Hi Matt Thanks for the reply. Yes! the handshake completes even when the PSK does not match between the ones provided in Client and Server. However, if there is a mismatch in the provided identity inside the callbacks, I see the above-mentioned error(the bad extension one). Unless I am missing something, if the code was not trying to perform a PSK verification, I would have received a complete handshake even if there was identity value mismatch between find_session_cb and use_session_cb. Moreover, I am using SSL_CTX_set_verify() with option SSL_VERIFY_PEER. Also, I am not providing the client Hello with any certificates. So I see no reason for handshake to complete without verification. Thanks Bran ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, April 20, 2020 5:35 PM, Matt Caswell <matt@xxxxxxxxxxx> wrote: > On 20/04/2020 12:59, brandon.murphy1996 via openssl-users wrote: > > > From what I noticed, the handshake completes successfully, regardless > > of the value of "psk_key" (as long as PSK length is even). However, > > if the identity value is mismatched between psk_find_session_cb and > > use_session_cb, the handshake fails with the message: > > It's not clear from your question what you expected to happen. The > length of the PSK key doesn't actually matter from a TLS perspective > (obviously in practice it is best if the length is consistent with the > ciphersuite key length). > > Or did you mean that that the value doesn't matter - even if it is > mismatched with the client's value? That would be unexpected (and > probably indicates you are not actually using the PSK at all and doing a > full handshake). > > Matt
