Kconfig 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423
  1. #
  2. # Cryptographic API Configuration
  3. #
  4. menu "Cryptographic options"
  5. config CRYPTO
  6. bool "Cryptographic API"
  7. help
  8. This option provides the core Cryptographic API.
  9. if CRYPTO
  10. config CRYPTO_ALGAPI
  11. tristate
  12. help
  13. This option provides the API for cryptographic algorithms.
  14. config CRYPTO_BLKCIPHER
  15. tristate
  16. select CRYPTO_ALGAPI
  17. config CRYPTO_HASH
  18. tristate
  19. select CRYPTO_ALGAPI
  20. config CRYPTO_MANAGER
  21. tristate "Cryptographic algorithm manager"
  22. select CRYPTO_ALGAPI
  23. help
  24. Create default cryptographic template instantiations such as
  25. cbc(aes).
  26. config CRYPTO_HMAC
  27. tristate "HMAC support"
  28. select CRYPTO_HASH
  29. select CRYPTO_MANAGER
  30. help
  31. HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  32. This is required for IPSec.
  33. config CRYPTO_XCBC
  34. tristate "XCBC support"
  35. depends on EXPERIMENTAL
  36. select CRYPTO_HASH
  37. select CRYPTO_MANAGER
  38. help
  39. XCBC: Keyed-Hashing with encryption algorithm
  40. http://www.ietf.org/rfc/rfc3566.txt
  41. http://csrc.nist.gov/encryption/modes/proposedmodes/
  42. xcbc-mac/xcbc-mac-spec.pdf
  43. config CRYPTO_NULL
  44. tristate "Null algorithms"
  45. select CRYPTO_ALGAPI
  46. help
  47. These are 'Null' algorithms, used by IPsec, which do nothing.
  48. config CRYPTO_MD4
  49. tristate "MD4 digest algorithm"
  50. select CRYPTO_ALGAPI
  51. help
  52. MD4 message digest algorithm (RFC1320).
  53. config CRYPTO_MD5
  54. tristate "MD5 digest algorithm"
  55. select CRYPTO_ALGAPI
  56. help
  57. MD5 message digest algorithm (RFC1321).
  58. config CRYPTO_SHA1
  59. tristate "SHA1 digest algorithm"
  60. select CRYPTO_ALGAPI
  61. help
  62. SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  63. config CRYPTO_SHA256
  64. tristate "SHA256 digest algorithm"
  65. select CRYPTO_ALGAPI
  66. help
  67. SHA256 secure hash standard (DFIPS 180-2).
  68. This version of SHA implements a 256 bit hash with 128 bits of
  69. security against collision attacks.
  70. config CRYPTO_SHA512
  71. tristate "SHA384 and SHA512 digest algorithms"
  72. select CRYPTO_ALGAPI
  73. help
  74. SHA512 secure hash standard (DFIPS 180-2).
  75. This version of SHA implements a 512 bit hash with 256 bits of
  76. security against collision attacks.
  77. This code also includes SHA-384, a 384 bit hash with 192 bits
  78. of security against collision attacks.
  79. config CRYPTO_WP512
  80. tristate "Whirlpool digest algorithms"
  81. select CRYPTO_ALGAPI
  82. help
  83. Whirlpool hash algorithm 512, 384 and 256-bit hashes
  84. Whirlpool-512 is part of the NESSIE cryptographic primitives.
  85. Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
  86. See also:
  87. <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
  88. config CRYPTO_TGR192
  89. tristate "Tiger digest algorithms"
  90. select CRYPTO_ALGAPI
  91. help
  92. Tiger hash algorithm 192, 160 and 128-bit hashes
  93. Tiger is a hash function optimized for 64-bit processors while
  94. still having decent performance on 32-bit processors.
  95. Tiger was developed by Ross Anderson and Eli Biham.
  96. See also:
  97. <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
  98. config CRYPTO_GF128MUL
  99. tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
  100. depends on EXPERIMENTAL
  101. help
  102. Efficient table driven implementation of multiplications in the
  103. field GF(2^128). This is needed by some cypher modes. This
  104. option will be selected automatically if you select such a
  105. cipher mode. Only select this option by hand if you expect to load
  106. an external module that requires these functions.
  107. config CRYPTO_ECB
  108. tristate "ECB support"
  109. select CRYPTO_BLKCIPHER
  110. select CRYPTO_MANAGER
  111. default m
  112. help
  113. ECB: Electronic CodeBook mode
  114. This is the simplest block cipher algorithm. It simply encrypts
  115. the input block by block.
  116. config CRYPTO_CBC
  117. tristate "CBC support"
  118. select CRYPTO_BLKCIPHER
  119. select CRYPTO_MANAGER
  120. default m
  121. help
  122. CBC: Cipher Block Chaining mode
  123. This block cipher algorithm is required for IPSec.
  124. config CRYPTO_LRW
  125. tristate "LRW support (EXPERIMENTAL)"
  126. depends on EXPERIMENTAL
  127. select CRYPTO_BLKCIPHER
  128. select CRYPTO_MANAGER
  129. select CRYPTO_GF128MUL
  130. help
  131. LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
  132. narrow block cipher mode for dm-crypt. Use it with cipher
  133. specification string aes-lrw-benbi, the key must be 256, 320 or 384.
  134. The first 128, 192 or 256 bits in the key are used for AES and the
  135. rest is used to tie each cipher block to its logical position.
  136. config CRYPTO_DES
  137. tristate "DES and Triple DES EDE cipher algorithms"
  138. select CRYPTO_ALGAPI
  139. help
  140. DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
  141. config CRYPTO_BLOWFISH
  142. tristate "Blowfish cipher algorithm"
  143. select CRYPTO_ALGAPI
  144. help
  145. Blowfish cipher algorithm, by Bruce Schneier.
  146. This is a variable key length cipher which can use keys from 32
  147. bits to 448 bits in length. It's fast, simple and specifically
  148. designed for use on "large microprocessors".
  149. See also:
  150. <http://www.schneier.com/blowfish.html>
  151. config CRYPTO_TWOFISH
  152. tristate "Twofish cipher algorithm"
  153. select CRYPTO_ALGAPI
  154. select CRYPTO_TWOFISH_COMMON
  155. help
  156. Twofish cipher algorithm.
  157. Twofish was submitted as an AES (Advanced Encryption Standard)
  158. candidate cipher by researchers at CounterPane Systems. It is a
  159. 16 round block cipher supporting key sizes of 128, 192, and 256
  160. bits.
  161. See also:
  162. <http://www.schneier.com/twofish.html>
  163. config CRYPTO_TWOFISH_COMMON
  164. tristate
  165. help
  166. Common parts of the Twofish cipher algorithm shared by the
  167. generic c and the assembler implementations.
  168. config CRYPTO_TWOFISH_586
  169. tristate "Twofish cipher algorithms (i586)"
  170. depends on (X86 || UML_X86) && !64BIT
  171. select CRYPTO_ALGAPI
  172. select CRYPTO_TWOFISH_COMMON
  173. help
  174. Twofish cipher algorithm.
  175. Twofish was submitted as an AES (Advanced Encryption Standard)
  176. candidate cipher by researchers at CounterPane Systems. It is a
  177. 16 round block cipher supporting key sizes of 128, 192, and 256
  178. bits.
  179. See also:
  180. <http://www.schneier.com/twofish.html>
  181. config CRYPTO_TWOFISH_X86_64
  182. tristate "Twofish cipher algorithm (x86_64)"
  183. depends on (X86 || UML_X86) && 64BIT
  184. select CRYPTO_ALGAPI
  185. select CRYPTO_TWOFISH_COMMON
  186. help
  187. Twofish cipher algorithm (x86_64).
  188. Twofish was submitted as an AES (Advanced Encryption Standard)
  189. candidate cipher by researchers at CounterPane Systems. It is a
  190. 16 round block cipher supporting key sizes of 128, 192, and 256
  191. bits.
  192. See also:
  193. <http://www.schneier.com/twofish.html>
  194. config CRYPTO_SERPENT
  195. tristate "Serpent cipher algorithm"
  196. select CRYPTO_ALGAPI
  197. help
  198. Serpent cipher algorithm, by Anderson, Biham & Knudsen.
  199. Keys are allowed to be from 0 to 256 bits in length, in steps
  200. of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
  201. variant of Serpent for compatibility with old kerneli code.
  202. See also:
  203. <http://www.cl.cam.ac.uk/~rja14/serpent.html>
  204. config CRYPTO_AES
  205. tristate "AES cipher algorithms"
  206. select CRYPTO_ALGAPI
  207. help
  208. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  209. algorithm.
  210. Rijndael appears to be consistently a very good performer in
  211. both hardware and software across a wide range of computing
  212. environments regardless of its use in feedback or non-feedback
  213. modes. Its key setup time is excellent, and its key agility is
  214. good. Rijndael's very low memory requirements make it very well
  215. suited for restricted-space environments, in which it also
  216. demonstrates excellent performance. Rijndael's operations are
  217. among the easiest to defend against power and timing attacks.
  218. The AES specifies three key sizes: 128, 192 and 256 bits
  219. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  220. config CRYPTO_AES_586
  221. tristate "AES cipher algorithms (i586)"
  222. depends on (X86 || UML_X86) && !64BIT
  223. select CRYPTO_ALGAPI
  224. help
  225. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  226. algorithm.
  227. Rijndael appears to be consistently a very good performer in
  228. both hardware and software across a wide range of computing
  229. environments regardless of its use in feedback or non-feedback
  230. modes. Its key setup time is excellent, and its key agility is
  231. good. Rijndael's very low memory requirements make it very well
  232. suited for restricted-space environments, in which it also
  233. demonstrates excellent performance. Rijndael's operations are
  234. among the easiest to defend against power and timing attacks.
  235. The AES specifies three key sizes: 128, 192 and 256 bits
  236. See <http://csrc.nist.gov/encryption/aes/> for more information.
  237. config CRYPTO_AES_X86_64
  238. tristate "AES cipher algorithms (x86_64)"
  239. depends on (X86 || UML_X86) && 64BIT
  240. select CRYPTO_ALGAPI
  241. help
  242. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  243. algorithm.
  244. Rijndael appears to be consistently a very good performer in
  245. both hardware and software across a wide range of computing
  246. environments regardless of its use in feedback or non-feedback
  247. modes. Its key setup time is excellent, and its key agility is
  248. good. Rijndael's very low memory requirements make it very well
  249. suited for restricted-space environments, in which it also
  250. demonstrates excellent performance. Rijndael's operations are
  251. among the easiest to defend against power and timing attacks.
  252. The AES specifies three key sizes: 128, 192 and 256 bits
  253. See <http://csrc.nist.gov/encryption/aes/> for more information.
  254. config CRYPTO_CAST5
  255. tristate "CAST5 (CAST-128) cipher algorithm"
  256. select CRYPTO_ALGAPI
  257. help
  258. The CAST5 encryption algorithm (synonymous with CAST-128) is
  259. described in RFC2144.
  260. config CRYPTO_CAST6
  261. tristate "CAST6 (CAST-256) cipher algorithm"
  262. select CRYPTO_ALGAPI
  263. help
  264. The CAST6 encryption algorithm (synonymous with CAST-256) is
  265. described in RFC2612.
  266. config CRYPTO_TEA
  267. tristate "TEA, XTEA and XETA cipher algorithms"
  268. select CRYPTO_ALGAPI
  269. help
  270. TEA cipher algorithm.
  271. Tiny Encryption Algorithm is a simple cipher that uses
  272. many rounds for security. It is very fast and uses
  273. little memory.
  274. Xtendend Tiny Encryption Algorithm is a modification to
  275. the TEA algorithm to address a potential key weakness
  276. in the TEA algorithm.
  277. Xtendend Encryption Tiny Algorithm is a mis-implementation
  278. of the XTEA algorithm for compatibility purposes.
  279. config CRYPTO_ARC4
  280. tristate "ARC4 cipher algorithm"
  281. select CRYPTO_ALGAPI
  282. help
  283. ARC4 cipher algorithm.
  284. ARC4 is a stream cipher using keys ranging from 8 bits to 2048
  285. bits in length. This algorithm is required for driver-based
  286. WEP, but it should not be for other purposes because of the
  287. weakness of the algorithm.
  288. config CRYPTO_KHAZAD
  289. tristate "Khazad cipher algorithm"
  290. select CRYPTO_ALGAPI
  291. help
  292. Khazad cipher algorithm.
  293. Khazad was a finalist in the initial NESSIE competition. It is
  294. an algorithm optimized for 64-bit processors with good performance
  295. on 32-bit processors. Khazad uses an 128 bit key size.
  296. See also:
  297. <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
  298. config CRYPTO_ANUBIS
  299. tristate "Anubis cipher algorithm"
  300. select CRYPTO_ALGAPI
  301. help
  302. Anubis cipher algorithm.
  303. Anubis is a variable key length cipher which can use keys from
  304. 128 bits to 320 bits in length. It was evaluated as a entrant
  305. in the NESSIE competition.
  306. See also:
  307. <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
  308. <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
  309. config CRYPTO_DEFLATE
  310. tristate "Deflate compression algorithm"
  311. select CRYPTO_ALGAPI
  312. select ZLIB_INFLATE
  313. select ZLIB_DEFLATE
  314. help
  315. This is the Deflate algorithm (RFC1951), specified for use in
  316. IPSec with the IPCOMP protocol (RFC3173, RFC2394).
  317. You will most probably want this if using IPSec.
  318. config CRYPTO_MICHAEL_MIC
  319. tristate "Michael MIC keyed digest algorithm"
  320. select CRYPTO_ALGAPI
  321. help
  322. Michael MIC is used for message integrity protection in TKIP
  323. (IEEE 802.11i). This algorithm is required for TKIP, but it
  324. should not be used for other purposes because of the weakness
  325. of the algorithm.
  326. config CRYPTO_CRC32C
  327. tristate "CRC32c CRC algorithm"
  328. select CRYPTO_ALGAPI
  329. select LIBCRC32C
  330. help
  331. Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
  332. by iSCSI for header and data digests and by others.
  333. See Castagnoli93. This implementation uses lib/libcrc32c.
  334. Module will be crc32c.
  335. config CRYPTO_TEST
  336. tristate "Testing module"
  337. depends on m
  338. select CRYPTO_ALGAPI
  339. help
  340. Quick & dirty crypto test module.
  341. source "drivers/crypto/Kconfig"
  342. endif # if CRYPTO
  343. endmenu