aiocoap.transports.oscore module¶
This module implements a RequestProvider for OSCORE. As such, it takes routing ownership of requests that it has a security context available for, and sends off the protected messages via another transport.
This transport is a bit different from the others because it doesn’t have its dedicated URI scheme, but purely relies on preconfigured contexts.
So far, this transport only deals with outgoing requests, and does not help in building an OSCORE server. (Some code that could be used here in future resides in contrib/oscore-plugtest/plugtest-server as the ProtectedSite class.
In outgoing request, this transport automatically handles Echo options that appear to come from RFC8613 Appendix B.1.2 style servers. They indicate that the server could not process the request initially, but could do so if the client retransmits it with an appropriate Echo value.
Unlike other transports that could (at least in theory) be present multiple
times in aiocoap.protocol.Context.request_interfaces
(eg. because there
are several bound sockets), this is only useful once in there, as it has no own
state, picks the OSCORE security context from the CoAP
aiocoap.protocol.Context.client_credentials
when populating the remote
field, and handles any populated request based ono its remote.security_context
property alone.
- class aiocoap.transports.oscore.OSCOREAddress(security_context, underlying_address)¶
Bases:
_OSCOREAddress
,EndpointAddress
Remote address type for
TransportOSCORE
.- property hostinfo¶
The authority component of URIs that this endpoint represents when request are sent to it
Note that the presence of a hostinfo does not necessarily mean that globally meaningful or even syntactically valid URI can be constructed out of it; use the
uri
property for this.
- property hostinfo_local¶
The authority component of URIs that this endpoint represents when requests are sent from it.
As with
hostinfo
, this does not necessarily produce sufficient input for a URI; useuri_local
instead.
- property uri_base¶
The base URI for the peer (typically scheme plus .hostinfo).
This raises
error.AnonymousHost
when executed on an address whose peer coordinates can not be expressed meaningfully in a URI.
- property uri_base_local¶
The base URI for the local side of this remote.
This raises
error.AnonymousHost
when executed on an address whose local coordinates can not be expressed meaningfully in a URI.
- property scheme¶
The that is used with addresses of this kind
This is usually a class property. It is applicable to both sides of the communication. (Should there ever be a scheme that addresses the participants differently, a scheme_local will be added.)
- property authenticated_claims¶
Iterable of objects representing any claims (e.g. an identity, or generally objects that can be used to authorize particular accesses) that were authenticated for this remote.
This is experimental and may be changed without notice.
Its primary use is on the server side; there, a request handler (or resource decorator) can use the claims to decide whether the client is authorized for a particular request. Use on the client side is planned as a requirement on a request, although (especially on side-effect free non-confidential requests) it can also be used in response processing.
- is_multicast = False¶
- is_multicast_locally = False¶
- maximum_payload_size = 1024¶
- maximum_block_size_exp = 6¶
- property blockwise_key¶
A hashable (ideally, immutable) value that is only the same for remotes from which blocks may be combined. (With all current transports that means that the network addresses need to be in there, and the identity of the security context).
It does not just hinge on the identity of the address object, as a first block may come in an OSCORE group request and follow-ups may come in pairwise requests. (And there might be allowed relaxations on the transport under OSCORE, but that’d need further discussion).
- class aiocoap.transports.oscore.TransportOSCORE(context, forward_context)¶
Bases:
RequestProvider
- async fill_or_recognize_remote(message)¶
- async shutdown()¶