nuttx/drivers/crypto/Kconfig

77 lines
2.3 KiB
Plaintext
Raw Normal View History

#
# For a description of the syntax of this configuration file,
# see the file kconfig-language.txt in the NuttX tools repository.
#
config ARCH_HAVE_RNG
bool
config DEV_RANDOM
bool "Enable /dev/random"
default y
depends on ARCH_HAVE_RNG
---help---
Enable support for /dev/random provided by a hardware TRNG.
config DEV_URANDOM
bool "Enable /dev/urandom"
default n
---help---
Enable support for /dev/urandom provided by either a hardware TRNG or
by a software PRNG implementation.
NOTE: This option may not be cryptographially secure and should not
be enabled if you are concerned about cyptographically secure
pseudo-random numbers (CPRNG) and do not know the characteristics
of the software PRNG implementation!
if DEV_URANDOM
choice
prompt "/dev/urandom algorithm"
default DEV_URANDOM_ARCH if ARCH_HAVE_RNG
default DEV_URANDOM_XORSHIFT128 if !ARCH_HAVE_RNG
config DEV_URANDOM_XORSHIFT128
bool "xorshift128"
---help---
xorshift128 is a pseudorandom number generator that is simple,
portable, and can also be used on 8-bit and 16-bit MCUs.
NOTE: Not cyptographically secure
config DEV_URANDOM_CONGRUENTIAL
bool "Congruential"
---help---
Use the same congruential general used with srand(). This algorithm
is computationally more intense and uses double precision floating
point. NOTE: Good randomness from the congruential generator also
requires that you also select CONFIG_LIBC_RAND_ORDER > 2
NOTE: Not cyptographically secure
config DEV_URANDOM_RANDOM_POOL
bool "Entropy pool"
depends on CRYPTO_RANDOM_POOL
---help---
Use the entropy pool CPRNG output for urandom algorithm.
NOTE: May or may not be cyptographically secure, depending upon the
quality entropy available to entropy pool.
config DEV_URANDOM_ARCH
bool "Architecture-specific"
depends on ARCH_HAVE_RNG
---help---
The implementation of /dev/urandom is provided in archtecture-
specific logic using hardware TRNG logic. architecture-specific
logic must provide the whole implementation in this case, including
the function devurandom_register(). In this case, /dev/urandom may
refer to the same driver as /dev/random.
NOTE: May or may not be cyptographically secure, depending upon the
implementation.
endchoice # /dev/urandom algorithm
endif # DEV_URANDOM