1 menuconfig ASYMMETRIC_KEY_TYPE
2 bool "Asymmetric (public-key cryptographic) key type"
5 This option provides support for a key type that holds the data for
6 the asymmetric keys used for public key cryptographic operations such
7 as encryption, decryption, signature generation and signature
10 if ASYMMETRIC_KEY_TYPE
12 config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
13 tristate "Asymmetric public-key crypto algorithm subtype"
15 select CRYPTO_HASH_INFO
16 select CRYPTO_AKCIPHER
19 This option provides support for asymmetric public key type handling.
20 If signature generation and/or verification are to be used,
21 appropriate hash algorithms (such as SHA-1) must be available.
22 ENOPKG will be reported if the requisite algorithm is unavailable.
24 config X509_CERTIFICATE_PARSER
25 tristate "X.509 certificate parser"
26 depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
30 This option provides support for parsing X.509 format blobs for key
31 data and provides the ability to instantiate a crypto key from a
32 public key packet found inside the certificate.
34 config PKCS7_MESSAGE_PARSER
35 tristate "PKCS#7 message parser"
36 depends on X509_CERTIFICATE_PARSER
41 This option provides support for parsing PKCS#7 format messages for
42 signature data and provides the ability to verify the signature.
45 tristate "PKCS#7 testing key type"
46 depends on SYSTEM_DATA_VERIFICATION
48 This option provides a type of key that can be loaded up from a
49 PKCS#7 message - provided the message is signed by a trusted key. If
50 it is, the PKCS#7 wrapper is discarded and reading the key returns
51 just the payload. If it isn't, adding the key will fail with an
54 This is intended for testing the PKCS#7 parser.
56 config SIGNED_PE_FILE_VERIFICATION
57 bool "Support for PE file signature verification"
58 depends on PKCS7_MESSAGE_PARSER=y
59 depends on SYSTEM_DATA_VERIFICATION
64 This option provides support for verifying the signature(s) on a
67 endif # ASYMMETRIC_KEY_TYPE