<emphasis role='blue'>S</emphasis>ecurity options ---> [*] <emphasis role='blue'>E</emphasis>nable access key retention support[KEYS] [*]<emphasis role='blue'>L</emphasis>arge payload keys[BIG_KEYS] [*]<emphasis role='blue'>D</emphasis>iffie-Hellman operations on retained keys[KEY_DH_OPERATIONS] -*- <emphasis role='blue'>C</emphasis>ryptographic API --->[CRYPTO] <emphasis role='blue'>P</emphasis>ublic-key cryptography ---> <*/M><emphasis role='blue'>R</emphasis>SA (Rivest-Shamir-Adleman)[CRYPTO_RSA] H<emphasis role='blue'>a</emphasis>shes, digests, and MACs ---> <*/M><emphasis role='blue'>S</emphasis>HA-1[CRYPTO_SHA1] [*] <emphasis role='blue'>A</emphasis>symmetric (public-key cryptographic) key type --->[ASYMMETRIC_KEY_TYPE] <*><emphasis role='blue'>A</emphasis>symmetric public-key crypto algorithm subtype ...[ASYMMETRIC_PUBLIC_KEY_SUBTYPE] # If not built into the kernel, [SYSTEM_TRUSTED_KEYRING] won't show up; # building as a module won't work: <*><emphasis role='blue'>X</emphasis>.509 certificate parser[X509_CERTIFICATE_PARSER] <emphasis role='blue'>C</emphasis>ertificates for signature checking ---> [*] <emphasis role='blue'>P</emphasis>rovide system-wide ring of trusted keys[SYSTEM_TRUSTED_KEYRING] [*]<emphasis role='blue'>P</emphasis>rovide a keyring to which extra trustable keys may be added ...[SECONDARY_TRUSTED_KEYRING] [*] <emphasis role='blue'>P</emphasis>rovide system-wide ring of blacklisted keys[SYSTEM_BLACKLIST_KEYRING] <emphasis role='blue'>L</emphasis>ibrary routines ---> <emphasis role='blue'>C</emphasis>rypto library routines ---> # If not built into the kernel, [BIG_KEYS] won't show up; # building as a module won't work: <*><emphasis role='blue'>C</emphasis>haCha20-Poly1305 AEAD support (8-byte nonce library version) ...[CRYPTO_LIB_CHACHA20POLY1305]
[*] <emphasis role='blue'>E</emphasis>nable access key retention support [KEYS]
[*] <emphasis role='blue'>L</emphasis>arge payload keys [BIG_KEYS]
[*] <emphasis role='blue'>D</emphasis>iffie-Hellman operations on retained keys [KEY_DH_OPERATIONS]
-*- <emphasis role='blue'>C</emphasis>ryptographic API ---> [CRYPTO]
<emphasis role='blue'>P</emphasis>ublic-key cryptography --->
<*/M> <emphasis role='blue'>R</emphasis>SA (Rivest-Shamir-Adleman) [CRYPTO_RSA]
H<emphasis role='blue'>a</emphasis>shes, digests, and MACs --->
<*/M> <emphasis role='blue'>S</emphasis>HA-1 [CRYPTO_SHA1]
[*] <emphasis role='blue'>A</emphasis>symmetric (public-key cryptographic) key type ---> [ASYMMETRIC_KEY_TYPE]
<*> <emphasis role='blue'>A</emphasis>symmetric public-key crypto algorithm subtype
... [ASYMMETRIC_PUBLIC_KEY_SUBTYPE]
# If not built into the kernel, [SYSTEM_TRUSTED_KEYRING] won't show up;
# building as a module won't work:
<*> <emphasis role='blue'>X</emphasis>.509 certificate parser [X509_CERTIFICATE_PARSER]
<emphasis role='blue'>C</emphasis>ertificates for signature checking --->
[*] <emphasis role='blue'>P</emphasis>rovide system-wide ring of trusted keys [SYSTEM_TRUSTED_KEYRING]
[*] <emphasis role='blue'>P</emphasis>rovide a keyring to which extra trustable keys may be added
... [SECONDARY_TRUSTED_KEYRING]
[*] <emphasis role='blue'>P</emphasis>rovide system-wide ring of blacklisted keys [SYSTEM_BLACKLIST_KEYRING]
<emphasis role='blue'>L</emphasis>ibrary routines --->
<emphasis role='blue'>C</emphasis>rypto library routines --->
# If not built into the kernel, [BIG_KEYS] won't show up;
# building as a module won't work:
<*> <emphasis role='blue'>C</emphasis>haCha20-Poly1305 AEAD support (8-byte nonce library version)
... [CRYPTO_LIB_CHACHA20POLY1305]