2019-05-28 05:49:02 +00:00
|
|
|
menu "ESP-TLS"
|
2019-09-07 10:54:54 +00:00
|
|
|
choice ESP_TLS_LIBRARY_CHOOSE
|
|
|
|
prompt "Choose SSL/TLS library for ESP-TLS (See help for more Info)"
|
|
|
|
default ESP_TLS_USING_MBEDTLS
|
|
|
|
help
|
|
|
|
The ESP-TLS APIs support multiple backend TLS libraries. Currently mbedTLS and WolfSSL are
|
|
|
|
supported. Different TLS libraries may support different features and have different resource
|
|
|
|
usage. Consult the ESP-TLS documentation in ESP-IDF Programming guide for more details.
|
|
|
|
config ESP_TLS_USING_MBEDTLS
|
|
|
|
bool "mbedTLS"
|
|
|
|
config ESP_TLS_USING_WOLFSSL
|
|
|
|
depends on TLS_STACK_WOLFSSL
|
|
|
|
bool "wolfSSL (License info in wolfSSL directory README)"
|
|
|
|
endchoice
|
2019-05-28 05:49:02 +00:00
|
|
|
|
2020-04-06 14:42:52 +00:00
|
|
|
config ESP_TLS_USE_SECURE_ELEMENT
|
|
|
|
bool "Use Secure Element (ATECC608A) with ESP-TLS"
|
|
|
|
depends on IDF_TARGET_ESP32 && ESP_TLS_USING_MBEDTLS
|
|
|
|
select ATCA_MBEDTLS_ECDSA
|
|
|
|
select ATCA_MBEDTLS_ECDSA_SIGN
|
|
|
|
select ATCA_MBEDTLS_ECDSA_VERIFY
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable use of Secure Element for ESP-TLS, this enables internal support for
|
|
|
|
ATECC608A peripheral on ESPWROOM32SE, which can be used for TLS connection.
|
|
|
|
|
2020-06-16 12:40:12 +00:00
|
|
|
config ESP_TLS_USE_DS_PERIPHERAL
|
|
|
|
bool "Use Digital Signature (DS) Peripheral with ESP-TLS"
|
|
|
|
depends on IDF_TARGET_ESP32S2 && ESP_TLS_USING_MBEDTLS
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable use of the Digital Signature Peripheral for ESP-TLS.The DS peripheral
|
|
|
|
can only be used when it is appropriately configured for TLS.
|
|
|
|
Consult the ESP-TLS documentation in ESP-IDF Programming Guide for more details.
|
|
|
|
|
2019-05-28 05:49:02 +00:00
|
|
|
config ESP_TLS_SERVER
|
|
|
|
bool "Enable ESP-TLS Server"
|
2019-09-07 10:54:54 +00:00
|
|
|
default n
|
2019-05-28 05:49:02 +00:00
|
|
|
help
|
2020-01-17 09:27:08 +00:00
|
|
|
Enable support for creating server side SSL/TLS session, available for mbedTLS
|
|
|
|
as well as wolfSSL TLS library.
|
2019-05-28 05:49:02 +00:00
|
|
|
|
2019-05-23 19:48:08 +00:00
|
|
|
config ESP_TLS_PSK_VERIFICATION
|
|
|
|
bool "Enable PSK verification"
|
2020-03-11 11:48:27 +00:00
|
|
|
select MBEDTLS_PSK_MODES if ESP_TLS_USING_MBEDTLS
|
|
|
|
select MBEDTLS_KEY_EXCHANGE_PSK if ESP_TLS_USING_MBEDTLS
|
|
|
|
select MBEDTLS_KEY_EXCHANGE_DHE_PSK if ESP_TLS_USING_MBEDTLS
|
|
|
|
select MBEDTLS_KEY_EXCHANGE_ECDHE_PSK if ESP_TLS_USING_MBEDTLS
|
|
|
|
select MBEDTLS_KEY_EXCHANGE_RSA_PSK if ESP_TLS_USING_MBEDTLS
|
2019-05-23 19:48:08 +00:00
|
|
|
default n
|
|
|
|
help
|
2020-03-11 11:48:27 +00:00
|
|
|
Enable support for pre shared key ciphers, supported for both mbedTLS as well as
|
|
|
|
wolfSSL TLS library.
|
2019-05-23 19:48:08 +00:00
|
|
|
|
2019-09-07 10:54:54 +00:00
|
|
|
config ESP_WOLFSSL_SMALL_CERT_VERIFY
|
|
|
|
bool "Enable SMALL_CERT_VERIFY"
|
|
|
|
depends on ESP_TLS_USING_WOLFSSL
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enables server verification with Intermediate CA cert, does not authenticate full chain
|
|
|
|
of trust upto the root CA cert (After Enabling this option client only needs to have Intermediate
|
|
|
|
CA certificate of the server to authenticate server, root CA cert is not necessary).
|
2019-05-28 05:49:02 +00:00
|
|
|
|
2019-09-07 10:54:54 +00:00
|
|
|
config ESP_DEBUG_WOLFSSL
|
|
|
|
bool "Enable debug logs for wolfSSL"
|
|
|
|
depends on ESP_TLS_USING_WOLFSSL
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable detailed debug prints for wolfSSL SSL library.
|
|
|
|
|
|
|
|
endmenu
|