[thirdparty/u-boot.git] / lib / rsa / Kconfig

config RSA
	bool "Use RSA Library"
	select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5
	select RSA_ASPEED_EXP if ASPEED_ACRY
	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && !RSA_ASPEED_EXP
	help
	  RSA support. This enables the RSA algorithm used for FIT image
	  verification in U-Boot.
	  See doc/uImage.FIT/signature.txt for more details.
	  The Modular Exponentiation algorithm in RSA is implemented using
	  driver model. So CONFIG_DM needs to be enabled by default for this
	  library to function.
	  The signing part is build into mkimage regardless of this
	  option. The software based modular exponentiation is built into
	  mkimage irrespective of this option.

if RSA

config SPL_RSA
	bool "Use RSA Library within SPL"
	depends on SPL

config SPL_RSA_VERIFY
	bool
	depends on SPL_RSA
	help
	  Add RSA signature verification support in SPL.

config RSA_VERIFY
	bool
	help
	  Add RSA signature verification support.

config RSA_VERIFY_WITH_PKEY
	bool "Execute RSA verification without key parameters from FDT"
	select RSA_VERIFY
	select ASYMMETRIC_KEY_TYPE
	select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	select RSA_PUBLIC_KEY_PARSER
	help
	  The standard RSA-signature verification code (FIT_SIGNATURE) uses
	  pre-calculated key properties, that are stored in fdt blob, in
	  decrypting a signature.
	  This does not suit the use case where there is no way defined to
	  provide such additional key properties in standardized form,
	  particularly UEFI secure boot.
	  This options enables RSA signature verification with a public key
	  directly specified in image_sign_info, where all the necessary
	  key properties will be calculated on the fly in verification code.

config SPL_RSA_VERIFY_WITH_PKEY
	bool "Execute RSA verification without key parameters from FDT within SPL"
	depends on SPL
	select SPL_RSA_VERIFY
	select SPL_ASYMMETRIC_KEY_TYPE
	select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	select SPL_RSA_PUBLIC_KEY_PARSER
	help
	  The standard RSA-signature verification code (FIT_SIGNATURE) uses
	  pre-calculated key properties, that are stored in fdt blob, in
	  decrypting a signature.
	  This does not suit the use case where there is no way defined to
	  provide such additional key properties in standardized form,
	  particularly UEFI secure boot.
	  This options enables RSA signature verification with a public key
	  directly specified in image_sign_info, where all the necessary
	  key properties will be calculated on the fly in verification code
	  in the SPL.

config RSA_SOFTWARE_EXP
	bool "Enable driver for RSA Modular Exponentiation in software"
	depends on DM
	help
	  Enables driver for modular exponentiation in software. This is a RSA
	  algorithm used in FIT image verification. It required RSA Key as
	  input.
	  See doc/uImage.FIT/signature.txt for more details.

config RSA_FREESCALE_EXP
	bool "Enable RSA Modular Exponentiation with FSL crypto accelerator"
	depends on DM && FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5
	help
	Enables driver for RSA modular exponentiation using Freescale cryptographic
	accelerator - CAAM.

config RSA_ASPEED_EXP
	bool "Enable RSA Modular Exponentiation with ASPEED crypto accelerator"
	depends on DM && ASPEED_ACRY
	help
	Enables driver for RSA modular exponentiation using ASPEED cryptographic
	accelerator - ACRY

endif
Commit	Line	Data
d9f23c7f RG	1	config RSA
d9f23c7f RG	2	bool "Use RSA Library"
7ce83854	3	select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5
89c36cca CWW	4	select RSA_ASPEED_EXP if ASPEED_ACRY
89c36cca CWW	5	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && !RSA_ASPEED_EXP
d9f23c7f RG	6	help
	7	RSA support. This enables the RSA algorithm used for FIT image
	8	verification in U-Boot.
	9	See doc/uImage.FIT/signature.txt for more details.
73223f0e SG	10	The Modular Exponentiation algorithm in RSA is implemented using
	11	driver model. So CONFIG_DM needs to be enabled by default for this
	12	library to function.
	13	The signing part is build into mkimage regardless of this
	14	option. The software based modular exponentiation is built into
	15	mkimage irrespective of this option.
d9f23c7f	16
39883af3 ER	17	if RSA
39883af3 ER	18
51c14cd1 TR	19	config SPL_RSA
51c14cd1 TR	20	bool "Use RSA Library within SPL"
b340199f	21	depends on SPL
51c14cd1	22
b983cc2d AT	23	config SPL_RSA_VERIFY
b983cc2d AT	24	bool
d4f05b31	25	depends on SPL_RSA
b983cc2d AT	26	help
	27	Add RSA signature verification support in SPL.
	28
	29	config RSA_VERIFY
	30	bool
	31	help
	32	Add RSA signature verification support.
	33
dd89f5b0 AT	34	config RSA_VERIFY_WITH_PKEY
	35	bool "Execute RSA verification without key parameters from FDT"
	36	select RSA_VERIFY
e0d310b0 AT	37	select ASYMMETRIC_KEY_TYPE
	38	select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	39	select RSA_PUBLIC_KEY_PARSER
dd89f5b0 AT	40	help
	41	The standard RSA-signature verification code (FIT_SIGNATURE) uses
	42	pre-calculated key properties, that are stored in fdt blob, in
	43	decrypting a signature.
	44	This does not suit the use case where there is no way defined to
	45	provide such additional key properties in standardized form,
	46	particularly UEFI secure boot.
	47	This options enables RSA signature verification with a public key
	48	directly specified in image_sign_info, where all the necessary
	49	key properties will be calculated on the fly in verification code.
	50
f6bacf1d PR	51	config SPL_RSA_VERIFY_WITH_PKEY
	52	bool "Execute RSA verification without key parameters from FDT within SPL"
	53	depends on SPL
	54	select SPL_RSA_VERIFY
	55	select SPL_ASYMMETRIC_KEY_TYPE
	56	select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	57	select SPL_RSA_PUBLIC_KEY_PARSER
	58	help
	59	The standard RSA-signature verification code (FIT_SIGNATURE) uses
	60	pre-calculated key properties, that are stored in fdt blob, in
	61	decrypting a signature.
	62	This does not suit the use case where there is no way defined to
	63	provide such additional key properties in standardized form,
	64	particularly UEFI secure boot.
	65	This options enables RSA signature verification with a public key
	66	directly specified in image_sign_info, where all the necessary
	67	key properties will be calculated on the fly in verification code
	68	in the SPL.
	69
d9f23c7f RG	70	config RSA_SOFTWARE_EXP
d9f23c7f RG	71	bool "Enable driver for RSA Modular Exponentiation in software"
39883af3	72	depends on DM
d9f23c7f RG	73	help
	74	Enables driver for modular exponentiation in software. This is a RSA
	75	algorithm used in FIT image verification. It required RSA Key as
	76	input.
	77	See doc/uImage.FIT/signature.txt for more details.
	78
	79	config RSA_FREESCALE_EXP
	80	bool "Enable RSA Modular Exponentiation with FSL crypto accelerator"
7ce83854	81	depends on DM && FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5
d9f23c7f RG	82	help
	83	Enables driver for RSA modular exponentiation using Freescale cryptographic
	84	accelerator - CAAM.
	85
89c36cca CWW	86	config RSA_ASPEED_EXP
	87	bool "Enable RSA Modular Exponentiation with ASPEED crypto accelerator"
	88	depends on DM && ASPEED_ACRY
	89	help
	90	Enables driver for RSA modular exponentiation using ASPEED cryptographic
	91	accelerator - ACRY
	92
d9f23c7f	93	endif