[linux-2.6-block.git] / security / keys / trusted-keys / Kconfig

config HAVE_TRUSTED_KEYS
	bool

config TRUSTED_KEYS_TPM
	bool "TPM-based trusted keys"
	depends on TCG_TPM >= TRUSTED_KEYS
	default y
	select CRYPTO
	select CRYPTO_HMAC
	select CRYPTO_SHA1
	select CRYPTO_HASH_INFO
	select ASN1_ENCODER
	select OID_REGISTRY
	select ASN1
	select HAVE_TRUSTED_KEYS
	help
	  Enable use of the Trusted Platform Module (TPM) as trusted key
	  backend. Trusted keys are random number symmetric keys,
	  which will be generated and RSA-sealed by the TPM.
	  The TPM only unseals the keys, if the boot PCRs and other
	  criteria match.

config TRUSTED_KEYS_TEE
	bool "TEE-based trusted keys"
	depends on TEE >= TRUSTED_KEYS
	default y
	select HAVE_TRUSTED_KEYS
	help
	  Enable use of the Trusted Execution Environment (TEE) as trusted
	  key backend.

config TRUSTED_KEYS_CAAM
	bool "CAAM-based trusted keys"
	depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS
	select CRYPTO_DEV_FSL_CAAM_BLOB_GEN
	default y
	select HAVE_TRUSTED_KEYS
	help
	  Enable use of NXP's Cryptographic Accelerator and Assurance Module
	  (CAAM) as trusted key backend.

config TRUSTED_KEYS_DCP
	bool "DCP-based trusted keys"
	depends on CRYPTO_DEV_MXS_DCP >= TRUSTED_KEYS
	default y
	select HAVE_TRUSTED_KEYS
	help
	  Enable use of NXP's DCP (Data Co-Processor) as trusted key backend.

if !HAVE_TRUSTED_KEYS
	comment "No trust source selected!"
endif
Commit	Line	Data
633cb72f DG	1	config HAVE_TRUSTED_KEYS
	2	bool
	3
be07858f AF	4	config TRUSTED_KEYS_TPM
	5	bool "TPM-based trusted keys"
	6	depends on TCG_TPM >= TRUSTED_KEYS
	7	default y
	8	select CRYPTO
	9	select CRYPTO_HMAC
	10	select CRYPTO_SHA1
	11	select CRYPTO_HASH_INFO
	12	select ASN1_ENCODER
	13	select OID_REGISTRY
	14	select ASN1
633cb72f	15	select HAVE_TRUSTED_KEYS
be07858f AF	16	help
	17	Enable use of the Trusted Platform Module (TPM) as trusted key
	18	backend. Trusted keys are random number symmetric keys,
	19	which will be generated and RSA-sealed by the TPM.
	20	The TPM only unseals the keys, if the boot PCRs and other
	21	criteria match.
	22
	23	config TRUSTED_KEYS_TEE
	24	bool "TEE-based trusted keys"
	25	depends on TEE >= TRUSTED_KEYS
	26	default y
633cb72f	27	select HAVE_TRUSTED_KEYS
be07858f AF	28	help
	29	Enable use of the Trusted Execution Environment (TEE) as trusted
	30	key backend.
	31
e9c5048c AF	32	config TRUSTED_KEYS_CAAM
	33	bool "CAAM-based trusted keys"
	34	depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS
	35	select CRYPTO_DEV_FSL_CAAM_BLOB_GEN
	36	default y
633cb72f	37	select HAVE_TRUSTED_KEYS
e9c5048c AF	38	help
	39	Enable use of NXP's Cryptographic Accelerator and Assurance Module
	40	(CAAM) as trusted key backend.
	41
2e8a0f40 DG	42	config TRUSTED_KEYS_DCP
	43	bool "DCP-based trusted keys"
	44	depends on CRYPTO_DEV_MXS_DCP >= TRUSTED_KEYS
	45	default y
	46	select HAVE_TRUSTED_KEYS
	47	help
	48	Enable use of NXP's DCP (Data Co-Processor) as trusted key backend.
	49
633cb72f DG	50	if !HAVE_TRUSTED_KEYS
633cb72f DG	51	comment "No trust source selected!"
be07858f	52	endif