PSK TLS server implementation documentation?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

PSK TLS server implementation documentation?

Matti Aarnio


I need to have a PSK TLS server, more specifically one that supports following cipher suites:

  • TLS_PSK_WITH_3DES_EDE_CBC_SHA, as defined in RFC 4279 [PSK TLS]
  • TLS_PSK_WITH_AES_128_CBC_SHA, as defined in [PSK TLS]
  • TLS_PSK_WITH_AES_128_CBC_SHA256, as defined in RFC 5487 [PSK 256]

Out of these the most likely one needed is the first one: 3DES-EDE-CBC-SHA.

My client is SCP81 security framework in a SIM card, and I need to implement the server side receiving those callbacks from cards.
The PKI key exchange is not possible, we must use pre-shared symmetric keys.

Initially it looks like I need to use org.bouncycastle.crypto.tls.PSKTlsServer class, but javadocs are so sparse that I decided to ask first for additional pointers.

Is there any better document about how to make the server?
I can find example codes of how to make PSK Tls Client, but I need the server.

Best Regards,
Matti Aarnio

smime.p7s (2K) Download Attachment