| blob | 918b4d845f935ba5dfa4be45f88134716845a7e5 |
1 #
2 # Cryptographic API Configuration
3 #
5 menu "Cryptographic options"
7 config CRYPTO
8 bool "Cryptographic API"
9 help
10 This option provides the core Cryptographic API.
12 if CRYPTO
14 config CRYPTO_ALGAPI
15 tristate
16 help
17 This option provides the API for cryptographic algorithms.
19 config CRYPTO_BLKCIPHER
20 tristate
21 select CRYPTO_ALGAPI
23 config CRYPTO_HASH
24 tristate
25 select CRYPTO_ALGAPI
27 config CRYPTO_MANAGER
28 tristate "Cryptographic algorithm manager"
29 select CRYPTO_ALGAPI
30 help
31 Create default cryptographic template instantiations such as
32 cbc(aes).
34 config CRYPTO_HMAC
35 tristate "HMAC support"
36 select CRYPTO_HASH
37 select CRYPTO_MANAGER
38 help
39 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
40 This is required for IPSec.
42 config CRYPTO_XCBC
43 tristate "XCBC support"
44 depends on EXPERIMENTAL
45 select CRYPTO_HASH
46 select CRYPTO_MANAGER
47 help
48 XCBC: Keyed-Hashing with encryption algorithm
49 http://www.ietf.org/rfc/rfc3566.txt
50 http://csrc.nist.gov/encryption/modes/proposedmodes/
51 xcbc-mac/xcbc-mac-spec.pdf
53 config CRYPTO_NULL
54 tristate "Null algorithms"
55 select CRYPTO_ALGAPI
56 help
57 These are 'Null' algorithms, used by IPsec, which do nothing.
59 config CRYPTO_MD4
60 tristate "MD4 digest algorithm"
61 select CRYPTO_ALGAPI
62 help
63 MD4 message digest algorithm (RFC1320).
65 config CRYPTO_MD5
66 tristate "MD5 digest algorithm"
67 select CRYPTO_ALGAPI
68 help
69 MD5 message digest algorithm (RFC1321).
71 config CRYPTO_SHA1
72 tristate "SHA1 digest algorithm"
73 select CRYPTO_ALGAPI
74 help
75 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
77 config CRYPTO_SHA256
78 tristate "SHA256 digest algorithm"
79 select CRYPTO_ALGAPI
80 help
81 SHA256 secure hash standard (DFIPS 180-2).
83 This version of SHA implements a 256 bit hash with 128 bits of
84 security against collision attacks.
86 config CRYPTO_SHA512
87 tristate "SHA384 and SHA512 digest algorithms"
88 select CRYPTO_ALGAPI
89 help
90 SHA512 secure hash standard (DFIPS 180-2).
92 This version of SHA implements a 512 bit hash with 256 bits of
93 security against collision attacks.
95 This code also includes SHA-384, a 384 bit hash with 192 bits
96 of security against collision attacks.
98 config CRYPTO_WP512
99 tristate "Whirlpool digest algorithms"
100 select CRYPTO_ALGAPI
101 help
102 Whirlpool hash algorithm 512, 384 and 256-bit hashes
104 Whirlpool-512 is part of the NESSIE cryptographic primitives.
105 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
107 See also:
108 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
110 config CRYPTO_TGR192
111 tristate "Tiger digest algorithms"
112 select CRYPTO_ALGAPI
113 help
114 Tiger hash algorithm 192, 160 and 128-bit hashes
116 Tiger is a hash function optimized for 64-bit processors while
117 still having decent performance on 32-bit processors.
118 Tiger was developed by Ross Anderson and Eli Biham.
120 See also:
121 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
123 config CRYPTO_GF128MUL
124 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
125 depends on EXPERIMENTAL
126 help
127 Efficient table driven implementation of multiplications in the
128 field GF(2^128). This is needed by some cypher modes. This
129 option will be selected automatically if you select such a
130 cipher mode. Only select this option by hand if you expect to load
131 an external module that requires these functions.
133 config CRYPTO_ECB
134 tristate "ECB support"
135 select CRYPTO_BLKCIPHER
136 select CRYPTO_MANAGER
137 default m
138 help
139 ECB: Electronic CodeBook mode
140 This is the simplest block cipher algorithm. It simply encrypts
141 the input block by block.
143 config CRYPTO_CBC
144 tristate "CBC support"
145 select CRYPTO_BLKCIPHER
146 select CRYPTO_MANAGER
147 default m
148 help
149 CBC: Cipher Block Chaining mode
150 This block cipher algorithm is required for IPSec.
152 config CRYPTO_LRW
153 tristate "LRW support (EXPERIMENTAL)"
154 depends on EXPERIMENTAL
155 select CRYPTO_BLKCIPHER
156 select CRYPTO_MANAGER
157 select CRYPTO_GF128MUL
158 help
159 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
160 narrow block cipher mode for dm-crypt. Use it with cipher
161 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
162 The first 128, 192 or 256 bits in the key are used for AES and the
163 rest is used to tie each cipher block to its logical position.
165 config CRYPTO_DES
166 tristate "DES and Triple DES EDE cipher algorithms"
167 select CRYPTO_ALGAPI
168 help
169 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
171 config CRYPTO_BLOWFISH
172 tristate "Blowfish cipher algorithm"
173 select CRYPTO_ALGAPI
174 help
175 Blowfish cipher algorithm, by Bruce Schneier.
177 This is a variable key length cipher which can use keys from 32
178 bits to 448 bits in length. It's fast, simple and specifically
179 designed for use on "large microprocessors".
181 See also:
182 <http://www.schneier.com/blowfish.html>
184 config CRYPTO_TWOFISH
185 tristate "Twofish cipher algorithm"
186 select CRYPTO_ALGAPI
187 select CRYPTO_TWOFISH_COMMON
188 help
189 Twofish cipher algorithm.
191 Twofish was submitted as an AES (Advanced Encryption Standard)
192 candidate cipher by researchers at CounterPane Systems. It is a
193 16 round block cipher supporting key sizes of 128, 192, and 256
194 bits.
196 See also:
197 <http://www.schneier.com/twofish.html>
199 config CRYPTO_TWOFISH_COMMON
200 tristate
201 help
202 Common parts of the Twofish cipher algorithm shared by the
203 generic c and the assembler implementations.
205 config CRYPTO_TWOFISH_586
206 tristate "Twofish cipher algorithms (i586)"
207 depends on (X86 || UML_X86) && !64BIT
208 select CRYPTO_ALGAPI
209 select CRYPTO_TWOFISH_COMMON
210 help
211 Twofish cipher algorithm.
213 Twofish was submitted as an AES (Advanced Encryption Standard)
214 candidate cipher by researchers at CounterPane Systems. It is a
215 16 round block cipher supporting key sizes of 128, 192, and 256
216 bits.
218 See also:
219 <http://www.schneier.com/twofish.html>
221 config CRYPTO_TWOFISH_X86_64
222 tristate "Twofish cipher algorithm (x86_64)"
223 depends on (X86 || UML_X86) && 64BIT
224 select CRYPTO_ALGAPI
225 select CRYPTO_TWOFISH_COMMON
226 help
227 Twofish cipher algorithm (x86_64).
229 Twofish was submitted as an AES (Advanced Encryption Standard)
230 candidate cipher by researchers at CounterPane Systems. It is a
231 16 round block cipher supporting key sizes of 128, 192, and 256
232 bits.
234 See also:
235 <http://www.schneier.com/twofish.html>
237 config CRYPTO_SERPENT
238 tristate "Serpent cipher algorithm"
239 select CRYPTO_ALGAPI
240 help
241 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
243 Keys are allowed to be from 0 to 256 bits in length, in steps
244 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
245 variant of Serpent for compatibility with old kerneli code.
247 See also:
248 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
250 config CRYPTO_AES
251 tristate "AES cipher algorithms"
252 select CRYPTO_ALGAPI
253 help
254 AES cipher algorithms (FIPS-197). AES uses the Rijndael
255 algorithm.
257 Rijndael appears to be consistently a very good performer in
258 both hardware and software across a wide range of computing
259 environments regardless of its use in feedback or non-feedback
260 modes. Its key setup time is excellent, and its key agility is
261 good. Rijndael's very low memory requirements make it very well
262 suited for restricted-space environments, in which it also
263 demonstrates excellent performance. Rijndael's operations are
264 among the easiest to defend against power and timing attacks.
266 The AES specifies three key sizes: 128, 192 and 256 bits
268 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
270 config CRYPTO_AES_586
271 tristate "AES cipher algorithms (i586)"
272 depends on (X86 || UML_X86) && !64BIT
273 select CRYPTO_ALGAPI
274 help
275 AES cipher algorithms (FIPS-197). AES uses the Rijndael
276 algorithm.
278 Rijndael appears to be consistently a very good performer in
279 both hardware and software across a wide range of computing
280 environments regardless of its use in feedback or non-feedback
281 modes. Its key setup time is excellent, and its key agility is
282 good. Rijndael's very low memory requirements make it very well
283 suited for restricted-space environments, in which it also
284 demonstrates excellent performance. Rijndael's operations are
285 among the easiest to defend against power and timing attacks.
287 The AES specifies three key sizes: 128, 192 and 256 bits
289 See <http://csrc.nist.gov/encryption/aes/> for more information.
291 config CRYPTO_AES_X86_64
292 tristate "AES cipher algorithms (x86_64)"
293 depends on (X86 || UML_X86) && 64BIT
294 select CRYPTO_ALGAPI
295 help
296 AES cipher algorithms (FIPS-197). AES uses the Rijndael
297 algorithm.
299 Rijndael appears to be consistently a very good performer in
300 both hardware and software across a wide range of computing
301 environments regardless of its use in feedback or non-feedback
302 modes. Its key setup time is excellent, and its key agility is
303 good. Rijndael's very low memory requirements make it very well
304 suited for restricted-space environments, in which it also
305 demonstrates excellent performance. Rijndael's operations are
306 among the easiest to defend against power and timing attacks.
308 The AES specifies three key sizes: 128, 192 and 256 bits
310 See <http://csrc.nist.gov/encryption/aes/> for more information.
312 config CRYPTO_CAST5
313 tristate "CAST5 (CAST-128) cipher algorithm"
314 select CRYPTO_ALGAPI
315 help
316 The CAST5 encryption algorithm (synonymous with CAST-128) is
317 described in RFC2144.
319 config CRYPTO_CAST6
320 tristate "CAST6 (CAST-256) cipher algorithm"
321 select CRYPTO_ALGAPI
322 help
323 The CAST6 encryption algorithm (synonymous with CAST-256) is
324 described in RFC2612.
326 config CRYPTO_TEA
327 tristate "TEA, XTEA and XETA cipher algorithms"
328 select CRYPTO_ALGAPI
329 help
330 TEA cipher algorithm.
332 Tiny Encryption Algorithm is a simple cipher that uses
333 many rounds for security. It is very fast and uses
334 little memory.
336 Xtendend Tiny Encryption Algorithm is a modification to
337 the TEA algorithm to address a potential key weakness
338 in the TEA algorithm.
340 Xtendend Encryption Tiny Algorithm is a mis-implementation
341 of the XTEA algorithm for compatibility purposes.
343 config CRYPTO_ARC4
344 tristate "ARC4 cipher algorithm"
345 select CRYPTO_ALGAPI
346 help
347 ARC4 cipher algorithm.
349 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
350 bits in length. This algorithm is required for driver-based
351 WEP, but it should not be for other purposes because of the
352 weakness of the algorithm.
354 config CRYPTO_KHAZAD
355 tristate "Khazad cipher algorithm"
356 select CRYPTO_ALGAPI
357 help
358 Khazad cipher algorithm.
360 Khazad was a finalist in the initial NESSIE competition. It is
361 an algorithm optimized for 64-bit processors with good performance
362 on 32-bit processors. Khazad uses an 128 bit key size.
364 See also:
365 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
367 config CRYPTO_ANUBIS
368 tristate "Anubis cipher algorithm"
369 select CRYPTO_ALGAPI
370 help
371 Anubis cipher algorithm.
373 Anubis is a variable key length cipher which can use keys from
374 128 bits to 320 bits in length. It was evaluated as a entrant
375 in the NESSIE competition.
377 See also:
378 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
379 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
382 config CRYPTO_DEFLATE
383 tristate "Deflate compression algorithm"
384 select CRYPTO_ALGAPI
385 select ZLIB_INFLATE
386 select ZLIB_DEFLATE
387 help
388 This is the Deflate algorithm (RFC1951), specified for use in
389 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
391 You will most probably want this if using IPSec.
393 config CRYPTO_MICHAEL_MIC
394 tristate "Michael MIC keyed digest algorithm"
395 select CRYPTO_ALGAPI
396 help
397 Michael MIC is used for message integrity protection in TKIP
398 (IEEE 802.11i). This algorithm is required for TKIP, but it
399 should not be used for other purposes because of the weakness
400 of the algorithm.
402 config CRYPTO_CRC32C
403 tristate "CRC32c CRC algorithm"
404 select CRYPTO_ALGAPI
405 select LIBCRC32C
406 help
407 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
408 by iSCSI for header and data digests and by others.
409 See Castagnoli93. This implementation uses lib/libcrc32c.
410 Module will be crc32c.
412 config CRYPTO_TEST
413 tristate "Testing module"
414 depends on m
415 select CRYPTO_ALGAPI
416 help
417 Quick & dirty crypto test module.
419 source "drivers/crypto/Kconfig"
421 endif # if CRYPTO
423 endmenu