|
481 | 481 | * |
482 | 482 | * ### Multi-credential handling |
483 | 483 | * |
484 | | - * Each sock needs at least one credential tag. Extra credentials can be added |
485 | | - * and removed using @ref sock_dtls_add_credential and @ref sock_dtls_remove_credential |
486 | | - * respectively (found in `net/sock/dtls/creds.h`). |
| 484 | + * Each sock needs at least one credential tag to operate. `sock_dtls_create` allows to optionally |
| 485 | + * assign an initial credential. Extra credentials can be added and removed using |
| 486 | + * @ref sock_dtls_add_credential and @ref sock_dtls_remove_credential respectively (found in |
| 487 | + * `net/sock/dtls/creds.h`). |
487 | 488 | * |
488 | 489 | * #### Pre-shared Keys Cipher Suites |
489 | | - * In the case of PSK, a server can optionally indicate a hint to help the server to decide which |
| 490 | + * In the case of PSK, a server can optionally indicate a hint to help the client to decide which |
490 | 491 | * PSK Identity to use, using @ref sock_dtls_set_psk_identity_hint. The client application can |
491 | 492 | * decide which credential to use based on the sent hint and/or the session information, by |
492 | | - * registering a callback with @ref sock_dtls_set_client_psk_cb. If no callback is registered the |
493 | | - * credential is chosen as follows: if a hint is sent by the server, all credentials registered to |
494 | | - * the sock are checked for a matching @ref psk_params_t::hint "hint". A credential is select on |
495 | | - * matching hint. If no credential matches the hint or no hint is provided, the first PSK credential |
496 | | - * registered in the sock is used. |
| 493 | + * registering a callback with @ref sock_dtls_set_client_psk_cb. If no callback is registered, or |
| 494 | + * fails to chose a tag (i.g. it returns @ref CREDMAN_TAG_EMPTY), the credential is chosen as |
| 495 | + * follows: if a hint is sent by the server, all credentials registered to the sock are checked for |
| 496 | + * a matching @ref psk_params_t::hint "hint". A credential is selected on matching hint. If no |
| 497 | + * credential matches the hint or no hint is provided, the first PSK credential registered in the |
| 498 | + * sock is used. |
497 | 499 | * |
498 | 500 | * #### Elliptic Curve Cryptography Cipher Suites |
499 | 501 | * When using ECC both client and server applications can register a callback to decide which of |
|
0 commit comments