xref: /linux/crypto/Kconfig (revision b454cc6636d254fbf6049b73e9560aee76fb04a3) 
1#
2# Cryptographic API Configuration
3#
4
5menu "Cryptographic options"
6
7config CRYPTO
8	bool "Cryptographic API"
9	help
10	  This option provides the core Cryptographic API.
11
12if CRYPTO
13
14config CRYPTO_ALGAPI
15	tristate
16	help
17	  This option provides the API for cryptographic algorithms.
18
19config CRYPTO_BLKCIPHER
20	tristate
21	select CRYPTO_ALGAPI
22
23config CRYPTO_HASH
24	tristate
25	select CRYPTO_ALGAPI
26
27config CRYPTO_MANAGER
28	tristate "Cryptographic algorithm manager"
29	select CRYPTO_ALGAPI
30	help
31	  Create default cryptographic template instantiations such as
32	  cbc(aes).
33
34config CRYPTO_HMAC
35	tristate "HMAC support"
36	select CRYPTO_HASH
37	select CRYPTO_MANAGER
38	help
39	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
40	  This is required for IPSec.
41
42config CRYPTO_XCBC
43	tristate "XCBC support"
44	depends on EXPERIMENTAL
45	select CRYPTO_HASH
46	select CRYPTO_MANAGER
47	help
48	  XCBC: Keyed-Hashing with encryption algorithm
49		http://www.ietf.org/rfc/rfc3566.txt
50		http://csrc.nist.gov/encryption/modes/proposedmodes/
51		 xcbc-mac/xcbc-mac-spec.pdf
52
53config CRYPTO_NULL
54	tristate "Null algorithms"
55	select CRYPTO_ALGAPI
56	help
57	  These are 'Null' algorithms, used by IPsec, which do nothing.
58
59config CRYPTO_MD4
60	tristate "MD4 digest algorithm"
61	select CRYPTO_ALGAPI
62	help
63	  MD4 message digest algorithm (RFC1320).
64
65config CRYPTO_MD5
66	tristate "MD5 digest algorithm"
67	select CRYPTO_ALGAPI
68	help
69	  MD5 message digest algorithm (RFC1321).
70
71config CRYPTO_SHA1
72	tristate "SHA1 digest algorithm"
73	select CRYPTO_ALGAPI
74	help
75	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
76
77config CRYPTO_SHA256
78	tristate "SHA256 digest algorithm"
79	select CRYPTO_ALGAPI
80	help
81	  SHA256 secure hash standard (DFIPS 180-2).
82
83	  This version of SHA implements a 256 bit hash with 128 bits of
84	  security against collision attacks.
85
86config CRYPTO_SHA512
87	tristate "SHA384 and SHA512 digest algorithms"
88	select CRYPTO_ALGAPI
89	help
90	  SHA512 secure hash standard (DFIPS 180-2).
91
92	  This version of SHA implements a 512 bit hash with 256 bits of
93	  security against collision attacks.
94
95	  This code also includes SHA-384, a 384 bit hash with 192 bits
96	  of security against collision attacks.
97
98config CRYPTO_WP512
99	tristate "Whirlpool digest algorithms"
100	select CRYPTO_ALGAPI
101	help
102	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
103
104	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
105	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
106
107	  See also:
108	  <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
109
110config CRYPTO_TGR192
111	tristate "Tiger digest algorithms"
112	select CRYPTO_ALGAPI
113	help
114	  Tiger hash algorithm 192, 160 and 128-bit hashes
115
116	  Tiger is a hash function optimized for 64-bit processors while
117	  still having decent performance on 32-bit processors.
118	  Tiger was developed by Ross Anderson and Eli Biham.
119
120	  See also:
121	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
122
123config CRYPTO_GF128MUL
124	tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
125	depends on EXPERIMENTAL
126	help
127	  Efficient table driven implementation of multiplications in the
128	  field GF(2^128).  This is needed by some cypher modes. This
129	  option will be selected automatically if you select such a
130	  cipher mode.  Only select this option by hand if you expect to load
131	  an external module that requires these functions.
132
133config CRYPTO_ECB
134	tristate "ECB support"
135	select CRYPTO_BLKCIPHER
136	select CRYPTO_MANAGER
137	default m
138	help
139	  ECB: Electronic CodeBook mode
140	  This is the simplest block cipher algorithm.  It simply encrypts
141	  the input block by block.
142
143config CRYPTO_CBC
144	tristate "CBC support"
145	select CRYPTO_BLKCIPHER
146	select CRYPTO_MANAGER
147	default m
148	help
149	  CBC: Cipher Block Chaining mode
150	  This block cipher algorithm is required for IPSec.
151
152config CRYPTO_LRW
153	tristate "LRW support (EXPERIMENTAL)"
154	depends on EXPERIMENTAL
155	select CRYPTO_BLKCIPHER
156	select CRYPTO_MANAGER
157	select CRYPTO_GF128MUL
158	help
159	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
160	  narrow block cipher mode for dm-crypt.  Use it with cipher
161	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
162	  The first 128, 192 or 256 bits in the key are used for AES and the
163	  rest is used to tie each cipher block to its logical position.
164
165config CRYPTO_DES
166	tristate "DES and Triple DES EDE cipher algorithms"
167	select CRYPTO_ALGAPI
168	help
169	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
170
171config CRYPTO_BLOWFISH
172	tristate "Blowfish cipher algorithm"
173	select CRYPTO_ALGAPI
174	help
175	  Blowfish cipher algorithm, by Bruce Schneier.
176
177	  This is a variable key length cipher which can use keys from 32
178	  bits to 448 bits in length.  It's fast, simple and specifically
179	  designed for use on "large microprocessors".
180
181	  See also:
182	  <http://www.schneier.com/blowfish.html>
183
184config CRYPTO_TWOFISH
185	tristate "Twofish cipher algorithm"
186	select CRYPTO_ALGAPI
187	select CRYPTO_TWOFISH_COMMON
188	help
189	  Twofish cipher algorithm.
190
191	  Twofish was submitted as an AES (Advanced Encryption Standard)
192	  candidate cipher by researchers at CounterPane Systems.  It is a
193	  16 round block cipher supporting key sizes of 128, 192, and 256
194	  bits.
195
196	  See also:
197	  <http://www.schneier.com/twofish.html>
198
199config CRYPTO_TWOFISH_COMMON
200	tristate
201	help
202	  Common parts of the Twofish cipher algorithm shared by the
203	  generic c and the assembler implementations.
204
205config CRYPTO_TWOFISH_586
206	tristate "Twofish cipher algorithms (i586)"
207	depends on (X86 || UML_X86) && !64BIT
208	select CRYPTO_ALGAPI
209	select CRYPTO_TWOFISH_COMMON
210	help
211	  Twofish cipher algorithm.
212
213	  Twofish was submitted as an AES (Advanced Encryption Standard)
214	  candidate cipher by researchers at CounterPane Systems.  It is a
215	  16 round block cipher supporting key sizes of 128, 192, and 256
216	  bits.
217
218	  See also:
219	  <http://www.schneier.com/twofish.html>
220
221config CRYPTO_TWOFISH_X86_64
222	tristate "Twofish cipher algorithm (x86_64)"
223	depends on (X86 || UML_X86) && 64BIT
224	select CRYPTO_ALGAPI
225	select CRYPTO_TWOFISH_COMMON
226	help
227	  Twofish cipher algorithm (x86_64).
228
229	  Twofish was submitted as an AES (Advanced Encryption Standard)
230	  candidate cipher by researchers at CounterPane Systems.  It is a
231	  16 round block cipher supporting key sizes of 128, 192, and 256
232	  bits.
233
234	  See also:
235	  <http://www.schneier.com/twofish.html>
236
237config CRYPTO_SERPENT
238	tristate "Serpent cipher algorithm"
239	select CRYPTO_ALGAPI
240	help
241	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
242
243	  Keys are allowed to be from 0 to 256 bits in length, in steps
244	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
245	  variant of Serpent for compatibility with old kerneli code.
246
247	  See also:
248	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
249
250config CRYPTO_AES
251	tristate "AES cipher algorithms"
252	select CRYPTO_ALGAPI
253	help
254	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
255	  algorithm.
256
257	  Rijndael appears to be consistently a very good performer in
258	  both hardware and software across a wide range of computing
259	  environments regardless of its use in feedback or non-feedback
260	  modes. Its key setup time is excellent, and its key agility is
261	  good. Rijndael's very low memory requirements make it very well
262	  suited for restricted-space environments, in which it also
263	  demonstrates excellent performance. Rijndael's operations are
264	  among the easiest to defend against power and timing attacks.
265
266	  The AES specifies three key sizes: 128, 192 and 256 bits
267
268	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
269
270config CRYPTO_AES_586
271	tristate "AES cipher algorithms (i586)"
272	depends on (X86 || UML_X86) && !64BIT
273	select CRYPTO_ALGAPI
274	help
275	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
276	  algorithm.
277
278	  Rijndael appears to be consistently a very good performer in
279	  both hardware and software across a wide range of computing
280	  environments regardless of its use in feedback or non-feedback
281	  modes. Its key setup time is excellent, and its key agility is
282	  good. Rijndael's very low memory requirements make it very well
283	  suited for restricted-space environments, in which it also
284	  demonstrates excellent performance. Rijndael's operations are
285	  among the easiest to defend against power and timing attacks.
286
287	  The AES specifies three key sizes: 128, 192 and 256 bits
288
289	  See <http://csrc.nist.gov/encryption/aes/> for more information.
290
291config CRYPTO_AES_X86_64
292	tristate "AES cipher algorithms (x86_64)"
293	depends on (X86 || UML_X86) && 64BIT
294	select CRYPTO_ALGAPI
295	help
296	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
297	  algorithm.
298
299	  Rijndael appears to be consistently a very good performer in
300	  both hardware and software across a wide range of computing
301	  environments regardless of its use in feedback or non-feedback
302	  modes. Its key setup time is excellent, and its key agility is
303	  good. Rijndael's very low memory requirements make it very well
304	  suited for restricted-space environments, in which it also
305	  demonstrates excellent performance. Rijndael's operations are
306	  among the easiest to defend against power and timing attacks.
307
308	  The AES specifies three key sizes: 128, 192 and 256 bits
309
310	  See <http://csrc.nist.gov/encryption/aes/> for more information.
311
312config CRYPTO_CAST5
313	tristate "CAST5 (CAST-128) cipher algorithm"
314	select CRYPTO_ALGAPI
315	help
316	  The CAST5 encryption algorithm (synonymous with CAST-128) is
317	  described in RFC2144.
318
319config CRYPTO_CAST6
320	tristate "CAST6 (CAST-256) cipher algorithm"
321	select CRYPTO_ALGAPI
322	help
323	  The CAST6 encryption algorithm (synonymous with CAST-256) is
324	  described in RFC2612.
325
326config CRYPTO_TEA
327	tristate "TEA, XTEA and XETA cipher algorithms"
328	select CRYPTO_ALGAPI
329	help
330	  TEA cipher algorithm.
331
332	  Tiny Encryption Algorithm is a simple cipher that uses
333	  many rounds for security.  It is very fast and uses
334	  little memory.
335
336	  Xtendend Tiny Encryption Algorithm is a modification to
337	  the TEA algorithm to address a potential key weakness
338	  in the TEA algorithm.
339
340	  Xtendend Encryption Tiny Algorithm is a mis-implementation
341	  of the XTEA algorithm for compatibility purposes.
342
343config CRYPTO_ARC4
344	tristate "ARC4 cipher algorithm"
345	select CRYPTO_ALGAPI
346	help
347	  ARC4 cipher algorithm.
348
349	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
350	  bits in length.  This algorithm is required for driver-based
351	  WEP, but it should not be for other purposes because of the
352	  weakness of the algorithm.
353
354config CRYPTO_KHAZAD
355	tristate "Khazad cipher algorithm"
356	select CRYPTO_ALGAPI
357	help
358	  Khazad cipher algorithm.
359
360	  Khazad was a finalist in the initial NESSIE competition.  It is
361	  an algorithm optimized for 64-bit processors with good performance
362	  on 32-bit processors.  Khazad uses an 128 bit key size.
363
364	  See also:
365	  <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
366
367config CRYPTO_ANUBIS
368	tristate "Anubis cipher algorithm"
369	select CRYPTO_ALGAPI
370	help
371	  Anubis cipher algorithm.
372
373	  Anubis is a variable key length cipher which can use keys from
374	  128 bits to 320 bits in length.  It was evaluated as a entrant
375	  in the NESSIE competition.
376
377	  See also:
378	  <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
379	  <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
380
381
382config CRYPTO_DEFLATE
383	tristate "Deflate compression algorithm"
384	select CRYPTO_ALGAPI
385	select ZLIB_INFLATE
386	select ZLIB_DEFLATE
387	help
388	  This is the Deflate algorithm (RFC1951), specified for use in
389	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
390
391	  You will most probably want this if using IPSec.
392
393config CRYPTO_MICHAEL_MIC
394	tristate "Michael MIC keyed digest algorithm"
395	select CRYPTO_ALGAPI
396	help
397	  Michael MIC is used for message integrity protection in TKIP
398	  (IEEE 802.11i). This algorithm is required for TKIP, but it
399	  should not be used for other purposes because of the weakness
400	  of the algorithm.
401
402config CRYPTO_CRC32C
403	tristate "CRC32c CRC algorithm"
404	select CRYPTO_ALGAPI
405	select LIBCRC32C
406	help
407	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
408	  by iSCSI for header and data digests and by others.
409	  See Castagnoli93.  This implementation uses lib/libcrc32c.
410          Module will be crc32c.
411
412config CRYPTO_TEST
413	tristate "Testing module"
414	depends on m
415	select CRYPTO_ALGAPI
416	help
417	  Quick & dirty crypto test module.
418
419source "drivers/crypto/Kconfig"
420
421endif	# if CRYPTO
422
423endmenu
424