Add clarifying comment
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
275afe187f
commit
97bb726e2d
1 changed files with 11 additions and 3 deletions
|
@ -304,13 +304,21 @@ typedef enum {
|
||||||
#define MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED
|
#define MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Key exchanges allowing client certificate requests */
|
/* Key exchanges allowing client certificate requests.
|
||||||
|
*
|
||||||
|
* Note: that's almost the same as MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED
|
||||||
|
* above, except RSA-PSK uses a server certificate but no client cert.
|
||||||
|
*
|
||||||
|
* Note: this difference is specific to TLS 1.2, as with TLS 1.3, things are
|
||||||
|
* more symmetrical: client certs and server certs are either both allowed
|
||||||
|
* (Ephemeral mode) or both disallowed (PSK and PKS-Ephemeral modes).
|
||||||
|
*/
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||||
|
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
|
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
|
||||||
#define MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED
|
#define MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue