Extension | TLS 1.3 |
---|---|
server_name |
CH, EE |
max_fragment_length |
CH, EE |
status_request |
CH, CR, CT |
supported_groups |
CH, EE |
signature_algorithms (RFC8446) | CH, CR |
use_srtp |
CH, EE |
heartbeat |
CH, EE |
application_layer_protocol_negotiation |
CH, EE |
signed_certificate_timestamp |
CH, CR, CT |
client_certificate_type |
CH, EE |
server_certificate_type |
CH, EE |
padding |
CH |
key_share (RFC 8446) | CH, SH, HRR |
pre_shared_key (RFC 8446) | CH, SH |
psk_key_exchange_modes (RFC 8446) | CH |
early_data (RFC 8446) | CH, EE, NST |
cookie (RFC 8446) | CH, HRR |
supported_versions (RFC 8446) | CH, SH, HRR |
certificate_authorities (RFC 8446) | CH, CR |
oid_filters (RFC 8446) | CR |
post_handshake_auth (RFC 8446) | CH |
signature_algorithms_cert (RFC 8446) | CH, CR |
Mode | Handshake Context | Base Key |
---|---|---|
Server | ClientHello ... later of EncryptedExtensions/CertificateRequest | server_handshake_traffic_secret |
Client | ClientHello ... later of server Finished/EndOfEarlyData | client_handshake_traffic_secret |
Post-Handshake | ClientHello ... client Finished + CertificateRequest | client_application_traffic_secret_N |
Record Type | Secret |
---|---|
0-RTT Application | client_early_traffic_secret |
Handshake | [sender]_handshake_traffic_secret |
Application Data | [sender]_application_traffic_secret_N |
Component | Contents |
---|---|
TLS | The string "TLS" |
AEAD | The AEAD algorithm used for record protection |
HASH | The hash algorithm used with HKDF |
VALUE | The two byte ID assigned for this cipher suite |
Description | Value |
---|---|
TLS_AES_128_GCM_SHA256 | {0x13,0x01} |
TLS_AES_256_GCM_SHA384 | {0x13,0x02} |
TLS_CHACHA20_POLY1305_SHA256 | {0x13,0x03} |
TLS_AES_128_CCM_SHA256 | {0x13,0x04} |
TLS_AES_128_CCM_8_SHA256 | {0x13,0x05} |