1menu "mbedTLS" 2 3 choice MBEDTLS_MEM_ALLOC_MODE 4 prompt "Memory allocation strategy" 5 default MBEDTLS_INTERNAL_MEM_ALLOC 6 help 7 Allocation strategy for mbedTLS, essentially provides ability to 8 allocate all required dynamic allocations from, 9 10 - Internal DRAM memory only 11 - External SPIRAM memory only 12 - Either internal or external memory based on default malloc() 13 behavior in ESP-IDF 14 - Custom allocation mode, by overwriting calloc()/free() using 15 mbedtls_platform_set_calloc_free() function 16 - Internal IRAM memory wherever applicable else internal DRAM 17 18 Recommended mode here is always internal (*), since that is most preferred 19 from security perspective. But if application requirement does not 20 allow sufficient free internal memory then alternate mode can be 21 selected. 22 23 (*) In case of ESP32-S2/ESP32-S3, hardware allows encryption of external 24 SPIRAM contents provided hardware flash encryption feature is enabled. 25 In that case, using external SPIRAM allocation strategy is also safe choice 26 from security perspective. 27 28 config MBEDTLS_INTERNAL_MEM_ALLOC 29 bool "Internal memory" 30 31 config MBEDTLS_EXTERNAL_MEM_ALLOC 32 bool "External SPIRAM" 33 depends on SPIRAM_USE_CAPS_ALLOC || SPIRAM_USE_MALLOC 34 35 config MBEDTLS_DEFAULT_MEM_ALLOC 36 bool "Default alloc mode" 37 38 config MBEDTLS_CUSTOM_MEM_ALLOC 39 bool "Custom alloc mode" 40 41 config MBEDTLS_IRAM_8BIT_MEM_ALLOC 42 bool "Internal IRAM" 43 depends on ESP32_IRAM_AS_8BIT_ACCESSIBLE_MEMORY 44 help 45 Allows to use IRAM memory region as 8bit accessible region. 46 47 TLS input and output buffers will be allocated in IRAM section which is 32bit aligned 48 memory. Every unaligned (8bit or 16bit) access will result in an exception 49 and incur penalty of certain clock cycles per unaligned read/write. 50 51 endchoice #MBEDTLS_MEM_ALLOC_MODE 52 53 config MBEDTLS_SSL_MAX_CONTENT_LEN 54 int "TLS maximum message content length" 55 default 16384 56 range 512 16384 57 depends on !MBEDTLS_ASYMMETRIC_CONTENT_LEN 58 help 59 Maximum TLS message length (in bytes) supported by mbedTLS. 60 61 16384 is the default and this value is required to comply 62 fully with TLS standards. 63 64 However you can set a lower value in order to save RAM. This 65 is safe if the other end of the connection supports Maximum 66 Fragment Length Negotiation Extension (max_fragment_length, 67 see RFC6066) or you know for certain that it will never send a 68 message longer than a certain number of bytes. 69 70 If the value is set too low, symptoms are a failed TLS 71 handshake or a return value of MBEDTLS_ERR_SSL_INVALID_RECORD 72 (-0x7200). 73 74 config MBEDTLS_ASYMMETRIC_CONTENT_LEN 75 bool "Asymmetric in/out fragment length" 76 default y 77 help 78 If enabled, this option allows customizing TLS in/out fragment length 79 in asymmetric way. Please note that enabling this with default values 80 saves 12KB of dynamic memory per TLS connection. 81 82 config MBEDTLS_SSL_IN_CONTENT_LEN 83 int "TLS maximum incoming fragment length" 84 default 16384 85 range 512 16384 86 depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN 87 help 88 This defines maximum incoming fragment length, overriding default 89 maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). 90 91 config MBEDTLS_SSL_OUT_CONTENT_LEN 92 int "TLS maximum outgoing fragment length" 93 default 4096 94 range 512 16384 95 depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN 96 help 97 This defines maximum outgoing fragment length, overriding default 98 maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). 99 100 config MBEDTLS_DYNAMIC_BUFFER 101 bool "Using dynamic TX/RX buffer" 102 default n 103 select MBEDTLS_ASYMMETRIC_CONTENT_LEN 104 # Dynamic buffer feature is not supported with DTLS 105 depends on !MBEDTLS_SSL_PROTO_DTLS && !MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 106 help 107 Using dynamic TX/RX buffer. After enabling this option, mbedTLS will 108 allocate TX buffer when need to send data and then free it if all data 109 is sent, allocate RX buffer when need to receive data and then free it 110 when all data is used or read by upper layer. 111 112 By default, when SSL is initialized, mbedTLS also allocate TX and 113 RX buffer with the default value of "MBEDTLS_SSL_OUT_CONTENT_LEN" or 114 "MBEDTLS_SSL_IN_CONTENT_LEN", so to save more heap, users can set 115 the options to be an appropriate value. 116 117 config MBEDTLS_DYNAMIC_FREE_PEER_CERT 118 bool "Free SSL peer certificate after its usage" 119 default n 120 depends on MBEDTLS_DYNAMIC_BUFFER 121 help 122 Free peer certificate after its usage in handshake process. 123 124 config MBEDTLS_DYNAMIC_FREE_CONFIG_DATA 125 bool "Free private key and DHM data after its usage" 126 default n 127 depends on MBEDTLS_DYNAMIC_BUFFER 128 help 129 Free private key and DHM data after its usage in handshake process. 130 131 The option will decrease heap cost when handshake, but also lead to problem: 132 133 Becasue all certificate, private key and DHM data are freed so users should register 134 certificate and private key to ssl config object again. 135 136 config MBEDTLS_DYNAMIC_FREE_CA_CERT 137 bool "Free SSL CA certificate after its usage" 138 default y 139 depends on MBEDTLS_DYNAMIC_FREE_CONFIG_DATA 140 help 141 Free CA certificate after its usage in the handshake process. 142 This option will decrease the heap footprint for the TLS handshake, but may lead to a problem: 143 If the respective ssl object needs to perform the TLS handshake again, 144 the CA certificate should once again be registered to the ssl object. 145 146 config MBEDTLS_DEBUG 147 bool "Enable mbedTLS debugging" 148 default n 149 help 150 Enable mbedTLS debugging functions at compile time. 151 152 If this option is enabled, you can include 153 "mbedtls/esp_debug.h" and call mbedtls_esp_enable_debug_log() 154 at runtime in order to enable mbedTLS debug output via the ESP 155 log mechanism. 156 157 choice MBEDTLS_DEBUG_LEVEL 158 bool "Set mbedTLS debugging level" 159 depends on MBEDTLS_DEBUG 160 default MBEDTLS_DEBUG_LEVEL_VERBOSE 161 help 162 Set mbedTLS debugging level 163 164 config MBEDTLS_DEBUG_LEVEL_WARN 165 bool "Warning" 166 config MBEDTLS_DEBUG_LEVEL_INFO 167 bool "Info" 168 config MBEDTLS_DEBUG_LEVEL_DEBUG 169 bool "Debug" 170 config MBEDTLS_DEBUG_LEVEL_VERBOSE 171 bool "Verbose" 172 endchoice 173 174 config MBEDTLS_DEBUG_LEVEL 175 int 176 default 1 if MBEDTLS_DEBUG_LEVEL_WARN 177 default 2 if MBEDTLS_DEBUG_LEVEL_INFO 178 default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG 179 default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE 180 181 menu "mbedTLS v2.28.x related" 182 183 config MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 184 bool "Variable SSL buffer length" 185 default n 186 help 187 This enables the SSL buffer to be resized automatically 188 based on the negotiated maximum fragment length in each direction. 189 190 config MBEDTLS_ECDH_LEGACY_CONTEXT 191 bool "Use a backward compatible ECDH context (Experimental)" 192 default y 193 depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_RESTARTABLE 194 help 195 Use the legacy ECDH context format. 196 Define this option only if you enable MBEDTLS_ECP_RESTARTABLE or if you 197 want to access ECDH context fields directly. 198 199 config MBEDTLS_X509_TRUSTED_CERT_CALLBACK 200 bool "Enable trusted certificate callbacks" 201 default n 202 help 203 Enables users to configure the set of trusted certificates 204 through a callback instead of a linked list. 205 206 See mbedTLS documentation for required API and more details. 207 208 config MBEDTLS_SSL_CONTEXT_SERIALIZATION 209 bool "Enable serialization of the TLS context structures" 210 default n 211 help 212 Enable serialization of the TLS context structures 213 This is a local optimization in handling a single, potentially long-lived connection. 214 215 See mbedTLS documentation for required API and more details. 216 Disabling this option will save some code size. 217 218 config MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 219 bool "Keep peer certificate after handshake completion" 220 default y 221 depends on !MBEDTLS_DYNAMIC_FREE_PEER_CERT 222 help 223 Keep the peer's certificate after completion of the handshake. 224 Disabling this option will save about 4kB of heap and some code size. 225 226 See mbedTLS documentation for required API and more details. 227 228 menu "DTLS-based configurations" 229 visible if MBEDTLS_SSL_PROTO_DTLS 230 231 config MBEDTLS_SSL_DTLS_CONNECTION_ID 232 bool "Support for the DTLS Connection ID extension" 233 depends on MBEDTLS_SSL_PROTO_DTLS 234 default n 235 help 236 Enable support for the DTLS Connection ID extension which allows to 237 identify DTLS connections across changes in the underlying transport. 238 The Connection ID extension is still in draft state. 239 Refer: version draft-ietf-tls-dtls-connection-id-05 240 241 config MBEDTLS_SSL_CID_IN_LEN_MAX 242 int "Maximum length of CIDs used for incoming DTLS messages" 243 default 32 244 range 0 32 245 depends on MBEDTLS_SSL_DTLS_CONNECTION_ID 246 help 247 Maximum length of CIDs used for incoming DTLS messages 248 249 config MBEDTLS_SSL_CID_OUT_LEN_MAX 250 int "Maximum length of CIDs used for outgoing DTLS messages" 251 default 32 252 range 0 32 253 depends on MBEDTLS_SSL_DTLS_CONNECTION_ID 254 help 255 Maximum length of CIDs used for outgoing DTLS messages 256 257 config MBEDTLS_SSL_CID_PADDING_GRANULARITY 258 int "Record plaintext padding (for DTLS 1.2)" 259 default 16 260 range 0 32 261 depends on MBEDTLS_SSL_DTLS_CONNECTION_ID 262 help 263 Controls the use of record plaintext padding when 264 using the Connection ID extension in DTLS 1.2. 265 266 The padding will always be chosen so that the length of the 267 padded plaintext is a multiple of the value of this option. 268 269 Notes: 270 A value of 1 means that no padding will be used for outgoing records. 271 On systems lacking division instructions, a power of two should be preferred. 272 273 config MBEDTLS_SSL_DTLS_SRTP 274 bool "Enable support for negotiation of DTLS-SRTP (RFC 5764)" 275 depends on MBEDTLS_SSL_PROTO_DTLS 276 default n 277 help 278 Enable support for negotiation of DTLS-SRTP (RFC 5764) through the use_srtp extension. 279 280 See mbedTLS documentation for required API and more details. 281 Disabling this option will save some code size. 282 283 endmenu 284 285 endmenu 286 287 menu "Certificate Bundle" 288 289 config MBEDTLS_CERTIFICATE_BUNDLE 290 bool "Enable trusted root certificate bundle" 291 default y 292 help 293 Enable support for large number of default root certificates 294 295 When enabled this option allows user to store default as well 296 as customer specific root certificates in compressed format rather 297 than storing full certificate. For the root certificates the public key and the subject name 298 will be stored. 299 300 choice MBEDTLS_DEFAULT_CERTIFICATE_BUNDLE 301 bool "Default certificate bundle options" 302 depends on MBEDTLS_CERTIFICATE_BUNDLE 303 default MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL 304 305 config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL 306 bool "Use the full default certificate bundle" 307 config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN 308 bool "Use only the most common certificates from the default bundles" 309 help 310 Use only the most common certificates from the default bundles, reducing the size with 50%, 311 while still having around 99% coverage. 312 config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE 313 bool "Do not use the default certificate bundle" 314 endchoice 315 316 config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE 317 depends on MBEDTLS_CERTIFICATE_BUNDLE 318 default n 319 bool "Add custom certificates to the default bundle" 320 config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE_PATH 321 depends on MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE 322 string "Custom certificate bundle path" 323 help 324 Name of the custom certificate directory or file. This path is evaluated 325 relative to the project root directory. 326 endmenu 327 328 config MBEDTLS_ECP_RESTARTABLE 329 bool "Enable mbedTLS ecp restartable" 330 default n 331 help 332 Enable "non-blocking" ECC operations that can return early and be resumed. 333 334 config MBEDTLS_CMAC_C 335 bool "Enable CMAC mode for block ciphers" 336 default n 337 depends on MBEDTLS_AES_C || MBEDTLS_DES_C 338 help 339 Enable the CMAC (Cipher-based Message Authentication Code) mode for 340 block ciphers. 341 342 config MBEDTLS_HARDWARE_AES 343 bool "Enable hardware AES acceleration" 344 default y 345 depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST 346 help 347 Enable hardware accelerated AES encryption & decryption. 348 349 Note that if the ESP32 CPU is running at 240MHz, hardware AES does not 350 offer any speed boost over software AES. 351 352 config MBEDTLS_AES_USE_INTERRUPT 353 bool "Use interrupt for long AES operations" 354 depends on !IDF_TARGET_ESP32 && MBEDTLS_HARDWARE_AES 355 default y 356 help 357 Use an interrupt to coordinate long AES operations. 358 359 This allows other code to run on the CPU while an AES operation is pending. 360 Otherwise the CPU busy-waits. 361 362 config MBEDTLS_HARDWARE_GCM 363 bool "Enable partially hardware accelerated GCM" 364 depends on IDF_TARGET_ESP32S2 && MBEDTLS_HARDWARE_AES 365 default y 366 help 367 Enable partially hardware accelerated GCM. GHASH calculation is still done 368 in software. 369 370 If MBEDTLS_HARDWARE_GCM is disabled and MBEDTLS_HARDWARE_AES is enabled then 371 mbedTLS will still use the hardware accelerated AES block operation, but 372 on a single block at a time. 373 374 config MBEDTLS_HARDWARE_MPI 375 bool "Enable hardware MPI (bignum) acceleration" 376 default y 377 depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST 378 help 379 Enable hardware accelerated multiple precision integer operations. 380 381 Hardware accelerated multiplication, modulo multiplication, 382 and modular exponentiation for up to SOC_RSA_MAX_BIT_LEN bit results. 383 384 These operations are used by RSA. 385 386 config MBEDTLS_HARDWARE_SHA 387 bool "Enable hardware SHA acceleration" 388 default y 389 depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST 390 help 391 Enable hardware accelerated SHA1, SHA256, SHA384 & SHA512 in mbedTLS. 392 393 Due to a hardware limitation, on the ESP32 hardware acceleration is only 394 guaranteed if SHA digests are calculated one at a time. If more 395 than one SHA digest is calculated at the same time, one will 396 be calculated fully in hardware and the rest will be calculated 397 (at least partially calculated) in software. This happens automatically. 398 399 SHA hardware acceleration is faster than software in some situations but 400 slower in others. You should benchmark to find the best setting for you. 401 402 config MBEDTLS_ROM_MD5 403 bool "Use MD5 implementation in ROM" 404 default y 405 help 406 Use ROM MD5 in mbedTLS. 407 408 config MBEDTLS_ATCA_HW_ECDSA_SIGN 409 bool "Enable hardware ECDSA sign acceleration when using ATECC608A" 410 default n 411 help 412 This option enables hardware acceleration for ECDSA sign function, only 413 when using ATECC608A cryptoauth chip (integrated with ESP32-WROOM-32SE) 414 415 config MBEDTLS_ATCA_HW_ECDSA_VERIFY 416 bool "Enable hardware ECDSA verify acceleration when using ATECC608A" 417 default n 418 help 419 This option enables hardware acceleration for ECDSA sign function, only 420 when using ATECC608A cryptoauth chip (integrated with ESP32-WROOM-32SE) 421 422 config MBEDTLS_HAVE_TIME 423 bool "Enable mbedtls time support" 424 depends on !ESP_TIME_FUNCS_USE_NONE 425 default y 426 help 427 Enable use of time.h functions (time() and gmtime()) by mbedTLS. 428 429 This option doesn't require the system time to be correct, but enables 430 functionality that requires relative timekeeping - for example periodic 431 expiry of TLS session tickets or session cache entries. 432 433 Disabling this option will save some firmware size, particularly if 434 the rest of the firmware doesn't call any standard timekeeeping 435 functions. 436 437 config MBEDTLS_HAVE_TIME_DATE 438 bool "Enable mbedtls certificate expiry check" 439 depends on MBEDTLS_HAVE_TIME 440 default n 441 help 442 Enables X.509 certificate expiry checks in mbedTLS. 443 444 If this option is disabled (default) then X.509 certificate 445 "valid from" and "valid to" timestamp fields are ignored. 446 447 If this option is enabled, these fields are compared with the 448 current system date and time. The time is retrieved using the 449 standard time() and gmtime() functions. If the certificate is not 450 valid for the current system time then verification will fail with 451 code MBEDTLS_X509_BADCERT_FUTURE or MBEDTLS_X509_BADCERT_EXPIRED. 452 453 Enabling this option requires adding functionality in the firmware 454 to set the system clock to a valid timestamp before using TLS. The 455 recommended way to do this is via ESP-IDF's SNTP functionality, but 456 any method can be used. 457 458 In the case where only a small number of certificates are trusted by 459 the device, please carefully consider the tradeoffs of enabling this 460 option. There may be undesired consequences, for example if all 461 trusted certificates expire while the device is offline and a TLS 462 connection is required to update. Or if an issue with the SNTP 463 server means that the system time is invalid for an extended period 464 after a reset. 465 466 config MBEDTLS_ECDSA_DETERMINISTIC 467 bool "Enable deterministic ECDSA" 468 default y 469 help 470 Standard ECDSA is "fragile" in the sense that lack of entropy when signing 471 may result in a compromise of the long-term signing key. 472 473 config MBEDTLS_SHA512_C 474 bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms" 475 default y 476 help 477 Enable MBEDTLS_SHA512_C adds support for SHA-384 and SHA-512. 478 479 choice MBEDTLS_TLS_MODE 480 bool "TLS Protocol Role" 481 default MBEDTLS_TLS_SERVER_AND_CLIENT 482 help 483 mbedTLS can be compiled with protocol support for the TLS 484 server, TLS client, or both server and client. 485 486 Reducing the number of TLS roles supported saves code size. 487 488 config MBEDTLS_TLS_SERVER_AND_CLIENT 489 bool "Server & Client" 490 select MBEDTLS_TLS_SERVER 491 select MBEDTLS_TLS_CLIENT 492 config MBEDTLS_TLS_SERVER_ONLY 493 bool "Server" 494 select MBEDTLS_TLS_SERVER 495 config MBEDTLS_TLS_CLIENT_ONLY 496 bool "Client" 497 select MBEDTLS_TLS_CLIENT 498 config MBEDTLS_TLS_DISABLED 499 bool "None" 500 501 endchoice 502 503 config MBEDTLS_TLS_SERVER 504 bool 505 select MBEDTLS_TLS_ENABLED 506 config MBEDTLS_TLS_CLIENT 507 bool 508 select MBEDTLS_TLS_ENABLED 509 config MBEDTLS_TLS_ENABLED 510 bool 511 512 menu "TLS Key Exchange Methods" 513 depends on MBEDTLS_TLS_ENABLED 514 515 config MBEDTLS_PSK_MODES 516 bool "Enable pre-shared-key ciphersuites" 517 default n 518 help 519 Enable to show configuration for different types of pre-shared-key TLS authentatication methods. 520 521 Leaving this options disabled will save code size if they are not used. 522 523 config MBEDTLS_KEY_EXCHANGE_PSK 524 bool "Enable PSK based ciphersuite modes" 525 depends on MBEDTLS_PSK_MODES 526 default n 527 help 528 Enable to support symmetric key PSK (pre-shared-key) TLS key exchange modes. 529 530 config MBEDTLS_KEY_EXCHANGE_DHE_PSK 531 bool "Enable DHE-PSK based ciphersuite modes" 532 depends on MBEDTLS_PSK_MODES 533 default y 534 help 535 Enable to support Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. 536 537 config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK 538 bool "Enable ECDHE-PSK based ciphersuite modes" 539 depends on MBEDTLS_PSK_MODES && MBEDTLS_ECDH_C 540 default y 541 help 542 Enable to support Elliptic-Curve-Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. 543 544 config MBEDTLS_KEY_EXCHANGE_RSA_PSK 545 bool "Enable RSA-PSK based ciphersuite modes" 546 depends on MBEDTLS_PSK_MODES 547 default y 548 help 549 Enable to support RSA PSK (pre-shared-key) TLS authentication modes. 550 551 config MBEDTLS_KEY_EXCHANGE_RSA 552 bool "Enable RSA-only based ciphersuite modes" 553 default y 554 help 555 Enable to support ciphersuites with prefix TLS-RSA-WITH- 556 557 config MBEDTLS_KEY_EXCHANGE_DHE_RSA 558 bool "Enable DHE-RSA based ciphersuite modes" 559 default y 560 help 561 Enable to support ciphersuites with prefix TLS-DHE-RSA-WITH- 562 563 config MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE 564 bool "Support Elliptic Curve based ciphersuites" 565 depends on MBEDTLS_ECP_C 566 default y 567 help 568 Enable to show Elliptic Curve based ciphersuite mode options. 569 570 Disabling all Elliptic Curve ciphersuites saves code size and 571 can give slightly faster TLS handshakes, provided the server supports 572 RSA-only ciphersuite modes. 573 574 config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA 575 bool "Enable ECDHE-RSA based ciphersuite modes" 576 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C 577 default y 578 help 579 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 580 581 config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA 582 bool "Enable ECDHE-ECDSA based ciphersuite modes" 583 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C 584 default y 585 help 586 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 587 588 config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA 589 bool "Enable ECDH-ECDSA based ciphersuite modes" 590 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C 591 default y 592 help 593 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 594 595 config MBEDTLS_KEY_EXCHANGE_ECDH_RSA 596 bool "Enable ECDH-RSA based ciphersuite modes" 597 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C 598 default y 599 help 600 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 601 602 config MBEDTLS_KEY_EXCHANGE_ECJPAKE 603 bool "Enable ECJPAKE based ciphersuite modes" 604 depends on MBEDTLS_ECJPAKE_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED 605 default n 606 help 607 Enable to support ciphersuites with prefix TLS-ECJPAKE-WITH- 608 609 endmenu # TLS key exchange modes 610 611 config MBEDTLS_SSL_RENEGOTIATION 612 bool "Support TLS renegotiation" 613 depends on MBEDTLS_TLS_ENABLED 614 default y 615 help 616 The two main uses of renegotiation are (1) refresh keys on long-lived 617 connections and (2) client authentication after the initial handshake. 618 If you don't need renegotiation, disabling it will save code size and 619 reduce the possibility of abuse/vulnerability. 620 621 config MBEDTLS_SSL_PROTO_SSL3 622 bool "Legacy SSL 3.0 support" 623 depends on MBEDTLS_TLS_ENABLED 624 default n 625 help 626 Support the legacy SSL 3.0 protocol. Most servers will speak a newer 627 TLS protocol these days. 628 629 config MBEDTLS_SSL_PROTO_TLS1 630 bool "Support TLS 1.0 protocol" 631 depends on MBEDTLS_TLS_ENABLED 632 default y 633 634 config MBEDTLS_SSL_PROTO_TLS1_1 635 bool "Support TLS 1.1 protocol" 636 depends on MBEDTLS_TLS_ENABLED 637 default y 638 639 config MBEDTLS_SSL_PROTO_TLS1_2 640 bool "Support TLS 1.2 protocol" 641 depends on MBEDTLS_TLS_ENABLED 642 default y 643 644 config MBEDTLS_SSL_PROTO_GMTSSL1_1 645 bool "Support GM/T SSL 1.1 protocol" 646 depends on MBEDTLS_TLS_ENABLED 647 default n 648 help 649 Provisions for GM/T SSL 1.1 support 650 651 config MBEDTLS_SSL_PROTO_DTLS 652 bool "Support DTLS protocol (all versions)" 653 default n 654 depends on MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 655 help 656 Requires TLS 1.1 to be enabled for DTLS 1.0 657 Requires TLS 1.2 to be enabled for DTLS 1.2 658 659 config MBEDTLS_SSL_ALPN 660 bool "Support ALPN (Application Layer Protocol Negotiation)" 661 depends on MBEDTLS_TLS_ENABLED 662 default y 663 help 664 Disabling this option will save some code size if it is not needed. 665 666 config MBEDTLS_CLIENT_SSL_SESSION_TICKETS 667 bool "TLS: Client Support for RFC 5077 SSL session tickets" 668 default y 669 depends on MBEDTLS_TLS_ENABLED 670 help 671 Client support for RFC 5077 session tickets. See mbedTLS documentation for more details. 672 Disabling this option will save some code size. 673 674 config MBEDTLS_X509_CHECK_KEY_USAGE 675 bool "Enable verification of the keyUsage extension" 676 default y 677 depends on MBEDTLS_TLS_ENABLED 678 help 679 Disabling this avoids problems with mis-issued and/or misused (intermediate) CA and leaf certificates. 680 Depending on your PKI use, disabling this can be a security risk. 681 682 config MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE 683 bool "Enable verification of the extendedKeyUsage extension" 684 default y 685 depends on MBEDTLS_TLS_ENABLED 686 help 687 Disabling this avoids problems with mis-issued and/or misused certificates. 688 Depending on your PKI use, disabling this can be a security risk. 689 690 config MBEDTLS_SERVER_SSL_SESSION_TICKETS 691 bool "TLS: Server Support for RFC 5077 SSL session tickets" 692 default y 693 depends on MBEDTLS_TLS_ENABLED 694 help 695 Server support for RFC 5077 session tickets. See mbedTLS documentation for more details. 696 Disabling this option will save some code size. 697 698 menu "Symmetric Ciphers" 699 700 config MBEDTLS_AES_C 701 bool "AES block cipher" 702 default y 703 704 config MBEDTLS_CAMELLIA_C 705 bool "Camellia block cipher" 706 default n 707 708 config MBEDTLS_DES_C 709 bool "DES block cipher (legacy, insecure)" 710 default n 711 help 712 Enables the DES block cipher to support 3DES-based TLS ciphersuites. 713 714 3DES is vulnerable to the Sweet32 attack and should only be enabled 715 if absolutely necessary. 716 717 choice MBEDTLS_RC4_MODE 718 prompt "RC4 Stream Cipher (legacy, insecure)" 719 default MBEDTLS_RC4_DISABLED 720 help 721 ARCFOUR (RC4) stream cipher can be disabled entirely, enabled but not 722 added to default ciphersuites, or enabled completely. 723 724 Please consider the security implications before enabling RC4. 725 726 config MBEDTLS_RC4_DISABLED 727 bool "Disabled" 728 config MBEDTLS_RC4_ENABLED_NO_DEFAULT 729 bool "Enabled, not in default ciphersuites" 730 config MBEDTLS_RC4_ENABLED 731 bool "Enabled" 732 endchoice 733 734 config MBEDTLS_BLOWFISH_C 735 bool "Blowfish block cipher (read help)" 736 default n 737 help 738 Enables the Blowfish block cipher (not used for TLS sessions.) 739 740 The Blowfish cipher is not used for mbedTLS TLS sessions but can be 741 used for other purposes. Read up on the limitations of Blowfish (including 742 Sweet32) before enabling. 743 744 config MBEDTLS_XTEA_C 745 bool "XTEA block cipher" 746 default n 747 help 748 Enables the XTEA block cipher. 749 750 751 config MBEDTLS_CCM_C 752 bool "CCM (Counter with CBC-MAC) block cipher modes" 753 default y 754 depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C 755 help 756 Enable Counter with CBC-MAC (CCM) modes for AES and/or Camellia ciphers. 757 758 Disabling this option saves some code size. 759 760 config MBEDTLS_GCM_C 761 bool "GCM (Galois/Counter) block cipher modes" 762 default y 763 depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C 764 help 765 Enable Galois/Counter Mode for AES and/or Camellia ciphers. 766 767 This option is generally faster than CCM. 768 769 config MBEDTLS_NIST_KW_C 770 bool "NIST key wrapping (KW) and KW padding (KWP)" 771 default n 772 depends on MBEDTLS_AES_C 773 help 774 Enable NIST key wrapping and key wrapping padding. 775 776 endmenu # Symmetric Ciphers 777 778 config MBEDTLS_RIPEMD160_C 779 bool "Enable RIPEMD-160 hash algorithm" 780 default n 781 help 782 Enable the RIPEMD-160 hash algorithm. 783 784 menu "Certificates" 785 786 config MBEDTLS_PEM_PARSE_C 787 bool "Read & Parse PEM formatted certificates" 788 default y 789 help 790 Enable decoding/parsing of PEM formatted certificates. 791 792 If your certificates are all in the simpler DER format, disabling 793 this option will save some code size. 794 795 config MBEDTLS_PEM_WRITE_C 796 bool "Write PEM formatted certificates" 797 default y 798 help 799 Enable writing of PEM formatted certificates. 800 801 If writing certificate data only in DER format, disabling this 802 option will save some code size. 803 804 config MBEDTLS_X509_CRL_PARSE_C 805 bool "X.509 CRL parsing" 806 default y 807 help 808 Support for parsing X.509 Certifificate Revocation Lists. 809 810 config MBEDTLS_X509_CSR_PARSE_C 811 bool "X.509 CSR parsing" 812 default y 813 help 814 Support for parsing X.509 Certifificate Signing Requests 815 816 endmenu # Certificates 817 818 menuconfig MBEDTLS_ECP_C 819 bool "Elliptic Curve Ciphers" 820 default y 821 822 config MBEDTLS_ECDH_C 823 bool "Elliptic Curve Diffie-Hellman (ECDH)" 824 depends on MBEDTLS_ECP_C 825 default y 826 help 827 Enable ECDH. Needed to use ECDHE-xxx TLS ciphersuites. 828 829 config MBEDTLS_ECDSA_C 830 bool "Elliptic Curve DSA" 831 depends on MBEDTLS_ECDH_C 832 default y 833 help 834 Enable ECDSA. Needed to use ECDSA-xxx TLS ciphersuites. 835 836 config MBEDTLS_ECJPAKE_C 837 bool "Elliptic curve J-PAKE" 838 depends on MBEDTLS_ECP_C 839 default n 840 help 841 Enable ECJPAKE. Needed to use ECJPAKE-xxx TLS ciphersuites. 842 843 config MBEDTLS_ECP_DP_SECP192R1_ENABLED 844 bool "Enable SECP192R1 curve" 845 depends on MBEDTLS_ECP_C 846 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 847 help 848 Enable support for SECP192R1 Elliptic Curve. 849 850 config MBEDTLS_ECP_DP_SECP224R1_ENABLED 851 bool "Enable SECP224R1 curve" 852 depends on MBEDTLS_ECP_C 853 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 854 help 855 Enable support for SECP224R1 Elliptic Curve. 856 857 config MBEDTLS_ECP_DP_SECP256R1_ENABLED 858 bool "Enable SECP256R1 curve" 859 depends on MBEDTLS_ECP_C 860 default y 861 help 862 Enable support for SECP256R1 Elliptic Curve. 863 864 config MBEDTLS_ECP_DP_SECP384R1_ENABLED 865 bool "Enable SECP384R1 curve" 866 depends on MBEDTLS_ECP_C 867 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 868 help 869 Enable support for SECP384R1 Elliptic Curve. 870 871 config MBEDTLS_ECP_DP_SECP521R1_ENABLED 872 bool "Enable SECP521R1 curve" 873 depends on MBEDTLS_ECP_C 874 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 875 help 876 Enable support for SECP521R1 Elliptic Curve. 877 878 config MBEDTLS_ECP_DP_SECP192K1_ENABLED 879 bool "Enable SECP192K1 curve" 880 depends on MBEDTLS_ECP_C 881 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 882 help 883 Enable support for SECP192K1 Elliptic Curve. 884 885 config MBEDTLS_ECP_DP_SECP224K1_ENABLED 886 bool "Enable SECP224K1 curve" 887 depends on MBEDTLS_ECP_C 888 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 889 help 890 Enable support for SECP224K1 Elliptic Curve. 891 892 config MBEDTLS_ECP_DP_SECP256K1_ENABLED 893 bool "Enable SECP256K1 curve" 894 depends on MBEDTLS_ECP_C 895 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 896 help 897 Enable support for SECP256K1 Elliptic Curve. 898 899 config MBEDTLS_ECP_DP_BP256R1_ENABLED 900 bool "Enable BP256R1 curve" 901 depends on MBEDTLS_ECP_C 902 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 903 help 904 support for DP Elliptic Curve. 905 906 config MBEDTLS_ECP_DP_BP384R1_ENABLED 907 bool "Enable BP384R1 curve" 908 depends on MBEDTLS_ECP_C 909 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 910 help 911 support for DP Elliptic Curve. 912 913 config MBEDTLS_ECP_DP_BP512R1_ENABLED 914 bool "Enable BP512R1 curve" 915 depends on MBEDTLS_ECP_C 916 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 917 help 918 support for DP Elliptic Curve. 919 920 config MBEDTLS_ECP_DP_CURVE25519_ENABLED 921 bool "Enable CURVE25519 curve" 922 depends on MBEDTLS_ECP_C 923 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 924 help 925 Enable support for CURVE25519 Elliptic Curve. 926 927 config MBEDTLS_ECP_NIST_OPTIM 928 bool "NIST 'modulo p' optimisations" 929 depends on MBEDTLS_ECP_C 930 default y 931 help 932 NIST 'modulo p' optimisations increase Elliptic Curve operation performance. 933 934 Disabling this option saves some code size. 935 936 # end of Elliptic Curve options 937 938 config MBEDTLS_POLY1305_C 939 bool "Poly1305 MAC algorithm" 940 default n 941 help 942 Enable support for Poly1305 MAC algorithm. 943 944 config MBEDTLS_CHACHA20_C 945 bool "Chacha20 stream cipher" 946 default n 947 help 948 Enable support for Chacha20 stream cipher. 949 950 config MBEDTLS_CHACHAPOLY_C 951 bool "ChaCha20-Poly1305 AEAD algorithm" 952 default n 953 depends on MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C 954 help 955 Enable support for ChaCha20-Poly1305 AEAD algorithm. 956 957 config MBEDTLS_HKDF_C 958 bool "HKDF algorithm (RFC 5869)" 959 default n 960 help 961 Enable support for the Hashed Message Authentication Code 962 (HMAC)-based key derivation function (HKDF). 963 964 config MBEDTLS_THREADING_C 965 bool "Enable the threading abstraction layer" 966 default n 967 help 968 If you do intend to use contexts between threads, you will need to enable 969 this layer to prevent race conditions. 970 971 config MBEDTLS_THREADING_ALT 972 bool "Enable threading alternate implementation" 973 depends on MBEDTLS_THREADING_C 974 default y 975 help 976 Enable threading alt to allow your own alternate threading implementation. 977 978 config MBEDTLS_THREADING_PTHREAD 979 bool "Enable threading pthread implementation" 980 depends on MBEDTLS_THREADING_C 981 default n 982 help 983 Enable the pthread wrapper layer for the threading layer. 984 985 config MBEDTLS_LARGE_KEY_SOFTWARE_MPI 986 bool "Fallback to software implementation for larger MPI values" 987 depends on MBEDTLS_HARDWARE_MPI 988 default y if IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32H2 # HW max 3072 bits 989 default n 990 help 991 Fallback to software implementation for RSA key lengths 992 larger than SOC_RSA_MAX_BIT_LEN. If this is not active 993 then the ESP will be unable to process keys greater 994 than SOC_RSA_MAX_BIT_LEN. 995 996 menuconfig MBEDTLS_SECURITY_RISKS 997 bool "Show configurations with potential security risks" 998 default n 999 1000 config MBEDTLS_ALLOW_UNSUPPORTED_CRITICAL_EXT 1001 bool "X.509 CRT parsing with unsupported critical extensions" 1002 depends on MBEDTLS_SECURITY_RISKS 1003 default n 1004 help 1005 Allow the X.509 certificate parser to load certificates 1006 with unsupported critical extensions 1007 1008endmenu # mbedTLS 1009
