1config HAVE_TRUSTED_KEYS 2 bool 3 4config TRUSTED_KEYS_TPM 5 bool "TPM-based trusted keys" 6 depends on TCG_TPM >= TRUSTED_KEYS 7 default y 8 select CRYPTO_HASH_INFO 9 select CRYPTO_LIB_SHA1 10 select CRYPTO_LIB_UTILS 11 select ASN1_ENCODER 12 select OID_REGISTRY 13 select ASN1 14 select HAVE_TRUSTED_KEYS 15 help 16 Enable use of the Trusted Platform Module (TPM) as trusted key 17 backend. Trusted keys are random number symmetric keys, 18 which will be generated and RSA-sealed by the TPM. 19 The TPM only unseals the keys, if the boot PCRs and other 20 criteria match. 21 22config TRUSTED_KEYS_TEE 23 bool "TEE-based trusted keys" 24 depends on TEE >= TRUSTED_KEYS 25 default y 26 select HAVE_TRUSTED_KEYS 27 help 28 Enable use of the Trusted Execution Environment (TEE) as trusted 29 key backend. 30 31config TRUSTED_KEYS_CAAM 32 bool "CAAM-based trusted keys" 33 depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS 34 select CRYPTO_DEV_FSL_CAAM_BLOB_GEN 35 default y 36 select HAVE_TRUSTED_KEYS 37 help 38 Enable use of NXP's Cryptographic Accelerator and Assurance Module 39 (CAAM) as trusted key backend. 40 41config TRUSTED_KEYS_DCP 42 bool "DCP-based trusted keys" 43 depends on CRYPTO_DEV_MXS_DCP >= TRUSTED_KEYS 44 default y 45 select HAVE_TRUSTED_KEYS 46 help 47 Enable use of NXP's DCP (Data Co-Processor) as trusted key backend. 48 49if !HAVE_TRUSTED_KEYS 50 comment "No trust source selected!" 51endif 52