xref: /linux/crypto/Kconfig (revision f3d9478b2ce468c3115b02ecae7e975990697f15) 
1#
2# Cryptographic API Configuration
3#
4
5menu "Cryptographic options"
6
7config CRYPTO
8	bool "Cryptographic API"
9	help
10	  This option provides the core Cryptographic API.
11
12config CRYPTO_HMAC
13	bool "HMAC support"
14	depends on CRYPTO
15	help
16	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
17	  This is required for IPSec.
18
19config CRYPTO_NULL
20	tristate "Null algorithms"
21	depends on CRYPTO
22	help
23	  These are 'Null' algorithms, used by IPsec, which do nothing.
24
25config CRYPTO_MD4
26	tristate "MD4 digest algorithm"
27	depends on CRYPTO
28	help
29	  MD4 message digest algorithm (RFC1320).
30
31config CRYPTO_MD5
32	tristate "MD5 digest algorithm"
33	depends on CRYPTO
34	help
35	  MD5 message digest algorithm (RFC1321).
36
37config CRYPTO_SHA1
38	tristate "SHA1 digest algorithm"
39	depends on CRYPTO
40	help
41	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
42
43config CRYPTO_SHA1_S390
44	tristate "SHA1 digest algorithm (s390)"
45	depends on CRYPTO && S390
46	help
47	  This is the s390 hardware accelerated implementation of the
48	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
49
50config CRYPTO_SHA256
51	tristate "SHA256 digest algorithm"
52	depends on CRYPTO
53	help
54	  SHA256 secure hash standard (DFIPS 180-2).
55
56	  This version of SHA implements a 256 bit hash with 128 bits of
57	  security against collision attacks.
58
59config CRYPTO_SHA256_S390
60	tristate "SHA256 digest algorithm (s390)"
61	depends on CRYPTO && S390
62	help
63	  This is the s390 hardware accelerated implementation of the
64	  SHA256 secure hash standard (DFIPS 180-2).
65
66	  This version of SHA implements a 256 bit hash with 128 bits of
67	  security against collision attacks.
68
69config CRYPTO_SHA512
70	tristate "SHA384 and SHA512 digest algorithms"
71	depends on CRYPTO
72	help
73	  SHA512 secure hash standard (DFIPS 180-2).
74
75	  This version of SHA implements a 512 bit hash with 256 bits of
76	  security against collision attacks.
77
78	  This code also includes SHA-384, a 384 bit hash with 192 bits
79	  of security against collision attacks.
80
81config CRYPTO_WP512
82	tristate "Whirlpool digest algorithms"
83	depends on CRYPTO
84	help
85	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
86
87	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
88	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
89
90	  See also:
91	  <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
92
93config CRYPTO_TGR192
94	tristate "Tiger digest algorithms"
95	depends on CRYPTO
96	help
97	  Tiger hash algorithm 192, 160 and 128-bit hashes
98
99	  Tiger is a hash function optimized for 64-bit processors while
100	  still having decent performance on 32-bit processors.
101	  Tiger was developed by Ross Anderson and Eli Biham.
102
103	  See also:
104	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
105
106config CRYPTO_DES
107	tristate "DES and Triple DES EDE cipher algorithms"
108	depends on CRYPTO
109	help
110	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
111
112config CRYPTO_DES_S390
113	tristate "DES and Triple DES cipher algorithms (s390)"
114	depends on CRYPTO && S390
115	help
116	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
117
118config CRYPTO_BLOWFISH
119	tristate "Blowfish cipher algorithm"
120	depends on CRYPTO
121	help
122	  Blowfish cipher algorithm, by Bruce Schneier.
123
124	  This is a variable key length cipher which can use keys from 32
125	  bits to 448 bits in length.  It's fast, simple and specifically
126	  designed for use on "large microprocessors".
127
128	  See also:
129	  <http://www.schneier.com/blowfish.html>
130
131config CRYPTO_TWOFISH
132	tristate "Twofish cipher algorithm"
133	depends on CRYPTO
134	help
135	  Twofish cipher algorithm.
136
137	  Twofish was submitted as an AES (Advanced Encryption Standard)
138	  candidate cipher by researchers at CounterPane Systems.  It is a
139	  16 round block cipher supporting key sizes of 128, 192, and 256
140	  bits.
141
142	  See also:
143	  <http://www.schneier.com/twofish.html>
144
145config CRYPTO_SERPENT
146	tristate "Serpent cipher algorithm"
147	depends on CRYPTO
148	help
149	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
150
151	  Keys are allowed to be from 0 to 256 bits in length, in steps
152	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
153	  variant of Serpent for compatibility with old kerneli code.
154
155	  See also:
156	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
157
158config CRYPTO_AES
159	tristate "AES cipher algorithms"
160	depends on CRYPTO
161	help
162	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
163	  algorithm.
164
165	  Rijndael appears to be consistently a very good performer in
166	  both hardware and software across a wide range of computing
167	  environments regardless of its use in feedback or non-feedback
168	  modes. Its key setup time is excellent, and its key agility is
169	  good. Rijndael's very low memory requirements make it very well
170	  suited for restricted-space environments, in which it also
171	  demonstrates excellent performance. Rijndael's operations are
172	  among the easiest to defend against power and timing attacks.
173
174	  The AES specifies three key sizes: 128, 192 and 256 bits
175
176	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
177
178config CRYPTO_AES_586
179	tristate "AES cipher algorithms (i586)"
180	depends on CRYPTO && ((X86 || UML_X86) && !64BIT)
181	help
182	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
183	  algorithm.
184
185	  Rijndael appears to be consistently a very good performer in
186	  both hardware and software across a wide range of computing
187	  environments regardless of its use in feedback or non-feedback
188	  modes. Its key setup time is excellent, and its key agility is
189	  good. Rijndael's very low memory requirements make it very well
190	  suited for restricted-space environments, in which it also
191	  demonstrates excellent performance. Rijndael's operations are
192	  among the easiest to defend against power and timing attacks.
193
194	  The AES specifies three key sizes: 128, 192 and 256 bits
195
196	  See <http://csrc.nist.gov/encryption/aes/> for more information.
197
198config CRYPTO_AES_X86_64
199	tristate "AES cipher algorithms (x86_64)"
200	depends on CRYPTO && ((X86 || UML_X86) && 64BIT)
201	help
202	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
203	  algorithm.
204
205	  Rijndael appears to be consistently a very good performer in
206	  both hardware and software across a wide range of computing
207	  environments regardless of its use in feedback or non-feedback
208	  modes. Its key setup time is excellent, and its key agility is
209	  good. Rijndael's very low memory requirements make it very well
210	  suited for restricted-space environments, in which it also
211	  demonstrates excellent performance. Rijndael's operations are
212	  among the easiest to defend against power and timing attacks.
213
214	  The AES specifies three key sizes: 128, 192 and 256 bits
215
216	  See <http://csrc.nist.gov/encryption/aes/> for more information.
217
218config CRYPTO_AES_S390
219	tristate "AES cipher algorithms (s390)"
220	depends on CRYPTO && S390
221	help
222	  This is the s390 hardware accelerated implementation of the
223	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
224	  algorithm.
225
226	  Rijndael appears to be consistently a very good performer in
227	  both hardware and software across a wide range of computing
228	  environments regardless of its use in feedback or non-feedback
229	  modes. Its key setup time is excellent, and its key agility is
230	  good. Rijndael's very low memory requirements make it very well
231	  suited for restricted-space environments, in which it also
232	  demonstrates excellent performance. Rijndael's operations are
233	  among the easiest to defend against power and timing attacks.
234
235	  On s390 the System z9-109 currently only supports the key size
236	  of 128 bit.
237
238config CRYPTO_CAST5
239	tristate "CAST5 (CAST-128) cipher algorithm"
240	depends on CRYPTO
241	help
242	  The CAST5 encryption algorithm (synonymous with CAST-128) is
243	  described in RFC2144.
244
245config CRYPTO_CAST6
246	tristate "CAST6 (CAST-256) cipher algorithm"
247	depends on CRYPTO
248	help
249	  The CAST6 encryption algorithm (synonymous with CAST-256) is
250	  described in RFC2612.
251
252config CRYPTO_TEA
253	tristate "TEA, XTEA and XETA cipher algorithms"
254	depends on CRYPTO
255	help
256	  TEA cipher algorithm.
257
258	  Tiny Encryption Algorithm is a simple cipher that uses
259	  many rounds for security.  It is very fast and uses
260	  little memory.
261
262	  Xtendend Tiny Encryption Algorithm is a modification to
263	  the TEA algorithm to address a potential key weakness
264	  in the TEA algorithm.
265
266	  Xtendend Encryption Tiny Algorithm is a mis-implementation
267	  of the XTEA algorithm for compatibility purposes.
268
269config CRYPTO_ARC4
270	tristate "ARC4 cipher algorithm"
271	depends on CRYPTO
272	help
273	  ARC4 cipher algorithm.
274
275	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
276	  bits in length.  This algorithm is required for driver-based
277	  WEP, but it should not be for other purposes because of the
278	  weakness of the algorithm.
279
280config CRYPTO_KHAZAD
281	tristate "Khazad cipher algorithm"
282	depends on CRYPTO
283	help
284	  Khazad cipher algorithm.
285
286	  Khazad was a finalist in the initial NESSIE competition.  It is
287	  an algorithm optimized for 64-bit processors with good performance
288	  on 32-bit processors.  Khazad uses an 128 bit key size.
289
290	  See also:
291	  <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
292
293config CRYPTO_ANUBIS
294	tristate "Anubis cipher algorithm"
295	depends on CRYPTO
296	help
297	  Anubis cipher algorithm.
298
299	  Anubis is a variable key length cipher which can use keys from
300	  128 bits to 320 bits in length.  It was evaluated as a entrant
301	  in the NESSIE competition.
302
303	  See also:
304	  <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
305	  <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
306
307
308config CRYPTO_DEFLATE
309	tristate "Deflate compression algorithm"
310	depends on CRYPTO
311	select ZLIB_INFLATE
312	select ZLIB_DEFLATE
313	help
314	  This is the Deflate algorithm (RFC1951), specified for use in
315	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
316
317	  You will most probably want this if using IPSec.
318
319config CRYPTO_MICHAEL_MIC
320	tristate "Michael MIC keyed digest algorithm"
321	depends on CRYPTO
322	help
323	  Michael MIC is used for message integrity protection in TKIP
324	  (IEEE 802.11i). This algorithm is required for TKIP, but it
325	  should not be used for other purposes because of the weakness
326	  of the algorithm.
327
328config CRYPTO_CRC32C
329	tristate "CRC32c CRC algorithm"
330	depends on CRYPTO
331	select LIBCRC32C
332	help
333	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
334	  by iSCSI for header and data digests and by others.
335	  See Castagnoli93.  This implementation uses lib/libcrc32c.
336          Module will be crc32c.
337
338config CRYPTO_TEST
339	tristate "Testing module"
340	depends on CRYPTO
341	help
342	  Quick & dirty crypto test module.
343
344source "drivers/crypto/Kconfig"
345endmenu
346
347