xref: /linux/crypto/Kconfig (revision a1e58bbdc969c3fe60addca7f2729779d22a83c1) 
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	bool "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22config CRYPTO_ALGAPI
23	tristate
24	help
25	  This option provides the API for cryptographic algorithms.
26
27config CRYPTO_AEAD
28	tristate
29	select CRYPTO_ALGAPI
30
31config CRYPTO_BLKCIPHER
32	tristate
33	select CRYPTO_ALGAPI
34
35config CRYPTO_SEQIV
36	tristate "Sequence Number IV Generator"
37	select CRYPTO_AEAD
38	select CRYPTO_BLKCIPHER
39	help
40	  This IV generator generates an IV based on a sequence number by
41	  xoring it with a salt.  This algorithm is mainly useful for CTR
42	  and similar modes.
43
44config CRYPTO_HASH
45	tristate
46	select CRYPTO_ALGAPI
47
48config CRYPTO_MANAGER
49	tristate "Cryptographic algorithm manager"
50	select CRYPTO_ALGAPI
51	help
52	  Create default cryptographic template instantiations such as
53	  cbc(aes).
54
55config CRYPTO_HMAC
56	tristate "HMAC support"
57	select CRYPTO_HASH
58	select CRYPTO_MANAGER
59	help
60	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
61	  This is required for IPSec.
62
63config CRYPTO_XCBC
64	tristate "XCBC support"
65	depends on EXPERIMENTAL
66	select CRYPTO_HASH
67	select CRYPTO_MANAGER
68	help
69	  XCBC: Keyed-Hashing with encryption algorithm
70		http://www.ietf.org/rfc/rfc3566.txt
71		http://csrc.nist.gov/encryption/modes/proposedmodes/
72		 xcbc-mac/xcbc-mac-spec.pdf
73
74config CRYPTO_NULL
75	tristate "Null algorithms"
76	select CRYPTO_ALGAPI
77	select CRYPTO_BLKCIPHER
78	help
79	  These are 'Null' algorithms, used by IPsec, which do nothing.
80
81config CRYPTO_MD4
82	tristate "MD4 digest algorithm"
83	select CRYPTO_ALGAPI
84	help
85	  MD4 message digest algorithm (RFC1320).
86
87config CRYPTO_MD5
88	tristate "MD5 digest algorithm"
89	select CRYPTO_ALGAPI
90	help
91	  MD5 message digest algorithm (RFC1321).
92
93config CRYPTO_SHA1
94	tristate "SHA1 digest algorithm"
95	select CRYPTO_ALGAPI
96	help
97	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
98
99config CRYPTO_SHA256
100	tristate "SHA224 and SHA256 digest algorithm"
101	select CRYPTO_ALGAPI
102	help
103	  SHA256 secure hash standard (DFIPS 180-2).
104
105	  This version of SHA implements a 256 bit hash with 128 bits of
106	  security against collision attacks.
107
108          This code also includes SHA-224, a 224 bit hash with 112 bits
109          of security against collision attacks.
110
111config CRYPTO_SHA512
112	tristate "SHA384 and SHA512 digest algorithms"
113	select CRYPTO_ALGAPI
114	help
115	  SHA512 secure hash standard (DFIPS 180-2).
116
117	  This version of SHA implements a 512 bit hash with 256 bits of
118	  security against collision attacks.
119
120	  This code also includes SHA-384, a 384 bit hash with 192 bits
121	  of security against collision attacks.
122
123config CRYPTO_WP512
124	tristate "Whirlpool digest algorithms"
125	select CRYPTO_ALGAPI
126	help
127	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
128
129	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
130	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
131
132	  See also:
133	  <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
134
135config CRYPTO_TGR192
136	tristate "Tiger digest algorithms"
137	select CRYPTO_ALGAPI
138	help
139	  Tiger hash algorithm 192, 160 and 128-bit hashes
140
141	  Tiger is a hash function optimized for 64-bit processors while
142	  still having decent performance on 32-bit processors.
143	  Tiger was developed by Ross Anderson and Eli Biham.
144
145	  See also:
146	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
147
148config CRYPTO_GF128MUL
149	tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
150	depends on EXPERIMENTAL
151	help
152	  Efficient table driven implementation of multiplications in the
153	  field GF(2^128).  This is needed by some cypher modes. This
154	  option will be selected automatically if you select such a
155	  cipher mode.  Only select this option by hand if you expect to load
156	  an external module that requires these functions.
157
158config CRYPTO_ECB
159	tristate "ECB support"
160	select CRYPTO_BLKCIPHER
161	select CRYPTO_MANAGER
162	help
163	  ECB: Electronic CodeBook mode
164	  This is the simplest block cipher algorithm.  It simply encrypts
165	  the input block by block.
166
167config CRYPTO_CBC
168	tristate "CBC support"
169	select CRYPTO_BLKCIPHER
170	select CRYPTO_MANAGER
171	help
172	  CBC: Cipher Block Chaining mode
173	  This block cipher algorithm is required for IPSec.
174
175config CRYPTO_PCBC
176	tristate "PCBC support"
177	select CRYPTO_BLKCIPHER
178	select CRYPTO_MANAGER
179	help
180	  PCBC: Propagating Cipher Block Chaining mode
181	  This block cipher algorithm is required for RxRPC.
182
183config CRYPTO_LRW
184	tristate "LRW support (EXPERIMENTAL)"
185	depends on EXPERIMENTAL
186	select CRYPTO_BLKCIPHER
187	select CRYPTO_MANAGER
188	select CRYPTO_GF128MUL
189	help
190	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
191	  narrow block cipher mode for dm-crypt.  Use it with cipher
192	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
193	  The first 128, 192 or 256 bits in the key are used for AES and the
194	  rest is used to tie each cipher block to its logical position.
195
196config CRYPTO_XTS
197	tristate "XTS support (EXPERIMENTAL)"
198	depends on EXPERIMENTAL
199	select CRYPTO_BLKCIPHER
200	select CRYPTO_MANAGER
201	select CRYPTO_GF128MUL
202	help
203	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
204	  key size 256, 384 or 512 bits. This implementation currently
205	  can't handle a sectorsize which is not a multiple of 16 bytes.
206
207config CRYPTO_CTR
208	tristate "CTR support"
209	select CRYPTO_BLKCIPHER
210	select CRYPTO_SEQIV
211	select CRYPTO_MANAGER
212	help
213	  CTR: Counter mode
214	  This block cipher algorithm is required for IPSec.
215
216config CRYPTO_GCM
217	tristate "GCM/GMAC support"
218	select CRYPTO_CTR
219	select CRYPTO_AEAD
220	select CRYPTO_GF128MUL
221	help
222	  Support for Galois/Counter Mode (GCM) and Galois Message
223	  Authentication Code (GMAC). Required for IPSec.
224
225config CRYPTO_CCM
226	tristate "CCM support"
227	select CRYPTO_CTR
228	select CRYPTO_AEAD
229	help
230	  Support for Counter with CBC MAC. Required for IPsec.
231
232config CRYPTO_CRYPTD
233	tristate "Software async crypto daemon"
234	select CRYPTO_BLKCIPHER
235	select CRYPTO_MANAGER
236	help
237	  This is a generic software asynchronous crypto daemon that
238	  converts an arbitrary synchronous software crypto algorithm
239	  into an asynchronous algorithm that executes in a kernel thread.
240
241config CRYPTO_DES
242	tristate "DES and Triple DES EDE cipher algorithms"
243	select CRYPTO_ALGAPI
244	help
245	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
246
247config CRYPTO_FCRYPT
248	tristate "FCrypt cipher algorithm"
249	select CRYPTO_ALGAPI
250	select CRYPTO_BLKCIPHER
251	help
252	  FCrypt algorithm used by RxRPC.
253
254config CRYPTO_BLOWFISH
255	tristate "Blowfish cipher algorithm"
256	select CRYPTO_ALGAPI
257	help
258	  Blowfish cipher algorithm, by Bruce Schneier.
259
260	  This is a variable key length cipher which can use keys from 32
261	  bits to 448 bits in length.  It's fast, simple and specifically
262	  designed for use on "large microprocessors".
263
264	  See also:
265	  <http://www.schneier.com/blowfish.html>
266
267config CRYPTO_TWOFISH
268	tristate "Twofish cipher algorithm"
269	select CRYPTO_ALGAPI
270	select CRYPTO_TWOFISH_COMMON
271	help
272	  Twofish cipher algorithm.
273
274	  Twofish was submitted as an AES (Advanced Encryption Standard)
275	  candidate cipher by researchers at CounterPane Systems.  It is a
276	  16 round block cipher supporting key sizes of 128, 192, and 256
277	  bits.
278
279	  See also:
280	  <http://www.schneier.com/twofish.html>
281
282config CRYPTO_TWOFISH_COMMON
283	tristate
284	help
285	  Common parts of the Twofish cipher algorithm shared by the
286	  generic c and the assembler implementations.
287
288config CRYPTO_TWOFISH_586
289	tristate "Twofish cipher algorithms (i586)"
290	depends on (X86 || UML_X86) && !64BIT
291	select CRYPTO_ALGAPI
292	select CRYPTO_TWOFISH_COMMON
293	help
294	  Twofish cipher algorithm.
295
296	  Twofish was submitted as an AES (Advanced Encryption Standard)
297	  candidate cipher by researchers at CounterPane Systems.  It is a
298	  16 round block cipher supporting key sizes of 128, 192, and 256
299	  bits.
300
301	  See also:
302	  <http://www.schneier.com/twofish.html>
303
304config CRYPTO_TWOFISH_X86_64
305	tristate "Twofish cipher algorithm (x86_64)"
306	depends on (X86 || UML_X86) && 64BIT
307	select CRYPTO_ALGAPI
308	select CRYPTO_TWOFISH_COMMON
309	help
310	  Twofish cipher algorithm (x86_64).
311
312	  Twofish was submitted as an AES (Advanced Encryption Standard)
313	  candidate cipher by researchers at CounterPane Systems.  It is a
314	  16 round block cipher supporting key sizes of 128, 192, and 256
315	  bits.
316
317	  See also:
318	  <http://www.schneier.com/twofish.html>
319
320config CRYPTO_SERPENT
321	tristate "Serpent cipher algorithm"
322	select CRYPTO_ALGAPI
323	help
324	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
325
326	  Keys are allowed to be from 0 to 256 bits in length, in steps
327	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
328	  variant of Serpent for compatibility with old kerneli.org code.
329
330	  See also:
331	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
332
333config CRYPTO_AES
334	tristate "AES cipher algorithms"
335	select CRYPTO_ALGAPI
336	help
337	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
338	  algorithm.
339
340	  Rijndael appears to be consistently a very good performer in
341	  both hardware and software across a wide range of computing
342	  environments regardless of its use in feedback or non-feedback
343	  modes. Its key setup time is excellent, and its key agility is
344	  good. Rijndael's very low memory requirements make it very well
345	  suited for restricted-space environments, in which it also
346	  demonstrates excellent performance. Rijndael's operations are
347	  among the easiest to defend against power and timing attacks.
348
349	  The AES specifies three key sizes: 128, 192 and 256 bits
350
351	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
352
353config CRYPTO_AES_586
354	tristate "AES cipher algorithms (i586)"
355	depends on (X86 || UML_X86) && !64BIT
356	select CRYPTO_ALGAPI
357	select CRYPTO_AES
358	help
359	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
360	  algorithm.
361
362	  Rijndael appears to be consistently a very good performer in
363	  both hardware and software across a wide range of computing
364	  environments regardless of its use in feedback or non-feedback
365	  modes. Its key setup time is excellent, and its key agility is
366	  good. Rijndael's very low memory requirements make it very well
367	  suited for restricted-space environments, in which it also
368	  demonstrates excellent performance. Rijndael's operations are
369	  among the easiest to defend against power and timing attacks.
370
371	  The AES specifies three key sizes: 128, 192 and 256 bits
372
373	  See <http://csrc.nist.gov/encryption/aes/> for more information.
374
375config CRYPTO_AES_X86_64
376	tristate "AES cipher algorithms (x86_64)"
377	depends on (X86 || UML_X86) && 64BIT
378	select CRYPTO_ALGAPI
379	select CRYPTO_AES
380	help
381	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
382	  algorithm.
383
384	  Rijndael appears to be consistently a very good performer in
385	  both hardware and software across a wide range of computing
386	  environments regardless of its use in feedback or non-feedback
387	  modes. Its key setup time is excellent, and its key agility is
388	  good. Rijndael's very low memory requirements make it very well
389	  suited for restricted-space environments, in which it also
390	  demonstrates excellent performance. Rijndael's operations are
391	  among the easiest to defend against power and timing attacks.
392
393	  The AES specifies three key sizes: 128, 192 and 256 bits
394
395	  See <http://csrc.nist.gov/encryption/aes/> for more information.
396
397config CRYPTO_CAST5
398	tristate "CAST5 (CAST-128) cipher algorithm"
399	select CRYPTO_ALGAPI
400	help
401	  The CAST5 encryption algorithm (synonymous with CAST-128) is
402	  described in RFC2144.
403
404config CRYPTO_CAST6
405	tristate "CAST6 (CAST-256) cipher algorithm"
406	select CRYPTO_ALGAPI
407	help
408	  The CAST6 encryption algorithm (synonymous with CAST-256) is
409	  described in RFC2612.
410
411config CRYPTO_TEA
412	tristate "TEA, XTEA and XETA cipher algorithms"
413	select CRYPTO_ALGAPI
414	help
415	  TEA cipher algorithm.
416
417	  Tiny Encryption Algorithm is a simple cipher that uses
418	  many rounds for security.  It is very fast and uses
419	  little memory.
420
421	  Xtendend Tiny Encryption Algorithm is a modification to
422	  the TEA algorithm to address a potential key weakness
423	  in the TEA algorithm.
424
425	  Xtendend Encryption Tiny Algorithm is a mis-implementation
426	  of the XTEA algorithm for compatibility purposes.
427
428config CRYPTO_ARC4
429	tristate "ARC4 cipher algorithm"
430	select CRYPTO_ALGAPI
431	help
432	  ARC4 cipher algorithm.
433
434	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
435	  bits in length.  This algorithm is required for driver-based
436	  WEP, but it should not be for other purposes because of the
437	  weakness of the algorithm.
438
439config CRYPTO_KHAZAD
440	tristate "Khazad cipher algorithm"
441	select CRYPTO_ALGAPI
442	help
443	  Khazad cipher algorithm.
444
445	  Khazad was a finalist in the initial NESSIE competition.  It is
446	  an algorithm optimized for 64-bit processors with good performance
447	  on 32-bit processors.  Khazad uses an 128 bit key size.
448
449	  See also:
450	  <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
451
452config CRYPTO_ANUBIS
453	tristate "Anubis cipher algorithm"
454	select CRYPTO_ALGAPI
455	help
456	  Anubis cipher algorithm.
457
458	  Anubis is a variable key length cipher which can use keys from
459	  128 bits to 320 bits in length.  It was evaluated as a entrant
460	  in the NESSIE competition.
461
462	  See also:
463	  <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
464	  <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
465
466config CRYPTO_SEED
467	tristate "SEED cipher algorithm"
468	select CRYPTO_ALGAPI
469	help
470	  SEED cipher algorithm (RFC4269).
471
472	  SEED is a 128-bit symmetric key block cipher that has been
473	  developed by KISA (Korea Information Security Agency) as a
474	  national standard encryption algorithm of the Republic of Korea.
475	  It is a 16 round block cipher with the key size of 128 bit.
476
477	  See also:
478	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
479
480config CRYPTO_SALSA20
481	tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
482	depends on EXPERIMENTAL
483	select CRYPTO_BLKCIPHER
484	help
485	  Salsa20 stream cipher algorithm.
486
487	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
488	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
489
490	  The Salsa20 stream cipher algorithm is designed by Daniel J.
491	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
492
493config CRYPTO_SALSA20_586
494	tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
495	depends on (X86 || UML_X86) && !64BIT
496	depends on EXPERIMENTAL
497	select CRYPTO_BLKCIPHER
498	help
499	  Salsa20 stream cipher algorithm.
500
501	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
502	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
503
504	  The Salsa20 stream cipher algorithm is designed by Daniel J.
505	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
506
507config CRYPTO_SALSA20_X86_64
508	tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
509	depends on (X86 || UML_X86) && 64BIT
510	depends on EXPERIMENTAL
511	select CRYPTO_BLKCIPHER
512	help
513	  Salsa20 stream cipher algorithm.
514
515	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
516	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
517
518	  The Salsa20 stream cipher algorithm is designed by Daniel J.
519	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
520
521config CRYPTO_DEFLATE
522	tristate "Deflate compression algorithm"
523	select CRYPTO_ALGAPI
524	select ZLIB_INFLATE
525	select ZLIB_DEFLATE
526	help
527	  This is the Deflate algorithm (RFC1951), specified for use in
528	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
529
530	  You will most probably want this if using IPSec.
531
532config CRYPTO_MICHAEL_MIC
533	tristate "Michael MIC keyed digest algorithm"
534	select CRYPTO_ALGAPI
535	help
536	  Michael MIC is used for message integrity protection in TKIP
537	  (IEEE 802.11i). This algorithm is required for TKIP, but it
538	  should not be used for other purposes because of the weakness
539	  of the algorithm.
540
541config CRYPTO_CRC32C
542	tristate "CRC32c CRC algorithm"
543	select CRYPTO_ALGAPI
544	select LIBCRC32C
545	help
546	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
547	  by iSCSI for header and data digests and by others.
548	  See Castagnoli93.  This implementation uses lib/libcrc32c.
549          Module will be crc32c.
550
551config CRYPTO_CAMELLIA
552	tristate "Camellia cipher algorithms"
553	depends on CRYPTO
554	select CRYPTO_ALGAPI
555	help
556	  Camellia cipher algorithms module.
557
558	  Camellia is a symmetric key block cipher developed jointly
559	  at NTT and Mitsubishi Electric Corporation.
560
561	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
562
563	  See also:
564	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
565
566config CRYPTO_TEST
567	tristate "Testing module"
568	depends on m
569	select CRYPTO_ALGAPI
570	select CRYPTO_AEAD
571	select CRYPTO_BLKCIPHER
572	help
573	  Quick & dirty crypto test module.
574
575config CRYPTO_AUTHENC
576	tristate "Authenc support"
577	select CRYPTO_AEAD
578	select CRYPTO_BLKCIPHER
579	select CRYPTO_MANAGER
580	select CRYPTO_HASH
581	help
582	  Authenc: Combined mode wrapper for IPsec.
583	  This is required for IPSec.
584
585config CRYPTO_LZO
586	tristate "LZO compression algorithm"
587	select CRYPTO_ALGAPI
588	select LZO_COMPRESS
589	select LZO_DECOMPRESS
590	help
591	  This is the LZO algorithm.
592
593source "drivers/crypto/Kconfig"
594
595endif	# if CRYPTO
596