xref: /linux/arch/arm/crypto/Kconfig (revision b48321def4c506057e22845f8e0dcdce2214dbfa)
1652ccae5SArd Biesheuvel
2652ccae5SArd Biesheuvelmenuconfig ARM_CRYPTO
3652ccae5SArd Biesheuvel	bool "ARM Accelerated Cryptographic Algorithms"
4652ccae5SArd Biesheuvel	depends on ARM
5652ccae5SArd Biesheuvel	help
6652ccae5SArd Biesheuvel	  Say Y here to choose from a selection of cryptographic algorithms
7652ccae5SArd Biesheuvel	  implemented using ARM specific CPU features or instructions.
8652ccae5SArd Biesheuvel
9652ccae5SArd Biesheuvelif ARM_CRYPTO
10652ccae5SArd Biesheuvel
11652ccae5SArd Biesheuvelconfig CRYPTO_SHA1_ARM
12652ccae5SArd Biesheuvel	tristate "SHA1 digest algorithm (ARM-asm)"
13652ccae5SArd Biesheuvel	select CRYPTO_SHA1
14652ccae5SArd Biesheuvel	select CRYPTO_HASH
15652ccae5SArd Biesheuvel	help
16652ccae5SArd Biesheuvel	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
17652ccae5SArd Biesheuvel	  using optimized ARM assembler.
18652ccae5SArd Biesheuvel
19652ccae5SArd Biesheuvelconfig CRYPTO_SHA1_ARM_NEON
20652ccae5SArd Biesheuvel	tristate "SHA1 digest algorithm (ARM NEON)"
21652ccae5SArd Biesheuvel	depends on KERNEL_MODE_NEON
22652ccae5SArd Biesheuvel	select CRYPTO_SHA1_ARM
23652ccae5SArd Biesheuvel	select CRYPTO_SHA1
24652ccae5SArd Biesheuvel	select CRYPTO_HASH
25652ccae5SArd Biesheuvel	help
26652ccae5SArd Biesheuvel	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
27652ccae5SArd Biesheuvel	  using optimized ARM NEON assembly, when NEON instructions are
28652ccae5SArd Biesheuvel	  available.
29652ccae5SArd Biesheuvel
30864cbeedSArd Biesheuvelconfig CRYPTO_SHA1_ARM_CE
31864cbeedSArd Biesheuvel	tristate "SHA1 digest algorithm (ARM v8 Crypto Extensions)"
32864cbeedSArd Biesheuvel	depends on KERNEL_MODE_NEON
33864cbeedSArd Biesheuvel	select CRYPTO_SHA1_ARM
34864cbeedSArd Biesheuvel	select CRYPTO_HASH
35864cbeedSArd Biesheuvel	help
36864cbeedSArd Biesheuvel	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
37864cbeedSArd Biesheuvel	  using special ARMv8 Crypto Extensions.
38864cbeedSArd Biesheuvel
39006d0624SArd Biesheuvelconfig CRYPTO_SHA2_ARM_CE
40006d0624SArd Biesheuvel	tristate "SHA-224/256 digest algorithm (ARM v8 Crypto Extensions)"
41006d0624SArd Biesheuvel	depends on KERNEL_MODE_NEON
429205b949SArd Biesheuvel	select CRYPTO_SHA256_ARM
43006d0624SArd Biesheuvel	select CRYPTO_HASH
44006d0624SArd Biesheuvel	help
45006d0624SArd Biesheuvel	  SHA-256 secure hash standard (DFIPS 180-2) implemented
46006d0624SArd Biesheuvel	  using special ARMv8 Crypto Extensions.
47006d0624SArd Biesheuvel
48f2f770d7SSami Tolvanenconfig CRYPTO_SHA256_ARM
49f2f770d7SSami Tolvanen	tristate "SHA-224/256 digest algorithm (ARM-asm and NEON)"
50f2f770d7SSami Tolvanen	select CRYPTO_HASH
51*b48321deSArnd Bergmann	depends on !CPU_V7M
52f2f770d7SSami Tolvanen	help
53f2f770d7SSami Tolvanen	  SHA-256 secure hash standard (DFIPS 180-2) implemented
54f2f770d7SSami Tolvanen	  using optimized ARM assembler and NEON, when available.
55f2f770d7SSami Tolvanen
56652ccae5SArd Biesheuvelconfig CRYPTO_SHA512_ARM_NEON
57652ccae5SArd Biesheuvel	tristate "SHA384 and SHA512 digest algorithm (ARM NEON)"
58652ccae5SArd Biesheuvel	depends on KERNEL_MODE_NEON
59652ccae5SArd Biesheuvel	select CRYPTO_SHA512
60652ccae5SArd Biesheuvel	select CRYPTO_HASH
61652ccae5SArd Biesheuvel	help
62652ccae5SArd Biesheuvel	  SHA-512 secure hash standard (DFIPS 180-2) implemented
63652ccae5SArd Biesheuvel	  using ARM NEON instructions, when available.
64652ccae5SArd Biesheuvel
65652ccae5SArd Biesheuvel	  This version of SHA implements a 512 bit hash with 256 bits of
66652ccae5SArd Biesheuvel	  security against collision attacks.
67652ccae5SArd Biesheuvel
68652ccae5SArd Biesheuvel	  This code also includes SHA-384, a 384 bit hash with 192 bits
69652ccae5SArd Biesheuvel	  of security against collision attacks.
70652ccae5SArd Biesheuvel
71652ccae5SArd Biesheuvelconfig CRYPTO_AES_ARM
72652ccae5SArd Biesheuvel	tristate "AES cipher algorithms (ARM-asm)"
73652ccae5SArd Biesheuvel	depends on ARM
74652ccae5SArd Biesheuvel	select CRYPTO_ALGAPI
75652ccae5SArd Biesheuvel	select CRYPTO_AES
76652ccae5SArd Biesheuvel	help
77652ccae5SArd Biesheuvel	  Use optimized AES assembler routines for ARM platforms.
78652ccae5SArd Biesheuvel
79652ccae5SArd Biesheuvel	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
80652ccae5SArd Biesheuvel	  algorithm.
81652ccae5SArd Biesheuvel
82652ccae5SArd Biesheuvel	  Rijndael appears to be consistently a very good performer in
83652ccae5SArd Biesheuvel	  both hardware and software across a wide range of computing
84652ccae5SArd Biesheuvel	  environments regardless of its use in feedback or non-feedback
85652ccae5SArd Biesheuvel	  modes. Its key setup time is excellent, and its key agility is
86652ccae5SArd Biesheuvel	  good. Rijndael's very low memory requirements make it very well
87652ccae5SArd Biesheuvel	  suited for restricted-space environments, in which it also
88652ccae5SArd Biesheuvel	  demonstrates excellent performance. Rijndael's operations are
89652ccae5SArd Biesheuvel	  among the easiest to defend against power and timing attacks.
90652ccae5SArd Biesheuvel
91652ccae5SArd Biesheuvel	  The AES specifies three key sizes: 128, 192 and 256 bits
92652ccae5SArd Biesheuvel
93652ccae5SArd Biesheuvel	  See <http://csrc.nist.gov/encryption/aes/> for more information.
94652ccae5SArd Biesheuvel
95652ccae5SArd Biesheuvelconfig CRYPTO_AES_ARM_BS
96652ccae5SArd Biesheuvel	tristate "Bit sliced AES using NEON instructions"
97652ccae5SArd Biesheuvel	depends on KERNEL_MODE_NEON
98652ccae5SArd Biesheuvel	select CRYPTO_ALGAPI
99652ccae5SArd Biesheuvel	select CRYPTO_AES_ARM
100652ccae5SArd Biesheuvel	select CRYPTO_ABLK_HELPER
101652ccae5SArd Biesheuvel	help
102652ccae5SArd Biesheuvel	  Use a faster and more secure NEON based implementation of AES in CBC,
103652ccae5SArd Biesheuvel	  CTR and XTS modes
104652ccae5SArd Biesheuvel
105652ccae5SArd Biesheuvel	  Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
106652ccae5SArd Biesheuvel	  and for XTS mode encryption, CBC and XTS mode decryption speedup is
107652ccae5SArd Biesheuvel	  around 25%. (CBC encryption speed is not affected by this driver.)
108652ccae5SArd Biesheuvel	  This implementation does not rely on any lookup tables so it is
109652ccae5SArd Biesheuvel	  believed to be invulnerable to cache timing attacks.
110652ccae5SArd Biesheuvel
11186464859SArd Biesheuvelconfig CRYPTO_AES_ARM_CE
11286464859SArd Biesheuvel	tristate "Accelerated AES using ARMv8 Crypto Extensions"
11386464859SArd Biesheuvel	depends on KERNEL_MODE_NEON
11486464859SArd Biesheuvel	select CRYPTO_ALGAPI
11586464859SArd Biesheuvel	select CRYPTO_ABLK_HELPER
11686464859SArd Biesheuvel	help
11786464859SArd Biesheuvel	  Use an implementation of AES in CBC, CTR and XTS modes that uses
11886464859SArd Biesheuvel	  ARMv8 Crypto Extensions
11986464859SArd Biesheuvel
120f1e866b1SArd Biesheuvelconfig CRYPTO_GHASH_ARM_CE
121f1e866b1SArd Biesheuvel	tristate "PMULL-accelerated GHASH using ARMv8 Crypto Extensions"
122f1e866b1SArd Biesheuvel	depends on KERNEL_MODE_NEON
123f1e866b1SArd Biesheuvel	select CRYPTO_HASH
124f1e866b1SArd Biesheuvel	select CRYPTO_CRYPTD
125f1e866b1SArd Biesheuvel	help
126f1e866b1SArd Biesheuvel	  Use an implementation of GHASH (used by the GCM AEAD chaining mode)
127f1e866b1SArd Biesheuvel	  that uses the 64x64 to 128 bit polynomial multiplication (vmull.p64)
128f1e866b1SArd Biesheuvel	  that is part of the ARMv8 Crypto Extensions
129f1e866b1SArd Biesheuvel
130652ccae5SArd Biesheuvelendif
131