Skip to content

Commit cdb87a5

Browse files
jack0cjack0c
committed
Merge branch 'bugfix/remove_sha384_hash_for_bigger_certs_v4.4' into 'release/v4.4'
esp_wifi: remove sha384 hash for cert size > 2k (v4.4) See merge request espressif/esp-idf!21964
2 parents 0c8ec2a + 7321307 commit cdb87a5

File tree

1 file changed

+0
-15
lines changed

1 file changed

+0
-15
lines changed

components/wpa_supplicant/src/crypto/tls_mbedtls.c

Lines changed: 0 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -254,19 +254,13 @@ static void tls_enable_sha1_config(tls_context_t *tls)
254254
static const int eap_ciphersuite_preference[] =
255255
{
256256
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
257-
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
258-
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
259-
#endif
260257
#if defined(MBEDTLS_CCM_C)
261258
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
262259
#endif
263260
#if defined(MBEDTLS_CIPHER_MODE_CBC)
264261
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
265262
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
266263
#endif
267-
#if defined(MBEDTLS_GCM_C)
268-
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
269-
#endif
270264
#if defined(MBEDTLS_CIPHER_MODE_CBC)
271265
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
272266
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
@@ -287,9 +281,7 @@ static const int eap_ciphersuite_preference[] =
287281
#endif
288282
#endif
289283
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
290-
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
291284
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
292-
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
293285
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
294286
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
295287

@@ -298,9 +290,6 @@ static const int eap_ciphersuite_preference[] =
298290
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
299291
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
300292
#endif
301-
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
302-
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
303-
#endif
304293
#if defined(MBEDTLS_CCM_C)
305294
MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
306295
#endif
@@ -349,14 +338,10 @@ static const int eap_ciphersuite_preference[] =
349338
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
350339
#endif
351340
/* The PSK suites */
352-
#if defined(MBEDTLS_GCM_C)
353-
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
354-
#endif
355341
#if defined(MBEDTLS_CCM_C)
356342
MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
357343
#endif
358344
#if defined(MBEDTLS_CIPHER_MODE_CBC)
359-
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
360345
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
361346
#endif
362347
#if defined(MBEDTLS_CCM_C)

0 commit comments

Comments
 (0)