Decoder ring for SSL_MAJOR and SSL_MINOR defines

applesauce49 · August 14, 2019, 9:46pm

How does something like

mbedtls_ssl_conf_max_version(&p_sslInfo->conf,
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3);

translate to “TLS 1.2” and

mbedtls_ssl_conf_min_version(&p_sslInfo->conf,
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_1);

translate to “TLS 1.0” and where does one go to figure out this magical mapping of MBEDTLS major and minor values to acutal protcol versions?

roneld01 · August 18, 2019, 5:27am

Hi @applesauce49
Thank you for your question.
In the TLS 1.2 RFC 5246 you will see:

struct {
       uint8 major;
       uint8 minor;
   } ProtocolVersion;

   ProtocolVersion version = { 3, 3 };     /* TLS v1.2*/

Which means that version 3.3 is TLS 1.2
In the TLS 1.0 RFC 2246 you will see:

    struct {
        uint8 major, minor;
    } ProtocolVersion;

    ProtocolVersion version = { 3, 1 };     /* TLS v1.0 */

Which means that version 3.1 is TLS 1.0
Regards,
Mbed TLS Support
Ron

Topic		Replies	Views
TLS version number in a Client Hello packet Crypto and SSL questions	2	1312	April 15, 2019
TLS version 1.0 support Mbed TLS	0	381	May 5, 2022
TLS 1.3 is now official! Mbed TLS mbed_tls	1	1093	August 20, 2018
Mbed TLS mbedtls_ssl_config (struct) Generic mbed_tls	0	449	April 2, 2021
How to update mbedtls version 2.25 to 3.2.1 in mbed-os 6.16.0 Bugs mbed_tls , mbed_os	1	948	September 22, 2022