Commit 17b7bb1d authored by Oleksii Beketov's avatar Oleksii Beketov Committed by Uze Choi

mbedTLS ROM optimization: remove RSA

RSA optional support: disable RSA with OPTIMIZE=1 build flag

Change-Id: I762fff9633e913366c63ef66decd1e644fee0fc9
Signed-off-by: default avatarOleksii Beketov <ol.beketov@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/25661Tested-by: default avatarIoTivity Jenkins <jenkins-daemon@iotivity.org>
Reviewed-by: default avatarUze Choi <uzchoi@samsung.com>
parent ea02396d
From 44b8b81c9b04a2f16d5ec7e561b99ea9ec392dff Mon Sep 17 00:00:00 2001 From 6612bb3462e7977363b989b512801c21b4b6c5ac Mon Sep 17 00:00:00 2001
From: Oleksii Beketov <ol.beketov@samsung.com> From: Oleksii Beketov <ol.beketov@samsung.com>
Date: Wed, 30 May 2018 16:05:03 +0300 Date: Mon, 4 Jun 2018 11:01:25 +0300
Subject: [PATCH] mbedtls reduce Subject: [PATCH] mbedtls reduce
Signed-off-by: Oleksii Beketov <ol.beketov@samsung.com> Signed-off-by: Oleksii Beketov <ol.beketov@samsung.com>
--- ---
include/mbedtls/config.h | 6 ++++++ include/mbedtls/config.h | 9 +++++++--
library/bignum.c | 48 +++++++++++++++++++++++++++++++++++++++++++++--- library/bignum.c | 48 +++++++++++++++++++++++++++++++++++++++++++++---
2 files changed, 51 insertions(+), 3 deletions(-) 2 files changed, 52 insertions(+), 5 deletions(-)
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 45143a5..79542c7 100644 index 45143a5..e107860 100644
--- a/include/mbedtls/config.h --- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h +++ b/include/mbedtls/config.h
@@ -59,7 +59,9 @@ @@ -59,7 +59,9 @@
...@@ -23,17 +23,23 @@ index 45143a5..79542c7 100644 ...@@ -23,17 +23,23 @@ index 45143a5..79542c7 100644
/* Save some RAM by adjusting to your exact needs */ /* Save some RAM by adjusting to your exact needs */
#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */ #define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
@@ -82,7 +84,9 @@ @@ -82,12 +84,13 @@
#define MBEDTLS_BIGNUM_C #define MBEDTLS_BIGNUM_C
#define MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
#define MBEDTLS_ECDH_C #define MBEDTLS_ECDH_C
+#ifndef ST_APP_OPTIMIZATION +#ifndef ST_APP_OPTIMIZATION
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+#endif -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
#define MBEDTLS_RSA_C #define MBEDTLS_RSA_C
#define MBEDTLS_PKCS1_V15 #define MBEDTLS_PKCS1_V15
@@ -98,7 +102,9 @@ +#endif
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
#define MBEDTLS_X509_CRT_PARSE_C
-
#define MBEDTLS_X509_USE_C
#define MBEDTLS_ASN1_PARSE_C
@@ -98,7 +101,9 @@
#define MBEDTLS_ASN1_WRITE_C #define MBEDTLS_ASN1_WRITE_C
#define MBEDTLS_ECDSA_C #define MBEDTLS_ECDSA_C
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
......
...@@ -44,14 +44,14 @@ DTLS= aes.c aesni.c asn1parse.c asn1write.c base64.c \ ...@@ -44,14 +44,14 @@ DTLS= aes.c aesni.c asn1parse.c asn1write.c base64.c \
gcm.c havege.c hmac_drbg.c md.c md2.c md4.c \ gcm.c havege.c hmac_drbg.c md.c md2.c md4.c \
md5.c md_wrap.c oid.c padlock.c \ md5.c md_wrap.c oid.c padlock.c \
pem.c pk.c pk_wrap.c pkcs12.c pkcs5.c pkparse.c \ pem.c pk.c pk_wrap.c pkcs12.c pkcs5.c pkparse.c \
pkwrite.c platform.c ripemd160.c rsa.c sha1.c sha256.c \ pkwrite.c platform.c ripemd160.c sha1.c sha256.c \
sha512.c threading.c timing.c version.c version_features.c \ sha512.c threading.c timing.c version.c version_features.c \
xtea.c pkcs11.c x509.c x509_crt.c debug.c net_sockets.c \ xtea.c pkcs11.c x509.c x509_crt.c debug.c net_sockets.c \
ssl_cache.c ssl_ciphersuites.c ssl_cli.c ssl_cookie.c \ ssl_cache.c ssl_ciphersuites.c ssl_cli.c ssl_cookie.c \
ssl_srv.c ssl_ticket.c ssl_tls.c rsa_internal.c ssl_srv.c ssl_ticket.c ssl_tls.c
ifneq ($(OPTIMIZE),1) ifneq ($(OPTIMIZE),1)
DTLS+= arc4.c blowfish.c camellia.c DTLS += arc4.c blowfish.c camellia.c rsa.c rsa_internal.c
endif endif
DTLSFLAGS=-I../../deps/mbedtls/include -D__OC_RANDOM DTLSFLAGS=-I../../deps/mbedtls/include -D__OC_RANDOM
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment