diff options
| author | Felix Fietkau <nbd@nbd.name> | 2016-12-10 12:27:23 +0100 |
|---|---|---|
| committer | Felix Fietkau <nbd@nbd.name> | 2016-12-12 10:22:19 +0100 |
| commit | 64590f3c7ec8873ab976c795841571217b79a67c (patch) | |
| tree | 38ba0c7cd4af2ccefa22d29726d431697248d3d8 /package/libs/mbedtls | |
| parent | 732c24a0cac4293b058c99ff7867fd13a2670eca (diff) | |
| download | upstream-64590f3c7ec8873ab976c795841571217b79a67c.tar.gz upstream-64590f3c7ec8873ab976c795841571217b79a67c.tar.bz2 upstream-64590f3c7ec8873ab976c795841571217b79a67c.zip | |
mbedtls: tune config to reduce size and improve performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'package/libs/mbedtls')
| -rw-r--r-- | package/libs/mbedtls/patches/200-config.patch | 48 |
1 files changed, 43 insertions, 5 deletions
diff --git a/package/libs/mbedtls/patches/200-config.patch b/package/libs/mbedtls/patches/200-config.patch index 9e477ef083..72f0c91c1f 100644 --- a/package/libs/mbedtls/patches/200-config.patch +++ b/package/libs/mbedtls/patches/200-config.patch @@ -18,7 +18,7 @@ /** * \def MBEDTLS_CIPHER_MODE_CTR -@@ -441,13 +441,13 @@ +@@ -441,17 +441,17 @@ * * Comment macros to disable the curve and functions for it */ @@ -27,15 +27,24 @@ +//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED #define MBEDTLS_ECP_DP_SECP256R1_ENABLED - #define MBEDTLS_ECP_DP_SECP384R1_ENABLED - #define MBEDTLS_ECP_DP_SECP521R1_ENABLED +-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +-#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED ++//#define MBEDTLS_ECP_DP_SECP384R1_ENABLED ++//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED #define MBEDTLS_ECP_DP_SECP256K1_ENABLED - #define MBEDTLS_ECP_DP_BP256R1_ENABLED - #define MBEDTLS_ECP_DP_BP384R1_ENABLED +-#define MBEDTLS_ECP_DP_BP256R1_ENABLED +-#define MBEDTLS_ECP_DP_BP384R1_ENABLED +-#define MBEDTLS_ECP_DP_BP512R1_ENABLED ++//#define MBEDTLS_ECP_DP_BP256R1_ENABLED ++//#define MBEDTLS_ECP_DP_BP384R1_ENABLED ++//#define MBEDTLS_ECP_DP_BP512R1_ENABLED + #define MBEDTLS_ECP_DP_CURVE25519_ENABLED + + /** @@ -476,8 +476,8 @@ * Requires: MBEDTLS_HMAC_DRBG_C * @@ -101,6 +110,15 @@ /** * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED +@@ -823,7 +823,7 @@ + * This option is only useful if both MBEDTLS_SHA256_C and + * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. + */ +-//#define MBEDTLS_ENTROPY_FORCE_SHA256 ++#define MBEDTLS_ENTROPY_FORCE_SHA256 + + /** + * \def MBEDTLS_ENTROPY_NV_SEED @@ -885,7 +885,7 @@ * * Comment this macro to disable support for external private RSA keys. @@ -136,6 +154,16 @@ /** * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES +@@ -1059,8 +1059,8 @@ + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. +- */ + #define MBEDTLS_SSL_RENEGOTIATION ++ */ + + /** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO @@ -1234,8 +1234,8 @@ * callbacks are provided by MBEDTLS_SSL_TICKET_C. * @@ -210,6 +238,16 @@ /** * \def MBEDTLS_DES_C +@@ -1725,8 +1725,8 @@ + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * + * PEM_PARSE uses DES/3DES for decrypting encrypted keys. +- */ + #define MBEDTLS_DES_C ++ */ + + /** + * \def MBEDTLS_DHM_C @@ -1880,8 +1880,8 @@ * Requires: MBEDTLS_MD_C * |