crypto/Kconfig

   1 #
   2 # Generic algorithms support
   3 #
   4 config XOR_BLOCKS
   5         tristate
   6
   7 #
   8 # async_tx api: hardware offloaded memory transfer/transform support
   9 #
  10 source "crypto/async_tx/Kconfig"
  11
  12 #
  13 # Cryptographic API Configuration
  14 #
  15 menuconfig CRYPTO
  16         bool "Cryptographic API"
  17         help
  18           This option provides the core Cryptographic API.
  19
  20 if CRYPTO
  21
  22 config CRYPTO_ALGAPI
  23         tristate
  24         help
  25           This option provides the API for cryptographic algorithms.
  26
  27 config CRYPTO_ABLKCIPHER
  28         tristate
  29         select CRYPTO_BLKCIPHER
  30
  31 config CRYPTO_BLKCIPHER
  32         tristate
  33         select CRYPTO_ALGAPI
  34
  35 config CRYPTO_HASH
  36         tristate
  37         select CRYPTO_ALGAPI
  38
  39 config CRYPTO_MANAGER
  40         tristate "Cryptographic algorithm manager"
  41         select CRYPTO_ALGAPI
  42         help
  43           Create default cryptographic template instantiations such as
  44           cbc(aes).
  45
  46 config CRYPTO_HMAC
  47         tristate "HMAC support"
  48         select CRYPTO_HASH
  49         select CRYPTO_MANAGER
  50         help
  51           HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  52           This is required for IPSec.
  53
  54 config CRYPTO_XCBC
  55         tristate "XCBC support"
  56         depends on EXPERIMENTAL
  57         select CRYPTO_HASH
  58         select CRYPTO_MANAGER
  59         help
  60           XCBC: Keyed-Hashing with encryption algorithm
  61                 http://www.ietf.org/rfc/rfc3566.txt
  62                 http://csrc.nist.gov/encryption/modes/proposedmodes/
  63                  xcbc-mac/xcbc-mac-spec.pdf
  64
  65 config CRYPTO_NULL
  66         tristate "Null algorithms"
  67         select CRYPTO_ALGAPI
  68         help
  69           These are 'Null' algorithms, used by IPsec, which do nothing.
  70
  71 config CRYPTO_MD4
  72         tristate "MD4 digest algorithm"
  73         select CRYPTO_ALGAPI
  74         help
  75           MD4 message digest algorithm (RFC1320).
  76
  77 config CRYPTO_MD5
  78         tristate "MD5 digest algorithm"
  79         select CRYPTO_ALGAPI
  80         help
  81           MD5 message digest algorithm (RFC1321).
  82
  83 config CRYPTO_SHA1
  84         tristate "SHA1 digest algorithm"
  85         select CRYPTO_ALGAPI
  86         help
  87           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  88
  89 config CRYPTO_SHA256
  90         tristate "SHA256 digest algorithm"
  91         select CRYPTO_ALGAPI
  92         help
  93           SHA256 secure hash standard (DFIPS 180-2).
  94
  95           This version of SHA implements a 256 bit hash with 128 bits of
  96           security against collision attacks.
  97
  98 config CRYPTO_SHA512
  99         tristate "SHA384 and SHA512 digest algorithms"
 100         select CRYPTO_ALGAPI
 101         help
 102           SHA512 secure hash standard (DFIPS 180-2).
 103
 104           This version of SHA implements a 512 bit hash with 256 bits of
 105           security against collision attacks.
 106
 107           This code also includes SHA-384, a 384 bit hash with 192 bits
 108           of security against collision attacks.
 109
 110 config CRYPTO_WP512
 111         tristate "Whirlpool digest algorithms"
 112         select CRYPTO_ALGAPI
 113         help
 114           Whirlpool hash algorithm 512, 384 and 256-bit hashes
 115
 116           Whirlpool-512 is part of the NESSIE cryptographic primitives.
 117           Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
 118
 119           See also:
 120           <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
 121
 122 config CRYPTO_TGR192
 123         tristate "Tiger digest algorithms"
 124         select CRYPTO_ALGAPI
 125         help
 126           Tiger hash algorithm 192, 160 and 128-bit hashes
 127
 128           Tiger is a hash function optimized for 64-bit processors while
 129           still having decent performance on 32-bit processors.
 130           Tiger was developed by Ross Anderson and Eli Biham.
 131
 132           See also:
 133           <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
 134
 135 config CRYPTO_GF128MUL
 136         tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
 137         depends on EXPERIMENTAL
 138         help
 139           Efficient table driven implementation of multiplications in the
 140           field GF(2^128).  This is needed by some cypher modes. This
 141           option will be selected automatically if you select such a
 142           cipher mode.  Only select this option by hand if you expect to load
 143           an external module that requires these functions.
 144
 145 config CRYPTO_ECB
 146         tristate "ECB support"
 147         select CRYPTO_BLKCIPHER
 148         select CRYPTO_MANAGER
 149         default m
 150         help
 151           ECB: Electronic CodeBook mode
 152           This is the simplest block cipher algorithm.  It simply encrypts
 153           the input block by block.
 154
 155 config CRYPTO_CBC
 156         tristate "CBC support"
 157         select CRYPTO_BLKCIPHER
 158         select CRYPTO_MANAGER
 159         default m
 160         help
 161           CBC: Cipher Block Chaining mode
 162           This block cipher algorithm is required for IPSec.
 163
 164 config CRYPTO_PCBC
 165         tristate "PCBC support"
 166         select CRYPTO_BLKCIPHER
 167         select CRYPTO_MANAGER
 168         default m
 169         help
 170           PCBC: Propagating Cipher Block Chaining mode
 171           This block cipher algorithm is required for RxRPC.
 172
 173 config CRYPTO_LRW
 174         tristate "LRW support (EXPERIMENTAL)"
 175         depends on EXPERIMENTAL
 176         select CRYPTO_BLKCIPHER
 177         select CRYPTO_MANAGER
 178         select CRYPTO_GF128MUL
 179         help
 180           LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
 181           narrow block cipher mode for dm-crypt.  Use it with cipher
 182           specification string aes-lrw-benbi, the key must be 256, 320 or 384.
 183           The first 128, 192 or 256 bits in the key are used for AES and the
 184           rest is used to tie each cipher block to its logical position.
 185
 186 config CRYPTO_CRYPTD
 187         tristate "Software async crypto daemon"
 188         select CRYPTO_ABLKCIPHER
 189         select CRYPTO_MANAGER
 190         help
 191           This is a generic software asynchronous crypto daemon that
 192           converts an arbitrary synchronous software crypto algorithm
 193           into an asynchronous algorithm that executes in a kernel thread.
 194
 195 config CRYPTO_DES
 196         tristate "DES and Triple DES EDE cipher algorithms"
 197         select CRYPTO_ALGAPI
 198         help
 199           DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
 200
 201 config CRYPTO_FCRYPT
 202         tristate "FCrypt cipher algorithm"
 203         select CRYPTO_ALGAPI
 204         select CRYPTO_BLKCIPHER
 205         help
 206           FCrypt algorithm used by RxRPC.
 207
 208 config CRYPTO_BLOWFISH
 209         tristate "Blowfish cipher algorithm"
 210         select CRYPTO_ALGAPI
 211         help
 212           Blowfish cipher algorithm, by Bruce Schneier.
 213
 214           This is a variable key length cipher which can use keys from 32
 215           bits to 448 bits in length.  It's fast, simple and specifically
 216           designed for use on "large microprocessors".
 217
 218           See also:
 219           <http://www.schneier.com/blowfish.html>
 220
 221 config CRYPTO_TWOFISH
 222         tristate "Twofish cipher algorithm"
 223         select CRYPTO_ALGAPI
 224         select CRYPTO_TWOFISH_COMMON
 225         help
 226           Twofish cipher algorithm.
 227
 228           Twofish was submitted as an AES (Advanced Encryption Standard)
 229           candidate cipher by researchers at CounterPane Systems.  It is a
 230           16 round block cipher supporting key sizes of 128, 192, and 256
 231           bits.
 232
 233           See also:
 234           <http://www.schneier.com/twofish.html>
 235
 236 config CRYPTO_TWOFISH_COMMON
 237         tristate
 238         help
 239           Common parts of the Twofish cipher algorithm shared by the
 240           generic c and the assembler implementations.
 241
 242 config CRYPTO_TWOFISH_586
 243         tristate "Twofish cipher algorithms (i586)"
 244         depends on (X86 || UML_X86) && !64BIT
 245         select CRYPTO_ALGAPI
 246         select CRYPTO_TWOFISH_COMMON
 247         help
 248           Twofish cipher algorithm.
 249
 250           Twofish was submitted as an AES (Advanced Encryption Standard)
 251           candidate cipher by researchers at CounterPane Systems.  It is a
 252           16 round block cipher supporting key sizes of 128, 192, and 256
 253           bits.
 254
 255           See also:
 256           <http://www.schneier.com/twofish.html>
 257
 258 config CRYPTO_TWOFISH_X86_64
 259         tristate "Twofish cipher algorithm (x86_64)"
 260         depends on (X86 || UML_X86) && 64BIT
 261         select CRYPTO_ALGAPI
 262         select CRYPTO_TWOFISH_COMMON
 263         help
 264           Twofish cipher algorithm (x86_64).
 265
 266           Twofish was submitted as an AES (Advanced Encryption Standard)
 267           candidate cipher by researchers at CounterPane Systems.  It is a
 268           16 round block cipher supporting key sizes of 128, 192, and 256
 269           bits.
 270
 271           See also:
 272           <http://www.schneier.com/twofish.html>
 273
 274 config CRYPTO_SERPENT
 275         tristate "Serpent cipher algorithm"
 276         select CRYPTO_ALGAPI
 277         help
 278           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 279
 280           Keys are allowed to be from 0 to 256 bits in length, in steps
 281           of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
 282           variant of Serpent for compatibility with old kerneli.org code.
 283
 284           See also:
 285           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 286
 287 config CRYPTO_AES
 288         tristate "AES cipher algorithms"
 289         select CRYPTO_ALGAPI
 290         help
 291           AES cipher algorithms (FIPS-197). AES uses the Rijndael
 292           algorithm.
 293
 294           Rijndael appears to be consistently a very good performer in
 295           both hardware and software across a wide range of computing
 296           environments regardless of its use in feedback or non-feedback
 297           modes. Its key setup time is excellent, and its key agility is
 298           good. Rijndael's very low memory requirements make it very well
 299           suited for restricted-space environments, in which it also
 300           demonstrates excellent performance. Rijndael's operations are
 301           among the easiest to defend against power and timing attacks.
 302
 303           The AES specifies three key sizes: 128, 192 and 256 bits
 304
 305           See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
 306
 307 config CRYPTO_AES_586
 308         tristate "AES cipher algorithms (i586)"
 309         depends on (X86 || UML_X86) && !64BIT
 310         select CRYPTO_ALGAPI
 311         help
 312           AES cipher algorithms (FIPS-197). AES uses the Rijndael
 313           algorithm.
 314
 315           Rijndael appears to be consistently a very good performer in
 316           both hardware and software across a wide range of computing
 317           environments regardless of its use in feedback or non-feedback
 318           modes. Its key setup time is excellent, and its key agility is
 319           good. Rijndael's very low memory requirements make it very well
 320           suited for restricted-space environments, in which it also
 321           demonstrates excellent performance. Rijndael's operations are
 322           among the easiest to defend against power and timing attacks.
 323
 324           The AES specifies three key sizes: 128, 192 and 256 bits
 325
 326           See <http://csrc.nist.gov/encryption/aes/> for more information.
 327
 328 config CRYPTO_AES_X86_64
 329         tristate "AES cipher algorithms (x86_64)"
 330         depends on (X86 || UML_X86) && 64BIT
 331         select CRYPTO_ALGAPI
 332         help
 333           AES cipher algorithms (FIPS-197). AES uses the Rijndael
 334           algorithm.
 335
 336           Rijndael appears to be consistently a very good performer in
 337           both hardware and software across a wide range of computing
 338           environments regardless of its use in feedback or non-feedback
 339           modes. Its key setup time is excellent, and its key agility is
 340           good. Rijndael's very low memory requirements make it very well
 341           suited for restricted-space environments, in which it also
 342           demonstrates excellent performance. Rijndael's operations are
 343           among the easiest to defend against power and timing attacks.
 344
 345           The AES specifies three key sizes: 128, 192 and 256 bits
 346
 347           See <http://csrc.nist.gov/encryption/aes/> for more information.
 348
 349 config CRYPTO_CAST5
 350         tristate "CAST5 (CAST-128) cipher algorithm"
 351         select CRYPTO_ALGAPI
 352         help
 353           The CAST5 encryption algorithm (synonymous with CAST-128) is
 354           described in RFC2144.
 355
 356 config CRYPTO_CAST6
 357         tristate "CAST6 (CAST-256) cipher algorithm"
 358         select CRYPTO_ALGAPI
 359         help
 360           The CAST6 encryption algorithm (synonymous with CAST-256) is
 361           described in RFC2612.
 362
 363 config CRYPTO_TEA
 364         tristate "TEA, XTEA and XETA cipher algorithms"
 365         select CRYPTO_ALGAPI
 366         help
 367           TEA cipher algorithm.
 368
 369           Tiny Encryption Algorithm is a simple cipher that uses
 370           many rounds for security.  It is very fast and uses
 371           little memory.
 372
 373           Xtendend Tiny Encryption Algorithm is a modification to
 374           the TEA algorithm to address a potential key weakness
 375           in the TEA algorithm.
 376
 377           Xtendend Encryption Tiny Algorithm is a mis-implementation
 378           of the XTEA algorithm for compatibility purposes.
 379
 380 config CRYPTO_ARC4
 381         tristate "ARC4 cipher algorithm"
 382         select CRYPTO_ALGAPI
 383         help
 384           ARC4 cipher algorithm.
 385
 386           ARC4 is a stream cipher using keys ranging from 8 bits to 2048
 387           bits in length.  This algorithm is required for driver-based
 388           WEP, but it should not be for other purposes because of the
 389           weakness of the algorithm.
 390
 391 config CRYPTO_KHAZAD
 392         tristate "Khazad cipher algorithm"
 393         select CRYPTO_ALGAPI
 394         help
 395           Khazad cipher algorithm.
 396
 397           Khazad was a finalist in the initial NESSIE competition.  It is
 398           an algorithm optimized for 64-bit processors with good performance
 399           on 32-bit processors.  Khazad uses an 128 bit key size.
 400
 401           See also:
 402           <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
 403
 404 config CRYPTO_ANUBIS
 405         tristate "Anubis cipher algorithm"
 406         select CRYPTO_ALGAPI
 407         help
 408           Anubis cipher algorithm.
 409
 410           Anubis is a variable key length cipher which can use keys from
 411           128 bits to 320 bits in length.  It was evaluated as a entrant
 412           in the NESSIE competition.
 413
 414           See also:
 415           <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
 416           <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
 417
 418
 419 config CRYPTO_DEFLATE
 420         tristate "Deflate compression algorithm"
 421         select CRYPTO_ALGAPI
 422         select ZLIB_INFLATE
 423         select ZLIB_DEFLATE
 424         help
 425           This is the Deflate algorithm (RFC1951), specified for use in
 426           IPSec with the IPCOMP protocol (RFC3173, RFC2394).
 427
 428           You will most probably want this if using IPSec.
 429
 430 config CRYPTO_MICHAEL_MIC
 431         tristate "Michael MIC keyed digest algorithm"
 432         select CRYPTO_ALGAPI
 433         help
 434           Michael MIC is used for message integrity protection in TKIP
 435           (IEEE 802.11i). This algorithm is required for TKIP, but it
 436           should not be used for other purposes because of the weakness
 437           of the algorithm.
 438
 439 config CRYPTO_CRC32C
 440         tristate "CRC32c CRC algorithm"
 441         select CRYPTO_ALGAPI
 442         select LIBCRC32C
 443         help
 444           Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
 445           by iSCSI for header and data digests and by others.
 446           See Castagnoli93.  This implementation uses lib/libcrc32c.
 447           Module will be crc32c.
 448
 449 config CRYPTO_CAMELLIA
 450         tristate "Camellia cipher algorithms"
 451         depends on CRYPTO
 452         select CRYPTO_ALGAPI
 453         help
 454           Camellia cipher algorithms module.
 455
 456           Camellia is a symmetric key block cipher developed jointly
 457           at NTT and Mitsubishi Electric Corporation.
 458
 459           The Camellia specifies three key sizes: 128, 192 and 256 bits.
 460
 461           See also:
 462           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 463
 464 config CRYPTO_TEST
 465         tristate "Testing module"
 466         depends on m
 467         select CRYPTO_ALGAPI
 468         help
 469           Quick & dirty crypto test module.
 470
 471 source "drivers/crypto/Kconfig"
 472
 473 endif   # if CRYPTO