From c393cd7e48e1bfffe25a9d0131ceb23b6bad9b05 Mon Sep 17 00:00:00 2001
From: Carlosgg <carlosgilglez@gmail.com>
Date: Sat, 25 Nov 2023 16:24:30 +0000
Subject: [PATCH] esp32/boards/sdkconfig.base: Disable unused mbedtls options.

Disable unused EC curves and default certificate bundle which is not
implemented in MicroPython.  This reduces the firmware size significantly.

This follows commit 68f166dae9ad6dfd94038d5f4394defbb44238af.

Signed-off-by: Carlos Gil Gonzalez <carlosgilglez@gmail.com>
---
 ports/esp32/boards/sdkconfig.base | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/ports/esp32/boards/sdkconfig.base b/ports/esp32/boards/sdkconfig.base
index bfc8c6610e..05624f0d74 100644
--- a/ports/esp32/boards/sdkconfig.base
+++ b/ports/esp32/boards/sdkconfig.base
@@ -66,6 +66,16 @@ CONFIG_MBEDTLS_HAVE_TIME=y
 # Disable ALPN support as it's not implemented in MicroPython
 CONFIG_MBEDTLS_SSL_ALPN=n
 
+# Disable slow or unused EC curves
+CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=n
+CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=n
+CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=n
+CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=n
+
+# Disable certificate bundle as it's not implemented in MicroPython
+CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n
+CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL=n
+
 # Allow mbedTLS to allocate from PSRAM or internal memory
 #
 # (The ESP-IDF default is internal-only, partly for physical security to prevent