ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-28 01:28:59 +00:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

mbedtls: Deactivate ARIA block cipher by default

Browse Source 
The ARIA block cipher is pretty uncommon in TLS, deactivate it for now.
This saves some space and reduces the possible variations and attack
vectors of mbedtls.

ARIA support was deactivated in OpenWrt 23.05 by default.

Link: https://github.com/openwrt/openwrt/pull/17342
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Hauke Mehrtens 2024-12-22 17:33:21 +01:00
parent 4e68103c4e
commit 3c0ef48bc8
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libs/mbedtls/Config.in
View File

@ -8,6 +8,10 @@ config MBEDTLS_AES_C
bool "MBEDTLS_AES_C"
default y
config MBEDTLS_ARIA_C
bool "MBEDTLS_ARIA_C"
default n
config MBEDTLS_CAMELLIA_C
bool "MBEDTLS_CAMELLIA_C"
default n

1
package/libs/mbedtls/Makefile
View File

@ -37,6 +37,7 @@ MBEDTLS_BUILD_OPTS_CURVES= \
MBEDTLS_BUILD_OPTS_CIPHERS= \
CONFIG_MBEDTLS_AES_C \
CONFIG_MBEDTLS_ARIA_C \
CONFIG_MBEDTLS_CAMELLIA_C \
CONFIG_MBEDTLS_CCM_C \
CONFIG_MBEDTLS_CMAC_C \