| blob | cbae8392ce11b848e5573194eb8591a175815822 |
1 #
2 # Cryptographic API Configuration
3 #
5 menu "Cryptographic options"
7 config CRYPTO
8 bool "Cryptographic API"
9 help
10 This option provides the core Cryptographic API.
12 if CRYPTO
14 config CRYPTO_ALGAPI
15 tristate
16 help
17 This option provides the API for cryptographic algorithms.
19 config CRYPTO_BLKCIPHER
20 tristate
21 select CRYPTO_ALGAPI
23 config CRYPTO_HASH
24 tristate
25 select CRYPTO_ALGAPI
27 config CRYPTO_MANAGER
28 tristate "Cryptographic algorithm manager"
29 select CRYPTO_ALGAPI
30 help
31 Create default cryptographic template instantiations such as
32 cbc(aes).
34 config CRYPTO_HMAC
35 tristate "HMAC support"
36 select CRYPTO_HASH
37 select CRYPTO_MANAGER
38 help
39 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
40 This is required for IPSec.
42 config CRYPTO_NULL
43 tristate "Null algorithms"
44 select CRYPTO_ALGAPI
45 help
46 These are 'Null' algorithms, used by IPsec, which do nothing.
48 config CRYPTO_MD4
49 tristate "MD4 digest algorithm"
50 select CRYPTO_ALGAPI
51 help
52 MD4 message digest algorithm (RFC1320).
54 config CRYPTO_MD5
55 tristate "MD5 digest algorithm"
56 select CRYPTO_ALGAPI
57 help
58 MD5 message digest algorithm (RFC1321).
60 config CRYPTO_SHA1
61 tristate "SHA1 digest algorithm"
62 select CRYPTO_ALGAPI
63 help
64 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
66 config CRYPTO_SHA1_S390
67 tristate "SHA1 digest algorithm (s390)"
68 depends on S390
69 select CRYPTO_ALGAPI
70 help
71 This is the s390 hardware accelerated implementation of the
72 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
74 config CRYPTO_SHA256
75 tristate "SHA256 digest algorithm"
76 select CRYPTO_ALGAPI
77 help
78 SHA256 secure hash standard (DFIPS 180-2).
80 This version of SHA implements a 256 bit hash with 128 bits of
81 security against collision attacks.
83 config CRYPTO_SHA256_S390
84 tristate "SHA256 digest algorithm (s390)"
85 depends on S390
86 select CRYPTO_ALGAPI
87 help
88 This is the s390 hardware accelerated implementation of the
89 SHA256 secure hash standard (DFIPS 180-2).
91 This version of SHA implements a 256 bit hash with 128 bits of
92 security against collision attacks.
94 config CRYPTO_SHA512
95 tristate "SHA384 and SHA512 digest algorithms"
96 select CRYPTO_ALGAPI
97 help
98 SHA512 secure hash standard (DFIPS 180-2).
100 This version of SHA implements a 512 bit hash with 256 bits of
101 security against collision attacks.
103 This code also includes SHA-384, a 384 bit hash with 192 bits
104 of security against collision attacks.
106 config CRYPTO_WP512
107 tristate "Whirlpool digest algorithms"
108 select CRYPTO_ALGAPI
109 help
110 Whirlpool hash algorithm 512, 384 and 256-bit hashes
112 Whirlpool-512 is part of the NESSIE cryptographic primitives.
113 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
115 See also:
116 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
118 config CRYPTO_TGR192
119 tristate "Tiger digest algorithms"
120 select CRYPTO_ALGAPI
121 help
122 Tiger hash algorithm 192, 160 and 128-bit hashes
124 Tiger is a hash function optimized for 64-bit processors while
125 still having decent performance on 32-bit processors.
126 Tiger was developed by Ross Anderson and Eli Biham.
128 See also:
129 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
131 config CRYPTO_ECB
132 tristate "ECB support"
133 select CRYPTO_BLKCIPHER
134 select CRYPTO_MANAGER
135 default m
136 help
137 ECB: Electronic CodeBook mode
138 This is the simplest block cipher algorithm. It simply encrypts
139 the input block by block.
141 config CRYPTO_CBC
142 tristate "CBC support"
143 select CRYPTO_BLKCIPHER
144 select CRYPTO_MANAGER
145 default m
146 help
147 CBC: Cipher Block Chaining mode
148 This block cipher algorithm is required for IPSec.
150 config CRYPTO_DES
151 tristate "DES and Triple DES EDE cipher algorithms"
152 select CRYPTO_ALGAPI
153 help
154 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
156 config CRYPTO_DES_S390
157 tristate "DES and Triple DES cipher algorithms (s390)"
158 depends on S390
159 select CRYPTO_ALGAPI
160 select CRYPTO_BLKCIPHER
161 help
162 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
164 config CRYPTO_BLOWFISH
165 tristate "Blowfish cipher algorithm"
166 select CRYPTO_ALGAPI
167 help
168 Blowfish cipher algorithm, by Bruce Schneier.
170 This is a variable key length cipher which can use keys from 32
171 bits to 448 bits in length. It's fast, simple and specifically
172 designed for use on "large microprocessors".
174 See also:
175 <http://www.schneier.com/blowfish.html>
177 config CRYPTO_TWOFISH
178 tristate "Twofish cipher algorithm"
179 select CRYPTO_ALGAPI
180 select CRYPTO_TWOFISH_COMMON
181 help
182 Twofish cipher algorithm.
184 Twofish was submitted as an AES (Advanced Encryption Standard)
185 candidate cipher by researchers at CounterPane Systems. It is a
186 16 round block cipher supporting key sizes of 128, 192, and 256
187 bits.
189 See also:
190 <http://www.schneier.com/twofish.html>
192 config CRYPTO_TWOFISH_COMMON
193 tristate
194 help
195 Common parts of the Twofish cipher algorithm shared by the
196 generic c and the assembler implementations.
198 config CRYPTO_TWOFISH_586
199 tristate "Twofish cipher algorithms (i586)"
200 depends on (X86 || UML_X86) && !64BIT
201 select CRYPTO_ALGAPI
202 select CRYPTO_TWOFISH_COMMON
203 help
204 Twofish cipher algorithm.
206 Twofish was submitted as an AES (Advanced Encryption Standard)
207 candidate cipher by researchers at CounterPane Systems. It is a
208 16 round block cipher supporting key sizes of 128, 192, and 256
209 bits.
211 See also:
212 <http://www.schneier.com/twofish.html>
214 config CRYPTO_TWOFISH_X86_64
215 tristate "Twofish cipher algorithm (x86_64)"
216 depends on (X86 || UML_X86) && 64BIT
217 select CRYPTO_ALGAPI
218 select CRYPTO_TWOFISH_COMMON
219 help
220 Twofish cipher algorithm (x86_64).
222 Twofish was submitted as an AES (Advanced Encryption Standard)
223 candidate cipher by researchers at CounterPane Systems. It is a
224 16 round block cipher supporting key sizes of 128, 192, and 256
225 bits.
227 See also:
228 <http://www.schneier.com/twofish.html>
230 config CRYPTO_SERPENT
231 tristate "Serpent cipher algorithm"
232 select CRYPTO_ALGAPI
233 help
234 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
236 Keys are allowed to be from 0 to 256 bits in length, in steps
237 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
238 variant of Serpent for compatibility with old kerneli code.
240 See also:
241 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
243 config CRYPTO_AES
244 tristate "AES cipher algorithms"
245 select CRYPTO_ALGAPI
246 help
247 AES cipher algorithms (FIPS-197). AES uses the Rijndael
248 algorithm.
250 Rijndael appears to be consistently a very good performer in
251 both hardware and software across a wide range of computing
252 environments regardless of its use in feedback or non-feedback
253 modes. Its key setup time is excellent, and its key agility is
254 good. Rijndael's very low memory requirements make it very well
255 suited for restricted-space environments, in which it also
256 demonstrates excellent performance. Rijndael's operations are
257 among the easiest to defend against power and timing attacks.
259 The AES specifies three key sizes: 128, 192 and 256 bits
261 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
263 config CRYPTO_AES_586
264 tristate "AES cipher algorithms (i586)"
265 depends on (X86 || UML_X86) && !64BIT
266 select CRYPTO_ALGAPI
267 help
268 AES cipher algorithms (FIPS-197). AES uses the Rijndael
269 algorithm.
271 Rijndael appears to be consistently a very good performer in
272 both hardware and software across a wide range of computing
273 environments regardless of its use in feedback or non-feedback
274 modes. Its key setup time is excellent, and its key agility is
275 good. Rijndael's very low memory requirements make it very well
276 suited for restricted-space environments, in which it also
277 demonstrates excellent performance. Rijndael's operations are
278 among the easiest to defend against power and timing attacks.
280 The AES specifies three key sizes: 128, 192 and 256 bits
282 See <http://csrc.nist.gov/encryption/aes/> for more information.
284 config CRYPTO_AES_X86_64
285 tristate "AES cipher algorithms (x86_64)"
286 depends on (X86 || UML_X86) && 64BIT
287 select CRYPTO_ALGAPI
288 help
289 AES cipher algorithms (FIPS-197). AES uses the Rijndael
290 algorithm.
292 Rijndael appears to be consistently a very good performer in
293 both hardware and software across a wide range of computing
294 environments regardless of its use in feedback or non-feedback
295 modes. Its key setup time is excellent, and its key agility is
296 good. Rijndael's very low memory requirements make it very well
297 suited for restricted-space environments, in which it also
298 demonstrates excellent performance. Rijndael's operations are
299 among the easiest to defend against power and timing attacks.
301 The AES specifies three key sizes: 128, 192 and 256 bits
303 See <http://csrc.nist.gov/encryption/aes/> for more information.
305 config CRYPTO_AES_S390
306 tristate "AES cipher algorithms (s390)"
307 depends on S390
308 select CRYPTO_ALGAPI
309 select CRYPTO_BLKCIPHER
310 help
311 This is the s390 hardware accelerated implementation of the
312 AES cipher algorithms (FIPS-197). AES uses the Rijndael
313 algorithm.
315 Rijndael appears to be consistently a very good performer in
316 both hardware and software across a wide range of computing
317 environments regardless of its use in feedback or non-feedback
318 modes. Its key setup time is excellent, and its key agility is
319 good. Rijndael's very low memory requirements make it very well
320 suited for restricted-space environments, in which it also
321 demonstrates excellent performance. Rijndael's operations are
322 among the easiest to defend against power and timing attacks.
324 On s390 the System z9-109 currently only supports the key size
325 of 128 bit.
327 config CRYPTO_CAST5
328 tristate "CAST5 (CAST-128) cipher algorithm"
329 select CRYPTO_ALGAPI
330 help
331 The CAST5 encryption algorithm (synonymous with CAST-128) is
332 described in RFC2144.
334 config CRYPTO_CAST6
335 tristate "CAST6 (CAST-256) cipher algorithm"
336 select CRYPTO_ALGAPI
337 help
338 The CAST6 encryption algorithm (synonymous with CAST-256) is
339 described in RFC2612.
341 config CRYPTO_TEA
342 tristate "TEA, XTEA and XETA cipher algorithms"
343 select CRYPTO_ALGAPI
344 help
345 TEA cipher algorithm.
347 Tiny Encryption Algorithm is a simple cipher that uses
348 many rounds for security. It is very fast and uses
349 little memory.
351 Xtendend Tiny Encryption Algorithm is a modification to
352 the TEA algorithm to address a potential key weakness
353 in the TEA algorithm.
355 Xtendend Encryption Tiny Algorithm is a mis-implementation
356 of the XTEA algorithm for compatibility purposes.
358 config CRYPTO_ARC4
359 tristate "ARC4 cipher algorithm"
360 select CRYPTO_ALGAPI
361 help
362 ARC4 cipher algorithm.
364 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
365 bits in length. This algorithm is required for driver-based
366 WEP, but it should not be for other purposes because of the
367 weakness of the algorithm.
369 config CRYPTO_KHAZAD
370 tristate "Khazad cipher algorithm"
371 select CRYPTO_ALGAPI
372 help
373 Khazad cipher algorithm.
375 Khazad was a finalist in the initial NESSIE competition. It is
376 an algorithm optimized for 64-bit processors with good performance
377 on 32-bit processors. Khazad uses an 128 bit key size.
379 See also:
380 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
382 config CRYPTO_ANUBIS
383 tristate "Anubis cipher algorithm"
384 select CRYPTO_ALGAPI
385 help
386 Anubis cipher algorithm.
388 Anubis is a variable key length cipher which can use keys from
389 128 bits to 320 bits in length. It was evaluated as a entrant
390 in the NESSIE competition.
392 See also:
393 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
394 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
397 config CRYPTO_DEFLATE
398 tristate "Deflate compression algorithm"
399 select CRYPTO_ALGAPI
400 select ZLIB_INFLATE
401 select ZLIB_DEFLATE
402 help
403 This is the Deflate algorithm (RFC1951), specified for use in
404 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
406 You will most probably want this if using IPSec.
408 config CRYPTO_MICHAEL_MIC
409 tristate "Michael MIC keyed digest algorithm"
410 select CRYPTO_ALGAPI
411 help
412 Michael MIC is used for message integrity protection in TKIP
413 (IEEE 802.11i). This algorithm is required for TKIP, but it
414 should not be used for other purposes because of the weakness
415 of the algorithm.
417 config CRYPTO_CRC32C
418 tristate "CRC32c CRC algorithm"
419 select CRYPTO_ALGAPI
420 select LIBCRC32C
421 help
422 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
423 by iSCSI for header and data digests and by others.
424 See Castagnoli93. This implementation uses lib/libcrc32c.
425 Module will be crc32c.
427 config CRYPTO_TEST
428 tristate "Testing module"
429 depends on m
430 select CRYPTO_ALGAPI
431 help
432 Quick & dirty crypto test module.
434 source "drivers/crypto/Kconfig"
436 endif # if CRYPTO
438 endmenu