mirror of https://github.com/Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.0 KiB
38 lines
1.0 KiB
config TRUSTED_KEYS_TPM |
|
bool "TPM-based trusted keys" |
|
depends on TCG_TPM >= TRUSTED_KEYS |
|
default y |
|
select CRYPTO |
|
select CRYPTO_HMAC |
|
select CRYPTO_SHA1 |
|
select CRYPTO_HASH_INFO |
|
select ASN1_ENCODER |
|
select OID_REGISTRY |
|
select ASN1 |
|
help |
|
Enable use of the Trusted Platform Module (TPM) as trusted key |
|
backend. Trusted keys are random number symmetric keys, |
|
which will be generated and RSA-sealed by the TPM. |
|
The TPM only unseals the keys, if the boot PCRs and other |
|
criteria match. |
|
|
|
config TRUSTED_KEYS_TEE |
|
bool "TEE-based trusted keys" |
|
depends on TEE >= TRUSTED_KEYS |
|
default y |
|
help |
|
Enable use of the Trusted Execution Environment (TEE) as trusted |
|
key backend. |
|
|
|
config TRUSTED_KEYS_CAAM |
|
bool "CAAM-based trusted keys" |
|
depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS |
|
select CRYPTO_DEV_FSL_CAAM_BLOB_GEN |
|
default y |
|
help |
|
Enable use of NXP's Cryptographic Accelerator and Assurance Module |
|
(CAAM) as trusted key backend. |
|
|
|
if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE && !TRUSTED_KEYS_CAAM |
|
comment "No trust source selected!" |
|
endif
|
|
|