Minor fixes and improvements in TLS 1.3 key schedule documentation
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
parent
2dfe1327e5
commit
61baae7c9f
3 changed files with 10 additions and 10 deletions
|
@ -379,7 +379,7 @@ typedef int mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen,
|
|||
const unsigned char *random, size_t rlen,
|
||||
unsigned char *dstbuf, size_t dlen );
|
||||
|
||||
/* cipher.h exports the maximum IV, key and block length from all
|
||||
/* cipher.h exports the maximum IV, key and block length from
|
||||
* all ciphers enabled in the config, regardless of whether those
|
||||
* ciphers are actually usable in SSL/TLS. Notably, XTS is enabled
|
||||
* in the default configuration and uses 64 Byte keys, but it is
|
||||
|
|
|
@ -59,15 +59,15 @@ struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels =
|
|||
* 255. This allows us to save a few Bytes of code by
|
||||
* hardcoding the writing of the high bytes.
|
||||
* - (label, llen): label + label length, without "tls13 " prefix
|
||||
* The label length MUST be
|
||||
* <= MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN
|
||||
* It is the caller's responsiblity to ensure this.
|
||||
* The label length MUST be less than or equal to
|
||||
* MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN
|
||||
* It is the caller's responsibility to ensure this.
|
||||
* All (label, label length) pairs used in TLS 1.3
|
||||
* can be obtained via MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN().
|
||||
* - (ctx, clen): context + context length
|
||||
* The context length MUST be
|
||||
* <= MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN
|
||||
* It is the caller's responsiblity to ensure this.
|
||||
* The context length MUST be less than or equal to
|
||||
* MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN
|
||||
* It is the caller's responsibility to ensure this.
|
||||
* - dst: Target buffer for HkdfLabel structure,
|
||||
* This MUST be a writable buffer of size
|
||||
* at least SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN Bytes.
|
||||
|
@ -296,7 +296,7 @@ int mbedtls_ssl_tls1_3_evolve_secret(
|
|||
hlen = mbedtls_md_get_size( md );
|
||||
|
||||
/* For non-initial runs, call Derive-Secret( ., "derived", "")
|
||||
* on the old secreet. */
|
||||
* on the old secret. */
|
||||
if( secret_old != NULL )
|
||||
{
|
||||
ret = mbedtls_ssl_tls1_3_derive_secret(
|
||||
|
|
|
@ -64,7 +64,7 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
|
|||
#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN \
|
||||
sizeof( union mbedtls_ssl_tls1_3_labels_union )
|
||||
|
||||
/* The maximum length of HKDF contexts used in the TLS 1.3 standad.
|
||||
/* The maximum length of HKDF contexts used in the TLS 1.3 standard.
|
||||
* Since contexts are always hashes of message transcripts, this can
|
||||
* be approximated from above by the maximum hash size. */
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN \
|
||||
|
@ -94,7 +94,7 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
|
|||
* This must be a readable buffer of length \p clen Bytes.
|
||||
* \param clen The length of \p context in Bytes.
|
||||
* \param buf The destination buffer to hold the expanded secret.
|
||||
* This must be a writable buffe of length \p blen Bytes.
|
||||
* This must be a writable buffer of length \p blen Bytes.
|
||||
* \param blen The desired size of the expanded secret in Bytes.
|
||||
*
|
||||
* \returns \c 0 on success.
|
||||
|
|
Loading…
Reference in a new issue