Closed actyp closed 1 year ago
Thank you for reporting that.
The behaviour is confirmed and it is due to a reuse of connection identifiers, which for now are not yet dynamically generated. I created issue #83 to track that feature specifically.
@actyp I believe this is now solved since the merging of #85. Could you please verify?
Using edhoc-fuzzer I have verified that the issue is corrected. I used the commit c40bd2d19561ec985dbcd1ee94cc3c41047cac3f, which showed that the server now generates different connection identifiers and replies correctly to every incoming EDHOC Message 1.
Great, thank you for confirming this.
EDHOC-Fuzzer's learned model of the CoAP server (REL-0.1 -- commit a3abcbb) exposes the following behavior on EDHOC Message 3 of second EDHOC exchange.
a3abcbb Server Test: Unverified EDHOC Message 3 of Second EDHOC Exchange
Messages used
Accompanying Files
We can also provide you with the server's log and a wireshark capture of this interaction (either in this issue or via email).
Observed Behavior
The server is able to complete successfully the first EDHOC exchange. However, in the second EDHOC Exchange (that starts with the second EDHOC Message 1 from EDHOC-Fuzzer), the server does not verify the incoming EDHOC Message 3 and does not reply back.
The server receives the second EDHOC Message 3 and logs the following:
Some Questions