tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / crypto / Kconfig
at v2.6.19-rc4 438 lines 13 kB view raw
1# 2# Cryptographic API Configuration 3# 4 5menu "Cryptographic options" 6 7config CRYPTO 8 bool "Cryptographic API" 9 help 10 This option provides the core Cryptographic API. 11 12if CRYPTO 13 14config CRYPTO_ALGAPI 15 tristate 16 help 17 This option provides the API for cryptographic algorithms. 18 19config CRYPTO_BLKCIPHER 20 tristate 21 select CRYPTO_ALGAPI 22 23config CRYPTO_HASH 24 tristate 25 select CRYPTO_ALGAPI 26 27config CRYPTO_MANAGER 28 tristate "Cryptographic algorithm manager" 29 select CRYPTO_ALGAPI 30 help 31 Create default cryptographic template instantiations such as 32 cbc(aes). 33 34config CRYPTO_HMAC 35 tristate "HMAC support" 36 select CRYPTO_HASH 37 select CRYPTO_MANAGER 38 help 39 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 40 This is required for IPSec. 41 42config CRYPTO_NULL 43 tristate "Null algorithms" 44 select CRYPTO_ALGAPI 45 help 46 These are 'Null' algorithms, used by IPsec, which do nothing. 47 48config CRYPTO_MD4 49 tristate "MD4 digest algorithm" 50 select CRYPTO_ALGAPI 51 help 52 MD4 message digest algorithm (RFC1320). 53 54config CRYPTO_MD5 55 tristate "MD5 digest algorithm" 56 select CRYPTO_ALGAPI 57 help 58 MD5 message digest algorithm (RFC1321). 59 60config CRYPTO_SHA1 61 tristate "SHA1 digest algorithm" 62 select CRYPTO_ALGAPI 63 help 64 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 65 66config CRYPTO_SHA1_S390 67 tristate "SHA1 digest algorithm (s390)" 68 depends on S390 69 select CRYPTO_ALGAPI 70 help 71 This is the s390 hardware accelerated implementation of the 72 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 73 74config CRYPTO_SHA256 75 tristate "SHA256 digest algorithm" 76 select CRYPTO_ALGAPI 77 help 78 SHA256 secure hash standard (DFIPS 180-2). 79 80 This version of SHA implements a 256 bit hash with 128 bits of 81 security against collision attacks. 82 83config CRYPTO_SHA256_S390 84 tristate "SHA256 digest algorithm (s390)" 85 depends on S390 86 select CRYPTO_ALGAPI 87 help 88 This is the s390 hardware accelerated implementation of the 89 SHA256 secure hash standard (DFIPS 180-2). 90 91 This version of SHA implements a 256 bit hash with 128 bits of 92 security against collision attacks. 93 94config CRYPTO_SHA512 95 tristate "SHA384 and SHA512 digest algorithms" 96 select CRYPTO_ALGAPI 97 help 98 SHA512 secure hash standard (DFIPS 180-2). 99 100 This version of SHA implements a 512 bit hash with 256 bits of 101 security against collision attacks. 102 103 This code also includes SHA-384, a 384 bit hash with 192 bits 104 of security against collision attacks. 105 106config CRYPTO_WP512 107 tristate "Whirlpool digest algorithms" 108 select CRYPTO_ALGAPI 109 help 110 Whirlpool hash algorithm 512, 384 and 256-bit hashes 111 112 Whirlpool-512 is part of the NESSIE cryptographic primitives. 113 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 114 115 See also: 116 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> 117 118config CRYPTO_TGR192 119 tristate "Tiger digest algorithms" 120 select CRYPTO_ALGAPI 121 help 122 Tiger hash algorithm 192, 160 and 128-bit hashes 123 124 Tiger is a hash function optimized for 64-bit processors while 125 still having decent performance on 32-bit processors. 126 Tiger was developed by Ross Anderson and Eli Biham. 127 128 See also: 129 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 130 131config CRYPTO_ECB 132 tristate "ECB support" 133 select CRYPTO_BLKCIPHER 134 select CRYPTO_MANAGER 135 default m 136 help 137 ECB: Electronic CodeBook mode 138 This is the simplest block cipher algorithm. It simply encrypts 139 the input block by block. 140 141config CRYPTO_CBC 142 tristate "CBC support" 143 select CRYPTO_BLKCIPHER 144 select CRYPTO_MANAGER 145 default m 146 help 147 CBC: Cipher Block Chaining mode 148 This block cipher algorithm is required for IPSec. 149 150config CRYPTO_DES 151 tristate "DES and Triple DES EDE cipher algorithms" 152 select CRYPTO_ALGAPI 153 help 154 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 155 156config CRYPTO_DES_S390 157 tristate "DES and Triple DES cipher algorithms (s390)" 158 depends on S390 159 select CRYPTO_ALGAPI 160 select CRYPTO_BLKCIPHER 161 help 162 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 163 164config CRYPTO_BLOWFISH 165 tristate "Blowfish cipher algorithm" 166 select CRYPTO_ALGAPI 167 help 168 Blowfish cipher algorithm, by Bruce Schneier. 169 170 This is a variable key length cipher which can use keys from 32 171 bits to 448 bits in length. It's fast, simple and specifically 172 designed for use on "large microprocessors". 173 174 See also: 175 <http://www.schneier.com/blowfish.html> 176 177config CRYPTO_TWOFISH 178 tristate "Twofish cipher algorithm" 179 select CRYPTO_ALGAPI 180 select CRYPTO_TWOFISH_COMMON 181 help 182 Twofish cipher algorithm. 183 184 Twofish was submitted as an AES (Advanced Encryption Standard) 185 candidate cipher by researchers at CounterPane Systems. It is a 186 16 round block cipher supporting key sizes of 128, 192, and 256 187 bits. 188 189 See also: 190 <http://www.schneier.com/twofish.html> 191 192config CRYPTO_TWOFISH_COMMON 193 tristate 194 help 195 Common parts of the Twofish cipher algorithm shared by the 196 generic c and the assembler implementations. 197 198config CRYPTO_TWOFISH_586 199 tristate "Twofish cipher algorithms (i586)" 200 depends on (X86 || UML_X86) && !64BIT 201 select CRYPTO_ALGAPI 202 select CRYPTO_TWOFISH_COMMON 203 help 204 Twofish cipher algorithm. 205 206 Twofish was submitted as an AES (Advanced Encryption Standard) 207 candidate cipher by researchers at CounterPane Systems. It is a 208 16 round block cipher supporting key sizes of 128, 192, and 256 209 bits. 210 211 See also: 212 <http://www.schneier.com/twofish.html> 213 214config CRYPTO_TWOFISH_X86_64 215 tristate "Twofish cipher algorithm (x86_64)" 216 depends on (X86 || UML_X86) && 64BIT 217 select CRYPTO_ALGAPI 218 select CRYPTO_TWOFISH_COMMON 219 help 220 Twofish cipher algorithm (x86_64). 221 222 Twofish was submitted as an AES (Advanced Encryption Standard) 223 candidate cipher by researchers at CounterPane Systems. It is a 224 16 round block cipher supporting key sizes of 128, 192, and 256 225 bits. 226 227 See also: 228 <http://www.schneier.com/twofish.html> 229 230config CRYPTO_SERPENT 231 tristate "Serpent cipher algorithm" 232 select CRYPTO_ALGAPI 233 help 234 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 235 236 Keys are allowed to be from 0 to 256 bits in length, in steps 237 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 238 variant of Serpent for compatibility with old kerneli code. 239 240 See also: 241 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 242 243config CRYPTO_AES 244 tristate "AES cipher algorithms" 245 select CRYPTO_ALGAPI 246 help 247 AES cipher algorithms (FIPS-197). AES uses the Rijndael 248 algorithm. 249 250 Rijndael appears to be consistently a very good performer in 251 both hardware and software across a wide range of computing 252 environments regardless of its use in feedback or non-feedback 253 modes. Its key setup time is excellent, and its key agility is 254 good. Rijndael's very low memory requirements make it very well 255 suited for restricted-space environments, in which it also 256 demonstrates excellent performance. Rijndael's operations are 257 among the easiest to defend against power and timing attacks. 258 259 The AES specifies three key sizes: 128, 192 and 256 bits 260 261 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 262 263config CRYPTO_AES_586 264 tristate "AES cipher algorithms (i586)" 265 depends on (X86 || UML_X86) && !64BIT 266 select CRYPTO_ALGAPI 267 help 268 AES cipher algorithms (FIPS-197). AES uses the Rijndael 269 algorithm. 270 271 Rijndael appears to be consistently a very good performer in 272 both hardware and software across a wide range of computing 273 environments regardless of its use in feedback or non-feedback 274 modes. Its key setup time is excellent, and its key agility is 275 good. Rijndael's very low memory requirements make it very well 276 suited for restricted-space environments, in which it also 277 demonstrates excellent performance. Rijndael's operations are 278 among the easiest to defend against power and timing attacks. 279 280 The AES specifies three key sizes: 128, 192 and 256 bits 281 282 See <http://csrc.nist.gov/encryption/aes/> for more information. 283 284config CRYPTO_AES_X86_64 285 tristate "AES cipher algorithms (x86_64)" 286 depends on (X86 || UML_X86) && 64BIT 287 select CRYPTO_ALGAPI 288 help 289 AES cipher algorithms (FIPS-197). AES uses the Rijndael 290 algorithm. 291 292 Rijndael appears to be consistently a very good performer in 293 both hardware and software across a wide range of computing 294 environments regardless of its use in feedback or non-feedback 295 modes. Its key setup time is excellent, and its key agility is 296 good. Rijndael's very low memory requirements make it very well 297 suited for restricted-space environments, in which it also 298 demonstrates excellent performance. Rijndael's operations are 299 among the easiest to defend against power and timing attacks. 300 301 The AES specifies three key sizes: 128, 192 and 256 bits 302 303 See <http://csrc.nist.gov/encryption/aes/> for more information. 304 305config CRYPTO_AES_S390 306 tristate "AES cipher algorithms (s390)" 307 depends on S390 308 select CRYPTO_ALGAPI 309 select CRYPTO_BLKCIPHER 310 help 311 This is the s390 hardware accelerated implementation of the 312 AES cipher algorithms (FIPS-197). AES uses the Rijndael 313 algorithm. 314 315 Rijndael appears to be consistently a very good performer in 316 both hardware and software across a wide range of computing 317 environments regardless of its use in feedback or non-feedback 318 modes. Its key setup time is excellent, and its key agility is 319 good. Rijndael's very low memory requirements make it very well 320 suited for restricted-space environments, in which it also 321 demonstrates excellent performance. Rijndael's operations are 322 among the easiest to defend against power and timing attacks. 323 324 On s390 the System z9-109 currently only supports the key size 325 of 128 bit. 326 327config CRYPTO_CAST5 328 tristate "CAST5 (CAST-128) cipher algorithm" 329 select CRYPTO_ALGAPI 330 help 331 The CAST5 encryption algorithm (synonymous with CAST-128) is 332 described in RFC2144. 333 334config CRYPTO_CAST6 335 tristate "CAST6 (CAST-256) cipher algorithm" 336 select CRYPTO_ALGAPI 337 help 338 The CAST6 encryption algorithm (synonymous with CAST-256) is 339 described in RFC2612. 340 341config CRYPTO_TEA 342 tristate "TEA, XTEA and XETA cipher algorithms" 343 select CRYPTO_ALGAPI 344 help 345 TEA cipher algorithm. 346 347 Tiny Encryption Algorithm is a simple cipher that uses 348 many rounds for security. It is very fast and uses 349 little memory. 350 351 Xtendend Tiny Encryption Algorithm is a modification to 352 the TEA algorithm to address a potential key weakness 353 in the TEA algorithm. 354 355 Xtendend Encryption Tiny Algorithm is a mis-implementation 356 of the XTEA algorithm for compatibility purposes. 357 358config CRYPTO_ARC4 359 tristate "ARC4 cipher algorithm" 360 select CRYPTO_ALGAPI 361 help 362 ARC4 cipher algorithm. 363 364 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 365 bits in length. This algorithm is required for driver-based 366 WEP, but it should not be for other purposes because of the 367 weakness of the algorithm. 368 369config CRYPTO_KHAZAD 370 tristate "Khazad cipher algorithm" 371 select CRYPTO_ALGAPI 372 help 373 Khazad cipher algorithm. 374 375 Khazad was a finalist in the initial NESSIE competition. It is 376 an algorithm optimized for 64-bit processors with good performance 377 on 32-bit processors. Khazad uses an 128 bit key size. 378 379 See also: 380 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> 381 382config CRYPTO_ANUBIS 383 tristate "Anubis cipher algorithm" 384 select CRYPTO_ALGAPI 385 help 386 Anubis cipher algorithm. 387 388 Anubis is a variable key length cipher which can use keys from 389 128 bits to 320 bits in length. It was evaluated as a entrant 390 in the NESSIE competition. 391 392 See also: 393 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> 394 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> 395 396 397config CRYPTO_DEFLATE 398 tristate "Deflate compression algorithm" 399 select CRYPTO_ALGAPI 400 select ZLIB_INFLATE 401 select ZLIB_DEFLATE 402 help 403 This is the Deflate algorithm (RFC1951), specified for use in 404 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 405 406 You will most probably want this if using IPSec. 407 408config CRYPTO_MICHAEL_MIC 409 tristate "Michael MIC keyed digest algorithm" 410 select CRYPTO_ALGAPI 411 help 412 Michael MIC is used for message integrity protection in TKIP 413 (IEEE 802.11i). This algorithm is required for TKIP, but it 414 should not be used for other purposes because of the weakness 415 of the algorithm. 416 417config CRYPTO_CRC32C 418 tristate "CRC32c CRC algorithm" 419 select CRYPTO_ALGAPI 420 select LIBCRC32C 421 help 422 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 423 by iSCSI for header and data digests and by others. 424 See Castagnoli93. This implementation uses lib/libcrc32c. 425 Module will be crc32c. 426 427config CRYPTO_TEST 428 tristate "Testing module" 429 depends on m 430 select CRYPTO_ALGAPI 431 help 432 Quick & dirty crypto test module. 433 434source "drivers/crypto/Kconfig" 435 436endif # if CRYPTO 437 438endmenu