nuttx/crypto/Kconfig
makejian 6676853589 crypto: add config of software algorithm
software algorithm not used by default and managed by respective config
Signed-off-by: makejian <makejian@xiaomi.com>
2023-08-03 10:14:38 -07:00

97 lines
2.2 KiB
Plaintext

#
# For a description of the syntax of this configuration file,
# see the file kconfig-language.txt in the NuttX tools repository.
#
config CRYPTO
bool "Crypto API support"
default n
---help---
Enable or disable Crypto API features
if CRYPTO
config CRYPTO_AES
bool "AES cypher support"
default n
config CRYPTO_ALGTEST
bool "Perform automatic crypto algorithms test on startup"
default n
if CRYPTO_ALGTEST
config CRYPTO_AES128_DISABLE
bool "Omit 128-bit AES tests"
default n
config CRYPTO_AES192_DISABLE
bool "Omit 192-bit AES tests"
default n
config CRYPTO_AES256_DISABLE
bool "Omit 256-bit AES tests"
default n
endif # CRYPTO_ALGTEST
config CRYPTO_CRYPTODEV
bool "cryptodev support"
depends on ALLOW_BSD_COMPONENTS
default n
config CRYPTO_CRYPTODEV_SOFTWARE
bool "cryptodev software support"
depends on CRYPTO_CRYPTODEV
default n
config CRYPTO_CRYPTODEV_HARDWARE
bool "cryptodev hardware support"
depends on CRYPTO_CRYPTODEV
default n
config CRYPTO_SW_AES
bool "Software AES library"
depends on ALLOW_BSD_COMPONENTS
default n
---help---
Enable the software AES library as described in
include/nuttx/crypto/aes.h
TODO: Adapt interfaces so that they are consistent with H/W AES
implementations. This needs to support up_aesinitialize() and
aes_cypher() per include/nuttx/crypto/crypto.h.
config CRYPTO_BLAKE2S
bool "BLAKE2s hash algorithm"
default n
---help---
Enable the BLAKE2s hash algorithm
config CRYPTO_RANDOM_POOL
bool "Entropy pool and strong randon number generator"
default n
select CRYPTO_BLAKE2S
---help---
Entropy pool gathers environmental noise from device drivers,
user-space, etc., and returns good random numbers, suitable
for cryptographic use. Based on entropy pool design from
*BSDs and uses BLAKE2Xs algorithm for CSPRNG output.
NOTE: May not actually be cyptographically secure, if
not enough entropy is made available to the entropy pool.
if CRYPTO_RANDOM_POOL
config CRYPTO_RANDOM_POOL_COLLECT_IRQ_RANDOMNESS
bool "Use interrupts to feed timing randomness to entropy pool"
default y
---help---
Feed entropy pool with interrupt randomness from interrupt
dispatch function 'irq_dispatch'. This adds some overhead
for every interrupt handled.
endif # CRYPTO_RANDOM_POOL
endif # CRYPTO