-
CONFIG_MBEDTLS_SHA256_SMALLER
¶
Use SHA256 small footprint implementation
Enable smaller SHA-256 implementation
Type: bool
Help¶
Use a SHA-256 implementation with smaller footprint. Note, that this implementation will also have a lower performance. On a Cortex-M4 the size of mbedtls_sha256_process() will be reduced from ~2KB to ~0.5KB, however it will also perform around 30% slower. MBEDTLS_SHA256_SMALLER setting in mbed TLS config file.
Help¶
Enable an implementation of SHA-256 that has lower ROM footprint but also lower performance
Direct dependencies¶
(VANILLA_MBEDTLS_SHA256_C
&& NRF_SECURITY_ADVANCED
&& NRF_SECURITY_ANY_BACKEND
&& NORDIC_SECURITY_BACKEND
) || (MBEDTLS_MAC_SHA256_ENABLED
&& MBEDTLS_BUILTIN
&& MBEDTLS_CFG_FILE
= “config-tls-generic.h” && MBEDTLS
)
(Includes any dependencies from ifs and menus.)
Default¶
y
Kconfig definitions¶
At <nrfxlib>/nrf_security/Kconfig:1497
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:9
→ <BuildDir>/Kconfig/Kconfig.modules:5
→ <nrfxlib>/Kconfig.nrfxlib:13
Menu path: (Top) → Modules → Nordic nrfxlib → Nordic Security → Use Nordic provided security backend → Advanced mbed TLS Configuration Settings
config MBEDTLS_SHA256_SMALLER bool "Use SHA256 small footprint implementation" depends onVANILLA_MBEDTLS_SHA256_C
&&NRF_SECURITY_ADVANCED
&&NRF_SECURITY_ANY_BACKEND
&&NORDIC_SECURITY_BACKEND
help Use a SHA-256 implementation with smaller footprint. Note, that this implementation will also have a lower performance. On a Cortex-M4 the size of mbedtls_sha256_process() will be reduced from ~2KB to ~0.5KB, however it will also perform around 30% slower. MBEDTLS_SHA256_SMALLER setting in mbed TLS config file.
At <Zephyr>/modules/Kconfig.tls-generic:264
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:10
→ <Zephyr>/modules/Kconfig:17
→ <Zephyr>/modules/Kconfig.mbedtls:44
Menu path: (Top) → Modules → mbedTLS Support → TLS configuration → Ciphersuite configuration → Enable the SHA-224 and SHA-256 hash algorithms
config MBEDTLS_SHA256_SMALLER bool "Enable smaller SHA-256 implementation" default y depends onMBEDTLS_MAC_SHA256_ENABLED
&&MBEDTLS_BUILTIN
&&MBEDTLS_CFG_FILE
= "config-tls-generic.h" &&MBEDTLS
help Enable an implementation of SHA-256 that has lower ROM footprint but also lower performance
(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)