1# Kernel options 2CONFIG_MAIN_STACK_SIZE=4096 3CONFIG_POSIX_API=y 4CONFIG_HEAP_MEM_POOL_SIZE=2048 5 6# Generic networking options 7CONFIG_NETWORKING=y 8 9# Socket 10CONFIG_NET_SOCKETS=y 11CONFIG_NET_SOCKETS_SOCKOPT_TLS=y 12 13# Disable native ethernet driver (using native sockets instead) 14CONFIG_ETH_NATIVE_POSIX=n 15 16# Use native sockets 17CONFIG_NET_SOCKETS=y 18CONFIG_NET_SOCKETS_OFFLOAD=y 19CONFIG_NET_DRIVERS=y 20CONFIG_NET_NATIVE_OFFLOADED_SOCKETS=y 21 22# Mbed TLS configuration 23CONFIG_MBEDTLS=y 24CONFIG_MBEDTLS_BUILTIN=y 25CONFIG_MBEDTLS_ENABLE_HEAP=y 26CONFIG_MBEDTLS_HEAP_SIZE=60000 27CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=2048 28CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT=y 29# Build the PSA Crypto core so that the TLS stack uses the PSA crypto API. 30CONFIG_MBEDTLS_PSA_CRYPTO_C=y 31CONFIG_ENTROPY_GENERATOR=y 32 33# Disable some Kconfigs that are implied by CONFIG_NET_SOCKETS_SOCKOPT_TLS. 34# These are not wrong in general, but specific to a certain case (TLS 1.2 + RSA 35# key exchange/certificate + AES encryption). What we want here instead is to 36# have a basic configuration in this "prj.conf" file and then add algorithm 37# support in overlay files. 38CONFIG_MBEDTLS_TLS_VERSION_1_2=n 39CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_ENABLED=n 40CONFIG_MBEDTLS_CIPHER_AES_ENABLED=n 41CONFIG_PSA_WANT_KEY_TYPE_AES=n 42CONFIG_PSA_WANT_ALG_CBC_NO_PADDING=n 43 44# Logging 45CONFIG_LOG=y 46CONFIG_PRINTK=y 47 48# Debug log options (optional) 49# CONFIG_NET_LOG=y 50# CONFIG_MBEDTLS_LOG_LEVEL_DBG=y 51# CONFIG_MBEDTLS_DEBUG=y 52
