904a742158
This patch adds trusted hardware key support for DCP crypto driver. Signed-off-by: Kshitiz Varshney <kshitiz.varshney@nxp.com> Reviewed by: Pankaj Gupta <pankaj.gupta@nxp.com>
1.2 KiB
config TRUSTED_KEYS_TPM bool "TPM-based trusted keys" depends on TCG_TPM >= TRUSTED_KEYS default y select CRYPTO select CRYPTO_HMAC select CRYPTO_SHA1 select CRYPTO_HASH_INFO select ASN1_ENCODER select OID_REGISTRY select ASN1 help Enable use of the Trusted Platform Module (TPM) as trusted key backend. Trusted keys are random number symmetric keys, which will be generated and RSA-sealed by the TPM. The TPM only unseals the keys, if the boot PCRs and other criteria match.
config TRUSTED_KEYS_TEE bool "TEE-based trusted keys" depends on TEE >= TRUSTED_KEYS default y help Enable use of the Trusted Execution Environment (TEE) as trusted key backend.
config TRUSTED_KEYS_CAAM bool "CAAM-based trusted keys" depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS select CRYPTO_DEV_FSL_CAAM_BLOB_GEN default y help Enable use of NXP's Cryptographic Accelerator and Assurance Module (CAAM) as trusted key backend.
config TRUSTED_KEYS_DCP bool "DCP-based trusted keys" depends on CRYPTO_DEV_MXS_DCP >= TRUSTED_KEYS default y help Enable use of DCP (Data co-processor) as trusted key backend.
if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE && !TRUSTED_KEYS_CAAM && !TRUSTED_KEYS_DCP comment "No trust source selected!" endif