3 select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5
4 select RSA_ASPEED_EXP if ASPEED_ACRY
5 select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && !RSA_ASPEED_EXP
7 RSA support. This enables the RSA algorithm used for FIT image
8 verification in U-Boot.
9 See doc/uImage.FIT/signature.txt for more details.
10 The Modular Exponentiation algorithm in RSA is implemented using
11 driver model. So CONFIG_DM needs to be enabled by default for this
13 The signing part is build into mkimage regardless of this
14 option. The software based modular exponentiation is built into
15 mkimage irrespective of this option.
20 bool "Use RSA Library within SPL"
27 Add RSA signature verification support in SPL.
32 Add RSA signature verification support.
34 config RSA_VERIFY_WITH_PKEY
35 bool "Execute RSA verification without key parameters from FDT"
37 select ASYMMETRIC_KEY_TYPE
38 select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
39 select RSA_PUBLIC_KEY_PARSER
41 The standard RSA-signature verification code (FIT_SIGNATURE) uses
42 pre-calculated key properties, that are stored in fdt blob, in
43 decrypting a signature.
44 This does not suit the use case where there is no way defined to
45 provide such additional key properties in standardized form,
46 particularly UEFI secure boot.
47 This options enables RSA signature verification with a public key
48 directly specified in image_sign_info, where all the necessary
49 key properties will be calculated on the fly in verification code.
51 config SPL_RSA_VERIFY_WITH_PKEY
52 bool "Execute RSA verification without key parameters from FDT within SPL"
55 select SPL_ASYMMETRIC_KEY_TYPE
56 select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
57 select SPL_RSA_PUBLIC_KEY_PARSER
59 The standard RSA-signature verification code (FIT_SIGNATURE) uses
60 pre-calculated key properties, that are stored in fdt blob, in
61 decrypting a signature.
62 This does not suit the use case where there is no way defined to
63 provide such additional key properties in standardized form,
64 particularly UEFI secure boot.
65 This options enables RSA signature verification with a public key
66 directly specified in image_sign_info, where all the necessary
67 key properties will be calculated on the fly in verification code
70 config RSA_SOFTWARE_EXP
71 bool "Enable driver for RSA Modular Exponentiation in software"
74 Enables driver for modular exponentiation in software. This is a RSA
75 algorithm used in FIT image verification. It required RSA Key as
77 See doc/uImage.FIT/signature.txt for more details.
79 config RSA_FREESCALE_EXP
80 bool "Enable RSA Modular Exponentiation with FSL crypto accelerator"
81 depends on DM && FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5
83 Enables driver for RSA modular exponentiation using Freescale cryptographic
87 bool "Enable RSA Modular Exponentiation with ASPEED crypto accelerator"
88 depends on DM && ASPEED_ACRY
90 Enables driver for RSA modular exponentiation using ASPEED cryptographic