mibi88
/
PythonExtra
forked from Lephenixnoir/PythonExtra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
14,211 Commits 2 Branches 0 Tags 61 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Damien George 68f166dae9 extmod/mbedtls: Remove brainpool curves from config. 
They are much slower than NIST (SECP) curves and shouldn't be needed.

Reduces rp2 PICO_W firmware by 1328 bytes.

Thanks to @Carglglz for the information.

Signed-off-by: Damien George <damien@micropython.org>
 2022-10-22 19:12:46 +11:00
Damien George e24159dec9 extmod/mbedtls: Remove MBEDTLS_ECP_DP_CURVE25519_ENABLED config. 
Curve25519 arithmetic is supported in mbedtls, but it's not used for TLS.
So there's no need to have this option enabled.

Reduces rp2 PICO_W firmware by 2440 bytes.

Thanks to @Carglglz for the information.

Signed-off-by: Damien George <damien@micropython.org>
 2022-10-22 19:12:46 +11:00
Damien George 8874a09119 extmod/mbedtls: Enable elliptic curve DH and DSA cryptography. 
This is necessary to access sites that only support these protocols.

The rp2 port already has ECDH enabled, so this just adds ECDSA there.  The
other ports now gain both ECDH and ECDSA.  The code size increase is:

- rp2 (PICO_W): +2916 bytes flash, +24 bytes BSS
- stm32 (PYBD_SF6): +20480 bytes flash, +32 bytes data, +48 bytes BSS
- mimxrt (TEENSY41): +20708 bytes flash, +32 bytes data, +48 bytes BSS
- unix (standard x86-64): +39344 executable, +1744 bytes data, +96 BSS

This is obviously a large increase in code size.  But there doesn't seem to
be any other option because without elliptic curve cryptography devices are
partially cut off from the internet.  For use cases that require small
firmware size, they'll need to build custom firmware with a custom mbedtls
config.

Signed-off-by: Damien George <damien@micropython.org>
 2022-10-22 19:08:21 +11:00
Damien George 9347545f9e extmod/mbedtls: Enable MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE. 
This was already enabled on all ports except mimxrt.  Now it's enabled on
all of them.

Signed-off-by: Damien George <damien@micropython.org>
 2022-10-22 19:06:21 +11:00
Damien George b337678964 extmod/mbedtls: Add common configuration file, and use it in all ports. 
This is a no-op change.

Signed-off-by: Damien George <damien@micropython.org>
 2022-10-22 19:06:21 +11:00