mbedtls: cleanup config patch
[openwrt/openwrt.git] / package / libs / mbedtls / patches / 200-config.patch
1 --- a/include/mbedtls/config.h
2 +++ b/include/mbedtls/config.h
3 @@ -566,17 +566,17 @@
4 *
5 * Comment macros to disable the curve and functions for it
6 */
7 -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
8 -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
9 +//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
10 +//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
11 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
12 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
13 -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
14 -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
15 -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
16 +//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
17 +//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
18 +//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
19 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
20 -#define MBEDTLS_ECP_DP_BP256R1_ENABLED
21 -#define MBEDTLS_ECP_DP_BP384R1_ENABLED
22 -#define MBEDTLS_ECP_DP_BP512R1_ENABLED
23 +//#define MBEDTLS_ECP_DP_BP256R1_ENABLED
24 +//#define MBEDTLS_ECP_DP_BP384R1_ENABLED
25 +//#define MBEDTLS_ECP_DP_BP512R1_ENABLED
26 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
27
28 /**
29 @@ -602,7 +602,7 @@
30 *
31 * Comment this macro to disable deterministic ECDSA.
32 */
33 -#define MBEDTLS_ECDSA_DETERMINISTIC
34 +//#define MBEDTLS_ECDSA_DETERMINISTIC
35
36 /**
37 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
38 @@ -655,7 +655,7 @@
39 * See dhm.h for more details.
40 *
41 */
42 -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
43 +//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
44
45 /**
46 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
47 @@ -675,7 +675,7 @@
48 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
49 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
50 */
51 -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
52 +//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
53
54 /**
55 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
56 @@ -700,7 +700,7 @@
57 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
58 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
59 */
60 -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
61 +//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
62
63 /**
64 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
65 @@ -834,7 +834,7 @@
66 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
67 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
68 */
69 -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
70 +//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
71
72 /**
73 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
74 @@ -858,7 +858,7 @@
75 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
76 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
77 */
78 -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
79 +//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
80
81 /**
82 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
83 @@ -962,7 +962,7 @@
84 * This option is only useful if both MBEDTLS_SHA256_C and
85 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
86 */
87 -//#define MBEDTLS_ENTROPY_FORCE_SHA256
88 +#define MBEDTLS_ENTROPY_FORCE_SHA256
89
90 /**
91 * \def MBEDTLS_ENTROPY_NV_SEED
92 @@ -1057,14 +1057,14 @@
93 * Uncomment this macro to disable the use of CRT in RSA.
94 *
95 */
96 -//#define MBEDTLS_RSA_NO_CRT
97 +#define MBEDTLS_RSA_NO_CRT
98
99 /**
100 * \def MBEDTLS_SELF_TEST
101 *
102 * Enable the checkup functions (*_self_test).
103 */
104 -#define MBEDTLS_SELF_TEST
105 +//#define MBEDTLS_SELF_TEST
106
107 /**
108 * \def MBEDTLS_SHA256_SMALLER
109 @@ -1080,7 +1080,7 @@
110 *
111 * Uncomment to enable the smaller implementation of SHA256.
112 */
113 -//#define MBEDTLS_SHA256_SMALLER
114 +#define MBEDTLS_SHA256_SMALLER
115
116 /**
117 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
118 @@ -1207,7 +1207,7 @@
119 * configuration of this extension).
120 *
121 */
122 -#define MBEDTLS_SSL_RENEGOTIATION
123 +//#define MBEDTLS_SSL_RENEGOTIATION
124
125 /**
126 * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
127 @@ -1382,7 +1382,7 @@
128 *
129 * Comment this macro to disable support for SSL session tickets
130 */
131 -#define MBEDTLS_SSL_SESSION_TICKETS
132 +//#define MBEDTLS_SSL_SESSION_TICKETS
133
134 /**
135 * \def MBEDTLS_SSL_EXPORT_KEYS
136 @@ -1412,7 +1412,7 @@
137 *
138 * Comment this macro to disable support for truncated HMAC in SSL
139 */
140 -#define MBEDTLS_SSL_TRUNCATED_HMAC
141 +//#define MBEDTLS_SSL_TRUNCATED_HMAC
142
143 /**
144 * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
145 @@ -1471,7 +1471,7 @@
146 *
147 * Comment this to disable run-time checking and save ROM space
148 */
149 -#define MBEDTLS_VERSION_FEATURES
150 +//#define MBEDTLS_VERSION_FEATURES
151
152 /**
153 * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
154 @@ -1801,7 +1801,7 @@
155 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
156 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
157 */
158 -#define MBEDTLS_CAMELLIA_C
159 +//#define MBEDTLS_CAMELLIA_C
160
161 /**
162 * \def MBEDTLS_CCM_C
163 @@ -1815,7 +1815,7 @@
164 * This module enables the AES-CCM ciphersuites, if other requisites are
165 * enabled as well.
166 */
167 -#define MBEDTLS_CCM_C
168 +//#define MBEDTLS_CCM_C
169
170 /**
171 * \def MBEDTLS_CERTS_C
172 @@ -1827,7 +1827,7 @@
173 *
174 * This module is used for testing (ssl_client/server).
175 */
176 -#define MBEDTLS_CERTS_C
177 +//#define MBEDTLS_CERTS_C
178
179 /**
180 * \def MBEDTLS_CIPHER_C
181 @@ -1880,7 +1880,7 @@
182 *
183 * This module provides debugging functions.
184 */
185 -#define MBEDTLS_DEBUG_C
186 +//#define MBEDTLS_DEBUG_C
187
188 /**
189 * \def MBEDTLS_DES_C
190 @@ -1909,7 +1909,7 @@
191 * \warning DES is considered a weak cipher and its use constitutes a
192 * security risk. We recommend considering stronger ciphers instead.
193 */
194 -#define MBEDTLS_DES_C
195 +//#define MBEDTLS_DES_C
196
197 /**
198 * \def MBEDTLS_DHM_C
199 @@ -2071,7 +2071,7 @@
200 *
201 * Uncomment to enable the HMAC_DRBG random number geerator.
202 */
203 -#define MBEDTLS_HMAC_DRBG_C
204 +//#define MBEDTLS_HMAC_DRBG_C
205
206 /**
207 * \def MBEDTLS_MD_C
208 @@ -2354,7 +2354,7 @@
209 *
210 * This module enables abstraction of common (libc) functions.
211 */
212 -#define MBEDTLS_PLATFORM_C
213 +//#define MBEDTLS_PLATFORM_C
214
215 /**
216 * \def MBEDTLS_RIPEMD160_C
217 @@ -2365,7 +2365,7 @@
218 * Caller: library/md.c
219 *
220 */
221 -#define MBEDTLS_RIPEMD160_C
222 +//#define MBEDTLS_RIPEMD160_C
223
224 /**
225 * \def MBEDTLS_RSA_C
226 @@ -2450,7 +2450,7 @@
227 *
228 * Requires: MBEDTLS_SSL_CACHE_C
229 */
230 -#define MBEDTLS_SSL_CACHE_C
231 +//#define MBEDTLS_SSL_CACHE_C
232
233 /**
234 * \def MBEDTLS_SSL_COOKIE_C
235 @@ -2472,7 +2472,7 @@
236 *
237 * Requires: MBEDTLS_CIPHER_C
238 */
239 -#define MBEDTLS_SSL_TICKET_C
240 +//#define MBEDTLS_SSL_TICKET_C
241
242 /**
243 * \def MBEDTLS_SSL_CLI_C
244 @@ -2572,7 +2572,7 @@
245 *
246 * This module provides run-time version information.
247 */
248 -#define MBEDTLS_VERSION_C
249 +//#define MBEDTLS_VERSION_C
250
251 /**
252 * \def MBEDTLS_X509_USE_C
253 @@ -2682,7 +2682,7 @@
254 * Module: library/xtea.c
255 * Caller:
256 */
257 -#define MBEDTLS_XTEA_C
258 +//#define MBEDTLS_XTEA_C
259
260 /* \} name SECTION: mbed TLS modules */
261