dtls

Handling multiple UDP sockets listening on the same endpoint

僤鯓⒐⒋嵵緔 提交于 2020-01-25 07:20:15
问题 I've been following (roughly) some example code here on writing a DTLS server that can handle multiple clients. In this example, which works quite well (I tried), the server listens on INADDR_ANY and port 0 . fd = socket(server_addr.ss.ss_family, SOCK_DGRAM, 0); setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (const void*) &on, (socklen_t) sizeof(on)); bind(fd, (const struct sockaddr *) &server_addr, sizeof(struct sockaddr_in)) When a DGRAM is received, the server runs it through an OpenSSL method

What to sign for DTLSv1.0 Certificate Verify Message with RSA

雨燕双飞 提交于 2020-01-16 08:15:31
问题 I'm using DTLS v1.0 to communicate with a server. I'm having some trouble figuring out exactly what to do to generate the certificate verify message . I've been reading the RFCs (DTLSv1.0 and TLS1.1, which DTLS v1.0 is based on) but they're somewhat non-specific when it comes to this particular message. I see the structure of the message is as below, and I know the signature type is RSA . struct { Signature signature; } CertificateVerify; The Signature type is defined in 7.4.3.

what is the difference between BIO_read/BIO_write and SSL_read/SSL_write when the BIOs are memory BIOs and not socket BIOs?

核能气质少年 提交于 2020-01-01 03:23:05
问题 I am confused about the difference between the BIO routines BIO_read() / BIO_write() and the SSL_read() / SSL_write() when the BIOs are memory BIOs and not socket BIOs. I am trying to code a WebRTC server using libnice for the ICE stack and OpenSSL for the DTLS stack. The ICE stack has the socket connection to the client so I cannot use the socket-based BIOs in OpenSSL. Instead, I am using the memory BIOs. So the high level procedure I am using is that, when I receive the DTLS messages from

Can I specify my own encryption key in DTLS-SRTP encryption

℡╲_俬逩灬. 提交于 2019-12-22 23:27:08
问题 In my webrtc web app in Chrome, I used to specify my own encryption key by overriding the crypto information in the SDP. I am now migrating my webrtc web app to use DTLS-SRTP for encryption. With DTLS enabled, is there a way to tell Chrome which encryption key to send to the other client? 回答1: No you cannot specify your own keys since the actual keys are sent over a secure media connection and are not part of the SDP. 来源: https://stackoverflow.com/questions/21921946/can-i-specify-my-own

Websocket connection fails with asterisk 11

吃可爱长大的小学妹 提交于 2019-12-08 01:22:39
问题 I am trying to configure the websocket to work with asterisk 11. But there is some issue. The steps I have followed are: In http.conf enabled the following enabled=yes bindaddr=0.0.0.0 bindport=8088 I have also configured the asterisk with DTLS support. But when I try to connect to the websocket new WebSocket ("ws://mySeverIp:8088/ws"); . It throws an error WebSocket connection failed: Error during WebSocket handshake: Unexpected response code: 400 Anyone please help. Thanks 回答1: Here is a

Can I specify my own encryption key in DTLS-SRTP encryption

China☆狼群 提交于 2019-12-06 13:30:57
In my webrtc web app in Chrome, I used to specify my own encryption key by overriding the crypto information in the SDP. I am now migrating my webrtc web app to use DTLS-SRTP for encryption. With DTLS enabled, is there a way to tell Chrome which encryption key to send to the other client? No you cannot specify your own keys since the actual keys are sent over a secure media connection and are not part of the SDP. 来源: https://stackoverflow.com/questions/21921946/can-i-specify-my-own-encryption-key-in-dtls-srtp-encryption

DTLS over SCTP using OpenSSL

妖精的绣舞 提交于 2019-12-05 07:27:49
问题 I am wanting to write an application that uses OpenSSL to take advantage of it's DTLS support over SCTP. I am using Ubuntu 13.10. I have downloaded and successfully compiled LKSCTP 1.0.15 and OpenSSL 1.0.1e. I compiled OpenSSL with ./config sctp. I can compile the samples provided on http://sctp.fh-muenster.de/, however when I try to execute any of them, they fail at the assertion below. The error message is: bss_dgram.c(897): OpenSSL internal error, assertion failed: ret > 0 The error

DTLS over SCTP using OpenSSL

霸气de小男生 提交于 2019-12-03 21:29:47
I am wanting to write an application that uses OpenSSL to take advantage of it's DTLS support over SCTP. I am using Ubuntu 13.10. I have downloaded and successfully compiled LKSCTP 1.0.15 and OpenSSL 1.0.1e. I compiled OpenSSL with ./config sctp. I can compile the samples provided on http://sctp.fh-muenster.de/ , however when I try to execute any of them, they fail at the assertion below. The error message is: bss_dgram.c(897): OpenSSL internal error, assertion failed: ret > 0 The error encounter by the setsockopt is "Permission denied". Here is the code that fails in function BIO_new_dgram

Undefined reference to 'DTLS_client_method'

梦想与她 提交于 2019-12-02 11:34:37
问题 I'm currently trying to implement DTLS on android in order to encrypt UDP datagrams. For this, I built the openssl-android project available here, from this I got two shared libraries libssl.so and libcrypto.so which I renamed libsslx.so and libcryptox.so to avoid confusion with the included library in the android system. Then I put these files (and so for the openssl header folder) into my android project under the jni folder with the following structure: jni->|->includes--->openssl---

How to get current cipher in pyOpenSSL for DTLS

半腔热情 提交于 2019-12-02 08:04:29
问题 I need to get a negotiated cipher for DTLS protocol in pyOpenSSL. I was successful in doing that for TCP sockets, but when it comes to datagrams, it's not that obvious. Please provide an example either in C or Python. This is what I've tried so far: import socket from OpenSSL import SSL from OpenSSL._util import ( ffi as _ffi, lib as _lib) DTLSv1_METHOD = 7 SSL.Context._methods[DTLSv1_METHOD]=getattr(_lib, "DTLSv1_client_method") ctx = SSL.Context(DTLSv1_METHOD) ctx.set_cipher_list('AES128
订阅 dtls