boot: zephyr: add ECIES-P256 configuration Signed-off-by: Fabio Utzig <utzig@apache.org>

commit: 42cc29abfe3300853af330662aa9ae64ae65b15d [log] [tgz]
author: Fabio Utzig <utzig@apache.org> Tue Nov 05 07:54:41 2019 -0300
committer: Fabio Utzig <utzig@utzig.org> Wed Nov 06 06:55:25 2019 -0300
tree: 5ba4f93fd087529bd1b817489eb9cdd54ab069c8
parent: c67dd70423d7716af695e42b3f942b9b540a5200 [diff] [blame]
diff --git a/boot/zephyr/Kconfig b/boot/zephyr/Kconfig
index 42e8d82..56b5b19 100644
--- a/boot/zephyr/Kconfig
+++ b/boot/zephyr/Kconfig

@@ -135,12 +135,23 @@
 	  If unsure, leave at the default value.
 
 config BOOT_ENCRYPT_RSA
-	bool "Support for encrypted upgrade images"
+	bool "Support for encrypted upgrade images using RSA"
 	default n
 	help
 	  If y, images in the secondary slot can be encrypted and are decrypted
 	  on the fly when upgrading to the primary slot, as well as encrypted
-	  back when swapping from the primary slot to the secondary slot.
+	  back when swapping from the primary slot to the secondary slot. The
+	  encryption mechanism used in this case is RSA-OAEP (2048 bits).
+
+config BOOT_ENCRYPT_EC256
+	bool "Support for encrypted upgrade images using ECIES-P256"
+	default n
+	help
+	  If y, images in the secondary slot can be encrypted and are decrypted
+	  on the fly when upgrading to the primary slot, as well as encrypted
+	  back when swapping from the primary slot to the secondary slot. The
+	  encryption mechanism used in this case is ECIES using primitives
+	  described under "ECIES-P256 encryption" in docs/encrypted_images.md.
 
 config BOOT_MAX_IMG_SECTORS
 	int "Maximum number of sectors per image slot"
commit	42cc29abfe3300853af330662aa9ae64ae65b15d	[log] [tgz]
author	Fabio Utzig <utzig@apache.org>	Tue Nov 05 07:54:41 2019 -0300
committer	Fabio Utzig <utzig@utzig.org>	Wed Nov 06 06:55:25 2019 -0300
tree	5ba4f93fd087529bd1b817489eb9cdd54ab069c8
parent	c67dd70423d7716af695e42b3f942b9b540a5200 [diff] [blame]