1 menuconfig ASYMMETRIC_KEY_TYPE
2 tristate "Asymmetric (public-key cryptographic) key type"
5 This option provides support for a key type that holds the data for
6 the asymmetric keys used for public key cryptographic operations such
7 as encryption, decryption, signature generation and signature
10 if ASYMMETRIC_KEY_TYPE
12 config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
13 tristate "Asymmetric public-key crypto algorithm subtype"
15 select PUBLIC_KEY_ALGO_RSA
16 select CRYPTO_HASH_INFO
17 select CRYPTO_AKCIPHER
19 This option provides support for asymmetric public key type handling.
20 If signature generation and/or verification are to be used,
21 appropriate hash algorithms (such as SHA-1) must be available.
22 ENOPKG will be reported if the requisite algorithm is unavailable.
24 config PUBLIC_KEY_ALGO_RSA
25 tristate "RSA public-key algorithm"
28 This option enables support for the RSA algorithm (PKCS#1, RFC3447).
30 config X509_CERTIFICATE_PARSER
31 tristate "X.509 certificate parser"
32 depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
36 This option provides support for parsing X.509 format blobs for key
37 data and provides the ability to instantiate a crypto key from a
38 public key packet found inside the certificate.
40 config PKCS7_MESSAGE_PARSER
41 tristate "PKCS#7 message parser"
42 depends on X509_CERTIFICATE_PARSER
46 This option provides support for parsing PKCS#7 format messages for
47 signature data and provides the ability to verify the signature.
50 tristate "PKCS#7 testing key type"
51 depends on PKCS7_MESSAGE_PARSER
52 select SYSTEM_TRUSTED_KEYRING
54 This option provides a type of key that can be loaded up from a
55 PKCS#7 message - provided the message is signed by a trusted key. If
56 it is, the PKCS#7 wrapper is discarded and reading the key returns
57 just the payload. If it isn't, adding the key will fail with an
60 This is intended for testing the PKCS#7 parser.
62 config SIGNED_PE_FILE_VERIFICATION
63 bool "Support for PE file signature verification"
64 depends on PKCS7_MESSAGE_PARSER=y
68 This option provides support for verifying the signature(s) on a
71 endif # ASYMMETRIC_KEY_TYPE