Simon,
regarding your usage of the PublicKey:
Am I right in assuming that you keep a Map<InetSocketAddress, PublicKey> which you use to verify that a LWM2M client’s endpoint address matches
the (pre-)registered PublicKey?
If this is the case, couldn’t you simply use a Map<InetSocketAddress, String> where you use the Principal.getName() as the value? At least this
is how the CoAP spec envisions the usage of RawPublicKeys, using a hash of the SubjectInfo structure as defined by RFC 6920 [1]. This is exactly what RawPublicKeyIdentity.getName() returns …
Or are you doing any cryptographic verification based on the PublicKey?
[1]
http://tools.ietf.org/html/rfc6920
Regards,
Kai
Ok I did the modification. It's ok now.
Thx a lot Kai !
(About the use of the PublicKey we just need it to verify if the couple client endpoint/publickey is valid. To avoid that a client which has a good public/private key at dtls level can usurp the identity of another client. We use the class PublicKey as it seems
a good java abstraction for public key, we could also use a byte[] but is not so clear cause of the different key encoding formats)
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev