TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 9810b6d0b7b3240251324c69f6fc615e6b12d99b^! / .
commit9810b6d0b7b3240251324c69f6fc615e6b12d99b[log] [tgz]
authorRonald Cron <ronald.cron@arm.com>Thu Oct 20 14:22:45 2022 +0200
committerRonald Cron <ronald.cron@arm.com>Sat Oct 22 14:42:04 2022 +0200
treec272cca6b8d5bf5972f0b23775870e8af92bb6d0
parentc3f43b663e99d12a0c4703428dad3f46e7dc385c [diff]
Fix kex config options documentation in tls13-support.md

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

diff --git a/docs/architecture/tls13-support.md b/docs/architecture/tls13-support.md
index 30185f4..1c568d8 100644
--- a/docs/architecture/tls13-support.md
+++ b/docs/architecture/tls13-support.md

@@ -148,7 +148,12 @@
   - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE enables the support for middlebox
     compatibility mode as defined in section D.4 of RFC 8446.
 
-  - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED enables the
+  - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED enables the support for
+    the PSK key exchange mode as defined by RFC 8446. If it is the only key
+    exchange mode enabled, the TLS 1.3 implementation does not contain any code
+    related to key exchange protocols, certificates and signatures.
+
+  - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED enables the
     support of the ephemeral key exchange mode. If it is the only key exchange
     mode enabled, the TLS 1.3 implementation does not contain any code related
     to PSK based key exchange. The ephemeral key exchange mode requires at least
@@ -157,16 +162,11 @@
     algorithm allowed by the TLS 1.3 specification for signature computing and
     verification.
 
-  - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED enables the support for
-    the PSK key exchange mode as defined by RFC 8446. If it is the only key
+  - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED enables the
+    support for the PSK ephemeral key exchange mode. If it is the only key
     exchange mode enabled, the TLS 1.3 implementation does not contain any code
-    related to key exchange protocols, certificates and signatures.
-
-  - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED enables the support
-    for the PSK ephemeral key exchange mode. If it is the only key exchange
-    mode enabled, the TLS 1.3 implementation does not contain any code
     related to certificates and signatures. The PSK ephemeral key exchange
-    mode requirss at least one of the key exchange protocol allowed by the
+    mode requires at least one of the key exchange protocol allowed by the
     TLS 1.3 specification.