Comments (6)
+1 this is confusing
maybe using the ANSI X.9.63 format could help to store keys in RPK mode
from oma_lwm2m_for_developers.
OpenSSL (and I assume other tools?) generate DER-encoded keys in the RFC5915 structure.
Filesize is 121 bytes for secp256r1, which consists of the curve OID, private key and public key.
Given that the keys themselves are already 96 bytes it's a 26% overhead, but I think it would make key-generation a lot simpler and resource 3 (Public Key or Identity) would not be needed for RPK mode. It also allows for compression if someone wants to use it (size drops to 89 bytes), and future extensibility.
from oma_lwm2m_for_developers.
The raw public key structure, namely SubjectPublicKeyInfo, does not only include the raw key but also relevant parameters to the describe the public key crypto system. Here is the link to the document: https://tools.ietf.org/html/rfc7250
I do, however, agree that the text in Appendix E.1.1.2, see below, is incomplete and incorrect. It is incomplete since it does not specify the actual encoding and it is incorrect with regards to the size indication since the size depends on ASN.1 encoding of the parameters.
This needs to be fixed for LWM2M version 1.0.
E.1.1.2 Raw-Public Key (RPK) Mode
The raw-public key mode requires a public key and a private key of the appropriate type and length for the Cipher Suite used. These keys are carried as a sequence of binary bytes with the public key stored in the Public Key or Identity Resource, and the private key stored in the Secret Key Resource. The default RPK Cipher Suites defines in this specification use a 256-bit ECC key. Thus the Certificate Resource would contain a 32 byte public key and the Secret Key Resource a 32 byte private key.
from oma_lwm2m_for_developers.
In an attempt to write a chance request I noticed two problems:
- The specification doesn't mandate a specific type of elliptic curve. This aspect could be postponed to LWM2M version 1.1 when we align the specification with the DTLS / TLS IoT profile (see https://tools.ietf.org/html/rfc7925)
- RFC 7250 describes the encoding of the public key but not the private key. Normally, the private key is not sent over the wire but with the LWM2M bootstrapping specification it is. Hence, one also has to think about the appropriate encoding of the private key. A possible candidate would be RFC 5958.
Note that this issue is also applicable to the encoding of the private key for the certificate mode. Furthermore, there is also not format defined for the encoding of the certificate. PKCS #12 is a possible candidate.
from oma_lwm2m_for_developers.
Addressed by CR101 : includedin Oct16 TS => to be closed
from oma_lwm2m_for_developers.
Issue closed per Thierry's comment that is addresses in October 2016 TS
from oma_lwm2m_for_developers.
Related Issues (20)
- LwM2M - BinaryAppDataContainer ambiguity/error HOT 3
- Eclipse Test Objects 3441, 3442 don't import into editor HOT 2
- Inconsistent TLV specification HOT 2
- NSTART-1 for QueueMode ?
- Ask about confirmation for base64 encoding. HOT 4
- Queued mode operation, update and send operations clarification
- Registration lifetime, update and send operations HOT 7
- Any tooling needs around LWM2M or Leshan ?
- Object Versioning or Object and Object Instance Versioning? HOT 8
- Does deleting an object instance implicitly delete observations under the instance? HOT 1
- Change of resource type and instance number confirmation HOT 1
- Error in description of resource `DTLS/TLS Ciphersuite` of `Security` Object ? HOT 1
- Core Object implicit versioning between LwM2M patch releases HOT 8
- LWM2M object and resource definition questions HOT 1
- Using negative value in write attributes ? HOT 4
- Does alternatePath be present in payload for SenML ?
- CORS origin issue faced while trying to pull XML response from JS based application HOT 4
- LWM2M Security: SNI with PSK - what does this mean? HOT 2
- Extend or clarify use cases for SenML timestamped values HOT 1
- Overlapped Ressource in Composite Operation HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oma_lwm2m_for_developers.