Config.in.crypto 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602
  1. menu "Crypto support"
  2. config ADK_KERNEL_CRYPTO
  3. tristate
  4. config ADK_KERNEL_CRYPTO_HW
  5. boolean
  6. config ADK_KERNEL_XOR_BLOCKS
  7. tristate
  8. comment "Hardware cryptography"
  9. menu "Hardware crypto devices"
  10. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI || ADK_TARGET_WITH_GEODE_CRYPTO
  11. config ADK_KERNEL_CRYPTO_DEV_GEODE
  12. prompt "Support for the Geode LX/GX AES engine"
  13. tristate
  14. select ADK_KERNEL_CRYPTO
  15. select ADK_KERNEL_CRYPTO_HW
  16. select ADK_KERNEL_CRYPTO_ECB
  17. select ADK_KERNEL_CRYPTO_CBC
  18. depends on ADK_TARGET_WITH_GEODE_CRYPTO
  19. default y if ADK_TARGET_WITH_GEODE_CRYPTO
  20. default n
  21. help
  22. Say 'Y' here to use the AMD Geode LX processor on-board AES
  23. engine for the CryptoAPI AES algorithm.
  24. config ADK_KERNEL_CRYPTO_DEV_HIFN_795X
  25. prompt "Driver for HIFN 795x crypto accelerator chips"
  26. tristate
  27. depends on ADK_TARGET_WITH_PCI || ADK_TARGET_WITH_MINIPCI
  28. select ADK_KERNEL_CRYPTO
  29. select ADK_KERNEL_CRYPTO_HW
  30. select ADK_KERNEL_CRYPTO_DES
  31. default n
  32. help
  33. This option allows you to have support for HIFN 795x crypto adapters.
  34. endmenu
  35. comment "Software cryptography support"
  36. menu "Crypto core / Block and Hash modes"
  37. config ADK_KERNEL_CRYPTO_PCOMP
  38. tristate
  39. select ADK_KERNEL_CRYPTO_PCOMP2
  40. select ADK_KERNEL_CRYPTO_ALGAPI
  41. config ADK_KERNEL_CRYPTO_PCOMP2
  42. tristate
  43. select ADK_KERNEL_CRYPTO_ALGAPI2
  44. config ADK_KERNEL_CRYPTO_ALGAPI
  45. tristate
  46. select ADK_KERNEL_CRYPTO_ALGAPI2
  47. config ADK_KERNEL_CRYPTO_ALGAPI2
  48. tristate
  49. config ADK_KERNEL_CRYPTO_AEAD
  50. tristate
  51. select ADK_KERNEL_CRYPTO_AEAD2
  52. select ADK_KERNEL_CRYPTO_ALGAPI
  53. config ADK_KERNEL_CRYPTO_AEAD2
  54. tristate
  55. select ADK_KERNEL_CRYPTO_ALGAPI2
  56. config ADK_KERNEL_CRYPTO_HASH
  57. tristate
  58. select ADK_KERNEL_CRYPTO
  59. select ADK_KERNEL_CRYPTO_ALGAPI
  60. select ADK_KERNEL_CRYPTO_HASH2
  61. select ADK_KERNEL_CRYPTO_ALGAPI
  62. config ADK_KERNEL_CRYPTO_HASH2
  63. select ADK_KERNEL_CRYPTO_ALGAPI2
  64. tristate
  65. config ADK_KERNEL_CRYPTO_BLKCIPHER
  66. tristate
  67. select ADK_KERNEL_CRYPTO_BLKCIPHER2
  68. select ADK_KERNEL_CRYPTO_ALGAPI
  69. config ADK_KERNEL_CRYPTO_BLKCIPHER2
  70. tristate
  71. select ADK_KERNEL_CRYPTO_ALGAPI2
  72. select ADK_KERNEL_CRYPTO_RNG2
  73. select ADK_KERNEL_CRYPTO_WORKQUEUE
  74. config ADK_KERNEL_CRYPTO_WORKQUEUE
  75. tristate
  76. config ADK_KERNEL_CRYPTO_RNG
  77. tristate
  78. select ADK_KERNEL_CRYPTO_RNG2
  79. select ADK_KERNEL_CRYPTO_ALGAPI
  80. config ADK_KERNEL_CRYPTO_RNG2
  81. tristate
  82. select ADK_KERNEL_CRYPTO_ALGAPI2
  83. config ADK_KERNEL_CRYPTO_MANAGER
  84. tristate
  85. select ADK_KERNEL_CRYPTO_MANAGER2
  86. config ADK_KERNEL_CRYPTO_MANAGER2
  87. def_tristate ADK_KERNEL_CRYPTO_MANAGER || (ADK_KERNEL_CRYPTO_MANAGER!=n && ADK_KERNEL_CRYPTO_ALGAPI=y)
  88. select ADK_KERNEL_CRYPTO_AEAD2
  89. select ADK_KERNEL_CRYPTO_HASH2
  90. select ADK_KERNEL_CRYPTO_BLKCIPHER2
  91. select ADK_KERNEL_CRYPTO_PCOMP2
  92. config ADK_KERNEL_CRYPTO_AUTHENC
  93. prompt "AuthENC (IPsec)"
  94. tristate
  95. select ADK_KERNEL_CRYPTO_AEAD
  96. select ADK_KERNEL_CRYPTO_BLKCIPHER
  97. select ADK_KERNEL_CRYPTO_MANAGER
  98. select ADK_KERNEL_CRYPTO_HASH
  99. default n
  100. config ADK_KERNEL_CRYPTO_SEQIV
  101. prompt "Sequence Number IV Generator"
  102. tristate
  103. select ADK_KERNEL_CRYPTO_AEAD
  104. select ADK_KERNEL_CRYPTO_BLKCIPHER
  105. select ADK_KERNEL_CRYPTO_RNG
  106. default n
  107. help
  108. This IV generator generates an IV based on a sequence number by
  109. xoring it with a salt. This algorithm is mainly useful for CTR
  110. config ADK_KERNEL_CRYPTO_CTS
  111. prompt "CTS support"
  112. tristate
  113. select ADK_KERNEL_CRYPTO_BLKCIPHER
  114. default n
  115. help
  116. CTS: Cipher Text Stealing
  117. This is the Cipher Text Stealing mode as described by
  118. Section 8 of rfc2040 and referenced by rfc3962.
  119. (rfc3962 includes errata information in its Appendix A)
  120. This mode is required for Kerberos gss mechanism support
  121. for AES encryption.
  122. config ADK_KERNEL_CRYPTO_CBC
  123. prompt "CBC support"
  124. tristate
  125. select ADK_KERNEL_CRYPTO_BLKCIPHER
  126. select ADK_KERNEL_CRYPTO_MANAGER
  127. default m if ADK_PACKAGE_CRYPTSETUP
  128. default m if ADK_PACKAGE_STRONGSWAN
  129. default m if ADK_PACKAGE_OPENSWAN
  130. default n
  131. help
  132. CBC: Cipher Block Chaining mode
  133. This block cipher algorithm is required for IPSec.
  134. config ADK_KERNEL_CRYPTO_CCM
  135. prompt "CCM support"
  136. tristate
  137. select ADK_KERNEL_CRYPTO_CTR
  138. select ADK_KERNEL_CRYPTO_AEAD
  139. default n
  140. help
  141. Support for Counter with CBC MAC. Required for IPsec.
  142. config ADK_KERNEL_CRYPTO_GCM
  143. prompt "GCM support"
  144. tristate
  145. select ADK_KERNEL_CRYPTO_CTR
  146. select ADK_KERNEL_CRYPTO_AEAD
  147. select ADK_KERNEL_CRYPTO_GHASH
  148. select ADK_KERNEL_CRYPTO_NULL
  149. default n
  150. help
  151. Support for Galois/Counter Mode (GCM) and Galois Message
  152. Authentication Code (GMAC). Required for IPSec.
  153. config ADK_KERNEL_CRYPTO_CTR
  154. prompt "CTR support"
  155. tristate
  156. select ADK_KERNEL_CRYPTO_BLKCIPHER
  157. select ADK_KERNEL_CRYPTO_SEQIV
  158. select ADK_KERNEL_CRYPTO_MANAGER
  159. default n
  160. help
  161. CTR: Counter mode
  162. This block cipher algorithm is required for IPSec.
  163. config ADK_KERNEL_CRYPTO_ECB
  164. prompt "ECB support"
  165. tristate
  166. select ADK_KERNEL_CRYPTO_BLKCIPHER
  167. select ADK_KERNEL_CRYPTO_MANAGER
  168. default n
  169. help
  170. ECB: Electronic CodeBook mode
  171. This is the simplest block cipher algorithm. It simply encrypts
  172. the input block by block.
  173. config ADK_KERNEL_CRYPTO_HMAC
  174. prompt "HMAC support"
  175. tristate
  176. select ADK_KERNEL_CRYPTO_HASH
  177. select ADK_KERNEL_CRYPTO_MANAGER
  178. default m if ADK_PACKAGE_STRONGSWAN
  179. default m if ADK_PACKAGE_OPENSWAN
  180. default n
  181. help
  182. HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  183. This is required for IPSec.
  184. config ADK_KERNEL_CRYPTO_XCBC
  185. prompt "XCBC support"
  186. tristate
  187. select ADK_KERNEL_CRYPTO_HASH
  188. select ADK_KERNEL_CRYPTO_MANAGER
  189. default n
  190. help
  191. XCBC: Keyed-Hashing with encryption algorithm
  192. endmenu
  193. menu "Digest algorithms"
  194. config ADK_KERNEL_CRYPTO_MD4
  195. prompt "MD4 digest algorithm"
  196. tristate
  197. select ADK_KERNEL_CRYPTO_HASH
  198. default n
  199. help
  200. MD4 message digest algorithm (RFC1320).
  201. config ADK_KERNEL_CRYPTO_MD5
  202. prompt "MD5 digest algorithm"
  203. tristate
  204. select ADK_KERNEL_CRYPTO_HASH
  205. default m if ADK_PACKAGE_STRONGSWAN
  206. default m if ADK_PACKAGE_OPENSWAN
  207. default n
  208. help
  209. MD5 message digest algorithm (RFC1321).
  210. config ADK_KERNEL_CRYPTO_SHA1
  211. prompt "SHA1 digest algorithm"
  212. tristate
  213. select ADK_KERNEL_CRYPTO_HASH
  214. default m if ADK_PACKAGE_STRONGSWAN
  215. default m if ADK_PACKAGE_OPENSWAN
  216. default n
  217. help
  218. SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  219. config ADK_KERNEL_CRYPTO_SHA256
  220. prompt "SHA256 digest algorithm"
  221. tristate
  222. select ADK_KERNEL_CRYPTO_HASH
  223. default m if ADK_PACKAGE_CRYPTSETUP
  224. default n
  225. help
  226. SHA256 secure hash standard (DFIPS 180-2).
  227. This version of SHA implements a 256 bit hash with 128 bits of
  228. security against collision attacks.
  229. config ADK_KERNEL_CRYPTO_SHA512
  230. prompt "SHA512 digest algorithm"
  231. tristate
  232. select ADK_KERNEL_CRYPTO_HASH
  233. default n
  234. help
  235. SHA512 secure hash standard (DFIPS 180-2).
  236. This version of SHA implements a 512 bit hash with 256 bits of
  237. security against collision attacks.
  238. This code also includes SHA-384, a 384 bit hash with 192 bits
  239. of security against collision attacks.
  240. config ADK_KERNEL_CRYPTO_WP512
  241. prompt "Whirlpool digest algorithms"
  242. tristate
  243. select ADK_KERNEL_CRYPTO_HASH
  244. default n
  245. help
  246. Whirlpool hash algorithm 512, 384 and 256-bit hashes
  247. Whirlpool-512 is part of the NESSIE cryptographic primitives.
  248. Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
  249. See also:
  250. <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
  251. config ADK_KERNEL_CRYPTO_TGR192
  252. prompt "Tiger digest algorithms"
  253. tristate
  254. select ADK_KERNEL_CRYPTO_HASH
  255. default n
  256. help
  257. Tiger hash algorithm 192, 160 and 128-bit hashes
  258. Tiger is a hash function optimized for 64-bit processors while
  259. still having decent performance on 32-bit processors.
  260. Tiger was developed by Ross Anderson and Eli Biham.
  261. See also:
  262. <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
  263. endmenu
  264. menu "Cipher algoritms"
  265. config ADK_KERNEL_CRYPTO_AES
  266. prompt "AES cipher algorithms"
  267. tristate
  268. select ADK_KERNEL_CRYPTO_ALGAPI
  269. default n
  270. help
  271. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  272. algorithm.
  273. Rijndael appears to be consistently a very good performer in
  274. both hardware and software across a wide range of computing
  275. environments regardless of its use in feedback or non-feedback
  276. modes. Its key setup time is excellent, and its key agility is
  277. good. Rijndael's very low memory requirements make it very well
  278. suited for restricted-space environments, in which it also
  279. demonstrates excellent performance. Rijndael's operations are
  280. among the easiest to defend against power and timing attacks.
  281. The AES specifies three key sizes: 128, 192 and 256 bits
  282. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  283. config ADK_KERNEL_CRYPTO_AES_586
  284. prompt "AES cipher algorithms (i586)"
  285. tristate
  286. depends on ADK_x86
  287. select ADK_KERNEL_CRYPTO_ALGAPI
  288. select ADK_KERNEL_CRYPTO_AES
  289. default n
  290. help
  291. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  292. algorithm.
  293. Rijndael appears to be consistently a very good performer in
  294. both hardware and software across a wide range of computing
  295. environments regardless of its use in feedback or non-feedback
  296. modes. Its key setup time is excellent, and its key agility is
  297. good. Rijndael's very low memory requirements make it very well
  298. suited for restricted-space environments, in which it also
  299. demonstrates excellent performance. Rijndael's operations are
  300. among the easiest to defend against power and timing attacks.
  301. The AES specifies three key sizes: 128, 192 and 256 bits
  302. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  303. config ADK_KERNEL_CRYPTO_ANUBIS
  304. prompt "Anubis cipher algorithm"
  305. tristate
  306. select ADK_KERNEL_CRYPTO_ALGAPI
  307. default n
  308. help
  309. Anubis cipher algorithm.
  310. Anubis is a variable key length cipher which can use keys from
  311. 128 bits to 320 bits in length. It was evaluated as a entrant
  312. in the NESSIE competition.
  313. See also:
  314. <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
  315. <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
  316. config ADK_KERNEL_CRYPTO_ARC4
  317. prompt "ARC4 cipher algorithm"
  318. tristate
  319. select ADK_KERNEL_CRYPTO_BLKCIPHER
  320. default n
  321. help
  322. ARC4 cipher algorithm.
  323. ARC4 is a stream cipher using keys ranging from 8 bits to 2048
  324. bits in length. This algorithm is required for driver-based
  325. WEP, but it should not be for other purposes because of the
  326. weakness of the algorithm.
  327. config ADK_KERNEL_CRYPTO_BLOWFISH
  328. prompt "Blowfish cipher algorithm"
  329. tristate
  330. select ADK_KERNEL_CRYPTO_ALGAPI
  331. default n
  332. help
  333. Blowfish cipher algorithm, by Bruce Schneier.
  334. This is a variable key length cipher which can use keys from 32
  335. bits to 448 bits in length. It's fast, simple and specifically
  336. designed for use on "large microprocessors".
  337. See also:
  338. <http://www.schneier.com/blowfish.html>
  339. config ADK_KERNEL_CRYPTO_CAMELLIA
  340. prompt "Camellia cipher algorithms"
  341. tristate
  342. select ADK_KERNEL_CRYPTO_ALGAPI
  343. default n
  344. help
  345. Camellia cipher algorithms module.
  346. Camellia is a symmetric key block cipher developed jointly
  347. at NTT and Mitsubishi Electric Corporation.
  348. The Camellia specifies three key sizes: 128, 192 and 256 bits.
  349. See also:
  350. <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
  351. config ADK_KERNEL_CRYPTO_CAST5
  352. prompt "CAST5 (CAST-128) cipher algorithm"
  353. tristate
  354. select ADK_KERNEL_CRYPTO_ALGAPI
  355. default n
  356. help
  357. The CAST5 encryption algorithm (synonymous with CAST-128) is
  358. described in RFC2144.
  359. config ADK_KERNEL_CRYPTO_CAST6
  360. prompt "CAST6 (CATS-256) cipher algorithm"
  361. tristate
  362. select ADK_KERNEL_CRYPTO_ALGAPI
  363. default n
  364. help
  365. The CAST6 encryption algorithm (synonymous with CAST-256) is
  366. described in RFC2612.
  367. config ADK_KERNEL_CRYPTO_DES
  368. prompt "DES and Triple DES EDE cipher algorithms"
  369. tristate
  370. select ADK_KERNEL_CRYPTO_ALGAPI
  371. default m if ADK_PACKAGE_STRONGSWAN
  372. default m if ADK_PACKAGE_OPENSWAN
  373. default n
  374. help
  375. DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
  376. config ADK_KERNEL_CRYPTO_FCRYPT
  377. prompt "FCrypt cipher algorithms"
  378. tristate
  379. select ADK_KERNEL_CRYPTO_ALGAPI
  380. default n
  381. help
  382. FCrypt algorithm used by RxRPC.
  383. config ADK_KERNEL_CRYPTO_KHAZAD
  384. prompt "Khazad cipher algorithm"
  385. tristate
  386. select ADK_KERNEL_CRYPTO_ALGAPI
  387. default n
  388. help
  389. Khazad cipher algorithm.
  390. Khazad was a finalist in the initial NESSIE competition. It is
  391. an algorithm optimized for 64-bit processors with good performance
  392. on 32-bit processors. Khazad uses an 128 bit key size.
  393. See also:
  394. <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
  395. config ADK_KERNEL_CRYPTO_SERPENT
  396. prompt "Serpent cipher algorithm"
  397. tristate
  398. select ADK_KERNEL_CRYPTO_ALGAPI
  399. default n
  400. help
  401. Serpent cipher algorithm, by Anderson, Biham & Knudsen.
  402. Keys are allowed to be from 0 to 256 bits in length, in steps
  403. of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
  404. variant of Serpent for compatibility with old kerneli code.
  405. See also:
  406. <http://www.cl.cam.ac.uk/~rja14/serpent.html>
  407. config ADK_KERNEL_CRYPTO_TEA
  408. prompt "TEA, XTEA and XETA cipher algorithms"
  409. tristate
  410. select ADK_KERNEL_CRYPTO_ALGAPI
  411. default n
  412. help
  413. TEA cipher algorithm.
  414. Tiny Encryption Algorithm is a simple cipher that uses
  415. many rounds for security. It is very fast and uses
  416. little memory.
  417. Xtendend Tiny Encryption Algorithm is a modification to
  418. the TEA algorithm to address a potential key weakness
  419. in the TEA algorithm.
  420. Xtendend Encryption Tiny Algorithm is a mis-implementation
  421. of the XTEA algorithm for compatibility purposes.
  422. config ADK_KERNEL_CRYPTO_TWOFISH
  423. prompt "Twofish cipher algorithm"
  424. tristate
  425. select ADK_KERNEL_CRYPTO_ALGAPI
  426. default n
  427. help
  428. Twofish cipher algorithm.
  429. Twofish was submitted as an AES (Advanced Encryption Standard)
  430. candidate cipher by researchers at CounterPane Systems. It is a
  431. 16 round block cipher supporting key sizes of 128, 192, and 256
  432. bits.
  433. See also:
  434. <http://www.schneier.com/twofish.html>
  435. config ADK_KERNEL_CRYPTO_TWOFISH_586
  436. prompt "Twofish cipher algorithm (i586)"
  437. tristate
  438. select ADK_KERNEL_CRYPTO_ALGAPI
  439. depends on ADK_x86
  440. default n
  441. help
  442. Twofish cipher algorithm.
  443. Twofish was submitted as an AES (Advanced Encryption Standard)
  444. candidate cipher by researchers at CounterPane Systems. It is a
  445. 16 round block cipher supporting key sizes of 128, 192, and 256
  446. bits.
  447. See also:
  448. <http://www.schneier.com/twofish.html>
  449. config ADK_KERNEL_CRYPTO_NULL
  450. prompt "Null algorithms"
  451. tristate
  452. select ADK_KERNEL_CRYPTO_ALGAPI
  453. select ADK_KERNEL_CRYPTO_BLKCIPHER
  454. select ADK_KERNEL_CRYPTO_HASH
  455. default m if ADK_PACKAGE_STRONGSWAN
  456. default m if ADK_PACKAGE_OPENSWAN
  457. default n
  458. help
  459. These are 'Null' algorithms, used by IPsec, which do nothing.
  460. endmenu
  461. menu "Compression"
  462. config ADK_KERNEL_CRYPTO_DEFLATE
  463. prompt "Deflate compression algorithm"
  464. tristate
  465. select ADK_KERNEL_CRYPTO_ALGAPI
  466. select ADK_KERNEL_ZLIB_DEFLATE
  467. default n
  468. help
  469. This is the Deflate algorithm (RFC1951), specified for use in
  470. IPSec with the IPCOMP protocol (RFC3173, RFC2394).
  471. You will most probably want this if using IPSec.
  472. config ADK_KERNEL_CRYPTO_LZO
  473. prompt "LZO compression algorithm"
  474. tristate
  475. select ADK_KERNEL_CRYPTO_ALGAPI
  476. default n
  477. help
  478. config ADK_KERNEL_CRYPTO_MICHAEL_MIC
  479. prompt "Michael MIC keyed digest algorithm"
  480. tristate
  481. select ADK_KERNEL_CRYPTO_HASH
  482. default n
  483. help
  484. Michael MIC is used for message integrity protection in TKIP
  485. (IEEE 802.11i). This algorithm is required for TKIP, but it
  486. should not be used for other purposes because of the weakness
  487. of the algorithm.
  488. config ADK_KERNEL_CRYPTO_CRC32C
  489. prompt "CRC32c CRC algorithm"
  490. tristate
  491. select ADK_KERNEL_CRYPTO_HASH
  492. select ADK_KERNEL_CRC32
  493. default n
  494. help
  495. Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
  496. by iSCSI for header and data digests and by others.
  497. See Castagnoli93. This implementation uses lib/libcrc32c.
  498. Module will be crc32c.
  499. endmenu
  500. endmenu