Add TLS_PSK_WITH_AES_128_GCM_SHA256

Closes #77
pion · Jul 3, 2019 · be1d9dd · be1d9dd
1 parent f5ceadd
commit be1d9dd
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 8 deletions.
diff --git a/cipher_suite.go b/cipher_suite.go
@@ -19,7 +19,8 @@ const (
 	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA CipherSuiteID = 0xc00a
 	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   CipherSuiteID = 0x0035
 
-	TLS_PSK_WITH_AES_128_CCM8 CipherSuiteID = 0xc0a8
+	TLS_PSK_WITH_AES_128_CCM8       CipherSuiteID = 0xc0a8
+	TLS_PSK_WITH_AES_128_GCM_SHA256 CipherSuiteID = 0x00a8
 )
 
 type cipherSuite interface {
@@ -51,6 +52,8 @@ func cipherSuiteForID(id CipherSuiteID) cipherSuite {
 		return &cipherSuiteTLSEcdheRsaWithAes256CbcSha{}
 	case cipherSuiteTLSPskWithAes128Ccm8{}.ID():
 		return &cipherSuiteTLSPskWithAes128Ccm8{}
+	case cipherSuiteTLSPskWithAes128GcmSha256{}.ID():
+		return &cipherSuiteTLSPskWithAes128GcmSha256{}
 	}
 	return nil
 }

diff --git a/cipher_suite_tls_psk_with_aes_128_gcm_sha256.go b/cipher_suite_tls_psk_with_aes_128_gcm_sha256.go
@@ -0,0 +1,21 @@
+package dtls
+
+type cipherSuiteTLSPskWithAes128GcmSha256 struct {
+	cipherSuiteTLSEcdheEcdsaWithAes128GcmSha256
+}
+
+func (c cipherSuiteTLSPskWithAes128GcmSha256) certificateType() clientCertificateType {
+	return clientCertificateType(0)
+}
+
+func (c cipherSuiteTLSPskWithAes128GcmSha256) ID() CipherSuiteID {
+	return TLS_PSK_WITH_AES_128_GCM_SHA256
+}
+
+func (c cipherSuiteTLSPskWithAes128GcmSha256) String() string {
+	return "TLS_PSK_WITH_AES_128_GCM_SHA256"
+}
+
+func (c cipherSuiteTLSPskWithAes128GcmSha256) isPSK() bool {
+	return true
+}
diff --git a/e2e/e2e_test.go b/e2e/e2e_test.go
@@ -186,12 +186,17 @@ func TestPionE2ESimplePSK(t *testing.T) {
 	report := test.CheckRoutines(t)
 	defer report()
 
-	cfg := &dtls.Config{
-		PSK: func(hint []byte) ([]byte, error) {
-			return []byte{0xAB, 0xC1, 0x23}, nil
-		},
-		PSKIdentityHint: []byte{0x01, 0x02, 0x03, 0x04, 0x05},
-		CipherSuites:    []dtls.CipherSuiteID{dtls.TLS_PSK_WITH_AES_128_CCM8},
+	for _, cipherSuite := range []dtls.CipherSuiteID{
+		dtls.TLS_PSK_WITH_AES_128_CCM8,
+		dtls.TLS_PSK_WITH_AES_128_GCM_SHA256,
+	} {
+		cfg := &dtls.Config{
+			PSK: func(hint []byte) ([]byte, error) {
+				return []byte{0xAB, 0xC1, 0x23}, nil
+			},
+			PSKIdentityHint: []byte{0x01, 0x02, 0x03, 0x04, 0x05},
+			CipherSuites:    []dtls.CipherSuiteID{cipherSuite},
+		}
+		assertE2ECommunication(cfg, cfg, t)
 	}
-	assertE2ECommunication(cfg, cfg, t)
 }