Lines Matching +full:no +full:- +full:tls1_3
5 --------
20 --------------
22 - Overview
24 - The TLS 1.3 MVP implements only the client side of the protocol.
26 - The TLS 1.3 MVP supports ECDHE key establishment.
28 - The TLS 1.3 MVP does not support DHE key establishment.
30 - The TLS 1.3 MVP does not support pre-shared keys, including any form of
32 data (0-RTT data).
34 - The TLS 1.3 MVP supports the authentication of the server by the client
40 - The TLS 1.3 MVP does not support the handling of server HelloRetryRequest
46 - If the TLS 1.3 MVP receives a HelloRetryRequest or a CertificateRequest
51 - Supported cipher suites: depends on the library configuration. Potentially
56 - Supported ClientHello extensions:
59 | ---------------------------- | ------- | ------------- |
61 | max_fragment_length | no | YES |
62 | status_request | no | no |
65 | use_srtp | no | no |
66 | heartbeat | no | no |
67 | apln | no | YES |
68 | signed_certificate_timestamp | no | no |
69 | client_certificate_type | no | no |
70 | server_certificate_type | no | no |
71 | padding | no | no |
73 | pre_shared_key | no | YES |
74 | psk_key_exchange_modes | no | YES |
75 | early_data | no | YES |
76 | cookie | no | YES |
78 | certificate_authorities | no | no |
79 | post_handshake_auth | no | no |
80 | signature_algorithms_cert | no | no |
101 Out-of-protocol fallback is supported though if the Mbed TLS library
105 re-initiate a server handshake.
107 - Supported groups: depends on the library configuration.
113 - Supported signature algorithms (both for certificates and CertificateVerify):
123 - Supported versions: only TLS 1.3, version negotiation is not supported.
125 - Compatibility with existing SSL/TLS build options:
128 sense that when enabling the TLS 1.3 MVP in the library there is no need to
133 | ---------------------------------------- | ------- |
134 | MBEDTLS_SSL_ALL_ALERT_MESSAGES | no |
135 | MBEDTLS_SSL_ASYNC_PRIVATE | no |
136 | MBEDTLS_SSL_CONTEXT_SERIALIZATION | no |
137 | MBEDTLS_SSL_DEBUG_ALL | no |
140 | MBEDTLS_SSL_KEEP_PEER_CERTIFICATE | no |
142 | MBEDTLS_SSL_MAX_FRAGMENT_LENGTH | no |
144 | MBEDTLS_SSL_SESSION_TICKETS | no |
145 | MBEDTLS_SSL_EXPORT_KEYS | no (1) |
146 | MBEDTLS_SSL_SERVER_NAME_INDICATION | no |
147 | MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH | no |
149 | MBEDTLS_ECP_RESTARTABLE | no |
150 | MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED | no |
164 | MBEDTLS_USE_PSA_CRYPTO | no |
172 - Quality considerations
173 - Standard Mbed TLS review bar
174 - Interoperability testing with OpenSSL and GnuTLS. Test with all the
176 - Negative testing against OpenSSL/GnuTLS servers with which the
184 ----------------------------
189 - Ephemeral only handshake on client side: client authentication,
192 - Ephemeral only handshake server side.
194 - Pre-shared keys, session resumption and 0-RTT data (both client and server
197 - New TLS Message Processing Stack (MPS)
200 encompassing low-level details such as record parsing, handshake reassembly, and
204 - Layer 1 (Datagram handling)
205 - Layer 2 (Record handling)
206 - Layer 3 (Message handling)
207 - Layer 4 (Retransmission State Machine)
208 - Reader (Abstracted pointer arithmetic and reassembly logic for incoming data)
209 - Writer (Abstracted pointer arithmetic and fragmentation logic for outgoing data)
214 - Reader ([`library/mps_reader.h`](../../library/mps_reader.h))
218 ----------------------------------
223 (https://tls.mbed.org/kb/development/mbedtls-coding-standards). They have been
229 - TLS 1.3 specific C modules, headers, static functions names are prefixed
233 - TLS 1.3 specific exported functions, structures and types are
236 - Use TLS1_3 in TLS 1.3 specific macros.
238 - The names of macros and variables related to a field or structure in the
251 - Regarding vectors that are represented by a length followed by their value
254 - Use `<vector name>_len` for the name of a variable used to compute the
258 - Use `p_<vector_name>_len` for the name of a variable intended to hold
261 - Use `<vector_name>` for the name of a variable intended to hold the
264 - Use `<vector_name>_end` for the name of a variable intended to hold
267 Those idioms should lower the risk of mis-using one of the address in place
278 - Where applicable, use:
279 - the macros to extract a byte from a multi-byte integer MBEDTLS_BYTE_{0-8}.
280 - the macros to write in memory in big-endian order a multi-byte integer
282 - the macros to read from memory a multi-byte integer in big-endian order
284 - the macro to check for space when writing into an output buffer
286 - the macro to check for data when reading from an input buffer
293 The three first types, MBEDTLS_BYTE_{0-8}, MBEDTLS_PUT_UINT{8|16|32|64}_BE
299 reduce the risk of error in the non-completely-trivial arithmetic to
311 - To mitigate what happened here
318 - When an TLS 1.3 structure is written or read by a function or as part of
324 - We prefer grouping "related statement lines" by not adding blank lines
342 - Use macros for constants that are used in different functions, different
345 writing TLS handshake message) there is no need to define a macro for it.
349 - When declaring a pointer the dereferencing operator should be prepended to
354 - Maximum line length is 80 characters.
358 - string literals can extend beyond 80 characters as we do not want to
361 - A line can be more than 80 characters by a few characters if just looking
371 - When in successive lines, functions and macros parameters should be aligned
382 - When a function's parameters span several lines, group related parameters