1# TLS/DTLS related options
2
3# Copyright (c) 2018 Intel Corporation
4# Copyright (c) 2018 Nordic Semiconductor ASA
5# SPDX-License-Identifier: Apache-2.0
6
7menu "Mbed TLS configuration"
8	depends on MBEDTLS_BUILTIN && MBEDTLS_CFG_FILE = "config-tls-generic.h"
9
10menu "TLS"
11
12config MBEDTLS_TLS_VERSION_1_2
13	bool "Support for TLS 1.2 (DTLS 1.2)"
14	select MBEDTLS_CIPHER
15	select MBEDTLS_MD
16
17if MBEDTLS_TLS_VERSION_1_2
18
19config MBEDTLS_DTLS
20	bool "Support for DTLS"
21
22endif # MBEDTLS_TLS_VERSION_1_2
23
24config MBEDTLS_TLS_VERSION_1_3
25	bool "Support for TLS 1.3"
26
27if MBEDTLS_TLS_VERSION_1_3
28
29config MBEDTLS_TLS_SESSION_TICKETS
30	bool "Support for RFC 5077 session tickets in TLS 1.3"
31
32endif # MBEDTLS_TLS_VERSION_1_3
33
34if MBEDTLS_TLS_VERSION_1_2 || MBEDTLS_TLS_VERSION_1_3
35
36config MBEDTLS_SSL_ALPN
37	bool "Support for setting the supported Application Layer Protocols"
38
39endif # MBEDTLS_TLS_VERSION_1_2 || MBEDTLS_TLS_VERSION_1_3
40
41endmenu # TLS
42
43menu "Ciphersuite configuration"
44
45comment "Supported key exchange modes"
46
47config MBEDTLS_KEY_EXCHANGE_ALL_ENABLED
48	bool "All available ciphersuite modes"
49	select MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
50	select MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
51	select MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
52	select MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
53	select MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
54	select MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
55	select MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
56	select MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
57	select MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
58	select MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
59	select MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
60
61config MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
62	bool "PSK based ciphersuite modes"
63
64config MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
65	bool "DHE-PSK based ciphersuite modes"
66
67config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
68	bool "ECDHE-PSK based ciphersuite modes"
69	depends on MBEDTLS_ECDH_C
70
71config MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
72	bool "RSA-PSK based ciphersuite modes"
73
74config MBEDTLS_PSK_MAX_LEN
75	int "Max size of TLS pre-shared keys"
76	default 32
77	help
78	  Max size of TLS pre-shared keys, in bytes. It has no effect if no
79	  PSK key exchange is used.
80
81config MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
82	bool "RSA-only based ciphersuite modes"
83	default y if UOSCORE || UEDHOC
84	select MBEDTLS_MD
85	select PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY if PSA_CRYPTO_CLIENT
86	select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT
87	select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT
88	select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT
89
90config MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
91	bool "DHE-RSA based ciphersuite modes"
92
93config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
94	bool "ECDHE-RSA based ciphersuite modes"
95	depends on MBEDTLS_ECDH_C
96
97config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
98	bool "ECDHE-ECDSA based ciphersuite modes"
99	depends on MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C || (PSA_WANT_ALG_ECDH && PSA_WANT_ALG_ECDSA)
100
101config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
102	bool "ECDH-ECDSA based ciphersuite modes"
103	depends on (MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C) || (PSA_WANT_ALG_ECDH && PSA_WANT_ALG_ECDSA)
104
105config MBEDTLS_ECDSA_DETERMINISTIC
106	bool "Deterministic ECDSA (RFC 6979)"
107
108config MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
109	bool "ECDH-RSA based ciphersuite modes"
110	depends on MBEDTLS_ECDH_C
111
112config MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
113	bool "ECJPAKE based ciphersuite modes"
114	depends on MBEDTLS_ECJPAKE_C
115
116if MBEDTLS_TLS_VERSION_1_3
117
118config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
119	bool "TLS 1.3 PSK key exchange mode"
120
121config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
122	bool "TLS 1.3 ephemeral key exchange mode"
123
124config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
125	bool "TLS 1.3 PSK ephemeral key exchange mode"
126
127endif # MBEDTLS_TLS_VERSION_1_3
128
129config MBEDTLS_HKDF_C
130	bool "HMAC-based Extract-and-Expand Key Derivation Function"
131
132comment "Elliptic curve libraries"
133
134config MBEDTLS_ECDH_C
135	bool "Elliptic curve Diffie-Hellman library"
136	depends on MBEDTLS_ECP_C
137
138config MBEDTLS_ECDSA_C
139	bool "Elliptic curve DSA library"
140	depends on MBEDTLS_ECP_C
141	select MBEDTLS_ASN1_PARSE_C
142
143config MBEDTLS_ECJPAKE_C
144	bool "Elliptic curve J-PAKE library"
145	depends on MBEDTLS_ECP_C
146
147config MBEDTLS_ECP_C
148	bool "Elliptic curve over GF(p) library"
149	default y if UOSCORE || UEDHOC
150
151if MBEDTLS_ECP_C
152
153comment "Supported elliptic curves"
154
155config MBEDTLS_ECP_ALL_ENABLED
156	bool "All available elliptic curves"
157	select MBEDTLS_ECP_DP_SECP192R1_ENABLED
158	select MBEDTLS_ECP_DP_SECP192R1_ENABLED
159	select MBEDTLS_ECP_DP_SECP224R1_ENABLED
160	select MBEDTLS_ECP_DP_SECP256R1_ENABLED
161	select MBEDTLS_ECP_DP_SECP384R1_ENABLED
162	select MBEDTLS_ECP_DP_SECP521R1_ENABLED
163	select MBEDTLS_ECP_DP_SECP192K1_ENABLED
164	select MBEDTLS_ECP_DP_SECP224K1_ENABLED
165	select MBEDTLS_ECP_DP_SECP256K1_ENABLED
166	select MBEDTLS_ECP_DP_BP256R1_ENABLED
167	select MBEDTLS_ECP_DP_BP384R1_ENABLED
168	select MBEDTLS_ECP_DP_BP512R1_ENABLED
169	select MBEDTLS_ECP_DP_CURVE25519_ENABLED
170	select MBEDTLS_ECP_DP_CURVE448_ENABLED
171	select MBEDTLS_ECP_NIST_OPTIM
172
173config MBEDTLS_ECP_DP_SECP192R1_ENABLED
174	bool "SECP192R1 elliptic curve"
175
176config MBEDTLS_ECP_DP_SECP224R1_ENABLED
177	bool "SECP224R1 elliptic curve"
178
179config MBEDTLS_ECP_DP_SECP256R1_ENABLED
180	bool "SECP256R1 elliptic curve"
181	default y if UOSCORE || UEDHOC
182
183config MBEDTLS_ECP_DP_SECP384R1_ENABLED
184	bool "SECP384R1 elliptic curve"
185
186config MBEDTLS_ECP_DP_SECP521R1_ENABLED
187	bool "SECP521R1 elliptic curve"
188
189config MBEDTLS_ECP_DP_SECP192K1_ENABLED
190	bool "SECP192K1 elliptic curve"
191
192config MBEDTLS_ECP_DP_SECP224K1_ENABLED
193	bool "SECP224K1 elliptic curve"
194
195config MBEDTLS_ECP_DP_SECP256K1_ENABLED
196	bool "SECP256K1 elliptic curve"
197
198config MBEDTLS_ECP_DP_BP256R1_ENABLED
199	bool "BP256R1 elliptic curve"
200
201config MBEDTLS_ECP_DP_BP384R1_ENABLED
202	bool "BP384R1 elliptic curve"
203
204config MBEDTLS_ECP_DP_BP512R1_ENABLED
205	bool "BP512R1 elliptic curve"
206
207config MBEDTLS_ECP_DP_CURVE25519_ENABLED
208	bool "CURVE25519 elliptic curve"
209
210config MBEDTLS_ECP_DP_CURVE448_ENABLED
211	bool "CURVE448 elliptic curve"
212
213config MBEDTLS_ECP_NIST_OPTIM
214	bool "NSIT curves optimization"
215
216endif
217
218comment "Supported ciphers and cipher modes"
219
220config MBEDTLS_CIPHER_ALL_ENABLED
221	bool "All available ciphers and modes"
222	select MBEDTLS_CIPHER_AES_ENABLED
223	select MBEDTLS_CIPHER_CAMELLIA_ENABLED
224	select MBEDTLS_CIPHER_DES_ENABLED
225	select MBEDTLS_CIPHER_CHACHA20_ENABLED
226	select MBEDTLS_CIPHER_CCM_ENABLED
227	select MBEDTLS_CIPHER_GCM_ENABLED
228	select MBEDTLS_CIPHER_MODE_XTS_ENABLED
229	select MBEDTLS_CIPHER_MODE_CBC_ENABLED
230	select MBEDTLS_CIPHER_MODE_CTR_ENABLED
231	select MBEDTLS_CHACHAPOLY_AEAD_ENABLED
232
233config MBEDTLS_SOME_AEAD_CIPHER_ENABLED
234	bool
235	default y
236	depends on \
237		MBEDTLS_CIPHER_AES_ENABLED || \
238		MBEDTLS_CIPHER_CAMELLIA_ENABLED
239
240config MBEDTLS_SOME_CIPHER_ENABLED
241	bool
242	default y
243	depends on \
244		MBEDTLS_SOME_AEAD_CIPHER_ENABLED || \
245		MBEDTLS_CIPHER_DES_ENABLED || \
246		MBEDTLS_CIPHER_CHACHA20_ENABLED
247
248config MBEDTLS_CIPHER_AES_ENABLED
249	bool "AES block cipher"
250	default y if PSA_WANT_KEY_TYPE_AES && MBEDTLS_PSA_CRYPTO_C
251
252if MBEDTLS_CIPHER_AES_ENABLED
253
254config MBEDTLS_AES_ROM_TABLES
255	bool "Use precomputed AES tables stored in ROM."
256
257config MBEDTLS_AES_FEWER_TABLES
258	bool "Reduce the size of precomputed AES tables by ~6kB"
259	default y
260	depends on MBEDTLS_AES_ROM_TABLES
261	help
262	  Reduce the size of the AES tables at a tradeoff of more
263	  arithmetic operations at runtime. Specifically 4 table
264	  lookups are converted to 1 table lookup, 3 additions
265	  and 6 bit shifts.
266
267config MBEDTLS_CIPHER_MODE_XTS_ENABLED
268	bool "Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES"
269
270endif # MBEDTLS_CIPHER_AES_ENABLED
271
272config MBEDTLS_CIPHER_CAMELLIA_ENABLED
273	bool "Camellia block cipher"
274
275config MBEDTLS_CIPHER_DES_ENABLED
276	bool "DES block cipher"
277
278config MBEDTLS_CIPHER_CHACHA20_ENABLED
279	bool "ChaCha20 stream cipher"
280
281if MBEDTLS_SOME_AEAD_CIPHER_ENABLED
282
283config MBEDTLS_CIPHER_CCM_ENABLED
284	bool "Counter with CBC-MAC (CCM) mode for 128-bit block cipher"
285	default y if UOSCORE || UEDHOC
286
287config MBEDTLS_CIPHER_GCM_ENABLED
288	bool "Galois/Counter Mode (GCM) for symmetric ciphers"
289
290endif # MBEDTLS_SOME_AEAD_CIPHER_ENABLED
291
292if MBEDTLS_SOME_CIPHER_ENABLED
293
294config MBEDTLS_CIPHER_MODE_CBC_ENABLED
295	bool "Cipher Block Chaining mode (CBC) for symmetric ciphers"
296	default y if !NET_L2_OPENTHREAD
297
298config MBEDTLS_CIPHER_MODE_CTR_ENABLED
299	bool "Counter Block Cipher mode (CTR) for symmetric ciphers"
300
301endif # MBEDTLS_SOME_CIPHER_ENABLED
302
303config MBEDTLS_CHACHAPOLY_AEAD_ENABLED
304	bool "ChaCha20-Poly1305 AEAD algorithm"
305	depends on MBEDTLS_CIPHER_CHACHA20_ENABLED && MBEDTLS_POLY1305
306
307config MBEDTLS_CMAC
308	bool "CMAC (Cipher-based Message Authentication Code) mode for block ciphers."
309	depends on MBEDTLS_CIPHER_AES_ENABLED || MBEDTLS_CIPHER_DES_ENABLED
310
311comment "Supported hash algorithms"
312
313config MBEDTLS_HASH_ALL_ENABLED
314	bool "All available MAC methods"
315	select MBEDTLS_MD5
316	select MBEDTLS_SHA1
317	select MBEDTLS_SHA224
318	select MBEDTLS_SHA256
319	select MBEDTLS_SHA384
320	select MBEDTLS_SHA512
321	select MBEDTLS_POLY1305
322
323config MBEDTLS_MD5
324	bool "MD5 hash algorithm"
325
326config MBEDTLS_SHA1
327	bool "SHA-1 hash algorithm"
328
329config MBEDTLS_SHA224
330	bool "SHA-224 hash algorithm"
331
332config MBEDTLS_SHA256
333	bool "SHA-256 hash algorithm"
334	default y
335
336config MBEDTLS_SHA256_SMALLER
337	bool "Smaller SHA-256 implementation"
338	depends on MBEDTLS_SHA256
339	default y
340	help
341	  Enable an implementation of SHA-256 that has a
342	  smaller ROM footprint but also lower performance.
343
344config MBEDTLS_SHA384
345	bool "SHA-384 hash algorithm"
346
347config MBEDTLS_SHA512
348	bool "SHA-512 hash algorithm"
349
350config MBEDTLS_POLY1305
351	bool "Poly1305 hash family"
352
353endmenu
354
355comment "Random number generators"
356
357config MBEDTLS_CTR_DRBG_ENABLED
358	bool "CTR_DRBG AES-256-based random generator"
359	depends on MBEDTLS_CIPHER_AES_ENABLED
360	default y
361
362config MBEDTLS_HMAC_DRBG_ENABLED
363	bool "HMAC_DRBG random generator"
364	select MBEDTLS_MD
365
366comment "Other configurations"
367
368config MBEDTLS_CIPHER
369	bool "generic cipher layer."
370	default y if PSA_WANT_ALG_CMAC
371
372config MBEDTLS_MD
373	bool "generic message digest layer."
374
375config MBEDTLS_GENPRIME_ENABLED
376	bool "prime-number generation code."
377
378config MBEDTLS_ASN1_PARSE_C
379	bool "Support for ASN1 parser functions"
380
381config MBEDTLS_PEM_CERTIFICATE_FORMAT
382	bool "Support for PEM certificate format"
383	help
384	  By default only DER (binary) format of certificates is supported. Enable
385	  this option to enable support for PEM format.
386
387config MBEDTLS_HAVE_ASM
388	bool "Use of assembly code"
389	default y if !ARM
390	help
391	  Enable use of assembly code in mbedTLS. This improves the performances
392	  of asymmetric cryptography, however this might have an impact on the
393	  code size.
394
395config MBEDTLS_ENTROPY_C
396	bool "Mbed TLS entropy accumulator"
397	depends on MBEDTLS_SHA256 || MBEDTLS_SHA384 || MBEDTLS_SHA512
398	help
399	  This module gathers entropy data from enabled entropy sources. It's
400	  mostly used in conjunction with CTR_DRBG or HMAC_DRBG to create
401	  a deterministic random number generator.
402
403config MBEDTLS_ENTROPY_POLL_ZEPHYR
404	bool "Provide entropy data to Mbed TLS through entropy driver or random generator"
405	default y
406	depends on MBEDTLS_ENTROPY_C
407	help
408	  Provide entropy data to the Mbed TLS's entropy module through either
409	  an entropy driver (if available in the system) or a generic random
410	  number generator.
411	  Warning: the latter choice is potentially non secure because it might
412	  end up using weaker/test-only sources (ex: random number generator
413	  built on system timer).
414
415config MBEDTLS_OPENTHREAD_OPTIMIZATIONS_ENABLED
416	bool "MbedTLS optimizations for OpenThread"
417	depends on NET_L2_OPENTHREAD
418	default y if !NET_SOCKETS_SOCKOPT_TLS
419	help
420	  Enable some OpenThread specific mbedTLS optimizations that allows to
421	  save some RAM/ROM when OpenThread is used. Note, that when application
422	  aims to use other mbedTLS services on top of OpenThread (e.g. secure
423	  sockets), it's advised to disable this option.
424
425config MBEDTLS_USER_CONFIG_ENABLE
426	bool "User mbedTLS config file"
427	help
428	  Enable user mbedTLS config file that will be included at the end of
429	  the generic config file.
430
431config MBEDTLS_USER_CONFIG_FILE
432	string "User configuration file for mbed TLS" if MBEDTLS_USER_CONFIG_ENABLE
433	help
434	  User config file that can contain mbedTLS configs that were not
435	  covered by the generic config file.
436
437config MBEDTLS_SERVER_NAME_INDICATION
438	bool "Support for RFC 6066 server name indication (SNI) in SSL"
439	help
440	  Enable this to support RFC 6066 server name indication (SNI) in SSL.
441	  This requires that MBEDTLS_X509_CRT_PARSE_C is also set.
442
443config MBEDTLS_PK_WRITE_C
444	bool "The generic public (asymmetric) key writer"
445	help
446	  Enable generic public key write functions.
447
448config MBEDTLS_HAVE_TIME_DATE
449	bool "Date/time validation in mbed TLS"
450	help
451	  System has time.h, time(), and an implementation for gmtime_r().
452	  There also need to be a valid time source in the system, as mbedTLS
453	  expects a valid date/time for certificate validation."
454
455config MBEDTLS_PKCS5_C
456	bool "Password-based encryption functions"
457	select MBEDTLS_MD
458	help
459	  Enable PKCS5 functions
460
461config MBEDTLS_SSL_CACHE_C
462	bool "SSL session cache support"
463	help
464	  "This option enables simple SSL cache implementation (server side)."
465
466if MBEDTLS_SSL_CACHE_C
467
468config MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT
469	int "Default timeout for SSL cache entires"
470	default 86400
471
472config MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES
473	int "Maximum number of SSL cache entires"
474	default 5
475
476endif # MBEDTLS_SSL_CACHE_C
477
478config MBEDTLS_SSL_EXTENDED_MASTER_SECRET
479	bool "(D)TLS Extended Master Secret extension"
480	depends on MBEDTLS_TLS_VERSION_1_2
481	help
482	  Enable support for the (D)TLS Extended Master Secret extension
483	  which ensures that master secrets are different for every
484	  connection and every session.
485
486choice MBEDTLS_PSA_CRYPTO_RNG_SOURCE
487	prompt "Select random source for built-in PSA crypto"
488	depends on MBEDTLS_PSA_CRYPTO_C
489	# The only way to check if there is any entropy driver available on the
490	# platform is to check if the "zephyr,entropy" chosen property exists.
491	# CONFIG_CSPRNG_ENABLED cannot be used for this because it gets enabled by
492	# entropy drivers but these are gated by CONFIG_ENTROPY_GENERATOR which
493	# is disabled by default.
494	default MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if CSPRNG_AVAILABLE
495	default MBEDTLS_PSA_CRYPTO_LEGACY_RNG
496
497config MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
498	bool "Use a cryptographically secure driver as random source"
499	select ENTROPY_GENERATOR
500	help
501	  Use a cryptographically secure random generator to provide random data
502	  instead of legacy Mbed TLS modules. This has a smaller footprint
503	  than its legacy counterpart MBEDTLS_PSA_CRYPTO_LEGACY_RNG, but it
504	  requires a cryptographically secure random number generator (CSPRNG)
505	  to be available in the system. If no CSPRNG is available:
506	  - there is no fallback to weak entropy random generators.
507	  - the initialization of PSA crypto will fail and none of its API
508	    will be available.
509
510config MBEDTLS_PSA_CRYPTO_LEGACY_RNG
511	bool "Use legacy modules to generate random data"
512	select MBEDTLS_ENTROPY_C
513	select MBEDTLS_HMAC_DRBG_ENABLED if !MBEDTLS_CTR_DRBG_ENABLED
514	# If there is any entropy driver in the system, then the choice would be
515	# CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. If we fall here, then the only
516	# way to get some random data is to enable CONFIG_TEST_RANDOM_GENERATOR.
517	select TEST_RANDOM_GENERATOR
518	help
519	  Use legacy Mbed TLS modules to generate random data. In this
520	  configuration the entropy module is used to gather some data and then
521	  either ctr_drbg or hmac_drbg are applied on top of it to improve
522	  the randomness.
523	  Security level in this case really depends on the type of entropy
524	  sources which are enabled in the system: if weak entropy sources are
525	  used, then the generated data will only be pseudo random. Strong
526	  entropy sources are strongly recommended (if possible) to have real
527	  random data.
528	  Another difference betwen this implementation and the
529	  MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG counterpart is the memory footprint:
530	  this implementation brings in legacy modules which are not required
531	  in the "external" version, so the footprint is larger.
532
533endchoice
534
535config MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG
536	bool "Allow non cryptographically secure random sources (for test only!)"
537	depends on MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
538	help
539	  MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is by default limited to rely only
540	  on cryptographically secure random number generators. However, only
541	  for test purposes, it might be useful to enable external random
542	  number generation, but have it using weak random sources (non
543	  cryptographically secure).
544	  Warning: this is meant to be enabled only for tests, not in production
545	  as the generated values are not cryptographically secure!
546
547config MBEDTLS_PSA_CRYPTO_C
548	bool "Platform Security Architecture cryptography API"
549	depends on !BUILD_WITH_TFM
550	default y if UOSCORE || UEDHOC
551
552config MBEDTLS_USE_PSA_CRYPTO
553	bool "Use PSA APIs instead of legacy MbedTLS when possible"
554	default y if MBEDTLS_PSA_CRYPTO_CLIENT
555	help
556	  Use PSA APIs instead of legacy MbedTLS functions in TLS/DTLS and other
557	  "intermediate" modules such as PK, MD and Cipher.
558
559config MBEDTLS_PSA_CRYPTO_CLIENT
560	bool
561	default y
562	depends on BUILD_WITH_TFM || MBEDTLS_PSA_CRYPTO_C
563	select PSA_CRYPTO_CLIENT
564
565config MBEDTLS_LMS
566	bool "Support LMS signature schemes"
567	depends on MBEDTLS_PSA_CRYPTO_CLIENT
568	depends on MBEDTLS_SHA256
569	select PSA_WANT_ALG_SHA_256
570
571if MBEDTLS_PSA_CRYPTO_C
572
573config MBEDTLS_PSA_P256M_DRIVER_ENABLED
574	bool "P256-M driver"
575	imply PSA_WANT_ALG_SHA_256
576	help
577	  Enable support for the optimized sofware implementation of the secp256r1
578	  curve through the standard PSA API.
579
580config MBEDTLS_PSA_P256M_DRIVER_RAW
581	bool "Access p256-m driver directly (without PSA interface)"
582	depends on MBEDTLS_PSA_P256M_DRIVER_ENABLED
583	help
584	  Allow direct access to the p256-m driver interface.
585	  Warning: Usage of this Kconfig option is prohibited in Zephyr's codebase.
586	           Users can enable it in case of very memory-constrained devices, but be aware that the p256-m interface is absolutely not guaranted to remain stable over time.
587
588config MBEDTLS_PSA_CRYPTO_STORAGE_C
589	bool
590
591config MBEDTLS_PSA_STATIC_KEY_SLOTS
592	bool "Use statically allocated key buffers to store key material"
593	default y if !MBEDTLS_ENABLE_HEAP
594	help
595	  By default Mbed TLS's PSA Crypto core uses heap memory to store the
596	  key material for each key slot. This might impose an undesired
597	  requirement to support heap memory and its management code, affecting
598	  RAM and ROM footprints at the same time.
599	  Enabling this symbol causes Mbed TLS to pre-allocate all the key slot
600	  buffers that are used to store the key material at build time, thus
601	  removing the need for heap memory. Each buffer will be sized to
602	  contain the largest asymmetric/symmetric key type enabled in the build
603	  through PSA_WANT symbols.
604
605config MBEDTLS_PSA_KEY_SLOT_COUNT
606	int "Number of key slots in PSA Crypto core"
607	default 16
608	help
609	  Set the number of key slots that are available in the PSA Crypto core.
610	  Be aware that each slot, even if unused, increases RAM consumption
611	  by ~40 bytes plus:
612	  * the length of the largest asymmetric/symmetric key type enabled in
613	    the build through PSA_WANT symbols, if MBEDTLS_PSA_STATIC_KEY_SLOTS
614	    is set. (This is all defined statically at build time).
615	  * the heap-allocated memory to store the key material of a given slot,
616	    if it is used and MBEDTLS_PSA_STATIC_KEY_SLOTS is not set.
617
618endif # MBEDTLS_PSA_CRYPTO_C
619
620config MBEDTLS_SSL_DTLS_CONNECTION_ID
621	bool "DTLS Connection ID extension"
622	depends on MBEDTLS_DTLS
623	help
624	  Enable support for the DTLS Connection ID extension
625	  which allows to identify DTLS connections across changes
626	  in the underlying transport.
627
628
629config MBEDTLS_NIST_KW_C
630	bool "NIST key wrap"
631	depends on MBEDTLS_CIPHER_AES_ENABLED
632	help
633	  Key Wrapping mode for 128-bit block ciphers,
634	  as defined in NIST SP 800-38F.
635
636config MBEDTLS_DHM_C
637	bool "Diffie-Hellman-Merkle mode"
638	help
639	  Used by the following key exchanges,
640	  DHE-RSA, DHE-PSK
641
642config MBEDTLS_X509_CRL_PARSE_C
643	bool "X.509 CRL parsing"
644	help
645	  Used by X.509 CRL parsing
646
647config MBEDTLS_X509_CSR_WRITE_C
648	bool "X.509 Certificate Signing Requests writing"
649	help
650	  For X.509 certificate request writing.
651
652config MBEDTLS_X509_CSR_PARSE_C
653	bool "X.509 Certificate Signing Request parsing"
654	help
655	  For reading X.509 certificate request.
656
657config MBEDTLS_X509_CRT_WRITE_C
658	bool "X.509 certificate creation"
659
660endmenu
661