Commit | Line | Data |
---|---|---|
633cb72f DG |
1 | config HAVE_TRUSTED_KEYS |
2 | bool | |
3 | ||
be07858f AF |
4 | config TRUSTED_KEYS_TPM |
5 | bool "TPM-based trusted keys" | |
6 | depends on TCG_TPM >= TRUSTED_KEYS | |
7 | default y | |
8 | select CRYPTO | |
9 | select CRYPTO_HMAC | |
10 | select CRYPTO_SHA1 | |
11 | select CRYPTO_HASH_INFO | |
12 | select ASN1_ENCODER | |
13 | select OID_REGISTRY | |
14 | select ASN1 | |
633cb72f | 15 | select HAVE_TRUSTED_KEYS |
be07858f AF |
16 | help |
17 | Enable use of the Trusted Platform Module (TPM) as trusted key | |
18 | backend. Trusted keys are random number symmetric keys, | |
19 | which will be generated and RSA-sealed by the TPM. | |
20 | The TPM only unseals the keys, if the boot PCRs and other | |
21 | criteria match. | |
22 | ||
23 | config TRUSTED_KEYS_TEE | |
24 | bool "TEE-based trusted keys" | |
25 | depends on TEE >= TRUSTED_KEYS | |
26 | default y | |
633cb72f | 27 | select HAVE_TRUSTED_KEYS |
be07858f AF |
28 | help |
29 | Enable use of the Trusted Execution Environment (TEE) as trusted | |
30 | key backend. | |
31 | ||
e9c5048c AF |
32 | config TRUSTED_KEYS_CAAM |
33 | bool "CAAM-based trusted keys" | |
34 | depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS | |
35 | select CRYPTO_DEV_FSL_CAAM_BLOB_GEN | |
36 | default y | |
633cb72f | 37 | select HAVE_TRUSTED_KEYS |
e9c5048c AF |
38 | help |
39 | Enable use of NXP's Cryptographic Accelerator and Assurance Module | |
40 | (CAAM) as trusted key backend. | |
41 | ||
2e8a0f40 DG |
42 | config TRUSTED_KEYS_DCP |
43 | bool "DCP-based trusted keys" | |
44 | depends on CRYPTO_DEV_MXS_DCP >= TRUSTED_KEYS | |
45 | default y | |
46 | select HAVE_TRUSTED_KEYS | |
47 | help | |
48 | Enable use of NXP's DCP (Data Co-Processor) as trusted key backend. | |
49 | ||
633cb72f DG |
50 | if !HAVE_TRUSTED_KEYS |
51 | comment "No trust source selected!" | |
be07858f | 52 | endif |