ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-28 09:39:00 +00:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity
5709254690
openwrt/package/libs/mbedtls/Config.in
Hauke Mehrtens 0e06642643 mbedtls: Update to version 3.6.0 
This adds support for mbedtls 3.6.0.
The 3.6 version is the next LTS version of mbedtls.
This version supports TLS 1.3.

This switches to download using git. The codeload tar file misses some
git submodules.

Add some extra options added in mbedtls 3.6.0.

The size of the compressed ipkg increases:
230933 bin/packages/mips_24kc/base/libmbedtls13_2.28.7-r2_mips_24kc.ipk
300154 bin/packages/mips_24kc/base/libmbedtls14_3.6.0-r1_mips_24kc.ipk

The removed patch was integrated upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:37 +02:00

239 lines
5.1 KiB
Plaintext
Raw Blame History

if PACKAGE_libmbedtls
comment "Option details in source code: include/mbedtls/mbedtls_config.h"
comment "Ciphers - unselect old or less-used ciphers to reduce binary size"
config MBEDTLS_AES_C
bool "MBEDTLS_AES_C"
default y
config MBEDTLS_CAMELLIA_C
bool "MBEDTLS_CAMELLIA_C"
default n
config MBEDTLS_CCM_C
bool "MBEDTLS_CCM_C"
default n
config MBEDTLS_CMAC_C
bool "MBEDTLS_CMAC_C (old but used by hostapd)"
default y
config MBEDTLS_DES_C
bool "MBEDTLS_DES_C (old but used by hostapd)"
default y
config MBEDTLS_GCM_C
bool "MBEDTLS_GCM_C"
default y
config MBEDTLS_NIST_KW_C
bool "MBEDTLS_NIST_KW_C (old but used by hostapd)"
default y
config MBEDTLS_RIPEMD160_C
bool "MBEDTLS_RIPEMD160_C"
default n
config MBEDTLS_XTEA_C
bool "MBEDTLS_XTEA_C"
default n
config MBEDTLS_RSA_NO_CRT
bool "MBEDTLS_RSA_NO_CRT"
default y
config MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED"
default y
config MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED"
default n
config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED"
default y
config MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED"
default n
config MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED"
default n
config MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED"
default n
config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED"
default y
config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED"
default y
config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
default n
config MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
bool "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED"
default n
comment "Curves - unselect old or less-used curves to reduce binary size"
config MBEDTLS_ECP_DP_SECP192R1_ENABLED
bool "MBEDTLS_ECP_DP_SECP192R1_ENABLED"
default n
config MBEDTLS_ECP_DP_SECP224R1_ENABLED
bool "MBEDTLS_ECP_DP_SECP224R1_ENABLED"
default n
config MBEDTLS_ECP_DP_SECP256R1_ENABLED
bool "MBEDTLS_ECP_DP_SECP256R1_ENABLED"
default y
config MBEDTLS_ECP_DP_SECP384R1_ENABLED
bool "MBEDTLS_ECP_DP_SECP384R1_ENABLED"
default y
config MBEDTLS_ECP_DP_SECP521R1_ENABLED
bool "MBEDTLS_ECP_DP_SECP521R1_ENABLED"
default y
config MBEDTLS_ECP_DP_SECP192K1_ENABLED
bool "MBEDTLS_ECP_DP_SECP192K1_ENABLED"
default n
config MBEDTLS_ECP_DP_SECP224K1_ENABLED
bool "MBEDTLS_ECP_DP_SECP224K1_ENABLED"
default n
config MBEDTLS_ECP_DP_SECP256K1_ENABLED
bool "MBEDTLS_ECP_DP_SECP256K1_ENABLED"
default y
config MBEDTLS_ECP_DP_BP256R1_ENABLED
bool "MBEDTLS_ECP_DP_BP256R1_ENABLED"
default n
config MBEDTLS_ECP_DP_BP384R1_ENABLED
bool "MBEDTLS_ECP_DP_BP384R1_ENABLED"
default n
config MBEDTLS_ECP_DP_BP512R1_ENABLED
bool "MBEDTLS_ECP_DP_BP512R1_ENABLED"
default n
config MBEDTLS_ECP_DP_CURVE25519_ENABLED
bool "MBEDTLS_ECP_DP_CURVE25519_ENABLED"
default y
config MBEDTLS_ECP_DP_CURVE448_ENABLED
bool "MBEDTLS_ECP_DP_CURVE448_ENABLED"
default n
comment "Build Options - unselect features to reduce binary size"
config MBEDTLS_CERTS_C
bool "MBEDTLS_CERTS_C"
default n
config MBEDTLS_CIPHER_MODE_OFB
bool "MBEDTLS_CIPHER_MODE_OFB"
default n
config MBEDTLS_CIPHER_MODE_XTS
bool "MBEDTLS_CIPHER_MODE_XTS"
default n
config MBEDTLS_DEBUG_C
bool "MBEDTLS_DEBUG_C"
default n
config MBEDTLS_HKDF_C
bool "MBEDTLS_HKDF_C"
default n
config MBEDTLS_PLATFORM_C
bool "MBEDTLS_PLATFORM_C"
default n
config MBEDTLS_SELF_TEST
bool "MBEDTLS_SELF_TEST"
default n
config MBEDTLS_SSL_TRUNCATED_HMAC
bool "MBEDTLS_SSL_TRUNCATED_HMAC"
default n
config MBEDTLS_THREADING_C
bool "MBEDTLS_THREADING_C"
default y
config MBEDTLS_THREADING_PTHREAD
def_bool MBEDTLS_THREADING_C
config MBEDTLS_VERSION_C
bool "MBEDTLS_VERSION_C"
default n
config MBEDTLS_VERSION_FEATURES
bool "MBEDTLS_VERSION_FEATURES"
default n
config MBEDTLS_PSA_CRYPTO_CLIENT
bool "MBEDTLS_PSA_CRYPTO_CLIENT"
config MBEDTLS_DEPRECATED_WARNING
bool "MBEDTLS_DEPRECATED_WARNING"
default n
config MBEDTLS_SSL_PROTO_TLS1_2
bool "MBEDTLS_SSL_PROTO_TLS1_2"
default y
config MBEDTLS_SSL_PROTO_TLS1_3
bool "MBEDTLS_SSL_PROTO_TLS1_3"
select MBEDTLS_PSA_CRYPTO_CLIENT
select MBEDTLS_HKDF_C
default y
config MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
bool "MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE"
depends on MBEDTLS_SSL_PROTO_TLS1_3
default y
config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
bool "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED"
depends on MBEDTLS_SSL_PROTO_TLS1_3
default y
config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
bool "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED"
depends on MBEDTLS_SSL_PROTO_TLS1_3
default y
config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
bool "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED"
depends on MBEDTLS_SSL_PROTO_TLS1_3
default y
comment "Build Options"
config MBEDTLS_ENTROPY_FORCE_SHA256
bool "MBEDTLS_ENTROPY_FORCE_SHA256"
default y
config MBEDTLS_SSL_RENEGOTIATION
bool "MBEDTLS_SSL_RENEGOTIATION"
depends on MBEDTLS_SSL_PROTO_TLS1_2
default n
endif
Reference in New Issue View Git Blame Copy Permalink