mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-18 19:27:41 +00:00
Fix and improve the documentation of supported groups
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
parent
f164b6a7ff
commit
8ee9ed6785
@ -135,9 +135,12 @@ MVP definition
|
||||
|
||||
(2) The MVP sends one shared secret corresponding to the configured preferred
|
||||
group. The preferred group is the group of the first curve in the list of
|
||||
allowed curves as defined by the configuration. By default, it is the
|
||||
mandatory group as defined by section 9.1 of the specification,
|
||||
`secp256r1`. The list of allowed curves can be set through the
|
||||
allowed curves as defined by the configuration. The allowed curves are
|
||||
by default ordered as follow: `secp256r1`, `x25519`, `secp384r1`
|
||||
and finally `secp521r1`. This default order is aligned with the
|
||||
list of mandatory-to-implement groups (in absence of an application
|
||||
profile standard specifying otherwise) defined in section 9.1 of the
|
||||
specification. The list of allowed curves can be changed through the
|
||||
`mbedtls_ssl_conf_curves()` API.
|
||||
|
||||
(3) The MVP proposes only TLS 1.3 and does not support version negociation.
|
||||
@ -148,11 +151,8 @@ MVP definition
|
||||
re-initiate a server handshake.
|
||||
|
||||
- Supported groups: depends on the library configuration.
|
||||
Minimally (as defined in section 9.1 of the TLS 1.3 specification):
|
||||
secp256r1 and x25519.
|
||||
|
||||
Furthermore, depending on the library configuration, potentially:
|
||||
secp384r1 and secp521r1.
|
||||
Potentially all ECDHE groups but x448:
|
||||
secp256r1, x25519, secp384r1 and secp521r1.
|
||||
|
||||
Finite field groups (DHE) are not supported.
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user