diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 677be87c0..1efabdc1f 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -860,6 +860,10 @@ #error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && !defined(MBEDTLS_X509_CRT_PARSE_C) +#error "MBEDTLS_SSL_ASYNC_PRIVATE defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \ ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) ) #error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" @@ -1009,6 +1013,11 @@ #error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) && \ + ( !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64) #error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously" #endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 092152d5f..8a4a0d25a 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1408,6 +1408,7 @@ * module to perform private key operations instead of performing the * operation inside the library. * + * Requires: MBEDTLS_X509_CRT_PARSE_C */ //#define MBEDTLS_SSL_ASYNC_PRIVATE @@ -2012,6 +2013,8 @@ * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and * `mbedtls_ssl_conf_ca_cb()` for more information. * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * * Uncomment to enable trusted certificate callbacks. */ //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d166f779a..b53819180 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1277,6 +1277,57 @@ component_test_crypto_full_no_cipher () { make test } +component_test_full_no_bignum () { + msg "build: full minus bignum" + scripts/config.py full + scripts/config.py unset MBEDTLS_BIGNUM_C + # Direct dependencies of bignum + scripts/config.py unset MBEDTLS_ECP_C + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_DHM_C + # Direct dependencies of ECP + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_ECJPAKE_C + scripts/config.py unset MBEDTLS_ECP_RESTARTABLE + # Indirect dependencies of ECP + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED + # Direct dependencies of DHM + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + # Direct dependencies of RSA + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + # PK and its dependencies + scripts/config.py unset MBEDTLS_PK_C + scripts/config.py unset MBEDTLS_PK_PARSE_C + scripts/config.py unset MBEDTLS_PK_WRITE_C + scripts/config.py unset MBEDTLS_X509_USE_C + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_CRL_PARSE_C + scripts/config.py unset MBEDTLS_X509_CSR_PARSE_C + scripts/config.py unset MBEDTLS_X509_CREATE_C + scripts/config.py unset MBEDTLS_X509_CRT_WRITE_C + scripts/config.py unset MBEDTLS_X509_CSR_WRITE_C + scripts/config.py unset MBEDTLS_PKCS7_C + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_SSL_ASYNC_PRIVATE + scripts/config.py unset MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK + + make + + msg "test: full minus bignum" + make test +} + component_test_tls1_2_default_stream_cipher_only () { msg "build: default with only stream cipher"