Mbed TLS v3.6.0
Loading...
Searching...
No Matches
config_adjust_ssl.h
Go to the documentation of this file.
1
17/*
18 * Copyright The Mbed TLS Contributors
19 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
20 */
21
22#ifndef MBEDTLS_CONFIG_ADJUST_SSL_H
23#define MBEDTLS_CONFIG_ADJUST_SSL_H
24
25/* The following blocks make it easier to disable all of TLS,
26 * or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all
27 * key exchanges, options and extensions related to them. */
28
29#if !defined(MBEDTLS_SSL_TLS_C)
30#undef MBEDTLS_SSL_CLI_C
31#undef MBEDTLS_SSL_SRV_C
32#undef MBEDTLS_SSL_PROTO_TLS1_3
33#undef MBEDTLS_SSL_PROTO_TLS1_2
34#undef MBEDTLS_SSL_PROTO_DTLS
35#endif
36
37#if !(defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SESSION_TICKETS))
38#undef MBEDTLS_SSL_TICKET_C
39#endif
40
41#if !defined(MBEDTLS_SSL_PROTO_DTLS)
42#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY
43#undef MBEDTLS_SSL_DTLS_CONNECTION_ID
44#undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT
45#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY
46#undef MBEDTLS_SSL_DTLS_SRTP
47#undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
48#endif
49
50#if !defined(MBEDTLS_SSL_PROTO_TLS1_2)
51#undef MBEDTLS_SSL_ENCRYPT_THEN_MAC
52#undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET
53#undef MBEDTLS_SSL_RENEGOTIATION
54#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
55#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
56#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
57#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
58#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
59#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
60#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
61#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
62#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
63#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
64#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
65#endif
66
67#if !defined(MBEDTLS_SSL_PROTO_TLS1_3)
68#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
69#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
70#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
71#undef MBEDTLS_SSL_EARLY_DATA
72#undef MBEDTLS_SSL_RECORD_SIZE_LIMIT
73#endif
74
75#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
76 (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
77 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED))
78#define MBEDTLS_SSL_TLS1_2_SOME_ECC
79#endif
80
81#endif /* MBEDTLS_CONFIG_ADJUST_SSL_H */