package/libs/mbedtls/patches/200-config.patch

   1 --- a/include/mbedtls/config.h
   2 +++ b/include/mbedtls/config.h
   3 @@ -566,17 +566,17 @@
   4   *
   5   * Comment macros to disable the curve and functions for it
   6   */
   7 -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
   8 -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
   9 +//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
  10 +//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
  11  #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
  12  #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
  13 -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
  14 -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
  15 -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
  16 +//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
  17 +//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
  18 +//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
  19  #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
  20 -#define MBEDTLS_ECP_DP_BP256R1_ENABLED
  21 -#define MBEDTLS_ECP_DP_BP384R1_ENABLED
  22 -#define MBEDTLS_ECP_DP_BP512R1_ENABLED
  23 +//#define MBEDTLS_ECP_DP_BP256R1_ENABLED
  24 +//#define MBEDTLS_ECP_DP_BP384R1_ENABLED
  25 +//#define MBEDTLS_ECP_DP_BP512R1_ENABLED
  26  #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
  27
  28  /**
  29 @@ -602,7 +602,7 @@
  30   *
  31   * Comment this macro to disable deterministic ECDSA.
  32   */
  33 -#define MBEDTLS_ECDSA_DETERMINISTIC
  34 +//#define MBEDTLS_ECDSA_DETERMINISTIC
  35
  36  /**
  37   * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
  38 @@ -655,7 +655,7 @@
  39   *             See dhm.h for more details.
  40   *
  41   */
  42 -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
  43 +//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
  44
  45  /**
  46   * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
  47 @@ -675,7 +675,7 @@
  48   *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
  49   *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
  50   */
  51 -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
  52 +//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
  53
  54  /**
  55   * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
  56 @@ -700,7 +700,7 @@
  57   *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
  58   *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
  59   */
  60 -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
  61 +//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
  62
  63  /**
  64   * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
  65 @@ -834,7 +834,7 @@
  66   *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
  67   *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
  68   */
  69 -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
  70 +//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
  71
  72  /**
  73   * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
  74 @@ -858,7 +858,7 @@
  75   *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
  76   *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
  77   */
  78 -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
  79 +//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
  80
  81  /**
  82   * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
  83 @@ -962,7 +962,7 @@
  84   * This option is only useful if both MBEDTLS_SHA256_C and
  85   * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
  86   */
  87 -//#define MBEDTLS_ENTROPY_FORCE_SHA256
  88 +#define MBEDTLS_ENTROPY_FORCE_SHA256
  89
  90  /**
  91   * \def MBEDTLS_ENTROPY_NV_SEED
  92 @@ -1057,14 +1057,14 @@
  93   * Uncomment this macro to disable the use of CRT in RSA.
  94   *
  95   */
  96 -//#define MBEDTLS_RSA_NO_CRT
  97 +#define MBEDTLS_RSA_NO_CRT
  98
  99  /**
 100   * \def MBEDTLS_SELF_TEST
 101   *
 102   * Enable the checkup functions (*_self_test).
 103   */
 104 -#define MBEDTLS_SELF_TEST
 105 +//#define MBEDTLS_SELF_TEST
 106
 107  /**
 108   * \def MBEDTLS_SHA256_SMALLER
 109 @@ -1080,7 +1080,7 @@
 110   *
 111   * Uncomment to enable the smaller implementation of SHA256.
 112   */
 113 -//#define MBEDTLS_SHA256_SMALLER
 114 +#define MBEDTLS_SHA256_SMALLER
 115
 116  /**
 117   * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
 118 @@ -1207,7 +1207,7 @@
 119   *          configuration of this extension).
 120   *
 121   */
 122 -#define MBEDTLS_SSL_RENEGOTIATION
 123 +//#define MBEDTLS_SSL_RENEGOTIATION
 124
 125  /**
 126   * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
 127 @@ -1382,7 +1382,7 @@
 128   *
 129   * Comment this macro to disable support for SSL session tickets
 130   */
 131 -#define MBEDTLS_SSL_SESSION_TICKETS
 132 +//#define MBEDTLS_SSL_SESSION_TICKETS
 133
 134  /**
 135   * \def MBEDTLS_SSL_EXPORT_KEYS
 136 @@ -1412,7 +1412,7 @@
 137   *
 138   * Comment this macro to disable support for truncated HMAC in SSL
 139   */
 140 -#define MBEDTLS_SSL_TRUNCATED_HMAC
 141 +//#define MBEDTLS_SSL_TRUNCATED_HMAC
 142
 143  /**
 144   * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
 145 @@ -1471,7 +1471,7 @@
 146   *
 147   * Comment this to disable run-time checking and save ROM space
 148   */
 149 -#define MBEDTLS_VERSION_FEATURES
 150 +//#define MBEDTLS_VERSION_FEATURES
 151
 152  /**
 153   * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
 154 @@ -1801,7 +1801,7 @@
 155   *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
 156   *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
 157   */
 158 -#define MBEDTLS_CAMELLIA_C
 159 +//#define MBEDTLS_CAMELLIA_C
 160
 161  /**
 162   * \def MBEDTLS_CCM_C
 163 @@ -1815,7 +1815,7 @@
 164   * This module enables the AES-CCM ciphersuites, if other requisites are
 165   * enabled as well.
 166   */
 167 -#define MBEDTLS_CCM_C
 168 +//#define MBEDTLS_CCM_C
 169
 170  /**
 171   * \def MBEDTLS_CERTS_C
 172 @@ -1827,7 +1827,7 @@
 173   *
 174   * This module is used for testing (ssl_client/server).
 175   */
 176 -#define MBEDTLS_CERTS_C
 177 +//#define MBEDTLS_CERTS_C
 178
 179  /**
 180   * \def MBEDTLS_CIPHER_C
 181 @@ -1880,7 +1880,7 @@
 182   *
 183   * This module provides debugging functions.
 184   */
 185 -#define MBEDTLS_DEBUG_C
 186 +//#define MBEDTLS_DEBUG_C
 187
 188  /**
 189   * \def MBEDTLS_DES_C
 190 @@ -1909,7 +1909,7 @@
 191   * \warning   DES is considered a weak cipher and its use constitutes a
 192   *            security risk. We recommend considering stronger ciphers instead.
 193   */
 194 -#define MBEDTLS_DES_C
 195 +//#define MBEDTLS_DES_C
 196
 197  /**
 198   * \def MBEDTLS_DHM_C
 199 @@ -2071,7 +2071,7 @@
 200   *
 201   * Uncomment to enable the HMAC_DRBG random number geerator.
 202   */
 203 -#define MBEDTLS_HMAC_DRBG_C
 204 +//#define MBEDTLS_HMAC_DRBG_C
 205
 206  /**
 207   * \def MBEDTLS_MD_C
 208 @@ -2354,7 +2354,7 @@
 209   *
 210   * This module enables abstraction of common (libc) functions.
 211   */
 212 -#define MBEDTLS_PLATFORM_C
 213 +//#define MBEDTLS_PLATFORM_C
 214
 215  /**
 216   * \def MBEDTLS_RIPEMD160_C
 217 @@ -2365,7 +2365,7 @@
 218   * Caller:  library/md.c
 219   *
 220   */
 221 -#define MBEDTLS_RIPEMD160_C
 222 +//#define MBEDTLS_RIPEMD160_C
 223
 224  /**
 225   * \def MBEDTLS_RSA_C
 226 @@ -2472,7 +2472,7 @@
 227   *
 228   * Requires: MBEDTLS_CIPHER_C
 229   */
 230 -#define MBEDTLS_SSL_TICKET_C
 231 +//#define MBEDTLS_SSL_TICKET_C
 232
 233  /**
 234   * \def MBEDTLS_SSL_CLI_C
 235 @@ -2572,7 +2572,7 @@
 236   *
 237   * This module provides run-time version information.
 238   */
 239 -#define MBEDTLS_VERSION_C
 240 +//#define MBEDTLS_VERSION_C
 241
 242  /**
 243   * \def MBEDTLS_X509_USE_C
 244 @@ -2682,7 +2682,7 @@
 245   * Module:  library/xtea.c
 246   * Caller:
 247   */
 248 -#define MBEDTLS_XTEA_C
 249 +//#define MBEDTLS_XTEA_C
 250
 251  /* \} name SECTION: mbed TLS modules */
 252