From 3140f2fac515d0cac9cc385a2a3f33a549321d71 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Tue, 29 Aug 2017 11:32:52 +0100 Subject: [PATCH] Create MBEDTLS_X509_OCSP_PARSE_C feature macro The new MBEDTLS_X509_OCSP_PARSE_C is a feature macro that can be controlled from the config.h file to enable/disable the OCSP X509 feature at compile time. --- include/mbedtls/check_config.h | 5 +++++ include/mbedtls/config.h | 13 +++++++++++++ include/mbedtls/x509_ocsp.h | 3 +++ library/x509_ocsp.c | 3 +++ 4 files changed, 24 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index fa72454e53..38323a08e7 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -642,6 +642,11 @@ #error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_X509_OCSP_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_X509_OCSP_PARSE_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) #error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 47c7196402..390cf91864 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2518,6 +2518,19 @@ */ #define MBEDTLS_X509_CSR_PARSE_C +/** + * \def MBEDTLS_X509_OCSP_PARSE_C + * + * Enable X.509 Online Certificate Status Protocol (OCSP) parsing. + * + * Module: library/x509_ocsp.c + * + * Requires: MBEDTLS_X509_USE_C, MBEDTLS_X509_CRT_PARSE_C + * + * This module is used for reading X.509 OCSP responses. + */ +#define MBEDTLS_X509_OCSP_PARSE_C + /** * \def MBEDTLS_X509_CREATE_C * diff --git a/include/mbedtls/x509_ocsp.h b/include/mbedtls/x509_ocsp.h index 4c6ea72f11..b4f29b1baa 100644 --- a/include/mbedtls/x509_ocsp.h +++ b/include/mbedtls/x509_ocsp.h @@ -53,6 +53,7 @@ #define MBEDTLS_X509_OCSP_CERT_STATUS_REVOKED 1 #define MBEDTLS_X509_OCSP_CERT_STATUS_UNKNOWN 2 +#if defined(MBEDTLS_X509_OCSP_PARSE_C) /** * \addtogroup x509_module * \{ @@ -190,4 +191,6 @@ int mbedtls_x509_ocsp_parse_response_file( mbedtls_x509_ocsp_response *resp, } #endif +#endif /* MBEDTLS_X509_OCSP_PARSE_C */ + #endif /* !MBEDTLS_X509_OCSP_H */ diff --git a/library/x509_ocsp.c b/library/x509_ocsp.c index 3f17950c33..8de9959eb4 100644 --- a/library/x509_ocsp.c +++ b/library/x509_ocsp.c @@ -24,6 +24,8 @@ #include MBEDTLS_CONFIG_FILE #endif +#if defined(MBEDTLS_X509_OCSP_PARSE_C) + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -1528,3 +1530,4 @@ int mbedtls_x509_ocsp_parse_response_file( mbedtls_x509_ocsp_response *resp, return( ret ); } +#endif /* MBEDTLS_X509_OCSP_PARSE_C */