David Horstmann

These are the numbers I have from x86_64: | | | 8fe2e36de | 6fd6542e9c | improvement | |-----------|------------|-------------|--------|------| | gcc | Os | 140447 | 107951 | -23% | |...

What are you trying to do specifically? It should be possible to configure the self-signed certificates as trusted using [`mbedtls_ssl_conf_ca_chain()`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/ssl_8h/#_CPPv425mbedtls_ssl_conf_ca_chainP18mbedtls_ssl_configP16mbedtls_x509_crtP16mbedtls_x509_crl) without any changes to the library. See an example [here](https://github.com/Mbed-TLS/mbedtls/blob/development/programs/ssl/ssl_server.c#L195).

> Otherwise, have you checked that you can play the same move game subsequently on another set of `mbedtls` files, `tests/data_files/*` for example without merge trouble in `framework`? I have...

[Force-pushed to update to version of submodule with full history]

Thanks for catching these, should be addressed now!

> Currently it's handled like `tests/src/test_certs.h`: the file is commited and there is no check that it's up-to-date. That doesn't look great - either the file should be auto-generated on...

> Adding a check that the file is up-to-date seems fairly trivial Ah actually I see that it relies on having built the programs already, which I'm not sure if...

I believe we already have SHA2 acceleration, see [here](https://github.com/Mbed-TLS/mbedtls/blob/development/library/sha512.c#L373).

Hi, I'm not familiar with the specifics of your situation , but would #8691 be relevant / solve this issue?

Hi, thanks for raising this! I think this may be a duplicate of #3896? We currently have a PR #5411 that aims to fix this, but it seems to be...