[gnutls-help] DTLS Handshake not taking place as expected.

Sandeep Kumar sandeepdas.cse at gmail.com
Thu Jun 19 07:26:39 CEST 2014


Hi,

I'm trying to simulate a DTLS client and server communication over SCTP as
transport. I've used sample code provided by GNUTLS and modified it a
little bit to achieve my desired result. I was referring to "RFC 4347
Figure 1. Message flights for full handshake" for verifying the Handshake
procedure whether its taking place properly or not.

I've used following link "https://help.ubuntu.com/community/GnuTLS" to
create secret keys and certificate for server and i did not create
certificate for client as its optional part in handshake. The initial steps
are taking place properly except the part that i'm not able to see
"Finished" message from either of the side. So i believe its not completed
without Finished message. I might be wrong but please verify.

There is one message which is "encrypted alert". I'm not able to understand
its role in communication. What is requirement of sending this message
after sending encrypted data or any control message?

I'm sharing the code which i'm using to simulate this scenario. In addition
to that i'm also sharing the wireshark trace which i captured while running
this simulation. In case you want secret keys and certificate then please
let me know. You'll need to use decode as option to view the DTLS packets
otherwise they will appear as m3ua packets in the trace which i've shared.

GNUTLS Version : 3.2.15
Nettle Version: 2.7.1
GMP Version: 5.1.1-2
OS: Fedora 19
Kernel: 3.14.4-100.fc19.x86_64

Thanks,
Sandeep
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140619/3616711c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dtls_sctp_client.c
Type: text/x-csrc
Size: 5055 bytes
Desc: not available
URL: </pipermail/attachments/20140619/3616711c/attachment-0002.c>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Makefile
Type: application/octet-stream
Size: 439 bytes
Desc: not available
URL: </pipermail/attachments/20140619/3616711c/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stream_sctp_server.c
Type: text/x-csrc
Size: 14980 bytes
Desc: not available
URL: </pipermail/attachments/20140619/3616711c/attachment-0003.c>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: GNUTLS-STREAMBASED-HANDSHAKE.pcap
Type: application/vnd.tcpdump.pcap
Size: 6132 bytes
Desc: not available
URL: </pipermail/attachments/20140619/3616711c/attachment-0001.pcap>


More information about the Gnutls-help mailing list