公告

Gentoo交流群:87709706 欢迎您的加入

#1 2024-02-16 12:58:11

batsom
管理团队
注册时间: 2022-08-03
帖子: 602
个人网站

Linux/x86 6.6.13 内核配置选--Cryptographic API

Crypto core or helper  --->
翻译:
说明:

          [ ] FIPS 200 compliance   --->
翻译:
说明:"fips"内核引导参数支持.这是在FIPS200认证的系统中运行所必须的.选"N",除非你确实知道自己在做什么
          (Linux Kernel Cryptographic API) FIPS Module Name
          [ ]   Use Custom FIPS Module Version
          - - Cryptographic algorithm manager
          < > Userspace cryptographic algorithm configuration
          [ ] Disable run-time self tests
          [ ]   Enable extra run-time crypto self tests
          { } Null algorithms
          < > Parallel crypto engine
          { } Software async crypto daemon
          { } Authenc support
          < > Testing module

      Public-key cryptography  --->
翻译:
说明:非对称加密算法(公钥加密算法)
          - - RSA (Rivest-Shamir-Adleman)
          - - DH (Diffie-Hellman)
          [ ]   RFC 7919 FFDHE groups
          { } ECDH (Elliptic Curve Diffie-Hellman)
          < > ECDSA (Elliptic Curve Digital Signature Algorithm)
          < > EC-RDSA (Elliptic Curve Russian Digital Signature Algorithm)
          < > SM2 (ShangMi 2)
          < > Curve25519

      Block ciphers  --->
翻译:
说明:对敏感数据进行加密
          - - AES (Advanced Encryption Standard)
          < > AES (Advanced Encryption Standard) (fixed time)
          < > Anubis
          < > ARIA
          < > Blowfish
          < > Camellia
          { } CAST5 (CAST-128)
          { } CAST6 (CAST-256)
          < > DES and Triple DES EDE
          { } FCrypt
          < > Khazad
          < > SEED
          { } Serpent
          < > SM4 (ShangMi 4)
          < > TEA, XTEA and XETA
          < > Twofish
      Length-preserving ciphers and modes  --->
翻译:
说明:保长密码和模式
          < > Adiantum phic API
          < > ARC4 (Alleged Rivest Cipher 4)
          { } ChaCha
          - - CBC (Cipher Block Chaining)
          < > CFB (Cipher Feedback)
          - - CTR (Counter)
          < > CTS (Cipher Text Stealing)
          { } ECB (Electronic Codebook)
          < > HCTR2
          < > KW (AES Key Wrap)
          < > LRW (Liskov Rivest Wagner)
          < > OFB (Output Feedback)
          { } PCBC (Propagating Cipher Block Chaining)
          < > XTS (XOR Encrypt XOR with ciphertext stealing)
      AEAD (authenticated encryption with associated data) ciphers  --->
翻译:AEAD(具有相关数据的认证加密)密码
说明:
          < > AEGIS-128 hic API
          < > ChaCha20-Poly1305
          { } CCM (Counter with Cipher Block Chaining-MAC)
          { } GCM (Galois/Counter Mode) and GMAC (GCM MAC)
          { } Sequence Number IV Generator
          { } Encrypted Chain IV Generator
          { } Encrypted Salt-Sector IV Generator
      Hashes, digests, and MACs  --->
          { } BLAKE2b aphic API
          { } CMAC (Cipher-based MAC)
          { } GHASH
          - - HMAC (Keyed-Hash MAC)
          < > MD4
          - - MD5
          { } Michael MIC
          { } Poly1305
          < > RIPEMD-160
          - - SHA-1
          - - SHA-224 and SHA-256
          - - SHA-384 and SHA-512
          - - SHA-3
          < > SM3 (ShangMi 3)
          { } Streebog
          < > VMAC
          < > Whirlpool
          < > XCBC-MAC (Extended Cipher Block Chaining MAC)
          { } xxHash
      CRCs (cyclic redundancy checks)  --->
翻译:循环冗余校验
说明:

          { } CRC32c raphic API
          { } CRC32
          - - CRCT10DIF
          - - CRC64 based on Rocksoft Model algorithm
      Compression  --->
翻译:
说明:压缩算法

          { } Deflate aphic API
          - - LZO
          < > 842
          < > LZ4
          < > LZ4HC
          { } Zstd
      Random number generation  --->
翻译:
说明:符合ANSI(美国国家标准学会)X9.31-1998附录A.2.4所描述的伪随机数发生器(基于3DES).这是一种较老的算法,生成的随机数质量不高

          < > ANSI PRNG (Pseudo Random Number Generator)
          { } NIST SP800-90A DRBG (Deterministic Random Bit Generator)  --->
          - - CPU Jitter Non-Deterministic RNG (Random Number Generator)
          [ ]   CPU Jitter RNG Test Interface
      Userspace interface  --->
翻译:
说明:

          - - Hash algorithms
          < > Symmetric key cipher algorithms
          < > RNG (random number generator) algorithms
          [ ]   Enable CAVP testing of DRBG
          < > AEAD cipher algorithms
          [ ] Obsolete cryptographic algorithms
          [ ] Crypto usage statistics
      Accelerated Cryptographic Algorithms for CPU (x86)  --->
          Ciphers  Hash  CRC32c CRCT10DIF
[ ]   Hardware crypto devices  --->
翻译:
说明:硬件加密设备支持

          < >   Support for VIA PadLock ACE
          < >     PadLock driver for AES algorithm
          < >     PadLock driver for SHA1 and SHA256 algorithms
          < >   Support for Microchip / Atmel ECC hw accelerator
          < >   Support for Microchip / Atmel SHA accelerator and RNG
          [ ]   Support for AMD Secure Processor
          < >     Secure Processor device driver
          [ ] Cryptographic Coprocessor device
          < > Encryption and hashing offload support
          [ ] Platform Security Processor (PSP) device
          [ ]     Enable CCP Internals in DebugFS
          < >   Support for Cavium CNN55XX driver
          < >   Support for Intel(R) DH895xCC
          < >   Support for Intel(R) C3XXX
          < >   Support for Intel(R) C62X
          < >   Support for Intel(R) QAT_4XXX
          < >   Support for Intel(R) DH895xCC Virtual Function
          < >   Support for Intel(R) C3XXX Virtual Function
          < >   Support for Intel(R) C62X Virtual Function
          < >   Chelsio Crypto Co-processor Driver
          < >   Inside Secure's SafeXcel cryptographic engine driver
          < >   Support for amlogic cryptographic offloader                                               
- -   Asymmetric (public-key cryptographic) key type  --->
翻译:
说明:非对称加密算法(公钥加密算法)

          --- Asymmetric (public-key cryptographic) key type
          - -   Asymmetric public-key crypto algorithm subtype
          - -     X.509 certificate parser
          < >     PKCS#8 private key parser
          - -   PKCS#7 message parser
          < >   PKCS#7 testing key type
          [ ]   Support for PE file signature verification
          < >   Run FIPS selftests on the X.509+PKCS7 signature verification
      Certificates for signature checking  --->
翻译:
说明:用于检查签名有效性的证书:(1)用于检查内核模块的签名,(2)用于检查全局密钥环(keyring)中的密钥的可靠性

          (certs/signing_key.pem) File name or PKCS#11 URI of module signing key
              Type of module signing key to be generated (RSA)  --->
          - - Provide system-wide ring of trusted keys
          ()    Additional X.509 keys for default system keyring
          [ ]   Reserve area for inserting a certificate without recompiling
          [ ]   Provide a keyring to which extra trustable keys may be added
          [ ] Provide system-wide ring of blacklisted keys
          ()    Hashes to be preloaded into the system blacklist keyring
          [ ]   Provide system-wide ring of revocation certificates
          [ ]   Allow root to add signed blacklist keys

离线

页脚

Powered by FluxBB

本站由XREA提供空间支持