crypto/Kconfig

   1 #
   2 # Generic algorithms support
   3 #
   4 config XOR_BLOCKS
   5         tristate
   6
   7 #
   8 # Cryptographic API Configuration
   9 #
  10
  11 menu "Cryptographic options"
  12
  13 config CRYPTO
  14         bool "Cryptographic API"
  15         help
  16           This option provides the core Cryptographic API.
  17
  18 if CRYPTO
  19
  20 config CRYPTO_ALGAPI
  21         tristate
  22         help
  23           This option provides the API for cryptographic algorithms.
  24
  25 config CRYPTO_ABLKCIPHER
  26         tristate
  27         select CRYPTO_BLKCIPHER
  28
  29 config CRYPTO_BLKCIPHER
  30         tristate
  31         select CRYPTO_ALGAPI
  32
  33 config CRYPTO_HASH
  34         tristate
  35         select CRYPTO_ALGAPI
  36
  37 config CRYPTO_MANAGER
  38         tristate "Cryptographic algorithm manager"
  39         select CRYPTO_ALGAPI
  40         help
  41           Create default cryptographic template instantiations such as
  42           cbc(aes).
  43
  44 config CRYPTO_HMAC
  45         tristate "HMAC support"
  46         select CRYPTO_HASH
  47         select CRYPTO_MANAGER
  48         help
  49           HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  50           This is required for IPSec.
  51
  52 config CRYPTO_XCBC
  53         tristate "XCBC support"
  54         depends on EXPERIMENTAL
  55         select CRYPTO_HASH
  56         select CRYPTO_MANAGER
  57         help
  58           XCBC: Keyed-Hashing with encryption algorithm
  59                 http://www.ietf.org/rfc/rfc3566.txt
  60                 http://csrc.nist.gov/encryption/modes/proposedmodes/
  61                  xcbc-mac/xcbc-mac-spec.pdf
  62
  63 config CRYPTO_NULL
  64         tristate "Null algorithms"
  65         select CRYPTO_ALGAPI
  66         help
  67           These are 'Null' algorithms, used by IPsec, which do nothing.
  68
  69 config CRYPTO_MD4
  70         tristate "MD4 digest algorithm"
  71         select CRYPTO_ALGAPI
  72         help
  73           MD4 message digest algorithm (RFC1320).
  74
  75 config CRYPTO_MD5
  76         tristate "MD5 digest algorithm"
  77         select CRYPTO_ALGAPI
  78         help
  79           MD5 message digest algorithm (RFC1321).
  80
  81 config CRYPTO_SHA1
  82         tristate "SHA1 digest algorithm"
  83         select CRYPTO_ALGAPI
  84         help
  85           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  86
  87 config CRYPTO_SHA256
  88         tristate "SHA256 digest algorithm"
  89         select CRYPTO_ALGAPI
  90         help
  91           SHA256 secure hash standard (DFIPS 180-2).
  92
  93           This version of SHA implements a 256 bit hash with 128 bits of
  94           security against collision attacks.
  95
  96 config CRYPTO_SHA512
  97         tristate "SHA384 and SHA512 digest algorithms"
  98         select CRYPTO_ALGAPI
  99         help
 100           SHA512 secure hash standard (DFIPS 180-2).
 101
 102           This version of SHA implements a 512 bit hash with 256 bits of
 103           security against collision attacks.
 104
 105           This code also includes SHA-384, a 384 bit hash with 192 bits
 106           of security against collision attacks.
 107
 108 config CRYPTO_WP512
 109         tristate "Whirlpool digest algorithms"
 110         select CRYPTO_ALGAPI
 111         help
 112           Whirlpool hash algorithm 512, 384 and 256-bit hashes
 113
 114           Whirlpool-512 is part of the NESSIE cryptographic primitives.
 115           Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
 116
 117           See also:
 118           <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
 119
 120 config CRYPTO_TGR192
 121         tristate "Tiger digest algorithms"
 122         select CRYPTO_ALGAPI
 123         help
 124           Tiger hash algorithm 192, 160 and 128-bit hashes
 125
 126           Tiger is a hash function optimized for 64-bit processors while
 127           still having decent performance on 32-bit processors.
 128           Tiger was developed by Ross Anderson and Eli Biham.
 129
 130           See also:
 131           <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
 132
 133 config CRYPTO_GF128MUL
 134         tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
 135         depends on EXPERIMENTAL
 136         help
 137           Efficient table driven implementation of multiplications in the
 138           field GF(2^128).  This is needed by some cypher modes. This
 139           option will be selected automatically if you select such a
 140           cipher mode.  Only select this option by hand if you expect to load
 141           an external module that requires these functions.
 142
 143 config CRYPTO_ECB
 144         tristate "ECB support"
 145         select CRYPTO_BLKCIPHER
 146         select CRYPTO_MANAGER
 147         default m
 148         help
 149           ECB: Electronic CodeBook mode
 150           This is the simplest block cipher algorithm.  It simply encrypts
 151           the input block by block.
 152
 153 config CRYPTO_CBC
 154         tristate "CBC support"
 155         select CRYPTO_BLKCIPHER
 156         select CRYPTO_MANAGER
 157         default m
 158         help
 159           CBC: Cipher Block Chaining mode
 160           This block cipher algorithm is required for IPSec.
 161
 162 config CRYPTO_PCBC
 163         tristate "PCBC support"
 164         select CRYPTO_BLKCIPHER
 165         select CRYPTO_MANAGER
 166         default m
 167         help
 168           PCBC: Propagating Cipher Block Chaining mode
 169           This block cipher algorithm is required for RxRPC.
 170
 171 config CRYPTO_LRW
 172         tristate "LRW support (EXPERIMENTAL)"
 173         depends on EXPERIMENTAL
 174         select CRYPTO_BLKCIPHER
 175         select CRYPTO_MANAGER
 176         select CRYPTO_GF128MUL
 177         help
 178           LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
 179           narrow block cipher mode for dm-crypt.  Use it with cipher
 180           specification string aes-lrw-benbi, the key must be 256, 320 or 384.
 181           The first 128, 192 or 256 bits in the key are used for AES and the
 182           rest is used to tie each cipher block to its logical position.
 183
 184 config CRYPTO_CRYPTD
 185         tristate "Software async crypto daemon"
 186         select CRYPTO_ABLKCIPHER
 187         select CRYPTO_MANAGER
 188         help
 189           This is a generic software asynchronous crypto daemon that
 190           converts an arbitrary synchronous software crypto algorithm
 191           into an asynchronous algorithm that executes in a kernel thread.
 192
 193 config CRYPTO_DES
 194         tristate "DES and Triple DES EDE cipher algorithms"
 195         select CRYPTO_ALGAPI
 196         help
 197           DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
 198
 199 config CRYPTO_FCRYPT
 200         tristate "FCrypt cipher algorithm"
 201         select CRYPTO_ALGAPI
 202         select CRYPTO_BLKCIPHER
 203         help
 204           FCrypt algorithm used by RxRPC.
 205
 206 config CRYPTO_BLOWFISH
 207         tristate "Blowfish cipher algorithm"
 208         select CRYPTO_ALGAPI
 209         help
 210           Blowfish cipher algorithm, by Bruce Schneier.
 211
 212           This is a variable key length cipher which can use keys from 32
 213           bits to 448 bits in length.  It's fast, simple and specifically
 214           designed for use on "large microprocessors".
 215
 216           See also:
 217           <http://www.schneier.com/blowfish.html>
 218
 219 config CRYPTO_TWOFISH
 220         tristate "Twofish cipher algorithm"
 221         select CRYPTO_ALGAPI
 222         select CRYPTO_TWOFISH_COMMON
 223         help
 224           Twofish cipher algorithm.
 225
 226           Twofish was submitted as an AES (Advanced Encryption Standard)
 227           candidate cipher by researchers at CounterPane Systems.  It is a
 228           16 round block cipher supporting key sizes of 128, 192, and 256
 229           bits.
 230
 231           See also:
 232           <http://www.schneier.com/twofish.html>
 233
 234 config CRYPTO_TWOFISH_COMMON
 235         tristate
 236         help
 237           Common parts of the Twofish cipher algorithm shared by the
 238           generic c and the assembler implementations.
 239
 240 config CRYPTO_TWOFISH_586
 241         tristate "Twofish cipher algorithms (i586)"
 242         depends on (X86 || UML_X86) && !64BIT
 243         select CRYPTO_ALGAPI
 244         select CRYPTO_TWOFISH_COMMON
 245         help
 246           Twofish cipher algorithm.
 247
 248           Twofish was submitted as an AES (Advanced Encryption Standard)
 249           candidate cipher by researchers at CounterPane Systems.  It is a
 250           16 round block cipher supporting key sizes of 128, 192, and 256
 251           bits.
 252
 253           See also:
 254           <http://www.schneier.com/twofish.html>
 255
 256 config CRYPTO_TWOFISH_X86_64
 257         tristate "Twofish cipher algorithm (x86_64)"
 258         depends on (X86 || UML_X86) && 64BIT
 259         select CRYPTO_ALGAPI
 260         select CRYPTO_TWOFISH_COMMON
 261         help
 262           Twofish cipher algorithm (x86_64).
 263
 264           Twofish was submitted as an AES (Advanced Encryption Standard)
 265           candidate cipher by researchers at CounterPane Systems.  It is a
 266           16 round block cipher supporting key sizes of 128, 192, and 256
 267           bits.
 268
 269           See also:
 270           <http://www.schneier.com/twofish.html>
 271
 272 config CRYPTO_SERPENT
 273         tristate "Serpent cipher algorithm"
 274         select CRYPTO_ALGAPI
 275         help
 276           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 277
 278           Keys are allowed to be from 0 to 256 bits in length, in steps
 279           of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
 280           variant of Serpent for compatibility with old kerneli.org code.
 281
 282           See also:
 283           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 284
 285 config CRYPTO_AES
 286         tristate "AES cipher algorithms"
 287         select CRYPTO_ALGAPI
 288         help
 289           AES cipher algorithms (FIPS-197). AES uses the Rijndael
 290           algorithm.
 291
 292           Rijndael appears to be consistently a very good performer in
 293           both hardware and software across a wide range of computing
 294           environments regardless of its use in feedback or non-feedback
 295           modes. Its key setup time is excellent, and its key agility is
 296           good. Rijndael's very low memory requirements make it very well
 297           suited for restricted-space environments, in which it also
 298           demonstrates excellent performance. Rijndael's operations are
 299           among the easiest to defend against power and timing attacks.
 300
 301           The AES specifies three key sizes: 128, 192 and 256 bits
 302
 303           See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
 304
 305 config CRYPTO_AES_586
 306         tristate "AES cipher algorithms (i586)"
 307         depends on (X86 || UML_X86) && !64BIT
 308         select CRYPTO_ALGAPI
 309         help
 310           AES cipher algorithms (FIPS-197). AES uses the Rijndael
 311           algorithm.
 312
 313           Rijndael appears to be consistently a very good performer in
 314           both hardware and software across a wide range of computing
 315           environments regardless of its use in feedback or non-feedback
 316           modes. Its key setup time is excellent, and its key agility is
 317           good. Rijndael's very low memory requirements make it very well
 318           suited for restricted-space environments, in which it also
 319           demonstrates excellent performance. Rijndael's operations are
 320           among the easiest to defend against power and timing attacks.
 321
 322           The AES specifies three key sizes: 128, 192 and 256 bits
 323
 324           See <http://csrc.nist.gov/encryption/aes/> for more information.
 325
 326 config CRYPTO_AES_X86_64
 327         tristate "AES cipher algorithms (x86_64)"
 328         depends on (X86 || UML_X86) && 64BIT
 329         select CRYPTO_ALGAPI
 330         help
 331           AES cipher algorithms (FIPS-197). AES uses the Rijndael
 332           algorithm.
 333
 334           Rijndael appears to be consistently a very good performer in
 335           both hardware and software across a wide range of computing
 336           environments regardless of its use in feedback or non-feedback
 337           modes. Its key setup time is excellent, and its key agility is
 338           good. Rijndael's very low memory requirements make it very well
 339           suited for restricted-space environments, in which it also
 340           demonstrates excellent performance. Rijndael's operations are
 341           among the easiest to defend against power and timing attacks.
 342
 343           The AES specifies three key sizes: 128, 192 and 256 bits
 344
 345           See <http://csrc.nist.gov/encryption/aes/> for more information.
 346
 347 config CRYPTO_CAST5
 348         tristate "CAST5 (CAST-128) cipher algorithm"
 349         select CRYPTO_ALGAPI
 350         help
 351           The CAST5 encryption algorithm (synonymous with CAST-128) is
 352           described in RFC2144.
 353
 354 config CRYPTO_CAST6
 355         tristate "CAST6 (CAST-256) cipher algorithm"
 356         select CRYPTO_ALGAPI
 357         help
 358           The CAST6 encryption algorithm (synonymous with CAST-256) is
 359           described in RFC2612.
 360
 361 config CRYPTO_TEA
 362         tristate "TEA, XTEA and XETA cipher algorithms"
 363         select CRYPTO_ALGAPI
 364         help
 365           TEA cipher algorithm.
 366
 367           Tiny Encryption Algorithm is a simple cipher that uses
 368           many rounds for security.  It is very fast and uses
 369           little memory.
 370
 371           Xtendend Tiny Encryption Algorithm is a modification to
 372           the TEA algorithm to address a potential key weakness
 373           in the TEA algorithm.
 374
 375           Xtendend Encryption Tiny Algorithm is a mis-implementation
 376           of the XTEA algorithm for compatibility purposes.
 377
 378 config CRYPTO_ARC4
 379         tristate "ARC4 cipher algorithm"
 380         select CRYPTO_ALGAPI
 381         help
 382           ARC4 cipher algorithm.
 383
 384           ARC4 is a stream cipher using keys ranging from 8 bits to 2048
 385           bits in length.  This algorithm is required for driver-based
 386           WEP, but it should not be for other purposes because of the
 387           weakness of the algorithm.
 388
 389 config CRYPTO_KHAZAD
 390         tristate "Khazad cipher algorithm"
 391         select CRYPTO_ALGAPI
 392         help
 393           Khazad cipher algorithm.
 394
 395           Khazad was a finalist in the initial NESSIE competition.  It is
 396           an algorithm optimized for 64-bit processors with good performance
 397           on 32-bit processors.  Khazad uses an 128 bit key size.
 398
 399           See also:
 400           <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
 401
 402 config CRYPTO_ANUBIS
 403         tristate "Anubis cipher algorithm"
 404         select CRYPTO_ALGAPI
 405         help
 406           Anubis cipher algorithm.
 407
 408           Anubis is a variable key length cipher which can use keys from
 409           128 bits to 320 bits in length.  It was evaluated as a entrant
 410           in the NESSIE competition.
 411
 412           See also:
 413           <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
 414           <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
 415
 416
 417 config CRYPTO_DEFLATE
 418         tristate "Deflate compression algorithm"
 419         select CRYPTO_ALGAPI
 420         select ZLIB_INFLATE
 421         select ZLIB_DEFLATE
 422         help
 423           This is the Deflate algorithm (RFC1951), specified for use in
 424           IPSec with the IPCOMP protocol (RFC3173, RFC2394).
 425
 426           You will most probably want this if using IPSec.
 427
 428 config CRYPTO_MICHAEL_MIC
 429         tristate "Michael MIC keyed digest algorithm"
 430         select CRYPTO_ALGAPI
 431         help
 432           Michael MIC is used for message integrity protection in TKIP
 433           (IEEE 802.11i). This algorithm is required for TKIP, but it
 434           should not be used for other purposes because of the weakness
 435           of the algorithm.
 436
 437 config CRYPTO_CRC32C
 438         tristate "CRC32c CRC algorithm"
 439         select CRYPTO_ALGAPI
 440         select LIBCRC32C
 441         help
 442           Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
 443           by iSCSI for header and data digests and by others.
 444           See Castagnoli93.  This implementation uses lib/libcrc32c.
 445           Module will be crc32c.
 446
 447 config CRYPTO_CAMELLIA
 448         tristate "Camellia cipher algorithms"
 449         depends on CRYPTO
 450         select CRYPTO_ALGAPI
 451         help
 452           Camellia cipher algorithms module.
 453
 454           Camellia is a symmetric key block cipher developed jointly
 455           at NTT and Mitsubishi Electric Corporation.
 456
 457           The Camellia specifies three key sizes: 128, 192 and 256 bits.
 458
 459           See also:
 460           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 461
 462 config CRYPTO_TEST
 463         tristate "Testing module"
 464         depends on m
 465         select CRYPTO_ALGAPI
 466         help
 467           Quick & dirty crypto test module.
 468
 469 source "drivers/crypto/Kconfig"
 470
 471 endif   # if CRYPTO
 472
 473 endmenu