1# 2# Cryptographic API Configuration 3# 4 5menu "Cryptographic options" 6 7config CRYPTO 8 bool "Cryptographic API" 9 help 10 This option provides the core Cryptographic API. 11 12if CRYPTO 13 14config CRYPTO_ALGAPI 15 tristate 16 help 17 This option provides the API for cryptographic algorithms. 18 19config CRYPTO_ABLKCIPHER 20 tristate 21 select CRYPTO_BLKCIPHER 22 23config CRYPTO_BLKCIPHER 24 tristate 25 select CRYPTO_ALGAPI 26 27config CRYPTO_HASH 28 tristate 29 select CRYPTO_ALGAPI 30 31config CRYPTO_MANAGER 32 tristate "Cryptographic algorithm manager" 33 select CRYPTO_ALGAPI 34 help 35 Create default cryptographic template instantiations such as 36 cbc(aes). 37 38config CRYPTO_HMAC 39 tristate "HMAC support" 40 select CRYPTO_HASH 41 select CRYPTO_MANAGER 42 help 43 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 44 This is required for IPSec. 45 46config CRYPTO_XCBC 47 tristate "XCBC support" 48 depends on EXPERIMENTAL 49 select CRYPTO_HASH 50 select CRYPTO_MANAGER 51 help 52 XCBC: Keyed-Hashing with encryption algorithm 53 http://www.ietf.org/rfc/rfc3566.txt 54 http://csrc.nist.gov/encryption/modes/proposedmodes/ 55 xcbc-mac/xcbc-mac-spec.pdf 56 57config CRYPTO_NULL 58 tristate "Null algorithms" 59 select CRYPTO_ALGAPI 60 help 61 These are 'Null' algorithms, used by IPsec, which do nothing. 62 63config CRYPTO_MD4 64 tristate "MD4 digest algorithm" 65 select CRYPTO_ALGAPI 66 help 67 MD4 message digest algorithm (RFC1320). 68 69config CRYPTO_MD5 70 tristate "MD5 digest algorithm" 71 select CRYPTO_ALGAPI 72 help 73 MD5 message digest algorithm (RFC1321). 74 75config CRYPTO_SHA1 76 tristate "SHA1 digest algorithm" 77 select CRYPTO_ALGAPI 78 help 79 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 80 81config CRYPTO_SHA256 82 tristate "SHA256 digest algorithm" 83 select CRYPTO_ALGAPI 84 help 85 SHA256 secure hash standard (DFIPS 180-2). 86 87 This version of SHA implements a 256 bit hash with 128 bits of 88 security against collision attacks. 89 90config CRYPTO_SHA512 91 tristate "SHA384 and SHA512 digest algorithms" 92 select CRYPTO_ALGAPI 93 help 94 SHA512 secure hash standard (DFIPS 180-2). 95 96 This version of SHA implements a 512 bit hash with 256 bits of 97 security against collision attacks. 98 99 This code also includes SHA-384, a 384 bit hash with 192 bits 100 of security against collision attacks. 101 102config CRYPTO_WP512 103 tristate "Whirlpool digest algorithms" 104 select CRYPTO_ALGAPI 105 help 106 Whirlpool hash algorithm 512, 384 and 256-bit hashes 107 108 Whirlpool-512 is part of the NESSIE cryptographic primitives. 109 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 110 111 See also: 112 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> 113 114config CRYPTO_TGR192 115 tristate "Tiger digest algorithms" 116 select CRYPTO_ALGAPI 117 help 118 Tiger hash algorithm 192, 160 and 128-bit hashes 119 120 Tiger is a hash function optimized for 64-bit processors while 121 still having decent performance on 32-bit processors. 122 Tiger was developed by Ross Anderson and Eli Biham. 123 124 See also: 125 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 126 127config CRYPTO_GF128MUL 128 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)" 129 depends on EXPERIMENTAL 130 help 131 Efficient table driven implementation of multiplications in the 132 field GF(2^128). This is needed by some cypher modes. This 133 option will be selected automatically if you select such a 134 cipher mode. Only select this option by hand if you expect to load 135 an external module that requires these functions. 136 137config CRYPTO_ECB 138 tristate "ECB support" 139 select CRYPTO_BLKCIPHER 140 select CRYPTO_MANAGER 141 default m 142 help 143 ECB: Electronic CodeBook mode 144 This is the simplest block cipher algorithm. It simply encrypts 145 the input block by block. 146 147config CRYPTO_CBC 148 tristate "CBC support" 149 select CRYPTO_BLKCIPHER 150 select CRYPTO_MANAGER 151 default m 152 help 153 CBC: Cipher Block Chaining mode 154 This block cipher algorithm is required for IPSec. 155 156config CRYPTO_PCBC 157 tristate "PCBC support" 158 select CRYPTO_BLKCIPHER 159 select CRYPTO_MANAGER 160 default m 161 help 162 PCBC: Propagating Cipher Block Chaining mode 163 This block cipher algorithm is required for RxRPC. 164 165config CRYPTO_LRW 166 tristate "LRW support (EXPERIMENTAL)" 167 depends on EXPERIMENTAL 168 select CRYPTO_BLKCIPHER 169 select CRYPTO_MANAGER 170 select CRYPTO_GF128MUL 171 help 172 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 173 narrow block cipher mode for dm-crypt. Use it with cipher 174 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 175 The first 128, 192 or 256 bits in the key are used for AES and the 176 rest is used to tie each cipher block to its logical position. 177 178config CRYPTO_CRYPTD 179 tristate "Software async crypto daemon" 180 select CRYPTO_ABLKCIPHER 181 select CRYPTO_MANAGER 182 help 183 This is a generic software asynchronous crypto daemon that 184 converts an arbitrary synchronous software crypto algorithm 185 into an asynchronous algorithm that executes in a kernel thread. 186 187config CRYPTO_DES 188 tristate "DES and Triple DES EDE cipher algorithms" 189 select CRYPTO_ALGAPI 190 help 191 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 192 193config CRYPTO_FCRYPT 194 tristate "FCrypt cipher algorithm" 195 select CRYPTO_ALGAPI 196 select CRYPTO_BLKCIPHER 197 help 198 FCrypt algorithm used by RxRPC. 199 200config CRYPTO_BLOWFISH 201 tristate "Blowfish cipher algorithm" 202 select CRYPTO_ALGAPI 203 help 204 Blowfish cipher algorithm, by Bruce Schneier. 205 206 This is a variable key length cipher which can use keys from 32 207 bits to 448 bits in length. It's fast, simple and specifically 208 designed for use on "large microprocessors". 209 210 See also: 211 <http://www.schneier.com/blowfish.html> 212 213config CRYPTO_TWOFISH 214 tristate "Twofish cipher algorithm" 215 select CRYPTO_ALGAPI 216 select CRYPTO_TWOFISH_COMMON 217 help 218 Twofish cipher algorithm. 219 220 Twofish was submitted as an AES (Advanced Encryption Standard) 221 candidate cipher by researchers at CounterPane Systems. It is a 222 16 round block cipher supporting key sizes of 128, 192, and 256 223 bits. 224 225 See also: 226 <http://www.schneier.com/twofish.html> 227 228config CRYPTO_TWOFISH_COMMON 229 tristate 230 help 231 Common parts of the Twofish cipher algorithm shared by the 232 generic c and the assembler implementations. 233 234config CRYPTO_TWOFISH_586 235 tristate "Twofish cipher algorithms (i586)" 236 depends on (X86 || UML_X86) && !64BIT 237 select CRYPTO_ALGAPI 238 select CRYPTO_TWOFISH_COMMON 239 help 240 Twofish cipher algorithm. 241 242 Twofish was submitted as an AES (Advanced Encryption Standard) 243 candidate cipher by researchers at CounterPane Systems. It is a 244 16 round block cipher supporting key sizes of 128, 192, and 256 245 bits. 246 247 See also: 248 <http://www.schneier.com/twofish.html> 249 250config CRYPTO_TWOFISH_X86_64 251 tristate "Twofish cipher algorithm (x86_64)" 252 depends on (X86 || UML_X86) && 64BIT 253 select CRYPTO_ALGAPI 254 select CRYPTO_TWOFISH_COMMON 255 help 256 Twofish cipher algorithm (x86_64). 257 258 Twofish was submitted as an AES (Advanced Encryption Standard) 259 candidate cipher by researchers at CounterPane Systems. It is a 260 16 round block cipher supporting key sizes of 128, 192, and 256 261 bits. 262 263 See also: 264 <http://www.schneier.com/twofish.html> 265 266config CRYPTO_SERPENT 267 tristate "Serpent cipher algorithm" 268 select CRYPTO_ALGAPI 269 help 270 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 271 272 Keys are allowed to be from 0 to 256 bits in length, in steps 273 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 274 variant of Serpent for compatibility with old kerneli.org code. 275 276 See also: 277 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 278 279config CRYPTO_AES 280 tristate "AES cipher algorithms" 281 select CRYPTO_ALGAPI 282 help 283 AES cipher algorithms (FIPS-197). AES uses the Rijndael 284 algorithm. 285 286 Rijndael appears to be consistently a very good performer in 287 both hardware and software across a wide range of computing 288 environments regardless of its use in feedback or non-feedback 289 modes. Its key setup time is excellent, and its key agility is 290 good. Rijndael's very low memory requirements make it very well 291 suited for restricted-space environments, in which it also 292 demonstrates excellent performance. Rijndael's operations are 293 among the easiest to defend against power and timing attacks. 294 295 The AES specifies three key sizes: 128, 192 and 256 bits 296 297 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 298 299config CRYPTO_AES_586 300 tristate "AES cipher algorithms (i586)" 301 depends on (X86 || UML_X86) && !64BIT 302 select CRYPTO_ALGAPI 303 help 304 AES cipher algorithms (FIPS-197). AES uses the Rijndael 305 algorithm. 306 307 Rijndael appears to be consistently a very good performer in 308 both hardware and software across a wide range of computing 309 environments regardless of its use in feedback or non-feedback 310 modes. Its key setup time is excellent, and its key agility is 311 good. Rijndael's very low memory requirements make it very well 312 suited for restricted-space environments, in which it also 313 demonstrates excellent performance. Rijndael's operations are 314 among the easiest to defend against power and timing attacks. 315 316 The AES specifies three key sizes: 128, 192 and 256 bits 317 318 See <http://csrc.nist.gov/encryption/aes/> for more information. 319 320config CRYPTO_AES_X86_64 321 tristate "AES cipher algorithms (x86_64)" 322 depends on (X86 || UML_X86) && 64BIT 323 select CRYPTO_ALGAPI 324 help 325 AES cipher algorithms (FIPS-197). AES uses the Rijndael 326 algorithm. 327 328 Rijndael appears to be consistently a very good performer in 329 both hardware and software across a wide range of computing 330 environments regardless of its use in feedback or non-feedback 331 modes. Its key setup time is excellent, and its key agility is 332 good. Rijndael's very low memory requirements make it very well 333 suited for restricted-space environments, in which it also 334 demonstrates excellent performance. Rijndael's operations are 335 among the easiest to defend against power and timing attacks. 336 337 The AES specifies three key sizes: 128, 192 and 256 bits 338 339 See <http://csrc.nist.gov/encryption/aes/> for more information. 340 341config CRYPTO_CAST5 342 tristate "CAST5 (CAST-128) cipher algorithm" 343 select CRYPTO_ALGAPI 344 help 345 The CAST5 encryption algorithm (synonymous with CAST-128) is 346 described in RFC2144. 347 348config CRYPTO_CAST6 349 tristate "CAST6 (CAST-256) cipher algorithm" 350 select CRYPTO_ALGAPI 351 help 352 The CAST6 encryption algorithm (synonymous with CAST-256) is 353 described in RFC2612. 354 355config CRYPTO_TEA 356 tristate "TEA, XTEA and XETA cipher algorithms" 357 select CRYPTO_ALGAPI 358 help 359 TEA cipher algorithm. 360 361 Tiny Encryption Algorithm is a simple cipher that uses 362 many rounds for security. It is very fast and uses 363 little memory. 364 365 Xtendend Tiny Encryption Algorithm is a modification to 366 the TEA algorithm to address a potential key weakness 367 in the TEA algorithm. 368 369 Xtendend Encryption Tiny Algorithm is a mis-implementation 370 of the XTEA algorithm for compatibility purposes. 371 372config CRYPTO_ARC4 373 tristate "ARC4 cipher algorithm" 374 select CRYPTO_ALGAPI 375 help 376 ARC4 cipher algorithm. 377 378 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 379 bits in length. This algorithm is required for driver-based 380 WEP, but it should not be for other purposes because of the 381 weakness of the algorithm. 382 383config CRYPTO_KHAZAD 384 tristate "Khazad cipher algorithm" 385 select CRYPTO_ALGAPI 386 help 387 Khazad cipher algorithm. 388 389 Khazad was a finalist in the initial NESSIE competition. It is 390 an algorithm optimized for 64-bit processors with good performance 391 on 32-bit processors. Khazad uses an 128 bit key size. 392 393 See also: 394 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> 395 396config CRYPTO_ANUBIS 397 tristate "Anubis cipher algorithm" 398 select CRYPTO_ALGAPI 399 help 400 Anubis cipher algorithm. 401 402 Anubis is a variable key length cipher which can use keys from 403 128 bits to 320 bits in length. It was evaluated as a entrant 404 in the NESSIE competition. 405 406 See also: 407 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> 408 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> 409 410 411config CRYPTO_DEFLATE 412 tristate "Deflate compression algorithm" 413 select CRYPTO_ALGAPI 414 select ZLIB_INFLATE 415 select ZLIB_DEFLATE 416 help 417 This is the Deflate algorithm (RFC1951), specified for use in 418 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 419 420 You will most probably want this if using IPSec. 421 422config CRYPTO_MICHAEL_MIC 423 tristate "Michael MIC keyed digest algorithm" 424 select CRYPTO_ALGAPI 425 help 426 Michael MIC is used for message integrity protection in TKIP 427 (IEEE 802.11i). This algorithm is required for TKIP, but it 428 should not be used for other purposes because of the weakness 429 of the algorithm. 430 431config CRYPTO_CRC32C 432 tristate "CRC32c CRC algorithm" 433 select CRYPTO_ALGAPI 434 select LIBCRC32C 435 help 436 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 437 by iSCSI for header and data digests and by others. 438 See Castagnoli93. This implementation uses lib/libcrc32c. 439 Module will be crc32c. 440 441config CRYPTO_CAMELLIA 442 tristate "Camellia cipher algorithms" 443 depends on CRYPTO 444 select CRYPTO_ALGAPI 445 help 446 Camellia cipher algorithms module. 447 448 Camellia is a symmetric key block cipher developed jointly 449 at NTT and Mitsubishi Electric Corporation. 450 451 The Camellia specifies three key sizes: 128, 192 and 256 bits. 452 453 See also: 454 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 455 456config CRYPTO_TEST 457 tristate "Testing module" 458 depends on m 459 select CRYPTO_ALGAPI 460 help 461 Quick & dirty crypto test module. 462 463source "drivers/crypto/Kconfig" 464 465endif # if CRYPTO 466 467endmenu 468