Skip to content

Commit 5694920

Browse files
de-nordicde-nordic
committed
[nrf fromlist] modules: mbedtls: Expose MBEDTLS_RSA_C
Allow enabling MBEDTLS_RSA_C without key exchange enabled. This allows to use RSA without enabling x509 support too. Upstream PR #: 87355 Signed-off-by: Dominik Ermel <[email protected]>
1 parent 7712393 commit 5694920

File tree

2 files changed

+14
-1
lines changed

2 files changed

+14
-1
lines changed

modules/mbedtls/Kconfig.tls-generic

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,11 @@ menu "Ciphersuite configuration"
4444

4545
comment "Supported key exchange modes"
4646

47+
config MBEDTLS_RSA_C
48+
bool "RSA cryptosystem"
49+
help
50+
Base support for RSA, without key x509 exchange enabled.
51+
4752
config MBEDTLS_KEY_EXCHANGE_ALL_ENABLED
4853
bool "All available ciphersuite modes"
4954
select MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
@@ -70,6 +75,7 @@ config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
7075

7176
config MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
7277
bool "RSA-PSK based ciphersuite modes"
78+
select MBEDTLS_RSA_C
7379

7480
config MBEDTLS_PSK_MAX_LEN
7581
int "Max size of TLS pre-shared keys"
@@ -82,6 +88,7 @@ config MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
8288
bool "RSA-only based ciphersuite modes"
8389
default y if UOSCORE || UEDHOC
8490
select MBEDTLS_MD
91+
select MBEDTLS_RSA_C if !PSA_CRYPTO_CLIENT
8592
select PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY if PSA_CRYPTO_CLIENT
8693
select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT
8794
select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT
@@ -90,9 +97,11 @@ config MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
9097

9198
config MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
9299
bool "DHE-RSA based ciphersuite modes"
100+
select MBEDTLS_RSA_C
93101

94102
config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
95103
bool "ECDHE-RSA based ciphersuite modes"
104+
select MBEDTLS_RSA_C
96105
depends on MBEDTLS_ECDH_C
97106

98107
config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED

modules/mbedtls/configs/config-tls-generic.h

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -368,6 +368,11 @@
368368
#define MBEDTLS_MD_C
369369
#endif
370370

371+
#if defined(CONFIG_MBEDTLS_RSA_C)
372+
#define MBEDTLS_RSA_C
373+
#define MBEDTLS_PKCS1_V21
374+
#endif
375+
371376
/* Automatic dependencies */
372377

373378
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
@@ -379,7 +384,6 @@
379384
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
380385
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
381386
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
382-
#define MBEDTLS_RSA_C
383387
#define MBEDTLS_PKCS1_V15
384388
#define MBEDTLS_PKCS1_V21
385389
#endif

0 commit comments

Comments
 (0)