1menu "mbedTLS" 2 3 choice MBEDTLS_MEM_ALLOC_MODE 4 prompt "Memory allocation strategy" 5 default MBEDTLS_INTERNAL_MEM_ALLOC 6 help 7 Allocation strategy for mbedTLS, essentially provides ability to 8 allocate all required dynamic allocations from, 9 10 - Internal DRAM memory only 11 - External SPIRAM memory only 12 - Either internal or external memory based on default malloc() 13 behavior in ESP-IDF 14 - Custom allocation mode, by overwriting calloc()/free() using 15 mbedtls_platform_set_calloc_free() function 16 - Internal IRAM memory wherever applicable else internal DRAM 17 18 Recommended mode here is always internal (*), since that is most preferred 19 from security perspective. But if application requirement does not 20 allow sufficient free internal memory then alternate mode can be 21 selected. 22 23 (*) In case of ESP32-S2/ESP32-S3, hardware allows encryption of external 24 SPIRAM contents provided hardware flash encryption feature is enabled. 25 In that case, using external SPIRAM allocation strategy is also safe choice 26 from security perspective. 27 28 config MBEDTLS_INTERNAL_MEM_ALLOC 29 bool "Internal memory" 30 31 config MBEDTLS_EXTERNAL_MEM_ALLOC 32 bool "External SPIRAM" 33 depends on SPIRAM_USE_CAPS_ALLOC || SPIRAM_USE_MALLOC 34 35 config MBEDTLS_DEFAULT_MEM_ALLOC 36 bool "Default alloc mode" 37 38 config MBEDTLS_CUSTOM_MEM_ALLOC 39 bool "Custom alloc mode" 40 41 config MBEDTLS_IRAM_8BIT_MEM_ALLOC 42 bool "Internal IRAM" 43 depends on ESP32_IRAM_AS_8BIT_ACCESSIBLE_MEMORY 44 help 45 Allows to use IRAM memory region as 8bit accessible region. 46 47 TLS input and output buffers will be allocated in IRAM section which is 32bit aligned 48 memory. Every unaligned (8bit or 16bit) access will result in an exception 49 and incur penalty of certain clock cycles per unaligned read/write. 50 51 endchoice #MBEDTLS_MEM_ALLOC_MODE 52 53 config MBEDTLS_SSL_MAX_CONTENT_LEN 54 int "TLS maximum message content length" 55 default 16384 56 range 512 16384 57 depends on !MBEDTLS_ASYMMETRIC_CONTENT_LEN 58 help 59 Maximum TLS message length (in bytes) supported by mbedTLS. 60 61 16384 is the default and this value is required to comply 62 fully with TLS standards. 63 64 However you can set a lower value in order to save RAM. This 65 is safe if the other end of the connection supports Maximum 66 Fragment Length Negotiation Extension (max_fragment_length, 67 see RFC6066) or you know for certain that it will never send a 68 message longer than a certain number of bytes. 69 70 If the value is set too low, symptoms are a failed TLS 71 handshake or a return value of MBEDTLS_ERR_SSL_INVALID_RECORD 72 (-0x7200). 73 74 config MBEDTLS_ASYMMETRIC_CONTENT_LEN 75 bool "Asymmetric in/out fragment length" 76 default y 77 help 78 If enabled, this option allows customizing TLS in/out fragment length 79 in asymmetric way. Please note that enabling this with default values 80 saves 12KB of dynamic memory per TLS connection. 81 82 config MBEDTLS_SSL_IN_CONTENT_LEN 83 int "TLS maximum incoming fragment length" 84 default 16384 85 range 512 16384 86 depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN 87 help 88 This defines maximum incoming fragment length, overriding default 89 maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). 90 91 config MBEDTLS_SSL_OUT_CONTENT_LEN 92 int "TLS maximum outgoing fragment length" 93 default 4096 94 range 512 16384 95 depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN 96 help 97 This defines maximum outgoing fragment length, overriding default 98 maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). 99 100 config MBEDTLS_DYNAMIC_BUFFER 101 bool "Using dynamic TX/RX buffer" 102 default n 103 select MBEDTLS_ASYMMETRIC_CONTENT_LEN 104 # Dynamic buffer feature is not supported with DTLS 105 depends on !IDF_TARGET_LINUX && !MBEDTLS_SSL_PROTO_DTLS && !MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 106 help 107 Using dynamic TX/RX buffer. After enabling this option, mbedTLS will 108 allocate TX buffer when need to send data and then free it if all data 109 is sent, allocate RX buffer when need to receive data and then free it 110 when all data is used or read by upper layer. 111 112 By default, when SSL is initialized, mbedTLS also allocate TX and 113 RX buffer with the default value of "MBEDTLS_SSL_OUT_CONTENT_LEN" or 114 "MBEDTLS_SSL_IN_CONTENT_LEN", so to save more heap, users can set 115 the options to be an appropriate value. 116 117 config MBEDTLS_DYNAMIC_FREE_CONFIG_DATA 118 bool "Free private key and DHM data after its usage" 119 default n 120 depends on MBEDTLS_DYNAMIC_BUFFER 121 help 122 Free private key and DHM data after its usage in handshake process. 123 124 The option will decrease heap cost when handshake, but also lead to problem: 125 126 Becasue all certificate, private key and DHM data are freed so users should register 127 certificate and private key to ssl config object again. 128 129 config MBEDTLS_DYNAMIC_FREE_CA_CERT 130 bool "Free SSL CA certificate after its usage" 131 default y 132 depends on MBEDTLS_DYNAMIC_FREE_CONFIG_DATA 133 help 134 Free CA certificate after its usage in the handshake process. 135 This option will decrease the heap footprint for the TLS handshake, but may lead to a problem: 136 If the respective ssl object needs to perform the TLS handshake again, 137 the CA certificate should once again be registered to the ssl object. 138 139 config MBEDTLS_DEBUG 140 bool "Enable mbedTLS debugging" 141 default n 142 help 143 Enable mbedTLS debugging functions at compile time. 144 145 If this option is enabled, you can include 146 "mbedtls/esp_debug.h" and call mbedtls_esp_enable_debug_log() 147 at runtime in order to enable mbedTLS debug output via the ESP 148 log mechanism. 149 150 choice MBEDTLS_DEBUG_LEVEL 151 bool "Set mbedTLS debugging level" 152 depends on MBEDTLS_DEBUG 153 default MBEDTLS_DEBUG_LEVEL_VERBOSE 154 help 155 Set mbedTLS debugging level 156 157 config MBEDTLS_DEBUG_LEVEL_WARN 158 bool "Warning" 159 config MBEDTLS_DEBUG_LEVEL_INFO 160 bool "Info" 161 config MBEDTLS_DEBUG_LEVEL_DEBUG 162 bool "Debug" 163 config MBEDTLS_DEBUG_LEVEL_VERBOSE 164 bool "Verbose" 165 endchoice 166 167 config MBEDTLS_DEBUG_LEVEL 168 int 169 default 1 if MBEDTLS_DEBUG_LEVEL_WARN 170 default 2 if MBEDTLS_DEBUG_LEVEL_INFO 171 default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG 172 default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE 173 174 menu "mbedTLS v3.x related" 175 # NOTE: MBEDTLS_DYNAMIC_BUFFER feature is not supported with TLS 1.3 yet. Ref: IDF-4762 176 config MBEDTLS_SSL_PROTO_TLS1_3 177 bool "Support TLS 1.3 protocol" 178 depends on MBEDTLS_TLS_ENABLED && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE && !MBEDTLS_DYNAMIC_BUFFER 179 select MBEDTLS_HKDF_C 180 default n 181 182 menu "TLS 1.3 related configurations" 183 depends on MBEDTLS_SSL_PROTO_TLS1_3 184 185 config MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 186 bool "TLS 1.3 middlebox compatibility mode" 187 default y 188 189 config MBEDTLS_SSL_TLS1_3_KEXM_PSK 190 bool "TLS 1.3 PSK key exchange mode" 191 default y 192 193 config MBEDTLS_SSL_TLS1_3_KEXM_EPHEMERAL 194 bool "TLS 1.3 ephemeral key exchange mode" 195 default y 196 197 config MBEDTLS_SSL_TLS1_3_KEXM_PSK_EPHEMERAL 198 bool "TLS 1.3 PSK ephemeral key exchange mode" 199 default y 200 201 endmenu 202 203 config MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 204 bool "Variable SSL buffer length" 205 default n 206 help 207 This enables the SSL buffer to be resized automatically 208 based on the negotiated maximum fragment length in each direction. 209 210 config MBEDTLS_ECDH_LEGACY_CONTEXT 211 bool "Use a backward compatible ECDH context (Experimental)" 212 default n 213 depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_RESTARTABLE 214 help 215 Use the legacy ECDH context format. 216 Define this option only if you enable MBEDTLS_ECP_RESTARTABLE or if you 217 want to access ECDH context fields directly. 218 219 config MBEDTLS_X509_TRUSTED_CERT_CALLBACK 220 bool "Enable trusted certificate callbacks" 221 default n 222 help 223 Enables users to configure the set of trusted certificates 224 through a callback instead of a linked list. 225 226 See mbedTLS documentation for required API and more details. 227 228 config MBEDTLS_SSL_CONTEXT_SERIALIZATION 229 bool "Enable serialization of the TLS context structures" 230 default n 231 depends on MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C 232 help 233 Enable serialization of the TLS context structures 234 This is a local optimization in handling a single, potentially long-lived connection. 235 236 See mbedTLS documentation for required API and more details. 237 Disabling this option will save some code size. 238 239 config MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 240 bool "Keep peer certificate after handshake completion" 241 default y 242 depends on !MBEDTLS_DYNAMIC_FREE_PEER_CERT 243 help 244 Keep the peer's certificate after completion of the handshake. 245 Disabling this option will save about 4kB of heap and some code size. 246 247 See mbedTLS documentation for required API and more details. 248 249 config MBEDTLS_PKCS7_C 250 bool "Enable PKCS #7" 251 default y 252 depends on MBEDTLS_X509_CRL_PARSE_C 253 help 254 Enable PKCS #7 core for using PKCS #7-formatted signatures. 255 256 menu "DTLS-based configurations" 257 depends on MBEDTLS_SSL_PROTO_DTLS 258 259 config MBEDTLS_SSL_DTLS_CONNECTION_ID 260 bool "Support for the DTLS Connection ID extension" 261 default n 262 help 263 Enable support for the DTLS Connection ID extension which allows to 264 identify DTLS connections across changes in the underlying transport. 265 266 config MBEDTLS_SSL_CID_IN_LEN_MAX 267 int "Maximum length of CIDs used for incoming DTLS messages" 268 default 32 269 range 0 32 270 depends on MBEDTLS_SSL_DTLS_CONNECTION_ID 271 help 272 Maximum length of CIDs used for incoming DTLS messages 273 274 config MBEDTLS_SSL_CID_OUT_LEN_MAX 275 int "Maximum length of CIDs used for outgoing DTLS messages" 276 default 32 277 range 0 32 278 depends on MBEDTLS_SSL_DTLS_CONNECTION_ID 279 help 280 Maximum length of CIDs used for outgoing DTLS messages 281 282 config MBEDTLS_SSL_CID_PADDING_GRANULARITY 283 int "Record plaintext padding (for DTLS 1.2)" 284 default 16 285 range 0 32 286 depends on MBEDTLS_SSL_DTLS_CONNECTION_ID 287 help 288 Controls the use of record plaintext padding when 289 using the Connection ID extension in DTLS 1.2. 290 291 The padding will always be chosen so that the length of the 292 padded plaintext is a multiple of the value of this option. 293 294 Notes: 295 A value of 1 means that no padding will be used for outgoing records. 296 On systems lacking division instructions, a power of two should be preferred. 297 298 config MBEDTLS_SSL_DTLS_SRTP 299 bool "Enable support for negotiation of DTLS-SRTP (RFC 5764)" 300 default n 301 help 302 Enable support for negotiation of DTLS-SRTP (RFC 5764) through the use_srtp extension. 303 304 See mbedTLS documentation for required API and more details. 305 Disabling this option will save some code size. 306 307 endmenu 308 309 endmenu 310 311 menu "Certificate Bundle" 312 313 config MBEDTLS_CERTIFICATE_BUNDLE 314 bool "Enable trusted root certificate bundle" 315 default y 316 help 317 Enable support for large number of default root certificates 318 319 When enabled this option allows user to store default as well 320 as customer specific root certificates in compressed format rather 321 than storing full certificate. For the root certificates the public key and the subject name 322 will be stored. 323 324 choice MBEDTLS_DEFAULT_CERTIFICATE_BUNDLE 325 bool "Default certificate bundle options" 326 depends on MBEDTLS_CERTIFICATE_BUNDLE 327 default MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL 328 329 config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL 330 bool "Use the full default certificate bundle" 331 config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN 332 bool "Use only the most common certificates from the default bundles" 333 help 334 Use only the most common certificates from the default bundles, reducing the size with 50%, 335 while still having around 99% coverage. 336 config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE 337 bool "Do not use the default certificate bundle" 338 endchoice 339 340 config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE 341 depends on MBEDTLS_CERTIFICATE_BUNDLE 342 default n 343 bool "Add custom certificates to the default bundle" 344 config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE_PATH 345 depends on MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE 346 string "Custom certificate bundle path" 347 help 348 Name of the custom certificate directory or file. This path is evaluated 349 relative to the project root directory. 350 351 config MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS 352 int "Maximum no of certificates allowed in certificate bundle" 353 default 200 354 depends on MBEDTLS_CERTIFICATE_BUNDLE 355 356 endmenu 357 358 config MBEDTLS_ECP_RESTARTABLE 359 bool "Enable mbedTLS ecp restartable" 360 select MBEDTLS_ECDH_LEGACY_CONTEXT 361 depends on MBEDTLS_ECP_C 362 default n 363 help 364 Enable "non-blocking" ECC operations that can return early and be resumed. 365 366 config MBEDTLS_CMAC_C 367 bool "Enable CMAC mode for block ciphers" 368 default n 369 depends on MBEDTLS_AES_C || MBEDTLS_DES_C 370 help 371 Enable the CMAC (Cipher-based Message Authentication Code) mode for 372 block ciphers. 373 374 config MBEDTLS_HARDWARE_AES 375 bool "Enable hardware AES acceleration" 376 default y 377 depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_AES_SUPPORTED 378 help 379 Enable hardware accelerated AES encryption & decryption. 380 381 Note that if the ESP32 CPU is running at 240MHz, hardware AES does not 382 offer any speed boost over software AES. 383 384 config MBEDTLS_AES_USE_INTERRUPT 385 bool "Use interrupt for long AES operations" 386 depends on !IDF_TARGET_ESP32 && MBEDTLS_HARDWARE_AES 387 default y 388 help 389 Use an interrupt to coordinate long AES operations. 390 391 This allows other code to run on the CPU while an AES operation is pending. 392 Otherwise the CPU busy-waits. 393 394 config MBEDTLS_HARDWARE_GCM 395 bool "Enable partially hardware accelerated GCM" 396 depends on SOC_AES_SUPPORT_GCM && MBEDTLS_HARDWARE_AES 397 default y 398 help 399 Enable partially hardware accelerated GCM. GHASH calculation is still done 400 in software. 401 402 If MBEDTLS_HARDWARE_GCM is disabled and MBEDTLS_HARDWARE_AES is enabled then 403 mbedTLS will still use the hardware accelerated AES block operation, but 404 on a single block at a time. 405 406 config MBEDTLS_HARDWARE_MPI 407 bool "Enable hardware MPI (bignum) acceleration" 408 default y 409 depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_MPI_SUPPORTED 410 help 411 Enable hardware accelerated multiple precision integer operations. 412 413 Hardware accelerated multiplication, modulo multiplication, 414 and modular exponentiation for up to SOC_RSA_MAX_BIT_LEN bit results. 415 416 These operations are used by RSA. 417 418 config MBEDTLS_MPI_USE_INTERRUPT 419 bool "Use interrupt for MPI exp-mod operations" 420 depends on !IDF_TARGET_ESP32 && MBEDTLS_HARDWARE_MPI 421 default y 422 help 423 Use an interrupt to coordinate long MPI operations. 424 425 This allows other code to run on the CPU while an MPI operation is pending. 426 Otherwise the CPU busy-waits. 427 428 config MBEDTLS_HARDWARE_SHA 429 bool "Enable hardware SHA acceleration" 430 default y 431 depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_SHA_SUPPORTED 432 help 433 Enable hardware accelerated SHA1, SHA256, SHA384 & SHA512 in mbedTLS. 434 435 Due to a hardware limitation, on the ESP32 hardware acceleration is only 436 guaranteed if SHA digests are calculated one at a time. If more 437 than one SHA digest is calculated at the same time, one will 438 be calculated fully in hardware and the rest will be calculated 439 (at least partially calculated) in software. This happens automatically. 440 441 SHA hardware acceleration is faster than software in some situations but 442 slower in others. You should benchmark to find the best setting for you. 443 444 config MBEDTLS_HARDWARE_ECC 445 bool "Enable hardware ECC acceleration" 446 default y 447 depends on SOC_ECC_SUPPORTED 448 help 449 Enable hardware accelerated ECC point multiplication and point verification for points 450 on curve SECP192R1 and SECP256R1 in mbedTLS 451 452 config MBEDTLS_ECC_OTHER_CURVES_SOFT_FALLBACK 453 bool "Fallback to software implementation for curves not supported in hardware" 454 depends on MBEDTLS_HARDWARE_ECC 455 default y 456 help 457 Fallback to software implementation of ECC point multiplication and point verification 458 for curves not supported in hardware. 459 460 config MBEDTLS_ROM_MD5 461 bool "Use MD5 implementation in ROM" 462 default y 463 help 464 Use ROM MD5 in mbedTLS. 465 466 config MBEDTLS_HARDWARE_ECDSA_SIGN 467 bool "Enable ECDSA signing using on-chip ECDSA peripheral" 468 default n 469 depends on SOC_ECDSA_SUPPORTED 470 help 471 Enable hardware accelerated ECDSA peripheral to sign data 472 on curve SECP192R1 and SECP256R1 in mbedTLS. 473 474 Note that for signing, the private key has to be burnt in an efuse key block 475 with key purpose set to ECDSA_KEY. 476 If no key is burnt, it will report an error 477 478 The key should be burnt in little endian format. espefuse.py utility handles it internally 479 but care needs to be taken while burning using esp_efuse APIs 480 481 config MBEDTLS_HARDWARE_ECDSA_VERIFY 482 bool "Enable ECDSA signature verification using on-chip ECDSA peripheral" 483 default y 484 depends on SOC_ECDSA_SUPPORTED 485 help 486 Enable hardware accelerated ECDSA peripheral to verify signature 487 on curve SECP192R1 and SECP256R1 in mbedTLS. 488 489 config MBEDTLS_ATCA_HW_ECDSA_SIGN 490 bool "Enable hardware ECDSA sign acceleration when using ATECC608A" 491 default n 492 help 493 This option enables hardware acceleration for ECDSA sign function, only 494 when using ATECC608A cryptoauth chip (integrated with ESP32-WROOM-32SE) 495 496 config MBEDTLS_ATCA_HW_ECDSA_VERIFY 497 bool "Enable hardware ECDSA verify acceleration when using ATECC608A" 498 default n 499 help 500 This option enables hardware acceleration for ECDSA sign function, only 501 when using ATECC608A cryptoauth chip (integrated with ESP32-WROOM-32SE) 502 503 config MBEDTLS_HAVE_TIME 504 bool "Enable mbedtls time support" 505 depends on !ESP_TIME_FUNCS_USE_NONE 506 default y 507 help 508 Enable use of time.h functions (time() and gmtime()) by mbedTLS. 509 510 This option doesn't require the system time to be correct, but enables 511 functionality that requires relative timekeeping - for example periodic 512 expiry of TLS session tickets or session cache entries. 513 514 Disabling this option will save some firmware size, particularly if 515 the rest of the firmware doesn't call any standard timekeeeping 516 functions. 517 518 config MBEDTLS_PLATFORM_TIME_ALT 519 bool "Enable mbedtls time support: platform-specific" 520 depends on MBEDTLS_HAVE_TIME 521 default n 522 help 523 Enabling this config will provide users with a function 524 "mbedtls_platform_set_time()" that allows to set an alternative 525 time function pointer. 526 527 config MBEDTLS_HAVE_TIME_DATE 528 bool "Enable mbedtls certificate expiry check" 529 depends on MBEDTLS_HAVE_TIME 530 default n 531 help 532 Enables X.509 certificate expiry checks in mbedTLS. 533 534 If this option is disabled (default) then X.509 certificate 535 "valid from" and "valid to" timestamp fields are ignored. 536 537 If this option is enabled, these fields are compared with the 538 current system date and time. The time is retrieved using the 539 standard time() and gmtime() functions. If the certificate is not 540 valid for the current system time then verification will fail with 541 code MBEDTLS_X509_BADCERT_FUTURE or MBEDTLS_X509_BADCERT_EXPIRED. 542 543 Enabling this option requires adding functionality in the firmware 544 to set the system clock to a valid timestamp before using TLS. The 545 recommended way to do this is via ESP-IDF's SNTP functionality, but 546 any method can be used. 547 548 In the case where only a small number of certificates are trusted by 549 the device, please carefully consider the tradeoffs of enabling this 550 option. There may be undesired consequences, for example if all 551 trusted certificates expire while the device is offline and a TLS 552 connection is required to update. Or if an issue with the SNTP 553 server means that the system time is invalid for an extended period 554 after a reset. 555 556 config MBEDTLS_ECDSA_DETERMINISTIC 557 bool "Enable deterministic ECDSA" 558 default y 559 help 560 Standard ECDSA is "fragile" in the sense that lack of entropy when signing 561 may result in a compromise of the long-term signing key. 562 563 config MBEDTLS_SHA512_C 564 bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms" 565 default y 566 help 567 Enable MBEDTLS_SHA512_C adds support for SHA-384 and SHA-512. 568 569 choice MBEDTLS_TLS_MODE 570 bool "TLS Protocol Role" 571 default MBEDTLS_TLS_SERVER_AND_CLIENT 572 help 573 mbedTLS can be compiled with protocol support for the TLS 574 server, TLS client, or both server and client. 575 576 Reducing the number of TLS roles supported saves code size. 577 578 config MBEDTLS_TLS_SERVER_AND_CLIENT 579 bool "Server & Client" 580 select MBEDTLS_TLS_SERVER 581 select MBEDTLS_TLS_CLIENT 582 config MBEDTLS_TLS_SERVER_ONLY 583 bool "Server" 584 select MBEDTLS_TLS_SERVER 585 config MBEDTLS_TLS_CLIENT_ONLY 586 bool "Client" 587 select MBEDTLS_TLS_CLIENT 588 config MBEDTLS_TLS_DISABLED 589 bool "None" 590 591 endchoice 592 593 config MBEDTLS_TLS_SERVER 594 bool 595 select MBEDTLS_TLS_ENABLED 596 config MBEDTLS_TLS_CLIENT 597 bool 598 select MBEDTLS_TLS_ENABLED 599 config MBEDTLS_TLS_ENABLED 600 bool 601 602 menu "TLS Key Exchange Methods" 603 depends on MBEDTLS_TLS_ENABLED 604 605 config MBEDTLS_PSK_MODES 606 bool "Enable pre-shared-key ciphersuites" 607 default n 608 help 609 Enable to show configuration for different types of pre-shared-key TLS authentatication methods. 610 611 Leaving this options disabled will save code size if they are not used. 612 613 config MBEDTLS_KEY_EXCHANGE_PSK 614 bool "Enable PSK based ciphersuite modes" 615 depends on MBEDTLS_PSK_MODES 616 default n 617 help 618 Enable to support symmetric key PSK (pre-shared-key) TLS key exchange modes. 619 620 config MBEDTLS_KEY_EXCHANGE_DHE_PSK 621 bool "Enable DHE-PSK based ciphersuite modes" 622 depends on MBEDTLS_PSK_MODES && MBEDTLS_DHM_C 623 default y 624 help 625 Enable to support Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. 626 627 config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK 628 bool "Enable ECDHE-PSK based ciphersuite modes" 629 depends on MBEDTLS_PSK_MODES && MBEDTLS_ECDH_C 630 default y 631 help 632 Enable to support Elliptic-Curve-Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. 633 634 config MBEDTLS_KEY_EXCHANGE_RSA_PSK 635 bool "Enable RSA-PSK based ciphersuite modes" 636 depends on MBEDTLS_PSK_MODES 637 default y 638 help 639 Enable to support RSA PSK (pre-shared-key) TLS authentication modes. 640 641 config MBEDTLS_KEY_EXCHANGE_RSA 642 bool "Enable RSA-only based ciphersuite modes" 643 default y 644 help 645 Enable to support ciphersuites with prefix TLS-RSA-WITH- 646 647 config MBEDTLS_KEY_EXCHANGE_DHE_RSA 648 bool "Enable DHE-RSA based ciphersuite modes" 649 default y 650 depends on MBEDTLS_DHM_C 651 help 652 Enable to support ciphersuites with prefix TLS-DHE-RSA-WITH- 653 654 config MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE 655 bool "Support Elliptic Curve based ciphersuites" 656 depends on MBEDTLS_ECP_C 657 default y 658 help 659 Enable to show Elliptic Curve based ciphersuite mode options. 660 661 Disabling all Elliptic Curve ciphersuites saves code size and 662 can give slightly faster TLS handshakes, provided the server supports 663 RSA-only ciphersuite modes. 664 665 config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA 666 bool "Enable ECDHE-RSA based ciphersuite modes" 667 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C 668 default y 669 help 670 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 671 672 config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA 673 bool "Enable ECDHE-ECDSA based ciphersuite modes" 674 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C 675 default y 676 help 677 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 678 679 config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA 680 bool "Enable ECDH-ECDSA based ciphersuite modes" 681 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C 682 default y 683 help 684 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 685 686 config MBEDTLS_KEY_EXCHANGE_ECDH_RSA 687 bool "Enable ECDH-RSA based ciphersuite modes" 688 depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C 689 default y 690 help 691 Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- 692 693 config MBEDTLS_KEY_EXCHANGE_ECJPAKE 694 bool "Enable ECJPAKE based ciphersuite modes" 695 depends on MBEDTLS_ECJPAKE_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED 696 default n 697 help 698 Enable to support ciphersuites with prefix TLS-ECJPAKE-WITH- 699 700 endmenu # TLS key exchange modes 701 702 config MBEDTLS_SSL_RENEGOTIATION 703 bool "Support TLS renegotiation" 704 depends on MBEDTLS_TLS_ENABLED 705 default y 706 help 707 The two main uses of renegotiation are (1) refresh keys on long-lived 708 connections and (2) client authentication after the initial handshake. 709 If you don't need renegotiation, disabling it will save code size and 710 reduce the possibility of abuse/vulnerability. 711 712 config MBEDTLS_SSL_PROTO_TLS1_2 713 bool "Support TLS 1.2 protocol" 714 depends on MBEDTLS_TLS_ENABLED 715 default y 716 717 config MBEDTLS_SSL_PROTO_GMTSSL1_1 718 bool "Support GM/T SSL 1.1 protocol" 719 depends on MBEDTLS_TLS_ENABLED 720 default n 721 help 722 Provisions for GM/T SSL 1.1 support 723 724 config MBEDTLS_SSL_PROTO_DTLS 725 bool "Support DTLS protocol (all versions)" 726 default n 727 depends on MBEDTLS_SSL_PROTO_TLS1_2 728 help 729 Requires TLS 1.2 to be enabled for DTLS 1.2 730 731 config MBEDTLS_SSL_ALPN 732 bool "Support ALPN (Application Layer Protocol Negotiation)" 733 depends on MBEDTLS_TLS_ENABLED 734 default y 735 help 736 Disabling this option will save some code size if it is not needed. 737 738 config MBEDTLS_CLIENT_SSL_SESSION_TICKETS 739 bool "TLS: Client Support for RFC 5077 SSL session tickets" 740 default y 741 depends on MBEDTLS_TLS_ENABLED 742 help 743 Client support for RFC 5077 session tickets. See mbedTLS documentation for more details. 744 Disabling this option will save some code size. 745 746 config MBEDTLS_SERVER_SSL_SESSION_TICKETS 747 bool "TLS: Server Support for RFC 5077 SSL session tickets" 748 default y 749 depends on MBEDTLS_TLS_ENABLED && (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) 750 help 751 Server support for RFC 5077 session tickets. See mbedTLS documentation for more details. 752 Disabling this option will save some code size. 753 754 menu "Symmetric Ciphers" 755 756 config MBEDTLS_AES_C 757 bool "AES block cipher" 758 default y 759 760 config MBEDTLS_CAMELLIA_C 761 bool "Camellia block cipher" 762 default n 763 764 config MBEDTLS_DES_C 765 bool "DES block cipher (legacy, insecure)" 766 default n 767 help 768 Enables the DES block cipher to support 3DES-based TLS ciphersuites. 769 770 3DES is vulnerable to the Sweet32 attack and should only be enabled 771 if absolutely necessary. 772 773 config MBEDTLS_BLOWFISH_C 774 bool "Blowfish block cipher (read help)" 775 default n 776 help 777 Enables the Blowfish block cipher (not used for TLS sessions.) 778 779 The Blowfish cipher is not used for mbedTLS TLS sessions but can be 780 used for other purposes. Read up on the limitations of Blowfish (including 781 Sweet32) before enabling. 782 783 config MBEDTLS_XTEA_C 784 bool "XTEA block cipher" 785 default n 786 help 787 Enables the XTEA block cipher. 788 789 790 config MBEDTLS_CCM_C 791 bool "CCM (Counter with CBC-MAC) block cipher modes" 792 default y 793 depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C 794 help 795 Enable Counter with CBC-MAC (CCM) modes for AES and/or Camellia ciphers. 796 797 Disabling this option saves some code size. 798 799 config MBEDTLS_GCM_C 800 bool "GCM (Galois/Counter) block cipher modes" 801 default y 802 depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C 803 help 804 Enable Galois/Counter Mode for AES and/or Camellia ciphers. 805 806 This option is generally faster than CCM. 807 808 config MBEDTLS_NIST_KW_C 809 bool "NIST key wrapping (KW) and KW padding (KWP)" 810 default n 811 depends on MBEDTLS_AES_C 812 help 813 Enable NIST key wrapping and key wrapping padding. 814 815 endmenu # Symmetric Ciphers 816 817 config MBEDTLS_RIPEMD160_C 818 bool "Enable RIPEMD-160 hash algorithm" 819 default n 820 help 821 Enable the RIPEMD-160 hash algorithm. 822 823 menu "Certificates" 824 825 config MBEDTLS_PEM_PARSE_C 826 bool "Read & Parse PEM formatted certificates" 827 default y 828 help 829 Enable decoding/parsing of PEM formatted certificates. 830 831 If your certificates are all in the simpler DER format, disabling 832 this option will save some code size. 833 834 config MBEDTLS_PEM_WRITE_C 835 bool "Write PEM formatted certificates" 836 default y 837 help 838 Enable writing of PEM formatted certificates. 839 840 If writing certificate data only in DER format, disabling this 841 option will save some code size. 842 843 config MBEDTLS_X509_CRL_PARSE_C 844 bool "X.509 CRL parsing" 845 default y 846 help 847 Support for parsing X.509 Certifificate Revocation Lists. 848 849 config MBEDTLS_X509_CSR_PARSE_C 850 bool "X.509 CSR parsing" 851 default y 852 help 853 Support for parsing X.509 Certifificate Signing Requests 854 855 endmenu # Certificates 856 857 menuconfig MBEDTLS_ECP_C 858 bool "Elliptic Curve Ciphers" 859 default y 860 861 config MBEDTLS_DHM_C 862 bool "Diffie-Hellman-Merkle key exchange (DHM)" 863 default n 864 help 865 Enable DHM. Needed to use DHE-xxx TLS ciphersuites. 866 867 Note that the security of Diffie-Hellman key exchanges depends on 868 a suitable prime being used for the exchange. Please see detailed 869 warning text about this in file `mbedtls/dhm.h` file. 870 871 config MBEDTLS_ECDH_C 872 bool "Elliptic Curve Diffie-Hellman (ECDH)" 873 depends on MBEDTLS_ECP_C 874 default y 875 help 876 Enable ECDH. Needed to use ECDHE-xxx TLS ciphersuites. 877 878 config MBEDTLS_ECDSA_C 879 bool "Elliptic Curve DSA" 880 depends on MBEDTLS_ECDH_C 881 default y 882 help 883 Enable ECDSA. Needed to use ECDSA-xxx TLS ciphersuites. 884 885 config MBEDTLS_ECJPAKE_C 886 bool "Elliptic curve J-PAKE" 887 depends on MBEDTLS_ECP_C 888 default n 889 help 890 Enable ECJPAKE. Needed to use ECJPAKE-xxx TLS ciphersuites. 891 892 config MBEDTLS_ECP_DP_SECP192R1_ENABLED 893 bool "Enable SECP192R1 curve" 894 depends on MBEDTLS_ECP_C 895 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 896 help 897 Enable support for SECP192R1 Elliptic Curve. 898 899 config MBEDTLS_ECP_DP_SECP224R1_ENABLED 900 bool "Enable SECP224R1 curve" 901 depends on MBEDTLS_ECP_C 902 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 903 help 904 Enable support for SECP224R1 Elliptic Curve. 905 906 config MBEDTLS_ECP_DP_SECP256R1_ENABLED 907 bool "Enable SECP256R1 curve" 908 depends on MBEDTLS_ECP_C 909 default y 910 help 911 Enable support for SECP256R1 Elliptic Curve. 912 913 config MBEDTLS_ECP_DP_SECP384R1_ENABLED 914 bool "Enable SECP384R1 curve" 915 depends on MBEDTLS_ECP_C 916 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 917 help 918 Enable support for SECP384R1 Elliptic Curve. 919 920 config MBEDTLS_ECP_DP_SECP521R1_ENABLED 921 bool "Enable SECP521R1 curve" 922 depends on MBEDTLS_ECP_C 923 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 924 help 925 Enable support for SECP521R1 Elliptic Curve. 926 927 config MBEDTLS_ECP_DP_SECP192K1_ENABLED 928 bool "Enable SECP192K1 curve" 929 depends on MBEDTLS_ECP_C 930 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 931 help 932 Enable support for SECP192K1 Elliptic Curve. 933 934 config MBEDTLS_ECP_DP_SECP224K1_ENABLED 935 bool "Enable SECP224K1 curve" 936 depends on MBEDTLS_ECP_C 937 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 938 help 939 Enable support for SECP224K1 Elliptic Curve. 940 941 config MBEDTLS_ECP_DP_SECP256K1_ENABLED 942 bool "Enable SECP256K1 curve" 943 depends on MBEDTLS_ECP_C 944 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 945 help 946 Enable support for SECP256K1 Elliptic Curve. 947 948 config MBEDTLS_ECP_DP_BP256R1_ENABLED 949 bool "Enable BP256R1 curve" 950 depends on MBEDTLS_ECP_C 951 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 952 help 953 support for DP Elliptic Curve. 954 955 config MBEDTLS_ECP_DP_BP384R1_ENABLED 956 bool "Enable BP384R1 curve" 957 depends on MBEDTLS_ECP_C 958 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 959 help 960 support for DP Elliptic Curve. 961 962 config MBEDTLS_ECP_DP_BP512R1_ENABLED 963 bool "Enable BP512R1 curve" 964 depends on MBEDTLS_ECP_C 965 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 966 help 967 support for DP Elliptic Curve. 968 969 config MBEDTLS_ECP_DP_CURVE25519_ENABLED 970 bool "Enable CURVE25519 curve" 971 depends on MBEDTLS_ECP_C 972 default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) 973 help 974 Enable support for CURVE25519 Elliptic Curve. 975 976 config MBEDTLS_ECP_NIST_OPTIM 977 bool "NIST 'modulo p' optimisations" 978 depends on MBEDTLS_ECP_C 979 default y 980 help 981 NIST 'modulo p' optimisations increase Elliptic Curve operation performance. 982 983 Disabling this option saves some code size. 984 985 # end of Elliptic Curve options 986 987 config MBEDTLS_POLY1305_C 988 bool "Poly1305 MAC algorithm" 989 default n 990 help 991 Enable support for Poly1305 MAC algorithm. 992 993 config MBEDTLS_CHACHA20_C 994 bool "Chacha20 stream cipher" 995 default n 996 help 997 Enable support for Chacha20 stream cipher. 998 999 config MBEDTLS_CHACHAPOLY_C 1000 bool "ChaCha20-Poly1305 AEAD algorithm" 1001 default n 1002 depends on MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C 1003 help 1004 Enable support for ChaCha20-Poly1305 AEAD algorithm. 1005 1006 config MBEDTLS_HKDF_C 1007 bool "HKDF algorithm (RFC 5869)" 1008 default n 1009 help 1010 Enable support for the Hashed Message Authentication Code 1011 (HMAC)-based key derivation function (HKDF). 1012 1013 config MBEDTLS_THREADING_C 1014 bool "Enable the threading abstraction layer" 1015 default n 1016 help 1017 If you do intend to use contexts between threads, you will need to enable 1018 this layer to prevent race conditions. 1019 1020 config MBEDTLS_THREADING_ALT 1021 bool "Enable threading alternate implementation" 1022 depends on MBEDTLS_THREADING_C 1023 default y 1024 help 1025 Enable threading alt to allow your own alternate threading implementation. 1026 1027 config MBEDTLS_THREADING_PTHREAD 1028 bool "Enable threading pthread implementation" 1029 depends on MBEDTLS_THREADING_C 1030 default n 1031 help 1032 Enable the pthread wrapper layer for the threading layer. 1033 1034 config MBEDTLS_LARGE_KEY_SOFTWARE_MPI 1035 bool "Fallback to software implementation for larger MPI values" 1036 depends on MBEDTLS_HARDWARE_MPI 1037 default y if SOC_RSA_MAX_BIT_LEN <= 3072 # HW max 3072 bits 1038 default n 1039 help 1040 Fallback to software implementation for RSA key lengths 1041 larger than SOC_RSA_MAX_BIT_LEN. If this is not active 1042 then the ESP will be unable to process keys greater 1043 than SOC_RSA_MAX_BIT_LEN. 1044 1045 menuconfig MBEDTLS_SECURITY_RISKS 1046 bool "Show configurations with potential security risks" 1047 default n 1048 1049 config MBEDTLS_ALLOW_UNSUPPORTED_CRITICAL_EXT 1050 bool "X.509 CRT parsing with unsupported critical extensions" 1051 depends on MBEDTLS_SECURITY_RISKS 1052 default n 1053 help 1054 Allow the X.509 certificate parser to load certificates 1055 with unsupported critical extensions 1056 1057endmenu # mbedTLS 1058
