1# Copyright (c) 2018 Nordic Semiconductor ASA 2# SPDX-License-Identifier: Apache-2.0 3 4menuconfig TLS_CREDENTIALS 5 bool "TLS credentials management" 6 help 7 Enable TLS credentials management subsystem. 8 9if TLS_CREDENTIALS 10 11module = TLS_CREDENTIALS 12module-str = tls_credentials 13source "subsys/logging/Kconfig.template.log_config" 14 15choice TLS_CREDENTIALS_BACKEND 16 prompt "TLS credentials management backend" 17 depends on TLS_CREDENTIALS 18 default TLS_CREDENTIALS_BACKEND_VOLATILE 19 help 20 TLS credentials management backend implementation. 21 22config TLS_CREDENTIALS_BACKEND_VOLATILE 23 bool "TLS credentials management volatile backend" 24 help 25 TLS credentials management volatile backend implementation, 26 storing credentials in system runtime memory. 27 28config TLS_CREDENTIALS_BACKEND_PROTECTED_STORAGE 29 bool "TLS credentials management protected storage backend" 30 depends on BUILD_WITH_TFM 31 help 32 TLS credentials management backend using the Protected Storage 33 API to store credentials with integrity check against physical 34 attacks and keeps entries across system reboot. 35 36endchoice 37 38config TLS_MAX_CREDENTIALS_NUMBER 39 int "Maximum number of TLS credentials" 40 default 4 41 help 42 Maximum number of TLS credentials that can be registered. 43 44config TLS_CREDENTIAL_FILENAMES 45 bool "Specify TLS credential filenames" 46 depends on NET_SOCKETS_OFFLOAD 47 help 48 Allows clients of the socket APIs to specify filenames 49 of security certificates and private keys 50 to use during subsequent TLS/SSL negotiations. 51 The secure files will have been previously provisioned to the 52 device's secure file system; eg, via a vendor tool or 53 by executing a separate binary. 54 This option is currently only available for secure 55 socket offload devices. 56 57endif # TLS_CREDENTIALS 58
