-
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN
¶
Max payload size for TLS protocol message
SSL - Maximum buffer size
Max payload size for TLS protocol message
Type: int
Help¶
The TLS standards mandate max payload size of 16384 bytes. So, for
maximum operability and for general-purpose usage, that value must
be used. For specific usages, that value can be largely decreased.
E.g. for DTLS, payload size is limited by UDP datagram size, and
even for HTTPS REST API, the payload can be limited to max size of
(REST request, REST response, server certificate(s)).
mbedTLS uses this value separate for input and output buffers, so
twice this value will be allocated (on mbedTLS own heap, so the
value of MBEDTLS_HEAP_SIZE should accommodate that).
Help¶
Maximum buffer size for incoming and outgoing mbed TLS I/O buffers.
MBEDTLS_SSL_MAX_CONTENT_LEN setting in mbed TLS config file.
Help¶
The TLS standards mandate max payload size of 16384 bytes. So, for
maximum operability and for general-purpose usage, that value must
be used. For specific usages, that value can be largely decreased.
E.g. for DTLS, payload size is limited by UDP datagram size, and
even for HTTPS REST API, the payload can be limited to max size of
(REST request, REST response, server certificate(s)).
mbedTLS uses this value separate for input and output buffers, so
twice this value will be allocated (on mbedTLS own heap, so the
value of MBEDTLS_HEAP_SIZE should accommodate that).
Direct dependencies¶
PELION_SOURCES
|| (MBEDTLS_BUILTIN
&& MBEDTLS
) || (MBEDTLS_TLS_LIBRARY
&& NRF_SECURITY_ADVANCED
&& NRF_SECURITY_ANY_BACKEND
&& NORDIC_SECURITY_BACKEND
) || (MBEDTLS_BUILTIN
&& MBEDTLS
&& 0)
(Includes any dependencies from ifs and menus.)
Defaults¶
4096
1500
900 if
OPENTHREAD_NRF_SECURITY
16384
1500
Kconfig definitions¶
At <nRF>/lib/pelion/Kconfig:26
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:23
→ <Zephyr>/modules/Kconfig:6
→ <BuildDir>/kconfig/Kconfig.modules:2
→ <nRF>/Kconfig.nrf:52
→ <nRF>/lib/Kconfig:34
Menu path: (Top) → Modules → nrf (/home/runner/work/sdk-nrf/sdk-nrf/ncs/nrf) → Nordic nRF Connect → Libraries → Pelion Device Management Client Library
config MBEDTLS_SSL_MAX_CONTENT_LEN
int
default 4096
depends on PELION_SOURCES
At <Zephyr>/modules/mbedtls/Kconfig:64
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:23
→ <Zephyr>/modules/Kconfig:6
→ <BuildDir>/kconfig/Kconfig.modules:50
Menu path: (Top) → Modules → mbedtls (/home/runner/work/sdk-nrf/sdk-nrf/ncs/modules/crypto/mbedtls) → mbed TLS Support
config MBEDTLS_SSL_MAX_CONTENT_LEN
int "Max payload size for TLS protocol message"
default 1500
depends on MBEDTLS_BUILTIN && MBEDTLS
help
The TLS standards mandate max payload size of 16384 bytes. So, for
maximum operability and for general-purpose usage, that value must
be used. For specific usages, that value can be largely decreased.
E.g. for DTLS, payload size is limited by UDP datagram size, and
even for HTTPS REST API, the payload can be limited to max size of
(REST request, REST response, server certificate(s)).
mbedTLS uses this value separate for input and output buffers, so
twice this value will be allocated (on mbedTLS own heap, so the
value of MBEDTLS_HEAP_SIZE should accommodate that).
At <nrfxlib>/nrf_security/Kconfig:1549
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:23
→ <Zephyr>/modules/Kconfig:6
→ <BuildDir>/kconfig/Kconfig.modules:62
→ <nrfxlib>/Kconfig.nrfxlib:13
Menu path: (Top) → Modules → nrfxlib (/home/runner/work/sdk-nrf/sdk-nrf/ncs/nrfxlib) → Nordic nrfxlib → Nordic Security → Use Nordic provided security backend → Advanced mbed TLS Configuration Settings
config MBEDTLS_SSL_MAX_CONTENT_LEN
int "SSL - Maximum buffer size"
range 0 16384
default 900 if OPENTHREAD_NRF_SECURITY
default 16384
depends on MBEDTLS_TLS_LIBRARY && NRF_SECURITY_ADVANCED && NRF_SECURITY_ANY_BACKEND && NORDIC_SECURITY_BACKEND
help
Maximum buffer size for incoming and outgoing mbed TLS I/O buffers.
MBEDTLS_SSL_MAX_CONTENT_LEN setting in mbed TLS config file.
At <Zephyr>/modules/mbedtls/Kconfig:64
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:23
→ <Zephyr>/modules/Kconfig:66
Menu path: (Top) → Modules → mbed TLS Support
config MBEDTLS_SSL_MAX_CONTENT_LEN
int "Max payload size for TLS protocol message"
default 1500
depends on MBEDTLS_BUILTIN && MBEDTLS && 0
help
The TLS standards mandate max payload size of 16384 bytes. So, for
maximum operability and for general-purpose usage, that value must
be used. For specific usages, that value can be largely decreased.
E.g. for DTLS, payload size is limited by UDP datagram size, and
even for HTTPS REST API, the payload can be limited to max size of
(REST request, REST response, server certificate(s)).
mbedTLS uses this value separate for input and output buffers, so
twice this value will be allocated (on mbedTLS own heap, so the
value of MBEDTLS_HEAP_SIZE should accommodate that).
(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)