crypto/asymmetric_keys/Kconfig
Source file repositories/reference/linux-study-clean/crypto/asymmetric_keys/Kconfig
File Facts
- System
- Linux kernel
- Corpus path
crypto/asymmetric_keys/Kconfig- Extension
[no extension]- Size
- 3946 bytes
- Lines
- 118
- Domain
- Kernel Services
- Bucket
- crypto
- Inferred role
- Kernel Services: build/configuration rule
- Status
- atlas-only
Why This File Exists
Shared kernel service surface used by multiple subsystems, including helpers, cryptography, virtualization support, and async I/O infrastructure.
- Shared kernel service surface used by multiple subsystems, including helpers, cryptography, virtualization support, and async I/O infrastructure.
Dependency Surface
- No C-style include directives detected by the generator.
Detected Declarations
- No top-level syscall, struct, function, initcall, or export declaration detected by the generator.
Annotated Snippet
# SPDX-License-Identifier: GPL-2.0
menuconfig ASYMMETRIC_KEY_TYPE
bool "Asymmetric (public-key cryptographic) key type"
depends on KEYS
help
This option provides support for a key type that holds the data for
the asymmetric keys used for public key cryptographic operations such
as encryption, decryption, signature generation and signature
verification.
if ASYMMETRIC_KEY_TYPE
config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
tristate "Asymmetric public-key crypto algorithm subtype"
select MPILIB
select CRYPTO_HASH_INFO
select CRYPTO_AKCIPHER
select CRYPTO_SIG
select CRYPTO_HASH
help
This option provides support for asymmetric public key type handling.
If signature generation and/or verification are to be used,
appropriate hash algorithms (such as SHA-1) must be available.
ENOPKG will be reported if the requisite algorithm is unavailable.
config X509_CERTIFICATE_PARSER
tristate "X.509 certificate parser"
depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select ASN1
select CRYPTO_LIB_SHA256
select OID_REGISTRY
help
This option provides support for parsing X.509 format blobs for key
data and provides the ability to instantiate a crypto key from a
public key packet found inside the certificate.
config PKCS8_PRIVATE_KEY_PARSER
tristate "PKCS#8 private key parser"
depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select ASN1
select OID_REGISTRY
help
This option provides support for parsing PKCS#8 format blobs for
private key data and provides the ability to instantiate a crypto key
from that data.
config PKCS7_MESSAGE_PARSER
tristate "PKCS#7 message parser"
depends on X509_CERTIFICATE_PARSER
select CRYPTO_HASH
select ASN1
select OID_REGISTRY
help
This option provides support for parsing PKCS#7 format messages for
signature data and provides the ability to verify the signature.
config PKCS7_WAIVE_AUTHATTRS_REJECTION_FOR_MLDSA
bool "Waive rejection of authenticatedAttributes for ML-DSA"
depends on PKCS7_MESSAGE_PARSER
depends on CRYPTO_MLDSA
help
Due to use of CMS_NOATTR with ML-DSA not being supported in
OpenSSL < 4.0 (and thus any released version), enabling this
allows authenticatedAttributes to be used with ML-DSA for
module signing. Use of authenticatedAttributes in this
context is normally rejected.
config PKCS7_TEST_KEY
tristate "PKCS#7 testing key type"
depends on SYSTEM_DATA_VERIFICATION
Annotation
- Atlas domain: Kernel Services / crypto.
- Implementation status: atlas-only.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.