Get group OSCORE roll over functionality in place

Put the functionality in place for doing group rollover of groups.

* Define a new class for OSCORE events
* Put the event notification points for those events
* Make the server security context set be set on the server and no longer global
* Add functions to the SecurityContext for setting up group roll overs.

CoAP.Example/CoAP.Client/ExampleClient.cs

@@ -264,6 +264,7 @@ private static SecurityContextSet LoadContextSet(string fileName)
         {
             if (fileName == null) fileName = "ServerKeys.cbor";
             KeySet keys = new KeySet();
+            SecurityContextSet newSet = new SecurityContextSet();
 
             FileStream fs = new FileStream(fileName, FileMode.Open);
             using (BinaryReader reader = new BinaryReader(fs)) {
@@ -281,7 +282,7 @@ private static SecurityContextSet LoadContextSet(string fileName)
                                 key[CBORObject.FromObject("RecipID")].GetByteString(),
                                 key[CBORObject.FromObject("SenderID")].GetByteString(), null,
                                 key[CoseKeyKeys.Algorithm]);
-                            SecurityContextSet.AllContexts.Add(ctx);
+                            newSet.Add(ctx);
                             break;
                         }
                         else if (usage == "oscoap-group") {
@@ -292,7 +293,7 @@ private static SecurityContextSet LoadContextSet(string fileName)
                             foreach (CBORObject recipient in key[CBORObject.FromObject("recipients")].Values) {
                                 ctx.AddRecipient(recipient[CBORObject.FromObject("RecipID")].GetByteString(), new OneKey( recipient[CBORObject.FromObject("sign")]));
                             }
-                            SecurityContextSet.AllContexts.Add(ctx);
+                            newSet.Add(ctx);
                         }
                     }
 
@@ -304,7 +305,7 @@ private static SecurityContextSet LoadContextSet(string fileName)
             }
 
             //
-            return SecurityContextSet.AllContexts;
+            return newSet;
 
         }
     }

CoAP.NET/CoAP.Std10.csproj

@@ -25,6 +25,8 @@ It is intented primarily for research and verification work.
 1.6
   - Use cache key fields for matching blockwise transfers.
   - Some corrections for blockwise transfers over TCP
+  - Put in events to deal with OSCORE declared errors - IV exhaustion and unknown groups among others
+  - Move the global OSCORE security contexts to be server specific
 1.5
   - Update to use CBOR package 4.0.0 due to a security bug found.
 1.4
@@ -192,6 +194,7 @@ It is intented primarily for research and verification work.
     <Compile Include="OSCOAP\HKDF.cs" />
     <Compile Include="OSCOAP\OscoapLayer.cs" />
     <Compile Include="OSCOAP\OscoapOption.cs" />
+    <Compile Include="OSCOAP\OscoreEvent.cs" />
     <Compile Include="OSCOAP\SecureBlockwiseLayer.cs" />
     <Compile Include="OSCOAP\SecurityContext.cs" />
     <Compile Include="OSCOAP\SecurityContextSet.cs" />

CoAP.NET/DTLS/DTLSClientEndPoint.cs

@@ -126,8 +126,8 @@ private void OnTlsEvent(Object o, TlsEvent e)
 
         public KeySet CwtTrustKeySet
         {
-            get { return ((DTLSClientChannel) _channel).CwtTrustKeySet; }
-            set { ((DTLSClientChannel) _channel).CwtTrustKeySet = value; }
+            get { return ((DTLSClientChannel) dataChannel).CwtTrustKeySet; }
+            set { ((DTLSClientChannel) dataChannel).CwtTrustKeySet = value; }
         }
     }
 }

CoAP.NET/Net/CoAPEndPoint.cs

@@ -15,6 +15,7 @@
 using Com.AugustCellars.CoAP.Channel;
 using Com.AugustCellars.CoAP.Codec;
 using Com.AugustCellars.CoAP.Log;
+using Com.AugustCellars.CoAP.OSCOAP;
 using Com.AugustCellars.CoAP.Stack;
 using Com.AugustCellars.CoAP.Threading;
 using DataReceivedEventArgs = Com.AugustCellars.CoAP.Channel.DataReceivedEventArgs;
@@ -42,7 +43,7 @@ public class CoAPEndPoint : IEndPoint, IOutbox
         /// <returns>Message decoder object</returns>
         public delegate IMessageDecoder FindMessageDecoder(byte[] data);
 
-        protected readonly IChannel _channel;
+        protected readonly IChannel dataChannel;
         readonly CoapStack _coapStack;
         private IMessageDeliverer _deliverer;
         private readonly IMatcher _matcher;
@@ -116,11 +117,11 @@ public CoAPEndPoint(System.Net.EndPoint localEndPoint, ICoapConfig config)
         /// </summary>
         public CoAPEndPoint(IChannel channel, ICoapConfig config)
         {
-            _channel = channel ?? throw new ArgumentNullException(nameof(channel));
+            dataChannel = channel ?? throw new ArgumentNullException(nameof(channel));
             Config = config;
             _matcher = new Matcher(config);
             _coapStack = new CoapStack(config);
-            _channel.DataReceived += ReceiveData;
+            dataChannel.DataReceived += ReceiveData;
             EndpointSchema = new []{"coap", "coap+udp"};
         }
 
@@ -155,6 +156,9 @@ public IMessageDeliverer MessageDeliverer
             get => _deliverer ?? (_deliverer = new ClientMessageDeliverer());
         }
 
+        /// <inheritdoc/>
+        public SecurityContextSet SecurityContexts { get; set; }
+
         /// <summary>
         /// Return the message decoder to use with the end point
         /// </summary>
@@ -186,7 +190,7 @@ public CoapStack Stack
         /// <inheritdoc/>
         public bool AddMulticastAddress(IPEndPoint ep)
         {
-            return _channel.AddMulticastAddress(ep);
+            return dataChannel.AddMulticastAddress(ep);
         }
 #endif
 
@@ -201,11 +205,11 @@ public void Start()
                 Executor = Executors.Default;
             }
 
-            LocalEndPoint = _channel.LocalEndPoint;
+            LocalEndPoint = dataChannel.LocalEndPoint;
             try {
                 _matcher.Start();
-                _channel.Start();
-                LocalEndPoint = _channel.LocalEndPoint;
+                dataChannel.Start();
+                LocalEndPoint = dataChannel.LocalEndPoint;
             }
             catch {
                 _Log.Warn(m => m("Cannot start endpoint at {0}", LocalEndPoint));
@@ -223,7 +227,7 @@ public void Stop()
             }
 
             _Log.Debug(m => m("Stopping endpoint bound to {0}", LocalEndPoint));
-            _channel.Stop();
+            dataChannel.Stop();
             _matcher.Stop();
             _matcher.Clear();
         }
@@ -241,7 +245,7 @@ public void Dispose()
                 Stop();
             }
 
-            _channel.Dispose();
+            dataChannel.Dispose();
             IDisposable d = _matcher as IDisposable;
             if (d != null) {
                 d.Dispose();
@@ -302,7 +306,7 @@ private void ReceiveData(DataReceivedEventArgs e)
 
                         Fire(SendingEmptyMessage, rst);
 
-                        _channel.Send(Serialize(rst), e.Session, rst.Destination);
+                        dataChannel.Send(Serialize(rst), e.Session, rst.Destination);
 
                         _Log.Warn(m => m("Message format error caused by {0} and reset.", e.EndPoint));
                     }
@@ -423,8 +427,8 @@ private void ReceiveData(DataReceivedEventArgs e)
                                     op2.IntValue = (int) op.Type;
                                     signal.AddOption(op2);
 
-                                    _channel.Send(Serialize(signal), e.Session, e.EndPoint);
-                                    _channel.Abort(e.Session);
+                                    dataChannel.Send(Serialize(signal), e.Session, e.EndPoint);
+                                    dataChannel.Abort(e.Session);
                                     break;
                             }
                         }
@@ -433,19 +437,19 @@ private void ReceiveData(DataReceivedEventArgs e)
                     case SignalCode.Ping:
                         signal = new SignalMessage(SignalCode.Pong);
                         signal.Token = message.Token;
-                        _channel.Send(Serialize(signal), e.Session, e.EndPoint);
+                        dataChannel.Send(Serialize(signal), e.Session, e.EndPoint);
                         break;
 
                     case SignalCode.Pong:
                         _Log.Info(m => m("PONG"));
                         break;
 
                     case SignalCode.Release:
-                        _channel.Release(e.Session);
+                        dataChannel.Release(e.Session);
                         break;
 
                     case SignalCode.Abort:
-                        _channel.Abort(e.Session);
+                        dataChannel.Abort(e.Session);
                         break;
                 }
             }
@@ -460,8 +464,9 @@ private void Reject(Message message)
 
             Fire(SendingEmptyMessage, rst);
 
-            if (!rst.IsCancelled)
-                _channel.Send(Serialize(rst),  null /*message.Session*/, rst.Destination);
+            if (!rst.IsCancelled) {
+                dataChannel.Send(Serialize(rst),  null /*message.Session*/, rst.Destination);
+            }
         }
 
         private Byte[] Serialize(EmptyMessage message)
@@ -539,9 +544,9 @@ void IOutbox.SendRequest(Exchange exchange, Request request)
 
             if (!request.IsCancelled) {
                 if (request.Session == null) {
-                    request.Session = _channel.GetSession(request.Destination);
+                    request.Session = dataChannel.GetSession(request.Destination);
                 }
-                _channel.Send(Serialize(request), request.Session, request.Destination);
+                dataChannel.Send(Serialize(request), request.Session, request.Destination);
             }
         }
 
@@ -552,7 +557,7 @@ void IOutbox.SendResponse(Exchange exchange, Response response)
             Fire(SendingResponse, response);
 
             if (!response.IsCancelled) {
-                _channel.Send(Serialize(response), response.Session, response.Destination);
+                dataChannel.Send(Serialize(response), response.Session, response.Destination);
             }
         }
 
@@ -563,7 +568,7 @@ void IOutbox.SendEmptyMessage(Exchange exchange, EmptyMessage message)
             Fire(SendingEmptyMessage, message);
 
             if (!message.IsCancelled) {
-                _channel.Send(Serialize(message), exchange.Request.Session, message.Destination);
+                dataChannel.Send(Serialize(message), exchange.Request.Session, message.Destination);
             }
         }
     }

CoAP.NET/Net/Exchange.cs

@@ -105,7 +105,7 @@ public bool TimedOut
         /// Gets or sets the status of the security blockwise transfer of the request,
         /// or null in case of a normal transfer,
         /// </summary>
-        public BlockwiseStatus OSCOAP_RequestBlockStatus { get; set; }
+        public BlockwiseStatus OscoreRequestBlockStatus { get; set; }
 
         /// <summary>
         /// Gets or sets the status of the security blockwise transfer of the response,
@@ -284,7 +284,7 @@ public override bool Equals(object obj)
                     return false;
                 }
 
-                return _id == other._id && object.Equals(_endpoint, other._endpoint); // && (_session == other._session);
+                return _id == other._id && Equals(_endpoint, other._endpoint); // && (_session == other._session);
             }
 
             /// <inheritdoc/>

CoAP.NET/Net/IEndPoint.cs

@@ -11,7 +11,7 @@
 
 using System;
 using System.Net;
-using System.Reflection;
+using Com.AugustCellars.CoAP.OSCOAP;
 
 namespace Com.AugustCellars.CoAP.Net
 {
@@ -38,6 +38,10 @@ public interface IEndPoint : IDisposable
         /// </summary>
         IMessageDeliverer MessageDeliverer { get; set; }
         /// <summary>
+        /// Gets/sets the OSCORE contexts
+        /// </summary>
+        SecurityContextSet SecurityContexts { get; set; }
+        /// <summary>
         /// Gets the outbox.
         /// </summary>
         IOutbox Outbox { get; }