Skip to content

Commit

Permalink
FFDH in TLS: it's only a limitation for TLS 1.2, not TLS 1.3
Browse files Browse the repository at this point in the history 
Signed-off-by: Gilles Peskine <[email protected]>
  • Loading branch information
@gilles-peskine-arm
gilles-peskine-arm committed Dec 4, 2024
1 parent 42cb84f commit d78d695
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions docs/driver-only-builds.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -278,9 +278,11 @@ The same holds for the associated algorithm:
removing builtin support (i.e. `MBEDTLS_DHM_C`).

Note that the PSA API only supports FFDH with RFC 7919 groups, whereas the
Mbed TLS legacy API supports custom groups. As a consequence, the TLS layer
of Mbed TLS only supports DHE cipher suites if built-in FFDH
Mbed TLS legacy API supports custom groups. As a consequence, the TLS 1.2
layer of Mbed TLS only supports DHE cipher suites if built-in FFDH
(`MBEDTLS_DHM_C`) is present, even when `MBEDTLS_USE_PSA_CRYPTO` is enabled.
(The TLS 1.3 layer uses PSA, and this is not a limitation because the
protocol does not allow custom FFDH groups.)

RSA
---
Expand Down

0 comments on commit d78d695

Please sign in to comment.