| # Kconfig - Cryptography primitive options for mbed TLS |
| |
| # |
| # Copyright (c) 2016 Intel Corporation |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| |
| |
| menuconfig MBEDTLS |
| bool |
| prompt "mbedTLS Support" |
| default n |
| help |
| This option enables the mbedTLS cryptography library. |
| |
| config MBEDTLS_BUILTIN |
| bool "Enable mbedTLS integrated sources" |
| depends on MBEDTLS |
| default n |
| help |
| Link with local mbedTLS sources instead of external library. |
| |
| config MBEDTLS_CFG_FILE |
| string "mbed TLS configuration file" |
| depends on MBEDTLS_BUILTIN |
| default "config-threadnet.h" |
| help |
| Enable custom mbed TLS configuration |
| |
| config MBEDTLS_DEBUG |
| bool "mbed TLS debug activation" |
| depends on MBEDTLS_BUILTIN |
| default n |
| help |
| Enable debugging activation for mbed TLS configuration. Note that this |
| does not directly cause any debug print output. For that you need to |
| call |
| mbedtls_debug_set_threshold(level); |
| and |
| mbedtls_ssl_conf_dbg(&mbedtls.conf, my_debug, NULL); |
| functions in your application, and create the my_debug() function to |
| actually print something useful. |
| |
| config MBEDTLS_TEST |
| bool "Compile internal self test functions" |
| depends on MBEDTLS_BUILTIN |
| default n |
| help |
| Enable self test function for the crypto algorithms |
| |
| config MBEDTLS_LIBRARY |
| bool "Enable mbedTLS external library" |
| depends on MBEDTLS |
| default n |
| help |
| This option enables mbedTLS library. |
| |
| config MBEDTLS_INSTALL_PATH |
| string "mbedTLS install path" |
| depends on MBEDTLS_LIBRARY |
| help |
| This option holds the path where the mbedTLS libraries and headers are |
| installed. Make sure this option is properly set when MBEDTLS_LIBRARY |
| is enabled otherwise the build will fail. |
| |
| config MBEDTLS_ENABLE_HEAP |
| bool "Enable global heap for mbed TLS" |
| default n |
| depends on MBEDTLS |
| help |
| This option enables the mbedtls to use the heap. This setting must |
| be global so that various applications and libraries in Zephyr do not |
| try to do this themselves as there can be only one heap defined |
| in mbedtls. If this is enabled, then the Zephyr will, during the device |
| startup, initialize the heap automatically. |
| |
| config MBEDTLS_HEAP_SIZE |
| int "Heap size for mbed TLS" |
| default 512 |
| depends on MBEDTLS_ENABLE_HEAP |
| help |
| The mbedtls routines will use this heap if enabled. |
| See ext/lib/crypto/mbedtls/include/mbedtls/config.h and |
| MBEDTLS_MEMORY_BUFFER_ALLOC_C option for details. That option is not |
| enabled by default. |
| Default value for the heap size is not set as it depends on the |
| application. For server application 15000 bytes should be enough. |
| For some dedicated and specific usage of mbedtls API, the 1000 bytes |
| might be ok. |
