commit ac767e5c691718f829abed6ea335ca7e9a6d2135
author Gilles Peskine <Gilles.Peskine@arm.com> Fri Sep 20 18:08:44 2024 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Tue Nov 05 15:49:01 2024 +0100
tree 2a2a31b03f5b887e6f48765ceab7ace93150321e
parent 7dfe7c9e4a14aa27edc5111bbe88bf0fb488e120

Remove MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED

Remove the configuration option MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED and all
code guarded by it. This remove support for the RSA-PSK key exchange in TLS
1.2.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 44cbcd3..ef6c607 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -312,7 +312,6 @@
                                 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
                                 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
                                 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
-                                MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
                                 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \
                                 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
 
@@ -322,8 +321,7 @@
 TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
                                        MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
                                        MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
-                                       MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
-                                       MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED"
+                                       MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED"
 
 requires_certificate_authentication () {
     if is_config_enabled MBEDTLS_SSL_PROTO_TLS1_3