Re: [wakaama-dev] Secure bootstrapping with tests/secureclient

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [wakaama-dev] Secure bootstrapping with tests/secureclient

From: Pierre-Henri Trivier <phtrivier@xxxxxxxxxxxxxxxxxx>
Date: Fri, 11 Mar 2016 17:50:56 +0100
Delivered-to: wakaama-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/wakaama-dev>
List-help: <mailto:wakaama-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/wakaama-dev>, <mailto:wakaama-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/wakaama-dev>, <mailto:wakaama-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0

Hi

You should be able to do secure bootstrapping by using the "-b" flag inthe secureclient

(then -i and -p are interpreted as bootstrap credentials.)

As to which credentials you must pass, it depends on which bootstrapserver are you using.

Which one is it ?

Hoping this helps.

On 11/03/2016 16:29, Bill Silverajan wrote:

Hi all,

Thanks to some of the people on the list, I've successfully bootstrapped
the lwm2mclient ("testlwm2mclient") against wakaama's own bootstrap server.

I then proceeded with testing secure bootstrapping, with the
secureclient ("testsecureclient") against leshan's bootstrap server and
a separate dtls-enabled lwm2m server from leshan.

My setup is simple: The dtls client contacts the bs server, obtaining
the PSK material for secure registration and communication with the
lwm2m server.

I've configured the BS server to deliver the necessary credentials to
testsecureclient, which then proceeds to contact and successfully
register over DTLS to an external LWM2M server. I was able to accomplish
bootstrapping over port 5683 for this.

Does the secureclient have the ability to perform secure bootstrapping?

I imagine it's a trivial matter to invoke secureclient with the -i and
-p flags so that secure bootstrapping is done against the leshan
bootstrap server. Then, the bootstrap server provides the PSK key of the
actual LWM2M server to the client.

But I'm unable to discover what the identity/key combination to
successfully let secureclient communicate with the bootstrap server on
port 5684 is. Or in fact even where to provide this to the leshan
bootstrap server!

If I should pose this question to the leshan list (since it might be an
implementation-specific issue with the bootstrap server), I apologise in
advance.

Regards,
Bill

_______________________________________________
wakaama-dev mailing list
wakaama-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/wakaama-dev


--
Pierre-Henri Trivier
AirVantage Software Engineer
phtrivier@xxxxxxxxxxxxxxxxxx
Tel : +33(0)5 61 00 06 68
Fax : +33(0)5 61 00 51 46

Sierra Wirelesss
Lake Park
ZAC de l'Hers - Allée du Lac
BP 87216-31672 Labège Cedex
France
www.sierrawireless.com

This message and any attachments (the "Message") are confidential and intended solely for the addressees.
Any unauthorized modification, edition, use or dissemination is prohibited.
Sierra Wireless shall be liable for the Message if altered, changed, falsified or edited, diffused without authorization.

References:
- [wakaama-dev] Secure bootstrapping with tests/secureclient
  - From: Bill Silverajan

Prev by Date: Re: [wakaama-dev] Secure bootstrapping with tests/secureclient
Next by Date: [wakaama-dev] Public CI
Previous by thread: Re: [wakaama-dev] Secure bootstrapping with tests/secureclient
Next by thread: [wakaama-dev] Public CI
Index(es):
- Date
- Thread

Breadcrumbs