blob: 68790ad7308dec20713a2091c234244f7b0901ba [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001#
2# Cryptographic API Configuration
3#
4
5menu "Cryptographic options"
6
7config CRYPTO
8 bool "Cryptographic API"
9 help
10 This option provides the core Cryptographic API.
11
Herbert Xucce9e062006-08-21 21:08:13 +100012if CRYPTO
13
14config CRYPTO_ALGAPI
15 tristate
16 help
17 This option provides the API for cryptographic algorithms.
18
Herbert Xu5cde0af2006-08-22 00:07:53 +100019config CRYPTO_BLKCIPHER
20 tristate
21 select CRYPTO_ALGAPI
22
Herbert Xu2b8c19d2006-09-21 11:31:44 +100023config CRYPTO_MANAGER
24 tristate "Cryptographic algorithm manager"
25 select CRYPTO_ALGAPI
26 default m
27 help
28 Create default cryptographic template instantiations such as
29 cbc(aes).
30
Linus Torvalds1da177e2005-04-16 15:20:36 -070031config CRYPTO_HMAC
32 bool "HMAC support"
Linus Torvalds1da177e2005-04-16 15:20:36 -070033 help
34 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
35 This is required for IPSec.
36
37config CRYPTO_NULL
38 tristate "Null algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +100039 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070040 help
41 These are 'Null' algorithms, used by IPsec, which do nothing.
42
43config CRYPTO_MD4
44 tristate "MD4 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100045 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070046 help
47 MD4 message digest algorithm (RFC1320).
48
49config CRYPTO_MD5
50 tristate "MD5 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100051 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070052 help
53 MD5 message digest algorithm (RFC1321).
54
55config CRYPTO_SHA1
56 tristate "SHA1 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100057 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070058 help
59 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
60
Jan Glauberc1e26e12006-01-06 00:19:17 -080061config CRYPTO_SHA1_S390
62 tristate "SHA1 digest algorithm (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +100063 depends on S390
64 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070065 help
Jan Glauber0a497c172006-01-06 00:19:18 -080066 This is the s390 hardware accelerated implementation of the
Linus Torvalds1da177e2005-04-16 15:20:36 -070067 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
68
69config CRYPTO_SHA256
70 tristate "SHA256 digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +100071 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070072 help
73 SHA256 secure hash standard (DFIPS 180-2).
74
75 This version of SHA implements a 256 bit hash with 128 bits of
76 security against collision attacks.
77
Jan Glauber0a497c172006-01-06 00:19:18 -080078config CRYPTO_SHA256_S390
79 tristate "SHA256 digest algorithm (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +100080 depends on S390
81 select CRYPTO_ALGAPI
Jan Glauber0a497c172006-01-06 00:19:18 -080082 help
83 This is the s390 hardware accelerated implementation of the
84 SHA256 secure hash standard (DFIPS 180-2).
85
86 This version of SHA implements a 256 bit hash with 128 bits of
87 security against collision attacks.
88
Linus Torvalds1da177e2005-04-16 15:20:36 -070089config CRYPTO_SHA512
90 tristate "SHA384 and SHA512 digest algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +100091 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -070092 help
93 SHA512 secure hash standard (DFIPS 180-2).
94
95 This version of SHA implements a 512 bit hash with 256 bits of
96 security against collision attacks.
97
98 This code also includes SHA-384, a 384 bit hash with 192 bits
99 of security against collision attacks.
100
101config CRYPTO_WP512
102 tristate "Whirlpool digest algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000103 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700104 help
105 Whirlpool hash algorithm 512, 384 and 256-bit hashes
106
107 Whirlpool-512 is part of the NESSIE cryptographic primitives.
108 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
109
110 See also:
111 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
112
113config CRYPTO_TGR192
114 tristate "Tiger digest algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000115 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700116 help
117 Tiger hash algorithm 192, 160 and 128-bit hashes
118
119 Tiger is a hash function optimized for 64-bit processors while
120 still having decent performance on 32-bit processors.
121 Tiger was developed by Ross Anderson and Eli Biham.
122
123 See also:
124 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
125
126config CRYPTO_DES
127 tristate "DES and Triple DES EDE cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000128 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700129 help
130 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
131
Jan Glauberc1e26e12006-01-06 00:19:17 -0800132config CRYPTO_DES_S390
133 tristate "DES and Triple DES cipher algorithms (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +1000134 depends on S390
135 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700136 help
137 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
138
139config CRYPTO_BLOWFISH
140 tristate "Blowfish cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000141 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700142 help
143 Blowfish cipher algorithm, by Bruce Schneier.
144
145 This is a variable key length cipher which can use keys from 32
146 bits to 448 bits in length. It's fast, simple and specifically
147 designed for use on "large microprocessors".
148
149 See also:
150 <http://www.schneier.com/blowfish.html>
151
152config CRYPTO_TWOFISH
153 tristate "Twofish cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000154 select CRYPTO_ALGAPI
Joachim Fritschi2729bb42006-06-20 20:37:23 +1000155 select CRYPTO_TWOFISH_COMMON
Linus Torvalds1da177e2005-04-16 15:20:36 -0700156 help
157 Twofish cipher algorithm.
158
159 Twofish was submitted as an AES (Advanced Encryption Standard)
160 candidate cipher by researchers at CounterPane Systems. It is a
161 16 round block cipher supporting key sizes of 128, 192, and 256
162 bits.
163
164 See also:
165 <http://www.schneier.com/twofish.html>
166
Joachim Fritschi2729bb42006-06-20 20:37:23 +1000167config CRYPTO_TWOFISH_COMMON
168 tristate
Joachim Fritschi2729bb42006-06-20 20:37:23 +1000169 help
170 Common parts of the Twofish cipher algorithm shared by the
171 generic c and the assembler implementations.
172
Joachim Fritschib9f535f2006-06-20 20:59:16 +1000173config CRYPTO_TWOFISH_586
174 tristate "Twofish cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000175 depends on (X86 || UML_X86) && !64BIT
176 select CRYPTO_ALGAPI
Joachim Fritschib9f535f2006-06-20 20:59:16 +1000177 select CRYPTO_TWOFISH_COMMON
178 help
179 Twofish cipher algorithm.
180
181 Twofish was submitted as an AES (Advanced Encryption Standard)
182 candidate cipher by researchers at CounterPane Systems. It is a
183 16 round block cipher supporting key sizes of 128, 192, and 256
184 bits.
185
186 See also:
187 <http://www.schneier.com/twofish.html>
188
Joachim Fritschieaf44082006-06-20 21:12:02 +1000189config CRYPTO_TWOFISH_X86_64
190 tristate "Twofish cipher algorithm (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000191 depends on (X86 || UML_X86) && 64BIT
192 select CRYPTO_ALGAPI
Joachim Fritschieaf44082006-06-20 21:12:02 +1000193 select CRYPTO_TWOFISH_COMMON
194 help
195 Twofish cipher algorithm (x86_64).
196
197 Twofish was submitted as an AES (Advanced Encryption Standard)
198 candidate cipher by researchers at CounterPane Systems. It is a
199 16 round block cipher supporting key sizes of 128, 192, and 256
200 bits.
201
202 See also:
203 <http://www.schneier.com/twofish.html>
204
Linus Torvalds1da177e2005-04-16 15:20:36 -0700205config CRYPTO_SERPENT
206 tristate "Serpent cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000207 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700208 help
209 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
210
211 Keys are allowed to be from 0 to 256 bits in length, in steps
212 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
213 variant of Serpent for compatibility with old kerneli code.
214
215 See also:
216 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
217
218config CRYPTO_AES
219 tristate "AES cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000220 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700221 help
222 AES cipher algorithms (FIPS-197). AES uses the Rijndael
223 algorithm.
224
225 Rijndael appears to be consistently a very good performer in
226 both hardware and software across a wide range of computing
227 environments regardless of its use in feedback or non-feedback
228 modes. Its key setup time is excellent, and its key agility is
229 good. Rijndael's very low memory requirements make it very well
230 suited for restricted-space environments, in which it also
231 demonstrates excellent performance. Rijndael's operations are
232 among the easiest to defend against power and timing attacks.
233
234 The AES specifies three key sizes: 128, 192 and 256 bits
235
236 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
237
238config CRYPTO_AES_586
239 tristate "AES cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000240 depends on (X86 || UML_X86) && !64BIT
241 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700242 help
243 AES cipher algorithms (FIPS-197). AES uses the Rijndael
244 algorithm.
245
246 Rijndael appears to be consistently a very good performer in
247 both hardware and software across a wide range of computing
248 environments regardless of its use in feedback or non-feedback
249 modes. Its key setup time is excellent, and its key agility is
250 good. Rijndael's very low memory requirements make it very well
251 suited for restricted-space environments, in which it also
252 demonstrates excellent performance. Rijndael's operations are
253 among the easiest to defend against power and timing attacks.
254
255 The AES specifies three key sizes: 128, 192 and 256 bits
256
257 See <http://csrc.nist.gov/encryption/aes/> for more information.
258
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700259config CRYPTO_AES_X86_64
260 tristate "AES cipher algorithms (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000261 depends on (X86 || UML_X86) && 64BIT
262 select CRYPTO_ALGAPI
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700263 help
264 AES cipher algorithms (FIPS-197). AES uses the Rijndael
265 algorithm.
266
267 Rijndael appears to be consistently a very good performer in
268 both hardware and software across a wide range of computing
269 environments regardless of its use in feedback or non-feedback
270 modes. Its key setup time is excellent, and its key agility is
271 good. Rijndael's very low memory requirements make it very well
272 suited for restricted-space environments, in which it also
273 demonstrates excellent performance. Rijndael's operations are
274 among the easiest to defend against power and timing attacks.
275
276 The AES specifies three key sizes: 128, 192 and 256 bits
277
278 See <http://csrc.nist.gov/encryption/aes/> for more information.
279
Jan Glauberbf754ae2006-01-06 00:19:18 -0800280config CRYPTO_AES_S390
281 tristate "AES cipher algorithms (s390)"
Herbert Xucce9e062006-08-21 21:08:13 +1000282 depends on S390
283 select CRYPTO_ALGAPI
Jan Glauberbf754ae2006-01-06 00:19:18 -0800284 help
285 This is the s390 hardware accelerated implementation of the
286 AES cipher algorithms (FIPS-197). AES uses the Rijndael
287 algorithm.
288
289 Rijndael appears to be consistently a very good performer in
290 both hardware and software across a wide range of computing
291 environments regardless of its use in feedback or non-feedback
292 modes. Its key setup time is excellent, and its key agility is
293 good. Rijndael's very low memory requirements make it very well
294 suited for restricted-space environments, in which it also
295 demonstrates excellent performance. Rijndael's operations are
296 among the easiest to defend against power and timing attacks.
297
298 On s390 the System z9-109 currently only supports the key size
299 of 128 bit.
300
Linus Torvalds1da177e2005-04-16 15:20:36 -0700301config CRYPTO_CAST5
302 tristate "CAST5 (CAST-128) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000303 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700304 help
305 The CAST5 encryption algorithm (synonymous with CAST-128) is
306 described in RFC2144.
307
308config CRYPTO_CAST6
309 tristate "CAST6 (CAST-256) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000310 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700311 help
312 The CAST6 encryption algorithm (synonymous with CAST-256) is
313 described in RFC2612.
314
315config CRYPTO_TEA
Aaron Grothefb4f10e2005-09-01 17:42:46 -0700316 tristate "TEA, XTEA and XETA cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000317 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700318 help
319 TEA cipher algorithm.
320
321 Tiny Encryption Algorithm is a simple cipher that uses
322 many rounds for security. It is very fast and uses
323 little memory.
324
325 Xtendend Tiny Encryption Algorithm is a modification to
326 the TEA algorithm to address a potential key weakness
327 in the TEA algorithm.
328
Aaron Grothefb4f10e2005-09-01 17:42:46 -0700329 Xtendend Encryption Tiny Algorithm is a mis-implementation
330 of the XTEA algorithm for compatibility purposes.
331
Linus Torvalds1da177e2005-04-16 15:20:36 -0700332config CRYPTO_ARC4
333 tristate "ARC4 cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000334 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700335 help
336 ARC4 cipher algorithm.
337
338 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
339 bits in length. This algorithm is required for driver-based
340 WEP, but it should not be for other purposes because of the
341 weakness of the algorithm.
342
343config CRYPTO_KHAZAD
344 tristate "Khazad cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000345 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700346 help
347 Khazad cipher algorithm.
348
349 Khazad was a finalist in the initial NESSIE competition. It is
350 an algorithm optimized for 64-bit processors with good performance
351 on 32-bit processors. Khazad uses an 128 bit key size.
352
353 See also:
354 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
355
356config CRYPTO_ANUBIS
357 tristate "Anubis cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000358 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700359 help
360 Anubis cipher algorithm.
361
362 Anubis is a variable key length cipher which can use keys from
363 128 bits to 320 bits in length. It was evaluated as a entrant
364 in the NESSIE competition.
365
366 See also:
367 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
368 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
369
370
371config CRYPTO_DEFLATE
372 tristate "Deflate compression algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000373 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700374 select ZLIB_INFLATE
375 select ZLIB_DEFLATE
376 help
377 This is the Deflate algorithm (RFC1951), specified for use in
378 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
379
380 You will most probably want this if using IPSec.
381
382config CRYPTO_MICHAEL_MIC
383 tristate "Michael MIC keyed digest algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000384 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700385 help
386 Michael MIC is used for message integrity protection in TKIP
387 (IEEE 802.11i). This algorithm is required for TKIP, but it
388 should not be used for other purposes because of the weakness
389 of the algorithm.
390
391config CRYPTO_CRC32C
392 tristate "CRC32c CRC algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000393 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700394 select LIBCRC32C
395 help
396 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
397 by iSCSI for header and data digests and by others.
398 See Castagnoli93. This implementation uses lib/libcrc32c.
399 Module will be crc32c.
400
401config CRYPTO_TEST
402 tristate "Testing module"
Herbert Xucce9e062006-08-21 21:08:13 +1000403 depends on m
404 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700405 help
406 Quick & dirty crypto test module.
407
408source "drivers/crypto/Kconfig"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700409
Herbert Xucce9e062006-08-21 21:08:13 +1000410endif # if CRYPTO
411
412endmenu