| # Copyright (c) 2018 Linaro |
| # Copyright (c) 2024 BayLibre SAS |
| # SPDX-License-Identifier: Apache-2.0 |
| |
| menuconfig JWT |
| bool "JSON Web Token generation" |
| select JSON_LIBRARY |
| help |
| Enable creation of JWT tokens |
| |
| if JWT |
| |
| choice |
| prompt "JWT signature algorithm" |
| default JWT_SIGN_RSA_PSA |
| help |
| Select which algorithm to use for signing JWT tokens. |
| |
| config JWT_SIGN_RSA_LEGACY |
| bool "Use RSA signature (RS-256). Use Mbed TLS as crypto library." |
| depends on CSPRNG_ENABLED |
| select MBEDTLS |
| select MBEDTLS_KEY_EXCHANGE_RSA_ENABLED |
| |
| config JWT_SIGN_RSA_PSA |
| bool "Use RSA signature (RS-256). Use PSA Crypto API." |
| select MBEDTLS if !BUILD_WITH_TFM |
| select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM |
| select PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY |
| select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT |
| select PSA_WANT_ALG_RSA_PKCS1V15_SIGN |
| select PSA_WANT_ALG_SHA_256 |
| |
| config JWT_SIGN_ECDSA_PSA |
| bool "Use ECDSA signature (ES-256). Use PSA Crypto API." |
| select MBEDTLS if !BUILD_WITH_TFM |
| select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM |
| select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT |
| select PSA_WANT_ALG_ECDSA |
| select PSA_WANT_ECC_SECP_R1_256 |
| select PSA_WANT_ALG_SHA_256 |
| |
| endchoice |
| |
| endif # JWT |
