  s += "Registrar URI : " + this.registrarUri + "\n";
  }
- s += "Log verbose : " + (this.logVerbose ? "yes" : "no") + "\n";
+ s += "Log verbosity : " + this.logVerbosity + "\n";
+ return s;
+ }
+
+ public String ToStringSingleLine() {
+ String s;
+ s = "role=" + role.toString();
+ if (this.serverPort > 0) {
+ s += " port=" + this.serverPort;
+ }
+ if (this.domainName != null) {
+ s += " domain=" + this.domainName;
+ }
+ if (this.keyStoreFile != null) {
+ s += " keyfile=" + this.keyStoreFile;
+ }
+ if (this.masaUri != null) {
+ s += " masaUri=" + this.masaUri;
+ }
+ if (this.registrarUri != null) {
+ s += " registrarUri=" + this.registrarUri;
+ }
+ s += " verbosity=" + this.logVerbosity;
  return s;
  }
 }
diff --git a/src/main/java/com/google/openthread/main/OtRegistrarMain.java b/src/main/java/com/google/openthread/main/OtRegistrarMain.java
@@ -50,7 +50,7 @@ public final class OtRegistrarMain {
 
  public static void main(String[] args) {
 
- final String HELP_FORMAT = "[-registrar | -masa | -pledge] [-h] [-v] [-d <domain-name>] [-f <keystore-file>] [-p <udp-port>]";
+ final String HELP_FORMAT = "[-registrar | -masa | -pledge] [-h] [-d <domain-name>] [-f <keystore-file>] [-p <udp-port>] [-v] [-vv] [-vvv] [-vvvv]";
 
  HelpFormatter helper = new HelpFormatter();
  Options options = new Options();
@@ -97,7 +97,22 @@ public static void main(String[] args) {
  Option verboseOpt =
  Option.builder("v")
  .longOpt("verbose")
- .desc("verbose mode with many logs")
+ .desc("verbose mode for logs")
+ .build();
+
+ Option verboseVvOpt =
+ Option.builder("vv")
+ .desc("more verbose mode for logs")
+ .build();
+
+ Option verboseVvvOpt =
+ Option.builder("vvv")
+ .desc("even more verbose mode for logs")
+ .build();
+
+ Option verboseVvvvOpt =
+ Option.builder("vvvv")
+ .desc("most verbose mode for logs")
  .build();
 
  Option masaUriOpt =
@@ -130,6 +145,9 @@ public static void main(String[] args) {
  .addOption(fileOpt)
  .addOption(portOpt)
  .addOption(verboseOpt)
+ .addOption(verboseVvOpt)
+ .addOption(verboseVvvOpt)
+ .addOption(verboseVvvvOpt)
  .addOption(masaUriOpt)
  .addOption(registrarUriOpt)
  .addOption(helpOpt);
@@ -156,10 +174,20 @@ public static void main(String[] args) {
  return;
  }
 
+ config.logVerbosity = 0;
  if (cmd.hasOption('v')) {
- config.logVerbose = true;
+ config.logVerbosity = 1;
+ }
+ if (cmd.hasOption("vv")) {
+ config.logVerbosity = 2;
+ }
+ if (cmd.hasOption("vvv")) {
+ config.logVerbosity = 3;
+ }
+ if (cmd.hasOption("vvvv")) {
+ config.logVerbosity = 4;
  }
- LoggerInitializer.Init(config.logVerbose);
+ LoggerInitializer.Init(config.logVerbosity);
 
  if (cmd.hasOption('f')) {
  config.keyStoreFile = cmd.getOptionValue('f');
@@ -180,7 +208,8 @@ public static void main(String[] args) {
  return;
  }
 
- logger.info("Configuration:\n{}", config.ToString());
+ logger.info("Configuration: {}", config.ToStringSingleLine());
+ System.out.println("Configuration :\n" + config.ToString());
 
  switch (config.role) {
  case Registrar:

diff --git a/src/main/java/com/google/openthread/masa/MASA.java b/src/main/java/com/google/openthread/masa/MASA.java
@@ -407,16 +407,16 @@ private void initHttpServer()
  PathHandler masaPathHandler =
  new PathHandler()
  .addExactPath("/", new BlockingHandler(new RootResourceHttpHandler()))
- .addExactPath(
- "/.well-known/brski/requestvoucher",
+ .addExactPath("/.well-known/brski/requestvoucher",
  new BlockingHandler(new VoucherRequestHttpHandler()));
- // the :: binds to IPv6 addresses only.
+ // the :: binds to (hopefully) all available IPv4 and IPv6 addresses.
+ // the specific listeners using NetworkUtils.getIPvXHost() are meant to pick specific addresses only.
  httpServer =
  Undertow.builder()
- // .addHttpsListener(listenPort, "::", httpSsl)
- .addHttpsListener(listenPort, "localhost", httpSsl)
- .addHttpsListener(listenPort, NetworkUtils.getIPv4Host(), httpSsl)
- .addHttpsListener(listenPort, NetworkUtils.getIPv6Host(), httpSsl)
+ .addHttpsListener(listenPort, "::", httpSsl)
+ //.addHttpsListener(listenPort, "localhost", httpSsl)
+ //.addHttpsListener(listenPort, NetworkUtils.getIPv4Host(), httpSsl)
+ //.addHttpsListener(listenPort, NetworkUtils.getIPv6Host(), httpSsl)
  .setHandler(masaPathHandler)
  .build();
  }