| Re: [cf-dev] Request/Response matching for DTLS-Secured exchange |
|
The complexity will be to get the security context from scandium to the Matcher class in an elegant way.
The principle is not really needed, we need : I was thinking about a similar mechanism as the Principle for requests. We could use something like the strategy pattern
to create the right hashmap key for matching (by returning the proper key object similar to the current KeyMID, KeyToken, KeyUri). When the message comes from a normal CoapEndpoint, it returns the remote endpoint address; for DTLS the security context. [Hudalla Kai (INST/ESY)] I like that idea. I suggest a new interface in element-connector, e.g. SessionContext
or MessageContext. Connector.send() could then return an instance of this interface and RawData could get an additional method getMessageContext() to retrieve the context from a message received from a peer. Californium can then match that value with the one
it got when originally sending the first message. I suppose we could add Security Contex at message level in a same way we add the principle but this is done only at request reception and we need it when we send a message too.
(to fill the exchangeBy* maps). Yes. Also this implies security for the normal CoapEndpoint, and hence also a dependency on Scandium, even when it
is not used. [Hudalla Kai (INST/ESY)] Using the approach above, this can easily prevented by means of having UdpConnector
return an instance based on the peer’s address and Scandium return an instance based on peer’s address and session ID. Both MessageContext implementations would then need to override hash() and equals() accordingly so that Californium can simply use sentCtx.equals(receivedCtx)
to do the check … |