]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame_incremental - crypto/Kconfig
[CRYPTO] templates: Pass type/mask when creating instances
[mirror_ubuntu-bionic-kernel.git] / crypto / Kconfig
... / ...
CommitLineData
1#
2# Cryptographic API Configuration
3#
4
5menu "Cryptographic options"
6
7config CRYPTO
8 bool "Cryptographic API"
9 help
10 This option provides the core Cryptographic API.
11
12if CRYPTO
13
14config CRYPTO_ALGAPI
15 tristate
16 help
17 This option provides the API for cryptographic algorithms.
18
19config CRYPTO_BLKCIPHER
20 tristate
21 select CRYPTO_ALGAPI
22
23config CRYPTO_HASH
24 tristate
25 select CRYPTO_ALGAPI
26
27config CRYPTO_MANAGER
28 tristate "Cryptographic algorithm manager"
29 select CRYPTO_ALGAPI
30 help
31 Create default cryptographic template instantiations such as
32 cbc(aes).
33
34config CRYPTO_HMAC
35 tristate "HMAC support"
36 select CRYPTO_HASH
37 select CRYPTO_MANAGER
38 help
39 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
40 This is required for IPSec.
41
42config CRYPTO_XCBC
43 tristate "XCBC support"
44 depends on EXPERIMENTAL
45 select CRYPTO_HASH
46 select CRYPTO_MANAGER
47 help
48 XCBC: Keyed-Hashing with encryption algorithm
49 http://www.ietf.org/rfc/rfc3566.txt
50 http://csrc.nist.gov/encryption/modes/proposedmodes/
51 xcbc-mac/xcbc-mac-spec.pdf
52
53config CRYPTO_NULL
54 tristate "Null algorithms"
55 select CRYPTO_ALGAPI
56 help
57 These are 'Null' algorithms, used by IPsec, which do nothing.
58
59config CRYPTO_MD4
60 tristate "MD4 digest algorithm"
61 select CRYPTO_ALGAPI
62 help
63 MD4 message digest algorithm (RFC1320).
64
65config CRYPTO_MD5
66 tristate "MD5 digest algorithm"
67 select CRYPTO_ALGAPI
68 help
69 MD5 message digest algorithm (RFC1321).
70
71config CRYPTO_SHA1
72 tristate "SHA1 digest algorithm"
73 select CRYPTO_ALGAPI
74 help
75 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
76
77config CRYPTO_SHA256
78 tristate "SHA256 digest algorithm"
79 select CRYPTO_ALGAPI
80 help
81 SHA256 secure hash standard (DFIPS 180-2).
82
83 This version of SHA implements a 256 bit hash with 128 bits of
84 security against collision attacks.
85
86config CRYPTO_SHA512
87 tristate "SHA384 and SHA512 digest algorithms"
88 select CRYPTO_ALGAPI
89 help
90 SHA512 secure hash standard (DFIPS 180-2).
91
92 This version of SHA implements a 512 bit hash with 256 bits of
93 security against collision attacks.
94
95 This code also includes SHA-384, a 384 bit hash with 192 bits
96 of security against collision attacks.
97
98config CRYPTO_WP512
99 tristate "Whirlpool digest algorithms"
100 select CRYPTO_ALGAPI
101 help
102 Whirlpool hash algorithm 512, 384 and 256-bit hashes
103
104 Whirlpool-512 is part of the NESSIE cryptographic primitives.
105 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
106
107 See also:
108 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
109
110config CRYPTO_TGR192
111 tristate "Tiger digest algorithms"
112 select CRYPTO_ALGAPI
113 help
114 Tiger hash algorithm 192, 160 and 128-bit hashes
115
116 Tiger is a hash function optimized for 64-bit processors while
117 still having decent performance on 32-bit processors.
118 Tiger was developed by Ross Anderson and Eli Biham.
119
120 See also:
121 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
122
123config CRYPTO_GF128MUL
124 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
125 depends on EXPERIMENTAL
126 help
127 Efficient table driven implementation of multiplications in the
128 field GF(2^128). This is needed by some cypher modes. This
129 option will be selected automatically if you select such a
130 cipher mode. Only select this option by hand if you expect to load
131 an external module that requires these functions.
132
133config CRYPTO_ECB
134 tristate "ECB support"
135 select CRYPTO_BLKCIPHER
136 select CRYPTO_MANAGER
137 default m
138 help
139 ECB: Electronic CodeBook mode
140 This is the simplest block cipher algorithm. It simply encrypts
141 the input block by block.
142
143config CRYPTO_CBC
144 tristate "CBC support"
145 select CRYPTO_BLKCIPHER
146 select CRYPTO_MANAGER
147 default m
148 help
149 CBC: Cipher Block Chaining mode
150 This block cipher algorithm is required for IPSec.
151
152config CRYPTO_PCBC
153 tristate "PCBC support"
154 select CRYPTO_BLKCIPHER
155 select CRYPTO_MANAGER
156 default m
157 help
158 PCBC: Propagating Cipher Block Chaining mode
159 This block cipher algorithm is required for RxRPC.
160
161config CRYPTO_LRW
162 tristate "LRW support (EXPERIMENTAL)"
163 depends on EXPERIMENTAL
164 select CRYPTO_BLKCIPHER
165 select CRYPTO_MANAGER
166 select CRYPTO_GF128MUL
167 help
168 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
169 narrow block cipher mode for dm-crypt. Use it with cipher
170 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
171 The first 128, 192 or 256 bits in the key are used for AES and the
172 rest is used to tie each cipher block to its logical position.
173
174config CRYPTO_DES
175 tristate "DES and Triple DES EDE cipher algorithms"
176 select CRYPTO_ALGAPI
177 help
178 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
179
180config CRYPTO_FCRYPT
181 tristate "FCrypt cipher algorithm"
182 select CRYPTO_ALGAPI
183 select CRYPTO_BLKCIPHER
184 help
185 FCrypt algorithm used by RxRPC.
186
187config CRYPTO_BLOWFISH
188 tristate "Blowfish cipher algorithm"
189 select CRYPTO_ALGAPI
190 help
191 Blowfish cipher algorithm, by Bruce Schneier.
192
193 This is a variable key length cipher which can use keys from 32
194 bits to 448 bits in length. It's fast, simple and specifically
195 designed for use on "large microprocessors".
196
197 See also:
198 <http://www.schneier.com/blowfish.html>
199
200config CRYPTO_TWOFISH
201 tristate "Twofish cipher algorithm"
202 select CRYPTO_ALGAPI
203 select CRYPTO_TWOFISH_COMMON
204 help
205 Twofish cipher algorithm.
206
207 Twofish was submitted as an AES (Advanced Encryption Standard)
208 candidate cipher by researchers at CounterPane Systems. It is a
209 16 round block cipher supporting key sizes of 128, 192, and 256
210 bits.
211
212 See also:
213 <http://www.schneier.com/twofish.html>
214
215config CRYPTO_TWOFISH_COMMON
216 tristate
217 help
218 Common parts of the Twofish cipher algorithm shared by the
219 generic c and the assembler implementations.
220
221config CRYPTO_TWOFISH_586
222 tristate "Twofish cipher algorithms (i586)"
223 depends on (X86 || UML_X86) && !64BIT
224 select CRYPTO_ALGAPI
225 select CRYPTO_TWOFISH_COMMON
226 help
227 Twofish cipher algorithm.
228
229 Twofish was submitted as an AES (Advanced Encryption Standard)
230 candidate cipher by researchers at CounterPane Systems. It is a
231 16 round block cipher supporting key sizes of 128, 192, and 256
232 bits.
233
234 See also:
235 <http://www.schneier.com/twofish.html>
236
237config CRYPTO_TWOFISH_X86_64
238 tristate "Twofish cipher algorithm (x86_64)"
239 depends on (X86 || UML_X86) && 64BIT
240 select CRYPTO_ALGAPI
241 select CRYPTO_TWOFISH_COMMON
242 help
243 Twofish cipher algorithm (x86_64).
244
245 Twofish was submitted as an AES (Advanced Encryption Standard)
246 candidate cipher by researchers at CounterPane Systems. It is a
247 16 round block cipher supporting key sizes of 128, 192, and 256
248 bits.
249
250 See also:
251 <http://www.schneier.com/twofish.html>
252
253config CRYPTO_SERPENT
254 tristate "Serpent cipher algorithm"
255 select CRYPTO_ALGAPI
256 help
257 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
258
259 Keys are allowed to be from 0 to 256 bits in length, in steps
260 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
261 variant of Serpent for compatibility with old kerneli code.
262
263 See also:
264 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
265
266config CRYPTO_AES
267 tristate "AES cipher algorithms"
268 select CRYPTO_ALGAPI
269 help
270 AES cipher algorithms (FIPS-197). AES uses the Rijndael
271 algorithm.
272
273 Rijndael appears to be consistently a very good performer in
274 both hardware and software across a wide range of computing
275 environments regardless of its use in feedback or non-feedback
276 modes. Its key setup time is excellent, and its key agility is
277 good. Rijndael's very low memory requirements make it very well
278 suited for restricted-space environments, in which it also
279 demonstrates excellent performance. Rijndael's operations are
280 among the easiest to defend against power and timing attacks.
281
282 The AES specifies three key sizes: 128, 192 and 256 bits
283
284 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
285
286config CRYPTO_AES_586
287 tristate "AES cipher algorithms (i586)"
288 depends on (X86 || UML_X86) && !64BIT
289 select CRYPTO_ALGAPI
290 help
291 AES cipher algorithms (FIPS-197). AES uses the Rijndael
292 algorithm.
293
294 Rijndael appears to be consistently a very good performer in
295 both hardware and software across a wide range of computing
296 environments regardless of its use in feedback or non-feedback
297 modes. Its key setup time is excellent, and its key agility is
298 good. Rijndael's very low memory requirements make it very well
299 suited for restricted-space environments, in which it also
300 demonstrates excellent performance. Rijndael's operations are
301 among the easiest to defend against power and timing attacks.
302
303 The AES specifies three key sizes: 128, 192 and 256 bits
304
305 See <http://csrc.nist.gov/encryption/aes/> for more information.
306
307config CRYPTO_AES_X86_64
308 tristate "AES cipher algorithms (x86_64)"
309 depends on (X86 || UML_X86) && 64BIT
310 select CRYPTO_ALGAPI
311 help
312 AES cipher algorithms (FIPS-197). AES uses the Rijndael
313 algorithm.
314
315 Rijndael appears to be consistently a very good performer in
316 both hardware and software across a wide range of computing
317 environments regardless of its use in feedback or non-feedback
318 modes. Its key setup time is excellent, and its key agility is
319 good. Rijndael's very low memory requirements make it very well
320 suited for restricted-space environments, in which it also
321 demonstrates excellent performance. Rijndael's operations are
322 among the easiest to defend against power and timing attacks.
323
324 The AES specifies three key sizes: 128, 192 and 256 bits
325
326 See <http://csrc.nist.gov/encryption/aes/> for more information.
327
328config CRYPTO_CAST5
329 tristate "CAST5 (CAST-128) cipher algorithm"
330 select CRYPTO_ALGAPI
331 help
332 The CAST5 encryption algorithm (synonymous with CAST-128) is
333 described in RFC2144.
334
335config CRYPTO_CAST6
336 tristate "CAST6 (CAST-256) cipher algorithm"
337 select CRYPTO_ALGAPI
338 help
339 The CAST6 encryption algorithm (synonymous with CAST-256) is
340 described in RFC2612.
341
342config CRYPTO_TEA
343 tristate "TEA, XTEA and XETA cipher algorithms"
344 select CRYPTO_ALGAPI
345 help
346 TEA cipher algorithm.
347
348 Tiny Encryption Algorithm is a simple cipher that uses
349 many rounds for security. It is very fast and uses
350 little memory.
351
352 Xtendend Tiny Encryption Algorithm is a modification to
353 the TEA algorithm to address a potential key weakness
354 in the TEA algorithm.
355
356 Xtendend Encryption Tiny Algorithm is a mis-implementation
357 of the XTEA algorithm for compatibility purposes.
358
359config CRYPTO_ARC4
360 tristate "ARC4 cipher algorithm"
361 select CRYPTO_ALGAPI
362 help
363 ARC4 cipher algorithm.
364
365 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
366 bits in length. This algorithm is required for driver-based
367 WEP, but it should not be for other purposes because of the
368 weakness of the algorithm.
369
370config CRYPTO_KHAZAD
371 tristate "Khazad cipher algorithm"
372 select CRYPTO_ALGAPI
373 help
374 Khazad cipher algorithm.
375
376 Khazad was a finalist in the initial NESSIE competition. It is
377 an algorithm optimized for 64-bit processors with good performance
378 on 32-bit processors. Khazad uses an 128 bit key size.
379
380 See also:
381 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
382
383config CRYPTO_ANUBIS
384 tristate "Anubis cipher algorithm"
385 select CRYPTO_ALGAPI
386 help
387 Anubis cipher algorithm.
388
389 Anubis is a variable key length cipher which can use keys from
390 128 bits to 320 bits in length. It was evaluated as a entrant
391 in the NESSIE competition.
392
393 See also:
394 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
395 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
396
397
398config CRYPTO_DEFLATE
399 tristate "Deflate compression algorithm"
400 select CRYPTO_ALGAPI
401 select ZLIB_INFLATE
402 select ZLIB_DEFLATE
403 help
404 This is the Deflate algorithm (RFC1951), specified for use in
405 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
406
407 You will most probably want this if using IPSec.
408
409config CRYPTO_MICHAEL_MIC
410 tristate "Michael MIC keyed digest algorithm"
411 select CRYPTO_ALGAPI
412 help
413 Michael MIC is used for message integrity protection in TKIP
414 (IEEE 802.11i). This algorithm is required for TKIP, but it
415 should not be used for other purposes because of the weakness
416 of the algorithm.
417
418config CRYPTO_CRC32C
419 tristate "CRC32c CRC algorithm"
420 select CRYPTO_ALGAPI
421 select LIBCRC32C
422 help
423 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
424 by iSCSI for header and data digests and by others.
425 See Castagnoli93. This implementation uses lib/libcrc32c.
426 Module will be crc32c.
427
428config CRYPTO_CAMELLIA
429 tristate "Camellia cipher algorithms"
430 depends on CRYPTO
431 select CRYPTO_ALGAPI
432 help
433 Camellia cipher algorithms module.
434
435 Camellia is a symmetric key block cipher developed jointly
436 at NTT and Mitsubishi Electric Corporation.
437
438 The Camellia specifies three key sizes: 128, 192 and 256 bits.
439
440 See also:
441 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
442
443config CRYPTO_TEST
444 tristate "Testing module"
445 depends on m
446 select CRYPTO_ALGAPI
447 help
448 Quick & dirty crypto test module.
449
450source "drivers/crypto/Kconfig"
451
452endif # if CRYPTO
453
454endmenu