Root/crypto/Kconfig

Source at commit be977234bfb4a6dca8a39e7c52165e4cd536ad71 created 12 years 9 months ago.
By Lars-Peter Clausen, jz4740: Fix compile error
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5    tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16    tristate "Cryptographic API"
17    help
18      This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25    bool "FIPS 200 compliance"
26    depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
27    help
28      This options enables the fips boot option which is
29      required if you want to system to operate in a FIPS 200
30      certification. You should say no unless you know what
31      this is.
32
33config CRYPTO_ALGAPI
34    tristate
35    select CRYPTO_ALGAPI2
36    help
37      This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40    tristate
41
42config CRYPTO_AEAD
43    tristate
44    select CRYPTO_AEAD2
45    select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48    tristate
49    select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52    tristate
53    select CRYPTO_BLKCIPHER2
54    select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57    tristate
58    select CRYPTO_ALGAPI2
59    select CRYPTO_RNG2
60    select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63    tristate
64    select CRYPTO_HASH2
65    select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68    tristate
69    select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72    tristate
73    select CRYPTO_RNG2
74    select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77    tristate
78    select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81    tristate
82    select CRYPTO_PCOMP2
83    select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86    tristate
87    select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90    tristate "Cryptographic algorithm manager"
91    select CRYPTO_MANAGER2
92    help
93      Create default cryptographic template instantiations such as
94      cbc(aes).
95
96config CRYPTO_MANAGER2
97    def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98    select CRYPTO_AEAD2
99    select CRYPTO_HASH2
100    select CRYPTO_BLKCIPHER2
101    select CRYPTO_PCOMP2
102
103config CRYPTO_MANAGER_DISABLE_TESTS
104    bool "Disable run-time self tests"
105    default y
106    depends on CRYPTO_MANAGER2
107    help
108      Disable run-time self tests that normally take place at
109      algorithm registration.
110
111config CRYPTO_GF128MUL
112    tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
113    help
114      Efficient table driven implementation of multiplications in the
115      field GF(2^128). This is needed by some cypher modes. This
116      option will be selected automatically if you select such a
117      cipher mode. Only select this option by hand if you expect to load
118      an external module that requires these functions.
119
120config CRYPTO_NULL
121    tristate "Null algorithms"
122    select CRYPTO_ALGAPI
123    select CRYPTO_BLKCIPHER
124    select CRYPTO_HASH
125    help
126      These are 'Null' algorithms, used by IPsec, which do nothing.
127
128config CRYPTO_PCRYPT
129    tristate "Parallel crypto engine (EXPERIMENTAL)"
130    depends on SMP && EXPERIMENTAL
131    select PADATA
132    select CRYPTO_MANAGER
133    select CRYPTO_AEAD
134    help
135      This converts an arbitrary crypto algorithm into a parallel
136      algorithm that executes in kernel threads.
137
138config CRYPTO_WORKQUEUE
139       tristate
140
141config CRYPTO_CRYPTD
142    tristate "Software async crypto daemon"
143    select CRYPTO_BLKCIPHER
144    select CRYPTO_HASH
145    select CRYPTO_MANAGER
146    select CRYPTO_WORKQUEUE
147    help
148      This is a generic software asynchronous crypto daemon that
149      converts an arbitrary synchronous software crypto algorithm
150      into an asynchronous algorithm that executes in a kernel thread.
151
152config CRYPTO_AUTHENC
153    tristate "Authenc support"
154    select CRYPTO_AEAD
155    select CRYPTO_BLKCIPHER
156    select CRYPTO_MANAGER
157    select CRYPTO_HASH
158    help
159      Authenc: Combined mode wrapper for IPsec.
160      This is required for IPSec.
161
162config CRYPTO_TEST
163    tristate "Testing module"
164    depends on m
165    select CRYPTO_MANAGER
166    help
167      Quick & dirty crypto test module.
168
169comment "Authenticated Encryption with Associated Data"
170
171config CRYPTO_CCM
172    tristate "CCM support"
173    select CRYPTO_CTR
174    select CRYPTO_AEAD
175    help
176      Support for Counter with CBC MAC. Required for IPsec.
177
178config CRYPTO_GCM
179    tristate "GCM/GMAC support"
180    select CRYPTO_CTR
181    select CRYPTO_AEAD
182    select CRYPTO_GHASH
183    help
184      Support for Galois/Counter Mode (GCM) and Galois Message
185      Authentication Code (GMAC). Required for IPSec.
186
187config CRYPTO_SEQIV
188    tristate "Sequence Number IV Generator"
189    select CRYPTO_AEAD
190    select CRYPTO_BLKCIPHER
191    select CRYPTO_RNG
192    help
193      This IV generator generates an IV based on a sequence number by
194      xoring it with a salt. This algorithm is mainly useful for CTR
195
196comment "Block modes"
197
198config CRYPTO_CBC
199    tristate "CBC support"
200    select CRYPTO_BLKCIPHER
201    select CRYPTO_MANAGER
202    help
203      CBC: Cipher Block Chaining mode
204      This block cipher algorithm is required for IPSec.
205
206config CRYPTO_CTR
207    tristate "CTR support"
208    select CRYPTO_BLKCIPHER
209    select CRYPTO_SEQIV
210    select CRYPTO_MANAGER
211    help
212      CTR: Counter mode
213      This block cipher algorithm is required for IPSec.
214
215config CRYPTO_CTS
216    tristate "CTS support"
217    select CRYPTO_BLKCIPHER
218    help
219      CTS: Cipher Text Stealing
220      This is the Cipher Text Stealing mode as described by
221      Section 8 of rfc2040 and referenced by rfc3962.
222      (rfc3962 includes errata information in its Appendix A)
223      This mode is required for Kerberos gss mechanism support
224      for AES encryption.
225
226config CRYPTO_ECB
227    tristate "ECB support"
228    select CRYPTO_BLKCIPHER
229    select CRYPTO_MANAGER
230    help
231      ECB: Electronic CodeBook mode
232      This is the simplest block cipher algorithm. It simply encrypts
233      the input block by block.
234
235config CRYPTO_LRW
236    tristate "LRW support (EXPERIMENTAL)"
237    depends on EXPERIMENTAL
238    select CRYPTO_BLKCIPHER
239    select CRYPTO_MANAGER
240    select CRYPTO_GF128MUL
241    help
242      LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
243      narrow block cipher mode for dm-crypt. Use it with cipher
244      specification string aes-lrw-benbi, the key must be 256, 320 or 384.
245      The first 128, 192 or 256 bits in the key are used for AES and the
246      rest is used to tie each cipher block to its logical position.
247
248config CRYPTO_PCBC
249    tristate "PCBC support"
250    select CRYPTO_BLKCIPHER
251    select CRYPTO_MANAGER
252    help
253      PCBC: Propagating Cipher Block Chaining mode
254      This block cipher algorithm is required for RxRPC.
255
256config CRYPTO_XTS
257    tristate "XTS support (EXPERIMENTAL)"
258    depends on EXPERIMENTAL
259    select CRYPTO_BLKCIPHER
260    select CRYPTO_MANAGER
261    select CRYPTO_GF128MUL
262    help
263      XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
264      key size 256, 384 or 512 bits. This implementation currently
265      can't handle a sectorsize which is not a multiple of 16 bytes.
266
267config CRYPTO_FPU
268    tristate
269    select CRYPTO_BLKCIPHER
270    select CRYPTO_MANAGER
271
272comment "Hash modes"
273
274config CRYPTO_HMAC
275    tristate "HMAC support"
276    select CRYPTO_HASH
277    select CRYPTO_MANAGER
278    help
279      HMAC: Keyed-Hashing for Message Authentication (RFC2104).
280      This is required for IPSec.
281
282config CRYPTO_XCBC
283    tristate "XCBC support"
284    depends on EXPERIMENTAL
285    select CRYPTO_HASH
286    select CRYPTO_MANAGER
287    help
288      XCBC: Keyed-Hashing with encryption algorithm
289        http://www.ietf.org/rfc/rfc3566.txt
290        http://csrc.nist.gov/encryption/modes/proposedmodes/
291         xcbc-mac/xcbc-mac-spec.pdf
292
293config CRYPTO_VMAC
294    tristate "VMAC support"
295    depends on EXPERIMENTAL
296    select CRYPTO_HASH
297    select CRYPTO_MANAGER
298    help
299      VMAC is a message authentication algorithm designed for
300      very high speed on 64-bit architectures.
301
302      See also:
303      <http://fastcrypto.org/vmac>
304
305comment "Digest"
306
307config CRYPTO_CRC32C
308    tristate "CRC32c CRC algorithm"
309    select CRYPTO_HASH
310    help
311      Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
312      by iSCSI for header and data digests and by others.
313      See Castagnoli93. Module will be crc32c.
314
315config CRYPTO_CRC32C_INTEL
316    tristate "CRC32c INTEL hardware acceleration"
317    depends on X86
318    select CRYPTO_HASH
319    help
320      In Intel processor with SSE4.2 supported, the processor will
321      support CRC32C implementation using hardware accelerated CRC32
322      instruction. This option will create 'crc32c-intel' module,
323      which will enable any routine to use the CRC32 instruction to
324      gain performance compared with software implementation.
325      Module will be crc32c-intel.
326
327config CRYPTO_GHASH
328    tristate "GHASH digest algorithm"
329    select CRYPTO_SHASH
330    select CRYPTO_GF128MUL
331    help
332      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
333
334config CRYPTO_MD4
335    tristate "MD4 digest algorithm"
336    select CRYPTO_HASH
337    help
338      MD4 message digest algorithm (RFC1320).
339
340config CRYPTO_MD5
341    tristate "MD5 digest algorithm"
342    select CRYPTO_HASH
343    help
344      MD5 message digest algorithm (RFC1321).
345
346config CRYPTO_MICHAEL_MIC
347    tristate "Michael MIC keyed digest algorithm"
348    select CRYPTO_HASH
349    help
350      Michael MIC is used for message integrity protection in TKIP
351      (IEEE 802.11i). This algorithm is required for TKIP, but it
352      should not be used for other purposes because of the weakness
353      of the algorithm.
354
355config CRYPTO_RMD128
356    tristate "RIPEMD-128 digest algorithm"
357    select CRYPTO_HASH
358    help
359      RIPEMD-128 (ISO/IEC 10118-3:2004).
360
361      RIPEMD-128 is a 128-bit cryptographic hash function. It should only
362      to be used as a secure replacement for RIPEMD. For other use cases
363      RIPEMD-160 should be used.
364
365      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
366      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
367
368config CRYPTO_RMD160
369    tristate "RIPEMD-160 digest algorithm"
370    select CRYPTO_HASH
371    help
372      RIPEMD-160 (ISO/IEC 10118-3:2004).
373
374      RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
375      to be used as a secure replacement for the 128-bit hash functions
376      MD4, MD5 and it's predecessor RIPEMD
377      (not to be confused with RIPEMD-128).
378
379      It's speed is comparable to SHA1 and there are no known attacks
380      against RIPEMD-160.
381
382      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
383      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
384
385config CRYPTO_RMD256
386    tristate "RIPEMD-256 digest algorithm"
387    select CRYPTO_HASH
388    help
389      RIPEMD-256 is an optional extension of RIPEMD-128 with a
390      256 bit hash. It is intended for applications that require
391      longer hash-results, without needing a larger security level
392      (than RIPEMD-128).
393
394      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
395      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
396
397config CRYPTO_RMD320
398    tristate "RIPEMD-320 digest algorithm"
399    select CRYPTO_HASH
400    help
401      RIPEMD-320 is an optional extension of RIPEMD-160 with a
402      320 bit hash. It is intended for applications that require
403      longer hash-results, without needing a larger security level
404      (than RIPEMD-160).
405
406      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
407      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
408
409config CRYPTO_SHA1
410    tristate "SHA1 digest algorithm"
411    select CRYPTO_HASH
412    help
413      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
414
415config CRYPTO_SHA256
416    tristate "SHA224 and SHA256 digest algorithm"
417    select CRYPTO_HASH
418    help
419      SHA256 secure hash standard (DFIPS 180-2).
420
421      This version of SHA implements a 256 bit hash with 128 bits of
422      security against collision attacks.
423
424      This code also includes SHA-224, a 224 bit hash with 112 bits
425      of security against collision attacks.
426
427config CRYPTO_SHA512
428    tristate "SHA384 and SHA512 digest algorithms"
429    select CRYPTO_HASH
430    help
431      SHA512 secure hash standard (DFIPS 180-2).
432
433      This version of SHA implements a 512 bit hash with 256 bits of
434      security against collision attacks.
435
436      This code also includes SHA-384, a 384 bit hash with 192 bits
437      of security against collision attacks.
438
439config CRYPTO_TGR192
440    tristate "Tiger digest algorithms"
441    select CRYPTO_HASH
442    help
443      Tiger hash algorithm 192, 160 and 128-bit hashes
444
445      Tiger is a hash function optimized for 64-bit processors while
446      still having decent performance on 32-bit processors.
447      Tiger was developed by Ross Anderson and Eli Biham.
448
449      See also:
450      <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
451
452config CRYPTO_WP512
453    tristate "Whirlpool digest algorithms"
454    select CRYPTO_HASH
455    help
456      Whirlpool hash algorithm 512, 384 and 256-bit hashes
457
458      Whirlpool-512 is part of the NESSIE cryptographic primitives.
459      Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
460
461      See also:
462      <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
463
464config CRYPTO_GHASH_CLMUL_NI_INTEL
465    tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
466    depends on (X86 || UML_X86) && 64BIT
467    select CRYPTO_SHASH
468    select CRYPTO_CRYPTD
469    help
470      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
471      The implementation is accelerated by CLMUL-NI of Intel.
472
473comment "Ciphers"
474
475config CRYPTO_AES
476    tristate "AES cipher algorithms"
477    select CRYPTO_ALGAPI
478    help
479      AES cipher algorithms (FIPS-197). AES uses the Rijndael
480      algorithm.
481
482      Rijndael appears to be consistently a very good performer in
483      both hardware and software across a wide range of computing
484      environments regardless of its use in feedback or non-feedback
485      modes. Its key setup time is excellent, and its key agility is
486      good. Rijndael's very low memory requirements make it very well
487      suited for restricted-space environments, in which it also
488      demonstrates excellent performance. Rijndael's operations are
489      among the easiest to defend against power and timing attacks.
490
491      The AES specifies three key sizes: 128, 192 and 256 bits
492
493      See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
494
495config CRYPTO_AES_586
496    tristate "AES cipher algorithms (i586)"
497    depends on (X86 || UML_X86) && !64BIT
498    select CRYPTO_ALGAPI
499    select CRYPTO_AES
500    help
501      AES cipher algorithms (FIPS-197). AES uses the Rijndael
502      algorithm.
503
504      Rijndael appears to be consistently a very good performer in
505      both hardware and software across a wide range of computing
506      environments regardless of its use in feedback or non-feedback
507      modes. Its key setup time is excellent, and its key agility is
508      good. Rijndael's very low memory requirements make it very well
509      suited for restricted-space environments, in which it also
510      demonstrates excellent performance. Rijndael's operations are
511      among the easiest to defend against power and timing attacks.
512
513      The AES specifies three key sizes: 128, 192 and 256 bits
514
515      See <http://csrc.nist.gov/encryption/aes/> for more information.
516
517config CRYPTO_AES_X86_64
518    tristate "AES cipher algorithms (x86_64)"
519    depends on (X86 || UML_X86) && 64BIT
520    select CRYPTO_ALGAPI
521    select CRYPTO_AES
522    help
523      AES cipher algorithms (FIPS-197). AES uses the Rijndael
524      algorithm.
525
526      Rijndael appears to be consistently a very good performer in
527      both hardware and software across a wide range of computing
528      environments regardless of its use in feedback or non-feedback
529      modes. Its key setup time is excellent, and its key agility is
530      good. Rijndael's very low memory requirements make it very well
531      suited for restricted-space environments, in which it also
532      demonstrates excellent performance. Rijndael's operations are
533      among the easiest to defend against power and timing attacks.
534
535      The AES specifies three key sizes: 128, 192 and 256 bits
536
537      See <http://csrc.nist.gov/encryption/aes/> for more information.
538
539config CRYPTO_AES_NI_INTEL
540    tristate "AES cipher algorithms (AES-NI)"
541    depends on (X86 || UML_X86)
542    select CRYPTO_AES_X86_64 if 64BIT
543    select CRYPTO_AES_586 if !64BIT
544    select CRYPTO_CRYPTD
545    select CRYPTO_ALGAPI
546    select CRYPTO_FPU
547    help
548      Use Intel AES-NI instructions for AES algorithm.
549
550      AES cipher algorithms (FIPS-197). AES uses the Rijndael
551      algorithm.
552
553      Rijndael appears to be consistently a very good performer in
554      both hardware and software across a wide range of computing
555      environments regardless of its use in feedback or non-feedback
556      modes. Its key setup time is excellent, and its key agility is
557      good. Rijndael's very low memory requirements make it very well
558      suited for restricted-space environments, in which it also
559      demonstrates excellent performance. Rijndael's operations are
560      among the easiest to defend against power and timing attacks.
561
562      The AES specifies three key sizes: 128, 192 and 256 bits
563
564      See <http://csrc.nist.gov/encryption/aes/> for more information.
565
566      In addition to AES cipher algorithm support, the acceleration
567      for some popular block cipher mode is supported too, including
568      ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
569      acceleration for CTR.
570
571config CRYPTO_ANUBIS
572    tristate "Anubis cipher algorithm"
573    select CRYPTO_ALGAPI
574    help
575      Anubis cipher algorithm.
576
577      Anubis is a variable key length cipher which can use keys from
578      128 bits to 320 bits in length. It was evaluated as a entrant
579      in the NESSIE competition.
580
581      See also:
582      <https://www.cosic.esat.kuleuven.be/nessie/reports/>
583      <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584
585config CRYPTO_ARC4
586    tristate "ARC4 cipher algorithm"
587    select CRYPTO_ALGAPI
588    help
589      ARC4 cipher algorithm.
590
591      ARC4 is a stream cipher using keys ranging from 8 bits to 2048
592      bits in length. This algorithm is required for driver-based
593      WEP, but it should not be for other purposes because of the
594      weakness of the algorithm.
595
596config CRYPTO_BLOWFISH
597    tristate "Blowfish cipher algorithm"
598    select CRYPTO_ALGAPI
599    help
600      Blowfish cipher algorithm, by Bruce Schneier.
601
602      This is a variable key length cipher which can use keys from 32
603      bits to 448 bits in length. It's fast, simple and specifically
604      designed for use on "large microprocessors".
605
606      See also:
607      <http://www.schneier.com/blowfish.html>
608
609config CRYPTO_CAMELLIA
610    tristate "Camellia cipher algorithms"
611    depends on CRYPTO
612    select CRYPTO_ALGAPI
613    help
614      Camellia cipher algorithms module.
615
616      Camellia is a symmetric key block cipher developed jointly
617      at NTT and Mitsubishi Electric Corporation.
618
619      The Camellia specifies three key sizes: 128, 192 and 256 bits.
620
621      See also:
622      <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
623
624config CRYPTO_CAST5
625    tristate "CAST5 (CAST-128) cipher algorithm"
626    select CRYPTO_ALGAPI
627    help
628      The CAST5 encryption algorithm (synonymous with CAST-128) is
629      described in RFC2144.
630
631config CRYPTO_CAST6
632    tristate "CAST6 (CAST-256) cipher algorithm"
633    select CRYPTO_ALGAPI
634    help
635      The CAST6 encryption algorithm (synonymous with CAST-256) is
636      described in RFC2612.
637
638config CRYPTO_DES
639    tristate "DES and Triple DES EDE cipher algorithms"
640    select CRYPTO_ALGAPI
641    help
642      DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
643
644config CRYPTO_FCRYPT
645    tristate "FCrypt cipher algorithm"
646    select CRYPTO_ALGAPI
647    select CRYPTO_BLKCIPHER
648    help
649      FCrypt algorithm used by RxRPC.
650
651config CRYPTO_KHAZAD
652    tristate "Khazad cipher algorithm"
653    select CRYPTO_ALGAPI
654    help
655      Khazad cipher algorithm.
656
657      Khazad was a finalist in the initial NESSIE competition. It is
658      an algorithm optimized for 64-bit processors with good performance
659      on 32-bit processors. Khazad uses an 128 bit key size.
660
661      See also:
662      <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
663
664config CRYPTO_SALSA20
665    tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
666    depends on EXPERIMENTAL
667    select CRYPTO_BLKCIPHER
668    help
669      Salsa20 stream cipher algorithm.
670
671      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
672      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
673
674      The Salsa20 stream cipher algorithm is designed by Daniel J.
675      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
676
677config CRYPTO_SALSA20_586
678    tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
679    depends on (X86 || UML_X86) && !64BIT
680    depends on EXPERIMENTAL
681    select CRYPTO_BLKCIPHER
682    help
683      Salsa20 stream cipher algorithm.
684
685      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
686      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
687
688      The Salsa20 stream cipher algorithm is designed by Daniel J.
689      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
690
691config CRYPTO_SALSA20_X86_64
692    tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
693    depends on (X86 || UML_X86) && 64BIT
694    depends on EXPERIMENTAL
695    select CRYPTO_BLKCIPHER
696    help
697      Salsa20 stream cipher algorithm.
698
699      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
700      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
701
702      The Salsa20 stream cipher algorithm is designed by Daniel J.
703      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
704
705config CRYPTO_SEED
706    tristate "SEED cipher algorithm"
707    select CRYPTO_ALGAPI
708    help
709      SEED cipher algorithm (RFC4269).
710
711      SEED is a 128-bit symmetric key block cipher that has been
712      developed by KISA (Korea Information Security Agency) as a
713      national standard encryption algorithm of the Republic of Korea.
714      It is a 16 round block cipher with the key size of 128 bit.
715
716      See also:
717      <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
718
719config CRYPTO_SERPENT
720    tristate "Serpent cipher algorithm"
721    select CRYPTO_ALGAPI
722    help
723      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
724
725      Keys are allowed to be from 0 to 256 bits in length, in steps
726      of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
727      variant of Serpent for compatibility with old kerneli.org code.
728
729      See also:
730      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
731
732config CRYPTO_TEA
733    tristate "TEA, XTEA and XETA cipher algorithms"
734    select CRYPTO_ALGAPI
735    help
736      TEA cipher algorithm.
737
738      Tiny Encryption Algorithm is a simple cipher that uses
739      many rounds for security. It is very fast and uses
740      little memory.
741
742      Xtendend Tiny Encryption Algorithm is a modification to
743      the TEA algorithm to address a potential key weakness
744      in the TEA algorithm.
745
746      Xtendend Encryption Tiny Algorithm is a mis-implementation
747      of the XTEA algorithm for compatibility purposes.
748
749config CRYPTO_TWOFISH
750    tristate "Twofish cipher algorithm"
751    select CRYPTO_ALGAPI
752    select CRYPTO_TWOFISH_COMMON
753    help
754      Twofish cipher algorithm.
755
756      Twofish was submitted as an AES (Advanced Encryption Standard)
757      candidate cipher by researchers at CounterPane Systems. It is a
758      16 round block cipher supporting key sizes of 128, 192, and 256
759      bits.
760
761      See also:
762      <http://www.schneier.com/twofish.html>
763
764config CRYPTO_TWOFISH_COMMON
765    tristate
766    help
767      Common parts of the Twofish cipher algorithm shared by the
768      generic c and the assembler implementations.
769
770config CRYPTO_TWOFISH_586
771    tristate "Twofish cipher algorithms (i586)"
772    depends on (X86 || UML_X86) && !64BIT
773    select CRYPTO_ALGAPI
774    select CRYPTO_TWOFISH_COMMON
775    help
776      Twofish cipher algorithm.
777
778      Twofish was submitted as an AES (Advanced Encryption Standard)
779      candidate cipher by researchers at CounterPane Systems. It is a
780      16 round block cipher supporting key sizes of 128, 192, and 256
781      bits.
782
783      See also:
784      <http://www.schneier.com/twofish.html>
785
786config CRYPTO_TWOFISH_X86_64
787    tristate "Twofish cipher algorithm (x86_64)"
788    depends on (X86 || UML_X86) && 64BIT
789    select CRYPTO_ALGAPI
790    select CRYPTO_TWOFISH_COMMON
791    help
792      Twofish cipher algorithm (x86_64).
793
794      Twofish was submitted as an AES (Advanced Encryption Standard)
795      candidate cipher by researchers at CounterPane Systems. It is a
796      16 round block cipher supporting key sizes of 128, 192, and 256
797      bits.
798
799      See also:
800      <http://www.schneier.com/twofish.html>
801
802comment "Compression"
803
804config CRYPTO_DEFLATE
805    tristate "Deflate compression algorithm"
806    select CRYPTO_ALGAPI
807    select ZLIB_INFLATE
808    select ZLIB_DEFLATE
809    help
810      This is the Deflate algorithm (RFC1951), specified for use in
811      IPSec with the IPCOMP protocol (RFC3173, RFC2394).
812
813      You will most probably want this if using IPSec.
814
815config CRYPTO_ZLIB
816    tristate "Zlib compression algorithm"
817    select CRYPTO_PCOMP
818    select ZLIB_INFLATE
819    select ZLIB_DEFLATE
820    select NLATTR
821    help
822      This is the zlib algorithm.
823
824config CRYPTO_LZO
825    tristate "LZO compression algorithm"
826    select CRYPTO_ALGAPI
827    select LZO_COMPRESS
828    select LZO_DECOMPRESS
829    help
830      This is the LZO algorithm.
831
832comment "Random Number Generation"
833
834config CRYPTO_ANSI_CPRNG
835    tristate "Pseudo Random Number Generation for Cryptographic modules"
836    default m
837    select CRYPTO_AES
838    select CRYPTO_RNG
839    help
840      This option enables the generic pseudo random number generator
841      for cryptographic modules. Uses the Algorithm specified in
842      ANSI X9.31 A.2.4. Note that this option must be enabled if
843      CRYPTO_FIPS is selected
844
845config CRYPTO_USER_API
846    tristate
847
848config CRYPTO_USER_API_HASH
849    tristate "User-space interface for hash algorithms"
850    depends on NET
851    select CRYPTO_HASH
852    select CRYPTO_USER_API
853    help
854      This option enables the user-spaces interface for hash
855      algorithms.
856
857config CRYPTO_USER_API_SKCIPHER
858    tristate "User-space interface for symmetric key cipher algorithms"
859    depends on NET
860    select CRYPTO_BLKCIPHER
861    select CRYPTO_USER_API
862    help
863      This option enables the user-spaces interface for symmetric
864      key cipher algorithms.
865
866source "drivers/crypto/Kconfig"
867
868endif # if CRYPTO
869

Archive Download this file



interactive