1964f3b3bSDavid Howellsmenuconfig ASYMMETRIC_KEY_TYPE 2964f3b3bSDavid Howells tristate "Asymmetric (public-key cryptographic) key type" 3964f3b3bSDavid Howells depends on KEYS 4964f3b3bSDavid Howells help 5964f3b3bSDavid Howells This option provides support for a key type that holds the data for 6964f3b3bSDavid Howells the asymmetric keys used for public key cryptographic operations such 7964f3b3bSDavid Howells as encryption, decryption, signature generation and signature 8964f3b3bSDavid Howells verification. 9964f3b3bSDavid Howells 10964f3b3bSDavid Howellsif ASYMMETRIC_KEY_TYPE 11964f3b3bSDavid Howells 12a9681bf3SDavid Howellsconfig ASYMMETRIC_PUBLIC_KEY_SUBTYPE 13a9681bf3SDavid Howells tristate "Asymmetric public-key crypto algorithm subtype" 14a9681bf3SDavid Howells select MPILIB 15206ce59aSDavid Howells select PUBLIC_KEY_ALGO_RSA 163fe78ca2SDmitry Kasatkin select CRYPTO_HASH_INFO 17a9681bf3SDavid Howells help 18a9681bf3SDavid Howells This option provides support for asymmetric public key type handling. 19a9681bf3SDavid Howells If signature generation and/or verification are to be used, 20a9681bf3SDavid Howells appropriate hash algorithms (such as SHA-1) must be available. 21a9681bf3SDavid Howells ENOPKG will be reported if the requisite algorithm is unavailable. 22964f3b3bSDavid Howells 23612e0fe9SDavid Howellsconfig PUBLIC_KEY_ALGO_RSA 24612e0fe9SDavid Howells tristate "RSA public-key algorithm" 25612e0fe9SDavid Howells select MPILIB_EXTRA 26dbed7141SDavid Howells select MPILIB 27612e0fe9SDavid Howells help 28612e0fe9SDavid Howells This option enables support for the RSA algorithm (PKCS#1, RFC3447). 29612e0fe9SDavid Howells 30c26fd69fSDavid Howellsconfig X509_CERTIFICATE_PARSER 31c26fd69fSDavid Howells tristate "X.509 certificate parser" 32c26fd69fSDavid Howells depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE 33c26fd69fSDavid Howells select ASN1 34c26fd69fSDavid Howells select OID_REGISTRY 35c26fd69fSDavid Howells help 3645206986SDavid Howells This option provides support for parsing X.509 format blobs for key 37c26fd69fSDavid Howells data and provides the ability to instantiate a crypto key from a 38c26fd69fSDavid Howells public key packet found inside the certificate. 39c26fd69fSDavid Howells 402e3fadbfSDavid Howellsconfig PKCS7_MESSAGE_PARSER 412e3fadbfSDavid Howells tristate "PKCS#7 message parser" 422e3fadbfSDavid Howells depends on X509_CERTIFICATE_PARSER 432e3fadbfSDavid Howells select ASN1 442e3fadbfSDavid Howells select OID_REGISTRY 452e3fadbfSDavid Howells help 462e3fadbfSDavid Howells This option provides support for parsing PKCS#7 format messages for 472e3fadbfSDavid Howells signature data and provides the ability to verify the signature. 482e3fadbfSDavid Howells 4922d01afbSDavid Howellsconfig PKCS7_TEST_KEY 5022d01afbSDavid Howells tristate "PKCS#7 testing key type" 5122d01afbSDavid Howells depends on PKCS7_MESSAGE_PARSER 5222d01afbSDavid Howells select SYSTEM_TRUSTED_KEYRING 5322d01afbSDavid Howells help 5422d01afbSDavid Howells This option provides a type of key that can be loaded up from a 5522d01afbSDavid Howells PKCS#7 message - provided the message is signed by a trusted key. If 5622d01afbSDavid Howells it is, the PKCS#7 wrapper is discarded and reading the key returns 5722d01afbSDavid Howells just the payload. If it isn't, adding the key will fail with an 5822d01afbSDavid Howells error. 5922d01afbSDavid Howells 6022d01afbSDavid Howells This is intended for testing the PKCS#7 parser. 6122d01afbSDavid Howells 62*26d1164bSDavid Howellsconfig SIGNED_PE_FILE_VERIFICATION 63*26d1164bSDavid Howells bool "Support for PE file signature verification" 64*26d1164bSDavid Howells depends on PKCS7_MESSAGE_PARSER=y 65*26d1164bSDavid Howells select ASN1 66*26d1164bSDavid Howells select OID_REGISTRY 67*26d1164bSDavid Howells help 68*26d1164bSDavid Howells This option provides support for verifying the signature(s) on a 69*26d1164bSDavid Howells signed PE binary. 70*26d1164bSDavid Howells 71964f3b3bSDavid Howellsendif # ASYMMETRIC_KEY_TYPE 72