More granular define selections within code to allow for smaller code

sizes

include/polarssl/ssl.h

@@ -29,16 +29,25 @@
 
 #include <time.h>
 
+#include "config.h"
 #include "net.h"
-#include "rsa.h"
+#include "bignum.h"
+
 #include "md5.h"
 #include "sha1.h"
 #include "sha2.h"
 #include "sha4.h"
-#include "x509.h"
-#include "config.h"
+
 #include "ssl_ciphersuites.h"
 
+#if defined(POLARSSL_X509_PARSE_C)
+#include "x509.h"
+#endif
+
+#if defined(POLARSSL_RSA_C)
+#include "rsa.h"
+#endif
+
 #if defined(POLARSSL_DHM_C)
 #include "dhm.h"
 #endif
@@ -227,6 +236,15 @@
 
 #define TLS_EXT_RENEGOTIATION_INFO      0xFF01
 
+/*
+ * Size defines
+ */
+#if !defined(POLARSSL_MPI_MAX_SIZE)
+#define POLARSSL_PREMASTER_SIZE             512
+#else
+#define POLARSSL_PREMASTER_SIZE             POLARSSL_MPI_MAX_SIZE
+#endif
+
 /*
  * Generic function pointers for allowing external RSA private key
  * implementations.
@@ -281,7 +299,10 @@ struct _ssl_session
     size_t length;              /*!< session id length  */
     unsigned char id[32];       /*!< session identifier */
     unsigned char master[48];   /*!< the master secret  */
+
+#if defined(POLARSSL_X509_PARSE_C)
     x509_cert *peer_cert;       /*!< peer X.509 cert chain */
+#endif /* POLARSSL_X509_PARSE_C */
 };
 
 /*
@@ -340,8 +361,8 @@ struct _ssl_handshake_params
 #if defined(POLARSSL_ECDH_C)
     ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
 #endif
-#if defined(POLARSSL_ECP_C)
     int ec_curve;                       /*!<  Selected elliptic curve */
+#if defined(POLARSSL_ECP_C)
     int ec_point_format;                /*!<  Client supported format */
 #endif
 
@@ -363,7 +384,7 @@ struct _ssl_handshake_params
     size_t pmslen;                      /*!<  premaster length        */
 
     unsigned char randbytes[64];        /*!<  random bytes            */
-    unsigned char premaster[POLARSSL_MPI_MAX_SIZE];
+    unsigned char premaster[POLARSSL_PREMASTER_SIZE];
                                         /*!<  premaster secret        */
 
     int resume;                         /*!<  session resume indicator*/
@@ -392,7 +413,6 @@ struct _ssl_context
     void (*f_dbg)(void *, int, const char *);
     int (*f_recv)(void *, unsigned char *, size_t);
     int (*f_send)(void *, const unsigned char *, size_t);
-    int (*f_vrfy)(void *, x509_cert *, int, int *);
     int (*f_get_cache)(void *, ssl_session *);
     int (*f_set_cache)(void *, const ssl_session *);
     int (*f_sni)(void *, ssl_context *, const unsigned char *, size_t);
@@ -401,12 +421,16 @@ struct _ssl_context
     void *p_dbg;                /*!< context for the debug function   */
     void *p_recv;               /*!< context for reading operations   */
     void *p_send;               /*!< context for writing operations   */
-    void *p_vrfy;               /*!< context for verification         */
     void *p_get_cache;          /*!< context for cache retrieval      */
     void *p_set_cache;          /*!< context for cache store          */
     void *p_sni;                /*!< context for SNI extension        */
     void *p_hw_data;            /*!< context for HW acceleration      */
 
+#if defined(POLARSSL_X509_PARSE_C)
+    int (*f_vrfy)(void *, x509_cert *, int, int *);
+    void *p_vrfy;               /*!< context for verification         */
+#endif
+
     /*
      * Session layer
      */
@@ -458,15 +482,19 @@ struct _ssl_context
     /*
      * PKI layer
      */
+#if defined(POLARSSL_RSA_C)
     void *rsa_key;                      /*!<  own RSA private key     */
     rsa_decrypt_func rsa_decrypt;       /*!<  function for RSA decrypt*/
     rsa_sign_func rsa_sign;             /*!<  function for RSA sign   */
     rsa_key_len_func rsa_key_len;       /*!<  function for RSA key len*/
+#endif /* POLARSSL_RSA_C */
 
+#if defined(POLARSSL_X509_PARSE_C)
     x509_cert *own_cert;                /*!<  own X.509 certificate   */
     x509_cert *ca_chain;                /*!<  own trusted CA chain    */
     x509_crl *ca_crl;                   /*!<  trusted CA CRLs         */
     const char *peer_cn;                /*!<  expected peer CN        */
+#endif /* POLARSSL_X509_PARSE_C */
 
     /*
      * User settings
@@ -610,6 +638,7 @@ void ssl_set_endpoint( ssl_context *ssl, int endpoint );
  */
 void ssl_set_authmode( ssl_context *ssl, int authmode );
 
+#if defined(POLARSSL_X509_PARSE_C)
 /**
  * \brief          Set the verification callback (Optional).
  *
@@ -624,6 +653,7 @@ void ssl_set_authmode( ssl_context *ssl, int authmode );
 void ssl_set_verify( ssl_context *ssl,
                      int (*f_vrfy)(void *, x509_cert *, int, int *),
                      void *p_vrfy );
+#endif /* POLARSSL_X509_PARSE_C */
 
 /**
  * \brief          Set the random number generator callback
@@ -741,6 +771,7 @@ void ssl_set_ciphersuites_for_version( ssl_context *ssl,
                                        const int *ciphersuites,
                                        int major, int minor );
 
+#if defined(POLARSSL_X509_PARSE_C)
 /**
  * \brief          Set the data required to verify peer certificate
  *
@@ -790,6 +821,7 @@ void ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
                            rsa_decrypt_func rsa_decrypt,
                            rsa_sign_func rsa_sign,
                            rsa_key_len_func rsa_key_len );
+#endif /* POLARSSL_X509_PARSE_C */
 
 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
 /**
@@ -976,6 +1008,7 @@ const char *ssl_get_ciphersuite( const ssl_context *ssl );
  */
 const char *ssl_get_version( const ssl_context *ssl );
 
+#if defined(POLARSSL_X509_PARSE_C)
 /**
  * \brief          Return the peer certificate from the current connection
  *
@@ -991,6 +1024,7 @@ const char *ssl_get_version( const ssl_context *ssl );
  * \return         the current peer certificate
  */
 const x509_cert *ssl_get_peer_cert( const ssl_context *ssl );
+#endif /* POLARSSL_X509_PARSE_C */
 
 /**
  * \brief          Perform the SSL handshake