diff --git a/docs/architecture/tls13-experimental.md b/docs/architecture/tls13-experimental.md index bcf3e34f9..3db16e0a6 100644 --- a/docs/architecture/tls13-experimental.md +++ b/docs/architecture/tls13-experimental.md @@ -38,3 +38,12 @@ together with their level of testing: - The HKDF key derivation function on which the TLS 1.3 key schedule is based, is already present as an independent module controlled by `MBEDTLS_HKDF_C` independently of the development of the TLS 1.3 prototype. + +- The TLS 1.3-specific HKDF-based key derivation functions (see RFC 8446): + * HKDF-Expand-Label + * Derive-Secret + - Secret evolution + * The traffic {Key,IV} generation from secret + Those functions are implemented in `library/ssl_tls13_keys.c` and + tested in `test_suite_ssl` using test vectors from RFC 8448 and + https://tls13.ulfheim.net/.