Reduce code size when mbedtls_x509_*_info() unused
Introduce MBEDTLS_X509_INFO to indicate the availability of the
mbedtls_x509_*_info() function and closely related APIs. When this is
not defined, also omit name and description from
mbedtls_oid_descriptor_t, and omit OID arrays, macros, and types that
are entirely unused. This saves several KB of code space.
Change-Id: I056312613379890e0d70e1d08c34171287c0aa17
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index e0b5ba4..d202a68 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1760,6 +1760,17 @@
#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
/**
+ * \def MBEDTLS_X509_INFO
+ *
+ * Enable mbedtls_x509_*_info() and related APIs.
+ *
+ * Comment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt()
+ * and other functions/constants only used by these functions, thus reducing
+ * the code footprint by several KB.
+ */
+#define MBEDTLS_X509_INFO
+
+/**
* \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
*
* Enable parsing and verification of X.509 certificates, CRLs and CSRS
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index 1020676..3a7f3f5 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -61,9 +61,13 @@
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_INFO)
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \
mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
-#endif
+#else
+#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
+#endif /* MBEDTLS_X509_INFO */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_ECDH_C)
#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \
@@ -206,7 +210,7 @@
const char *text, const mbedtls_ecp_point *X );
#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO)
/**
* \brief Print a X.509 certificate structure to the debug output. This
* function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro,
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index 6fbd018..3421084 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -407,8 +407,10 @@
{
const char *asn1; /*!< OID ASN.1 representation */
size_t asn1_len; /*!< length of asn1 */
+#if defined(MBEDTLS_X509_INFO)
const char *name; /*!< official name (e.g. from RFC) */
const char *description; /*!< human friendly description */
+#endif
} mbedtls_oid_descriptor_t;
/**
@@ -550,6 +552,7 @@
int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
#endif /* MBEDTLS_MD_C */
+#if defined(MBEDTLS_X509_INFO)
/**
* \brief Translate Extended Key Usage OID into description
*
@@ -559,6 +562,7 @@
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
+#endif
/**
* \brief Translate md_type into hash algorithm OID
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 9ae825c..5808b4d 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -305,9 +305,11 @@
mbedtls_x509_buf *serial );
int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *ext, int tag );
+#if defined(MBEDTLS_X509_INFO)
int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const void *sig_opts );
+#endif
int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name );
int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name );
int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index 08a4283..123a796 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -136,6 +136,7 @@
int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
#endif /* MBEDTLS_FS_IO */
+#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the CRL.
*
@@ -149,6 +150,7 @@
*/
int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_crl *crl );
+#endif
/**
* \brief Initialize a CRL (chain)
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 62c3c2e..0d55eec 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -339,6 +339,7 @@
int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
#endif /* MBEDTLS_FS_IO */
+#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the
* certificate.
@@ -353,7 +354,9 @@
*/
int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_crt *crt );
+#endif
+#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the
* verification status of a certificate.
@@ -368,6 +371,7 @@
*/
int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
uint32_t flags );
+#endif
/**
* \brief Verify the certificate signature
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index a3c2804..0709b10 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -123,6 +123,7 @@
int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
#endif /* MBEDTLS_FS_IO */
+#if defined(MBEDTLS_X509_INFO)
/**
* \brief Returns an informational string about the
* CSR.
@@ -137,6 +138,7 @@
*/
int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_csr *csr );
+#endif
/**
* \brief Initialize a CSR