- Added a config option to set the minimum Certificate Verification
mode to Optional
- When this option is enabled, the peer (the client) certificate
is checked by the server, however the handshake continues even if
verification failed.
- By default, the peer certificate is not checked and ignored by the server.
Closes https://github.com/espressif/esp-idf/issues/8664
Using these ciphers can constitute a security risk if the server
uses a weak prime for the key exchange.
Footprint impact:
Roughly 3K saved in text+rodata in default https_request example
purpose)
By default esp-tls client will now return error if no server verify option
is provided, earlier it used to skip the verification by
default.
Added config option to skip server verification by default (for testing
purpose)
Updated required docs
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl
Closes https://github.com/espressif/esp-idf/issues/4432
1)Segregating mbedtls API into seperate file and cleaned esp_tls.c
2)Added support for wolfssl for CMake and make
3)Added support for debug_wolfssl (with menuconfig option)
4)Added info on wolfssl in ESP-TLS docs
Currently, esp-tls supports creation of SSL/TLS connection on the client side.
This commit includes support for creating SSL/TLS connection on the server side.