forked from Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
78 lines
2.5 KiB
78 lines
2.5 KiB
# SPDX-License-Identifier: GPL-2.0 |
|
menuconfig ASYMMETRIC_KEY_TYPE |
|
bool "Asymmetric (public-key cryptographic) key type" |
|
depends on KEYS |
|
help |
|
This option provides support for a key type that holds the data for |
|
the asymmetric keys used for public key cryptographic operations such |
|
as encryption, decryption, signature generation and signature |
|
verification. |
|
|
|
if ASYMMETRIC_KEY_TYPE |
|
|
|
config ASYMMETRIC_PUBLIC_KEY_SUBTYPE |
|
tristate "Asymmetric public-key crypto algorithm subtype" |
|
select MPILIB |
|
select CRYPTO_HASH_INFO |
|
select CRYPTO_AKCIPHER |
|
select CRYPTO_HASH |
|
help |
|
This option provides support for asymmetric public key type handling. |
|
If signature generation and/or verification are to be used, |
|
appropriate hash algorithms (such as SHA-1) must be available. |
|
ENOPKG will be reported if the requisite algorithm is unavailable. |
|
|
|
config X509_CERTIFICATE_PARSER |
|
tristate "X.509 certificate parser" |
|
depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE |
|
select ASN1 |
|
select OID_REGISTRY |
|
help |
|
This option provides support for parsing X.509 format blobs for key |
|
data and provides the ability to instantiate a crypto key from a |
|
public key packet found inside the certificate. |
|
|
|
config PKCS8_PRIVATE_KEY_PARSER |
|
tristate "PKCS#8 private key parser" |
|
depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE |
|
select ASN1 |
|
select OID_REGISTRY |
|
help |
|
This option provides support for parsing PKCS#8 format blobs for |
|
private key data and provides the ability to instantiate a crypto key |
|
from that data. |
|
|
|
config PKCS7_MESSAGE_PARSER |
|
tristate "PKCS#7 message parser" |
|
depends on X509_CERTIFICATE_PARSER |
|
select CRYPTO_HASH |
|
select ASN1 |
|
select OID_REGISTRY |
|
help |
|
This option provides support for parsing PKCS#7 format messages for |
|
signature data and provides the ability to verify the signature. |
|
|
|
config PKCS7_TEST_KEY |
|
tristate "PKCS#7 testing key type" |
|
depends on SYSTEM_DATA_VERIFICATION |
|
help |
|
This option provides a type of key that can be loaded up from a |
|
PKCS#7 message - provided the message is signed by a trusted key. If |
|
it is, the PKCS#7 wrapper is discarded and reading the key returns |
|
just the payload. If it isn't, adding the key will fail with an |
|
error. |
|
|
|
This is intended for testing the PKCS#7 parser. |
|
|
|
config SIGNED_PE_FILE_VERIFICATION |
|
bool "Support for PE file signature verification" |
|
depends on PKCS7_MESSAGE_PARSER=y |
|
depends on SYSTEM_DATA_VERIFICATION |
|
select CRYPTO_HASH |
|
select ASN1 |
|
select OID_REGISTRY |
|
help |
|
This option provides support for verifying the signature(s) on a |
|
signed PE binary. |
|
|
|
endif # ASYMMETRIC_KEY_TYPE
|
|
|