blob: dbfdd8536468da6ae09646bca5068a06c770d777 [file] [log] [blame]
Ahmad Fatoumbe07858fb2022-05-13 16:56:59 +02001config TRUSTED_KEYS_TPM
2 bool "TPM-based trusted keys"
3 depends on TCG_TPM >= TRUSTED_KEYS
4 default y
5 select CRYPTO
6 select CRYPTO_HMAC
7 select CRYPTO_SHA1
8 select CRYPTO_HASH_INFO
9 select ASN1_ENCODER
10 select OID_REGISTRY
11 select ASN1
12 help
13 Enable use of the Trusted Platform Module (TPM) as trusted key
14 backend. Trusted keys are random number symmetric keys,
15 which will be generated and RSA-sealed by the TPM.
16 The TPM only unseals the keys, if the boot PCRs and other
17 criteria match.
18
19config TRUSTED_KEYS_TEE
20 bool "TEE-based trusted keys"
21 depends on TEE >= TRUSTED_KEYS
22 default y
23 help
24 Enable use of the Trusted Execution Environment (TEE) as trusted
25 key backend.
26
Ahmad Fatoume9c50482022-05-13 16:57:03 +020027config TRUSTED_KEYS_CAAM
28 bool "CAAM-based trusted keys"
29 depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS
30 select CRYPTO_DEV_FSL_CAAM_BLOB_GEN
31 default y
32 help
33 Enable use of NXP's Cryptographic Accelerator and Assurance Module
34 (CAAM) as trusted key backend.
35
36if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE && !TRUSTED_KEYS_CAAM
Ahmad Fatoumbe07858fb2022-05-13 16:56:59 +020037comment "No trust source selected!"
38endif