1964f3b3bSDavid Howellsmenuconfig ASYMMETRIC_KEY_TYPE 2*99716b7cSDavid Howells bool "Asymmetric (public-key cryptographic) key type" 3964f3b3bSDavid Howells depends on KEYS 4964f3b3bSDavid Howells help 5964f3b3bSDavid Howells This option provides support for a key type that holds the data for 6964f3b3bSDavid Howells the asymmetric keys used for public key cryptographic operations such 7964f3b3bSDavid Howells as encryption, decryption, signature generation and signature 8964f3b3bSDavid Howells verification. 9964f3b3bSDavid Howells 10964f3b3bSDavid Howellsif ASYMMETRIC_KEY_TYPE 11964f3b3bSDavid Howells 12a9681bf3SDavid Howellsconfig ASYMMETRIC_PUBLIC_KEY_SUBTYPE 13a9681bf3SDavid Howells tristate "Asymmetric public-key crypto algorithm subtype" 14a9681bf3SDavid Howells select MPILIB 153fe78ca2SDmitry Kasatkin select CRYPTO_HASH_INFO 16a9681bf3SDavid Howells help 17a9681bf3SDavid Howells This option provides support for asymmetric public key type handling. 18a9681bf3SDavid Howells If signature generation and/or verification are to be used, 19a9681bf3SDavid Howells appropriate hash algorithms (such as SHA-1) must be available. 20a9681bf3SDavid Howells ENOPKG will be reported if the requisite algorithm is unavailable. 21964f3b3bSDavid Howells 22c26fd69fSDavid Howellsconfig X509_CERTIFICATE_PARSER 23c26fd69fSDavid Howells tristate "X.509 certificate parser" 24c26fd69fSDavid Howells depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE 25c26fd69fSDavid Howells select ASN1 26c26fd69fSDavid Howells select OID_REGISTRY 27c26fd69fSDavid Howells help 2845206986SDavid Howells This option provides support for parsing X.509 format blobs for key 29c26fd69fSDavid Howells data and provides the ability to instantiate a crypto key from a 30c26fd69fSDavid Howells public key packet found inside the certificate. 31c26fd69fSDavid Howells 322e3fadbfSDavid Howellsconfig PKCS7_MESSAGE_PARSER 332e3fadbfSDavid Howells tristate "PKCS#7 message parser" 342e3fadbfSDavid Howells depends on X509_CERTIFICATE_PARSER 352e3fadbfSDavid Howells select ASN1 362e3fadbfSDavid Howells select OID_REGISTRY 372e3fadbfSDavid Howells help 382e3fadbfSDavid Howells This option provides support for parsing PKCS#7 format messages for 392e3fadbfSDavid Howells signature data and provides the ability to verify the signature. 402e3fadbfSDavid Howells 4122d01afbSDavid Howellsconfig PKCS7_TEST_KEY 4222d01afbSDavid Howells tristate "PKCS#7 testing key type" 43e68503bdSDavid Howells depends on SYSTEM_DATA_VERIFICATION 4422d01afbSDavid Howells help 4522d01afbSDavid Howells This option provides a type of key that can be loaded up from a 4622d01afbSDavid Howells PKCS#7 message - provided the message is signed by a trusted key. If 4722d01afbSDavid Howells it is, the PKCS#7 wrapper is discarded and reading the key returns 4822d01afbSDavid Howells just the payload. If it isn't, adding the key will fail with an 4922d01afbSDavid Howells error. 5022d01afbSDavid Howells 5122d01afbSDavid Howells This is intended for testing the PKCS#7 parser. 5222d01afbSDavid Howells 5326d1164bSDavid Howellsconfig SIGNED_PE_FILE_VERIFICATION 5426d1164bSDavid Howells bool "Support for PE file signature verification" 5526d1164bSDavid Howells depends on PKCS7_MESSAGE_PARSER=y 56e68503bdSDavid Howells depends on SYSTEM_DATA_VERIFICATION 5726d1164bSDavid Howells select ASN1 5826d1164bSDavid Howells select OID_REGISTRY 5926d1164bSDavid Howells help 6026d1164bSDavid Howells This option provides support for verifying the signature(s) on a 6126d1164bSDavid Howells signed PE binary. 6226d1164bSDavid Howells 63964f3b3bSDavid Howellsendif # ASYMMETRIC_KEY_TYPE 64