TR-0038 Annex - SAE Example flows
This Annex presents some example message flows which are useful to understand the operation of the oneM2M security establishment frameworks, to verify correct operation or to identify the cause of misbehavior.
Some details of TLS message flows and message content depend on the employed SSL/TLS implementation. Implementations of oneM2M entities will typically make use of SSL/TLS libraries to enable support of the required security functions specified in TS-0003. Examples of open source SSL/TLS libraries include OpenSSL, gnuSSL and mbed TLS.
Such SSL/TLS libraries implement the basic cryptographic functions and provide various utility functions such as e.g. TLS clients and servers which may be executed from a command line.
The message flows shown here have been produced using OpenSSL Version 1.1.1-dev on an Ubuntu 14.04 computer using the s_client and s_server utility functions, and employing Wireshark for capturing and analyzing the exchanged data packets. Note that OpenSSL Version 1.1.0 or higher is required to support the PSK ciphers defined in RFC 5989 and mandated to be used by TS-0003.
The commands given in the subsections below may be used to reproduce these flows.