All ports using this common configuration already enable time/date
validation, so this commit is a no-op change.
Signed-off-by: Damien George <damien@micropython.org>
They are much slower than NIST (SECP) curves and shouldn't be needed.
Reduces rp2 PICO_W firmware by 1328 bytes.
Thanks to @Carglglz for the information.
Signed-off-by: Damien George <damien@micropython.org>
Curve25519 arithmetic is supported in mbedtls, but it's not used for TLS.
So there's no need to have this option enabled.
Reduces rp2 PICO_W firmware by 2440 bytes.
Thanks to @Carglglz for the information.
Signed-off-by: Damien George <damien@micropython.org>
This is necessary to access sites that only support these protocols.
The rp2 port already has ECDH enabled, so this just adds ECDSA there. The
other ports now gain both ECDH and ECDSA. The code size increase is:
- rp2 (PICO_W): +2916 bytes flash, +24 bytes BSS
- stm32 (PYBD_SF6): +20480 bytes flash, +32 bytes data, +48 bytes BSS
- mimxrt (TEENSY41): +20708 bytes flash, +32 bytes data, +48 bytes BSS
- unix (standard x86-64): +39344 executable, +1744 bytes data, +96 BSS
This is obviously a large increase in code size. But there doesn't seem to
be any other option because without elliptic curve cryptography devices are
partially cut off from the internet. For use cases that require small
firmware size, they'll need to build custom firmware with a custom mbedtls
config.
Signed-off-by: Damien George <damien@micropython.org>