diff --git a/scripts/config.py b/scripts/config.py index e01b9d541..9f77063e1 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -230,6 +230,35 @@ def baremetal_adapter(name, active, section): return True return include_in_full(name) and keep_in_baremetal(name) +def include_in_crypto(name): + """Rules for symbols in a crypto configuration.""" + if name.startswith('MBEDTLS_X509_') or \ + name.startswith('MBEDTLS_SSL_') or \ + name.startswith('MBEDTLS_KEY_EXCHANGE_'): + return False + if name in [ + 'MBEDTLS_CERTS_C', + 'MBEDTLS_DEBUG_C', + 'MBEDTLS_NET_C', + 'MBEDTLS_PKCS11_C', + ]: + return False + return True + +def crypto_adapter(adapter): + """Modify an adapter to disable non-crypto symbols. + + ``crypto_adapter(adapter)(name, active, section)`` is like + ``adapter(name, active, section)``, but unsets all X.509 and TLS symbols. + """ + def continuation(name, active, section): + if not include_in_crypto(name): + return False + if adapter is None: + return active + return adapter(name, active, section) + return continuation + class ConfigFile(Config): """Representation of the Mbed TLS configuration read for a file. @@ -394,6 +423,14 @@ if __name__ == '__main__': add_adapter('realfull', realfull_adapter, """Uncomment all boolean #defines. Suitable for generating documentation, but not for building.""") + add_adapter('crypto', crypto_adapter(None), + """Only include crypto features. Exclude X.509 and TLS.""") + add_adapter('crypto_baremetal', crypto_adapter(baremetal_adapter), + """Like baremetal, but with only crypto features, + excluding X.509 and TLS.""") + add_adapter('crypto_full', crypto_adapter(full_adapter), + """Like full, but with only crypto features, + excluding X.509 and TLS.""") args = parser.parse_args() config = ConfigFile(args.file)