mirror of
				https://github.com/smaeul/u-boot.git
				synced 2025-10-25 01:58:13 +01:00 
			
		
		
		
	When building with MbedTLS, we are using MbedTLS to decode ASN1 data for x509, pkcs7 and mscode. Introduce _LEGACY and _MBEDTLS kconfigs for ASN1 decoder legacy and MbedTLS implementations respectively. Signed-off-by: Raymond Mao <raymond.mao@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
		
			
				
	
	
		
			434 lines
		
	
	
		
			13 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			434 lines
		
	
	
		
			13 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| choice
 | |
| 	prompt "Select crypto libraries"
 | |
| 	default LEGACY_CRYPTO
 | |
| 	help
 | |
| 	  Select crypto libraries.
 | |
| 	  LEGACY_CRYPTO for legacy crypto libraries,
 | |
| 	  MBEDTLS_LIB for MbedTLS libraries.
 | |
| 
 | |
| config LEGACY_CRYPTO
 | |
| 	bool "legacy crypto libraries"
 | |
| 	select LEGACY_CRYPTO_BASIC
 | |
| 	select LEGACY_CRYPTO_CERT
 | |
| 
 | |
| config MBEDTLS_LIB
 | |
| 	bool "MbedTLS libraries"
 | |
| 	select MBEDTLS_LIB_X509
 | |
| endchoice
 | |
| 
 | |
| if LEGACY_CRYPTO || MBEDTLS_LIB_CRYPTO_ALT
 | |
| 
 | |
| config LEGACY_CRYPTO_BASIC
 | |
| 	bool "legacy basic crypto libraries"
 | |
| 	select MD5_LEGACY if MD5
 | |
| 	select SHA1_LEGACY if SHA1
 | |
| 	select SHA256_LEGACY if SHA256
 | |
| 	select SHA512_LEGACY if SHA512
 | |
| 	select SHA384_LEGACY if SHA384
 | |
| 	select SPL_MD5_LEGACY if SPL_MD5
 | |
| 	select SPL_SHA1_LEGACY if SPL_SHA1
 | |
| 	select SPL_SHA256_LEGACY if SPL_SHA256
 | |
| 	select SPL_SHA512_LEGACY if SPL_SHA512
 | |
| 	select SPL_SHA384_LEGACY if SPL_SHA384
 | |
| 	help
 | |
| 	  Enable legacy basic crypto libraries.
 | |
| 
 | |
| if LEGACY_CRYPTO_BASIC
 | |
| 
 | |
| config SHA1_LEGACY
 | |
| 	bool "Enable SHA1 support with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SHA1
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA1 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config SHA256_LEGACY
 | |
| 	bool "Enable SHA256 support with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SHA256
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA256 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config SHA512_LEGACY
 | |
| 	bool "Enable SHA512 support with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SHA512
 | |
| 	default y if TI_SECURE_DEVICE && FIT_SIGNATURE
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA512 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config SHA384_LEGACY
 | |
| 	bool "Enable SHA384 support with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SHA384
 | |
| 	select SHA512_LEGACY
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA384 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config MD5_LEGACY
 | |
| 	bool "Enable MD5 support with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && MD5
 | |
| 	help
 | |
| 	  This option enables support of hashing using MD5 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| if SPL
 | |
| 
 | |
| config SPL_SHA1_LEGACY
 | |
| 	bool "Enable SHA1 support in SPL with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SPL_SHA1
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA1 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config SPL_SHA256_LEGACY
 | |
| 	bool "Enable SHA256 support in SPL with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SPL_SHA256
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA256 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config SPL_SHA512_LEGACY
 | |
| 	bool "Enable SHA512 support in SPL with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SPL_SHA512
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA512 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config SPL_SHA384_LEGACY
 | |
| 	bool "Enable SHA384 support in SPL with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SPL_SHA384
 | |
| 	select SPL_SHA512_LEGACY
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA384 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| config SPL_MD5_LEGACY
 | |
| 	bool "Enable MD5 support in SPL with legacy crypto library"
 | |
| 	depends on LEGACY_CRYPTO_BASIC && SPL_MD5
 | |
| 	help
 | |
| 	  This option enables support of hashing using MD5 algorithm
 | |
| 	  with legacy crypto library.
 | |
| 
 | |
| endif # SPL
 | |
| 
 | |
| endif # LEGACY_CRYPTO_BASIC
 | |
| 
 | |
| config LEGACY_CRYPTO_CERT
 | |
| 	bool "legacy certificate libraries"
 | |
| 	select ASN1_DECODER_LEGACY if ASN1_DECODER
 | |
| 	select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
 | |
| 		ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	select RSA_PUBLIC_KEY_PARSER_LEGACY if RSA_PUBLIC_KEY_PARSER
 | |
| 	select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
 | |
| 	select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
 | |
| 	select MSCODE_PARSER_LEGACY if MSCODE_PARSER
 | |
| 	select SPL_ASN1_DECODER_LEGACY if SPL_ASN1_DECODER
 | |
| 	select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
 | |
| 		SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	select SPL_RSA_PUBLIC_KEY_PARSER_LEGACY if SPL_RSA_PUBLIC_KEY_PARSER
 | |
| 	help
 | |
| 	  Enable legacy certificate libraries.
 | |
| 
 | |
| if LEGACY_CRYPTO_CERT
 | |
| 
 | |
| config ASN1_DECODER_LEGACY
 | |
| 	bool "ASN1 decoder with legacy certificate library"
 | |
| 	depends on LEGACY_CRYPTO_CERT && ASN1_DECODER
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for ASN1 decoder.
 | |
| 
 | |
| config ASYMMETRIC_PUBLIC_KEY_LEGACY
 | |
| 	bool "Asymmetric public key crypto with legacy certificate library"
 | |
| 	depends on LEGACY_CRYPTO_CERT && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for asymmetric public
 | |
| 	  key crypto algorithm.
 | |
| 
 | |
| config RSA_PUBLIC_KEY_PARSER_LEGACY
 | |
| 	bool "RSA public key parser with legacy certificate library"
 | |
| 	depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
 | |
| 	select ASN1_DECODER_LEGACY
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for RSA public key
 | |
| 	  parser.
 | |
| 
 | |
| config X509_CERTIFICATE_PARSER_LEGACY
 | |
| 	bool "X.509 certificate parser with legacy certificate library"
 | |
| 	depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
 | |
| 	select ASN1_DECODER_LEGACY
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for X509 certificate
 | |
| 	  parser.
 | |
| 
 | |
| config PKCS7_MESSAGE_PARSER_LEGACY
 | |
| 	bool "PKCS#7 message parser with legacy certificate library"
 | |
| 	depends on X509_CERTIFICATE_PARSER_LEGACY
 | |
| 	select ASN1_DECODER_LEGACY
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for PKCS7 message
 | |
| 	  parser.
 | |
| 
 | |
| config MSCODE_PARSER_LEGACY
 | |
| 	bool "MS authenticode parser with legacy certificate library"
 | |
| 	depends on LEGACY_CRYPTO_CERT && MSCODE_PARSER
 | |
| 	select ASN1_DECODER_LEGACY
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for MS authenticode
 | |
| 	  parser.
 | |
| 
 | |
| if SPL
 | |
| 
 | |
| config SPL_ASN1_DECODER_LEGACY
 | |
| 	bool "ASN1 decoder with legacy certificate library in SPL"
 | |
| 	depends on LEGACY_CRYPTO_CERT && SPL_ASN1_DECODER
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for ASN1 decoder in
 | |
| 	  SPL.
 | |
| 
 | |
| config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
 | |
| 	bool "Asymmetric public key crypto with legacy certificate library in SPL"
 | |
| 	depends on LEGACY_CRYPTO_CERT && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for asymmetric public
 | |
| 	  key crypto algorithm in SPL.
 | |
| 
 | |
| config SPL_RSA_PUBLIC_KEY_PARSER_LEGACY
 | |
| 	bool "RSA public key parser with legacy certificate library in SPL"
 | |
| 	depends on SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
 | |
| 	select SPL_ASN1_DECODER_LEGACY
 | |
| 	help
 | |
| 	  This option chooses legacy certificate library for RSA public key
 | |
| 	  parser in SPL.
 | |
| 
 | |
| endif # SPL
 | |
| 
 | |
| endif # LEGACY_CRYPTO_CERT
 | |
| 
 | |
| endif # LEGACY_CRYPTO
 | |
| 
 | |
| if MBEDTLS_LIB
 | |
| 
 | |
| config MBEDTLS_LIB_CRYPTO_ALT
 | |
| 	bool "MbedTLS crypto alternatives"
 | |
| 	depends on MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
 | |
| 	select LEGACY_CRYPTO_BASIC
 | |
| 	default y if MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
 | |
| 	help
 | |
| 	  Enable MbedTLS crypto alternatives.
 | |
| 	  Mutually incompatible with MBEDTLS_LIB_CRYPTO.
 | |
| 
 | |
| config MBEDTLS_LIB_CRYPTO
 | |
| 	bool "MbedTLS crypto libraries"
 | |
| 	select MD5_MBEDTLS if MD5
 | |
| 	select SHA1_MBEDTLS if SHA1
 | |
| 	select SHA256_MBEDTLS if SHA256
 | |
| 	select SHA512_MBEDTLS if SHA512
 | |
| 	select SHA384_MBEDTLS if SHA384
 | |
| 	select SPL_MD5_MBEDTLS if SPL_MD5
 | |
| 	select SPL_SHA1_MBEDTLS if SPL_SHA1
 | |
| 	select SPL_SHA256_MBEDTLS if SPL_SHA256
 | |
| 	select SPL_SHA512_MBEDTLS if SPL_SHA512
 | |
| 	select SPL_SHA384_MBEDTLS if SPL_SHA384
 | |
| 	help
 | |
| 	  Enable MbedTLS crypto libraries.
 | |
| 	  Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT.
 | |
| 
 | |
| if MBEDTLS_LIB_CRYPTO
 | |
| 
 | |
| config SHA1_MBEDTLS
 | |
| 	bool "Enable SHA1 support with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SHA1
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA1 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| config SHA256_MBEDTLS
 | |
| 	bool "Enable SHA256 support with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SHA256
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA256 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| if SHA256_MBEDTLS
 | |
| 
 | |
| config SHA256_SMALLER
 | |
| 	bool "Enable SHA256 smaller implementation with MbedTLS crypto library"
 | |
| 	depends on SHA256_MBEDTLS
 | |
| 	default y if SHA256_MBEDTLS
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA256 algorithm
 | |
| 	  smaller implementation with MbedTLS crypto library.
 | |
| 
 | |
| endif
 | |
| 
 | |
| config SHA512_MBEDTLS
 | |
| 	bool "Enable SHA512 support with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SHA512
 | |
| 	default y if TI_SECURE_DEVICE && FIT_SIGNATURE
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA512 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| if SHA512_MBEDTLS
 | |
| 
 | |
| config SHA512_SMALLER
 | |
| 	bool "Enable SHA512 smaller implementation with MbedTLS crypto library"
 | |
| 	depends on SHA512_MBEDTLS
 | |
| 	default y if SHA512_MBEDTLS
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA512 algorithm
 | |
| 	  smaller implementation with MbedTLS crypto library.
 | |
| 
 | |
| endif
 | |
| 
 | |
| config SHA384_MBEDTLS
 | |
| 	bool "Enable SHA384 support with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SHA384
 | |
| 	select SHA512_MBEDTLS
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA384 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| config MD5_MBEDTLS
 | |
| 	bool "Enable MD5 support with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && MD5
 | |
| 	help
 | |
| 	  This option enables support of hashing using MD5 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| if SPL
 | |
| 
 | |
| config SPL_SHA1_MBEDTLS
 | |
| 	bool "Enable SHA1 support in SPL with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SPL_SHA1
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA1 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| config SPL_SHA256_MBEDTLS
 | |
| 	bool "Enable SHA256 support in SPL with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SPL_SHA256
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA256 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| config SPL_SHA512_MBEDTLS
 | |
| 	bool "Enable SHA512 support in SPL with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SPL_SHA512
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA512 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| config SPL_SHA384_MBEDTLS
 | |
| 	bool "Enable SHA384 support in SPL with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SPL_SHA384
 | |
| 	select SPL_SHA512
 | |
| 	help
 | |
| 	  This option enables support of hashing using SHA384 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| config SPL_MD5_MBEDTLS
 | |
| 	bool "Enable MD5 support in SPL with MbedTLS crypto library"
 | |
| 	depends on MBEDTLS_LIB_CRYPTO && SPL_MD5
 | |
| 	help
 | |
| 	  This option enables support of hashing using MD5 algorithm
 | |
| 	  with MbedTLS crypto library.
 | |
| 
 | |
| endif # SPL
 | |
| 
 | |
| endif # MBEDTLS_LIB_CRYPTO
 | |
| 
 | |
| config MBEDTLS_LIB_X509
 | |
| 	bool "MbedTLS certificate libraries"
 | |
| 	select ASN1_DECODER_MBEDTLS if ASN1_DECODER
 | |
| 	select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
 | |
| 		ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	select RSA_PUBLIC_KEY_PARSER_MBEDTLS if RSA_PUBLIC_KEY_PARSER
 | |
| 	select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
 | |
| 	select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER
 | |
| 	select MSCODE_PARSER_MBEDTLS if MSCODE_PARSER
 | |
| 	select SPL_ASN1_DECODER_MBEDTLS if SPL_ASN1_DECODER
 | |
| 	select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
 | |
| 		SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	select SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS if SPL_RSA_PUBLIC_KEY_PARSER
 | |
| 	help
 | |
| 	  Enable MbedTLS certificate libraries.
 | |
| 
 | |
| if MBEDTLS_LIB_X509
 | |
| 
 | |
| config ASN1_DECODER_MBEDTLS
 | |
| 	bool "ASN1 decoder with MbedTLS certificate library"
 | |
| 	depends on MBEDTLS_LIB_X509 && ASN1_DECODER
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for ASN1 decoder.
 | |
| 
 | |
| config ASYMMETRIC_PUBLIC_KEY_MBEDTLS
 | |
| 	bool "Asymmetric public key crypto with MbedTLS certificate library"
 | |
| 	depends on MBEDTLS_LIB_X509 && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for asymmetric public
 | |
| 	  key crypto algorithm.
 | |
| 
 | |
| config RSA_PUBLIC_KEY_PARSER_MBEDTLS
 | |
| 	bool "RSA public key parser with MbedTLS certificate library"
 | |
| 	depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
 | |
| 	select ASN1_DECODER_MBEDTLS
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for RSA public key
 | |
| 	  parser.
 | |
| 
 | |
| config X509_CERTIFICATE_PARSER_MBEDTLS
 | |
| 	bool "X.509 certificate parser with MbedTLS certificate library"
 | |
| 	depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
 | |
| 	select ASN1_DECODER_MBEDTLS
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for X509 certificate
 | |
| 	  parser.
 | |
| 
 | |
| config PKCS7_MESSAGE_PARSER_MBEDTLS
 | |
| 	bool "PKCS#7 message parser with MbedTLS certificate library"
 | |
| 	depends on X509_CERTIFICATE_PARSER_MBEDTLS
 | |
| 	select ASN1_DECODER_MBEDTLS
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for PKCS7 message
 | |
| 	  parser.
 | |
| 
 | |
| config MSCODE_PARSER_MBEDTLS
 | |
| 	bool "MS authenticode parser with MbedTLS certificate library"
 | |
| 	depends on MBEDTLS_LIB_X509 && MSCODE_PARSER
 | |
| 	select ASN1_DECODER_MBEDTLS
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for MS authenticode
 | |
| 	  parser.
 | |
| 
 | |
| if SPL
 | |
| 
 | |
| config SPL_ASN1_DECODER_MBEDTLS
 | |
| 	bool "ASN1 decoder with MbedTLS certificate library in SPL"
 | |
| 	depends on MBEDTLS_LIB_X509 && SPL_ASN1_DECODER
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for ASN1 decoder in
 | |
| 	  SPL.
 | |
| 
 | |
| config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
 | |
| 	bool "Asymmetric public key crypto with MbedTLS certificate library in SPL"
 | |
| 	depends on MBEDTLS_LIB_X509 && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for asymmetric public
 | |
| 	  key crypto algorithm in SPL.
 | |
| 
 | |
| config SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS
 | |
| 	bool "RSA public key parser with MbedTLS certificate library in SPL"
 | |
| 	depends on SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
 | |
| 	select SPL_ASN1_DECODER_MBEDTLS
 | |
| 	help
 | |
| 	  This option chooses MbedTLS certificate library for RSA public key
 | |
| 	  parser in SPL.
 | |
| 
 | |
| endif # SPL
 | |
| 
 | |
| endif # MBEDTLS_LIB_X509
 | |
| 
 | |
| endif # MBEDTLS_LIB
 |