Added support for out-of-band Pre-shared keys under TLS1.3

That adds support for pre-shared keys with and without Diffie-Hellman
key exchange. That's a modified version of initial Ander's patch.

Resolves #414
Resolves #125

Signed-off-by: Ander Juaristi <a@juaristi.eus>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.org>

1 files changed, 13 insertions, 2 deletions

diff --git a/lib/session.c b/lib/session.c
index 6c2671d70e..3e29c15292 100644
--- a/lib/session.c
+++ b/lib/session.c
@@ -306,7 +306,18 @@ char *gnutls_session_get_desc(gnutls_session_t session)
 	sign_str = gnutls_sign_get_name(sign_algo);
 
 	if (kx == 0 && ver->tls13_sem) { /* TLS 1.3 */
-		if (group && sign_str) {
+		if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
+			if (group) {
+				if (group->pk == GNUTLS_PK_DH)
+					snprintf(kx_name, sizeof(kx_name), "(DHE-PSK-%s)",
+						 group_name);
+				else
+					snprintf(kx_name, sizeof(kx_name), "(ECDHE-PSK-%s)",
+						 group_name);
+			} else {
+					snprintf(kx_name, sizeof(kx_name), "(PSK)");
+			}
+		} else if (group && sign_str) {
 			if (group->curve)
 				snprintf(kx_name, sizeof(kx_name), "(ECDHE-%s)-(%s)",
 					 group_name, sign_str);
@@ -346,7 +357,7 @@ char *gnutls_session_get_desc(gnutls_session_t session)
 
 
 	type = gnutls_certificate_type_get(session);
-	if (type == GNUTLS_CRT_X509)
+	if (type == GNUTLS_CRT_X509 || type == GNUTLS_CRT_UNKNOWN)
 		snprintf(proto_name, sizeof(proto_name), "%s",
 			 gnutls_protocol_get_name(get_num_version
 						  (session)));