Make RSA_ALT support optionnal

2025-07-29 11:41:15 +03:00 · 2015-03-31 14:01:33 +02:00
parent 32076e66be
commit 348bcb3694
7 changed files with 29 additions and 2 deletions
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -768,6 +768,15 @@
 */
 //#define POLARSSL_MEMORY_BACKTRACE

+/**
+ * \def POLARSSL_PK_RSA_ALT_SUPPORT
+ *
+ * Support external private RSA keys (eg from a HSM) in the PK layer.
+ *
+ * Comment this macro to disable support for external private RSA keys.
+ */
+#define POLARSSL_PK_RSA_ALT_SUPPORT
+
 /**
 * \def POLARSSL_PKCS1_V15
 *
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@ -197,6 +197,7 @@ typedef struct
    void *              pk_ctx;     /**< Underlying public key context  */
 } pk_context;

+#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
 /**
 * \brief           Types for RSA-alt abstraction
 */
@ -208,6 +209,7 @@ typedef int (*pk_rsa_alt_sign_func)( void *ctx,
                    int mode, md_type_t md_alg, unsigned int hashlen,
                    const unsigned char *hash, unsigned char *sig );
 typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );
+#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */

 /**
 * \brief           Return information associated with the given PK type
@ -244,6 +246,7 @@ void pk_free( pk_context *ctx );
 */
 int pk_init_ctx( pk_context *ctx, const pk_info_t *info );

+#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
 /**
 * \brief           Initialize an RSA-alt context
 *
@ -262,6 +265,7 @@ int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
                         pk_rsa_alt_decrypt_func decrypt_func,
                         pk_rsa_alt_sign_func sign_func,
                         pk_rsa_alt_key_len_func key_len_func );
+#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */

 /**
 * \brief           Get the size in bits of the underlying key
--- a/include/mbedtls/pk_wrap.h
+++ b/include/mbedtls/pk_wrap.h
@ -33,6 +33,7 @@

 #include "pk.h"

+#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
 /* Container for RSA-alt */
 typedef struct
 {
@ -41,6 +42,7 @@ typedef struct
    pk_rsa_alt_sign_func sign_func;
    pk_rsa_alt_key_len_func key_len_func;
 } rsa_alt_context;
+#endif

 #if defined(POLARSSL_RSA_C)
 extern const pk_info_t rsa_info;
@ -55,6 +57,8 @@ extern const pk_info_t eckeydh_info;
 extern const pk_info_t ecdsa_info;
 #endif

+#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
 extern const pk_info_t rsa_alt_info;
+#endif

 #endif /* POLARSSL_PK_WRAP_H */