nrfxlib Configuration Options

Kconfig files describe build-time configuration options (called symbols in Kconfig-speak), how they’re grouped into menus and sub-menus, and dependencies between them that determine what configurations are valid.

Kconfig files appear throughout the directory tree. For example, subsys/power/Kconfig defines power-related options.

This documentation is generated automatically from the Kconfig files by the gen_kconfig_rest.py script. Click on symbols for more information.

Configuration Options

Symbol name

Help/prompt

CONFIG_APP_LINK_WITH_MBEDTLS_INCLUDES

Add mbedcrypto header files to the ‘app’ include path.

CONFIG_APP_LINK_WITH_ZBOSS

Link application with ZBOSS library

CONFIG_BT_CTLR_LLPM

Low Latency Packet Mode (LLPM) is a Nordic proprietary addition which lets the application use connection intervals down to 1 ms.

CONFIG_BT_LL_SOFTDEVICE

Use SoftDevice Link Layer implementation.

CONFIG_BT_LL_SOFTDEVICE_DEFAULT

Helper variable used to change the default link layer if BT_CTLR is supported for the platform.

CONFIG_BT_LL_SOFTDEVICE_VS_INCLUDE

Include SoftDevice Controller vendor specific HCI interface.

CONFIG_CC310_BACKEND

CONFIG_CC312_BACKEND

CONFIG_CC3XX_ATOMIC_LOCK

Using atomic operations is the fastest way to ensure mutually exclusive access to the ARM CryptoCell hardware.

Warning: If this configuration is set, every execution requiring use of the ARM CryptoCell hardware must happen in the same priority. Calling into mbed TLS APIs from a higher priority while an ongoing operation will lead to undefined behavior. It is highy recommended to to do all cryptographic operations in one single thread if this configuration is set.

CONFIG_CC3XX_BACKEND

Enable cc3xx backend

CONFIG_CC3XX_HW_MUTEX_LOCK

A mutual exclusive peripheral is the fastest way to ensure mutually exclusive access to the ARM CryptoCell hardware on platform which support it. The MUTEX peripheral is nRF53 platform specific solution.

Warning: If this configuration is set, every execution requiring use of the ARM CryptoCell hardware must happen in the same priority. Calling into mbed TLS APIs from a higher priority while an ongoing operation will lead to undefined behavior. It is highy recommended to to do all cryptographic operations in one single thread if this configuration is set.

CONFIG_CC3XX_MBEDTLS_AES_C

cc310 (AES-128)

CONFIG_CC3XX_MBEDTLS_CCM_C

Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher using AES-128. This also includes CCM* (star) mode MBEDTLS_CCM_C setting in mbed TLS config file.

CONFIG_CC3XX_MBEDTLS_CHACHA20_C

CONFIG_CC3XX_MBEDTLS_CHACHAPOLY_C

CONFIG_CC3XX_MBEDTLS_CIPHER_MODE_CBC

CONFIG_CC3XX_MBEDTLS_CIPHER_MODE_CTR

CONFIG_CC3XX_MBEDTLS_CIPHER_MODE_ECB

CONFIG_CC3XX_MBEDTLS_CMAC_C

CONFIG_CC3XX_MBEDTLS_DHM_C

Enable the DHM module from nrf cc3xx. MBEDTLS_DHM_C setting in mbed TLS config file.

CONFIG_CC3XX_MBEDTLS_ECDH_C

CONFIG_CC3XX_MBEDTLS_ECDSA_C

CONFIG_CC3XX_MBEDTLS_ECJPAKE_C

CONFIG_CC3XX_MBEDTLS_ECP_C

CONFIG_CC3XX_MBEDTLS_GCM_C

CONFIG_CC3XX_MBEDTLS_POLY1305_C

CONFIG_CC3XX_MBEDTLS_RSA_C

CONFIG_CC3XX_MBEDTLS_SHA1_C

CONFIG_CC3XX_MBEDTLS_SHA256_C

CONFIG_CC3XX_MUTEX_LOCK

Enables exclusive access to the ARM CryptoCell hardware using an RTOS mutex that has priority inheritance. The mutex lock is safe across threads and/or interrupts with different priority. Using an RTOS mutex comes at a cost of lower performance.

CONFIG_CC3XX_SINGLE_BACKEND

CONFIG_CHOICE_CC3XX_MBEDTLS_CHACHA20_C

HW accelerated chacha20 support

CONFIG_CHOICE_CC3XX_MBEDTLS_CHACHAPOLY_C

cc3xx

CONFIG_CHOICE_CC3XX_MBEDTLS_CMAC_C

HW accelerated CMAC support using AES-128

CONFIG_CHOICE_CC3XX_MBEDTLS_ECP_C

cc3xx

CONFIG_CHOICE_CC3XX_MBEDTLS_POLY1305_C

cc3xx

CONFIG_CHOICE_CC3XX_MBEDTLS_RSA_C

cc3xx

CONFIG_CHOICE_CC3XX_MBEDTLS_SHA1_C

cc3xx

CONFIG_CHOICE_CC3XX_MBEDTLS_SHA256_C

cc3xx

CONFIG_CHOICE_OBERON_MBEDTLS_CHACHA20_C

SW implemented chacha20 support

CONFIG_CHOICE_OBERON_MBEDTLS_CMAC_C

CMAC support using AES-128, AES-192, AES-256

CONFIG_CHOICE_OBERON_MBEDTLS_ECP_C

nrf_oberon

CONFIG_CHOICE_OBERON_MBEDTLS_POLY1305_C

nrf_oberon

CONFIG_CHOICE_OBERON_MBEDTLS_SHA1_C

nrf_oberon

CONFIG_CHOICE_OBERON_MBEDTLS_SHA256_C

nrf_oberon

CONFIG_CHOICE_VANILLA_MBEDTLS_CHACHA20_C

SW implemented chacha20 support

CONFIG_CHOICE_VANILLA_MBEDTLS_CHACHAPOLY_C

Original mbed TLS

CONFIG_CHOICE_VANILLA_MBEDTLS_CMAC_C

CMAC support using AES-128, AES-192, AES-256

CONFIG_CHOICE_VANILLA_MBEDTLS_ECP_C

Original mbed TLS

CONFIG_CHOICE_VANILLA_MBEDTLS_POLY1305_C

Original mbed TLS

CONFIG_CHOICE_VANILLA_MBEDTLS_RSA_C

Original mbed TLS

CONFIG_CHOICE_VANILLA_MBEDTLS_SHA1_C

Original mbed TLS

CONFIG_CHOICE_VANILLA_MBEDTLS_SHA256_C

Original mbed TLS

CONFIG_CRYPTOCELL_CC310_USABLE

CONFIG_CRYPTOCELL_CC312_USABLE

CONFIG_CRYPTOCELL_USABLE

CONFIG_GENERATE_MBEDTLS_CFG_FILE

nRF Connect SDK Security will generate a mbed TLS configuration file based on the selection of configuration options in Kconfig. However, if the generated configuration file needs custom adjustments, this setting can be used to disable generating the mbed TLS configuration file. Only disable this setting if you know what you are doing.

CONFIG_GLUE_CC3XX_MBEDTLS_AES_C

CONFIG_GLUE_CC3XX_MBEDTLS_CCM_C

CONFIG_GLUE_CC3XX_MBEDTLS_DHM_C

CONFIG_GLUE_MBEDTLS_AES_C

CONFIG_GLUE_MBEDTLS_CCM_C

CONFIG_GLUE_MBEDTLS_CIPHER_MODE_CBC

CONFIG_GLUE_MBEDTLS_CIPHER_MODE_CFB

CONFIG_GLUE_MBEDTLS_CIPHER_MODE_CTR

CONFIG_GLUE_MBEDTLS_CIPHER_MODE_OFB

CONFIG_GLUE_MBEDTLS_CIPHER_MODE_XTS

CONFIG_GLUE_MBEDTLS_DHM_C

CONFIG_GLUE_OBERON_MBEDTLS_AES_C

CONFIG_GLUE_OBERON_MBEDTLS_CCM_C

CONFIG_GLUE_VANILLA_MBEDTLS_AES_C

CONFIG_GLUE_VANILLA_MBEDTLS_CCM_C

CONFIG_GLUE_VANILLA_MBEDTLS_DHM_C

CONFIG_HW_CC310_INTERRUPT

CONFIG_HW_CC3XX_INTERRUPT

Use interrupt version of nrf cc3xx platform library

CONFIG_MBEDTLS_AES_256_CMAC_C

CONFIG_MBEDTLS_AES_ALT

CONFIG_MBEDTLS_AES_C

This setting will enable AES block cipher, including ECB - Electronic Code Book. Enabling AES will provide a sub-menu which allows for fine grained configuration of specific cipher support. Corresponds to MBEDTLS_AES_C setting in mbed TLS config file.

CONFIG_MBEDTLS_AES_FEWER_TABLES

Enabling this configuration omits 75% of the AES tables in ROM or RAM. There is a tradeoff between lookup size and doing more arithmetic operations on the fly, which impacts the performance of the AES operations. MBEDTLS_AES_FEWER_TABLES setting in mbed TLS config file.

CONFIG_MBEDTLS_AES_ROM_TABLES

AES lookup tables will be placed in ROM instead of RAM Placing the AES lookup tables in ROM will perform slower but will reduce RAM usage. Using precompiled ROM tables reduces RAM size by ~8kB with an additional cost of ~8kB of ROM size. If MBEDTLS_AES_FEWER_TABLES is used the RAM reduction is ~2kB with an additional cost of ~2kB of ROM size. MBEDTLS_AES_ROM_TABLES setting in mbed TLS config file.

CONFIG_MBEDTLS_CCM_ALT

CONFIG_MBEDTLS_CCM_C

Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. This also includes CCM* MBEDTLS_CCM_C setting in mbed TLS config file.

CONFIG_MBEDTLS_CFG_FILE

Use a specific mbedTLS configuration file. The default config file file can be tweaked with Kconfig. The default configuration is suitable to communicate with majority of HTTPS servers on the Internet, but has relatively many features enabled. To optimize resources for special TLS usage, use available Kconfig options, or select an alternative config.

CONFIG_MBEDTLS_CHACHA20_ALT

CONFIG_MBEDTLS_CHACHA20_C

Enable the CHACHA20 stream cipher. MBEDTLS_CHACHA20_C setting in mbed TLS config file.

CONFIG_MBEDTLS_CHACHAPOLY_ALT

CONFIG_MBEDTLS_CHACHAPOLY_C

Enable the CHACHA-POLY module. MBEDTLS_CHACHAPOLY_C setting in mbed TLS config file.

CONFIG_MBEDTLS_CIPHER_AES_256_CBC_C

CONFIG_MBEDTLS_CIPHER_AES_256_CCM_C

CONFIG_MBEDTLS_CIPHER_AES_256_CFB_C

CONFIG_MBEDTLS_CIPHER_AES_256_CTR_C

CONFIG_MBEDTLS_CIPHER_AES_256_ECB_C

CONFIG_MBEDTLS_CIPHER_AES_256_OFB_C

CONFIG_MBEDTLS_CIPHER_MODE_CBC

Enable the AES Cipher Block Chaining (CBC) mode, MBEDTLS_CIPHER_MODE_CBC setting in mbed TLS config file.

CONFIG_MBEDTLS_CIPHER_MODE_CFB

Enable the AES Cipher Feedback mode (CFB) mode, MBEDTLS_CIPHER_MODE_CFB setting in mbed TLS config file.

CONFIG_MBEDTLS_CIPHER_MODE_CTR

Enable the AES Counter Block Cipher mode (CTR) mode, MBEDTLS_CIPHER_MODE_CTR setting in mbed TLS config file.

CONFIG_MBEDTLS_CIPHER_MODE_OFB

Enable the AES Output Feedback mode (OFB) mode, MBEDTLS_CIPHER_MODE_OFB setting in mbed TLS config file.

CONFIG_MBEDTLS_CIPHER_MODE_XTS

Enable the AES Xor-encrypt-xor with ciphertext stealing mode (XTS) mode, MBEDTLS_CIPHER_MODE_XTS setting in mbed TLS config file.

CONFIG_MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS

Enable support for one and zeros padding for CBC cipher functions in mbedTLS. That is, fill buffer with 80 00 .. 00.

CONFIG_MBEDTLS_CIPHER_PADDING_PKCS7

Enable support for PKCS7 padding for CBC cipher functions in mbedTLS. That is, fill buffer with ll bytes, where ll is padding length.

CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS

Enable support for zeros padding for CBC cipher functions in mbedTLS. That is, fill buffer with 00 .. 00.

CONFIG_MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN

Enable support for zeros and length padding for CBC cipher functions in mbedTLS. That is, fill buffer with 00 .. 00 ll, where ll is padding length.

CONFIG_MBEDTLS_CMAC_ALT

CONFIG_MBEDTLS_CMAC_C

AES-CMAC - AES Cipher-based Message Authentication Code mode for block ciphers

CONFIG_MBEDTLS_CTR_DRBG_C

This setting will enable CTR_DRBG APIs in mbed TLS. Corresponds to MBEDTLS_CTR_DRBG_C setting in mbed TLS config file.

CONFIG_MBEDTLS_DHM_ALT

CONFIG_MBEDTLS_DHM_C

Enable the DHM module. MBEDTLS_DHM_C setting in mbed TLS config file.

CONFIG_MBEDTLS_ECDH_C

Enable the ECDH module. MBEDTLS_ECDH_C setting in mbed TLS config file.

CONFIG_MBEDTLS_ECDH_COMPUTE_SHARED_ALT

CONFIG_MBEDTLS_ECDH_GEN_PUBLIC_ALT

CONFIG_MBEDTLS_ECDSA_C

Enable the ECDSA module. MBEDTLS_ECDSA_C setting in mbed TLS config file.

CONFIG_MBEDTLS_ECDSA_GENKEY_ALT

CONFIG_MBEDTLS_ECDSA_SIGN_ALT

CONFIG_MBEDTLS_ECDSA_VERIFY_ALT

CONFIG_MBEDTLS_ECJPAKE_ALT

CONFIG_MBEDTLS_ECJPAKE_C

Enable support for ECJPAKE

CONFIG_MBEDTLS_ECP_ALT

CONFIG_MBEDTLS_ECP_C

Enable low level APIs for elliptic curves for additional functionality (besides ECDH and ECDSA) Enabling ECC will provide a sub-menu which allows for fine grained configuration of ECC based features and specific cipher support. Corresponds to MBEDTLS_ECP_C setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED

MBEDTLS_ECP_DP_BP256R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED

MBEDTLS_ECP_DP_BP384R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED

MBEDTLS_ECP_DP_BP512R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED

MBEDTLS_ECP_DP_CURVE25519_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_CURVE448_ENABLED

MBEDTLS_ECP_DP_CURVE448_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED

MBEDTLS_ECP_DP_SECP192K1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED

MBEDTLS_ECP_DP_SECP192R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED

MBEDTLS_ECP_DP_SECP224K1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED

MBEDTLS_ECP_DP_SECP224R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED

MBEDTLS_ECP_DP_SECP256K1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED

MBEDTLS_ECP_DP_SECP256R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED

MBEDTLS_ECP_DP_SECP384R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED

MBEDTLS_ECP_DP_SECP521R1_ENABLED setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM

This setting control ECP fixed point optimizations. If disabled, the system will use less memory, but it will also reduce the performance of the system. MBEDTLS_ECP_FIXED_POINT_OPTIM setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_MAX_BITS

This setting controls the largest elliptic curve supported in the library. If only smaller curves are used, then this value can be reduced in order to save memory. MBEDTLS_ECP_MAX_BITS setting in mbed TLS config file.

CONFIG_MBEDTLS_ECP_WINDOW_SIZE

Window sized used for elliptic curve multiplication. This value can be reduce down to 2. Reducing the value will impact the performance of the system. MBEDTLS_ECP_WINDOW_SIZE setting in mbed TLS config file.

CONFIG_MBEDTLS_ENABLE_HEAP

This option enables the mbedtls to use the heap. This setting must be global so that various applications and libraries in Zephyr do not try to do this themselves as there can be only one heap defined in mbedtls. If this is enabled, then the Zephyr will, during the device startup, initialize the heap automatically.

CONFIG_MBEDTLS_GCM_ALT

CONFIG_MBEDTLS_GCM_C

Enable the GCM module. MBEDTLS_GCM_C setting in mbed TLS config file.

CONFIG_MBEDTLS_HEAP_SIZE

Heap size for mbed TLS in bytes. For streaming communication with arbitrary (HTTPS) servers on the Internet, 32KB + overheads (up to another 20KB) may be needed. Ensure to adjust the heap size according to the need of the application.

CONFIG_MBEDTLS_HMAC_DRBG_C

This setting will enable HMAC_DRBG APIs in mbed TLS. Corresponds to MBEDTLS_HMAC_DRBG_C setting in mbed TLS config file.

CONFIG_MBEDTLS_MPI_MAX_SIZE

Maximum number of bytes for usable Multiple Precision Integers (MPI) / Bignum. This will reduce the size of MPIs that can be used for calculation. Only reduce this value if it is ensured that the system won’t need larger numbers. MBEDTLS_MPI_MAX_SIZE setting in mbed TLS config file.

CONFIG_MBEDTLS_MPI_WINDOW_SIZE

Window size used for Multiple Precision Integers (MPI) / Bignum calculation. Note that reducing this value might have an impact on the performance. MBEDTLS_MPI_WINDOW_SIZE setting in mbed TLS config file.

CONFIG_MBEDTLS_PKCS1_V15

PKCS1 v1.5 support

CONFIG_MBEDTLS_PKCS1_V21

PKCS1 v2.1 support

CONFIG_MBEDTLS_PK_C

Enable generic public key wrappers.

CONFIG_MBEDTLS_PK_WRITE_C

Enable generic public key write functions.

CONFIG_MBEDTLS_POLY1305_ALT

CONFIG_MBEDTLS_POLY1305_C

Enable the POLY1305 module. MBEDTLS_POLY1305_C setting in mbed TLS config file.

CONFIG_MBEDTLS_RSA_ALT

CONFIG_MBEDTLS_RSA_C

Enable RSA cryptosystem support. MBEDTLS_RSA_C setting in mbed TLS config file.

CONFIG_MBEDTLS_SHA1_ALT

CONFIG_MBEDTLS_SHA1_C

SHA-1 hash functionality.

CONFIG_MBEDTLS_SHA256_ALT

CONFIG_MBEDTLS_SHA256_C

SHA-256 hash functionality.

CONFIG_MBEDTLS_SHA256_SMALLER

Use a SHA-256 implementation with smaller footprint. Note, that this implementation will also have a lower performance. On a Cortex-M4 the size of mbedtls_sha256_process() will be reduced from ~2KB to ~0.5KB, however it will also perform around 30% slower. MBEDTLS_SHA256_SMALLER setting in mbed TLS config file.

CONFIG_MBEDTLS_SHA512_C

SW implemented SHA-512 hash support

CONFIG_MBEDTLS_SSL_ALPN

Enable support for RFC 7301 Application Layer Protocol Negotiation.

CONFIG_MBEDTLS_SSL_CACHE_C

Enable simple SSL cache implementation.

CONFIG_MBEDTLS_SSL_CIPHERSUITES

List of cipher suites to support in SSL/TLS. The cipher suites are given as a comma separated string, and in order of preference. This list can only be used for restricting cipher suites available in the system. Warning: This field has offers no validation checks. MBEDTLS_SSL_CIPHERSUITES setting in mbed TLS config file.

CONFIG_MBEDTLS_SSL_CLI_C

This setting enables SSL/TLS client functionality. Corresponds to MBEDTLS_SSL_CLI_C in mbed TLS config file

CONFIG_MBEDTLS_SSL_DTLS_BADMAC_LIMIT

Enable support for a limit of records with bad MAC.

CONFIG_MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE

Enable server-side support for clients that reconnect from the same port.

CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN

Maximum buffer size for incoming and outgoing mbed TLS I/O buffers. MBEDTLS_SSL_MAX_CONTENT_LEN setting in mbed TLS config file.

CONFIG_MBEDTLS_SSL_PROTO_TLS1_2

Enable the TLS 1.2 protocol Corresponds to MBEDTLS_SSL_PROTO_TLS1_2 in mbed TLS config file

CONFIG_MBEDTLS_SSL_RENEGOTIATION

Enable support for TLS renegotiation.

CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION

Enable support for RFC 6066 server name indication (SNI) in SSL.

CONFIG_MBEDTLS_SSL_SESSION_TICKETS

Enable support for RFC 5077 session tickets in SSL.

CONFIG_MBEDTLS_SSL_SRV_C

This setting enables SSL/TLS server functionality. Corresponds to MBEDTLS_SSL_SRV_C in mbed TLS config file.

CONFIG_MBEDTLS_SSL_TICKET_C

Enable an implementation of TLS server-side callbacks for session tickets.

CONFIG_MBEDTLS_SSL_TLS_C

Corresponds to MBEDTLS_SSL_TLS_C in mbed TLS config file

CONFIG_MBEDTLS_TLS_LIBRARY

Create the mbed SSL/TLS library in addition to the mbed crypto library.

CONFIG_MBEDTLS_VANILLA_BACKEND

Enable Original mbed TLS backend This backend uses unaltered source code from the Arm mbed TLS project.

CONFIG_MBEDTLS_VANILLA_SINGLE_BACKEND

CONFIG_MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE

Enable verification of the extendedKeyUsage extension (leaf certificates).

CONFIG_MBEDTLS_X509_CHECK_KEY_USAGE

Enable verification of the keyUsage extension (CA and leaf certificates).

CONFIG_MBEDTLS_X509_CREATE_C

Enable X.509 core for creating certificates.

CONFIG_MBEDTLS_X509_CRL_PARSE_C

Enable X.509 CRL parsing.

CONFIG_MBEDTLS_X509_CSR_PARSE_C

Enable X.509 Certificate Signing Requests (CSR) parsing.

CONFIG_MBEDTLS_X509_CSR_WRITE_C

Enable creating X.509 Certificate Signing Requests (CSR).

CONFIG_MBEDTLS_X509_LIBRARY

Create the mbed x509 library for handling of certificates.

CONFIG_MPSL

Use Nordic Multi Protocol Service Layer (MPSL) implementation, providing services for single and multi-protocol implementations.

CONFIG_NFC_T2T_NRFXLIB

Enable NFC Type 2 Tag library

CONFIG_NFC_T4T_NRFXLIB

Enable NFC Type 4 Tag library

CONFIG_NORDIC_SECURITY_BACKEND

nRF Connect SDK Security provides crypto functionality through different backends. Some HW platforms supports the used of HW accelerated crypto features.

CONFIG_NRFXLIB_CRYPTO

CONFIG_NRF_802154_SL

Use of Nordic Semiconductor proprietary implementation of nRF 802.15.4 Service Layer. This implementation enables advanced features of nRF 802.15.4 Radio Driver.

CONFIG_NRF_CC310_BL

To use, link with nrfxlib_crypto in CMake.

CONFIG_NRF_CC3XX_PLATFORM

To use, link with nrfxlib_crypto in CMake.

CONFIG_NRF_MODEM

CONFIG_NRF_MODEM_LINK_BINARY

Link binary

CONFIG_NRF_MODEM_SHMEM_CTRL_SIZE

CONFIG_NRF_OBERON

To use, link with nrfxlib_crypto in CMake.

CONFIG_NRF_RPC

Enable nRF RPC (Remote Procedure Call) library

CONFIG_NRF_RPC_CBOR

Adds API that helps use of TinyCBOR library for data serialization.

CONFIG_NRF_RPC_CMD_CTX_POOL_SIZE

nRF RPC need to store some data to handle commands. Pool of contexts is created to avoid dynamic memory allocation. Setting this value too low will cause unnecessary waits for available context. Minimum value that is ensured to work without waiting is the sum of the number of threads in both local and remote pool.

CONFIG_NRF_RPC_THREAD_POOL_SIZE

Thread pool is used to execute commands and events that arrived from the remote side. If there is no available threads then remote side will wait.

CONFIG_NRF_RPC_TR_CUSTOM

If enabled selects custom transport layer. User can provide own implementation of nRF PRC transport layer. In this case NRF_RPC_TR_CUSTOM_INCLUDE must be provided.

CONFIG_NRF_RPC_TR_CUSTOM_INCLUDE

If NRF_RPC_TR_CUSTOM is enabled this option specifies the include file that contains custom transport layer API. Provided API must be compatible with the template header file “rp_trans_tmpl.h”.

CONFIG_NRF_RPC_TR_RPMSG

If enabled selects RPMsg as a transport layer for nRF PRC.

CONFIG_NRF_SECURITY_ADVANCED

This setting will enable the advanced configuration menu. The advanced configuration allows for further fine tuning of the mbed TLS configuration by adjusting , as example: SSL maximum content sizes, disabling of specific cipher suites, ECP bit sizes, Bignum options.

CONFIG_NRF_SECURITY_ANY_BACKEND

CONFIG_NRF_SECURITY_GLUE_LIBRARY

CONFIG_NRF_SECURITY_MULTI_BACKEND

CONFIG_NRF_SECURITY_RNG

The Random Number Generator support in nRF Security provides a Pseudorandom Number Generator, PRNG. The Pseudorandom Number Generator is seeded by a True Random Number Generator, TRNG, available in hardware.

CONFIG_OBERON_ALTERNATE_AES_KEY_ENC

CONFIG_OBERON_BACKEND

Enable nrf_oberon mbed TLS backend

CONFIG_OBERON_MBEDTLS_AES_C

nrf_oberon (AES-128, AES-192, AES-256)

CONFIG_OBERON_MBEDTLS_CCM_C

Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher using AES-128, AES-192, AES-256. This also includes CCM* (star) mode MBEDTLS_CCM_C setting in mbed TLS config file.

CONFIG_OBERON_MBEDTLS_CHACHA20_C

CONFIG_OBERON_MBEDTLS_CIPHER_MODE_CBC

CONFIG_OBERON_MBEDTLS_CIPHER_MODE_CFB

CONFIG_OBERON_MBEDTLS_CIPHER_MODE_CTR

CONFIG_OBERON_MBEDTLS_CIPHER_MODE_ECB

CONFIG_OBERON_MBEDTLS_CIPHER_MODE_OFB

CONFIG_OBERON_MBEDTLS_CIPHER_MODE_XTS

CONFIG_OBERON_MBEDTLS_CMAC_C

CONFIG_OBERON_MBEDTLS_ECDH_C

CONFIG_OBERON_MBEDTLS_ECDSA_C

CONFIG_OBERON_MBEDTLS_ECJPAKE_C

CONFIG_OBERON_MBEDTLS_ECP_C

CONFIG_OBERON_MBEDTLS_POLY1305_C

CONFIG_OBERON_MBEDTLS_SHA1_C

CONFIG_OBERON_MBEDTLS_SHA256_C

CONFIG_OBERON_SINGLE_BACKEND

CONFIG_OPENTHREAD_BUILD_OUTPUT_STRIPPED

Build a stripped library versions of OpenThread in the build directory.

CONFIG_OPENTHREAD_LIBRARY_1_1

Uses prebuilt library of openthread instead of building from sources.

CONFIG_OPENTHREAD_NORDIC_LIBRARY

Nordic library feature sets

CONFIG_OPENTHREAD_NORDIC_LIBRARY_FTD

Nordic Semiconductor optimized OpenThread features for FTD.

CONFIG_OPENTHREAD_NORDIC_LIBRARY_MASTER

Nordic Semiconductor complete set of OpenThread features.

CONFIG_OPENTHREAD_NORDIC_LIBRARY_MTD

Nordic Semiconductor optimized OpenThread features for MTD.

CONFIG_OPENTHREAD_USER_CUSTOM_LIBRARY

No extra features selected.

CONFIG_SOFTDEVICE_CONTROLLER_CENTRAL

The central library variant is optimized for simpler applications only requiring the central role.

CONFIG_SOFTDEVICE_CONTROLLER_MULTIROLE

The multirole library variant is contains all supported features and can be used for more advanced applications. Using this library may give slightly larger applications. However, the library is designed in such a way that unused functionality is removed by the linker.

CONFIG_SOFTDEVICE_CONTROLLER_PERIPHERAL

The peripheral library variant is optimized for simpler applications only requiring the peripheral role.

CONFIG_VANILLA_MBEDTLS_AES_C

mbed TLS (AES-128, AES-192, AES-256)

CONFIG_VANILLA_MBEDTLS_CCM_C

Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher using AES-128, AES-192, AES-256. This also includes CCM* (star) mode MBEDTLS_CCM_C setting in mbed TLS config file.

CONFIG_VANILLA_MBEDTLS_CHACHA20_C

CONFIG_VANILLA_MBEDTLS_CHACHAPOLY_C

CONFIG_VANILLA_MBEDTLS_CIPHER_MODE_CBC

CONFIG_VANILLA_MBEDTLS_CIPHER_MODE_CFB

CONFIG_VANILLA_MBEDTLS_CIPHER_MODE_CTR

CONFIG_VANILLA_MBEDTLS_CIPHER_MODE_ECB

CONFIG_VANILLA_MBEDTLS_CIPHER_MODE_OFB

CONFIG_VANILLA_MBEDTLS_CIPHER_MODE_XTS

CONFIG_VANILLA_MBEDTLS_CMAC_C

CONFIG_VANILLA_MBEDTLS_DHM_C

Enable the DHM module from mbed TLS vanilla. MBEDTLS_DHM_C setting in mbed TLS config file.

CONFIG_VANILLA_MBEDTLS_ECDH_C

CONFIG_VANILLA_MBEDTLS_ECDSA_C

CONFIG_VANILLA_MBEDTLS_ECJPAKE_C

CONFIG_VANILLA_MBEDTLS_ECP_C

CONFIG_VANILLA_MBEDTLS_POLY1305_C

CONFIG_VANILLA_MBEDTLS_RSA_C

CONFIG_VANILLA_MBEDTLS_SHA1_C

CONFIG_VANILLA_MBEDTLS_SHA256_C

CONFIG_ZIGBEE_GP_CB

Enable Zigbee Green Power Combo Basic functionality [EXPERIMENTAL]

CONFIG_ZIGBEE_GP_NONE

This option is valid only when building ZBOSS without application layer

CONFIG_ZIGBEE_GP_PB

Enable Zigbee Green Power Proxy Basic functionality

CONFIG_ZIGBEE_LIBRARY_DEVELOPMENT

If selected, the application will be linked with newest version of ZBOSS libraries. Those libraries are not officially certified, but may be used for an early development of applications, that require experimental features.

CONFIG_ZIGBEE_LIBRARY_NCP_DEV

The Zigbee stack is implemented on the connectivity SoC, but the application is implemented on the host MCU

CONFIG_ZIGBEE_LIBRARY_PRODUCTION

If selected, the application will be linked with the latest, stable version of ZBOSS libraries. Please check NCS documentation in order to get the certification status of those libraries.

CONFIG_ZIGBEE_LIBRARY_SOC

The Zigbee stack, as well as the application is implemented on the SoC