[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [tinydtls-dev] Secure Version of dtls_prng()
|
Good Morning Olaf,
I will perform the code submission as you specified as soon as I have changed the code to use AES.
My post was meant to give other tinydtls users an idea what they must do if they want to use it in production.
I also read your comment at dtls_prng() and maybe you could make the comment somewhat stronger (e.g. "do not use this code in production").
Gruesse
Frank
-----Original Message-----
From: Olaf Bergmann [mailto:bergmann@xxxxxxx]
Sent: Wednesday, May 11, 2016 8:37 PM
To: Frank Gerlach <Frank_Gerlach@xxxxxxxx>
Cc: tinydtls developer discussions <tinydtls-dev@xxxxxxxxxxx>
Subject: Re: [tinydtls-dev] Secure Version of dtls_prng()
Frank Gerlach <Frank_Gerlach@xxxxxxxx> writes:
> Attached you find the code of a secure implementation of dtls_prng().
Thank you. May I ask you to submit this to the gerrit review system for tinydtls [1]. The usual process is to create a ticket in the Eclipse bug tracker [2] and reference it from the commit message for gerrit. Please make sure to include a Signed-off-by: header as well.
As tinydtls is plain C, I would also ask you to use C-style identifiers instead of C++ camel case, and follow the (weak) whitespace conventions for tinydtls before submitting a patch.
[1] https://git.eclipse.org/r/p/tinydtls/org.eclipse.tinydtls
[2] https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Tinydtls
Grüße
Olaf