Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [tinydtls-dev] Secure Version of dtls_prng() 
Good Morning Olaf,
I will perform the code submission as you specified as soon as I have changed the code to use AES.

My post was meant to give other tinydtls users an idea what they must do if they want to use it in production.

I also read your comment at  dtls_prng() and maybe you could make the comment somewhat stronger (e.g. "do not use this code in production").

Gruesse

Frank

-----Original Message-----
From: Olaf Bergmann [mailto:bergmann@xxxxxxx] 
Sent: Wednesday, May 11, 2016 8:37 PM
To: Frank Gerlach <Frank_Gerlach@xxxxxxxx>
Cc: tinydtls developer discussions <tinydtls-dev@xxxxxxxxxxx>
Subject: Re: [tinydtls-dev] Secure Version of dtls_prng()

Frank Gerlach <Frank_Gerlach@xxxxxxxx> writes:

> Attached you find the code of a secure implementation of dtls_prng().

Thank you. May I ask you to submit this to the gerrit review system for tinydtls [1]. The usual process is to create a ticket in the Eclipse bug tracker [2] and reference it from the commit message for gerrit. Please make sure to include a Signed-off-by: header as well.

As tinydtls is plain C, I would also ask you to use C-style identifiers instead of C++ camel case, and follow the (weak) whitespace conventions for tinydtls before submitting a patch.

[1] https://git.eclipse.org/r/p/tinydtls/org.eclipse.tinydtls
[2] https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Tinydtls

Grüße
Olaf

Back to the top