Merge branch 'feature/mbedtls_ecjpake_config_option' into 'master'
mbedtls: add configuration options for EC-JPAKE Closes IDFGH-3085 See merge request espressif/esp-idf!8325
This commit is contained in:
commit
b28a5cfd22
2 changed files with 42 additions and 1 deletions
|
@ -389,6 +389,13 @@ menu "mbedTLS"
|
|||
help
|
||||
Enable to support ciphersuites with prefix TLS-ECDHE-RSA-WITH-
|
||||
|
||||
config MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
||||
bool "Enable ECJPAKE based ciphersuite modes"
|
||||
depends on MBEDTLS_ECJPAKE_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
default n
|
||||
help
|
||||
Enable to support ciphersuites with prefix TLS-ECJPAKE-WITH-
|
||||
|
||||
endmenu # TLS key exchange modes
|
||||
|
||||
config MBEDTLS_SSL_RENEGOTIATION
|
||||
|
@ -586,6 +593,13 @@ menu "mbedTLS"
|
|||
help
|
||||
Enable ECDSA. Needed to use ECDSA-xxx TLS ciphersuites.
|
||||
|
||||
config MBEDTLS_ECJPAKE_C
|
||||
bool "Elliptic curve J-PAKE"
|
||||
depends on MBEDTLS_ECP_C
|
||||
default n
|
||||
help
|
||||
Enable ECJPAKE. Needed to use ECJPAKE-xxx TLS ciphersuites.
|
||||
|
||||
config MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
bool "Enable SECP192R1 curve"
|
||||
depends on MBEDTLS_ECP_C
|
||||
|
|
|
@ -684,6 +684,29 @@
|
|||
#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
*
|
||||
* Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
|
||||
*
|
||||
* \warning This is currently experimental. EC J-PAKE support is based on the
|
||||
* Thread v1.0.0 specification; incompatible changes to the specification
|
||||
* might still happen. For this reason, this is disabled by default.
|
||||
*
|
||||
* Requires: MBEDTLS_ECJPAKE_C
|
||||
* MBEDTLS_SHA256_C
|
||||
* MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
|
||||
*/
|
||||
#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
#else
|
||||
#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PK_PARSE_EC_EXTENDED
|
||||
*
|
||||
|
@ -1594,7 +1617,11 @@
|
|||
*
|
||||
* Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
|
||||
*/
|
||||
//#define MBEDTLS_ECJPAKE_C
|
||||
#ifdef CONFIG_MBEDTLS_ECJPAKE_C
|
||||
#define MBEDTLS_ECJPAKE_C
|
||||
#else
|
||||
#undef MBEDTLS_ECJPAKE_C
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_ECP_C
|
||||
|
|
Loading…
Reference in a new issue