lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-11-21 12:40:51 +03:00
Code Activity

Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr

Browse Source 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott
2023-03-21 15:26:13 +00:00
parent 3543806026 d3b6e92967
commit f1eb5e2a04
17 changed files with 1020 additions and 214 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
include/mbedtls/ssl.h
View File

@@ -601,8 +601,22 @@
* Size defines
*/
#if !defined(MBEDTLS_PSK_MAX_LEN)
#define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */
/*
* If the library supports TLS 1.3 tickets and the cipher suite
* TLS1-3-AES-256-GCM-SHA384, set the PSK maximum length to 48 instead of 32.
* That way, the TLS 1.3 client and server are able to resume sessions where
* the cipher suite is TLS1-3-AES-256-GCM-SHA384 (pre-shared keys are 48
* bytes long in that case).
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && \
defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
#define MBEDTLS_PSK_MAX_LEN 48 /* 384 bits */
#else
#define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */
#endif
#endif /* !MBEDTLS_PSK_MAX_LEN */
/* Dummy type used only for its size */
union mbedtls_ssl_premaster_secret {