1config TRUSTED_KEYS_TPM 2 bool "TPM-based trusted keys" 3 depends on TCG_TPM >= TRUSTED_KEYS 4 default y 5 select CRYPTO 6 select CRYPTO_HMAC 7 select CRYPTO_SHA1 8 select CRYPTO_HASH_INFO 9 select ASN1_ENCODER 10 select OID_REGISTRY 11 select ASN1 12 help 13 Enable use of the Trusted Platform Module (TPM) as trusted key 14 backend. Trusted keys are random number symmetric keys, 15 which will be generated and RSA-sealed by the TPM. 16 The TPM only unseals the keys, if the boot PCRs and other 17 criteria match. 18 19config TRUSTED_KEYS_TEE 20 bool "TEE-based trusted keys" 21 depends on TEE >= TRUSTED_KEYS 22 default y 23 help 24 Enable use of the Trusted Execution Environment (TEE) as trusted 25 key backend. 26 27config TRUSTED_KEYS_CAAM 28 bool "CAAM-based trusted keys" 29 depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS 30 select CRYPTO_DEV_FSL_CAAM_BLOB_GEN 31 default y 32 help 33 Enable use of NXP's Cryptographic Accelerator and Assurance Module 34 (CAAM) as trusted key backend. 35 36if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE && !TRUSTED_KEYS_CAAM 37comment "No trust source selected!" 38endif 39