help
This option provides the core Cryptographic API.
+if CRYPTO
+
+config CRYPTO_ALGAPI
+ tristate
+ help
+ This option provides the API for cryptographic algorithms.
+
+config CRYPTO_BLKCIPHER
+ tristate
+ select CRYPTO_ALGAPI
+
+config CRYPTO_HASH
+ tristate
+ select CRYPTO_ALGAPI
+
+config CRYPTO_MANAGER
+ tristate "Cryptographic algorithm manager"
+ select CRYPTO_ALGAPI
+ help
+ Create default cryptographic template instantiations such as
+ cbc(aes).
+
config CRYPTO_HMAC
- bool "HMAC support"
- depends on CRYPTO
+ tristate "HMAC support"
+ select CRYPTO_HASH
+ select CRYPTO_MANAGER
help
HMAC: Keyed-Hashing for Message Authentication (RFC2104).
This is required for IPSec.
+config CRYPTO_XCBC
+ tristate "XCBC support"
+ depends on EXPERIMENTAL
+ select CRYPTO_HASH
+ select CRYPTO_MANAGER
+ help
+ XCBC: Keyed-Hashing with encryption algorithm
+ http://www.ietf.org/rfc/rfc3566.txt
+ http://csrc.nist.gov/encryption/modes/proposedmodes/
+ xcbc-mac/xcbc-mac-spec.pdf
+
config CRYPTO_NULL
tristate "Null algorithms"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
These are 'Null' algorithms, used by IPsec, which do nothing.
config CRYPTO_MD4
tristate "MD4 digest algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
MD4 message digest algorithm (RFC1320).
config CRYPTO_MD5
tristate "MD5 digest algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
MD5 message digest algorithm (RFC1321).
config CRYPTO_SHA1
tristate "SHA1 digest algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
-config CRYPTO_SHA1_Z990
- tristate "SHA1 digest algorithm for IBM zSeries z990"
- depends on CRYPTO && ARCH_S390
+config CRYPTO_SHA1_S390
+ tristate "SHA1 digest algorithm (s390)"
+ depends on S390
+ select CRYPTO_ALGAPI
help
+ This is the s390 hardware accelerated implementation of the
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
config CRYPTO_SHA256
tristate "SHA256 digest algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
SHA256 secure hash standard (DFIPS 180-2).
This version of SHA implements a 256 bit hash with 128 bits of
security against collision attacks.
+config CRYPTO_SHA256_S390
+ tristate "SHA256 digest algorithm (s390)"
+ depends on S390
+ select CRYPTO_ALGAPI
+ help
+ This is the s390 hardware accelerated implementation of the
+ SHA256 secure hash standard (DFIPS 180-2).
+
+ This version of SHA implements a 256 bit hash with 128 bits of
+ security against collision attacks.
+
config CRYPTO_SHA512
tristate "SHA384 and SHA512 digest algorithms"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
SHA512 secure hash standard (DFIPS 180-2).
config CRYPTO_WP512
tristate "Whirlpool digest algorithms"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
Whirlpool hash algorithm 512, 384 and 256-bit hashes
- Whirlpool-512 is part of the NESSIE cryptographic primtives.
+ Whirlpool-512 is part of the NESSIE cryptographic primitives.
Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
See also:
- http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html
+ <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
+
+config CRYPTO_TGR192
+ tristate "Tiger digest algorithms"
+ select CRYPTO_ALGAPI
+ help
+ Tiger hash algorithm 192, 160 and 128-bit hashes
+
+ Tiger is a hash function optimized for 64-bit processors while
+ still having decent performance on 32-bit processors.
+ Tiger was developed by Ross Anderson and Eli Biham.
+
+ See also:
+ <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
+
+config CRYPTO_GF128MUL
+ tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
+ depends on EXPERIMENTAL
+ help
+ Efficient table driven implementation of multiplications in the
+ field GF(2^128). This is needed by some cypher modes. This
+ option will be selected automatically if you select such a
+ cipher mode. Only select this option by hand if you expect to load
+ an external module that requires these functions.
+
+config CRYPTO_ECB
+ tristate "ECB support"
+ select CRYPTO_BLKCIPHER
+ select CRYPTO_MANAGER
+ default m
+ help
+ ECB: Electronic CodeBook mode
+ This is the simplest block cipher algorithm. It simply encrypts
+ the input block by block.
+
+config CRYPTO_CBC
+ tristate "CBC support"
+ select CRYPTO_BLKCIPHER
+ select CRYPTO_MANAGER
+ default m
+ help
+ CBC: Cipher Block Chaining mode
+ This block cipher algorithm is required for IPSec.
+
+config CRYPTO_LRW
+ tristate "LRW support (EXPERIMENTAL)"
+ depends on EXPERIMENTAL
+ select CRYPTO_BLKCIPHER
+ select CRYPTO_MANAGER
+ select CRYPTO_GF128MUL
+ help
+ LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
+ narrow block cipher mode for dm-crypt. Use it with cipher
+ specification string aes-lrw-benbi, the key must be 256, 320 or 384.
+ The first 128, 192 or 256 bits in the key are used for AES and the
+ rest is used to tie each cipher block to its logical position.
config CRYPTO_DES
tristate "DES and Triple DES EDE cipher algorithms"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
-config CRYPTO_DES_Z990
- tristate "DES and Triple DES cipher algorithms for IBM zSeries z990"
- depends on CRYPTO && ARCH_S390
+config CRYPTO_DES_S390
+ tristate "DES and Triple DES cipher algorithms (s390)"
+ depends on S390
+ select CRYPTO_ALGAPI
+ select CRYPTO_BLKCIPHER
help
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
config CRYPTO_BLOWFISH
tristate "Blowfish cipher algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
Blowfish cipher algorithm, by Bruce Schneier.
designed for use on "large microprocessors".
See also:
- http://www.schneier.com/blowfish.html
+ <http://www.schneier.com/blowfish.html>
config CRYPTO_TWOFISH
tristate "Twofish cipher algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
+ select CRYPTO_TWOFISH_COMMON
help
Twofish cipher algorithm.
bits.
See also:
- http://www.schneier.com/twofish.html
+ <http://www.schneier.com/twofish.html>
+
+config CRYPTO_TWOFISH_COMMON
+ tristate
+ help
+ Common parts of the Twofish cipher algorithm shared by the
+ generic c and the assembler implementations.
+
+config CRYPTO_TWOFISH_586
+ tristate "Twofish cipher algorithms (i586)"
+ depends on (X86 || UML_X86) && !64BIT
+ select CRYPTO_ALGAPI
+ select CRYPTO_TWOFISH_COMMON
+ help
+ Twofish cipher algorithm.
+
+ Twofish was submitted as an AES (Advanced Encryption Standard)
+ candidate cipher by researchers at CounterPane Systems. It is a
+ 16 round block cipher supporting key sizes of 128, 192, and 256
+ bits.
+
+ See also:
+ <http://www.schneier.com/twofish.html>
+
+config CRYPTO_TWOFISH_X86_64
+ tristate "Twofish cipher algorithm (x86_64)"
+ depends on (X86 || UML_X86) && 64BIT
+ select CRYPTO_ALGAPI
+ select CRYPTO_TWOFISH_COMMON
+ help
+ Twofish cipher algorithm (x86_64).
+
+ Twofish was submitted as an AES (Advanced Encryption Standard)
+ candidate cipher by researchers at CounterPane Systems. It is a
+ 16 round block cipher supporting key sizes of 128, 192, and 256
+ bits.
+
+ See also:
+ <http://www.schneier.com/twofish.html>
config CRYPTO_SERPENT
tristate "Serpent cipher algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
Serpent cipher algorithm, by Anderson, Biham & Knudsen.
Keys are allowed to be from 0 to 256 bits in length, in steps
- of 8 bits.
+ of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
+ variant of Serpent for compatibility with old kerneli code.
See also:
- http://www.cl.cam.ac.uk/~rja14/serpent.html
+ <http://www.cl.cam.ac.uk/~rja14/serpent.html>
config CRYPTO_AES
tristate "AES cipher algorithms"
- depends on CRYPTO && !(X86 && !X86_64)
+ select CRYPTO_ALGAPI
help
AES cipher algorithms (FIPS-197). AES uses the Rijndael
algorithm.
The AES specifies three key sizes: 128, 192 and 256 bits
- See http://csrc.nist.gov/CryptoToolkit/aes/ for more information.
+ See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
config CRYPTO_AES_586
tristate "AES cipher algorithms (i586)"
- depends on CRYPTO && (X86 && !X86_64)
+ depends on (X86 || UML_X86) && !64BIT
+ select CRYPTO_ALGAPI
help
AES cipher algorithms (FIPS-197). AES uses the Rijndael
algorithm.
The AES specifies three key sizes: 128, 192 and 256 bits
- See http://csrc.nist.gov/encryption/aes/ for more information.
+ See <http://csrc.nist.gov/encryption/aes/> for more information.
+
+config CRYPTO_AES_X86_64
+ tristate "AES cipher algorithms (x86_64)"
+ depends on (X86 || UML_X86) && 64BIT
+ select CRYPTO_ALGAPI
+ help
+ AES cipher algorithms (FIPS-197). AES uses the Rijndael
+ algorithm.
+
+ Rijndael appears to be consistently a very good performer in
+ both hardware and software across a wide range of computing
+ environments regardless of its use in feedback or non-feedback
+ modes. Its key setup time is excellent, and its key agility is
+ good. Rijndael's very low memory requirements make it very well
+ suited for restricted-space environments, in which it also
+ demonstrates excellent performance. Rijndael's operations are
+ among the easiest to defend against power and timing attacks.
+
+ The AES specifies three key sizes: 128, 192 and 256 bits
+
+ See <http://csrc.nist.gov/encryption/aes/> for more information.
+
+config CRYPTO_AES_S390
+ tristate "AES cipher algorithms (s390)"
+ depends on S390
+ select CRYPTO_ALGAPI
+ select CRYPTO_BLKCIPHER
+ help
+ This is the s390 hardware accelerated implementation of the
+ AES cipher algorithms (FIPS-197). AES uses the Rijndael
+ algorithm.
+
+ Rijndael appears to be consistently a very good performer in
+ both hardware and software across a wide range of computing
+ environments regardless of its use in feedback or non-feedback
+ modes. Its key setup time is excellent, and its key agility is
+ good. Rijndael's very low memory requirements make it very well
+ suited for restricted-space environments, in which it also
+ demonstrates excellent performance. Rijndael's operations are
+ among the easiest to defend against power and timing attacks.
+
+ On s390 the System z9-109 currently only supports the key size
+ of 128 bit.
config CRYPTO_CAST5
tristate "CAST5 (CAST-128) cipher algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
The CAST5 encryption algorithm (synonymous with CAST-128) is
described in RFC2144.
config CRYPTO_CAST6
tristate "CAST6 (CAST-256) cipher algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
The CAST6 encryption algorithm (synonymous with CAST-256) is
described in RFC2612.
config CRYPTO_TEA
- tristate "TEA and XTEA cipher algorithms"
- depends on CRYPTO
+ tristate "TEA, XTEA and XETA cipher algorithms"
+ select CRYPTO_ALGAPI
help
TEA cipher algorithm.
the TEA algorithm to address a potential key weakness
in the TEA algorithm.
+ Xtendend Encryption Tiny Algorithm is a mis-implementation
+ of the XTEA algorithm for compatibility purposes.
+
config CRYPTO_ARC4
tristate "ARC4 cipher algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
ARC4 cipher algorithm.
config CRYPTO_KHAZAD
tristate "Khazad cipher algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
Khazad cipher algorithm.
on 32-bit processors. Khazad uses an 128 bit key size.
See also:
- http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html
+ <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
+
+config CRYPTO_ANUBIS
+ tristate "Anubis cipher algorithm"
+ select CRYPTO_ALGAPI
+ help
+ Anubis cipher algorithm.
+
+ Anubis is a variable key length cipher which can use keys from
+ 128 bits to 320 bits in length. It was evaluated as a entrant
+ in the NESSIE competition.
+
+ See also:
+ <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
+ <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
+
config CRYPTO_DEFLATE
tristate "Deflate compression algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
select ZLIB_INFLATE
select ZLIB_DEFLATE
help
config CRYPTO_MICHAEL_MIC
tristate "Michael MIC keyed digest algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
help
Michael MIC is used for message integrity protection in TKIP
(IEEE 802.11i). This algorithm is required for TKIP, but it
config CRYPTO_CRC32C
tristate "CRC32c CRC algorithm"
- depends on CRYPTO
+ select CRYPTO_ALGAPI
select LIBCRC32C
help
Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
config CRYPTO_TEST
tristate "Testing module"
- depends on CRYPTO
+ depends on m
+ select CRYPTO_ALGAPI
help
Quick & dirty crypto test module.
-endmenu
+config CRYPTO_MPILIB
+ bool "Multiprecision maths library (EXPERIMENTAL)"
+ depends on CRYPTO
+ help
+ Multiprecision maths library from GnuPG
+config CRYPTO_SIGNATURE
+ bool "In-kernel signature checker (EXPERIMENTAL)"
+ depends on CRYPTO
+ help
+ Signature checker (used for module sig checking).
+
+config CRYPTO_SIGNATURE_DSA
+ bool "Handle DSA signatures (EXPERIMENTAL)"
+ depends on CRYPTO_SIGNATURE
+ select CRYPTO_MPILIB
+ help
+ DSA Signature checker.
+
+source "drivers/crypto/Kconfig"
+
+endif # if CRYPTO
+
+endmenu
git://git.onelab.eu / linux-2.6.git / blobdiff