diff options
| author | Ander Juaristi <a@juaristi.eus> | 2018-03-22 08:59:56 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-04-06 13:28:55 +0200 |
| commit | 921cee23b4c7ee5d4e4537431e7fb1e9411be2d6 (patch) | |
| tree | 3b1b423ea33220f41c49d7d5322fd505c4dfb55d /lib/psk.c | |
| parent | a046665a384a728253ad94122dfcbd25a52478c2 (diff) | |
| download | gnutls-921cee23b4c7ee5d4e4537431e7fb1e9411be2d6.tar.gz | |
Added support for out-of-band Pre-shared keys under TLS1.3
That adds support for pre-shared keys with and without Diffie-Hellman
key exchange. That's a modified version of initial Ander's patch.
Resolves #414
Resolves #125
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.org>
Diffstat (limited to 'lib/psk.c')
| -rw-r--r-- | lib/psk.c | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -67,6 +67,8 @@ gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t * if (*sc == NULL) return GNUTLS_E_MEMORY_ERROR; + /* TLS 1.3 - Default binder HMAC algorithm is SHA-256 */ + (*sc)->binder_algo = _gnutls_mac_to_entry(GNUTLS_MAC_SHA256); return 0; } @@ -182,6 +184,8 @@ gnutls_psk_allocate_server_credentials(gnutls_psk_server_credentials_t * if (*sc == NULL) return GNUTLS_E_MEMORY_ERROR; + /* TLS 1.3 - Default binder HMAC algorithm is SHA-256 */ + (*sc)->binder_algo = _gnutls_mac_to_entry(GNUTLS_MAC_SHA256); return 0; } @@ -343,7 +347,10 @@ const char *gnutls_psk_server_get_username(gnutls_session_t session) * username to use. This should only be called in case of PSK * authentication and in case of a client. * - * Returns: the identity hint of the peer, or %NULL in case of an error. + * Note: there is no hint in TLS 1.3, so this function will return %NULL + * if TLS 1.3 has been negotiated. + * + * Returns: the identity hint of the peer, or %NULL in case of an error or if TLS 1.3 is being used. * * Since: 2.4.0 **/ |