cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update state of TLS 1.3 functionality in architecture document

Browse Source 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
Hanno Becker 2020-08-10 17:00:19 +01:00
parent 2d2c3eb687
commit b11c3097a5
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/architecture/tls13-experimental.md
View File

@ -38,3 +38,12 @@ together with their level of testing:
- The HKDF key derivation function on which the TLS 1.3 key schedule is based, - The HKDF key derivation function on which the TLS 1.3 key schedule is based,
is already present as an independent module controlled by `MBEDTLS_HKDF_C` is already present as an independent module controlled by `MBEDTLS_HKDF_C`
independently of the development of the TLS 1.3 prototype. independently of the development of the TLS 1.3 prototype.
- The TLS 1.3-specific HKDF-based key derivation functions (see RFC 8446):
* HKDF-Expand-Label
* Derive-Secret
- Secret evolution
* The traffic {Key,IV} generation from secret
Those functions are implemented in `library/ssl_tls13_keys.c` and
tested in `test_suite_ssl` using test vectors from RFC 8448 and
https://tls13.ulfheim.net/.