blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-09 17:19:09 -04:00
Code Issues Projects Releases Wiki Activity

Merge branch 'contrib/github_pr_14785' into 'master'

Browse Source 
Removed dependency on esp32 to use secure element (GitHub PR)

Closes IDFGH-13955 and IDFGH-13922

See merge request espressif/esp-idf!36935
This commit is contained in:
Aditya Patwardhan 2025-02-21 00:52:38 +08:00
commit 43a7248501
5 changed files with 29 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
components/esp-tls/Kconfig
View File

@ -15,7 +15,7 @@ menu "ESP-TLS"
config ESP_TLS_USE_SECURE_ELEMENT config ESP_TLS_USE_SECURE_ELEMENT
bool "Use Secure Element (ATECC608A) with ESP-TLS" bool "Use Secure Element (ATECC608A) with ESP-TLS"
depends on IDF_TARGET_ESP32 && ESP_TLS_USING_MBEDTLS depends on ESP_TLS_USING_MBEDTLS
select ATCA_MBEDTLS_ECDSA select ATCA_MBEDTLS_ECDSA
select ATCA_MBEDTLS_ECDSA_SIGN select ATCA_MBEDTLS_ECDSA_SIGN
select ATCA_MBEDTLS_ECDSA_VERIFY select ATCA_MBEDTLS_ECDSA_VERIFY

2
components/tcp_transport/include/esp_transport_ssl.h
View File

@ -166,7 +166,7 @@ void esp_transport_ssl_set_common_name(esp_transport_handle_t t, const char *com
/** /**
* @brief Set the ssl context to use secure element (atecc608a) for client(device) private key and certificate * @brief Set the ssl context to use secure element (atecc608a) for client(device) private key and certificate
* *
* @note Recommended to be used with ESP32 interfaced to ATECC608A based secure element * @note Recommended to be used with ESP32 series interfaced to ATECC608A based secure element
* *
* @param t ssl transport * @param t ssl transport
*/ */

4
docs/en/api-reference/protocols/esp_http_client.rst
View File

@ -32,10 +32,8 @@ Persistent connection means that the HTTP client can reuse the same connection f
To allow ESP HTTP client to take full advantage of persistent connections, one should make as many requests as possible using the same handle instance. Check out the example functions ``http_rest_with_url`` and ``http_rest_with_hostname_path`` in the application example. Here, once the connection is created, multiple requests (``GET``, ``POST``, ``PUT``, etc.) are made before the connection is closed. To allow ESP HTTP client to take full advantage of persistent connections, one should make as many requests as possible using the same handle instance. Check out the example functions ``http_rest_with_url`` and ``http_rest_with_hostname_path`` in the application example. Here, once the connection is created, multiple requests (``GET``, ``POST``, ``PUT``, etc.) are made before the connection is closed.
.. only:: esp32
Use Secure Element (ATECC608) for TLS Use Secure Element (ATECC608) for TLS
_____________________________________ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A secure element (ATECC608) can be also used for the underlying TLS connection in the HTTP client connection. Please refer to the **ATECC608A (Secure Element) with ESP-TLS** section in the :doc:`ESP-TLS documentation </api-reference/protocols/esp_tls>` for more details. The secure element support has to be first enabled in menuconfig through :ref:`CONFIG_ESP_TLS_USE_SECURE_ELEMENT`. Then the HTTP client can be configured to use secure element as follows: A secure element (ATECC608) can be also used for the underlying TLS connection in the HTTP client connection. Please refer to the **ATECC608A (Secure Element) with ESP-TLS** section in the :doc:`ESP-TLS documentation </api-reference/protocols/esp_tls>` for more details. The secure element support has to be first enabled in menuconfig through :ref:`CONFIG_ESP_TLS_USE_SECURE_ELEMENT`. Then the HTTP client can be configured to use secure element as follows:

4
docs/en/api-reference/protocols/esp_tls.rst
View File

@ -138,8 +138,6 @@ The following table shows a typical comparison between WolfSSL and MbedTLS when
These values can vary based on configuration options and version of respective libraries. These values can vary based on configuration options and version of respective libraries.
.. only:: esp32
ATECC608A (Secure Element) with ESP-TLS ATECC608A (Secure Element) with ESP-TLS
-------------------------------------------------- --------------------------------------------------
@ -147,7 +145,7 @@ The following table shows a typical comparison between WolfSSL and MbedTLS when
.. note:: .. note::
ATECC608A chip interfaced to ESP32 must be already configured. For details, please refer to `esp_cryptoauth_utility <https://github.com/espressif/esp-cryptoauthlib/blob/master/esp_cryptoauth_utility/README.md#esp_cryptoauth_utility>`_. ATECC608A chip interfaced to ESP32 series must be already configured. For details, please refer to `esp_cryptoauth_utility <https://github.com/espressif/esp-cryptoauthlib/blob/master/esp_cryptoauth_utility/README.md#esp_cryptoauth_utility>`_.
To enable the secure element support, and use it in your project for TLS connection, you have to follow the below steps: To enable the secure element support, and use it in your project for TLS connection, you have to follow the below steps:

2
docs/en/api-reference/protocols/mqtt.rst
View File

@ -154,7 +154,7 @@ It is possible to set authentication parameters through the :cpp:class:`authenti
* :cpp:member:`password <esp_mqtt_client_config_t::credentials_t::authentication_t::password>`: use a password by setting * :cpp:member:`password <esp_mqtt_client_config_t::credentials_t::authentication_t::password>`: use a password by setting
* :cpp:member:`certificate <esp_mqtt_client_config_t::credentials_t::authentication_t::certificate>` and :cpp:member:`key <esp_mqtt_client_config_t::credentials_t::authentication_t::key>`: mutual authentication with TLS, and both can be provided in PEM or DER format * :cpp:member:`certificate <esp_mqtt_client_config_t::credentials_t::authentication_t::certificate>` and :cpp:member:`key <esp_mqtt_client_config_t::credentials_t::authentication_t::key>`: mutual authentication with TLS, and both can be provided in PEM or DER format
* :cpp:member:`use_secure_element <esp_mqtt_client_config_t::credentials_t::authentication_t::use_secure_element>`: use secure element (ATECC608A) interfaced to ESP32 * :cpp:member:`use_secure_element <esp_mqtt_client_config_t::credentials_t::authentication_t::use_secure_element>`: use secure element (ATECC608A) interfaced to ESP32 series
* :cpp:member:`ds_data <esp_mqtt_client_config_t::credentials_t::authentication_t::ds_data>`: use Digital Signature Peripheral available in some Espressif devices * :cpp:member:`ds_data <esp_mqtt_client_config_t::credentials_t::authentication_t::ds_data>`: use Digital Signature Peripheral available in some Espressif devices
Session Session