From 7a8a85877d677f43872d7010b99da7189b69e6cf Mon Sep 17 00:00:00 2001
From: Kapil Gupta <kapil.gupta@espressif.com>
Date: Thu, 29 Dec 2022 15:13:34 +0530
Subject: [PATCH] Removed sha384 hash for certs > 2k

---
 .../esp_supplicant/src/crypto/tls_mbedtls.c       | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c b/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c
index e94c7714790..202b2f1f9be 100644
--- a/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c
+++ b/components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c
@@ -294,9 +294,6 @@ static void tls_enable_sha1_config(tls_context_t *tls)
 static const int eap_ciphersuite_preference[] =
 {
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
-	MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
-#endif
 #if defined(MBEDTLS_CCM_C)
 	MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
 #endif
@@ -304,9 +301,6 @@ static const int eap_ciphersuite_preference[] =
 	MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
 	MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
 #endif
-#if defined(MBEDTLS_GCM_C)
-	MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
-#endif
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 	MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
 	MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
@@ -327,9 +321,7 @@ static const int eap_ciphersuite_preference[] =
 #endif
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-	MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
 	MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
-	MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
 	MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
 	MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
 
@@ -338,9 +330,6 @@ static const int eap_ciphersuite_preference[] =
 	MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
 	MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
 #endif
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
-	MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
-#endif
 #if defined(MBEDTLS_CCM_C)
 	MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
 #endif
@@ -389,14 +378,10 @@ static const int eap_ciphersuite_preference[] =
 	MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
 #endif
 	/* The PSK suites */
-#if defined(MBEDTLS_GCM_C)
-	MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
-#endif
 #if defined(MBEDTLS_CCM_C)
 	MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
 #endif
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
-	MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
 	MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
 #endif
 #if defined(MBEDTLS_CCM_C)