Kconfig - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
Kconfig (2916B)
      1# SPDX-License-Identifier: GPL-2.0
      2menuconfig ASYMMETRIC_KEY_TYPE
      3	bool "Asymmetric (public-key cryptographic) key type"
      4	depends on KEYS
      5	help
      6	  This option provides support for a key type that holds the data for
      7	  the asymmetric keys used for public key cryptographic operations such
      8	  as encryption, decryption, signature generation and signature
      9	  verification.
     10
     11if ASYMMETRIC_KEY_TYPE
     12
     13config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
     14	tristate "Asymmetric public-key crypto algorithm subtype"
     15	select MPILIB
     16	select CRYPTO_HASH_INFO
     17	select CRYPTO_AKCIPHER
     18	select CRYPTO_HASH
     19	help
     20	  This option provides support for asymmetric public key type handling.
     21	  If signature generation and/or verification are to be used,
     22	  appropriate hash algorithms (such as SHA-1) must be available.
     23	  ENOPKG will be reported if the requisite algorithm is unavailable.
     24
     25config X509_CERTIFICATE_PARSER
     26	tristate "X.509 certificate parser"
     27	depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
     28	select ASN1
     29	select OID_REGISTRY
     30	help
     31	  This option provides support for parsing X.509 format blobs for key
     32	  data and provides the ability to instantiate a crypto key from a
     33	  public key packet found inside the certificate.
     34
     35config PKCS8_PRIVATE_KEY_PARSER
     36	tristate "PKCS#8 private key parser"
     37	depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
     38	select ASN1
     39	select OID_REGISTRY
     40	help
     41	  This option provides support for parsing PKCS#8 format blobs for
     42	  private key data and provides the ability to instantiate a crypto key
     43	  from that data.
     44
     45config PKCS7_MESSAGE_PARSER
     46	tristate "PKCS#7 message parser"
     47	depends on X509_CERTIFICATE_PARSER
     48	select CRYPTO_HASH
     49	select ASN1
     50	select OID_REGISTRY
     51	help
     52	  This option provides support for parsing PKCS#7 format messages for
     53	  signature data and provides the ability to verify the signature.
     54
     55config PKCS7_TEST_KEY
     56	tristate "PKCS#7 testing key type"
     57	depends on SYSTEM_DATA_VERIFICATION
     58	help
     59	  This option provides a type of key that can be loaded up from a
     60	  PKCS#7 message - provided the message is signed by a trusted key.  If
     61	  it is, the PKCS#7 wrapper is discarded and reading the key returns
     62	  just the payload.  If it isn't, adding the key will fail with an
     63	  error.
     64
     65	  This is intended for testing the PKCS#7 parser.
     66
     67config SIGNED_PE_FILE_VERIFICATION
     68	bool "Support for PE file signature verification"
     69	depends on PKCS7_MESSAGE_PARSER=y
     70	depends on SYSTEM_DATA_VERIFICATION
     71	select CRYPTO_HASH
     72	select ASN1
     73	select OID_REGISTRY
     74	help
     75	  This option provides support for verifying the signature(s) on a
     76	  signed PE binary.
     77
     78config FIPS_SIGNATURE_SELFTEST
     79	bool "Run FIPS selftests on the X.509+PKCS7 signature verification"
     80	help
     81	  This option causes some selftests to be run on the signature
     82	  verification code, using some built in data.  This is required
     83	  for FIPS.
     84	depends on KEYS
     85	depends on ASYMMETRIC_KEY_TYPE
     86	depends on PKCS7_MESSAGE_PARSER
     87
     88endif # ASYMMETRIC_KEY_TYPE