1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS 27 help 28 This options enables the fips boot option which is 29 required if you want to system to operate in a FIPS 200 30 certification. You should say no unless you know what 31 this is. 32 33config CRYPTO_ALGAPI 34 tristate 35 select CRYPTO_ALGAPI2 36 help 37 This option provides the API for cryptographic algorithms. 38 39config CRYPTO_ALGAPI2 40 tristate 41 42config CRYPTO_AEAD 43 tristate 44 select CRYPTO_AEAD2 45 select CRYPTO_ALGAPI 46 47config CRYPTO_AEAD2 48 tristate 49 select CRYPTO_ALGAPI2 50 51config CRYPTO_BLKCIPHER 52 tristate 53 select CRYPTO_BLKCIPHER2 54 select CRYPTO_ALGAPI 55 56config CRYPTO_BLKCIPHER2 57 tristate 58 select CRYPTO_ALGAPI2 59 select CRYPTO_RNG2 60 select CRYPTO_WORKQUEUE 61 62config CRYPTO_HASH 63 tristate 64 select CRYPTO_HASH2 65 select CRYPTO_ALGAPI 66 67config CRYPTO_HASH2 68 tristate 69 select CRYPTO_ALGAPI2 70 71config CRYPTO_RNG 72 tristate 73 select CRYPTO_RNG2 74 select CRYPTO_ALGAPI 75 76config CRYPTO_RNG2 77 tristate 78 select CRYPTO_ALGAPI2 79 80config CRYPTO_PCOMP 81 tristate 82 select CRYPTO_PCOMP2 83 select CRYPTO_ALGAPI 84 85config CRYPTO_PCOMP2 86 tristate 87 select CRYPTO_ALGAPI2 88 89config CRYPTO_MANAGER 90 tristate "Cryptographic algorithm manager" 91 select CRYPTO_MANAGER2 92 help 93 Create default cryptographic template instantiations such as 94 cbc(aes). 95 96config CRYPTO_MANAGER2 97 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 98 select CRYPTO_AEAD2 99 select CRYPTO_HASH2 100 select CRYPTO_BLKCIPHER2 101 select CRYPTO_PCOMP2 102 103config CRYPTO_USER 104 tristate "Userspace cryptographic algorithm configuration" 105 depends on NET 106 select CRYPTO_MANAGER 107 help 108 Userspace configuration for cryptographic instantiations such as 109 cbc(aes). 110 111config CRYPTO_MANAGER_DISABLE_TESTS 112 bool "Disable run-time self tests" 113 default y 114 depends on CRYPTO_MANAGER2 115 help 116 Disable run-time self tests that normally take place at 117 algorithm registration. 118 119config CRYPTO_GF128MUL 120 tristate "GF(2^128) multiplication functions" 121 help 122 Efficient table driven implementation of multiplications in the 123 field GF(2^128). This is needed by some cypher modes. This 124 option will be selected automatically if you select such a 125 cipher mode. Only select this option by hand if you expect to load 126 an external module that requires these functions. 127 128config CRYPTO_NULL 129 tristate "Null algorithms" 130 select CRYPTO_ALGAPI 131 select CRYPTO_BLKCIPHER 132 select CRYPTO_HASH 133 help 134 These are 'Null' algorithms, used by IPsec, which do nothing. 135 136config CRYPTO_PCRYPT 137 tristate "Parallel crypto engine (EXPERIMENTAL)" 138 depends on SMP && EXPERIMENTAL 139 select PADATA 140 select CRYPTO_MANAGER 141 select CRYPTO_AEAD 142 help 143 This converts an arbitrary crypto algorithm into a parallel 144 algorithm that executes in kernel threads. 145 146config CRYPTO_WORKQUEUE 147 tristate 148 149config CRYPTO_CRYPTD 150 tristate "Software async crypto daemon" 151 select CRYPTO_BLKCIPHER 152 select CRYPTO_HASH 153 select CRYPTO_MANAGER 154 select CRYPTO_WORKQUEUE 155 help 156 This is a generic software asynchronous crypto daemon that 157 converts an arbitrary synchronous software crypto algorithm 158 into an asynchronous algorithm that executes in a kernel thread. 159 160config CRYPTO_AUTHENC 161 tristate "Authenc support" 162 select CRYPTO_AEAD 163 select CRYPTO_BLKCIPHER 164 select CRYPTO_MANAGER 165 select CRYPTO_HASH 166 help 167 Authenc: Combined mode wrapper for IPsec. 168 This is required for IPSec. 169 170config CRYPTO_TEST 171 tristate "Testing module" 172 depends on m 173 select CRYPTO_MANAGER 174 help 175 Quick & dirty crypto test module. 176 177config CRYPTO_ABLK_HELPER_X86 178 tristate 179 depends on X86 180 select CRYPTO_CRYPTD 181 182config CRYPTO_GLUE_HELPER_X86 183 tristate 184 depends on X86 185 select CRYPTO_ALGAPI 186 187comment "Authenticated Encryption with Associated Data" 188 189config CRYPTO_CCM 190 tristate "CCM support" 191 select CRYPTO_CTR 192 select CRYPTO_AEAD 193 help 194 Support for Counter with CBC MAC. Required for IPsec. 195 196config CRYPTO_GCM 197 tristate "GCM/GMAC support" 198 select CRYPTO_CTR 199 select CRYPTO_AEAD 200 select CRYPTO_GHASH 201 help 202 Support for Galois/Counter Mode (GCM) and Galois Message 203 Authentication Code (GMAC). Required for IPSec. 204 205config CRYPTO_SEQIV 206 tristate "Sequence Number IV Generator" 207 select CRYPTO_AEAD 208 select CRYPTO_BLKCIPHER 209 select CRYPTO_RNG 210 help 211 This IV generator generates an IV based on a sequence number by 212 xoring it with a salt. This algorithm is mainly useful for CTR 213 214comment "Block modes" 215 216config CRYPTO_CBC 217 tristate "CBC support" 218 select CRYPTO_BLKCIPHER 219 select CRYPTO_MANAGER 220 help 221 CBC: Cipher Block Chaining mode 222 This block cipher algorithm is required for IPSec. 223 224config CRYPTO_CTR 225 tristate "CTR support" 226 select CRYPTO_BLKCIPHER 227 select CRYPTO_SEQIV 228 select CRYPTO_MANAGER 229 help 230 CTR: Counter mode 231 This block cipher algorithm is required for IPSec. 232 233config CRYPTO_CTS 234 tristate "CTS support" 235 select CRYPTO_BLKCIPHER 236 help 237 CTS: Cipher Text Stealing 238 This is the Cipher Text Stealing mode as described by 239 Section 8 of rfc2040 and referenced by rfc3962. 240 (rfc3962 includes errata information in its Appendix A) 241 This mode is required for Kerberos gss mechanism support 242 for AES encryption. 243 244config CRYPTO_ECB 245 tristate "ECB support" 246 select CRYPTO_BLKCIPHER 247 select CRYPTO_MANAGER 248 help 249 ECB: Electronic CodeBook mode 250 This is the simplest block cipher algorithm. It simply encrypts 251 the input block by block. 252 253config CRYPTO_LRW 254 tristate "LRW support" 255 select CRYPTO_BLKCIPHER 256 select CRYPTO_MANAGER 257 select CRYPTO_GF128MUL 258 help 259 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 260 narrow block cipher mode for dm-crypt. Use it with cipher 261 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 262 The first 128, 192 or 256 bits in the key are used for AES and the 263 rest is used to tie each cipher block to its logical position. 264 265config CRYPTO_PCBC 266 tristate "PCBC support" 267 select CRYPTO_BLKCIPHER 268 select CRYPTO_MANAGER 269 help 270 PCBC: Propagating Cipher Block Chaining mode 271 This block cipher algorithm is required for RxRPC. 272 273config CRYPTO_XTS 274 tristate "XTS support" 275 select CRYPTO_BLKCIPHER 276 select CRYPTO_MANAGER 277 select CRYPTO_GF128MUL 278 help 279 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 280 key size 256, 384 or 512 bits. This implementation currently 281 can't handle a sectorsize which is not a multiple of 16 bytes. 282 283comment "Hash modes" 284 285config CRYPTO_HMAC 286 tristate "HMAC support" 287 select CRYPTO_HASH 288 select CRYPTO_MANAGER 289 help 290 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 291 This is required for IPSec. 292 293config CRYPTO_XCBC 294 tristate "XCBC support" 295 depends on EXPERIMENTAL 296 select CRYPTO_HASH 297 select CRYPTO_MANAGER 298 help 299 XCBC: Keyed-Hashing with encryption algorithm 300 http://www.ietf.org/rfc/rfc3566.txt 301 http://csrc.nist.gov/encryption/modes/proposedmodes/ 302 xcbc-mac/xcbc-mac-spec.pdf 303 304config CRYPTO_VMAC 305 tristate "VMAC support" 306 depends on EXPERIMENTAL 307 select CRYPTO_HASH 308 select CRYPTO_MANAGER 309 help 310 VMAC is a message authentication algorithm designed for 311 very high speed on 64-bit architectures. 312 313 See also: 314 <http://fastcrypto.org/vmac> 315 316comment "Digest" 317 318config CRYPTO_CRC32C 319 tristate "CRC32c CRC algorithm" 320 select CRYPTO_HASH 321 select CRC32 322 help 323 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 324 by iSCSI for header and data digests and by others. 325 See Castagnoli93. Module will be crc32c. 326 327config CRYPTO_CRC32C_INTEL 328 tristate "CRC32c INTEL hardware acceleration" 329 depends on X86 330 select CRYPTO_HASH 331 help 332 In Intel processor with SSE4.2 supported, the processor will 333 support CRC32C implementation using hardware accelerated CRC32 334 instruction. This option will create 'crc32c-intel' module, 335 which will enable any routine to use the CRC32 instruction to 336 gain performance compared with software implementation. 337 Module will be crc32c-intel. 338 339config CRYPTO_CRC32C_SPARC64 340 tristate "CRC32c CRC algorithm (SPARC64)" 341 depends on SPARC64 342 select CRYPTO_HASH 343 select CRC32 344 help 345 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 346 when available. 347 348config CRYPTO_GHASH 349 tristate "GHASH digest algorithm" 350 select CRYPTO_GF128MUL 351 help 352 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 353 354config CRYPTO_MD4 355 tristate "MD4 digest algorithm" 356 select CRYPTO_HASH 357 help 358 MD4 message digest algorithm (RFC1320). 359 360config CRYPTO_MD5 361 tristate "MD5 digest algorithm" 362 select CRYPTO_HASH 363 help 364 MD5 message digest algorithm (RFC1321). 365 366config CRYPTO_MD5_SPARC64 367 tristate "MD5 digest algorithm (SPARC64)" 368 depends on SPARC64 369 select CRYPTO_MD5 370 select CRYPTO_HASH 371 help 372 MD5 message digest algorithm (RFC1321) implemented 373 using sparc64 crypto instructions, when available. 374 375config CRYPTO_MICHAEL_MIC 376 tristate "Michael MIC keyed digest algorithm" 377 select CRYPTO_HASH 378 help 379 Michael MIC is used for message integrity protection in TKIP 380 (IEEE 802.11i). This algorithm is required for TKIP, but it 381 should not be used for other purposes because of the weakness 382 of the algorithm. 383 384config CRYPTO_RMD128 385 tristate "RIPEMD-128 digest algorithm" 386 select CRYPTO_HASH 387 help 388 RIPEMD-128 (ISO/IEC 10118-3:2004). 389 390 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 391 be used as a secure replacement for RIPEMD. For other use cases, 392 RIPEMD-160 should be used. 393 394 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 395 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 396 397config CRYPTO_RMD160 398 tristate "RIPEMD-160 digest algorithm" 399 select CRYPTO_HASH 400 help 401 RIPEMD-160 (ISO/IEC 10118-3:2004). 402 403 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 404 to be used as a secure replacement for the 128-bit hash functions 405 MD4, MD5 and it's predecessor RIPEMD 406 (not to be confused with RIPEMD-128). 407 408 It's speed is comparable to SHA1 and there are no known attacks 409 against RIPEMD-160. 410 411 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 412 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 413 414config CRYPTO_RMD256 415 tristate "RIPEMD-256 digest algorithm" 416 select CRYPTO_HASH 417 help 418 RIPEMD-256 is an optional extension of RIPEMD-128 with a 419 256 bit hash. It is intended for applications that require 420 longer hash-results, without needing a larger security level 421 (than RIPEMD-128). 422 423 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 424 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 425 426config CRYPTO_RMD320 427 tristate "RIPEMD-320 digest algorithm" 428 select CRYPTO_HASH 429 help 430 RIPEMD-320 is an optional extension of RIPEMD-160 with a 431 320 bit hash. It is intended for applications that require 432 longer hash-results, without needing a larger security level 433 (than RIPEMD-160). 434 435 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 436 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 437 438config CRYPTO_SHA1 439 tristate "SHA1 digest algorithm" 440 select CRYPTO_HASH 441 help 442 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 443 444config CRYPTO_SHA1_SSSE3 445 tristate "SHA1 digest algorithm (SSSE3/AVX)" 446 depends on X86 && 64BIT 447 select CRYPTO_SHA1 448 select CRYPTO_HASH 449 help 450 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 451 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 452 Extensions (AVX), when available. 453 454config CRYPTO_SHA1_SPARC64 455 tristate "SHA1 digest algorithm (SPARC64)" 456 depends on SPARC64 457 select CRYPTO_SHA1 458 select CRYPTO_HASH 459 help 460 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 461 using sparc64 crypto instructions, when available. 462 463config CRYPTO_SHA1_ARM 464 tristate "SHA1 digest algorithm (ARM-asm)" 465 depends on ARM 466 select CRYPTO_SHA1 467 select CRYPTO_HASH 468 help 469 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 470 using optimized ARM assembler. 471 472config CRYPTO_SHA256 473 tristate "SHA224 and SHA256 digest algorithm" 474 select CRYPTO_HASH 475 help 476 SHA256 secure hash standard (DFIPS 180-2). 477 478 This version of SHA implements a 256 bit hash with 128 bits of 479 security against collision attacks. 480 481 This code also includes SHA-224, a 224 bit hash with 112 bits 482 of security against collision attacks. 483 484config CRYPTO_SHA256_SPARC64 485 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 486 depends on SPARC64 487 select CRYPTO_SHA256 488 select CRYPTO_HASH 489 help 490 SHA-256 secure hash standard (DFIPS 180-2) implemented 491 using sparc64 crypto instructions, when available. 492 493config CRYPTO_SHA512 494 tristate "SHA384 and SHA512 digest algorithms" 495 select CRYPTO_HASH 496 help 497 SHA512 secure hash standard (DFIPS 180-2). 498 499 This version of SHA implements a 512 bit hash with 256 bits of 500 security against collision attacks. 501 502 This code also includes SHA-384, a 384 bit hash with 192 bits 503 of security against collision attacks. 504 505config CRYPTO_SHA512_SPARC64 506 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 507 depends on SPARC64 508 select CRYPTO_SHA512 509 select CRYPTO_HASH 510 help 511 SHA-512 secure hash standard (DFIPS 180-2) implemented 512 using sparc64 crypto instructions, when available. 513 514config CRYPTO_TGR192 515 tristate "Tiger digest algorithms" 516 select CRYPTO_HASH 517 help 518 Tiger hash algorithm 192, 160 and 128-bit hashes 519 520 Tiger is a hash function optimized for 64-bit processors while 521 still having decent performance on 32-bit processors. 522 Tiger was developed by Ross Anderson and Eli Biham. 523 524 See also: 525 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 526 527config CRYPTO_WP512 528 tristate "Whirlpool digest algorithms" 529 select CRYPTO_HASH 530 help 531 Whirlpool hash algorithm 512, 384 and 256-bit hashes 532 533 Whirlpool-512 is part of the NESSIE cryptographic primitives. 534 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 535 536 See also: 537 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 538 539config CRYPTO_GHASH_CLMUL_NI_INTEL 540 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 541 depends on X86 && 64BIT 542 select CRYPTO_CRYPTD 543 help 544 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 545 The implementation is accelerated by CLMUL-NI of Intel. 546 547comment "Ciphers" 548 549config CRYPTO_AES 550 tristate "AES cipher algorithms" 551 select CRYPTO_ALGAPI 552 help 553 AES cipher algorithms (FIPS-197). AES uses the Rijndael 554 algorithm. 555 556 Rijndael appears to be consistently a very good performer in 557 both hardware and software across a wide range of computing 558 environments regardless of its use in feedback or non-feedback 559 modes. Its key setup time is excellent, and its key agility is 560 good. Rijndael's very low memory requirements make it very well 561 suited for restricted-space environments, in which it also 562 demonstrates excellent performance. Rijndael's operations are 563 among the easiest to defend against power and timing attacks. 564 565 The AES specifies three key sizes: 128, 192 and 256 bits 566 567 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 568 569config CRYPTO_AES_586 570 tristate "AES cipher algorithms (i586)" 571 depends on (X86 || UML_X86) && !64BIT 572 select CRYPTO_ALGAPI 573 select CRYPTO_AES 574 help 575 AES cipher algorithms (FIPS-197). AES uses the Rijndael 576 algorithm. 577 578 Rijndael appears to be consistently a very good performer in 579 both hardware and software across a wide range of computing 580 environments regardless of its use in feedback or non-feedback 581 modes. Its key setup time is excellent, and its key agility is 582 good. Rijndael's very low memory requirements make it very well 583 suited for restricted-space environments, in which it also 584 demonstrates excellent performance. Rijndael's operations are 585 among the easiest to defend against power and timing attacks. 586 587 The AES specifies three key sizes: 128, 192 and 256 bits 588 589 See <http://csrc.nist.gov/encryption/aes/> for more information. 590 591config CRYPTO_AES_X86_64 592 tristate "AES cipher algorithms (x86_64)" 593 depends on (X86 || UML_X86) && 64BIT 594 select CRYPTO_ALGAPI 595 select CRYPTO_AES 596 help 597 AES cipher algorithms (FIPS-197). AES uses the Rijndael 598 algorithm. 599 600 Rijndael appears to be consistently a very good performer in 601 both hardware and software across a wide range of computing 602 environments regardless of its use in feedback or non-feedback 603 modes. Its key setup time is excellent, and its key agility is 604 good. Rijndael's very low memory requirements make it very well 605 suited for restricted-space environments, in which it also 606 demonstrates excellent performance. Rijndael's operations are 607 among the easiest to defend against power and timing attacks. 608 609 The AES specifies three key sizes: 128, 192 and 256 bits 610 611 See <http://csrc.nist.gov/encryption/aes/> for more information. 612 613config CRYPTO_AES_NI_INTEL 614 tristate "AES cipher algorithms (AES-NI)" 615 depends on X86 616 select CRYPTO_AES_X86_64 if 64BIT 617 select CRYPTO_AES_586 if !64BIT 618 select CRYPTO_CRYPTD 619 select CRYPTO_ABLK_HELPER_X86 620 select CRYPTO_ALGAPI 621 select CRYPTO_LRW 622 select CRYPTO_XTS 623 help 624 Use Intel AES-NI instructions for AES algorithm. 625 626 AES cipher algorithms (FIPS-197). AES uses the Rijndael 627 algorithm. 628 629 Rijndael appears to be consistently a very good performer in 630 both hardware and software across a wide range of computing 631 environments regardless of its use in feedback or non-feedback 632 modes. Its key setup time is excellent, and its key agility is 633 good. Rijndael's very low memory requirements make it very well 634 suited for restricted-space environments, in which it also 635 demonstrates excellent performance. Rijndael's operations are 636 among the easiest to defend against power and timing attacks. 637 638 The AES specifies three key sizes: 128, 192 and 256 bits 639 640 See <http://csrc.nist.gov/encryption/aes/> for more information. 641 642 In addition to AES cipher algorithm support, the acceleration 643 for some popular block cipher mode is supported too, including 644 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 645 acceleration for CTR. 646 647config CRYPTO_AES_SPARC64 648 tristate "AES cipher algorithms (SPARC64)" 649 depends on SPARC64 650 select CRYPTO_CRYPTD 651 select CRYPTO_ALGAPI 652 help 653 Use SPARC64 crypto opcodes for AES algorithm. 654 655 AES cipher algorithms (FIPS-197). AES uses the Rijndael 656 algorithm. 657 658 Rijndael appears to be consistently a very good performer in 659 both hardware and software across a wide range of computing 660 environments regardless of its use in feedback or non-feedback 661 modes. Its key setup time is excellent, and its key agility is 662 good. Rijndael's very low memory requirements make it very well 663 suited for restricted-space environments, in which it also 664 demonstrates excellent performance. Rijndael's operations are 665 among the easiest to defend against power and timing attacks. 666 667 The AES specifies three key sizes: 128, 192 and 256 bits 668 669 See <http://csrc.nist.gov/encryption/aes/> for more information. 670 671 In addition to AES cipher algorithm support, the acceleration 672 for some popular block cipher mode is supported too, including 673 ECB and CBC. 674 675config CRYPTO_AES_ARM 676 tristate "AES cipher algorithms (ARM-asm)" 677 depends on ARM 678 select CRYPTO_ALGAPI 679 select CRYPTO_AES 680 help 681 Use optimized AES assembler routines for ARM platforms. 682 683 AES cipher algorithms (FIPS-197). AES uses the Rijndael 684 algorithm. 685 686 Rijndael appears to be consistently a very good performer in 687 both hardware and software across a wide range of computing 688 environments regardless of its use in feedback or non-feedback 689 modes. Its key setup time is excellent, and its key agility is 690 good. Rijndael's very low memory requirements make it very well 691 suited for restricted-space environments, in which it also 692 demonstrates excellent performance. Rijndael's operations are 693 among the easiest to defend against power and timing attacks. 694 695 The AES specifies three key sizes: 128, 192 and 256 bits 696 697 See <http://csrc.nist.gov/encryption/aes/> for more information. 698 699config CRYPTO_ANUBIS 700 tristate "Anubis cipher algorithm" 701 select CRYPTO_ALGAPI 702 help 703 Anubis cipher algorithm. 704 705 Anubis is a variable key length cipher which can use keys from 706 128 bits to 320 bits in length. It was evaluated as a entrant 707 in the NESSIE competition. 708 709 See also: 710 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 711 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 712 713config CRYPTO_ARC4 714 tristate "ARC4 cipher algorithm" 715 select CRYPTO_BLKCIPHER 716 help 717 ARC4 cipher algorithm. 718 719 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 720 bits in length. This algorithm is required for driver-based 721 WEP, but it should not be for other purposes because of the 722 weakness of the algorithm. 723 724config CRYPTO_BLOWFISH 725 tristate "Blowfish cipher algorithm" 726 select CRYPTO_ALGAPI 727 select CRYPTO_BLOWFISH_COMMON 728 help 729 Blowfish cipher algorithm, by Bruce Schneier. 730 731 This is a variable key length cipher which can use keys from 32 732 bits to 448 bits in length. It's fast, simple and specifically 733 designed for use on "large microprocessors". 734 735 See also: 736 <http://www.schneier.com/blowfish.html> 737 738config CRYPTO_BLOWFISH_COMMON 739 tristate 740 help 741 Common parts of the Blowfish cipher algorithm shared by the 742 generic c and the assembler implementations. 743 744 See also: 745 <http://www.schneier.com/blowfish.html> 746 747config CRYPTO_BLOWFISH_X86_64 748 tristate "Blowfish cipher algorithm (x86_64)" 749 depends on X86 && 64BIT 750 select CRYPTO_ALGAPI 751 select CRYPTO_BLOWFISH_COMMON 752 help 753 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 754 755 This is a variable key length cipher which can use keys from 32 756 bits to 448 bits in length. It's fast, simple and specifically 757 designed for use on "large microprocessors". 758 759 See also: 760 <http://www.schneier.com/blowfish.html> 761 762config CRYPTO_CAMELLIA 763 tristate "Camellia cipher algorithms" 764 depends on CRYPTO 765 select CRYPTO_ALGAPI 766 help 767 Camellia cipher algorithms module. 768 769 Camellia is a symmetric key block cipher developed jointly 770 at NTT and Mitsubishi Electric Corporation. 771 772 The Camellia specifies three key sizes: 128, 192 and 256 bits. 773 774 See also: 775 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 776 777config CRYPTO_CAMELLIA_X86_64 778 tristate "Camellia cipher algorithm (x86_64)" 779 depends on X86 && 64BIT 780 depends on CRYPTO 781 select CRYPTO_ALGAPI 782 select CRYPTO_GLUE_HELPER_X86 783 select CRYPTO_LRW 784 select CRYPTO_XTS 785 help 786 Camellia cipher algorithm module (x86_64). 787 788 Camellia is a symmetric key block cipher developed jointly 789 at NTT and Mitsubishi Electric Corporation. 790 791 The Camellia specifies three key sizes: 128, 192 and 256 bits. 792 793 See also: 794 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 795 796config CRYPTO_CAMELLIA_SPARC64 797 tristate "Camellia cipher algorithm (SPARC64)" 798 depends on SPARC64 799 depends on CRYPTO 800 select CRYPTO_ALGAPI 801 help 802 Camellia cipher algorithm module (SPARC64). 803 804 Camellia is a symmetric key block cipher developed jointly 805 at NTT and Mitsubishi Electric Corporation. 806 807 The Camellia specifies three key sizes: 128, 192 and 256 bits. 808 809 See also: 810 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 811 812config CRYPTO_CAST5 813 tristate "CAST5 (CAST-128) cipher algorithm" 814 select CRYPTO_ALGAPI 815 help 816 The CAST5 encryption algorithm (synonymous with CAST-128) is 817 described in RFC2144. 818 819config CRYPTO_CAST5_AVX_X86_64 820 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 821 depends on X86 && 64BIT 822 select CRYPTO_ALGAPI 823 select CRYPTO_CRYPTD 824 select CRYPTO_ABLK_HELPER_X86 825 select CRYPTO_CAST5 826 help 827 The CAST5 encryption algorithm (synonymous with CAST-128) is 828 described in RFC2144. 829 830 This module provides the Cast5 cipher algorithm that processes 831 sixteen blocks parallel using the AVX instruction set. 832 833config CRYPTO_CAST6 834 tristate "CAST6 (CAST-256) cipher algorithm" 835 select CRYPTO_ALGAPI 836 help 837 The CAST6 encryption algorithm (synonymous with CAST-256) is 838 described in RFC2612. 839 840config CRYPTO_CAST6_AVX_X86_64 841 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 842 depends on X86 && 64BIT 843 select CRYPTO_ALGAPI 844 select CRYPTO_CRYPTD 845 select CRYPTO_ABLK_HELPER_X86 846 select CRYPTO_GLUE_HELPER_X86 847 select CRYPTO_CAST6 848 select CRYPTO_LRW 849 select CRYPTO_XTS 850 help 851 The CAST6 encryption algorithm (synonymous with CAST-256) is 852 described in RFC2612. 853 854 This module provides the Cast6 cipher algorithm that processes 855 eight blocks parallel using the AVX instruction set. 856 857config CRYPTO_DES 858 tristate "DES and Triple DES EDE cipher algorithms" 859 select CRYPTO_ALGAPI 860 help 861 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 862 863config CRYPTO_DES_SPARC64 864 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 865 depends on SPARC64 866 select CRYPTO_ALGAPI 867 select CRYPTO_DES 868 help 869 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 870 optimized using SPARC64 crypto opcodes. 871 872config CRYPTO_FCRYPT 873 tristate "FCrypt cipher algorithm" 874 select CRYPTO_ALGAPI 875 select CRYPTO_BLKCIPHER 876 help 877 FCrypt algorithm used by RxRPC. 878 879config CRYPTO_KHAZAD 880 tristate "Khazad cipher algorithm" 881 select CRYPTO_ALGAPI 882 help 883 Khazad cipher algorithm. 884 885 Khazad was a finalist in the initial NESSIE competition. It is 886 an algorithm optimized for 64-bit processors with good performance 887 on 32-bit processors. Khazad uses an 128 bit key size. 888 889 See also: 890 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 891 892config CRYPTO_SALSA20 893 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" 894 depends on EXPERIMENTAL 895 select CRYPTO_BLKCIPHER 896 help 897 Salsa20 stream cipher algorithm. 898 899 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 900 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 901 902 The Salsa20 stream cipher algorithm is designed by Daniel J. 903 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 904 905config CRYPTO_SALSA20_586 906 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" 907 depends on (X86 || UML_X86) && !64BIT 908 depends on EXPERIMENTAL 909 select CRYPTO_BLKCIPHER 910 help 911 Salsa20 stream cipher algorithm. 912 913 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 914 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 915 916 The Salsa20 stream cipher algorithm is designed by Daniel J. 917 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 918 919config CRYPTO_SALSA20_X86_64 920 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" 921 depends on (X86 || UML_X86) && 64BIT 922 depends on EXPERIMENTAL 923 select CRYPTO_BLKCIPHER 924 help 925 Salsa20 stream cipher algorithm. 926 927 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 928 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 929 930 The Salsa20 stream cipher algorithm is designed by Daniel J. 931 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 932 933config CRYPTO_SEED 934 tristate "SEED cipher algorithm" 935 select CRYPTO_ALGAPI 936 help 937 SEED cipher algorithm (RFC4269). 938 939 SEED is a 128-bit symmetric key block cipher that has been 940 developed by KISA (Korea Information Security Agency) as a 941 national standard encryption algorithm of the Republic of Korea. 942 It is a 16 round block cipher with the key size of 128 bit. 943 944 See also: 945 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 946 947config CRYPTO_SERPENT 948 tristate "Serpent cipher algorithm" 949 select CRYPTO_ALGAPI 950 help 951 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 952 953 Keys are allowed to be from 0 to 256 bits in length, in steps 954 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 955 variant of Serpent for compatibility with old kerneli.org code. 956 957 See also: 958 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 959 960config CRYPTO_SERPENT_SSE2_X86_64 961 tristate "Serpent cipher algorithm (x86_64/SSE2)" 962 depends on X86 && 64BIT 963 select CRYPTO_ALGAPI 964 select CRYPTO_CRYPTD 965 select CRYPTO_ABLK_HELPER_X86 966 select CRYPTO_GLUE_HELPER_X86 967 select CRYPTO_SERPENT 968 select CRYPTO_LRW 969 select CRYPTO_XTS 970 help 971 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 972 973 Keys are allowed to be from 0 to 256 bits in length, in steps 974 of 8 bits. 975 976 This module provides Serpent cipher algorithm that processes eigth 977 blocks parallel using SSE2 instruction set. 978 979 See also: 980 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 981 982config CRYPTO_SERPENT_SSE2_586 983 tristate "Serpent cipher algorithm (i586/SSE2)" 984 depends on X86 && !64BIT 985 select CRYPTO_ALGAPI 986 select CRYPTO_CRYPTD 987 select CRYPTO_ABLK_HELPER_X86 988 select CRYPTO_GLUE_HELPER_X86 989 select CRYPTO_SERPENT 990 select CRYPTO_LRW 991 select CRYPTO_XTS 992 help 993 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 994 995 Keys are allowed to be from 0 to 256 bits in length, in steps 996 of 8 bits. 997 998 This module provides Serpent cipher algorithm that processes four 999 blocks parallel using SSE2 instruction set. 1000 1001 See also: 1002 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1003 1004config CRYPTO_SERPENT_AVX_X86_64 1005 tristate "Serpent cipher algorithm (x86_64/AVX)" 1006 depends on X86 && 64BIT 1007 select CRYPTO_ALGAPI 1008 select CRYPTO_CRYPTD 1009 select CRYPTO_ABLK_HELPER_X86 1010 select CRYPTO_GLUE_HELPER_X86 1011 select CRYPTO_SERPENT 1012 select CRYPTO_LRW 1013 select CRYPTO_XTS 1014 help 1015 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1016 1017 Keys are allowed to be from 0 to 256 bits in length, in steps 1018 of 8 bits. 1019 1020 This module provides the Serpent cipher algorithm that processes 1021 eight blocks parallel using the AVX instruction set. 1022 1023 See also: 1024 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1025 1026config CRYPTO_TEA 1027 tristate "TEA, XTEA and XETA cipher algorithms" 1028 select CRYPTO_ALGAPI 1029 help 1030 TEA cipher algorithm. 1031 1032 Tiny Encryption Algorithm is a simple cipher that uses 1033 many rounds for security. It is very fast and uses 1034 little memory. 1035 1036 Xtendend Tiny Encryption Algorithm is a modification to 1037 the TEA algorithm to address a potential key weakness 1038 in the TEA algorithm. 1039 1040 Xtendend Encryption Tiny Algorithm is a mis-implementation 1041 of the XTEA algorithm for compatibility purposes. 1042 1043config CRYPTO_TWOFISH 1044 tristate "Twofish cipher algorithm" 1045 select CRYPTO_ALGAPI 1046 select CRYPTO_TWOFISH_COMMON 1047 help 1048 Twofish cipher algorithm. 1049 1050 Twofish was submitted as an AES (Advanced Encryption Standard) 1051 candidate cipher by researchers at CounterPane Systems. It is a 1052 16 round block cipher supporting key sizes of 128, 192, and 256 1053 bits. 1054 1055 See also: 1056 <http://www.schneier.com/twofish.html> 1057 1058config CRYPTO_TWOFISH_COMMON 1059 tristate 1060 help 1061 Common parts of the Twofish cipher algorithm shared by the 1062 generic c and the assembler implementations. 1063 1064config CRYPTO_TWOFISH_586 1065 tristate "Twofish cipher algorithms (i586)" 1066 depends on (X86 || UML_X86) && !64BIT 1067 select CRYPTO_ALGAPI 1068 select CRYPTO_TWOFISH_COMMON 1069 help 1070 Twofish cipher algorithm. 1071 1072 Twofish was submitted as an AES (Advanced Encryption Standard) 1073 candidate cipher by researchers at CounterPane Systems. It is a 1074 16 round block cipher supporting key sizes of 128, 192, and 256 1075 bits. 1076 1077 See also: 1078 <http://www.schneier.com/twofish.html> 1079 1080config CRYPTO_TWOFISH_X86_64 1081 tristate "Twofish cipher algorithm (x86_64)" 1082 depends on (X86 || UML_X86) && 64BIT 1083 select CRYPTO_ALGAPI 1084 select CRYPTO_TWOFISH_COMMON 1085 help 1086 Twofish cipher algorithm (x86_64). 1087 1088 Twofish was submitted as an AES (Advanced Encryption Standard) 1089 candidate cipher by researchers at CounterPane Systems. It is a 1090 16 round block cipher supporting key sizes of 128, 192, and 256 1091 bits. 1092 1093 See also: 1094 <http://www.schneier.com/twofish.html> 1095 1096config CRYPTO_TWOFISH_X86_64_3WAY 1097 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1098 depends on X86 && 64BIT 1099 select CRYPTO_ALGAPI 1100 select CRYPTO_TWOFISH_COMMON 1101 select CRYPTO_TWOFISH_X86_64 1102 select CRYPTO_GLUE_HELPER_X86 1103 select CRYPTO_LRW 1104 select CRYPTO_XTS 1105 help 1106 Twofish cipher algorithm (x86_64, 3-way parallel). 1107 1108 Twofish was submitted as an AES (Advanced Encryption Standard) 1109 candidate cipher by researchers at CounterPane Systems. It is a 1110 16 round block cipher supporting key sizes of 128, 192, and 256 1111 bits. 1112 1113 This module provides Twofish cipher algorithm that processes three 1114 blocks parallel, utilizing resources of out-of-order CPUs better. 1115 1116 See also: 1117 <http://www.schneier.com/twofish.html> 1118 1119config CRYPTO_TWOFISH_AVX_X86_64 1120 tristate "Twofish cipher algorithm (x86_64/AVX)" 1121 depends on X86 && 64BIT 1122 select CRYPTO_ALGAPI 1123 select CRYPTO_CRYPTD 1124 select CRYPTO_ABLK_HELPER_X86 1125 select CRYPTO_GLUE_HELPER_X86 1126 select CRYPTO_TWOFISH_COMMON 1127 select CRYPTO_TWOFISH_X86_64 1128 select CRYPTO_TWOFISH_X86_64_3WAY 1129 select CRYPTO_LRW 1130 select CRYPTO_XTS 1131 help 1132 Twofish cipher algorithm (x86_64/AVX). 1133 1134 Twofish was submitted as an AES (Advanced Encryption Standard) 1135 candidate cipher by researchers at CounterPane Systems. It is a 1136 16 round block cipher supporting key sizes of 128, 192, and 256 1137 bits. 1138 1139 This module provides the Twofish cipher algorithm that processes 1140 eight blocks parallel using the AVX Instruction Set. 1141 1142 See also: 1143 <http://www.schneier.com/twofish.html> 1144 1145comment "Compression" 1146 1147config CRYPTO_DEFLATE 1148 tristate "Deflate compression algorithm" 1149 select CRYPTO_ALGAPI 1150 select ZLIB_INFLATE 1151 select ZLIB_DEFLATE 1152 help 1153 This is the Deflate algorithm (RFC1951), specified for use in 1154 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1155 1156 You will most probably want this if using IPSec. 1157 1158config CRYPTO_ZLIB 1159 tristate "Zlib compression algorithm" 1160 select CRYPTO_PCOMP 1161 select ZLIB_INFLATE 1162 select ZLIB_DEFLATE 1163 select NLATTR 1164 help 1165 This is the zlib algorithm. 1166 1167config CRYPTO_LZO 1168 tristate "LZO compression algorithm" 1169 select CRYPTO_ALGAPI 1170 select LZO_COMPRESS 1171 select LZO_DECOMPRESS 1172 help 1173 This is the LZO algorithm. 1174 1175config CRYPTO_842 1176 tristate "842 compression algorithm" 1177 depends on CRYPTO_DEV_NX_COMPRESS 1178 # 842 uses lzo if the hardware becomes unavailable 1179 select LZO_COMPRESS 1180 select LZO_DECOMPRESS 1181 help 1182 This is the 842 algorithm. 1183 1184comment "Random Number Generation" 1185 1186config CRYPTO_ANSI_CPRNG 1187 tristate "Pseudo Random Number Generation for Cryptographic modules" 1188 default m 1189 select CRYPTO_AES 1190 select CRYPTO_RNG 1191 help 1192 This option enables the generic pseudo random number generator 1193 for cryptographic modules. Uses the Algorithm specified in 1194 ANSI X9.31 A.2.4. Note that this option must be enabled if 1195 CRYPTO_FIPS is selected 1196 1197config CRYPTO_USER_API 1198 tristate 1199 1200config CRYPTO_USER_API_HASH 1201 tristate "User-space interface for hash algorithms" 1202 depends on NET 1203 select CRYPTO_HASH 1204 select CRYPTO_USER_API 1205 help 1206 This option enables the user-spaces interface for hash 1207 algorithms. 1208 1209config CRYPTO_USER_API_SKCIPHER 1210 tristate "User-space interface for symmetric key cipher algorithms" 1211 depends on NET 1212 select CRYPTO_BLKCIPHER 1213 select CRYPTO_USER_API 1214 help 1215 This option enables the user-spaces interface for symmetric 1216 key cipher algorithms. 1217 1218source "drivers/crypto/Kconfig" 1219source crypto/asymmetric_keys/Kconfig 1220 1221endif # if CRYPTO 1222