MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-07-06 05:45:29 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
c942fddf87
linux-yocto/crypto/asymmetric_keys/Makefile
Denis Kenzior d5e72745ca KEYS: Add parser for TPM-based keys [ver #2] 
For TPM based keys, the only standard seems to be described here:
http://david.woodhou.se/draft-woodhouse-cert-best-practice.html#rfc.section.4.4

Quote from the relevant section:
"Rather, a common form of storage for "wrapped" keys is to encode the
binary TCPA_KEY structure in a single ASN.1 OCTET-STRING, and store the
result in PEM format with the tag "-----BEGIN TSS KEY BLOB-----". "

This patch implements the above behavior.  It is assumed that the PEM
encoding is stripped out by userspace and only the raw DER/BER format is
provided.  This is similar to how PKCS7, PKCS8 and X.509 keys are
handled.

Signed-off-by: Denis Kenzior <denkenz@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Marcel Holtmann <marcel@holtmann.org>
Reviewed-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: James Morris <james.morris@microsoft.com>
2018-10-26 09:30:46 +01:00

1.9 KiB
Raw Blame History

SPDX-License-Identifier: GPL-2.0

Makefile for asymmetric cryptographic keys

obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o

asymmetric_keys-y :=
asymmetric_type.o
restrict.o
signature.o

obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o obj-$(CONFIG_ASYMMETRIC_TPM_KEY_SUBTYPE) += asym_tpm.o

X.509 Certificate handling

obj-$(CONFIG_X509_CERTIFICATE_PARSER) += x509_key_parser.o x509_key_parser-y :=
x509.asn1.o
x509_akid.asn1.o
x509_cert_parser.o
x509_public_key.o

$(obj)/x509_cert_parser.o:
$(obj)/x509.asn1.h
$(obj)/x509_akid.asn1.h

$(obj)/x509.asn1.o: $(obj)/x509.asn1.c $(obj)/x509.asn1.h $(obj)/x509_akid.asn1.o: $(obj)/x509_akid.asn1.c $(obj)/x509_akid.asn1.h

PKCS#8 private key handling

obj-$(CONFIG_PKCS8_PRIVATE_KEY_PARSER) += pkcs8_key_parser.o pkcs8_key_parser-y :=
pkcs8.asn1.o
pkcs8_parser.o

$(obj)/pkcs8_parser.o: $(obj)/pkcs8.asn1.h $(obj)/pkcs8-asn1.o: $(obj)/pkcs8.asn1.c $(obj)/pkcs8.asn1.h

clean-files += pkcs8.asn1.c pkcs8.asn1.h

PKCS#7 message handling

obj-$(CONFIG_PKCS7_MESSAGE_PARSER) += pkcs7_message.o pkcs7_message-y :=
pkcs7.asn1.o
pkcs7_parser.o
pkcs7_trust.o
pkcs7_verify.o

$(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h $(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h

PKCS#7 parser testing key

obj-$(CONFIG_PKCS7_TEST_KEY) += pkcs7_test_key.o pkcs7_test_key-y :=
pkcs7_key_type.o

Signed PE binary-wrapped key handling

obj-$(CONFIG_SIGNED_PE_FILE_VERIFICATION) += verify_signed_pefile.o

verify_signed_pefile-y :=
verify_pefile.o
mscode_parser.o
mscode.asn1.o

$(obj)/mscode_parser.o: $(obj)/mscode.asn1.h $(obj)/mscode.asn1.h $(obj)/mscode.asn1.o: $(obj)/mscode.asn1.c $(obj)/mscode.asn1.h

TPM private key parsing

obj-$(CONFIG_TPM_KEY_PARSER) += tpm_key_parser.o tpm_key_parser-y :=
tpm.asn1.o
tpm_parser.o

$(obj)/tpm_parser.o: $(obj)/tpm.asn1.h $(obj)/tpm.asn1.o: $(obj)/tpm.asn1.c $(obj)/tpm.asn1.h