1 (edited by te 2018-07-11 22:26:26)

Topic: DTLS and Atomic Record Layer Processing


I'm using the DTLS v1.2 and need to register my own Atomic Record Layer callback functions (using the wolfSSL_SetMacEncryptCB and wolfSSL_SetEncVerifyCB functions).

I success to register my own MAC/Enc and Dec/Verify functions and to send a message from the client to the server but only the 1st message is received by the server and all other messages are dropped by the server due to incorrect sequence number.

I found that in normal operation (without those callbacks) the wolfSSL library call the DtlsSEQIncrement function (and than the server received all the messages without any errors) but when using the above callback functions - no one increments those DTLS counters  which lead to the incorrect sequence number error.

Do i have miss something with my understanding (I am new with the DTLS issues)?
Is there any problem with the wolfSSL implementation of calling the Atomic Record Layer callback functions?



Re: DTLS and Atomic Record Layer Processing

Hi Te,

Fix posted here: https://github.com/wolfSSL/wolfssl/pull/1689

David Garske, wolfSSL