Simon,
regarding your usage of the PublicKey:
Am I right in assuming that you keep a
Map<InetSocketAddress, PublicKey> which you use to
verify that a LWM2M client’s endpoint address matches
the (pre-)registered PublicKey?
If this is the case, couldn’t you simply
use a Map<InetSocketAddress, String> where you use
the Principal.getName() as the value? At least this is
how the CoAP spec envisions the usage of RawPublicKeys,
using a hash of the SubjectInfo structure as defined by
RFC 6920 [1]. This is exactly what
RawPublicKeyIdentity.getName() returns …
Or are you doing any cryptographic
verification based on the PublicKey?
[1]
http://tools.ietf.org/html/rfc6920
Regards,
Kai
Ok I did
the modification. It's ok now.
Thx a lot Kai !
(About the use of the PublicKey we just need it to
verify if the couple client endpoint/publickey is valid.
To avoid that a client which has a good public/private
key at dtls level can usurp the identity of another
client. We use the class PublicKey as it seems a good
java abstraction for public key, we could also use a
byte[] but is not so clear cause of the different key
encoding formats)
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev