1 # This file is part of the OpenADK project. OpenADK is copyrighted
2 # material, please see the LICENCE file in the top-level directory.
6 config ADK_WALDUX_KERNEL_CRYPTO
9 config ADK_WALDUX_KERNEL_CRYPTO_HW
12 config ADK_WALDUX_KERNEL_XOR_BLOCKS
15 comment "Hardware cryptography"
17 menu "Hardware crypto devices"
18 depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI || ADK_TARGET_WITH_GEODE_CRYPTO
20 config ADK_WALDUX_KERNEL_CRYPTO_DEV_GEODE
21 tristate "Support for the Geode LX/GX AES engine"
22 select ADK_WALDUX_KERNEL_CRYPTO
23 select ADK_WALDUX_KERNEL_CRYPTO_HW
24 select ADK_WALDUX_KERNEL_CRYPTO_ECB
25 select ADK_WALDUX_KERNEL_CRYPTO_CBC
26 depends on ADK_TARGET_WITH_GEODE_CRYPTO
27 default y if ADK_TARGET_WITH_GEODE_CRYPTO
30 Say 'Y' here to use the AMD Geode LX processor on-board AES
31 engine for the CryptoAPI AES algorithm.
33 config ADK_WALDUX_KERNEL_CRYPTO_DEV_HIFN_795X
34 tristate "Driver for HIFN 795x crypto accelerator chips"
35 depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI
36 select ADK_WALDUX_KERNEL_CRYPTO
37 select ADK_WALDUX_KERNEL_CRYPTO_HW
38 select ADK_WALDUX_KERNEL_CRYPTO_DES
41 This option allows you to have support for HIFN 795x crypto adapters.
45 comment "Software cryptography support"
47 menu "Crypto core / Block and Hash modes"
49 config ADK_WALDUX_KERNEL_CRYPTO_PCOMP
51 select ADK_WALDUX_KERNEL_CRYPTO_PCOMP2
52 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
54 config ADK_WALDUX_KERNEL_CRYPTO_PCOMP2
56 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI2
58 config ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
60 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI2
62 config ADK_WALDUX_KERNEL_CRYPTO_ALGAPI2
65 config ADK_WALDUX_KERNEL_CRYPTO_AEAD
67 select ADK_WALDUX_KERNEL_CRYPTO_AEAD2
68 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
70 config ADK_WALDUX_KERNEL_CRYPTO_AEAD2
72 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI2
74 config ADK_WALDUX_KERNEL_CRYPTO_HASH
76 select ADK_WALDUX_KERNEL_CRYPTO
77 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
78 select ADK_WALDUX_KERNEL_CRYPTO_HASH2
79 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
81 config ADK_WALDUX_KERNEL_CRYPTO_HASH2
82 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI2
85 config ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
87 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER2
88 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
90 config ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER2
92 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI2
93 select ADK_WALDUX_KERNEL_CRYPTO_RNG2
94 select ADK_WALDUX_KERNEL_CRYPTO_WORKQUEUE
96 config ADK_WALDUX_KERNEL_CRYPTO_WORKQUEUE
99 config ADK_WALDUX_KERNEL_CRYPTO_RNG
101 select ADK_WALDUX_KERNEL_CRYPTO_RNG2
102 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
104 config ADK_WALDUX_KERNEL_CRYPTO_RNG2
106 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI2
109 config ADK_WALDUX_KERNEL_CRYPTO_MANAGER
111 select ADK_WALDUX_KERNEL_CRYPTO_MANAGER2
113 config ADK_WALDUX_KERNEL_CRYPTO_MANAGER2
114 def_tristate ADK_WALDUX_KERNEL_CRYPTO_MANAGER || (ADK_WALDUX_KERNEL_CRYPTO_MANAGER!=n && ADK_WALDUX_KERNEL_CRYPTO_ALGAPI=y)
115 select ADK_WALDUX_KERNEL_CRYPTO_AEAD2
116 select ADK_WALDUX_KERNEL_CRYPTO_HASH2
117 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER2
118 select ADK_WALDUX_KERNEL_CRYPTO_PCOMP2
120 config ADK_WALDUX_KERNEL_CRYPTO_AUTHENC
121 tristate "AuthENC (IPsec)"
122 select ADK_WALDUX_KERNEL_CRYPTO_AEAD
123 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
124 select ADK_WALDUX_KERNEL_CRYPTO_MANAGER
125 select ADK_WALDUX_KERNEL_CRYPTO_HASH
128 config ADK_WALDUX_KERNEL_CRYPTO_SEQIV
129 tristate "Sequence Number IV Generator"
130 select ADK_WALDUX_KERNEL_CRYPTO_AEAD
131 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
132 select ADK_WALDUX_KERNEL_CRYPTO_RNG
135 This IV generator generates an IV based on a sequence number by
136 xoring it with a salt. This algorithm is mainly useful for CTR
138 config ADK_WALDUX_KERNEL_CRYPTO_CTS
139 tristate "CTS support"
140 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
143 CTS: Cipher Text Stealing
144 This is the Cipher Text Stealing mode as described by
145 Section 8 of rfc2040 and referenced by rfc3962.
146 (rfc3962 includes errata information in its Appendix A)
147 This mode is required for Kerberos gss mechanism support
150 config ADK_WALDUX_KERNEL_CRYPTO_CBC
151 tristate "CBC support"
152 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
153 select ADK_WALDUX_KERNEL_CRYPTO_MANAGER
156 CBC: Cipher Block Chaining mode
157 This block cipher algorithm is required for IPSec.
159 config ADK_WALDUX_KERNEL_CRYPTO_CCM
160 tristate "CCM support"
161 select ADK_WALDUX_KERNEL_CRYPTO_CTR
162 select ADK_WALDUX_KERNEL_CRYPTO_AEAD
165 Support for Counter with CBC MAC. Required for IPsec.
167 config ADK_WALDUX_KERNEL_CRYPTO_GCM
168 tristate "GCM support"
169 select ADK_WALDUX_KERNEL_CRYPTO_CTR
170 select ADK_WALDUX_KERNEL_CRYPTO_AEAD
171 select ADK_WALDUX_KERNEL_CRYPTO_GHASH
172 select ADK_WALDUX_KERNEL_CRYPTO_NULL
175 Support for Galois/Counter Mode (GCM) and Galois Message
176 Authentication Code (GMAC). Required for IPSec.
178 config ADK_WALDUX_KERNEL_CRYPTO_CTR
179 tristate "CTR support"
180 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
181 select ADK_WALDUX_KERNEL_CRYPTO_SEQIV
182 select ADK_WALDUX_KERNEL_CRYPTO_MANAGER
186 This block cipher algorithm is required for IPSec.
188 config ADK_WALDUX_KERNEL_CRYPTO_ECB
189 tristate "ECB support"
190 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
191 select ADK_WALDUX_KERNEL_CRYPTO_MANAGER
194 ECB: Electronic CodeBook mode
195 This is the simplest block cipher algorithm. It simply encrypts
196 the input block by block.
198 config ADK_WALDUX_KERNEL_CRYPTO_HMAC
199 tristate "HMAC support"
200 select ADK_WALDUX_KERNEL_CRYPTO_HASH
201 select ADK_WALDUX_KERNEL_CRYPTO_MANAGER
204 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
205 This is required for IPSec.
207 config ADK_WALDUX_KERNEL_CRYPTO_XCBC
208 tristate "XCBC support"
209 select ADK_WALDUX_KERNEL_CRYPTO_HASH
210 select ADK_WALDUX_KERNEL_CRYPTO_MANAGER
213 XCBC: Keyed-Hashing with encryption algorithm
217 menu "Digest algorithms"
219 config ADK_WALDUX_KERNEL_CRYPTO_MD4
220 tristate "MD4 digest algorithm"
221 select ADK_WALDUX_KERNEL_CRYPTO_HASH
224 MD4 message digest algorithm (RFC1320).
226 config ADK_WALDUX_KERNEL_CRYPTO_MD5
227 tristate "MD5 digest algorithm"
228 select ADK_WALDUX_KERNEL_CRYPTO_HASH
231 MD5 message digest algorithm (RFC1321).
233 config ADK_WALDUX_KERNEL_CRYPTO_SHA1
234 tristate "SHA1 digest algorithm"
235 select ADK_WALDUX_KERNEL_CRYPTO_HASH
238 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
240 config ADK_WALDUX_KERNEL_CRYPTO_SHA256
241 tristate "SHA256 digest algorithm"
242 select ADK_WALDUX_KERNEL_CRYPTO_HASH
245 SHA256 secure hash standard (DFIPS 180-2).
247 This version of SHA implements a 256 bit hash with 128 bits of
248 security against collision attacks.
250 config ADK_WALDUX_KERNEL_CRYPTO_SHA512
251 tristate "SHA512 digest algorithm"
252 select ADK_WALDUX_KERNEL_CRYPTO_HASH
255 SHA512 secure hash standard (DFIPS 180-2).
257 This version of SHA implements a 512 bit hash with 256 bits of
258 security against collision attacks.
260 This code also includes SHA-384, a 384 bit hash with 192 bits
261 of security against collision attacks.
263 config ADK_WALDUX_KERNEL_CRYPTO_WP512
264 tristate "Whirlpool digest algorithms"
265 select ADK_WALDUX_KERNEL_CRYPTO_HASH
268 Whirlpool hash algorithm 512, 384 and 256-bit hashes
270 Whirlpool-512 is part of the NESSIE cryptographic primitives.
271 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
274 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
276 config ADK_WALDUX_KERNEL_CRYPTO_TGR192
277 tristate "Tiger digest algorithms"
278 select ADK_WALDUX_KERNEL_CRYPTO_HASH
281 Tiger hash algorithm 192, 160 and 128-bit hashes
283 Tiger is a hash function optimized for 64-bit processors while
284 still having decent performance on 32-bit processors.
285 Tiger was developed by Ross Anderson and Eli Biham.
288 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
291 menu "Cipher algoritms"
293 config ADK_WALDUX_KERNEL_CRYPTO_AES
294 tristate "AES cipher algorithms"
295 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
298 AES cipher algorithms (FIPS-197). AES uses the Rijndael
301 Rijndael appears to be consistently a very good performer in
302 both hardware and software across a wide range of computing
303 environments regardless of its use in feedback or non-feedback
304 modes. Its key setup time is excellent, and its key agility is
305 good. Rijndael's very low memory requirements make it very well
306 suited for restricted-space environments, in which it also
307 demonstrates excellent performance. Rijndael's operations are
308 among the easiest to defend against power and timing attacks.
310 The AES specifies three key sizes: 128, 192 and 256 bits
312 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
314 config ADK_WALDUX_KERNEL_CRYPTO_AES_586
315 tristate "AES cipher algorithms (i586)"
317 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
318 select ADK_WALDUX_KERNEL_CRYPTO_AES
321 AES cipher algorithms (FIPS-197). AES uses the Rijndael
324 Rijndael appears to be consistently a very good performer in
325 both hardware and software across a wide range of computing
326 environments regardless of its use in feedback or non-feedback
327 modes. Its key setup time is excellent, and its key agility is
328 good. Rijndael's very low memory requirements make it very well
329 suited for restricted-space environments, in which it also
330 demonstrates excellent performance. Rijndael's operations are
331 among the easiest to defend against power and timing attacks.
333 The AES specifies three key sizes: 128, 192 and 256 bits
335 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
337 config ADK_WALDUX_KERNEL_CRYPTO_ANUBIS
338 tristate "Anubis cipher algorithm"
339 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
342 Anubis cipher algorithm.
344 Anubis is a variable key length cipher which can use keys from
345 128 bits to 320 bits in length. It was evaluated as a entrant
346 in the NESSIE competition.
349 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
350 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
352 config ADK_WALDUX_KERNEL_CRYPTO_ARC4
353 tristate "ARC4 cipher algorithm"
354 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
357 ARC4 cipher algorithm.
359 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
360 bits in length. This algorithm is required for driver-based
361 WEP, but it should not be for other purposes because of the
362 weakness of the algorithm.
364 config ADK_WALDUX_KERNEL_CRYPTO_BLOWFISH
365 tristate "Blowfish cipher algorithm"
366 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
369 Blowfish cipher algorithm, by Bruce Schneier.
371 This is a variable key length cipher which can use keys from 32
372 bits to 448 bits in length. It's fast, simple and specifically
373 designed for use on "large microprocessors".
376 <http://www.schneier.com/blowfish.html>
378 config ADK_WALDUX_KERNEL_CRYPTO_CAMELLIA
379 tristate "Camellia cipher algorithms"
380 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
383 Camellia cipher algorithms module.
385 Camellia is a symmetric key block cipher developed jointly
386 at NTT and Mitsubishi Electric Corporation.
388 The Camellia specifies three key sizes: 128, 192 and 256 bits.
391 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
393 config ADK_WALDUX_KERNEL_CRYPTO_CAST5
394 tristate "CAST5 (CAST-128) cipher algorithm"
395 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
398 The CAST5 encryption algorithm (synonymous with CAST-128) is
399 described in RFC2144.
401 config ADK_WALDUX_KERNEL_CRYPTO_CAST6
402 tristate "CAST6 (CATS-256) cipher algorithm"
403 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
406 The CAST6 encryption algorithm (synonymous with CAST-256) is
407 described in RFC2612.
409 config ADK_WALDUX_KERNEL_CRYPTO_DES
410 tristate "DES and Triple DES EDE cipher algorithms"
411 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
414 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
416 config ADK_WALDUX_KERNEL_CRYPTO_FCRYPT
417 tristate "FCrypt cipher algorithms"
418 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
421 FCrypt algorithm used by RxRPC.
423 config ADK_WALDUX_KERNEL_CRYPTO_KHAZAD
424 tristate "Khazad cipher algorithm"
425 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
428 Khazad cipher algorithm.
430 Khazad was a finalist in the initial NESSIE competition. It is
431 an algorithm optimized for 64-bit processors with good performance
432 on 32-bit processors. Khazad uses an 128 bit key size.
435 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
437 config ADK_WALDUX_KERNEL_CRYPTO_SERPENT
438 tristate "Serpent cipher algorithm"
439 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
442 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
444 Keys are allowed to be from 0 to 256 bits in length, in steps
445 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
446 variant of Serpent for compatibility with old kerneli code.
449 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
451 config ADK_WALDUX_KERNEL_CRYPTO_TEA
452 tristate "TEA, XTEA and XETA cipher algorithms"
453 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
456 TEA cipher algorithm.
458 Tiny Encryption Algorithm is a simple cipher that uses
459 many rounds for security. It is very fast and uses
462 Xtendend Tiny Encryption Algorithm is a modification to
463 the TEA algorithm to address a potential key weakness
464 in the TEA algorithm.
466 Xtendend Encryption Tiny Algorithm is a mis-implementation
467 of the XTEA algorithm for compatibility purposes.
469 config ADK_WALDUX_KERNEL_CRYPTO_TWOFISH
470 tristate "Twofish cipher algorithm"
471 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
474 Twofish cipher algorithm.
476 Twofish was submitted as an AES (Advanced Encryption Standard)
477 candidate cipher by researchers at CounterPane Systems. It is a
478 16 round block cipher supporting key sizes of 128, 192, and 256
482 <http://www.schneier.com/twofish.html>
484 config ADK_WALDUX_KERNEL_CRYPTO_TWOFISH_586
485 tristate "Twofish cipher algorithm (i586)"
486 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
490 Twofish cipher algorithm.
492 Twofish was submitted as an AES (Advanced Encryption Standard)
493 candidate cipher by researchers at CounterPane Systems. It is a
494 16 round block cipher supporting key sizes of 128, 192, and 256
498 <http://www.schneier.com/twofish.html>
500 config ADK_WALDUX_KERNEL_CRYPTO_NULL
501 tristate "Null algorithms"
502 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
503 select ADK_WALDUX_KERNEL_CRYPTO_BLKCIPHER
504 select ADK_WALDUX_KERNEL_CRYPTO_HASH
507 These are 'Null' algorithms, used by IPsec, which do nothing.
513 config ADK_WALDUX_KERNEL_CRYPTO_DEFLATE
514 tristate "Deflate compression algorithm"
515 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
516 select ADK_WALDUX_KERNEL_ZLIB_DEFLATE
517 select ADK_WALDUX_KERNEL_ZLIB_INFLATE
520 This is the Deflate algorithm (RFC1951), specified for use in
521 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
523 You will most probably want this if using IPSec.
525 config ADK_WALDUX_KERNEL_CRYPTO_LZO
526 tristate "LZO compression algorithm"
527 select ADK_WALDUX_KERNEL_CRYPTO_ALGAPI
531 config ADK_WALDUX_KERNEL_CRYPTO_MICHAEL_MIC
532 tristate "Michael MIC keyed digest algorithm"
533 select ADK_WALDUX_KERNEL_CRYPTO_HASH
536 Michael MIC is used for message integrity protection in TKIP
537 (IEEE 802.11i). This algorithm is required for TKIP, but it
538 should not be used for other purposes because of the weakness
541 config ADK_WALDUX_KERNEL_CRYPTO_CRC32C
542 tristate "CRC32c CRC algorithm"
543 select ADK_WALDUX_KERNEL_CRYPTO_HASH
544 select ADK_WALDUX_KERNEL_CRC32
547 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
548 by iSCSI for header and data digests and by others.
549 See Castagnoli93. This implementation uses lib/libcrc32c.
550 Module will be crc32c.