2016-09-21 06:36:30 +00:00
|
|
|
menu "mbedTLS"
|
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
choice MBEDTLS_MEM_ALLOC_MODE
|
|
|
|
prompt "Memory allocation strategy"
|
|
|
|
default MBEDTLS_INTERNAL_MEM_ALLOC
|
|
|
|
help
|
|
|
|
Allocation strategy for mbedTLS, essentially provides ability to
|
|
|
|
allocate all required dynamic allocations from,
|
2018-09-19 09:59:20 +00:00
|
|
|
|
|
|
|
- Internal DRAM memory only
|
|
|
|
- External SPIRAM memory only
|
|
|
|
- Either internal or external memory based on default malloc()
|
|
|
|
behavior in ESP-IDF
|
|
|
|
- Custom allocation mode, by overwriting calloc()/free() using
|
|
|
|
mbedtls_platform_set_calloc_free() function
|
2020-02-26 12:21:59 +00:00
|
|
|
- Internal IRAM memory wherever applicable else internal DRAM
|
2018-09-19 09:59:20 +00:00
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
Recommended mode here is always internal, since that is most preferred
|
|
|
|
from security perspective. But if application requirement does not
|
|
|
|
allow sufficient free internal memory then alternate mode can be
|
|
|
|
selected.
|
|
|
|
|
|
|
|
config MBEDTLS_INTERNAL_MEM_ALLOC
|
|
|
|
bool "Internal memory"
|
|
|
|
|
|
|
|
config MBEDTLS_EXTERNAL_MEM_ALLOC
|
|
|
|
bool "External SPIRAM"
|
2019-04-30 10:51:55 +00:00
|
|
|
depends on ESP32_SPIRAM_SUPPORT
|
2019-01-25 16:10:53 +00:00
|
|
|
|
|
|
|
config MBEDTLS_DEFAULT_MEM_ALLOC
|
|
|
|
bool "Default alloc mode"
|
|
|
|
|
|
|
|
config MBEDTLS_CUSTOM_MEM_ALLOC
|
|
|
|
bool "Custom alloc mode"
|
|
|
|
|
2020-02-26 12:21:59 +00:00
|
|
|
config MBEDTLS_IRAM_8BIT_MEM_ALLOC
|
|
|
|
bool "Internal IRAM"
|
|
|
|
depends on ESP32_IRAM_AS_8BIT_ACCESSIBLE_MEMORY
|
|
|
|
help
|
|
|
|
Allows to use IRAM memory region as 8bit accessible region.
|
|
|
|
|
|
|
|
TLS input and output buffers will be allocated in IRAM section which is 32bit aligned
|
|
|
|
memory. Every unaligned (8bit or 16bit) access will result in an exception
|
|
|
|
and incur penalty of certain clock cycles per unaligned read/write.
|
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
endchoice #MBEDTLS_MEM_ALLOC_MODE
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_MAX_CONTENT_LEN
|
|
|
|
int "TLS maximum message content length"
|
|
|
|
default 16384
|
|
|
|
range 512 16384
|
|
|
|
depends on !MBEDTLS_ASYMMETRIC_CONTENT_LEN
|
|
|
|
help
|
|
|
|
Maximum TLS message length (in bytes) supported by mbedTLS.
|
|
|
|
|
|
|
|
16384 is the default and this value is required to comply
|
|
|
|
fully with TLS standards.
|
|
|
|
|
|
|
|
However you can set a lower value in order to save RAM. This
|
|
|
|
is safe if the other end of the connection supports Maximum
|
|
|
|
Fragment Length Negotiation Extension (max_fragment_length,
|
|
|
|
see RFC6066) or you know for certain that it will never send a
|
|
|
|
message longer than a certain number of bytes.
|
|
|
|
|
|
|
|
If the value is set too low, symptoms are a failed TLS
|
|
|
|
handshake or a return value of MBEDTLS_ERR_SSL_INVALID_RECORD
|
|
|
|
(-0x7200).
|
|
|
|
|
|
|
|
config MBEDTLS_ASYMMETRIC_CONTENT_LEN
|
|
|
|
bool "Asymmetric in/out fragment length"
|
2019-07-30 11:18:03 +00:00
|
|
|
default y
|
2019-01-25 16:10:53 +00:00
|
|
|
help
|
|
|
|
If enabled, this option allows customizing TLS in/out fragment length
|
|
|
|
in asymmetric way. Please note that enabling this with default values
|
|
|
|
saves 12KB of dynamic memory per TLS connection.
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_IN_CONTENT_LEN
|
|
|
|
int "TLS maximum incoming fragment length"
|
|
|
|
default 16384
|
|
|
|
range 512 16384
|
|
|
|
depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN
|
|
|
|
help
|
|
|
|
This defines maximum incoming fragment length, overriding default
|
|
|
|
maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN).
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_OUT_CONTENT_LEN
|
|
|
|
int "TLS maximum outgoing fragment length"
|
|
|
|
default 4096
|
|
|
|
range 512 16384
|
|
|
|
depends on MBEDTLS_ASYMMETRIC_CONTENT_LEN
|
|
|
|
help
|
|
|
|
This defines maximum outgoing fragment length, overriding default
|
|
|
|
maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN).
|
|
|
|
|
2020-04-10 08:33:54 +00:00
|
|
|
config MBEDTLS_DYNAMIC_BUFFER
|
|
|
|
bool "Using dynamic TX/RX buffer"
|
|
|
|
default n
|
|
|
|
select MBEDTLS_ASYMMETRIC_CONTENT_LEN
|
|
|
|
help
|
|
|
|
Using dynamic TX/RX buffer. After enabling this option, mbedTLS will
|
|
|
|
allocate TX buffer when need to send data and then free it if all data
|
|
|
|
is sent, allocate RX buffer when need to receive data and then free it
|
|
|
|
when all data is used or read by upper layer.
|
|
|
|
|
|
|
|
By default, when SSL is initialized, mbedTLS also allocate TX and
|
|
|
|
RX buffer with the default value of "MBEDTLS_SSL_OUT_CONTENT_LEN" or
|
|
|
|
"MBEDTLS_SSL_IN_CONTENT_LEN", so to save more heap, users can set
|
|
|
|
the options to be an appropriate value.
|
|
|
|
|
|
|
|
config MBEDTLS_DYNAMIC_FREE_PEER_CERT
|
|
|
|
bool "Free SSL peer certificate after its usage"
|
|
|
|
default n
|
|
|
|
depends on MBEDTLS_DYNAMIC_BUFFER
|
|
|
|
help
|
|
|
|
Free peer certificate after its usage in handshake process.
|
|
|
|
|
|
|
|
config MBEDTLS_DYNAMIC_FREE_CONFIG_DATA
|
|
|
|
bool "Free certificate, key and DHM data after its usage"
|
|
|
|
default n
|
|
|
|
depends on MBEDTLS_DYNAMIC_BUFFER
|
|
|
|
help
|
|
|
|
Free certificate, private key and DHM data after its usage in handshake process.
|
|
|
|
|
|
|
|
The option will decrease heap cost when handshake, but also lead to problem:
|
|
|
|
|
|
|
|
Becasue all certificate, private key and DHM data are freed so users should register
|
|
|
|
certificate and private key to ssl config object again.
|
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
config MBEDTLS_DEBUG
|
|
|
|
bool "Enable mbedTLS debugging"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable mbedTLS debugging functions at compile time.
|
|
|
|
|
|
|
|
If this option is enabled, you can include
|
|
|
|
"mbedtls/esp_debug.h" and call mbedtls_esp_enable_debug_log()
|
|
|
|
at runtime in order to enable mbedTLS debug output via the ESP
|
|
|
|
log mechanism.
|
|
|
|
|
2019-06-06 12:58:19 +00:00
|
|
|
choice MBEDTLS_DEBUG_LEVEL
|
|
|
|
bool "Set mbedTLS debugging level"
|
|
|
|
depends on MBEDTLS_DEBUG
|
|
|
|
default MBEDTLS_DEBUG_LEVEL_VERBOSE
|
|
|
|
help
|
|
|
|
Set mbedTLS debugging level
|
|
|
|
|
|
|
|
config MBEDTLS_DEBUG_LEVEL_WARN
|
|
|
|
bool "Warning"
|
|
|
|
config MBEDTLS_DEBUG_LEVEL_INFO
|
|
|
|
bool "Info"
|
|
|
|
config MBEDTLS_DEBUG_LEVEL_DEBUG
|
|
|
|
bool "Debug"
|
|
|
|
config MBEDTLS_DEBUG_LEVEL_VERBOSE
|
|
|
|
bool "Verbose"
|
|
|
|
endchoice
|
|
|
|
|
|
|
|
config MBEDTLS_DEBUG_LEVEL
|
|
|
|
int
|
|
|
|
default 1 if MBEDTLS_DEBUG_LEVEL_WARN
|
|
|
|
default 2 if MBEDTLS_DEBUG_LEVEL_INFO
|
|
|
|
default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG
|
|
|
|
default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE
|
|
|
|
|
2019-09-29 10:04:34 +00:00
|
|
|
|
|
|
|
menu "Certificate Bundle"
|
|
|
|
|
|
|
|
config MBEDTLS_CERTIFICATE_BUNDLE
|
|
|
|
bool "Enable trusted root certificate bundle"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for large number of default root certificates
|
|
|
|
|
|
|
|
When enabled this option allows user to store default as well
|
|
|
|
as customer specific root certificates in compressed format rather
|
|
|
|
than storing full certificate. For the root certificates the public key and the subject name
|
|
|
|
will be stored.
|
|
|
|
|
|
|
|
choice MBEDTLS_DEFAULT_CERTIFICATE_BUNDLE
|
|
|
|
bool "Default certificate bundle options"
|
|
|
|
depends on MBEDTLS_CERTIFICATE_BUNDLE
|
|
|
|
default MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL
|
|
|
|
|
|
|
|
config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL
|
|
|
|
bool "Use the full default certificate bundle"
|
|
|
|
config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN
|
|
|
|
bool "Use only the most common certificates from the default bundles"
|
|
|
|
help
|
|
|
|
Use only the most common certificates from the default bundles, reducing the size with 50%,
|
|
|
|
while still having around 99% coverage.
|
|
|
|
config MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE
|
|
|
|
bool "Do not use the default certificate bundle"
|
|
|
|
endchoice
|
|
|
|
|
|
|
|
config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE
|
|
|
|
depends on MBEDTLS_CERTIFICATE_BUNDLE
|
|
|
|
default n
|
|
|
|
bool "Add custom certificates to the default bundle"
|
|
|
|
config MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE_PATH
|
|
|
|
depends on MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE
|
|
|
|
string "Custom certificate bundle path"
|
|
|
|
help
|
|
|
|
Name of the custom certificate directory or file. This path is evaluated
|
|
|
|
relative to the project root directory.
|
|
|
|
endmenu
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-09-30 06:15:43 +00:00
|
|
|
config MBEDTLS_ECP_RESTARTABLE
|
|
|
|
bool "Enable mbedTLS ecp restartable"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable "non-blocking" ECC operations that can return early and be resumed.
|
|
|
|
|
|
|
|
config MBEDTLS_CMAC_C
|
|
|
|
bool "Enable CMAC mode for block ciphers"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable the CMAC (Cipher-based Message Authentication Code) mode for
|
|
|
|
block ciphers.
|
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
config MBEDTLS_HARDWARE_AES
|
|
|
|
bool "Enable hardware AES acceleration"
|
|
|
|
default y
|
2019-12-18 06:36:58 +00:00
|
|
|
depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST
|
2019-01-25 16:10:53 +00:00
|
|
|
help
|
|
|
|
Enable hardware accelerated AES encryption & decryption.
|
|
|
|
|
|
|
|
Note that if the ESP32 CPU is running at 240MHz, hardware AES does not
|
|
|
|
offer any speed boost over software AES.
|
|
|
|
|
2020-01-16 06:31:10 +00:00
|
|
|
config MBEDTLS_AES_USE_INTERRUPT
|
|
|
|
bool "Use interrupt for long AES operations"
|
2020-03-10 05:53:09 +00:00
|
|
|
depends on IDF_TARGET_ESP32S2 && MBEDTLS_HARDWARE_AES
|
2020-01-16 06:31:10 +00:00
|
|
|
default y
|
|
|
|
help
|
|
|
|
Use an interrupt to coordinate long AES operations.
|
|
|
|
|
|
|
|
This allows other code to run on the CPU while an AES operation is pending.
|
|
|
|
Otherwise the CPU busy-waits.
|
|
|
|
|
|
|
|
config MBEDTLS_HARDWARE_GCM
|
|
|
|
bool "Enable partially hardware accelerated GCM"
|
2020-03-10 05:53:09 +00:00
|
|
|
depends on IDF_TARGET_ESP32S2 && MBEDTLS_HARDWARE_AES
|
2020-03-17 10:21:30 +00:00
|
|
|
default y
|
2020-01-16 06:31:10 +00:00
|
|
|
help
|
2020-03-10 05:53:09 +00:00
|
|
|
Enable partially hardware accelerated GCM. GHASH calculation is still done
|
|
|
|
in software.
|
2020-01-16 06:31:10 +00:00
|
|
|
|
2020-03-10 05:53:09 +00:00
|
|
|
If MBEDTLS_HARDWARE_GCM is disabled and MBEDTLS_HARDWARE_AES is enabled then
|
|
|
|
mbedTLS will still use the hardware accelerated AES block operation, but
|
|
|
|
on a single block at a time.
|
2020-01-16 06:31:10 +00:00
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
config MBEDTLS_HARDWARE_MPI
|
|
|
|
bool "Enable hardware MPI (bignum) acceleration"
|
mbedtls: Add Montgomery exponentiation implementation (HAC 14.94)
It gave us a better performance of RSA operations. (2~11 times)
The old modexp implementation (Z = X ^ Y mod M) loaded all the data into
the hw registers and was waiting for completion, but due to
the hardware RSA implementation, the calculations always started with 4096 bit,
which took a lot of time.
Measurement results (measurements were made for keys: 2048, 3072 and 4096 bits)
(Old) - Sliding-window exponentiation (HAC 14.85):
keysize = 2048 bits
RSA key operation (performance): public [93206 us], private [280189 us]
keysize = 3072 bits
RSA key operation (performance): public [293614 us], private [858157 us]
keysize = 4096 bits
RSA key operation (performance): public [653192 us], private [1912126 us]
Instead (Old) - Sliding-window exponentiation (HAC 14.85) was implemented
(New) - Montgomery exponentiation (HAC 14.94) which showed
better performance on private and public keys.
keysize = 2048 bits
RSA key operation (performance): public [14504 us], private [149456 us]
keysize = 3072 bits
RSA key operation (performance): public [35073 us], private [392743 us]
keysize = 4096 bits
RSA key operation (performance): public [58650 us], private [787186 us]
For this reason, the old implementation was removed
and the MBEDTLS_HARDWARE_MPI option was turned on by default.
Why the MPI_INTERRUPT option is removed:
the old implementation used calculations on the hardware and
it took a lot of time (10ms - 500ms). And in order not to stand idle
while waiting for completion, an interrupt option was added.
This made it possible to carry out other tasks during the calculation,
and this one to block. The new method is free from such a drawback and
the maximum duration of one RSA HW operation does not exceed 70us (usually 2-70 μs).
This option is no longer needed.
Closes: IDF-965
2019-10-19 10:03:18 +00:00
|
|
|
default y
|
2019-12-18 06:36:58 +00:00
|
|
|
depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST
|
2019-01-25 16:10:53 +00:00
|
|
|
help
|
|
|
|
Enable hardware accelerated multiple precision integer operations.
|
|
|
|
|
|
|
|
Hardware accelerated multiplication, modulo multiplication,
|
|
|
|
and modular exponentiation for up to 4096 bit results.
|
|
|
|
|
|
|
|
These operations are used by RSA.
|
|
|
|
|
|
|
|
config MBEDTLS_HARDWARE_SHA
|
|
|
|
bool "Enable hardware SHA acceleration"
|
2019-10-17 08:30:46 +00:00
|
|
|
default y
|
2019-12-18 06:36:58 +00:00
|
|
|
depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST
|
2019-01-25 16:10:53 +00:00
|
|
|
help
|
|
|
|
Enable hardware accelerated SHA1, SHA256, SHA384 & SHA512 in mbedTLS.
|
|
|
|
|
2020-01-16 06:31:10 +00:00
|
|
|
Due to a hardware limitation, on the ESP32 hardware acceleration is only
|
2019-01-25 16:10:53 +00:00
|
|
|
guaranteed if SHA digests are calculated one at a time. If more
|
|
|
|
than one SHA digest is calculated at the same time, one will
|
|
|
|
be calculated fully in hardware and the rest will be calculated
|
|
|
|
(at least partially calculated) in software. This happens automatically.
|
|
|
|
|
|
|
|
SHA hardware acceleration is faster than software in some situations but
|
|
|
|
slower in others. You should benchmark to find the best setting for you.
|
|
|
|
|
|
|
|
config MBEDTLS_HAVE_TIME
|
|
|
|
bool "Enable mbedtls time"
|
|
|
|
depends on !ESP32_TIME_SYSCALL_USE_NONE
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
System has time.h and time().
|
|
|
|
The time does not need to be correct, only time differences are used.
|
|
|
|
|
|
|
|
config MBEDTLS_HAVE_TIME_DATE
|
|
|
|
bool "Enable mbedtls certificate expiry check"
|
|
|
|
depends on MBEDTLS_HAVE_TIME
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
System has time.h and time(), gmtime() and the clock is correct.
|
|
|
|
The time needs to be correct (not necesarily very accurate, but at least
|
|
|
|
the date should be correct). This is used to verify the validity period of
|
|
|
|
X.509 certificates.
|
|
|
|
|
|
|
|
It is suggested that you should get the real time by "SNTP".
|
|
|
|
|
2020-04-23 06:11:24 +00:00
|
|
|
config MBEDTLS_ECDSA_DETERMINISTIC
|
|
|
|
bool "Enable deterministic ECDSA"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Standard ECDSA is "fragile" in the sense that lack of entropy when signing
|
|
|
|
may result in a compromise of the long-term signing key.
|
|
|
|
|
|
|
|
config MBEDTLS_SHA512_C
|
|
|
|
bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable MBEDTLS_SHA512_C adds support for SHA-384 and SHA-512.
|
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
choice MBEDTLS_TLS_MODE
|
|
|
|
bool "TLS Protocol Role"
|
|
|
|
default MBEDTLS_TLS_SERVER_AND_CLIENT
|
|
|
|
help
|
|
|
|
mbedTLS can be compiled with protocol support for the TLS
|
|
|
|
server, TLS client, or both server and client.
|
|
|
|
|
|
|
|
Reducing the number of TLS roles supported saves code size.
|
|
|
|
|
|
|
|
config MBEDTLS_TLS_SERVER_AND_CLIENT
|
|
|
|
bool "Server & Client"
|
|
|
|
select MBEDTLS_TLS_SERVER
|
|
|
|
select MBEDTLS_TLS_CLIENT
|
|
|
|
config MBEDTLS_TLS_SERVER_ONLY
|
|
|
|
bool "Server"
|
|
|
|
select MBEDTLS_TLS_SERVER
|
|
|
|
config MBEDTLS_TLS_CLIENT_ONLY
|
|
|
|
bool "Client"
|
|
|
|
select MBEDTLS_TLS_CLIENT
|
|
|
|
config MBEDTLS_TLS_DISABLED
|
|
|
|
bool "None"
|
|
|
|
|
|
|
|
endchoice
|
|
|
|
|
|
|
|
config MBEDTLS_TLS_SERVER
|
|
|
|
bool
|
|
|
|
select MBEDTLS_TLS_ENABLED
|
|
|
|
config MBEDTLS_TLS_CLIENT
|
|
|
|
bool
|
|
|
|
select MBEDTLS_TLS_ENABLED
|
|
|
|
config MBEDTLS_TLS_ENABLED
|
|
|
|
bool
|
|
|
|
|
|
|
|
menu "TLS Key Exchange Methods"
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
|
|
|
|
config MBEDTLS_PSK_MODES
|
|
|
|
bool "Enable pre-shared-key ciphersuites"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable to show configuration for different types of pre-shared-key TLS authentatication methods.
|
|
|
|
|
|
|
|
Leaving this options disabled will save code size if they are not used.
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_PSK
|
|
|
|
bool "Enable PSK based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_PSK_MODES
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable to support symmetric key PSK (pre-shared-key) TLS key exchange modes.
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_DHE_PSK
|
|
|
|
bool "Enable DHE-PSK based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_PSK_MODES
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support Diffie-Hellman PSK (pre-shared-key) TLS authentication modes.
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
|
|
|
|
bool "Enable ECDHE-PSK based ciphersuite modes"
|
2019-08-30 05:01:43 +00:00
|
|
|
depends on MBEDTLS_PSK_MODES && MBEDTLS_ECDH_C
|
2019-01-25 16:10:53 +00:00
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support Elliptic-Curve-Diffie-Hellman PSK (pre-shared-key) TLS authentication modes.
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_RSA_PSK
|
|
|
|
bool "Enable RSA-PSK based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_PSK_MODES
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support RSA PSK (pre-shared-key) TLS authentication modes.
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_RSA
|
|
|
|
bool "Enable RSA-only based ciphersuite modes"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support ciphersuites with prefix TLS-RSA-WITH-
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_DHE_RSA
|
|
|
|
bool "Enable DHE-RSA based ciphersuite modes"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support ciphersuites with prefix TLS-DHE-RSA-WITH-
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE
|
|
|
|
bool "Support Elliptic Curve based ciphersuites"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to show Elliptic Curve based ciphersuite mode options.
|
|
|
|
|
|
|
|
Disabling all Elliptic Curve ciphersuites saves code size and
|
|
|
|
can give slightly faster TLS handshakes, provided the server supports
|
|
|
|
RSA-only ciphersuite modes.
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
|
|
|
|
bool "Enable ECDHE-RSA based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH-
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
|
|
|
|
bool "Enable ECDHE-ECDSA based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH-
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
|
|
|
|
bool "Enable ECDH-ECDSA based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C && MBEDTLS_ECDSA_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH-
|
|
|
|
|
|
|
|
config MBEDTLS_KEY_EXCHANGE_ECDH_RSA
|
|
|
|
bool "Enable ECDH-RSA based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE && MBEDTLS_ECDH_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH-
|
|
|
|
|
2020-04-12 10:20:10 +00:00
|
|
|
config MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
|
|
|
bool "Enable ECJPAKE based ciphersuite modes"
|
|
|
|
depends on MBEDTLS_ECJPAKE_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable to support ciphersuites with prefix TLS-ECJPAKE-WITH-
|
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
endmenu # TLS key exchange modes
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_RENEGOTIATION
|
|
|
|
bool "Support TLS renegotiation"
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
The two main uses of renegotiation are (1) refresh keys on long-lived
|
|
|
|
connections and (2) client authentication after the initial handshake.
|
|
|
|
If you don't need renegotiation, disabling it will save code size and
|
|
|
|
reduce the possibility of abuse/vulnerability.
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_PROTO_SSL3
|
|
|
|
bool "Legacy SSL 3.0 support"
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Support the legacy SSL 3.0 protocol. Most servers will speak a newer
|
|
|
|
TLS protocol these days.
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_PROTO_TLS1
|
|
|
|
bool "Support TLS 1.0 protocol"
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
default y
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_PROTO_TLS1_1
|
|
|
|
bool "Support TLS 1.1 protocol"
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
default y
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_PROTO_TLS1_2
|
|
|
|
bool "Support TLS 1.2 protocol"
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
default y
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_PROTO_DTLS
|
|
|
|
bool "Support DTLS protocol (all versions)"
|
|
|
|
default n
|
|
|
|
depends on MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2
|
|
|
|
help
|
|
|
|
Requires TLS 1.1 to be enabled for DTLS 1.0
|
|
|
|
Requires TLS 1.2 to be enabled for DTLS 1.2
|
|
|
|
|
|
|
|
config MBEDTLS_SSL_ALPN
|
|
|
|
bool "Support ALPN (Application Layer Protocol Negotiation)"
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Disabling this option will save some code size if it is not needed.
|
|
|
|
|
2018-10-16 00:28:29 +00:00
|
|
|
config MBEDTLS_CLIENT_SSL_SESSION_TICKETS
|
|
|
|
bool "TLS: Client Support for RFC 5077 SSL session tickets"
|
2019-01-25 16:10:53 +00:00
|
|
|
default y
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
help
|
2018-10-16 00:28:29 +00:00
|
|
|
Client support for RFC 5077 session tickets. See mbedTLS documentation for more details.
|
|
|
|
Disabling this option will save some code size.
|
2019-01-25 16:10:53 +00:00
|
|
|
|
2018-10-16 00:28:29 +00:00
|
|
|
config MBEDTLS_SERVER_SSL_SESSION_TICKETS
|
|
|
|
bool "TLS: Server Support for RFC 5077 SSL session tickets"
|
|
|
|
default y
|
|
|
|
depends on MBEDTLS_TLS_ENABLED
|
|
|
|
help
|
|
|
|
Server support for RFC 5077 session tickets. See mbedTLS documentation for more details.
|
2019-01-25 16:10:53 +00:00
|
|
|
Disabling this option will save some code size.
|
|
|
|
|
|
|
|
menu "Symmetric Ciphers"
|
|
|
|
|
|
|
|
config MBEDTLS_AES_C
|
|
|
|
bool "AES block cipher"
|
|
|
|
default y
|
|
|
|
|
|
|
|
config MBEDTLS_CAMELLIA_C
|
|
|
|
bool "Camellia block cipher"
|
|
|
|
default n
|
|
|
|
|
|
|
|
config MBEDTLS_DES_C
|
|
|
|
bool "DES block cipher (legacy, insecure)"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enables the DES block cipher to support 3DES-based TLS ciphersuites.
|
|
|
|
|
|
|
|
3DES is vulnerable to the Sweet32 attack and should only be enabled
|
|
|
|
if absolutely necessary.
|
|
|
|
|
|
|
|
choice MBEDTLS_RC4_MODE
|
|
|
|
prompt "RC4 Stream Cipher (legacy, insecure)"
|
|
|
|
default MBEDTLS_RC4_DISABLED
|
|
|
|
help
|
|
|
|
ARCFOUR (RC4) stream cipher can be disabled entirely, enabled but not
|
|
|
|
added to default ciphersuites, or enabled completely.
|
|
|
|
|
|
|
|
Please consider the security implications before enabling RC4.
|
|
|
|
|
|
|
|
config MBEDTLS_RC4_DISABLED
|
|
|
|
bool "Disabled"
|
|
|
|
config MBEDTLS_RC4_ENABLED_NO_DEFAULT
|
|
|
|
bool "Enabled, not in default ciphersuites"
|
|
|
|
config MBEDTLS_RC4_ENABLED
|
|
|
|
bool "Enabled"
|
|
|
|
endchoice
|
|
|
|
|
|
|
|
config MBEDTLS_BLOWFISH_C
|
|
|
|
bool "Blowfish block cipher (read help)"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enables the Blowfish block cipher (not used for TLS sessions.)
|
|
|
|
|
|
|
|
The Blowfish cipher is not used for mbedTLS TLS sessions but can be
|
|
|
|
used for other purposes. Read up on the limitations of Blowfish (including
|
|
|
|
Sweet32) before enabling.
|
|
|
|
|
|
|
|
config MBEDTLS_XTEA_C
|
|
|
|
bool "XTEA block cipher"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enables the XTEA block cipher.
|
|
|
|
|
|
|
|
|
|
|
|
config MBEDTLS_CCM_C
|
|
|
|
bool "CCM (Counter with CBC-MAC) block cipher modes"
|
|
|
|
default y
|
|
|
|
depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C
|
|
|
|
help
|
|
|
|
Enable Counter with CBC-MAC (CCM) modes for AES and/or Camellia ciphers.
|
|
|
|
|
|
|
|
Disabling this option saves some code size.
|
|
|
|
|
|
|
|
config MBEDTLS_GCM_C
|
|
|
|
bool "GCM (Galois/Counter) block cipher modes"
|
|
|
|
default y
|
|
|
|
depends on MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C
|
|
|
|
help
|
|
|
|
Enable Galois/Counter Mode for AES and/or Camellia ciphers.
|
|
|
|
|
|
|
|
This option is generally faster than CCM.
|
|
|
|
|
|
|
|
endmenu # Symmetric Ciphers
|
|
|
|
|
|
|
|
config MBEDTLS_RIPEMD160_C
|
|
|
|
bool "Enable RIPEMD-160 hash algorithm"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable the RIPEMD-160 hash algorithm.
|
|
|
|
|
|
|
|
menu "Certificates"
|
|
|
|
|
|
|
|
config MBEDTLS_PEM_PARSE_C
|
|
|
|
bool "Read & Parse PEM formatted certificates"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable decoding/parsing of PEM formatted certificates.
|
|
|
|
|
|
|
|
If your certificates are all in the simpler DER format, disabling
|
|
|
|
this option will save some code size.
|
|
|
|
|
|
|
|
config MBEDTLS_PEM_WRITE_C
|
|
|
|
bool "Write PEM formatted certificates"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable writing of PEM formatted certificates.
|
|
|
|
|
|
|
|
If writing certificate data only in DER format, disabling this
|
|
|
|
option will save some code size.
|
|
|
|
|
|
|
|
config MBEDTLS_X509_CRL_PARSE_C
|
|
|
|
bool "X.509 CRL parsing"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Support for parsing X.509 Certifificate Revocation Lists.
|
|
|
|
|
|
|
|
config MBEDTLS_X509_CSR_PARSE_C
|
|
|
|
bool "X.509 CSR parsing"
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Support for parsing X.509 Certifificate Signing Requests
|
|
|
|
|
|
|
|
endmenu # Certificates
|
|
|
|
|
|
|
|
menuconfig MBEDTLS_ECP_C
|
|
|
|
bool "Elliptic Curve Ciphers"
|
|
|
|
default y
|
|
|
|
|
|
|
|
config MBEDTLS_ECDH_C
|
|
|
|
bool "Elliptic Curve Diffie-Hellman (ECDH)"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable ECDH. Needed to use ECDHE-xxx TLS ciphersuites.
|
|
|
|
|
|
|
|
config MBEDTLS_ECDSA_C
|
|
|
|
bool "Elliptic Curve DSA"
|
|
|
|
depends on MBEDTLS_ECDH_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable ECDSA. Needed to use ECDSA-xxx TLS ciphersuites.
|
|
|
|
|
2020-04-12 10:20:10 +00:00
|
|
|
config MBEDTLS_ECJPAKE_C
|
|
|
|
bool "Elliptic curve J-PAKE"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable ECJPAKE. Needed to use ECJPAKE-xxx TLS ciphersuites.
|
|
|
|
|
2019-01-25 16:10:53 +00:00
|
|
|
config MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
|
|
|
bool "Enable SECP192R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP192R1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_SECP224R1_ENABLED
|
|
|
|
bool "Enable SECP224R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP224R1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
|
|
|
bool "Enable SECP256R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP256R1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
|
|
|
bool "Enable SECP384R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP384R1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
|
|
|
bool "Enable SECP521R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP521R1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_SECP192K1_ENABLED
|
|
|
|
bool "Enable SECP192K1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP192K1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_SECP224K1_ENABLED
|
|
|
|
bool "Enable SECP224K1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP224K1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_SECP256K1_ENABLED
|
|
|
|
bool "Enable SECP256K1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for SECP256K1 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_BP256R1_ENABLED
|
|
|
|
bool "Enable BP256R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
support for DP Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_BP384R1_ENABLED
|
|
|
|
bool "Enable BP384R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
support for DP Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_BP512R1_ENABLED
|
|
|
|
bool "Enable BP512R1 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
support for DP Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
|
|
|
bool "Enable CURVE25519 curve"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable support for CURVE25519 Elliptic Curve.
|
|
|
|
|
|
|
|
config MBEDTLS_ECP_NIST_OPTIM
|
|
|
|
bool "NIST 'modulo p' optimisations"
|
|
|
|
depends on MBEDTLS_ECP_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
NIST 'modulo p' optimisations increase Elliptic Curve operation performance.
|
|
|
|
|
|
|
|
Disabling this option saves some code size.
|
|
|
|
|
|
|
|
# end of Elliptic Curve options
|
2017-08-18 07:44:33 +00:00
|
|
|
|
2020-05-05 16:22:56 +00:00
|
|
|
config MBEDTLS_POLY1305_C
|
|
|
|
bool "Poly1305 MAC algorithm"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable support for Poly1305 MAC algorithm.
|
|
|
|
|
|
|
|
config MBEDTLS_CHACHA20_C
|
|
|
|
bool "Chacha20 stream cipher"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable support for Chacha20 stream cipher.
|
|
|
|
|
|
|
|
config MBEDTLS_CHACHAPOLY_C
|
|
|
|
bool "ChaCha20-Poly1305 AEAD algorithm"
|
|
|
|
default n
|
|
|
|
depends on MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C
|
|
|
|
help
|
2020-05-10 12:41:17 +00:00
|
|
|
Enable support for ChaCha20-Poly1305 AEAD algorithm.
|
|
|
|
|
|
|
|
config MBEDTLS_HKDF_C
|
|
|
|
bool "HKDF algorithm (RFC 5869)"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable support for the Hashed Message Authentication Code
|
|
|
|
(HMAC)-based key derivation function (HKDF).
|
2020-05-05 16:22:56 +00:00
|
|
|
|
2020-04-23 06:11:24 +00:00
|
|
|
config MBEDTLS_THREADING_C
|
|
|
|
bool "Enable the threading abstraction layer"
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
If you do intend to use contexts between threads, you will need to enable
|
|
|
|
this layer to prevent race conditions.
|
|
|
|
|
|
|
|
config MBEDTLS_THREADING_ALT
|
|
|
|
bool "Enable threading alternate implementation"
|
|
|
|
depends on MBEDTLS_THREADING_C
|
|
|
|
default y
|
|
|
|
help
|
|
|
|
Enable threading alt to allow your own alternate threading implementation.
|
|
|
|
|
|
|
|
config MBEDTLS_THREADING_PTHREAD
|
|
|
|
bool "Enable threading pthread implementation"
|
|
|
|
depends on MBEDTLS_THREADING_C
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Enable the pthread wrapper layer for the threading layer.
|
|
|
|
|
2019-12-05 04:30:17 +00:00
|
|
|
menuconfig MBEDTLS_SECURITY_RISKS
|
|
|
|
bool "Show configurations with potential security risks"
|
|
|
|
default n
|
|
|
|
|
|
|
|
config MBEDTLS_ALLOW_UNSUPPORTED_CRITICAL_EXT
|
|
|
|
bool "X.509 CRT parsing with unsupported critical extensions"
|
|
|
|
depends on MBEDTLS_SECURITY_RISKS
|
|
|
|
default n
|
|
|
|
help
|
|
|
|
Allow the X.509 certificate parser to load certificates
|
|
|
|
with unsupported critical extensions
|
|
|
|
|
mbedtls: Expose compile-time config, disable some things by default
* Disables 3DES, Camellia, Blowfish, RC4, RIPEMD160, SSLv3, TLS-PSK modes, DTLS by default
* Saves about 40KB from the default TLS client code size
* Defaults no longer get "Bad" howsmyssl.com rating (no more vulnerable 3DES)
(ping https://github.com/espressif/arduino-esp32/issues/575 )
* Allows up to another 20-30KB code size to be trimmed without security
implications if using DER formatted certificates, RSA ciphersuites only,
etc.
* Can save up to another 8KB by setting the TLS Role to Server or Client only.
2017-08-17 07:15:04 +00:00
|
|
|
endmenu # mbedTLS
|