1
0

Config.in.crypto 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577
  1. menu "Crypto support"
  2. config ADK_KERNEL_CRYPTO
  3. tristate
  4. config ADK_KERNEL_CRYPTO_HW
  5. tristate
  6. config ADK_KERNEL_CRYPTO_AES
  7. boolean
  8. config ADK_KERNEL_CRYPTO_SHA256
  9. boolean
  10. config ADK_KERNEL_CRYPTO_CBC
  11. boolean
  12. comment "Hardware cryptography"
  13. menu "Hardware crypto devices"
  14. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI || ADK_TARGET_WITH_GEODE_CRYPTO
  15. config ADK_KPACKAGE_KMOD_CRYPTO_DEV_GEODE
  16. prompt "Support for the Geode LX/GX AES engine"
  17. tristate
  18. select ADK_KERNEL_CRYPTO
  19. select ADK_KERNEL_CRYPTO_HW
  20. select ADK_KPACKAGE_KMOD_CRYPTO_ECB
  21. select ADK_KPACKAGE_KMOD_CRYPTO_CBC
  22. depends on ADK_TARGET_WITH_GEODE_CRYPTO
  23. default y if ADK_TARGET_WITH_GEODE_CRYPTO
  24. default n
  25. help
  26. Say 'Y' here to use the AMD Geode LX processor on-board AES
  27. engine for the CryptoAPI AES algorithm.
  28. config ADK_KPACKAGE_KMOD_CRYPTO_DEV_HIFN_795X
  29. prompt "Driver for HIFN 795x crypto accelerator chips"
  30. tristate
  31. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI
  32. select ADK_KERNEL_CRYPTO
  33. select ADK_KERNEL_CRYPTO_HW
  34. select ADK_KPACKAGE_KMOD_CRYPTO_DES
  35. default n
  36. help
  37. This option allows you to have support for HIFN 795x crypto adapters.
  38. endmenu
  39. comment "Software cryptography support"
  40. menu "Crypto core / Block and Hash modes"
  41. config ADK_KERNEL_MOD_CRYPTO_PCOMP
  42. tristate
  43. config ADK_KPACKAGE_KMOD_CRYPTO_PCOMP2
  44. tristate
  45. select ADK_KERNEL_CRYPTO
  46. select ADK_KERNEL_MOD_CRYPTO_PCOMP
  47. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  48. default n
  49. help
  50. config ADK_KERNEL_MOD_CRYPTO_ALGAPI
  51. tristate
  52. config ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  53. tristate
  54. select ADK_KERNEL_CRYPTO
  55. select ADK_KERNEL_MOD_CRYPTO_ALGAPI
  56. default n
  57. help
  58. config ADK_KERNEL_MOD_CRYPTO_AEAD
  59. tristate
  60. config ADK_KPACKAGE_KMOD_CRYPTO_AEAD2
  61. tristate
  62. select ADK_KERNEL_CRYPTO
  63. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  64. select ADK_KERNEL_MOD_CRYPTO_AEAD
  65. default n
  66. help
  67. config ADK_KERNEL_MOD_CRYPTO_HASH
  68. tristate
  69. config ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  70. tristate
  71. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  72. select ADK_KERNEL_MOD_CRYPTO_HASH
  73. default n
  74. help
  75. config ADK_KERNEL_MOD_CRYPTO_BLKCIPHER
  76. tristate
  77. config ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER2
  78. tristate
  79. #select ADK_KPACKAGE_KMOD_CRYPTO_RNG2
  80. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  81. select ADK_KERNEL_MOD_CRYPTO_BLKCIPHER
  82. default n
  83. help
  84. config ADK_KERNEL_MOD_CRYPTO_WORKQUEUE
  85. tristate
  86. config ADK_KERNEL_MOD_CRYPTO_MANAGER
  87. tristate
  88. config ADK_KPACKAGE_KMOD_CRYPTO_AUTHENC
  89. prompt "AuthENC (IPsec)"
  90. tristate
  91. default n
  92. help
  93. config ADK_KPACKAGE_KMOD_CRYPTO_SEQIV
  94. prompt "Sequence Number IV Generator"
  95. tristate
  96. #select ADK_KPACKAGE_KMOD_CRYPTO_RNG2
  97. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  98. help
  99. This IV generator generates an IV based on a sequence number by
  100. xoring it with a salt. This algorithm is mainly useful for CTR
  101. config ADK_KPACKAGE_KMOD_CRYPTO_CTS
  102. prompt "CTS support"
  103. tristate
  104. select ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER2
  105. default n
  106. help
  107. CTS: Cipher Text Stealing
  108. This is the Cipher Text Stealing mode as described by
  109. Section 8 of rfc2040 and referenced by rfc3962.
  110. (rfc3962 includes errata information in its Appendix A)
  111. This mode is required for Kerberos gss mechanism support
  112. for AES encryption.
  113. config ADK_KPACKAGE_KMOD_CRYPTO_CBC
  114. prompt "CBC support"
  115. tristate
  116. depends on !ADK_KERNEL_CRYPTO_CBC
  117. select ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER2
  118. default n
  119. help
  120. CBC: Cipher Block Chaining mode
  121. This block cipher algorithm is required for IPSec.
  122. config ADK_KPACKAGE_KMOD_CRYPTO_CCM
  123. prompt "CCM support"
  124. tristate
  125. select ADK_KPACKAGE_KMOD_CRYPTO_CTR
  126. default n
  127. help
  128. Support for Counter with CBC MAC. Required for IPsec.
  129. config ADK_KPACKAGE_KMOD_CRYPTO_GCM
  130. prompt "GCM support"
  131. tristate
  132. select ADK_KPACKAGE_KMOD_CRYPTO_CTR
  133. default n
  134. help
  135. Support for Galois/Counter Mode (GCM) and Galois Message
  136. Authentication Code (GMAC). Required for IPSec.
  137. config ADK_KPACKAGE_KMOD_CRYPTO_CTR
  138. prompt "CTR support"
  139. tristate
  140. select ADK_KPACKAGE_KMOD_CRYPTO_SEQIV
  141. default n
  142. help
  143. CTR: Counter mode
  144. This block cipher algorithm is required for IPSec.
  145. config ADK_KPACKAGE_KMOD_CRYPTO_ECB
  146. prompt "ECB support"
  147. tristate
  148. select ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER2
  149. default n
  150. help
  151. ECB: Electronic CodeBook mode
  152. This is the simplest block cipher algorithm. It simply encrypts
  153. the input block by block.
  154. config ADK_KPACKAGE_KMOD_CRYPTO_HMAC
  155. prompt "HMAC support"
  156. tristate
  157. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  158. default n
  159. help
  160. HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  161. This is required for IPSec.
  162. config ADK_KPACKAGE_KMOD_CRYPTO_XCBC
  163. prompt "XCBC support"
  164. tristate
  165. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  166. default n
  167. help
  168. XCBC: Keyed-Hashing with encryption algorithm
  169. config ADK_KERNEL_MOD_CRYPTO_RNG
  170. tristate
  171. endmenu
  172. menu "Digest algorithms"
  173. config ADK_KPACKAGE_KMOD_CRYPTO_MD4
  174. prompt "MD4 digest algorithm"
  175. tristate
  176. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  177. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  178. default n
  179. help
  180. MD4 message digest algorithm (RFC1320).
  181. config ADK_KPACKAGE_KMOD_CRYPTO_MD5
  182. prompt "MD5 digest algorithm"
  183. tristate
  184. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  185. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  186. default n
  187. help
  188. MD5 message digest algorithm (RFC1321).
  189. config ADK_KPACKAGE_KMOD_CRYPTO_SHA1
  190. prompt "SHA1 digest algorithm"
  191. tristate
  192. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  193. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  194. default n
  195. help
  196. SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  197. config ADK_KPACKAGE_KMOD_CRYPTO_SHA256
  198. prompt "SHA256 digest algorithm"
  199. tristate
  200. depends on !ADK_KERNEL_CRYPTO_SHA256
  201. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  202. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  203. default n
  204. help
  205. SHA256 secure hash standard (DFIPS 180-2).
  206. This version of SHA implements a 256 bit hash with 128 bits of
  207. security against collision attacks.
  208. config ADK_KPACKAGE_KMOD_CRYPTO_SHA512
  209. prompt "SHA512 digest algorithm"
  210. tristate
  211. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  212. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  213. default n
  214. help
  215. SHA512 secure hash standard (DFIPS 180-2).
  216. This version of SHA implements a 512 bit hash with 256 bits of
  217. security against collision attacks.
  218. This code also includes SHA-384, a 384 bit hash with 192 bits
  219. of security against collision attacks.
  220. config ADK_KPACKAGE_KMOD_CRYPTO_WP512
  221. prompt "Whirlpool digest algorithms"
  222. tristate
  223. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  224. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  225. default n
  226. help
  227. Whirlpool hash algorithm 512, 384 and 256-bit hashes
  228. Whirlpool-512 is part of the NESSIE cryptographic primitives.
  229. Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
  230. See also:
  231. <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
  232. config ADK_KPACKAGE_KMOD_CRYPTO_TGR192
  233. prompt "Tiger digest algorithms"
  234. tristate
  235. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  236. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  237. default n
  238. help
  239. Tiger hash algorithm 192, 160 and 128-bit hashes
  240. Tiger is a hash function optimized for 64-bit processors while
  241. still having decent performance on 32-bit processors.
  242. Tiger was developed by Ross Anderson and Eli Biham.
  243. See also:
  244. <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
  245. endmenu
  246. menu "Cipher algoritms"
  247. config ADK_KPACKAGE_KMOD_CRYPTO_AES
  248. prompt "AES cipher algorithms"
  249. tristate
  250. depends on !ADK_KERNEL_CRYPTO_AES
  251. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  252. default n
  253. help
  254. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  255. algorithm.
  256. Rijndael appears to be consistently a very good performer in
  257. both hardware and software across a wide range of computing
  258. environments regardless of its use in feedback or non-feedback
  259. modes. Its key setup time is excellent, and its key agility is
  260. good. Rijndael's very low memory requirements make it very well
  261. suited for restricted-space environments, in which it also
  262. demonstrates excellent performance. Rijndael's operations are
  263. among the easiest to defend against power and timing attacks.
  264. The AES specifies three key sizes: 128, 192 and 256 bits
  265. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  266. config ADK_KPACKAGE_KMOD_CRYPTO_AES_586
  267. prompt "AES cipher algorithms (i586)"
  268. tristate
  269. depends on ADK_x86
  270. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  271. default n
  272. help
  273. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  274. algorithm.
  275. Rijndael appears to be consistently a very good performer in
  276. both hardware and software across a wide range of computing
  277. environments regardless of its use in feedback or non-feedback
  278. modes. Its key setup time is excellent, and its key agility is
  279. good. Rijndael's very low memory requirements make it very well
  280. suited for restricted-space environments, in which it also
  281. demonstrates excellent performance. Rijndael's operations are
  282. among the easiest to defend against power and timing attacks.
  283. The AES specifies three key sizes: 128, 192 and 256 bits
  284. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  285. config ADK_KPACKAGE_KMOD_CRYPTO_ANUBIS
  286. prompt "Anubis cipher algorithm"
  287. tristate
  288. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  289. default n
  290. help
  291. Anubis cipher algorithm.
  292. Anubis is a variable key length cipher which can use keys from
  293. 128 bits to 320 bits in length. It was evaluated as a entrant
  294. in the NESSIE competition.
  295. See also:
  296. <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
  297. <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
  298. config ADK_KPACKAGE_KMOD_CRYPTO_ARC4
  299. prompt "ARC4 cipher algorithm"
  300. tristate
  301. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  302. default n
  303. help
  304. ARC4 cipher algorithm.
  305. ARC4 is a stream cipher using keys ranging from 8 bits to 2048
  306. bits in length. This algorithm is required for driver-based
  307. WEP, but it should not be for other purposes because of the
  308. weakness of the algorithm.
  309. config ADK_KPACKAGE_KMOD_CRYPTO_BLOWFISH
  310. prompt "Blowfish cipher algorithm"
  311. tristate
  312. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  313. default n
  314. help
  315. Blowfish cipher algorithm, by Bruce Schneier.
  316. This is a variable key length cipher which can use keys from 32
  317. bits to 448 bits in length. It's fast, simple and specifically
  318. designed for use on "large microprocessors".
  319. See also:
  320. <http://www.schneier.com/blowfish.html>
  321. config ADK_KPACKAGE_KMOD_CRYPTO_CAMELLIA
  322. prompt "Camellia cipher algorithms"
  323. tristate
  324. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  325. default n
  326. help
  327. Camellia cipher algorithms module.
  328. Camellia is a symmetric key block cipher developed jointly
  329. at NTT and Mitsubishi Electric Corporation.
  330. The Camellia specifies three key sizes: 128, 192 and 256 bits.
  331. See also:
  332. <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
  333. config ADK_KPACKAGE_KMOD_CRYPTO_CAST5
  334. prompt "CAST5 (CAST-128) cipher algorithm"
  335. tristate
  336. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  337. default n
  338. help
  339. The CAST5 encryption algorithm (synonymous with CAST-128) is
  340. described in RFC2144.
  341. config ADK_KPACKAGE_KMOD_CRYPTO_CAST6
  342. prompt "CAST6 (CATS-256) cipher algorithm"
  343. tristate
  344. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  345. default n
  346. help
  347. The CAST6 encryption algorithm (synonymous with CAST-256) is
  348. described in RFC2612.
  349. config ADK_KPACKAGE_KMOD_CRYPTO_DES
  350. prompt "DES and Triple DES EDE cipher algorithms"
  351. tristate
  352. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  353. default n
  354. help
  355. DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
  356. config ADK_KPACKAGE_KMOD_CRYPTO_FCRYPT
  357. prompt "FCrypt cipher algorithms"
  358. tristate
  359. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  360. default n
  361. help
  362. FCrypt algorithm used by RxRPC.
  363. config ADK_KPACKAGE_KMOD_CRYPTO_KHAZAD
  364. prompt "Khazad cipher algorithm"
  365. tristate
  366. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  367. default n
  368. help
  369. Khazad cipher algorithm.
  370. Khazad was a finalist in the initial NESSIE competition. It is
  371. an algorithm optimized for 64-bit processors with good performance
  372. on 32-bit processors. Khazad uses an 128 bit key size.
  373. See also:
  374. <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
  375. config ADK_KPACKAGE_KMOD_CRYPTO_SERPENT
  376. prompt "Serpent cipher algorithm"
  377. tristate
  378. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  379. default n
  380. help
  381. Serpent cipher algorithm, by Anderson, Biham & Knudsen.
  382. Keys are allowed to be from 0 to 256 bits in length, in steps
  383. of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
  384. variant of Serpent for compatibility with old kerneli code.
  385. See also:
  386. <http://www.cl.cam.ac.uk/~rja14/serpent.html>
  387. config ADK_KPACKAGE_KMOD_CRYPTO_TEA
  388. prompt "TEA, XTEA and XETA cipher algorithms"
  389. tristate
  390. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  391. default n
  392. help
  393. TEA cipher algorithm.
  394. Tiny Encryption Algorithm is a simple cipher that uses
  395. many rounds for security. It is very fast and uses
  396. little memory.
  397. Xtendend Tiny Encryption Algorithm is a modification to
  398. the TEA algorithm to address a potential key weakness
  399. in the TEA algorithm.
  400. Xtendend Encryption Tiny Algorithm is a mis-implementation
  401. of the XTEA algorithm for compatibility purposes.
  402. config ADK_KPACKAGE_KMOD_CRYPTO_TWOFISH
  403. prompt "Twofish cipher algorithm"
  404. tristate
  405. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  406. default n
  407. help
  408. Twofish cipher algorithm.
  409. Twofish was submitted as an AES (Advanced Encryption Standard)
  410. candidate cipher by researchers at CounterPane Systems. It is a
  411. 16 round block cipher supporting key sizes of 128, 192, and 256
  412. bits.
  413. See also:
  414. <http://www.schneier.com/twofish.html>
  415. config ADK_KPACKAGE_KMOD_CRYPTO_TWOFISH_586
  416. prompt "Twofish cipher algorithm (i586)"
  417. tristate
  418. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  419. depends on ADK_x86
  420. default n
  421. help
  422. Twofish cipher algorithm.
  423. Twofish was submitted as an AES (Advanced Encryption Standard)
  424. candidate cipher by researchers at CounterPane Systems. It is a
  425. 16 round block cipher supporting key sizes of 128, 192, and 256
  426. bits.
  427. See also:
  428. <http://www.schneier.com/twofish.html>
  429. config ADK_KPACKAGE_KMOD_CRYPTO_NULL
  430. prompt "Null algorithms"
  431. tristate
  432. select ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER2
  433. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  434. default n
  435. help
  436. These are 'Null' algorithms, used by IPsec, which do nothing.
  437. endmenu
  438. menu "Compression"
  439. config ADK_KPACKAGE_KMOD_CRYPTO_DEFLATE
  440. prompt "Deflate compression algorithm"
  441. tristate
  442. select ADK_KERNEL_CRYPTO
  443. default n
  444. help
  445. This is the Deflate algorithm (RFC1951), specified for use in
  446. IPSec with the IPCOMP protocol (RFC3173, RFC2394).
  447. You will most probably want this if using IPSec.
  448. config ADK_KPACKAGE_KMOD_CRYPTO_LZO
  449. prompt "LZO compression algorithm"
  450. tristate
  451. select ADK_KERNEL_CRYPTO
  452. default n
  453. help
  454. config ADK_KPACKAGE_KMOD_CRYPTO_MICHAEL_MIC
  455. prompt "Michael MIC keyed digest algorithm"
  456. tristate
  457. select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI2
  458. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  459. default n
  460. help
  461. Michael MIC is used for message integrity protection in TKIP
  462. (IEEE 802.11i). This algorithm is required for TKIP, but it
  463. should not be used for other purposes because of the weakness
  464. of the algorithm.
  465. config ADK_KPACKAGE_KMOD_CRYPTO_CRC32C
  466. prompt "CRC32c CRC algorithm"
  467. tristate
  468. select ADK_KPACKAGE_KMOD_CRYPTO_HASH2
  469. select ADK_KPACKAGE_KMOD_LIBCRC32C
  470. default n
  471. help
  472. Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
  473. by iSCSI for header and data digests and by others.
  474. See Castagnoli93. This implementation uses lib/libcrc32c.
  475. Module will be crc32c.
  476. endmenu
  477. endmenu