mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
423e600d46
* Replaced crypotoauthlib with esp-cryptoauthlib * Added menuconfig option for esp-tls about using HSM * Added error codes for HSM in esp-tls, * Added support to select different type of ATECC608A chips * Added README, updated docs * tcp_transport: Added option to enable secure_element for ssl Closes https://github.com/espressif/esp-idf/issues/4432
63 lines
2.6 KiB
Plaintext
63 lines
2.6 KiB
Plaintext
menu "ESP-TLS"
|
|
choice ESP_TLS_LIBRARY_CHOOSE
|
|
prompt "Choose SSL/TLS library for ESP-TLS (See help for more Info)"
|
|
default ESP_TLS_USING_MBEDTLS
|
|
help
|
|
The ESP-TLS APIs support multiple backend TLS libraries. Currently mbedTLS and WolfSSL are
|
|
supported. Different TLS libraries may support different features and have different resource
|
|
usage. Consult the ESP-TLS documentation in ESP-IDF Programming guide for more details.
|
|
config ESP_TLS_USING_MBEDTLS
|
|
bool "mbedTLS"
|
|
config ESP_TLS_USING_WOLFSSL
|
|
depends on TLS_STACK_WOLFSSL
|
|
bool "wolfSSL (License info in wolfSSL directory README)"
|
|
endchoice
|
|
|
|
config ESP_TLS_USE_SECURE_ELEMENT
|
|
bool "Use Secure Element (ATECC608A) with ESP-TLS"
|
|
depends on IDF_TARGET_ESP32 && ESP_TLS_USING_MBEDTLS
|
|
select ATCA_MBEDTLS_ECDSA
|
|
select ATCA_MBEDTLS_ECDSA_SIGN
|
|
select ATCA_MBEDTLS_ECDSA_VERIFY
|
|
default n
|
|
help
|
|
Enable use of Secure Element for ESP-TLS, this enables internal support for
|
|
ATECC608A peripheral on ESPWROOM32SE, which can be used for TLS connection.
|
|
|
|
config ESP_TLS_SERVER
|
|
bool "Enable ESP-TLS Server"
|
|
default n
|
|
help
|
|
Enable support for creating server side SSL/TLS session, available for mbedTLS
|
|
as well as wolfSSL TLS library.
|
|
|
|
config ESP_TLS_PSK_VERIFICATION
|
|
bool "Enable PSK verification"
|
|
select MBEDTLS_PSK_MODES if ESP_TLS_USING_MBEDTLS
|
|
select MBEDTLS_KEY_EXCHANGE_PSK if ESP_TLS_USING_MBEDTLS
|
|
select MBEDTLS_KEY_EXCHANGE_DHE_PSK if ESP_TLS_USING_MBEDTLS
|
|
select MBEDTLS_KEY_EXCHANGE_ECDHE_PSK if ESP_TLS_USING_MBEDTLS
|
|
select MBEDTLS_KEY_EXCHANGE_RSA_PSK if ESP_TLS_USING_MBEDTLS
|
|
default n
|
|
help
|
|
Enable support for pre shared key ciphers, supported for both mbedTLS as well as
|
|
wolfSSL TLS library.
|
|
|
|
config ESP_WOLFSSL_SMALL_CERT_VERIFY
|
|
bool "Enable SMALL_CERT_VERIFY"
|
|
depends on ESP_TLS_USING_WOLFSSL
|
|
default y
|
|
help
|
|
Enables server verification with Intermediate CA cert, does not authenticate full chain
|
|
of trust upto the root CA cert (After Enabling this option client only needs to have Intermediate
|
|
CA certificate of the server to authenticate server, root CA cert is not necessary).
|
|
|
|
config ESP_DEBUG_WOLFSSL
|
|
bool "Enable debug logs for wolfSSL"
|
|
depends on ESP_TLS_USING_WOLFSSL
|
|
default n
|
|
help
|
|
Enable detailed debug prints for wolfSSL SSL library.
|
|
|
|
endmenu
|