1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 27 depends on MODULE_SIG 28 help 29 This options enables the fips boot option which is 30 required if you want to system to operate in a FIPS 200 31 certification. You should say no unless you know what 32 this is. 33 34config CRYPTO_ALGAPI 35 tristate 36 select CRYPTO_ALGAPI2 37 help 38 This option provides the API for cryptographic algorithms. 39 40config CRYPTO_ALGAPI2 41 tristate 42 43config CRYPTO_AEAD 44 tristate 45 select CRYPTO_AEAD2 46 select CRYPTO_ALGAPI 47 48config CRYPTO_AEAD2 49 tristate 50 select CRYPTO_ALGAPI2 51 select CRYPTO_NULL2 52 select CRYPTO_RNG2 53 54config CRYPTO_BLKCIPHER 55 tristate 56 select CRYPTO_BLKCIPHER2 57 select CRYPTO_ALGAPI 58 59config CRYPTO_BLKCIPHER2 60 tristate 61 select CRYPTO_ALGAPI2 62 select CRYPTO_RNG2 63 select CRYPTO_WORKQUEUE 64 65config CRYPTO_HASH 66 tristate 67 select CRYPTO_HASH2 68 select CRYPTO_ALGAPI 69 70config CRYPTO_HASH2 71 tristate 72 select CRYPTO_ALGAPI2 73 74config CRYPTO_RNG 75 tristate 76 select CRYPTO_RNG2 77 select CRYPTO_ALGAPI 78 79config CRYPTO_RNG2 80 tristate 81 select CRYPTO_ALGAPI2 82 83config CRYPTO_RNG_DEFAULT 84 tristate 85 select CRYPTO_DRBG_MENU 86 87config CRYPTO_PCOMP 88 tristate 89 select CRYPTO_PCOMP2 90 select CRYPTO_ALGAPI 91 92config CRYPTO_PCOMP2 93 tristate 94 select CRYPTO_ALGAPI2 95 96config CRYPTO_AKCIPHER2 97 tristate 98 select CRYPTO_ALGAPI2 99 100config CRYPTO_AKCIPHER 101 tristate 102 select CRYPTO_AKCIPHER2 103 select CRYPTO_ALGAPI 104 105config CRYPTO_RSA 106 tristate "RSA algorithm" 107 select CRYPTO_AKCIPHER 108 select MPILIB 109 select ASN1 110 help 111 Generic implementation of the RSA public key algorithm. 112 113config CRYPTO_MANAGER 114 tristate "Cryptographic algorithm manager" 115 select CRYPTO_MANAGER2 116 help 117 Create default cryptographic template instantiations such as 118 cbc(aes). 119 120config CRYPTO_MANAGER2 121 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 122 select CRYPTO_AEAD2 123 select CRYPTO_HASH2 124 select CRYPTO_BLKCIPHER2 125 select CRYPTO_PCOMP2 126 select CRYPTO_AKCIPHER2 127 128config CRYPTO_USER 129 tristate "Userspace cryptographic algorithm configuration" 130 depends on NET 131 select CRYPTO_MANAGER 132 help 133 Userspace configuration for cryptographic instantiations such as 134 cbc(aes). 135 136config CRYPTO_MANAGER_DISABLE_TESTS 137 bool "Disable run-time self tests" 138 default y 139 depends on CRYPTO_MANAGER2 140 help 141 Disable run-time self tests that normally take place at 142 algorithm registration. 143 144config CRYPTO_GF128MUL 145 tristate "GF(2^128) multiplication functions" 146 help 147 Efficient table driven implementation of multiplications in the 148 field GF(2^128). This is needed by some cypher modes. This 149 option will be selected automatically if you select such a 150 cipher mode. Only select this option by hand if you expect to load 151 an external module that requires these functions. 152 153config CRYPTO_NULL 154 tristate "Null algorithms" 155 select CRYPTO_NULL2 156 help 157 These are 'Null' algorithms, used by IPsec, which do nothing. 158 159config CRYPTO_NULL2 160 tristate 161 select CRYPTO_ALGAPI2 162 select CRYPTO_BLKCIPHER2 163 select CRYPTO_HASH2 164 165config CRYPTO_PCRYPT 166 tristate "Parallel crypto engine" 167 depends on SMP 168 select PADATA 169 select CRYPTO_MANAGER 170 select CRYPTO_AEAD 171 help 172 This converts an arbitrary crypto algorithm into a parallel 173 algorithm that executes in kernel threads. 174 175config CRYPTO_WORKQUEUE 176 tristate 177 178config CRYPTO_CRYPTD 179 tristate "Software async crypto daemon" 180 select CRYPTO_BLKCIPHER 181 select CRYPTO_HASH 182 select CRYPTO_MANAGER 183 select CRYPTO_WORKQUEUE 184 help 185 This is a generic software asynchronous crypto daemon that 186 converts an arbitrary synchronous software crypto algorithm 187 into an asynchronous algorithm that executes in a kernel thread. 188 189config CRYPTO_MCRYPTD 190 tristate "Software async multi-buffer crypto daemon" 191 select CRYPTO_BLKCIPHER 192 select CRYPTO_HASH 193 select CRYPTO_MANAGER 194 select CRYPTO_WORKQUEUE 195 help 196 This is a generic software asynchronous crypto daemon that 197 provides the kernel thread to assist multi-buffer crypto 198 algorithms for submitting jobs and flushing jobs in multi-buffer 199 crypto algorithms. Multi-buffer crypto algorithms are executed 200 in the context of this kernel thread and drivers can post 201 their crypto request asynchronously to be processed by this daemon. 202 203config CRYPTO_AUTHENC 204 tristate "Authenc support" 205 select CRYPTO_AEAD 206 select CRYPTO_BLKCIPHER 207 select CRYPTO_MANAGER 208 select CRYPTO_HASH 209 select CRYPTO_NULL 210 help 211 Authenc: Combined mode wrapper for IPsec. 212 This is required for IPSec. 213 214config CRYPTO_TEST 215 tristate "Testing module" 216 depends on m 217 select CRYPTO_MANAGER 218 help 219 Quick & dirty crypto test module. 220 221config CRYPTO_ABLK_HELPER 222 tristate 223 select CRYPTO_CRYPTD 224 225config CRYPTO_GLUE_HELPER_X86 226 tristate 227 depends on X86 228 select CRYPTO_ALGAPI 229 230comment "Authenticated Encryption with Associated Data" 231 232config CRYPTO_CCM 233 tristate "CCM support" 234 select CRYPTO_CTR 235 select CRYPTO_AEAD 236 help 237 Support for Counter with CBC MAC. Required for IPsec. 238 239config CRYPTO_GCM 240 tristate "GCM/GMAC support" 241 select CRYPTO_CTR 242 select CRYPTO_AEAD 243 select CRYPTO_GHASH 244 select CRYPTO_NULL 245 help 246 Support for Galois/Counter Mode (GCM) and Galois Message 247 Authentication Code (GMAC). Required for IPSec. 248 249config CRYPTO_CHACHA20POLY1305 250 tristate "ChaCha20-Poly1305 AEAD support" 251 select CRYPTO_CHACHA20 252 select CRYPTO_POLY1305 253 select CRYPTO_AEAD 254 help 255 ChaCha20-Poly1305 AEAD support, RFC7539. 256 257 Support for the AEAD wrapper using the ChaCha20 stream cipher combined 258 with the Poly1305 authenticator. It is defined in RFC7539 for use in 259 IETF protocols. 260 261config CRYPTO_SEQIV 262 tristate "Sequence Number IV Generator" 263 select CRYPTO_AEAD 264 select CRYPTO_BLKCIPHER 265 select CRYPTO_NULL 266 select CRYPTO_RNG_DEFAULT 267 help 268 This IV generator generates an IV based on a sequence number by 269 xoring it with a salt. This algorithm is mainly useful for CTR 270 271config CRYPTO_ECHAINIV 272 tristate "Encrypted Chain IV Generator" 273 select CRYPTO_AEAD 274 select CRYPTO_NULL 275 select CRYPTO_RNG_DEFAULT 276 default m 277 help 278 This IV generator generates an IV based on the encryption of 279 a sequence number xored with a salt. This is the default 280 algorithm for CBC. 281 282comment "Block modes" 283 284config CRYPTO_CBC 285 tristate "CBC support" 286 select CRYPTO_BLKCIPHER 287 select CRYPTO_MANAGER 288 help 289 CBC: Cipher Block Chaining mode 290 This block cipher algorithm is required for IPSec. 291 292config CRYPTO_CTR 293 tristate "CTR support" 294 select CRYPTO_BLKCIPHER 295 select CRYPTO_SEQIV 296 select CRYPTO_MANAGER 297 help 298 CTR: Counter mode 299 This block cipher algorithm is required for IPSec. 300 301config CRYPTO_CTS 302 tristate "CTS support" 303 select CRYPTO_BLKCIPHER 304 help 305 CTS: Cipher Text Stealing 306 This is the Cipher Text Stealing mode as described by 307 Section 8 of rfc2040 and referenced by rfc3962. 308 (rfc3962 includes errata information in its Appendix A) 309 This mode is required for Kerberos gss mechanism support 310 for AES encryption. 311 312config CRYPTO_ECB 313 tristate "ECB support" 314 select CRYPTO_BLKCIPHER 315 select CRYPTO_MANAGER 316 help 317 ECB: Electronic CodeBook mode 318 This is the simplest block cipher algorithm. It simply encrypts 319 the input block by block. 320 321config CRYPTO_LRW 322 tristate "LRW support" 323 select CRYPTO_BLKCIPHER 324 select CRYPTO_MANAGER 325 select CRYPTO_GF128MUL 326 help 327 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 328 narrow block cipher mode for dm-crypt. Use it with cipher 329 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 330 The first 128, 192 or 256 bits in the key are used for AES and the 331 rest is used to tie each cipher block to its logical position. 332 333config CRYPTO_PCBC 334 tristate "PCBC support" 335 select CRYPTO_BLKCIPHER 336 select CRYPTO_MANAGER 337 help 338 PCBC: Propagating Cipher Block Chaining mode 339 This block cipher algorithm is required for RxRPC. 340 341config CRYPTO_XTS 342 tristate "XTS support" 343 select CRYPTO_BLKCIPHER 344 select CRYPTO_MANAGER 345 select CRYPTO_GF128MUL 346 help 347 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 348 key size 256, 384 or 512 bits. This implementation currently 349 can't handle a sectorsize which is not a multiple of 16 bytes. 350 351comment "Hash modes" 352 353config CRYPTO_CMAC 354 tristate "CMAC support" 355 select CRYPTO_HASH 356 select CRYPTO_MANAGER 357 help 358 Cipher-based Message Authentication Code (CMAC) specified by 359 The National Institute of Standards and Technology (NIST). 360 361 https://tools.ietf.org/html/rfc4493 362 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf 363 364config CRYPTO_HMAC 365 tristate "HMAC support" 366 select CRYPTO_HASH 367 select CRYPTO_MANAGER 368 help 369 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 370 This is required for IPSec. 371 372config CRYPTO_XCBC 373 tristate "XCBC support" 374 select CRYPTO_HASH 375 select CRYPTO_MANAGER 376 help 377 XCBC: Keyed-Hashing with encryption algorithm 378 http://www.ietf.org/rfc/rfc3566.txt 379 http://csrc.nist.gov/encryption/modes/proposedmodes/ 380 xcbc-mac/xcbc-mac-spec.pdf 381 382config CRYPTO_VMAC 383 tristate "VMAC support" 384 select CRYPTO_HASH 385 select CRYPTO_MANAGER 386 help 387 VMAC is a message authentication algorithm designed for 388 very high speed on 64-bit architectures. 389 390 See also: 391 <http://fastcrypto.org/vmac> 392 393comment "Digest" 394 395config CRYPTO_CRC32C 396 tristate "CRC32c CRC algorithm" 397 select CRYPTO_HASH 398 select CRC32 399 help 400 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 401 by iSCSI for header and data digests and by others. 402 See Castagnoli93. Module will be crc32c. 403 404config CRYPTO_CRC32C_INTEL 405 tristate "CRC32c INTEL hardware acceleration" 406 depends on X86 407 select CRYPTO_HASH 408 help 409 In Intel processor with SSE4.2 supported, the processor will 410 support CRC32C implementation using hardware accelerated CRC32 411 instruction. This option will create 'crc32c-intel' module, 412 which will enable any routine to use the CRC32 instruction to 413 gain performance compared with software implementation. 414 Module will be crc32c-intel. 415 416config CRYPTO_CRC32C_SPARC64 417 tristate "CRC32c CRC algorithm (SPARC64)" 418 depends on SPARC64 419 select CRYPTO_HASH 420 select CRC32 421 help 422 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 423 when available. 424 425config CRYPTO_CRC32 426 tristate "CRC32 CRC algorithm" 427 select CRYPTO_HASH 428 select CRC32 429 help 430 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm. 431 Shash crypto api wrappers to crc32_le function. 432 433config CRYPTO_CRC32_PCLMUL 434 tristate "CRC32 PCLMULQDQ hardware acceleration" 435 depends on X86 436 select CRYPTO_HASH 437 select CRC32 438 help 439 From Intel Westmere and AMD Bulldozer processor with SSE4.2 440 and PCLMULQDQ supported, the processor will support 441 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ 442 instruction. This option will create 'crc32-plcmul' module, 443 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 444 and gain better performance as compared with the table implementation. 445 446config CRYPTO_CRCT10DIF 447 tristate "CRCT10DIF algorithm" 448 select CRYPTO_HASH 449 help 450 CRC T10 Data Integrity Field computation is being cast as 451 a crypto transform. This allows for faster crc t10 diff 452 transforms to be used if they are available. 453 454config CRYPTO_CRCT10DIF_PCLMUL 455 tristate "CRCT10DIF PCLMULQDQ hardware acceleration" 456 depends on X86 && 64BIT && CRC_T10DIF 457 select CRYPTO_HASH 458 help 459 For x86_64 processors with SSE4.2 and PCLMULQDQ supported, 460 CRC T10 DIF PCLMULQDQ computation can be hardware 461 accelerated PCLMULQDQ instruction. This option will create 462 'crct10dif-plcmul' module, which is faster when computing the 463 crct10dif checksum as compared with the generic table implementation. 464 465config CRYPTO_GHASH 466 tristate "GHASH digest algorithm" 467 select CRYPTO_GF128MUL 468 help 469 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 470 471config CRYPTO_POLY1305 472 tristate "Poly1305 authenticator algorithm" 473 help 474 Poly1305 authenticator algorithm, RFC7539. 475 476 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein. 477 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use 478 in IETF protocols. This is the portable C implementation of Poly1305. 479 480config CRYPTO_POLY1305_X86_64 481 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)" 482 depends on X86 && 64BIT 483 select CRYPTO_POLY1305 484 help 485 Poly1305 authenticator algorithm, RFC7539. 486 487 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein. 488 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use 489 in IETF protocols. This is the x86_64 assembler implementation using SIMD 490 instructions. 491 492config CRYPTO_MD4 493 tristate "MD4 digest algorithm" 494 select CRYPTO_HASH 495 help 496 MD4 message digest algorithm (RFC1320). 497 498config CRYPTO_MD5 499 tristate "MD5 digest algorithm" 500 select CRYPTO_HASH 501 help 502 MD5 message digest algorithm (RFC1321). 503 504config CRYPTO_MD5_OCTEON 505 tristate "MD5 digest algorithm (OCTEON)" 506 depends on CPU_CAVIUM_OCTEON 507 select CRYPTO_MD5 508 select CRYPTO_HASH 509 help 510 MD5 message digest algorithm (RFC1321) implemented 511 using OCTEON crypto instructions, when available. 512 513config CRYPTO_MD5_PPC 514 tristate "MD5 digest algorithm (PPC)" 515 depends on PPC 516 select CRYPTO_HASH 517 help 518 MD5 message digest algorithm (RFC1321) implemented 519 in PPC assembler. 520 521config CRYPTO_MD5_SPARC64 522 tristate "MD5 digest algorithm (SPARC64)" 523 depends on SPARC64 524 select CRYPTO_MD5 525 select CRYPTO_HASH 526 help 527 MD5 message digest algorithm (RFC1321) implemented 528 using sparc64 crypto instructions, when available. 529 530config CRYPTO_MICHAEL_MIC 531 tristate "Michael MIC keyed digest algorithm" 532 select CRYPTO_HASH 533 help 534 Michael MIC is used for message integrity protection in TKIP 535 (IEEE 802.11i). This algorithm is required for TKIP, but it 536 should not be used for other purposes because of the weakness 537 of the algorithm. 538 539config CRYPTO_RMD128 540 tristate "RIPEMD-128 digest algorithm" 541 select CRYPTO_HASH 542 help 543 RIPEMD-128 (ISO/IEC 10118-3:2004). 544 545 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 546 be used as a secure replacement for RIPEMD. For other use cases, 547 RIPEMD-160 should be used. 548 549 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 550 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 551 552config CRYPTO_RMD160 553 tristate "RIPEMD-160 digest algorithm" 554 select CRYPTO_HASH 555 help 556 RIPEMD-160 (ISO/IEC 10118-3:2004). 557 558 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 559 to be used as a secure replacement for the 128-bit hash functions 560 MD4, MD5 and it's predecessor RIPEMD 561 (not to be confused with RIPEMD-128). 562 563 It's speed is comparable to SHA1 and there are no known attacks 564 against RIPEMD-160. 565 566 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 567 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 568 569config CRYPTO_RMD256 570 tristate "RIPEMD-256 digest algorithm" 571 select CRYPTO_HASH 572 help 573 RIPEMD-256 is an optional extension of RIPEMD-128 with a 574 256 bit hash. It is intended for applications that require 575 longer hash-results, without needing a larger security level 576 (than RIPEMD-128). 577 578 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 579 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 580 581config CRYPTO_RMD320 582 tristate "RIPEMD-320 digest algorithm" 583 select CRYPTO_HASH 584 help 585 RIPEMD-320 is an optional extension of RIPEMD-160 with a 586 320 bit hash. It is intended for applications that require 587 longer hash-results, without needing a larger security level 588 (than RIPEMD-160). 589 590 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 591 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 592 593config CRYPTO_SHA1 594 tristate "SHA1 digest algorithm" 595 select CRYPTO_HASH 596 help 597 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 598 599config CRYPTO_SHA1_SSSE3 600 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)" 601 depends on X86 && 64BIT 602 select CRYPTO_SHA1 603 select CRYPTO_HASH 604 help 605 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 606 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 607 Extensions (AVX/AVX2), when available. 608 609config CRYPTO_SHA256_SSSE3 610 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)" 611 depends on X86 && 64BIT 612 select CRYPTO_SHA256 613 select CRYPTO_HASH 614 help 615 SHA-256 secure hash standard (DFIPS 180-2) implemented 616 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 617 Extensions version 1 (AVX1), or Advanced Vector Extensions 618 version 2 (AVX2) instructions, when available. 619 620config CRYPTO_SHA512_SSSE3 621 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)" 622 depends on X86 && 64BIT 623 select CRYPTO_SHA512 624 select CRYPTO_HASH 625 help 626 SHA-512 secure hash standard (DFIPS 180-2) implemented 627 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 628 Extensions version 1 (AVX1), or Advanced Vector Extensions 629 version 2 (AVX2) instructions, when available. 630 631config CRYPTO_SHA1_OCTEON 632 tristate "SHA1 digest algorithm (OCTEON)" 633 depends on CPU_CAVIUM_OCTEON 634 select CRYPTO_SHA1 635 select CRYPTO_HASH 636 help 637 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 638 using OCTEON crypto instructions, when available. 639 640config CRYPTO_SHA1_SPARC64 641 tristate "SHA1 digest algorithm (SPARC64)" 642 depends on SPARC64 643 select CRYPTO_SHA1 644 select CRYPTO_HASH 645 help 646 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 647 using sparc64 crypto instructions, when available. 648 649config CRYPTO_SHA1_PPC 650 tristate "SHA1 digest algorithm (powerpc)" 651 depends on PPC 652 help 653 This is the powerpc hardware accelerated implementation of the 654 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 655 656config CRYPTO_SHA1_PPC_SPE 657 tristate "SHA1 digest algorithm (PPC SPE)" 658 depends on PPC && SPE 659 help 660 SHA-1 secure hash standard (DFIPS 180-4) implemented 661 using powerpc SPE SIMD instruction set. 662 663config CRYPTO_SHA1_MB 664 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)" 665 depends on X86 && 64BIT 666 select CRYPTO_SHA1 667 select CRYPTO_HASH 668 select CRYPTO_MCRYPTD 669 help 670 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 671 using multi-buffer technique. This algorithm computes on 672 multiple data lanes concurrently with SIMD instructions for 673 better throughput. It should not be enabled by default but 674 used when there is significant amount of work to keep the keep 675 the data lanes filled to get performance benefit. If the data 676 lanes remain unfilled, a flush operation will be initiated to 677 process the crypto jobs, adding a slight latency. 678 679config CRYPTO_SHA256 680 tristate "SHA224 and SHA256 digest algorithm" 681 select CRYPTO_HASH 682 help 683 SHA256 secure hash standard (DFIPS 180-2). 684 685 This version of SHA implements a 256 bit hash with 128 bits of 686 security against collision attacks. 687 688 This code also includes SHA-224, a 224 bit hash with 112 bits 689 of security against collision attacks. 690 691config CRYPTO_SHA256_PPC_SPE 692 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)" 693 depends on PPC && SPE 694 select CRYPTO_SHA256 695 select CRYPTO_HASH 696 help 697 SHA224 and SHA256 secure hash standard (DFIPS 180-2) 698 implemented using powerpc SPE SIMD instruction set. 699 700config CRYPTO_SHA256_OCTEON 701 tristate "SHA224 and SHA256 digest algorithm (OCTEON)" 702 depends on CPU_CAVIUM_OCTEON 703 select CRYPTO_SHA256 704 select CRYPTO_HASH 705 help 706 SHA-256 secure hash standard (DFIPS 180-2) implemented 707 using OCTEON crypto instructions, when available. 708 709config CRYPTO_SHA256_SPARC64 710 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 711 depends on SPARC64 712 select CRYPTO_SHA256 713 select CRYPTO_HASH 714 help 715 SHA-256 secure hash standard (DFIPS 180-2) implemented 716 using sparc64 crypto instructions, when available. 717 718config CRYPTO_SHA512 719 tristate "SHA384 and SHA512 digest algorithms" 720 select CRYPTO_HASH 721 help 722 SHA512 secure hash standard (DFIPS 180-2). 723 724 This version of SHA implements a 512 bit hash with 256 bits of 725 security against collision attacks. 726 727 This code also includes SHA-384, a 384 bit hash with 192 bits 728 of security against collision attacks. 729 730config CRYPTO_SHA512_OCTEON 731 tristate "SHA384 and SHA512 digest algorithms (OCTEON)" 732 depends on CPU_CAVIUM_OCTEON 733 select CRYPTO_SHA512 734 select CRYPTO_HASH 735 help 736 SHA-512 secure hash standard (DFIPS 180-2) implemented 737 using OCTEON crypto instructions, when available. 738 739config CRYPTO_SHA512_SPARC64 740 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 741 depends on SPARC64 742 select CRYPTO_SHA512 743 select CRYPTO_HASH 744 help 745 SHA-512 secure hash standard (DFIPS 180-2) implemented 746 using sparc64 crypto instructions, when available. 747 748config CRYPTO_TGR192 749 tristate "Tiger digest algorithms" 750 select CRYPTO_HASH 751 help 752 Tiger hash algorithm 192, 160 and 128-bit hashes 753 754 Tiger is a hash function optimized for 64-bit processors while 755 still having decent performance on 32-bit processors. 756 Tiger was developed by Ross Anderson and Eli Biham. 757 758 See also: 759 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 760 761config CRYPTO_WP512 762 tristate "Whirlpool digest algorithms" 763 select CRYPTO_HASH 764 help 765 Whirlpool hash algorithm 512, 384 and 256-bit hashes 766 767 Whirlpool-512 is part of the NESSIE cryptographic primitives. 768 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 769 770 See also: 771 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 772 773config CRYPTO_GHASH_CLMUL_NI_INTEL 774 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 775 depends on X86 && 64BIT 776 select CRYPTO_CRYPTD 777 help 778 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 779 The implementation is accelerated by CLMUL-NI of Intel. 780 781comment "Ciphers" 782 783config CRYPTO_AES 784 tristate "AES cipher algorithms" 785 select CRYPTO_ALGAPI 786 help 787 AES cipher algorithms (FIPS-197). AES uses the Rijndael 788 algorithm. 789 790 Rijndael appears to be consistently a very good performer in 791 both hardware and software across a wide range of computing 792 environments regardless of its use in feedback or non-feedback 793 modes. Its key setup time is excellent, and its key agility is 794 good. Rijndael's very low memory requirements make it very well 795 suited for restricted-space environments, in which it also 796 demonstrates excellent performance. Rijndael's operations are 797 among the easiest to defend against power and timing attacks. 798 799 The AES specifies three key sizes: 128, 192 and 256 bits 800 801 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 802 803config CRYPTO_AES_586 804 tristate "AES cipher algorithms (i586)" 805 depends on (X86 || UML_X86) && !64BIT 806 select CRYPTO_ALGAPI 807 select CRYPTO_AES 808 help 809 AES cipher algorithms (FIPS-197). AES uses the Rijndael 810 algorithm. 811 812 Rijndael appears to be consistently a very good performer in 813 both hardware and software across a wide range of computing 814 environments regardless of its use in feedback or non-feedback 815 modes. Its key setup time is excellent, and its key agility is 816 good. Rijndael's very low memory requirements make it very well 817 suited for restricted-space environments, in which it also 818 demonstrates excellent performance. Rijndael's operations are 819 among the easiest to defend against power and timing attacks. 820 821 The AES specifies three key sizes: 128, 192 and 256 bits 822 823 See <http://csrc.nist.gov/encryption/aes/> for more information. 824 825config CRYPTO_AES_X86_64 826 tristate "AES cipher algorithms (x86_64)" 827 depends on (X86 || UML_X86) && 64BIT 828 select CRYPTO_ALGAPI 829 select CRYPTO_AES 830 help 831 AES cipher algorithms (FIPS-197). AES uses the Rijndael 832 algorithm. 833 834 Rijndael appears to be consistently a very good performer in 835 both hardware and software across a wide range of computing 836 environments regardless of its use in feedback or non-feedback 837 modes. Its key setup time is excellent, and its key agility is 838 good. Rijndael's very low memory requirements make it very well 839 suited for restricted-space environments, in which it also 840 demonstrates excellent performance. Rijndael's operations are 841 among the easiest to defend against power and timing attacks. 842 843 The AES specifies three key sizes: 128, 192 and 256 bits 844 845 See <http://csrc.nist.gov/encryption/aes/> for more information. 846 847config CRYPTO_AES_NI_INTEL 848 tristate "AES cipher algorithms (AES-NI)" 849 depends on X86 850 select CRYPTO_AES_X86_64 if 64BIT 851 select CRYPTO_AES_586 if !64BIT 852 select CRYPTO_CRYPTD 853 select CRYPTO_ABLK_HELPER 854 select CRYPTO_ALGAPI 855 select CRYPTO_GLUE_HELPER_X86 if 64BIT 856 select CRYPTO_LRW 857 select CRYPTO_XTS 858 help 859 Use Intel AES-NI instructions for AES algorithm. 860 861 AES cipher algorithms (FIPS-197). AES uses the Rijndael 862 algorithm. 863 864 Rijndael appears to be consistently a very good performer in 865 both hardware and software across a wide range of computing 866 environments regardless of its use in feedback or non-feedback 867 modes. Its key setup time is excellent, and its key agility is 868 good. Rijndael's very low memory requirements make it very well 869 suited for restricted-space environments, in which it also 870 demonstrates excellent performance. Rijndael's operations are 871 among the easiest to defend against power and timing attacks. 872 873 The AES specifies three key sizes: 128, 192 and 256 bits 874 875 See <http://csrc.nist.gov/encryption/aes/> for more information. 876 877 In addition to AES cipher algorithm support, the acceleration 878 for some popular block cipher mode is supported too, including 879 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 880 acceleration for CTR. 881 882config CRYPTO_AES_SPARC64 883 tristate "AES cipher algorithms (SPARC64)" 884 depends on SPARC64 885 select CRYPTO_CRYPTD 886 select CRYPTO_ALGAPI 887 help 888 Use SPARC64 crypto opcodes for AES algorithm. 889 890 AES cipher algorithms (FIPS-197). AES uses the Rijndael 891 algorithm. 892 893 Rijndael appears to be consistently a very good performer in 894 both hardware and software across a wide range of computing 895 environments regardless of its use in feedback or non-feedback 896 modes. Its key setup time is excellent, and its key agility is 897 good. Rijndael's very low memory requirements make it very well 898 suited for restricted-space environments, in which it also 899 demonstrates excellent performance. Rijndael's operations are 900 among the easiest to defend against power and timing attacks. 901 902 The AES specifies three key sizes: 128, 192 and 256 bits 903 904 See <http://csrc.nist.gov/encryption/aes/> for more information. 905 906 In addition to AES cipher algorithm support, the acceleration 907 for some popular block cipher mode is supported too, including 908 ECB and CBC. 909 910config CRYPTO_AES_PPC_SPE 911 tristate "AES cipher algorithms (PPC SPE)" 912 depends on PPC && SPE 913 help 914 AES cipher algorithms (FIPS-197). Additionally the acceleration 915 for popular block cipher modes ECB, CBC, CTR and XTS is supported. 916 This module should only be used for low power (router) devices 917 without hardware AES acceleration (e.g. caam crypto). It reduces the 918 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates 919 timining attacks. Nevertheless it might be not as secure as other 920 architecture specific assembler implementations that work on 1KB 921 tables or 256 bytes S-boxes. 922 923config CRYPTO_ANUBIS 924 tristate "Anubis cipher algorithm" 925 select CRYPTO_ALGAPI 926 help 927 Anubis cipher algorithm. 928 929 Anubis is a variable key length cipher which can use keys from 930 128 bits to 320 bits in length. It was evaluated as a entrant 931 in the NESSIE competition. 932 933 See also: 934 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 935 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 936 937config CRYPTO_ARC4 938 tristate "ARC4 cipher algorithm" 939 select CRYPTO_BLKCIPHER 940 help 941 ARC4 cipher algorithm. 942 943 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 944 bits in length. This algorithm is required for driver-based 945 WEP, but it should not be for other purposes because of the 946 weakness of the algorithm. 947 948config CRYPTO_BLOWFISH 949 tristate "Blowfish cipher algorithm" 950 select CRYPTO_ALGAPI 951 select CRYPTO_BLOWFISH_COMMON 952 help 953 Blowfish cipher algorithm, by Bruce Schneier. 954 955 This is a variable key length cipher which can use keys from 32 956 bits to 448 bits in length. It's fast, simple and specifically 957 designed for use on "large microprocessors". 958 959 See also: 960 <http://www.schneier.com/blowfish.html> 961 962config CRYPTO_BLOWFISH_COMMON 963 tristate 964 help 965 Common parts of the Blowfish cipher algorithm shared by the 966 generic c and the assembler implementations. 967 968 See also: 969 <http://www.schneier.com/blowfish.html> 970 971config CRYPTO_BLOWFISH_X86_64 972 tristate "Blowfish cipher algorithm (x86_64)" 973 depends on X86 && 64BIT 974 select CRYPTO_ALGAPI 975 select CRYPTO_BLOWFISH_COMMON 976 help 977 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 978 979 This is a variable key length cipher which can use keys from 32 980 bits to 448 bits in length. It's fast, simple and specifically 981 designed for use on "large microprocessors". 982 983 See also: 984 <http://www.schneier.com/blowfish.html> 985 986config CRYPTO_CAMELLIA 987 tristate "Camellia cipher algorithms" 988 depends on CRYPTO 989 select CRYPTO_ALGAPI 990 help 991 Camellia cipher algorithms module. 992 993 Camellia is a symmetric key block cipher developed jointly 994 at NTT and Mitsubishi Electric Corporation. 995 996 The Camellia specifies three key sizes: 128, 192 and 256 bits. 997 998 See also: 999 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1000 1001config CRYPTO_CAMELLIA_X86_64 1002 tristate "Camellia cipher algorithm (x86_64)" 1003 depends on X86 && 64BIT 1004 depends on CRYPTO 1005 select CRYPTO_ALGAPI 1006 select CRYPTO_GLUE_HELPER_X86 1007 select CRYPTO_LRW 1008 select CRYPTO_XTS 1009 help 1010 Camellia cipher algorithm module (x86_64). 1011 1012 Camellia is a symmetric key block cipher developed jointly 1013 at NTT and Mitsubishi Electric Corporation. 1014 1015 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1016 1017 See also: 1018 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1019 1020config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 1021 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 1022 depends on X86 && 64BIT 1023 depends on CRYPTO 1024 select CRYPTO_ALGAPI 1025 select CRYPTO_CRYPTD 1026 select CRYPTO_ABLK_HELPER 1027 select CRYPTO_GLUE_HELPER_X86 1028 select CRYPTO_CAMELLIA_X86_64 1029 select CRYPTO_LRW 1030 select CRYPTO_XTS 1031 help 1032 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 1033 1034 Camellia is a symmetric key block cipher developed jointly 1035 at NTT and Mitsubishi Electric Corporation. 1036 1037 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1038 1039 See also: 1040 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1041 1042config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 1043 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)" 1044 depends on X86 && 64BIT 1045 depends on CRYPTO 1046 select CRYPTO_ALGAPI 1047 select CRYPTO_CRYPTD 1048 select CRYPTO_ABLK_HELPER 1049 select CRYPTO_GLUE_HELPER_X86 1050 select CRYPTO_CAMELLIA_X86_64 1051 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64 1052 select CRYPTO_LRW 1053 select CRYPTO_XTS 1054 help 1055 Camellia cipher algorithm module (x86_64/AES-NI/AVX2). 1056 1057 Camellia is a symmetric key block cipher developed jointly 1058 at NTT and Mitsubishi Electric Corporation. 1059 1060 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1061 1062 See also: 1063 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1064 1065config CRYPTO_CAMELLIA_SPARC64 1066 tristate "Camellia cipher algorithm (SPARC64)" 1067 depends on SPARC64 1068 depends on CRYPTO 1069 select CRYPTO_ALGAPI 1070 help 1071 Camellia cipher algorithm module (SPARC64). 1072 1073 Camellia is a symmetric key block cipher developed jointly 1074 at NTT and Mitsubishi Electric Corporation. 1075 1076 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1077 1078 See also: 1079 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1080 1081config CRYPTO_CAST_COMMON 1082 tristate 1083 help 1084 Common parts of the CAST cipher algorithms shared by the 1085 generic c and the assembler implementations. 1086 1087config CRYPTO_CAST5 1088 tristate "CAST5 (CAST-128) cipher algorithm" 1089 select CRYPTO_ALGAPI 1090 select CRYPTO_CAST_COMMON 1091 help 1092 The CAST5 encryption algorithm (synonymous with CAST-128) is 1093 described in RFC2144. 1094 1095config CRYPTO_CAST5_AVX_X86_64 1096 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 1097 depends on X86 && 64BIT 1098 select CRYPTO_ALGAPI 1099 select CRYPTO_CRYPTD 1100 select CRYPTO_ABLK_HELPER 1101 select CRYPTO_CAST_COMMON 1102 select CRYPTO_CAST5 1103 help 1104 The CAST5 encryption algorithm (synonymous with CAST-128) is 1105 described in RFC2144. 1106 1107 This module provides the Cast5 cipher algorithm that processes 1108 sixteen blocks parallel using the AVX instruction set. 1109 1110config CRYPTO_CAST6 1111 tristate "CAST6 (CAST-256) cipher algorithm" 1112 select CRYPTO_ALGAPI 1113 select CRYPTO_CAST_COMMON 1114 help 1115 The CAST6 encryption algorithm (synonymous with CAST-256) is 1116 described in RFC2612. 1117 1118config CRYPTO_CAST6_AVX_X86_64 1119 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 1120 depends on X86 && 64BIT 1121 select CRYPTO_ALGAPI 1122 select CRYPTO_CRYPTD 1123 select CRYPTO_ABLK_HELPER 1124 select CRYPTO_GLUE_HELPER_X86 1125 select CRYPTO_CAST_COMMON 1126 select CRYPTO_CAST6 1127 select CRYPTO_LRW 1128 select CRYPTO_XTS 1129 help 1130 The CAST6 encryption algorithm (synonymous with CAST-256) is 1131 described in RFC2612. 1132 1133 This module provides the Cast6 cipher algorithm that processes 1134 eight blocks parallel using the AVX instruction set. 1135 1136config CRYPTO_DES 1137 tristate "DES and Triple DES EDE cipher algorithms" 1138 select CRYPTO_ALGAPI 1139 help 1140 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 1141 1142config CRYPTO_DES_SPARC64 1143 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 1144 depends on SPARC64 1145 select CRYPTO_ALGAPI 1146 select CRYPTO_DES 1147 help 1148 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 1149 optimized using SPARC64 crypto opcodes. 1150 1151config CRYPTO_DES3_EDE_X86_64 1152 tristate "Triple DES EDE cipher algorithm (x86-64)" 1153 depends on X86 && 64BIT 1154 select CRYPTO_ALGAPI 1155 select CRYPTO_DES 1156 help 1157 Triple DES EDE (FIPS 46-3) algorithm. 1158 1159 This module provides implementation of the Triple DES EDE cipher 1160 algorithm that is optimized for x86-64 processors. Two versions of 1161 algorithm are provided; regular processing one input block and 1162 one that processes three blocks parallel. 1163 1164config CRYPTO_FCRYPT 1165 tristate "FCrypt cipher algorithm" 1166 select CRYPTO_ALGAPI 1167 select CRYPTO_BLKCIPHER 1168 help 1169 FCrypt algorithm used by RxRPC. 1170 1171config CRYPTO_KHAZAD 1172 tristate "Khazad cipher algorithm" 1173 select CRYPTO_ALGAPI 1174 help 1175 Khazad cipher algorithm. 1176 1177 Khazad was a finalist in the initial NESSIE competition. It is 1178 an algorithm optimized for 64-bit processors with good performance 1179 on 32-bit processors. Khazad uses an 128 bit key size. 1180 1181 See also: 1182 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 1183 1184config CRYPTO_SALSA20 1185 tristate "Salsa20 stream cipher algorithm" 1186 select CRYPTO_BLKCIPHER 1187 help 1188 Salsa20 stream cipher algorithm. 1189 1190 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1191 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1192 1193 The Salsa20 stream cipher algorithm is designed by Daniel J. 1194 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1195 1196config CRYPTO_SALSA20_586 1197 tristate "Salsa20 stream cipher algorithm (i586)" 1198 depends on (X86 || UML_X86) && !64BIT 1199 select CRYPTO_BLKCIPHER 1200 help 1201 Salsa20 stream cipher algorithm. 1202 1203 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1204 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1205 1206 The Salsa20 stream cipher algorithm is designed by Daniel J. 1207 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1208 1209config CRYPTO_SALSA20_X86_64 1210 tristate "Salsa20 stream cipher algorithm (x86_64)" 1211 depends on (X86 || UML_X86) && 64BIT 1212 select CRYPTO_BLKCIPHER 1213 help 1214 Salsa20 stream cipher algorithm. 1215 1216 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1217 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1218 1219 The Salsa20 stream cipher algorithm is designed by Daniel J. 1220 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1221 1222config CRYPTO_CHACHA20 1223 tristate "ChaCha20 cipher algorithm" 1224 select CRYPTO_BLKCIPHER 1225 help 1226 ChaCha20 cipher algorithm, RFC7539. 1227 1228 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. 1229 Bernstein and further specified in RFC7539 for use in IETF protocols. 1230 This is the portable C implementation of ChaCha20. 1231 1232 See also: 1233 <http://cr.yp.to/chacha/chacha-20080128.pdf> 1234 1235config CRYPTO_CHACHA20_X86_64 1236 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)" 1237 depends on X86 && 64BIT 1238 select CRYPTO_BLKCIPHER 1239 select CRYPTO_CHACHA20 1240 help 1241 ChaCha20 cipher algorithm, RFC7539. 1242 1243 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. 1244 Bernstein and further specified in RFC7539 for use in IETF protocols. 1245 This is the x86_64 assembler implementation using SIMD instructions. 1246 1247 See also: 1248 <http://cr.yp.to/chacha/chacha-20080128.pdf> 1249 1250config CRYPTO_SEED 1251 tristate "SEED cipher algorithm" 1252 select CRYPTO_ALGAPI 1253 help 1254 SEED cipher algorithm (RFC4269). 1255 1256 SEED is a 128-bit symmetric key block cipher that has been 1257 developed by KISA (Korea Information Security Agency) as a 1258 national standard encryption algorithm of the Republic of Korea. 1259 It is a 16 round block cipher with the key size of 128 bit. 1260 1261 See also: 1262 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 1263 1264config CRYPTO_SERPENT 1265 tristate "Serpent cipher algorithm" 1266 select CRYPTO_ALGAPI 1267 help 1268 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1269 1270 Keys are allowed to be from 0 to 256 bits in length, in steps 1271 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 1272 variant of Serpent for compatibility with old kerneli.org code. 1273 1274 See also: 1275 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1276 1277config CRYPTO_SERPENT_SSE2_X86_64 1278 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1279 depends on X86 && 64BIT 1280 select CRYPTO_ALGAPI 1281 select CRYPTO_CRYPTD 1282 select CRYPTO_ABLK_HELPER 1283 select CRYPTO_GLUE_HELPER_X86 1284 select CRYPTO_SERPENT 1285 select CRYPTO_LRW 1286 select CRYPTO_XTS 1287 help 1288 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1289 1290 Keys are allowed to be from 0 to 256 bits in length, in steps 1291 of 8 bits. 1292 1293 This module provides Serpent cipher algorithm that processes eight 1294 blocks parallel using SSE2 instruction set. 1295 1296 See also: 1297 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1298 1299config CRYPTO_SERPENT_SSE2_586 1300 tristate "Serpent cipher algorithm (i586/SSE2)" 1301 depends on X86 && !64BIT 1302 select CRYPTO_ALGAPI 1303 select CRYPTO_CRYPTD 1304 select CRYPTO_ABLK_HELPER 1305 select CRYPTO_GLUE_HELPER_X86 1306 select CRYPTO_SERPENT 1307 select CRYPTO_LRW 1308 select CRYPTO_XTS 1309 help 1310 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1311 1312 Keys are allowed to be from 0 to 256 bits in length, in steps 1313 of 8 bits. 1314 1315 This module provides Serpent cipher algorithm that processes four 1316 blocks parallel using SSE2 instruction set. 1317 1318 See also: 1319 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1320 1321config CRYPTO_SERPENT_AVX_X86_64 1322 tristate "Serpent cipher algorithm (x86_64/AVX)" 1323 depends on X86 && 64BIT 1324 select CRYPTO_ALGAPI 1325 select CRYPTO_CRYPTD 1326 select CRYPTO_ABLK_HELPER 1327 select CRYPTO_GLUE_HELPER_X86 1328 select CRYPTO_SERPENT 1329 select CRYPTO_LRW 1330 select CRYPTO_XTS 1331 help 1332 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1333 1334 Keys are allowed to be from 0 to 256 bits in length, in steps 1335 of 8 bits. 1336 1337 This module provides the Serpent cipher algorithm that processes 1338 eight blocks parallel using the AVX instruction set. 1339 1340 See also: 1341 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1342 1343config CRYPTO_SERPENT_AVX2_X86_64 1344 tristate "Serpent cipher algorithm (x86_64/AVX2)" 1345 depends on X86 && 64BIT 1346 select CRYPTO_ALGAPI 1347 select CRYPTO_CRYPTD 1348 select CRYPTO_ABLK_HELPER 1349 select CRYPTO_GLUE_HELPER_X86 1350 select CRYPTO_SERPENT 1351 select CRYPTO_SERPENT_AVX_X86_64 1352 select CRYPTO_LRW 1353 select CRYPTO_XTS 1354 help 1355 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1356 1357 Keys are allowed to be from 0 to 256 bits in length, in steps 1358 of 8 bits. 1359 1360 This module provides Serpent cipher algorithm that processes 16 1361 blocks parallel using AVX2 instruction set. 1362 1363 See also: 1364 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1365 1366config CRYPTO_TEA 1367 tristate "TEA, XTEA and XETA cipher algorithms" 1368 select CRYPTO_ALGAPI 1369 help 1370 TEA cipher algorithm. 1371 1372 Tiny Encryption Algorithm is a simple cipher that uses 1373 many rounds for security. It is very fast and uses 1374 little memory. 1375 1376 Xtendend Tiny Encryption Algorithm is a modification to 1377 the TEA algorithm to address a potential key weakness 1378 in the TEA algorithm. 1379 1380 Xtendend Encryption Tiny Algorithm is a mis-implementation 1381 of the XTEA algorithm for compatibility purposes. 1382 1383config CRYPTO_TWOFISH 1384 tristate "Twofish cipher algorithm" 1385 select CRYPTO_ALGAPI 1386 select CRYPTO_TWOFISH_COMMON 1387 help 1388 Twofish cipher algorithm. 1389 1390 Twofish was submitted as an AES (Advanced Encryption Standard) 1391 candidate cipher by researchers at CounterPane Systems. It is a 1392 16 round block cipher supporting key sizes of 128, 192, and 256 1393 bits. 1394 1395 See also: 1396 <http://www.schneier.com/twofish.html> 1397 1398config CRYPTO_TWOFISH_COMMON 1399 tristate 1400 help 1401 Common parts of the Twofish cipher algorithm shared by the 1402 generic c and the assembler implementations. 1403 1404config CRYPTO_TWOFISH_586 1405 tristate "Twofish cipher algorithms (i586)" 1406 depends on (X86 || UML_X86) && !64BIT 1407 select CRYPTO_ALGAPI 1408 select CRYPTO_TWOFISH_COMMON 1409 help 1410 Twofish cipher algorithm. 1411 1412 Twofish was submitted as an AES (Advanced Encryption Standard) 1413 candidate cipher by researchers at CounterPane Systems. It is a 1414 16 round block cipher supporting key sizes of 128, 192, and 256 1415 bits. 1416 1417 See also: 1418 <http://www.schneier.com/twofish.html> 1419 1420config CRYPTO_TWOFISH_X86_64 1421 tristate "Twofish cipher algorithm (x86_64)" 1422 depends on (X86 || UML_X86) && 64BIT 1423 select CRYPTO_ALGAPI 1424 select CRYPTO_TWOFISH_COMMON 1425 help 1426 Twofish cipher algorithm (x86_64). 1427 1428 Twofish was submitted as an AES (Advanced Encryption Standard) 1429 candidate cipher by researchers at CounterPane Systems. It is a 1430 16 round block cipher supporting key sizes of 128, 192, and 256 1431 bits. 1432 1433 See also: 1434 <http://www.schneier.com/twofish.html> 1435 1436config CRYPTO_TWOFISH_X86_64_3WAY 1437 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1438 depends on X86 && 64BIT 1439 select CRYPTO_ALGAPI 1440 select CRYPTO_TWOFISH_COMMON 1441 select CRYPTO_TWOFISH_X86_64 1442 select CRYPTO_GLUE_HELPER_X86 1443 select CRYPTO_LRW 1444 select CRYPTO_XTS 1445 help 1446 Twofish cipher algorithm (x86_64, 3-way parallel). 1447 1448 Twofish was submitted as an AES (Advanced Encryption Standard) 1449 candidate cipher by researchers at CounterPane Systems. It is a 1450 16 round block cipher supporting key sizes of 128, 192, and 256 1451 bits. 1452 1453 This module provides Twofish cipher algorithm that processes three 1454 blocks parallel, utilizing resources of out-of-order CPUs better. 1455 1456 See also: 1457 <http://www.schneier.com/twofish.html> 1458 1459config CRYPTO_TWOFISH_AVX_X86_64 1460 tristate "Twofish cipher algorithm (x86_64/AVX)" 1461 depends on X86 && 64BIT 1462 select CRYPTO_ALGAPI 1463 select CRYPTO_CRYPTD 1464 select CRYPTO_ABLK_HELPER 1465 select CRYPTO_GLUE_HELPER_X86 1466 select CRYPTO_TWOFISH_COMMON 1467 select CRYPTO_TWOFISH_X86_64 1468 select CRYPTO_TWOFISH_X86_64_3WAY 1469 select CRYPTO_LRW 1470 select CRYPTO_XTS 1471 help 1472 Twofish cipher algorithm (x86_64/AVX). 1473 1474 Twofish was submitted as an AES (Advanced Encryption Standard) 1475 candidate cipher by researchers at CounterPane Systems. It is a 1476 16 round block cipher supporting key sizes of 128, 192, and 256 1477 bits. 1478 1479 This module provides the Twofish cipher algorithm that processes 1480 eight blocks parallel using the AVX Instruction Set. 1481 1482 See also: 1483 <http://www.schneier.com/twofish.html> 1484 1485comment "Compression" 1486 1487config CRYPTO_DEFLATE 1488 tristate "Deflate compression algorithm" 1489 select CRYPTO_ALGAPI 1490 select ZLIB_INFLATE 1491 select ZLIB_DEFLATE 1492 help 1493 This is the Deflate algorithm (RFC1951), specified for use in 1494 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1495 1496 You will most probably want this if using IPSec. 1497 1498config CRYPTO_ZLIB 1499 tristate "Zlib compression algorithm" 1500 select CRYPTO_PCOMP 1501 select ZLIB_INFLATE 1502 select ZLIB_DEFLATE 1503 select NLATTR 1504 help 1505 This is the zlib algorithm. 1506 1507config CRYPTO_LZO 1508 tristate "LZO compression algorithm" 1509 select CRYPTO_ALGAPI 1510 select LZO_COMPRESS 1511 select LZO_DECOMPRESS 1512 help 1513 This is the LZO algorithm. 1514 1515config CRYPTO_842 1516 tristate "842 compression algorithm" 1517 select CRYPTO_ALGAPI 1518 select 842_COMPRESS 1519 select 842_DECOMPRESS 1520 help 1521 This is the 842 algorithm. 1522 1523config CRYPTO_LZ4 1524 tristate "LZ4 compression algorithm" 1525 select CRYPTO_ALGAPI 1526 select LZ4_COMPRESS 1527 select LZ4_DECOMPRESS 1528 help 1529 This is the LZ4 algorithm. 1530 1531config CRYPTO_LZ4HC 1532 tristate "LZ4HC compression algorithm" 1533 select CRYPTO_ALGAPI 1534 select LZ4HC_COMPRESS 1535 select LZ4_DECOMPRESS 1536 help 1537 This is the LZ4 high compression mode algorithm. 1538 1539comment "Random Number Generation" 1540 1541config CRYPTO_ANSI_CPRNG 1542 tristate "Pseudo Random Number Generation for Cryptographic modules" 1543 select CRYPTO_AES 1544 select CRYPTO_RNG 1545 help 1546 This option enables the generic pseudo random number generator 1547 for cryptographic modules. Uses the Algorithm specified in 1548 ANSI X9.31 A.2.4. Note that this option must be enabled if 1549 CRYPTO_FIPS is selected 1550 1551menuconfig CRYPTO_DRBG_MENU 1552 tristate "NIST SP800-90A DRBG" 1553 help 1554 NIST SP800-90A compliant DRBG. In the following submenu, one or 1555 more of the DRBG types must be selected. 1556 1557if CRYPTO_DRBG_MENU 1558 1559config CRYPTO_DRBG_HMAC 1560 bool 1561 default y 1562 select CRYPTO_HMAC 1563 select CRYPTO_SHA256 1564 1565config CRYPTO_DRBG_HASH 1566 bool "Enable Hash DRBG" 1567 select CRYPTO_SHA256 1568 help 1569 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1570 1571config CRYPTO_DRBG_CTR 1572 bool "Enable CTR DRBG" 1573 select CRYPTO_AES 1574 help 1575 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1576 1577config CRYPTO_DRBG 1578 tristate 1579 default CRYPTO_DRBG_MENU 1580 select CRYPTO_RNG 1581 select CRYPTO_JITTERENTROPY 1582 1583endif # if CRYPTO_DRBG_MENU 1584 1585config CRYPTO_JITTERENTROPY 1586 tristate "Jitterentropy Non-Deterministic Random Number Generator" 1587 help 1588 The Jitterentropy RNG is a noise that is intended 1589 to provide seed to another RNG. The RNG does not 1590 perform any cryptographic whitening of the generated 1591 random numbers. This Jitterentropy RNG registers with 1592 the kernel crypto API and can be used by any caller. 1593 1594config CRYPTO_USER_API 1595 tristate 1596 1597config CRYPTO_USER_API_HASH 1598 tristate "User-space interface for hash algorithms" 1599 depends on NET 1600 select CRYPTO_HASH 1601 select CRYPTO_USER_API 1602 help 1603 This option enables the user-spaces interface for hash 1604 algorithms. 1605 1606config CRYPTO_USER_API_SKCIPHER 1607 tristate "User-space interface for symmetric key cipher algorithms" 1608 depends on NET 1609 select CRYPTO_BLKCIPHER 1610 select CRYPTO_USER_API 1611 help 1612 This option enables the user-spaces interface for symmetric 1613 key cipher algorithms. 1614 1615config CRYPTO_USER_API_RNG 1616 tristate "User-space interface for random number generator algorithms" 1617 depends on NET 1618 select CRYPTO_RNG 1619 select CRYPTO_USER_API 1620 help 1621 This option enables the user-spaces interface for random 1622 number generator algorithms. 1623 1624config CRYPTO_USER_API_AEAD 1625 tristate "User-space interface for AEAD cipher algorithms" 1626 depends on NET 1627 select CRYPTO_AEAD 1628 select CRYPTO_USER_API 1629 help 1630 This option enables the user-spaces interface for AEAD 1631 cipher algorithms. 1632 1633config CRYPTO_HASH_INFO 1634 bool 1635 1636source "drivers/crypto/Kconfig" 1637source crypto/asymmetric_keys/Kconfig 1638source certs/Kconfig 1639 1640endif # if CRYPTO 1641