Update: PR to focus on cBRSKI (#22)

* [src] removed CSRAttrs, not used in cBRSKI

* [src] remove Commissioner class, tests and related ace-java dependency (was used for CWT-like/token function)

* [pom.xml] bump versions to avoid log4j related performance WARNING msg.

* removal of ACE, doc updates, src format updates, and new generic-main function WIP.

* [registrar] enable -registrar option to run the registrar function.

* restructuring code for main and option parsing.

* [all] use dedicated configs for each role; fix logging init to right levels.

* [all] moved code to right packages; split Constants into 3 separate files; source style formatting.

* [all][tests] remove HW related code from repo; code and test updates to remove code warnings/deprecation warnings.

* [masa] bugfix missing return statements and code warning fixes.

* [pom.xml] set release level at 11 (hopefully that should cover all used std lib functions like readAllBytes())

* [script] added helper script to avoid code duplication; removed unneeded scripts.

* [all] coaps URI bugfix; log fix to avoid Californium library logs to show up always; code formatting.

* [script] rename Docker container to ot-registrar:latest and some updates.

.github/workflows/build.yml

@@ -43,7 +43,7 @@ jobs:
   package-test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Bootstrap
         run: script/bootstrap.sh
       - name: Package

.gitignore

@@ -1,7 +1,7 @@
-# Compiled class file
+# Compiled class files
 *.class
 
-# Log file
+# Log files
 *.log
 logs
 
@@ -11,7 +11,7 @@ logs
 # Mobile Tools for Java (J2ME)
 .mtj.tmp/
 
-# Package Files #
+# Package Files
 *.jar
 *.war
 *.nar
@@ -28,22 +28,15 @@ hs_err_pid*
 # maven
 target
 
-# idea
+# IDE files
 .idea
 .project
 *.iml
-
-# vscode
 .vscode
-
 .settings
 
-# utils
+# auto-generated config files
 Californium.properties
-thread-registrar.iml
 
 # Mac OS X
 .DS_Store
-
-# Thread Registrar Interface
-tri

AUTHORS

@@ -8,3 +8,4 @@
 # Authors who wish to be recognized in this file should add themselves (or
 # their employer, as appropriate).
 Google Inc.
+IoTconsultancy.nl

CONTRIBUTING.md

@@ -12,15 +12,15 @@ Help us keep OpenThread open and inclusive.  Please read and follow our [Code of
 
 ## Bugs
 
-If you find a bug in the source code, you can help us by [submitting a GitHub Issue](https://github.com/openthread/ot-registrar/issues/new). Even better, you can [submit a Pull Request](#submitting-a-pull-request) with a fix.
+If you find a bug in the source code, you can help us by [submitting a GitHub Issue](https://github.com/EskoDijk/ot-registrar/issues/new). Even better, you can [submit a Pull Request](#submitting-a-pull-request) with a fix.
 
 ## New features
 
-You can request a new feature by [submitting a GitHub Issue](https://github.com/openthread/ot-registrar/issues/new).
+You can request a new feature by [submitting a GitHub Issue](https://github.com/EskoDijk/ot-registrar/issues/new).
 
 If you would like to implement a new feature, please consider the scope of the new feature:
 
-* *Large feature* — [Submit a GitHub Issue](https://github.com/openthread/ot-registrar/issues/new) with your proposal so that the community can review and provide feedback first. Early feedback helps to ensure your proposal is accepted by the community, better coordinate our efforts, and minimize duplicated work.
+* *Large feature* — [Submit a GitHub Issue](https://github.com/EskoDijk/ot-registrar/issues/new) with your proposal so that the community can review and provide feedback first. Early feedback helps to ensure your proposal is accepted by the community, better coordinate our efforts, and minimize duplicated work.
 
 * *Small feature* — Can be implemented and directly [submitted as a Pull Request](#submitting-a-pull-request) without a proposal.
 
@@ -32,17 +32,17 @@ The OpenThread Project follows the "Fork-and-Pull" model for accepting contribut
 
 Setup your GitHub fork and continuous integration services:
 
-1. Fork the [OT Registrar repository](https://github.com/openthread/ot-registrar) by clicking **Fork** on the web UI.
-2. Enable [Travis CI](https://travis-ci.org/) by logging into the respective service with your GitHub account and enabling your newly created fork. We use Travis CI for Linux-based continuous integration checks. All contributions must pass these checks to be accepted.
+1. Fork the [OT Registrar repository](https://github.com/EskoDijk/ot-registrar) by clicking **Fork** on the web UI.
+2. Enable GitHub CI by logging into your GitHub account and enabling it on your newly created fork. We use CI for Linux-based continuous integration checks. All contributions must pass these checks to be accepted.
 
 Setup your local development environment:
 
 ```bash
 # Clone your fork
-git clone [email protected]:<username>/ot-registrar.git
+git clone https://<username>@github.com/EskoDijk/ot-registrar.git
 
 # Configure upstream alias
-git remote add upstream git@github.com:openthread/ot-registrar.git
+git remote add upstream https://<username>@github.com/EskoDijk/ot-registrar.git
 ```
 
 ### Submitting a pull request
@@ -99,11 +99,8 @@ This will open up a text editor where you can specify which commits to squash.
 
 #### Coding conventions and style
 
-OT Registrar uses and enforces the [Google Java Style](https://google.github.io/styleguide/javaguide.html) on all code. OT Registrar will automatically reformat the code when building the project with [maven](https://maven.apache.org). Use command `mvn com.coveo:fmt-maven-plugin:format` and `mvn com.coveo:fmt-maven-plugin:check` to explicitly reformat code and check for code-style compliance, respectively.
-
-As part of the cleanup process, also run `mvn com.coveo:fmt-maven-plugin:check` to ensure that your code passes the baseline code style checks.
-
-Make sure to include any code format changes in your commits.
+OT Registrar uses most of the [Google Java Style](https://google.github.io/styleguide/javaguide.html) at this moment. The reason for not using the full set of guidelines is that it introduces a very narrow line width (100), which makes code hard to read on normal-size desktop monitors used for coding that can easily handle long line lengths.
+For an IDE, the XML file for this style can be [downloaded](https://github.com/google/styleguide) and applied and the line width increased to 200.
 
 #### Push and test
 
@@ -115,8 +112,8 @@ git checkout <branch-name>
 git push origin <branch-name>
 ```
 
-This will trigger the Travis Continuous Integration (CI) checks. You can view the results in the respective services. Note that the integration checks will report failures on occasion. If a failure occurs, you may try rerunning the test using the Travis web UI.
+This will trigger Github Continuous Integration (CI) checks. You can view the results in the respective services.
 
 #### Submit the pull request
 
-Once you've validated the Travis CI results, go to the page for your fork on GitHub, select your development branch, and click the **Pull Request** button. If you need to make any adjustments to your pull request, push the updates to GitHub. Your pull request will automatically track the changes on your development branch and update.
+Once you've validated the CI results, go to the page for your fork on GitHub, select your development branch, and click the **Pull Request** button. If you need to make any adjustments to your pull request, push the updates to GitHub. Your pull request will automatically track the changes on your development branch and update.

GUIDE.md

@@ -30,7 +30,7 @@ All setup commands assume you are starting in the project's root directory.
 
 ## Run services
 
-The OT Registrar JAR file includes the [Registrar](https://tools.ietf.org/id/draft-ietf-anima-bootstrapping-keyinfra-16.html#rfc.section.1.2), [MASA](https://tools.ietf.org/id/draft-ietf-anima-bootstrapping-keyinfra-16.html#rfc.section.1.2) server, and a simulated [Pledge](https://tools.ietf.org/id/draft-ietf-anima-bootstrapping-keyinfra-16.html#rfc.section.1.2).
+The OT Registrar JAR file includes the Registrar, TBD [MASA](https://tools.ietf.org/id/draft-ietf-anima-bootstrapping-keyinfra-16.html#rfc.section.1.2) server, and a simulated [Pledge](https://tools.ietf.org/id/draft-ietf-anima-bootstrapping-keyinfra-16.html#rfc.section.1.2).
 
 ### Credentials
 

README.md

@@ -1,8 +1,8 @@
 # OpenThread Registrar
 
-Per [Thread](https://www.threadgroup.org/) 1.2 specification and [Bootstrapping Remote Secure Key Infrastructures (BRSKI)](https://tools.ietf.org/html/draft-ietf-anima-bootstrapping-keyinfra-16), a Domain Registrar securely registry new devices into a Thread Domain with zero-touch.
+The [Constrained Bootstrapping Remote Secure Key Infrastructures (cBRSKI)](https://datatracker.ietf.org/doc/html/draft-ietf-anima-constrained-voucher) IETF draft defines a Domain Registrar for securely onboarding new IoT devices into a network domain with zero-touch.
 
-OpenThread's implementation of a Domain Registrar is called OpenThread Registrar (OT Registrar).
+OpenThread's implementation of a cBRSKI Domain Registrar, used for onboarding Thread devices, is called OpenThread Registrar (OT Registrar).
 
 > Note: OT Registrar is still under development. We do not recommend using it in production yet.
 
@@ -18,10 +18,10 @@ Contributors are required to abide by our [Code of Conduct](CODE_OF_CONDUCT.md).
 
 ## Versioning
 
-OT Registrar follows the [Semantic Versioning guidelines](http://semver.org/) for release cycle transparency and to maintain backwards compatibility. OT Registrar's versioning is independent of the Thread protocol specification version but will clearly indicate which version of the specification it currently supports.
+OT Registrar follows the [Semantic Versioning guidelines](http://semver.org/) for release cycle transparency and to maintain backwards compatibility. OT Registrar's versioning is independent of the Thread protocol specification version.
 
 ## License
 
 OT Registrar is released under the [BSD 3-Clause license](LICENSE). See the [`LICENSE`](LICENSE) file for more information.
 
-Please only use the OpenThread and OT Registrar name and marks when accurately referencing this software distribution. Do not use the marks in a way that suggests you are endorsed by or otherwise affiliated with Nest, Google, or The Thread Group.
+Please only use the OpenThread and OT Registrar name and marks when accurately referencing this software distribution. Do not use the marks in a way that suggests you are endorsed by or otherwise affiliated with Nest, Google, or Thread Group.

pom.xml

@@ -6,17 +6,16 @@
 
   <groupId>com.google.openthread</groupId>
   <artifactId>ot-registrar</artifactId>
-  <version>0.1-SNAPSHOT</version>
+  <version>0.2</version>
 
   <name>OT Registrar</name>
   <url>https://openthread.io/</url>
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <maven.compiler.source>1.8</maven.compiler.source>
-    <maven.compiler.target>1.8</maven.compiler.target>
+    <maven.compiler.release>11</maven.compiler.release>
     <jackson.version>2.9.7</jackson.version>
-    <logback.version>1.2.3</logback.version>
+    <logback.version>1.2.13</logback.version>
 	<junit.version>4.13.2</junit.version>    
   </properties>
 
@@ -27,6 +26,7 @@
       <artifactId>junit</artifactId>
       <version>${junit.version}</version>
     </dependency>
+
     <dependency>
   		<groupId>com.upokecenter</groupId>
   		<artifactId>cbor</artifactId>
@@ -85,19 +85,7 @@
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-core</artifactId>
-      <version>2.17.1</version>
-    </dependency>
-
-    <dependency>
-      <groupId>se.sics</groupId>
-      <artifactId>ace</artifactId>
-      <version>0.0.1-SNAPSHOT</version>
-      <exclusions>
-      	<exclusion>
-      	  <groupId>org.slf4j</groupId>
-      	  <artifactId>slf4j-log4j12</artifactId>
-      	</exclusion>
-      </exclusions>
+      <version>2.23.1</version>
     </dependency>
 
     <dependency>
@@ -141,7 +129,14 @@
         </plugin>
         <plugin>
           <artifactId>maven-jar-plugin</artifactId>
-          <version>3.0.2</version>
+          <version>3.3.0</version>
+          <configuration>
+            <archive>
+              <manifestEntries>
+                <Multi-Release>true</Multi-Release>
+              </manifestEntries>
+            </archive>
+          </configuration>
         </plugin>
         <plugin>
           <artifactId>maven-install-plugin</artifactId>
@@ -172,7 +167,7 @@
             <configuration>
               <archive>
                 <manifest>
-                  <mainClass>com.google.openthread.registrar.RegistrarMain</mainClass>
+                  <mainClass>com.google.openthread.main.OtRegistrarMain</mainClass>
                 </manifest>
               </archive>
               <descriptorRefs>
@@ -186,19 +181,6 @@
           </execution>
         </executions>
       </plugin>
-
-      <plugin>
-        <groupId>com.coveo</groupId>
-        <artifactId>fmt-maven-plugin</artifactId>
-        <version>2.9</version>
-        <executions>
-          <execution>
-            <goals>
-              <goal>format</goal>
-            </goals>
-          </execution>
-        </executions>
-      </plugin>
     </plugins>
   </build>
 </project>

script/Dockerfile

@@ -25,7 +25,7 @@
 #  POSSIBILITY OF SUCH DAMAGE.
 #
 
-FROM ubuntu:18.04
+FROM ubuntu:22.04
 
 RUN apt-get update
 
@@ -37,7 +37,7 @@ RUN apt-get install maven git sudo lsb-core net-tools -y
 
 #RUN add-apt-repository ppa:openjdk-r/ppa
 #RUN apt-get update
-RUN apt-get install openjdk-8-jdk -y
+RUN apt-get install openjdk-11-jdk -y
 RUN java -version
 
 WORKDIR /home/ot-registrar
@@ -46,10 +46,11 @@ COPY . .
 
 # RUN mvn clean package
 
+# CMD triggers a warning as per https://docs.docker.com/reference/build-checks/json-args-recommended/
+# FIXME check if it should be CMD or SHELL; and if the 'bash' part should be split off.
 CMD ./script/run-servers.sh && bash
 
+# TODO: enable ports to let Registrar receive external traffic (5684).
 #EXPOSE 5683:5683/udp
-
-#EXPOSE 5684:5684/udp
-
+EXPOSE 5684:5684/udp
 #EXPOSE 5685:5685/udp

script/bootstrap.sh

@@ -29,8 +29,6 @@
 
 set -e
 
-ACE_REPO=https://bitbucket.org/marco-tiloca-sics/ace-java
-
 ## Test if we has the given command.
 ## Args: $1, the command.
 has_command() {
@@ -61,15 +59,4 @@ install_toolchain() {
     mvn -verion
 }
 
-install_ace() {
-    if [ ! -d ace ]; then
-        git clone $ACE_REPO ace
-    fi
-    cd ace
-        mvn -DskipTests install
-    cd -
-    rm -rf ace
-}
-
 install_toolchain
-install_ace

script/build-docker-image.sh

@@ -29,15 +29,8 @@
 
 set -e
 
-## This is not a public repository, make sure you have the access!
-readonly [email protected]:threadgroup/tce-registrar-java.git
-
 readonly IMAGE_NAME=ot-registrar
-
-if [ ! -d tri ]; then
-    echo "cloning 'tce-registrar-java' into 'tri'..."
-    git clone $TRI_REPO tri
-fi
+readonly VERSION=latest
 
 # Enable ipv6
 if [ ! -f /etc/docker/daemon.json ]; then
@@ -46,12 +39,14 @@ if [ ! -f /etc/docker/daemon.json ]; then
     sudo systemctl restart docker
 fi
 
-# Create docker image if not exist
+# Create docker image if not existing yet
 if ! $(sudo docker image ls | grep -q "${IMAGE_NAME}"); then
+    # Building package
+    echo "building OT Registrar package..."
+    mvn clean -Dmaven.test.skip=true package
+
     echo "building docker image..."
-    sudo docker build --no-cache -f script/Dockerfile -t ubuntu:${IMAGE_NAME} .
+    sudo docker build --no-cache -f script/Dockerfile -t ${IMAGE_NAME}:${VERSION} .
+else
+    echo "Docker image '${IMAGE_NAME}' is already present."
 fi
-
-# Building package
-echo "building OT Registrar package..."
-mvn clean -Dmaven.test.skip=true package

script/cose-validator.sh

@@ -27,4 +27,4 @@
 #  POSSIBILITY OF SUCH DAMAGE.
 #
 
-java -cp target/ot-registrar-0.1-SNAPSHOT-jar-with-dependencies.jar com.google.openthread.tools.CoseValidator $1 $2
+./script/helper-cp-run.sh com.google.openthread.tools.CoseValidator $@

script/create-keystore-ietf-draft-constrained-brski.sh

@@ -1,9 +1,36 @@
  #!/bin/bash
+#
+#  Copyright (c) 2022, The OpenThread Registrar Authors.
+#  All rights reserved.
+#
+#  Redistribution and use in source and binary forms, with or without
+#  modification, are permitted provided that the following conditions are met:
+#  1. Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+#  2. Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in the
+#     documentation and/or other materials provided with the distribution.
+#  3. Neither the name of the copyright holder nor the
+#     names of its contributors may be used to endorse or promote products
+#     derived from this software without specific prior written permission.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+#  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+#  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+#  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+#  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+#  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+#  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+#  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+#  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+#  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+#  POSSIBILITY OF SUCH DAMAGE.
+#
  CREDS=./credentials/ietf-draft-constrained-brski
  echo "Creating .p12 keystore file for credentials in $CREDS ..."
- java -cp target/ot-registrar-0.1-SNAPSHOT-jar-with-dependencies.jar com.google.openthread.tools.CredentialGenerator \
+ ./script/helper-cp-run.sh com.google.openthread.tools.CredentialGenerator \
               -c $CREDS/domain_ca.pem $CREDS/privkey_domain_ca.pem \
               -r $CREDS/registrar.pem $CREDS/privkey_registrar.pem \
               -m $CREDS/masa_ca.pem $CREDS/privkey_masa_ca.pem \
               -p $CREDS/pledge.pem $CREDS/privkey_pledge.pem \
-              -o ./credentials/keystore_ietf-draft-constrained-brski.p12
+              -o ./credentials/keystore_ietf-draft-constrained-brski.p12