diff --git a/modules/mbedtls/Kconfig.tls-generic b/modules/mbedtls/Kconfig.tls-generic index f2e73ffaf258..9214d3878caa 100644 --- a/modules/mbedtls/Kconfig.tls-generic +++ b/modules/mbedtls/Kconfig.tls-generic @@ -149,6 +149,7 @@ config MBEDTLS_ECDH_C config MBEDTLS_ECDSA_C bool "Elliptic curve DSA library" depends on MBEDTLS_ECP_C + select MBEDTLS_ASN1_PARSE_C config MBEDTLS_ECJPAKE_C bool "Elliptic curve J-PAKE library" @@ -402,6 +403,31 @@ endif # !(NRF_SECURITY || NORDIC_SECURITY_BACKEND) config MBEDTLS_GENPRIME_ENABLED bool "prime-number generation code." +config MBEDTLS_ASN1_PARSE_C + bool "Support for ASN1 parser functions" + +config MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + bool "Remove usage of standard libc functions" + help + This prevents Mbed TLS from linking against the following standard functions + from libc: `snprintf`, `vsnprintf`, `printf`, `fprintf`, `calloc`, `free`, `setbuf`, `exit` + and `time`. By default Mbed TLS will use stub functions for all these functions. + These stubs are just meant to return successfully, but they don't implement + the required functionality. + Users can individually override each of these stubs by calling + `mbedtls_platform_set_xxx()` to set the their implementation of `xxx()` function + at runtime. + +if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + +config MBEDTLS_PLATFORM_SNPRINTF_ALT + bool "Allow setting custom snprintf at run-time" + help + Allow setting a custom `snprintf()` function with `mbedtls_platform_set_snprintf()`. + Include `mbedtls/platform.h` for the prototype of this function. + +endif # MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + config MBEDTLS_PEM_CERTIFICATE_FORMAT bool "Support for PEM certificate format" help diff --git a/modules/mbedtls/configs/config-tls-generic.h b/modules/mbedtls/configs/config-tls-generic.h index 9d46e3be4824..1165314f1182 100644 --- a/modules/mbedtls/configs/config-tls-generic.h +++ b/modules/mbedtls/configs/config-tls-generic.h @@ -23,6 +23,14 @@ #define MBEDTLS_PLATFORM_ZEROIZE_ALT #endif +#if defined(CONFIG_MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) +#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +#endif /* defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) */ + +#if defined(CONFIG_MBEDTLS_PLATFORM_SNPRINTF_ALT) +#define MBEDTLS_PLATFORM_SNPRINTF_ALT +#endif /* defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) */ + #if defined(CONFIG_MBEDTLS_ENTROPY_POLL_ZEPHYR) #define MBEDTLS_ENTROPY_HARDWARE_ALT #else @@ -431,7 +439,7 @@ #define MBEDTLS_PK_C #endif -#if defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_X509_USE_C) +#if defined(CONFIG_MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_USE_C) #define MBEDTLS_ASN1_PARSE_C #endif