From: Karsten Sperling Date: Mon, 21 Jul 2025 04:25:03 +0000 (+1200) Subject: mbedtls: Expose MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED config option X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97dc9f8dbfde8725ca26ae7ce0f348488e62e29e;p=thirdparty%2Fopenwrt.git mbedtls: Expose MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED config option This enables software that requires this cipher suite (e.g. OpenThread Border Router) to be compiled against the shared library rather than a separate copy. Signed-off-by: Karsten Sperling Link: https://github.com/openwrt/openwrt/pull/19489 Signed-off-by: Hauke Mehrtens --- diff --git a/package/libs/mbedtls/Config.in b/package/libs/mbedtls/Config.in index 0a760ed2cb8..2009d5db96f 100644 --- a/package/libs/mbedtls/Config.in +++ b/package/libs/mbedtls/Config.in @@ -84,6 +84,10 @@ config MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED bool "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED" default n +config MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + bool "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" + default n + comment "Curves - unselect old or less-used curves to reduce binary size" config MBEDTLS_ECP_DP_SECP192R1_ENABLED diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile index 1533cff519e..6fd6a1ba6bd 100644 --- a/package/libs/mbedtls/Makefile +++ b/package/libs/mbedtls/Makefile @@ -53,6 +53,7 @@ MBEDTLS_BUILD_OPTS_CIPHERS= \ CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED \ CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \ + CONFIG_MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED \ CONFIG_MBEDTLS_NIST_KW_C \ CONFIG_MBEDTLS_RIPEMD160_C \ CONFIG_MBEDTLS_RSA_NO_CRT \