diff options
Diffstat (limited to 'security/Kconfig')
-rw-r--r-- | security/Kconfig | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index 24b8f9b491b..95accd442d5 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -36,6 +36,22 @@ config TRUSTED_KEYS If you are unsure as to whether this is required, answer N. +config ENCRYPTED_KEYS + tristate "ENCRYPTED KEYS" + depends on KEYS && TRUSTED_KEYS + select CRYPTO_AES + select CRYPTO_CBC + select CRYPTO_SHA256 + select CRYPTO_RNG + help + This option provides support for create/encrypting/decrypting keys + in the kernel. Encrypted keys are kernel generated random numbers, + which are encrypted/decrypted with a 'master' symmetric key. The + 'master' key can be either a trusted-key or user-key type. + Userspace only ever sees/stores encrypted blobs. + + If you are unsure as to whether this is required, answer N. + config KEYS_DEBUG_PROC_KEYS bool "Enable the /proc/keys file by which keys may be viewed" depends on KEYS |