From a5898da7f5a6e4dc8d3b0b095e6acf7b1f8ff4a6 Mon Sep 17 00:00:00 2001 From: Jukka Rissanen Date: Mon, 26 Jun 2017 15:12:04 +0300 Subject: [PATCH] ext: lib: mbedtls: Optimize example config for Zephyr This changes increases content buffer length MBEDTLS_SSL_MAX_CONTENT_LEN to 1500 bytes so that we can use this config for echo-client and echo-server network sample applications which need to send bigger data than 1024 bytes. Removing MBEDTLS_PEM_PARSE_C as we do not have any cert in PEM format. Place various MBEDTLS debug options behind CONFIG_MBEDTLS_DEBUG Kconfig option which was introduced in previous commit. Signed-off-by: Jukka Rissanen --- .../mbedtls/configs/config-mini-tls1_2.h | 34 +++++++------------ 1 file changed, 12 insertions(+), 22 deletions(-) diff --git a/ext/lib/crypto/mbedtls/configs/config-mini-tls1_2.h b/ext/lib/crypto/mbedtls/configs/config-mini-tls1_2.h index e39c3cfe0f75..4ff640301547 100644 --- a/ext/lib/crypto/mbedtls/configs/config-mini-tls1_2.h +++ b/ext/lib/crypto/mbedtls/configs/config-mini-tls1_2.h @@ -1,26 +1,11 @@ /* - * Minimal configuration for TLS 1.1 (RFC 4346) + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (c) 2017 Intel Corporation. * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the - * required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * Minimal configuration for TLS 1.1 (RFC 4346) for Zephyr, implementing only + * the required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA * * See README.txt for usage instructions. */ @@ -81,10 +66,15 @@ /* For test certificates */ #define MBEDTLS_BASE64_C #define MBEDTLS_CERTS_C -#define MBEDTLS_PEM_PARSE_C +#if defined(CONFIG_MBEDTLS_DEBUG) +#define MBEDTLS_ERROR_C +#define MBEDTLS_DEBUG_C +#define MBEDTLS_SSL_DEBUG_ALL +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES +#endif -#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 +#define MBEDTLS_SSL_MAX_CONTENT_LEN 1500 #include "mbedtls/check_config.h"