blob: e2e1eb13827ecf8e114ca4a8085cbbc0286173c1 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001#
2# Cryptographic API Configuration
3#
4
5menu "Cryptographic options"
6
7config CRYPTO
8 bool "Cryptographic API"
9 help
10 This option provides the core Cryptographic API.
11
Herbert Xucce9e062006-08-21 21:08:13 +100012if CRYPTO
13
14config CRYPTO_ALGAPI
15 tristate
16 help
17 This option provides the API for cryptographic algorithms.
18
Herbert Xu5cde0af2006-08-22 00:07:53 +100019config CRYPTO_BLKCIPHER
20 tristate
21 select CRYPTO_ALGAPI
22
Herbert Xu055bcee2006-08-19 22:24:23 +100023config CRYPTO_HASH
24 tristate
25 select CRYPTO_ALGAPI
26
Herbert Xu2b8c19d2006-09-21 11:31:44 +100027config CRYPTO_MANAGER
28 tristate "Cryptographic algorithm manager"
29 select CRYPTO_ALGAPI
Herbert Xu2b8c19d2006-09-21 11:31:44 +100030 help
31 Create default cryptographic template instantiations such as
32 cbc(aes).
33
Linus Torvalds1da177e2005-04-16 15:20:36 -070034config CRYPTO_HMAC
Herbert Xu84251652006-08-20 15:25:22 +100035 tristate "HMAC support"
Herbert Xu0796ae02006-08-21 20:50:52 +100036 select CRYPTO_HASH
Herbert Xu43518402006-10-16 21:28:58 +100037 select CRYPTO_MANAGER
Linus Torvalds1da177e2005-04-16 15:20:36 -070038 help
39 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
40 This is required for IPSec.
41
Kazunori MIYAZAWA333b0d72006-10-28 13:15:24 +100042config CRYPTO_XCBC
43 tristate "XCBC support"
44 depends on EXPERIMENTAL
45 select CRYPTO_HASH
46 select CRYPTO_MANAGER
47 help
48 XCBC: Keyed-Hashing with encryption algorithm
49 http://www.ietf.org/rfc/rfc3566.txt
50 http://csrc.nist.gov/encryption/modes/proposedmodes/
51 xcbc-mac/xcbc-mac-spec.pdf
52
Linus Torvalds1da177e2005-04-16 15:20:36 -070053config CRYPTO_NULL
54 tristate "Null algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +100055 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070056 help
57 These are 'Null' algorithms, used by IPsec, which do nothing.
58
59config CRYPTO_MD4
60 tristate "MD4 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100061 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070062 help
63 MD4 message digest algorithm (RFC1320).
64
65config CRYPTO_MD5
66 tristate "MD5 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100067 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070068 help
69 MD5 message digest algorithm (RFC1321).
70
71config CRYPTO_SHA1
72 tristate "SHA1 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100073 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070074 help
75 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
76
Jan Glauberc1e26e12006-01-06 00:19:17 -080077config CRYPTO_SHA1_S390
78 tristate "SHA1 digest algorithm (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +100079 depends on S390
80 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070081 help
Jan Glauber0a497c172006-01-06 00:19:18 -080082 This is the s390 hardware accelerated implementation of the
Linus Torvalds1da177e2005-04-16 15:20:36 -070083 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
84
85config CRYPTO_SHA256
86 tristate "SHA256 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100087 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070088 help
89 SHA256 secure hash standard (DFIPS 180-2).
90
91 This version of SHA implements a 256 bit hash with 128 bits of
92 security against collision attacks.
93
Jan Glauber0a497c172006-01-06 00:19:18 -080094config CRYPTO_SHA256_S390
95 tristate "SHA256 digest algorithm (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +100096 depends on S390
97 select CRYPTO_ALGAPI
Jan Glauber0a497c172006-01-06 00:19:18 -080098 help
99 This is the s390 hardware accelerated implementation of the
100 SHA256 secure hash standard (DFIPS 180-2).
101
102 This version of SHA implements a 256 bit hash with 128 bits of
103 security against collision attacks.
104
Linus Torvalds1da177e2005-04-16 15:20:36 -0700105config CRYPTO_SHA512
106 tristate "SHA384 and SHA512 digest algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000107 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700108 help
109 SHA512 secure hash standard (DFIPS 180-2).
110
111 This version of SHA implements a 512 bit hash with 256 bits of
112 security against collision attacks.
113
114 This code also includes SHA-384, a 384 bit hash with 192 bits
115 of security against collision attacks.
116
117config CRYPTO_WP512
118 tristate "Whirlpool digest algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000119 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700120 help
121 Whirlpool hash algorithm 512, 384 and 256-bit hashes
122
123 Whirlpool-512 is part of the NESSIE cryptographic primitives.
124 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
125
126 See also:
127 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
128
129config CRYPTO_TGR192
130 tristate "Tiger digest algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000131 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700132 help
133 Tiger hash algorithm 192, 160 and 128-bit hashes
134
135 Tiger is a hash function optimized for 64-bit processors while
136 still having decent performance on 32-bit processors.
137 Tiger was developed by Ross Anderson and Eli Biham.
138
139 See also:
140 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
141
Rik Snelc494e072006-11-29 18:59:44 +1100142config CRYPTO_GF128MUL
143 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
144 depends on EXPERIMENTAL
145 help
146 Efficient table driven implementation of multiplications in the
147 field GF(2^128). This is needed by some cypher modes. This
148 option will be selected automatically if you select such a
149 cipher mode. Only select this option by hand if you expect to load
150 an external module that requires these functions.
151
Herbert Xudb131ef2006-09-21 11:44:08 +1000152config CRYPTO_ECB
153 tristate "ECB support"
154 select CRYPTO_BLKCIPHER
Herbert Xu43518402006-10-16 21:28:58 +1000155 select CRYPTO_MANAGER
Herbert Xudb131ef2006-09-21 11:44:08 +1000156 default m
157 help
158 ECB: Electronic CodeBook mode
159 This is the simplest block cipher algorithm. It simply encrypts
160 the input block by block.
161
162config CRYPTO_CBC
163 tristate "CBC support"
164 select CRYPTO_BLKCIPHER
Herbert Xu43518402006-10-16 21:28:58 +1000165 select CRYPTO_MANAGER
Herbert Xudb131ef2006-09-21 11:44:08 +1000166 default m
167 help
168 CBC: Cipher Block Chaining mode
169 This block cipher algorithm is required for IPSec.
170
David Howells91652be2006-12-16 12:09:02 +1100171config CRYPTO_PCBC
172 tristate "PCBC support"
173 select CRYPTO_BLKCIPHER
174 select CRYPTO_MANAGER
175 default m
176 help
177 PCBC: Propagating Cipher Block Chaining mode
178 This block cipher algorithm is required for RxRPC.
179
Rik Snel64470f12006-11-26 09:43:10 +1100180config CRYPTO_LRW
181 tristate "LRW support (EXPERIMENTAL)"
182 depends on EXPERIMENTAL
183 select CRYPTO_BLKCIPHER
184 select CRYPTO_MANAGER
185 select CRYPTO_GF128MUL
186 help
187 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
188 narrow block cipher mode for dm-crypt. Use it with cipher
189 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
190 The first 128, 192 or 256 bits in the key are used for AES and the
191 rest is used to tie each cipher block to its logical position.
192
Linus Torvalds1da177e2005-04-16 15:20:36 -0700193config CRYPTO_DES
194 tristate "DES and Triple DES EDE cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000195 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700196 help
197 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
198
Jan Glauberc1e26e12006-01-06 00:19:17 -0800199config CRYPTO_DES_S390
200 tristate "DES and Triple DES cipher algorithms (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +1000201 depends on S390
202 select CRYPTO_ALGAPI
Herbert Xua9e62fa2006-08-21 21:39:24 +1000203 select CRYPTO_BLKCIPHER
Linus Torvalds1da177e2005-04-16 15:20:36 -0700204 help
205 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
206
David Howells90831632006-12-16 12:13:14 +1100207config CRYPTO_FCRYPT
208 tristate "FCrypt cipher algorithm"
209 select CRYPTO_ALGAPI
210 select CRYPTO_BLKCIPHER
211 help
212 FCrypt algorithm used by RxRPC.
213
Linus Torvalds1da177e2005-04-16 15:20:36 -0700214config CRYPTO_BLOWFISH
215 tristate "Blowfish cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000216 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700217 help
218 Blowfish cipher algorithm, by Bruce Schneier.
219
220 This is a variable key length cipher which can use keys from 32
221 bits to 448 bits in length. It's fast, simple and specifically
222 designed for use on "large microprocessors".
223
224 See also:
225 <http://www.schneier.com/blowfish.html>
226
227config CRYPTO_TWOFISH
228 tristate "Twofish cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000229 select CRYPTO_ALGAPI
Joachim Fritschi2729bb42006-06-20 20:37:23 +1000230 select CRYPTO_TWOFISH_COMMON
Linus Torvalds1da177e2005-04-16 15:20:36 -0700231 help
232 Twofish cipher algorithm.
233
234 Twofish was submitted as an AES (Advanced Encryption Standard)
235 candidate cipher by researchers at CounterPane Systems. It is a
236 16 round block cipher supporting key sizes of 128, 192, and 256
237 bits.
238
239 See also:
240 <http://www.schneier.com/twofish.html>
241
Joachim Fritschi2729bb42006-06-20 20:37:23 +1000242config CRYPTO_TWOFISH_COMMON
243 tristate
Joachim Fritschi2729bb42006-06-20 20:37:23 +1000244 help
245 Common parts of the Twofish cipher algorithm shared by the
246 generic c and the assembler implementations.
247
Joachim Fritschib9f535f2006-06-20 20:59:16 +1000248config CRYPTO_TWOFISH_586
249 tristate "Twofish cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000250 depends on (X86 || UML_X86) && !64BIT
251 select CRYPTO_ALGAPI
Joachim Fritschib9f535f2006-06-20 20:59:16 +1000252 select CRYPTO_TWOFISH_COMMON
253 help
254 Twofish cipher algorithm.
255
256 Twofish was submitted as an AES (Advanced Encryption Standard)
257 candidate cipher by researchers at CounterPane Systems. It is a
258 16 round block cipher supporting key sizes of 128, 192, and 256
259 bits.
260
261 See also:
262 <http://www.schneier.com/twofish.html>
263
Joachim Fritschieaf44082006-06-20 21:12:02 +1000264config CRYPTO_TWOFISH_X86_64
265 tristate "Twofish cipher algorithm (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000266 depends on (X86 || UML_X86) && 64BIT
267 select CRYPTO_ALGAPI
Joachim Fritschieaf44082006-06-20 21:12:02 +1000268 select CRYPTO_TWOFISH_COMMON
269 help
270 Twofish cipher algorithm (x86_64).
271
272 Twofish was submitted as an AES (Advanced Encryption Standard)
273 candidate cipher by researchers at CounterPane Systems. It is a
274 16 round block cipher supporting key sizes of 128, 192, and 256
275 bits.
276
277 See also:
278 <http://www.schneier.com/twofish.html>
279
Linus Torvalds1da177e2005-04-16 15:20:36 -0700280config CRYPTO_SERPENT
281 tristate "Serpent cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000282 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700283 help
284 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
285
286 Keys are allowed to be from 0 to 256 bits in length, in steps
287 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
288 variant of Serpent for compatibility with old kerneli code.
289
290 See also:
291 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
292
293config CRYPTO_AES
294 tristate "AES cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000295 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700296 help
297 AES cipher algorithms (FIPS-197). AES uses the Rijndael
298 algorithm.
299
300 Rijndael appears to be consistently a very good performer in
301 both hardware and software across a wide range of computing
302 environments regardless of its use in feedback or non-feedback
303 modes. Its key setup time is excellent, and its key agility is
304 good. Rijndael's very low memory requirements make it very well
305 suited for restricted-space environments, in which it also
306 demonstrates excellent performance. Rijndael's operations are
307 among the easiest to defend against power and timing attacks.
308
309 The AES specifies three key sizes: 128, 192 and 256 bits
310
311 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
312
313config CRYPTO_AES_586
314 tristate "AES cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000315 depends on (X86 || UML_X86) && !64BIT
316 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700317 help
318 AES cipher algorithms (FIPS-197). AES uses the Rijndael
319 algorithm.
320
321 Rijndael appears to be consistently a very good performer in
322 both hardware and software across a wide range of computing
323 environments regardless of its use in feedback or non-feedback
324 modes. Its key setup time is excellent, and its key agility is
325 good. Rijndael's very low memory requirements make it very well
326 suited for restricted-space environments, in which it also
327 demonstrates excellent performance. Rijndael's operations are
328 among the easiest to defend against power and timing attacks.
329
330 The AES specifies three key sizes: 128, 192 and 256 bits
331
332 See <http://csrc.nist.gov/encryption/aes/> for more information.
333
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700334config CRYPTO_AES_X86_64
335 tristate "AES cipher algorithms (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000336 depends on (X86 || UML_X86) && 64BIT
337 select CRYPTO_ALGAPI
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700338 help
339 AES cipher algorithms (FIPS-197). AES uses the Rijndael
340 algorithm.
341
342 Rijndael appears to be consistently a very good performer in
343 both hardware and software across a wide range of computing
344 environments regardless of its use in feedback or non-feedback
345 modes. Its key setup time is excellent, and its key agility is
346 good. Rijndael's very low memory requirements make it very well
347 suited for restricted-space environments, in which it also
348 demonstrates excellent performance. Rijndael's operations are
349 among the easiest to defend against power and timing attacks.
350
351 The AES specifies three key sizes: 128, 192 and 256 bits
352
353 See <http://csrc.nist.gov/encryption/aes/> for more information.
354
Jan Glauberbf754ae2006-01-06 00:19:18 -0800355config CRYPTO_AES_S390
356 tristate "AES cipher algorithms (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +1000357 depends on S390
358 select CRYPTO_ALGAPI
Herbert Xua9e62fa2006-08-21 21:39:24 +1000359 select CRYPTO_BLKCIPHER
Jan Glauberbf754ae2006-01-06 00:19:18 -0800360 help
361 This is the s390 hardware accelerated implementation of the
362 AES cipher algorithms (FIPS-197). AES uses the Rijndael
363 algorithm.
364
365 Rijndael appears to be consistently a very good performer in
366 both hardware and software across a wide range of computing
367 environments regardless of its use in feedback or non-feedback
368 modes. Its key setup time is excellent, and its key agility is
369 good. Rijndael's very low memory requirements make it very well
370 suited for restricted-space environments, in which it also
371 demonstrates excellent performance. Rijndael's operations are
372 among the easiest to defend against power and timing attacks.
373
374 On s390 the System z9-109 currently only supports the key size
375 of 128 bit.
376
Linus Torvalds1da177e2005-04-16 15:20:36 -0700377config CRYPTO_CAST5
378 tristate "CAST5 (CAST-128) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000379 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700380 help
381 The CAST5 encryption algorithm (synonymous with CAST-128) is
382 described in RFC2144.
383
384config CRYPTO_CAST6
385 tristate "CAST6 (CAST-256) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000386 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700387 help
388 The CAST6 encryption algorithm (synonymous with CAST-256) is
389 described in RFC2612.
390
391config CRYPTO_TEA
Aaron Grothefb4f10e2005-09-01 17:42:46 -0700392 tristate "TEA, XTEA and XETA cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000393 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700394 help
395 TEA cipher algorithm.
396
397 Tiny Encryption Algorithm is a simple cipher that uses
398 many rounds for security. It is very fast and uses
399 little memory.
400
401 Xtendend Tiny Encryption Algorithm is a modification to
402 the TEA algorithm to address a potential key weakness
403 in the TEA algorithm.
404
Aaron Grothefb4f10e2005-09-01 17:42:46 -0700405 Xtendend Encryption Tiny Algorithm is a mis-implementation
406 of the XTEA algorithm for compatibility purposes.
407
Linus Torvalds1da177e2005-04-16 15:20:36 -0700408config CRYPTO_ARC4
409 tristate "ARC4 cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000410 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700411 help
412 ARC4 cipher algorithm.
413
414 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
415 bits in length. This algorithm is required for driver-based
416 WEP, but it should not be for other purposes because of the
417 weakness of the algorithm.
418
419config CRYPTO_KHAZAD
420 tristate "Khazad cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000421 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700422 help
423 Khazad cipher algorithm.
424
425 Khazad was a finalist in the initial NESSIE competition. It is
426 an algorithm optimized for 64-bit processors with good performance
427 on 32-bit processors. Khazad uses an 128 bit key size.
428
429 See also:
430 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
431
432config CRYPTO_ANUBIS
433 tristate "Anubis cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000434 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700435 help
436 Anubis cipher algorithm.
437
438 Anubis is a variable key length cipher which can use keys from
439 128 bits to 320 bits in length. It was evaluated as a entrant
440 in the NESSIE competition.
441
442 See also:
443 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
444 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
445
446
447config CRYPTO_DEFLATE
448 tristate "Deflate compression algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000449 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700450 select ZLIB_INFLATE
451 select ZLIB_DEFLATE
452 help
453 This is the Deflate algorithm (RFC1951), specified for use in
454 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
455
456 You will most probably want this if using IPSec.
457
458config CRYPTO_MICHAEL_MIC
459 tristate "Michael MIC keyed digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000460 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700461 help
462 Michael MIC is used for message integrity protection in TKIP
463 (IEEE 802.11i). This algorithm is required for TKIP, but it
464 should not be used for other purposes because of the weakness
465 of the algorithm.
466
467config CRYPTO_CRC32C
468 tristate "CRC32c CRC algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000469 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700470 select LIBCRC32C
471 help
472 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
473 by iSCSI for header and data digests and by others.
474 See Castagnoli93. This implementation uses lib/libcrc32c.
475 Module will be crc32c.
476
477config CRYPTO_TEST
478 tristate "Testing module"
Herbert Xucce9e062006-08-21 21:08:13 +1000479 depends on m
480 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700481 help
482 Quick & dirty crypto test module.
483
484source "drivers/crypto/Kconfig"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700485
Herbert Xucce9e062006-08-21 21:08:13 +1000486endif # if CRYPTO
487
488endmenu