paque *,
                                            size_t);
  int (*gnutls_process_server_kx) (gnutls_session_t, opaque *, size_t);
  int (*gnutls_process_client_kx) (gnutls_session_t, opaque *, size_t);
  int (*gnutls_process_client_cert_vrfy) (gnutls_session_t, opaque *, size_t);
  int (*gnutls_process_server_certificate_request) (gnutls_session_t,
                                                    opaque *, size_t);
} mod_auth_st;

Those functions are responsible for the interpretation of the handshake
protocol messages.  It is common for such functions to read data from
one or more ‘credentials_t’ structures(1) and write data, such as
certificates, usernames etc.  to ‘auth_info_t’ structures.

Simple examples of existing authentication methods can be seen in
‘auth/psk.c’ for PSK ciphersuites and ‘auth/srp.c’ for SRP ciphersuites.
After implementing these functions the structure holding its pointers
has to be registered in ‘gnutls_algorithms.c’ in the
‘_gnutls_kx_algorithms’ structure.

   ---------- Footnotes ----------

   (1) such as the ‘gnutls_certificate_credentials_t’ structures