| Ruchika Gupta | d9f23c7 | 2015-01-23 16:01:56 +0530 | [diff] [blame] | 1 | config RSA |
| 2 | bool "Use RSA Library" |
| George McCollister | f4e9ff7 | 2017-03-16 16:17:06 -0500 | [diff] [blame] | 3 | select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5 |
| Ruchika Gupta | d9f23c7 | 2015-01-23 16:01:56 +0530 | [diff] [blame] | 4 | select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP |
| 5 | help |
| 6 | RSA support. This enables the RSA algorithm used for FIT image |
| 7 | verification in U-Boot. |
| 8 | See doc/uImage.FIT/signature.txt for more details. |
| Simon Glass | 73223f0 | 2016-02-22 22:55:43 -0700 | [diff] [blame] | 9 | The Modular Exponentiation algorithm in RSA is implemented using |
| 10 | driver model. So CONFIG_DM needs to be enabled by default for this |
| 11 | library to function. |
| 12 | The signing part is build into mkimage regardless of this |
| 13 | option. The software based modular exponentiation is built into |
| 14 | mkimage irrespective of this option. |
| Ruchika Gupta | d9f23c7 | 2015-01-23 16:01:56 +0530 | [diff] [blame] | 15 | |
| Eugeniu Rosca | 39883af | 2018-04-21 14:00:10 +0200 | [diff] [blame] | 16 | if RSA |
| 17 | |
| Teddy Reed | 51c14cd | 2016-06-09 19:18:44 -0700 | [diff] [blame] | 18 | config SPL_RSA |
| 19 | bool "Use RSA Library within SPL" |
| Teddy Reed | 51c14cd | 2016-06-09 19:18:44 -0700 | [diff] [blame] | 20 | |
| AKASHI Takahiro | b983cc2 | 2020-02-21 15:12:55 +0900 | [diff] [blame] | 21 | config SPL_RSA_VERIFY |
| 22 | bool |
| Oleksandr Suvorov | d4f05b3 | 2021-09-16 15:03:36 +0300 | [diff] [blame^] | 23 | depends on SPL_RSA |
| AKASHI Takahiro | b983cc2 | 2020-02-21 15:12:55 +0900 | [diff] [blame] | 24 | help |
| 25 | Add RSA signature verification support in SPL. |
| 26 | |
| 27 | config RSA_VERIFY |
| 28 | bool |
| 29 | help |
| 30 | Add RSA signature verification support. |
| 31 | |
| AKASHI Takahiro | dd89f5b | 2020-02-21 15:12:56 +0900 | [diff] [blame] | 32 | config RSA_VERIFY_WITH_PKEY |
| 33 | bool "Execute RSA verification without key parameters from FDT" |
| 34 | select RSA_VERIFY |
| AKASHI Takahiro | e0d310b | 2020-02-21 15:12:58 +0900 | [diff] [blame] | 35 | select ASYMMETRIC_KEY_TYPE |
| 36 | select ASYMMETRIC_PUBLIC_KEY_SUBTYPE |
| 37 | select RSA_PUBLIC_KEY_PARSER |
| AKASHI Takahiro | dd89f5b | 2020-02-21 15:12:56 +0900 | [diff] [blame] | 38 | help |
| 39 | The standard RSA-signature verification code (FIT_SIGNATURE) uses |
| 40 | pre-calculated key properties, that are stored in fdt blob, in |
| 41 | decrypting a signature. |
| 42 | This does not suit the use case where there is no way defined to |
| 43 | provide such additional key properties in standardized form, |
| 44 | particularly UEFI secure boot. |
| 45 | This options enables RSA signature verification with a public key |
| 46 | directly specified in image_sign_info, where all the necessary |
| 47 | key properties will be calculated on the fly in verification code. |
| 48 | |
| Ruchika Gupta | d9f23c7 | 2015-01-23 16:01:56 +0530 | [diff] [blame] | 49 | config RSA_SOFTWARE_EXP |
| 50 | bool "Enable driver for RSA Modular Exponentiation in software" |
| Eugeniu Rosca | 39883af | 2018-04-21 14:00:10 +0200 | [diff] [blame] | 51 | depends on DM |
| Ruchika Gupta | d9f23c7 | 2015-01-23 16:01:56 +0530 | [diff] [blame] | 52 | help |
| 53 | Enables driver for modular exponentiation in software. This is a RSA |
| 54 | algorithm used in FIT image verification. It required RSA Key as |
| 55 | input. |
| 56 | See doc/uImage.FIT/signature.txt for more details. |
| 57 | |
| 58 | config RSA_FREESCALE_EXP |
| 59 | bool "Enable RSA Modular Exponentiation with FSL crypto accelerator" |
| Eugeniu Rosca | 39883af | 2018-04-21 14:00:10 +0200 | [diff] [blame] | 60 | depends on DM && FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5 |
| Ruchika Gupta | d9f23c7 | 2015-01-23 16:01:56 +0530 | [diff] [blame] | 61 | help |
| 62 | Enables driver for RSA modular exponentiation using Freescale cryptographic |
| 63 | accelerator - CAAM. |
| 64 | |
| 65 | endif |