psk: Add basic support for RFC 9258 external PSK importer interface

This adds a minimal, callback-based API to import external PSK,
following RFC 9258.  The client and the server importing external PSK
are supposed to set a callback to retrieve PSK, which returns flags
that may indicate the PSK is imported, along with the key:

  typedef int gnutls_psk_client_credentials_function3(
          gnutls_session_t session,
          gnutls_datum_t *username, gnutls_datum_t *key,
          gnutls_psk_key_flags *flags);

  typedef int gnutls_psk_server_credentials_function3(
          gnutls_session_t session,
          const gnutls_datum_t *username, gnutls_datum_t *key,
          gnutls_psk_key_flags *flags);

Those callbacks are responsible to call
gnutls_psk_format_imported_identity() for external PSKs to build a
serialized PSK identity, and set GNUTLS_PSK_KEY_EXT in flags if the
identity is an imported one.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

1 files changed, 2 insertions, 1 deletions

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 48c694409f..86acb4c277 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -234,7 +234,8 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei
 	 set_x509_ocsp_multi_cli kdf-api keylog-func handshake-write \
 	 x509cert-dntypes id-on-xmppAddr tls13-compat-mode ciphersuite-name \
 	 x509-upnconstraint xts-key-check cipher-padding pkcs7-verify-double-free \
-	 fips-rsa-sizes tls12-rehandshake-ticket pathbuf tls-force-ems
+	 fips-rsa-sizes tls12-rehandshake-ticket pathbuf tls-force-ems \
+	 psk-importer
 
 ctests += tls-channel-binding