summaryrefslogtreecommitdiffstats
path: root/crypto/Kconfig
diff options
context:
space:
mode:
authorJoy Latten <latten@austin.ibm.com>2007-10-23 02:50:32 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2008-01-10 22:16:01 +0100
commit23e353c8a681cc30d42fbd4f2c2be85c44fe209b (patch)
treed64934fa42e3e1e2b3fcccb4e86168a1614e250d /crypto/Kconfig
parent[CRYPTO] padlock: Fix alignment fault in aes_crypt_copy (diff)
downloadlinux-23e353c8a681cc30d42fbd4f2c2be85c44fe209b.tar.xz
linux-23e353c8a681cc30d42fbd4f2c2be85c44fe209b.zip
[CRYPTO] ctr: Add CTR (Counter) block cipher mode
This patch implements CTR mode for IPsec. It is based off of RFC 3686. Please note: 1. CTR turns a block cipher into a stream cipher. Encryption is done in blocks, however the last block may be a partial block. A "counter block" is encrypted, creating a keystream that is xor'ed with the plaintext. The counter portion of the counter block is incremented after each block of plaintext is encrypted. Decryption is performed in same manner. 2. The CTR counterblock is composed of, nonce + IV + counter The size of the counterblock is equivalent to the blocksize of the cipher. sizeof(nonce) + sizeof(IV) + sizeof(counter) = blocksize The CTR template requires the name of the cipher algorithm, the sizeof the nonce, and the sizeof the iv. ctr(cipher,sizeof_nonce,sizeof_iv) So for example, ctr(aes,4,8) specifies the counterblock will be composed of 4 bytes from a nonce, 8 bytes from the iv, and 4 bytes for counter since aes has a blocksize of 16 bytes. 3. The counter portion of the counter block is stored in big endian for conformance to rfc 3686. Signed-off-by: Joy Latten <latten@austin.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/Kconfig')
-rw-r--r--crypto/Kconfig9
1 files changed, 9 insertions, 0 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 083d2e1dfc21..1f32071a3068 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -195,6 +195,15 @@ config CRYPTO_XTS
key size 256, 384 or 512 bits. This implementation currently
can't handle a sectorsize which is not a multiple of 16 bytes.
+config CRYPTO_CTR
+ tristate "CTR support"
+ select CRYPTO_BLKCIPHER
+ select CRYPTO_MANAGER
+ default m
+ help
+ CTR: Counter mode
+ This block cipher algorithm is required for IPSec.
+
config CRYPTO_CRYPTD
tristate "Software async crypto daemon"
select CRYPTO_ABLKCIPHER