mirror of
https://github.com/espressif/esp-idf.git
synced 2026-05-05 04:15:21 +02:00
secure_element: atecc608_ecdsa example
* Replaced crypotoauthlib with esp-cryptoauthlib * Added menuconfig option for esp-tls about using HSM * Added error codes for HSM in esp-tls, * Added support to select different type of ATECC608A chips * Added README, updated docs * tcp_transport: Added option to enable secure_element for ssl Closes https://github.com/espressif/esp-idf/issues/4432
This commit is contained in:
Aditya Patwardhan
@@ -122,4 +122,8 @@ set_property(TARGET mbedcrypto APPEND PROPERTY LINK_INTERFACE_LIBRARIES mbedtls)
|
||||
# Link mbedtls libraries to component library
|
||||
target_link_libraries(${COMPONENT_LIB} INTERFACE ${mbedtls_targets})
|
||||
|
||||
|
||||
# Link esp-cryptoauthlib to mbedtls
|
||||
if(CONFIG_ATCA_MBEDTLS_ECDSA)
|
||||
idf_component_get_property(cryptoauthlib esp-cryptoauthlib COMPONENT_LIB)
|
||||
target_link_libraries(${COMPONENT_LIB} PUBLIC ${cryptoauthlib})
|
||||
endif()
|
||||
|
||||
+13
-20
@@ -280,21 +280,14 @@ menu "mbedTLS"
|
||||
SHA hardware acceleration is faster than software in some situations but
|
||||
slower in others. You should benchmark to find the best setting for you.
|
||||
|
||||
config MBEDTLS_ATCA_HARDWARE_ECDH
|
||||
bool "Enable hardware ECDH acceleration when using ATECC608A cryptoauth chip"
|
||||
default n
|
||||
help
|
||||
This option enables hardware acceleration for ECDH, only when using
|
||||
ATECC608A cryptoauth chip (integrated with ESP32-WROOM-32SE)
|
||||
|
||||
config MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN
|
||||
config MBEDTLS_ATCA_HW_ECDSA_SIGN
|
||||
bool "Enable hardware ECDSA sign acceleration when using ATECC608A"
|
||||
default n
|
||||
help
|
||||
This option enables hardware acceleration for ECDSA sign function, only
|
||||
when using ATECC608A cryptoauth chip (integrated with ESP32-WROOM-32SE)
|
||||
|
||||
config MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY
|
||||
config MBEDTLS_ATCA_HW_ECDSA_VERIFY
|
||||
bool "Enable hardware ECDSA verify acceleration when using ATECC608A"
|
||||
default n
|
||||
help
|
||||
@@ -671,14 +664,14 @@ menu "mbedTLS"
|
||||
config MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
bool "Enable SECP192R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for SECP192R1 Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_SECP224R1_ENABLED
|
||||
bool "Enable SECP224R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for SECP224R1 Elliptic Curve.
|
||||
|
||||
@@ -692,63 +685,63 @@ menu "mbedTLS"
|
||||
config MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
bool "Enable SECP384R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for SECP384R1 Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||
bool "Enable SECP521R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for SECP521R1 Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_SECP192K1_ENABLED
|
||||
bool "Enable SECP192K1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for SECP192K1 Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_SECP224K1_ENABLED
|
||||
bool "Enable SECP224K1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for SECP224K1 Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_SECP256K1_ENABLED
|
||||
bool "Enable SECP256K1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for SECP256K1 Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_BP256R1_ENABLED
|
||||
bool "Enable BP256R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
support for DP Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_BP384R1_ENABLED
|
||||
bool "Enable BP384R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
support for DP Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||
bool "Enable BP512R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
support for DP Elliptic Curve.
|
||||
|
||||
config MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
bool "Enable CURVE25519 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default y if !(MBEDTLS_ATCA_HARDWARE_ECDH || MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN || MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY)
|
||||
default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY)
|
||||
help
|
||||
Enable support for CURVE25519 Elliptic Curve.
|
||||
|
||||
|
||||
@@ -149,16 +149,11 @@
|
||||
#undef MBEDTLS_MPI_MUL_MPI_ALT
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_MBEDTLS_ATCA_HARDWARE_ECDH
|
||||
#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
|
||||
#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_MBEDTLS_ATCA_HARDWARE_ECDSA_SIGN
|
||||
#ifdef CONFIG_MBEDTLS_ATCA_HW_ECDSA_SIGN
|
||||
#define MBEDTLS_ECDSA_SIGN_ALT
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_MBEDTLS_ATCA_HARDWARE_ECDSA_VERIFY
|
||||
#ifdef CONFIG_MBEDTLS_ATCA_HW_ECDSA_VERIFY
|
||||
#define MBEDTLS_ECDSA_VERIFY_ALT
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user