[tls] Make key exchange algorithms selectable via build configuration

Allow the choice of key exchange algorithms to be controlled via build configuration options in config/crypto.h, as is already done for the choices of public-key algorithms, cipher algorithms, and digest algorithms. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-02-14 02:31:26 +03:00 · 2024-01-30 16:48:46 +00:00
parent a881a26061
commit 8f6a9399b3
10 changed files with 249 additions and 98 deletions
--- a/src/config/crypto.h
+++ b/src/config/crypto.h
@@ -12,6 +12,12 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 /** Minimum TLS version */
 #define TLS_VERSION_MIN TLS_VERSION_TLS_1_1

+/** Public-key exchange algorithm */
+#define CRYPTO_EXCHANGE_PUBKEY
+
+/** DHE key exchange algorithm */
+#define CRYPTO_EXCHANGE_DHE
+
 /** RSA public-key algorithm */
 #define CRYPTO_PUBKEY_RSA