diff --git a/components/esp-tls/Kconfig b/components/esp-tls/Kconfig index 81d5a365fc..3ede8810ba 100644 --- a/components/esp-tls/Kconfig +++ b/components/esp-tls/Kconfig @@ -15,7 +15,7 @@ menu "ESP-TLS" config ESP_TLS_USE_SECURE_ELEMENT bool "Use Secure Element (ATECC608A) with ESP-TLS" - depends on IDF_TARGET_ESP32 && ESP_TLS_USING_MBEDTLS + depends on ESP_TLS_USING_MBEDTLS select ATCA_MBEDTLS_ECDSA select ATCA_MBEDTLS_ECDSA_SIGN select ATCA_MBEDTLS_ECDSA_VERIFY diff --git a/components/tcp_transport/include/esp_transport_ssl.h b/components/tcp_transport/include/esp_transport_ssl.h index ad339396ff..fbcc1710f1 100644 --- a/components/tcp_transport/include/esp_transport_ssl.h +++ b/components/tcp_transport/include/esp_transport_ssl.h @@ -166,7 +166,7 @@ void esp_transport_ssl_set_common_name(esp_transport_handle_t t, const char *com /** * @brief Set the ssl context to use secure element (atecc608a) for client(device) private key and certificate * - * @note Recommended to be used with ESP32 interfaced to ATECC608A based secure element + * @note Recommended to be used with ESP32 series interfaced to ATECC608A based secure element * * @param t ssl transport */ diff --git a/docs/en/api-reference/protocols/esp_http_client.rst b/docs/en/api-reference/protocols/esp_http_client.rst index b1c73fcc6c..65ff08e93b 100644 --- a/docs/en/api-reference/protocols/esp_http_client.rst +++ b/docs/en/api-reference/protocols/esp_http_client.rst @@ -32,19 +32,17 @@ Persistent connection means that the HTTP client can reuse the same connection f To allow ESP HTTP client to take full advantage of persistent connections, one should make as many requests as possible using the same handle instance. Check out the example functions ``http_rest_with_url`` and ``http_rest_with_hostname_path`` in the application example. Here, once the connection is created, multiple requests (``GET``, ``POST``, ``PUT``, etc.) are made before the connection is closed. -.. only:: esp32 +Use Secure Element (ATECC608) for TLS +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - Use Secure Element (ATECC608) for TLS - _____________________________________ +A secure element (ATECC608) can be also used for the underlying TLS connection in the HTTP client connection. Please refer to the **ATECC608A (Secure Element) with ESP-TLS** section in the :doc:`ESP-TLS documentation ` for more details. The secure element support has to be first enabled in menuconfig through :ref:`CONFIG_ESP_TLS_USE_SECURE_ELEMENT`. Then the HTTP client can be configured to use secure element as follows: - A secure element (ATECC608) can be also used for the underlying TLS connection in the HTTP client connection. Please refer to the **ATECC608A (Secure Element) with ESP-TLS** section in the :doc:`ESP-TLS documentation ` for more details. The secure element support has to be first enabled in menuconfig through :ref:`CONFIG_ESP_TLS_USE_SECURE_ELEMENT`. Then the HTTP client can be configured to use secure element as follows: +.. code-block:: c - .. code-block:: c - - esp_http_client_config_t cfg = { - /* other configurations options */ - .use_secure_element = true, - }; + esp_http_client_config_t cfg = { + /* other configurations options */ + .use_secure_element = true, + }; HTTPS Request diff --git a/docs/en/api-reference/protocols/esp_tls.rst b/docs/en/api-reference/protocols/esp_tls.rst index b0c5c9911e..5f882b11c7 100644 --- a/docs/en/api-reference/protocols/esp_tls.rst +++ b/docs/en/api-reference/protocols/esp_tls.rst @@ -138,39 +138,37 @@ The following table shows a typical comparison between WolfSSL and MbedTLS when These values can vary based on configuration options and version of respective libraries. -.. only:: esp32 +ATECC608A (Secure Element) with ESP-TLS +-------------------------------------------------- - ATECC608A (Secure Element) with ESP-TLS - -------------------------------------------------- +ESP-TLS provides support for using ATECC608A cryptoauth chip with ESP32 series of SoCs. The use of ATECC608A is supported only when ESP-TLS is used with MbedTLS as its underlying SSL/TLS stack. ESP-TLS uses MbedTLS as its underlying TLS/SSL stack by default unless changed manually. - ESP-TLS provides support for using ATECC608A cryptoauth chip with ESP32 series of SoCs. The use of ATECC608A is supported only when ESP-TLS is used with MbedTLS as its underlying SSL/TLS stack. ESP-TLS uses MbedTLS as its underlying TLS/SSL stack by default unless changed manually. +.. note:: - .. note:: + ATECC608A chip interfaced to ESP32 series must be already configured. For details, please refer to `esp_cryptoauth_utility `_. - ATECC608A chip interfaced to ESP32 must be already configured. For details, please refer to `esp_cryptoauth_utility `_. +To enable the secure element support, and use it in your project for TLS connection, you have to follow the below steps: - To enable the secure element support, and use it in your project for TLS connection, you have to follow the below steps: +1) Add `esp-cryptoauthlib `_ in your project, for details please refer `how to use esp-cryptoauthlib with ESP-IDF `_. - 1) Add `esp-cryptoauthlib `_ in your project, for details please refer `how to use esp-cryptoauthlib with ESP-IDF `_. +2) Enable the following menuconfig option:: - 2) Enable the following menuconfig option:: + menuconfig > Component config > ESP-TLS > Use Secure Element (ATECC608A) with ESP-TLS - menuconfig > Component config > ESP-TLS > Use Secure Element (ATECC608A) with ESP-TLS +3) Select type of ATECC608A chip with following option:: - 3) Select type of ATECC608A chip with following option:: + menuconfig > Component config > esp-cryptoauthlib > Choose Type of ATECC608A chip - menuconfig > Component config > esp-cryptoauthlib > Choose Type of ATECC608A chip +To know more about different types of ATECC608A chips and how to obtain the type of ATECC608A connected to your ESP module, please visit `ATECC608A chip type `_. - To know more about different types of ATECC608A chips and how to obtain the type of ATECC608A connected to your ESP module, please visit `ATECC608A chip type `_. +4) Enable the use of ATECC608A in ESP-TLS by providing the following config option in :cpp:type:`esp_tls_cfg_t`. - 4) Enable the use of ATECC608A in ESP-TLS by providing the following config option in :cpp:type:`esp_tls_cfg_t`. +.. code-block:: c - .. code-block:: c - - esp_tls_cfg_t cfg = { - /* other configurations options */ - .use_secure_element = true, - }; + esp_tls_cfg_t cfg = { + /* other configurations options */ + .use_secure_element = true, + }; .. only:: SOC_DIG_SIGN_SUPPORTED diff --git a/docs/en/api-reference/protocols/mqtt.rst b/docs/en/api-reference/protocols/mqtt.rst index b221a926f6..9a918c72ce 100644 --- a/docs/en/api-reference/protocols/mqtt.rst +++ b/docs/en/api-reference/protocols/mqtt.rst @@ -154,7 +154,7 @@ It is possible to set authentication parameters through the :cpp:class:`authenti * :cpp:member:`password `: use a password by setting * :cpp:member:`certificate ` and :cpp:member:`key `: mutual authentication with TLS, and both can be provided in PEM or DER format - * :cpp:member:`use_secure_element `: use secure element (ATECC608A) interfaced to ESP32 + * :cpp:member:`use_secure_element `: use secure element (ATECC608A) interfaced to ESP32 series * :cpp:member:`ds_data `: use Digital Signature Peripheral available in some Espressif devices Session