aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@nbd.name>2016-12-10 12:27:23 +0100
committerFelix Fietkau <nbd@nbd.name>2016-12-12 10:22:19 +0100
commit64590f3c7ec8873ab976c795841571217b79a67c (patch)
tree38ba0c7cd4af2ccefa22d29726d431697248d3d8 /package/libs
parent732c24a0cac4293b058c99ff7867fd13a2670eca (diff)
downloadupstream-64590f3c7ec8873ab976c795841571217b79a67c.tar.gz
upstream-64590f3c7ec8873ab976c795841571217b79a67c.tar.bz2
upstream-64590f3c7ec8873ab976c795841571217b79a67c.zip
mbedtls: tune config to reduce size and improve performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'package/libs')
-rw-r--r--package/libs/mbedtls/patches/200-config.patch48
1 files changed, 43 insertions, 5 deletions
diff --git a/package/libs/mbedtls/patches/200-config.patch b/package/libs/mbedtls/patches/200-config.patch
index 9e477ef083..72f0c91c1f 100644
--- a/package/libs/mbedtls/patches/200-config.patch
+++ b/package/libs/mbedtls/patches/200-config.patch
@@ -18,7 +18,7 @@
/**
* \def MBEDTLS_CIPHER_MODE_CTR
-@@ -441,13 +441,13 @@
+@@ -441,17 +441,17 @@
*
* Comment macros to disable the curve and functions for it
*/
@@ -27,15 +27,24 @@
+//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
- #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
- #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+-#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
-#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
++//#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
++//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
- #define MBEDTLS_ECP_DP_BP256R1_ENABLED
- #define MBEDTLS_ECP_DP_BP384R1_ENABLED
+-#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+-#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+-#define MBEDTLS_ECP_DP_BP512R1_ENABLED
++//#define MBEDTLS_ECP_DP_BP256R1_ENABLED
++//#define MBEDTLS_ECP_DP_BP384R1_ENABLED
++//#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+ #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+
+ /**
@@ -476,8 +476,8 @@
* Requires: MBEDTLS_HMAC_DRBG_C
*
@@ -101,6 +110,15 @@
/**
* \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+@@ -823,7 +823,7 @@
+ * This option is only useful if both MBEDTLS_SHA256_C and
+ * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
+ */
+-//#define MBEDTLS_ENTROPY_FORCE_SHA256
++#define MBEDTLS_ENTROPY_FORCE_SHA256
+
+ /**
+ * \def MBEDTLS_ENTROPY_NV_SEED
@@ -885,7 +885,7 @@
*
* Comment this macro to disable support for external private RSA keys.
@@ -136,6 +154,16 @@
/**
* \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
+@@ -1059,8 +1059,8 @@
+ * misuse/misunderstand.
+ *
+ * Comment this to disable support for renegotiation.
+- */
+ #define MBEDTLS_SSL_RENEGOTIATION
++ */
+
+ /**
+ * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
@@ -1234,8 +1234,8 @@
* callbacks are provided by MBEDTLS_SSL_TICKET_C.
*
@@ -210,6 +238,16 @@
/**
* \def MBEDTLS_DES_C
+@@ -1725,8 +1725,8 @@
+ * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *
+ * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
+- */
+ #define MBEDTLS_DES_C
++ */
+
+ /**
+ * \def MBEDTLS_DHM_C
@@ -1880,8 +1880,8 @@
* Requires: MBEDTLS_MD_C
*