Skip to main content

How do I generate and use PSK with TLS v1.3 in NanoSSL?

Question: How do I generate and use PSK in TLS v1.3 in NanoSSL?

Answer: To enable generation and use of PSK in TLS v1.3:

  1. Request a session ticket in the new connection.

    SSL_ioctl(connectionInstance, SSL_REQUEST_SESSION_TICKET, &requestTicket)
    

    where requestTicket=1.

  2. Define and register a callback to save the PSK.

    SSL_setClientSavePSKCallback(sbyte4 connectionInstance, sbyte4 (*cb) (sbyte4 connectionInstance, sbyte* ServerInfo, ubyte4 serverInfoLen, void *userData, ubyte *pPsk, ubyte4 pskLen))
  3. For subsequent connections, use the saved PSK to establish a connection:

    1. Set the PSK key exchange modes.

      SSL_ioctl(connectionInstance, SSL_PSK_KEY_EXCHANGE_MODE, &pskMode)
    2. Define and register a callback to retrieve the PSK.

      SSL_CLIENT_setRetrievePSKCallback(sbyte4 connectionInstance, sbyte4 (*cb) (sbyte4 connectionInstance, sbyte* ServerInfo, ubyte4 serverInfoLen, void *userData, void **ppPSKs, ubyte2 *pNumPSKs,ubyte* selectedIndex, intBoolean *pFreeMemory)