[riot-notifications] [RIOT-OS/RIOT] pkg/tinydtls: add DTLS sock API implementation (#11943)

Aiman Ismail notifications at github.com
Mon Sep 30 14:58:19 CEST 2019

I think there's a bug in the dtls-echo example. The server does not returns a hanshake failure when no matching cipher found.

According to the Section of TLS 1.2 RFC, the server should return a handshake failure if no matching ciphersuite is found, which is what the example in this PR did:

   The cipher suite list, passed from the client to the server in the
   ClientHello message, contains the combinations of cryptographic
   algorithms supported by the client in order of the client's
   preference (favorite choice first).  Each cipher suite defines a key
   exchange algorithm, a bulk encryption algorithm (including secret key
   length), a MAC algorithm, and a PRF.  The server will select a cipher
   suite or, if no acceptable choices are presented, return a handshake
   failure alert and close the connection.  If the list contains cipher
   suites the server does not recognize, support, or wish to use, the
   server MUST ignore those cipher suites, and process the remaining
   ones as usual.

Regarding the kernel panic, it is caused by the client that keeps on using the server peer object after the peer is destroyed. This is fixed in 581b10a.

That said, with that commit applied I found a new problem. Test procedure:

1. Start with client ECC server PSK
2. Try sending to server. This will fail because no matching cipher found. Server then sends handshake failure alert to client
3. Reflash client, this time using PSK and try sending to server. This will also fail. The client will timeout. Server gave warning:

WARN The message sequence number is too small, expected 1, got: 0

I think this is a bug in tinydtls upstream. According to the RFC snippet above, the server should (a) return a handshake failure alert and (b) close the connection. (b) is not done, causing the server to still use the peer from the old handshake. I tried playing around with tinydtls code but haven't found a fix for this yet.

If you could confirm that this indeed a bug in tinydtls, that'll be great. I'll try to reproduce this with minimal tinydtls setup :)

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190930/8ea91a95/attachment-0001.htm>

More information about the notifications mailing list