Can't unselect "Use backward compatible ECDH context (Experimental)"

lehrian
Posts: 21
Joined: Wed May 12, 2021 3:07 am

Can't unselect "Use backward compatible ECDH context (Experimental)"

Postby lehrian » Sun Apr 02, 2023 5:37 pm

I updated from 4.4.4 to 5.0.1 and now the Diffie-Hellman Key Exchange Modes have been disabled so I am following their suggesting and migrating to Elliptic Curve Diffie Hellman. Reading the header file I came across:

Code: Select all

/*
 * Mbed TLS supports two formats for ECDH contexts (#mbedtls_ecdh_context
 * defined in `ecdh.h`). For most applications, the choice of format makes
 * no difference, since all library functions can work with either format,
 * except that the new format is incompatible with MBEDTLS_ECP_RESTARTABLE.
 * The new format used when this option is disabled is smaller
 * (56 bytes on a 32-bit platform). In future versions of the library, it
 * will support alternative implementations of ECDH operations.
 * The new format is incompatible with applications that access
 * context fields directly and with restartable ECP operations.
 */
I was going to disable this as I don't need either of these capabilities so I looked the setting up in the sdkconfig and while I can edit the file manually and change these settings, I am unable to uncheck the check box for either of them (I click it and it immediately switches back to checked). Also, if I change them manually and then reopen the sdkconfig Design view they are reenabled and changed in the file.

Can someone confirm that they experience this same odd behavior? To find the settings I am talking about open the sdkconfig and search for mbedTLS and select the mbedTLS node. The settings in question are #9 "Use a backward compatible ECDH context (Experimental)." and #17 "Enable mbedTLS ecp restartable". The actual values in the file are CONFIG_MBEDTLS_ECDH_LEGACY_CONTEXT and CONFIG_MBEDTLS_ECP_RESTARTABLE.

Note: just switching the view doesn't cause the value to change, but closing and reopening the file does.

Who is online

Users browsing this forum: No registered users and 270 guests