tls13-support.md - OpenGrok cross reference for /third_party/mbedtls/docs/architecture/tls13-support.md

Lines Matching full:tls
1 TLS 1.3 support
7 Mbed TLS provides an implementation of the TLS 1.3 protocol. The TLS 1.3 support
15   - Mbed TLS implements both the client and the server side of the TLS 1.3
18   - Mbed TLS supports ECDHE key establishment.
20   - Mbed TLS supports DHE key establishment.
22   - Mbed TLS supports pre-shared keys for key establishment, pre-shared keys
25   - Mbed TLS supports session resumption via the ticket mechanism.
27   - Mbed TLS supports sending and receiving early data (0-RTT data).
81   - TLS 1.2 and TLS 1.3 with version negotiation on client and server side.
83   - TLS 1.2 and TLS 1.3 can be enabled in the build independently of each
86 - Compatibility with existing SSL/TLS build options:
88   The TLS 1.3 implementation is compatible with nearly all TLS 1.2
89   configuration options in the sense that when enabling TLS 1.3 in the library
91   TLS 1.2. There are two exceptions though: the TLS 1.3 implementation requires
95   Most of the Mbed TLS SSL/TLS related options are not supported or not
96   applicable to the TLS 1.3 implementation:
98   | Mbed TLS configuration option            | Support |
133   (2) See the TLS 1.3 specific build options section below.
135 - TLS 1.3 specific build options:
142     exchange mode enabled, the TLS 1.3 implementation does not contain any code
147     mode enabled, the TLS 1.3 implementation does not contain any code related
149     one of the key exchange protocol allowed by the TLS 1.3 specification, the
151     algorithm allowed by the TLS 1.3 specification for signature computing and
156     exchange mode enabled, the TLS 1.3 implementation does not contain any code
159     TLS 1.3 specification.
162 Coding rules checklist for TLS 1.3
165 The following coding rules are aimed to be a checklist for TLS 1.3 upstreaming
168 (https://mbed-tls.readthedocs.io/en/latest/kb/development/mbedtls-coding-standards). They have been
170 PR upstreaming the first part of TLS 1.3 ClientHello writing code.
172 TLS 1.3 specific coding rules:
174   - TLS 1.3 specific C modules, headers, static functions names are prefixed
178   - TLS 1.3 specific exported functions, structures and types are
181   - Use TLS1_3 in TLS 1.3 specific macros.
184     TLS 1.3 specification should contain as far as possible the field name as
201       vector as defined in the TLS 1.3 specification.
253     (https://github.com/Mbed-TLS/mbedtls/pull/4882#discussion_r701704527) from
255     pointer in functions parsing TLS 1.3 data, and for the writing pointer in
257     name `p` has been chosen as it was already widely used in TLS code.
259   - When an TLS 1.3 structure is written or read by a function or as part of
261     it is in the TLS 1.3 specification.
286     writing TLS handshake message) there is no need to define a macro for it.
343 The TLS 1.3 handshake protocol is implemented as a state machine. The