fix(mbedtls): Fix https_request example build failure for mbedtls_config

- This was caused due to some mbedtls confisg being defined but their all prerequisites were not

components/mbedtls/Kconfig

@@ -379,6 +379,7 @@ menu "mbedTLS"
 
     config MBEDTLS_CMAC_C
         bool "Enable CMAC mode for block ciphers"
+        default y if MBEDTLS_USE_CRYPTO_ROM_IMPL
         default n
         depends on MBEDTLS_AES_C || MBEDTLS_DES_C
         help
@@ -928,6 +929,23 @@ menu "mbedTLS"
         bool  "Elliptic Curve Ciphers"
         default y
 
+    config MBEDTLS_PK_PARSE_EC_EXTENDED
+        bool "Enhance support for reading EC keys"
+        default y
+        depends on MBEDTLS_ECP_C
+        help
+            Enhance support for reading EC keys using variants of SEC1 not allowed by
+            RFC 5915 and RFC 5480.
+
+    config MBEDTLS_PK_PARSE_EC_COMPRESSED
+        bool "Enable the support for parsing public keys of type Short Weierstrass"
+        default y
+        depends on MBEDTLS_ECP_C
+        help
+            Enable the support for parsing public keys of type Short Weierstrass
+            (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the
+            compressed point format. This parsing is done through ECP module's functions.
+
     config MBEDTLS_DHM_C
         bool "Diffie-Hellman-Merkle key exchange (DHM)"
         default n

components/mbedtls/mbedtls

@@ -1 +1 @@
-Subproject commit 72aa687352a469044cbb946f3fdb261430e41ce1
+Subproject commit 5d112760293404ca0452bf244aa025079cf2e5af

components/mbedtls/port/include/mbedtls/esp_config.h

@@ -412,6 +412,14 @@
  */
 #ifdef CONFIG_MBEDTLS_CMAC_C
 #define MBEDTLS_CMAC_C
+#else
+#ifdef CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL
+/* The mbedtls present in ROM is built with the MBEDTLS_CMAC_C symbol being enabled,
+ * thus when using the mbedtls from ROM, CONFIG_MBEDTLS_CMAC_C needs to be enabled.
+ */
+#error "CONFIG_MBEDTLS_CMAC_C cannot be disabled when CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL is enabled"
+#endif
+#undef MBEDTLS_CMAC_C
 #endif
 
 /**
@@ -841,7 +849,28 @@
  *
  * Disable if you only need to support RFC 5915 + 5480 key formats.
  */
+#ifdef CONFIG_MBEDTLS_PK_PARSE_EC_EXTENDED
 #define MBEDTLS_PK_PARSE_EC_EXTENDED
+#else
+#undef MBEDTLS_PK_PARSE_EC_EXTENDED
+#endif
+
+/**
+ * \def MBEDTLS_PK_PARSE_EC_COMPRESSED
+ *
+ * Enable the support for parsing public keys of type Short Weierstrass
+ * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the
+ * compressed point format. This parsing is done through ECP module's functions.
+ *
+ * \note As explained in the description of MBEDTLS_ECP_PF_COMPRESSED (in ecp.h)
+ *       the only unsupported curves are MBEDTLS_ECP_DP_SECP224R1 and
+ *       MBEDTLS_ECP_DP_SECP224K1.
+ */
+#ifdef CONFIG_MBEDTLS_PK_PARSE_EC_COMPRESSED
+#define MBEDTLS_PK_PARSE_EC_COMPRESSED
+#else
+#undef MBEDTLS_PK_PARSE_EC_COMPRESSED
+#endif
 
 /**
  * \def MBEDTLS_ERROR_STRERROR_DUMMY

examples/protocols/https_request/sdkconfig.ci.mbedtls_config

@@ -3,11 +3,11 @@
 # If any component using mbedtls does not select respective configurations,
 # then this should fail at build stage.
 
-# Few example dependancies need to be enabled by default for the build to succeed
+# Few example dependencies need to be enabled by default for the build to succeed
 ##############
 CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y
 CONFIG_MBEDTLS_KEY_EXCHANGE_RSA=y
-CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y
+CONFIG_MBEDTLS_AES_C=y
 ##############
 
 CONFIG_MBEDTLS_HARDWARE_AES=n
@@ -46,7 +46,6 @@ CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=n
 #
 # Symmetric Ciphers
 #
-CONFIG_MBEDTLS_AES_C=n
 CONFIG_MBEDTLS_CAMELLIA_C=n
 CONFIG_MBEDTLS_DES_C=n
 CONFIG_MBEDTLS_BLOWFISH_C=n
@@ -73,6 +72,7 @@ CONFIG_MBEDTLS_ECDSA_C=n
 CONFIG_MBEDTLS_ECJPAKE_C=n
 CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED=n
 CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED=n
+CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=n
 CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=n
 CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=n
 CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED=n