mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-28 09:39:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update TLS 1.3 support document

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-10-03 12:02:17 +02:00
parent eac00ad2a6
commit 93dcb1ba8d
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/architecture/tls13-support.md
View File

@ -28,9 +28,12 @@ Support description
- Mbed TLS does not support DHE key establishment. - Mbed TLS does not support DHE key establishment.
- Mbed TLS does not support pre-shared keys, including any form of - Mbed TLS supports pre-shared keys for key establishment, pre-shared keys
session resumption. This implies that it does not support sending early provisioned externally as well as provisioned via the ticket mechanism.
data (0-RTT data).
- Mbed TLS supports session resumption via the ticket mechanism.
- Mbed TLS does not support sending or receiving early data (0-RTT data).
- Supported cipher suites: depends on the library configuration. Potentially - Supported cipher suites: depends on the library configuration. Potentially
all of them: all of them:
@ -54,8 +57,8 @@ Support description
| server_certificate_type | no | | server_certificate_type | no |
| padding | no | | padding | no |
| key_share | YES | | key_share | YES |
| pre_shared_key | no | | pre_shared_key | YES |
| psk_key_exchange_modes | no | | psk_key_exchange_modes | YES |
| early_data | no | | early_data | no |
| cookie | no | | cookie | no |
| supported_versions | YES | | supported_versions | YES |
@ -118,7 +121,7 @@ Support description
| MBEDTLS_SSL_RENEGOTIATION | n/a | | MBEDTLS_SSL_RENEGOTIATION | n/a |
| MBEDTLS_SSL_MAX_FRAGMENT_LENGTH | no | | MBEDTLS_SSL_MAX_FRAGMENT_LENGTH | no |
| | | | | |
| MBEDTLS_SSL_SESSION_TICKETS | no | | MBEDTLS_SSL_SESSION_TICKETS | yes |
| MBEDTLS_SSL_SERVER_NAME_INDICATION | yes | | MBEDTLS_SSL_SERVER_NAME_INDICATION | yes |
| MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH | no | | MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH | no |
| | | | | |
@ -175,8 +178,7 @@ Prototype upstreaming status
The following parts of the TLS 1.3 prototype remain to be upstreamed: The following parts of the TLS 1.3 prototype remain to be upstreamed:
- Pre-shared keys, session resumption and 0-RTT data (both client and server - Sending (client) and receiving (server) early data (0-RTT data).
side).
- New TLS Message Processing Stack (MPS) - New TLS Message Processing Stack (MPS)