esp32/boards/sdkconfig.base: Disable unused mbedtls options.

Disable unused EC curves and default certificate bundle which is not implemented in MicroPython. This reduces the firmware size significantly. This follows commit 68f166dae9ad6dfd94038d5f4394defbb44238af. Signed-off-by: Carlos Gil Gonzalez <carlosgilglez@gmail.com>
author: Carlosgg <carlosgilglez@gmail.com> 2023-11-25 16:24:30 +0000
committer: Damien George <damien@micropython.org> 2023-12-11 12:06:35 +1100
commit: c393cd7e48e1bfffe25a9d0131ceb23b6bad9b05 (patch)
tree: fbb203fc26c18ada3023c1c2ddcb8bf053559399
parent: e1a7aa23fdbfbcf5eee0c37d4da223649129c040 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/ports/esp32/boards/sdkconfig.base b/ports/esp32/boards/sdkconfig.base
index bfc8c6610..05624f0d7 100644
--- a/ports/esp32/boards/sdkconfig.base
+++ b/ports/esp32/boards/sdkconfig.base
@@ -66,6 +66,16 @@ CONFIG_MBEDTLS_HAVE_TIME=y
 # Disable ALPN support as it's not implemented in MicroPython
 CONFIG_MBEDTLS_SSL_ALPN=n
 
+# Disable slow or unused EC curves
+CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=n
+CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=n
+CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=n
+CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=n
+
+# Disable certificate bundle as it's not implemented in MicroPython
+CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n
+CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL=n
+
 # Allow mbedTLS to allocate from PSRAM or internal memory
 #
 # (The ESP-IDF default is internal-only, partly for physical security to prevent
author	Carlosgg <carlosgilglez@gmail.com>	2023-11-25 16:24:30 +0000
committer	Damien George <damien@micropython.org>	2023-12-11 12:06:35 +1100
commit	c393cd7e48e1bfffe25a9d0131ceb23b6bad9b05 (patch)
tree	fbb203fc26c18ada3023c1c2ddcb8bf053559399
parent	e1a7aa23fdbfbcf5eee0c37d4da223649129c040 (diff)