xref: /linux/crypto/Kconfig (revision 606d099cdd1080bbb50ea50dc52d98252f8f10a1) 
1#
2# Cryptographic API Configuration
3#
4
5menu "Cryptographic options"
6
7config CRYPTO
8	bool "Cryptographic API"
9	help
10	  This option provides the core Cryptographic API.
11
12if CRYPTO
13
14config CRYPTO_ALGAPI
15	tristate
16	help
17	  This option provides the API for cryptographic algorithms.
18
19config CRYPTO_BLKCIPHER
20	tristate
21	select CRYPTO_ALGAPI
22
23config CRYPTO_HASH
24	tristate
25	select CRYPTO_ALGAPI
26
27config CRYPTO_MANAGER
28	tristate "Cryptographic algorithm manager"
29	select CRYPTO_ALGAPI
30	help
31	  Create default cryptographic template instantiations such as
32	  cbc(aes).
33
34config CRYPTO_HMAC
35	tristate "HMAC support"
36	select CRYPTO_HASH
37	select CRYPTO_MANAGER
38	help
39	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
40	  This is required for IPSec.
41
42config CRYPTO_XCBC
43	tristate "XCBC support"
44	depends on EXPERIMENTAL
45	select CRYPTO_HASH
46	select CRYPTO_MANAGER
47	help
48	  XCBC: Keyed-Hashing with encryption algorithm
49		http://www.ietf.org/rfc/rfc3566.txt
50		http://csrc.nist.gov/encryption/modes/proposedmodes/
51		 xcbc-mac/xcbc-mac-spec.pdf
52
53config CRYPTO_NULL
54	tristate "Null algorithms"
55	select CRYPTO_ALGAPI
56	help
57	  These are 'Null' algorithms, used by IPsec, which do nothing.
58
59config CRYPTO_MD4
60	tristate "MD4 digest algorithm"
61	select CRYPTO_ALGAPI
62	help
63	  MD4 message digest algorithm (RFC1320).
64
65config CRYPTO_MD5
66	tristate "MD5 digest algorithm"
67	select CRYPTO_ALGAPI
68	help
69	  MD5 message digest algorithm (RFC1321).
70
71config CRYPTO_SHA1
72	tristate "SHA1 digest algorithm"
73	select CRYPTO_ALGAPI
74	help
75	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
76
77config CRYPTO_SHA1_S390
78	tristate "SHA1 digest algorithm (s390)"
79	depends on S390
80	select CRYPTO_ALGAPI
81	help
82	  This is the s390 hardware accelerated implementation of the
83	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
84
85config CRYPTO_SHA256
86	tristate "SHA256 digest algorithm"
87	select CRYPTO_ALGAPI
88	help
89	  SHA256 secure hash standard (DFIPS 180-2).
90
91	  This version of SHA implements a 256 bit hash with 128 bits of
92	  security against collision attacks.
93
94config CRYPTO_SHA256_S390
95	tristate "SHA256 digest algorithm (s390)"
96	depends on S390
97	select CRYPTO_ALGAPI
98	help
99	  This is the s390 hardware accelerated implementation of the
100	  SHA256 secure hash standard (DFIPS 180-2).
101
102	  This version of SHA implements a 256 bit hash with 128 bits of
103	  security against collision attacks.
104
105config CRYPTO_SHA512
106	tristate "SHA384 and SHA512 digest algorithms"
107	select CRYPTO_ALGAPI
108	help
109	  SHA512 secure hash standard (DFIPS 180-2).
110
111	  This version of SHA implements a 512 bit hash with 256 bits of
112	  security against collision attacks.
113
114	  This code also includes SHA-384, a 384 bit hash with 192 bits
115	  of security against collision attacks.
116
117config CRYPTO_WP512
118	tristate "Whirlpool digest algorithms"
119	select CRYPTO_ALGAPI
120	help
121	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
122
123	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
124	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
125
126	  See also:
127	  <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
128
129config CRYPTO_TGR192
130	tristate "Tiger digest algorithms"
131	select CRYPTO_ALGAPI
132	help
133	  Tiger hash algorithm 192, 160 and 128-bit hashes
134
135	  Tiger is a hash function optimized for 64-bit processors while
136	  still having decent performance on 32-bit processors.
137	  Tiger was developed by Ross Anderson and Eli Biham.
138
139	  See also:
140	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
141
142config CRYPTO_GF128MUL
143	tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
144	depends on EXPERIMENTAL
145	help
146	  Efficient table driven implementation of multiplications in the
147	  field GF(2^128).  This is needed by some cypher modes. This
148	  option will be selected automatically if you select such a
149	  cipher mode.  Only select this option by hand if you expect to load
150	  an external module that requires these functions.
151
152config CRYPTO_ECB
153	tristate "ECB support"
154	select CRYPTO_BLKCIPHER
155	select CRYPTO_MANAGER
156	default m
157	help
158	  ECB: Electronic CodeBook mode
159	  This is the simplest block cipher algorithm.  It simply encrypts
160	  the input block by block.
161
162config CRYPTO_CBC
163	tristate "CBC support"
164	select CRYPTO_BLKCIPHER
165	select CRYPTO_MANAGER
166	default m
167	help
168	  CBC: Cipher Block Chaining mode
169	  This block cipher algorithm is required for IPSec.
170
171config CRYPTO_LRW
172	tristate "LRW support (EXPERIMENTAL)"
173	depends on EXPERIMENTAL
174	select CRYPTO_BLKCIPHER
175	select CRYPTO_MANAGER
176	select CRYPTO_GF128MUL
177	help
178	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
179	  narrow block cipher mode for dm-crypt.  Use it with cipher
180	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
181	  The first 128, 192 or 256 bits in the key are used for AES and the
182	  rest is used to tie each cipher block to its logical position.
183
184config CRYPTO_DES
185	tristate "DES and Triple DES EDE cipher algorithms"
186	select CRYPTO_ALGAPI
187	help
188	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
189
190config CRYPTO_DES_S390
191	tristate "DES and Triple DES cipher algorithms (s390)"
192	depends on S390
193	select CRYPTO_ALGAPI
194	select CRYPTO_BLKCIPHER
195	help
196	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
197
198config CRYPTO_BLOWFISH
199	tristate "Blowfish cipher algorithm"
200	select CRYPTO_ALGAPI
201	help
202	  Blowfish cipher algorithm, by Bruce Schneier.
203
204	  This is a variable key length cipher which can use keys from 32
205	  bits to 448 bits in length.  It's fast, simple and specifically
206	  designed for use on "large microprocessors".
207
208	  See also:
209	  <http://www.schneier.com/blowfish.html>
210
211config CRYPTO_TWOFISH
212	tristate "Twofish cipher algorithm"
213	select CRYPTO_ALGAPI
214	select CRYPTO_TWOFISH_COMMON
215	help
216	  Twofish cipher algorithm.
217
218	  Twofish was submitted as an AES (Advanced Encryption Standard)
219	  candidate cipher by researchers at CounterPane Systems.  It is a
220	  16 round block cipher supporting key sizes of 128, 192, and 256
221	  bits.
222
223	  See also:
224	  <http://www.schneier.com/twofish.html>
225
226config CRYPTO_TWOFISH_COMMON
227	tristate
228	help
229	  Common parts of the Twofish cipher algorithm shared by the
230	  generic c and the assembler implementations.
231
232config CRYPTO_TWOFISH_586
233	tristate "Twofish cipher algorithms (i586)"
234	depends on (X86 || UML_X86) && !64BIT
235	select CRYPTO_ALGAPI
236	select CRYPTO_TWOFISH_COMMON
237	help
238	  Twofish cipher algorithm.
239
240	  Twofish was submitted as an AES (Advanced Encryption Standard)
241	  candidate cipher by researchers at CounterPane Systems.  It is a
242	  16 round block cipher supporting key sizes of 128, 192, and 256
243	  bits.
244
245	  See also:
246	  <http://www.schneier.com/twofish.html>
247
248config CRYPTO_TWOFISH_X86_64
249	tristate "Twofish cipher algorithm (x86_64)"
250	depends on (X86 || UML_X86) && 64BIT
251	select CRYPTO_ALGAPI
252	select CRYPTO_TWOFISH_COMMON
253	help
254	  Twofish cipher algorithm (x86_64).
255
256	  Twofish was submitted as an AES (Advanced Encryption Standard)
257	  candidate cipher by researchers at CounterPane Systems.  It is a
258	  16 round block cipher supporting key sizes of 128, 192, and 256
259	  bits.
260
261	  See also:
262	  <http://www.schneier.com/twofish.html>
263
264config CRYPTO_SERPENT
265	tristate "Serpent cipher algorithm"
266	select CRYPTO_ALGAPI
267	help
268	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
269
270	  Keys are allowed to be from 0 to 256 bits in length, in steps
271	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
272	  variant of Serpent for compatibility with old kerneli code.
273
274	  See also:
275	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
276
277config CRYPTO_AES
278	tristate "AES cipher algorithms"
279	select CRYPTO_ALGAPI
280	help
281	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
282	  algorithm.
283
284	  Rijndael appears to be consistently a very good performer in
285	  both hardware and software across a wide range of computing
286	  environments regardless of its use in feedback or non-feedback
287	  modes. Its key setup time is excellent, and its key agility is
288	  good. Rijndael's very low memory requirements make it very well
289	  suited for restricted-space environments, in which it also
290	  demonstrates excellent performance. Rijndael's operations are
291	  among the easiest to defend against power and timing attacks.
292
293	  The AES specifies three key sizes: 128, 192 and 256 bits
294
295	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
296
297config CRYPTO_AES_586
298	tristate "AES cipher algorithms (i586)"
299	depends on (X86 || UML_X86) && !64BIT
300	select CRYPTO_ALGAPI
301	help
302	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
303	  algorithm.
304
305	  Rijndael appears to be consistently a very good performer in
306	  both hardware and software across a wide range of computing
307	  environments regardless of its use in feedback or non-feedback
308	  modes. Its key setup time is excellent, and its key agility is
309	  good. Rijndael's very low memory requirements make it very well
310	  suited for restricted-space environments, in which it also
311	  demonstrates excellent performance. Rijndael's operations are
312	  among the easiest to defend against power and timing attacks.
313
314	  The AES specifies three key sizes: 128, 192 and 256 bits
315
316	  See <http://csrc.nist.gov/encryption/aes/> for more information.
317
318config CRYPTO_AES_X86_64
319	tristate "AES cipher algorithms (x86_64)"
320	depends on (X86 || UML_X86) && 64BIT
321	select CRYPTO_ALGAPI
322	help
323	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
324	  algorithm.
325
326	  Rijndael appears to be consistently a very good performer in
327	  both hardware and software across a wide range of computing
328	  environments regardless of its use in feedback or non-feedback
329	  modes. Its key setup time is excellent, and its key agility is
330	  good. Rijndael's very low memory requirements make it very well
331	  suited for restricted-space environments, in which it also
332	  demonstrates excellent performance. Rijndael's operations are
333	  among the easiest to defend against power and timing attacks.
334
335	  The AES specifies three key sizes: 128, 192 and 256 bits
336
337	  See <http://csrc.nist.gov/encryption/aes/> for more information.
338
339config CRYPTO_AES_S390
340	tristate "AES cipher algorithms (s390)"
341	depends on S390
342	select CRYPTO_ALGAPI
343	select CRYPTO_BLKCIPHER
344	help
345	  This is the s390 hardware accelerated implementation of the
346	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
347	  algorithm.
348
349	  Rijndael appears to be consistently a very good performer in
350	  both hardware and software across a wide range of computing
351	  environments regardless of its use in feedback or non-feedback
352	  modes. Its key setup time is excellent, and its key agility is
353	  good. Rijndael's very low memory requirements make it very well
354	  suited for restricted-space environments, in which it also
355	  demonstrates excellent performance. Rijndael's operations are
356	  among the easiest to defend against power and timing attacks.
357
358	  On s390 the System z9-109 currently only supports the key size
359	  of 128 bit.
360
361config CRYPTO_CAST5
362	tristate "CAST5 (CAST-128) cipher algorithm"
363	select CRYPTO_ALGAPI
364	help
365	  The CAST5 encryption algorithm (synonymous with CAST-128) is
366	  described in RFC2144.
367
368config CRYPTO_CAST6
369	tristate "CAST6 (CAST-256) cipher algorithm"
370	select CRYPTO_ALGAPI
371	help
372	  The CAST6 encryption algorithm (synonymous with CAST-256) is
373	  described in RFC2612.
374
375config CRYPTO_TEA
376	tristate "TEA, XTEA and XETA cipher algorithms"
377	select CRYPTO_ALGAPI
378	help
379	  TEA cipher algorithm.
380
381	  Tiny Encryption Algorithm is a simple cipher that uses
382	  many rounds for security.  It is very fast and uses
383	  little memory.
384
385	  Xtendend Tiny Encryption Algorithm is a modification to
386	  the TEA algorithm to address a potential key weakness
387	  in the TEA algorithm.
388
389	  Xtendend Encryption Tiny Algorithm is a mis-implementation
390	  of the XTEA algorithm for compatibility purposes.
391
392config CRYPTO_ARC4
393	tristate "ARC4 cipher algorithm"
394	select CRYPTO_ALGAPI
395	help
396	  ARC4 cipher algorithm.
397
398	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
399	  bits in length.  This algorithm is required for driver-based
400	  WEP, but it should not be for other purposes because of the
401	  weakness of the algorithm.
402
403config CRYPTO_KHAZAD
404	tristate "Khazad cipher algorithm"
405	select CRYPTO_ALGAPI
406	help
407	  Khazad cipher algorithm.
408
409	  Khazad was a finalist in the initial NESSIE competition.  It is
410	  an algorithm optimized for 64-bit processors with good performance
411	  on 32-bit processors.  Khazad uses an 128 bit key size.
412
413	  See also:
414	  <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
415
416config CRYPTO_ANUBIS
417	tristate "Anubis cipher algorithm"
418	select CRYPTO_ALGAPI
419	help
420	  Anubis cipher algorithm.
421
422	  Anubis is a variable key length cipher which can use keys from
423	  128 bits to 320 bits in length.  It was evaluated as a entrant
424	  in the NESSIE competition.
425
426	  See also:
427	  <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
428	  <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
429
430
431config CRYPTO_DEFLATE
432	tristate "Deflate compression algorithm"
433	select CRYPTO_ALGAPI
434	select ZLIB_INFLATE
435	select ZLIB_DEFLATE
436	help
437	  This is the Deflate algorithm (RFC1951), specified for use in
438	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
439
440	  You will most probably want this if using IPSec.
441
442config CRYPTO_MICHAEL_MIC
443	tristate "Michael MIC keyed digest algorithm"
444	select CRYPTO_ALGAPI
445	help
446	  Michael MIC is used for message integrity protection in TKIP
447	  (IEEE 802.11i). This algorithm is required for TKIP, but it
448	  should not be used for other purposes because of the weakness
449	  of the algorithm.
450
451config CRYPTO_CRC32C
452	tristate "CRC32c CRC algorithm"
453	select CRYPTO_ALGAPI
454	select LIBCRC32C
455	help
456	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
457	  by iSCSI for header and data digests and by others.
458	  See Castagnoli93.  This implementation uses lib/libcrc32c.
459          Module will be crc32c.
460
461config CRYPTO_TEST
462	tristate "Testing module"
463	depends on m
464	select CRYPTO_ALGAPI
465	help
466	  Quick & dirty crypto test module.
467
468source "drivers/crypto/Kconfig"
469
470endif	# if CRYPTO
471
472endmenu
473