coap: move mbedTLS config options from component to examples

CoAP component relies on some mbedTLS crypto configuration
options, e.g. DTLS and PSK. These configuration options if
selected, have footprint impact on generic TLS examples like
https_request or https_ota as well.

Footprint of https_request example with/without change is per below:

$ ./tools/idf_size.py new_https_request.map --diff old_https_request.map

<CURRENT> MAP file: new_https_request.map
<REFERENCE> MAP file: old_https_request.map
Difference is counted as <CURRENT> - <REFERENCE>, i.e. a positive number means that <CURRENT> is larger.
Total sizes of <CURRENT>:                                                 <REFERENCE>     Difference
 DRAM .data size:   14796 bytes                                                 14796
 DRAM .bss  size:   23560 bytes                                                 23680           -120
Used static DRAM:   38356 bytes ( 142380 available, 21.2% used)                 38476           -120 (   +120 available,      +0 total)
Used static IRAM:   89045 bytes (  42027 available, 67.9% used)                 89045                (     +0 available,      +0 total)
      Flash code:  554231 bytes                                                563823          -9592
    Flash rodata:  179000 bytes                                                181224          -2224
Total image size:~ 860632 bytes (.bin may be padded larger)                    872568         -11936

This commit moves relevant config options to CoAP specific examples
and also adds some run time warnings if they are kept disabled.

Closes https://github.com/espressif/esp-idf/issues/5262

components/coap/Kconfig

@@ -11,15 +11,9 @@ menu "CoAP Configuration"
             - Encrypt using defined Public Key Infrastructure (PKI if uri includes coaps://)
 
         config COAP_MBEDTLS_PSK
-            select MBEDTLS_SSL_PROTO_DTLS
-            select MBEDTLS_PSK_MODES
-            select MBEDTLS_KEY_EXCHANGE_PSK
             bool "Pre-Shared Keys"
 
         config COAP_MBEDTLS_PKI
-            select MBEDTLS_SSL_PROTO_DTLS
-            select MBEDTLS_PSK_MODES
-            select MBEDTLS_KEY_EXCHANGE_PSK
             bool "PKI Certificates"
 
     endchoice #COAP_MBEDTLS_ENCRYPTION_MODE

components/coap/port/coap_mbedtls.c

@@ -908,6 +908,7 @@ fail:
 }
 #endif /* !defined(ESPIDF_VERSION) || CONFIG_MBEDTLS_TLS_SERVER) */
 
+#if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_PSK_MODES)
 #define MAX_CIPHERS 100
 static int psk_ciphers[MAX_CIPHERS];
 static int pki_ciphers[MAX_CIPHERS];
@@ -964,6 +965,7 @@ set_ciphersuites(mbedtls_ssl_config *conf, int is_psk)
   }
   mbedtls_ssl_conf_ciphersuites(conf, is_psk ? psk_ciphers : pki_ciphers);
 }
+#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_PSK_MODES */
 
 static int setup_client_ssl_session(coap_session_t *c_session,
                                     coap_mbedtls_env_t *m_env)
@@ -1066,7 +1068,9 @@ static int setup_client_ssl_session(coap_session_t *c_session,
 #if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_SSL_PROTO_DTLS)
     mbedtls_ssl_set_mtu(&m_env->ssl, c_session->mtu);
 #endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_SSL_PROTO_DTLS */
+#if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_PSK_MODES)
     set_ciphersuites(&m_env->conf, 0);
+#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_PSK_MODES */
   }
   return 0;
 
@@ -1260,6 +1264,13 @@ int coap_dtls_context_set_psk(struct coap_context_t *c_context,
 {
   coap_mbedtls_context_t *m_context =
               ((coap_mbedtls_context_t *)c_context->dtls_context);
+#if defined(ESPIDF_VERSION) && (!defined(CONFIG_MBEDTLS_PSK_MODES) || !defined(CONFIG_MBEDTLS_KEY_EXCHANGE_PSK))
+  coap_log(LOG_EMERG, "coap_dtls_context_set_psk:"
+           " libcoap not compiled with MBEDTLS_PSK_MODES and MBEDTLS_KEY_EXCHANGE_PSK"
+           " - update mbedTLS to include psk mode configs\n");
+  return 0;
+#endif /* ESPIDF_VERSION && (!CONFIG_MBEDTLS_PSK_MODES || !CONFIG_MBEDTLS_KEY_EXCHANGE_PSK) */
+
 #if defined(ESPIDF_VERSION) && !defined(CONFIG_MBEDTLS_TLS_SERVER)
   coap_log(LOG_EMERG, "coap_dtls_context_set_psk:"
            " libcoap not compiled for Server Mode for MbedTLS"
@@ -1322,6 +1333,13 @@ int coap_dtls_context_set_pki(struct coap_context_t *c_context,
                           coap_dtls_pki_t *setup_data,
                           coap_dtls_role_t role UNUSED)
 {
+#if defined(ESPIDF_VERSION) && (!defined(CONFIG_MBEDTLS_PSK_MODES) || !defined(CONFIG_MBEDTLS_KEY_EXCHANGE_PSK))
+  coap_log(LOG_EMERG, "coap_dtls_context_set_pki:"
+           " libcoap not compiled with MBEDTLS_PSK_MODES and MBEDTLS_KEY_EXCHANGE_PSK"
+           " - update mbedTLS to include psk mode configs\n");
+  return 0;
+#endif /* ESPIDF_VERSION && (!CONFIG_MBEDTLS_PSK_MODES || !CONFIG_MBEDTLS_KEY_EXCHANGE_PSK) */
+
   coap_mbedtls_context_t *m_context =
              ((coap_mbedtls_context_t *)c_context->dtls_context);
 

examples/protocols/coap_client/sdkconfig.defaults

@@ -0,0 +1,3 @@
+CONFIG_MBEDTLS_SSL_PROTO_DTLS=y
+CONFIG_MBEDTLS_PSK_MODES=y
+CONFIG_MBEDTLS_KEY_EXCHANGE_PSK=y

examples/protocols/coap_server/sdkconfig.defaults

@@ -0,0 +1,3 @@
+CONFIG_MBEDTLS_SSL_PROTO_DTLS=y
+CONFIG_MBEDTLS_PSK_MODES=y
+CONFIG_MBEDTLS_KEY_EXCHANGE_PSK=y