yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-19 09:11:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
mbedtls/docs/architecture/tls13-experimental.md

37 lines
1.2 KiB
Markdown
Raw Normal View History

Add documentation on state of upstreaming of TLS 1.3 prototype Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-31 06:39:50 +00:00
Experimental TLS 1.3 develpoments
=================================
Overview
--------
Mbed TLS doesn't support the TLS 1.3 protocol yet, but a prototype is in development.
Stable parts of this prototype that can be independently tested are being successively
upstreamed under the guard of the following macro:
```
MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
```
This macro will likely be renamed to `MBEDTLS_SSL_PROTO_TLS1_3` once a minimal viable
implementation of the TLS 1.3 protocol is available.
See the [documentation of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`](../../include/mbedtls/config.h)
for more information.
Status
------
The following lists which parts of the TLS 1.3 prototype have already been upstreamed
together with their level of testing:
* TLS 1.3 record protection mechanisms
The record protection routines `mbedtls_ssl_{encrypt|decrypt}_buf()` have been extended
to support the modified TLS 1.3 record protection mechanism, including modified computation
of AAD, IV, and the introduction of a flexible padding.
Those record protection routines have unit tests in `test_suite_ssl` alongside the
tests for the other record protection routines.
TODO: Add some test vectors from RFC 8448.
Reference in a new issue Copy permalink