blob: cf802a6d40acda1f9b59f09a9c845307cbf951f8 [file] [log] [blame]
Ruchika Gupta4acd8c42015-01-23 16:01:56 +05301config RSA
2 bool "Use RSA Library"
George McCollister7bb238e2017-03-16 16:17:06 -05003 select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5
Ruchika Gupta4acd8c42015-01-23 16:01:56 +05304 select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP
5 help
6 RSA support. This enables the RSA algorithm used for FIT image
7 verification in U-Boot.
8 See doc/uImage.FIT/signature.txt for more details.
Simon Glasse3ee2fb2016-02-22 22:55:43 -07009 The Modular Exponentiation algorithm in RSA is implemented using
10 driver model. So CONFIG_DM needs to be enabled by default for this
11 library to function.
12 The signing part is build into mkimage regardless of this
13 option. The software based modular exponentiation is built into
14 mkimage irrespective of this option.
Ruchika Gupta4acd8c42015-01-23 16:01:56 +053015
Eugeniu Roscadcf36e92018-04-21 14:00:10 +020016if RSA
17
Teddy Reed5021e3c2016-06-09 19:18:44 -070018config SPL_RSA
19 bool "Use RSA Library within SPL"
Teddy Reed5021e3c2016-06-09 19:18:44 -070020
AKASHI Takahiro2223c7d2020-02-21 15:12:55 +090021config SPL_RSA_VERIFY
22 bool
Oleksandr Suvorov04ab0a22021-09-16 15:03:36 +030023 depends on SPL_RSA
AKASHI Takahiro2223c7d2020-02-21 15:12:55 +090024 help
25 Add RSA signature verification support in SPL.
26
27config RSA_VERIFY
28 bool
29 help
30 Add RSA signature verification support.
31
AKASHI Takahiro1f14f812020-02-21 15:12:56 +090032config RSA_VERIFY_WITH_PKEY
33 bool "Execute RSA verification without key parameters from FDT"
34 select RSA_VERIFY
AKASHI Takahirod4aece12020-02-21 15:12:58 +090035 select ASYMMETRIC_KEY_TYPE
36 select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
37 select RSA_PUBLIC_KEY_PARSER
AKASHI Takahiro1f14f812020-02-21 15:12:56 +090038 help
39 The standard RSA-signature verification code (FIT_SIGNATURE) uses
40 pre-calculated key properties, that are stored in fdt blob, in
41 decrypting a signature.
42 This does not suit the use case where there is no way defined to
43 provide such additional key properties in standardized form,
44 particularly UEFI secure boot.
45 This options enables RSA signature verification with a public key
46 directly specified in image_sign_info, where all the necessary
47 key properties will be calculated on the fly in verification code.
48
Ruchika Gupta4acd8c42015-01-23 16:01:56 +053049config RSA_SOFTWARE_EXP
50 bool "Enable driver for RSA Modular Exponentiation in software"
Eugeniu Roscadcf36e92018-04-21 14:00:10 +020051 depends on DM
Ruchika Gupta4acd8c42015-01-23 16:01:56 +053052 help
53 Enables driver for modular exponentiation in software. This is a RSA
54 algorithm used in FIT image verification. It required RSA Key as
55 input.
56 See doc/uImage.FIT/signature.txt for more details.
57
58config RSA_FREESCALE_EXP
59 bool "Enable RSA Modular Exponentiation with FSL crypto accelerator"
Eugeniu Roscadcf36e92018-04-21 14:00:10 +020060 depends on DM && FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5
Ruchika Gupta4acd8c42015-01-23 16:01:56 +053061 help
62 Enables driver for RSA modular exponentiation using Freescale cryptographic
63 accelerator - CAAM.
64
65endif