Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / e8dfef83c64c4d47123dc6e347f5d5f946ddfc3e / . / crypto / asymmetric_keys / Kconfig
blob: d8a73d94bb309a524e47cca954a66a55f385b1f4 [file] [log] [blame]
Greg Kroah-Hartmanb2441312017-11-01 15:07:57 +0100[diff] [blame]1# SPDX-License-Identifier: GPL-2.0
David Howells964f3b32012-09-13 15:17:21 +0100[diff] [blame]2menuconfig ASYMMETRIC_KEY_TYPE
David Howells99716b72016-04-06 16:14:26 +0100[diff] [blame]3 bool "Asymmetric (public-key cryptographic) key type"
David Howells964f3b32012-09-13 15:17:21 +0100[diff] [blame]4 depends on KEYS
5 help
6 This option provides support for a key type that holds the data for
7 the asymmetric keys used for public key cryptographic operations such
8 as encryption, decryption, signature generation and signature
9 verification.
10
11if ASYMMETRIC_KEY_TYPE
12
David Howellsa9681bf2012-09-21 23:24:55 +0100[diff] [blame]13config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
14 tristate "Asymmetric public-key crypto algorithm subtype"
15 select MPILIB
Dmitry Kasatkin3fe78ca2013-05-06 15:58:15 +0300[diff] [blame]16 select CRYPTO_HASH_INFO
Arnd Bergmannbad6a182016-05-18 16:55:56 +0200[diff] [blame]17 select CRYPTO_AKCIPHER
Arnd Bergmann03885972019-06-18 14:13:47 +0200[diff] [blame]18 select CRYPTO_HASH
David Howellsa9681bf2012-09-21 23:24:55 +0100[diff] [blame]19 help
20 This option provides support for asymmetric public key type handling.
21 If signature generation and/or verification are to be used,
22 appropriate hash algorithms (such as SHA-1) must be available.
23 ENOPKG will be reported if the requisite algorithm is unavailable.
David Howells964f3b32012-09-13 15:17:21 +0100[diff] [blame]24
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]25config X509_CERTIFICATE_PARSER
26 tristate "X.509 certificate parser"
27 depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
28 select ASN1
29 select OID_REGISTRY
30 help
David Howells45206982014-07-08 17:21:01 +0100[diff] [blame]31 This option provides support for parsing X.509 format blobs for key
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]32 data and provides the ability to instantiate a crypto key from a
33 public key packet found inside the certificate.
34
David Howells2e3fadb2014-07-01 16:40:19 +0100[diff] [blame]35config PKCS7_MESSAGE_PARSER
36 tristate "PKCS#7 message parser"
37 depends on X509_CERTIFICATE_PARSER
Arnd Bergmann03885972019-06-18 14:13:47 +0200[diff] [blame]38 select CRYPTO_HASH
David Howells2e3fadb2014-07-01 16:40:19 +0100[diff] [blame]39 select ASN1
40 select OID_REGISTRY
41 help
42 This option provides support for parsing PKCS#7 format messages for
43 signature data and provides the ability to verify the signature.
44
David Howells22d01af2014-07-01 19:06:18 +0100[diff] [blame]45config PKCS7_TEST_KEY
46 tristate "PKCS#7 testing key type"
David Howellse68503b2016-04-06 16:14:24 +0100[diff] [blame]47 depends on SYSTEM_DATA_VERIFICATION
David Howells22d01af2014-07-01 19:06:18 +0100[diff] [blame]48 help
49 This option provides a type of key that can be loaded up from a
50 PKCS#7 message - provided the message is signed by a trusted key. If
51 it is, the PKCS#7 wrapper is discarded and reading the key returns
52 just the payload. If it isn't, adding the key will fail with an
53 error.
54
55 This is intended for testing the PKCS#7 parser.
56
David Howells26d11642014-07-01 16:02:51 +0100[diff] [blame]57config SIGNED_PE_FILE_VERIFICATION
58 bool "Support for PE file signature verification"
59 depends on PKCS7_MESSAGE_PARSER=y
David Howellse68503b2016-04-06 16:14:24 +0100[diff] [blame]60 depends on SYSTEM_DATA_VERIFICATION
Arnd Bergmann03885972019-06-18 14:13:47 +0200[diff] [blame]61 select CRYPTO_HASH
David Howells26d11642014-07-01 16:02:51 +0100[diff] [blame]62 select ASN1
63 select OID_REGISTRY
64 help
65 This option provides support for verifying the signature(s) on a
66 signed PE binary.
67
David Howells964f3b32012-09-13 15:17:21 +0100[diff] [blame]68endif # ASYMMETRIC_KEY_TYPE