From ba4306331468d874686120b92ba3cc07482c1302 Mon Sep 17 00:00:00 2001
From: Aditya Patwardhan <aditya.patwardhan@espressif.com>
Date: Tue, 1 Nov 2022 13:45:22 +0530
Subject: [PATCH] esp_http_client: Add option to use secure_element Closes
 https://github.com/espressif/esp-idf/issues/10071

---
 components/esp_http_client/esp_http_client.c       |  6 ++++++
 .../esp_http_client/include/esp_http_client.h      |  3 +++
 .../en/api-reference/protocols/esp_http_client.rst | 14 ++++++++++++++
 3 files changed, 23 insertions(+)

diff --git a/components/esp_http_client/esp_http_client.c b/components/esp_http_client/esp_http_client.c
index 49df738514..1507502101 100644
--- a/components/esp_http_client/esp_http_client.c
+++ b/components/esp_http_client/esp_http_client.c
@@ -655,6 +655,12 @@ esp_http_client_handle_t esp_http_client_init(const esp_http_client_config_t *co
         }
     }
 
+#if CONFIG_ESP_TLS_USE_SECURE_ELEMENT
+    if (config->use_secure_element) {
+        esp_transport_ssl_use_secure_element(ssl);
+    }
+#endif
+
     if (config->client_key_pem) {
         if (!config->client_key_len) {
             esp_transport_ssl_set_client_key_data(ssl, config->client_key_pem, strlen(config->client_key_pem));
diff --git a/components/esp_http_client/include/esp_http_client.h b/components/esp_http_client/include/esp_http_client.h
index e5e91650fc..ef0457aeb3 100644
--- a/components/esp_http_client/include/esp_http_client.h
+++ b/components/esp_http_client/include/esp_http_client.h
@@ -139,6 +139,9 @@ typedef struct {
     int                         keep_alive_interval; /*!< Keep-alive interval time. Default is 5 (second) */
     int                         keep_alive_count;    /*!< Keep-alive packet retry send count. Default is 3 counts */
     struct ifreq                *if_name;            /*!< The name of interface for data to go through. Use the default interface without setting */
+#if CONFIG_ESP_TLS_USE_SECURE_ELEMENT
+    bool use_secure_element;                /*!< Enable this option to use secure element */
+#endif
 } esp_http_client_config_t;
 
 /**
diff --git a/docs/en/api-reference/protocols/esp_http_client.rst b/docs/en/api-reference/protocols/esp_http_client.rst
index 54ba136c21..c44144bb98 100644
--- a/docs/en/api-reference/protocols/esp_http_client.rst
+++ b/docs/en/api-reference/protocols/esp_http_client.rst
@@ -31,6 +31,20 @@ To allow ESP HTTP client to take full advantage of persistent connections, one s
 
 Check out the example functions ``http_rest_with_url`` and ``http_rest_with_hostname_path`` in the application example. Here, once the connection is created, multiple requests (``GET``, ``POST``, ``PUT``, etc.) are made before the connection is closed.
 
+.. only:: esp32
+
+    Use Secure Element (ATECC608) for TLS
+    _____________________________________
+    
+    A secure element (ATECC608) can be also used for the underlying TLS connection in the HTTP client connection. Please refer to Secure Element with ESP-TLS section in the :doc:` ESP-TLS documentation</api-reference/protocols/esp_tls` for more details. The secure element support has to be first enabled in menuconfig through :ref:`CONFIG_ESP_TLS_USE_SECURE_ELEMENT`. Then the HTTP client can be configured to use secure element as follows:
+    
+    .. code-block:: c
+    
+        esp_http_client_config_t cfg = {
+            /* other configurations options */
+            .use_secure_element = true,
+        };
+
 HTTPS Request
 -------------