1

(7 replies, posted in wolfSSL)

Thank you Kaleb.
Actually I implemented full support for that cipher in tinyDTLS and handshake fails with wolfSSL because the poly1305 MAC tag doesn't match.
I will await your response.
Best Regards.

2

(7 replies, posted in wolfSSL)

Kaleb J. Himes wrote:

Hi yrekik,

One other thing to check is the identity hint being sent to the server. Are you sending the correct "client identity hint" so the server knows the correct key to select for that client?


Warm Regards,

Kaleb

Actually the identity hints are correct and both tinyDTLS and WOLFSSL agree on the same keys at last.
The problem now is that the handshake fails at "MAC did not match" from WOLFSSL side when comparing (input+msglen) with tag, I am using TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB by the way.

3

(7 replies, posted in wolfSSL)

chrisc wrote:

Hi yrekik,

wolfSSL sets a default PSK key using the my_psk_client_cb() and my_psk_server_cb() callbacks in <wolfssl_root>/wolfssl/test.h.  In those functions, you'll see where we set the key, then return the key size:

key[0] = 26;
key[1] = 43;
key[2] = 60;
key[3] = 77;
...
return 4;

Can you verify that this matches the key that you are using on your tiny dtls client/server?

Best Regards,
Chris

Thank you , yes the default PSK keys match

4

(7 replies, posted in wolfSSL)

I am trying to get Wolfssl to interoperate with tiny dtls server or client and vice versa but I always get different master secrets and different keys. I am using PSK_AES128_CCM
I ran WOLFSSL server using against tinyDTLS client using

./examples/client/client -s -u -v 3 -l PSK-AES128-CCM-8

And i Ran into

wolfSSL Entering EmbedReceiveFrom()
wolfSSL Entering wolfSSL_get_using_nonblock
wolfSSL Leaving wolfSSL_get_using_nonblock, return 0
Decrypt failed
wolfSSL error occurred, error = -305
wolfSSL error occurred, error = -312
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -312
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -312
wolfSSL Entering ERR_error_string
error = -312, error during decryption
wolfSSL error: SSL_accept failed

And I ran wolfssl client against tinyDTLS server using

./examples/client/client -s -u -v 3 -l PSK-AES128-CCM-8

And I ran into :

wolfSSL Entering EmbedReceiveFrom()
wolfSSL Entering wolfSSL_get_using_nonblock
wolfSSL Leaving wolfSSL_get_using_nonblock, return 0
received record layer msg
got ALERT!
Got alert
wolfSSL error occurred, error = 51
wolfSSL error occurred, error = -313
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -313
wolfSSL Entering ERR_error_string
 err = -313, revcd alert fatal error
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer

wolfSSL Leaving SSL_free, return 0
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0
wolfSSL error: wolfSSL_connect failed

Can anyone help me find out where this problem originates from ?