]>
Commit | Line | Data |
---|---|---|
d9f23c7f RG |
1 | config RSA |
2 | bool "Use RSA Library" | |
7ce83854 | 3 | select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5 |
89c36cca CWW |
4 | select RSA_ASPEED_EXP if ASPEED_ACRY |
5 | select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && !RSA_ASPEED_EXP | |
d9f23c7f RG |
6 | help |
7 | RSA support. This enables the RSA algorithm used for FIT image | |
8 | verification in U-Boot. | |
9 | See doc/uImage.FIT/signature.txt for more details. | |
73223f0e SG |
10 | The Modular Exponentiation algorithm in RSA is implemented using |
11 | driver model. So CONFIG_DM needs to be enabled by default for this | |
12 | library to function. | |
13 | The signing part is build into mkimage regardless of this | |
14 | option. The software based modular exponentiation is built into | |
15 | mkimage irrespective of this option. | |
d9f23c7f | 16 | |
39883af3 ER |
17 | if RSA |
18 | ||
51c14cd1 TR |
19 | config SPL_RSA |
20 | bool "Use RSA Library within SPL" | |
b340199f | 21 | depends on SPL |
51c14cd1 | 22 | |
b983cc2d AT |
23 | config SPL_RSA_VERIFY |
24 | bool | |
d4f05b31 | 25 | depends on SPL_RSA |
b983cc2d AT |
26 | help |
27 | Add RSA signature verification support in SPL. | |
28 | ||
29 | config RSA_VERIFY | |
30 | bool | |
31 | help | |
32 | Add RSA signature verification support. | |
33 | ||
dd89f5b0 AT |
34 | config RSA_VERIFY_WITH_PKEY |
35 | bool "Execute RSA verification without key parameters from FDT" | |
36 | select RSA_VERIFY | |
e0d310b0 AT |
37 | select ASYMMETRIC_KEY_TYPE |
38 | select ASYMMETRIC_PUBLIC_KEY_SUBTYPE | |
39 | select RSA_PUBLIC_KEY_PARSER | |
dd89f5b0 AT |
40 | help |
41 | The standard RSA-signature verification code (FIT_SIGNATURE) uses | |
42 | pre-calculated key properties, that are stored in fdt blob, in | |
43 | decrypting a signature. | |
44 | This does not suit the use case where there is no way defined to | |
45 | provide such additional key properties in standardized form, | |
46 | particularly UEFI secure boot. | |
47 | This options enables RSA signature verification with a public key | |
48 | directly specified in image_sign_info, where all the necessary | |
49 | key properties will be calculated on the fly in verification code. | |
50 | ||
f6bacf1d PR |
51 | config SPL_RSA_VERIFY_WITH_PKEY |
52 | bool "Execute RSA verification without key parameters from FDT within SPL" | |
53 | depends on SPL | |
54 | select SPL_RSA_VERIFY | |
55 | select SPL_ASYMMETRIC_KEY_TYPE | |
56 | select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE | |
57 | select SPL_RSA_PUBLIC_KEY_PARSER | |
58 | help | |
59 | The standard RSA-signature verification code (FIT_SIGNATURE) uses | |
60 | pre-calculated key properties, that are stored in fdt blob, in | |
61 | decrypting a signature. | |
62 | This does not suit the use case where there is no way defined to | |
63 | provide such additional key properties in standardized form, | |
64 | particularly UEFI secure boot. | |
65 | This options enables RSA signature verification with a public key | |
66 | directly specified in image_sign_info, where all the necessary | |
67 | key properties will be calculated on the fly in verification code | |
68 | in the SPL. | |
69 | ||
d9f23c7f RG |
70 | config RSA_SOFTWARE_EXP |
71 | bool "Enable driver for RSA Modular Exponentiation in software" | |
39883af3 | 72 | depends on DM |
d9f23c7f RG |
73 | help |
74 | Enables driver for modular exponentiation in software. This is a RSA | |
75 | algorithm used in FIT image verification. It required RSA Key as | |
76 | input. | |
77 | See doc/uImage.FIT/signature.txt for more details. | |
78 | ||
79 | config RSA_FREESCALE_EXP | |
80 | bool "Enable RSA Modular Exponentiation with FSL crypto accelerator" | |
7ce83854 | 81 | depends on DM && FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5 |
d9f23c7f RG |
82 | help |
83 | Enables driver for RSA modular exponentiation using Freescale cryptographic | |
84 | accelerator - CAAM. | |
85 | ||
89c36cca CWW |
86 | config RSA_ASPEED_EXP |
87 | bool "Enable RSA Modular Exponentiation with ASPEED crypto accelerator" | |
88 | depends on DM && ASPEED_ACRY | |
89 | help | |
90 | Enables driver for RSA modular exponentiation using ASPEED cryptographic | |
91 | accelerator - ACRY | |
92 | ||
d9f23c7f | 93 | endif |