Support authentication of devices using X.509 certificates in the CoAP adapter #2099
Comments
sophokles73
added
CoAP Adapter
Feature Request
|
I would suggest to also include support for raw public keys in this issue. |
|
x509 - PR #816 "Long ago", I tried to implement it. In the meantime, the hono code base changed a lot, so I'm not sure, if that contains still useful ideas. RPK - Issue #733 Contains some ideas about RPK. For both, x509 and RPK, the validation in Californium is currently still "blocking/sync", so I'm not sure, if the validation could be postponed into the "naturally" none-blocking forwarding of the message. |
I took a look at your PR and I believe that it basically does the right thing(s). It would need to be adapted to the current state of the CoAP adapter but in general it looks quite good. Would you like to give it another shot? |
|
I guess, that I will not have time for it until the end of this year ;-(. |
|
@boaks Then how about I give it a shot? I can rebase and adapt to current CoAP adapter. WDYT? |
|
Sounds good. |
|
I started to implement a "none blocking" FMPOV, using expensive crypto-functions as x509 should therefore also use CID. Hopefully with the cid-load-balancing the cluster topic will be sorted out. I hope, that approach works for you. |
|
I created a first PR for x.509 in californium which also supports a custom argument may be used for the device id. About RPK support: |
|
I prepared a first PR #2629, which introduces x509 (again). |
sophokles73
removed
the
help wanted
Adapt callback custom argument from String to AdditionalInfo to support both PSK and x509. Introduce DeviceInfoSupplier as common callback for PSK and x509. Signed-off-by: Achim Kraus <[email protected]>
The CoAP adapter should support devices using an X.509 client certificate for authenticating.
The text was updated successfully, but these errors were encountered: