How to use the latest version of Californium

My first question:

Does the nrf5 sdk 16 really use x509? if not, a lot of stuff is not required.

Second:

wouldn't it be easier to copy the current SecureServer into Nrf5xSecureServer and add the resources

        server.add(new CoapResource("lights").add(new DevKitResource("led3"), new DevKitResource("led4")));

instead of trying to make the "old" Nrf5xSecureServer working with 2.3.0?

Third:

"iot.eclipse.org" is not longer coap ;-(. The Californium sandbox is available under californium.eclipse.org.

And, I also guess, using the new one and apply your adaptions is easier. Even, if I don't know at all, what was added. My feeling is, with the newest 2.4.0 added cli-support to the console, that changes are obsolete.

So, maybe it's easier in both cases to check first the diffs of the old implementations (nrf vs. old californium), and then try to add that diffs to the current implementations. if you post the diffs, I will provide my feedback.

Just to add:

My impression summer 2019 was, that the nrf variants are mainly small modifications of the old californium examples. Therefore I think, apply the changes to the curren californium examples will be easier.

I currently checked the nrf sdk's for that IoT support - the v16 from Okt 2019 seems to be the last one, the examples/iot has been removed on the v17. So, I'm not sure, if make sense to continue with that migration/update. Maybe "OpenThread" is now the favorite for Nordic, and so I would guess, it will pay more off, to use that.

Hi Achim Kraus and Didrik Rokhaug, thank you for your kind assistance! I have been buried under some other tasks so I was not able to reply until now, but I would look at the changed Didrik made and re-evaluate. It was unclear why the iot examples were removed from the nRF5 SDK v17, but it looks like there is just a separate fork of the mainline code that is the nRF5 SDK 4.1.0 for Thread. In any event, I am using the CoAP example that runs on OpenThread. This is found in: examples\thread\cloud\google_iot_coap

The google coap-proxy demo is just a demo so I was looking to use that firmware example and get it to work with the standalone californium bits. This gives some flexibilty as to where the instance of californium lives. I want to eventually perform the DTLS handshake with X.509 certificates, but for initial test, PSK mode is fine. 

Here is an updated version of the guide:

(https://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.iotsdk.v0.9.0%2Fiot_sdk_user_guides_java_coaps.html)

Prerequisites:

- Java Developlment Kit

- Eclipse IDE for Java

- Git

- Californium source code. Use git to clone to a local directory. This guide is based on the 2.4.1 tag.

- Californium Tools source code. Use git to clone to a local directory. This guide is based on the 2.4.1 tag.

- This guide is based on nRF5 SDK version 16.0.0 but uses updated Java source files. The new files are attached at the bottom.

Preparing the workspace

Add supplied files to the local repositories

1. Copy the secure CoAP client applcation (1 java source file, don't copy the directory) from coap_guide/pc_client into <Local Repositories>/californium.tools/cf-client/src/main/java/org/eclipse/californium/tools

2. Copy the secure CoAP server application (2 Java source files, don't copy the directory) from coap_guide/pc_server into <Local Repositories>/californium/demo-apps/cf-secure/src/main/java/org/eclipse/californium/examples

Import projects

1. Open a blank workspace in Eclipse.

2. Choose File menu > Import... and select Maven > Existing Maven Projects.

3. Select the directory where you cloned the Californium repository and click Finish.

4. Repeat steps 2 and 3 with the Californium Tools project.

Change settings

1. Open the following file: <Local Repositories>/californium/scandium-core/src/main/java/org/eclipse/californium/scandium/config/DtlsConnectorConfig.java

2. On line 184 set retransmissionTimeout to 20000:

private Integer retransmissionTimeout = 20000;

4. Save and close DtlsConnectoConfig.java.

5. Open the following file: <Local Repositories>/californium/californium-core/src/main/java/org/eclipse/californium/core/network/config/NetworkConfigDefaults.java

6. On line 197 set the default value for ACK_TIMEOUT to 200000:

config.setInt(NetworkConfig.Keys.ACK_TIMEOUT, 200000);

7. Save and close NetworkConfigDefault.java

Known limitations

When trying the examples, there are some limitations and behavior that should be taken into account:

1. When sending the first request from the nRF5x DK, the DTLS handshake phase might take up to 3 minutes to complete.

2. Since the example has no way of knowing if a DTLS session is closed, it cannot free its resources until it is reset. if you invoke the client multiple times, the dev kit will not be able to establish a new session. From the client side, you will appear to get a timeout.

3. If you modify the client to use an unsupported cipher suite, you will get a timeout when trying to connect.

Running a secure CoAP server

1. Open the secure CoAP server implementation: <Local Repositories>/californium/demo-apps/ch-secure/src/main/java/org/eclipse/californium/examples/Nrf5xSecureServer.java

2. On line 99 set the IPv6 address of the local interface that is to be used. E.g.:

InetAddress myIPv6Addr = Inet6Address.getByName("2001:db8:ac10:fe01::1");

3. The secure server is ready to be started by pressing Ctrl+F11.

The expected output of the server is as follows:

(...)
Secure CoAT server powered by Scandium (Sc) is listening on port 5684

Running a secure CoAP client

1. Open the secure CoAP client implementation: <Local Repositories>/californium.tools/cf-client/src/main/java/org/eclipse/californium/tools/Nrf5xConsoleClient.java

2. On line 224 set the IPv6 address of the local interface that is to be used as the source of the CoAP requests. E.g.:

InetAddress myIPv6Addr = Inet6Address.getByName("2001:db8:ac10:fe01::1");

3. To view the documentation of the application run it without command line arguments.

4. In Eclipse, choose the Run menu > Run configuration... item to create a run configuration for Nrf5xConsoleClient.java with the correct command line arguments. Uase coaps as URI scheme for secure requests.

Run configuration for Nrf5xConsoleClient.java. Replace REMOTE_SERVER_IPv6_ADDRESS with actual IPv6 address of the server.

If the DTLS handshake is successfu, the server will print the following lines to the console (these lines will be interleaved with other messages that pertain to the DTLS handshake):

(...)

16 INFO [MessageTracer]: /2001:0DB8:AC10:FE01:0:0:0:1:5694 ==> req CON-GET    MID=14675, Token=0e6e0e5d, OptionSet={"Uri-Path":[".well-known","core"], "Content-Format":"text/plain"}, "" - (org.eclipse.californium.core.network.interceptors.MessageTracer.java:54) receiveRequest() in thread pool-1-thread-2 at (2015-05-26 13:41:23)
16 INFO [MessageTracer]: /2001:0DB8:AC10:FE01:0:0:0:1:5694 <== res ACK-2.05   MID=14675, Token=0e6e0e5d, OptionSet={"Content-Format":"application/link-format"}, "</lights>,</lights/l".. 22 bytes - (org.eclipse.californium.core.network.interceptors.MessageTracer.java:44) sendResponse() in thread pool-1-thread-2 at (2015-05-26 13:41:23)

(...)

The expected output of the client is a follows (these lines will be interleaved with other messages that pertain to the DTLS handshake):

(...)

==[ CoAP Response ]============================================
MID    : 14675
Token  : 0e6e0e5d
Type   : ACK
Status : 2.05
Options: {"Content-Format":"application/link-format"}
Payload: 107 Bytes
---------------------------------------------------------------
</lights>,</lights/led3>;title="nRF DK Resource",</lights/led4>;title="nRF DK Resource",</.well-known/core>
===============================================================
Time elapsed (ms): 1100

Discovered resources:
</lights>,</lights/led3>;title="nRF DK Resource",</lights/led4>;title="nRF DK Resource",</.well-known/core>

coap_guide.zip