Add function for ownerPSK generation in IoTivity
Status: Alpha
Brought to you by:
obgm
Menu
▾
▴
Hi Olaf,
OIC Security specification defines the establishment of a pre-shared secret when a new device is introduced in owner’s network called the ‘OwnerPSK’. This ‘OwnerPSK’ is the result of a provisioning (ownership transfer) process such as ‘Just Works’, ‘PIN based’ etc between the previous owner/manufacturer and new owner.
For example: ‘Just Works’ ownership transfer process is based on ‘anonymous DH’ cipher suite. Once anonymous DTLS session is established between ‘new device’ and ‘owner’s smart-phone’, OwnerPSK is derived using:
OwnerPSK = TLS-PRF(‘master key’ , ‘oic.sec.doxm.jw’, ‘ID of new device’, ‘ID of owner smart-phone’)
We wanted to take your opinion on how we can support the derivation of 'OwnerPSK' within Iotivity stack.
One approach is to add a new API in dtls.h which takes the two device ID’s and calculates the OwnerPSK.
Alternatively, Iotivity module can directly invoke 'dtls_prf()' method from crypto.c.
I feel former approach is clean, but then this API may become very 'Iotivity' specific.
What are your thoughts?
Thanks
Sachin
The provided patch is a wrapper for dtls_prf() that selects the current key block as secret that is the PRF's first argument. That seems to be generic enough to include with tinydtls. Only the name is misleading -- nothing in that function makes it specific to your use case of generating an owner PSK.
Btw: I suggest using the actual size of the key block because the contents of the remaining bytes is undefined.
Regarding name of function :
Should modify the function name to dtls_prf_with_mastersecret()?
I'm not sure whether this name is good name.
Please suggest if there is a good name.
Regarding key block size :
I'll use dtls_kb_size instead of MAX_KEYBLOCK_LENGTH.
I think this is your intention :)
name: 'mastersecret' is misleading because the function does not (directly) use the master secret. I do not have a good name for this, either. Maybe 'dtls_prf_with_current_keyblock()' describes it sufficiently.
dtls_kb_size(): yes, this macro should be used to determine the block's size.
Coding style: May I also ask you to move the opening braces in the .c-files to the end of the previous line and put a newline after the return type of a function in its definition so that the function's name starts at the first column? Thanks!
I've modified function name dtls_generate_owner_psk() to dtls_prf_with_current_keyblock().
Also dtls_prf_with_current_keyblock() is using dtls_kb_size for obtain the actual key block size.
Regarding coding style : Sure, I'v modified in tinydtls style :)
Hi Olaf,
Can I ask any feedback for uploaded patch?
Do I need to create a new ticket for latest patch file(0001-Add-a-dtls_prf_with_current_keyblock-that-uses-curre.patch)?
I had to modify the patch to do some checks on function results and fix typical coding errors and coding style. Moreover, the provided patch did use some other code base as reference so it did not apply directly.
The documentation of the function prototype was wrong.
The patch contained a dtls_config.h.in which is automatically created and has nothing to do with the requested function.
The result is in commit 40d6792. I have started a new branch 'iotivity' where I collect iotivity-specific functionality until it is clear which changes are generic enough to go into the master release. Commit cb2cd05 introduces a new configure option --with-iotivity to enable iotivity-specific features.