Enable more key exchange methods
This is intended (but not entirely verified) to match our esp32 builds. It does fix accessing https://circuitpython.org, which failed before with "MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE". It still doesn't work on a personal website of mine with valid letsencrypt certificate but I haven't verified whether it works on esp32s2 with CP. That site only allows TLS 1.3, while this mbedtls only supports up to 1.2. The version of mbedtls we adopted based on micropython's use has no TLS 1.3 support, but the one in espressif esp-idf does.
This commit is contained in:
parent
fabfdcf6fe
commit
14f2309b6f
@ -50,8 +50,16 @@
|
||||
#define MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
#define MBEDTLS_ECP_NIST_OPTIM
|
||||
#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
|
||||
#define MBEDTLS_NO_PLATFORM_ENTROPY
|
||||
#define MBEDTLS_PKCS1_V15
|
||||
#define MBEDTLS_SHA256_SMALLER
|
||||
@ -68,10 +76,12 @@
|
||||
// Enable mbedtls modules
|
||||
#define MBEDTLS_AES_C
|
||||
#define MBEDTLS_ASN1_PARSE_C
|
||||
#define MBEDTLS_ASN1_WRITE_C
|
||||
#define MBEDTLS_BIGNUM_C
|
||||
#define MBEDTLS_CIPHER_C
|
||||
#define MBEDTLS_CTR_DRBG_C
|
||||
#define MBEDTLS_ECDH_C
|
||||
#define MBEDTLS_ECDSA_C
|
||||
#define MBEDTLS_ECP_C
|
||||
#define MBEDTLS_ENTROPY_C
|
||||
#define MBEDTLS_ERROR_C
|
||||
@ -94,6 +104,7 @@
|
||||
#define MBEDTLS_X509_CRT_PARSE_C
|
||||
#define MBEDTLS_X509_USE_C
|
||||
#define MBEDTLS_HAVE_TIME
|
||||
#define MBEDTLS_DHM_C // needed by DHE_PSK
|
||||
#undef MBEDTLS_HAVE_TIME_DATE
|
||||
|
||||
// Memory allocation hooks
|
||||
|
Loading…
Reference in New Issue
Block a user