• State Suggested Answer
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 76 subscribers
  • Views 3139 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 263956
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Thread SDK / OTA bug

krbvroc1

I merged in some of my code to the examples/thread/dfu/client in the v4.1.0 SDK for Thread and Zigbee. After getting OTA DFU working, I moved onto some commissioning related stuff. I spent several days trying to figure out why I could not join my 52840DK to the Border Router. No matter what I did, I would get 'Join failed [Security]'. Wireshark shows failure in the DTLS handshake. I thought I had done something wrong, but turns out something in Nordic code has broken openthread.

For me this was very easy to reproduce. Simply take the examples/thread/dfu/client, and modify main.c to change ' .autocommissioning = true,' to ' .autocommissioning = false, .autostart_disable = true' so you can join a thread network rather than using built in hardcoded credentials.

Program the device (being sure to follow nordic instructions for mbr, bootloader, and this app), connect using the UART, and try to join a border router that is ready to accept the device.

> ifconfig up
Done
> joiner start TEST1234
Done
> Join failed [Security]

On a packet sniffer note that DTLS handshake fails.

I saw some other UNANSWERED devzone messages with a theme of nrf crypto breaking openthread DTLS. Not sure if that related, but one big difference between the thread/dfu/client and thread/cli example is the inclusion of nrf crypto related libraries. Also the thread/dfu/bootloader is part of the picture.

I am completely stuck at this point.

Parents Reply
  • 0 in reply to Achim Kraus

    The DTLS Client Hello is pretty close to identical. The one difference is that in the successful handshake, according to Wireshark, the successful handshake contains an extra 334 bytes at the end. Wireshark labels that as an Extension of Unknown type 256 that contains 330 bytes. The failed example is missing that part of the Client Hello. Other than that, everything else appears identical.

Children
  • 0 in reply to krbvroc1

    "pretty close" or "identical"?

    The success of the handshake depends not only on the list of cipher suites, for some there are additional parameters, which may cause the "incompatibility".

    Just if you want, you may zip the capture(s) of two client_hellos and provide this somehow to me. On way to do that would be to create an issue in "Eclipse/Californium"'s github and "drag and drop" the zipped capture there. Please ensure, you only provide the two client_hellos and not other traffic!

  • 0 in reply to krbvroc1

    Just, if providing the captures it too complex, you may also get some textual copies by selecting a item an use the context menu for "copy -> All visible selected tree items".

    Cipher Suites (1 suite)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (0xc0ae)

Extension: supported_groups (len=6)
    Type: supported_groups (10)
    Length: 6
    Supported Groups List Length: 4
    Supported Groups (2 groups)
        Supported Group: secp256r1 (0x0017)
        Supported Group: secp384r1 (0x0018)

Extension: signature_algorithms (len=6)
    Type: signature_algorithms (13)
    Length: 6
    Signature Hash Algorithms Length: 4
    Signature Hash Algorithms (2 algorithms)
        Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
            Signature Hash Algorithm Hash: SHA256 (4)
            Signature Hash Algorithm Signature: ECDSA (3)
        Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
            Signature Hash Algorithm Hash: SHA256 (4)
            Signature Hash Algorithm Signature: RSA (1)

    That's an example with the cipher suite list (1)

    though it uses ecdsa/ecdhe with the supported groups,

    though it uses ecdsa with the supported signature algorithms,

Related
Terms of service