bc-csharp icon indicating copy to clipboard operation
bc-csharp copied to clipboard
verified publisher icon bcgit

Use GetExternalPsks with TLS1.3 and older

Open MAButz opened this issue 4 years ago • 0 comments

Hi, i have implement the new tls (1.3) classes. I want to use tls1.3 and tls1.2 with psk. To init the TlsSecret with tls1.2 i use the BasicTlsPskIdentity. And with tls1.3 i have to use the GetExternalPsks. Here my Example for the GetExternelPsks:

    public override IList GetExternalPsks()
    {
        byte[] identity = m_pskIdentity.GetPskIdentity();
        TlsSecret key = Crypto.CreateSecret(m_pskIdentity.GetPsk());
        int prfAlgorithm = PrfAlgorithm.tls13_hkdf_sha256;

        return TlsUtilities.VectorOfOne(new BasicTlsPskExternal(identity, key, prfAlgorithm));
    }

At the Moment i use the BasicTlsPskIdentity and the GetExternalPsks. And it works with tls1.2 and tls1.3. But is this correct?

Wath ist the best and simplest solution to use tls1.2-psk and tls1.3-psk?

Great Job and thanks.

MAButz avatar Sep 28 '21 08:09 MAButz