lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Reduce code size when mbedtls_x509_*_info() unused

Browse Source 
Introduce MBEDTLS_X509_INFO to indicate the availability of the
mbedtls_x509_*_info() function and closely related APIs. When this is
not defined, also omit name and description from
mbedtls_oid_descriptor_t, and omit OID arrays, macros, and types that
are entirely unused. This saves several KB of code space.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Signed-off-by: Chris Jones <christopher.jones@arm.com>
This commit is contained in:
Peter Kolbus
2018-12-11 13:55:56 -06:00
committed by Chris Jones
parent 12f93f4fc2
commit 9a969b66c1
28 changed files with 322 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
include/mbedtls/config.h
View File

@ -2143,6 +2143,17 @@
*/
#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
/**
* \def MBEDTLS_X509_INFO
*
* Enable mbedtls_x509_*_info() and related APIs.
*
* Comment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt()
* and other functions/constants only used by these functions, thus reducing
* the code footprint by several KB.
*/
#define MBEDTLS_X509_INFO
/**
* \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
*

8
include/mbedtls/debug.h
View File

@ -59,9 +59,13 @@
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_INFO)
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \
mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
#endif
#else
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
#endif /* MBEDTLS_X509_INFO */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_ECDH_C)
#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \
@ -248,7 +252,7 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
const char *text, const mbedtls_ecp_point *X );
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO)
/**
* \brief Print a X.509 certificate structure to the debug output. This
* function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro,

4
include/mbedtls/oid.h
View File

@ -441,8 +441,10 @@ typedef struct mbedtls_oid_descriptor_t
{
const char *asn1; /*!< OID ASN.1 representation */
size_t asn1_len; /*!< length of asn1 */
#if defined(MBEDTLS_X509_INFO)
const char *name; /*!< official name (e.g. from RFC) */
const char *description; /*!< human friendly description */
#endif
} mbedtls_oid_descriptor_t;
/**
@ -582,6 +584,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a
int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
#endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_X509_INFO)
/**
* \brief Translate Extended Key Usage OID into description
*
@ -591,6 +594,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
#endif
/**
* \brief Translate certificate policies OID into description

2
include/mbedtls/x509.h
View File

@ -316,9 +316,11 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *serial );
int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *ext, int tag );
#if defined(MBEDTLS_X509_INFO)
int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const void *sig_opts );
#endif
int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name );
int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name );
int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,

2
include/mbedtls/x509_crl.h
View File

@ -134,6 +134,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
#endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the CRL.
*
@ -147,6 +148,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
*/
int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_crl *crl );
#endif
/**
* \brief Initialize a CRL (chain)

5
include/mbedtls/x509_crt.h
View File

@ -509,6 +509,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
*/
int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
mbedtls_x509_subject_alternative_name *san );
#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the
* certificate.
@ -523,7 +525,9 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
*/
int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_crt *crt );
#endif
#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the
* verification status of a certificate.
@ -538,6 +542,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
*/
int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
uint32_t flags );
#endif
/**
* \brief Verify a chain of certificates.

2
include/mbedtls/x509_csr.h
View File

@ -121,6 +121,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
#endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the
* CSR.
@ -135,6 +136,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
*/
int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_csr *csr );
#endif
/**
* \brief Initialize a CSR