1 files changed, 45 insertions, 0 deletions

diff --git a/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_master_secret.go b/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_master_secret.go
new file mode 100644
index 0000000..04ddc95
--- /dev/null
+++ b/vendor/github.com/pion/dtls/v2/pkg/protocol/extension/use_master_secret.go
@@ -0,0 +1,45 @@
+package extension
+
+import "encoding/binary"
+
+const (
+	useExtendedMasterSecretHeaderSize = 4
+)
+
+// UseExtendedMasterSecret defines a TLS extension that contextually binds the
+// master secret to a log of the full handshake that computes it, thus
+// preventing MITM attacks.
+type UseExtendedMasterSecret struct {
+	Supported bool
+}
+
+// TypeValue returns the extension TypeValue
+func (u UseExtendedMasterSecret) TypeValue() TypeValue {
+	return UseExtendedMasterSecretTypeValue
+}
+
+// Marshal encodes the extension
+func (u *UseExtendedMasterSecret) Marshal() ([]byte, error) {
+	if !u.Supported {
+		return []byte{}, nil
+	}
+
+	out := make([]byte, useExtendedMasterSecretHeaderSize)
+
+	binary.BigEndian.PutUint16(out, uint16(u.TypeValue()))
+	binary.BigEndian.PutUint16(out[2:], uint16(0)) // length
+	return out, nil
+}
+
+// Unmarshal populates the extension from encoded data
+func (u *UseExtendedMasterSecret) Unmarshal(data []byte) error {
+	if len(data) < useExtendedMasterSecretHeaderSize {
+		return errBufferTooSmall
+	} else if TypeValue(binary.BigEndian.Uint16(data)) != u.TypeValue() {
+		return errInvalidExtensionType
+	}
+
+	u.Supported = true
+
+	return nil
+}