polarssl: disable an unused random number generator

[15.05/openwrt.git] / package / libs / polarssl / patches / 200-reduce_config.patch

diff --git a/package/libs/polarssl/patches/200-reduce_config.patch b/package/libs/polarssl/patches/200-reduce_config.patch
index c66bb3f..9586e19 100644 (file)
--- a/package/libs/polarssl/patches/200-reduce_config.patch
+++ b/package/libs/polarssl/patches/200-reduce_config.patch
@@ -1,16 +1,96 @@
 --- a/include/polarssl/config.h
 +++ b/include/polarssl/config.h
-@@ -177,8 +177,8 @@
-  * Requires: POLARSSL_BIGNUM_C, POLARSSL_RSA_C
+@@ -370,8 +370,8 @@
+  * Requires: POLARSSL_HMAC_DRBG_C
   *
-  * Enable the RSA prime-number generation code.
+  * Comment this macro to disable deterministic ECDSA.
 - */
- #define POLARSSL_GENPRIME
+ #define POLARSSL_ECDSA_DETERMINISTIC
 + */
  
  /**
-  * \def POLARSSL_FS_IO
-@@ -235,8 +235,8 @@
+  * \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED
+@@ -392,8 +392,8 @@
+  *      TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+  *      TLS_PSK_WITH_3DES_EDE_CBC_SHA
+  *      TLS_PSK_WITH_RC4_128_SHA
+- */
+ #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
+@@ -416,8 +416,8 @@
+  *      TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+  *      TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+  *      TLS_DHE_PSK_WITH_RC4_128_SHA
+- */
+ #define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+@@ -436,8 +436,8 @@
+  *      TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+  *      TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+  *      TLS_ECDHE_PSK_WITH_RC4_128_SHA
+- */
+ #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
+@@ -461,8 +461,8 @@
+  *      TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+  *      TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+  *      TLS_RSA_PSK_WITH_RC4_128_SHA
+- */
+ #define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED
+@@ -540,8 +540,8 @@
+  *      TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+  *      TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+  *      TLS_ECDHE_RSA_WITH_RC4_128_SHA
+- */
+ #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+@@ -564,8 +564,8 @@
+  *      TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+  *      TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+  *      TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+- */
+ #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+@@ -588,8 +588,8 @@
+  *      TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+  *      TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+  *      TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+- */
+ #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
+@@ -612,8 +612,8 @@
+  *      TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+  *      TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+  *      TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+- */
+ #define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
++ */
+ 
+ /**
+  * \def POLARSSL_PK_PARSE_EC_EXTENDED
+@@ -775,8 +775,8 @@
   * \def POLARSSL_SELF_TEST
   *
   * Enable the checkup functions (*_self_test).
@@ -19,19 +99,19 @@
 + */
  
  /**
-  * \def POLARSSL_SSL_ALL_ALERT_MESSAGES
-@@ -425,8 +425,8 @@
-  *      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
-  *      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
-  *      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+  * \def POLARSSL_SSL_AEAD_RANDOM_IV
+@@ -1395,8 +1395,8 @@
+  *      TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+  *      TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+  *      TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
 - */
  #define POLARSSL_CAMELLIA_C
 + */
  
  /**
-  * \def POLARSSL_CERTS_C
-@@ -437,8 +437,8 @@
-  * Caller:
+  * \def POLARSSL_CCM_C
+@@ -1423,8 +1423,8 @@
+  * Requires: POLARSSL_PEM_PARSE_C
   *
   * This module is used for testing (ssl_client/server).
 - */
@@ -40,7 +120,7 @@
  
  /**
   * \def POLARSSL_CIPHER_C
-@@ -477,8 +477,8 @@
+@@ -1463,8 +1463,8 @@
   *          library/ssl_tls.c
   *
   * This module provides debugging functions.
@@ -50,28 +130,58 @@
  
  /**
   * \def POLARSSL_DES_C
-@@ -560,8 +560,8 @@
-  * enabled as well):
-  *      TLS_RSA_WITH_AES_128_GCM_SHA256
-  *      TLS_RSA_WITH_AES_256_GCM_SHA384
+@@ -1519,8 +1519,8 @@
+  *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
+  *
+  * Requires: POLARSSL_ECP_C
+- */
+ #define POLARSSL_ECDH_C
++ */
+ 
+ /**
+  * \def POLARSSL_ECDSA_C
+@@ -1534,8 +1534,8 @@
+  *      ECDHE-ECDSA
+  *
+  * Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
+- */
+ #define POLARSSL_ECDSA_C
++ */
+ 
+ /**
+  * \def POLARSSL_ECP_C
+@@ -1547,8 +1547,8 @@
+  *          library/ecdsa.c
+  *
+  * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
+- */
+ #define POLARSSL_ECP_C
++ */
+ 
+ /**
+  * \def POLARSSL_ENTROPY_C
+@@ -1587,8 +1587,8 @@
+  *
+  * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
+  * requisites are enabled as well.
 - */
  #define POLARSSL_GCM_C
 + */
  
  /**
   * \def POLARSSL_HAVEGE_C
-@@ -574,8 +574,8 @@
-  * Requires: POLARSSL_TIMING_C
+@@ -1624,8 +1624,8 @@
+  * Requires: POLARSSL_MD_C
   *
-  * This module enables the HAVEGE random number generator.
+  * Uncomment to enable the HMAC_DRBG random number geerator.
 - */
- #define POLARSSL_HAVEGE_C
+ #define POLARSSL_HMAC_DRBG_C
 + */
  
  /**
   * \def POLARSSL_MD_C
-@@ -649,8 +649,8 @@
-  * Caller:  library/aes.c
+@@ -1746,8 +1746,8 @@
+  * Requires: POLARSSL_HAVE_ASM
   *
   * This modules adds support for the VIA PadLock on x86.
 - */
@@ -80,7 +190,17 @@
  
  /**
   * \def POLARSSL_PBKDF2_C
-@@ -763,8 +763,8 @@
+@@ -1907,8 +1907,8 @@
+  * Module:  library/ripemd160.c
+  * Caller:  library/md.c
+  *
+- */
+ #define POLARSSL_RIPEMD160_C
++ */
+ 
+ /**
+  * \def POLARSSL_RSA_C
+@@ -1987,8 +1987,8 @@
   * Caller:
   *
   * Requires: POLARSSL_SSL_CACHE_C
@@ -90,7 +210,7 @@
  
  /**
   * \def POLARSSL_SSL_CLI_C
-@@ -818,8 +818,8 @@
+@@ -2064,8 +2064,8 @@
   * Caller:  library/havege.c
   *
   * This module is used by the HAVEGE random number generator.
@@ -100,13 +220,13 @@
  
  /**
   * \def POLARSSL_VERSION_C
-@@ -868,8 +868,8 @@
+@@ -2185,8 +2185,8 @@
   *
   * Module:  library/xtea.c
   * Caller:
 - */
  #define POLARSSL_XTEA_C
 + */
- /* \} name */
  
- #endif /* config.h */
+ /* \} name SECTION: mbed TLS modules */
+