Skip to content

Commit fb71031

Browse files
de-nordickartben
de-nordic
authored and
kartben
committed
modules: mbedtls: Expose MBEDTLS_RSA_C
Allow enabling MBEDTLS_RSA_C without key exchange enabled. This allows to use RSA without enabling x509 support too. Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
1 parent 6eb176a commit fb71031

File tree

2 files changed

+38
-12
lines changed

2 files changed

+38
-12
lines changed

modules/mbedtls/Kconfig.mbedtls

Lines changed: 26 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,28 @@ menu "Ciphersuite configuration"
4444

4545
comment "Supported key exchange modes"
4646

47+
config MBEDTLS_RSA_C
48+
bool "RSA base support"
49+
50+
if MBEDTLS_RSA_C
51+
52+
config MBEDTLS_PKCS1_V15
53+
bool "RSA PKCS1 v1.5"
54+
55+
config MBEDTLS_PKCS1_V21
56+
bool "RSA PKCS1 v2.1"
57+
58+
config MBEDTLS_GENPRIME_ENABLED
59+
bool "Prime number generation code"
60+
61+
endif # MBEDTLS_RSA_C
62+
63+
config MBEDTLS_RSA_FULL
64+
bool
65+
select MBEDTLS_RSA_C
66+
select MBEDTLS_PKCS1_V15
67+
select MBEDTLS_PKCS1_V21
68+
4769
config MBEDTLS_KEY_EXCHANGE_ALL_ENABLED
4870
bool "All available ciphersuite modes"
4971
select MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
@@ -70,6 +92,7 @@ config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
7092

7193
config MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
7294
bool "RSA-PSK based ciphersuite modes"
95+
select MBEDTLS_RSA_FULL
7396

7497
config MBEDTLS_PSK_MAX_LEN
7598
int "Max size of TLS pre-shared keys"
@@ -82,16 +105,19 @@ config MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
82105
bool "RSA-only based ciphersuite modes"
83106
default y if UOSCORE || UEDHOC
84107
select MBEDTLS_MD
108+
select MBEDTLS_RSA_FULL
85109
select PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY if PSA_CRYPTO_CLIENT
86110
select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT
87111
select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT
88112
select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT
89113

90114
config MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
91115
bool "DHE-RSA based ciphersuite modes"
116+
select MBEDTLS_RSA_FULL
92117

93118
config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
94119
bool "ECDHE-RSA based ciphersuite modes"
120+
select MBEDTLS_RSA_FULL
95121
depends on MBEDTLS_ECDH_C
96122

97123
config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
@@ -372,9 +398,6 @@ config MBEDTLS_CIPHER
372398
config MBEDTLS_MD
373399
bool "generic message digest layer."
374400

375-
config MBEDTLS_GENPRIME_ENABLED
376-
bool "prime-number generation code."
377-
378401
config MBEDTLS_ASN1_PARSE_C
379402
bool "Support for ASN1 parser functions"
380403

modules/mbedtls/configs/config-mbedtls.h

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -376,22 +376,25 @@
376376
#define MBEDTLS_MD_C
377377
#endif
378378

379+
#if defined(CONFIG_MBEDTLS_RSA_C)
380+
#define MBEDTLS_RSA_C
381+
#endif
382+
383+
#if defined(CONFIG_MBEDTLS_PKCS1_V15)
384+
#define MBEDTLS_PKCS1_V15
385+
#endif
386+
387+
#if defined(CONFIG_MBEDTLS_PKCS1_V15)
388+
#define MBEDTLS_PKCS1_V21
389+
#endif
390+
379391
/* Automatic dependencies */
380392

381393
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
382394
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
383395
#define MBEDTLS_DHM_C
384396
#endif
385397

386-
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
387-
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
388-
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
389-
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
390-
#define MBEDTLS_RSA_C
391-
#define MBEDTLS_PKCS1_V15
392-
#define MBEDTLS_PKCS1_V21
393-
#endif
394-
395398
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
396399
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
397400
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \

0 commit comments

Comments
 (0)