35f7eda545
Turn the MBEDTLS_RSA_FULL selects into depends on. This is how the other MBEDTLS_KEY_EXCHANGE_* Kconfig options are defined. This is done to avoid circular dependencies. At the same time update uses of the affected MBEDTLS_KEY_EXCHANGE_* Kconfig options to enable/disable the dependencies which used to be automatically handled. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
49 lines
1.2 KiB
Text
49 lines
1.2 KiB
Text
# Copyright (c) 2018 Linaro
|
|
# Copyright (c) 2024 BayLibre SAS
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
menuconfig JWT
|
|
bool "JSON Web Token generation"
|
|
select JSON_LIBRARY
|
|
help
|
|
Enable creation of JWT tokens
|
|
|
|
if JWT
|
|
|
|
choice
|
|
prompt "JWT signature algorithm"
|
|
default JWT_SIGN_RSA_PSA
|
|
help
|
|
Select which algorithm to use for signing JWT tokens.
|
|
|
|
config JWT_SIGN_RSA_LEGACY
|
|
bool "Use RSA signature (RS-256). Use Mbed TLS as crypto library."
|
|
depends on CSPRNG_AVAILABLE
|
|
select MBEDTLS
|
|
select MBEDTLS_MD
|
|
select MBEDTLS_RSA_C
|
|
select MBEDTLS_PKCS1_V15
|
|
select MBEDTLS_PKCS1_V21
|
|
select MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
|
|
|
config JWT_SIGN_RSA_PSA
|
|
bool "Use RSA signature (RS-256). Use PSA Crypto API."
|
|
select MBEDTLS if !BUILD_WITH_TFM
|
|
select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM
|
|
select PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
|
|
select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT
|
|
select PSA_WANT_ALG_RSA_PKCS1V15_SIGN
|
|
select PSA_WANT_ALG_SHA_256
|
|
|
|
config JWT_SIGN_ECDSA_PSA
|
|
bool "Use ECDSA signature (ES-256). Use PSA Crypto API."
|
|
select MBEDTLS if !BUILD_WITH_TFM
|
|
select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM
|
|
select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
|
|
select PSA_WANT_ALG_ECDSA
|
|
select PSA_WANT_ECC_SECP_R1_256
|
|
select PSA_WANT_ALG_SHA_256
|
|
|
|
endchoice
|
|
|
|
endif # JWT
|