# # For a description of the syntax of this configuration file, # see the file kconfig-language.txt in the NuttX tools repository. # menuconfig CRYPTO_MBEDTLS bool "Mbed TLS Cryptography Library" default n ---help--- Enable support for Mbed TLS. if CRYPTO_MBEDTLS config MBEDTLS_VERSION string "Mbed TLS Version" default "3.4.0" config MBEDTLS_DEBUG_C bool "This module provides debugging functions." default n ---help--- This module provides debugging functions. config MBEDTLS_SSL_MAX_CONTENT_LEN int "Maximum length (in bytes) of incoming and outgoing plaintext fragments." default 16384 ---help--- Maximum length (in bytes) of incoming and outgoing plaintext fragments. config MBEDTLS_SSL_SRV_C bool "This module is required for SSL/TLS server support." default y ---help--- This module is required for SSL/TLS server support. config MBEDTLS_PLATFORM_MEMORY bool "Enable the memory allocation layer." default n config MBEDTLS_ENTROPY_HARDWARE_ALT bool "Uncomment this macro to let mbed TLS use your own implementation of a hardware entropy collector." default n depends on DEV_RANDOM select MBEDTLS_NO_PLATFORM_ENTROPY config MBEDTLS_AES_ROM_TABLES bool "Store the AES tables in ROM." default n config MBEDTLS_REMOVE_ARC4_CIPHERSUITES bool "Remove RC4 ciphersuites by default in SSL / TLS." default n config MBEDTLS_NO_PLATFORM_ENTROPY bool "Do not use built-in platform entropy functions." default n config MBEDTLS_ECP_RESTARTABLE bool "Enable the restartable ECC." default n config MBEDTLS_SELF_TEST bool "Enable the checkup functions (*_self_test)." default y config MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE bool "Enable server-side support for clients that reconnect from the same port." default n config MBEDTLS_BLOWFISH_C bool "Enable the Blowfish block cipher." default n config MBEDTLS_CAMELLIA_C bool "Enable the Camellia block cipher." default n config MBEDTLS_CERTS_C bool "Enable the test certificates." default n config MBEDTLS_PADLOCK_C bool "Enable VIA Padlock support on x86." default n config MBEDTLS_TIMING_C bool "Enable the semi-portable timing interface." default y config MBEDTLS_SSL_KEEP_PEER_CERTIFICATE bool "Enable the availability of the API mbedtls_ssl_get_peer_cert() giving access to the peer's certificate after completion of the handshake." default n config MBEDTLS_SSL_PROTO_DTLS bool "Enable support for DTLS (all available versions)." default n if MBEDTLS_SSL_PROTO_DTLS config MBEDTLS_SSL_DTLS_ANTI_REPLAY bool "Enable support for the anti-replay mechanism in DTLS." default n config MBEDTLS_SSL_DTLS_HELLO_VERIFY bool "Enable support for HelloVerifyRequest on DTLS servers." default n config MBEDTLS_SSL_DTLS_BADMAC_LIMIT bool "Enable support for a limit of records with bad MAC." default n endif # MBEDTLS_SSL_PROTO_DTLS config MBEDTLS_SSL_ALPN bool "Enable support for RFC 7301 Application Layer Protocol Negotiation." default n config MBEDTLS_AESNI_C bool "Enable AES-NI support on x86-64." default n config MBEDTLS_ECP_WINDOW_SIZE int "Maximum window size used" default 6 config MBEDTLS_ECP_FIXED_POINT_OPTIM bool "Enable fixed-point speed-up" default n config MBEDTLS_CMAC_C bool "Enable the CMAC (Cipher-based Message Authentication Code) mode for block" default n config MBEDTLS_NET_C bool "Enable the TCP and UDP over IPv6/IPv4 networking routines" default y if LIBC_NETDB default n if !LIBC_NETDB if CRYPTO_CRYPTODEV config MBEDTLS_ALT bool default n ---help--- Enable Mbed TLS alted by nuttx crypto via /dev/crypto config MBEDTLS_SHA1_ALT bool "Enable Mbedt TLS SHA1 module alted by nuttx crypto" select MBEDTLS_ALT default n config MBEDTLS_SHA256_ALT bool "Enable Mbedt TLS SHA224/SHA256 module alted by nuttx crypto" select MBEDTLS_ALT default n config MBEDTLS_SHA512_ALT bool "Enable Mbedt TLS SHA384/SHA512 module alted by nuttx crypto" select MBEDTLS_ALT default n endif # CRYPTO_CRYPTODEV menuconfig MBEDTLS_APPS tristate "Mbed TLS Applications" default n ---help--- Enable Mbed TLS Applications if MBEDTLS_APPS config MBEDTLS_DEFAULT_TASK_STACKSIZE int "Mbed TLS app default stack size" default 8192 config MBEDTLS_APP_BENCHMARK bool "Mbed TLS benchmark" default n ---help--- Enable the Mbed TLS self test if MBEDTLS_APP_BENCHMARK config MBEDTLS_APP_BENCHMARK_PROGNAME string "Program name" default "mbedbenchmark" ---help--- This is the name of the program that will be used when the NSH ELF program is installed. config MBEDTLS_APP_BENCHMARK_PRIORITY int "Benchmark task priority" default 100 config MBEDTLS_APP_BENCHMARK_STACKSIZE int "Benchmark stack size" default MBEDTLS_DEFAULT_TASK_STACKSIZE endif # MBEDTLS_APP_BENCHMARK config MBEDTLS_APP_SELFTEST bool "Mbed TLS Self Test" default n ---help--- Enable the Mbed TLS self test if MBEDTLS_APP_SELFTEST config MBEDTLS_APP_SELFTEST_PROGNAME string "Program name" default "mbedselftest" ---help--- This is the name of the program that will be used when the NSH ELF program is installed. config MBEDTLS_APP_SELFTEST_PRIORITY int "Self test task priority" default 100 config MBEDTLS_APP_SELFTEST_STACKSIZE int "Self test stack size" default MBEDTLS_DEFAULT_TASK_STACKSIZE endif # MBEDTLS_APP_SELFTEST endif # MBEDTLS_APPS endif # CRYPTO_MBEDTLS