39068cc70e
This is based on the introduction of a helper Kconfig symbol in "subsys/random/Kconfig" which is named CSPRNG_AVAILABLE. When this is enabled it means that there is a "zephyr,entropy" property defined in the device-tree, therefore Mbed TLS can select ENTROPY_GENERATOR to allow the platform specific driver to be included into the build. This commit also changes other locations where CSPRNG_ENABLED was used moving it to CSPRNG_AVAILABLE in order to solve dependency loop build failures. Signed-off-by: Valerio Setti <vsetti@baylibre.com>
46 lines
1.1 KiB
Plaintext
46 lines
1.1 KiB
Plaintext
# Copyright (c) 2018 Linaro
|
|
# Copyright (c) 2024 BayLibre SAS
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
menuconfig JWT
|
|
bool "JSON Web Token generation"
|
|
select JSON_LIBRARY
|
|
help
|
|
Enable creation of JWT tokens
|
|
|
|
if JWT
|
|
|
|
choice
|
|
prompt "JWT signature algorithm"
|
|
default JWT_SIGN_RSA_PSA
|
|
help
|
|
Select which algorithm to use for signing JWT tokens.
|
|
|
|
config JWT_SIGN_RSA_LEGACY
|
|
bool "Use RSA signature (RS-256). Use Mbed TLS as crypto library."
|
|
depends on CSPRNG_AVAILABLE
|
|
select MBEDTLS
|
|
select MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
|
|
|
config JWT_SIGN_RSA_PSA
|
|
bool "Use RSA signature (RS-256). Use PSA Crypto API."
|
|
select MBEDTLS if !BUILD_WITH_TFM
|
|
select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM
|
|
select PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
|
|
select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT
|
|
select PSA_WANT_ALG_RSA_PKCS1V15_SIGN
|
|
select PSA_WANT_ALG_SHA_256
|
|
|
|
config JWT_SIGN_ECDSA_PSA
|
|
bool "Use ECDSA signature (ES-256). Use PSA Crypto API."
|
|
select MBEDTLS if !BUILD_WITH_TFM
|
|
select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM
|
|
select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
|
|
select PSA_WANT_ALG_ECDSA
|
|
select PSA_WANT_ECC_SECP_R1_256
|
|
select PSA_WANT_ALG_SHA_256
|
|
|
|
endchoice
|
|
|
|
endif # JWT
|