Achim Kraus

icon indicating a website link https://www.cloudcoap.net icon indicating an email [email protected]

icon company Sabbatical icon location Germany, 73614 Schorndorf icon location CoAP / DTLS 1.2 / DTLS 1.2 CID, Eclipse/Californium - project lead, Eclipse/Tinydtls - committer

Results 373 comments of Achim Kraus

CID update to RFC 9146

@mpg That's the way, how Eclipse/Californium supports migration and backwards compatibility. The code-point `254` was never draft nor IANA nor anything else then just a random number. In my opinion...

CID update to RFC 9146

Let me add: many people in the lwm2m and coap world are waiting for this feature, some of them for the feature compatible to (my) Eclipse/Californium. With that, I see...

CID update to RFC 9146

@mpg On the one side you're too short in time to do a review this (rather small) PR. On the other side you request a PR with "legacy migration support",...

CID update to RFC 9146

Implementing the different variants in [Eclipse/Californium]( https://github.com/eclipse/californium/blob/master/scandium-core/src/main/java/org/eclipse/californium/scandium/dtls/Record.java#L488-L507), I struggled and decided to split it in different functions. Maybe, that's also an idea to go.

CID update to RFC 9146

I guess, the `#endif` in line 558, needs to be a `#else` and a `#endif` must be added between line 561 and 562. [wrong `#endif`](https://github.com/ARMmbed/mbedtls/blob/3221ee21c6da4047e8629241ce706c8a2b78b0b5/library/ssl_msg.c#L558-L562) (As written above, a solution...

CID update to RFC 9146

I would still feel much more comfortable, if the "extract" in `ssl_extract_add_data_from_record` is split into different functions for each variant, `RFC6347`, `RFC9146` and `RFC9146 pre/deprecated`. Using the effective cid length...

CID update to RFC 9146

Thumbs up! [mbedtls_cd_54.pcapng.gz](https://github.com/ARMmbed/mbedtls/files/7884097/mbedtls_cd_54.pcapng.gz) psk-secret in hex: 73656372657450534B (secretPSK) Successful handshake and data exchange of mbedtls dtls-client ``` ./ssl_client2 dtls=1 server_port=5684 cid=1 cid_val=1234 psk=73656372657450534B force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 ``` with [Californium/dtls-example-server](https://github.com/eclipse/californium/tree/master/demo-apps/sc-dtls-example-server) Ensure your wireshark...

CID update to RFC 9146

> I had a look, and it doesn't seem that OpenSSL or Gnu TLS support this extension, so I don't think we'll be able to add automated interop testing to...

CID update to RFC 9146

I've tested the latest #7762c6e67151d459458e92b69c70b572168cc15e with Californium successfully.

CID update to RFC 9146

FMPOV, ``` #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) unsigned char add_data[23 + MBEDTLS_SSL_CID_IN_LEN_MAX]; #else unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_IN_LEN_MAX ]; #endif ``` must be used for both, `mbedtls_ssl_encrypt_buf` and `mbedtls_ssl_decrypt_buf`. My tests...