1# For U-Boot Proper
2
3choice
4	prompt "Crypto libraries (U-Boot Proper)"
5	default LEGACY_HASHING_AND_CRYPTO
6	help
7	  Select crypto libraries.
8	  LEGACY_HASHING_AND_CRYPTO for legacy crypto libraries,
9	  MBEDTLS_LIB for MbedTLS libraries.
10
11config LEGACY_HASHING_AND_CRYPTO
12	bool "legacy crypto libraries"
13	select LEGACY_HASHING
14	select LEGACY_CRYPTO
15
16config MBEDTLS_LIB
17	bool "MbedTLS libraries"
18	select MBEDTLS_LIB_X509
19endchoice
20
21if LEGACY_HASHING_AND_CRYPTO || MBEDTLS_LIB_HASHING_ALT
22
23config LEGACY_HASHING
24	bool "Use U-Boot legacy hashing libraries"
25	select MD5_LEGACY if MD5
26	select SHA1_LEGACY if SHA1
27	select SHA256_LEGACY if SHA256
28	select SHA512_LEGACY if SHA512
29	select SHA384_LEGACY if SHA384
30	help
31	  Enable U-Boot legacy hashing libraries.
32
33if LEGACY_HASHING
34
35config SHA1_LEGACY
36	bool "Enable SHA1 support with legacy crypto library"
37	depends on LEGACY_HASHING && SHA1
38	help
39	  This option enables support of hashing using SHA1 algorithm
40	  with legacy crypto library.
41
42config SHA256_LEGACY
43	bool "Enable SHA256 support with legacy crypto library"
44	depends on LEGACY_HASHING && SHA256
45	help
46	  This option enables support of hashing using SHA256 algorithm
47	  with legacy crypto library.
48
49config SHA512_LEGACY
50	bool "Enable SHA512 support with legacy crypto library"
51	depends on LEGACY_HASHING && SHA512
52	default y if TI_SECURE_DEVICE && FIT_SIGNATURE
53	help
54	  This option enables support of hashing using SHA512 algorithm
55	  with legacy crypto library.
56
57config SHA384_LEGACY
58	bool "Enable SHA384 support with legacy crypto library"
59	depends on LEGACY_HASHING && SHA384
60	select SHA512_LEGACY
61	help
62	  This option enables support of hashing using SHA384 algorithm
63	  with legacy crypto library.
64
65config MD5_LEGACY
66	bool "Enable MD5 support with legacy crypto library"
67	depends on LEGACY_HASHING && MD5
68	help
69	  This option enables support of hashing using MD5 algorithm
70	  with legacy crypto library.
71
72endif # LEGACY_HASHING
73
74config LEGACY_CRYPTO
75	bool "legacy certificate libraries"
76	depends on LEGACY_HASHING_AND_CRYPTO
77	select ASN1_DECODER_LEGACY if ASN1_DECODER
78	select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
79		ASYMMETRIC_PUBLIC_KEY_SUBTYPE
80	select RSA_PUBLIC_KEY_PARSER_LEGACY if RSA_PUBLIC_KEY_PARSER
81	select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
82	select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
83	select MSCODE_PARSER_LEGACY if MSCODE_PARSER
84	help
85	  Enable legacy certificate libraries.
86
87if LEGACY_CRYPTO
88
89config ASN1_DECODER_LEGACY
90	bool "ASN1 decoder with legacy certificate library"
91	depends on LEGACY_CRYPTO && ASN1_DECODER
92	help
93	  This option chooses legacy certificate library for ASN1 decoder.
94
95config ASYMMETRIC_PUBLIC_KEY_LEGACY
96	bool "Asymmetric public key crypto with legacy certificate library"
97	depends on LEGACY_CRYPTO && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
98	help
99	  This option chooses legacy certificate library for asymmetric public
100	  key crypto algorithm.
101
102config RSA_PUBLIC_KEY_PARSER_LEGACY
103	bool "RSA public key parser with legacy certificate library"
104	depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
105	select ASN1_DECODER_LEGACY
106	help
107	  This option chooses legacy certificate library for RSA public key
108	  parser.
109
110config X509_CERTIFICATE_PARSER_LEGACY
111	bool "X.509 certificate parser with legacy certificate library"
112	depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
113	select ASN1_DECODER_LEGACY
114	help
115	  This option chooses legacy certificate library for X509 certificate
116	  parser.
117
118config PKCS7_MESSAGE_PARSER_LEGACY
119	bool "PKCS#7 message parser with legacy certificate library"
120	depends on X509_CERTIFICATE_PARSER_LEGACY
121	select ASN1_DECODER_LEGACY
122	help
123	  This option chooses legacy certificate library for PKCS7 message
124	  parser.
125
126config MSCODE_PARSER_LEGACY
127	bool "MS authenticode parser with legacy certificate library"
128	depends on LEGACY_CRYPTO && MSCODE_PARSER
129	select ASN1_DECODER_LEGACY
130	help
131	  This option chooses legacy certificate library for MS authenticode
132	  parser.
133
134endif # LEGACY_CRYPTO
135
136endif # LEGACY_HASHING_AND_CRYPTO || MBEDTLS_LIB_HASHING_ALT
137
138if MBEDTLS_LIB
139
140config MBEDTLS_LIB_HASHING_ALT
141	bool "Replace MbedTLS native hashing with U-Boot legacy libraries"
142	depends on MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
143	select LEGACY_HASHING
144	default y if MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
145	help
146	  Enable MbedTLS hashing alternatives and replace them with legacy hashing
147	  libraries.
148	  This allows user to use U-Boot legacy hashing algorithms together with
149	  other MbedTLS modules.
150	  Mutually incompatible with MBEDTLS_LIB_CRYPTO.
151
152config MBEDTLS_LIB_CRYPTO
153	bool "Use MbedTLS native crypto libraries for hashing"
154	default y if MBEDTLS_LIB
155	select MD5_MBEDTLS if MD5
156	select SHA1_MBEDTLS if SHA1
157	select SHA256_MBEDTLS if SHA256
158	select SHA512_MBEDTLS if SHA512
159	select SHA384_MBEDTLS if SHA384
160	help
161	  Enable MbedTLS native crypto libraries.
162	  Mutually incompatible with MBEDTLS_LIB_HASHING_ALT.
163
164if MBEDTLS_LIB_CRYPTO
165
166config SHA1_MBEDTLS
167	bool "Enable SHA1 support with MbedTLS crypto library"
168	depends on MBEDTLS_LIB_CRYPTO && SHA1
169	help
170	  This option enables support of hashing using SHA1 algorithm
171	  with MbedTLS crypto library.
172
173config SHA256_MBEDTLS
174	bool "Enable SHA256 support with MbedTLS crypto library"
175	depends on MBEDTLS_LIB_CRYPTO && SHA256
176	help
177	  This option enables support of hashing using SHA256 algorithm
178	  with MbedTLS crypto library.
179
180if SHA256_MBEDTLS
181
182config SHA256_SMALLER
183	bool "Enable SHA256 smaller implementation with MbedTLS crypto library"
184	depends on SHA256_MBEDTLS
185	default y if SHA256_MBEDTLS
186	help
187	  This option enables support of hashing using SHA256 algorithm
188	  smaller implementation with MbedTLS crypto library.
189
190endif
191
192config SHA512_MBEDTLS
193	bool "Enable SHA512 support with MbedTLS crypto library"
194	depends on MBEDTLS_LIB_CRYPTO && SHA512
195	default y if TI_SECURE_DEVICE && FIT_SIGNATURE
196	help
197	  This option enables support of hashing using SHA512 algorithm
198	  with MbedTLS crypto library.
199
200if SHA512_MBEDTLS
201
202config SHA512_SMALLER
203	bool "Enable SHA512 smaller implementation with MbedTLS crypto library"
204	depends on SHA512_MBEDTLS
205	default y if SHA512_MBEDTLS
206	help
207	  This option enables support of hashing using SHA512 algorithm
208	  smaller implementation with MbedTLS crypto library.
209
210endif
211
212config SHA384_MBEDTLS
213	bool "Enable SHA384 support with MbedTLS crypto library"
214	depends on MBEDTLS_LIB_CRYPTO && SHA384
215	select SHA512_MBEDTLS
216	help
217	  This option enables support of hashing using SHA384 algorithm
218	  with MbedTLS crypto library.
219
220config MD5_MBEDTLS
221	bool "Enable MD5 support with MbedTLS crypto library"
222	depends on MBEDTLS_LIB_CRYPTO && MD5
223	help
224	  This option enables support of hashing using MD5 algorithm
225	  with MbedTLS crypto library.
226
227config HKDF_MBEDTLS
228	bool "Enable HKDF support with MbedTLS crypto library"
229	depends on MBEDTLS_LIB_CRYPTO
230	help
231	  This option enables support of key derivation using HKDF algorithm
232	  with MbedTLS crypto library.
233
234endif # MBEDTLS_LIB_CRYPTO
235
236config MBEDTLS_LIB_X509
237	bool "MbedTLS certificate libraries"
238	select ASN1_DECODER_MBEDTLS if ASN1_DECODER
239	select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
240		ASYMMETRIC_PUBLIC_KEY_SUBTYPE
241	select RSA_PUBLIC_KEY_PARSER_MBEDTLS if RSA_PUBLIC_KEY_PARSER
242	select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
243	select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER
244	select MSCODE_PARSER_MBEDTLS if MSCODE_PARSER
245	help
246	  Enable MbedTLS certificate libraries.
247
248if MBEDTLS_LIB_X509
249
250config ASN1_DECODER_MBEDTLS
251	bool "ASN1 decoder with MbedTLS certificate library"
252	depends on MBEDTLS_LIB_X509 && ASN1_DECODER
253	help
254	  This option chooses MbedTLS certificate library for ASN1 decoder.
255
256config ASYMMETRIC_PUBLIC_KEY_MBEDTLS
257	bool "Asymmetric public key crypto with MbedTLS certificate library"
258	depends on MBEDTLS_LIB_X509 && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
259	help
260	  This option chooses MbedTLS certificate library for asymmetric public
261	  key crypto algorithm.
262
263config RSA_PUBLIC_KEY_PARSER_MBEDTLS
264	bool "RSA public key parser with MbedTLS certificate library"
265	depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
266	select ASN1_DECODER_MBEDTLS
267	help
268	  This option chooses MbedTLS certificate library for RSA public key
269	  parser.
270
271config X509_CERTIFICATE_PARSER_MBEDTLS
272	bool "X.509 certificate parser with MbedTLS certificate library"
273	depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
274	select ASN1_DECODER_MBEDTLS
275	help
276	  This option chooses MbedTLS certificate library for X509 certificate
277	  parser.
278
279config PKCS7_MESSAGE_PARSER_MBEDTLS
280	bool "PKCS#7 message parser with MbedTLS certificate library"
281	depends on X509_CERTIFICATE_PARSER_MBEDTLS
282	select ASN1_DECODER_MBEDTLS
283	help
284	  This option chooses MbedTLS certificate library for PKCS7 message
285	  parser.
286
287config MSCODE_PARSER_MBEDTLS
288	bool "MS authenticode parser with MbedTLS certificate library"
289	depends on MBEDTLS_LIB_X509 && MSCODE_PARSER
290	select ASN1_DECODER_MBEDTLS
291	help
292	  This option chooses MbedTLS certificate library for MS authenticode
293	  parser.
294
295endif # MBEDTLS_LIB_X509
296
297config MBEDTLS_LIB_TLS
298	bool "MbedTLS TLS library"
299	depends on RSA_PUBLIC_KEY_PARSER_MBEDTLS
300	depends on X509_CERTIFICATE_PARSER_MBEDTLS
301	depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
302	depends on ASN1_DECODER_MBEDTLS
303	depends on MBEDTLS_LIB
304	help
305	  Enable MbedTLS TLS library. Required for HTTPs support
306	  in wget
307
308endif # MBEDTLS_LIB
309
310# For SPL
311
312if SPL
313
314choice
315	prompt "Crypto libraries (SPL)"
316	default SPL_LEGACY_HASHING_AND_CRYPTO
317	help
318	  Select crypto libraries in SPL.
319	  SPL_LEGACY_HASHING_AND_CRYPTO for legacy crypto libraries,
320	  SPL_MBEDTLS_LIB for MbedTLS libraries.
321
322config SPL_LEGACY_HASHING_AND_CRYPTO
323	bool "legacy crypto libraries"
324	select SPL_LEGACY_HASHING
325	select SPL_LEGACY_CRYPTO
326
327config SPL_MBEDTLS_LIB
328	bool "MbedTLS libraries"
329	select SPL_MBEDTLS_LIB_X509
330endchoice
331
332if SPL_LEGACY_HASHING_AND_CRYPTO || SPL_MBEDTLS_LIB_HASHING_ALT
333
334config SPL_LEGACY_HASHING
335	bool "Use U-Boot legacy hashing libraries (SPL)"
336	select SPL_MD5_LEGACY if SPL_MD5
337	select SPL_SHA1_LEGACY if SPL_SHA1
338	select SPL_SHA256_LEGACY if SPL_SHA256
339	select SPL_SHA512_LEGACY if SPL_SHA512
340	select SPL_SHA384_LEGACY if SPL_SHA384
341	help
342	  Enable U-Boot legacy hashing libraries in SPL.
343
344if SPL_LEGACY_HASHING
345
346config SPL_SHA1_LEGACY
347	bool "Enable SHA1 support with legacy crypto library (SPL)"
348	depends on SPL_LEGACY_HASHING && SPL_SHA1
349	help
350	  This option enables support of hashing using SHA1 algorithm
351	  with legacy crypto library in SPL.
352
353config SPL_SHA256_LEGACY
354	bool "Enable SHA256 support with legacy crypto library (SPL)"
355	depends on SPL_LEGACY_HASHING && SPL_SHA256
356	help
357	  This option enables support of hashing using SHA256 algorithm
358	  with legacy crypto library in SPL.
359
360config SPL_SHA512_LEGACY
361	bool "Enable SHA512 support with legacy crypto library (SPL)"
362	depends on SPL_LEGACY_HASHING && SPL_SHA512
363	help
364	  This option enables support of hashing using SHA512 algorithm
365	  with legacy crypto library in SPL.
366
367config SPL_SHA384_LEGACY
368	bool "Enable SHA384 support with legacy crypto library (SPL)"
369	depends on SPL_LEGACY_HASHING && SPL_SHA384
370	select SPL_SHA512_LEGACY
371	help
372	  This option enables support of hashing using SHA384 algorithm
373	  with legacy crypto library in SPL.
374
375config SPL_MD5_LEGACY
376	bool "Enable MD5 support with legacy crypto library (SPL)"
377	depends on SPL_LEGACY_HASHING && SPL_MD5
378	help
379	  This option enables support of hashing using MD5 algorithm
380	  with legacy crypto library in SPL.
381
382endif # SPL_LEGACY_HASHING
383
384config SPL_LEGACY_CRYPTO
385	bool "legacy certificate libraries (SPL)"
386	depends on SPL_LEGACY_HASHING_AND_CRYPTO
387	select SPL_ASN1_DECODER_LEGACY if SPL_ASN1_DECODER
388	select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
389		SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
390	select SPL_RSA_PUBLIC_KEY_PARSER_LEGACY if SPL_RSA_PUBLIC_KEY_PARSER
391	help
392	  Enable legacy certificate libraries in SPL.
393
394if SPL_LEGACY_CRYPTO
395
396config SPL_ASN1_DECODER_LEGACY
397	bool "ASN1 decoder with legacy certificate library (SPL)"
398	depends on SPL_LEGACY_CRYPTO && SPL_ASN1_DECODER
399	help
400	  This option chooses legacy certificate library for ASN1 decoder in
401	  SPL.
402
403config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
404	bool "Asymmetric public key crypto with legacy certificate library (SPL)"
405	depends on SPL_LEGACY_CRYPTO && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
406	help
407	  This option chooses legacy certificate library for asymmetric public
408	  key crypto algorithm in SPL.
409
410config SPL_RSA_PUBLIC_KEY_PARSER_LEGACY
411	bool "RSA public key parser with legacy certificate library (SPL)"
412	depends on SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
413	select SPL_ASN1_DECODER_LEGACY
414	help
415	  This option chooses legacy certificate library for RSA public key
416	  parser in SPL.
417
418endif # SPL_LEGACY_CRYPTO
419
420endif # SPL_LEGACY_HASHING_AND_CRYPTO || SPL_MBEDTLS_LIB_HASHING_ALT
421
422if SPL_MBEDTLS_LIB
423
424config SPL_MBEDTLS_LIB_HASHING_ALT
425	bool "Replace MbedTLS native hashing with U-Boot legacy libraries (SPL)"
426	depends on SPL_MBEDTLS_LIB && !SPL_MBEDTLS_LIB_CRYPTO
427	select SPL_LEGACY_HASHING
428	default y if SPL_MBEDTLS_LIB && !SPL_MBEDTLS_LIB_CRYPTO
429	help
430	  Enable MbedTLS hashing alternatives and replace them with legacy hashing
431	  libraries in SPL.
432	  This allows user to use U-Boot legacy hashing algorithms together with
433	  other MbedTLS modules.
434	  Mutually incompatible with SPL_MBEDTLS_LIB_CRYPTO.
435
436config SPL_MBEDTLS_LIB_CRYPTO
437	bool "Use MbedTLS native crypto libraries for hashing (SPL)"
438	default y if SPL_MBEDTLS_LIB
439	select SPL_MD5_MBEDTLS if SPL_MD5
440	select SPL_SHA1_MBEDTLS if SPL_SHA1
441	select SPL_SHA256_MBEDTLS if SPL_SHA256
442	select SPL_SHA512_MBEDTLS if SPL_SHA512
443	select SPL_SHA384_MBEDTLS if SPL_SHA384
444	help
445	  Enable MbedTLS native crypto libraries in SPL.
446
447if SPL_MBEDTLS_LIB_CRYPTO
448
449config SPL_SHA1_MBEDTLS
450	bool "Enable SHA1 support with MbedTLS crypto library (SPL)"
451	depends on SPL_MBEDTLS_LIB_CRYPTO && SPL_SHA1
452	help
453	  This option enables support of hashing using SHA1 algorithm
454	  with MbedTLS crypto library in SPL.
455
456config SPL_SHA256_MBEDTLS
457	bool "Enable SHA256 support with MbedTLS crypto library (SPL)"
458	depends on SPL_MBEDTLS_LIB_CRYPTO && SPL_SHA256
459	help
460	  This option enables support of hashing using SHA256 algorithm
461	  with MbedTLS crypto library in SPL.
462
463config SPL_SHA512_MBEDTLS
464	bool "Enable SHA512 support with MbedTLS crypto library (SPL)"
465	depends on SPL_MBEDTLS_LIB_CRYPTO && SPL_SHA512
466	help
467	  This option enables support of hashing using SHA512 algorithm
468	  with MbedTLS crypto library in SPL.
469
470config SPL_SHA384_MBEDTLS
471	bool "Enable SHA384 support with MbedTLS crypto library (SPL)"
472	depends on SPL_MBEDTLS_LIB_CRYPTO && SPL_SHA384
473	select SPL_SHA512
474	help
475	  This option enables support of hashing using SHA384 algorithm
476	  with MbedTLS crypto library in SPL.
477
478config SPL_MD5_MBEDTLS
479	bool "Enable MD5 support with MbedTLS crypto library (SPL)"
480	depends on SPL_MBEDTLS_LIB_CRYPTO && SPL_MD5
481	help
482	  This option enables support of hashing using MD5 algorithm
483	  with MbedTLS crypto library in SPL.
484
485config SPL_HKDF_MBEDTLS
486	bool "Enable HKDF support with MbedTLS crypto library (SPL)"
487	depends on SPL_MBEDTLS_LIB_CRYPTO
488	help
489	  This option enables support of key derivation using HKDF algorithm
490	  with MbedTLS crypto library in SPL.
491
492endif # SPL_MBEDTLS_LIB_CRYPTO
493
494config SPL_MBEDTLS_LIB_X509
495	bool "MbedTLS certificate libraries (SPL)"
496	select SPL_ASN1_DECODER_MBEDTLS if SPL_ASN1_DECODER
497	select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
498		SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
499	select SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS if SPL_RSA_PUBLIC_KEY_PARSER
500	help
501	  Enable MbedTLS certificate libraries in SPL.
502
503if SPL_MBEDTLS_LIB_X509
504
505config SPL_ASN1_DECODER_MBEDTLS
506	bool "ASN1 decoder with MbedTLS certificate library (SPL)"
507	depends on SPL_MBEDTLS_LIB_X509 && SPL_ASN1_DECODER
508	help
509	  This option chooses MbedTLS certificate library for ASN1 decoder in
510	  SPL.
511
512config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
513	bool "Asymmetric public key crypto with MbedTLS certificate library (SPL)"
514	depends on SPL_MBEDTLS_LIB_X509 && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
515	help
516	  This option chooses MbedTLS certificate library for asymmetric public
517	  key crypto algorithm in SPL.
518
519config SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS
520	bool "RSA public key parser with MbedTLS certificate library (SPL)"
521	depends on SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
522	select SPL_ASN1_DECODER_MBEDTLS
523	help
524	  This option chooses MbedTLS certificate library for RSA public key
525	  parser in SPL.
526
527endif # SPL_MBEDTLS_LIB_X509
528
529config SPL_MBEDTLS_LIB_TLS
530	bool "MbedTLS TLS library (SPL)"
531	depends on SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS
532	depends on SPL_X509_CERTIFICATE_PARSER_MBEDTLS
533	depends on SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
534	depends on SPL_ASN1_DECODER_MBEDTLS
535	depends on SPL_MBEDTLS_LIB
536	help
537	  Enable MbedTLS TLS library in SPL. Required for HTTPs support
538	  in wget
539
540endif # SPL_MBEDTLS_LIB
541
542endif # SPL
543
544# For TPL
545
546if TPL
547
548choice
549	prompt "Crypto libraries (TPL)"
550	default TPL_LEGACY_HASHING_AND_CRYPTO
551	help
552	  Select crypto libraries in TPL.
553	  TPL_LEGACY_HASHING_AND_CRYPTO for legacy crypto libraries,
554	  TPL_MBEDTLS_LIB for MbedTLS libraries.
555
556config TPL_LEGACY_HASHING_AND_CRYPTO
557	bool "legacy crypto libraries"
558	select TPL_LEGACY_HASHING
559	select TPL_LEGACY_CRYPTO
560
561config TPL_MBEDTLS_LIB
562	bool "MbedTLS libraries"
563
564endchoice
565
566if TPL_LEGACY_HASHING_AND_CRYPTO || TPL_MBEDTLS_LIB_HASHING_ALT
567
568config TPL_LEGACY_HASHING
569	bool "Use U-Boot legacy hashing libraries (TPL)"
570	select TPL_MD5_LEGACY if TPL_MD5
571	select TPL_SHA1_LEGACY if TPL_SHA1
572	select TPL_SHA256_LEGACY if TPL_SHA256
573	select TPL_SHA512_LEGACY if TPL_SHA512
574	select TPL_SHA384_LEGACY if TPL_SHA384
575	help
576	  Enable U-Boot legacy hashing libraries in TPL.
577
578if TPL_LEGACY_HASHING
579
580config TPL_SHA1_LEGACY
581	bool "Enable SHA1 support with legacy crypto library (TPL)"
582	depends on TPL_LEGACY_HASHING && TPL_SHA1
583	help
584	  This option enables support of hashing using SHA1 algorithm
585	  with legacy crypto library in TPL.
586
587config TPL_SHA256_LEGACY
588	bool "Enable SHA256 support with legacy crypto library (TPL)"
589	depends on TPL_LEGACY_HASHING && TPL_SHA256
590	help
591	  This option enables support of hashing using SHA256 algorithm
592	  with legacy crypto library in TPL.
593
594config TPL_SHA512_LEGACY
595	bool "Enable SHA512 support with legacy crypto library (TPL)"
596	depends on TPL_LEGACY_HASHING && TPL_SHA512
597	help
598	  This option enables support of hashing using SHA512 algorithm
599	  with legacy crypto library in TPL.
600
601config TPL_SHA384_LEGACY
602	bool "Enable SHA384 support with legacy crypto library (TPL)"
603	depends on TPL_LEGACY_HASHING && TPL_SHA384
604	select TPL_SHA512_LEGACY
605	help
606	  This option enables support of hashing using SHA384 algorithm
607	  with legacy crypto library in TPL.
608
609config TPL_MD5_LEGACY
610	bool "Enable MD5 support with legacy crypto library (TPL)"
611	depends on TPL_LEGACY_HASHING && TPL_MD5
612	help
613	  This option enables support of hashing using MD5 algorithm
614	  with legacy crypto library in TPL.
615
616endif # TPL_LEGACY_HASHING
617
618endif # TPL_LEGACY_HASHING_AND_CRYPTO || TPL_MBEDTLS_LIB_HASHING_ALT
619
620if TPL_MBEDTLS_LIB
621
622config TPL_MBEDTLS_LIB_HASHING_ALT
623	bool "Replace MbedTLS native hashing with U-Boot legacy libraries (TPL)"
624	depends on TPL_MBEDTLS_LIB && !TPL_MBEDTLS_LIB_CRYPTO
625	select TPL_LEGACY_HASHING
626	default y if TPL_MBEDTLS_LIB && !TPL_MBEDTLS_LIB_CRYPTO
627	help
628	  Enable MbedTLS hashing alternatives and replace them with legacy hashing
629	  libraries in TPL.
630	  This allows user to use U-Boot legacy hashing algorithms together with
631	  other MbedTLS modules.
632	  Mutually incompatible with TPL_MBEDTLS_LIB_CRYPTO.
633
634config TPL_MBEDTLS_LIB_CRYPTO
635	bool "Use MbedTLS native crypto libraries for hashing (TPL)"
636	default y if TPL_MBEDTLS_LIB
637	select TPL_MD5_MBEDTLS if TPL_MD5
638	select TPL_SHA1_MBEDTLS if TPL_SHA1
639	select TPL_SHA256_MBEDTLS if TPL_SHA256
640	select TPL_SHA512_MBEDTLS if TPL_SHA512
641	select TPL_SHA384_MBEDTLS if TPL_SHA384
642	help
643	  Enable MbedTLS native crypto libraries in TPL.
644
645if TPL_MBEDTLS_LIB_CRYPTO
646
647config TPL_SHA1_MBEDTLS
648	bool "Enable SHA1 support with MbedTLS crypto library (TPL)"
649	depends on TPL_MBEDTLS_LIB_CRYPTO && TPL_SHA1
650	help
651	  This option enables support of hashing using SHA1 algorithm
652	  with MbedTLS crypto library in TPL.
653
654config TPL_SHA256_MBEDTLS
655	bool "Enable SHA256 support with MbedTLS crypto library (TPL)"
656	depends on TPL_MBEDTLS_LIB_CRYPTO && TPL_SHA256
657	help
658	  This option enables support of hashing using SHA256 algorithm
659	  with MbedTLS crypto library in TPL.
660
661config TPL_SHA512_MBEDTLS
662	bool "Enable SHA512 support with MbedTLS crypto library (TPL)"
663	depends on TPL_MBEDTLS_LIB_CRYPTO && TPL_SHA512
664	help
665	  This option enables support of hashing using SHA512 algorithm
666	  with MbedTLS crypto library in TPL.
667
668config TPL_SHA384_MBEDTLS
669	bool "Enable SHA384 support with MbedTLS crypto library (TPL)"
670	depends on TPL_MBEDTLS_LIB_CRYPTO && TPL_SHA384
671	select TPL_SHA512
672	help
673	  This option enables support of hashing using SHA384 algorithm
674	  with MbedTLS crypto library in TPL.
675
676config TPL_MD5_MBEDTLS
677	bool "Enable MD5 support with MbedTLS crypto library (TPL)"
678	depends on TPL_MBEDTLS_LIB_CRYPTO && TPL_MD5
679	help
680	  This option enables support of hashing using MD5 algorithm
681	  with MbedTLS crypto library in TPL.
682
683config TPL_HKDF_MBEDTLS
684	bool "Enable HKDF support with MbedTLS crypto library (TPL)"
685	depends on TPL_MBEDTLS_LIB_CRYPTO
686	help
687	  This option enables support of key derivation using HKDF algorithm
688	  with MbedTLS crypto library in TPL.
689
690endif # TPL_MBEDTLS_LIB_CRYPTO
691
692endif # TPL_MBEDTLS_LIB
693
694endif # TPL
695
696# For VPL
697
698if VPL
699
700choice
701	prompt "Crypto libraries (VPL)"
702	default VPL_LEGACY_HASHING_AND_CRYPTO
703	help
704	  Select crypto libraries in VPL.
705	  VPL_LEGACY_HASHING_AND_CRYPTO for legacy crypto libraries,
706	  VPL_MBEDTLS_LIB for MbedTLS libraries.
707
708config VPL_LEGACY_HASHING_AND_CRYPTO
709	bool "legacy crypto libraries"
710	select VPL_LEGACY_HASHING
711
712config VPL_MBEDTLS_LIB
713	bool "MbedTLS libraries"
714
715endchoice
716
717if VPL_LEGACY_HASHING_AND_CRYPTO || VPL_MBEDTLS_LIB_HASHING_ALT
718
719config VPL_LEGACY_HASHING
720	bool "Use U-Boot legacy hashing libraries (VPL)"
721	select VPL_MD5_LEGACY if VPL_MD5
722	select VPL_SHA1_LEGACY if VPL_SHA1
723	select VPL_SHA256_LEGACY if VPL_SHA256
724	select VPL_SHA512_LEGACY if VPL_SHA512
725	select VPL_SHA384_LEGACY if VPL_SHA384
726	help
727	  Enable U-Boot legacy hashing libraries in VPL.
728
729if VPL_LEGACY_HASHING
730
731config VPL_SHA1_LEGACY
732	bool "Enable SHA1 support with legacy crypto library (VPL)"
733	depends on VPL_LEGACY_HASHING && VPL_SHA1
734	help
735	  This option enables support of hashing using SHA1 algorithm
736	  with legacy crypto library in VPL.
737
738config VPL_SHA256_LEGACY
739	bool "Enable SHA256 support with legacy crypto library (VPL)"
740	depends on VPL_LEGACY_HASHING && VPL_SHA256
741	help
742	  This option enables support of hashing using SHA256 algorithm
743	  with legacy crypto library in VPL.
744
745config VPL_SHA512_LEGACY
746	bool "Enable SHA512 support with legacy crypto library (VPL)"
747	depends on VPL_LEGACY_HASHING && VPL_SHA512
748	help
749	  This option enables support of hashing using SHA512 algorithm
750	  with legacy crypto library in VPL.
751
752config VPL_SHA384_LEGACY
753	bool "Enable SHA384 support with legacy crypto library (VPL)"
754	depends on VPL_LEGACY_HASHING && VPL_SHA384
755	select VPL_SHA512_LEGACY
756	help
757	  This option enables support of hashing using SHA384 algorithm
758	  with legacy crypto library in VPL.
759
760config VPL_MD5_LEGACY
761	bool "Enable MD5 support with legacy crypto library (VPL)"
762	depends on VPL_LEGACY_HASHING && VPL_MD5
763	help
764	  This option enables support of hashing using MD5 algorithm
765	  with legacy crypto library in VPL.
766
767endif # VPL_LEGACY_HASHING
768
769endif # VPL_LEGACY_HASHING_AND_CRYPTO || VPL_MBEDTLS_LIB_HASHING_ALT
770
771if VPL_MBEDTLS_LIB
772
773config VPL_MBEDTLS_LIB_HASHING_ALT
774	bool "Replace MbedTLS native hashing with U-Boot legacy libraries (VPL)"
775	depends on VPL_MBEDTLS_LIB && !VPL_MBEDTLS_LIB_CRYPTO
776	select VPL_LEGACY_HASHING
777	default y if VPL_MBEDTLS_LIB && !VPL_MBEDTLS_LIB_CRYPTO
778	help
779	  Enable MbedTLS hashing alternatives and replace them with legacy hashing
780	  libraries in VPL.
781	  This allows user to use U-Boot legacy hashing algorithms together with
782	  other MbedTLS modules.
783	  Mutually incompatible with VPL_MBEDTLS_LIB_CRYPTO.
784
785config VPL_MBEDTLS_LIB_CRYPTO
786	bool "Use MbedTLS native crypto libraries for hashing (VPL)"
787	default y if VPL_MBEDTLS_LIB
788	select VPL_MD5_MBEDTLS if VPL_MD5
789	select VPL_SHA1_MBEDTLS if VPL_SHA1
790	select VPL_SHA256_MBEDTLS if VPL_SHA256
791	select VPL_SHA512_MBEDTLS if VPL_SHA512
792	select VPL_SHA384_MBEDTLS if VPL_SHA384
793	help
794	  Enable MbedTLS native crypto libraries in VPL.
795
796if VPL_MBEDTLS_LIB_CRYPTO
797
798config VPL_SHA1_MBEDTLS
799	bool "Enable SHA1 support with MbedTLS crypto library (VPL)"
800	depends on VPL_MBEDTLS_LIB_CRYPTO && VPL_SHA1
801	help
802	  This option enables support of hashing using SHA1 algorithm
803	  with MbedTLS crypto library in VPL.
804
805config VPL_SHA256_MBEDTLS
806	bool "Enable SHA256 support with MbedTLS crypto library (VPL)"
807	depends on VPL_MBEDTLS_LIB_CRYPTO && VPL_SHA256
808	help
809	  This option enables support of hashing using SHA256 algorithm
810	  with MbedTLS crypto library in VPL.
811
812config VPL_SHA512_MBEDTLS
813	bool "Enable SHA512 support with MbedTLS crypto library (VPL)"
814	depends on VPL_MBEDTLS_LIB_CRYPTO && VPL_SHA512
815	help
816	  This option enables support of hashing using SHA512 algorithm
817	  with MbedTLS crypto library in VPL.
818
819config VPL_SHA384_MBEDTLS
820	bool "Enable SHA384 support with MbedTLS crypto library (VPL)"
821	depends on VPL_MBEDTLS_LIB_CRYPTO && VPL_SHA384
822	select VPL_SHA512
823	help
824	  This option enables support of hashing using SHA384 algorithm
825	  with MbedTLS crypto library in VPL.
826
827config VPL_MD5_MBEDTLS
828	bool "Enable MD5 support with MbedTLS crypto library (VPL)"
829	depends on VPL_MBEDTLS_LIB_CRYPTO && VPL_MD5
830	help
831	  This option enables support of hashing using MD5 algorithm
832	  with MbedTLS crypto library in VPL.
833
834config VPL_HKDF_MBEDTLS
835	bool "Enable HKDF support with MbedTLS crypto library (VPL)"
836	depends on VPL_MBEDTLS_LIB_CRYPTO
837	help
838	  This option enables support of key derivation using HKDF algorithm
839	  with MbedTLS crypto library in VPL.
840
841endif # VPL_MBEDTLS_LIB_CRYPTO
842
843endif # VPL_MBEDTLS_LIB
844
845endif # VPL
846