crypto/asymmetric_keys/Kconfig

Source file repositories/reference/linux-study-clean/crypto/asymmetric_keys/Kconfig

File Facts

System
Linux kernel
Corpus path
crypto/asymmetric_keys/Kconfig
Extension
[no extension]
Size
3946 bytes
Lines
118
Domain
Kernel Services
Bucket
crypto
Inferred role
Kernel Services: build/configuration rule
Status
atlas-only

Why This File Exists

Shared kernel service surface used by multiple subsystems, including helpers, cryptography, virtualization support, and async I/O infrastructure.

Dependency Surface

Detected Declarations

Annotated Snippet

# SPDX-License-Identifier: GPL-2.0
menuconfig ASYMMETRIC_KEY_TYPE
	bool "Asymmetric (public-key cryptographic) key type"
	depends on KEYS
	help
	  This option provides support for a key type that holds the data for
	  the asymmetric keys used for public key cryptographic operations such
	  as encryption, decryption, signature generation and signature
	  verification.

if ASYMMETRIC_KEY_TYPE

config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	tristate "Asymmetric public-key crypto algorithm subtype"
	select MPILIB
	select CRYPTO_HASH_INFO
	select CRYPTO_AKCIPHER
	select CRYPTO_SIG
	select CRYPTO_HASH
	help
	  This option provides support for asymmetric public key type handling.
	  If signature generation and/or verification are to be used,
	  appropriate hash algorithms (such as SHA-1) must be available.
	  ENOPKG will be reported if the requisite algorithm is unavailable.

config X509_CERTIFICATE_PARSER
	tristate "X.509 certificate parser"
	depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	select ASN1
	select CRYPTO_LIB_SHA256
	select OID_REGISTRY
	help
	  This option provides support for parsing X.509 format blobs for key
	  data and provides the ability to instantiate a crypto key from a
	  public key packet found inside the certificate.

config PKCS8_PRIVATE_KEY_PARSER
	tristate "PKCS#8 private key parser"
	depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
	select ASN1
	select OID_REGISTRY
	help
	  This option provides support for parsing PKCS#8 format blobs for
	  private key data and provides the ability to instantiate a crypto key
	  from that data.

config PKCS7_MESSAGE_PARSER
	tristate "PKCS#7 message parser"
	depends on X509_CERTIFICATE_PARSER
	select CRYPTO_HASH
	select ASN1
	select OID_REGISTRY
	help
	  This option provides support for parsing PKCS#7 format messages for
	  signature data and provides the ability to verify the signature.

config PKCS7_WAIVE_AUTHATTRS_REJECTION_FOR_MLDSA
	bool "Waive rejection of authenticatedAttributes for ML-DSA"
	depends on PKCS7_MESSAGE_PARSER
	depends on CRYPTO_MLDSA
	help
	  Due to use of CMS_NOATTR with ML-DSA not being supported in
	  OpenSSL < 4.0 (and thus any released version), enabling this
	  allows authenticatedAttributes to be used with ML-DSA for
	  module signing.  Use of authenticatedAttributes in this
	  context is normally rejected.

config PKCS7_TEST_KEY
	tristate "PKCS#7 testing key type"
	depends on SYSTEM_DATA_VERIFICATION

Annotation

Implementation Notes