-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to config a server with the most simple handshake? #389
Comments
Take a look at https://github.com/pion/dtls/blob/master/examples/listen/psk/main.go. I think that's what you want? Configurability wise, whatever nobs exist on dtls.Config you can use. |
Yeah, I am trying with that. But how to get rid of |
Certificates aren't used if you configure PSK. |
But the documentation says:
which makes me confused... |
I think that's a typo in the docs. I believe it should be "Servers MUST set this if PSK is nil". Just don't set it in your Also, if you want to verify what happens, wireshark is your friend. |
Well, actually I am running a coap server. |
Interesting. So that seems to happen due to Line 38 in 2e643d9
I'm not 100% sure on that, so finding some actual RFCs that state what's supposed to happen here would be good. |
BTW, when I am looking some other implementation like Californium: |
Yeah, it's a bit confusingly named. But basically the "hint" is provided by the server, to help the client pick an identity. The client can set a specific identity. We're just reusing the same field, which we might be better off not doing to make this a bit clearer. I don't think our implementation will actually work if you set a PSK but don't set an identity, based on Line 257 in 2e643d9
That feels wrong. Should be fine for the client to never pick an identity, even if the server gave it a hint. Though you can always set something, it's harmless if the server doesn't care about it I think 😕. |
If you can modify the code locally, I'd say try and see what happens if you make a change like this in flight3handler.go: if cfg.localPSKCallback != nil {
flights := []handshakeCachePullRule{
handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
}
if len(cfg.localPSKIdentityHint) > 0 {
flights = append(flights, handshakeCachePullRule{handshake.TypeServerKeyExchange, cfg.initialEpoch, false, true})
}
flights = append(flights, handshakeCachePullRule{handshake.TypeServerHelloDone, cfg.initialEpoch, false, false})
seq, msgs, ok = cache.fullPullMap(flights...)
} That should fix it to work as expected as a server. Just make sure to not set |
Tested and it works!
@daenney Tack så mycket! Would you make a PR for this or? |
I'll take a look at that. I need to make sure we can always elide the ServerKeyExchange in the PSK scenario this way. I suspect there might be other properties that if set even with PSK we should still send ServerKeyExchange even if the identity is null. I'll need to dig into the RFCs and hope something spells this out, b/c right now I cribbed this trick based on a paragraph in OpenSSL docs. @Sean-Der You seem to have a knack for knowing these things. Any chance you can chime in? |
Hi again,
|
Assert that ServerKeyExchange is only sent with PSKIdentityHint is set on the server side. Resolves #389
Assert that ServerKeyExchange is only sent with PSKIdentityHint is set on the server side. Resolves #389
Two things that need to be fixed here
|
* Assert that ServerKeyExchange is only sent with PSKIdentityHint is set on the server side. * Assert that a empty PSKIdentityHint can be used for clients. Resolves #389
* Assert that ServerKeyExchange is only sent with PSKIdentityHint is set on the server side. * Assert that a empty PSKIdentityHint can be used for clients. Resolves #389
Summary
Is it possible to config a server using PSK with the most simple flow?
Motivation
I'm trying to follow what is described here:
https://docs.oracle.com/en/java/javase/16/security/transport-layer-security-tls-protocol-overview.html#GUID-F1BFB231-BE35-4B14-BB8D-7F33D31A117D
I just want to config the server to exclude all the optional part, so no certificate, no key exchange, no signature.
Is it possible to do so? If yes, how?
Thanks!
The text was updated successfully, but these errors were encountered: