From f7be43c83ddda62d73038f55f0555dc36f130d64 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Thu, 24 Apr 2025 10:00:17 +0800 Subject: [PATCH 1/2] feat(mbedtls): adds more configuration options --- components/mbedtls/Kconfig | 472 +++++++++++++++++- .../mbedtls/port/include/mbedtls/esp_config.h | 453 ++++++++++++++++- 2 files changed, 899 insertions(+), 26 deletions(-) diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index 366b06fdf8..903a1dd8d7 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -97,6 +97,13 @@ menu "mbedTLS" This defines maximum outgoing fragment length, overriding default maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). + config MBEDTLS_SSL_SERVER_NAME_INDICATION + bool "Enable server name indication" + default y + depends on MBEDTLS_X509_CRT_PARSE_C + help + Enable support for RFC 6066 server name indication (SNI). + config MBEDTLS_DYNAMIC_BUFFER bool "Using dynamic TX/RX buffer" default n @@ -135,6 +142,19 @@ menu "mbedTLS" This option will decrease the heap footprint for the TLS handshake, but may lead to a problem: If the respective ssl object needs to perform the TLS handshake again, the CA certificate should once again be registered to the ssl object. + config MBEDTLS_VERSION_FEATURES + bool "Enable mbedTLS version features" + default n + help + Enable mbedTLS version features. + This option allows Allow run-time checking of compile-time enabled features. + Disabling this option will save some code size. + + config MBEDTLS_X509_USE_C + bool "Enable X.509 certificate support" + default y + help + Enable X.509 certificate support. config MBEDTLS_DEBUG bool "Enable mbedTLS debugging" @@ -198,6 +218,14 @@ menu "mbedTLS" bool "TLS 1.3 PSK ephemeral key exchange mode" default y + config MBEDTLS_SSL_EARLY_DATA + bool "TLS 1.3 early data" + default n + depends on MBEDTLS_CLIENT_SSL_SESSION_TICKETS && \ + (MBEDTLS_SSL_TLS1_3_KEXM_PSK || MBEDTLS_SSL_TLS1_3_KEXM_EPHEMER) + help + Enable support for TLS 1.3 early data (0-RTT). + endmenu config MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH @@ -234,7 +262,7 @@ menu "mbedTLS" This is a local optimization in handling a single, potentially long-lived connection. See mbedTLS documentation for required API and more details. - Disabling this option will save some code size. + Disabling this option will save some code and RAM size. config MBEDTLS_SSL_KEEP_PEER_CERTIFICATE bool "Keep peer certificate after handshake completion" @@ -257,10 +285,25 @@ menu "mbedTLS" config MBEDTLS_PKCS7_C bool "Enable PKCS number 7" default y - depends on MBEDTLS_X509_CRL_PARSE_C + depends on MBEDTLS_ASN1_PARSE_C && MBEDTLS_OID_C && MBEDTLS_PK_PARSE_C && \ + MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_CRL_PARSE_C && MBEDTLS_BIGNUM_C && MBEDTLS_MD_C help Enable PKCS number 7 core for using PKCS number 7-formatted signatures. + config MBEDTLS_PKCS12_C + bool "Enable PKCS number 12" + default y + depends on MBEDTLS_ASN1_PARSE_C && (MBEDTLS_MD_C) + help + Enable PKCS number 12 core for using PKCS number 12-formatted signatures. + + config MBEDTLS_PKCS5_C + bool "Enable PKCS#5 functions" + default y + select MBEDTLS_MD_C + help + Enable support for PKCS#5 functions. + config MBEDTLS_SSL_CID_PADDING_GRANULARITY int "Record plaintext padding" default 16 @@ -389,6 +432,32 @@ menu "mbedTLS" endmenu + config MBEDTLS_SELF_TEST + bool "Enable mbedTLS self-test" + default y + help + Enable mbedTLS self-test functions. + + config MBEDTLS_PKCS1_V15 + bool "Enable PKCS#1 v1.5 padding" + default y + depends on MBEDTLS_RSA_C + help + Enable support for PKCS#1 v1.5 operations. + + config MBEDTLS_PKCS1_V21 + bool "Enable PKCS#1 v2.1 padding" + default y + depends on MBEDTLS_RSA_C && MBEDTLS_MD_C + help + Enable support for PKCS#1 v2.1 operations. + + config MBEDTLS_PK_RSA_ALT_SUPPORT + bool "Enable RSA alt support" + default y + help + Support external private RSA keys (eg from a HSM) int the PK layer. + config MBEDTLS_ECP_RESTARTABLE bool "Enable mbedTLS ecp restartable" select MBEDTLS_ECDH_LEGACY_CONTEXT @@ -397,10 +466,34 @@ menu "mbedTLS" help Enable "non-blocking" ECC operations that can return early and be resumed. + config MBEDTLS_AES_ROM_TABLES + bool "Store AES tables in ROM" + default y + help + Store the AES tables in ROM instead of generating them at runtime. + Using precomputed ROM tables reduces RAM usage, but increases + flash usage. + + config MBEDTLS_AES_FEWER_TABLES + bool "Use fewer AES tables" + default n + help + Use fewer AES tables to reduce ROM/RAM usage. + Using fewer tables increases the time taken to generate the tables + at runtime, but reduces ROM/RAM usage. + + config MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + bool "Only support 128-bit AES keys" + default n + help + Only support 128-bit AES keys. + This reduces code size, but disables support for 192-bit and + 256-bit AES keys. + config MBEDTLS_CMAC_C bool "Enable CMAC mode for block ciphers" default n - depends on MBEDTLS_AES_C || MBEDTLS_DES_C + depends on (MBEDTLS_AES_C || MBEDTLS_DES_C) && MBEDTLS_CIPHER_C help Enable the CMAC (Cipher-based Message Authentication Code) mode for block ciphers. @@ -507,10 +600,21 @@ menu "mbedTLS" operations using a non-AES cipher, you can safely disable this config, leading to reduction in binary size footprint. + config MBEDTLS_BIGNUM_C + bool "Enable multiple precision integer (bignum) support" + default y + help + Enable support for multiple precision integer (bignum) operations. + + This is required for RSA, DSA, DHM, ECDH and ECDSA. + + If you don't need any of these algorithms, you can disable this option + to save code size. + config MBEDTLS_HARDWARE_MPI bool "Enable hardware MPI (bignum) acceleration" default y - depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_MPI_SUPPORTED + depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_MPI_SUPPORTED && MBEDTLS_BIGNUM_C help Enable hardware accelerated multiple precision integer operations. @@ -519,6 +623,13 @@ menu "mbedTLS" These operations are used by RSA. + config MBEDTLS_GENPRIME + bool "Enable hardware prime number generation" + default y + depends on MBEDTLS_BIGNUM_C + help + Enable prime number generation. + config MBEDTLS_LARGE_KEY_SOFTWARE_MPI bool "Fallback to software implementation for larger MPI values" depends on MBEDTLS_HARDWARE_MPI @@ -567,6 +678,22 @@ menu "mbedTLS" SHA hardware acceleration is faster than software in some situations but slower in others. You should benchmark to find the best setting for you. + config MBEDTLS_SHA256_SMALLER + bool "Enable SHA-256 smaller implementation" + default n + depends on !MBEDTLS_HARDWARE_SHA && MBEDTLS_SHA256_C + help + Enable a smaller implementation of SHA-256 that has lower ROM footprint + but is slower than the default implementation. + + config MBEDTLS_SHA512_SMALLER + bool "Enable SHA-512 smaller implementation" + default n + depends on !MBEDTLS_HARDWARE_SHA && MBEDTLS_SHA512_C + help + Enable a smaller implementation of SHA-512 that has lower ROM footprint + but is slower than the default implementation. + config MBEDTLS_HARDWARE_ECC bool "Enable hardware ECC acceleration" default y @@ -631,7 +758,7 @@ menu "mbedTLS" default y help This option adds a delay after the actual ECDSA signature operation - so that the entire operation appears to be constant time for the software. + so that the entire operation appears to be constant  time for the software. This fix helps in protecting the device only in case of remote timing attack on the ECDSA private key. For e.g., When an interface is exposed by the device to perform ECDSA signature of an arbitrary message. @@ -718,11 +845,69 @@ menu "mbedTLS" config MBEDTLS_ECDSA_DETERMINISTIC bool "Enable deterministic ECDSA" - default y + default n help Standard ECDSA is "fragile" in the sense that lack of entropy when signing may result in a compromise of the long-term signing key. + config MBEDTLS_ENTROPY_C + bool "Enable entropy support" + default y + depends on MBEDTLS_SHA256_C || MBEDTLS_SHA512_C + help + Enable support for entropy sources and provides a generic + entropy pool. + + config MBEDTLS_ENTROPY_FORCE_SHA256 + bool "Force SHA-256 for entropy" + default n + depends on MBEDTLS_SHA256_C && MBEDTLS_SHA512_C + help + Force SHA-256 to be used for the entropy pool if both SHA-256 and SHA-512 are + enabled. On 32-bit architectures, SHA-256 can be faster than SHA-512 + + config MBEDTLS_CTR_DRBG_C + bool "Enable CTR_DRBG" + default y + depends on MBEDTLS_AES_C + help + Enable CTR_DRBG (CTR mode Deterministic Random Bit Generator). + The CTR_DRBG generator uses AES-256 by default. + + config MBEDTLS_HMAC_DRBG_C + bool "Enable HMAC_DRBG" + default n + depends on MBEDTLS_MD_C + help + Enable HMAC_DRBG (HMAC mode Deterministic Random Bit Generator). + + config MBEDTLS_OID_C + bool "Enable OID support" + default y + help + Enable support for Object Identifier (OID) parsing and printing. + This is used by X.509 and PKCS#11. + + config MBEDTLS_MD_C + bool "Enable message digest support" + default y + depends on MBEDTLS_MD5_C || MBEDTLS_RIPEMD160_C || MBEDTLS_SHA1_C || \ + MBEDTLS_SHA224_C || MBEDTLS_SHA256_C || MBEDTLS_SHA384_C || MBEDTLS_SHA512_C + help + Enable generic layer for message digest algorithms. + + config MBEDTLS_MD5_C + bool "Enable the MD5 cryptographic hash algorithm" + default y + help + Enables support for MD5. + This module is required for TLS 1.2 depending on the handshake parameters. + Further, it is used for checking MD5-signed certificates, and for PBKDF1 + when decrypting PEM-encoded encrypted keys. + MD5 is considered a weak message digest and its use constitutes + a security risk. If possible, consider stronger message digests + such as SHA-256 (part of the SHA-2 family). + config MBEDTLS_SHA1_C bool "Enable the SHA-1 cryptographic hash algorithm" default y @@ -738,20 +923,50 @@ menu "mbedTLS" please consider testing the changes in a controlled environment for individual features like OTA updates, cloud connectivity, secure local control, etc. + config MBEDTLS_SHA224_C + bool "Enable the SHA-224 cryptographic hash algorithm" + default n + help + Enable MBEDTLS_SHA224_C adds support for SHA-224. + + config MBEDTLS_SHA256_C + bool "Enable the SHA-256 cryptographic hash algorithm" + default y + help + Enable MBEDTLS_SHA256_C adds support for SHA-256. + + config MBEDTLS_SHA384_C + bool "Enable the SHA-384 cryptographic hash algorithm" + default y + help + Enable MBEDTLS_SHA384_C adds support for SHA-384. + config MBEDTLS_SHA512_C bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms" default y help - Enable MBEDTLS_SHA512_C adds support for SHA-384 and SHA-512. + Enable MBEDTLS_SHA512_C adds support for SHA-512. config MBEDTLS_SHA3_C bool "Enable the SHA3 cryptographic hash algorithm" - default n + default y help Enabling MBEDTLS_SHA3_C adds support for SHA3. Enabling this configuration option increases the flash footprint by almost 4KB. + config MBEDTLS_SSL_CACHE_C + bool "Enable SSL session cache" + default y + help + Enable simple SSL session cache implementation. + + config MBEDTLS_SSL_COOKIE_C + bool "Enable SSL session cookie" + default n + help + Enable basic DTLS cookie implementation for hello verification. + choice MBEDTLS_TLS_MODE bool "TLS Protocol Role" default MBEDTLS_TLS_SERVER_AND_CLIENT @@ -885,6 +1100,29 @@ menu "mbedTLS" endmenu # TLS key exchange modes + config MBEDTLS_SSL_RECORD_SIZE_LIMIT + bool "Enable support for record size limit" + default y + depends on MBEDTLS_SSL_PROTO_TLS1_3 + help + Enable support for record size limit in TLS 1.3. + + + config MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + bool "Enable support for TLS max fragment length extension" + default y + help + Enable support for the TLS max fragment length extension. + + config MBEDTLS_SSL_ALL_ALERT_MESSAGES + bool "Enable all TLS alert messages" + default y + help + Enable all TLS alert messages in case of encountered errors as per RFC. + If disabled, Mbed TLS can still communicate with other servers, only debugging of failures is harder. + The advantage of not sending alert messages, is that no information is given about reasons for failures + thus preventing adversaries of gaining intel. + config MBEDTLS_SSL_RENEGOTIATION bool "Support TLS renegotiation" depends on MBEDTLS_TLS_ENABLED && MBEDTLS_SSL_PROTO_TLS1_2 @@ -937,6 +1175,24 @@ menu "mbedTLS" Server support for RFC 5077 session tickets. See mbedTLS documentation for more details. Disabling this option will save some code size. + config MBEDTLS_BASE64_C + bool "Enable Base64 encoding/decoding" + default y + help + Enable Base64 encoding and decoding functions. This is required for PEM support. + + config MBEDTLS_ASN1_PARSE_C + bool "Enable ASN.1 parsing" + default y + help + Enable ASN.1 parsing functions. + + config MBEDTLS_ASN1_WRITE_C + bool "Enable ASN.1 writing" + default y + help + Enable ASN.1 writing functions. + menu "Symmetric Ciphers" config MBEDTLS_AES_C @@ -947,6 +1203,17 @@ menu "mbedTLS" bool "Camellia block cipher" default n + config MBEDTLS_ARIA_C + bool "ARIA block cipher" + default n + + config MBEDTLS_CAMELLIA_SMALL_MEMORY + bool "Use small memory implementation of Camellia" + default n + depends on MBEDTLS_CAMELLIA_C + help + Reduces ROM usage of the Camellia implementation + config MBEDTLS_DES_C bool "DES block cipher (legacy, insecure)" default n @@ -982,10 +1249,46 @@ menu "mbedTLS" Disabling this option saves some code size. + config MBEDTLS_CIPHER_MODE_CBC + bool "CBC (Cipher Block Chaining) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Cipher Block Chaining (CBC) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_CFB + bool "CFB (Cipher Feedback) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Cipher Feedback (CFB) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_CTR + bool "CTR (Counter) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Counter (CTR) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_OFB + bool "OFB (Output Feedback) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Output Feedback (OFB) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_XTS + bool "XTS (XEX Tweakable Block Cipher with Ciphertext Stealing) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable XEX Tweakable Block Cipher with Ciphertext Stealing (XTS) modes + for AES and/or Camellia ciphers. + config MBEDTLS_GCM_C bool "GCM (Galois/Counter) block cipher modes" default y - depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + depends on (MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C) && MBEDTLS_CIPHER_C help Enable Galois/Counter Mode for AES and/or Camellia ciphers. @@ -994,10 +1297,53 @@ menu "mbedTLS" config MBEDTLS_NIST_KW_C bool "NIST key wrapping (KW) and KW padding (KWP)" default n - depends on MBEDTLS_AES_C + depends on MBEDTLS_AES_C && MBEDTLS_CIPHER_C help Enable NIST key wrapping and key wrapping padding. + config MBEDTLS_CIPHER_PADDING + bool "Cipher padding" + default y + depends on MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB + help + Enable padding for block ciphers. + + Padding is only used for block ciphers in CBC, CFB, CTR and OFB modes. + If you are using a stream cipher or a block cipher in ECB mode, you can + disable this option to save code size. + + config MBEDTLS_CIPHER_PADDING_PKCS7 + bool "PKCS#7 padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable PKCS#7 padding for block ciphers. + + config MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS + bool "One and zeros padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable one and zeros padding for block ciphers. + + config MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN + bool "Zeros and length padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable zeros and length padding for block ciphers. + + config MBEDTLS_CIPHER_PADDING_ZEROS + bool "Zeros padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable zeros padding for block ciphers. + endmenu # Symmetric Ciphers config MBEDTLS_RIPEMD160_C @@ -1026,17 +1372,83 @@ menu "mbedTLS" If writing certificate data only in DER format, disabling this option will save some code size. + config MBEDTLS_PK_C + bool "Enable generic public key layer" + default y + depends on MBEDTLS_MD_C && (MBEDTLS_RSA_C || MBEDTLS_ECP_C) + help + Enable support for generic public key layer. + + config MBEDTLS_PK_PARSE_C + bool "Enables generic public key parsing functions" + default y + depends on MBEDTLS_ASN1_PARSE_C && MBEDTLS_PK_C && MBEDTLS_OID_C + help + Enable generic public key parsing functions. + + config MBEDTLS_PK_WRITE_C + bool "Enables generic public key writing functions" + default y + depends on MBEDTLS_PK_C && MBEDTLS_OID_C && MBEDTLS_ASN1_WRITE_C + help + Enable generic public key writing functions. + + config MBEDTLS_X509_REMOVE_INFO + bool "Remove X.509 debug info" + default n + help + Removes mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() and other + functions/constants only used by these functions. + This will save some code size. + config MBEDTLS_X509_CRL_PARSE_C bool "X.509 CRL parsing" default y help Support for parsing X.509 Certificate Revocation Lists. + config MBEDTLS_X509_CRT_PARSE_C + bool "Enable X.509 certificate parsing" + default y + depends on MBEDTLS_X509_USE_C + help + Enable X.509 certificate parsing. + This is required for TLS and DTLS. + config MBEDTLS_X509_CSR_PARSE_C bool "X.509 CSR parsing" default y help Support for parsing X.509 Certificate Signing Requests + config MBEDTLS_X509_CREATE_C + bool "X.509 certificate creation" + default y + depends on MBEDTLS_BIGNUM_C && MBEDTLS_OID_C && \ + MBEDTLS_PK_WRITE_C && MBEDTLS_MD_C + help + Support for creating X.509 certificates and CSRs. + + config MBEDTLS_X509_CRT_WRITE_C + bool "X.509 certificate writing" + default y + depends on MBEDTLS_X509_CREATE_C + help + Support for writing X.509 certificates + + config MBEDTLS_X509_CSR_WRITE_C + bool "X.509 CSR writing" + default y + depends on MBEDTLS_X509_CREATE_C + help + Support for writing X.509 CSRs + + config MBEDTLS_X509_RSASSA_PSS_SUPPORT + bool "X.509 PSS support" + default y + select MBEDTLS_PKCS1_V21 + depends on MBEDTLS_X509_CRL_PARSE_C || MBEDTLS_X509_CSR_PARSE_C || MBEDTLS_X509_CRT_PARSE_C + help + Support for parsing X.509 certificates with RSASSA-PSS signatures. endmenu # Certificates @@ -1064,6 +1476,8 @@ menu "mbedTLS" config MBEDTLS_DHM_C bool "Diffie-Hellman-Merkle key exchange (DHM)" default n + select MBEDTLS_BIGNUM_C + depends on MBEDTLS_ECP_C help Enable DHM. Needed to use DHE-xxx TLS ciphersuites. @@ -1071,6 +1485,14 @@ menu "mbedTLS" a suitable prime being used for the exchange. Please see detailed warning text about this in file `mbedtls/dhm.h` file. + config MBEDTLS_RSA_C + bool "RSA public key cryptosystem" + default y + select MBEDTLS_BIGNUM_C + select MBEDTLS_OID_C + help + Enable RSA. Needed to use RSA-xxx TLS ciphersuites. + config MBEDTLS_ECDH_C bool "Elliptic Curve Diffie-Hellman (ECDH)" depends on MBEDTLS_ECP_C @@ -1080,7 +1502,9 @@ menu "mbedTLS" config MBEDTLS_ECDSA_C bool "Elliptic Curve DSA" - depends on MBEDTLS_ECDH_C + depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_C + select MBEDTLS_ASN1_WRITE_C + select MBEDTLS_ASN1_PARSE_C default y help Enable ECDSA. Needed to use ECDSA-xxx TLS ciphersuites. @@ -1216,9 +1640,19 @@ menu "mbedTLS" help Enable support for ChaCha20-Poly1305 AEAD algorithm. + config MBEDTLS_CIPHER_C + bool "Cipher abstraction layer" + default y + help + Enable the cipher abstraction layer. This enables generic cipher wrappers + for the block ciphers and stream ciphers. + If you are not using the cipher abstraction layer, you can disable this + option to save some code size. + config MBEDTLS_HKDF_C bool "HKDF algorithm (RFC 5869)" default n + depends on MBEDTLS_MD_C help Enable support for the Hashed Message Authentication Code (HMAC)-based key derivation function (HKDF). @@ -1230,6 +1664,12 @@ menu "mbedTLS" If you do intend to use contexts between threads, you will need to enable this layer to prevent race conditions. + config MBEDTLS_VERSION_C + bool "Enable version information" + default y + help + Enable version information functions. + config MBEDTLS_THREADING_ALT bool "Enable threading alternate implementation" depends on MBEDTLS_THREADING_C @@ -1252,6 +1692,16 @@ menu "mbedTLS" Disabling this config can save some code/rodata size as the error string conversion implementation is replaced with an empty stub. + config MBEDTLS_ERROR_STRERROR_DUMMY + bool "Enable a dummy error function to make use of mbedtls_strerror()" + default n + depends on !MBEDTLS_ERROR_STRINGS + help + This option enables a dummy error function to make use of mbedtls_strerror() + when MBEDTLS_ERROR_STRINGS is disabled. This is useful for applications + that use mbedtls_strerror() but do not need the actual error strings. + This option can be used to save code size when MBEDTLS_ERROR_STRINGS is disabled. + config MBEDTLS_USE_CRYPTO_ROM_IMPL_BOOTLOADER bool "Use ROM implementation of the crypto algorithm in the bootloader" depends on ESP_ROM_HAS_MBEDTLS_CRYPTO_LIB diff --git a/components/mbedtls/port/include/mbedtls/esp_config.h b/components/mbedtls/port/include/mbedtls/esp_config.h index 54f49bdc14..611d0878a8 100644 --- a/components/mbedtls/port/include/mbedtls/esp_config.h +++ b/components/mbedtls/port/include/mbedtls/esp_config.h @@ -260,42 +260,107 @@ * * Uncomment this macro to store the AES tables in ROM. */ +#ifdef CONFIG_MBEDTLS_AES_ROM_TABLES #define MBEDTLS_AES_ROM_TABLES +#else +#undef MBEDTLS_AES_ROM_TABLES +#endif + +/** + * \def MBEDTLS_AES_FEWER_TABLES + * + * Use fewer tables for AES. + * + * Uncomment this macro to store fewer tables for AES + * in ROM or RAM. The values are computed at runtime. + * + */ + +#ifdef CONFIG_MBEDTLS_AES_FEWER_TABLES +#define MBEDTLS_AES_FEWER_TABLES +#else +#undef MBEDTLS_AES_FEWER_TABLES +#endif + +/** + * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + * + * Enable support for AES with only 128-bit key length. This disables + * support for 192-bit and 256-bit key lengths. + * + * Uncommenting this macro reduces the size of AES code + */ + +#ifdef CONFIG_MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +#else +#undef MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +#endif + +/** + * \def MBEDTLS_CAMELLIA_SMALL_MEMORY + * + * Enable small memory usage for Camellia cipher. + */ +#ifdef CONFIG_MBEDTLS_CAMELLIA_SMALL_MEMORY +#define MBEDTLS_CAMELLIA_SMALL_MEMORY +#else +#undef MBEDTLS_CAMELLIA_SMALL_MEMORY +#endif /** * \def MBEDTLS_CIPHER_MODE_CBC * * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. */ +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_MODE_CBC +#else +#undef MBEDTLS_CIPHER_MODE_CBC +#endif /** * \def MBEDTLS_CIPHER_MODE_CFB * * Enable Cipher Feedback mode (CFB) for symmetric ciphers. */ +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_CFB #define MBEDTLS_CIPHER_MODE_CFB +#else +#undef MBEDTLS_CIPHER_MODE_CFB +#endif /** * \def MBEDTLS_CIPHER_MODE_CTR * * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. */ +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_CTR #define MBEDTLS_CIPHER_MODE_CTR - +#else +#undef MBEDTLS_CIPHER_MODE_CTR +#endif /** * \def MBEDTLS_CIPHER_MODE_OFB * * Enable Output Feedback mode (OFB) for symmetric ciphers. */ +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_OFB #define MBEDTLS_CIPHER_MODE_OFB +#else +#undef MBEDTLS_CIPHER_MODE_OFB +#endif /** * \def MBEDTLS_CIPHER_MODE_XTS * * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. */ +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_XTS #define MBEDTLS_CIPHER_MODE_XTS +#else +#undef MBEDTLS_CIPHER_MODE_XTS +#endif /** * \def MBEDTLS_CIPHER_PADDING_PKCS7 @@ -308,10 +373,29 @@ * * Enable padding modes in the cipher layer. */ +#ifdef CONFIG_MBEDTLS_CIPHER_PADDING_PKCS7 #define MBEDTLS_CIPHER_PADDING_PKCS7 +#else +#undef MBEDTLS_CIPHER_PADDING_PKCS7 +#endif + +#ifdef CONFIG_MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#else +#undef MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#endif + +#ifdef CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#else +#undef MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#endif + +#ifdef CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS #define MBEDTLS_CIPHER_PADDING_ZEROS +#else +#undef MBEDTLS_CIPHER_PADDING_ZEROS +#endif /** * \def MBEDTLS_ECP_RESTARTABLE @@ -362,6 +446,8 @@ */ #ifdef CONFIG_MBEDTLS_ECP_RESTARTABLE #define MBEDTLS_ECP_RESTARTABLE +#else +#undef MBEDTLS_ECP_RESTARTABLE #endif /** @@ -885,7 +971,11 @@ * Disable if you run into name conflicts and want to really remove the * mbedtls_strerror() */ +#ifdef CONFIG_MBEDTLS_ERROR_STRERROR_DUMMY #define MBEDTLS_ERROR_STRERROR_DUMMY +#else +#undef MBEDTLS_ERROR_STRERROR_DUMMY +#endif /** * \def MBEDTLS_GENPRIME @@ -894,7 +984,11 @@ * * Requires: MBEDTLS_BIGNUM_C */ +#ifdef CONFIG_MBEDTLS_GENPRIME #define MBEDTLS_GENPRIME +#else +#undef MBEDTLS_GENPRIME +#endif /** * \def MBEDTLS_FS_IO @@ -922,6 +1016,26 @@ #define MBEDTLS_NO_PLATFORM_ENTROPY #endif // !CONFIG_IDF_TARGET_LINUX +/** + * \def MBEDTLS_ENTROPY_FORCE_SHA256 + * + * Force the entropy accumulator to use a SHA-256 accumulator instead of the + * default SHA-512 based one (if both are available). + * + * Requires: MBEDTLS_SHA256_C + * + * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option + * if you have performance concerns. + * + * This option is only useful if both MBEDTLS_SHA256_C and + * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. + */ +#ifdef CONFIG_MBEDTLS_ENTROPY_FORCE_SHA256 +#define MBEDTLS_ENTROPY_FORCE_SHA256 +#else +#undef MBEDTLS_ENTROPY_FORCE_SHA256 +#endif + /** * \def MBEDTLS_PK_RSA_ALT_SUPPORT * @@ -929,7 +1043,11 @@ * * Comment this macro to disable support for external private RSA keys. */ +#ifdef CONFIG_MBEDTLS_PK_RSA_ALT_SUPPORT #define MBEDTLS_PK_RSA_ALT_SUPPORT +#else +#undef MBEDTLS_PK_RSA_ALT_SUPPORT +#endif /** * \def MBEDTLS_PKCS1_V15 @@ -940,7 +1058,11 @@ * * This enables support for PKCS#1 v1.5 operations. */ +#ifdef CONFIG_MBEDTLS_PKCS1_V15 #define MBEDTLS_PKCS1_V15 +#else +#undef MBEDTLS_PKCS1_V15 +#endif /** * \def MBEDTLS_PKCS1_V21 @@ -951,14 +1073,55 @@ * * This enables support for RSAES-OAEP and RSASSA-PSS operations. */ +#ifdef CONFIG_MBEDTLS_PKCS1_V21 #define MBEDTLS_PKCS1_V21 +#else +#undef MBEDTLS_PKCS1_V21 +#endif /** * \def MBEDTLS_SELF_TEST * * Enable the checkup functions (*_self_test). */ +#ifdef CONFIG_MBEDTLS_SELF_TEST #define MBEDTLS_SELF_TEST +#else +#undef MBEDTLS_SELF_TEST +#endif + +/** + * \def MBEDTLS_SHA256_SMALLER + * + * Enable an implementation of SHA-256 that has lower ROM footprint but also + * lower performance. + * + * The default implementation is meant to be a reasonable compromise between + * performance and size. This version optimizes more aggressively for size at + * the expense of performance. Eg on Cortex-M4 it reduces the size of + * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about + * 30%. + * + * Uncomment to enable the smaller implementation of SHA256. + */ +#ifdef CONFIG_MBEDTLS_SHA256_SMALLER +#define MBEDTLS_SHA256_SMALLER +#else +#undef MBEDTLS_SHA256_SMALLER +#endif + +/** + * \def MBEDTLS_SHA512_SMALLER + * Enable an implementation of SHA-512 that has lower ROM footprint but also + * lower performance. + * + * Uncomment to enable the smaller implementation of SHA512. + */ +#ifdef CONFIG_MBEDTLS_SHA512_SMALLER +#define MBEDTLS_SHA512_SMALLER +#else +#undef MBEDTLS_SHA512_SMALLER +#endif /** * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -972,7 +1135,11 @@ * * Enable sending of all alert messages */ +#ifdef CONFIG_MBEDTLS_SSL_ALL_ALERT_MESSAGES #define MBEDTLS_SSL_ALL_ALERT_MESSAGES +#else +#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES +#endif /** * \def MBEDTLS_SSL_DTLS_CONNECTION_ID @@ -1210,21 +1377,26 @@ * * Comment this macro to disable support for the max_fragment_length extension */ +#ifdef CONFIG_MBEDTLS_SSL_MAX_FRAGMENT_LENGTH #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +#else +#undef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +#endif /** * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT * * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only). * - * \warning This extension is currently in development and must NOT be used except - * for testing purposes. - * * Requires: MBEDTLS_SSL_PROTO_TLS1_3 * * Uncomment this macro to enable support for the record_size_limit extension */ -//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT +#ifdef CONFIG_MBEDTLS_SSL_RECORD_SIZE_LIMIT +#define MBEDTLS_SSL_RECORD_SIZE_LIMIT +#else +#undef MBEDTLS_SSL_RECORD_SIZE_LIMIT +#endif /** * \def MBEDTLS_SSL_PROTO_TLS1_2 @@ -1393,11 +1565,12 @@ * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 * is not enabled, this option does not have any effect on the build. * - * This feature is experimental, not completed and thus not ready for - * production. - * */ -//#define MBEDTLS_SSL_EARLY_DATA +#ifdef CONFIG_MBEDTLS_SSL_EARLY_DATA +#define MBEDTLS_SSL_EARLY_DATA +#else +#undef MBEDTLS_SSL_EARLY_DATA +#endif /** * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE @@ -1517,7 +1690,7 @@ * * Uncomment this to enable support for use_srtp extension. */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_DTLS +#ifdef CONFIG_MBEDTLS_SSL_DTLS_SRTP #define MBEDTLS_SSL_DTLS_SRTP #else #undef MBEDTLS_SSL_DTLS_SRTP @@ -1580,8 +1753,11 @@ * * Comment this macro to disable support for server name indication in SSL */ +#ifdef CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION #define MBEDTLS_SSL_SERVER_NAME_INDICATION - +#else +#undef MBEDTLS_SSL_SERVER_NAME_INDICATION +#endif /** * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH @@ -1609,7 +1785,11 @@ * * Comment this to disable run-time checking and save ROM space */ +#ifdef CONFIG_MBEDTLS_VERSION_FEATURES #define MBEDTLS_VERSION_FEATURES +#else +#undef MBEDTLS_VERSION_FEATURES +#endif /** @@ -1620,7 +1800,11 @@ * * Comment this macro to disallow using RSASSA-PSS in certificates. */ +#ifdef CONFIG_MBEDTLS_X509_RSASSA_PSS_SUPPORT #define MBEDTLS_X509_RSASSA_PSS_SUPPORT +#else +#undef MBEDTLS_X509_RSASSA_PSS_SUPPORT +#endif /* \} name SECTION: mbed TLS feature support */ @@ -1644,7 +1828,33 @@ * * This modules adds support for the AES-NI instructions on x86-64 */ -#define MBEDTLS_AESNI_C +#undef MBEDTLS_AESNI_C + +/** + * \def MBEDTLS_AESCE_C + * + * Enable AES cryptographic extension support on Armv8. + * + * Module: library/aesce.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_AES_C + * + * \warning Runtime detection only works on Linux. For non-Linux operating + * system, Armv8-A Cryptographic Extensions must be supported by + * the CPU when this option is enabled. + * + * \note Minimum compiler versions for this feature when targeting aarch64 + * are Clang 4.0; armclang 6.6; GCC 6.0; or MSVC 2019 version 16.11.2. + * Minimum compiler versions for this feature when targeting 32-bit + * Arm or Thumb are Clang 11.0; armclang 6.20; or GCC 6.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for + * armclang <= 6.9 + * + * This module adds support for the AES Armv8-A Cryptographic Extensions on Armv8 systems. + */ +#undef MBEDTLS_AESCE_C /** * \def MBEDTLS_AES_C @@ -1737,7 +1947,11 @@ * library/pkcs5.c * library/pkparse.c */ +#ifdef CONFIG_MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_PARSE_C +#else +#undef MBEDTLS_ASN1_PARSE_C +#endif /** * \def MBEDTLS_ASN1_WRITE_C @@ -1751,7 +1965,11 @@ * library/x509write_crt.c * library/mbedtls_x509write_csr.c */ +#ifdef CONFIG_MBEDTLS_ASN1_WRITE_C #define MBEDTLS_ASN1_WRITE_C +#else +#undef MBEDTLS_ASN1_WRITE_C +#endif /** * \def MBEDTLS_BASE64_C @@ -1763,7 +1981,11 @@ * * This module is required for PEM support (required by X.509). */ +#ifdef CONFIG_MBEDTLS_BASE64_C #define MBEDTLS_BASE64_C +#else +#undef MBEDTLS_BASE64_C +#endif /** * \def MBEDTLS_BIGNUM_C @@ -1783,7 +2005,11 @@ * * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. */ +#ifdef CONFIG_MBEDTLS_BIGNUM_C #define MBEDTLS_BIGNUM_C +#else +#undef MBEDTLS_BIGNUM_C +#endif /** * \def MBEDTLS_BLOWFISH_C @@ -1857,6 +2083,62 @@ #undef MBEDTLS_CAMELLIA_C #endif +/** + * \def MBEDTLS_ARIA_C + * + * Enable the ARIA block cipher. + * + * Module: library/aria.c + * Caller: library/cipher.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * + * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + */ +#ifdef CONFIG_MBEDTLS_ARIA_C +#define MBEDTLS_ARIA_C +#else +#undef MBEDTLS_ARIA_C +#endif + /** * \def MBEDTLS_CCM_C * @@ -1936,7 +2218,11 @@ * * Uncomment to enable generic cipher wrappers. */ +#ifdef CONFIG_MBEDTLS_CIPHER_C #define MBEDTLS_CIPHER_C +#else +#undef MBEDTLS_CIPHER_C +#endif /** * \def MBEDTLS_CTR_DRBG_C @@ -1950,7 +2236,11 @@ * * This module provides the CTR_DRBG AES-256 random number generator. */ +#ifdef CONFIG_MBEDTLS_CTR_DRBG_C #define MBEDTLS_CTR_DRBG_C +#else +#undef MBEDTLS_CTR_DRBG_C +#endif /** * \def MBEDTLS_DEBUG_C @@ -2117,7 +2407,11 @@ * * This module provides a generic entropy pool */ +#ifdef CONFIG_MBEDTLS_ENTROPY_C #define MBEDTLS_ENTROPY_C +#else +#undef MBEDTLS_ENTROPY_C +#endif /** * \def MBEDTLS_ERROR_C @@ -2200,7 +2494,27 @@ * * Uncomment to enable the HMAC_DRBG random number generator. */ +#ifdef CONFIG_MBEDTLS_HMAC_DRBG_C #define MBEDTLS_HMAC_DRBG_C +#else +#undef MBEDTLS_HMAC_DRBG_C +#endif + +/** + * \def MBEDTLS_LMS_C + * + * Enable the LMS stateful-hash asymmetric signature algorithm. + * + * Module: library/lms.c + * Caller: + * + * Requires: MBEDTLS_PSA_CRYPTO_C + * + * Uncomment to enable the LMS verification algorithm and public key operations. + * + * This is disable by now. When we shift to PSA, we will enable it. + */ +#undef MBEDTLS_LMS_C /** * \def MBEDTLS_MD_C @@ -2233,7 +2547,11 @@ * * Uncomment to enable generic message digest wrappers. */ +#ifdef CONFIG_MBEDTLS_MD_C #define MBEDTLS_MD_C +#else +#undef MBEDTLS_MD_C +#endif /** * \def MBEDTLS_MD5_C @@ -2248,7 +2566,11 @@ * This module is required for SSL/TLS and X.509. * PEM_PARSE uses MD5 for decrypting encrypted keys. */ +#ifdef CONFIG_MBEDTLS_MD5_C #define MBEDTLS_MD5_C +#else +#undef MBEDTLS_MD5_C +#endif /** * \def MBEDTLS_NET_C @@ -2292,7 +2614,11 @@ * * This modules translates between OIDs and internal values. */ +#ifdef CONFIG_MBEDTLS_OID_C #define MBEDTLS_OID_C +#else +#undef MBEDTLS_OID_C +#endif /** * \def MBEDTLS_PADLOCK_C @@ -2306,7 +2632,7 @@ * * This modules adds support for the VIA PadLock on x86. */ -#define MBEDTLS_PADLOCK_C +#undef MBEDTLS_PADLOCK_C /** * \def MBEDTLS_PEM_PARSE_C @@ -2368,7 +2694,11 @@ * * Uncomment to enable generic public key wrappers. */ +#ifdef CONFIG_MBEDTLS_PK_C #define MBEDTLS_PK_C +#else +#undef MBEDTLS_PK_C +#endif /** * \def MBEDTLS_PK_PARSE_C @@ -2383,7 +2713,11 @@ * * Uncomment to enable generic public key parse functions. */ +#ifdef CONFIG_MBEDTLS_PK_PARSE_C #define MBEDTLS_PK_PARSE_C +#else +#undef MBEDTLS_PK_PARSE_C +#endif /** * \def MBEDTLS_PK_WRITE_C @@ -2397,7 +2731,11 @@ * * Uncomment to enable generic public key write functions. */ +#ifdef CONFIG_MBEDTLS_PK_WRITE_C #define MBEDTLS_PK_WRITE_C +#else +#undef MBEDTLS_PK_WRITE_C +#endif /** * \def MBEDTLS_PKCS5_C @@ -2410,7 +2748,11 @@ * * This module adds support for the PKCS#5 functions. */ +#ifdef CONFIG_MBEDTLS_PKCS5_C #define MBEDTLS_PKCS5_C +#else +#undef MBEDTLS_PKCS5_C +#endif /** * \def MBEDTLS_PKCS7_C @@ -2449,7 +2791,11 @@ * * This module enables PKCS#12 functions. */ +#ifdef CONFIG_MBEDTLS_PKCS12_C #define MBEDTLS_PKCS12_C +#else +#undef MBEDTLS_PKCS12_C +#endif /** * \def MBEDTLS_PLATFORM_C @@ -2518,7 +2864,11 @@ * * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C */ +#ifdef CONFIG_MBEDTLS_RSA_C #define MBEDTLS_RSA_C +#else +#undef MBEDTLS_RSA_C +#endif /** * \def MBEDTLS_SHA1_C @@ -2556,7 +2906,11 @@ * * This module adds support for SHA-224. */ +#ifdef CONFIG_MBEDTLS_SHA224_C #define MBEDTLS_SHA224_C +#else +#undef MBEDTLS_SHA224_C +#endif /** * \def MBEDTLS_SHA256_C @@ -2573,7 +2927,31 @@ * This module adds support for SHA-224 and SHA-256. * This module is required for the SSL/TLS 1.2 PRF function. */ +#ifdef CONFIG_MBEDTLS_SHA256_C #define MBEDTLS_SHA256_C +#else +#undef MBEDTLS_SHA256_C +#endif + +/** + * \def MBEDTLS_SHA384_C + * + * Enable the SHA-384 cryptographic hash algorithm. + * + * Module: library/sha512.c + * Caller: library/md.c + * library/psa_crypto_hash.c + * library/ssl_tls.c + * library/ssl*_client.c + * library/ssl*_server.c + * + * Comment to disable SHA-384 + */ +#ifdef CONFIG_MBEDTLS_SHA384_C +#define MBEDTLS_SHA384_C +#else +#undef MBEDTLS_SHA384_C +#endif /** * \def MBEDTLS_SHA512_C @@ -2589,10 +2967,8 @@ * This module adds support for SHA-384 and SHA-512. */ #ifdef CONFIG_MBEDTLS_SHA512_C -#define MBEDTLS_SHA384_C #define MBEDTLS_SHA512_C #else -#undef MBEDTLS_SHA384_C #undef MBEDTLS_SHA512_C #endif @@ -2621,7 +2997,11 @@ * * Requires: MBEDTLS_SSL_CACHE_C */ +#ifdef CONFIG_MBEDTLS_SSL_CACHE_C #define MBEDTLS_SSL_CACHE_C +#else +#undef MBEDTLS_SSL_CACHE_C +#endif /** * \def MBEDTLS_SSL_COOKIE_C @@ -2631,7 +3011,11 @@ * Module: library/ssl_cookie.c * Caller: */ +#ifdef CONFIG_MBEDTLS_SSL_COOKIE_C #define MBEDTLS_SSL_COOKIE_C +#else +#undef MBEDTLS_SSL_COOKIE_C +#endif /** * \def MBEDTLS_SSL_TICKET_C @@ -2740,7 +3124,11 @@ * * This module provides run-time version information. */ +#ifdef CONFIG_MBEDTLS_VERSION_C #define MBEDTLS_VERSION_C +#else +#undef MBEDTLS_VERSION_C +#endif /** * \def MBEDTLS_X509_USE_C @@ -2757,7 +3145,11 @@ * * This module is required for the X.509 parsing modules. */ +#ifdef CONFIG_MBEDTLS_X509_USE_C #define MBEDTLS_X509_USE_C +#else +#undef MBEDTLS_X509_USE_C +#endif /** * \def MBEDTLS_X509_CRT_PARSE_C @@ -2773,7 +3165,11 @@ * * This module is required for X.509 certificate parsing. */ +#ifdef CONFIG_MBEDTLS_X509_CRT_PARSE_C #define MBEDTLS_X509_CRT_PARSE_C +#else +#undef MBEDTLS_X509_CRT_PARSE_C +#endif /** * \def MBEDTLS_X509_CRL_PARSE_C @@ -2823,7 +3219,11 @@ * * This module is the basis for creating X.509 certificates and CSRs. */ +#ifdef CONFIG_MBEDTLS_X509_CREATE_C #define MBEDTLS_X509_CREATE_C +#else +#undef MBEDTLS_X509_CREATE_C +#endif /** * \def MBEDTLS_X509_CRT_WRITE_C @@ -2836,7 +3236,11 @@ * * This module is required for X.509 certificate creation. */ +#ifdef CONFIG_MBEDTLS_X509_CRT_WRITE_C #define MBEDTLS_X509_CRT_WRITE_C +#else +#undef MBEDTLS_X509_CRT_WRITE_C +#endif /** * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK @@ -2861,6 +3265,21 @@ #undef MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK #endif +/** + * \def MBEDTLS_X509_REMOVE_INFO + * + * Disable mbedtls_x509_*_info() and related APIs. + * + * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() + * and other functions/constants only used by these functions, thus reducing + * the code footprint by several KB. + */ +#ifdef CONFIG_MBEDTLS_X509_REMOVE_INFO +#define MBEDTLS_X509_REMOVE_INFO +#else +#undef MBEDTLS_X509_REMOVE_INFO +#endif + /** * \def MBEDTLS_X509_CSR_WRITE_C * @@ -2872,7 +3291,11 @@ * * This module is required for X.509 certificate request writing. */ +#ifdef CONFIG_MBEDTLS_X509_CSR_WRITE_C #define MBEDTLS_X509_CSR_WRITE_C +#else +#undef MBEDTLS_X509_CSR_WRITE_C +#endif /** * \def MBEDTLS_XTEA_C From d9c431268a6f07156bfbe4822adb27fc82701171 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Mon, 5 May 2025 18:07:18 +0800 Subject: [PATCH 2/2] feat(mbedtls): restructure mbedtls configuration page --- components/esp-tls/Kconfig | 1 + components/mbedtls/CMakeLists.txt | 11 + components/mbedtls/Kconfig | 3140 +++++++++-------- .../mbedtls/config/mbedtls_preset_bt.conf | 98 + .../config/mbedtls_preset_default.conf | 199 ++ .../config/mbedtls_preset_minimal.conf | 102 + components/mbedtls/port/aes/dma/esp_aes.c | 2 + .../src/crypto/crypto_mbedtls.c | 9 +- docs/en/api-reference/protocols/mbedtls.rst | 205 +- .../bluetooth/nimble/bleprph/CMakeLists.txt | 4 + .../protocols/https_request/CMakeLists.txt | 5 + .../https_request/sdkconfig.ci.mbedtls_config | 1 + 12 files changed, 2217 insertions(+), 1560 deletions(-) create mode 100644 components/mbedtls/config/mbedtls_preset_bt.conf create mode 100644 components/mbedtls/config/mbedtls_preset_default.conf create mode 100644 components/mbedtls/config/mbedtls_preset_minimal.conf diff --git a/components/esp-tls/Kconfig b/components/esp-tls/Kconfig index b56f3bbf04..3420ebd698 100644 --- a/components/esp-tls/Kconfig +++ b/components/esp-tls/Kconfig @@ -8,6 +8,7 @@ menu "ESP-TLS" usage. Consult the ESP-TLS documentation in ESP-IDF Programming guide for more details. config ESP_TLS_USING_MBEDTLS bool "mbedTLS" + select MBEDTLS_TLS_ENABLED config ESP_TLS_USING_WOLFSSL depends on TLS_STACK_WOLFSSL bool "wolfSSL (License info in wolfSSL directory README)" diff --git a/components/mbedtls/CMakeLists.txt b/components/mbedtls/CMakeLists.txt index 91c49cb085..7df0f9b2d3 100644 --- a/components/mbedtls/CMakeLists.txt +++ b/components/mbedtls/CMakeLists.txt @@ -357,8 +357,19 @@ foreach(target ${mbedtls_targets}) if(CONFIG_COMPILER_STATIC_ANALYZER AND CMAKE_C_COMPILER_ID STREQUAL "GNU") # TODO IDF-10087 target_compile_options(${target} PRIVATE "-fno-analyzer") endif() + if(CONFIG_MBEDTLS_COMPILER_OPTIMIZATION_SIZE) + target_compile_options(${target} PRIVATE "-Os") + elseif(CONFIG_MBEDTLS_COMPILER_OPTIMIZATION_SPEED) + target_compile_options(${target} PRIVATE "-O2") + endif() endforeach() +if(CONFIG_MBEDTLS_COMPILER_OPTIMIZATION_SIZE) + target_compile_options(${COMPONENT_LIB} PRIVATE "-Os") +elseif(CONFIG_MBEDTLS_COMPILER_OPTIMIZATION_SPEED) + target_compile_options(${COMPONENT_LIB} PRIVATE "-O2") +endif() + if(CONFIG_MBEDTLS_DYNAMIC_BUFFER) set(WRAP_FUNCTIONS mbedtls_ssl_write_client_hello diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index 903a1dd8d7..fecf6ba297 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -1,1362 +1,324 @@ menu "mbedTLS" - choice MBEDTLS_MEM_ALLOC_MODE - prompt "Memory allocation strategy" - default MBEDTLS_INTERNAL_MEM_ALLOC - help - Allocation strategy for mbedTLS, essentially provides ability to - allocate all required dynamic allocations from, - - - Internal DRAM memory only - - External SPIRAM memory only - - Either internal or external memory based on default malloc() - behavior in ESP-IDF - - Custom allocation mode, by overwriting calloc()/free() using - mbedtls_platform_set_calloc_free() function - - Internal IRAM memory wherever applicable else internal DRAM - - Recommended mode here is always internal (*), since that is most preferred - from security perspective. But if application requirement does not - allow sufficient free internal memory then alternate mode can be - selected. - - (*) In case of ESP32-S2/ESP32-S3, hardware allows encryption of external - SPIRAM contents provided hardware flash encryption feature is enabled. - In that case, using external SPIRAM allocation strategy is also safe choice - from security perspective. - - config MBEDTLS_INTERNAL_MEM_ALLOC - bool "Internal memory" - - config MBEDTLS_EXTERNAL_MEM_ALLOC - bool "External SPIRAM" - depends on SPIRAM_USE_CAPS_ALLOC || SPIRAM_USE_MALLOC - - config MBEDTLS_DEFAULT_MEM_ALLOC - bool "Default alloc mode" - - config MBEDTLS_CUSTOM_MEM_ALLOC - bool "Custom alloc mode" - - config MBEDTLS_IRAM_8BIT_MEM_ALLOC - bool "Internal IRAM" - depends on ESP32_IRAM_AS_8BIT_ACCESSIBLE_MEMORY + menu "Core Configuration" + choice MBEDTLS_COMPILER_OPTIMIZATION + prompt "Compiler optimization level" + default MBEDTLS_COMPILER_OPTIMIZATION_NONE help - Allows to use IRAM memory region as 8bit accessible region. - - TLS input and output buffers will be allocated in IRAM section which is 32bit aligned - memory. Every unaligned (8bit or 16bit) access will result in an exception - and incur penalty of certain clock cycles per unaligned read/write. - - endchoice #MBEDTLS_MEM_ALLOC_MODE - - config MBEDTLS_SSL_MAX_CONTENT_LEN - int "TLS maximum message content length" - default 16384 - range 512 16384 - depends on !MBEDTLS_ASYMMETRIC_CONTENT_LEN - help - Maximum TLS message length (in bytes) supported by mbedTLS. - - 16384 is the default and this value is required to comply - fully with TLS standards. - - However you can set a lower value in order to save RAM. This - is safe if the other end of the connection supports Maximum - Fragment Length Negotiation Extension (max_fragment_length, - see RFC6066) or you know for certain that it will never send a - message longer than a certain number of bytes. - - If the value is set too low, symptoms are a failed TLS - handshake or a return value of MBEDTLS_ERR_SSL_INVALID_RECORD - (-0x7200). - - config MBEDTLS_ASYMMETRIC_CONTENT_LEN - bool "Asymmetric in/out fragment length" - default y - help - If enabled, this option allows customizing TLS in/out fragment length - in asymmetric way. Please note that enabling this with default values - saves 12KB of dynamic memory per TLS connection. - - config MBEDTLS_SSL_IN_CONTENT_LEN - int "TLS maximum incoming fragment length" - default 16384 - range 512 16384 - depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN - help - This defines maximum incoming fragment length, overriding default - maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). - - config MBEDTLS_SSL_OUT_CONTENT_LEN - int "TLS maximum outgoing fragment length" - default 4096 - range 512 16384 - depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN - help - This defines maximum outgoing fragment length, overriding default - maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). - - config MBEDTLS_SSL_SERVER_NAME_INDICATION - bool "Enable server name indication" - default y - depends on MBEDTLS_X509_CRT_PARSE_C - help - Enable support for RFC 6066 server name indication (SNI). - - config MBEDTLS_DYNAMIC_BUFFER - bool "Using dynamic TX/RX buffer" - default n - select MBEDTLS_ASYMMETRIC_CONTENT_LEN - # Dynamic buffer feature is not supported with DTLS - depends on !IDF_TARGET_LINUX && !MBEDTLS_SSL_PROTO_DTLS && !MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH - help - Using dynamic TX/RX buffer. After enabling this option, mbedTLS will - allocate TX buffer when need to send data and then free it if all data - is sent, allocate RX buffer when need to receive data and then free it - when all data is used or read by upper layer. - - By default, when SSL is initialized, mbedTLS also allocate TX and - RX buffer with the default value of "MBEDTLS_SSL_OUT_CONTENT_LEN" or - "MBEDTLS_SSL_IN_CONTENT_LEN", so to save more heap, users can set - the options to be an appropriate value. - - config MBEDTLS_DYNAMIC_FREE_CONFIG_DATA - bool "Free private key and DHM data after its usage" - default n - depends on MBEDTLS_DYNAMIC_BUFFER - help - Free private key and DHM data after its usage in handshake process. - - The option will decrease heap cost when handshake, but also lead to problem: - - Because all certificate, private key and DHM data are freed so users should register - certificate and private key to ssl config object again. - - config MBEDTLS_DYNAMIC_FREE_CA_CERT - bool "Free SSL CA certificate after its usage" - default y - depends on MBEDTLS_DYNAMIC_FREE_CONFIG_DATA - help - Free CA certificate after its usage in the handshake process. - This option will decrease the heap footprint for the TLS handshake, but may lead to a problem: - If the respective ssl object needs to perform the TLS handshake again, - the CA certificate should once again be registered to the ssl object. - config MBEDTLS_VERSION_FEATURES - bool "Enable mbedTLS version features" - default n - help - Enable mbedTLS version features. - This option allows Allow run-time checking of compile-time enabled features. - Disabling this option will save some code size. - - config MBEDTLS_X509_USE_C - bool "Enable X.509 certificate support" - default y - help - Enable X.509 certificate support. - - config MBEDTLS_DEBUG - bool "Enable mbedTLS debugging" - default n - help - Enable mbedTLS debugging functions at compile time. - - If this option is enabled, you can include - "mbedtls/esp_debug.h" and call mbedtls_esp_enable_debug_log() - at runtime in order to enable mbedTLS debug output via the ESP - log mechanism. - - choice MBEDTLS_DEBUG_LEVEL - bool "Set mbedTLS debugging level" - depends on MBEDTLS_DEBUG - default MBEDTLS_DEBUG_LEVEL_VERBOSE - help - Set mbedTLS debugging level - - config MBEDTLS_DEBUG_LEVEL_WARN - bool "Warning" - config MBEDTLS_DEBUG_LEVEL_INFO - bool "Info" - config MBEDTLS_DEBUG_LEVEL_DEBUG - bool "Debug" - config MBEDTLS_DEBUG_LEVEL_VERBOSE - bool "Verbose" - endchoice - - config MBEDTLS_DEBUG_LEVEL - int - default 1 if MBEDTLS_DEBUG_LEVEL_WARN - default 2 if MBEDTLS_DEBUG_LEVEL_INFO - default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG - default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE - - menu "mbedTLS v3.x related" - config MBEDTLS_SSL_PROTO_TLS1_3 - bool "Support TLS 1.3 protocol" - depends on MBEDTLS_TLS_ENABLED && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - select MBEDTLS_CLIENT_SSL_SESSION_TICKETS if MBEDTLS_DYNAMIC_BUFFER - select MBEDTLS_HKDF_C - default n - - menu "TLS 1.3 related configurations" - depends on MBEDTLS_SSL_PROTO_TLS1_3 - - config MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - bool "TLS 1.3 middlebox compatibility mode" - default y - - config MBEDTLS_SSL_TLS1_3_KEXM_PSK - bool "TLS 1.3 PSK key exchange mode" - default y - - config MBEDTLS_SSL_TLS1_3_KEXM_EPHEMERAL - bool "TLS 1.3 ephemeral key exchange mode" - default y - - config MBEDTLS_SSL_TLS1_3_KEXM_PSK_EPHEMERAL - bool "TLS 1.3 PSK ephemeral key exchange mode" - default y - - config MBEDTLS_SSL_EARLY_DATA - bool "TLS 1.3 early data" - default n - depends on MBEDTLS_CLIENT_SSL_SESSION_TICKETS && \ - (MBEDTLS_SSL_TLS1_3_KEXM_PSK || MBEDTLS_SSL_TLS1_3_KEXM_EPHEMER) - help - Enable support for TLS 1.3 early data (0-RTT). - - endmenu - - config MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH - bool "Variable SSL buffer length" - default n - help - This enables the SSL buffer to be resized automatically - based on the negotiated maximum fragment length in each direction. - - config MBEDTLS_ECDH_LEGACY_CONTEXT - bool "Use a backward compatible ECDH context (Experimental)" - default n - depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_RESTARTABLE - help - Use the legacy ECDH context format. - Define this option only if you enable MBEDTLS_ECP_RESTARTABLE or if you - want to access ECDH context fields directly. - - config MBEDTLS_X509_TRUSTED_CERT_CALLBACK - bool "Enable trusted certificate callbacks" - default n - help - Enables users to configure the set of trusted certificates - through a callback instead of a linked list. - - See mbedTLS documentation for required API and more details. - - config MBEDTLS_SSL_CONTEXT_SERIALIZATION - bool "Enable serialization of the TLS context structures" - default n - depends on MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C - help - Enable serialization of the TLS context structures - This is a local optimization in handling a single, potentially long-lived connection. - - See mbedTLS documentation for required API and more details. - Disabling this option will save some code and RAM size. - - config MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - bool "Keep peer certificate after handshake completion" - default y - help - Keep the peer's certificate after completion of the handshake. - Disabling this option will save about 4kB of heap and some code size. - - See mbedTLS documentation for required API and more details. - - config MBEDTLS_SSL_KEYING_MATERIAL_EXPORT - bool "Enable keying material export" - default n - depends on MBEDTLS_TLS_ENABLED - help - Enable shared symmetric keys export for TLS sessions using mbedtls_ssl_export_keying_material() - after SSL handshake. The process for deriving the keys is specified in RFC 5705 for TLS 1.2 - and in RFC 8446, Section 7.5, for TLS 1.3. - - config MBEDTLS_PKCS7_C - bool "Enable PKCS number 7" - default y - depends on MBEDTLS_ASN1_PARSE_C && MBEDTLS_OID_C && MBEDTLS_PK_PARSE_C && \ - MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_CRL_PARSE_C && MBEDTLS_BIGNUM_C && MBEDTLS_MD_C - help - Enable PKCS number 7 core for using PKCS number 7-formatted signatures. - - config MBEDTLS_PKCS12_C - bool "Enable PKCS number 12" - default y - depends on MBEDTLS_ASN1_PARSE_C && (MBEDTLS_MD_C) - help - Enable PKCS number 12 core for using PKCS number 12-formatted signatures. - - config MBEDTLS_PKCS5_C - bool "Enable PKCS#5 functions" - default y - select MBEDTLS_MD_C - help - Enable support for PKCS#5 functions. - - config MBEDTLS_SSL_CID_PADDING_GRANULARITY - int "Record plaintext padding" - default 16 - range 0 32 - depends on MBEDTLS_SSL_PROTO_TLS1_3 || MBEDTLS_SSL_DTLS_CONNECTION_ID - help - Controls the use of record plaintext padding in TLS 1.3 and - when using the Connection ID extension in DTLS 1.2. - - The padding will always be chosen so that the length of the - padded plaintext is a multiple of the value of this option. - - Notes: - A value of 1 means that no padding will be used for outgoing records. - On systems lacking division instructions, a power of two should be preferred. - - menu "DTLS-based configurations" - depends on MBEDTLS_SSL_PROTO_DTLS - - config MBEDTLS_SSL_DTLS_CONNECTION_ID - bool "Support for the DTLS Connection ID extension" - default n - help - Enable support for the DTLS Connection ID extension which allows to - identify DTLS connections across changes in the underlying transport. - - config MBEDTLS_SSL_CID_IN_LEN_MAX - int "Maximum length of CIDs used for incoming DTLS messages" - default 32 - range 0 32 - depends on MBEDTLS_SSL_DTLS_CONNECTION_ID - help - Maximum length of CIDs used for incoming DTLS messages - - config MBEDTLS_SSL_CID_OUT_LEN_MAX - int "Maximum length of CIDs used for outgoing DTLS messages" - default 32 - range 0 32 - depends on MBEDTLS_SSL_DTLS_CONNECTION_ID - help - Maximum length of CIDs used for outgoing DTLS messages - - config MBEDTLS_SSL_DTLS_SRTP - bool "Enable support for negotiation of DTLS-SRTP (RFC 5764)" - default n - help - Enable support for negotiation of DTLS-SRTP (RFC 5764) through the use_srtp extension. - - See mbedTLS documentation for required API and more details. - Disabling this option will save some code size. - - endmenu - - endmenu - - menu "Certificate Bundle" - - config MBEDTLS_CERTIFICATE_BUNDLE - bool "Enable trusted root certificate bundle" - default y - help - Enable support for large number of default root certificates - - When enabled this option allows user to store default as well - as customer specific root certificates in compressed format rather - than storing full certificate. For the root certificates the public key and the subject name - will be stored. - - choice MBEDTLS_DEFAULT_CERTIFICATE_BUNDLE - bool "Default certificate bundle options" - depends on MBEDTLS_CERTIFICATE_BUNDLE - default MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL - - config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL - bool "Use the full default certificate bundle" - config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN - bool "Use only the most common certificates from the default bundles" - help - Use only the most common certificates from the default bundles, reducing the size with 50%, - while still having around 99% coverage. - config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE - bool "Do not use the default certificate bundle" + This option allows you to select the compiler optimization level for mbedTLS. + The default is set to the optimization level used by the rest of the ESP-IDF project. + config MBEDTLS_COMPILER_OPTIMIZATION_NONE + bool "No optimization" + config MBEDTLS_COMPILER_OPTIMIZATION_SIZE + bool "Optimize for size (-Os)" + config MBEDTLS_COMPILER_OPTIMIZATION_PERF + bool "Optimize for performance (-O2)" endchoice - config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE - depends on MBEDTLS_CERTIFICATE_BUNDLE - default n - bool "Add custom certificates to the default bundle" - config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE_PATH - depends on MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE - string "Custom certificate bundle path" - help - Name of the custom certificate directory or file. This path is evaluated - relative to the project root directory. - - config MBEDTLS_CERTIFICATE_BUNDLE_DEPRECATED_LIST - bool "Add deprecated root certificates" - depends on MBEDTLS_CERTIFICATE_BUNDLE && !MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE - help - Include the deprecated list of root certificates in the bundle. - This list gets updated when a certificate is removed from the Mozilla's - NSS root certificate store. This config can be enabled if you would like - to ensure that none of the certificates that were deployed in the product - are affected because of the update to bundle. In turn, enabling this - config keeps expired, retracted certificates in the bundle and it may - pose a security risk. - - - Deprecated cert list may grow based on sync with upstream bundle - - Deprecated certs would be removed in ESP-IDF (next) major release - - config MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS - int "Maximum no of certificates allowed in certificate bundle" - default 200 - depends on MBEDTLS_CERTIFICATE_BUNDLE - - config MBEDTLS_CERTIFICATE_BUNDLE_CROSS_SIGNED_VERIFY - bool "Support cross-signed certificate verification in certificate bundle" - default n - depends on MBEDTLS_CERTIFICATE_BUNDLE - select MBEDTLS_X509_TRUSTED_CERT_CALLBACK - help - Enable support for cross-signed certificate verification in the certificate bundle. - This feature uses an internal callback to verify the cross-signed certificates. - This feature is kept disabled by default as enabling this feature increases - heap usage by approximately 700 bytes. - - endmenu - - config MBEDTLS_SELF_TEST - bool "Enable mbedTLS self-test" - default y - help - Enable mbedTLS self-test functions. - - config MBEDTLS_PKCS1_V15 - bool "Enable PKCS#1 v1.5 padding" - default y - depends on MBEDTLS_RSA_C - help - Enable support for PKCS#1 v1.5 operations. - - config MBEDTLS_PKCS1_V21 - bool "Enable PKCS#1 v2.1 padding" - default y - depends on MBEDTLS_RSA_C && MBEDTLS_MD_C - help - Enable support for PKCS#1 v2.1 operations. - - config MBEDTLS_PK_RSA_ALT_SUPPORT - bool "Enable RSA alt support" - default y - help - Support external private RSA keys (eg from a HSM) int the PK layer. - - config MBEDTLS_ECP_RESTARTABLE - bool "Enable mbedTLS ecp restartable" - select MBEDTLS_ECDH_LEGACY_CONTEXT - depends on MBEDTLS_ECP_C - default n - help - Enable "non-blocking" ECC operations that can return early and be resumed. - - config MBEDTLS_AES_ROM_TABLES - bool "Store AES tables in ROM" - default y - help - Store the AES tables in ROM instead of generating them at runtime. - Using precomputed ROM tables reduces RAM usage, but increases - flash usage. - - config MBEDTLS_AES_FEWER_TABLES - bool "Use fewer AES tables" - default n - help - Use fewer AES tables to reduce ROM/RAM usage. - Using fewer tables increases the time taken to generate the tables - at runtime, but reduces ROM/RAM usage. - - config MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH - bool "Only support 128-bit AES keys" - default n - help - Only support 128-bit AES keys. - This reduces code size, but disables support for 192-bit and - 256-bit AES keys. - - config MBEDTLS_CMAC_C - bool "Enable CMAC mode for block ciphers" - default n - depends on (MBEDTLS_AES_C || MBEDTLS_DES_C) && MBEDTLS_CIPHER_C - help - Enable the CMAC (Cipher-based Message Authentication Code) mode for - block ciphers. - - config MBEDTLS_HARDWARE_AES - bool "Enable hardware AES acceleration" - default y - depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_AES_SUPPORTED - help - Enable hardware accelerated AES encryption & decryption. - - Note that if the ESP32 CPU is running at 240MHz, hardware AES does not - offer any speed boost over software AES. - - config MBEDTLS_AES_USE_INTERRUPT - bool "Use interrupt for long AES operations" - depends on !IDF_TARGET_ESP32 && MBEDTLS_HARDWARE_AES - default y - help - Use an interrupt to coordinate long AES operations. - - This allows other code to run on the CPU while an AES operation is pending. - Otherwise the CPU busy-waits. - - config MBEDTLS_AES_INTERRUPT_LEVEL - int "AES hardware interrupt level" - default 0 - depends on MBEDTLS_AES_USE_INTERRUPT - range 0 3 - help - This config helps to set the interrupt priority level for the AES peripheral. - Value 0 (default) means that there is no preference regarding the interrupt - priority level and any level from 1 to 3 can be selected (based on the availability). - Note: Higher value indicates high interrupt priority. - - config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC - bool "Enable AES hardware's pseudo round function" - default n - depends on SOC_AES_SUPPORT_PSEUDO_ROUND_FUNCTION - help - Enables the pseudo round function of the AES peripheral. - Enabling this would impact the performance of the AES operations. - For more info regarding the performance impact, please checkout the pseudo round function section of the - security guide. - - choice MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH - prompt "Strength of the pseudo rounds function" - depends on MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC - default MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_LOW - help - The strength of the pseudo rounds functions can be configured to low, medium and high. - You can configure the strength of the pseudo rounds functions according to your use cases, - for example, increasing the strength would provide higher security but would slow down the - hardware AES encryption/decryption operations. - - config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_LOW - bool "Low" - - config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_MEDIUM - bool "Medium" - - config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_HIGH - bool "High" - endchoice - - config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH - int - default 1 if MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_LOW - default 2 if MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_MEDIUM - default 3 if MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_HIGH - - config MBEDTLS_HARDWARE_GCM - bool "Enable partially hardware accelerated GCM" - depends on SOC_AES_SUPPORT_GCM && MBEDTLS_HARDWARE_AES - default y - help - Enable partially hardware accelerated GCM. GHASH calculation is still done - in software. - - If MBEDTLS_HARDWARE_GCM is disabled and MBEDTLS_HARDWARE_AES is enabled then - mbedTLS will still use the hardware accelerated AES block operation, but - on a single block at a time. - - config MBEDTLS_GCM_SUPPORT_NON_AES_CIPHER - bool "Enable support for non-AES ciphers in GCM operation" - depends on MBEDTLS_HARDWARE_AES && MBEDTLS_GCM_C - default y - help - Enable this config to support fallback to software definitions for a non-AES - cipher GCM operation as we support hardware acceleration only for AES cipher. - Some of the non-AES ciphers used in a GCM operation are DES, ARIA, CAMELLIA, - CHACHA20, BLOWFISH. - - If this config is disabled, performing a non-AES cipher GCM operation with - the config MBEDTLS_HARDWARE_AES enabled will result in calculation of an - AES-GCM operation instead for the given input values and thus could lead - to failure in certificate validation which would ultimately lead to a SSL - handshake failure. - - This config being by-default enabled leads to an increase in binary size - footprint of ~2.5KB. - In case you are sure that your use case (for example, client and server - configurations in case of a TLS handshake) would not involve any GCM - operations using a non-AES cipher, you can safely disable this config, - leading to reduction in binary size footprint. - - config MBEDTLS_BIGNUM_C - bool "Enable multiple precision integer (bignum) support" - default y - help - Enable support for multiple precision integer (bignum) operations. - - This is required for RSA, DSA, DHM, ECDH and ECDSA. - - If you don't need any of these algorithms, you can disable this option - to save code size. - - config MBEDTLS_HARDWARE_MPI - bool "Enable hardware MPI (bignum) acceleration" - default y - depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_MPI_SUPPORTED && MBEDTLS_BIGNUM_C - help - Enable hardware accelerated multiple precision integer operations. - - Hardware accelerated multiplication, modulo multiplication, - and modular exponentiation for up to SOC_RSA_MAX_BIT_LEN bit results. - - These operations are used by RSA. - - config MBEDTLS_GENPRIME - bool "Enable hardware prime number generation" - default y - depends on MBEDTLS_BIGNUM_C - help - Enable prime number generation. - - config MBEDTLS_LARGE_KEY_SOFTWARE_MPI - bool "Fallback to software implementation for larger MPI values" - depends on MBEDTLS_HARDWARE_MPI - default y if SOC_RSA_MAX_BIT_LEN <= 3072 # HW max 3072 bits - default n - help - Fallback to software implementation for RSA key lengths - larger than SOC_RSA_MAX_BIT_LEN. If this is not active - then the ESP will be unable to process keys greater - than SOC_RSA_MAX_BIT_LEN. - - config MBEDTLS_MPI_USE_INTERRUPT - bool "Use interrupt for MPI exp-mod operations" - depends on !IDF_TARGET_ESP32 && MBEDTLS_HARDWARE_MPI - default y - help - Use an interrupt to coordinate long MPI operations. - - This allows other code to run on the CPU while an MPI operation is pending. - Otherwise the CPU busy-waits. - - config MBEDTLS_MPI_INTERRUPT_LEVEL - int "MPI hardware interrupt level" - default 0 - depends on MBEDTLS_MPI_USE_INTERRUPT - range 0 3 - help - This config helps to set the interrupt priority level for the MPI peripheral. - Value 0 (default) means that there is no preference regarding the interrupt - priority level and any level from 1 to 3 can be selected (based on the availability). - Note: Higher value indicates high interrupt priority. - - config MBEDTLS_HARDWARE_SHA - bool "Enable hardware SHA acceleration" - default y - depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_SHA_SUPPORTED - help - Enable hardware accelerated SHA1, SHA256, SHA384 & SHA512 in mbedTLS. - - Due to a hardware limitation, on the ESP32 hardware acceleration is only - guaranteed if SHA digests are calculated one at a time. If more - than one SHA digest is calculated at the same time, one will - be calculated fully in hardware and the rest will be calculated - (at least partially calculated) in software. This happens automatically. - - SHA hardware acceleration is faster than software in some situations but - slower in others. You should benchmark to find the best setting for you. - - config MBEDTLS_SHA256_SMALLER - bool "Enable SHA-256 smaller implementation" - default n - depends on !MBEDTLS_HARDWARE_SHA && MBEDTLS_SHA256_C - help - Enable a smaller implementation of SHA-256 that has lower ROM footprint - but is slower than the default implementation. - - config MBEDTLS_SHA512_SMALLER - bool "Enable SHA-512 smaller implementation" - default n - depends on !MBEDTLS_HARDWARE_SHA && MBEDTLS_SHA512_C - help - Enable a smaller implementation of SHA-512 that has lower ROM footprint - but is slower than the default implementation. - - config MBEDTLS_HARDWARE_ECC - bool "Enable hardware ECC acceleration" - default y - depends on SOC_ECC_SUPPORTED - help - Enable hardware accelerated ECC point multiplication and point verification for points - on curve SECP192R1 and SECP256R1 in mbedTLS - - config MBEDTLS_ECC_OTHER_CURVES_SOFT_FALLBACK - bool "Fallback to software implementation for curves not supported in hardware" - depends on MBEDTLS_HARDWARE_ECC - default y - help - Fallback to software implementation of ECC point multiplication and point verification - for curves not supported in hardware. - - config MBEDTLS_ROM_MD5 - bool "Use MD5 implementation in ROM" - default y - help - Use ROM MD5 in mbedTLS. - - config MBEDTLS_HARDWARE_ECDSA_SIGN - bool "Enable ECDSA signing using on-chip ECDSA peripheral" - default n - depends on SOC_ECDSA_SUPPORTED - help - Enable hardware accelerated ECDSA peripheral to sign data - on curve SECP192R1 and SECP256R1 in mbedTLS. - - Note that for signing, the private key has to be burnt in an efuse key block - with key purpose set to ECDSA_KEY. - If no key is burnt, it will report an error - - The key should be burnt in little endian format. espefuse.py utility handles it internally - but care needs to be taken while burning using esp_efuse APIs - - config MBEDTLS_TEE_SEC_STG_ECDSA_SIGN - bool "Enable ECDSA signing using TEE secure storage" - default y - depends on SECURE_ENABLE_TEE - - menu "Enable Software Countermeasure for ECDSA signing using on-chip ECDSA peripheral" - depends on MBEDTLS_HARDWARE_ECDSA_SIGN - depends on IDF_TARGET_ESP32H2 - config MBEDTLS_HARDWARE_ECDSA_SIGN_MASKING_CM - bool "Mask original ECDSA sign operation under dummy sign operations" - select HAL_ECDSA_GEN_SIG_CM + config MBEDTLS_FS_IO + bool "Enable functions that use the filesystem" default y + depends on (VFS_SUPPORT_IO && VFS_SUPPORT_DIR) || IDF_TARGET_LINUX help - The ECDSA peripheral before ESP32-H2 v1.2 does not offer constant time ECDSA sign operation. - This time can be observed through power profiling of the device, - making the ECDSA private key vulnerable to side-channel timing attacks. - This countermeasure masks the real ECDSA sign operation - under dummy sign operations to add randomness in the generated power signature. - It is highly recommended to also enable Secure Boot for the device in addition to this countermeasure - so that only trusted software can execute on the device. - This countermeasure can be safely disabled for ESP32-H2 v1.2 and above. + This option enables functions in mbedTLS that use the filesystem. + It uses the default filesystem support for the target, + which is added through vfs component for ESP32 based targets or by + the host system when the target is Linux. - config MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM - bool "Make ECDSA signature operation pseudo constant time for software" - default y - help - This option adds a delay after the actual ECDSA signature operation - so that the entire operation appears to be constant  time for the software. - This fix helps in protecting the device only in case of remote timing attack on the ECDSA private key. - For e.g., When an interface is exposed by the device to perform ECDSA signature - of an arbitrary message. - The signature time would appear to be constant to the external entity after enabling - this option. - This countermeasure can be safely disabled for ESP32-H2 v1.2 and above. - - endmenu - - config MBEDTLS_HARDWARE_ECDSA_VERIFY - bool "Enable ECDSA signature verification using on-chip ECDSA peripheral" - default y - depends on SOC_ECDSA_SUPPORTED - help - Enable hardware accelerated ECDSA peripheral to verify signature - on curve SECP192R1 and SECP256R1 in mbedTLS. - - config MBEDTLS_ATCA_HW_ECDSA_SIGN - bool "Enable hardware ECDSA sign acceleration when using ATECC608A" - default n - help - This option enables hardware acceleration for ECDSA sign function, only - when using ATECC608A cryptoauth chip. - - config MBEDTLS_ATCA_HW_ECDSA_VERIFY - bool "Enable hardware ECDSA verify acceleration when using ATECC608A" - default n - help - This option enables hardware acceleration for ECDSA sign function, only - when using ATECC608A cryptoauth chip. - - config MBEDTLS_HAVE_TIME - bool "Enable mbedtls time support" - depends on !ESP_TIME_FUNCS_USE_NONE - default y - help - Enable use of time.h functions (time() and gmtime()) by mbedTLS. - - This option doesn't require the system time to be correct, but enables - functionality that requires relative timekeeping - for example periodic - expiry of TLS session tickets or session cache entries. - - Disabling this option will save some firmware size, particularly if - the rest of the firmware doesn't call any standard timekeeping - functions. - - config MBEDTLS_PLATFORM_TIME_ALT - bool "Enable mbedtls time support: platform-specific" - depends on MBEDTLS_HAVE_TIME - default n - help - Enabling this config will provide users with a function - "mbedtls_platform_set_time()" that allows to set an alternative - time function pointer. - - config MBEDTLS_HAVE_TIME_DATE - bool "Enable mbedtls certificate expiry check" - depends on MBEDTLS_HAVE_TIME - default n - help - Enables X.509 certificate expiry checks in mbedTLS. - - If this option is disabled (default) then X.509 certificate - "valid from" and "valid to" timestamp fields are ignored. - - If this option is enabled, these fields are compared with the - current system date and time. The time is retrieved using the - standard time() and gmtime() functions. If the certificate is not - valid for the current system time then verification will fail with - code MBEDTLS_X509_BADCERT_FUTURE or MBEDTLS_X509_BADCERT_EXPIRED. - - Enabling this option requires adding functionality in the firmware - to set the system clock to a valid timestamp before using TLS. The - recommended way to do this is via ESP-IDF's SNTP functionality, but - any method can be used. - - In the case where only a small number of certificates are trusted by - the device, please carefully consider the tradeoffs of enabling this - option. There may be undesired consequences, for example if all - trusted certificates expire while the device is offline and a TLS - connection is required to update. Or if an issue with the SNTP - server means that the system time is invalid for an extended period - after a reset. - - config MBEDTLS_ECDSA_DETERMINISTIC - bool "Enable deterministic ECDSA" - default n - help - Standard ECDSA is "fragile" in the sense that lack of entropy when signing - may result in a compromise of the long-term signing key. - - config MBEDTLS_ENTROPY_C - bool "Enable entropy support" - default y - depends on MBEDTLS_SHA256_C || MBEDTLS_SHA512_C - help - Enable support for entropy sources and provides a generic - entropy pool. - - config MBEDTLS_ENTROPY_FORCE_SHA256 - bool "Force SHA-256 for entropy" - default n - depends on MBEDTLS_SHA256_C && MBEDTLS_SHA512_C - help - Force SHA-256 to be used for the entropy pool if both SHA-256 and SHA-512 are - enabled. On 32-bit architectures, SHA-256 can be faster than SHA-512 - - config MBEDTLS_CTR_DRBG_C - bool "Enable CTR_DRBG" - default y - depends on MBEDTLS_AES_C - help - Enable CTR_DRBG (CTR mode Deterministic Random Bit Generator). - The CTR_DRBG generator uses AES-256 by default. - - config MBEDTLS_HMAC_DRBG_C - bool "Enable HMAC_DRBG" - default n - depends on MBEDTLS_MD_C - help - Enable HMAC_DRBG (HMAC mode Deterministic Random Bit Generator). - - config MBEDTLS_OID_C - bool "Enable OID support" - default y - help - Enable support for Object Identifier (OID) parsing and printing. - This is used by X.509 and PKCS#11. - - config MBEDTLS_MD_C - bool "Enable message digest support" - default y - depends on MBEDTLS_MD5_C || MBEDTLS_RIPEMD160_C || MBEDTLS_SHA1_C || \ - MBEDTLS_SHA224_C || MBEDTLS_SHA256_C || MBEDTLS_SHA384_C || MBEDTLS_SHA512_C - help - Enable generic layer for message digest algorithms. - - config MBEDTLS_MD5_C - bool "Enable the MD5 cryptographic hash algorithm" - default y - help - Enables support for MD5. - This module is required for TLS 1.2 depending on the handshake parameters. - Further, it is used for checking MD5-signed certificates, and for PBKDF1 - when decrypting PEM-encoded encrypted keys. - MD5 is considered a weak message digest and its use constitutes - a security risk. If possible, consider stronger message digests - such as SHA-256 (part of the SHA-2 family). - - config MBEDTLS_SHA1_C - bool "Enable the SHA-1 cryptographic hash algorithm" - default y - help - Enabling MBEDTLS_SHA1_C adds support for SHA-1. - SHA-1 is considered a weak message digest and its use constitutes - a security risk. - Disabling this configuration option could impact TLS 1.2 / Wi-Fi Enterprise compatibility - with certain older certificates that rely on SHA-1 for digital signatures. - Before proceeding, ensure that all your certificates are using stronger hash algorithms, - such as SHA-256 (part of the SHA-2 family). - If you're using older certificates or if you're unsure about the impact on your product, - please consider testing the changes in a controlled environment for individual features - like OTA updates, cloud connectivity, secure local control, etc. - - config MBEDTLS_SHA224_C - bool "Enable the SHA-224 cryptographic hash algorithm" - default n - help - Enable MBEDTLS_SHA224_C adds support for SHA-224. - - config MBEDTLS_SHA256_C - bool "Enable the SHA-256 cryptographic hash algorithm" - default y - help - Enable MBEDTLS_SHA256_C adds support for SHA-256. - - config MBEDTLS_SHA384_C - bool "Enable the SHA-384 cryptographic hash algorithm" - default y - help - Enable MBEDTLS_SHA384_C adds support for SHA-384. - - config MBEDTLS_SHA512_C - bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms" - default y - help - Enable MBEDTLS_SHA512_C adds support for SHA-512. - - config MBEDTLS_SHA3_C - bool "Enable the SHA3 cryptographic hash algorithm" - default y - help - Enabling MBEDTLS_SHA3_C adds support for SHA3. - Enabling this configuration option increases the flash footprint - by almost 4KB. - - config MBEDTLS_SSL_CACHE_C - bool "Enable SSL session cache" - default y - help - Enable simple SSL session cache implementation. - - config MBEDTLS_SSL_COOKIE_C - bool "Enable SSL session cookie" - default n - help - Enable basic DTLS cookie implementation for hello verification. - - choice MBEDTLS_TLS_MODE - bool "TLS Protocol Role" - default MBEDTLS_TLS_SERVER_AND_CLIENT - help - mbedTLS can be compiled with protocol support for the TLS - server, TLS client, or both server and client. - - Reducing the number of TLS roles supported saves code size. - - config MBEDTLS_TLS_SERVER_AND_CLIENT - bool "Server & Client" - select MBEDTLS_TLS_SERVER - select MBEDTLS_TLS_CLIENT - config MBEDTLS_TLS_SERVER_ONLY - bool "Server" - select MBEDTLS_TLS_SERVER - config MBEDTLS_TLS_CLIENT_ONLY - bool "Client" - select MBEDTLS_TLS_CLIENT - config MBEDTLS_TLS_DISABLED - bool "None" - - endchoice - - config MBEDTLS_TLS_SERVER - bool - select MBEDTLS_TLS_ENABLED - config MBEDTLS_TLS_CLIENT - bool - select MBEDTLS_TLS_ENABLED - config MBEDTLS_TLS_ENABLED - bool - - menu "TLS Key Exchange Methods" - depends on MBEDTLS_TLS_ENABLED - - config MBEDTLS_PSK_MODES - bool "Enable pre-shared-key ciphersuites" + config MBEDTLS_THREADING_C + bool "Enable the threading abstraction layer" default n help - Enable to show configuration for different types of pre-shared-key TLS authentatication methods. + If you do intend to use contexts between threads, you will need to enable + this layer to prevent race conditions. - Leaving this options disabled will save code size if they are not used. + config MBEDTLS_THREADING_ALT + bool "Enable threading alternate implementation" + depends on MBEDTLS_THREADING_C + default y + help + Enable threading alt to allow your own alternate threading implementation. - config MBEDTLS_KEY_EXCHANGE_PSK - bool "Enable PSK based ciphersuite modes" - depends on MBEDTLS_PSK_MODES + config MBEDTLS_THREADING_PTHREAD + bool "Enable threading pthread implementation" + depends on MBEDTLS_THREADING_C default n help - Enable to support symmetric key PSK (pre-shared-key) TLS key exchange modes. + Enable the pthread wrapper layer for the threading layer. - config MBEDTLS_KEY_EXCHANGE_DHE_PSK - bool "Enable DHE-PSK based ciphersuite modes" - depends on MBEDTLS_PSK_MODES && MBEDTLS_DHM_C + config MBEDTLS_ERROR_STRINGS + bool "Enable error code to error string conversion" default y help - Enable to support Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. + Enables mbedtls_strerror() for converting error codes to error strings. + Disabling this config can save some code/rodata size as the error + string conversion implementation is replaced with an empty stub. - config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK - bool "Enable ECDHE-PSK based ciphersuite modes" - depends on MBEDTLS_PSK_MODES && MBEDTLS_ECDH_C + config MBEDTLS_ERROR_STRERROR_DUMMY + bool "Enable a dummy error function to make use of mbedtls_strerror()" + default n + depends on !MBEDTLS_ERROR_STRINGS + help + This option enables a dummy error function to make use of mbedtls_strerror() + when MBEDTLS_ERROR_STRINGS is disabled. This is useful for applications + that use mbedtls_strerror() but do not need the actual error strings. + This option can be used to save code size when MBEDTLS_ERROR_STRINGS is disabled. + + config MBEDTLS_VERSION_C + bool "Enable version information" default y help - Enable to support Elliptic-Curve-Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. + Enable version information functions. - config MBEDTLS_KEY_EXCHANGE_RSA_PSK - bool "Enable RSA-PSK based ciphersuite modes" - depends on MBEDTLS_PSK_MODES + config MBEDTLS_HAVE_TIME + bool "Enable mbedtls time support" + depends on !ESP_TIME_FUNCS_USE_NONE default y help - Enable to support RSA PSK (pre-shared-key) TLS authentication modes. + Enable use of time.h functions (time() and gmtime()) by mbedTLS. - config MBEDTLS_KEY_EXCHANGE_RSA - bool "Enable RSA-only based ciphersuite modes" - default y - help - Enable to support ciphersuites with prefix TLS-RSA-WITH- + This option doesn't require the system time to be correct, but enables + functionality that requires relative timekeeping - for example periodic + expiry of TLS session tickets or session cache entries. - config MBEDTLS_KEY_EXCHANGE_DHE_RSA - bool "Enable DHE-RSA based ciphersuite modes" - default y - depends on MBEDTLS_DHM_C - help - Enable to support ciphersuites with prefix TLS-DHE-RSA-WITH- + Disabling this option will save some firmware size, particularly if + the rest of the firmware doesn't call any standard timekeeping + functions. - config MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE - bool "Support Elliptic Curve based ciphersuites" - depends on MBEDTLS_ECP_C - default y - help - Enable to show Elliptic Curve based ciphersuite mode options. - - Disabling all Elliptic Curve ciphersuites saves code size and - can give slightly faster TLS handshakes, provided the server supports - RSA-only ciphersuite modes. - - config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA - bool "Enable ECDHE-RSA based ciphersuite modes" - depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C - default y - help - Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- - - config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA - bool "Enable ECDHE-ECDSA based ciphersuite modes" - depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C - default y - help - Enable to support ciphersuites with prefix TLS-ECDHE-ECDSA-WITH- - - config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA - bool "Enable ECDH-ECDSA based ciphersuite modes" - depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C - default y - help - Enable to support ciphersuites with prefix TLS-ECDH-ECDSA-WITH- - - config MBEDTLS_KEY_EXCHANGE_ECDH_RSA - bool "Enable ECDH-RSA based ciphersuite modes" - depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C - default y - help - Enable to support ciphersuites with prefix TLS-ECDH-RSA-WITH- - - config MBEDTLS_KEY_EXCHANGE_ECJPAKE - bool "Enable ECJPAKE based ciphersuite modes" - depends on MBEDTLS_ECJPAKE_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED + config MBEDTLS_PLATFORM_TIME_ALT + bool "Enable mbedtls time support: platform-specific" + depends on MBEDTLS_HAVE_TIME default n help - Enable to support ciphersuites with prefix TLS-ECJPAKE-WITH- + Enabling this config will provide users with a function + "mbedtls_platform_set_time()" that allows to set an alternative + time function pointer. - endmenu # TLS key exchange modes - - config MBEDTLS_SSL_RECORD_SIZE_LIMIT - bool "Enable support for record size limit" - default y - depends on MBEDTLS_SSL_PROTO_TLS1_3 - help - Enable support for record size limit in TLS 1.3. - - - config MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - bool "Enable support for TLS max fragment length extension" - default y - help - Enable support for the TLS max fragment length extension. - - config MBEDTLS_SSL_ALL_ALERT_MESSAGES - bool "Enable all TLS alert messages" - default y - help - Enable all TLS alert messages in case of encountered errors as per RFC. - If disabled, Mbed TLS can still communicate with other servers, only debugging of failures is harder. - The advantage of not sending alert messages, is that no information is given about reasons for failures - thus preventing adversaries of gaining intel. - - config MBEDTLS_SSL_RENEGOTIATION - bool "Support TLS renegotiation" - depends on MBEDTLS_TLS_ENABLED && MBEDTLS_SSL_PROTO_TLS1_2 - default y - help - The two main uses of renegotiation are (1) refresh keys on long-lived - connections and (2) client authentication after the initial handshake. - If you don't need renegotiation, disabling it will save code size and - reduce the possibility of abuse/vulnerability. - - config MBEDTLS_SSL_PROTO_TLS1_2 - bool "Support TLS 1.2 protocol" - depends on MBEDTLS_TLS_ENABLED - default y - - config MBEDTLS_SSL_PROTO_GMTSSL1_1 - bool "Support GM/T SSL 1.1 protocol" - depends on MBEDTLS_TLS_ENABLED - default n - help - Provisions for GM/T SSL 1.1 support - - config MBEDTLS_SSL_PROTO_DTLS - bool "Support DTLS protocol (all versions)" - default n - depends on MBEDTLS_SSL_PROTO_TLS1_2 - help - Requires TLS 1.2 to be enabled for DTLS 1.2 - - config MBEDTLS_SSL_ALPN - bool "Support ALPN (Application Layer Protocol Negotiation)" - depends on MBEDTLS_TLS_ENABLED - default y - help - Disabling this option will save some code size if it is not needed. - - config MBEDTLS_CLIENT_SSL_SESSION_TICKETS - bool "TLS: Client Support for RFC 5077 SSL session tickets" - default y - depends on MBEDTLS_TLS_ENABLED - help - Client support for RFC 5077 session tickets. See mbedTLS documentation for more details. - Disabling this option will save some code size. - - config MBEDTLS_SERVER_SSL_SESSION_TICKETS - bool "TLS: Server Support for RFC 5077 SSL session tickets" - default y - depends on MBEDTLS_TLS_ENABLED && (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) - help - Server support for RFC 5077 session tickets. See mbedTLS documentation for more details. - Disabling this option will save some code size. - - config MBEDTLS_BASE64_C - bool "Enable Base64 encoding/decoding" - default y - help - Enable Base64 encoding and decoding functions. This is required for PEM support. - - config MBEDTLS_ASN1_PARSE_C - bool "Enable ASN.1 parsing" - default y - help - Enable ASN.1 parsing functions. - - config MBEDTLS_ASN1_WRITE_C - bool "Enable ASN.1 writing" - default y - help - Enable ASN.1 writing functions. - - menu "Symmetric Ciphers" - - config MBEDTLS_AES_C - bool "AES block cipher" - default y - - config MBEDTLS_CAMELLIA_C - bool "Camellia block cipher" - default n - - config MBEDTLS_ARIA_C - bool "ARIA block cipher" - default n - - config MBEDTLS_CAMELLIA_SMALL_MEMORY - bool "Use small memory implementation of Camellia" - default n - depends on MBEDTLS_CAMELLIA_C - help - Reduces ROM usage of the Camellia implementation - - config MBEDTLS_DES_C - bool "DES block cipher (legacy, insecure)" + config MBEDTLS_HAVE_TIME_DATE + bool "Enable mbedtls certificate expiry check" + depends on MBEDTLS_HAVE_TIME default n help - Enables the DES block cipher to support 3DES-based TLS ciphersuites. + Enables X.509 certificate expiry checks in mbedTLS. - 3DES is vulnerable to the Sweet32 attack and should only be enabled - if absolutely necessary. + If this option is disabled (default) then X.509 certificate + "valid from" and "valid to" timestamp fields are ignored. - config MBEDTLS_BLOWFISH_C - bool "Blowfish block cipher (read help)" + If this option is enabled, these fields are compared with the + current system date and time. The time is retrieved using the + standard time() and gmtime() functions. If the certificate is not + valid for the current system time then verification will fail with + code MBEDTLS_X509_BADCERT_FUTURE or MBEDTLS_X509_BADCERT_EXPIRED. + + Enabling this option requires adding functionality in the firmware + to set the system clock to a valid timestamp before using TLS. The + recommended way to do this is via ESP-IDF's SNTP functionality, but + any method can be used. + + In the case where only a small number of certificates are trusted by + the device, please carefully consider the tradeoffs of enabling this + option. There may be undesired consequences, for example if all + trusted certificates expire while the device is offline and a TLS + connection is required to update. Or if an issue with the SNTP + server means that the system time is invalid for an extended period + after a reset. + + choice MBEDTLS_MEM_ALLOC_MODE + prompt "Memory allocation strategy" + default MBEDTLS_INTERNAL_MEM_ALLOC + help + Allocation strategy for mbedTLS, essentially provides ability to + allocate all required dynamic allocations from, + + - Internal DRAM memory only + - External SPIRAM memory only + - Either internal or external memory based on default malloc() behavior in ESP-IDF + - Custom allocation mode, by overwriting calloc()/free() + using mbedtls_platform_set_calloc_free() function + - Internal IRAM memory wherever applicable else internal DRAM + + Recommended mode here is always internal (*), since that is most preferred + from security perspective. But if application requirement does not + allow sufficient free internal memory then alternate mode can be + selected. + + (*) In case of ESP32-S2/ESP32-S3, hardware allows encryption of external + SPIRAM contents provided hardware flash encryption feature is enabled. + In that case, using external SPIRAM allocation strategy is also safe choice + from security perspective. + + config MBEDTLS_INTERNAL_MEM_ALLOC + bool "Internal memory" + + config MBEDTLS_EXTERNAL_MEM_ALLOC + bool "External SPIRAM" + depends on SPIRAM_USE_CAPS_ALLOC || SPIRAM_USE_MALLOC + + config MBEDTLS_DEFAULT_MEM_ALLOC + bool "Default alloc mode" + + config MBEDTLS_CUSTOM_MEM_ALLOC + bool "Custom alloc mode" + + config MBEDTLS_IRAM_8BIT_MEM_ALLOC + bool "Internal IRAM" + depends on ESP32_IRAM_AS_8BIT_ACCESSIBLE_MEMORY + help + Allows to use IRAM memory region as 8bit accessible region. + + TLS input and output buffers will be allocated in IRAM section which is 32bit aligned + memory. Every unaligned (8bit or 16bit) access will result in an exception + and incur penalty of certain clock cycles per unaligned read/write. + + endchoice #MBEDTLS_MEM_ALLOC_MODE + + config MBEDTLS_SSL_MAX_CONTENT_LEN + int "TLS maximum message content length" + default 16384 + range 512 16384 + depends on !MBEDTLS_ASYMMETRIC_CONTENT_LEN + help + Maximum TLS message length (in bytes) supported by mbedTLS. + + 16384 is the default and this value is required to comply + fully with TLS standards. + + However you can set a lower value in order to save RAM. This + is safe if the other end of the connection supports Maximum + Fragment Length Negotiation Extension (max_fragment_length, + see RFC6066) or you know for certain that it will never send a + message longer than a certain number of bytes. + + If the value is set too low, symptoms are a failed TLS + handshake or a return value of MBEDTLS_ERR_SSL_INVALID_RECORD + (-0x7200). + + config MBEDTLS_ASYMMETRIC_CONTENT_LEN + bool "Asymmetric in/out fragment length" + default y + help + If enabled, this option allows customizing TLS in/out fragment length + in asymmetric way. Please note that enabling this with default values + saves 12KB of dynamic memory per TLS connection. + + config MBEDTLS_SSL_IN_CONTENT_LEN + int "TLS maximum incoming fragment length" + default 16384 + range 512 16384 + depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN + help + This defines maximum incoming fragment length, overriding default + maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). + + config MBEDTLS_SSL_OUT_CONTENT_LEN + int "TLS maximum outgoing fragment length" + default 4096 + range 512 16384 + depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN + help + This defines maximum outgoing fragment length, overriding default + maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN). + + config MBEDTLS_DYNAMIC_BUFFER + bool "Using dynamic TX/RX buffer" + default n + select MBEDTLS_ASYMMETRIC_CONTENT_LEN + # Dynamic buffer feature is not supported with DTLS + depends on !IDF_TARGET_LINUX && !MBEDTLS_SSL_PROTO_DTLS && !MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH + help + Using dynamic TX/RX buffer. After enabling this option, mbedTLS will + allocate TX buffer when need to send data and then free it if all data + is sent, allocate RX buffer when need to receive data and then free it + when all data is used or read by upper layer. + + By default, when SSL is initialized, mbedTLS also allocate TX and + RX buffer with the default value of "MBEDTLS_SSL_OUT_CONTENT_LEN" or + "MBEDTLS_SSL_IN_CONTENT_LEN", so to save more heap, users can set + the options to be an appropriate value. + + config MBEDTLS_DYNAMIC_FREE_CONFIG_DATA + bool "Free private key and DHM data after its usage" + default n + depends on MBEDTLS_DYNAMIC_BUFFER + help + Free private key and DHM data after its usage in handshake process. + + The option will decrease heap cost when handshake, but also lead to problem: + + Because all certificate, private key and DHM data are freed so users should register + certificate and private key to ssl config object again. + + config MBEDTLS_DYNAMIC_FREE_CA_CERT + bool "Free SSL CA certificate after its usage" + default y + depends on MBEDTLS_DYNAMIC_FREE_CONFIG_DATA + help + Free CA certificate after its usage in the handshake process. + This option will decrease the heap footprint for the TLS handshake, but may lead to a problem: + If the respective ssl object needs to perform the TLS handshake again, + the CA certificate should once again be registered to the ssl object. + + config MBEDTLS_VERSION_FEATURES + bool "Enable mbedTLS version features" default n help - Enables the Blowfish block cipher (not used for TLS sessions.) + Enable mbedTLS version features. + This option allows Allow run-time checking of compile-time enabled features. + Disabling this option will save some code size. - The Blowfish cipher is not used for mbedTLS TLS sessions but can be - used for other purposes. Read up on the limitations of Blowfish (including - Sweet32) before enabling. - - config MBEDTLS_XTEA_C - bool "XTEA block cipher" + config MBEDTLS_DEBUG + bool "Enable mbedTLS debugging" default n help - Enables the XTEA block cipher. + Enable mbedTLS debugging functions at compile time. + If this option is enabled, you can include + "mbedtls/esp_debug.h" and call mbedtls_esp_enable_debug_log() + at runtime in order to enable mbedTLS debug output via the ESP + log mechanism. - config MBEDTLS_CCM_C - bool "CCM (Counter with CBC-MAC) block cipher modes" + choice MBEDTLS_DEBUG_LEVEL + bool "Set mbedTLS debugging level" + depends on MBEDTLS_DEBUG + default MBEDTLS_DEBUG_LEVEL_VERBOSE + help + Set mbedTLS debugging level + + config MBEDTLS_DEBUG_LEVEL_WARN + bool "Warning" + config MBEDTLS_DEBUG_LEVEL_INFO + bool "Info" + config MBEDTLS_DEBUG_LEVEL_DEBUG + bool "Debug" + config MBEDTLS_DEBUG_LEVEL_VERBOSE + bool "Verbose" + endchoice + + config MBEDTLS_DEBUG_LEVEL + int + default 1 if MBEDTLS_DEBUG_LEVEL_WARN + default 2 if MBEDTLS_DEBUG_LEVEL_INFO + default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG + default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE + + config MBEDTLS_SELF_TEST + bool "Enable mbedTLS self-test" default y - depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C help - Enable Counter with CBC-MAC (CCM) modes for AES and/or Camellia ciphers. - - Disabling this option saves some code size. - - config MBEDTLS_CIPHER_MODE_CBC - bool "CBC (Cipher Block Chaining) block cipher modes" - default y - depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C - help - Enable Cipher Block Chaining (CBC) modes for AES and/or Camellia ciphers. - - config MBEDTLS_CIPHER_MODE_CFB - bool "CFB (Cipher Feedback) block cipher modes" - default y - depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C - help - Enable Cipher Feedback (CFB) modes for AES and/or Camellia ciphers. - - config MBEDTLS_CIPHER_MODE_CTR - bool "CTR (Counter) block cipher modes" - default y - depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C - help - Enable Counter (CTR) modes for AES and/or Camellia ciphers. - - config MBEDTLS_CIPHER_MODE_OFB - bool "OFB (Output Feedback) block cipher modes" - default y - depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C - help - Enable Output Feedback (OFB) modes for AES and/or Camellia ciphers. - - config MBEDTLS_CIPHER_MODE_XTS - bool "XTS (XEX Tweakable Block Cipher with Ciphertext Stealing) block cipher modes" - default y - depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C - help - Enable XEX Tweakable Block Cipher with Ciphertext Stealing (XTS) modes - for AES and/or Camellia ciphers. - - config MBEDTLS_GCM_C - bool "GCM (Galois/Counter) block cipher modes" - default y - depends on (MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C) && MBEDTLS_CIPHER_C - help - Enable Galois/Counter Mode for AES and/or Camellia ciphers. - - This option is generally faster than CCM. - - config MBEDTLS_NIST_KW_C - bool "NIST key wrapping (KW) and KW padding (KWP)" - default n - depends on MBEDTLS_AES_C && MBEDTLS_CIPHER_C - help - Enable NIST key wrapping and key wrapping padding. - - config MBEDTLS_CIPHER_PADDING - bool "Cipher padding" - default y - depends on MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB - help - Enable padding for block ciphers. - - Padding is only used for block ciphers in CBC, CFB, CTR and OFB modes. - If you are using a stream cipher or a block cipher in ECB mode, you can - disable this option to save code size. - - config MBEDTLS_CIPHER_PADDING_PKCS7 - bool "PKCS#7 padding" - default y - depends on MBEDTLS_CIPHER_PADDING && \ - (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) - help - Enable PKCS#7 padding for block ciphers. - - config MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS - bool "One and zeros padding" - default y - depends on MBEDTLS_CIPHER_PADDING && \ - (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) - help - Enable one and zeros padding for block ciphers. - - config MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN - bool "Zeros and length padding" - default y - depends on MBEDTLS_CIPHER_PADDING && \ - (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) - help - Enable zeros and length padding for block ciphers. - - config MBEDTLS_CIPHER_PADDING_ZEROS - bool "Zeros padding" - default y - depends on MBEDTLS_CIPHER_PADDING && \ - (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) - help - Enable zeros padding for block ciphers. - - endmenu # Symmetric Ciphers - - config MBEDTLS_RIPEMD160_C - bool "Enable RIPEMD-160 hash algorithm" - default n - help - Enable the RIPEMD-160 hash algorithm. + Enable mbedTLS self-test functions. + endmenu # Core Configuration menu "Certificates" + config MBEDTLS_X509_USE_C + bool "Enable X.509 certificate support" + default y + help + Enable X.509 certificate support. config MBEDTLS_PEM_PARSE_C bool "Read & Parse PEM formatted certificates" default y + select MBEDTLS_BASE64_C help Enable decoding/parsing of PEM formatted certificates. @@ -1366,6 +328,7 @@ menu "mbedTLS" config MBEDTLS_PEM_WRITE_C bool "Write PEM formatted certificates" default y + select MBEDTLS_BASE64_C help Enable writing of PEM formatted certificates. @@ -1420,9 +383,10 @@ menu "mbedTLS" default y help Support for parsing X.509 Certificate Signing Requests + config MBEDTLS_X509_CREATE_C bool "X.509 certificate creation" - default y + default n depends on MBEDTLS_BIGNUM_C && MBEDTLS_OID_C && \ MBEDTLS_PK_WRITE_C && MBEDTLS_MD_C help @@ -1450,195 +414,479 @@ menu "mbedTLS" help Support for parsing X.509 certificates with RSASSA-PSS signatures. - endmenu # Certificates + config MBEDTLS_X509_TRUSTED_CERT_CALLBACK + bool "Enable trusted certificate callbacks" + default n + help + Enables users to configure the set of trusted certificates + through a callback instead of a linked list. - menuconfig MBEDTLS_ECP_C - bool "Elliptic Curve Ciphers" - default y + See mbedTLS documentation for required API and more details. - config MBEDTLS_PK_PARSE_EC_EXTENDED - bool "Enhance support for reading EC keys" + config MBEDTLS_ASN1_PARSE_C + bool "Enable ASN.1 parsing" + default y + help + Enable ASN.1 parsing functions. + + config MBEDTLS_ASN1_WRITE_C + bool "Enable ASN.1 writing" + default y + help + Enable ASN.1 writing functions. + + config MBEDTLS_OID_C + bool "Enable OID support" + default y + help + Enable support for Object Identifier (OID) parsing and printing. + This is used by X.509 and PKCS#11. + + config MBEDTLS_CERTIFICATE_BUNDLE + bool "Enable trusted root certificate bundle" + default y + help + Enable support for large number of default root certificates + + When enabled this option allows user to store default as well + as customer specific root certificates in compressed format rather + than storing full certificate. For the root certificates the public key and the subject name + will be stored. + + menu "Certificate Bundle Configuration" + depends on MBEDTLS_CERTIFICATE_BUNDLE + choice MBEDTLS_DEFAULT_CERTIFICATE_BUNDLE + bool "Default certificate bundle options" + default MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL + + config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL + bool "Use the full default certificate bundle" + + config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN + bool "Use only the most common certificates from the default bundles" + help + Use only the most common certificates from the default bundles, reducing the size with 50%, + while still having around 99% coverage. + + config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE + bool "Do not use the default certificate bundle" + endchoice + + config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE + depends on MBEDTLS_CERTIFICATE_BUNDLE + default n + bool "Add custom certificates to the default bundle" + + config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE_PATH + depends on MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE + string "Custom certificate bundle path" + help + Name of the custom certificate directory or file. This path is evaluated + relative to the project root directory. + + config MBEDTLS_CERTIFICATE_BUNDLE_DEPRECATED_LIST + bool "Add deprecated root certificates" + depends on MBEDTLS_CERTIFICATE_BUNDLE && !MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE + help + Include the deprecated list of root certificates in the bundle. + This list gets updated when a certificate is removed from the Mozilla's + NSS root certificate store. This config can be enabled if you would like + to ensure that none of the certificates that were deployed in the product + are affected because of the update to bundle. In turn, enabling this + setting keeps expired, retracted certificates in the bundle and it may + pose a security risk. + - Deprecated cert list may grow based based on sync with upstream bundle + - Deprecated certs would be removed in ESP-IDF (next) major release + + config MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS + int "Maximum no of certificates allowed in certificate bundle" + default 200 + depends on MBEDTLS_CERTIFICATE_BUNDLE + endmenu + + config MBEDTLS_ALLOW_WEAK_CERTIFICATE_VERIFICATION + bool "Allow weak certificate verification" + default n + help + This options allows weak certificate verification by skipping the hostname verification. + It is not recommended to use this option. + + config MBEDTLS_CERTIFICATE_BUNDLE_CROSS_SIGNED_VERIFY + bool "Support cross-signed certificate verification in certificate bundle" + default n + depends on MBEDTLS_CERTIFICATE_BUNDLE + select MBEDTLS_X509_TRUSTED_CERT_CALLBACK + help + Enable support for cross-signed certificate verification in the certificate bundle. + This feature uses an internal callback to verify the cross-signed certificates. + This feature is kept disabled by default as enabling this feature increases + heap usage by approximately 700 bytes. + endmenu + + config MBEDTLS_TLS_ENABLED + bool "Enable TLS protocol support" default y - depends on MBEDTLS_ECP_C + select MBEDTLS_CIPHER_C + select MBEDTLS_SHA256_C + select MBEDTLS_MD_C + select MBEDTLS_SSL_PROTO_TLS1_2 help - Enhance support for reading EC keys using variants of SEC1 not allowed by - RFC 5915 and RFC 5480. + Enable support for the TLS protocol, which is used for secure communication + over networks. This option is required for most secure network protocols, + including HTTPS, FTPS, and others. - config MBEDTLS_PK_PARSE_EC_COMPRESSED - bool "Enable the support for parsing public keys of type Short Weierstrass" - default y - depends on MBEDTLS_ECP_C - help - Enable the support for parsing public keys of type Short Weierstrass - (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the - compressed point format. This parsing is done through ECP module's functions. + If you do not need TLS support, you can disable this option to save code size. - config MBEDTLS_DHM_C - bool "Diffie-Hellman-Merkle key exchange (DHM)" + menu "TLS Protocol Configuration" + depends on MBEDTLS_TLS_ENABLED + config MBEDTLS_SSL_PROTO_TLS1_2 + bool "Support TLS 1.2 protocol" + depends on MBEDTLS_TLS_ENABLED + default y + + config MBEDTLS_SSL_PROTO_TLS1_3 + bool "Support TLS 1.3 protocol" + depends on MBEDTLS_TLS_ENABLED + select MBEDTLS_HKDF_C + select MBEDTLS_SSL_KEEP_PEER_CERTIFICATE + default n + + menu "TLS 1.3 Configuration" + depends on MBEDTLS_SSL_PROTO_TLS1_3 + config MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE + depends on MBEDTLS_SSL_PROTO_TLS1_3 + bool "TLS 1.3 middlebox compatibility mode" + default y + + config MBEDTLS_SSL_TLS1_3_KEXM_PSK + depends on MBEDTLS_SSL_PROTO_TLS1_3 + bool "TLS 1.3 PSK key exchange mode" + default y + + config MBEDTLS_SSL_TLS1_3_KEXM_EPHEMERAL + depends on MBEDTLS_SSL_PROTO_TLS1_3 + bool "TLS 1.3 ephemeral key exchange mode" + default y + + config MBEDTLS_SSL_TLS1_3_KEXM_PSK_EPHEMERAL + depends on MBEDTLS_SSL_PROTO_TLS1_3 + bool "TLS 1.3 PSK ephemeral key exchange mode" + default y + + config MBEDTLS_SSL_EARLY_DATA + depends on MBEDTLS_SSL_PROTO_TLS1_3 + bool "TLS 1.3 early data" + default n + depends on MBEDTLS_CLIENT_SSL_SESSION_TICKETS && \ + (MBEDTLS_SSL_TLS1_3_KEXM_PSK || MBEDTLS_SSL_TLS1_3_KEXM_EPHEMER) + help + Enable support for TLS 1.3 early data (0-RTT). + endmenu + + config MBEDTLS_SSL_PROTO_GMTSSL1_1 + bool "Support GM/T SSL 1.1 protocol" + depends on MBEDTLS_TLS_ENABLED + default n + help + Provisions for GM/T SSL 1.1 support + + config MBEDTLS_TLS_SERVER + bool + + config MBEDTLS_TLS_CLIENT + bool + + choice MBEDTLS_TLS_MODE + bool "TLS Protocol Role" + default MBEDTLS_TLS_SERVER_AND_CLIENT + help + mbedTLS can be compiled with protocol support for the TLS + server, TLS client, or both server and client. + + Reducing the number of TLS roles supported saves code size. + + config MBEDTLS_TLS_SERVER_AND_CLIENT + bool "Server & Client" + select MBEDTLS_TLS_SERVER + select MBEDTLS_TLS_CLIENT + + config MBEDTLS_TLS_SERVER_ONLY + bool "Server" + select MBEDTLS_TLS_SERVER + + config MBEDTLS_TLS_CLIENT_ONLY + bool "Client" + select MBEDTLS_TLS_CLIENT + + config MBEDTLS_TLS_DISABLED + bool "None" + endchoice + + config MBEDTLS_SSL_CID_PADDING_GRANULARITY + int "Record plaintext padding" + default 16 + range 0 32 + depends on MBEDTLS_SSL_PROTO_TLS1_3 || MBEDTLS_SSL_DTLS_CONNECTION_ID + help + Controls the use of record plaintext padding in TLS 1.3 and + when using the Connection ID extension in DTLS 1.2. + + The padding will always be chosen so that the length of the + padded plaintext is a multiple of the value of this option. + + Notes: + A value of 1 means that no padding will be used for outgoing records. + On systems lacking division instructions, a power of two should be preferred. + + config MBEDTLS_SSL_KEEP_PEER_CERTIFICATE + bool "Keep peer certificate after handshake completion" + default n + help + Keep the peer's certificate after completion of the handshake. + Disabling this option will save about 4kB of heap and some code size. + + See mbedTLS documentation for required API and more details. + + config MBEDTLS_SSL_CONTEXT_SERIALIZATION + bool "Enable serialization of the TLS context structures" + default n + depends on MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C + help + Enable serialization of the TLS context structures + This is a local optimization in handling a single, potentially long-lived connection. + + See mbedTLS documentation for required API and more details. + Disabling this option will save some code and RAM size. + + config MBEDTLS_SSL_CACHE_C + bool "Enable SSL session cache" + default y + help + Enable simple SSL session cache implementation. + + config MBEDTLS_SSL_ALL_ALERT_MESSAGES + bool "Enable all TLS alert messages" + default y + help + Enable all TLS alert messages in case of encountered errors as per RFC. + If disabled, Mbed TLS can still communicate with other servers, only debugging of failures is harder. + The advantage of not sending alert messages, is that no information is given about reasons for failures + thus preventing adversaries of gaining intel. + + menu "TLS Key Exchange Configuration" + depends on MBEDTLS_TLS_ENABLED + config MBEDTLS_PSK_MODES + bool "Enable pre-shared-key ciphersuites" + default n + help + Enable to show configuration for different types of pre-shared-key TLS authentatication methods. + + Leaving this options disabled will save code size if they are not used. + + config MBEDTLS_KEY_EXCHANGE_PSK + bool "Enable PSK based ciphersuite modes" + depends on MBEDTLS_PSK_MODES + default n + help + Enable to support symmetric key PSK (pre-shared-key) TLS key exchange modes. + + config MBEDTLS_KEY_EXCHANGE_DHE_PSK + bool "Enable DHE-PSK based ciphersuite modes" + depends on MBEDTLS_PSK_MODES && MBEDTLS_DHM_C + default y + help + Enable to support Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. + + config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK + bool "Enable ECDHE-PSK based ciphersuite modes" + depends on MBEDTLS_PSK_MODES && MBEDTLS_ECDH_C + default y + help + Enable to support Elliptic-Curve-Diffie-Hellman PSK (pre-shared-key) TLS authentication modes. + + config MBEDTLS_KEY_EXCHANGE_RSA_PSK + bool "Enable RSA-PSK based ciphersuite modes" + depends on MBEDTLS_PSK_MODES + default y + help + Enable to support RSA PSK (pre-shared-key) TLS authentication modes. + + config MBEDTLS_KEY_EXCHANGE_RSA + bool "Enable RSA-only based ciphersuite modes" + default y + help + Enable to support ciphersuites with prefix TLS-RSA-WITH- + + config MBEDTLS_KEY_EXCHANGE_DHE_RSA + bool "Enable DHE-RSA based ciphersuite modes" + default y + depends on MBEDTLS_DHM_C + help + Enable to support ciphersuites with prefix TLS-DHE-RSA-WITH- + + config MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE + bool "Support Elliptic Curve based ciphersuites" + depends on MBEDTLS_ECP_C + default y + help + Enable to show Elliptic Curve based ciphersuite mode options. + Disabling all Elliptic Curve ciphersuites saves code size and + can give slightly faster TLS handshakes, provided the server supports + RSA-only ciphersuite modes. + + config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA + bool "Enable ECDHE-RSA based ciphersuite modes" + depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C + default y + help + Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH- + + config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA + bool "Enable ECDHE-ECDSA based ciphersuite modes" + depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C + default y + help + Enable to support ciphersuites with prefix TLS-ECDHE-ECDSA-WITH- + + config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA + bool "Enable ECDH-ECDSA based ciphersuite modes" + depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C + default y + help + Enable to support ciphersuites with prefix TLS-ECDH-ECDSA-WITH- + + config MBEDTLS_KEY_EXCHANGE_ECDH_RSA + bool "Enable ECDH-RSA based ciphersuite modes" + depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C + default y + help + Enable to support ciphersuites with prefix TLS-ECDH-RSA-WITH- + + config MBEDTLS_KEY_EXCHANGE_ECJPAKE + bool "Enable ECJPAKE based ciphersuite modes" + depends on MBEDTLS_ECJPAKE_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED + default n + help + Enable to support ciphersuites with prefix TLS-ECJPAKE-WITH- + endmenu + + config MBEDTLS_SSL_SERVER_NAME_INDICATION + bool "Enable server name indication" + default y + depends on MBEDTLS_X509_CRT_PARSE_C + help + Enable support for RFC 6066 server name indication (SNI). + + config MBEDTLS_SSL_ALPN + bool "Support ALPN (Application Layer Protocol Negotiation)" + depends on MBEDTLS_TLS_ENABLED + default y + help + Disabling this option will save some code size if it is not needed. + + config MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + bool "Enable support for TLS max fragment length extension" + default y + help + Enable support for the TLS max fragment length extension. + + config MBEDTLS_SSL_RECORD_SIZE_LIMIT + bool "Enable support for record size limit" + default n + depends on MBEDTLS_SSL_PROTO_TLS1_3 + help + Enable support for record size limit in TLS 1.3. + + config MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH + bool "Variable SSL buffer length" + default n + help + This enables the SSL buffer to be resized automatically + based on the negotiated maximum fragment length in each direction. + + config MBEDTLS_SSL_RENEGOTIATION + bool "Support TLS renegotiation" + depends on MBEDTLS_TLS_ENABLED && MBEDTLS_SSL_PROTO_TLS1_2 + default y + help + The two main uses of renegotiation are (1) refresh keys on long-lived + connections and (2) client authentication after the initial handshake. + If you don't need renegotiation, disabling it will save code size and + reduce the possibility of abuse/vulnerability. + + config MBEDTLS_CLIENT_SSL_SESSION_TICKETS + bool "TLS: Client Support for RFC 5077 SSL session tickets" + default y + depends on MBEDTLS_TLS_ENABLED + help + Client support for RFC 5077 session tickets. See mbedTLS documentation for more details. + Disabling this option will save some code size. + + config MBEDTLS_SERVER_SSL_SESSION_TICKETS + bool "TLS: Server Support for RFC 5077 SSL session tickets" + default y + depends on MBEDTLS_TLS_ENABLED && (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) + help + Server support for RFC 5077 session tickets. See mbedTLS documentation for more details. + Disabling this option will save some code size. + + config MBEDTLS_SSL_KEYING_MATERIAL_EXPORT + bool "Enable keying material export" + default n + depends on MBEDTLS_TLS_ENABLED + help + Enable shared symmetric keys export for TLS sessions using mbedtls_ssl_export_keying_material() + after SSL handshake. The process for deriving the keys is specified in RFC 5705 for TLS 1.2 + and in RFC 8446, Section 7.5, for TLS 1.3. + endmenu + + config MBEDTLS_SSL_PROTO_DTLS + bool "Support DTLS protocol (all versions)" default n - select MBEDTLS_BIGNUM_C - depends on MBEDTLS_ECP_C + depends on MBEDTLS_SSL_PROTO_TLS1_2 help - Enable DHM. Needed to use DHE-xxx TLS ciphersuites. + Requires TLS 1.2 to be enabled for DTLS 1.2 - Note that the security of Diffie-Hellman key exchanges depends on - a suitable prime being used for the exchange. Please see detailed - warning text about this in file `mbedtls/dhm.h` file. + menu "DTLS-based configurations" + depends on MBEDTLS_SSL_PROTO_DTLS + config MBEDTLS_SSL_COOKIE_C + bool "Enable SSL session cookie" + default n + help + Enable basic DTLS cookie implementation for hello verification. - config MBEDTLS_RSA_C - bool "RSA public key cryptosystem" - default y - select MBEDTLS_BIGNUM_C - select MBEDTLS_OID_C - help - Enable RSA. Needed to use RSA-xxx TLS ciphersuites. + config MBEDTLS_SSL_DTLS_CONNECTION_ID + bool "Support for the DTLS Connection ID extension" + default n + help + Enable support for the DTLS Connection ID extension which allows to + identify DTLS connections across changes in the underlying transport. - config MBEDTLS_ECDH_C - bool "Elliptic Curve Diffie-Hellman (ECDH)" - depends on MBEDTLS_ECP_C - default y - help - Enable ECDH. Needed to use ECDHE-xxx TLS ciphersuites. + config MBEDTLS_SSL_CID_IN_LEN_MAX + int "Maximum length of CIDs used for incoming DTLS messages" + default 32 + range 0 32 + depends on MBEDTLS_SSL_DTLS_CONNECTION_ID + help + Maximum length of CIDs used for incoming DTLS messages - config MBEDTLS_ECDSA_C - bool "Elliptic Curve DSA" - depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_C - select MBEDTLS_ASN1_WRITE_C - select MBEDTLS_ASN1_PARSE_C - default y - help - Enable ECDSA. Needed to use ECDSA-xxx TLS ciphersuites. + config MBEDTLS_SSL_CID_OUT_LEN_MAX + int "Maximum length of CIDs used for outgoing DTLS messages" + default 32 + range 0 32 + depends on MBEDTLS_SSL_DTLS_CONNECTION_ID + help + Maximum length of CIDs used for outgoing DTLS messages - config MBEDTLS_ECJPAKE_C - bool "Elliptic curve J-PAKE" - depends on MBEDTLS_ECP_C - default n - help - Enable ECJPAKE. Needed to use ECJPAKE-xxx TLS ciphersuites. + config MBEDTLS_SSL_DTLS_SRTP + bool "Enable support for negotiation of DTLS-SRTP (RFC 5764)" + default n + help + Enable support for negotiation of DTLS-SRTP (RFC 5764) through the use_srtp extension. - config MBEDTLS_ECP_DP_SECP192R1_ENABLED - bool "Enable SECP192R1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for SECP192R1 Elliptic Curve. - - config MBEDTLS_ECP_DP_SECP224R1_ENABLED - bool "Enable SECP224R1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for SECP224R1 Elliptic Curve. - - config MBEDTLS_ECP_DP_SECP256R1_ENABLED - bool "Enable SECP256R1 curve" - depends on MBEDTLS_ECP_C - default y - help - Enable support for SECP256R1 Elliptic Curve. - - config MBEDTLS_ECP_DP_SECP384R1_ENABLED - bool "Enable SECP384R1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for SECP384R1 Elliptic Curve. - - config MBEDTLS_ECP_DP_SECP521R1_ENABLED - bool "Enable SECP521R1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for SECP521R1 Elliptic Curve. - - config MBEDTLS_ECP_DP_SECP192K1_ENABLED - bool "Enable SECP192K1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for SECP192K1 Elliptic Curve. - - config MBEDTLS_ECP_DP_SECP224K1_ENABLED - bool "Enable SECP224K1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for SECP224K1 Elliptic Curve. - - config MBEDTLS_ECP_DP_SECP256K1_ENABLED - bool "Enable SECP256K1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for SECP256K1 Elliptic Curve. - - config MBEDTLS_ECP_DP_BP256R1_ENABLED - bool "Enable BP256R1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - support for DP Elliptic Curve. - - config MBEDTLS_ECP_DP_BP384R1_ENABLED - bool "Enable BP384R1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - support for DP Elliptic Curve. - - config MBEDTLS_ECP_DP_BP512R1_ENABLED - bool "Enable BP512R1 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - support for DP Elliptic Curve. - - config MBEDTLS_ECP_DP_CURVE25519_ENABLED - bool "Enable CURVE25519 curve" - depends on MBEDTLS_ECP_C - default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) - help - Enable support for CURVE25519 Elliptic Curve. - - config MBEDTLS_ECP_NIST_OPTIM - bool "NIST 'modulo p' optimisations" - depends on MBEDTLS_ECP_C - default y - help - NIST 'modulo p' optimisations increase Elliptic Curve operation performance. - - Disabling this option saves some code size. - - config MBEDTLS_ECP_FIXED_POINT_OPTIM - bool "Enable fixed-point multiplication optimisations" - depends on MBEDTLS_ECP_C - default n - help - This configuration option enables optimizations to speedup (about 3 ~ 4 times) the ECP - fixed point multiplication using pre-computed tables in the flash memory. - Enabling this configuration option increases the flash footprint - (about 29KB if all Elliptic Curve selected) in the application binary. - - # end of Elliptic Curve options - - config MBEDTLS_POLY1305_C - bool "Poly1305 MAC algorithm" - default n - help - Enable support for Poly1305 MAC algorithm. - - config MBEDTLS_CHACHA20_C - bool "Chacha20 stream cipher" - default n - help - Enable support for Chacha20 stream cipher. - - config MBEDTLS_CHACHAPOLY_C - bool "ChaCha20-Poly1305 AEAD algorithm" - default n - depends on MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C - help - Enable support for ChaCha20-Poly1305 AEAD algorithm. + See mbedTLS documentation for required API and more details. + Disabling this option will save some code size. + endmenu config MBEDTLS_CIPHER_C bool "Cipher abstraction layer" @@ -1649,58 +897,866 @@ menu "mbedTLS" If you are not using the cipher abstraction layer, you can disable this option to save some code size. - config MBEDTLS_HKDF_C - bool "HKDF algorithm (RFC 5869)" - default n - depends on MBEDTLS_MD_C - help - Enable support for the Hashed Message Authentication Code - (HMAC)-based key derivation function (HKDF). + menu "Symmetric Ciphers" + config MBEDTLS_AES_C + bool "AES block cipher" + default y - config MBEDTLS_THREADING_C - bool "Enable the threading abstraction layer" - default n - help - If you do intend to use contexts between threads, you will need to enable - this layer to prevent race conditions. + config MBEDTLS_CAMELLIA_C + bool "Camellia block cipher" + default n - config MBEDTLS_VERSION_C - bool "Enable version information" - default y - help - Enable version information functions. + config MBEDTLS_ARIA_C + bool "ARIA block cipher" + default y - config MBEDTLS_THREADING_ALT - bool "Enable threading alternate implementation" - depends on MBEDTLS_THREADING_C - default y - help - Enable threading alt to allow your own alternate threading implementation. + config MBEDTLS_CAMELLIA_SMALL_MEMORY + bool "Use small memory implementation of Camellia" + default n + depends on MBEDTLS_CAMELLIA_C + help + Reduces ROM usage of the Camellia implementation - config MBEDTLS_THREADING_PTHREAD - bool "Enable threading pthread implementation" - depends on MBEDTLS_THREADING_C - default n - help - Enable the pthread wrapper layer for the threading layer. + config MBEDTLS_DES_C + bool "DES block cipher (legacy, insecure)" + default n + help + Enables the DES block cipher to support 3DES-based TLS ciphersuites. - config MBEDTLS_ERROR_STRINGS - bool "Enable error code to error string conversion" - default y - help - Enables mbedtls_strerror() for converting error codes to error strings. - Disabling this config can save some code/rodata size as the error - string conversion implementation is replaced with an empty stub. + 3DES is vulnerable to the Sweet32 attack and should only be enabled + if absolutely necessary. - config MBEDTLS_ERROR_STRERROR_DUMMY - bool "Enable a dummy error function to make use of mbedtls_strerror()" - default n - depends on !MBEDTLS_ERROR_STRINGS - help - This option enables a dummy error function to make use of mbedtls_strerror() - when MBEDTLS_ERROR_STRINGS is disabled. This is useful for applications - that use mbedtls_strerror() but do not need the actual error strings. - This option can be used to save code size when MBEDTLS_ERROR_STRINGS is disabled. + config MBEDTLS_BLOWFISH_C + bool "Blowfish block cipher (read help)" + default n + help + Enables the Blowfish block cipher (not used for TLS sessions.) + + The Blowfish cipher is not used for mbedTLS TLS sessions but can be + used for other purposes. Read up on the limitations of Blowfish (including + Sweet32) before enabling. + + config MBEDTLS_XTEA_C + bool "XTEA block cipher" + default n + help + Enables the XTEA block cipher. + + config MBEDTLS_CCM_C + bool "CCM (Counter with CBC-MAC) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Counter with CBC-MAC (CCM) modes for AES and/or Camellia ciphers. + + Disabling this option saves some code size. + + config MBEDTLS_CIPHER_MODE_CBC + bool "CBC (Cipher Block Chaining) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Cipher Block Chaining (CBC) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_CFB + bool "CFB (Cipher Feedback) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Cipher Feedback (CFB) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_CTR + bool "CTR (Counter) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Counter (CTR) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_OFB + bool "OFB (Output Feedback) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable Output Feedback (OFB) modes for AES and/or Camellia ciphers. + + config MBEDTLS_CIPHER_MODE_XTS + bool "XTS (XEX Tweakable Block Cipher with Ciphertext Stealing) block cipher modes" + default y + depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C + help + Enable XEX Tweakable Block Cipher with Ciphertext Stealing (XTS) modes + for AES and/or Camellia ciphers. + + config MBEDTLS_GCM_C + bool "GCM (Galois/Counter) block cipher modes" + default y + depends on (MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C) && MBEDTLS_CIPHER_C + help + Enable Galois/Counter Mode for AES and/or Camellia ciphers. + + This option is generally faster than CCM. + + config MBEDTLS_NIST_KW_C + bool "NIST key wrapping (KW) and KW padding (KWP)" + default n + depends on MBEDTLS_AES_C && MBEDTLS_CIPHER_C + help + Enable NIST key wrapping and key wrapping padding. + + config MBEDTLS_CIPHER_PADDING + bool "Cipher padding" + default y + depends on MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB + help + Enable padding for block ciphers. + + Padding is only used for block ciphers in CBC, CFB, CTR and OFB modes. + If you are using a stream cipher or a block cipher in ECB mode, you can + disable this option to save code size. + + config MBEDTLS_CIPHER_PADDING_PKCS7 + bool "PKCS#7 padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable PKCS#7 padding for block ciphers. + + config MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS + bool "One and zeros padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable one and zeros padding for block ciphers. + + config MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN + bool "Zeros and length padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable zeros and length padding for block ciphers. + + config MBEDTLS_CIPHER_PADDING_ZEROS + bool "Zeros padding" + default y + depends on MBEDTLS_CIPHER_PADDING && \ + (MBEDTLS_CIPHER_MODE_CBC || MBEDTLS_CIPHER_MODE_CFB || MBEDTLS_CIPHER_MODE_OFB) + help + Enable zeros padding for block ciphers. + + config MBEDTLS_AES_ROM_TABLES + bool "Store AES tables in ROM" + default y + help + Store the AES tables in ROM instead of generating them at runtime. + Using precomputed ROM tables reduces RAM usage, but increases + flash usage. + + config MBEDTLS_AES_FEWER_TABLES + bool "Use fewer AES tables" + default n + help + Use fewer AES tables to reduce ROM/RAM usage. + Using fewer tables increases the time taken to generate the tables + at runtime, but reduces ROM/RAM usage. + + config MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + bool "Only support 128-bit AES keys" + default n + help + Only support 128-bit AES keys. + This reduces code size, but disables support for 192-bit and + 256-bit AES keys. + + config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC + bool "Enable AES hardware's pseudo round function" + default n + depends on SOC_AES_SUPPORT_PSEUDO_ROUND_FUNCTION + help + Enables the pseudo round function of the AES peripheral. + Enabling this would impact the performance of the AES operations. + For more info regarding the performance impact, please checkout + the pseudo round function section of the security guide. + + choice MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH + prompt "Strength of the pseudo rounds function" + depends on MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC + default MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_LOW + help + The strength of the pseudo rounds functions can be configured to low, medium and high. + You can configure the strength of the pseudo rounds functions according to your use cases, + for example, increasing the strength would provide higher security but would slow down the + hardware AES encryption/decryption operations. + + config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_LOW + bool "Low" + + config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_MEDIUM + bool "Medium" + + config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_HIGH + bool "High" + endchoice + + config MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH + int + default 1 if MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_LOW + default 2 if MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_MEDIUM + default 3 if MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH_HIGH + + config MBEDTLS_CMAC_C + bool "Enable CMAC mode for block ciphers" + default y + select MBEDTLS_CIPHER_C + depends on (MBEDTLS_AES_C || MBEDTLS_DES_C) + help + Enable the CMAC (Cipher-based Message Authentication Code) mode for + block ciphers. + endmenu + + menu "Asymmetric Ciphers" + config MBEDTLS_BIGNUM_C + bool "Enable multiple precision integer (bignum) support" + default y + help + Enable support for multiple precision integer (bignum) operations. + + This is required for RSA, DSA, DHM, ECDH and ECDSA. + + If you don't need any of these algorithms, you can disable this option + to save code size. + + config MBEDTLS_GENPRIME + bool "Enable hardware prime number generation" + default y + depends on MBEDTLS_BIGNUM_C + help + Enable prime number generation. + + config MBEDTLS_RSA_C + bool "RSA public key cryptosystem" + default y + select MBEDTLS_BIGNUM_C + select MBEDTLS_OID_C + help + Enable RSA. Needed to use RSA-xxx TLS ciphersuites. + + config MBEDTLS_ECP_C + bool "Enable Elliptic Curve Ciphers(ECC) support" + default y + menu "Supported Curves" + config MBEDTLS_ECP_DP_SECP192R1_ENABLED + bool "Enable SECP192R1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for SECP192R1 Elliptic Curve. + + config MBEDTLS_ECP_DP_SECP224R1_ENABLED + bool "Enable SECP224R1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for SECP224R1 Elliptic Curve. + + config MBEDTLS_ECP_DP_SECP256R1_ENABLED + bool "Enable SECP256R1 curve" + depends on MBEDTLS_ECP_C + default y + help + Enable support for SECP256R1 Elliptic Curve. + + config MBEDTLS_ECP_DP_SECP384R1_ENABLED + bool "Enable SECP384R1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for SECP384R1 Elliptic Curve. + + config MBEDTLS_ECP_DP_SECP521R1_ENABLED + bool "Enable SECP521R1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for SECP521R1 Elliptic Curve. + + config MBEDTLS_ECP_DP_SECP192K1_ENABLED + bool "Enable SECP192K1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for SECP192K1 Elliptic Curve. + + config MBEDTLS_ECP_DP_SECP224K1_ENABLED + bool "Enable SECP224K1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for SECP224K1 Elliptic Curve. + + config MBEDTLS_ECP_DP_SECP256K1_ENABLED + bool "Enable SECP256K1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for SECP256K1 Elliptic Curve. + + config MBEDTLS_ECP_DP_BP256R1_ENABLED + bool "Enable BP256R1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + support for DP Elliptic Curve. + + config MBEDTLS_ECP_DP_BP384R1_ENABLED + bool "Enable BP384R1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + support for DP Elliptic Curve. + + config MBEDTLS_ECP_DP_BP512R1_ENABLED + bool "Enable BP512R1 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + support for DP Elliptic Curve. + + config MBEDTLS_ECP_DP_CURVE25519_ENABLED + bool "Enable CURVE25519 curve" + depends on MBEDTLS_ECP_C + default y if !(MBEDTLS_ATCA_HW_ECDSA_SIGN || MBEDTLS_ATCA_HW_ECDSA_VERIFY) + help + Enable support for CURVE25519 Elliptic Curve. + endmenu + + menu "Elliptic Curve Ciphers Configuration" + depends on MBEDTLS_ECP_C + config MBEDTLS_ECP_NIST_OPTIM + bool "NIST 'modulo p' optimisations" + depends on MBEDTLS_ECP_C + default y + help + NIST 'modulo p' optimisations increase Elliptic Curve operation performance. + + Disabling this option saves some code size. + + config MBEDTLS_ECP_FIXED_POINT_OPTIM + bool "Enable fixed-point multiplication optimisations" + depends on MBEDTLS_ECP_C + default n + help + This configuration option enables optimizations to speedup (about 3 ~ 4 times) the ECP + fixed point multiplication using pre-computed tables in the flash memory. + Enabling this configuration option increases the flash footprint + (about 29KB if all Elliptic Curve selected) in the application binary. + + config MBEDTLS_ECDH_LEGACY_CONTEXT + bool "Use a backward compatible ECDH context (Experimental)" + default n + depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_RESTARTABLE + help + Use the legacy ECDH context format. + Define this option only if you enable MBEDTLS_ECP_RESTARTABLE or if you + want to access ECDH context fields directly. + + config MBEDTLS_DHM_C + bool "Diffie-Hellman-Merkle key exchange (DHM)" + default y + select MBEDTLS_BIGNUM_C + depends on MBEDTLS_ECP_C + help + Enable DHM. Needed to use DHE-xxx TLS ciphersuites. + + Note that the security of Diffie-Hellman key exchanges depends on + a suitable prime being used for the exchange. Please see detailed + warning text about this in file `mbedtls/dhm.h` file. + + config MBEDTLS_ECDH_C + bool "Elliptic Curve Diffie-Hellman (ECDH)" + depends on MBEDTLS_ECP_C + default y + help + Enable ECDH. Needed to use ECDHE-xxx TLS ciphersuites. + + config MBEDTLS_ECJPAKE_C + bool "Elliptic curve J-PAKE" + depends on MBEDTLS_ECP_C + default n + help + Enable ECJPAKE. Needed to use ECJPAKE-xxx TLS ciphersuites. + + config MBEDTLS_ECDSA_C + bool "Elliptic Curve DSA" + depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_C + select MBEDTLS_ASN1_WRITE_C + select MBEDTLS_ASN1_PARSE_C + default y + help + Enable ECDSA. Needed to use ECDSA-xxx TLS ciphersuites. + + config MBEDTLS_PK_PARSE_EC_EXTENDED + bool "Enhance support for reading EC keys" + default y + depends on MBEDTLS_ECP_C + help + Enhance support for reading EC keys using variants of SEC1 not allowed by + RFC 5915 and RFC 5480. + + config MBEDTLS_PK_PARSE_EC_COMPRESSED + bool "Enable the support for parsing public keys of type Short Weierstrass" + default y + depends on MBEDTLS_ECP_C + help + Enable the support for parsing public keys of type Short Weierstrass + (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the + compressed point format. This parsing is done through ECP module's functions. + depends on MBEDTLS_ECP_C + + config MBEDTLS_ECDSA_DETERMINISTIC + bool "Enable deterministic ECDSA" + default y + help + Standard ECDSA is "fragile" in the sense that lack of entropy when signing + may result in a compromise of the long-term signing key. + + config MBEDTLS_ECP_RESTARTABLE + bool "Enable mbedTLS ecp restartable" + select MBEDTLS_ECDH_LEGACY_CONTEXT + depends on MBEDTLS_ECP_C + default n + help + Enable "non-blocking" ECC operations that can return early and be resumed. + endmenu + endmenu + + menu "Hash functions" + config MBEDTLS_HKDF_C + bool "HKDF algorithm (RFC 5869)" + default n + depends on MBEDTLS_MD_C + help + Enable support for the Hashed Message Authentication Code + (HMAC)-based key derivation function (HKDF). + + config MBEDTLS_POLY1305_C + bool "Poly1305 MAC algorithm" + default n + help + Enable support for Poly1305 MAC algorithm. + + config MBEDTLS_RIPEMD160_C + bool "Enable RIPEMD-160 hash algorithm" + default n + help + Enable the RIPEMD-160 hash algorithm. + + config MBEDTLS_MD_C + bool "Enable message digest support" + default y + depends on MBEDTLS_MD5_C || MBEDTLS_RIPEMD160_C || MBEDTLS_SHA1_C || \ + MBEDTLS_SHA224_C || MBEDTLS_SHA256_C || MBEDTLS_SHA384_C || MBEDTLS_SHA512_C + help + Enable generic layer for message digest algorithms. + + config MBEDTLS_MD5_C + bool "Enable the MD5 cryptographic hash algorithm" + default y + help + Enables support for MD5. + This module is required for TLS 1.2 depending on the handshake parameters. + Further, it is used for checking MD5-signed certificates, and for PBKDF1 + when decrypting PEM-encoded encrypted keys. + MD5 is considered a weak message digest and its use constitutes + a security risk. If possible, consider stronger message digests + such as SHA-256 (part of the SHA-2 family). + + config MBEDTLS_SHA1_C + bool "Enable the SHA-1 cryptographic hash algorithm" + default y + help + Enabling MBEDTLS_SHA1_C adds support for SHA-1. + SHA-1 is considered a weak message digest and its use constitutes + a security risk. + Disabling this configuration option could impact TLS 1.2 / Wi-Fi Enterprise compatibility + with certain older certificates that rely on SHA-1 for digital signatures. + Before proceeding, ensure that all your certificates are using stronger hash algorithms, + such as SHA-256 (part of the SHA-2 family). + If you're using older certificates or if you're unsure about the impact on your product, + please consider testing the changes in a controlled environment for individual features + like OTA updates, cloud connectivity, secure local control, etc. + + config MBEDTLS_SHA224_C + bool "Enable the SHA-224 cryptographic hash algorithm" + default n + help + Enable MBEDTLS_SHA224_C adds support for SHA-224. + + config MBEDTLS_SHA256_C + bool "Enable the SHA-256 cryptographic hash algorithm" + default y + help + Enable MBEDTLS_SHA256_C adds support for SHA-256. + + config MBEDTLS_SHA384_C + bool "Enable the SHA-384 cryptographic hash algorithm" + default y + help + Enable MBEDTLS_SHA384_C adds support for SHA-384. + + config MBEDTLS_SHA512_C + bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms" + default y + help + Enable MBEDTLS_SHA512_C adds support for SHA-512. + + config MBEDTLS_SHA3_C + bool "Enable the SHA3 cryptographic hash algorithm" + default y + help + Enabling MBEDTLS_SHA3_C adds support for SHA3. + Enabling this configuration option increases the flash footprint + by almost 4KB. + + config MBEDTLS_ROM_MD5 + bool "Use MD5 implementation in ROM" + default y + help + Use ROM MD5 in mbedTLS. + + config MBEDTLS_SHA256_SMALLER + bool "Enable SHA-256 smaller implementation" + default n + depends on !MBEDTLS_HARDWARE_SHA && MBEDTLS_SHA256_C + help + Enable a smaller implementation of SHA-256 that has lower ROM footprint + but is slower than the default implementation. + + config MBEDTLS_SHA512_SMALLER + bool "Enable SHA-512 smaller implementation" + default n + depends on !MBEDTLS_HARDWARE_SHA && MBEDTLS_SHA512_C + help + Enable a smaller implementation of SHA-512 that has lower ROM footprint + but is slower than the default implementation. + endmenu + + menu "Hardware Acceleration" + config MBEDTLS_HARDWARE_ECDSA_VERIFY + bool "Enable ECDSA signature verification using on-chip ECDSA peripheral" + default y + depends on SOC_ECDSA_SUPPORTED + help + Enable hardware accelerated ECDSA peripheral to verify signature + on curve SECP192R1 and SECP256R1 in mbedTLS. + + menu "Enable Software Countermeasure for ECDSA signing using on-chip ECDSA peripheral" + depends on MBEDTLS_HARDWARE_ECDSA_SIGN + depends on IDF_TARGET_ESP32H2 + config MBEDTLS_HARDWARE_ECDSA_SIGN_MASKING_CM + bool "Mask original ECDSA sign operation under dummy sign operations" + select HAL_ECDSA_GEN_SIG_CM + default y + help + The ECDSA peripheral before ESP32-H2 v1.2 does not offer constant time ECDSA sign operation. + This time can be observed through power profiling of the device, + making the ECDSA private key vulnerable to side-channel timing attacks. + This countermeasure masks the real ECDSA sign operation + under dummy sign operations to add randomness in the generated power signature. + It is highly recommended to also enable Secure Boot for the device + in addition to this countermeasure so that only trusted software can execute on the device. + This countermeasure can be safely disabled for ESP32-H2 v1.2 and above. + + config MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM + bool "Make ECDSA signature operation pseudo constant time for software" + default y + help + This option adds a delay after the actual ECDSA signature operation + so that the entire operation appears to be constant  time for the software. + This fix helps in protecting the device only in case of remote timing attack + on the ECDSA private key. + For e.g., When an interface is exposed by the device to perform ECDSA signature + of an arbitrary message. + The signature time would appear to be constant to the external entity after enabling + this option. + This countermeasure can be safely disabled for ESP32-H2 v1.2 and above. + endmenu + + config MBEDTLS_HARDWARE_ECDSA_SIGN + bool "Enable ECDSA signing using on-chip ECDSA peripheral" + default n + depends on SOC_ECDSA_SUPPORTED + help + Enable hardware accelerated ECDSA peripheral to sign data + on curve SECP192R1 and SECP256R1 in mbedTLS. + + Note that for signing, the private key has to be burnt in an efuse key block + with key purpose set to ECDSA_KEY. + If no key is burnt, it will report an error + + The key should be burnt in little endian format. espefuse.py utility handles it internally + but care needs to be taken while burning using esp_efuse APIs + + config MBEDTLS_TEE_SEC_STG_ECDSA_SIGN + bool "Enable ECDSA signing using TEE secure storage" + default y + depends on SECURE_ENABLE_TEE + + config MBEDTLS_HARDWARE_ECC + bool "Enable hardware ECC acceleration" + default y + depends on SOC_ECC_SUPPORTED + help + Enable hardware accelerated ECC point multiplication and point verification for points + on curve SECP192R1 and SECP256R1 in mbedTLS + + config MBEDTLS_ECC_OTHER_CURVES_SOFT_FALLBACK + bool "Fallback to software implementation for curves not supported in hardware" + depends on MBEDTLS_HARDWARE_ECC + default y + help + Fallback to software implementation of ECC point multiplication and point verification + for curves not supported in hardware. + + config MBEDTLS_HARDWARE_SHA + bool "Enable hardware SHA acceleration" + default y + depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_SHA_SUPPORTED + help + Enable hardware accelerated SHA1, SHA256, SHA384 & SHA512 in mbedTLS. + + Due to a hardware limitation, on the ESP32 hardware acceleration is only + guaranteed if SHA digests are calculated one at a time. If more + than one SHA digest is calculated at the same time, one will + be calculated fully in hardware and the rest will be calculated + (at least partially calculated) in software. This happens automatically. + + SHA hardware acceleration is faster than software in some situations but + slower in others. You should benchmark to find the best setting for you. + + config MBEDTLS_HARDWARE_MPI + bool "Enable hardware MPI (bignum) acceleration" + default y + depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_MPI_SUPPORTED && MBEDTLS_BIGNUM_C + help + Enable hardware accelerated multiple precision integer operations. + + Hardware accelerated multiplication, modulo multiplication, + and modular exponentiation for up to SOC_RSA_MAX_BIT_LEN bit results. + + These operations are used by RSA. + + config MBEDTLS_LARGE_KEY_SOFTWARE_MPI + bool "Fallback to software implementation for larger MPI values" + depends on MBEDTLS_HARDWARE_MPI + default y if SOC_RSA_MAX_BIT_LEN <= 3072 # HW max 3072 bits + default n + help + Fallback to software implementation for RSA key lengths + larger than SOC_RSA_MAX_BIT_LEN. If this is not active + then the ESP will be unable to process keys greater + than SOC_RSA_MAX_BIT_LEN. + + config MBEDTLS_MPI_USE_INTERRUPT + bool "Use interrupt for MPI exp-mod operations" + depends on !IDF_TARGET_ESP32 && MBEDTLS_HARDWARE_MPI + default y + help + Use an interrupt to coordinate long MPI operations. + + This allows other code to run on the CPU while an MPI operation is pending. + Otherwise the CPU busy-waits. + + config MBEDTLS_MPI_INTERRUPT_LEVEL + int "MPI hardware interrupt level" + default 0 + depends on MBEDTLS_MPI_USE_INTERRUPT + range 0 3 + help + This config helps to set the interrupt priority level for the MPI peripheral. + Value 0 (default) means that there is no preference regarding the interrupt + priority level and any level from 1 to 3 can be selected (based on the availability). + Note: Higher value indicates high interrupt priority. + + config MBEDTLS_HARDWARE_AES + bool "Enable hardware AES acceleration" + default y + depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_AES_SUPPORTED + help + Enable hardware accelerated AES encryption & decryption. + + Note that if the ESP32 CPU is running at 240MHz, hardware AES does not + offer any speed boost over software AES. + + config MBEDTLS_HARDWARE_GCM + bool "Enable partially hardware accelerated GCM" + depends on SOC_AES_SUPPORT_GCM && MBEDTLS_HARDWARE_AES + default y + help + Enable partially hardware accelerated GCM. GHASH calculation is still done + in software. + + If MBEDTLS_HARDWARE_GCM is disabled and MBEDTLS_HARDWARE_AES is enabled then + mbedTLS will still use the hardware accelerated AES block operation, but + on a single block at a time. + + config MBEDTLS_GCM_SUPPORT_NON_AES_CIPHER + bool "Enable support for non-AES ciphers in GCM operation" + depends on MBEDTLS_HARDWARE_AES + default y + help + Enable this config to support fallback to software definitions for a non-AES + cipher GCM operation as we support hardware acceleration only for AES cipher. + Some of the non-AES ciphers used in a GCM operation are DES, ARIA, CAMELLIA, + CHACHA20, BLOWFISH. + + If this config is disabled, performing a non-AES cipher GCM operation with + the config MBEDTLS_HARDWARE_AES enabled will result in calculation of an + AES-GCM operation instead for the given input values and thus could lead + to failure in certificate validation which would ultimately lead to a SSL + handshake failure. + + This config being by-default enabled leads to an increase in binary size + footprint of ~2.5KB. + In case you are sure that your use case (for example, client and server + settings in case of a TLS handshake) would not involve any GCM + operations using a non-AES cipher, you can safely disable this config, + leading to reduction in binary size footprint. + + config MBEDTLS_AES_USE_INTERRUPT + bool "Use interrupt for long AES operations" + depends on !IDF_TARGET_ESP32 && MBEDTLS_HARDWARE_AES + default y + help + Use an interrupt to coordinate long AES operations. + + This allows other code to run on the CPU while an AES operation is pending. + Otherwise the CPU busy-waits. + + config MBEDTLS_AES_INTERRUPT_LEVEL + int "AES hardware interrupt level" + default 0 + depends on MBEDTLS_AES_USE_INTERRUPT + range 0 3 + help + This config helps to set the interrupt priority level for the AES peripheral. + Value 0 (default) means that there is no preference regarding the interrupt + priority level and any level from 1 to 3 can be selected (based on the availability). + Note: Higher value indicates high interrupt priority. + + config MBEDTLS_PK_RSA_ALT_SUPPORT + bool "Enable RSA alt support" + default y + help + Support external private RSA keys (eg from a HSM) int the PK layer. + + config MBEDTLS_ATCA_HW_ECDSA_SIGN + bool "Enable hardware ECDSA sign acceleration when using ATECC608A" + default n + help + This option enables hardware acceleration for ECDSA sign function, only + when using ATECC608A cryptoauth chip. + + config MBEDTLS_ATCA_HW_ECDSA_VERIFY + bool "Enable hardware ECDSA verify acceleration when using ATECC608A" + default n + help + This option enables hardware acceleration for ECDSA sign function, only + when using ATECC608A cryptoauth chip. + endmenu + + menu "Entropy and Random Number Generation" + config MBEDTLS_ENTROPY_C + bool "Enable entropy support" + default y + depends on MBEDTLS_SHA256_C || MBEDTLS_SHA512_C + help + Enable support for entropy sources and provides a generic + entropy pool. + + config MBEDTLS_ENTROPY_FORCE_SHA256 + bool "Force SHA-256 for entropy" + default n + depends on MBEDTLS_SHA256_C + help + Force SHA-256 to be used for the entropy pool if both SHA-256 and SHA-512 are + enabled. On 32-bit architectures, SHA-256 can be faster than SHA-512 + + config MBEDTLS_CTR_DRBG_C + bool "Enable CTR_DRBG" + default y + depends on MBEDTLS_AES_C + help + Enable CTR_DRBG (CTR mode Deterministic Random Bit Generator). + The CTR_DRBG generator uses AES-256 by default. + + config MBEDTLS_HMAC_DRBG_C + bool "Enable HMAC_DRBG" + default y + depends on MBEDTLS_MD_C + help + Enable HMAC_DRBG (HMAC mode Deterministic Random Bit Generator). + endmenu + + menu "Encoding/Decoding" + config MBEDTLS_BASE64_C + bool "Enable Base64 encoding/decoding" + default y + help + Enable Base64 encoding and decoding functions. This is required for PEM support. + + config MBEDTLS_PKCS5_C + bool "Enable PKCS#5 functions" + default y + select MBEDTLS_MD_C + help + Enable support for PKCS#5 functions. + + config MBEDTLS_PKCS7_C + bool "Enable PKCS number 7" + default y + depends on MBEDTLS_ASN1_PARSE_C && MBEDTLS_OID_C && MBEDTLS_PK_PARSE_C && \ + MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_CRL_PARSE_C && MBEDTLS_BIGNUM_C && MBEDTLS_MD_C + help + Enable PKCS number 7 core for using PKCS number 7-formatted signatures. + + config MBEDTLS_PKCS12_C + bool "Enable PKCS number 12" + default y + depends on MBEDTLS_ASN1_PARSE_C && (MBEDTLS_MD_C) + help + Enable PKCS number 12 core for using PKCS number 12-formatted signatures. + config MBEDTLS_PKCS1_V15 + bool "Enable PKCS#1 v1.5 padding" + default y + depends on MBEDTLS_RSA_C + help + Enable support for PKCS#1 v1.5 operations. + + config MBEDTLS_PKCS1_V21 + bool "Enable PKCS#1 v2.1 padding" + default y + depends on MBEDTLS_RSA_C && MBEDTLS_MD_C + help + Enable support for PKCS#1 v2.1 operations. + endmenu + + menu "Stream Cipher" + config MBEDTLS_CHACHAPOLY_C + bool "ChaCha20-Poly1305 AEAD algorithm" + default n + depends on MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C + help + Enable support for ChaCha20-Poly1305 AEAD algorithm. + + config MBEDTLS_CHACHA20_C + bool "Chacha20 stream cipher" + default n + help + Enable support for Chacha20 stream cipher. + endmenu config MBEDTLS_USE_CRYPTO_ROM_IMPL_BOOTLOADER bool "Use ROM implementation of the crypto algorithm in the bootloader" @@ -1737,22 +1793,4 @@ menu "mbedTLS" ROM (ECO1~ECO4) then we shall patch the relevant symbols. This would increase the flash footprint and hence care must be taken to keep some reserved space for the application binary in flash layout. - - config MBEDTLS_FS_IO - bool "Enable functions that use the filesystem" - default y - depends on (VFS_SUPPORT_IO && VFS_SUPPORT_DIR) || IDF_TARGET_LINUX - help - This option enables functions in mbedTLS that use the filesystem. - It uses the default filesystem support for the target, - which is added through vfs component for ESP32 based targets or by - the host system when the target is Linux. - - config MBEDTLS_ALLOW_WEAK_CERTIFICATE_VERIFICATION - bool "Allow weak certificate verification" - default n - help - This options allows weak certificate verification by skipping the hostname verification. - It is not recommended to use this option. - endmenu # mbedTLS diff --git a/components/mbedtls/config/mbedtls_preset_bt.conf b/components/mbedtls/config/mbedtls_preset_bt.conf new file mode 100644 index 0000000000..8a816c6f08 --- /dev/null +++ b/components/mbedtls/config/mbedtls_preset_bt.conf @@ -0,0 +1,98 @@ +# +# mbedTLS Bluetooth Configuration Preset +# + +# Core Configuration +CONFIG_MBEDTLS_FS_IO=n +CONFIG_MBEDTLS_ERROR_STRINGS=n +CONFIG_MBEDTLS_HAVE_TIME=n +CONFIG_MBEDTLS_SELF_TEST=n + +# Certificates +CONFIG_MBEDTLS_PEM_PARSE_C=n +CONFIG_MBEDTLS_PEM_WRITE_C=n +CONFIG_MBEDTLS_X509_REMOVE_INFO=y +CONFIG_MBEDTLS_X509_CRL_PARSE_C=n +CONFIG_MBEDTLS_X509_CSR_PARSE_C=n +CONFIG_MBEDTLS_X509_RSASSA_PSS_SUPPORT=n +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN=n +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE=y + +# TLS Protocol Configuration +CONFIG_MBEDTLS_TLS_ENABLED=n +CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n +CONFIG_MBEDTLS_TLS_DISABLED=y + +# TLS 1.2 Configuration +CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=n + +# TLS 1.3 Configuration +CONFIG_MBEDTLS_SSL_PROTO_TLS1_3=n + +# TLS Key Exchange Configuration +CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA=n +CONFIG_MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE=n +CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=n +CONFIG_MBEDTLS_SSL_ALPN=n +CONFIG_MBEDTLS_SSL_RENEGOTIATION=n +CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=n +CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=n + +# DTLS Protocol Configuration + +# Cipher Abstraction Layer +CONFIG_MBEDTLS_CIPHER_C=y + +# Symmetric Ciphers +CONFIG_MBEDTLS_ARIA_C=n +CONFIG_MBEDTLS_CCM_C=n +CONFIG_MBEDTLS_CIPHER_MODE_CBC=n +CONFIG_MBEDTLS_CIPHER_MODE_CFB=n +CONFIG_MBEDTLS_CIPHER_MODE_CTR=n +CONFIG_MBEDTLS_CIPHER_MODE_OFB=n +CONFIG_MBEDTLS_CIPHER_MODE_XTS=y +CONFIG_MBEDTLS_GCM_C=n +CONFIG_MBEDTLS_PKCS5_C=n +CONFIG_MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS=n +CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN=n +CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS=n +CONFIG_MBEDTLS_AES_FEWER_TABLES=y + +# Elliptic Curve Ciphers Configuration +CONFIG_MBEDTLS_ECP_NIST_OPTIM=n +CONFIG_MBEDTLS_DHM_C=n +CONFIG_MBEDTLS_ECDSA_C=y +CONFIG_MBEDTLS_PK_PARSE_EC_EXTENDED=n +CONFIG_MBEDTLS_PK_PARSE_EC_COMPRESSED=n +CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=n + +# Hash functions +CONFIG_MBEDTLS_SHA1_C=n +CONFIG_MBEDTLS_SHA384_C=n +CONFIG_MBEDTLS_SHA512_C=n +CONFIG_MBEDTLS_MD5_C=n +CONFIG_MBEDTLS_MPI_USE_INTERRUPT=n +CONFIG_MBEDTLS_ECC_OTHER_CURVES_SOFT_FALLBACK=n +CONFIG_MBEDTLS_GENPRIME=y + +CONFIG_MBEDTLS_PKCS12_C=n +CONFIG_MBEDTLS_PKCS1_V21=n + +CONFIG_MBEDTLS_ENTROPY_FORCE_SHA256=y +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_ESP_WIFI_MBEDTLS_TLS_CLIENT=n + +# +# End of mbedTLS Minimal Configuration Preset +# diff --git a/components/mbedtls/config/mbedtls_preset_default.conf b/components/mbedtls/config/mbedtls_preset_default.conf new file mode 100644 index 0000000000..f34bd4d963 --- /dev/null +++ b/components/mbedtls/config/mbedtls_preset_default.conf @@ -0,0 +1,199 @@ +# +# mbedTLS Default Configuration Preset +# + +# Core Configuration +CONFIG_MBEDTLS_FS_IO=y +CONFIG_MBEDTLS_THREADING_C=n +CONFIG_MBEDTLS_ERROR_STRINGS=y +CONFIG_MBEDTLS_VERSION_C=n +CONFIG_MBEDTLS_HAVE_TIME=y +CONFIG_MBEDTLS_PLATFORM_TIME_ALT=n +CONFIG_MBEDTLS_HAVE_TIME_DATE=n +CONFIG_MBEDTLS_BIGNUM_C=y +CONFIG_MBEDTLS_INTERNAL_MEM_ALLOC=y +CONFIG_MBEDTLS_EXTERNAL_MEM_ALLOC=n +CONFIG_MBEDTLS_DEFAULT_MEM_ALLOC=n +CONFIG_MBEDTLS_CUSTOM_MEM_ALLOC=n +CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=y +CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=16384 +CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=4096 +CONFIG_MBEDTLS_DYNAMIC_BUFFER=n +CONFIG_MBEDTLS_VERSION_FEATURES=n +CONFIG_MBEDTLS_DEBUG=n +CONFIG_MBEDTLS_SELF_TEST=y + +# Certificates +CONFIG_MBEDTLS_ALLOW_WEAK_CERTIFICATE_VERIFICATION=n +CONFIG_MBEDTLS_X509_USE_C=y +CONFIG_MBEDTLS_PEM_PARSE_C=y +CONFIG_MBEDTLS_PEM_WRITE_C=y +CONFIG_MBEDTLS_PK_C=y +CONFIG_MBEDTLS_PK_PARSE_C=y +CONFIG_MBEDTLS_PK_WRITE_C=y +CONFIG_MBEDTLS_X509_REMOVE_INFO=n +CONFIG_MBEDTLS_X509_CRL_PARSE_C=y +CONFIG_MBEDTLS_X509_CRT_PARSE_C=y +CONFIG_MBEDTLS_X509_CSR_PARSE_C=y +CONFIG_MBEDTLS_X509_CREATE_C=n +CONFIG_MBEDTLS_X509_CRT_WRITE_C=y +CONFIG_MBEDTLS_X509_CSR_WRITE_C=y +CONFIG_MBEDTLS_X509_RSASSA_PSS_SUPPORT=y +CONFIG_MBEDTLS_X509_TRUSTED_CERT_CALLBACK=n +CONFIG_MBEDTLS_ASN1_PARSE_C=y +CONFIG_MBEDTLS_ASN1_WRITE_C=y +CONFIG_MBEDTLS_OID_C=y +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=y +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN=y +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE=n +CONFIG_MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE=n + +# TLS Protocol Configuration +CONFIG_MBEDTLS_TLS_ENABLED=y +CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1=n +CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=y +CONFIG_MBEDTLS_TLS_SERVER_ONLY=n +CONFIG_MBEDTLS_TLS_CLIENT_ONLY=n +CONFIG_MBEDTLS_TLS_DISABLED=n +CONFIG_MBEDTLS_TLS_SERVER=y +CONFIG_MBEDTLS_TLS_CLIENT=y +CONFIG_MBEDTLS_SSL_CID_PADDING_GRANULARITY=1 +CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n +CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION=n +CONFIG_MBEDTLS_SSL_CACHE_C=n +CONFIG_MBEDTLS_SSL_ALL_ALERT_MESSAGES=n + +# TLS 1.2 Configuration +CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y + +# TLS 1.3 Configuration +CONFIG_MBEDTLS_SSL_PROTO_TLS1_3=y + +# TLS Key Exchange Configuration +CONFIG_MBEDTLS_PSK_MODES=n +CONFIG_MBEDTLS_KEY_EXCHANGE_PSK=n +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK=n +CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_PSK=n +CONFIG_MBEDTLS_KEY_EXCHANGE_RSA=y +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA=y +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA=y +CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA=y +CONFIG_MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE=y +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA=y +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA=y +CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y +CONFIG_MBEDTLS_SSL_ALPN=y +CONFIG_MBEDTLS_SSL_MAX_FRAGMENT_LENGTH=y +CONFIG_MBEDTLS_SSL_RECORD_SIZE_LIMIT=n +CONFIG_MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH=n +CONFIG_MBEDTLS_SSL_RENEGOTIATION=y +CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=y +CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=y + +# DTLS Protocol Configuration +CONFIG_MBEDTLS_SSL_PROTO_DTLS=n + +# Cipher Abstraction Layer +CONFIG_MBEDTLS_CIPHER_C=n + +# Symmetric Ciphers +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_CAMELLIA_C=n +CONFIG_MBEDTLS_ARIA_C=y +CONFIG_MBEDTLS_DES_C=n +CONFIG_MBEDTLS_BLOWFISH_C=n +CONFIG_MBEDTLS_XTEA_C=n +CONFIG_MBEDTLS_CCM_C=y +CONFIG_MBEDTLS_CIPHER_MODE_CBC=y +CONFIG_MBEDTLS_CIPHER_MODE_CFB=y +CONFIG_MBEDTLS_CIPHER_MODE_CTR=y +CONFIG_MBEDTLS_CIPHER_MODE_OFB=y +CONFIG_MBEDTLS_CIPHER_MODE_XTS=y +CONFIG_MBEDTLS_GCM_C=y +CONFIG_MBEDTLS_NIST_KW_C=n +CONFIG_MBEDTLS_CIPHER_PADDING=y +CONFIG_MBEDTLS_CIPHER_PADDING_PKCS7=y +CONFIG_MBEDTLS_PKCS5_C=y +CONFIG_MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS=y +CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN=y +CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS=y +CONFIG_MBEDTLS_AES_ROM_TABLES=y +CONFIG_MBEDTLS_AES_FEWER_TABLES=n +CONFIG_MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH=n +CONFIG_MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC=n +CONFIG_MBEDTLS_CMAC_C=y + +# Asymmetric Ciphers +CONFIG_MBEDTLS_RSA_C=y + +# Elliptic Curve Ciphers Configuration +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_ECP_NIST_OPTIM=y +CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM=n +CONFIG_MBEDTLS_DHM_C=y +CONFIG_MBEDTLS_ECDH_C=y +CONFIG_MBEDTLS_ECJPAKE_C=n +CONFIG_MBEDTLS_ECDSA_C=y +CONFIG_MBEDTLS_PK_PARSE_EC_EXTENDED=y +CONFIG_MBEDTLS_PK_PARSE_EC_COMPRESSED=y +CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=y +CONFIG_MBEDTLS_ECP_RESTARTABLE=n +CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=y +CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=y + +# Hash functions +CONFIG_MBEDTLS_MD_C=y +CONFIG_MBEDTLS_ROM_MD5=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_SHA1_C=y +CONFIG_MBEDTLS_SHA384_C=y +CONFIG_MBEDTLS_SHA512_C=y +CONFIG_MBEDTLS_MD5_C=y +CONFIG_MBEDTLS_SHA3_C=n + +CONFIG_MBEDTLS_HARDWARE_SHA=y +CONFIG_MBEDTLS_GCM_SUPPORT_NON_AES_CIPHER=y +CONFIG_MBEDTLS_HARDWARE_AES=y +CONFIG_MBEDTLS_AES_USE_INTERRUPT=y +CONFIG_MBEDTLS_AES_INTERRUPT_LEVEL=0 +CONFIG_MBEDTLS_PK_RSA_ALT_SUPPORT=y +CONFIG_MBEDTLS_HARDWARE_MPI=y +# CONFIG_MBEDTLS_LARGE_KEY_SOFTWARE_MPI=n +CONFIG_MBEDTLS_MPI_USE_INTERRUPT=y +CONFIG_MBEDTLS_MPI_INTERRUPT_LEVEL=0 +CONFIG_MBEDTLS_HARDWARE_ECC=y +CONFIG_MBEDTLS_ECC_OTHER_CURVES_SOFT_FALLBACK=y +CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN=n +CONFIG_MBEDTLS_HARDWARE_ECDSA_VERIFY=y +CONFIG_MBEDTLS_ATCA_HW_ECDSA_SIGN=n +CONFIG_MBEDTLS_ATCA_HW_ECDSA_VERIFY=n + +CONFIG_MBEDTLS_PKCS7_C=y +CONFIG_MBEDTLS_PKCS12_C=y +CONFIG_MBEDTLS_PKCS1_V15=y +CONFIG_MBEDTLS_PKCS1_V21=y + +CONFIG_MBEDTLS_ENTROPY_C=y +CONFIG_MBEDTLS_ENTROPY_FORCE_SHA256=n +CONFIG_MBEDTLS_CTR_DRBG_C=y +CONFIG_MBEDTLS_HMAC_DRBG_C=y + +CONFIG_MBEDTLS_BASE64_C=y + +CONFIG_MBEDTLS_CHACHA20_C=n +CONFIG_MBEDTLS_POLY1305_C=n +CONFIG_MBEDTLS_HKDF_C=n + +# +# End of mbedTLS Minimal Configuration Preset +# diff --git a/components/mbedtls/config/mbedtls_preset_minimal.conf b/components/mbedtls/config/mbedtls_preset_minimal.conf new file mode 100644 index 0000000000..1b44f12e2b --- /dev/null +++ b/components/mbedtls/config/mbedtls_preset_minimal.conf @@ -0,0 +1,102 @@ +# +# mbedTLS Minimal Configuration Preset +# + +# Core Configuration +CONFIG_MBEDTLS_FS_IO=n +CONFIG_MBEDTLS_ERROR_STRINGS=n +CONFIG_MBEDTLS_HAVE_TIME=n +CONFIG_MBEDTLS_SELF_TEST=n + +# Certificates +CONFIG_MBEDTLS_PEM_PARSE_C=n +CONFIG_MBEDTLS_PEM_WRITE_C=n +CONFIG_MBEDTLS_X509_REMOVE_INFO=y +CONFIG_MBEDTLS_X509_CRL_PARSE_C=n +CONFIG_MBEDTLS_X509_CSR_PARSE_C=n +CONFIG_MBEDTLS_X509_CRT_WRITE_C=n +CONFIG_MBEDTLS_X509_CSR_WRITE_C=n +CONFIG_MBEDTLS_X509_RSASSA_PSS_SUPPORT=n +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN=n +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE=y + +# TLS Protocol Configuration +CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n +CONFIG_MBEDTLS_TLS_CLIENT_ONLY=y +CONFIG_MBEDTLS_TLS_SERVER=n + +# TLS 1.3 Configuration +CONFIG_MBEDTLS_SSL_PROTO_TLS1_3=n + +# TLS Key Exchange Configuration +CONFIG_MBEDTLS_PSK_MODES=y +CONFIG_MBEDTLS_KEY_EXCHANGE_PSK=y +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK=n +CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_PSK=n +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA=n +CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA=n +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA=n +CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA=n +CONFIG_MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE=n +CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=n +CONFIG_MBEDTLS_SSL_ALPN=n +CONFIG_MBEDTLS_SSL_MAX_FRAGMENT_LENGTH=n +CONFIG_MBEDTLS_SSL_RENEGOTIATION=n +CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=n +CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=n + + +# Cipher Abstraction Layer +CONFIG_MBEDTLS_CIPHER_C=y + +# Symmetric Ciphers +CONFIG_MBEDTLS_ARIA_C=n +CONFIG_MBEDTLS_BLOWFISH_C=n +CONFIG_MBEDTLS_CCM_C=n +CONFIG_MBEDTLS_CIPHER_MODE_OFB=n +CONFIG_MBEDTLS_CIPHER_MODE_XTS=y +CONFIG_MBEDTLS_GCM_C=n +CONFIG_MBEDTLS_CIPHER_PADDING=n +CONFIG_MBEDTLS_CIPHER_PADDING_PKCS7=n +CONFIG_MBEDTLS_PKCS5_C=n +CONFIG_MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS=n +CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN=n +CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS=n +CONFIG_MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH=y +CONFIG_MBEDTLS_CMAC_C=n + +# Asymmetric Ciphers +CONFIG_MBEDTLS_RSA_C=y + +# Elliptic Curve Ciphers Configuration +CONFIG_MBEDTLS_ECP_C=n +CONFIG_MBEDTLS_ECP_NIST_OPTIM=n +CONFIG_MBEDTLS_DHM_C=n +CONFIG_MBEDTLS_ECDH_C=n +CONFIG_MBEDTLS_ECDSA_C=n +CONFIG_MBEDTLS_PK_PARSE_EC_EXTENDED=n +CONFIG_MBEDTLS_PK_PARSE_EC_COMPRESSED=n +CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=n +CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=n +CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=n + +# Hash functions +CONFIG_MBEDTLS_ROM_MD5=n +CONFIG_MBEDTLS_SHA1_C=n +CONFIG_MBEDTLS_SHA384_C=n +CONFIG_MBEDTLS_SHA512_C=n +CONFIG_MBEDTLS_MD5_C=n +# +# End of mbedTLS Minimal Configuration Preset +# diff --git a/components/mbedtls/port/aes/dma/esp_aes.c b/components/mbedtls/port/aes/dma/esp_aes.c index 696168a9c3..9136ff2d56 100644 --- a/components/mbedtls/port/aes/dma/esp_aes.c +++ b/components/mbedtls/port/aes/dma/esp_aes.c @@ -458,6 +458,7 @@ int esp_aes_crypt_ofb(esp_aes_context *ctx, return 0; } +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_CTR /* * AES-CTR buffer encryption/decryption */ @@ -529,3 +530,4 @@ int esp_aes_crypt_ctr(esp_aes_context *ctx, return 0; } +#endif /* CONFIG_MBEDTLS_CIPHER_MODE_CTR */ diff --git a/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c b/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c index 73addce23b..1b16c900b2 100644 --- a/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c +++ b/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c @@ -6,7 +6,7 @@ #ifdef ESP_PLATFORM #include "esp_system.h" #endif - +#include "sdkconfig.h" #include #include "utils/includes.h" #include "utils/common.h" @@ -469,6 +469,7 @@ void aes_decrypt_deinit(void *ctx) return aes_crypt_deinit(ctx); } +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_CBC int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) { int ret = 0; @@ -513,6 +514,7 @@ int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) return ret; } +#endif /* CONFIG_MBEDTLS_CIPHER_MODE_CBC */ #ifdef CONFIG_TLS_INTERNAL_CLIENT struct crypto_cipher { @@ -613,13 +615,14 @@ struct crypto_cipher *crypto_cipher_init(enum crypto_cipher_alg alg, key_len, MBEDTLS_DECRYPT) < 0) { goto cleanup; } - +#if defined(CONFIG_MBEDTLS_CIPHER_MODE_WITH_PADDING) if (mbedtls_cipher_set_padding_mode(&ctx->ctx_enc, MBEDTLS_PADDING_NONE) < 0) { goto cleanup; } if (mbedtls_cipher_set_padding_mode(&ctx->ctx_dec, MBEDTLS_PADDING_NONE) < 0) { goto cleanup; } +#endif /* CONFIG_MBEDTLS_CIPHER_MODE_WITH_PADDING */ return ctx; cleanup: @@ -673,6 +676,7 @@ void crypto_cipher_deinit(struct crypto_cipher *ctx) } #endif +#ifdef CONFIG_MBEDTLS_CIPHER_MODE_CTR int aes_ctr_encrypt(const u8 *key, size_t key_len, const u8 *nonce, u8 *data, size_t data_len) { @@ -692,6 +696,7 @@ cleanup: mbedtls_aes_free(&ctx); return ret; } +#endif /* CONFIG_MBEDTLS_CIPHER_MODE_CTR */ int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, u8 *data, size_t data_len) diff --git a/docs/en/api-reference/protocols/mbedtls.rst b/docs/en/api-reference/protocols/mbedtls.rst index 7179397414..87ce22ec2f 100644 --- a/docs/en/api-reference/protocols/mbedtls.rst +++ b/docs/en/api-reference/protocols/mbedtls.rst @@ -39,6 +39,133 @@ Please find the information about the Mbed TLS versions presented in different b Please refer the :ref:`migration_guide_mbedtls` to migrate from Mbed TLS version 2.x to version 3.0 or greater. +Configuration Presets +^^^^^^^^^^^^^^^^^^^^^^ + +ESP-IDF provides a preset-based configuration system for Mbed TLS to simplify setup and provide optimized starting points for different use cases. This system works alongside the existing manual configuration system and provides baseline configurations that can be further customized through menuconfig or additional configuration files. + +.. list-table:: + :header-rows: 1 + :widths: 15 25 35 + :align: center + + * - Preset + - Use Case + - Key Features + * - **Default** + - General purpose applications + - • TLS 1.2 & 1.3 support + • Certificate bundle enabled + • Hardware acceleration + • Full cipher suite support + * - **Minimal** + - Resource-constrained applications + - • TLS 1.2 client only + • RSA & PSK key exchange + • AES-128 CBC/CTR modes + • Basic X.509 parsing + * - **Bluetooth (BT)** + - Bluetooth applications + - • Optimized for BLE security + • ECC P-256 curve support + • Minimal TLS overhead + • Bluetooth-specific algorithms + +Using Configuration Presets +^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Presets serve as **starting points** for your mbedTLS configuration. You can use them as-is or customize them further using standard ESP-IDF configuration methods. + +To use a preset configuration, add the following line to your project's ``CMakeLists.txt`` file **before** the ``project()`` call: + +.. code-block:: cmake + + # Include the default preset (recommended for most applications) + list(APPEND sdkconfig_defaults $ENV{IDF_PATH}/components/mbedtls/config/mbedtls_preset_default.conf) + + # Or for resource-constrained applications + list(APPEND sdkconfig_defaults $ENV{IDF_PATH}/components/mbedtls/config/mbedtls_preset_minimal.conf) + + # Or for Bluetooth applications + list(APPEND sdkconfig_defaults $ENV{IDF_PATH}/components/mbedtls/config/mbedtls_preset_bt.conf) + + # Standard ESP-IDF project setup + include($ENV{IDF_PATH}/tools/cmake/project.cmake) + project(my_project) + +.. note:: + + The preset configurations are located in ``components/mbedtls/config/`` and can be customized or used as a starting point for your own configurations. + +Customizing Preset Configurations +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +After applying a preset, you can further customize the configuration using any of these methods: + +**Method 1: Using menuconfig (Recommended)** + +.. code-block:: bash + + # After applying a preset in CMakeLists.txt + idf.py menuconfig + +Navigate to ``Component Config -> mbedTLS`` to modify any settings. Your changes will override the preset defaults. + +**Method 2: Additional Configuration Files** + +You can combine a preset with your own custom configuration by creating an additional configuration file: + +.. code-block:: cmake + + # Use the minimal preset as a base, then add custom settings + list(APPEND SDKCONFIG_DEFAULTS + $ENV{IDF_PATH}/components/mbedtls/config/mbedtls_preset_minimal.conf + ${CMAKE_CURRENT_SOURCE_DIR}/my_custom_mbedtls.conf + ) + + +Migration from Manual Configuration +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The preset system complements manual configuration. If you have an existing manually configured mbedTLS setup: + +**Option 1: Keep Your Existing Configuration** + +Your current manual configuration will continue to work without any changes. + +**Option 2: Migrate to Preset + Customization** + +1. **Choose a base preset** that's closest to your current configuration +2. **Apply the preset** in your CMakeLists.txt +3. **Use menuconfig** to adjust settings to match your requirements +4. **Test thoroughly** to ensure functionality is maintained + +Configuration Categories +^^^^^^^^^^^^^^^^^^^^^^^^ + +The new mbedTLS configuration system is organized into logical categories for easier navigation: + +**Core Configuration** + Basic mbedTLS settings including memory allocation, threading, and debug options. + +**TLS Protocol Configuration** + TLS/DTLS protocol versions, modes (client/server), and protocol-specific features. + +**Symmetric Ciphers** + Block ciphers (AES, ARIA, etc.), cipher modes (CBC, GCM, etc.), and symmetric cryptography. + +**Asymmetric Ciphers** + RSA, ECC, and other public key cryptography algorithms. + +**Hash Functions** + Message digest algorithms (SHA-256, SHA-512, etc.) and HMAC. + +**Hardware Acceleration** + ESP32-specific hardware acceleration for cryptographic operations. + +**Certificate Support** + X.509 certificate parsing, validation, and certificate bundle management. + Application Examples -------------------- @@ -56,23 +183,87 @@ Alternatives Please refer to :ref:`ESP-TLS: Underlying SSL/TLS Library Options ` docs for more information on this and comparison of Mbed TLS and wolfSSL. - Important Config Options ------------------------ -Following is a brief list of important config options accessible at ``Component Config -> mbedTLS``. The full list of config options can be found :ref:`here `. +The Mbed TLS configuration system supports preset configurations. Following is a brief list of important config options accessible at ``Component Config -> mbedTLS``. The full list of config options can be found :ref:`here `. + +**Core Configuration:** .. list:: - - :ref:`CONFIG_MBEDTLS_SSL_PROTO_TLS1_2`: Support for TLS 1.2 - - :ref:`CONFIG_MBEDTLS_SSL_PROTO_TLS1_3`: Support for TLS 1.3 - - :ref:`CONFIG_MBEDTLS_CERTIFICATE_BUNDLE`: Support for trusted root certificate bundle (more about this: :doc:`/api-reference/protocols/esp_crt_bundle`) - - :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`: Support for TLS Session Resumption: Client session tickets - - :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`: Support for TLS Session Resumption: Server session tickets :SOC_SHA_SUPPORTED: - :ref:`CONFIG_MBEDTLS_HARDWARE_SHA`: Support for hardware SHA acceleration :SOC_AES_SUPPORTED: - :ref:`CONFIG_MBEDTLS_HARDWARE_AES`: Support for hardware AES acceleration :SOC_MPI_SUPPORTED: - :ref:`CONFIG_MBEDTLS_HARDWARE_MPI`: Support for hardware MPI (bignum) acceleration :SOC_ECC_SUPPORTED: - :ref:`CONFIG_MBEDTLS_HARDWARE_ECC`: Support for hardware ECC acceleration + - :ref:`CONFIG_MBEDTLS_MEM_ALLOC_MODE`: Memory allocation strategy (Internal/External/Custom) + - :ref:`CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN`: Asymmetric in/out fragment length for memory optimization + - :ref:`CONFIG_MBEDTLS_DYNAMIC_BUFFER`: Enable dynamic TX/RX buffer allocation + - :ref:`CONFIG_MBEDTLS_DEBUG`: Enable mbedTLS debugging (useful for development) + +**TLS Protocol Configuration:** + +.. list:: + + - :ref:`CONFIG_MBEDTLS_TLS_ENABLED`: Enable TLS protocol support + - :ref:`CONFIG_MBEDTLS_SSL_PROTO_TLS1_2`: Support for TLS 1.2 (recommended) + - :ref:`CONFIG_MBEDTLS_SSL_PROTO_TLS1_3`: Support for TLS 1.3 (latest standard) + - :ref:`CONFIG_MBEDTLS_SSL_PROTO_DTLS`: Support for DTLS (UDP-based TLS) + - :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`: Support for TLS Session Resumption: Client session tickets + - :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`: Support for TLS Session Resumption: Server session tickets + - :ref:`CONFIG_MBEDTLS_SSL_ALPN`: Support for Application Layer Protocol Negotiation + - :ref:`CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION`: Support for Server Name Indication (SNI) + +**Certificate Support:** + +.. list:: + + - :ref:`CONFIG_MBEDTLS_CERTIFICATE_BUNDLE`: Support for trusted root certificate bundle (more about this: :doc:`/api-reference/protocols/esp_crt_bundle`) + - :ref:`CONFIG_MBEDTLS_X509_USE_C`: Enable X.509 certificate support + - :ref:`CONFIG_MBEDTLS_PEM_PARSE_C`: Read & Parse PEM formatted certificates + - :ref:`CONFIG_MBEDTLS_PEM_WRITE_C`: Write PEM formatted certificates + - :ref:`CONFIG_MBEDTLS_X509_CRT_PARSE_C`: Parse X.509 certificates + - :ref:`CONFIG_MBEDTLS_X509_CRL_PARSE_C`: Parse X.509 Certificate Revocation Lists + +**Cryptographic Algorithms:** + +.. list:: + + - :ref:`CONFIG_MBEDTLS_AES_C`: AES block cipher support + - :ref:`CONFIG_MBEDTLS_RSA_C`: RSA public key cryptosystem + - :ref:`CONFIG_MBEDTLS_ECP_C`: Elliptic Curve Cryptography support + - :ref:`CONFIG_MBEDTLS_ECDSA_C`: Elliptic Curve Digital Signature Algorithm + - :ref:`CONFIG_MBEDTLS_ECDH_C`: Elliptic Curve Diffie-Hellman key exchange + - :ref:`CONFIG_MBEDTLS_SHA256_C`: SHA-256 hash function + - :ref:`CONFIG_MBEDTLS_SHA512_C`: SHA-512 hash function + - :ref:`CONFIG_MBEDTLS_GCM_C`: Galois/Counter Mode for authenticated encryption + +.. note:: + + The new configuration structure provides better organization with categories like "Core Configuration", "TLS Protocol Configuration", "Symmetric Ciphers", "Asymmetric Ciphers", "Hash Functions", and "Hardware Acceleration" for easier navigation and configuration management. + +Debugging mbedTLS +^^^^^^^^^^^^^^^^^ + +To enable debugging, add these configurations: + +.. code-block:: kconfig + + CONFIG_MBEDTLS_DEBUG=y + CONFIG_MBEDTLS_DEBUG_LEVEL=3 + CONFIG_LOG_DEFAULT_LEVEL_DEBUG=y + +Performance Optimization +^^^^^^^^^^^^^^^^^^^^^^^^ + +For optimal performance **Enable hardware acceleration** when available: + +.. code-block:: kconfig + + CONFIG_MBEDTLS_HARDWARE_AES=y + CONFIG_MBEDTLS_HARDWARE_SHA=y + CONFIG_MBEDTLS_HARDWARE_MPI=y + CONFIG_MBEDTLS_HARDWARE_ECC=y Performance and Memory Tweaks ----------------------------- diff --git a/examples/bluetooth/nimble/bleprph/CMakeLists.txt b/examples/bluetooth/nimble/bleprph/CMakeLists.txt index 55ce78a43a..32bafd2096 100644 --- a/examples/bluetooth/nimble/bleprph/CMakeLists.txt +++ b/examples/bluetooth/nimble/bleprph/CMakeLists.txt @@ -2,6 +2,10 @@ # CMakeLists in this exact order for cmake to work correctly cmake_minimum_required(VERSION 3.16) +# Include the Bluetooth-optimized mbedTLS preset configuration +# This provides optimized settings for Bluetooth applications +# You can customize these settings using 'idf.py menuconfig' or additional config files +list(APPEND sdkconfig_defaults $ENV{IDF_PATH}/components/mbedtls/config/mbedtls_preset_bt.conf) include($ENV{IDF_PATH}/tools/cmake/project.cmake) # "Trim" the build. Include the minimal set of components, main, and anything it depends on. idf_build_set_property(MINIMAL_BUILD ON) diff --git a/examples/protocols/https_request/CMakeLists.txt b/examples/protocols/https_request/CMakeLists.txt index ead3703a31..2a90face40 100644 --- a/examples/protocols/https_request/CMakeLists.txt +++ b/examples/protocols/https_request/CMakeLists.txt @@ -2,8 +2,13 @@ # CMakeLists in this exact order for cmake to work correctly cmake_minimum_required(VERSION 3.16) +# Include the default mbedTLS preset configuration +# This provides optimized settings for general-purpose TLS applications +# You can customize these settings using 'idf.py menuconfig' or additional config files +list(APPEND sdkconfig_defaults $ENV{IDF_PATH}/components/mbedtls/config/mbedtls_preset_default.conf) include($ENV{IDF_PATH}/tools/cmake/project.cmake) # "Trim" the build. Include the minimal set of components, main, and anything it depends on. idf_build_set_property(MINIMAL_BUILD ON) + project(https_request) diff --git a/examples/protocols/https_request/sdkconfig.ci.mbedtls_config b/examples/protocols/https_request/sdkconfig.ci.mbedtls_config index 47d6c14208..6db2b14061 100644 --- a/examples/protocols/https_request/sdkconfig.ci.mbedtls_config +++ b/examples/protocols/https_request/sdkconfig.ci.mbedtls_config @@ -6,6 +6,7 @@ # Few example dependencies need to be enabled by default for the build to succeed ############## CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y +CONFIG_MBEDTLS_SSL_PROTO_TLS1_3=n CONFIG_MBEDTLS_KEY_EXCHANGE_RSA=y CONFIG_MBEDTLS_AES_C=y ##############