123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 |
- # SPDX-License-Identifier: GPL-2.0
- menuconfig ASYMMETRIC_KEY_TYPE
- bool "Asymmetric (public-key cryptographic) key type"
- depends on KEYS
- help
- This option provides support for a key type that holds the data for
- the asymmetric keys used for public key cryptographic operations such
- as encryption, decryption, signature generation and signature
- verification.
- if ASYMMETRIC_KEY_TYPE
- config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
- tristate "Asymmetric public-key crypto algorithm subtype"
- select MPILIB
- select CRYPTO_HASH_INFO
- select CRYPTO_AKCIPHER
- select CRYPTO_HASH
- help
- This option provides support for asymmetric public key type handling.
- If signature generation and/or verification are to be used,
- appropriate hash algorithms (such as SHA-1) must be available.
- ENOPKG will be reported if the requisite algorithm is unavailable.
- config X509_CERTIFICATE_PARSER
- tristate "X.509 certificate parser"
- depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
- select ASN1
- select OID_REGISTRY
- help
- This option provides support for parsing X.509 format blobs for key
- data and provides the ability to instantiate a crypto key from a
- public key packet found inside the certificate.
- config PKCS7_MESSAGE_PARSER
- tristate "PKCS#7 message parser"
- depends on X509_CERTIFICATE_PARSER
- select CRYPTO_HASH
- select ASN1
- select OID_REGISTRY
- help
- This option provides support for parsing PKCS#7 format messages for
- signature data and provides the ability to verify the signature.
- config PKCS7_TEST_KEY
- tristate "PKCS#7 testing key type"
- depends on SYSTEM_DATA_VERIFICATION
- help
- This option provides a type of key that can be loaded up from a
- PKCS#7 message - provided the message is signed by a trusted key. If
- it is, the PKCS#7 wrapper is discarded and reading the key returns
- just the payload. If it isn't, adding the key will fail with an
- error.
- This is intended for testing the PKCS#7 parser.
- config SIGNED_PE_FILE_VERIFICATION
- bool "Support for PE file signature verification"
- depends on PKCS7_MESSAGE_PARSER=y
- depends on SYSTEM_DATA_VERIFICATION
- select CRYPTO_HASH
- select ASN1
- select OID_REGISTRY
- help
- This option provides support for verifying the signature(s) on a
- signed PE binary.
- endif # ASYMMETRIC_KEY_TYPE
|