Config.in.crypto 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589
  1. menu "Crypto support"
  2. config ADK_KERNEL_CRYPTO
  3. tristate
  4. config ADK_KERNEL_CRYPTO_HW
  5. boolean
  6. config ADK_KERNEL_XOR_BLOCKS
  7. tristate
  8. comment "Hardware cryptography"
  9. menu "Hardware crypto devices"
  10. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI || ADK_TARGET_WITH_GEODE_CRYPTO
  11. config ADK_KERNEL_CRYPTO_DEV_GEODE
  12. prompt "Support for the Geode LX/GX AES engine"
  13. tristate
  14. select ADK_KERNEL_CRYPTO
  15. select ADK_KERNEL_CRYPTO_HW
  16. select ADK_KERNEL_CRYPTO_ECB
  17. select ADK_KERNEL_CRYPTO_CBC
  18. depends on ADK_TARGET_WITH_GEODE_CRYPTO
  19. default y if ADK_TARGET_WITH_GEODE_CRYPTO
  20. default n
  21. help
  22. Say 'Y' here to use the AMD Geode LX processor on-board AES
  23. engine for the CryptoAPI AES algorithm.
  24. config ADK_KERNEL_CRYPTO_DEV_HIFN_795X
  25. prompt "Driver for HIFN 795x crypto accelerator chips"
  26. tristate
  27. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI
  28. select ADK_KERNEL_CRYPTO
  29. select ADK_KERNEL_CRYPTO_HW
  30. select ADK_KERNEL_CRYPTO_DES
  31. default n
  32. help
  33. This option allows you to have support for HIFN 795x crypto adapters.
  34. endmenu
  35. comment "Software cryptography support"
  36. menu "Crypto core / Block and Hash modes"
  37. config ADK_KERNEL_CRYPTO_PCOMP
  38. tristate
  39. select ADK_KERNEL_CRYPTO_PCOMP2
  40. select ADK_KERNEL_CRYPTO_ALGAPI
  41. config ADK_KERNEL_CRYPTO_PCOMP2
  42. tristate
  43. select ADK_KERNEL_CRYPTO_ALGAPI2
  44. config ADK_KERNEL_CRYPTO_ALGAPI
  45. tristate
  46. select ADK_KERNEL_CRYPTO_ALGAPI2
  47. config ADK_KERNEL_CRYPTO_ALGAPI2
  48. tristate
  49. config ADK_KERNEL_CRYPTO_AEAD
  50. tristate
  51. select ADK_KERNEL_CRYPTO_AEAD2
  52. select ADK_KERNEL_CRYPTO_ALGAPI
  53. config ADK_KERNEL_CRYPTO_AEAD2
  54. tristate
  55. select ADK_KERNEL_CRYPTO_ALGAPI2
  56. config ADK_KERNEL_CRYPTO_HASH
  57. tristate
  58. select ADK_KERNEL_CRYPTO
  59. select ADK_KERNEL_CRYPTO_ALGAPI
  60. select ADK_KERNEL_CRYPTO_HASH2
  61. select ADK_KERNEL_CRYPTO_ALGAPI
  62. config ADK_KERNEL_CRYPTO_HASH2
  63. select ADK_KERNEL_CRYPTO_ALGAPI2
  64. tristate
  65. config ADK_KERNEL_CRYPTO_BLKCIPHER
  66. tristate
  67. select ADK_KERNEL_CRYPTO_BLKCIPHER2
  68. select ADK_KERNEL_CRYPTO_ALGAPI
  69. config ADK_KERNEL_CRYPTO_BLKCIPHER2
  70. tristate
  71. select ADK_KERNEL_CRYPTO_ALGAPI2
  72. select ADK_KERNEL_CRYPTO_RNG2
  73. select ADK_KERNEL_CRYPTO_WORKQUEUE
  74. config ADK_KERNEL_CRYPTO_WORKQUEUE
  75. tristate
  76. config ADK_KERNEL_CRYPTO_RNG
  77. tristate
  78. select ADK_KERNEL_CRYPTO_RNG2
  79. select ADK_KERNEL_CRYPTO_ALGAPI
  80. config ADK_KERNEL_CRYPTO_RNG2
  81. tristate
  82. select ADK_KERNEL_CRYPTO_ALGAPI2
  83. config ADK_KERNEL_CRYPTO_MANAGER
  84. tristate
  85. select ADK_KERNEL_CRYPTO_MANAGER2
  86. config ADK_KERNEL_CRYPTO_MANAGER2
  87. def_tristate ADK_KERNEL_CRYPTO_MANAGER || (ADK_KERNEL_CRYPTO_MANAGER!=n && ADK_KERNEL_CRYPTO_ALGAPI=y)
  88. select ADK_KERNEL_CRYPTO_AEAD2
  89. select ADK_KERNEL_CRYPTO_HASH2
  90. select ADK_KERNEL_CRYPTO_BLKCIPHER2
  91. select ADK_KERNEL_CRYPTO_PCOMP2
  92. config ADK_KERNEL_CRYPTO_AUTHENC
  93. prompt "AuthENC (IPsec)"
  94. tristate
  95. select ADK_KERNEL_CRYPTO_AEAD
  96. select ADK_KERNEL_CRYPTO_BLKCIPHER
  97. select ADK_KERNEL_CRYPTO_MANAGER
  98. select ADK_KERNEL_CRYPTO_HASH
  99. default n
  100. config ADK_KERNEL_CRYPTO_SEQIV
  101. prompt "Sequence Number IV Generator"
  102. tristate
  103. select ADK_KERNEL_CRYPTO_AEAD
  104. select ADK_KERNEL_CRYPTO_BLKCIPHER
  105. select ADK_KERNEL_CRYPTO_RNG
  106. default n
  107. help
  108. This IV generator generates an IV based on a sequence number by
  109. xoring it with a salt. This algorithm is mainly useful for CTR
  110. config ADK_KERNEL_CRYPTO_CTS
  111. prompt "CTS support"
  112. tristate
  113. select ADK_KERNEL_CRYPTO_BLKCIPHER
  114. default n
  115. help
  116. CTS: Cipher Text Stealing
  117. This is the Cipher Text Stealing mode as described by
  118. Section 8 of rfc2040 and referenced by rfc3962.
  119. (rfc3962 includes errata information in its Appendix A)
  120. This mode is required for Kerberos gss mechanism support
  121. for AES encryption.
  122. config ADK_KERNEL_CRYPTO_CBC
  123. prompt "CBC support"
  124. tristate
  125. select ADK_KERNEL_CRYPTO_BLKCIPHER
  126. select ADK_KERNEL_CRYPTO_MANAGER
  127. default n
  128. help
  129. CBC: Cipher Block Chaining mode
  130. This block cipher algorithm is required for IPSec.
  131. config ADK_KERNEL_CRYPTO_CCM
  132. prompt "CCM support"
  133. tristate
  134. select ADK_KERNEL_CRYPTO_CTR
  135. select ADK_KERNEL_CRYPTO_AEAD
  136. default n
  137. help
  138. Support for Counter with CBC MAC. Required for IPsec.
  139. config ADK_KERNEL_CRYPTO_GCM
  140. prompt "GCM support"
  141. tristate
  142. select ADK_KERNEL_CRYPTO_CTR
  143. select ADK_KERNEL_CRYPTO_AEAD
  144. select ADK_KERNEL_CRYPTO_GHASH
  145. select ADK_KERNEL_CRYPTO_NULL
  146. default n
  147. help
  148. Support for Galois/Counter Mode (GCM) and Galois Message
  149. Authentication Code (GMAC). Required for IPSec.
  150. config ADK_KERNEL_CRYPTO_CTR
  151. prompt "CTR support"
  152. tristate
  153. select ADK_KERNEL_CRYPTO_BLKCIPHER
  154. select ADK_KERNEL_CRYPTO_SEQIV
  155. select ADK_KERNEL_CRYPTO_MANAGER
  156. default n
  157. help
  158. CTR: Counter mode
  159. This block cipher algorithm is required for IPSec.
  160. config ADK_KERNEL_CRYPTO_ECB
  161. prompt "ECB support"
  162. tristate
  163. select ADK_KERNEL_CRYPTO_BLKCIPHER
  164. select ADK_KERNEL_CRYPTO_MANAGER
  165. default n
  166. help
  167. ECB: Electronic CodeBook mode
  168. This is the simplest block cipher algorithm. It simply encrypts
  169. the input block by block.
  170. config ADK_KERNEL_CRYPTO_HMAC
  171. prompt "HMAC support"
  172. tristate
  173. select ADK_KERNEL_CRYPTO_HASH
  174. select ADK_KERNEL_CRYPTO_MANAGER
  175. default n
  176. help
  177. HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  178. This is required for IPSec.
  179. config ADK_KERNEL_CRYPTO_XCBC
  180. prompt "XCBC support"
  181. tristate
  182. select ADK_KERNEL_CRYPTO_HASH
  183. select ADK_KERNEL_CRYPTO_MANAGER
  184. default n
  185. help
  186. XCBC: Keyed-Hashing with encryption algorithm
  187. endmenu
  188. menu "Digest algorithms"
  189. config ADK_KERNEL_CRYPTO_MD4
  190. prompt "MD4 digest algorithm"
  191. tristate
  192. select ADK_KERNEL_CRYPTO_HASH
  193. default n
  194. help
  195. MD4 message digest algorithm (RFC1320).
  196. config ADK_KERNEL_CRYPTO_MD5
  197. prompt "MD5 digest algorithm"
  198. tristate
  199. select ADK_KERNEL_CRYPTO_HASH
  200. default n
  201. help
  202. MD5 message digest algorithm (RFC1321).
  203. config ADK_KERNEL_CRYPTO_SHA1
  204. prompt "SHA1 digest algorithm"
  205. tristate
  206. select ADK_KERNEL_CRYPTO_HASH
  207. default n
  208. help
  209. SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  210. config ADK_KERNEL_CRYPTO_SHA256
  211. prompt "SHA256 digest algorithm"
  212. tristate
  213. select ADK_KERNEL_CRYPTO_HASH
  214. default n
  215. help
  216. SHA256 secure hash standard (DFIPS 180-2).
  217. This version of SHA implements a 256 bit hash with 128 bits of
  218. security against collision attacks.
  219. config ADK_KERNEL_CRYPTO_SHA512
  220. prompt "SHA512 digest algorithm"
  221. tristate
  222. select ADK_KERNEL_CRYPTO_HASH
  223. default n
  224. help
  225. SHA512 secure hash standard (DFIPS 180-2).
  226. This version of SHA implements a 512 bit hash with 256 bits of
  227. security against collision attacks.
  228. This code also includes SHA-384, a 384 bit hash with 192 bits
  229. of security against collision attacks.
  230. config ADK_KERNEL_CRYPTO_WP512
  231. prompt "Whirlpool digest algorithms"
  232. tristate
  233. select ADK_KERNEL_CRYPTO_HASH
  234. default n
  235. help
  236. Whirlpool hash algorithm 512, 384 and 256-bit hashes
  237. Whirlpool-512 is part of the NESSIE cryptographic primitives.
  238. Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
  239. See also:
  240. <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
  241. config ADK_KERNEL_CRYPTO_TGR192
  242. prompt "Tiger digest algorithms"
  243. tristate
  244. select ADK_KERNEL_CRYPTO_HASH
  245. default n
  246. help
  247. Tiger hash algorithm 192, 160 and 128-bit hashes
  248. Tiger is a hash function optimized for 64-bit processors while
  249. still having decent performance on 32-bit processors.
  250. Tiger was developed by Ross Anderson and Eli Biham.
  251. See also:
  252. <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
  253. endmenu
  254. menu "Cipher algoritms"
  255. config ADK_KERNEL_CRYPTO_AES
  256. prompt "AES cipher algorithms"
  257. tristate
  258. select ADK_KERNEL_CRYPTO_ALGAPI
  259. default n
  260. help
  261. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  262. algorithm.
  263. Rijndael appears to be consistently a very good performer in
  264. both hardware and software across a wide range of computing
  265. environments regardless of its use in feedback or non-feedback
  266. modes. Its key setup time is excellent, and its key agility is
  267. good. Rijndael's very low memory requirements make it very well
  268. suited for restricted-space environments, in which it also
  269. demonstrates excellent performance. Rijndael's operations are
  270. among the easiest to defend against power and timing attacks.
  271. The AES specifies three key sizes: 128, 192 and 256 bits
  272. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  273. config ADK_KERNEL_CRYPTO_AES_586
  274. prompt "AES cipher algorithms (i586)"
  275. tristate
  276. depends on ADK_x86
  277. select ADK_KERNEL_CRYPTO_ALGAPI
  278. select ADK_KERNEL_CRYPTO_AES
  279. default n
  280. help
  281. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  282. algorithm.
  283. Rijndael appears to be consistently a very good performer in
  284. both hardware and software across a wide range of computing
  285. environments regardless of its use in feedback or non-feedback
  286. modes. Its key setup time is excellent, and its key agility is
  287. good. Rijndael's very low memory requirements make it very well
  288. suited for restricted-space environments, in which it also
  289. demonstrates excellent performance. Rijndael's operations are
  290. among the easiest to defend against power and timing attacks.
  291. The AES specifies three key sizes: 128, 192 and 256 bits
  292. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  293. config ADK_KERNEL_CRYPTO_ANUBIS
  294. prompt "Anubis cipher algorithm"
  295. tristate
  296. select ADK_KERNEL_CRYPTO_ALGAPI
  297. default n
  298. help
  299. Anubis cipher algorithm.
  300. Anubis is a variable key length cipher which can use keys from
  301. 128 bits to 320 bits in length. It was evaluated as a entrant
  302. in the NESSIE competition.
  303. See also:
  304. <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
  305. <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
  306. config ADK_KERNEL_CRYPTO_ARC4
  307. prompt "ARC4 cipher algorithm"
  308. tristate
  309. select ADK_KERNEL_CRYPTO_BLKCIPHER
  310. default n
  311. help
  312. ARC4 cipher algorithm.
  313. ARC4 is a stream cipher using keys ranging from 8 bits to 2048
  314. bits in length. This algorithm is required for driver-based
  315. WEP, but it should not be for other purposes because of the
  316. weakness of the algorithm.
  317. config ADK_KERNEL_CRYPTO_BLOWFISH
  318. prompt "Blowfish cipher algorithm"
  319. tristate
  320. select ADK_KERNEL_CRYPTO_ALGAPI
  321. default n
  322. help
  323. Blowfish cipher algorithm, by Bruce Schneier.
  324. This is a variable key length cipher which can use keys from 32
  325. bits to 448 bits in length. It's fast, simple and specifically
  326. designed for use on "large microprocessors".
  327. See also:
  328. <http://www.schneier.com/blowfish.html>
  329. config ADK_KERNEL_CRYPTO_CAMELLIA
  330. prompt "Camellia cipher algorithms"
  331. tristate
  332. select ADK_KERNEL_CRYPTO_ALGAPI
  333. default n
  334. help
  335. Camellia cipher algorithms module.
  336. Camellia is a symmetric key block cipher developed jointly
  337. at NTT and Mitsubishi Electric Corporation.
  338. The Camellia specifies three key sizes: 128, 192 and 256 bits.
  339. See also:
  340. <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
  341. config ADK_KERNEL_CRYPTO_CAST5
  342. prompt "CAST5 (CAST-128) cipher algorithm"
  343. tristate
  344. select ADK_KERNEL_CRYPTO_ALGAPI
  345. default n
  346. help
  347. The CAST5 encryption algorithm (synonymous with CAST-128) is
  348. described in RFC2144.
  349. config ADK_KERNEL_CRYPTO_CAST6
  350. prompt "CAST6 (CATS-256) cipher algorithm"
  351. tristate
  352. select ADK_KERNEL_CRYPTO_ALGAPI
  353. default n
  354. help
  355. The CAST6 encryption algorithm (synonymous with CAST-256) is
  356. described in RFC2612.
  357. config ADK_KERNEL_CRYPTO_DES
  358. prompt "DES and Triple DES EDE cipher algorithms"
  359. tristate
  360. select ADK_KERNEL_CRYPTO_ALGAPI
  361. default n
  362. help
  363. DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
  364. config ADK_KERNEL_CRYPTO_FCRYPT
  365. prompt "FCrypt cipher algorithms"
  366. tristate
  367. select ADK_KERNEL_CRYPTO_ALGAPI
  368. default n
  369. help
  370. FCrypt algorithm used by RxRPC.
  371. config ADK_KERNEL_CRYPTO_KHAZAD
  372. prompt "Khazad cipher algorithm"
  373. tristate
  374. select ADK_KERNEL_CRYPTO_ALGAPI
  375. default n
  376. help
  377. Khazad cipher algorithm.
  378. Khazad was a finalist in the initial NESSIE competition. It is
  379. an algorithm optimized for 64-bit processors with good performance
  380. on 32-bit processors. Khazad uses an 128 bit key size.
  381. See also:
  382. <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
  383. config ADK_KERNEL_CRYPTO_SERPENT
  384. prompt "Serpent cipher algorithm"
  385. tristate
  386. select ADK_KERNEL_CRYPTO_ALGAPI
  387. default n
  388. help
  389. Serpent cipher algorithm, by Anderson, Biham & Knudsen.
  390. Keys are allowed to be from 0 to 256 bits in length, in steps
  391. of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
  392. variant of Serpent for compatibility with old kerneli code.
  393. See also:
  394. <http://www.cl.cam.ac.uk/~rja14/serpent.html>
  395. config ADK_KERNEL_CRYPTO_TEA
  396. prompt "TEA, XTEA and XETA cipher algorithms"
  397. tristate
  398. select ADK_KERNEL_CRYPTO_ALGAPI
  399. default n
  400. help
  401. TEA cipher algorithm.
  402. Tiny Encryption Algorithm is a simple cipher that uses
  403. many rounds for security. It is very fast and uses
  404. little memory.
  405. Xtendend Tiny Encryption Algorithm is a modification to
  406. the TEA algorithm to address a potential key weakness
  407. in the TEA algorithm.
  408. Xtendend Encryption Tiny Algorithm is a mis-implementation
  409. of the XTEA algorithm for compatibility purposes.
  410. config ADK_KERNEL_CRYPTO_TWOFISH
  411. prompt "Twofish cipher algorithm"
  412. tristate
  413. select ADK_KERNEL_CRYPTO_ALGAPI
  414. default n
  415. help
  416. Twofish cipher algorithm.
  417. Twofish was submitted as an AES (Advanced Encryption Standard)
  418. candidate cipher by researchers at CounterPane Systems. It is a
  419. 16 round block cipher supporting key sizes of 128, 192, and 256
  420. bits.
  421. See also:
  422. <http://www.schneier.com/twofish.html>
  423. config ADK_KERNEL_CRYPTO_TWOFISH_586
  424. prompt "Twofish cipher algorithm (i586)"
  425. tristate
  426. select ADK_KERNEL_CRYPTO_ALGAPI
  427. depends on ADK_x86
  428. default n
  429. help
  430. Twofish cipher algorithm.
  431. Twofish was submitted as an AES (Advanced Encryption Standard)
  432. candidate cipher by researchers at CounterPane Systems. It is a
  433. 16 round block cipher supporting key sizes of 128, 192, and 256
  434. bits.
  435. See also:
  436. <http://www.schneier.com/twofish.html>
  437. config ADK_KERNEL_CRYPTO_NULL
  438. prompt "Null algorithms"
  439. tristate
  440. select ADK_KERNEL_CRYPTO_ALGAPI
  441. select ADK_KERNEL_CRYPTO_BLKCIPHER
  442. select ADK_KERNEL_CRYPTO_HASH
  443. default n
  444. help
  445. These are 'Null' algorithms, used by IPsec, which do nothing.
  446. endmenu
  447. menu "Compression"
  448. config ADK_KERNEL_CRYPTO_DEFLATE
  449. prompt "Deflate compression algorithm"
  450. tristate
  451. select ADK_KERNEL_CRYPTO_ALGAPI
  452. select ADK_KERNEL_ZLIB_DEFLATE
  453. select ADK_KERNEL_ZLIB_INFLATE
  454. default n
  455. help
  456. This is the Deflate algorithm (RFC1951), specified for use in
  457. IPSec with the IPCOMP protocol (RFC3173, RFC2394).
  458. You will most probably want this if using IPSec.
  459. config ADK_KERNEL_CRYPTO_LZO
  460. prompt "LZO compression algorithm"
  461. tristate
  462. select ADK_KERNEL_CRYPTO_ALGAPI
  463. default n
  464. help
  465. config ADK_KERNEL_CRYPTO_MICHAEL_MIC
  466. prompt "Michael MIC keyed digest algorithm"
  467. tristate
  468. select ADK_KERNEL_CRYPTO_HASH
  469. default n
  470. help
  471. Michael MIC is used for message integrity protection in TKIP
  472. (IEEE 802.11i). This algorithm is required for TKIP, but it
  473. should not be used for other purposes because of the weakness
  474. of the algorithm.
  475. config ADK_KERNEL_CRYPTO_CRC32C
  476. prompt "CRC32c CRC algorithm"
  477. tristate
  478. select ADK_KERNEL_CRYPTO_HASH
  479. select ADK_KERNEL_CRC32
  480. default n
  481. help
  482. Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
  483. by iSCSI for header and data digests and by others.
  484. See Castagnoli93. This implementation uses lib/libcrc32c.
  485. Module will be crc32c.
  486. endmenu
  487. endmenu