Clarify the TLS 1.3 situation

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-05-11 13:27:44 +02:00 · 2022-05-11 13:27:44 +02:00 · 3e83098e01
commit 3e83098e01
parent 103b9929d1
2 changed files with 9 additions and 2 deletions
--- a/docs/use-psa-crypto.md
+++ b/docs/use-psa-crypto.md
@ -11,7 +11,8 @@ Compile-time: enabling `MBEDTLS_USE_PSA_CRYPTO` requires
 Scope: `MBEDTLS_USE_PSA_CRYPTO` has no effect on the parts of the code that
 are specific to TLS 1.3; those parts always use PSA Crypto. The parts of the
 TLS 1.3 code that are common with TLS 1.2, however, follow this option (this
-is currently just the record protection code).
+is currently just the record protection code, and X.509). You need to enable
+`MBEDTLS_USE_PSA_CRYPTO` if you want TLS 1.3 to use PSA everywhere.

 New APIs / API extensions
 -------------------------
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@ -1506,9 +1506,15 @@
 *       1.3 support that this option enables.
 *
 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ * Note: even though TLS 1.3 depends on PSA Crypto, if you want it to only use
+ * PSA for all crypto operations, you need to also enable
+ * MBEDTLS_USE_PSA_CRYPTO; otherwise X.509 operations, and functions that are
+ * common with TLS 1.2 (record protection, running handshake hash) will still
+ * use non-PSA crypto.
 *
 * Uncomment this macro to enable the support for TLS 1.3.
- *
 */
 //#define MBEDTLS_SSL_PROTO_TLS1_3