Config.in.crypto 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553
  1. # This file is part of the OpenADK project. OpenADK is copyrighted
  2. # material, please see the LICENCE file in the top-level directory.
  3. menu "Crypto support"
  4. config ADK_KERNEL_CRYPTO
  5. tristate
  6. config ADK_KERNEL_CRYPTO_HW
  7. bool
  8. config ADK_KERNEL_XOR_BLOCKS
  9. tristate
  10. comment "Hardware cryptography"
  11. menu "Hardware crypto devices"
  12. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI || ADK_TARGET_WITH_GEODE_CRYPTO
  13. config ADK_KERNEL_CRYPTO_DEV_GEODE
  14. tristate "Support for the Geode LX/GX AES engine"
  15. select ADK_KERNEL_CRYPTO
  16. select ADK_KERNEL_CRYPTO_HW
  17. select ADK_KERNEL_CRYPTO_ECB
  18. select ADK_KERNEL_CRYPTO_CBC
  19. depends on ADK_TARGET_WITH_GEODE_CRYPTO
  20. default y if ADK_TARGET_WITH_GEODE_CRYPTO
  21. default n
  22. help
  23. Say 'Y' here to use the AMD Geode LX processor on-board AES
  24. engine for the CryptoAPI AES algorithm.
  25. config ADK_KERNEL_CRYPTO_DEV_HIFN_795X
  26. tristate "Driver for HIFN 795x crypto accelerator chips"
  27. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI
  28. select ADK_KERNEL_CRYPTO
  29. select ADK_KERNEL_CRYPTO_HW
  30. select ADK_KERNEL_CRYPTO_DES
  31. default n
  32. help
  33. This option allows you to have support for HIFN 795x crypto adapters.
  34. endmenu
  35. comment "Software cryptography support"
  36. menu "Crypto core / Block and Hash modes"
  37. config ADK_KERNEL_CRYPTO_PCOMP
  38. tristate
  39. select ADK_KERNEL_CRYPTO_PCOMP2
  40. select ADK_KERNEL_CRYPTO_ALGAPI
  41. config ADK_KERNEL_CRYPTO_PCOMP2
  42. tristate
  43. select ADK_KERNEL_CRYPTO_ALGAPI2
  44. config ADK_KERNEL_CRYPTO_ALGAPI
  45. tristate
  46. select ADK_KERNEL_CRYPTO_ALGAPI2
  47. config ADK_KERNEL_CRYPTO_ALGAPI2
  48. tristate
  49. config ADK_KERNEL_CRYPTO_AEAD
  50. tristate
  51. select ADK_KERNEL_CRYPTO_AEAD2
  52. select ADK_KERNEL_CRYPTO_ALGAPI
  53. config ADK_KERNEL_CRYPTO_AEAD2
  54. tristate
  55. select ADK_KERNEL_CRYPTO_ALGAPI2
  56. config ADK_KERNEL_CRYPTO_HASH
  57. tristate
  58. select ADK_KERNEL_CRYPTO
  59. select ADK_KERNEL_CRYPTO_ALGAPI
  60. select ADK_KERNEL_CRYPTO_HASH2
  61. select ADK_KERNEL_CRYPTO_ALGAPI
  62. config ADK_KERNEL_CRYPTO_HASH2
  63. select ADK_KERNEL_CRYPTO_ALGAPI2
  64. tristate
  65. config ADK_KERNEL_CRYPTO_BLKCIPHER
  66. tristate
  67. select ADK_KERNEL_CRYPTO_BLKCIPHER2
  68. select ADK_KERNEL_CRYPTO_ALGAPI
  69. config ADK_KERNEL_CRYPTO_BLKCIPHER2
  70. tristate
  71. select ADK_KERNEL_CRYPTO_ALGAPI2
  72. select ADK_KERNEL_CRYPTO_RNG2
  73. select ADK_KERNEL_CRYPTO_WORKQUEUE
  74. config ADK_KERNEL_CRYPTO_WORKQUEUE
  75. tristate
  76. config ADK_KERNEL_CRYPTO_RNG
  77. tristate
  78. select ADK_KERNEL_CRYPTO_RNG2
  79. select ADK_KERNEL_CRYPTO_ALGAPI
  80. config ADK_KERNEL_CRYPTO_RNG2
  81. tristate
  82. select ADK_KERNEL_CRYPTO_ALGAPI2
  83. config ADK_KERNEL_CRYPTO_MANAGER
  84. tristate
  85. select ADK_KERNEL_CRYPTO_MANAGER2
  86. config ADK_KERNEL_CRYPTO_MANAGER2
  87. def_tristate ADK_KERNEL_CRYPTO_MANAGER || (ADK_KERNEL_CRYPTO_MANAGER!=n && ADK_KERNEL_CRYPTO_ALGAPI=y)
  88. select ADK_KERNEL_CRYPTO_AEAD2
  89. select ADK_KERNEL_CRYPTO_HASH2
  90. select ADK_KERNEL_CRYPTO_BLKCIPHER2
  91. select ADK_KERNEL_CRYPTO_PCOMP2
  92. config ADK_KERNEL_CRYPTO_AUTHENC
  93. tristate "AuthENC (IPsec)"
  94. select ADK_KERNEL_CRYPTO_AEAD
  95. select ADK_KERNEL_CRYPTO_BLKCIPHER
  96. select ADK_KERNEL_CRYPTO_MANAGER
  97. select ADK_KERNEL_CRYPTO_HASH
  98. default n
  99. config ADK_KERNEL_CRYPTO_SEQIV
  100. tristate "Sequence Number IV Generator"
  101. select ADK_KERNEL_CRYPTO_AEAD
  102. select ADK_KERNEL_CRYPTO_BLKCIPHER
  103. select ADK_KERNEL_CRYPTO_RNG
  104. default n
  105. help
  106. This IV generator generates an IV based on a sequence number by
  107. xoring it with a salt. This algorithm is mainly useful for CTR
  108. config ADK_KERNEL_CRYPTO_CTS
  109. tristate "CTS support"
  110. select ADK_KERNEL_CRYPTO_BLKCIPHER
  111. default n
  112. help
  113. CTS: Cipher Text Stealing
  114. This is the Cipher Text Stealing mode as described by
  115. Section 8 of rfc2040 and referenced by rfc3962.
  116. (rfc3962 includes errata information in its Appendix A)
  117. This mode is required for Kerberos gss mechanism support
  118. for AES encryption.
  119. config ADK_KERNEL_CRYPTO_CBC
  120. tristate "CBC support"
  121. select ADK_KERNEL_CRYPTO_BLKCIPHER
  122. select ADK_KERNEL_CRYPTO_MANAGER
  123. default n
  124. help
  125. CBC: Cipher Block Chaining mode
  126. This block cipher algorithm is required for IPSec.
  127. config ADK_KERNEL_CRYPTO_CCM
  128. tristate "CCM support"
  129. select ADK_KERNEL_CRYPTO_CTR
  130. select ADK_KERNEL_CRYPTO_AEAD
  131. default n
  132. help
  133. Support for Counter with CBC MAC. Required for IPsec.
  134. config ADK_KERNEL_CRYPTO_GCM
  135. tristate "GCM support"
  136. select ADK_KERNEL_CRYPTO_CTR
  137. select ADK_KERNEL_CRYPTO_AEAD
  138. select ADK_KERNEL_CRYPTO_GHASH
  139. select ADK_KERNEL_CRYPTO_NULL
  140. default n
  141. help
  142. Support for Galois/Counter Mode (GCM) and Galois Message
  143. Authentication Code (GMAC). Required for IPSec.
  144. config ADK_KERNEL_CRYPTO_CTR
  145. tristate "CTR support"
  146. select ADK_KERNEL_CRYPTO_BLKCIPHER
  147. select ADK_KERNEL_CRYPTO_SEQIV
  148. select ADK_KERNEL_CRYPTO_MANAGER
  149. default n
  150. help
  151. CTR: Counter mode
  152. This block cipher algorithm is required for IPSec.
  153. config ADK_KERNEL_CRYPTO_ECB
  154. tristate "ECB support"
  155. select ADK_KERNEL_CRYPTO_BLKCIPHER
  156. select ADK_KERNEL_CRYPTO_MANAGER
  157. default n
  158. help
  159. ECB: Electronic CodeBook mode
  160. This is the simplest block cipher algorithm. It simply encrypts
  161. the input block by block.
  162. config ADK_KERNEL_CRYPTO_HMAC
  163. tristate "HMAC support"
  164. select ADK_KERNEL_CRYPTO_HASH
  165. select ADK_KERNEL_CRYPTO_MANAGER
  166. default n
  167. help
  168. HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  169. This is required for IPSec.
  170. config ADK_KERNEL_CRYPTO_XCBC
  171. tristate "XCBC support"
  172. select ADK_KERNEL_CRYPTO_HASH
  173. select ADK_KERNEL_CRYPTO_MANAGER
  174. default n
  175. help
  176. XCBC: Keyed-Hashing with encryption algorithm
  177. endmenu
  178. menu "Digest algorithms"
  179. config ADK_KERNEL_CRYPTO_MD4
  180. tristate "MD4 digest algorithm"
  181. select ADK_KERNEL_CRYPTO_HASH
  182. default n
  183. help
  184. MD4 message digest algorithm (RFC1320).
  185. config ADK_KERNEL_CRYPTO_MD5
  186. tristate "MD5 digest algorithm"
  187. select ADK_KERNEL_CRYPTO_HASH
  188. default n
  189. help
  190. MD5 message digest algorithm (RFC1321).
  191. config ADK_KERNEL_CRYPTO_SHA1
  192. tristate "SHA1 digest algorithm"
  193. select ADK_KERNEL_CRYPTO_HASH
  194. default n
  195. help
  196. SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  197. config ADK_KERNEL_CRYPTO_SHA256
  198. tristate "SHA256 digest algorithm"
  199. select ADK_KERNEL_CRYPTO_HASH
  200. default n
  201. help
  202. SHA256 secure hash standard (DFIPS 180-2).
  203. This version of SHA implements a 256 bit hash with 128 bits of
  204. security against collision attacks.
  205. config ADK_KERNEL_CRYPTO_SHA512
  206. tristate "SHA512 digest algorithm"
  207. select ADK_KERNEL_CRYPTO_HASH
  208. default n
  209. help
  210. SHA512 secure hash standard (DFIPS 180-2).
  211. This version of SHA implements a 512 bit hash with 256 bits of
  212. security against collision attacks.
  213. This code also includes SHA-384, a 384 bit hash with 192 bits
  214. of security against collision attacks.
  215. config ADK_KERNEL_CRYPTO_WP512
  216. tristate "Whirlpool digest algorithms"
  217. select ADK_KERNEL_CRYPTO_HASH
  218. default n
  219. help
  220. Whirlpool hash algorithm 512, 384 and 256-bit hashes
  221. Whirlpool-512 is part of the NESSIE cryptographic primitives.
  222. Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
  223. See also:
  224. <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
  225. config ADK_KERNEL_CRYPTO_TGR192
  226. tristate "Tiger digest algorithms"
  227. select ADK_KERNEL_CRYPTO_HASH
  228. default n
  229. help
  230. Tiger hash algorithm 192, 160 and 128-bit hashes
  231. Tiger is a hash function optimized for 64-bit processors while
  232. still having decent performance on 32-bit processors.
  233. Tiger was developed by Ross Anderson and Eli Biham.
  234. See also:
  235. <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
  236. endmenu
  237. menu "Cipher algoritms"
  238. config ADK_KERNEL_CRYPTO_AES
  239. tristate "AES cipher algorithms"
  240. select ADK_KERNEL_CRYPTO_ALGAPI
  241. default n
  242. help
  243. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  244. algorithm.
  245. Rijndael appears to be consistently a very good performer in
  246. both hardware and software across a wide range of computing
  247. environments regardless of its use in feedback or non-feedback
  248. modes. Its key setup time is excellent, and its key agility is
  249. good. Rijndael's very low memory requirements make it very well
  250. suited for restricted-space environments, in which it also
  251. demonstrates excellent performance. Rijndael's operations are
  252. among the easiest to defend against power and timing attacks.
  253. The AES specifies three key sizes: 128, 192 and 256 bits
  254. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  255. config ADK_KERNEL_CRYPTO_AES_586
  256. tristate "AES cipher algorithms (i586)"
  257. depends on ADK_x86
  258. select ADK_KERNEL_CRYPTO_ALGAPI
  259. select ADK_KERNEL_CRYPTO_AES
  260. default n
  261. help
  262. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  263. algorithm.
  264. Rijndael appears to be consistently a very good performer in
  265. both hardware and software across a wide range of computing
  266. environments regardless of its use in feedback or non-feedback
  267. modes. Its key setup time is excellent, and its key agility is
  268. good. Rijndael's very low memory requirements make it very well
  269. suited for restricted-space environments, in which it also
  270. demonstrates excellent performance. Rijndael's operations are
  271. among the easiest to defend against power and timing attacks.
  272. The AES specifies three key sizes: 128, 192 and 256 bits
  273. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  274. config ADK_KERNEL_CRYPTO_ANUBIS
  275. tristate "Anubis cipher algorithm"
  276. select ADK_KERNEL_CRYPTO_ALGAPI
  277. default n
  278. help
  279. Anubis cipher algorithm.
  280. Anubis is a variable key length cipher which can use keys from
  281. 128 bits to 320 bits in length. It was evaluated as a entrant
  282. in the NESSIE competition.
  283. See also:
  284. <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
  285. <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
  286. config ADK_KERNEL_CRYPTO_ARC4
  287. tristate "ARC4 cipher algorithm"
  288. select ADK_KERNEL_CRYPTO_BLKCIPHER
  289. default n
  290. help
  291. ARC4 cipher algorithm.
  292. ARC4 is a stream cipher using keys ranging from 8 bits to 2048
  293. bits in length. This algorithm is required for driver-based
  294. WEP, but it should not be for other purposes because of the
  295. weakness of the algorithm.
  296. config ADK_KERNEL_CRYPTO_BLOWFISH
  297. tristate "Blowfish cipher algorithm"
  298. select ADK_KERNEL_CRYPTO_ALGAPI
  299. default n
  300. help
  301. Blowfish cipher algorithm, by Bruce Schneier.
  302. This is a variable key length cipher which can use keys from 32
  303. bits to 448 bits in length. It's fast, simple and specifically
  304. designed for use on "large microprocessors".
  305. See also:
  306. <http://www.schneier.com/blowfish.html>
  307. config ADK_KERNEL_CRYPTO_CAMELLIA
  308. tristate "Camellia cipher algorithms"
  309. select ADK_KERNEL_CRYPTO_ALGAPI
  310. default n
  311. help
  312. Camellia cipher algorithms module.
  313. Camellia is a symmetric key block cipher developed jointly
  314. at NTT and Mitsubishi Electric Corporation.
  315. The Camellia specifies three key sizes: 128, 192 and 256 bits.
  316. See also:
  317. <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
  318. config ADK_KERNEL_CRYPTO_CAST5
  319. tristate "CAST5 (CAST-128) cipher algorithm"
  320. select ADK_KERNEL_CRYPTO_ALGAPI
  321. default n
  322. help
  323. The CAST5 encryption algorithm (synonymous with CAST-128) is
  324. described in RFC2144.
  325. config ADK_KERNEL_CRYPTO_CAST6
  326. tristate "CAST6 (CATS-256) cipher algorithm"
  327. select ADK_KERNEL_CRYPTO_ALGAPI
  328. default n
  329. help
  330. The CAST6 encryption algorithm (synonymous with CAST-256) is
  331. described in RFC2612.
  332. config ADK_KERNEL_CRYPTO_DES
  333. tristate "DES and Triple DES EDE cipher algorithms"
  334. select ADK_KERNEL_CRYPTO_ALGAPI
  335. default n
  336. help
  337. DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
  338. config ADK_KERNEL_CRYPTO_FCRYPT
  339. tristate "FCrypt cipher algorithms"
  340. select ADK_KERNEL_CRYPTO_ALGAPI
  341. default n
  342. help
  343. FCrypt algorithm used by RxRPC.
  344. config ADK_KERNEL_CRYPTO_KHAZAD
  345. tristate "Khazad cipher algorithm"
  346. select ADK_KERNEL_CRYPTO_ALGAPI
  347. default n
  348. help
  349. Khazad cipher algorithm.
  350. Khazad was a finalist in the initial NESSIE competition. It is
  351. an algorithm optimized for 64-bit processors with good performance
  352. on 32-bit processors. Khazad uses an 128 bit key size.
  353. See also:
  354. <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
  355. config ADK_KERNEL_CRYPTO_SERPENT
  356. tristate "Serpent cipher algorithm"
  357. select ADK_KERNEL_CRYPTO_ALGAPI
  358. default n
  359. help
  360. Serpent cipher algorithm, by Anderson, Biham & Knudsen.
  361. Keys are allowed to be from 0 to 256 bits in length, in steps
  362. of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
  363. variant of Serpent for compatibility with old kerneli code.
  364. See also:
  365. <http://www.cl.cam.ac.uk/~rja14/serpent.html>
  366. config ADK_KERNEL_CRYPTO_TEA
  367. tristate "TEA, XTEA and XETA cipher algorithms"
  368. select ADK_KERNEL_CRYPTO_ALGAPI
  369. default n
  370. help
  371. TEA cipher algorithm.
  372. Tiny Encryption Algorithm is a simple cipher that uses
  373. many rounds for security. It is very fast and uses
  374. little memory.
  375. Xtendend Tiny Encryption Algorithm is a modification to
  376. the TEA algorithm to address a potential key weakness
  377. in the TEA algorithm.
  378. Xtendend Encryption Tiny Algorithm is a mis-implementation
  379. of the XTEA algorithm for compatibility purposes.
  380. config ADK_KERNEL_CRYPTO_TWOFISH
  381. tristate "Twofish cipher algorithm"
  382. select ADK_KERNEL_CRYPTO_ALGAPI
  383. default n
  384. help
  385. Twofish cipher algorithm.
  386. Twofish was submitted as an AES (Advanced Encryption Standard)
  387. candidate cipher by researchers at CounterPane Systems. It is a
  388. 16 round block cipher supporting key sizes of 128, 192, and 256
  389. bits.
  390. See also:
  391. <http://www.schneier.com/twofish.html>
  392. config ADK_KERNEL_CRYPTO_TWOFISH_586
  393. tristate "Twofish cipher algorithm (i586)"
  394. select ADK_KERNEL_CRYPTO_ALGAPI
  395. depends on ADK_x86
  396. default n
  397. help
  398. Twofish cipher algorithm.
  399. Twofish was submitted as an AES (Advanced Encryption Standard)
  400. candidate cipher by researchers at CounterPane Systems. It is a
  401. 16 round block cipher supporting key sizes of 128, 192, and 256
  402. bits.
  403. See also:
  404. <http://www.schneier.com/twofish.html>
  405. config ADK_KERNEL_CRYPTO_NULL
  406. tristate "Null algorithms"
  407. select ADK_KERNEL_CRYPTO_ALGAPI
  408. select ADK_KERNEL_CRYPTO_BLKCIPHER
  409. select ADK_KERNEL_CRYPTO_HASH
  410. default n
  411. help
  412. These are 'Null' algorithms, used by IPsec, which do nothing.
  413. endmenu
  414. menu "Compression"
  415. config ADK_KERNEL_CRYPTO_DEFLATE
  416. tristate "Deflate compression algorithm"
  417. select ADK_KERNEL_CRYPTO_ALGAPI
  418. select ADK_KERNEL_ZLIB_DEFLATE
  419. select ADK_KERNEL_ZLIB_INFLATE
  420. default n
  421. help
  422. This is the Deflate algorithm (RFC1951), specified for use in
  423. IPSec with the IPCOMP protocol (RFC3173, RFC2394).
  424. You will most probably want this if using IPSec.
  425. config ADK_KERNEL_CRYPTO_LZO
  426. tristate "LZO compression algorithm"
  427. select ADK_KERNEL_CRYPTO_ALGAPI
  428. default n
  429. help
  430. config ADK_KERNEL_CRYPTO_MICHAEL_MIC
  431. tristate "Michael MIC keyed digest algorithm"
  432. select ADK_KERNEL_CRYPTO_HASH
  433. default n
  434. help
  435. Michael MIC is used for message integrity protection in TKIP
  436. (IEEE 802.11i). This algorithm is required for TKIP, but it
  437. should not be used for other purposes because of the weakness
  438. of the algorithm.
  439. config ADK_KERNEL_CRYPTO_CRC32C
  440. tristate "CRC32c CRC algorithm"
  441. select ADK_KERNEL_CRYPTO_HASH
  442. select ADK_KERNEL_CRC32
  443. default n
  444. help
  445. Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
  446. by iSCSI for header and data digests and by others.
  447. See Castagnoli93. This implementation uses lib/libcrc32c.
  448. Module will be crc32c.
  449. endmenu
  450. endmenu