lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Remove mentions of RSA-PSK key exchange from documentation

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2024-09-20 18:22:04 +02:00
parent 712e9a1c3e
commit b3ec125580
4 changed files with 3 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/mbedtls/mbedtls_config.h
View File

@@ -3058,7 +3058,7 @@
* library/ssl*_server.c * library/ssl*_server.c
* *
* This module is used by the following key exchanges: * This module is used by the following key exchanges:
* RSA, DHE-RSA, ECDHE-RSA, RSA-PSK * RSA, DHE-RSA, ECDHE-RSA
* *
* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
*/ */

2
library/ssl_tls12_client.c
View File

@@ -2137,7 +2137,7 @@ static int ssl_parse_server_key_exchange(mbedtls_ssl_context *ssl)
} }
/* /*
* ServerKeyExchange may be skipped with PSK and RSA-PSK when the server * ServerKeyExchange may be skipped with PSK when the server
* doesn't use a psk_identity_hint * doesn't use a psk_identity_hint
*/ */
if (ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE) { if (ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE) {

3
tf-psa-crypto/core/psa_crypto.c
View File

@@ -7019,12 +7019,11 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
* uint16 with the value N, and the PSK itself. * uint16 with the value N, and the PSK itself.
* *
* mixed-PSK: * mixed-PSK:
* In a DHE-PSK, RSA-PSK, ECDHE-PSK the premaster secret is formed as * In a DHE-PSK, ECDHE-PSK the premaster secret is formed as
* follows: concatenate a uint16 with the length of the other secret, * follows: concatenate a uint16 with the length of the other secret,
* the other secret itself, uint16 with the length of PSK, and the * the other secret itself, uint16 with the length of PSK, and the
* PSK itself. * PSK itself.
* For details please check: * For details please check:
* - RFC 4279, Section 4 for the definition of RSA-PSK,
* - RFC 4279, Section 3 for the definition of DHE-PSK, * - RFC 4279, Section 3 for the definition of DHE-PSK,
* - RFC 5489 for the definition of ECDHE-PSK. * - RFC 5489 for the definition of ECDHE-PSK.
*/ */

7
tf-psa-crypto/include/psa/crypto_values.h
View File

@@ -2020,13 +2020,6 @@
* this input may be an output of `psa_raw_key_agreement()` passed with * this input may be an output of `psa_raw_key_agreement()` passed with
* psa_key_derivation_input_bytes(), or an equivalent input passed with * psa_key_derivation_input_bytes(), or an equivalent input passed with
* psa_key_derivation_input_bytes() or psa_key_derivation_input_key(). * psa_key_derivation_input_bytes() or psa_key_derivation_input_key().
* - for a RSA-PSK cipher suite (RFC 4279, Section 4), the other secret
* should be the 48-byte client challenge (the PreMasterSecret of
* (RFC 5246, Section 7.4.7.1)) concatenation of the TLS version and
* a 46-byte random string chosen by the client. On the server, this is
* typically an output of psa_asymmetric_decrypt() using
* PSA_ALG_RSA_PKCS1V15_CRYPT, passed to the key derivation operation
* with `psa_key_derivation_input_bytes()`.
* *
* For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)` represents the * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)` represents the
* TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.