Merge branch 'wip/dueno/external-psk-importer' into 'master'HEAD master

psk: Add basic support for RFC 9258 external PSK importer interface Closes #1355 See merge request gnutls/gnutls!1741
author: Daiki Ueno <ueno@gnu.org> 2023-05-05 21:00:12 +0000
committer: Daiki Ueno <ueno@gnu.org> 2023-05-05 21:00:12 +0000
commit: 0263dec937e02ab71fd9cb158fa69acf7c374481 (patch)
tree: 1e84b4e61a611894f264ceb5e9e2ef9a51dacfd0 /NEWS
parent: 643342325a15e652fedac27b7bcb4614a242ab0d (diff)
parent: 4fe788cc172e6c06f40a42ba516a60f21369018c (diff)
download: gnutls-master.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 5f6e45a814..2f46982ed9 100644
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,20 @@ See the end for copying conditions.
    extension without payload, the behavior can be reverted with the
    %NO_SHUFFLE_EXTENSIONS priority keyword.
 
+** libgnutls: Add support for RFC 9258 external PSK importer.
+   This enables to deploy the same PSK across multiple TLS versions
+   (TLS 1.2 and TLS 1.3) in a secure manner. To use, the application
+   needs to set up a callback that formats the PSK identity using
+   gnutls_psk_format_imported_identity().
+
+** API and ABI modifications:
+gnutls_psk_client_credentials_function3: New typedef
+gnutls_psk_server_credentials_function3: New typedef
+gnutls_psk_set_server_credentials_function3: New function
+gnutls_psk_set_client_credentials_function3: New function
+gnutls_psk_format_imported_identity: New function
+GNUTLS_PSK_KEY_EXT: New enum member of gnutls_psk_key_flags
+
 * Version 3.8.0 (released 2023-02-09)
 
 ** libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
author	Daiki Ueno <ueno@gnu.org>	2023-05-05 21:00:12 +0000
committer	Daiki Ueno <ueno@gnu.org>	2023-05-05 21:00:12 +0000
commit	0263dec937e02ab71fd9cb158fa69acf7c374481 (patch)
tree	1e84b4e61a611894f264ceb5e9e2ef9a51dacfd0 /NEWS
parent	643342325a15e652fedac27b7bcb4614a242ab0d (diff)
parent	4fe788cc172e6c06f40a42ba516a60f21369018c (diff)
download	gnutls-master.tar.gz