michaelh/zephyr
1
0
Fork 0
Code Releases Activity

modules: mbedtls: remove the default enabling of features

Browse source 
In an effort to shave off code size, remove out-of-the-box
enabling of crypto features (except SHA-256).

Configurations are adjusted to enable what they need.

Bonuses:

- When enabled, AES now defaults to using a smaller version
(`CONFIG_MBEDTLS_AES_ROM_TABLES` isn't default enabled anymore,
and if enabled, `CONFIG_MBEDTLS_AES_FEWER_TABLES` defaults to y).

- Conditions around Mbed TLS Kconfig options have been improved
to reflect the reality of the dependencies.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
This commit is contained in:
Tomi Fontanilles 2024-05-08 16:34:31 +03:00 committed by Maureen Helm
commit c1342b3aa9
17 changed files with 70 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

1
tests/net/lib/lwm2m/interop/prj.conf
View file

@ -78,6 +78,7 @@ CONFIG_MBEDTLS_ENABLE_HEAP=y
# 1280 - 40 - 8 - 21
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=1211
CONFIG_MBEDTLS_HEAP_SIZE=7168
CONFIG_MBEDTLS_CIPHER_AES_ENABLED=y
CONFIG_MBEDTLS_CIPHER_CCM_ENABLED=y
# Disable RSA, we don't parse certs: saves flash/memory
CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_ENABLED=n