summaryrefslogtreecommitdiffstats
path: root/crypto/asymmetric_keys/Kconfig
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/asymmetric_keys/Kconfig')
-rw-r--r--crypto/asymmetric_keys/Kconfig99
1 files changed, 99 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig
new file mode 100644
index 000000000..1f1f004dc
--- /dev/null
+++ b/crypto/asymmetric_keys/Kconfig
@@ -0,0 +1,99 @@
+# SPDX-License-Identifier: GPL-2.0
+menuconfig ASYMMETRIC_KEY_TYPE
+ bool "Asymmetric (public-key cryptographic) key type"
+ depends on KEYS
+ help
+ This option provides support for a key type that holds the data for
+ the asymmetric keys used for public key cryptographic operations such
+ as encryption, decryption, signature generation and signature
+ verification.
+
+if ASYMMETRIC_KEY_TYPE
+
+config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ tristate "Asymmetric public-key crypto algorithm subtype"
+ select MPILIB
+ select CRYPTO_HASH_INFO
+ select CRYPTO_AKCIPHER
+ select CRYPTO_HASH
+ help
+ This option provides support for asymmetric public key type handling.
+ If signature generation and/or verification are to be used,
+ appropriate hash algorithms (such as SHA-1) must be available.
+ ENOPKG will be reported if the requisite algorithm is unavailable.
+
+config ASYMMETRIC_TPM_KEY_SUBTYPE
+ tristate "Asymmetric TPM backed private key subtype"
+ depends on TCG_TPM
+ depends on TRUSTED_KEYS
+ select CRYPTO_HMAC
+ select CRYPTO_SHA1
+ select CRYPTO_HASH_INFO
+ help
+ This option provides support for TPM backed private key type handling.
+ Operations such as sign, verify, encrypt, decrypt are performed by
+ the TPM after the private key is loaded.
+
+config X509_CERTIFICATE_PARSER
+ tristate "X.509 certificate parser"
+ depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select ASN1
+ select OID_REGISTRY
+ help
+ This option provides support for parsing X.509 format blobs for key
+ data and provides the ability to instantiate a crypto key from a
+ public key packet found inside the certificate.
+
+config PKCS8_PRIVATE_KEY_PARSER
+ tristate "PKCS#8 private key parser"
+ depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select ASN1
+ select OID_REGISTRY
+ help
+ This option provides support for parsing PKCS#8 format blobs for
+ private key data and provides the ability to instantiate a crypto key
+ from that data.
+
+config TPM_KEY_PARSER
+ tristate "TPM private key parser"
+ depends on ASYMMETRIC_TPM_KEY_SUBTYPE
+ select ASN1
+ help
+ This option provides support for parsing TPM format blobs for
+ private key data and provides the ability to instantiate a crypto key
+ from that data.
+
+config PKCS7_MESSAGE_PARSER
+ tristate "PKCS#7 message parser"
+ depends on X509_CERTIFICATE_PARSER
+ select CRYPTO_HASH
+ select ASN1
+ select OID_REGISTRY
+ help
+ This option provides support for parsing PKCS#7 format messages for
+ signature data and provides the ability to verify the signature.
+
+config PKCS7_TEST_KEY
+ tristate "PKCS#7 testing key type"
+ depends on SYSTEM_DATA_VERIFICATION
+ help
+ This option provides a type of key that can be loaded up from a
+ PKCS#7 message - provided the message is signed by a trusted key. If
+ it is, the PKCS#7 wrapper is discarded and reading the key returns
+ just the payload. If it isn't, adding the key will fail with an
+ error.
+
+ This is intended for testing the PKCS#7 parser.
+
+config SIGNED_PE_FILE_VERIFICATION
+ bool "Support for PE file signature verification"
+ depends on PKCS7_MESSAGE_PARSER=y
+ depends on SYSTEM_DATA_VERIFICATION
+ select CRYPTO_HASH
+ select ASN1
+ select OID_REGISTRY
+ help
+ This option provides support for verifying the signature(s) on a
+ signed PE binary.
+
+endif # ASYMMETRIC_KEY_TYPE
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-13 18:35:31 +0000