[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [leshan-dev] Register Contiki-NG with Leshan via PSK
|
Hi,
About javadoc you see in the code, I think this means that
EVEN java prior 1.7 is supported.
From my experience, I already succeed to use
TLS_PSK_WITH_AES_128_CCM_8 with more recent version of JAVA
without any problem.
About "MAC validation failed" on "Finished message", most of
the time this is due to bad PSK id or key. So I advice to
double/tripple check this. (In leshan server demo UI the identity
is the string value, the key is the hexadecimal value of the key)
HTH
Simon
Le 02/12/2019 à 11:20, Lidia Pocero a
écrit :
I try to register a Contiki-NG node in Leshan demo server
by using PSK. The cipher suit is TLS_PSK_WITH_AES_128_CCM_8.
The node cannot be register and as I saw the issue happened
in the processing of the client finished (20) in the
decryption of the message.
Checking for the issue I find out that
org.eclipse.californium.dtls.cipher.AeadBlockCipher library
references the following. This means that is supported only
for java versions before 1.7? Could this be related to the
issue that I have?
I attached also the LOG for the error.
Thanks
/**
* Support java prior 1.7, aes-ccm is a non-java-vm transformation and
* handled as special transformation.
*
* @see CCMBlockCipher
*/
EROR LOG:
2019-12-02 11:40:21,077 DEBUG Handshaker - Processing
Change Cipher Spec (20) message from peer
[/fd00:0:0:0:212:4b00:615:aae0:5684]
2019-12-02 11:40:21,078 TRACE DTLSSession - Setting current
read state to
DtlsAeadConnectionState:
Cipher suite: TLS_PSK_WITH_AES_128_CCM_8
Compression method: NULL
IV: not null
Encryption key: not null
2019-12-02 11:40:21,079 DEBUG Handshaker - Processed Change
Cipher Spec (20) message from peer
[/fd00:0:0:0:212:4b00:615:aae0:5684]
2019-12-02 11:40:21,086 DEBUG DTLSConnector - Received 1 DTLS
records from /fd00:0:0:0:212:4b00:615:aae0:5684 using a 16490
byte datagram buffer
2019-12-02 11:40:21,087 TRACE DTLSConnector - connection
available for /fd00:0:0:0:212:4b00:615:aae0:5684,null
2019-12-02 11:40:21,088 TRACE DTLSConnector - Received DTLS
record of type [Handshake (22)], length: 40, [epoche:1,reqn:0]
2019-12-02 11:40:21,089 TRACE DtlsAeadConnectionState -
decrypt: 24 bytes
2019-12-02 11:40:21,090 TRACE DtlsAeadConnectionState - nonce:
4CD5E61E0001000000000000
2019-12-02 11:40:21,090 TRACE DtlsAeadConnectionState - adata:
000100000000000016FEFD0018
2019-12-02 11:40:21,157 INFO DTLSConnector - error occurred
while processing record from peer
[/fd00:0:0:0:212:4b00:615:aae0:5684]
org.eclipse.californium.scandium.dtls.cipher.InvalidMacException: MAC
validation failed
at
org.eclipse.californium.scandium.dtls.cipher.CCMBlockCipher.decrypt(CCMBlockCipher.java:370)
at
org.eclipse.californium.scandium.dtls.cipher.AeadBlockCipher.decrypt(AeadBlockCipher.java:83)
at
org.eclipse.californium.scandium.dtls.DtlsAeadConnectionState.decrypt(DtlsAeadConnectionState.java:169)
at
org.eclipse.californium.scandium.dtls.Record.decodeFragment(Record.java:677)
at
org.eclipse.californium.scandium.dtls.Record.applySession(Record.java:598)
at
org.eclipse.californium.scandium.DTLSConnector.processRecord(DTLSConnector.java:1192)
at
org.eclipse.californium.scandium.DTLSConnector$11.run(DTLSConnector.java:1102)
at
org.eclipse.californium.elements.util.SerialExecutor$1.run(SerialExecutor.java:276)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/leshan-dev