| blob | 864456c140fe7a6e2625527518c45eae75e20e4d |
1 #
2 # Generic algorithms support
3 #
4 config XOR_BLOCKS
5 tristate
7 #
8 # async_tx api: hardware offloaded memory transfer/transform support
9 #
10 source "crypto/async_tx/Kconfig"
12 #
13 # Cryptographic API Configuration
14 #
15 menuconfig CRYPTO
16 tristate "Cryptographic API"
17 help
18 This option provides the core Cryptographic API.
20 if CRYPTO
22 comment "Crypto core or helper"
24 config CRYPTO_ALGAPI
25 tristate
26 help
27 This option provides the API for cryptographic algorithms.
29 config CRYPTO_AEAD
30 tristate
31 select CRYPTO_ALGAPI
33 config CRYPTO_BLKCIPHER
34 tristate
35 select CRYPTO_ALGAPI
37 config CRYPTO_HASH
38 tristate
39 select CRYPTO_ALGAPI
41 config CRYPTO_MANAGER
42 tristate "Cryptographic algorithm manager"
43 select CRYPTO_ALGAPI
44 help
45 Create default cryptographic template instantiations such as
46 cbc(aes).
48 config CRYPTO_GF128MUL
49 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
50 depends on EXPERIMENTAL
51 help
52 Efficient table driven implementation of multiplications in the
53 field GF(2^128). This is needed by some cypher modes. This
54 option will be selected automatically if you select such a
55 cipher mode. Only select this option by hand if you expect to load
56 an external module that requires these functions.
58 config CRYPTO_NULL
59 tristate "Null algorithms"
60 select CRYPTO_ALGAPI
61 select CRYPTO_BLKCIPHER
62 help
63 These are 'Null' algorithms, used by IPsec, which do nothing.
65 config CRYPTO_CRYPTD
66 tristate "Software async crypto daemon"
67 select CRYPTO_BLKCIPHER
68 select CRYPTO_MANAGER
69 help
70 This is a generic software asynchronous crypto daemon that
71 converts an arbitrary synchronous software crypto algorithm
72 into an asynchronous algorithm that executes in a kernel thread.
74 config CRYPTO_AUTHENC
75 tristate "Authenc support"
76 select CRYPTO_AEAD
77 select CRYPTO_BLKCIPHER
78 select CRYPTO_MANAGER
79 select CRYPTO_HASH
80 help
81 Authenc: Combined mode wrapper for IPsec.
82 This is required for IPSec.
84 config CRYPTO_TEST
85 tristate "Testing module"
86 depends on m
87 select CRYPTO_ALGAPI
88 select CRYPTO_AEAD
89 select CRYPTO_BLKCIPHER
90 help
91 Quick & dirty crypto test module.
93 comment "Authenticated Encryption with Associated Data"
95 config CRYPTO_CCM
96 tristate "CCM support"
97 select CRYPTO_CTR
98 select CRYPTO_AEAD
99 help
100 Support for Counter with CBC MAC. Required for IPsec.
102 config CRYPTO_GCM
103 tristate "GCM/GMAC support"
104 select CRYPTO_CTR
105 select CRYPTO_AEAD
106 select CRYPTO_GF128MUL
107 help
108 Support for Galois/Counter Mode (GCM) and Galois Message
109 Authentication Code (GMAC). Required for IPSec.
111 config CRYPTO_SEQIV
112 tristate "Sequence Number IV Generator"
113 select CRYPTO_AEAD
114 select CRYPTO_BLKCIPHER
115 help
116 This IV generator generates an IV based on a sequence number by
117 xoring it with a salt. This algorithm is mainly useful for CTR
119 comment "Block modes"
121 config CRYPTO_CBC
122 tristate "CBC support"
123 select CRYPTO_BLKCIPHER
124 select CRYPTO_MANAGER
125 help
126 CBC: Cipher Block Chaining mode
127 This block cipher algorithm is required for IPSec.
129 config CRYPTO_CTR
130 tristate "CTR support"
131 select CRYPTO_BLKCIPHER
132 select CRYPTO_SEQIV
133 select CRYPTO_MANAGER
134 help
135 CTR: Counter mode
136 This block cipher algorithm is required for IPSec.
138 config CRYPTO_CTS
139 tristate "CTS support"
140 select CRYPTO_BLKCIPHER
141 help
142 CTS: Cipher Text Stealing
143 This is the Cipher Text Stealing mode as described by
144 Section 8 of rfc2040 and referenced by rfc3962.
145 (rfc3962 includes errata information in its Appendix A)
146 This mode is required for Kerberos gss mechanism support
147 for AES encryption.
149 config CRYPTO_ECB
150 tristate "ECB support"
151 select CRYPTO_BLKCIPHER
152 select CRYPTO_MANAGER
153 help
154 ECB: Electronic CodeBook mode
155 This is the simplest block cipher algorithm. It simply encrypts
156 the input block by block.
158 config CRYPTO_LRW
159 tristate "LRW support (EXPERIMENTAL)"
160 depends on EXPERIMENTAL
161 select CRYPTO_BLKCIPHER
162 select CRYPTO_MANAGER
163 select CRYPTO_GF128MUL
164 help
165 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
166 narrow block cipher mode for dm-crypt. Use it with cipher
167 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
168 The first 128, 192 or 256 bits in the key are used for AES and the
169 rest is used to tie each cipher block to its logical position.
171 config CRYPTO_PCBC
172 tristate "PCBC support"
173 select CRYPTO_BLKCIPHER
174 select CRYPTO_MANAGER
175 help
176 PCBC: Propagating Cipher Block Chaining mode
177 This block cipher algorithm is required for RxRPC.
179 config CRYPTO_XTS
180 tristate "XTS support (EXPERIMENTAL)"
181 depends on EXPERIMENTAL
182 select CRYPTO_BLKCIPHER
183 select CRYPTO_MANAGER
184 select CRYPTO_GF128MUL
185 help
186 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
187 key size 256, 384 or 512 bits. This implementation currently
188 can't handle a sectorsize which is not a multiple of 16 bytes.
190 comment "Hash modes"
192 config CRYPTO_HMAC
193 tristate "HMAC support"
194 select CRYPTO_HASH
195 select CRYPTO_MANAGER
196 help
197 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
198 This is required for IPSec.
200 config CRYPTO_XCBC
201 tristate "XCBC support"
202 depends on EXPERIMENTAL
203 select CRYPTO_HASH
204 select CRYPTO_MANAGER
205 help
206 XCBC: Keyed-Hashing with encryption algorithm
207 http://www.ietf.org/rfc/rfc3566.txt
208 http://csrc.nist.gov/encryption/modes/proposedmodes/
209 xcbc-mac/xcbc-mac-spec.pdf
211 comment "Digest"
213 config CRYPTO_CRC32C
214 tristate "CRC32c CRC algorithm"
215 select CRYPTO_ALGAPI
216 select LIBCRC32C
217 help
218 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
219 by iSCSI for header and data digests and by others.
220 See Castagnoli93. This implementation uses lib/libcrc32c.
221 Module will be crc32c.
223 config CRYPTO_MD4
224 tristate "MD4 digest algorithm"
225 select CRYPTO_ALGAPI
226 help
227 MD4 message digest algorithm (RFC1320).
229 config CRYPTO_MD5
230 tristate "MD5 digest algorithm"
231 select CRYPTO_ALGAPI
232 help
233 MD5 message digest algorithm (RFC1321).
235 config CRYPTO_MICHAEL_MIC
236 tristate "Michael MIC keyed digest algorithm"
237 select CRYPTO_ALGAPI
238 help
239 Michael MIC is used for message integrity protection in TKIP
240 (IEEE 802.11i). This algorithm is required for TKIP, but it
241 should not be used for other purposes because of the weakness
242 of the algorithm.
244 config CRYPTO_SHA1
245 tristate "SHA1 digest algorithm"
246 select CRYPTO_ALGAPI
247 help
248 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
250 config CRYPTO_SHA256
251 tristate "SHA224 and SHA256 digest algorithm"
252 select CRYPTO_ALGAPI
253 help
254 SHA256 secure hash standard (DFIPS 180-2).
256 This version of SHA implements a 256 bit hash with 128 bits of
257 security against collision attacks.
259 This code also includes SHA-224, a 224 bit hash with 112 bits
260 of security against collision attacks.
262 config CRYPTO_SHA512
263 tristate "SHA384 and SHA512 digest algorithms"
264 select CRYPTO_ALGAPI
265 help
266 SHA512 secure hash standard (DFIPS 180-2).
268 This version of SHA implements a 512 bit hash with 256 bits of
269 security against collision attacks.
271 This code also includes SHA-384, a 384 bit hash with 192 bits
272 of security against collision attacks.
274 config CRYPTO_TGR192
275 tristate "Tiger digest algorithms"
276 select CRYPTO_ALGAPI
277 help
278 Tiger hash algorithm 192, 160 and 128-bit hashes
280 Tiger is a hash function optimized for 64-bit processors while
281 still having decent performance on 32-bit processors.
282 Tiger was developed by Ross Anderson and Eli Biham.
284 See also:
285 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
287 config CRYPTO_WP512
288 tristate "Whirlpool digest algorithms"
289 select CRYPTO_ALGAPI
290 help
291 Whirlpool hash algorithm 512, 384 and 256-bit hashes
293 Whirlpool-512 is part of the NESSIE cryptographic primitives.
294 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
296 See also:
297 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
299 comment "Ciphers"
301 config CRYPTO_AES
302 tristate "AES cipher algorithms"
303 select CRYPTO_ALGAPI
304 help
305 AES cipher algorithms (FIPS-197). AES uses the Rijndael
306 algorithm.
308 Rijndael appears to be consistently a very good performer in
309 both hardware and software across a wide range of computing
310 environments regardless of its use in feedback or non-feedback
311 modes. Its key setup time is excellent, and its key agility is
312 good. Rijndael's very low memory requirements make it very well
313 suited for restricted-space environments, in which it also
314 demonstrates excellent performance. Rijndael's operations are
315 among the easiest to defend against power and timing attacks.
317 The AES specifies three key sizes: 128, 192 and 256 bits
319 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
321 config CRYPTO_AES_586
322 tristate "AES cipher algorithms (i586)"
323 depends on (X86 || UML_X86) && !64BIT
324 select CRYPTO_ALGAPI
325 select CRYPTO_AES
326 help
327 AES cipher algorithms (FIPS-197). AES uses the Rijndael
328 algorithm.
330 Rijndael appears to be consistently a very good performer in
331 both hardware and software across a wide range of computing
332 environments regardless of its use in feedback or non-feedback
333 modes. Its key setup time is excellent, and its key agility is
334 good. Rijndael's very low memory requirements make it very well
335 suited for restricted-space environments, in which it also
336 demonstrates excellent performance. Rijndael's operations are
337 among the easiest to defend against power and timing attacks.
339 The AES specifies three key sizes: 128, 192 and 256 bits
341 See <http://csrc.nist.gov/encryption/aes/> for more information.
343 config CRYPTO_AES_X86_64
344 tristate "AES cipher algorithms (x86_64)"
345 depends on (X86 || UML_X86) && 64BIT
346 select CRYPTO_ALGAPI
347 select CRYPTO_AES
348 help
349 AES cipher algorithms (FIPS-197). AES uses the Rijndael
350 algorithm.
352 Rijndael appears to be consistently a very good performer in
353 both hardware and software across a wide range of computing
354 environments regardless of its use in feedback or non-feedback
355 modes. Its key setup time is excellent, and its key agility is
356 good. Rijndael's very low memory requirements make it very well
357 suited for restricted-space environments, in which it also
358 demonstrates excellent performance. Rijndael's operations are
359 among the easiest to defend against power and timing attacks.
361 The AES specifies three key sizes: 128, 192 and 256 bits
363 See <http://csrc.nist.gov/encryption/aes/> for more information.
365 config CRYPTO_ANUBIS
366 tristate "Anubis cipher algorithm"
367 select CRYPTO_ALGAPI
368 help
369 Anubis cipher algorithm.
371 Anubis is a variable key length cipher which can use keys from
372 128 bits to 320 bits in length. It was evaluated as a entrant
373 in the NESSIE competition.
375 See also:
376 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
377 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
379 config CRYPTO_ARC4
380 tristate "ARC4 cipher algorithm"
381 select CRYPTO_ALGAPI
382 help
383 ARC4 cipher algorithm.
385 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
386 bits in length. This algorithm is required for driver-based
387 WEP, but it should not be for other purposes because of the
388 weakness of the algorithm.
390 config CRYPTO_BLOWFISH
391 tristate "Blowfish cipher algorithm"
392 select CRYPTO_ALGAPI
393 help
394 Blowfish cipher algorithm, by Bruce Schneier.
396 This is a variable key length cipher which can use keys from 32
397 bits to 448 bits in length. It's fast, simple and specifically
398 designed for use on "large microprocessors".
400 See also:
401 <http://www.schneier.com/blowfish.html>
403 config CRYPTO_CAMELLIA
404 tristate "Camellia cipher algorithms"
405 depends on CRYPTO
406 select CRYPTO_ALGAPI
407 help
408 Camellia cipher algorithms module.
410 Camellia is a symmetric key block cipher developed jointly
411 at NTT and Mitsubishi Electric Corporation.
413 The Camellia specifies three key sizes: 128, 192 and 256 bits.
415 See also:
416 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
418 config CRYPTO_CAST5
419 tristate "CAST5 (CAST-128) cipher algorithm"
420 select CRYPTO_ALGAPI
421 help
422 The CAST5 encryption algorithm (synonymous with CAST-128) is
423 described in RFC2144.
425 config CRYPTO_CAST6
426 tristate "CAST6 (CAST-256) cipher algorithm"
427 select CRYPTO_ALGAPI
428 help
429 The CAST6 encryption algorithm (synonymous with CAST-256) is
430 described in RFC2612.
432 config CRYPTO_DES
433 tristate "DES and Triple DES EDE cipher algorithms"
434 select CRYPTO_ALGAPI
435 help
436 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
438 config CRYPTO_FCRYPT
439 tristate "FCrypt cipher algorithm"
440 select CRYPTO_ALGAPI
441 select CRYPTO_BLKCIPHER
442 help
443 FCrypt algorithm used by RxRPC.
445 config CRYPTO_KHAZAD
446 tristate "Khazad cipher algorithm"
447 select CRYPTO_ALGAPI
448 help
449 Khazad cipher algorithm.
451 Khazad was a finalist in the initial NESSIE competition. It is
452 an algorithm optimized for 64-bit processors with good performance
453 on 32-bit processors. Khazad uses an 128 bit key size.
455 See also:
456 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
458 config CRYPTO_SALSA20
459 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
460 depends on EXPERIMENTAL
461 select CRYPTO_BLKCIPHER
462 help
463 Salsa20 stream cipher algorithm.
465 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
466 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
468 The Salsa20 stream cipher algorithm is designed by Daniel J.
469 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
471 config CRYPTO_SALSA20_586
472 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
473 depends on (X86 || UML_X86) && !64BIT
474 depends on EXPERIMENTAL
475 select CRYPTO_BLKCIPHER
476 help
477 Salsa20 stream cipher algorithm.
479 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
480 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
482 The Salsa20 stream cipher algorithm is designed by Daniel J.
483 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
485 config CRYPTO_SALSA20_X86_64
486 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
487 depends on (X86 || UML_X86) && 64BIT
488 depends on EXPERIMENTAL
489 select CRYPTO_BLKCIPHER
490 help
491 Salsa20 stream cipher algorithm.
493 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
494 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
496 The Salsa20 stream cipher algorithm is designed by Daniel J.
497 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
499 config CRYPTO_SEED
500 tristate "SEED cipher algorithm"
501 select CRYPTO_ALGAPI
502 help
503 SEED cipher algorithm (RFC4269).
505 SEED is a 128-bit symmetric key block cipher that has been
506 developed by KISA (Korea Information Security Agency) as a
507 national standard encryption algorithm of the Republic of Korea.
508 It is a 16 round block cipher with the key size of 128 bit.
510 See also:
511 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
513 config CRYPTO_SERPENT
514 tristate "Serpent cipher algorithm"
515 select CRYPTO_ALGAPI
516 help
517 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
519 Keys are allowed to be from 0 to 256 bits in length, in steps
520 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
521 variant of Serpent for compatibility with old kerneli.org code.
523 See also:
524 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
526 config CRYPTO_TEA
527 tristate "TEA, XTEA and XETA cipher algorithms"
528 select CRYPTO_ALGAPI
529 help
530 TEA cipher algorithm.
532 Tiny Encryption Algorithm is a simple cipher that uses
533 many rounds for security. It is very fast and uses
534 little memory.
536 Xtendend Tiny Encryption Algorithm is a modification to
537 the TEA algorithm to address a potential key weakness
538 in the TEA algorithm.
540 Xtendend Encryption Tiny Algorithm is a mis-implementation
541 of the XTEA algorithm for compatibility purposes.
543 config CRYPTO_TWOFISH
544 tristate "Twofish cipher algorithm"
545 select CRYPTO_ALGAPI
546 select CRYPTO_TWOFISH_COMMON
547 help
548 Twofish cipher algorithm.
550 Twofish was submitted as an AES (Advanced Encryption Standard)
551 candidate cipher by researchers at CounterPane Systems. It is a
552 16 round block cipher supporting key sizes of 128, 192, and 256
553 bits.
555 See also:
556 <http://www.schneier.com/twofish.html>
558 config CRYPTO_TWOFISH_COMMON
559 tristate
560 help
561 Common parts of the Twofish cipher algorithm shared by the
562 generic c and the assembler implementations.
564 config CRYPTO_TWOFISH_586
565 tristate "Twofish cipher algorithms (i586)"
566 depends on (X86 || UML_X86) && !64BIT
567 select CRYPTO_ALGAPI
568 select CRYPTO_TWOFISH_COMMON
569 help
570 Twofish cipher algorithm.
572 Twofish was submitted as an AES (Advanced Encryption Standard)
573 candidate cipher by researchers at CounterPane Systems. It is a
574 16 round block cipher supporting key sizes of 128, 192, and 256
575 bits.
577 See also:
578 <http://www.schneier.com/twofish.html>
580 config CRYPTO_TWOFISH_X86_64
581 tristate "Twofish cipher algorithm (x86_64)"
582 depends on (X86 || UML_X86) && 64BIT
583 select CRYPTO_ALGAPI
584 select CRYPTO_TWOFISH_COMMON
585 help
586 Twofish cipher algorithm (x86_64).
588 Twofish was submitted as an AES (Advanced Encryption Standard)
589 candidate cipher by researchers at CounterPane Systems. It is a
590 16 round block cipher supporting key sizes of 128, 192, and 256
591 bits.
593 See also:
594 <http://www.schneier.com/twofish.html>
596 comment "Compression"
598 config CRYPTO_DEFLATE
599 tristate "Deflate compression algorithm"
600 select CRYPTO_ALGAPI
601 select ZLIB_INFLATE
602 select ZLIB_DEFLATE
603 help
604 This is the Deflate algorithm (RFC1951), specified for use in
605 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
607 You will most probably want this if using IPSec.
609 config CRYPTO_LZO
610 tristate "LZO compression algorithm"
611 select CRYPTO_ALGAPI
612 select LZO_COMPRESS
613 select LZO_DECOMPRESS
614 help
615 This is the LZO algorithm.
617 source "drivers/crypto/Kconfig"
619 endif # if CRYPTO