Training courses

Kernel and Embedded Linux

Bootlin training courses

Embedded Linux, kernel,
Yocto Project, Buildroot, real-time,
graphics, boot time, debugging...

Bootlin logo

Elixir Cross Referencer

Open Menu /crypto/asymmetric_keys/Kconfig 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
menuconfig CONFIG_ASYMMETRIC_KEY_TYPE
	bool "Asymmetric (public-key cryptographic) key type"
	depends on CONFIG_KEYS
	help
	  This option provides support for a key type that holds the data for
	  the asymmetric keys used for public key cryptographic operations such
	  as encryption, decryption, signature generation and signature
	  verification.

if CONFIG_ASYMMETRIC_KEY_TYPE

config CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	tristate "Asymmetric public-key crypto algorithm subtype"
	select CONFIG_MPILIB
	select CONFIG_CRYPTO_HASH_INFO
	select CONFIG_CRYPTO_AKCIPHER
	help
	  This option provides support for asymmetric public key type handling.
	  If signature generation and/or verification are to be used,
	  appropriate hash algorithms (such as SHA-1) must be available.
	  ENOPKG will be reported if the requisite algorithm is unavailable.

config CONFIG_X509_CERTIFICATE_PARSER
	tristate "X.509 certificate parser"
	depends on CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	select CONFIG_ASN1
	select CONFIG_OID_REGISTRY
	help
	  This option provides support for parsing X.509 format blobs for key
	  data and provides the ability to instantiate a crypto key from a
	  public key packet found inside the certificate.

config CONFIG_PKCS7_MESSAGE_PARSER
	tristate "PKCS#7 message parser"
	depends on CONFIG_X509_CERTIFICATE_PARSER
	select CONFIG_ASN1
	select CONFIG_OID_REGISTRY
	help
	  This option provides support for parsing PKCS#7 format messages for
	  signature data and provides the ability to verify the signature.

config CONFIG_PKCS7_TEST_KEY
	tristate "PKCS#7 testing key type"
	depends on CONFIG_SYSTEM_DATA_VERIFICATION
	help
	  This option provides a type of key that can be loaded up from a
	  PKCS#7 message - provided the message is signed by a trusted key.  If
	  it is, the PKCS#7 wrapper is discarded and reading the key returns
	  just the payload.  If it isn't, adding the key will fail with an
	  error.

	  This is intended for testing the PKCS#7 parser.

config CONFIG_SIGNED_PE_FILE_VERIFICATION
	bool "Support for PE file signature verification"
	depends on CONFIG_PKCS7_MESSAGE_PARSER=y
	depends on CONFIG_SYSTEM_DATA_VERIFICATION
	select CONFIG_ASN1
	select CONFIG_OID_REGISTRY
	help
	  This option provides support for verifying the signature(s) on a
	  signed PE binary.

endif # CONFIG_ASYMMETRIC_KEY_TYPE