lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Merge pull request #3568 from hanno-arm/tls13_experimental_key_schedule_1

Browse Source 
TLS 1.3: Add HKDF-based key derivation functionality
This commit is contained in:
Janos Follath
2020-09-16 11:40:06 +01:00
committed by GitHub
parent dc57c25e30 531fe3054c
commit 2a25904f45
10 changed files with 978 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/architecture/tls13-experimental.md
View File

@ -38,3 +38,12 @@ together with their level of testing:
- The HKDF key derivation function on which the TLS 1.3 key schedule is based,
is already present as an independent module controlled by `MBEDTLS_HKDF_C`
independently of the development of the TLS 1.3 prototype.
- The TLS 1.3-specific HKDF-based key derivation functions (see RFC 8446):
* HKDF-Expand-Label
* Derive-Secret
- Secret evolution
* The traffic {Key,IV} generation from secret
Those functions are implemented in `library/ssl_tls13_keys.c` and
tested in `test_suite_ssl` using test vectors from RFC 8448 and
https://tls13.ulfheim.net/.