CoAP with DTLS 1.2 on nRF9160

Hi all,

looking for samples for using CoAP with DTLS 1.2 (PSK) on nRF9160. All the samples I can find are not using DTLS. Highly appreciate any hint!

Thank in advance,

Andre

Parents

0 Øyvind over 4 years ago

Hi Andre,

What version of NCS are you working on? The Download client library can use CoAPS (DTLS 1.2). Have a look at the nRF9160: Download client sample.

Kind regards,
Øyvind
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Andre23t over 4 years ago in reply to Øyvind

Thanks for your answer Øyvind! I am using NCS 1.7.1 and will examine the download client sample , thanks for that. Having a first look to the source code of nordic_nrf_9160/sdk-nrf/samples/nrf9160/download/src/main.c it seems like the sample is using certificate for authentication both for HTTP and CoAP. What approach would you recommend to find some examples for using CoAP with PSK-based DTLS authentication? Thanks for any hint
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Øyvind over 4 years ago in reply to Andre23t

Could you please elaborate more on what you are trying to achieve? From our modem FW release notes it states:

*** Limitations
***************
- TLS/DTLS
    - Up to three simultaneous TLS/DTLS connections are possible.
    - Maximum server certificate chain size has a limit of 4kB.
    - Server certificate expiry time is not verified.
    - pkcs#8 is not supported.
    - Absolute maximum number of supported credentials is 32. The actual amount depends on size of
      credentials as memory area reserved for credentials may be a limiting factor as well.
    - DTLS supports PSK authentication only.
    - 2kB secure socket buffer size.

So PSK based DTLS is supported.

Andre23t said:
What approach would you recommend to find some examples for using CoAP with PSK-based DTLS authentication?

We have several samples in which TLS/DTLS is used, I recommend looking through our official nRF9160 samples, and the modem library documentation on TLS/DTLS configuration

Reply

0 Øyvind over 4 years ago in reply to Andre23t

Could you please elaborate more on what you are trying to achieve? From our modem FW release notes it states:

*** Limitations
***************
- TLS/DTLS
    - Up to three simultaneous TLS/DTLS connections are possible.
    - Maximum server certificate chain size has a limit of 4kB.
    - Server certificate expiry time is not verified.
    - pkcs#8 is not supported.
    - Absolute maximum number of supported credentials is 32. The actual amount depends on size of
      credentials as memory area reserved for credentials may be a limiting factor as well.
    - DTLS supports PSK authentication only.
    - 2kB secure socket buffer size.

So PSK based DTLS is supported.

Andre23t said:
What approach would you recommend to find some examples for using CoAP with PSK-based DTLS authentication?

We have several samples in which TLS/DTLS is used, I recommend looking through our official nRF9160 samples, and the modem library documentation on TLS/DTLS configuration

Children

No Data