Co-developed-by: Patrick Franz <deltaone@xxxxxxxxxx> Signed-off-by: Patrick Franz <deltaone@xxxxxxxxxx> Co-developed-by: Ibrahim Fayaz <phayax@xxxxxxxxx> Signed-off-by: Ibrahim Fayaz <phayax@xxxxxxxxx> Reviewed-by: Luis Chamberlain <mcgrof@xxxxxxxx> Tested-by: Evgeny Groshev <eugene.groshev@xxxxxxxxx> Suggested-by: Sarah Nadi <nadi@xxxxxxxxxxx> Suggested-by: Thorsten Berger <thorsten.berger@xxxxxx> Signed-off-by: Thorsten Berger <thorsten.berger@xxxxxx> --- certs/Kconfig | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/certs/Kconfig b/certs/Kconfig index ae7f2e876a31..f69c92e5bc30 100644 --- a/certs/Kconfig +++ b/certs/Kconfig @@ -17,6 +17,7 @@ config MODULE_SIG_KEY choice prompt "Type of module signing key to be generated" + depends on MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES) default MODULE_SIG_KEY_TYPE_RSA help The type of module signing key type to generate. This option @@ -24,14 +25,12 @@ choice config MODULE_SIG_KEY_TYPE_RSA bool "RSA" - depends on MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES) help Use an RSA key for module signing. config MODULE_SIG_KEY_TYPE_ECDSA bool "ECDSA" select CRYPTO_ECDSA - depends on MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES) help Use an elliptic curve key (NIST P384) for module signing. Consider using a strong hash like sha256 or sha384 for hashing modules. -- 2.33.0
