summaryrefslogtreecommitdiff
path: root/lib/rsa/Kconfig
diff options
context:
space:
mode:
Diffstat (limited to 'lib/rsa/Kconfig')
-rw-r--r--lib/rsa/Kconfig27
1 files changed, 27 insertions, 0 deletions
diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
index 2b33f323bc..a90d67e5a8 100644
--- a/lib/rsa/Kconfig
+++ b/lib/rsa/Kconfig
@@ -18,6 +18,33 @@ if RSA
config SPL_RSA
bool "Use RSA Library within SPL"
+config SPL_RSA_VERIFY
+ bool
+ help
+ Add RSA signature verification support in SPL.
+
+config RSA_VERIFY
+ bool
+ help
+ Add RSA signature verification support.
+
+config RSA_VERIFY_WITH_PKEY
+ bool "Execute RSA verification without key parameters from FDT"
+ select RSA_VERIFY
+ select ASYMMETRIC_KEY_TYPE
+ select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select RSA_PUBLIC_KEY_PARSER
+ help
+ The standard RSA-signature verification code (FIT_SIGNATURE) uses
+ pre-calculated key properties, that are stored in fdt blob, in
+ decrypting a signature.
+ This does not suit the use case where there is no way defined to
+ provide such additional key properties in standardized form,
+ particularly UEFI secure boot.
+ This options enables RSA signature verification with a public key
+ directly specified in image_sign_info, where all the necessary
+ key properties will be calculated on the fly in verification code.
+
config RSA_SOFTWARE_EXP
bool "Enable driver for RSA Modular Exponentiation in software"
depends on DM
generated by cgit (git 2.34.1) at 2024-12-30 21:24:33 +0000