diff options
-rw-r--r-- | crypto/Kconfig | 645 |
1 files changed, 329 insertions, 316 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig index edd00c5307a4..864456c140fe 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig | |||
@@ -19,6 +19,8 @@ menuconfig CRYPTO | |||
19 | 19 | ||
20 | if CRYPTO | 20 | if CRYPTO |
21 | 21 | ||
22 | comment "Crypto core or helper" | ||
23 | |||
22 | config CRYPTO_ALGAPI | 24 | config CRYPTO_ALGAPI |
23 | tristate | 25 | tristate |
24 | help | 26 | help |
@@ -32,15 +34,6 @@ config CRYPTO_BLKCIPHER | |||
32 | tristate | 34 | tristate |
33 | select CRYPTO_ALGAPI | 35 | select CRYPTO_ALGAPI |
34 | 36 | ||
35 | config CRYPTO_SEQIV | ||
36 | tristate "Sequence Number IV Generator" | ||
37 | select CRYPTO_AEAD | ||
38 | select CRYPTO_BLKCIPHER | ||
39 | help | ||
40 | This IV generator generates an IV based on a sequence number by | ||
41 | xoring it with a salt. This algorithm is mainly useful for CTR | ||
42 | and similar modes. | ||
43 | |||
44 | config CRYPTO_HASH | 37 | config CRYPTO_HASH |
45 | tristate | 38 | tristate |
46 | select CRYPTO_ALGAPI | 39 | select CRYPTO_ALGAPI |
@@ -52,24 +45,15 @@ config CRYPTO_MANAGER | |||
52 | Create default cryptographic template instantiations such as | 45 | Create default cryptographic template instantiations such as |
53 | cbc(aes). | 46 | cbc(aes). |
54 | 47 | ||
55 | config CRYPTO_HMAC | 48 | config CRYPTO_GF128MUL |
56 | tristate "HMAC support" | 49 | tristate "GF(2^128) multiplication functions (EXPERIMENTAL)" |
57 | select CRYPTO_HASH | ||
58 | select CRYPTO_MANAGER | ||
59 | help | ||
60 | HMAC: Keyed-Hashing for Message Authentication (RFC2104). | ||
61 | This is required for IPSec. | ||
62 | |||
63 | config CRYPTO_XCBC | ||
64 | tristate "XCBC support" | ||
65 | depends on EXPERIMENTAL | 50 | depends on EXPERIMENTAL |
66 | select CRYPTO_HASH | ||
67 | select CRYPTO_MANAGER | ||
68 | help | 51 | help |
69 | XCBC: Keyed-Hashing with encryption algorithm | 52 | Efficient table driven implementation of multiplications in the |
70 | http://www.ietf.org/rfc/rfc3566.txt | 53 | field GF(2^128). This is needed by some cypher modes. This |
71 | http://csrc.nist.gov/encryption/modes/proposedmodes/ | 54 | option will be selected automatically if you select such a |
72 | xcbc-mac/xcbc-mac-spec.pdf | 55 | cipher mode. Only select this option by hand if you expect to load |
56 | an external module that requires these functions. | ||
73 | 57 | ||
74 | config CRYPTO_NULL | 58 | config CRYPTO_NULL |
75 | tristate "Null algorithms" | 59 | tristate "Null algorithms" |
@@ -78,107 +62,98 @@ config CRYPTO_NULL | |||
78 | help | 62 | help |
79 | These are 'Null' algorithms, used by IPsec, which do nothing. | 63 | These are 'Null' algorithms, used by IPsec, which do nothing. |
80 | 64 | ||
81 | config CRYPTO_MD4 | 65 | config CRYPTO_CRYPTD |
82 | tristate "MD4 digest algorithm" | 66 | tristate "Software async crypto daemon" |
83 | select CRYPTO_ALGAPI | 67 | select CRYPTO_BLKCIPHER |
68 | select CRYPTO_MANAGER | ||
84 | help | 69 | help |
85 | MD4 message digest algorithm (RFC1320). | 70 | This is a generic software asynchronous crypto daemon that |
71 | converts an arbitrary synchronous software crypto algorithm | ||
72 | into an asynchronous algorithm that executes in a kernel thread. | ||
86 | 73 | ||
87 | config CRYPTO_MD5 | 74 | config CRYPTO_AUTHENC |
88 | tristate "MD5 digest algorithm" | 75 | tristate "Authenc support" |
89 | select CRYPTO_ALGAPI | 76 | select CRYPTO_AEAD |
77 | select CRYPTO_BLKCIPHER | ||
78 | select CRYPTO_MANAGER | ||
79 | select CRYPTO_HASH | ||
90 | help | 80 | help |
91 | MD5 message digest algorithm (RFC1321). | 81 | Authenc: Combined mode wrapper for IPsec. |
82 | This is required for IPSec. | ||
92 | 83 | ||
93 | config CRYPTO_SHA1 | 84 | config CRYPTO_TEST |
94 | tristate "SHA1 digest algorithm" | 85 | tristate "Testing module" |
86 | depends on m | ||
95 | select CRYPTO_ALGAPI | 87 | select CRYPTO_ALGAPI |
88 | select CRYPTO_AEAD | ||
89 | select CRYPTO_BLKCIPHER | ||
96 | help | 90 | help |
97 | SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). | 91 | Quick & dirty crypto test module. |
98 | 92 | ||
99 | config CRYPTO_SHA256 | 93 | comment "Authenticated Encryption with Associated Data" |
100 | tristate "SHA224 and SHA256 digest algorithm" | ||
101 | select CRYPTO_ALGAPI | ||
102 | help | ||
103 | SHA256 secure hash standard (DFIPS 180-2). | ||
104 | |||
105 | This version of SHA implements a 256 bit hash with 128 bits of | ||
106 | security against collision attacks. | ||
107 | 94 | ||
108 | This code also includes SHA-224, a 224 bit hash with 112 bits | 95 | config CRYPTO_CCM |
109 | of security against collision attacks. | 96 | tristate "CCM support" |
110 | 97 | select CRYPTO_CTR | |
111 | config CRYPTO_SHA512 | 98 | select CRYPTO_AEAD |
112 | tristate "SHA384 and SHA512 digest algorithms" | ||
113 | select CRYPTO_ALGAPI | ||
114 | help | 99 | help |
115 | SHA512 secure hash standard (DFIPS 180-2). | 100 | Support for Counter with CBC MAC. Required for IPsec. |
116 | |||
117 | This version of SHA implements a 512 bit hash with 256 bits of | ||
118 | security against collision attacks. | ||
119 | |||
120 | This code also includes SHA-384, a 384 bit hash with 192 bits | ||
121 | of security against collision attacks. | ||
122 | 101 | ||
123 | config CRYPTO_WP512 | 102 | config CRYPTO_GCM |
124 | tristate "Whirlpool digest algorithms" | 103 | tristate "GCM/GMAC support" |
125 | select CRYPTO_ALGAPI | 104 | select CRYPTO_CTR |
105 | select CRYPTO_AEAD | ||
106 | select CRYPTO_GF128MUL | ||
126 | help | 107 | help |
127 | Whirlpool hash algorithm 512, 384 and 256-bit hashes | 108 | Support for Galois/Counter Mode (GCM) and Galois Message |
128 | 109 | Authentication Code (GMAC). Required for IPSec. | |
129 | Whirlpool-512 is part of the NESSIE cryptographic primitives. | ||
130 | Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard | ||
131 | |||
132 | See also: | ||
133 | <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> | ||
134 | 110 | ||
135 | config CRYPTO_TGR192 | 111 | config CRYPTO_SEQIV |
136 | tristate "Tiger digest algorithms" | 112 | tristate "Sequence Number IV Generator" |
137 | select CRYPTO_ALGAPI | 113 | select CRYPTO_AEAD |
114 | select CRYPTO_BLKCIPHER | ||
138 | help | 115 | help |
139 | Tiger hash algorithm 192, 160 and 128-bit hashes | 116 | This IV generator generates an IV based on a sequence number by |
140 | 117 | xoring it with a salt. This algorithm is mainly useful for CTR | |
141 | Tiger is a hash function optimized for 64-bit processors while | ||
142 | still having decent performance on 32-bit processors. | ||
143 | Tiger was developed by Ross Anderson and Eli Biham. | ||
144 | 118 | ||
145 | See also: | 119 | comment "Block modes" |
146 | <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. | ||
147 | 120 | ||
148 | config CRYPTO_GF128MUL | 121 | config CRYPTO_CBC |
149 | tristate "GF(2^128) multiplication functions (EXPERIMENTAL)" | 122 | tristate "CBC support" |
150 | depends on EXPERIMENTAL | ||
151 | help | ||
152 | Efficient table driven implementation of multiplications in the | ||
153 | field GF(2^128). This is needed by some cypher modes. This | ||
154 | option will be selected automatically if you select such a | ||
155 | cipher mode. Only select this option by hand if you expect to load | ||
156 | an external module that requires these functions. | ||
157 | |||
158 | config CRYPTO_ECB | ||
159 | tristate "ECB support" | ||
160 | select CRYPTO_BLKCIPHER | 123 | select CRYPTO_BLKCIPHER |
161 | select CRYPTO_MANAGER | 124 | select CRYPTO_MANAGER |
162 | help | 125 | help |
163 | ECB: Electronic CodeBook mode | 126 | CBC: Cipher Block Chaining mode |
164 | This is the simplest block cipher algorithm. It simply encrypts | 127 | This block cipher algorithm is required for IPSec. |
165 | the input block by block. | ||
166 | 128 | ||
167 | config CRYPTO_CBC | 129 | config CRYPTO_CTR |
168 | tristate "CBC support" | 130 | tristate "CTR support" |
169 | select CRYPTO_BLKCIPHER | 131 | select CRYPTO_BLKCIPHER |
132 | select CRYPTO_SEQIV | ||
170 | select CRYPTO_MANAGER | 133 | select CRYPTO_MANAGER |
171 | help | 134 | help |
172 | CBC: Cipher Block Chaining mode | 135 | CTR: Counter mode |
173 | This block cipher algorithm is required for IPSec. | 136 | This block cipher algorithm is required for IPSec. |
174 | 137 | ||
175 | config CRYPTO_PCBC | 138 | config CRYPTO_CTS |
176 | tristate "PCBC support" | 139 | tristate "CTS support" |
140 | select CRYPTO_BLKCIPHER | ||
141 | help | ||
142 | CTS: Cipher Text Stealing | ||
143 | This is the Cipher Text Stealing mode as described by | ||
144 | Section 8 of rfc2040 and referenced by rfc3962. | ||
145 | (rfc3962 includes errata information in its Appendix A) | ||
146 | This mode is required for Kerberos gss mechanism support | ||
147 | for AES encryption. | ||
148 | |||
149 | config CRYPTO_ECB | ||
150 | tristate "ECB support" | ||
177 | select CRYPTO_BLKCIPHER | 151 | select CRYPTO_BLKCIPHER |
178 | select CRYPTO_MANAGER | 152 | select CRYPTO_MANAGER |
179 | help | 153 | help |
180 | PCBC: Propagating Cipher Block Chaining mode | 154 | ECB: Electronic CodeBook mode |
181 | This block cipher algorithm is required for RxRPC. | 155 | This is the simplest block cipher algorithm. It simply encrypts |
156 | the input block by block. | ||
182 | 157 | ||
183 | config CRYPTO_LRW | 158 | config CRYPTO_LRW |
184 | tristate "LRW support (EXPERIMENTAL)" | 159 | tristate "LRW support (EXPERIMENTAL)" |
@@ -193,6 +168,14 @@ config CRYPTO_LRW | |||
193 | The first 128, 192 or 256 bits in the key are used for AES and the | 168 | The first 128, 192 or 256 bits in the key are used for AES and the |
194 | rest is used to tie each cipher block to its logical position. | 169 | rest is used to tie each cipher block to its logical position. |
195 | 170 | ||
171 | config CRYPTO_PCBC | ||
172 | tristate "PCBC support" | ||
173 | select CRYPTO_BLKCIPHER | ||
174 | select CRYPTO_MANAGER | ||
175 | help | ||
176 | PCBC: Propagating Cipher Block Chaining mode | ||
177 | This block cipher algorithm is required for RxRPC. | ||
178 | |||
196 | config CRYPTO_XTS | 179 | config CRYPTO_XTS |
197 | tristate "XTS support (EXPERIMENTAL)" | 180 | tristate "XTS support (EXPERIMENTAL)" |
198 | depends on EXPERIMENTAL | 181 | depends on EXPERIMENTAL |
@@ -204,160 +187,134 @@ config CRYPTO_XTS | |||
204 | key size 256, 384 or 512 bits. This implementation currently | 187 | key size 256, 384 or 512 bits. This implementation currently |
205 | can't handle a sectorsize which is not a multiple of 16 bytes. | 188 | can't handle a sectorsize which is not a multiple of 16 bytes. |
206 | 189 | ||
207 | config CRYPTO_CTR | 190 | comment "Hash modes" |
208 | tristate "CTR support" | 191 | |
209 | select CRYPTO_BLKCIPHER | 192 | config CRYPTO_HMAC |
210 | select CRYPTO_SEQIV | 193 | tristate "HMAC support" |
194 | select CRYPTO_HASH | ||
211 | select CRYPTO_MANAGER | 195 | select CRYPTO_MANAGER |
212 | help | 196 | help |
213 | CTR: Counter mode | 197 | HMAC: Keyed-Hashing for Message Authentication (RFC2104). |
214 | This block cipher algorithm is required for IPSec. | 198 | This is required for IPSec. |
215 | 199 | ||
216 | config CRYPTO_CTS | 200 | config CRYPTO_XCBC |
217 | tristate "CTS support" | 201 | tristate "XCBC support" |
218 | select CRYPTO_BLKCIPHER | 202 | depends on EXPERIMENTAL |
203 | select CRYPTO_HASH | ||
204 | select CRYPTO_MANAGER | ||
219 | help | 205 | help |
220 | CTS: Cipher Text Stealing | 206 | XCBC: Keyed-Hashing with encryption algorithm |
221 | This is the Cipher Text Stealing mode as described by | 207 | http://www.ietf.org/rfc/rfc3566.txt |
222 | Section 8 of rfc2040 and referenced by rfc3962. | 208 | http://csrc.nist.gov/encryption/modes/proposedmodes/ |
223 | (rfc3962 includes errata information in its Appendix A) | 209 | xcbc-mac/xcbc-mac-spec.pdf |
224 | This mode is required for Kerberos gss mechanism support | ||
225 | for AES encryption. | ||
226 | 210 | ||
227 | config CRYPTO_GCM | 211 | comment "Digest" |
228 | tristate "GCM/GMAC support" | ||
229 | select CRYPTO_CTR | ||
230 | select CRYPTO_AEAD | ||
231 | select CRYPTO_GF128MUL | ||
232 | help | ||
233 | Support for Galois/Counter Mode (GCM) and Galois Message | ||
234 | Authentication Code (GMAC). Required for IPSec. | ||
235 | 212 | ||
236 | config CRYPTO_CCM | 213 | config CRYPTO_CRC32C |
237 | tristate "CCM support" | 214 | tristate "CRC32c CRC algorithm" |
238 | select CRYPTO_CTR | 215 | select CRYPTO_ALGAPI |
239 | select CRYPTO_AEAD | 216 | select LIBCRC32C |
240 | help | 217 | help |
241 | Support for Counter with CBC MAC. Required for IPsec. | 218 | Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used |
219 | by iSCSI for header and data digests and by others. | ||
220 | See Castagnoli93. This implementation uses lib/libcrc32c. | ||
221 | Module will be crc32c. | ||
242 | 222 | ||
243 | config CRYPTO_CRYPTD | 223 | config CRYPTO_MD4 |
244 | tristate "Software async crypto daemon" | 224 | tristate "MD4 digest algorithm" |
245 | select CRYPTO_BLKCIPHER | 225 | select CRYPTO_ALGAPI |
246 | select CRYPTO_MANAGER | ||
247 | help | 226 | help |
248 | This is a generic software asynchronous crypto daemon that | 227 | MD4 message digest algorithm (RFC1320). |
249 | converts an arbitrary synchronous software crypto algorithm | ||
250 | into an asynchronous algorithm that executes in a kernel thread. | ||
251 | 228 | ||
252 | config CRYPTO_DES | 229 | config CRYPTO_MD5 |
253 | tristate "DES and Triple DES EDE cipher algorithms" | 230 | tristate "MD5 digest algorithm" |
254 | select CRYPTO_ALGAPI | 231 | select CRYPTO_ALGAPI |
255 | help | 232 | help |
256 | DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). | 233 | MD5 message digest algorithm (RFC1321). |
257 | 234 | ||
258 | config CRYPTO_FCRYPT | 235 | config CRYPTO_MICHAEL_MIC |
259 | tristate "FCrypt cipher algorithm" | 236 | tristate "Michael MIC keyed digest algorithm" |
260 | select CRYPTO_ALGAPI | 237 | select CRYPTO_ALGAPI |
261 | select CRYPTO_BLKCIPHER | ||
262 | help | 238 | help |
263 | FCrypt algorithm used by RxRPC. | 239 | Michael MIC is used for message integrity protection in TKIP |
240 | (IEEE 802.11i). This algorithm is required for TKIP, but it | ||
241 | should not be used for other purposes because of the weakness | ||
242 | of the algorithm. | ||
264 | 243 | ||
265 | config CRYPTO_BLOWFISH | 244 | config CRYPTO_SHA1 |
266 | tristate "Blowfish cipher algorithm" | 245 | tristate "SHA1 digest algorithm" |
267 | select CRYPTO_ALGAPI | 246 | select CRYPTO_ALGAPI |
268 | help | 247 | help |
269 | Blowfish cipher algorithm, by Bruce Schneier. | 248 | SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). |
270 | |||
271 | This is a variable key length cipher which can use keys from 32 | ||
272 | bits to 448 bits in length. It's fast, simple and specifically | ||
273 | designed for use on "large microprocessors". | ||
274 | |||
275 | See also: | ||
276 | <http://www.schneier.com/blowfish.html> | ||
277 | 249 | ||
278 | config CRYPTO_TWOFISH | 250 | config CRYPTO_SHA256 |
279 | tristate "Twofish cipher algorithm" | 251 | tristate "SHA224 and SHA256 digest algorithm" |
280 | select CRYPTO_ALGAPI | 252 | select CRYPTO_ALGAPI |
281 | select CRYPTO_TWOFISH_COMMON | ||
282 | help | 253 | help |
283 | Twofish cipher algorithm. | 254 | SHA256 secure hash standard (DFIPS 180-2). |
284 | |||
285 | Twofish was submitted as an AES (Advanced Encryption Standard) | ||
286 | candidate cipher by researchers at CounterPane Systems. It is a | ||
287 | 16 round block cipher supporting key sizes of 128, 192, and 256 | ||
288 | bits. | ||
289 | |||
290 | See also: | ||
291 | <http://www.schneier.com/twofish.html> | ||
292 | 255 | ||
293 | config CRYPTO_TWOFISH_COMMON | 256 | This version of SHA implements a 256 bit hash with 128 bits of |
294 | tristate | 257 | security against collision attacks. |
295 | help | ||
296 | Common parts of the Twofish cipher algorithm shared by the | ||
297 | generic c and the assembler implementations. | ||
298 | 258 | ||
299 | config CRYPTO_TWOFISH_586 | 259 | This code also includes SHA-224, a 224 bit hash with 112 bits |
300 | tristate "Twofish cipher algorithms (i586)" | 260 | of security against collision attacks. |
301 | depends on (X86 || UML_X86) && !64BIT | 261 | |
262 | config CRYPTO_SHA512 | ||
263 | tristate "SHA384 and SHA512 digest algorithms" | ||
302 | select CRYPTO_ALGAPI | 264 | select CRYPTO_ALGAPI |
303 | select CRYPTO_TWOFISH_COMMON | ||
304 | help | 265 | help |
305 | Twofish cipher algorithm. | 266 | SHA512 secure hash standard (DFIPS 180-2). |
306 | 267 | ||
307 | Twofish was submitted as an AES (Advanced Encryption Standard) | 268 | This version of SHA implements a 512 bit hash with 256 bits of |
308 | candidate cipher by researchers at CounterPane Systems. It is a | 269 | security against collision attacks. |
309 | 16 round block cipher supporting key sizes of 128, 192, and 256 | ||
310 | bits. | ||
311 | 270 | ||
312 | See also: | 271 | This code also includes SHA-384, a 384 bit hash with 192 bits |
313 | <http://www.schneier.com/twofish.html> | 272 | of security against collision attacks. |
314 | 273 | ||
315 | config CRYPTO_TWOFISH_X86_64 | 274 | config CRYPTO_TGR192 |
316 | tristate "Twofish cipher algorithm (x86_64)" | 275 | tristate "Tiger digest algorithms" |
317 | depends on (X86 || UML_X86) && 64BIT | ||
318 | select CRYPTO_ALGAPI | 276 | select CRYPTO_ALGAPI |
319 | select CRYPTO_TWOFISH_COMMON | ||
320 | help | 277 | help |
321 | Twofish cipher algorithm (x86_64). | 278 | Tiger hash algorithm 192, 160 and 128-bit hashes |
322 | 279 | ||
323 | Twofish was submitted as an AES (Advanced Encryption Standard) | 280 | Tiger is a hash function optimized for 64-bit processors while |
324 | candidate cipher by researchers at CounterPane Systems. It is a | 281 | still having decent performance on 32-bit processors. |
325 | 16 round block cipher supporting key sizes of 128, 192, and 256 | 282 | Tiger was developed by Ross Anderson and Eli Biham. |
326 | bits. | ||
327 | 283 | ||
328 | See also: | 284 | See also: |
329 | <http://www.schneier.com/twofish.html> | 285 | <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. |
330 | 286 | ||
331 | config CRYPTO_SERPENT | 287 | config CRYPTO_WP512 |
332 | tristate "Serpent cipher algorithm" | 288 | tristate "Whirlpool digest algorithms" |
333 | select CRYPTO_ALGAPI | 289 | select CRYPTO_ALGAPI |
334 | help | 290 | help |
335 | Serpent cipher algorithm, by Anderson, Biham & Knudsen. | 291 | Whirlpool hash algorithm 512, 384 and 256-bit hashes |
336 | 292 | ||
337 | Keys are allowed to be from 0 to 256 bits in length, in steps | 293 | Whirlpool-512 is part of the NESSIE cryptographic primitives. |
338 | of 8 bits. Also includes the 'Tnepres' algorithm, a reversed | 294 | Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard |
339 | variant of Serpent for compatibility with old kerneli.org code. | ||
340 | 295 | ||
341 | See also: | 296 | See also: |
342 | <http://www.cl.cam.ac.uk/~rja14/serpent.html> | 297 | <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> |
298 | |||
299 | comment "Ciphers" | ||
343 | 300 | ||
344 | config CRYPTO_AES | 301 | config CRYPTO_AES |
345 | tristate "AES cipher algorithms" | 302 | tristate "AES cipher algorithms" |
346 | select CRYPTO_ALGAPI | 303 | select CRYPTO_ALGAPI |
347 | help | 304 | help |
348 | AES cipher algorithms (FIPS-197). AES uses the Rijndael | 305 | AES cipher algorithms (FIPS-197). AES uses the Rijndael |
349 | algorithm. | 306 | algorithm. |
350 | 307 | ||
351 | Rijndael appears to be consistently a very good performer in | 308 | Rijndael appears to be consistently a very good performer in |
352 | both hardware and software across a wide range of computing | 309 | both hardware and software across a wide range of computing |
353 | environments regardless of its use in feedback or non-feedback | 310 | environments regardless of its use in feedback or non-feedback |
354 | modes. Its key setup time is excellent, and its key agility is | 311 | modes. Its key setup time is excellent, and its key agility is |
355 | good. Rijndael's very low memory requirements make it very well | 312 | good. Rijndael's very low memory requirements make it very well |
356 | suited for restricted-space environments, in which it also | 313 | suited for restricted-space environments, in which it also |
357 | demonstrates excellent performance. Rijndael's operations are | 314 | demonstrates excellent performance. Rijndael's operations are |
358 | among the easiest to defend against power and timing attacks. | 315 | among the easiest to defend against power and timing attacks. |
359 | 316 | ||
360 | The AES specifies three key sizes: 128, 192 and 256 bits | 317 | The AES specifies three key sizes: 128, 192 and 256 bits |
361 | 318 | ||
362 | See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. | 319 | See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. |
363 | 320 | ||
@@ -367,19 +324,19 @@ config CRYPTO_AES_586 | |||
367 | select CRYPTO_ALGAPI | 324 | select CRYPTO_ALGAPI |
368 | select CRYPTO_AES | 325 | select CRYPTO_AES |
369 | help | 326 | help |
370 | AES cipher algorithms (FIPS-197). AES uses the Rijndael | 327 | AES cipher algorithms (FIPS-197). AES uses the Rijndael |
371 | algorithm. | 328 | algorithm. |
372 | 329 | ||
373 | Rijndael appears to be consistently a very good performer in | 330 | Rijndael appears to be consistently a very good performer in |
374 | both hardware and software across a wide range of computing | 331 | both hardware and software across a wide range of computing |
375 | environments regardless of its use in feedback or non-feedback | 332 | environments regardless of its use in feedback or non-feedback |
376 | modes. Its key setup time is excellent, and its key agility is | 333 | modes. Its key setup time is excellent, and its key agility is |
377 | good. Rijndael's very low memory requirements make it very well | 334 | good. Rijndael's very low memory requirements make it very well |
378 | suited for restricted-space environments, in which it also | 335 | suited for restricted-space environments, in which it also |
379 | demonstrates excellent performance. Rijndael's operations are | 336 | demonstrates excellent performance. Rijndael's operations are |
380 | among the easiest to defend against power and timing attacks. | 337 | among the easiest to defend against power and timing attacks. |
381 | 338 | ||
382 | The AES specifies three key sizes: 128, 192 and 256 bits | 339 | The AES specifies three key sizes: 128, 192 and 256 bits |
383 | 340 | ||
384 | See <http://csrc.nist.gov/encryption/aes/> for more information. | 341 | See <http://csrc.nist.gov/encryption/aes/> for more information. |
385 | 342 | ||
@@ -389,22 +346,75 @@ config CRYPTO_AES_X86_64 | |||
389 | select CRYPTO_ALGAPI | 346 | select CRYPTO_ALGAPI |
390 | select CRYPTO_AES | 347 | select CRYPTO_AES |
391 | help | 348 | help |
392 | AES cipher algorithms (FIPS-197). AES uses the Rijndael | 349 | AES cipher algorithms (FIPS-197). AES uses the Rijndael |
393 | algorithm. | 350 | algorithm. |
394 | 351 | ||
395 | Rijndael appears to be consistently a very good performer in | 352 | Rijndael appears to be consistently a very good performer in |
396 | both hardware and software across a wide range of computing | 353 | both hardware and software across a wide range of computing |
397 | environments regardless of its use in feedback or non-feedback | 354 | environments regardless of its use in feedback or non-feedback |
398 | modes. Its key setup time is excellent, and its key agility is | 355 | modes. Its key setup time is excellent, and its key agility is |
399 | good. Rijndael's very low memory requirements make it very well | 356 | good. Rijndael's very low memory requirements make it very well |
400 | suited for restricted-space environments, in which it also | 357 | suited for restricted-space environments, in which it also |
401 | demonstrates excellent performance. Rijndael's operations are | 358 | demonstrates excellent performance. Rijndael's operations are |
402 | among the easiest to defend against power and timing attacks. | 359 | among the easiest to defend against power and timing attacks. |
403 | 360 | ||
404 | The AES specifies three key sizes: 128, 192 and 256 bits | 361 | The AES specifies three key sizes: 128, 192 and 256 bits |
405 | 362 | ||
406 | See <http://csrc.nist.gov/encryption/aes/> for more information. | 363 | See <http://csrc.nist.gov/encryption/aes/> for more information. |
407 | 364 | ||
365 | config CRYPTO_ANUBIS | ||
366 | tristate "Anubis cipher algorithm" | ||
367 | select CRYPTO_ALGAPI | ||
368 | help | ||
369 | Anubis cipher algorithm. | ||
370 | |||
371 | Anubis is a variable key length cipher which can use keys from | ||
372 | 128 bits to 320 bits in length. It was evaluated as a entrant | ||
373 | in the NESSIE competition. | ||
374 | |||
375 | See also: | ||
376 | <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> | ||
377 | <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> | ||
378 | |||
379 | config CRYPTO_ARC4 | ||
380 | tristate "ARC4 cipher algorithm" | ||
381 | select CRYPTO_ALGAPI | ||
382 | help | ||
383 | ARC4 cipher algorithm. | ||
384 | |||
385 | ARC4 is a stream cipher using keys ranging from 8 bits to 2048 | ||
386 | bits in length. This algorithm is required for driver-based | ||
387 | WEP, but it should not be for other purposes because of the | ||
388 | weakness of the algorithm. | ||
389 | |||
390 | config CRYPTO_BLOWFISH | ||
391 | tristate "Blowfish cipher algorithm" | ||
392 | select CRYPTO_ALGAPI | ||
393 | help | ||
394 | Blowfish cipher algorithm, by Bruce Schneier. | ||
395 | |||
396 | This is a variable key length cipher which can use keys from 32 | ||
397 | bits to 448 bits in length. It's fast, simple and specifically | ||
398 | designed for use on "large microprocessors". | ||
399 | |||
400 | See also: | ||
401 | <http://www.schneier.com/blowfish.html> | ||
402 | |||
403 | config CRYPTO_CAMELLIA | ||
404 | tristate "Camellia cipher algorithms" | ||
405 | depends on CRYPTO | ||
406 | select CRYPTO_ALGAPI | ||
407 | help | ||
408 | Camellia cipher algorithms module. | ||
409 | |||
410 | Camellia is a symmetric key block cipher developed jointly | ||
411 | at NTT and Mitsubishi Electric Corporation. | ||
412 | |||
413 | The Camellia specifies three key sizes: 128, 192 and 256 bits. | ||
414 | |||
415 | See also: | ||
416 | <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> | ||
417 | |||
408 | config CRYPTO_CAST5 | 418 | config CRYPTO_CAST5 |
409 | tristate "CAST5 (CAST-128) cipher algorithm" | 419 | tristate "CAST5 (CAST-128) cipher algorithm" |
410 | select CRYPTO_ALGAPI | 420 | select CRYPTO_ALGAPI |
@@ -419,33 +429,18 @@ config CRYPTO_CAST6 | |||
419 | The CAST6 encryption algorithm (synonymous with CAST-256) is | 429 | The CAST6 encryption algorithm (synonymous with CAST-256) is |
420 | described in RFC2612. | 430 | described in RFC2612. |
421 | 431 | ||
422 | config CRYPTO_TEA | 432 | config CRYPTO_DES |
423 | tristate "TEA, XTEA and XETA cipher algorithms" | 433 | tristate "DES and Triple DES EDE cipher algorithms" |
424 | select CRYPTO_ALGAPI | 434 | select CRYPTO_ALGAPI |
425 | help | 435 | help |
426 | TEA cipher algorithm. | 436 | DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). |
427 | |||
428 | Tiny Encryption Algorithm is a simple cipher that uses | ||
429 | many rounds for security. It is very fast and uses | ||
430 | little memory. | ||
431 | |||
432 | Xtendend Tiny Encryption Algorithm is a modification to | ||
433 | the TEA algorithm to address a potential key weakness | ||
434 | in the TEA algorithm. | ||
435 | |||
436 | Xtendend Encryption Tiny Algorithm is a mis-implementation | ||
437 | of the XTEA algorithm for compatibility purposes. | ||
438 | 437 | ||
439 | config CRYPTO_ARC4 | 438 | config CRYPTO_FCRYPT |
440 | tristate "ARC4 cipher algorithm" | 439 | tristate "FCrypt cipher algorithm" |
441 | select CRYPTO_ALGAPI | 440 | select CRYPTO_ALGAPI |
441 | select CRYPTO_BLKCIPHER | ||
442 | help | 442 | help |
443 | ARC4 cipher algorithm. | 443 | FCrypt algorithm used by RxRPC. |
444 | |||
445 | ARC4 is a stream cipher using keys ranging from 8 bits to 2048 | ||
446 | bits in length. This algorithm is required for driver-based | ||
447 | WEP, but it should not be for other purposes because of the | ||
448 | weakness of the algorithm. | ||
449 | 444 | ||
450 | config CRYPTO_KHAZAD | 445 | config CRYPTO_KHAZAD |
451 | tristate "Khazad cipher algorithm" | 446 | tristate "Khazad cipher algorithm" |
@@ -460,34 +455,6 @@ config CRYPTO_KHAZAD | |||
460 | See also: | 455 | See also: |
461 | <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> | 456 | <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> |
462 | 457 | ||
463 | config CRYPTO_ANUBIS | ||
464 | tristate "Anubis cipher algorithm" | ||
465 | select CRYPTO_ALGAPI | ||
466 | help | ||
467 | Anubis cipher algorithm. | ||
468 | |||
469 | Anubis is a variable key length cipher which can use keys from | ||
470 | 128 bits to 320 bits in length. It was evaluated as a entrant | ||
471 | in the NESSIE competition. | ||
472 | |||
473 | See also: | ||
474 | <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> | ||
475 | <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> | ||
476 | |||
477 | config CRYPTO_SEED | ||
478 | tristate "SEED cipher algorithm" | ||
479 | select CRYPTO_ALGAPI | ||
480 | help | ||
481 | SEED cipher algorithm (RFC4269). | ||
482 | |||
483 | SEED is a 128-bit symmetric key block cipher that has been | ||
484 | developed by KISA (Korea Information Security Agency) as a | ||
485 | national standard encryption algorithm of the Republic of Korea. | ||
486 | It is a 16 round block cipher with the key size of 128 bit. | ||
487 | |||
488 | See also: | ||
489 | <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> | ||
490 | |||
491 | config CRYPTO_SALSA20 | 458 | config CRYPTO_SALSA20 |
492 | tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" | 459 | tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" |
493 | depends on EXPERIMENTAL | 460 | depends on EXPERIMENTAL |
@@ -529,69 +496,115 @@ config CRYPTO_SALSA20_X86_64 | |||
529 | The Salsa20 stream cipher algorithm is designed by Daniel J. | 496 | The Salsa20 stream cipher algorithm is designed by Daniel J. |
530 | Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> | 497 | Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> |
531 | 498 | ||
532 | config CRYPTO_DEFLATE | 499 | config CRYPTO_SEED |
533 | tristate "Deflate compression algorithm" | 500 | tristate "SEED cipher algorithm" |
534 | select CRYPTO_ALGAPI | 501 | select CRYPTO_ALGAPI |
535 | select ZLIB_INFLATE | ||
536 | select ZLIB_DEFLATE | ||
537 | help | 502 | help |
538 | This is the Deflate algorithm (RFC1951), specified for use in | 503 | SEED cipher algorithm (RFC4269). |
539 | IPSec with the IPCOMP protocol (RFC3173, RFC2394). | ||
540 | |||
541 | You will most probably want this if using IPSec. | ||
542 | 504 | ||
543 | config CRYPTO_MICHAEL_MIC | 505 | SEED is a 128-bit symmetric key block cipher that has been |
544 | tristate "Michael MIC keyed digest algorithm" | 506 | developed by KISA (Korea Information Security Agency) as a |
507 | national standard encryption algorithm of the Republic of Korea. | ||
508 | It is a 16 round block cipher with the key size of 128 bit. | ||
509 | |||
510 | See also: | ||
511 | <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> | ||
512 | |||
513 | config CRYPTO_SERPENT | ||
514 | tristate "Serpent cipher algorithm" | ||
545 | select CRYPTO_ALGAPI | 515 | select CRYPTO_ALGAPI |
546 | help | 516 | help |
547 | Michael MIC is used for message integrity protection in TKIP | 517 | Serpent cipher algorithm, by Anderson, Biham & Knudsen. |
548 | (IEEE 802.11i). This algorithm is required for TKIP, but it | ||
549 | should not be used for other purposes because of the weakness | ||
550 | of the algorithm. | ||
551 | 518 | ||
552 | config CRYPTO_CRC32C | 519 | Keys are allowed to be from 0 to 256 bits in length, in steps |
553 | tristate "CRC32c CRC algorithm" | 520 | of 8 bits. Also includes the 'Tnepres' algorithm, a reversed |
521 | variant of Serpent for compatibility with old kerneli.org code. | ||
522 | |||
523 | See also: | ||
524 | <http://www.cl.cam.ac.uk/~rja14/serpent.html> | ||
525 | |||
526 | config CRYPTO_TEA | ||
527 | tristate "TEA, XTEA and XETA cipher algorithms" | ||
554 | select CRYPTO_ALGAPI | 528 | select CRYPTO_ALGAPI |
555 | select LIBCRC32C | ||
556 | help | 529 | help |
557 | Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used | 530 | TEA cipher algorithm. |
558 | by iSCSI for header and data digests and by others. | ||
559 | See Castagnoli93. This implementation uses lib/libcrc32c. | ||
560 | Module will be crc32c. | ||
561 | 531 | ||
562 | config CRYPTO_CAMELLIA | 532 | Tiny Encryption Algorithm is a simple cipher that uses |
563 | tristate "Camellia cipher algorithms" | 533 | many rounds for security. It is very fast and uses |
564 | depends on CRYPTO | 534 | little memory. |
535 | |||
536 | Xtendend Tiny Encryption Algorithm is a modification to | ||
537 | the TEA algorithm to address a potential key weakness | ||
538 | in the TEA algorithm. | ||
539 | |||
540 | Xtendend Encryption Tiny Algorithm is a mis-implementation | ||
541 | of the XTEA algorithm for compatibility purposes. | ||
542 | |||
543 | config CRYPTO_TWOFISH | ||
544 | tristate "Twofish cipher algorithm" | ||
565 | select CRYPTO_ALGAPI | 545 | select CRYPTO_ALGAPI |
546 | select CRYPTO_TWOFISH_COMMON | ||
566 | help | 547 | help |
567 | Camellia cipher algorithms module. | 548 | Twofish cipher algorithm. |
568 | 549 | ||
569 | Camellia is a symmetric key block cipher developed jointly | 550 | Twofish was submitted as an AES (Advanced Encryption Standard) |
570 | at NTT and Mitsubishi Electric Corporation. | 551 | candidate cipher by researchers at CounterPane Systems. It is a |
552 | 16 round block cipher supporting key sizes of 128, 192, and 256 | ||
553 | bits. | ||
571 | 554 | ||
572 | The Camellia specifies three key sizes: 128, 192 and 256 bits. | 555 | See also: |
556 | <http://www.schneier.com/twofish.html> | ||
557 | |||
558 | config CRYPTO_TWOFISH_COMMON | ||
559 | tristate | ||
560 | help | ||
561 | Common parts of the Twofish cipher algorithm shared by the | ||
562 | generic c and the assembler implementations. | ||
563 | |||
564 | config CRYPTO_TWOFISH_586 | ||
565 | tristate "Twofish cipher algorithms (i586)" | ||
566 | depends on (X86 || UML_X86) && !64BIT | ||
567 | select CRYPTO_ALGAPI | ||
568 | select CRYPTO_TWOFISH_COMMON | ||
569 | help | ||
570 | Twofish cipher algorithm. | ||
571 | |||
572 | Twofish was submitted as an AES (Advanced Encryption Standard) | ||
573 | candidate cipher by researchers at CounterPane Systems. It is a | ||
574 | 16 round block cipher supporting key sizes of 128, 192, and 256 | ||
575 | bits. | ||
573 | 576 | ||
574 | See also: | 577 | See also: |
575 | <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> | 578 | <http://www.schneier.com/twofish.html> |
576 | 579 | ||
577 | config CRYPTO_TEST | 580 | config CRYPTO_TWOFISH_X86_64 |
578 | tristate "Testing module" | 581 | tristate "Twofish cipher algorithm (x86_64)" |
579 | depends on m | 582 | depends on (X86 || UML_X86) && 64BIT |
580 | select CRYPTO_ALGAPI | 583 | select CRYPTO_ALGAPI |
581 | select CRYPTO_AEAD | 584 | select CRYPTO_TWOFISH_COMMON |
582 | select CRYPTO_BLKCIPHER | ||
583 | help | 585 | help |
584 | Quick & dirty crypto test module. | 586 | Twofish cipher algorithm (x86_64). |
585 | 587 | ||
586 | config CRYPTO_AUTHENC | 588 | Twofish was submitted as an AES (Advanced Encryption Standard) |
587 | tristate "Authenc support" | 589 | candidate cipher by researchers at CounterPane Systems. It is a |
588 | select CRYPTO_AEAD | 590 | 16 round block cipher supporting key sizes of 128, 192, and 256 |
589 | select CRYPTO_BLKCIPHER | 591 | bits. |
590 | select CRYPTO_MANAGER | 592 | |
591 | select CRYPTO_HASH | 593 | See also: |
594 | <http://www.schneier.com/twofish.html> | ||
595 | |||
596 | comment "Compression" | ||
597 | |||
598 | config CRYPTO_DEFLATE | ||
599 | tristate "Deflate compression algorithm" | ||
600 | select CRYPTO_ALGAPI | ||
601 | select ZLIB_INFLATE | ||
602 | select ZLIB_DEFLATE | ||
592 | help | 603 | help |
593 | Authenc: Combined mode wrapper for IPsec. | 604 | This is the Deflate algorithm (RFC1951), specified for use in |
594 | This is required for IPSec. | 605 | IPSec with the IPCOMP protocol (RFC3173, RFC2394). |
606 | |||
607 | You will most probably want this if using IPSec. | ||
595 | 608 | ||
596 | config CRYPTO_LZO | 609 | config CRYPTO_LZO |
597 | tristate "LZO compression algorithm" | 610 | tristate "LZO compression algorithm" |