Skip to content

ports/esp32: Disable unused mbedtls options. #13067

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 11, 2023
Merged

ports/esp32: Disable unused mbedtls options. #13067

merged 1 commit into from
Dec 11, 2023

Conversation

Carglglz
Copy link
Contributor

Disable unused EC curves and default certificate bundle which is not implemented in MicroPython.
So this should reduce the firmware size significatively.

dpgeorge
dpgeorge reviewed Nov 28, 2023
View reviewed changes
ports/esp32/boards/sdkconfig.base
CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=n
CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=n
CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=n
CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=n
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In what way are these unused? Do you mean that the other ports don't enable them by default? Or that they can never be utilised during a connection?

Copy link
Contributor Author

@Carglglz Carglglz Nov 28, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Those options were disabled in the other ports in #9506, so now this is for esp32 port.

FYI I've just realised after checking sdkconfig in the build-ESP32_GENERIC dir e.g.

$ cat sdkconfig | grep MBEDTLS
...
CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=y
CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=y
...

And for the bundle certificate

CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=y
CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL=y

Which I think is this file x509_crt_bundle.S and the firmware size diff with this PR is -15568 bytes.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I see, they were removed from other ports in 68f166d

@Carglglz @dpgeorge
esp32/boards/sdkconfig.base: Disable unused mbedtls options.
c393cd7 
Disable unused EC curves and default certificate bundle which is not
implemented in MicroPython.  This reduces the firmware size significantly.

This follows commit 68f166d.

Signed-off-by: Carlos Gil Gonzalez <carlosgilglez@gmail.com>
@dpgeorge dpgeorge merged commit c393cd7 into micropython:master Dec 11, 2023
@dpgeorge
Copy link
Member

Thanks for this!

@Carglglz Carglglz deleted the esp32-fix branch December 11, 2023 03:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dpgeorge dpgeorge dpgeorge left review comments

Assignees
No one assigned
Labels
port-esp32
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Carglglz @dpgeorge