xref: /linux/crypto/Kconfig (revision 419090c6c6862abb54b7c77efc3c00ed35909d73)
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	depends on (CRYPTO_ANSI_CPRNG || CRYTPO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
27	help
28	  This options enables the fips boot option which is
29	  required if you want to system to operate in a FIPS 200
30	  certification.  You should say no unless you know what
31	  this is.
32
33config CRYPTO_ALGAPI
34	tristate
35	select CRYPTO_ALGAPI2
36	help
37	  This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40	tristate
41
42config CRYPTO_AEAD
43	tristate
44	select CRYPTO_AEAD2
45	select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48	tristate
49	select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52	tristate
53	select CRYPTO_BLKCIPHER2
54	select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57	tristate
58	select CRYPTO_ALGAPI2
59	select CRYPTO_RNG2
60	select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63	tristate
64	select CRYPTO_HASH2
65	select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68	tristate
69	select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72	tristate
73	select CRYPTO_RNG2
74	select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77	tristate
78	select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81	tristate
82	select CRYPTO_PCOMP2
83	select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86	tristate
87	select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90	tristate "Cryptographic algorithm manager"
91	select CRYPTO_MANAGER2
92	help
93	  Create default cryptographic template instantiations such as
94	  cbc(aes).
95
96config CRYPTO_MANAGER2
97	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98	select CRYPTO_AEAD2
99	select CRYPTO_HASH2
100	select CRYPTO_BLKCIPHER2
101	select CRYPTO_PCOMP2
102
103config CRYPTO_USER
104	tristate "Userspace cryptographic algorithm configuration"
105	depends on NET
106	select CRYPTO_MANAGER
107	help
108	  Userspace configuration for cryptographic instantiations such as
109	  cbc(aes).
110
111config CRYPTO_MANAGER_DISABLE_TESTS
112	bool "Disable run-time self tests"
113	default y
114	depends on CRYPTO_MANAGER2
115	help
116	  Disable run-time self tests that normally take place at
117	  algorithm registration.
118
119config CRYPTO_GF128MUL
120	tristate "GF(2^128) multiplication functions"
121	help
122	  Efficient table driven implementation of multiplications in the
123	  field GF(2^128).  This is needed by some cypher modes. This
124	  option will be selected automatically if you select such a
125	  cipher mode.  Only select this option by hand if you expect to load
126	  an external module that requires these functions.
127
128config CRYPTO_NULL
129	tristate "Null algorithms"
130	select CRYPTO_ALGAPI
131	select CRYPTO_BLKCIPHER
132	select CRYPTO_HASH
133	help
134	  These are 'Null' algorithms, used by IPsec, which do nothing.
135
136config CRYPTO_PCRYPT
137	tristate "Parallel crypto engine"
138	depends on SMP
139	select PADATA
140	select CRYPTO_MANAGER
141	select CRYPTO_AEAD
142	help
143	  This converts an arbitrary crypto algorithm into a parallel
144	  algorithm that executes in kernel threads.
145
146config CRYPTO_WORKQUEUE
147       tristate
148
149config CRYPTO_CRYPTD
150	tristate "Software async crypto daemon"
151	select CRYPTO_BLKCIPHER
152	select CRYPTO_HASH
153	select CRYPTO_MANAGER
154	select CRYPTO_WORKQUEUE
155	help
156	  This is a generic software asynchronous crypto daemon that
157	  converts an arbitrary synchronous software crypto algorithm
158	  into an asynchronous algorithm that executes in a kernel thread.
159
160config CRYPTO_AUTHENC
161	tristate "Authenc support"
162	select CRYPTO_AEAD
163	select CRYPTO_BLKCIPHER
164	select CRYPTO_MANAGER
165	select CRYPTO_HASH
166	help
167	  Authenc: Combined mode wrapper for IPsec.
168	  This is required for IPSec.
169
170config CRYPTO_TEST
171	tristate "Testing module"
172	depends on m
173	select CRYPTO_MANAGER
174	help
175	  Quick & dirty crypto test module.
176
177config CRYPTO_ABLK_HELPER
178	tristate
179	select CRYPTO_CRYPTD
180
181config CRYPTO_GLUE_HELPER_X86
182	tristate
183	depends on X86
184	select CRYPTO_ALGAPI
185
186comment "Authenticated Encryption with Associated Data"
187
188config CRYPTO_CCM
189	tristate "CCM support"
190	select CRYPTO_CTR
191	select CRYPTO_AEAD
192	help
193	  Support for Counter with CBC MAC. Required for IPsec.
194
195config CRYPTO_GCM
196	tristate "GCM/GMAC support"
197	select CRYPTO_CTR
198	select CRYPTO_AEAD
199	select CRYPTO_GHASH
200	select CRYPTO_NULL
201	help
202	  Support for Galois/Counter Mode (GCM) and Galois Message
203	  Authentication Code (GMAC). Required for IPSec.
204
205config CRYPTO_SEQIV
206	tristate "Sequence Number IV Generator"
207	select CRYPTO_AEAD
208	select CRYPTO_BLKCIPHER
209	select CRYPTO_RNG
210	help
211	  This IV generator generates an IV based on a sequence number by
212	  xoring it with a salt.  This algorithm is mainly useful for CTR
213
214comment "Block modes"
215
216config CRYPTO_CBC
217	tristate "CBC support"
218	select CRYPTO_BLKCIPHER
219	select CRYPTO_MANAGER
220	help
221	  CBC: Cipher Block Chaining mode
222	  This block cipher algorithm is required for IPSec.
223
224config CRYPTO_CTR
225	tristate "CTR support"
226	select CRYPTO_BLKCIPHER
227	select CRYPTO_SEQIV
228	select CRYPTO_MANAGER
229	help
230	  CTR: Counter mode
231	  This block cipher algorithm is required for IPSec.
232
233config CRYPTO_CTS
234	tristate "CTS support"
235	select CRYPTO_BLKCIPHER
236	help
237	  CTS: Cipher Text Stealing
238	  This is the Cipher Text Stealing mode as described by
239	  Section 8 of rfc2040 and referenced by rfc3962.
240	  (rfc3962 includes errata information in its Appendix A)
241	  This mode is required for Kerberos gss mechanism support
242	  for AES encryption.
243
244config CRYPTO_ECB
245	tristate "ECB support"
246	select CRYPTO_BLKCIPHER
247	select CRYPTO_MANAGER
248	help
249	  ECB: Electronic CodeBook mode
250	  This is the simplest block cipher algorithm.  It simply encrypts
251	  the input block by block.
252
253config CRYPTO_LRW
254	tristate "LRW support"
255	select CRYPTO_BLKCIPHER
256	select CRYPTO_MANAGER
257	select CRYPTO_GF128MUL
258	help
259	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
260	  narrow block cipher mode for dm-crypt.  Use it with cipher
261	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
262	  The first 128, 192 or 256 bits in the key are used for AES and the
263	  rest is used to tie each cipher block to its logical position.
264
265config CRYPTO_PCBC
266	tristate "PCBC support"
267	select CRYPTO_BLKCIPHER
268	select CRYPTO_MANAGER
269	help
270	  PCBC: Propagating Cipher Block Chaining mode
271	  This block cipher algorithm is required for RxRPC.
272
273config CRYPTO_XTS
274	tristate "XTS support"
275	select CRYPTO_BLKCIPHER
276	select CRYPTO_MANAGER
277	select CRYPTO_GF128MUL
278	help
279	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
280	  key size 256, 384 or 512 bits. This implementation currently
281	  can't handle a sectorsize which is not a multiple of 16 bytes.
282
283comment "Hash modes"
284
285config CRYPTO_CMAC
286	tristate "CMAC support"
287	select CRYPTO_HASH
288	select CRYPTO_MANAGER
289	help
290	  Cipher-based Message Authentication Code (CMAC) specified by
291	  The National Institute of Standards and Technology (NIST).
292
293	  https://tools.ietf.org/html/rfc4493
294	  http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
295
296config CRYPTO_HMAC
297	tristate "HMAC support"
298	select CRYPTO_HASH
299	select CRYPTO_MANAGER
300	help
301	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
302	  This is required for IPSec.
303
304config CRYPTO_XCBC
305	tristate "XCBC support"
306	select CRYPTO_HASH
307	select CRYPTO_MANAGER
308	help
309	  XCBC: Keyed-Hashing with encryption algorithm
310		http://www.ietf.org/rfc/rfc3566.txt
311		http://csrc.nist.gov/encryption/modes/proposedmodes/
312		 xcbc-mac/xcbc-mac-spec.pdf
313
314config CRYPTO_VMAC
315	tristate "VMAC support"
316	select CRYPTO_HASH
317	select CRYPTO_MANAGER
318	help
319	  VMAC is a message authentication algorithm designed for
320	  very high speed on 64-bit architectures.
321
322	  See also:
323	  <http://fastcrypto.org/vmac>
324
325comment "Digest"
326
327config CRYPTO_CRC32C
328	tristate "CRC32c CRC algorithm"
329	select CRYPTO_HASH
330	select CRC32
331	help
332	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
333	  by iSCSI for header and data digests and by others.
334	  See Castagnoli93.  Module will be crc32c.
335
336config CRYPTO_CRC32C_INTEL
337	tristate "CRC32c INTEL hardware acceleration"
338	depends on X86
339	select CRYPTO_HASH
340	help
341	  In Intel processor with SSE4.2 supported, the processor will
342	  support CRC32C implementation using hardware accelerated CRC32
343	  instruction. This option will create 'crc32c-intel' module,
344	  which will enable any routine to use the CRC32 instruction to
345	  gain performance compared with software implementation.
346	  Module will be crc32c-intel.
347
348config CRYPTO_CRC32C_SPARC64
349	tristate "CRC32c CRC algorithm (SPARC64)"
350	depends on SPARC64
351	select CRYPTO_HASH
352	select CRC32
353	help
354	  CRC32c CRC algorithm implemented using sparc64 crypto instructions,
355	  when available.
356
357config CRYPTO_CRC32
358	tristate "CRC32 CRC algorithm"
359	select CRYPTO_HASH
360	select CRC32
361	help
362	  CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
363	  Shash crypto api wrappers to crc32_le function.
364
365config CRYPTO_CRC32_PCLMUL
366	tristate "CRC32 PCLMULQDQ hardware acceleration"
367	depends on X86
368	select CRYPTO_HASH
369	select CRC32
370	help
371	  From Intel Westmere and AMD Bulldozer processor with SSE4.2
372	  and PCLMULQDQ supported, the processor will support
373	  CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
374	  instruction. This option will create 'crc32-plcmul' module,
375	  which will enable any routine to use the CRC-32-IEEE 802.3 checksum
376	  and gain better performance as compared with the table implementation.
377
378config CRYPTO_CRCT10DIF
379	tristate "CRCT10DIF algorithm"
380	select CRYPTO_HASH
381	help
382	  CRC T10 Data Integrity Field computation is being cast as
383	  a crypto transform.  This allows for faster crc t10 diff
384	  transforms to be used if they are available.
385
386config CRYPTO_CRCT10DIF_PCLMUL
387	tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
388	depends on X86 && 64BIT && CRC_T10DIF
389	select CRYPTO_HASH
390	help
391	  For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
392	  CRC T10 DIF PCLMULQDQ computation can be hardware
393	  accelerated PCLMULQDQ instruction. This option will create
394	  'crct10dif-plcmul' module, which is faster when computing the
395	  crct10dif checksum as compared with the generic table implementation.
396
397config CRYPTO_GHASH
398	tristate "GHASH digest algorithm"
399	select CRYPTO_GF128MUL
400	help
401	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
402
403config CRYPTO_MD4
404	tristate "MD4 digest algorithm"
405	select CRYPTO_HASH
406	help
407	  MD4 message digest algorithm (RFC1320).
408
409config CRYPTO_MD5
410	tristate "MD5 digest algorithm"
411	select CRYPTO_HASH
412	help
413	  MD5 message digest algorithm (RFC1321).
414
415config CRYPTO_MD5_SPARC64
416	tristate "MD5 digest algorithm (SPARC64)"
417	depends on SPARC64
418	select CRYPTO_MD5
419	select CRYPTO_HASH
420	help
421	  MD5 message digest algorithm (RFC1321) implemented
422	  using sparc64 crypto instructions, when available.
423
424config CRYPTO_MICHAEL_MIC
425	tristate "Michael MIC keyed digest algorithm"
426	select CRYPTO_HASH
427	help
428	  Michael MIC is used for message integrity protection in TKIP
429	  (IEEE 802.11i). This algorithm is required for TKIP, but it
430	  should not be used for other purposes because of the weakness
431	  of the algorithm.
432
433config CRYPTO_RMD128
434	tristate "RIPEMD-128 digest algorithm"
435	select CRYPTO_HASH
436	help
437	  RIPEMD-128 (ISO/IEC 10118-3:2004).
438
439	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
440	  be used as a secure replacement for RIPEMD. For other use cases,
441	  RIPEMD-160 should be used.
442
443	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
444	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
445
446config CRYPTO_RMD160
447	tristate "RIPEMD-160 digest algorithm"
448	select CRYPTO_HASH
449	help
450	  RIPEMD-160 (ISO/IEC 10118-3:2004).
451
452	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
453	  to be used as a secure replacement for the 128-bit hash functions
454	  MD4, MD5 and it's predecessor RIPEMD
455	  (not to be confused with RIPEMD-128).
456
457	  It's speed is comparable to SHA1 and there are no known attacks
458	  against RIPEMD-160.
459
460	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
461	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
462
463config CRYPTO_RMD256
464	tristate "RIPEMD-256 digest algorithm"
465	select CRYPTO_HASH
466	help
467	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
468	  256 bit hash. It is intended for applications that require
469	  longer hash-results, without needing a larger security level
470	  (than RIPEMD-128).
471
472	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
473	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
474
475config CRYPTO_RMD320
476	tristate "RIPEMD-320 digest algorithm"
477	select CRYPTO_HASH
478	help
479	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
480	  320 bit hash. It is intended for applications that require
481	  longer hash-results, without needing a larger security level
482	  (than RIPEMD-160).
483
484	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
485	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
486
487config CRYPTO_SHA1
488	tristate "SHA1 digest algorithm"
489	select CRYPTO_HASH
490	help
491	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
492
493config CRYPTO_SHA1_SSSE3
494	tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)"
495	depends on X86 && 64BIT
496	select CRYPTO_SHA1
497	select CRYPTO_HASH
498	help
499	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
500	  using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
501	  Extensions (AVX/AVX2), when available.
502
503config CRYPTO_SHA256_SSSE3
504	tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)"
505	depends on X86 && 64BIT
506	select CRYPTO_SHA256
507	select CRYPTO_HASH
508	help
509	  SHA-256 secure hash standard (DFIPS 180-2) implemented
510	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
511	  Extensions version 1 (AVX1), or Advanced Vector Extensions
512	  version 2 (AVX2) instructions, when available.
513
514config CRYPTO_SHA512_SSSE3
515	tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
516	depends on X86 && 64BIT
517	select CRYPTO_SHA512
518	select CRYPTO_HASH
519	help
520	  SHA-512 secure hash standard (DFIPS 180-2) implemented
521	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
522	  Extensions version 1 (AVX1), or Advanced Vector Extensions
523	  version 2 (AVX2) instructions, when available.
524
525config CRYPTO_SHA1_SPARC64
526	tristate "SHA1 digest algorithm (SPARC64)"
527	depends on SPARC64
528	select CRYPTO_SHA1
529	select CRYPTO_HASH
530	help
531	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
532	  using sparc64 crypto instructions, when available.
533
534config CRYPTO_SHA1_ARM
535	tristate "SHA1 digest algorithm (ARM-asm)"
536	depends on ARM
537	select CRYPTO_SHA1
538	select CRYPTO_HASH
539	help
540	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
541	  using optimized ARM assembler.
542
543config CRYPTO_SHA1_PPC
544	tristate "SHA1 digest algorithm (powerpc)"
545	depends on PPC
546	help
547	  This is the powerpc hardware accelerated implementation of the
548	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
549
550config CRYPTO_SHA256
551	tristate "SHA224 and SHA256 digest algorithm"
552	select CRYPTO_HASH
553	help
554	  SHA256 secure hash standard (DFIPS 180-2).
555
556	  This version of SHA implements a 256 bit hash with 128 bits of
557	  security against collision attacks.
558
559	  This code also includes SHA-224, a 224 bit hash with 112 bits
560	  of security against collision attacks.
561
562config CRYPTO_SHA256_SPARC64
563	tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
564	depends on SPARC64
565	select CRYPTO_SHA256
566	select CRYPTO_HASH
567	help
568	  SHA-256 secure hash standard (DFIPS 180-2) implemented
569	  using sparc64 crypto instructions, when available.
570
571config CRYPTO_SHA512
572	tristate "SHA384 and SHA512 digest algorithms"
573	select CRYPTO_HASH
574	help
575	  SHA512 secure hash standard (DFIPS 180-2).
576
577	  This version of SHA implements a 512 bit hash with 256 bits of
578	  security against collision attacks.
579
580	  This code also includes SHA-384, a 384 bit hash with 192 bits
581	  of security against collision attacks.
582
583config CRYPTO_SHA512_SPARC64
584	tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
585	depends on SPARC64
586	select CRYPTO_SHA512
587	select CRYPTO_HASH
588	help
589	  SHA-512 secure hash standard (DFIPS 180-2) implemented
590	  using sparc64 crypto instructions, when available.
591
592config CRYPTO_TGR192
593	tristate "Tiger digest algorithms"
594	select CRYPTO_HASH
595	help
596	  Tiger hash algorithm 192, 160 and 128-bit hashes
597
598	  Tiger is a hash function optimized for 64-bit processors while
599	  still having decent performance on 32-bit processors.
600	  Tiger was developed by Ross Anderson and Eli Biham.
601
602	  See also:
603	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
604
605config CRYPTO_WP512
606	tristate "Whirlpool digest algorithms"
607	select CRYPTO_HASH
608	help
609	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
610
611	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
612	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
613
614	  See also:
615	  <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
616
617config CRYPTO_GHASH_CLMUL_NI_INTEL
618	tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
619	depends on X86 && 64BIT
620	select CRYPTO_CRYPTD
621	help
622	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
623	  The implementation is accelerated by CLMUL-NI of Intel.
624
625comment "Ciphers"
626
627config CRYPTO_AES
628	tristate "AES cipher algorithms"
629	select CRYPTO_ALGAPI
630	help
631	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
632	  algorithm.
633
634	  Rijndael appears to be consistently a very good performer in
635	  both hardware and software across a wide range of computing
636	  environments regardless of its use in feedback or non-feedback
637	  modes. Its key setup time is excellent, and its key agility is
638	  good. Rijndael's very low memory requirements make it very well
639	  suited for restricted-space environments, in which it also
640	  demonstrates excellent performance. Rijndael's operations are
641	  among the easiest to defend against power and timing attacks.
642
643	  The AES specifies three key sizes: 128, 192 and 256 bits
644
645	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
646
647config CRYPTO_AES_586
648	tristate "AES cipher algorithms (i586)"
649	depends on (X86 || UML_X86) && !64BIT
650	select CRYPTO_ALGAPI
651	select CRYPTO_AES
652	help
653	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
654	  algorithm.
655
656	  Rijndael appears to be consistently a very good performer in
657	  both hardware and software across a wide range of computing
658	  environments regardless of its use in feedback or non-feedback
659	  modes. Its key setup time is excellent, and its key agility is
660	  good. Rijndael's very low memory requirements make it very well
661	  suited for restricted-space environments, in which it also
662	  demonstrates excellent performance. Rijndael's operations are
663	  among the easiest to defend against power and timing attacks.
664
665	  The AES specifies three key sizes: 128, 192 and 256 bits
666
667	  See <http://csrc.nist.gov/encryption/aes/> for more information.
668
669config CRYPTO_AES_X86_64
670	tristate "AES cipher algorithms (x86_64)"
671	depends on (X86 || UML_X86) && 64BIT
672	select CRYPTO_ALGAPI
673	select CRYPTO_AES
674	help
675	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
676	  algorithm.
677
678	  Rijndael appears to be consistently a very good performer in
679	  both hardware and software across a wide range of computing
680	  environments regardless of its use in feedback or non-feedback
681	  modes. Its key setup time is excellent, and its key agility is
682	  good. Rijndael's very low memory requirements make it very well
683	  suited for restricted-space environments, in which it also
684	  demonstrates excellent performance. Rijndael's operations are
685	  among the easiest to defend against power and timing attacks.
686
687	  The AES specifies three key sizes: 128, 192 and 256 bits
688
689	  See <http://csrc.nist.gov/encryption/aes/> for more information.
690
691config CRYPTO_AES_NI_INTEL
692	tristate "AES cipher algorithms (AES-NI)"
693	depends on X86
694	select CRYPTO_AES_X86_64 if 64BIT
695	select CRYPTO_AES_586 if !64BIT
696	select CRYPTO_CRYPTD
697	select CRYPTO_ABLK_HELPER
698	select CRYPTO_ALGAPI
699	select CRYPTO_GLUE_HELPER_X86 if 64BIT
700	select CRYPTO_LRW
701	select CRYPTO_XTS
702	help
703	  Use Intel AES-NI instructions for AES algorithm.
704
705	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
706	  algorithm.
707
708	  Rijndael appears to be consistently a very good performer in
709	  both hardware and software across a wide range of computing
710	  environments regardless of its use in feedback or non-feedback
711	  modes. Its key setup time is excellent, and its key agility is
712	  good. Rijndael's very low memory requirements make it very well
713	  suited for restricted-space environments, in which it also
714	  demonstrates excellent performance. Rijndael's operations are
715	  among the easiest to defend against power and timing attacks.
716
717	  The AES specifies three key sizes: 128, 192 and 256 bits
718
719	  See <http://csrc.nist.gov/encryption/aes/> for more information.
720
721	  In addition to AES cipher algorithm support, the acceleration
722	  for some popular block cipher mode is supported too, including
723	  ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
724	  acceleration for CTR.
725
726config CRYPTO_AES_SPARC64
727	tristate "AES cipher algorithms (SPARC64)"
728	depends on SPARC64
729	select CRYPTO_CRYPTD
730	select CRYPTO_ALGAPI
731	help
732	  Use SPARC64 crypto opcodes for AES algorithm.
733
734	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
735	  algorithm.
736
737	  Rijndael appears to be consistently a very good performer in
738	  both hardware and software across a wide range of computing
739	  environments regardless of its use in feedback or non-feedback
740	  modes. Its key setup time is excellent, and its key agility is
741	  good. Rijndael's very low memory requirements make it very well
742	  suited for restricted-space environments, in which it also
743	  demonstrates excellent performance. Rijndael's operations are
744	  among the easiest to defend against power and timing attacks.
745
746	  The AES specifies three key sizes: 128, 192 and 256 bits
747
748	  See <http://csrc.nist.gov/encryption/aes/> for more information.
749
750	  In addition to AES cipher algorithm support, the acceleration
751	  for some popular block cipher mode is supported too, including
752	  ECB and CBC.
753
754config CRYPTO_AES_ARM
755	tristate "AES cipher algorithms (ARM-asm)"
756	depends on ARM
757	select CRYPTO_ALGAPI
758	select CRYPTO_AES
759	help
760	  Use optimized AES assembler routines for ARM platforms.
761
762	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
763	  algorithm.
764
765	  Rijndael appears to be consistently a very good performer in
766	  both hardware and software across a wide range of computing
767	  environments regardless of its use in feedback or non-feedback
768	  modes. Its key setup time is excellent, and its key agility is
769	  good. Rijndael's very low memory requirements make it very well
770	  suited for restricted-space environments, in which it also
771	  demonstrates excellent performance. Rijndael's operations are
772	  among the easiest to defend against power and timing attacks.
773
774	  The AES specifies three key sizes: 128, 192 and 256 bits
775
776	  See <http://csrc.nist.gov/encryption/aes/> for more information.
777
778config CRYPTO_AES_ARM_BS
779	tristate "Bit sliced AES using NEON instructions"
780	depends on ARM && KERNEL_MODE_NEON
781	select CRYPTO_ALGAPI
782	select CRYPTO_AES_ARM
783	select CRYPTO_ABLK_HELPER
784	help
785	  Use a faster and more secure NEON based implementation of AES in CBC,
786	  CTR and XTS modes
787
788	  Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
789	  and for XTS mode encryption, CBC and XTS mode decryption speedup is
790	  around 25%. (CBC encryption speed is not affected by this driver.)
791	  This implementation does not rely on any lookup tables so it is
792	  believed to be invulnerable to cache timing attacks.
793
794config CRYPTO_ANUBIS
795	tristate "Anubis cipher algorithm"
796	select CRYPTO_ALGAPI
797	help
798	  Anubis cipher algorithm.
799
800	  Anubis is a variable key length cipher which can use keys from
801	  128 bits to 320 bits in length.  It was evaluated as a entrant
802	  in the NESSIE competition.
803
804	  See also:
805	  <https://www.cosic.esat.kuleuven.be/nessie/reports/>
806	  <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
807
808config CRYPTO_ARC4
809	tristate "ARC4 cipher algorithm"
810	select CRYPTO_BLKCIPHER
811	help
812	  ARC4 cipher algorithm.
813
814	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
815	  bits in length.  This algorithm is required for driver-based
816	  WEP, but it should not be for other purposes because of the
817	  weakness of the algorithm.
818
819config CRYPTO_BLOWFISH
820	tristate "Blowfish cipher algorithm"
821	select CRYPTO_ALGAPI
822	select CRYPTO_BLOWFISH_COMMON
823	help
824	  Blowfish cipher algorithm, by Bruce Schneier.
825
826	  This is a variable key length cipher which can use keys from 32
827	  bits to 448 bits in length.  It's fast, simple and specifically
828	  designed for use on "large microprocessors".
829
830	  See also:
831	  <http://www.schneier.com/blowfish.html>
832
833config CRYPTO_BLOWFISH_COMMON
834	tristate
835	help
836	  Common parts of the Blowfish cipher algorithm shared by the
837	  generic c and the assembler implementations.
838
839	  See also:
840	  <http://www.schneier.com/blowfish.html>
841
842config CRYPTO_BLOWFISH_X86_64
843	tristate "Blowfish cipher algorithm (x86_64)"
844	depends on X86 && 64BIT
845	select CRYPTO_ALGAPI
846	select CRYPTO_BLOWFISH_COMMON
847	help
848	  Blowfish cipher algorithm (x86_64), by Bruce Schneier.
849
850	  This is a variable key length cipher which can use keys from 32
851	  bits to 448 bits in length.  It's fast, simple and specifically
852	  designed for use on "large microprocessors".
853
854	  See also:
855	  <http://www.schneier.com/blowfish.html>
856
857config CRYPTO_CAMELLIA
858	tristate "Camellia cipher algorithms"
859	depends on CRYPTO
860	select CRYPTO_ALGAPI
861	help
862	  Camellia cipher algorithms module.
863
864	  Camellia is a symmetric key block cipher developed jointly
865	  at NTT and Mitsubishi Electric Corporation.
866
867	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
868
869	  See also:
870	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
871
872config CRYPTO_CAMELLIA_X86_64
873	tristate "Camellia cipher algorithm (x86_64)"
874	depends on X86 && 64BIT
875	depends on CRYPTO
876	select CRYPTO_ALGAPI
877	select CRYPTO_GLUE_HELPER_X86
878	select CRYPTO_LRW
879	select CRYPTO_XTS
880	help
881	  Camellia cipher algorithm module (x86_64).
882
883	  Camellia is a symmetric key block cipher developed jointly
884	  at NTT and Mitsubishi Electric Corporation.
885
886	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
887
888	  See also:
889	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
890
891config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
892	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
893	depends on X86 && 64BIT
894	depends on CRYPTO
895	select CRYPTO_ALGAPI
896	select CRYPTO_CRYPTD
897	select CRYPTO_ABLK_HELPER
898	select CRYPTO_GLUE_HELPER_X86
899	select CRYPTO_CAMELLIA_X86_64
900	select CRYPTO_LRW
901	select CRYPTO_XTS
902	help
903	  Camellia cipher algorithm module (x86_64/AES-NI/AVX).
904
905	  Camellia is a symmetric key block cipher developed jointly
906	  at NTT and Mitsubishi Electric Corporation.
907
908	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
909
910	  See also:
911	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
912
913config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
914	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
915	depends on X86 && 64BIT
916	depends on CRYPTO
917	select CRYPTO_ALGAPI
918	select CRYPTO_CRYPTD
919	select CRYPTO_ABLK_HELPER
920	select CRYPTO_GLUE_HELPER_X86
921	select CRYPTO_CAMELLIA_X86_64
922	select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
923	select CRYPTO_LRW
924	select CRYPTO_XTS
925	help
926	  Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
927
928	  Camellia is a symmetric key block cipher developed jointly
929	  at NTT and Mitsubishi Electric Corporation.
930
931	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
932
933	  See also:
934	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
935
936config CRYPTO_CAMELLIA_SPARC64
937	tristate "Camellia cipher algorithm (SPARC64)"
938	depends on SPARC64
939	depends on CRYPTO
940	select CRYPTO_ALGAPI
941	help
942	  Camellia cipher algorithm module (SPARC64).
943
944	  Camellia is a symmetric key block cipher developed jointly
945	  at NTT and Mitsubishi Electric Corporation.
946
947	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
948
949	  See also:
950	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
951
952config CRYPTO_CAST_COMMON
953	tristate
954	help
955	  Common parts of the CAST cipher algorithms shared by the
956	  generic c and the assembler implementations.
957
958config CRYPTO_CAST5
959	tristate "CAST5 (CAST-128) cipher algorithm"
960	select CRYPTO_ALGAPI
961	select CRYPTO_CAST_COMMON
962	help
963	  The CAST5 encryption algorithm (synonymous with CAST-128) is
964	  described in RFC2144.
965
966config CRYPTO_CAST5_AVX_X86_64
967	tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
968	depends on X86 && 64BIT
969	select CRYPTO_ALGAPI
970	select CRYPTO_CRYPTD
971	select CRYPTO_ABLK_HELPER
972	select CRYPTO_CAST_COMMON
973	select CRYPTO_CAST5
974	help
975	  The CAST5 encryption algorithm (synonymous with CAST-128) is
976	  described in RFC2144.
977
978	  This module provides the Cast5 cipher algorithm that processes
979	  sixteen blocks parallel using the AVX instruction set.
980
981config CRYPTO_CAST6
982	tristate "CAST6 (CAST-256) cipher algorithm"
983	select CRYPTO_ALGAPI
984	select CRYPTO_CAST_COMMON
985	help
986	  The CAST6 encryption algorithm (synonymous with CAST-256) is
987	  described in RFC2612.
988
989config CRYPTO_CAST6_AVX_X86_64
990	tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
991	depends on X86 && 64BIT
992	select CRYPTO_ALGAPI
993	select CRYPTO_CRYPTD
994	select CRYPTO_ABLK_HELPER
995	select CRYPTO_GLUE_HELPER_X86
996	select CRYPTO_CAST_COMMON
997	select CRYPTO_CAST6
998	select CRYPTO_LRW
999	select CRYPTO_XTS
1000	help
1001	  The CAST6 encryption algorithm (synonymous with CAST-256) is
1002	  described in RFC2612.
1003
1004	  This module provides the Cast6 cipher algorithm that processes
1005	  eight blocks parallel using the AVX instruction set.
1006
1007config CRYPTO_DES
1008	tristate "DES and Triple DES EDE cipher algorithms"
1009	select CRYPTO_ALGAPI
1010	help
1011	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1012
1013config CRYPTO_DES_SPARC64
1014	tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
1015	depends on SPARC64
1016	select CRYPTO_ALGAPI
1017	select CRYPTO_DES
1018	help
1019	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1020	  optimized using SPARC64 crypto opcodes.
1021
1022config CRYPTO_FCRYPT
1023	tristate "FCrypt cipher algorithm"
1024	select CRYPTO_ALGAPI
1025	select CRYPTO_BLKCIPHER
1026	help
1027	  FCrypt algorithm used by RxRPC.
1028
1029config CRYPTO_KHAZAD
1030	tristate "Khazad cipher algorithm"
1031	select CRYPTO_ALGAPI
1032	help
1033	  Khazad cipher algorithm.
1034
1035	  Khazad was a finalist in the initial NESSIE competition.  It is
1036	  an algorithm optimized for 64-bit processors with good performance
1037	  on 32-bit processors.  Khazad uses an 128 bit key size.
1038
1039	  See also:
1040	  <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1041
1042config CRYPTO_SALSA20
1043	tristate "Salsa20 stream cipher algorithm"
1044	select CRYPTO_BLKCIPHER
1045	help
1046	  Salsa20 stream cipher algorithm.
1047
1048	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1049	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1050
1051	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1052	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1053
1054config CRYPTO_SALSA20_586
1055	tristate "Salsa20 stream cipher algorithm (i586)"
1056	depends on (X86 || UML_X86) && !64BIT
1057	select CRYPTO_BLKCIPHER
1058	help
1059	  Salsa20 stream cipher algorithm.
1060
1061	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1062	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1063
1064	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1065	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1066
1067config CRYPTO_SALSA20_X86_64
1068	tristate "Salsa20 stream cipher algorithm (x86_64)"
1069	depends on (X86 || UML_X86) && 64BIT
1070	select CRYPTO_BLKCIPHER
1071	help
1072	  Salsa20 stream cipher algorithm.
1073
1074	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1075	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1076
1077	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1078	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1079
1080config CRYPTO_SEED
1081	tristate "SEED cipher algorithm"
1082	select CRYPTO_ALGAPI
1083	help
1084	  SEED cipher algorithm (RFC4269).
1085
1086	  SEED is a 128-bit symmetric key block cipher that has been
1087	  developed by KISA (Korea Information Security Agency) as a
1088	  national standard encryption algorithm of the Republic of Korea.
1089	  It is a 16 round block cipher with the key size of 128 bit.
1090
1091	  See also:
1092	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1093
1094config CRYPTO_SERPENT
1095	tristate "Serpent cipher algorithm"
1096	select CRYPTO_ALGAPI
1097	help
1098	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1099
1100	  Keys are allowed to be from 0 to 256 bits in length, in steps
1101	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
1102	  variant of Serpent for compatibility with old kerneli.org code.
1103
1104	  See also:
1105	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1106
1107config CRYPTO_SERPENT_SSE2_X86_64
1108	tristate "Serpent cipher algorithm (x86_64/SSE2)"
1109	depends on X86 && 64BIT
1110	select CRYPTO_ALGAPI
1111	select CRYPTO_CRYPTD
1112	select CRYPTO_ABLK_HELPER
1113	select CRYPTO_GLUE_HELPER_X86
1114	select CRYPTO_SERPENT
1115	select CRYPTO_LRW
1116	select CRYPTO_XTS
1117	help
1118	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1119
1120	  Keys are allowed to be from 0 to 256 bits in length, in steps
1121	  of 8 bits.
1122
1123	  This module provides Serpent cipher algorithm that processes eigth
1124	  blocks parallel using SSE2 instruction set.
1125
1126	  See also:
1127	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1128
1129config CRYPTO_SERPENT_SSE2_586
1130	tristate "Serpent cipher algorithm (i586/SSE2)"
1131	depends on X86 && !64BIT
1132	select CRYPTO_ALGAPI
1133	select CRYPTO_CRYPTD
1134	select CRYPTO_ABLK_HELPER
1135	select CRYPTO_GLUE_HELPER_X86
1136	select CRYPTO_SERPENT
1137	select CRYPTO_LRW
1138	select CRYPTO_XTS
1139	help
1140	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1141
1142	  Keys are allowed to be from 0 to 256 bits in length, in steps
1143	  of 8 bits.
1144
1145	  This module provides Serpent cipher algorithm that processes four
1146	  blocks parallel using SSE2 instruction set.
1147
1148	  See also:
1149	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1150
1151config CRYPTO_SERPENT_AVX_X86_64
1152	tristate "Serpent cipher algorithm (x86_64/AVX)"
1153	depends on X86 && 64BIT
1154	select CRYPTO_ALGAPI
1155	select CRYPTO_CRYPTD
1156	select CRYPTO_ABLK_HELPER
1157	select CRYPTO_GLUE_HELPER_X86
1158	select CRYPTO_SERPENT
1159	select CRYPTO_LRW
1160	select CRYPTO_XTS
1161	help
1162	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1163
1164	  Keys are allowed to be from 0 to 256 bits in length, in steps
1165	  of 8 bits.
1166
1167	  This module provides the Serpent cipher algorithm that processes
1168	  eight blocks parallel using the AVX instruction set.
1169
1170	  See also:
1171	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1172
1173config CRYPTO_SERPENT_AVX2_X86_64
1174	tristate "Serpent cipher algorithm (x86_64/AVX2)"
1175	depends on X86 && 64BIT
1176	select CRYPTO_ALGAPI
1177	select CRYPTO_CRYPTD
1178	select CRYPTO_ABLK_HELPER
1179	select CRYPTO_GLUE_HELPER_X86
1180	select CRYPTO_SERPENT
1181	select CRYPTO_SERPENT_AVX_X86_64
1182	select CRYPTO_LRW
1183	select CRYPTO_XTS
1184	help
1185	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1186
1187	  Keys are allowed to be from 0 to 256 bits in length, in steps
1188	  of 8 bits.
1189
1190	  This module provides Serpent cipher algorithm that processes 16
1191	  blocks parallel using AVX2 instruction set.
1192
1193	  See also:
1194	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1195
1196config CRYPTO_TEA
1197	tristate "TEA, XTEA and XETA cipher algorithms"
1198	select CRYPTO_ALGAPI
1199	help
1200	  TEA cipher algorithm.
1201
1202	  Tiny Encryption Algorithm is a simple cipher that uses
1203	  many rounds for security.  It is very fast and uses
1204	  little memory.
1205
1206	  Xtendend Tiny Encryption Algorithm is a modification to
1207	  the TEA algorithm to address a potential key weakness
1208	  in the TEA algorithm.
1209
1210	  Xtendend Encryption Tiny Algorithm is a mis-implementation
1211	  of the XTEA algorithm for compatibility purposes.
1212
1213config CRYPTO_TWOFISH
1214	tristate "Twofish cipher algorithm"
1215	select CRYPTO_ALGAPI
1216	select CRYPTO_TWOFISH_COMMON
1217	help
1218	  Twofish cipher algorithm.
1219
1220	  Twofish was submitted as an AES (Advanced Encryption Standard)
1221	  candidate cipher by researchers at CounterPane Systems.  It is a
1222	  16 round block cipher supporting key sizes of 128, 192, and 256
1223	  bits.
1224
1225	  See also:
1226	  <http://www.schneier.com/twofish.html>
1227
1228config CRYPTO_TWOFISH_COMMON
1229	tristate
1230	help
1231	  Common parts of the Twofish cipher algorithm shared by the
1232	  generic c and the assembler implementations.
1233
1234config CRYPTO_TWOFISH_586
1235	tristate "Twofish cipher algorithms (i586)"
1236	depends on (X86 || UML_X86) && !64BIT
1237	select CRYPTO_ALGAPI
1238	select CRYPTO_TWOFISH_COMMON
1239	help
1240	  Twofish cipher algorithm.
1241
1242	  Twofish was submitted as an AES (Advanced Encryption Standard)
1243	  candidate cipher by researchers at CounterPane Systems.  It is a
1244	  16 round block cipher supporting key sizes of 128, 192, and 256
1245	  bits.
1246
1247	  See also:
1248	  <http://www.schneier.com/twofish.html>
1249
1250config CRYPTO_TWOFISH_X86_64
1251	tristate "Twofish cipher algorithm (x86_64)"
1252	depends on (X86 || UML_X86) && 64BIT
1253	select CRYPTO_ALGAPI
1254	select CRYPTO_TWOFISH_COMMON
1255	help
1256	  Twofish cipher algorithm (x86_64).
1257
1258	  Twofish was submitted as an AES (Advanced Encryption Standard)
1259	  candidate cipher by researchers at CounterPane Systems.  It is a
1260	  16 round block cipher supporting key sizes of 128, 192, and 256
1261	  bits.
1262
1263	  See also:
1264	  <http://www.schneier.com/twofish.html>
1265
1266config CRYPTO_TWOFISH_X86_64_3WAY
1267	tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1268	depends on X86 && 64BIT
1269	select CRYPTO_ALGAPI
1270	select CRYPTO_TWOFISH_COMMON
1271	select CRYPTO_TWOFISH_X86_64
1272	select CRYPTO_GLUE_HELPER_X86
1273	select CRYPTO_LRW
1274	select CRYPTO_XTS
1275	help
1276	  Twofish cipher algorithm (x86_64, 3-way parallel).
1277
1278	  Twofish was submitted as an AES (Advanced Encryption Standard)
1279	  candidate cipher by researchers at CounterPane Systems.  It is a
1280	  16 round block cipher supporting key sizes of 128, 192, and 256
1281	  bits.
1282
1283	  This module provides Twofish cipher algorithm that processes three
1284	  blocks parallel, utilizing resources of out-of-order CPUs better.
1285
1286	  See also:
1287	  <http://www.schneier.com/twofish.html>
1288
1289config CRYPTO_TWOFISH_AVX_X86_64
1290	tristate "Twofish cipher algorithm (x86_64/AVX)"
1291	depends on X86 && 64BIT
1292	select CRYPTO_ALGAPI
1293	select CRYPTO_CRYPTD
1294	select CRYPTO_ABLK_HELPER
1295	select CRYPTO_GLUE_HELPER_X86
1296	select CRYPTO_TWOFISH_COMMON
1297	select CRYPTO_TWOFISH_X86_64
1298	select CRYPTO_TWOFISH_X86_64_3WAY
1299	select CRYPTO_LRW
1300	select CRYPTO_XTS
1301	help
1302	  Twofish cipher algorithm (x86_64/AVX).
1303
1304	  Twofish was submitted as an AES (Advanced Encryption Standard)
1305	  candidate cipher by researchers at CounterPane Systems.  It is a
1306	  16 round block cipher supporting key sizes of 128, 192, and 256
1307	  bits.
1308
1309	  This module provides the Twofish cipher algorithm that processes
1310	  eight blocks parallel using the AVX Instruction Set.
1311
1312	  See also:
1313	  <http://www.schneier.com/twofish.html>
1314
1315comment "Compression"
1316
1317config CRYPTO_DEFLATE
1318	tristate "Deflate compression algorithm"
1319	select CRYPTO_ALGAPI
1320	select ZLIB_INFLATE
1321	select ZLIB_DEFLATE
1322	help
1323	  This is the Deflate algorithm (RFC1951), specified for use in
1324	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1325
1326	  You will most probably want this if using IPSec.
1327
1328config CRYPTO_ZLIB
1329	tristate "Zlib compression algorithm"
1330	select CRYPTO_PCOMP
1331	select ZLIB_INFLATE
1332	select ZLIB_DEFLATE
1333	select NLATTR
1334	help
1335	  This is the zlib algorithm.
1336
1337config CRYPTO_LZO
1338	tristate "LZO compression algorithm"
1339	select CRYPTO_ALGAPI
1340	select LZO_COMPRESS
1341	select LZO_DECOMPRESS
1342	help
1343	  This is the LZO algorithm.
1344
1345config CRYPTO_842
1346	tristate "842 compression algorithm"
1347	depends on CRYPTO_DEV_NX_COMPRESS
1348	# 842 uses lzo if the hardware becomes unavailable
1349	select LZO_COMPRESS
1350	select LZO_DECOMPRESS
1351	help
1352	  This is the 842 algorithm.
1353
1354config CRYPTO_LZ4
1355	tristate "LZ4 compression algorithm"
1356	select CRYPTO_ALGAPI
1357	select LZ4_COMPRESS
1358	select LZ4_DECOMPRESS
1359	help
1360	  This is the LZ4 algorithm.
1361
1362config CRYPTO_LZ4HC
1363	tristate "LZ4HC compression algorithm"
1364	select CRYPTO_ALGAPI
1365	select LZ4HC_COMPRESS
1366	select LZ4_DECOMPRESS
1367	help
1368	  This is the LZ4 high compression mode algorithm.
1369
1370comment "Random Number Generation"
1371
1372config CRYPTO_ANSI_CPRNG
1373	tristate "Pseudo Random Number Generation for Cryptographic modules"
1374	default m
1375	select CRYPTO_AES
1376	select CRYPTO_RNG
1377	help
1378	  This option enables the generic pseudo random number generator
1379	  for cryptographic modules.  Uses the Algorithm specified in
1380	  ANSI X9.31 A.2.4. Note that this option must be enabled if
1381	  CRYPTO_FIPS is selected
1382
1383menuconfig CRYTPO_DRBG
1384	tristate "NIST SP800-90A DRBG"
1385	depends on CRYPTO
1386	select CRYPTO_RNG
1387	help
1388	  NIST SP800-90A compliant DRBG. In the following submenu, one or
1389	  more of the DRBG types must be selected.
1390
1391if CRYTPO_DRBG
1392
1393config CRYPTO_DRBG_HMAC
1394	bool "Enable HMAC DRBG"
1395	default y
1396	depends on CRYTPO_DRBG
1397	select CRYPTO_HMAC
1398	help
1399	  Enable the HMAC DRBG variant as defined in NIST SP800-90A.
1400
1401config CRYPTO_DRBG_HASH
1402	bool "Enable Hash DRBG"
1403	depends on CRYTPO_DRBG
1404	select CRYPTO_HASH
1405	help
1406	  Enable the Hash DRBG variant as defined in NIST SP800-90A.
1407
1408config CRYPTO_DRBG_CTR
1409	bool "Enable CTR DRBG"
1410	depends on CRYTPO_DRBG
1411	select CRYPTO_AES
1412	help
1413	  Enable the CTR DRBG variant as defined in NIST SP800-90A.
1414
1415endif #CRYTPO_DRBG
1416
1417config CRYPTO_USER_API
1418	tristate
1419
1420config CRYPTO_USER_API_HASH
1421	tristate "User-space interface for hash algorithms"
1422	depends on NET
1423	select CRYPTO_HASH
1424	select CRYPTO_USER_API
1425	help
1426	  This option enables the user-spaces interface for hash
1427	  algorithms.
1428
1429config CRYPTO_USER_API_SKCIPHER
1430	tristate "User-space interface for symmetric key cipher algorithms"
1431	depends on NET
1432	select CRYPTO_BLKCIPHER
1433	select CRYPTO_USER_API
1434	help
1435	  This option enables the user-spaces interface for symmetric
1436	  key cipher algorithms.
1437
1438config CRYPTO_HASH_INFO
1439	bool
1440
1441source "drivers/crypto/Kconfig"
1442source crypto/asymmetric_keys/Kconfig
1443
1444endif	# if CRYPTO
1445