| config CRYPTO_KEY_TYPE |
| tristate "Cryptographic key type" |
| depends on KEYS |
| help |
| This option provides support for a type of key that holds the keys |
| required for cryptographic operations such as encryption, decryption, |
| signature generation and signature verification. |
| |
| config CRYPTO_KEY_PUBLIC_KEY_SUBTYPE |
| tristate "Asymmetric public-key crypto algorithm subtype" |
| depends on CRYPTO_KEY_TYPE |
| select MPILIB |
| help |
| This option provides support for asymmetric public key type handling. |
| If signature generation and/or verification are to be used, |
| appropriate hash algorithms (such as SHA-1) must be available. |
| ENOPKG will be reported if the requisite algorithm is unavailable. |
| |
| config CRYPTO_KEY_PKEY_ALGO_RSA |
| tristate "RSA public-key algorithm" |
| depends on CRYPTO_KEY_PUBLIC_KEY_SUBTYPE |
| select MPILIB_EXTRA |
| help |
| This option enables support for the RSA algorithm (PKCS#1, RFC3447). |
| |
| config PGP_LIBRARY |
| tristate "PGP parsing library" |
| help |
| This option enables a library that provides a number of simple |
| utility functions for parsing PGP (RFC 4880) packet-based messages. |
| |
| config CRYPTO_KEY_PGP_PARSER |
| tristate "PGP key blob parser" |
| depends on CRYPTO_KEY_TYPE |
| select CRYPTO_KEY_PUBLIC_KEY_SUBTYPE |
| select PGP_LIBRARY |
| select MD5 # V3 fingerprint generation |
| select SHA1 # V4 fingerprint generation |
| help |
| This option provides support for parsing PGP (RFC 4880) format blobs |
| for key data and provides the ability to instantiate a crypto key |
| from a public key packet found inside the blob. |
| |
| config PGP_PRELOAD |
| bool "PGP public key preloading facility" |
| select PGP_LIBRARY |
| select CRYPTO_KEY_PGP_PARSER |
| help |
| This option provides a facility for the kernel to preload PGP-wrapped |
| bundles of keys during boot. It is used by module signing to load |
| the module signing keys for example. |