1# 2# Cryptographic API Configuration 3# 4 5menu "Cryptographic options" 6 7config CRYPTO 8 bool "Cryptographic API" 9 help 10 This option provides the core Cryptographic API. 11 12if CRYPTO 13 14config CRYPTO_ALGAPI 15 tristate 16 help 17 This option provides the API for cryptographic algorithms. 18 19config CRYPTO_BLKCIPHER 20 tristate 21 select CRYPTO_ALGAPI 22 23config CRYPTO_HASH 24 tristate 25 select CRYPTO_ALGAPI 26 27config CRYPTO_MANAGER 28 tristate "Cryptographic algorithm manager" 29 select CRYPTO_ALGAPI 30 default m 31 help 32 Create default cryptographic template instantiations such as 33 cbc(aes). 34 35config CRYPTO_HMAC 36 tristate "HMAC support" 37 select CRYPTO_HASH 38 help 39 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 40 This is required for IPSec. 41 42config CRYPTO_NULL 43 tristate "Null algorithms" 44 select CRYPTO_ALGAPI 45 help 46 These are 'Null' algorithms, used by IPsec, which do nothing. 47 48config CRYPTO_MD4 49 tristate "MD4 digest algorithm" 50 select CRYPTO_ALGAPI 51 help 52 MD4 message digest algorithm (RFC1320). 53 54config CRYPTO_MD5 55 tristate "MD5 digest algorithm" 56 select CRYPTO_ALGAPI 57 help 58 MD5 message digest algorithm (RFC1321). 59 60config CRYPTO_SHA1 61 tristate "SHA1 digest algorithm" 62 select CRYPTO_ALGAPI 63 help 64 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 65 66config CRYPTO_SHA1_S390 67 tristate "SHA1 digest algorithm (s390)" 68 depends on S390 69 select CRYPTO_ALGAPI 70 help 71 This is the s390 hardware accelerated implementation of the 72 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 73 74config CRYPTO_SHA256 75 tristate "SHA256 digest algorithm" 76 select CRYPTO_ALGAPI 77 help 78 SHA256 secure hash standard (DFIPS 180-2). 79 80 This version of SHA implements a 256 bit hash with 128 bits of 81 security against collision attacks. 82 83config CRYPTO_SHA256_S390 84 tristate "SHA256 digest algorithm (s390)" 85 depends on S390 86 select CRYPTO_ALGAPI 87 help 88 This is the s390 hardware accelerated implementation of the 89 SHA256 secure hash standard (DFIPS 180-2). 90 91 This version of SHA implements a 256 bit hash with 128 bits of 92 security against collision attacks. 93 94config CRYPTO_SHA512 95 tristate "SHA384 and SHA512 digest algorithms" 96 select CRYPTO_ALGAPI 97 help 98 SHA512 secure hash standard (DFIPS 180-2). 99 100 This version of SHA implements a 512 bit hash with 256 bits of 101 security against collision attacks. 102 103 This code also includes SHA-384, a 384 bit hash with 192 bits 104 of security against collision attacks. 105 106config CRYPTO_WP512 107 tristate "Whirlpool digest algorithms" 108 select CRYPTO_ALGAPI 109 help 110 Whirlpool hash algorithm 512, 384 and 256-bit hashes 111 112 Whirlpool-512 is part of the NESSIE cryptographic primitives. 113 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 114 115 See also: 116 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> 117 118config CRYPTO_TGR192 119 tristate "Tiger digest algorithms" 120 select CRYPTO_ALGAPI 121 help 122 Tiger hash algorithm 192, 160 and 128-bit hashes 123 124 Tiger is a hash function optimized for 64-bit processors while 125 still having decent performance on 32-bit processors. 126 Tiger was developed by Ross Anderson and Eli Biham. 127 128 See also: 129 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 130 131config CRYPTO_ECB 132 tristate "ECB support" 133 select CRYPTO_BLKCIPHER 134 default m 135 help 136 ECB: Electronic CodeBook mode 137 This is the simplest block cipher algorithm. It simply encrypts 138 the input block by block. 139 140config CRYPTO_CBC 141 tristate "CBC support" 142 select CRYPTO_BLKCIPHER 143 default m 144 help 145 CBC: Cipher Block Chaining mode 146 This block cipher algorithm is required for IPSec. 147 148config CRYPTO_DES 149 tristate "DES and Triple DES EDE cipher algorithms" 150 select CRYPTO_ALGAPI 151 help 152 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 153 154config CRYPTO_DES_S390 155 tristate "DES and Triple DES cipher algorithms (s390)" 156 depends on S390 157 select CRYPTO_ALGAPI 158 select CRYPTO_BLKCIPHER 159 help 160 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 161 162config CRYPTO_BLOWFISH 163 tristate "Blowfish cipher algorithm" 164 select CRYPTO_ALGAPI 165 help 166 Blowfish cipher algorithm, by Bruce Schneier. 167 168 This is a variable key length cipher which can use keys from 32 169 bits to 448 bits in length. It's fast, simple and specifically 170 designed for use on "large microprocessors". 171 172 See also: 173 <http://www.schneier.com/blowfish.html> 174 175config CRYPTO_TWOFISH 176 tristate "Twofish cipher algorithm" 177 select CRYPTO_ALGAPI 178 select CRYPTO_TWOFISH_COMMON 179 help 180 Twofish cipher algorithm. 181 182 Twofish was submitted as an AES (Advanced Encryption Standard) 183 candidate cipher by researchers at CounterPane Systems. It is a 184 16 round block cipher supporting key sizes of 128, 192, and 256 185 bits. 186 187 See also: 188 <http://www.schneier.com/twofish.html> 189 190config CRYPTO_TWOFISH_COMMON 191 tristate 192 help 193 Common parts of the Twofish cipher algorithm shared by the 194 generic c and the assembler implementations. 195 196config CRYPTO_TWOFISH_586 197 tristate "Twofish cipher algorithms (i586)" 198 depends on (X86 || UML_X86) && !64BIT 199 select CRYPTO_ALGAPI 200 select CRYPTO_TWOFISH_COMMON 201 help 202 Twofish cipher algorithm. 203 204 Twofish was submitted as an AES (Advanced Encryption Standard) 205 candidate cipher by researchers at CounterPane Systems. It is a 206 16 round block cipher supporting key sizes of 128, 192, and 256 207 bits. 208 209 See also: 210 <http://www.schneier.com/twofish.html> 211 212config CRYPTO_TWOFISH_X86_64 213 tristate "Twofish cipher algorithm (x86_64)" 214 depends on (X86 || UML_X86) && 64BIT 215 select CRYPTO_ALGAPI 216 select CRYPTO_TWOFISH_COMMON 217 help 218 Twofish cipher algorithm (x86_64). 219 220 Twofish was submitted as an AES (Advanced Encryption Standard) 221 candidate cipher by researchers at CounterPane Systems. It is a 222 16 round block cipher supporting key sizes of 128, 192, and 256 223 bits. 224 225 See also: 226 <http://www.schneier.com/twofish.html> 227 228config CRYPTO_SERPENT 229 tristate "Serpent cipher algorithm" 230 select CRYPTO_ALGAPI 231 help 232 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 233 234 Keys are allowed to be from 0 to 256 bits in length, in steps 235 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 236 variant of Serpent for compatibility with old kerneli code. 237 238 See also: 239 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 240 241config CRYPTO_AES 242 tristate "AES cipher algorithms" 243 select CRYPTO_ALGAPI 244 help 245 AES cipher algorithms (FIPS-197). AES uses the Rijndael 246 algorithm. 247 248 Rijndael appears to be consistently a very good performer in 249 both hardware and software across a wide range of computing 250 environments regardless of its use in feedback or non-feedback 251 modes. Its key setup time is excellent, and its key agility is 252 good. Rijndael's very low memory requirements make it very well 253 suited for restricted-space environments, in which it also 254 demonstrates excellent performance. Rijndael's operations are 255 among the easiest to defend against power and timing attacks. 256 257 The AES specifies three key sizes: 128, 192 and 256 bits 258 259 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 260 261config CRYPTO_AES_586 262 tristate "AES cipher algorithms (i586)" 263 depends on (X86 || UML_X86) && !64BIT 264 select CRYPTO_ALGAPI 265 help 266 AES cipher algorithms (FIPS-197). AES uses the Rijndael 267 algorithm. 268 269 Rijndael appears to be consistently a very good performer in 270 both hardware and software across a wide range of computing 271 environments regardless of its use in feedback or non-feedback 272 modes. Its key setup time is excellent, and its key agility is 273 good. Rijndael's very low memory requirements make it very well 274 suited for restricted-space environments, in which it also 275 demonstrates excellent performance. Rijndael's operations are 276 among the easiest to defend against power and timing attacks. 277 278 The AES specifies three key sizes: 128, 192 and 256 bits 279 280 See <http://csrc.nist.gov/encryption/aes/> for more information. 281 282config CRYPTO_AES_X86_64 283 tristate "AES cipher algorithms (x86_64)" 284 depends on (X86 || UML_X86) && 64BIT 285 select CRYPTO_ALGAPI 286 help 287 AES cipher algorithms (FIPS-197). AES uses the Rijndael 288 algorithm. 289 290 Rijndael appears to be consistently a very good performer in 291 both hardware and software across a wide range of computing 292 environments regardless of its use in feedback or non-feedback 293 modes. Its key setup time is excellent, and its key agility is 294 good. Rijndael's very low memory requirements make it very well 295 suited for restricted-space environments, in which it also 296 demonstrates excellent performance. Rijndael's operations are 297 among the easiest to defend against power and timing attacks. 298 299 The AES specifies three key sizes: 128, 192 and 256 bits 300 301 See <http://csrc.nist.gov/encryption/aes/> for more information. 302 303config CRYPTO_AES_S390 304 tristate "AES cipher algorithms (s390)" 305 depends on S390 306 select CRYPTO_ALGAPI 307 select CRYPTO_BLKCIPHER 308 help 309 This is the s390 hardware accelerated implementation of the 310 AES cipher algorithms (FIPS-197). AES uses the Rijndael 311 algorithm. 312 313 Rijndael appears to be consistently a very good performer in 314 both hardware and software across a wide range of computing 315 environments regardless of its use in feedback or non-feedback 316 modes. Its key setup time is excellent, and its key agility is 317 good. Rijndael's very low memory requirements make it very well 318 suited for restricted-space environments, in which it also 319 demonstrates excellent performance. Rijndael's operations are 320 among the easiest to defend against power and timing attacks. 321 322 On s390 the System z9-109 currently only supports the key size 323 of 128 bit. 324 325config CRYPTO_CAST5 326 tristate "CAST5 (CAST-128) cipher algorithm" 327 select CRYPTO_ALGAPI 328 help 329 The CAST5 encryption algorithm (synonymous with CAST-128) is 330 described in RFC2144. 331 332config CRYPTO_CAST6 333 tristate "CAST6 (CAST-256) cipher algorithm" 334 select CRYPTO_ALGAPI 335 help 336 The CAST6 encryption algorithm (synonymous with CAST-256) is 337 described in RFC2612. 338 339config CRYPTO_TEA 340 tristate "TEA, XTEA and XETA cipher algorithms" 341 select CRYPTO_ALGAPI 342 help 343 TEA cipher algorithm. 344 345 Tiny Encryption Algorithm is a simple cipher that uses 346 many rounds for security. It is very fast and uses 347 little memory. 348 349 Xtendend Tiny Encryption Algorithm is a modification to 350 the TEA algorithm to address a potential key weakness 351 in the TEA algorithm. 352 353 Xtendend Encryption Tiny Algorithm is a mis-implementation 354 of the XTEA algorithm for compatibility purposes. 355 356config CRYPTO_ARC4 357 tristate "ARC4 cipher algorithm" 358 select CRYPTO_ALGAPI 359 help 360 ARC4 cipher algorithm. 361 362 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 363 bits in length. This algorithm is required for driver-based 364 WEP, but it should not be for other purposes because of the 365 weakness of the algorithm. 366 367config CRYPTO_KHAZAD 368 tristate "Khazad cipher algorithm" 369 select CRYPTO_ALGAPI 370 help 371 Khazad cipher algorithm. 372 373 Khazad was a finalist in the initial NESSIE competition. It is 374 an algorithm optimized for 64-bit processors with good performance 375 on 32-bit processors. Khazad uses an 128 bit key size. 376 377 See also: 378 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> 379 380config CRYPTO_ANUBIS 381 tristate "Anubis cipher algorithm" 382 select CRYPTO_ALGAPI 383 help 384 Anubis cipher algorithm. 385 386 Anubis is a variable key length cipher which can use keys from 387 128 bits to 320 bits in length. It was evaluated as a entrant 388 in the NESSIE competition. 389 390 See also: 391 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> 392 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> 393 394 395config CRYPTO_DEFLATE 396 tristate "Deflate compression algorithm" 397 select CRYPTO_ALGAPI 398 select ZLIB_INFLATE 399 select ZLIB_DEFLATE 400 help 401 This is the Deflate algorithm (RFC1951), specified for use in 402 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 403 404 You will most probably want this if using IPSec. 405 406config CRYPTO_MICHAEL_MIC 407 tristate "Michael MIC keyed digest algorithm" 408 select CRYPTO_ALGAPI 409 help 410 Michael MIC is used for message integrity protection in TKIP 411 (IEEE 802.11i). This algorithm is required for TKIP, but it 412 should not be used for other purposes because of the weakness 413 of the algorithm. 414 415config CRYPTO_CRC32C 416 tristate "CRC32c CRC algorithm" 417 select CRYPTO_ALGAPI 418 select LIBCRC32C 419 help 420 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 421 by iSCSI for header and data digests and by others. 422 See Castagnoli93. This implementation uses lib/libcrc32c. 423 Module will be crc32c. 424 425config CRYPTO_TEST 426 tristate "Testing module" 427 depends on m 428 select CRYPTO_ALGAPI 429 help 430 Quick & dirty crypto test module. 431 432source "drivers/crypto/Kconfig" 433 434endif # if CRYPTO 435 436endmenu 437