Open hanno-becker opened 3 years ago
This came up in #4811. CC @mpg @gilles-peskine-arm
In the next release of Mbed TLS (Mbed TLS 4.0), we will remove support for RSA, RSA-PSK, static ECDH and finite-field DH key exchanges. This vastly reduces the number of places where we filter for multiple key exchange types, and brings the set of TLS 1.2 key exchanges closer to 1.3. So we might be able to unify mbedtls_key_exchange_type_t
with MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_xxx
bit masks.
Mbed TLS maintains an internal (in the sense that it is not used in any public API)
enum
for key exchange identifiers:The suggestion is to replace this by a list of bitfield macros, at the benefit of reduced code size for checks like