1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 help 27 This options enables the fips boot option which is 28 required if you want to system to operate in a FIPS 200 29 certification. You should say no unless you know what 30 this is. 31 32config CRYPTO_ALGAPI 33 tristate 34 select CRYPTO_ALGAPI2 35 help 36 This option provides the API for cryptographic algorithms. 37 38config CRYPTO_ALGAPI2 39 tristate 40 41config CRYPTO_AEAD 42 tristate 43 select CRYPTO_AEAD2 44 select CRYPTO_ALGAPI 45 46config CRYPTO_AEAD2 47 tristate 48 select CRYPTO_ALGAPI2 49 50config CRYPTO_BLKCIPHER 51 tristate 52 select CRYPTO_BLKCIPHER2 53 select CRYPTO_ALGAPI 54 55config CRYPTO_BLKCIPHER2 56 tristate 57 select CRYPTO_ALGAPI2 58 select CRYPTO_RNG2 59 60config CRYPTO_HASH 61 tristate 62 select CRYPTO_HASH2 63 select CRYPTO_ALGAPI 64 65config CRYPTO_HASH2 66 tristate 67 select CRYPTO_ALGAPI2 68 69config CRYPTO_RNG 70 tristate 71 select CRYPTO_RNG2 72 select CRYPTO_ALGAPI 73 74config CRYPTO_RNG2 75 tristate 76 select CRYPTO_ALGAPI2 77 78config CRYPTO_MANAGER 79 tristate "Cryptographic algorithm manager" 80 select CRYPTO_MANAGER2 81 help 82 Create default cryptographic template instantiations such as 83 cbc(aes). 84 85config CRYPTO_MANAGER2 86 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 87 select CRYPTO_AEAD2 88 select CRYPTO_HASH2 89 select CRYPTO_BLKCIPHER2 90 91config CRYPTO_GF128MUL 92 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)" 93 depends on EXPERIMENTAL 94 help 95 Efficient table driven implementation of multiplications in the 96 field GF(2^128). This is needed by some cypher modes. This 97 option will be selected automatically if you select such a 98 cipher mode. Only select this option by hand if you expect to load 99 an external module that requires these functions. 100 101config CRYPTO_NULL 102 tristate "Null algorithms" 103 select CRYPTO_ALGAPI 104 select CRYPTO_BLKCIPHER 105 help 106 These are 'Null' algorithms, used by IPsec, which do nothing. 107 108config CRYPTO_CRYPTD 109 tristate "Software async crypto daemon" 110 select CRYPTO_BLKCIPHER 111 select CRYPTO_HASH 112 select CRYPTO_MANAGER 113 help 114 This is a generic software asynchronous crypto daemon that 115 converts an arbitrary synchronous software crypto algorithm 116 into an asynchronous algorithm that executes in a kernel thread. 117 118config CRYPTO_AUTHENC 119 tristate "Authenc support" 120 select CRYPTO_AEAD 121 select CRYPTO_BLKCIPHER 122 select CRYPTO_MANAGER 123 select CRYPTO_HASH 124 help 125 Authenc: Combined mode wrapper for IPsec. 126 This is required for IPSec. 127 128config CRYPTO_TEST 129 tristate "Testing module" 130 depends on m 131 select CRYPTO_MANAGER 132 help 133 Quick & dirty crypto test module. 134 135comment "Authenticated Encryption with Associated Data" 136 137config CRYPTO_CCM 138 tristate "CCM support" 139 select CRYPTO_CTR 140 select CRYPTO_AEAD 141 help 142 Support for Counter with CBC MAC. Required for IPsec. 143 144config CRYPTO_GCM 145 tristate "GCM/GMAC support" 146 select CRYPTO_CTR 147 select CRYPTO_AEAD 148 select CRYPTO_GF128MUL 149 help 150 Support for Galois/Counter Mode (GCM) and Galois Message 151 Authentication Code (GMAC). Required for IPSec. 152 153config CRYPTO_SEQIV 154 tristate "Sequence Number IV Generator" 155 select CRYPTO_AEAD 156 select CRYPTO_BLKCIPHER 157 select CRYPTO_RNG 158 help 159 This IV generator generates an IV based on a sequence number by 160 xoring it with a salt. This algorithm is mainly useful for CTR 161 162comment "Block modes" 163 164config CRYPTO_CBC 165 tristate "CBC support" 166 select CRYPTO_BLKCIPHER 167 select CRYPTO_MANAGER 168 help 169 CBC: Cipher Block Chaining mode 170 This block cipher algorithm is required for IPSec. 171 172config CRYPTO_CTR 173 tristate "CTR support" 174 select CRYPTO_BLKCIPHER 175 select CRYPTO_SEQIV 176 select CRYPTO_MANAGER 177 help 178 CTR: Counter mode 179 This block cipher algorithm is required for IPSec. 180 181config CRYPTO_CTS 182 tristate "CTS support" 183 select CRYPTO_BLKCIPHER 184 help 185 CTS: Cipher Text Stealing 186 This is the Cipher Text Stealing mode as described by 187 Section 8 of rfc2040 and referenced by rfc3962. 188 (rfc3962 includes errata information in its Appendix A) 189 This mode is required for Kerberos gss mechanism support 190 for AES encryption. 191 192config CRYPTO_ECB 193 tristate "ECB support" 194 select CRYPTO_BLKCIPHER 195 select CRYPTO_MANAGER 196 help 197 ECB: Electronic CodeBook mode 198 This is the simplest block cipher algorithm. It simply encrypts 199 the input block by block. 200 201config CRYPTO_LRW 202 tristate "LRW support (EXPERIMENTAL)" 203 depends on EXPERIMENTAL 204 select CRYPTO_BLKCIPHER 205 select CRYPTO_MANAGER 206 select CRYPTO_GF128MUL 207 help 208 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 209 narrow block cipher mode for dm-crypt. Use it with cipher 210 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 211 The first 128, 192 or 256 bits in the key are used for AES and the 212 rest is used to tie each cipher block to its logical position. 213 214config CRYPTO_PCBC 215 tristate "PCBC support" 216 select CRYPTO_BLKCIPHER 217 select CRYPTO_MANAGER 218 help 219 PCBC: Propagating Cipher Block Chaining mode 220 This block cipher algorithm is required for RxRPC. 221 222config CRYPTO_XTS 223 tristate "XTS support (EXPERIMENTAL)" 224 depends on EXPERIMENTAL 225 select CRYPTO_BLKCIPHER 226 select CRYPTO_MANAGER 227 select CRYPTO_GF128MUL 228 help 229 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 230 key size 256, 384 or 512 bits. This implementation currently 231 can't handle a sectorsize which is not a multiple of 16 bytes. 232 233comment "Hash modes" 234 235config CRYPTO_HMAC 236 tristate "HMAC support" 237 select CRYPTO_HASH 238 select CRYPTO_MANAGER 239 help 240 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 241 This is required for IPSec. 242 243config CRYPTO_XCBC 244 tristate "XCBC support" 245 depends on EXPERIMENTAL 246 select CRYPTO_HASH 247 select CRYPTO_MANAGER 248 help 249 XCBC: Keyed-Hashing with encryption algorithm 250 http://www.ietf.org/rfc/rfc3566.txt 251 http://csrc.nist.gov/encryption/modes/proposedmodes/ 252 xcbc-mac/xcbc-mac-spec.pdf 253 254comment "Digest" 255 256config CRYPTO_CRC32C 257 tristate "CRC32c CRC algorithm" 258 select CRYPTO_HASH 259 select LIBCRC32C 260 help 261 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 262 by iSCSI for header and data digests and by others. 263 See Castagnoli93. This implementation uses lib/libcrc32c. 264 Module will be crc32c. 265 266config CRYPTO_CRC32C_INTEL 267 tristate "CRC32c INTEL hardware acceleration" 268 depends on X86 269 select CRYPTO_HASH 270 help 271 In Intel processor with SSE4.2 supported, the processor will 272 support CRC32C implementation using hardware accelerated CRC32 273 instruction. This option will create 'crc32c-intel' module, 274 which will enable any routine to use the CRC32 instruction to 275 gain performance compared with software implementation. 276 Module will be crc32c-intel. 277 278config CRYPTO_MD4 279 tristate "MD4 digest algorithm" 280 select CRYPTO_ALGAPI 281 help 282 MD4 message digest algorithm (RFC1320). 283 284config CRYPTO_MD5 285 tristate "MD5 digest algorithm" 286 select CRYPTO_ALGAPI 287 help 288 MD5 message digest algorithm (RFC1321). 289 290config CRYPTO_MICHAEL_MIC 291 tristate "Michael MIC keyed digest algorithm" 292 select CRYPTO_ALGAPI 293 help 294 Michael MIC is used for message integrity protection in TKIP 295 (IEEE 802.11i). This algorithm is required for TKIP, but it 296 should not be used for other purposes because of the weakness 297 of the algorithm. 298 299config CRYPTO_RMD128 300 tristate "RIPEMD-128 digest algorithm" 301 select CRYPTO_ALGAPI 302 help 303 RIPEMD-128 (ISO/IEC 10118-3:2004). 304 305 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 306 to be used as a secure replacement for RIPEMD. For other use cases 307 RIPEMD-160 should be used. 308 309 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 310 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 311 312config CRYPTO_RMD160 313 tristate "RIPEMD-160 digest algorithm" 314 select CRYPTO_ALGAPI 315 help 316 RIPEMD-160 (ISO/IEC 10118-3:2004). 317 318 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 319 to be used as a secure replacement for the 128-bit hash functions 320 MD4, MD5 and it's predecessor RIPEMD 321 (not to be confused with RIPEMD-128). 322 323 It's speed is comparable to SHA1 and there are no known attacks 324 against RIPEMD-160. 325 326 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 327 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 328 329config CRYPTO_RMD256 330 tristate "RIPEMD-256 digest algorithm" 331 select CRYPTO_ALGAPI 332 help 333 RIPEMD-256 is an optional extension of RIPEMD-128 with a 334 256 bit hash. It is intended for applications that require 335 longer hash-results, without needing a larger security level 336 (than RIPEMD-128). 337 338 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 339 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 340 341config CRYPTO_RMD320 342 tristate "RIPEMD-320 digest algorithm" 343 select CRYPTO_ALGAPI 344 help 345 RIPEMD-320 is an optional extension of RIPEMD-160 with a 346 320 bit hash. It is intended for applications that require 347 longer hash-results, without needing a larger security level 348 (than RIPEMD-160). 349 350 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 351 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 352 353config CRYPTO_SHA1 354 tristate "SHA1 digest algorithm" 355 select CRYPTO_ALGAPI 356 help 357 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 358 359config CRYPTO_SHA256 360 tristate "SHA224 and SHA256 digest algorithm" 361 select CRYPTO_ALGAPI 362 help 363 SHA256 secure hash standard (DFIPS 180-2). 364 365 This version of SHA implements a 256 bit hash with 128 bits of 366 security against collision attacks. 367 368 This code also includes SHA-224, a 224 bit hash with 112 bits 369 of security against collision attacks. 370 371config CRYPTO_SHA512 372 tristate "SHA384 and SHA512 digest algorithms" 373 select CRYPTO_ALGAPI 374 help 375 SHA512 secure hash standard (DFIPS 180-2). 376 377 This version of SHA implements a 512 bit hash with 256 bits of 378 security against collision attacks. 379 380 This code also includes SHA-384, a 384 bit hash with 192 bits 381 of security against collision attacks. 382 383config CRYPTO_TGR192 384 tristate "Tiger digest algorithms" 385 select CRYPTO_ALGAPI 386 help 387 Tiger hash algorithm 192, 160 and 128-bit hashes 388 389 Tiger is a hash function optimized for 64-bit processors while 390 still having decent performance on 32-bit processors. 391 Tiger was developed by Ross Anderson and Eli Biham. 392 393 See also: 394 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 395 396config CRYPTO_WP512 397 tristate "Whirlpool digest algorithms" 398 select CRYPTO_ALGAPI 399 help 400 Whirlpool hash algorithm 512, 384 and 256-bit hashes 401 402 Whirlpool-512 is part of the NESSIE cryptographic primitives. 403 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 404 405 See also: 406 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> 407 408comment "Ciphers" 409 410config CRYPTO_AES 411 tristate "AES cipher algorithms" 412 select CRYPTO_ALGAPI 413 help 414 AES cipher algorithms (FIPS-197). AES uses the Rijndael 415 algorithm. 416 417 Rijndael appears to be consistently a very good performer in 418 both hardware and software across a wide range of computing 419 environments regardless of its use in feedback or non-feedback 420 modes. Its key setup time is excellent, and its key agility is 421 good. Rijndael's very low memory requirements make it very well 422 suited for restricted-space environments, in which it also 423 demonstrates excellent performance. Rijndael's operations are 424 among the easiest to defend against power and timing attacks. 425 426 The AES specifies three key sizes: 128, 192 and 256 bits 427 428 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 429 430config CRYPTO_AES_586 431 tristate "AES cipher algorithms (i586)" 432 depends on (X86 || UML_X86) && !64BIT 433 select CRYPTO_ALGAPI 434 select CRYPTO_AES 435 help 436 AES cipher algorithms (FIPS-197). AES uses the Rijndael 437 algorithm. 438 439 Rijndael appears to be consistently a very good performer in 440 both hardware and software across a wide range of computing 441 environments regardless of its use in feedback or non-feedback 442 modes. Its key setup time is excellent, and its key agility is 443 good. Rijndael's very low memory requirements make it very well 444 suited for restricted-space environments, in which it also 445 demonstrates excellent performance. Rijndael's operations are 446 among the easiest to defend against power and timing attacks. 447 448 The AES specifies three key sizes: 128, 192 and 256 bits 449 450 See <http://csrc.nist.gov/encryption/aes/> for more information. 451 452config CRYPTO_AES_X86_64 453 tristate "AES cipher algorithms (x86_64)" 454 depends on (X86 || UML_X86) && 64BIT 455 select CRYPTO_ALGAPI 456 select CRYPTO_AES 457 help 458 AES cipher algorithms (FIPS-197). AES uses the Rijndael 459 algorithm. 460 461 Rijndael appears to be consistently a very good performer in 462 both hardware and software across a wide range of computing 463 environments regardless of its use in feedback or non-feedback 464 modes. Its key setup time is excellent, and its key agility is 465 good. Rijndael's very low memory requirements make it very well 466 suited for restricted-space environments, in which it also 467 demonstrates excellent performance. Rijndael's operations are 468 among the easiest to defend against power and timing attacks. 469 470 The AES specifies three key sizes: 128, 192 and 256 bits 471 472 See <http://csrc.nist.gov/encryption/aes/> for more information. 473 474config CRYPTO_ANUBIS 475 tristate "Anubis cipher algorithm" 476 select CRYPTO_ALGAPI 477 help 478 Anubis cipher algorithm. 479 480 Anubis is a variable key length cipher which can use keys from 481 128 bits to 320 bits in length. It was evaluated as a entrant 482 in the NESSIE competition. 483 484 See also: 485 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> 486 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> 487 488config CRYPTO_ARC4 489 tristate "ARC4 cipher algorithm" 490 select CRYPTO_ALGAPI 491 help 492 ARC4 cipher algorithm. 493 494 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 495 bits in length. This algorithm is required for driver-based 496 WEP, but it should not be for other purposes because of the 497 weakness of the algorithm. 498 499config CRYPTO_BLOWFISH 500 tristate "Blowfish cipher algorithm" 501 select CRYPTO_ALGAPI 502 help 503 Blowfish cipher algorithm, by Bruce Schneier. 504 505 This is a variable key length cipher which can use keys from 32 506 bits to 448 bits in length. It's fast, simple and specifically 507 designed for use on "large microprocessors". 508 509 See also: 510 <http://www.schneier.com/blowfish.html> 511 512config CRYPTO_CAMELLIA 513 tristate "Camellia cipher algorithms" 514 depends on CRYPTO 515 select CRYPTO_ALGAPI 516 help 517 Camellia cipher algorithms module. 518 519 Camellia is a symmetric key block cipher developed jointly 520 at NTT and Mitsubishi Electric Corporation. 521 522 The Camellia specifies three key sizes: 128, 192 and 256 bits. 523 524 See also: 525 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 526 527config CRYPTO_CAST5 528 tristate "CAST5 (CAST-128) cipher algorithm" 529 select CRYPTO_ALGAPI 530 help 531 The CAST5 encryption algorithm (synonymous with CAST-128) is 532 described in RFC2144. 533 534config CRYPTO_CAST6 535 tristate "CAST6 (CAST-256) cipher algorithm" 536 select CRYPTO_ALGAPI 537 help 538 The CAST6 encryption algorithm (synonymous with CAST-256) is 539 described in RFC2612. 540 541config CRYPTO_DES 542 tristate "DES and Triple DES EDE cipher algorithms" 543 select CRYPTO_ALGAPI 544 help 545 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 546 547config CRYPTO_FCRYPT 548 tristate "FCrypt cipher algorithm" 549 select CRYPTO_ALGAPI 550 select CRYPTO_BLKCIPHER 551 help 552 FCrypt algorithm used by RxRPC. 553 554config CRYPTO_KHAZAD 555 tristate "Khazad cipher algorithm" 556 select CRYPTO_ALGAPI 557 help 558 Khazad cipher algorithm. 559 560 Khazad was a finalist in the initial NESSIE competition. It is 561 an algorithm optimized for 64-bit processors with good performance 562 on 32-bit processors. Khazad uses an 128 bit key size. 563 564 See also: 565 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> 566 567config CRYPTO_SALSA20 568 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" 569 depends on EXPERIMENTAL 570 select CRYPTO_BLKCIPHER 571 help 572 Salsa20 stream cipher algorithm. 573 574 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 575 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 576 577 The Salsa20 stream cipher algorithm is designed by Daniel J. 578 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 579 580config CRYPTO_SALSA20_586 581 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" 582 depends on (X86 || UML_X86) && !64BIT 583 depends on EXPERIMENTAL 584 select CRYPTO_BLKCIPHER 585 help 586 Salsa20 stream cipher algorithm. 587 588 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 589 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 590 591 The Salsa20 stream cipher algorithm is designed by Daniel J. 592 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 593 594config CRYPTO_SALSA20_X86_64 595 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" 596 depends on (X86 || UML_X86) && 64BIT 597 depends on EXPERIMENTAL 598 select CRYPTO_BLKCIPHER 599 help 600 Salsa20 stream cipher algorithm. 601 602 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 603 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 604 605 The Salsa20 stream cipher algorithm is designed by Daniel J. 606 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 607 608config CRYPTO_SEED 609 tristate "SEED cipher algorithm" 610 select CRYPTO_ALGAPI 611 help 612 SEED cipher algorithm (RFC4269). 613 614 SEED is a 128-bit symmetric key block cipher that has been 615 developed by KISA (Korea Information Security Agency) as a 616 national standard encryption algorithm of the Republic of Korea. 617 It is a 16 round block cipher with the key size of 128 bit. 618 619 See also: 620 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 621 622config CRYPTO_SERPENT 623 tristate "Serpent cipher algorithm" 624 select CRYPTO_ALGAPI 625 help 626 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 627 628 Keys are allowed to be from 0 to 256 bits in length, in steps 629 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 630 variant of Serpent for compatibility with old kerneli.org code. 631 632 See also: 633 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 634 635config CRYPTO_TEA 636 tristate "TEA, XTEA and XETA cipher algorithms" 637 select CRYPTO_ALGAPI 638 help 639 TEA cipher algorithm. 640 641 Tiny Encryption Algorithm is a simple cipher that uses 642 many rounds for security. It is very fast and uses 643 little memory. 644 645 Xtendend Tiny Encryption Algorithm is a modification to 646 the TEA algorithm to address a potential key weakness 647 in the TEA algorithm. 648 649 Xtendend Encryption Tiny Algorithm is a mis-implementation 650 of the XTEA algorithm for compatibility purposes. 651 652config CRYPTO_TWOFISH 653 tristate "Twofish cipher algorithm" 654 select CRYPTO_ALGAPI 655 select CRYPTO_TWOFISH_COMMON 656 help 657 Twofish cipher algorithm. 658 659 Twofish was submitted as an AES (Advanced Encryption Standard) 660 candidate cipher by researchers at CounterPane Systems. It is a 661 16 round block cipher supporting key sizes of 128, 192, and 256 662 bits. 663 664 See also: 665 <http://www.schneier.com/twofish.html> 666 667config CRYPTO_TWOFISH_COMMON 668 tristate 669 help 670 Common parts of the Twofish cipher algorithm shared by the 671 generic c and the assembler implementations. 672 673config CRYPTO_TWOFISH_586 674 tristate "Twofish cipher algorithms (i586)" 675 depends on (X86 || UML_X86) && !64BIT 676 select CRYPTO_ALGAPI 677 select CRYPTO_TWOFISH_COMMON 678 help 679 Twofish cipher algorithm. 680 681 Twofish was submitted as an AES (Advanced Encryption Standard) 682 candidate cipher by researchers at CounterPane Systems. It is a 683 16 round block cipher supporting key sizes of 128, 192, and 256 684 bits. 685 686 See also: 687 <http://www.schneier.com/twofish.html> 688 689config CRYPTO_TWOFISH_X86_64 690 tristate "Twofish cipher algorithm (x86_64)" 691 depends on (X86 || UML_X86) && 64BIT 692 select CRYPTO_ALGAPI 693 select CRYPTO_TWOFISH_COMMON 694 help 695 Twofish cipher algorithm (x86_64). 696 697 Twofish was submitted as an AES (Advanced Encryption Standard) 698 candidate cipher by researchers at CounterPane Systems. It is a 699 16 round block cipher supporting key sizes of 128, 192, and 256 700 bits. 701 702 See also: 703 <http://www.schneier.com/twofish.html> 704 705comment "Compression" 706 707config CRYPTO_DEFLATE 708 tristate "Deflate compression algorithm" 709 select CRYPTO_ALGAPI 710 select ZLIB_INFLATE 711 select ZLIB_DEFLATE 712 help 713 This is the Deflate algorithm (RFC1951), specified for use in 714 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 715 716 You will most probably want this if using IPSec. 717 718config CRYPTO_LZO 719 tristate "LZO compression algorithm" 720 select CRYPTO_ALGAPI 721 select LZO_COMPRESS 722 select LZO_DECOMPRESS 723 help 724 This is the LZO algorithm. 725 726comment "Random Number Generation" 727 728config CRYPTO_ANSI_CPRNG 729 tristate "Pseudo Random Number Generation for Cryptographic modules" 730 select CRYPTO_AES 731 select CRYPTO_RNG 732 select CRYPTO_FIPS 733 help 734 This option enables the generic pseudo random number generator 735 for cryptographic modules. Uses the Algorithm specified in 736 ANSI X9.31 A.2.4 737 738source "drivers/crypto/Kconfig" 739 740endif # if CRYPTO 741