I use Goland code at 1.21.0 version, and I have some concern about TLS 1.3 library source code. As I know, at chapter "4.2.9.Pre-Shared Key Exchange Modes" of RFC 8446 have mention about PskKeyExchangeModes. The PskKeyExchangeModes have 2 value psk_ke(0) and psk_dhe_ke(1) same at picture below enter image description here
I understand it as follows:
- In the first handshake: The client send ClientHello message to the server, and this ClientHello message has an PskKeyExchangeModes extension with psk_dhe_ke(1) value so that inform to server that PSK with (EC)DHE key establishment.The Server after receive this message will reply to client a Session ticket message.
- In the second handshake(resumption handshake) The client send ClientHello message has an PskKeyExchangeModes extension with psk_ke(0) value so that inform to server that PSK-only key establishment. In this case the server no need send a "key_share" value.
but in Golang code(version 1.21.0) library always check the psk_dhe_ke(1) and return nil if value difference psk_dhe_ke(1) enter image description here
I don't know why they do that. is there something wrong ? Please let me know.
I expect any answer
