xref: /linux/crypto/Kconfig (revision 6574e6c64e971c9adb629e81e497afdb52b1c9df)
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	depends on (CRYPTO_ANSI_CPRNG || CRYTPO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
27	help
28	  This options enables the fips boot option which is
29	  required if you want to system to operate in a FIPS 200
30	  certification.  You should say no unless you know what
31	  this is.
32
33config CRYPTO_ALGAPI
34	tristate
35	select CRYPTO_ALGAPI2
36	help
37	  This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40	tristate
41
42config CRYPTO_AEAD
43	tristate
44	select CRYPTO_AEAD2
45	select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48	tristate
49	select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52	tristate
53	select CRYPTO_BLKCIPHER2
54	select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57	tristate
58	select CRYPTO_ALGAPI2
59	select CRYPTO_RNG2
60	select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63	tristate
64	select CRYPTO_HASH2
65	select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68	tristate
69	select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72	tristate
73	select CRYPTO_RNG2
74	select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77	tristate
78	select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81	tristate
82	select CRYPTO_PCOMP2
83	select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86	tristate
87	select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90	tristate "Cryptographic algorithm manager"
91	select CRYPTO_MANAGER2
92	help
93	  Create default cryptographic template instantiations such as
94	  cbc(aes).
95
96config CRYPTO_MANAGER2
97	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98	select CRYPTO_AEAD2
99	select CRYPTO_HASH2
100	select CRYPTO_BLKCIPHER2
101	select CRYPTO_PCOMP2
102
103config CRYPTO_USER
104	tristate "Userspace cryptographic algorithm configuration"
105	depends on NET
106	select CRYPTO_MANAGER
107	help
108	  Userspace configuration for cryptographic instantiations such as
109	  cbc(aes).
110
111config CRYPTO_MANAGER_DISABLE_TESTS
112	bool "Disable run-time self tests"
113	default y
114	depends on CRYPTO_MANAGER2
115	help
116	  Disable run-time self tests that normally take place at
117	  algorithm registration.
118
119config CRYPTO_GF128MUL
120	tristate "GF(2^128) multiplication functions"
121	help
122	  Efficient table driven implementation of multiplications in the
123	  field GF(2^128).  This is needed by some cypher modes. This
124	  option will be selected automatically if you select such a
125	  cipher mode.  Only select this option by hand if you expect to load
126	  an external module that requires these functions.
127
128config CRYPTO_NULL
129	tristate "Null algorithms"
130	select CRYPTO_ALGAPI
131	select CRYPTO_BLKCIPHER
132	select CRYPTO_HASH
133	help
134	  These are 'Null' algorithms, used by IPsec, which do nothing.
135
136config CRYPTO_PCRYPT
137	tristate "Parallel crypto engine"
138	depends on SMP
139	select PADATA
140	select CRYPTO_MANAGER
141	select CRYPTO_AEAD
142	help
143	  This converts an arbitrary crypto algorithm into a parallel
144	  algorithm that executes in kernel threads.
145
146config CRYPTO_WORKQUEUE
147       tristate
148
149config CRYPTO_CRYPTD
150	tristate "Software async crypto daemon"
151	select CRYPTO_BLKCIPHER
152	select CRYPTO_HASH
153	select CRYPTO_MANAGER
154	select CRYPTO_WORKQUEUE
155	help
156	  This is a generic software asynchronous crypto daemon that
157	  converts an arbitrary synchronous software crypto algorithm
158	  into an asynchronous algorithm that executes in a kernel thread.
159
160config CRYPTO_AUTHENC
161	tristate "Authenc support"
162	select CRYPTO_AEAD
163	select CRYPTO_BLKCIPHER
164	select CRYPTO_MANAGER
165	select CRYPTO_HASH
166	help
167	  Authenc: Combined mode wrapper for IPsec.
168	  This is required for IPSec.
169
170config CRYPTO_TEST
171	tristate "Testing module"
172	depends on m
173	select CRYPTO_MANAGER
174	help
175	  Quick & dirty crypto test module.
176
177config CRYPTO_ABLK_HELPER
178	tristate
179	select CRYPTO_CRYPTD
180
181config CRYPTO_GLUE_HELPER_X86
182	tristate
183	depends on X86
184	select CRYPTO_ALGAPI
185
186comment "Authenticated Encryption with Associated Data"
187
188config CRYPTO_CCM
189	tristate "CCM support"
190	select CRYPTO_CTR
191	select CRYPTO_AEAD
192	help
193	  Support for Counter with CBC MAC. Required for IPsec.
194
195config CRYPTO_GCM
196	tristate "GCM/GMAC support"
197	select CRYPTO_CTR
198	select CRYPTO_AEAD
199	select CRYPTO_GHASH
200	select CRYPTO_NULL
201	help
202	  Support for Galois/Counter Mode (GCM) and Galois Message
203	  Authentication Code (GMAC). Required for IPSec.
204
205config CRYPTO_SEQIV
206	tristate "Sequence Number IV Generator"
207	select CRYPTO_AEAD
208	select CRYPTO_BLKCIPHER
209	select CRYPTO_RNG
210	help
211	  This IV generator generates an IV based on a sequence number by
212	  xoring it with a salt.  This algorithm is mainly useful for CTR
213
214comment "Block modes"
215
216config CRYPTO_CBC
217	tristate "CBC support"
218	select CRYPTO_BLKCIPHER
219	select CRYPTO_MANAGER
220	help
221	  CBC: Cipher Block Chaining mode
222	  This block cipher algorithm is required for IPSec.
223
224config CRYPTO_CTR
225	tristate "CTR support"
226	select CRYPTO_BLKCIPHER
227	select CRYPTO_SEQIV
228	select CRYPTO_MANAGER
229	help
230	  CTR: Counter mode
231	  This block cipher algorithm is required for IPSec.
232
233config CRYPTO_CTS
234	tristate "CTS support"
235	select CRYPTO_BLKCIPHER
236	help
237	  CTS: Cipher Text Stealing
238	  This is the Cipher Text Stealing mode as described by
239	  Section 8 of rfc2040 and referenced by rfc3962.
240	  (rfc3962 includes errata information in its Appendix A)
241	  This mode is required for Kerberos gss mechanism support
242	  for AES encryption.
243
244config CRYPTO_ECB
245	tristate "ECB support"
246	select CRYPTO_BLKCIPHER
247	select CRYPTO_MANAGER
248	help
249	  ECB: Electronic CodeBook mode
250	  This is the simplest block cipher algorithm.  It simply encrypts
251	  the input block by block.
252
253config CRYPTO_LRW
254	tristate "LRW support"
255	select CRYPTO_BLKCIPHER
256	select CRYPTO_MANAGER
257	select CRYPTO_GF128MUL
258	help
259	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
260	  narrow block cipher mode for dm-crypt.  Use it with cipher
261	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
262	  The first 128, 192 or 256 bits in the key are used for AES and the
263	  rest is used to tie each cipher block to its logical position.
264
265config CRYPTO_PCBC
266	tristate "PCBC support"
267	select CRYPTO_BLKCIPHER
268	select CRYPTO_MANAGER
269	help
270	  PCBC: Propagating Cipher Block Chaining mode
271	  This block cipher algorithm is required for RxRPC.
272
273config CRYPTO_XTS
274	tristate "XTS support"
275	select CRYPTO_BLKCIPHER
276	select CRYPTO_MANAGER
277	select CRYPTO_GF128MUL
278	help
279	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
280	  key size 256, 384 or 512 bits. This implementation currently
281	  can't handle a sectorsize which is not a multiple of 16 bytes.
282
283comment "Hash modes"
284
285config CRYPTO_CMAC
286	tristate "CMAC support"
287	select CRYPTO_HASH
288	select CRYPTO_MANAGER
289	help
290	  Cipher-based Message Authentication Code (CMAC) specified by
291	  The National Institute of Standards and Technology (NIST).
292
293	  https://tools.ietf.org/html/rfc4493
294	  http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
295
296config CRYPTO_HMAC
297	tristate "HMAC support"
298	select CRYPTO_HASH
299	select CRYPTO_MANAGER
300	help
301	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
302	  This is required for IPSec.
303
304config CRYPTO_XCBC
305	tristate "XCBC support"
306	select CRYPTO_HASH
307	select CRYPTO_MANAGER
308	help
309	  XCBC: Keyed-Hashing with encryption algorithm
310		http://www.ietf.org/rfc/rfc3566.txt
311		http://csrc.nist.gov/encryption/modes/proposedmodes/
312		 xcbc-mac/xcbc-mac-spec.pdf
313
314config CRYPTO_VMAC
315	tristate "VMAC support"
316	select CRYPTO_HASH
317	select CRYPTO_MANAGER
318	help
319	  VMAC is a message authentication algorithm designed for
320	  very high speed on 64-bit architectures.
321
322	  See also:
323	  <http://fastcrypto.org/vmac>
324
325comment "Digest"
326
327config CRYPTO_CRC32C
328	tristate "CRC32c CRC algorithm"
329	select CRYPTO_HASH
330	select CRC32
331	help
332	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
333	  by iSCSI for header and data digests and by others.
334	  See Castagnoli93.  Module will be crc32c.
335
336config CRYPTO_CRC32C_INTEL
337	tristate "CRC32c INTEL hardware acceleration"
338	depends on X86
339	select CRYPTO_HASH
340	help
341	  In Intel processor with SSE4.2 supported, the processor will
342	  support CRC32C implementation using hardware accelerated CRC32
343	  instruction. This option will create 'crc32c-intel' module,
344	  which will enable any routine to use the CRC32 instruction to
345	  gain performance compared with software implementation.
346	  Module will be crc32c-intel.
347
348config CRYPTO_CRC32C_SPARC64
349	tristate "CRC32c CRC algorithm (SPARC64)"
350	depends on SPARC64
351	select CRYPTO_HASH
352	select CRC32
353	help
354	  CRC32c CRC algorithm implemented using sparc64 crypto instructions,
355	  when available.
356
357config CRYPTO_CRC32
358	tristate "CRC32 CRC algorithm"
359	select CRYPTO_HASH
360	select CRC32
361	help
362	  CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
363	  Shash crypto api wrappers to crc32_le function.
364
365config CRYPTO_CRC32_PCLMUL
366	tristate "CRC32 PCLMULQDQ hardware acceleration"
367	depends on X86
368	select CRYPTO_HASH
369	select CRC32
370	help
371	  From Intel Westmere and AMD Bulldozer processor with SSE4.2
372	  and PCLMULQDQ supported, the processor will support
373	  CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
374	  instruction. This option will create 'crc32-plcmul' module,
375	  which will enable any routine to use the CRC-32-IEEE 802.3 checksum
376	  and gain better performance as compared with the table implementation.
377
378config CRYPTO_CRCT10DIF
379	tristate "CRCT10DIF algorithm"
380	select CRYPTO_HASH
381	help
382	  CRC T10 Data Integrity Field computation is being cast as
383	  a crypto transform.  This allows for faster crc t10 diff
384	  transforms to be used if they are available.
385
386config CRYPTO_CRCT10DIF_PCLMUL
387	tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
388	depends on X86 && 64BIT && CRC_T10DIF
389	select CRYPTO_HASH
390	help
391	  For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
392	  CRC T10 DIF PCLMULQDQ computation can be hardware
393	  accelerated PCLMULQDQ instruction. This option will create
394	  'crct10dif-plcmul' module, which is faster when computing the
395	  crct10dif checksum as compared with the generic table implementation.
396
397config CRYPTO_GHASH
398	tristate "GHASH digest algorithm"
399	select CRYPTO_GF128MUL
400	help
401	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
402
403config CRYPTO_MD4
404	tristate "MD4 digest algorithm"
405	select CRYPTO_HASH
406	help
407	  MD4 message digest algorithm (RFC1320).
408
409config CRYPTO_MD5
410	tristate "MD5 digest algorithm"
411	select CRYPTO_HASH
412	help
413	  MD5 message digest algorithm (RFC1321).
414
415config CRYPTO_MD5_SPARC64
416	tristate "MD5 digest algorithm (SPARC64)"
417	depends on SPARC64
418	select CRYPTO_MD5
419	select CRYPTO_HASH
420	help
421	  MD5 message digest algorithm (RFC1321) implemented
422	  using sparc64 crypto instructions, when available.
423
424config CRYPTO_MICHAEL_MIC
425	tristate "Michael MIC keyed digest algorithm"
426	select CRYPTO_HASH
427	help
428	  Michael MIC is used for message integrity protection in TKIP
429	  (IEEE 802.11i). This algorithm is required for TKIP, but it
430	  should not be used for other purposes because of the weakness
431	  of the algorithm.
432
433config CRYPTO_RMD128
434	tristate "RIPEMD-128 digest algorithm"
435	select CRYPTO_HASH
436	help
437	  RIPEMD-128 (ISO/IEC 10118-3:2004).
438
439	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
440	  be used as a secure replacement for RIPEMD. For other use cases,
441	  RIPEMD-160 should be used.
442
443	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
444	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
445
446config CRYPTO_RMD160
447	tristate "RIPEMD-160 digest algorithm"
448	select CRYPTO_HASH
449	help
450	  RIPEMD-160 (ISO/IEC 10118-3:2004).
451
452	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
453	  to be used as a secure replacement for the 128-bit hash functions
454	  MD4, MD5 and it's predecessor RIPEMD
455	  (not to be confused with RIPEMD-128).
456
457	  It's speed is comparable to SHA1 and there are no known attacks
458	  against RIPEMD-160.
459
460	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
461	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
462
463config CRYPTO_RMD256
464	tristate "RIPEMD-256 digest algorithm"
465	select CRYPTO_HASH
466	help
467	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
468	  256 bit hash. It is intended for applications that require
469	  longer hash-results, without needing a larger security level
470	  (than RIPEMD-128).
471
472	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
473	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
474
475config CRYPTO_RMD320
476	tristate "RIPEMD-320 digest algorithm"
477	select CRYPTO_HASH
478	help
479	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
480	  320 bit hash. It is intended for applications that require
481	  longer hash-results, without needing a larger security level
482	  (than RIPEMD-160).
483
484	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
485	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
486
487config CRYPTO_SHA1
488	tristate "SHA1 digest algorithm"
489	select CRYPTO_HASH
490	help
491	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
492
493config CRYPTO_SHA1_SSSE3
494	tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)"
495	depends on X86 && 64BIT
496	select CRYPTO_SHA1
497	select CRYPTO_HASH
498	help
499	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
500	  using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
501	  Extensions (AVX/AVX2), when available.
502
503config CRYPTO_SHA256_SSSE3
504	tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)"
505	depends on X86 && 64BIT
506	select CRYPTO_SHA256
507	select CRYPTO_HASH
508	help
509	  SHA-256 secure hash standard (DFIPS 180-2) implemented
510	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
511	  Extensions version 1 (AVX1), or Advanced Vector Extensions
512	  version 2 (AVX2) instructions, when available.
513
514config CRYPTO_SHA512_SSSE3
515	tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
516	depends on X86 && 64BIT
517	select CRYPTO_SHA512
518	select CRYPTO_HASH
519	help
520	  SHA-512 secure hash standard (DFIPS 180-2) implemented
521	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
522	  Extensions version 1 (AVX1), or Advanced Vector Extensions
523	  version 2 (AVX2) instructions, when available.
524
525config CRYPTO_SHA1_SPARC64
526	tristate "SHA1 digest algorithm (SPARC64)"
527	depends on SPARC64
528	select CRYPTO_SHA1
529	select CRYPTO_HASH
530	help
531	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
532	  using sparc64 crypto instructions, when available.
533
534config CRYPTO_SHA1_ARM
535	tristate "SHA1 digest algorithm (ARM-asm)"
536	depends on ARM
537	select CRYPTO_SHA1
538	select CRYPTO_HASH
539	help
540	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
541	  using optimized ARM assembler.
542
543config CRYPTO_SHA1_PPC
544	tristate "SHA1 digest algorithm (powerpc)"
545	depends on PPC
546	help
547	  This is the powerpc hardware accelerated implementation of the
548	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
549
550config CRYPTO_SHA256
551	tristate "SHA224 and SHA256 digest algorithm"
552	select CRYPTO_HASH
553	help
554	  SHA256 secure hash standard (DFIPS 180-2).
555
556	  This version of SHA implements a 256 bit hash with 128 bits of
557	  security against collision attacks.
558
559	  This code also includes SHA-224, a 224 bit hash with 112 bits
560	  of security against collision attacks.
561
562config CRYPTO_SHA256_SPARC64
563	tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
564	depends on SPARC64
565	select CRYPTO_SHA256
566	select CRYPTO_HASH
567	help
568	  SHA-256 secure hash standard (DFIPS 180-2) implemented
569	  using sparc64 crypto instructions, when available.
570
571config CRYPTO_SHA512
572	tristate "SHA384 and SHA512 digest algorithms"
573	select CRYPTO_HASH
574	help
575	  SHA512 secure hash standard (DFIPS 180-2).
576
577	  This version of SHA implements a 512 bit hash with 256 bits of
578	  security against collision attacks.
579
580	  This code also includes SHA-384, a 384 bit hash with 192 bits
581	  of security against collision attacks.
582
583config CRYPTO_SHA512_SPARC64
584	tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
585	depends on SPARC64
586	select CRYPTO_SHA512
587	select CRYPTO_HASH
588	help
589	  SHA-512 secure hash standard (DFIPS 180-2) implemented
590	  using sparc64 crypto instructions, when available.
591
592config CRYPTO_TGR192
593	tristate "Tiger digest algorithms"
594	select CRYPTO_HASH
595	help
596	  Tiger hash algorithm 192, 160 and 128-bit hashes
597
598	  Tiger is a hash function optimized for 64-bit processors while
599	  still having decent performance on 32-bit processors.
600	  Tiger was developed by Ross Anderson and Eli Biham.
601
602	  See also:
603	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
604
605config CRYPTO_WP512
606	tristate "Whirlpool digest algorithms"
607	select CRYPTO_HASH
608	help
609	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
610
611	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
612	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
613
614	  See also:
615	  <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
616
617config CRYPTO_GHASH_CLMUL_NI_INTEL
618	tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
619	depends on X86 && 64BIT
620	select CRYPTO_CRYPTD
621	help
622	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
623	  The implementation is accelerated by CLMUL-NI of Intel.
624
625comment "Ciphers"
626
627config CRYPTO_AES
628	tristate "AES cipher algorithms"
629	select CRYPTO_ALGAPI
630	help
631	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
632	  algorithm.
633
634	  Rijndael appears to be consistently a very good performer in
635	  both hardware and software across a wide range of computing
636	  environments regardless of its use in feedback or non-feedback
637	  modes. Its key setup time is excellent, and its key agility is
638	  good. Rijndael's very low memory requirements make it very well
639	  suited for restricted-space environments, in which it also
640	  demonstrates excellent performance. Rijndael's operations are
641	  among the easiest to defend against power and timing attacks.
642
643	  The AES specifies three key sizes: 128, 192 and 256 bits
644
645	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
646
647config CRYPTO_AES_586
648	tristate "AES cipher algorithms (i586)"
649	depends on (X86 || UML_X86) && !64BIT
650	select CRYPTO_ALGAPI
651	select CRYPTO_AES
652	help
653	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
654	  algorithm.
655
656	  Rijndael appears to be consistently a very good performer in
657	  both hardware and software across a wide range of computing
658	  environments regardless of its use in feedback or non-feedback
659	  modes. Its key setup time is excellent, and its key agility is
660	  good. Rijndael's very low memory requirements make it very well
661	  suited for restricted-space environments, in which it also
662	  demonstrates excellent performance. Rijndael's operations are
663	  among the easiest to defend against power and timing attacks.
664
665	  The AES specifies three key sizes: 128, 192 and 256 bits
666
667	  See <http://csrc.nist.gov/encryption/aes/> for more information.
668
669config CRYPTO_AES_X86_64
670	tristate "AES cipher algorithms (x86_64)"
671	depends on (X86 || UML_X86) && 64BIT
672	select CRYPTO_ALGAPI
673	select CRYPTO_AES
674	help
675	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
676	  algorithm.
677
678	  Rijndael appears to be consistently a very good performer in
679	  both hardware and software across a wide range of computing
680	  environments regardless of its use in feedback or non-feedback
681	  modes. Its key setup time is excellent, and its key agility is
682	  good. Rijndael's very low memory requirements make it very well
683	  suited for restricted-space environments, in which it also
684	  demonstrates excellent performance. Rijndael's operations are
685	  among the easiest to defend against power and timing attacks.
686
687	  The AES specifies three key sizes: 128, 192 and 256 bits
688
689	  See <http://csrc.nist.gov/encryption/aes/> for more information.
690
691config CRYPTO_AES_NI_INTEL
692	tristate "AES cipher algorithms (AES-NI)"
693	depends on X86
694	select CRYPTO_AES_X86_64 if 64BIT
695	select CRYPTO_AES_586 if !64BIT
696	select CRYPTO_CRYPTD
697	select CRYPTO_ABLK_HELPER
698	select CRYPTO_ALGAPI
699	select CRYPTO_GLUE_HELPER_X86 if 64BIT
700	select CRYPTO_LRW
701	select CRYPTO_XTS
702	help
703	  Use Intel AES-NI instructions for AES algorithm.
704
705	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
706	  algorithm.
707
708	  Rijndael appears to be consistently a very good performer in
709	  both hardware and software across a wide range of computing
710	  environments regardless of its use in feedback or non-feedback
711	  modes. Its key setup time is excellent, and its key agility is
712	  good. Rijndael's very low memory requirements make it very well
713	  suited for restricted-space environments, in which it also
714	  demonstrates excellent performance. Rijndael's operations are
715	  among the easiest to defend against power and timing attacks.
716
717	  The AES specifies three key sizes: 128, 192 and 256 bits
718
719	  See <http://csrc.nist.gov/encryption/aes/> for more information.
720
721	  In addition to AES cipher algorithm support, the acceleration
722	  for some popular block cipher mode is supported too, including
723	  ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
724	  acceleration for CTR.
725
726config CRYPTO_AES_SPARC64
727	tristate "AES cipher algorithms (SPARC64)"
728	depends on SPARC64
729	select CRYPTO_CRYPTD
730	select CRYPTO_ALGAPI
731	help
732	  Use SPARC64 crypto opcodes for AES algorithm.
733
734	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
735	  algorithm.
736
737	  Rijndael appears to be consistently a very good performer in
738	  both hardware and software across a wide range of computing
739	  environments regardless of its use in feedback or non-feedback
740	  modes. Its key setup time is excellent, and its key agility is
741	  good. Rijndael's very low memory requirements make it very well
742	  suited for restricted-space environments, in which it also
743	  demonstrates excellent performance. Rijndael's operations are
744	  among the easiest to defend against power and timing attacks.
745
746	  The AES specifies three key sizes: 128, 192 and 256 bits
747
748	  See <http://csrc.nist.gov/encryption/aes/> for more information.
749
750	  In addition to AES cipher algorithm support, the acceleration
751	  for some popular block cipher mode is supported too, including
752	  ECB and CBC.
753
754config CRYPTO_AES_ARM
755	tristate "AES cipher algorithms (ARM-asm)"
756	depends on ARM
757	select CRYPTO_ALGAPI
758	select CRYPTO_AES
759	help
760	  Use optimized AES assembler routines for ARM platforms.
761
762	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
763	  algorithm.
764
765	  Rijndael appears to be consistently a very good performer in
766	  both hardware and software across a wide range of computing
767	  environments regardless of its use in feedback or non-feedback
768	  modes. Its key setup time is excellent, and its key agility is
769	  good. Rijndael's very low memory requirements make it very well
770	  suited for restricted-space environments, in which it also
771	  demonstrates excellent performance. Rijndael's operations are
772	  among the easiest to defend against power and timing attacks.
773
774	  The AES specifies three key sizes: 128, 192 and 256 bits
775
776	  See <http://csrc.nist.gov/encryption/aes/> for more information.
777
778config CRYPTO_AES_ARM_BS
779	tristate "Bit sliced AES using NEON instructions"
780	depends on ARM && KERNEL_MODE_NEON
781	select CRYPTO_ALGAPI
782	select CRYPTO_AES_ARM
783	select CRYPTO_ABLK_HELPER
784	help
785	  Use a faster and more secure NEON based implementation of AES in CBC,
786	  CTR and XTS modes
787
788	  Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
789	  and for XTS mode encryption, CBC and XTS mode decryption speedup is
790	  around 25%. (CBC encryption speed is not affected by this driver.)
791	  This implementation does not rely on any lookup tables so it is
792	  believed to be invulnerable to cache timing attacks.
793
794config CRYPTO_ANUBIS
795	tristate "Anubis cipher algorithm"
796	select CRYPTO_ALGAPI
797	help
798	  Anubis cipher algorithm.
799
800	  Anubis is a variable key length cipher which can use keys from
801	  128 bits to 320 bits in length.  It was evaluated as a entrant
802	  in the NESSIE competition.
803
804	  See also:
805	  <https://www.cosic.esat.kuleuven.be/nessie/reports/>
806	  <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
807
808config CRYPTO_ARC4
809	tristate "ARC4 cipher algorithm"
810	select CRYPTO_BLKCIPHER
811	help
812	  ARC4 cipher algorithm.
813
814	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
815	  bits in length.  This algorithm is required for driver-based
816	  WEP, but it should not be for other purposes because of the
817	  weakness of the algorithm.
818
819config CRYPTO_BLOWFISH
820	tristate "Blowfish cipher algorithm"
821	select CRYPTO_ALGAPI
822	select CRYPTO_BLOWFISH_COMMON
823	help
824	  Blowfish cipher algorithm, by Bruce Schneier.
825
826	  This is a variable key length cipher which can use keys from 32
827	  bits to 448 bits in length.  It's fast, simple and specifically
828	  designed for use on "large microprocessors".
829
830	  See also:
831	  <http://www.schneier.com/blowfish.html>
832
833config CRYPTO_BLOWFISH_COMMON
834	tristate
835	help
836	  Common parts of the Blowfish cipher algorithm shared by the
837	  generic c and the assembler implementations.
838
839	  See also:
840	  <http://www.schneier.com/blowfish.html>
841
842config CRYPTO_BLOWFISH_X86_64
843	tristate "Blowfish cipher algorithm (x86_64)"
844	depends on X86 && 64BIT
845	select CRYPTO_ALGAPI
846	select CRYPTO_BLOWFISH_COMMON
847	help
848	  Blowfish cipher algorithm (x86_64), by Bruce Schneier.
849
850	  This is a variable key length cipher which can use keys from 32
851	  bits to 448 bits in length.  It's fast, simple and specifically
852	  designed for use on "large microprocessors".
853
854	  See also:
855	  <http://www.schneier.com/blowfish.html>
856
857config CRYPTO_CAMELLIA
858	tristate "Camellia cipher algorithms"
859	depends on CRYPTO
860	select CRYPTO_ALGAPI
861	help
862	  Camellia cipher algorithms module.
863
864	  Camellia is a symmetric key block cipher developed jointly
865	  at NTT and Mitsubishi Electric Corporation.
866
867	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
868
869	  See also:
870	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
871
872config CRYPTO_CAMELLIA_X86_64
873	tristate "Camellia cipher algorithm (x86_64)"
874	depends on X86 && 64BIT
875	depends on CRYPTO
876	select CRYPTO_ALGAPI
877	select CRYPTO_GLUE_HELPER_X86
878	select CRYPTO_LRW
879	select CRYPTO_XTS
880	help
881	  Camellia cipher algorithm module (x86_64).
882
883	  Camellia is a symmetric key block cipher developed jointly
884	  at NTT and Mitsubishi Electric Corporation.
885
886	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
887
888	  See also:
889	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
890
891config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
892	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
893	depends on X86 && 64BIT
894	depends on CRYPTO
895	select CRYPTO_ALGAPI
896	select CRYPTO_CRYPTD
897	select CRYPTO_ABLK_HELPER
898	select CRYPTO_GLUE_HELPER_X86
899	select CRYPTO_CAMELLIA_X86_64
900	select CRYPTO_LRW
901	select CRYPTO_XTS
902	help
903	  Camellia cipher algorithm module (x86_64/AES-NI/AVX).
904
905	  Camellia is a symmetric key block cipher developed jointly
906	  at NTT and Mitsubishi Electric Corporation.
907
908	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
909
910	  See also:
911	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
912
913config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
914	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
915	depends on X86 && 64BIT
916	depends on CRYPTO
917	select CRYPTO_ALGAPI
918	select CRYPTO_CRYPTD
919	select CRYPTO_ABLK_HELPER
920	select CRYPTO_GLUE_HELPER_X86
921	select CRYPTO_CAMELLIA_X86_64
922	select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
923	select CRYPTO_LRW
924	select CRYPTO_XTS
925	help
926	  Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
927
928	  Camellia is a symmetric key block cipher developed jointly
929	  at NTT and Mitsubishi Electric Corporation.
930
931	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
932
933	  See also:
934	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
935
936config CRYPTO_CAMELLIA_SPARC64
937	tristate "Camellia cipher algorithm (SPARC64)"
938	depends on SPARC64
939	depends on CRYPTO
940	select CRYPTO_ALGAPI
941	help
942	  Camellia cipher algorithm module (SPARC64).
943
944	  Camellia is a symmetric key block cipher developed jointly
945	  at NTT and Mitsubishi Electric Corporation.
946
947	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
948
949	  See also:
950	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
951
952config CRYPTO_CAST_COMMON
953	tristate
954	help
955	  Common parts of the CAST cipher algorithms shared by the
956	  generic c and the assembler implementations.
957
958config CRYPTO_CAST5
959	tristate "CAST5 (CAST-128) cipher algorithm"
960	select CRYPTO_ALGAPI
961	select CRYPTO_CAST_COMMON
962	help
963	  The CAST5 encryption algorithm (synonymous with CAST-128) is
964	  described in RFC2144.
965
966config CRYPTO_CAST5_AVX_X86_64
967	tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
968	depends on X86 && 64BIT
969	select CRYPTO_ALGAPI
970	select CRYPTO_CRYPTD
971	select CRYPTO_ABLK_HELPER
972	select CRYPTO_CAST_COMMON
973	select CRYPTO_CAST5
974	help
975	  The CAST5 encryption algorithm (synonymous with CAST-128) is
976	  described in RFC2144.
977
978	  This module provides the Cast5 cipher algorithm that processes
979	  sixteen blocks parallel using the AVX instruction set.
980
981config CRYPTO_CAST6
982	tristate "CAST6 (CAST-256) cipher algorithm"
983	select CRYPTO_ALGAPI
984	select CRYPTO_CAST_COMMON
985	help
986	  The CAST6 encryption algorithm (synonymous with CAST-256) is
987	  described in RFC2612.
988
989config CRYPTO_CAST6_AVX_X86_64
990	tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
991	depends on X86 && 64BIT
992	select CRYPTO_ALGAPI
993	select CRYPTO_CRYPTD
994	select CRYPTO_ABLK_HELPER
995	select CRYPTO_GLUE_HELPER_X86
996	select CRYPTO_CAST_COMMON
997	select CRYPTO_CAST6
998	select CRYPTO_LRW
999	select CRYPTO_XTS
1000	help
1001	  The CAST6 encryption algorithm (synonymous with CAST-256) is
1002	  described in RFC2612.
1003
1004	  This module provides the Cast6 cipher algorithm that processes
1005	  eight blocks parallel using the AVX instruction set.
1006
1007config CRYPTO_DES
1008	tristate "DES and Triple DES EDE cipher algorithms"
1009	select CRYPTO_ALGAPI
1010	help
1011	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1012
1013config CRYPTO_DES_SPARC64
1014	tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
1015	depends on SPARC64
1016	select CRYPTO_ALGAPI
1017	select CRYPTO_DES
1018	help
1019	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1020	  optimized using SPARC64 crypto opcodes.
1021
1022config CRYPTO_DES3_EDE_X86_64
1023	tristate "Triple DES EDE cipher algorithm (x86-64)"
1024	depends on X86 && 64BIT
1025	select CRYPTO_ALGAPI
1026	select CRYPTO_DES
1027	help
1028	  Triple DES EDE (FIPS 46-3) algorithm.
1029
1030	  This module provides implementation of the Triple DES EDE cipher
1031	  algorithm that is optimized for x86-64 processors. Two versions of
1032	  algorithm are provided; regular processing one input block and
1033	  one that processes three blocks parallel.
1034
1035config CRYPTO_FCRYPT
1036	tristate "FCrypt cipher algorithm"
1037	select CRYPTO_ALGAPI
1038	select CRYPTO_BLKCIPHER
1039	help
1040	  FCrypt algorithm used by RxRPC.
1041
1042config CRYPTO_KHAZAD
1043	tristate "Khazad cipher algorithm"
1044	select CRYPTO_ALGAPI
1045	help
1046	  Khazad cipher algorithm.
1047
1048	  Khazad was a finalist in the initial NESSIE competition.  It is
1049	  an algorithm optimized for 64-bit processors with good performance
1050	  on 32-bit processors.  Khazad uses an 128 bit key size.
1051
1052	  See also:
1053	  <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1054
1055config CRYPTO_SALSA20
1056	tristate "Salsa20 stream cipher algorithm"
1057	select CRYPTO_BLKCIPHER
1058	help
1059	  Salsa20 stream cipher algorithm.
1060
1061	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1062	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1063
1064	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1065	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1066
1067config CRYPTO_SALSA20_586
1068	tristate "Salsa20 stream cipher algorithm (i586)"
1069	depends on (X86 || UML_X86) && !64BIT
1070	select CRYPTO_BLKCIPHER
1071	help
1072	  Salsa20 stream cipher algorithm.
1073
1074	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1075	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1076
1077	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1078	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1079
1080config CRYPTO_SALSA20_X86_64
1081	tristate "Salsa20 stream cipher algorithm (x86_64)"
1082	depends on (X86 || UML_X86) && 64BIT
1083	select CRYPTO_BLKCIPHER
1084	help
1085	  Salsa20 stream cipher algorithm.
1086
1087	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1088	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1089
1090	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1091	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1092
1093config CRYPTO_SEED
1094	tristate "SEED cipher algorithm"
1095	select CRYPTO_ALGAPI
1096	help
1097	  SEED cipher algorithm (RFC4269).
1098
1099	  SEED is a 128-bit symmetric key block cipher that has been
1100	  developed by KISA (Korea Information Security Agency) as a
1101	  national standard encryption algorithm of the Republic of Korea.
1102	  It is a 16 round block cipher with the key size of 128 bit.
1103
1104	  See also:
1105	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1106
1107config CRYPTO_SERPENT
1108	tristate "Serpent cipher algorithm"
1109	select CRYPTO_ALGAPI
1110	help
1111	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1112
1113	  Keys are allowed to be from 0 to 256 bits in length, in steps
1114	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
1115	  variant of Serpent for compatibility with old kerneli.org code.
1116
1117	  See also:
1118	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1119
1120config CRYPTO_SERPENT_SSE2_X86_64
1121	tristate "Serpent cipher algorithm (x86_64/SSE2)"
1122	depends on X86 && 64BIT
1123	select CRYPTO_ALGAPI
1124	select CRYPTO_CRYPTD
1125	select CRYPTO_ABLK_HELPER
1126	select CRYPTO_GLUE_HELPER_X86
1127	select CRYPTO_SERPENT
1128	select CRYPTO_LRW
1129	select CRYPTO_XTS
1130	help
1131	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1132
1133	  Keys are allowed to be from 0 to 256 bits in length, in steps
1134	  of 8 bits.
1135
1136	  This module provides Serpent cipher algorithm that processes eigth
1137	  blocks parallel using SSE2 instruction set.
1138
1139	  See also:
1140	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1141
1142config CRYPTO_SERPENT_SSE2_586
1143	tristate "Serpent cipher algorithm (i586/SSE2)"
1144	depends on X86 && !64BIT
1145	select CRYPTO_ALGAPI
1146	select CRYPTO_CRYPTD
1147	select CRYPTO_ABLK_HELPER
1148	select CRYPTO_GLUE_HELPER_X86
1149	select CRYPTO_SERPENT
1150	select CRYPTO_LRW
1151	select CRYPTO_XTS
1152	help
1153	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1154
1155	  Keys are allowed to be from 0 to 256 bits in length, in steps
1156	  of 8 bits.
1157
1158	  This module provides Serpent cipher algorithm that processes four
1159	  blocks parallel using SSE2 instruction set.
1160
1161	  See also:
1162	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1163
1164config CRYPTO_SERPENT_AVX_X86_64
1165	tristate "Serpent cipher algorithm (x86_64/AVX)"
1166	depends on X86 && 64BIT
1167	select CRYPTO_ALGAPI
1168	select CRYPTO_CRYPTD
1169	select CRYPTO_ABLK_HELPER
1170	select CRYPTO_GLUE_HELPER_X86
1171	select CRYPTO_SERPENT
1172	select CRYPTO_LRW
1173	select CRYPTO_XTS
1174	help
1175	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1176
1177	  Keys are allowed to be from 0 to 256 bits in length, in steps
1178	  of 8 bits.
1179
1180	  This module provides the Serpent cipher algorithm that processes
1181	  eight blocks parallel using the AVX instruction set.
1182
1183	  See also:
1184	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1185
1186config CRYPTO_SERPENT_AVX2_X86_64
1187	tristate "Serpent cipher algorithm (x86_64/AVX2)"
1188	depends on X86 && 64BIT
1189	select CRYPTO_ALGAPI
1190	select CRYPTO_CRYPTD
1191	select CRYPTO_ABLK_HELPER
1192	select CRYPTO_GLUE_HELPER_X86
1193	select CRYPTO_SERPENT
1194	select CRYPTO_SERPENT_AVX_X86_64
1195	select CRYPTO_LRW
1196	select CRYPTO_XTS
1197	help
1198	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1199
1200	  Keys are allowed to be from 0 to 256 bits in length, in steps
1201	  of 8 bits.
1202
1203	  This module provides Serpent cipher algorithm that processes 16
1204	  blocks parallel using AVX2 instruction set.
1205
1206	  See also:
1207	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1208
1209config CRYPTO_TEA
1210	tristate "TEA, XTEA and XETA cipher algorithms"
1211	select CRYPTO_ALGAPI
1212	help
1213	  TEA cipher algorithm.
1214
1215	  Tiny Encryption Algorithm is a simple cipher that uses
1216	  many rounds for security.  It is very fast and uses
1217	  little memory.
1218
1219	  Xtendend Tiny Encryption Algorithm is a modification to
1220	  the TEA algorithm to address a potential key weakness
1221	  in the TEA algorithm.
1222
1223	  Xtendend Encryption Tiny Algorithm is a mis-implementation
1224	  of the XTEA algorithm for compatibility purposes.
1225
1226config CRYPTO_TWOFISH
1227	tristate "Twofish cipher algorithm"
1228	select CRYPTO_ALGAPI
1229	select CRYPTO_TWOFISH_COMMON
1230	help
1231	  Twofish cipher algorithm.
1232
1233	  Twofish was submitted as an AES (Advanced Encryption Standard)
1234	  candidate cipher by researchers at CounterPane Systems.  It is a
1235	  16 round block cipher supporting key sizes of 128, 192, and 256
1236	  bits.
1237
1238	  See also:
1239	  <http://www.schneier.com/twofish.html>
1240
1241config CRYPTO_TWOFISH_COMMON
1242	tristate
1243	help
1244	  Common parts of the Twofish cipher algorithm shared by the
1245	  generic c and the assembler implementations.
1246
1247config CRYPTO_TWOFISH_586
1248	tristate "Twofish cipher algorithms (i586)"
1249	depends on (X86 || UML_X86) && !64BIT
1250	select CRYPTO_ALGAPI
1251	select CRYPTO_TWOFISH_COMMON
1252	help
1253	  Twofish cipher algorithm.
1254
1255	  Twofish was submitted as an AES (Advanced Encryption Standard)
1256	  candidate cipher by researchers at CounterPane Systems.  It is a
1257	  16 round block cipher supporting key sizes of 128, 192, and 256
1258	  bits.
1259
1260	  See also:
1261	  <http://www.schneier.com/twofish.html>
1262
1263config CRYPTO_TWOFISH_X86_64
1264	tristate "Twofish cipher algorithm (x86_64)"
1265	depends on (X86 || UML_X86) && 64BIT
1266	select CRYPTO_ALGAPI
1267	select CRYPTO_TWOFISH_COMMON
1268	help
1269	  Twofish cipher algorithm (x86_64).
1270
1271	  Twofish was submitted as an AES (Advanced Encryption Standard)
1272	  candidate cipher by researchers at CounterPane Systems.  It is a
1273	  16 round block cipher supporting key sizes of 128, 192, and 256
1274	  bits.
1275
1276	  See also:
1277	  <http://www.schneier.com/twofish.html>
1278
1279config CRYPTO_TWOFISH_X86_64_3WAY
1280	tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1281	depends on X86 && 64BIT
1282	select CRYPTO_ALGAPI
1283	select CRYPTO_TWOFISH_COMMON
1284	select CRYPTO_TWOFISH_X86_64
1285	select CRYPTO_GLUE_HELPER_X86
1286	select CRYPTO_LRW
1287	select CRYPTO_XTS
1288	help
1289	  Twofish cipher algorithm (x86_64, 3-way parallel).
1290
1291	  Twofish was submitted as an AES (Advanced Encryption Standard)
1292	  candidate cipher by researchers at CounterPane Systems.  It is a
1293	  16 round block cipher supporting key sizes of 128, 192, and 256
1294	  bits.
1295
1296	  This module provides Twofish cipher algorithm that processes three
1297	  blocks parallel, utilizing resources of out-of-order CPUs better.
1298
1299	  See also:
1300	  <http://www.schneier.com/twofish.html>
1301
1302config CRYPTO_TWOFISH_AVX_X86_64
1303	tristate "Twofish cipher algorithm (x86_64/AVX)"
1304	depends on X86 && 64BIT
1305	select CRYPTO_ALGAPI
1306	select CRYPTO_CRYPTD
1307	select CRYPTO_ABLK_HELPER
1308	select CRYPTO_GLUE_HELPER_X86
1309	select CRYPTO_TWOFISH_COMMON
1310	select CRYPTO_TWOFISH_X86_64
1311	select CRYPTO_TWOFISH_X86_64_3WAY
1312	select CRYPTO_LRW
1313	select CRYPTO_XTS
1314	help
1315	  Twofish cipher algorithm (x86_64/AVX).
1316
1317	  Twofish was submitted as an AES (Advanced Encryption Standard)
1318	  candidate cipher by researchers at CounterPane Systems.  It is a
1319	  16 round block cipher supporting key sizes of 128, 192, and 256
1320	  bits.
1321
1322	  This module provides the Twofish cipher algorithm that processes
1323	  eight blocks parallel using the AVX Instruction Set.
1324
1325	  See also:
1326	  <http://www.schneier.com/twofish.html>
1327
1328comment "Compression"
1329
1330config CRYPTO_DEFLATE
1331	tristate "Deflate compression algorithm"
1332	select CRYPTO_ALGAPI
1333	select ZLIB_INFLATE
1334	select ZLIB_DEFLATE
1335	help
1336	  This is the Deflate algorithm (RFC1951), specified for use in
1337	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1338
1339	  You will most probably want this if using IPSec.
1340
1341config CRYPTO_ZLIB
1342	tristate "Zlib compression algorithm"
1343	select CRYPTO_PCOMP
1344	select ZLIB_INFLATE
1345	select ZLIB_DEFLATE
1346	select NLATTR
1347	help
1348	  This is the zlib algorithm.
1349
1350config CRYPTO_LZO
1351	tristate "LZO compression algorithm"
1352	select CRYPTO_ALGAPI
1353	select LZO_COMPRESS
1354	select LZO_DECOMPRESS
1355	help
1356	  This is the LZO algorithm.
1357
1358config CRYPTO_842
1359	tristate "842 compression algorithm"
1360	depends on CRYPTO_DEV_NX_COMPRESS
1361	# 842 uses lzo if the hardware becomes unavailable
1362	select LZO_COMPRESS
1363	select LZO_DECOMPRESS
1364	help
1365	  This is the 842 algorithm.
1366
1367config CRYPTO_LZ4
1368	tristate "LZ4 compression algorithm"
1369	select CRYPTO_ALGAPI
1370	select LZ4_COMPRESS
1371	select LZ4_DECOMPRESS
1372	help
1373	  This is the LZ4 algorithm.
1374
1375config CRYPTO_LZ4HC
1376	tristate "LZ4HC compression algorithm"
1377	select CRYPTO_ALGAPI
1378	select LZ4HC_COMPRESS
1379	select LZ4_DECOMPRESS
1380	help
1381	  This is the LZ4 high compression mode algorithm.
1382
1383comment "Random Number Generation"
1384
1385config CRYPTO_ANSI_CPRNG
1386	tristate "Pseudo Random Number Generation for Cryptographic modules"
1387	default m
1388	select CRYPTO_AES
1389	select CRYPTO_RNG
1390	help
1391	  This option enables the generic pseudo random number generator
1392	  for cryptographic modules.  Uses the Algorithm specified in
1393	  ANSI X9.31 A.2.4. Note that this option must be enabled if
1394	  CRYPTO_FIPS is selected
1395
1396menuconfig CRYTPO_DRBG
1397	tristate "NIST SP800-90A DRBG"
1398	depends on CRYPTO
1399	select CRYPTO_RNG
1400	help
1401	  NIST SP800-90A compliant DRBG. In the following submenu, one or
1402	  more of the DRBG types must be selected.
1403
1404if CRYTPO_DRBG
1405
1406config CRYPTO_DRBG_HMAC
1407	bool "Enable HMAC DRBG"
1408	default y
1409	depends on CRYTPO_DRBG
1410	select CRYPTO_HMAC
1411	help
1412	  Enable the HMAC DRBG variant as defined in NIST SP800-90A.
1413
1414config CRYPTO_DRBG_HASH
1415	bool "Enable Hash DRBG"
1416	depends on CRYTPO_DRBG
1417	select CRYPTO_HASH
1418	help
1419	  Enable the Hash DRBG variant as defined in NIST SP800-90A.
1420
1421config CRYPTO_DRBG_CTR
1422	bool "Enable CTR DRBG"
1423	depends on CRYTPO_DRBG
1424	select CRYPTO_AES
1425	help
1426	  Enable the CTR DRBG variant as defined in NIST SP800-90A.
1427
1428endif #CRYTPO_DRBG
1429
1430config CRYPTO_USER_API
1431	tristate
1432
1433config CRYPTO_USER_API_HASH
1434	tristate "User-space interface for hash algorithms"
1435	depends on NET
1436	select CRYPTO_HASH
1437	select CRYPTO_USER_API
1438	help
1439	  This option enables the user-spaces interface for hash
1440	  algorithms.
1441
1442config CRYPTO_USER_API_SKCIPHER
1443	tristate "User-space interface for symmetric key cipher algorithms"
1444	depends on NET
1445	select CRYPTO_BLKCIPHER
1446	select CRYPTO_USER_API
1447	help
1448	  This option enables the user-spaces interface for symmetric
1449	  key cipher algorithms.
1450
1451config CRYPTO_HASH_INFO
1452	bool
1453
1454source "drivers/crypto/Kconfig"
1455source crypto/asymmetric_keys/Kconfig
1456
1457endif	# if CRYPTO
1458