Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Is PSK possible with Jetty?
Hi Simone -

On Wed, Nov 9, 2016 at 12:22 PM, Simone Bordet <sbordet@xxxxxxxxxxx> wrote:
On Wed, Nov 9, 2016 at 11:03 AM, Alexander Farber
<alexander.farber@xxxxxxxxx> wrote:
>
> is it possible to implement PSK (with TLS_PSK_WITH_NULL_SHA256 and
> TLS_PSK_WITH_AES_128_CBC_SHA256 cipher suites) with Jetty 9?

I think you will have better luck asking to the security-dev mailing
list of OpenJDK
(http://mail.openjdk.java.net/mailman/listinfo/security-dev).
I found this bug: https://bugs.openjdk.java.net/browse/JDK-6476446
that is marked as a duplicate of JDK-8049402, but the latter is not
visible.

If it can be done in the JDK, we will support it in Jetty.

I have prepared a TLS-PSK client and server example at
https://github.com/afarber/jetty-newbie/tree/master/TlsPskServer/src/main/java/de/afarber/tlspskserver
by copying a test case from Bouncy Castle.

Do you think that I could connect it to embedded Jetty 9, by somehow wiring the serverProtocol.getInputStream(), serverProtocol.getOutputStream()...?

Which Jetty class should I use here, the SslConnectionFactory?

Here is the current server code:

        @Override
        public void run()
        {
            try
            {
                MockPSKTlsServer server = new MockPSKTlsServer();
                serverProtocol.accept(server);
                Streams.pipeAll(serverProtocol.getInputStream(), serverProtocol.getOutputStream());
                serverProtocol.close();
            }
            catch (IOException e)
            {
            }
        }

Greetings from Germany
Alex

Back to the top