projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
[CRYPTO] ccm: Added CCM mode
[deliverable/linux.git] / crypto / Kconfig
1 #
2 # Generic algorithms support
3 #
4 config XOR_BLOCKS
5 tristate
6
7 #
8 # async_tx api: hardware offloaded memory transfer/transform support
9 #
10 source "crypto/async_tx/Kconfig"
11
12 #
13 # Cryptographic API Configuration
14 #
15 menuconfig CRYPTO
16 bool "Cryptographic API"
17 help
18 This option provides the core Cryptographic API.
19
20 if CRYPTO
21
22 config CRYPTO_ALGAPI
23 tristate
24 help
25 This option provides the API for cryptographic algorithms.
26
27 config CRYPTO_AEAD
28 tristate
29 select CRYPTO_ALGAPI
30
31 config CRYPTO_BLKCIPHER
32 tristate
33 select CRYPTO_ALGAPI
34
35 config CRYPTO_SEQIV
36 tristate "Sequence Number IV Generator"
37 select CRYPTO_BLKCIPHER
38 help
39 This IV generator generates an IV based on a sequence number by
40 xoring it with a salt. This algorithm is mainly useful for CTR
41 and similar modes.
42
43 config CRYPTO_HASH
44 tristate
45 select CRYPTO_ALGAPI
46
47 config CRYPTO_MANAGER
48 tristate "Cryptographic algorithm manager"
49 select CRYPTO_ALGAPI
50 help
51 Create default cryptographic template instantiations such as
52 cbc(aes).
53
54 config CRYPTO_HMAC
55 tristate "HMAC support"
56 select CRYPTO_HASH
57 select CRYPTO_MANAGER
58 help
59 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
60 This is required for IPSec.
61
62 config CRYPTO_XCBC
63 tristate "XCBC support"
64 depends on EXPERIMENTAL
65 select CRYPTO_HASH
66 select CRYPTO_MANAGER
67 help
68 XCBC: Keyed-Hashing with encryption algorithm
69 http://www.ietf.org/rfc/rfc3566.txt
70 http://csrc.nist.gov/encryption/modes/proposedmodes/
71 xcbc-mac/xcbc-mac-spec.pdf
72
73 config CRYPTO_NULL
74 tristate "Null algorithms"
75 select CRYPTO_ALGAPI
76 help
77 These are 'Null' algorithms, used by IPsec, which do nothing.
78
79 config CRYPTO_MD4
80 tristate "MD4 digest algorithm"
81 select CRYPTO_ALGAPI
82 help
83 MD4 message digest algorithm (RFC1320).
84
85 config CRYPTO_MD5
86 tristate "MD5 digest algorithm"
87 select CRYPTO_ALGAPI
88 help
89 MD5 message digest algorithm (RFC1321).
90
91 config CRYPTO_SHA1
92 tristate "SHA1 digest algorithm"
93 select CRYPTO_ALGAPI
94 help
95 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
96
97 config CRYPTO_SHA256
98 tristate "SHA224 and SHA256 digest algorithm"
99 select CRYPTO_ALGAPI
100 help
101 SHA256 secure hash standard (DFIPS 180-2).
102
103 This version of SHA implements a 256 bit hash with 128 bits of
104 security against collision attacks.
105
106 This code also includes SHA-224, a 224 bit hash with 112 bits
107 of security against collision attacks.
108
109 config CRYPTO_SHA512
110 tristate "SHA384 and SHA512 digest algorithms"
111 select CRYPTO_ALGAPI
112 help
113 SHA512 secure hash standard (DFIPS 180-2).
114
115 This version of SHA implements a 512 bit hash with 256 bits of
116 security against collision attacks.
117
118 This code also includes SHA-384, a 384 bit hash with 192 bits
119 of security against collision attacks.
120
121 config CRYPTO_WP512
122 tristate "Whirlpool digest algorithms"
123 select CRYPTO_ALGAPI
124 help
125 Whirlpool hash algorithm 512, 384 and 256-bit hashes
126
127 Whirlpool-512 is part of the NESSIE cryptographic primitives.
128 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
129
130 See also:
131 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
132
133 config CRYPTO_TGR192
134 tristate "Tiger digest algorithms"
135 select CRYPTO_ALGAPI
136 help
137 Tiger hash algorithm 192, 160 and 128-bit hashes
138
139 Tiger is a hash function optimized for 64-bit processors while
140 still having decent performance on 32-bit processors.
141 Tiger was developed by Ross Anderson and Eli Biham.
142
143 See also:
144 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
145
146 config CRYPTO_GF128MUL
147 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
148 depends on EXPERIMENTAL
149 help
150 Efficient table driven implementation of multiplications in the
151 field GF(2^128). This is needed by some cypher modes. This
152 option will be selected automatically if you select such a
153 cipher mode. Only select this option by hand if you expect to load
154 an external module that requires these functions.
155
156 config CRYPTO_ECB
157 tristate "ECB support"
158 select CRYPTO_BLKCIPHER
159 select CRYPTO_MANAGER
160 help
161 ECB: Electronic CodeBook mode
162 This is the simplest block cipher algorithm. It simply encrypts
163 the input block by block.
164
165 config CRYPTO_CBC
166 tristate "CBC support"
167 select CRYPTO_BLKCIPHER
168 select CRYPTO_MANAGER
169 help
170 CBC: Cipher Block Chaining mode
171 This block cipher algorithm is required for IPSec.
172
173 config CRYPTO_PCBC
174 tristate "PCBC support"
175 select CRYPTO_BLKCIPHER
176 select CRYPTO_MANAGER
177 help
178 PCBC: Propagating Cipher Block Chaining mode
179 This block cipher algorithm is required for RxRPC.
180
181 config CRYPTO_LRW
182 tristate "LRW support (EXPERIMENTAL)"
183 depends on EXPERIMENTAL
184 select CRYPTO_BLKCIPHER
185 select CRYPTO_MANAGER
186 select CRYPTO_GF128MUL
187 help
188 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
189 narrow block cipher mode for dm-crypt. Use it with cipher
190 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
191 The first 128, 192 or 256 bits in the key are used for AES and the
192 rest is used to tie each cipher block to its logical position.
193
194 config CRYPTO_XTS
195 tristate "XTS support (EXPERIMENTAL)"
196 depends on EXPERIMENTAL
197 select CRYPTO_BLKCIPHER
198 select CRYPTO_MANAGER
199 select CRYPTO_GF128MUL
200 help
201 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
202 key size 256, 384 or 512 bits. This implementation currently
203 can't handle a sectorsize which is not a multiple of 16 bytes.
204
205 config CRYPTO_CTR
206 tristate "CTR support"
207 select CRYPTO_BLKCIPHER
208 select CRYPTO_SEQIV
209 select CRYPTO_MANAGER
210 help
211 CTR: Counter mode
212 This block cipher algorithm is required for IPSec.
213
214 config CRYPTO_GCM
215 tristate "GCM/GMAC support"
216 select CRYPTO_CTR
217 select CRYPTO_AEAD
218 select CRYPTO_GF128MUL
219 help
220 Support for Galois/Counter Mode (GCM) and Galois Message
221 Authentication Code (GMAC). Required for IPSec.
222
223 config CRYPTO_CCM
224 tristate "CCM support"
225 select CRYPTO_CTR
226 select CRYPTO_AEAD
227 help
228 Support for Counter with CBC MAC. Required for IPsec.
229
230 config CRYPTO_CRYPTD
231 tristate "Software async crypto daemon"
232 select CRYPTO_BLKCIPHER
233 select CRYPTO_MANAGER
234 help
235 This is a generic software asynchronous crypto daemon that
236 converts an arbitrary synchronous software crypto algorithm
237 into an asynchronous algorithm that executes in a kernel thread.
238
239 config CRYPTO_DES
240 tristate "DES and Triple DES EDE cipher algorithms"
241 select CRYPTO_ALGAPI
242 help
243 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
244
245 config CRYPTO_FCRYPT
246 tristate "FCrypt cipher algorithm"
247 select CRYPTO_ALGAPI
248 select CRYPTO_BLKCIPHER
249 help
250 FCrypt algorithm used by RxRPC.
251
252 config CRYPTO_BLOWFISH
253 tristate "Blowfish cipher algorithm"
254 select CRYPTO_ALGAPI
255 help
256 Blowfish cipher algorithm, by Bruce Schneier.
257
258 This is a variable key length cipher which can use keys from 32
259 bits to 448 bits in length. It's fast, simple and specifically
260 designed for use on "large microprocessors".
261
262 See also:
263 <http://www.schneier.com/blowfish.html>
264
265 config CRYPTO_TWOFISH
266 tristate "Twofish cipher algorithm"
267 select CRYPTO_ALGAPI
268 select CRYPTO_TWOFISH_COMMON
269 help
270 Twofish cipher algorithm.
271
272 Twofish was submitted as an AES (Advanced Encryption Standard)
273 candidate cipher by researchers at CounterPane Systems. It is a
274 16 round block cipher supporting key sizes of 128, 192, and 256
275 bits.
276
277 See also:
278 <http://www.schneier.com/twofish.html>
279
280 config CRYPTO_TWOFISH_COMMON
281 tristate
282 help
283 Common parts of the Twofish cipher algorithm shared by the
284 generic c and the assembler implementations.
285
286 config CRYPTO_TWOFISH_586
287 tristate "Twofish cipher algorithms (i586)"
288 depends on (X86 || UML_X86) && !64BIT
289 select CRYPTO_ALGAPI
290 select CRYPTO_TWOFISH_COMMON
291 help
292 Twofish cipher algorithm.
293
294 Twofish was submitted as an AES (Advanced Encryption Standard)
295 candidate cipher by researchers at CounterPane Systems. It is a
296 16 round block cipher supporting key sizes of 128, 192, and 256
297 bits.
298
299 See also:
300 <http://www.schneier.com/twofish.html>
301
302 config CRYPTO_TWOFISH_X86_64
303 tristate "Twofish cipher algorithm (x86_64)"
304 depends on (X86 || UML_X86) && 64BIT
305 select CRYPTO_ALGAPI
306 select CRYPTO_TWOFISH_COMMON
307 help
308 Twofish cipher algorithm (x86_64).
309
310 Twofish was submitted as an AES (Advanced Encryption Standard)
311 candidate cipher by researchers at CounterPane Systems. It is a
312 16 round block cipher supporting key sizes of 128, 192, and 256
313 bits.
314
315 See also:
316 <http://www.schneier.com/twofish.html>
317
318 config CRYPTO_SERPENT
319 tristate "Serpent cipher algorithm"
320 select CRYPTO_ALGAPI
321 help
322 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
323
324 Keys are allowed to be from 0 to 256 bits in length, in steps
325 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
326 variant of Serpent for compatibility with old kerneli.org code.
327
328 See also:
329 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
330
331 config CRYPTO_AES
332 tristate "AES cipher algorithms"
333 select CRYPTO_ALGAPI
334 help
335 AES cipher algorithms (FIPS-197). AES uses the Rijndael
336 algorithm.
337
338 Rijndael appears to be consistently a very good performer in
339 both hardware and software across a wide range of computing
340 environments regardless of its use in feedback or non-feedback
341 modes. Its key setup time is excellent, and its key agility is
342 good. Rijndael's very low memory requirements make it very well
343 suited for restricted-space environments, in which it also
344 demonstrates excellent performance. Rijndael's operations are
345 among the easiest to defend against power and timing attacks.
346
347 The AES specifies three key sizes: 128, 192 and 256 bits
348
349 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
350
351 config CRYPTO_AES_586
352 tristate "AES cipher algorithms (i586)"
353 depends on (X86 || UML_X86) && !64BIT
354 select CRYPTO_ALGAPI
355 select CRYPTO_AES
356 help
357 AES cipher algorithms (FIPS-197). AES uses the Rijndael
358 algorithm.
359
360 Rijndael appears to be consistently a very good performer in
361 both hardware and software across a wide range of computing
362 environments regardless of its use in feedback or non-feedback
363 modes. Its key setup time is excellent, and its key agility is
364 good. Rijndael's very low memory requirements make it very well
365 suited for restricted-space environments, in which it also
366 demonstrates excellent performance. Rijndael's operations are
367 among the easiest to defend against power and timing attacks.
368
369 The AES specifies three key sizes: 128, 192 and 256 bits
370
371 See <http://csrc.nist.gov/encryption/aes/> for more information.
372
373 config CRYPTO_AES_X86_64
374 tristate "AES cipher algorithms (x86_64)"
375 depends on (X86 || UML_X86) && 64BIT
376 select CRYPTO_ALGAPI
377 select CRYPTO_AES
378 help
379 AES cipher algorithms (FIPS-197). AES uses the Rijndael
380 algorithm.
381
382 Rijndael appears to be consistently a very good performer in
383 both hardware and software across a wide range of computing
384 environments regardless of its use in feedback or non-feedback
385 modes. Its key setup time is excellent, and its key agility is
386 good. Rijndael's very low memory requirements make it very well
387 suited for restricted-space environments, in which it also
388 demonstrates excellent performance. Rijndael's operations are
389 among the easiest to defend against power and timing attacks.
390
391 The AES specifies three key sizes: 128, 192 and 256 bits
392
393 See <http://csrc.nist.gov/encryption/aes/> for more information.
394
395 config CRYPTO_CAST5
396 tristate "CAST5 (CAST-128) cipher algorithm"
397 select CRYPTO_ALGAPI
398 help
399 The CAST5 encryption algorithm (synonymous with CAST-128) is
400 described in RFC2144.
401
402 config CRYPTO_CAST6
403 tristate "CAST6 (CAST-256) cipher algorithm"
404 select CRYPTO_ALGAPI
405 help
406 The CAST6 encryption algorithm (synonymous with CAST-256) is
407 described in RFC2612.
408
409 config CRYPTO_TEA
410 tristate "TEA, XTEA and XETA cipher algorithms"
411 select CRYPTO_ALGAPI
412 help
413 TEA cipher algorithm.
414
415 Tiny Encryption Algorithm is a simple cipher that uses
416 many rounds for security. It is very fast and uses
417 little memory.
418
419 Xtendend Tiny Encryption Algorithm is a modification to
420 the TEA algorithm to address a potential key weakness
421 in the TEA algorithm.
422
423 Xtendend Encryption Tiny Algorithm is a mis-implementation
424 of the XTEA algorithm for compatibility purposes.
425
426 config CRYPTO_ARC4
427 tristate "ARC4 cipher algorithm"
428 select CRYPTO_ALGAPI
429 help
430 ARC4 cipher algorithm.
431
432 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
433 bits in length. This algorithm is required for driver-based
434 WEP, but it should not be for other purposes because of the
435 weakness of the algorithm.
436
437 config CRYPTO_KHAZAD
438 tristate "Khazad cipher algorithm"
439 select CRYPTO_ALGAPI
440 help
441 Khazad cipher algorithm.
442
443 Khazad was a finalist in the initial NESSIE competition. It is
444 an algorithm optimized for 64-bit processors with good performance
445 on 32-bit processors. Khazad uses an 128 bit key size.
446
447 See also:
448 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
449
450 config CRYPTO_ANUBIS
451 tristate "Anubis cipher algorithm"
452 select CRYPTO_ALGAPI
453 help
454 Anubis cipher algorithm.
455
456 Anubis is a variable key length cipher which can use keys from
457 128 bits to 320 bits in length. It was evaluated as a entrant
458 in the NESSIE competition.
459
460 See also:
461 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
462 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
463
464 config CRYPTO_SEED
465 tristate "SEED cipher algorithm"
466 select CRYPTO_ALGAPI
467 help
468 SEED cipher algorithm (RFC4269).
469
470 SEED is a 128-bit symmetric key block cipher that has been
471 developed by KISA (Korea Information Security Agency) as a
472 national standard encryption algorithm of the Republic of Korea.
473 It is a 16 round block cipher with the key size of 128 bit.
474
475 See also:
476 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
477
478 config CRYPTO_SALSA20
479 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
480 depends on EXPERIMENTAL
481 select CRYPTO_BLKCIPHER
482 help
483 Salsa20 stream cipher algorithm.
484
485 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
486 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
487
488 The Salsa20 stream cipher algorithm is designed by Daniel J.
489 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
490
491 config CRYPTO_DEFLATE
492 tristate "Deflate compression algorithm"
493 select CRYPTO_ALGAPI
494 select ZLIB_INFLATE
495 select ZLIB_DEFLATE
496 help
497 This is the Deflate algorithm (RFC1951), specified for use in
498 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
499
500 You will most probably want this if using IPSec.
501
502 config CRYPTO_MICHAEL_MIC
503 tristate "Michael MIC keyed digest algorithm"
504 select CRYPTO_ALGAPI
505 help
506 Michael MIC is used for message integrity protection in TKIP
507 (IEEE 802.11i). This algorithm is required for TKIP, but it
508 should not be used for other purposes because of the weakness
509 of the algorithm.
510
511 config CRYPTO_CRC32C
512 tristate "CRC32c CRC algorithm"
513 select CRYPTO_ALGAPI
514 select LIBCRC32C
515 help
516 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
517 by iSCSI for header and data digests and by others.
518 See Castagnoli93. This implementation uses lib/libcrc32c.
519 Module will be crc32c.
520
521 config CRYPTO_CAMELLIA
522 tristate "Camellia cipher algorithms"
523 depends on CRYPTO
524 select CRYPTO_ALGAPI
525 help
526 Camellia cipher algorithms module.
527
528 Camellia is a symmetric key block cipher developed jointly
529 at NTT and Mitsubishi Electric Corporation.
530
531 The Camellia specifies three key sizes: 128, 192 and 256 bits.
532
533 See also:
534 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
535
536 config CRYPTO_TEST
537 tristate "Testing module"
538 depends on m
539 select CRYPTO_ALGAPI
540 help
541 Quick & dirty crypto test module.
542
543 config CRYPTO_AUTHENC
544 tristate "Authenc support"
545 select CRYPTO_AEAD
546 select CRYPTO_MANAGER
547 select CRYPTO_HASH
548 help
549 Authenc: Combined mode wrapper for IPsec.
550 This is required for IPSec.
551
552 config CRYPTO_LZO
553 tristate "LZO compression algorithm"
554 select CRYPTO_ALGAPI
555 select LZO_COMPRESS
556 select LZO_DECOMPRESS
557 help
558 This is the LZO algorithm.
559
560 source "drivers/crypto/Kconfig"
561
562 endif # if CRYPTO
Linux kernel - Deliverables
This page took 0.041757 seconds and 5 git commands to generate.