-
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN¶
Max payload size for TLS protocol message
Type: int
Help¶
The TLS standards mandate max payload size of 16384 bytes. So, for maximum operability and for general-purpose usage, that value must be used. For specific usages, that value can be largely decreased. E.g. for DTLS, payload size is limited by UDP datagram size, and even for HTTPS REST API, the payload can be limited to max size of (REST request, REST response, server certificate(s)). mbedTLS uses this value separate for input and output buffers, so twice this value will be allocated (on mbedTLS own heap, so the value of MBEDTLS_HEAP_SIZE should accommodate that).
Defaults¶
- 1500 if
MBEDTLS_BUILTIN&&MBEDTLS
Kconfig definition¶
At ext/lib/crypto/mbedtls/Kconfig:59
Included via Kconfig:10 → Kconfig.zephyr:41 → ext/Kconfig:13 → ext/lib/crypto/Kconfig:10
Menu path: (top menu) → External Sources → Cryptography → mbedTLS Support
config MBEDTLS_SSL_MAX_CONTENT_LEN
int
prompt "Max payload size for TLS protocol message" if MBEDTLS_BUILTIN && MBEDTLS
default 1500 if MBEDTLS_BUILTIN && MBEDTLS
depends on MBEDTLS_BUILTIN && MBEDTLS
help
The TLS standards mandate max payload size of 16384 bytes. So, for
maximum operability and for general-purpose usage, that value must
be used. For specific usages, that value can be largely decreased.
E.g. for DTLS, payload size is limited by UDP datagram size, and
even for HTTPS REST API, the payload can be limited to max size of
(REST request, REST response, server certificate(s)).
mbedTLS uses this value separate for input and output buffers, so
twice this value will be allocated (on mbedTLS own heap, so the
value of MBEDTLS_HEAP_SIZE should accommodate that).
(Definitions include propagated dependencies, including from if’s and menus.)