ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-01-23 12:58:23 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

mbedtls: Deactivate ARIA block cipher by default
Some checks failed
Build Kernel / Build all affected Kernels (push) Waiting to run
Details
Build all core packages / Build all core packages for selected target (push) Waiting to run
Details
Build host tools / Build host tools for linux and macos based systems (push) Has been cancelled
Details

Browse Source 
The ARIA block cipher is pretty uncommon in TLS, deactivate it for now.
This saves some space and reduces the possible variations and attack
vectors of mbedtls.

ARIA support was deactivated in OpenWrt 23.05 by default.

Link: https://github.com/openwrt/openwrt/pull/17342
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3c0ef48bc8)
This commit is contained in:
Hauke Mehrtens 2024-12-22 17:33:21 +01:00
parent 993ade9eb3
commit cf887640a3
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libs/mbedtls/Config.in
View File

@ -8,6 +8,10 @@ config MBEDTLS_AES_C
bool "MBEDTLS_AES_C" bool "MBEDTLS_AES_C"
default y default y
config MBEDTLS_ARIA_C
bool "MBEDTLS_ARIA_C"
default n
config MBEDTLS_CAMELLIA_C config MBEDTLS_CAMELLIA_C
bool "MBEDTLS_CAMELLIA_C" bool "MBEDTLS_CAMELLIA_C"
default n default n

1
package/libs/mbedtls/Makefile
View File

@ -37,6 +37,7 @@ MBEDTLS_BUILD_OPTS_CURVES= \
MBEDTLS_BUILD_OPTS_CIPHERS= \ MBEDTLS_BUILD_OPTS_CIPHERS= \
CONFIG_MBEDTLS_AES_C \ CONFIG_MBEDTLS_AES_C \
CONFIG_MBEDTLS_ARIA_C \
CONFIG_MBEDTLS_CAMELLIA_C \ CONFIG_MBEDTLS_CAMELLIA_C \
CONFIG_MBEDTLS_CCM_C \ CONFIG_MBEDTLS_CCM_C \
CONFIG_MBEDTLS_CMAC_C \ CONFIG_MBEDTLS_CMAC_C \