8000 extmod/mbedtls: Enable elliptic curve DH and DSA cryptography. · micropython/micropython@b41c0ca · GitHub
[go: up one dir, main page]
Skip to content

Commit b41c0ca

Browse files
dpgeorgedpgeorge
committed
extmod/mbedtls: Enable elliptic curve DH and DSA cryptography.
This is necessary to access sites that only support these protocols. The rp2 port already has ECDH enabled, so this just adds ECDSA. The other ports now gain both ECDH and ECDSA. The code size increase is: - rp2 (PICO_W): +2916 bytes flash, +24 bytes BSS - stm32 (PYBD_SF6): +20480 bytes flash, +32 bytes data, +48 bytes BSS - mimxrt (TEENSY41): +20708 bytes flash, +32 bytes data, +48 bytes BSS - unix (standard x86-64): +39344 executable, +1744 bytes data, +96 BSS Signed-off-by: Damien George <damien@micropython.org>
1 parent 2b9bee8 commit b41c0ca

File tree

4 files changed

+6
-9
lines changed

4 files changed

+6
-9
lines changed

extmod/mbedtls/mbedtls_config_common.h

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,8 @@
4747
#define MBEDTLS_ECP_DP_BP512R1_ENABLED
4848
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
4949
#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
50+
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
51+
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
5052
#define MBEDTLS_NO_PLATFORM_ENTROPY
5153
#define MBEDTLS_PKCS1_V15
5254
#define MBEDTLS_SHA256_SMALLER
@@ -63,9 +65,13 @@
6365
// Enable mbedtls modules.
6466
#define MBEDTLS_AES_C
6567
#define MBEDTLS_ASN1_PARSE_C
68+
#define MBEDTLS_ASN1_WRITE_C
6669
#define MBEDTLS_BIGNUM_C
6770
#define MBEDTLS_CIPHER_C
6871
#define MBEDTLS_CTR_DRBG_C
72+
#define MBEDTLS_ECDH_C
73+
#define MBEDTLS_ECDSA_C
74+
#define MBEDTLS_ECP_C
6975
#define MBEDTLS_ENTROPY_C
7076
#define MBEDTLS_ERROR_C
7177
#define MBEDTLS_MD_C

ports/mimxrt/mbedtls/mbedtls_config.h

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,6 @@
2626
#ifndef MICROPY_INCLUDED_MBEDTLS_CONFIG_H
2727
#define MICROPY_INCLUDED_MBEDTLS_CONFIG_H
2828

29-
// Enable mbedtls modules
30-
// #define MBEDTLS_ECP_C
31-
3229
// Set MicroPython-specific options.
3330
#define MICROPY_MBEDTLS_CONFIG_BARE_METAL (1)
3431

ports/rp2/mbedtls/mbedtls_config.h

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -28,11 +28,8 @@
2828

2929
// Set mbedtls configuration
3030
#define MBEDTLS_ECP_NIST_OPTIM
31-
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
3231

3332
// Enable mbedtls modules
34-
#define MBEDTLS_ECDH_C
35-
#define MBEDTLS_ECP_C
3633
#define MBEDTLS_GCM_C
3734
#define MBEDTLS_HAVE_TIME
3835
#define MBEDTLS_HAVE_TIME_DATE

ports/stm32/mbedtls/mbedtls_config.h

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,6 @@
2626
#ifndef MICROPY_INCLUDED_MBEDTLS_CONFIG_H
2727
#define MICROPY_INCLUDED_MBEDTLS_CONFIG_H
2828

29-
// Enable mbedtls modules
30-
// #define MBEDTLS_ECP_C
31-
3229
// Set MicroPython-specific options.
3330
#define MICROPY_MBEDTLS_CONFIG_BARE_METAL (1)
3431

0 commit comments

Comments
 (0)
0