1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS 27 help 28 This options enables the fips boot option which is 29 required if you want to system to operate in a FIPS 200 30 certification. You should say no unless you know what 31 this is. 32 33config CRYPTO_ALGAPI 34 tristate 35 select CRYPTO_ALGAPI2 36 help 37 This option provides the API for cryptographic algorithms. 38 39config CRYPTO_ALGAPI2 40 tristate 41 42config CRYPTO_AEAD 43 tristate 44 select CRYPTO_AEAD2 45 select CRYPTO_ALGAPI 46 47config CRYPTO_AEAD2 48 tristate 49 select CRYPTO_ALGAPI2 50 51config CRYPTO_BLKCIPHER 52 tristate 53 select CRYPTO_BLKCIPHER2 54 select CRYPTO_ALGAPI 55 56config CRYPTO_BLKCIPHER2 57 tristate 58 select CRYPTO_ALGAPI2 59 select CRYPTO_RNG2 60 select CRYPTO_WORKQUEUE 61 62config CRYPTO_HASH 63 tristate 64 select CRYPTO_HASH2 65 select CRYPTO_ALGAPI 66 67config CRYPTO_HASH2 68 tristate 69 select CRYPTO_ALGAPI2 70 71config CRYPTO_RNG 72 tristate 73 select CRYPTO_RNG2 74 select CRYPTO_ALGAPI 75 76config CRYPTO_RNG2 77 tristate 78 select CRYPTO_ALGAPI2 79 80config CRYPTO_PCOMP 81 tristate 82 select CRYPTO_PCOMP2 83 select CRYPTO_ALGAPI 84 85config CRYPTO_PCOMP2 86 tristate 87 select CRYPTO_ALGAPI2 88 89config CRYPTO_MANAGER 90 tristate "Cryptographic algorithm manager" 91 select CRYPTO_MANAGER2 92 help 93 Create default cryptographic template instantiations such as 94 cbc(aes). 95 96config CRYPTO_MANAGER2 97 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 98 select CRYPTO_AEAD2 99 select CRYPTO_HASH2 100 select CRYPTO_BLKCIPHER2 101 select CRYPTO_PCOMP2 102 103config CRYPTO_USER 104 tristate "Userspace cryptographic algorithm configuration" 105 depends on NET 106 select CRYPTO_MANAGER 107 help 108 Userspace configuration for cryptographic instantiations such as 109 cbc(aes). 110 111config CRYPTO_MANAGER_DISABLE_TESTS 112 bool "Disable run-time self tests" 113 default y 114 depends on CRYPTO_MANAGER2 115 help 116 Disable run-time self tests that normally take place at 117 algorithm registration. 118 119config CRYPTO_GF128MUL 120 tristate "GF(2^128) multiplication functions" 121 help 122 Efficient table driven implementation of multiplications in the 123 field GF(2^128). This is needed by some cypher modes. This 124 option will be selected automatically if you select such a 125 cipher mode. Only select this option by hand if you expect to load 126 an external module that requires these functions. 127 128config CRYPTO_NULL 129 tristate "Null algorithms" 130 select CRYPTO_ALGAPI 131 select CRYPTO_BLKCIPHER 132 select CRYPTO_HASH 133 help 134 These are 'Null' algorithms, used by IPsec, which do nothing. 135 136config CRYPTO_PCRYPT 137 tristate "Parallel crypto engine" 138 depends on SMP 139 select PADATA 140 select CRYPTO_MANAGER 141 select CRYPTO_AEAD 142 help 143 This converts an arbitrary crypto algorithm into a parallel 144 algorithm that executes in kernel threads. 145 146config CRYPTO_WORKQUEUE 147 tristate 148 149config CRYPTO_CRYPTD 150 tristate "Software async crypto daemon" 151 select CRYPTO_BLKCIPHER 152 select CRYPTO_HASH 153 select CRYPTO_MANAGER 154 select CRYPTO_WORKQUEUE 155 help 156 This is a generic software asynchronous crypto daemon that 157 converts an arbitrary synchronous software crypto algorithm 158 into an asynchronous algorithm that executes in a kernel thread. 159 160config CRYPTO_AUTHENC 161 tristate "Authenc support" 162 select CRYPTO_AEAD 163 select CRYPTO_BLKCIPHER 164 select CRYPTO_MANAGER 165 select CRYPTO_HASH 166 help 167 Authenc: Combined mode wrapper for IPsec. 168 This is required for IPSec. 169 170config CRYPTO_TEST 171 tristate "Testing module" 172 depends on m 173 select CRYPTO_MANAGER 174 help 175 Quick & dirty crypto test module. 176 177config CRYPTO_ABLK_HELPER_X86 178 tristate 179 depends on X86 180 select CRYPTO_CRYPTD 181 182config CRYPTO_GLUE_HELPER_X86 183 tristate 184 depends on X86 185 select CRYPTO_ALGAPI 186 187comment "Authenticated Encryption with Associated Data" 188 189config CRYPTO_CCM 190 tristate "CCM support" 191 select CRYPTO_CTR 192 select CRYPTO_AEAD 193 help 194 Support for Counter with CBC MAC. Required for IPsec. 195 196config CRYPTO_GCM 197 tristate "GCM/GMAC support" 198 select CRYPTO_CTR 199 select CRYPTO_AEAD 200 select CRYPTO_GHASH 201 help 202 Support for Galois/Counter Mode (GCM) and Galois Message 203 Authentication Code (GMAC). Required for IPSec. 204 205config CRYPTO_SEQIV 206 tristate "Sequence Number IV Generator" 207 select CRYPTO_AEAD 208 select CRYPTO_BLKCIPHER 209 select CRYPTO_RNG 210 help 211 This IV generator generates an IV based on a sequence number by 212 xoring it with a salt. This algorithm is mainly useful for CTR 213 214comment "Block modes" 215 216config CRYPTO_CBC 217 tristate "CBC support" 218 select CRYPTO_BLKCIPHER 219 select CRYPTO_MANAGER 220 help 221 CBC: Cipher Block Chaining mode 222 This block cipher algorithm is required for IPSec. 223 224config CRYPTO_CTR 225 tristate "CTR support" 226 select CRYPTO_BLKCIPHER 227 select CRYPTO_SEQIV 228 select CRYPTO_MANAGER 229 help 230 CTR: Counter mode 231 This block cipher algorithm is required for IPSec. 232 233config CRYPTO_CTS 234 tristate "CTS support" 235 select CRYPTO_BLKCIPHER 236 help 237 CTS: Cipher Text Stealing 238 This is the Cipher Text Stealing mode as described by 239 Section 8 of rfc2040 and referenced by rfc3962. 240 (rfc3962 includes errata information in its Appendix A) 241 This mode is required for Kerberos gss mechanism support 242 for AES encryption. 243 244config CRYPTO_ECB 245 tristate "ECB support" 246 select CRYPTO_BLKCIPHER 247 select CRYPTO_MANAGER 248 help 249 ECB: Electronic CodeBook mode 250 This is the simplest block cipher algorithm. It simply encrypts 251 the input block by block. 252 253config CRYPTO_LRW 254 tristate "LRW support" 255 select CRYPTO_BLKCIPHER 256 select CRYPTO_MANAGER 257 select CRYPTO_GF128MUL 258 help 259 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 260 narrow block cipher mode for dm-crypt. Use it with cipher 261 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 262 The first 128, 192 or 256 bits in the key are used for AES and the 263 rest is used to tie each cipher block to its logical position. 264 265config CRYPTO_PCBC 266 tristate "PCBC support" 267 select CRYPTO_BLKCIPHER 268 select CRYPTO_MANAGER 269 help 270 PCBC: Propagating Cipher Block Chaining mode 271 This block cipher algorithm is required for RxRPC. 272 273config CRYPTO_XTS 274 tristate "XTS support" 275 select CRYPTO_BLKCIPHER 276 select CRYPTO_MANAGER 277 select CRYPTO_GF128MUL 278 help 279 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 280 key size 256, 384 or 512 bits. This implementation currently 281 can't handle a sectorsize which is not a multiple of 16 bytes. 282 283comment "Hash modes" 284 285config CRYPTO_HMAC 286 tristate "HMAC support" 287 select CRYPTO_HASH 288 select CRYPTO_MANAGER 289 help 290 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 291 This is required for IPSec. 292 293config CRYPTO_XCBC 294 tristate "XCBC support" 295 select CRYPTO_HASH 296 select CRYPTO_MANAGER 297 help 298 XCBC: Keyed-Hashing with encryption algorithm 299 http://www.ietf.org/rfc/rfc3566.txt 300 http://csrc.nist.gov/encryption/modes/proposedmodes/ 301 xcbc-mac/xcbc-mac-spec.pdf 302 303config CRYPTO_VMAC 304 tristate "VMAC support" 305 select CRYPTO_HASH 306 select CRYPTO_MANAGER 307 help 308 VMAC is a message authentication algorithm designed for 309 very high speed on 64-bit architectures. 310 311 See also: 312 <http://fastcrypto.org/vmac> 313 314comment "Digest" 315 316config CRYPTO_CRC32C 317 tristate "CRC32c CRC algorithm" 318 select CRYPTO_HASH 319 select CRC32 320 help 321 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 322 by iSCSI for header and data digests and by others. 323 See Castagnoli93. Module will be crc32c. 324 325config CRYPTO_CRC32C_X86_64 326 bool 327 depends on X86 && 64BIT 328 select CRYPTO_HASH 329 help 330 In Intel processor with SSE4.2 supported, the processor will 331 support CRC32C calculation using hardware accelerated CRC32 332 instruction optimized with PCLMULQDQ instruction when available. 333 334config CRYPTO_CRC32C_INTEL 335 tristate "CRC32c INTEL hardware acceleration" 336 depends on X86 337 select CRYPTO_CRC32C_X86_64 if 64BIT 338 select CRYPTO_HASH 339 help 340 In Intel processor with SSE4.2 supported, the processor will 341 support CRC32C implementation using hardware accelerated CRC32 342 instruction. This option will create 'crc32c-intel' module, 343 which will enable any routine to use the CRC32 instruction to 344 gain performance compared with software implementation. 345 Module will be crc32c-intel. 346 347config CRYPTO_CRC32C_SPARC64 348 tristate "CRC32c CRC algorithm (SPARC64)" 349 depends on SPARC64 350 select CRYPTO_HASH 351 select CRC32 352 help 353 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 354 when available. 355 356config CRYPTO_GHASH 357 tristate "GHASH digest algorithm" 358 select CRYPTO_GF128MUL 359 help 360 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 361 362config CRYPTO_MD4 363 tristate "MD4 digest algorithm" 364 select CRYPTO_HASH 365 help 366 MD4 message digest algorithm (RFC1320). 367 368config CRYPTO_MD5 369 tristate "MD5 digest algorithm" 370 select CRYPTO_HASH 371 help 372 MD5 message digest algorithm (RFC1321). 373 374config CRYPTO_MD5_SPARC64 375 tristate "MD5 digest algorithm (SPARC64)" 376 depends on SPARC64 377 select CRYPTO_MD5 378 select CRYPTO_HASH 379 help 380 MD5 message digest algorithm (RFC1321) implemented 381 using sparc64 crypto instructions, when available. 382 383config CRYPTO_MICHAEL_MIC 384 tristate "Michael MIC keyed digest algorithm" 385 select CRYPTO_HASH 386 help 387 Michael MIC is used for message integrity protection in TKIP 388 (IEEE 802.11i). This algorithm is required for TKIP, but it 389 should not be used for other purposes because of the weakness 390 of the algorithm. 391 392config CRYPTO_RMD128 393 tristate "RIPEMD-128 digest algorithm" 394 select CRYPTO_HASH 395 help 396 RIPEMD-128 (ISO/IEC 10118-3:2004). 397 398 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 399 be used as a secure replacement for RIPEMD. For other use cases, 400 RIPEMD-160 should be used. 401 402 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 403 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 404 405config CRYPTO_RMD160 406 tristate "RIPEMD-160 digest algorithm" 407 select CRYPTO_HASH 408 help 409 RIPEMD-160 (ISO/IEC 10118-3:2004). 410 411 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 412 to be used as a secure replacement for the 128-bit hash functions 413 MD4, MD5 and it's predecessor RIPEMD 414 (not to be confused with RIPEMD-128). 415 416 It's speed is comparable to SHA1 and there are no known attacks 417 against RIPEMD-160. 418 419 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 420 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 421 422config CRYPTO_RMD256 423 tristate "RIPEMD-256 digest algorithm" 424 select CRYPTO_HASH 425 help 426 RIPEMD-256 is an optional extension of RIPEMD-128 with a 427 256 bit hash. It is intended for applications that require 428 longer hash-results, without needing a larger security level 429 (than RIPEMD-128). 430 431 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 432 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 433 434config CRYPTO_RMD320 435 tristate "RIPEMD-320 digest algorithm" 436 select CRYPTO_HASH 437 help 438 RIPEMD-320 is an optional extension of RIPEMD-160 with a 439 320 bit hash. It is intended for applications that require 440 longer hash-results, without needing a larger security level 441 (than RIPEMD-160). 442 443 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 444 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 445 446config CRYPTO_SHA1 447 tristate "SHA1 digest algorithm" 448 select CRYPTO_HASH 449 help 450 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 451 452config CRYPTO_SHA1_SSSE3 453 tristate "SHA1 digest algorithm (SSSE3/AVX)" 454 depends on X86 && 64BIT 455 select CRYPTO_SHA1 456 select CRYPTO_HASH 457 help 458 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 459 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 460 Extensions (AVX), when available. 461 462config CRYPTO_SHA1_SPARC64 463 tristate "SHA1 digest algorithm (SPARC64)" 464 depends on SPARC64 465 select CRYPTO_SHA1 466 select CRYPTO_HASH 467 help 468 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 469 using sparc64 crypto instructions, when available. 470 471config CRYPTO_SHA1_ARM 472 tristate "SHA1 digest algorithm (ARM-asm)" 473 depends on ARM 474 select CRYPTO_SHA1 475 select CRYPTO_HASH 476 help 477 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 478 using optimized ARM assembler. 479 480config CRYPTO_SHA256 481 tristate "SHA224 and SHA256 digest algorithm" 482 select CRYPTO_HASH 483 help 484 SHA256 secure hash standard (DFIPS 180-2). 485 486 This version of SHA implements a 256 bit hash with 128 bits of 487 security against collision attacks. 488 489 This code also includes SHA-224, a 224 bit hash with 112 bits 490 of security against collision attacks. 491 492config CRYPTO_SHA256_SPARC64 493 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 494 depends on SPARC64 495 select CRYPTO_SHA256 496 select CRYPTO_HASH 497 help 498 SHA-256 secure hash standard (DFIPS 180-2) implemented 499 using sparc64 crypto instructions, when available. 500 501config CRYPTO_SHA512 502 tristate "SHA384 and SHA512 digest algorithms" 503 select CRYPTO_HASH 504 help 505 SHA512 secure hash standard (DFIPS 180-2). 506 507 This version of SHA implements a 512 bit hash with 256 bits of 508 security against collision attacks. 509 510 This code also includes SHA-384, a 384 bit hash with 192 bits 511 of security against collision attacks. 512 513config CRYPTO_SHA512_SPARC64 514 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 515 depends on SPARC64 516 select CRYPTO_SHA512 517 select CRYPTO_HASH 518 help 519 SHA-512 secure hash standard (DFIPS 180-2) implemented 520 using sparc64 crypto instructions, when available. 521 522config CRYPTO_TGR192 523 tristate "Tiger digest algorithms" 524 select CRYPTO_HASH 525 help 526 Tiger hash algorithm 192, 160 and 128-bit hashes 527 528 Tiger is a hash function optimized for 64-bit processors while 529 still having decent performance on 32-bit processors. 530 Tiger was developed by Ross Anderson and Eli Biham. 531 532 See also: 533 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 534 535config CRYPTO_WP512 536 tristate "Whirlpool digest algorithms" 537 select CRYPTO_HASH 538 help 539 Whirlpool hash algorithm 512, 384 and 256-bit hashes 540 541 Whirlpool-512 is part of the NESSIE cryptographic primitives. 542 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 543 544 See also: 545 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 546 547config CRYPTO_GHASH_CLMUL_NI_INTEL 548 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 549 depends on X86 && 64BIT 550 select CRYPTO_CRYPTD 551 help 552 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 553 The implementation is accelerated by CLMUL-NI of Intel. 554 555comment "Ciphers" 556 557config CRYPTO_AES 558 tristate "AES cipher algorithms" 559 select CRYPTO_ALGAPI 560 help 561 AES cipher algorithms (FIPS-197). AES uses the Rijndael 562 algorithm. 563 564 Rijndael appears to be consistently a very good performer in 565 both hardware and software across a wide range of computing 566 environments regardless of its use in feedback or non-feedback 567 modes. Its key setup time is excellent, and its key agility is 568 good. Rijndael's very low memory requirements make it very well 569 suited for restricted-space environments, in which it also 570 demonstrates excellent performance. Rijndael's operations are 571 among the easiest to defend against power and timing attacks. 572 573 The AES specifies three key sizes: 128, 192 and 256 bits 574 575 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 576 577config CRYPTO_AES_586 578 tristate "AES cipher algorithms (i586)" 579 depends on (X86 || UML_X86) && !64BIT 580 select CRYPTO_ALGAPI 581 select CRYPTO_AES 582 help 583 AES cipher algorithms (FIPS-197). AES uses the Rijndael 584 algorithm. 585 586 Rijndael appears to be consistently a very good performer in 587 both hardware and software across a wide range of computing 588 environments regardless of its use in feedback or non-feedback 589 modes. Its key setup time is excellent, and its key agility is 590 good. Rijndael's very low memory requirements make it very well 591 suited for restricted-space environments, in which it also 592 demonstrates excellent performance. Rijndael's operations are 593 among the easiest to defend against power and timing attacks. 594 595 The AES specifies three key sizes: 128, 192 and 256 bits 596 597 See <http://csrc.nist.gov/encryption/aes/> for more information. 598 599config CRYPTO_AES_X86_64 600 tristate "AES cipher algorithms (x86_64)" 601 depends on (X86 || UML_X86) && 64BIT 602 select CRYPTO_ALGAPI 603 select CRYPTO_AES 604 help 605 AES cipher algorithms (FIPS-197). AES uses the Rijndael 606 algorithm. 607 608 Rijndael appears to be consistently a very good performer in 609 both hardware and software across a wide range of computing 610 environments regardless of its use in feedback or non-feedback 611 modes. Its key setup time is excellent, and its key agility is 612 good. Rijndael's very low memory requirements make it very well 613 suited for restricted-space environments, in which it also 614 demonstrates excellent performance. Rijndael's operations are 615 among the easiest to defend against power and timing attacks. 616 617 The AES specifies three key sizes: 128, 192 and 256 bits 618 619 See <http://csrc.nist.gov/encryption/aes/> for more information. 620 621config CRYPTO_AES_NI_INTEL 622 tristate "AES cipher algorithms (AES-NI)" 623 depends on X86 624 select CRYPTO_AES_X86_64 if 64BIT 625 select CRYPTO_AES_586 if !64BIT 626 select CRYPTO_CRYPTD 627 select CRYPTO_ABLK_HELPER_X86 628 select CRYPTO_ALGAPI 629 select CRYPTO_LRW 630 select CRYPTO_XTS 631 help 632 Use Intel AES-NI instructions for AES algorithm. 633 634 AES cipher algorithms (FIPS-197). AES uses the Rijndael 635 algorithm. 636 637 Rijndael appears to be consistently a very good performer in 638 both hardware and software across a wide range of computing 639 environments regardless of its use in feedback or non-feedback 640 modes. Its key setup time is excellent, and its key agility is 641 good. Rijndael's very low memory requirements make it very well 642 suited for restricted-space environments, in which it also 643 demonstrates excellent performance. Rijndael's operations are 644 among the easiest to defend against power and timing attacks. 645 646 The AES specifies three key sizes: 128, 192 and 256 bits 647 648 See <http://csrc.nist.gov/encryption/aes/> for more information. 649 650 In addition to AES cipher algorithm support, the acceleration 651 for some popular block cipher mode is supported too, including 652 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 653 acceleration for CTR. 654 655config CRYPTO_AES_SPARC64 656 tristate "AES cipher algorithms (SPARC64)" 657 depends on SPARC64 658 select CRYPTO_CRYPTD 659 select CRYPTO_ALGAPI 660 help 661 Use SPARC64 crypto opcodes for AES algorithm. 662 663 AES cipher algorithms (FIPS-197). AES uses the Rijndael 664 algorithm. 665 666 Rijndael appears to be consistently a very good performer in 667 both hardware and software across a wide range of computing 668 environments regardless of its use in feedback or non-feedback 669 modes. Its key setup time is excellent, and its key agility is 670 good. Rijndael's very low memory requirements make it very well 671 suited for restricted-space environments, in which it also 672 demonstrates excellent performance. Rijndael's operations are 673 among the easiest to defend against power and timing attacks. 674 675 The AES specifies three key sizes: 128, 192 and 256 bits 676 677 See <http://csrc.nist.gov/encryption/aes/> for more information. 678 679 In addition to AES cipher algorithm support, the acceleration 680 for some popular block cipher mode is supported too, including 681 ECB and CBC. 682 683config CRYPTO_AES_ARM 684 tristate "AES cipher algorithms (ARM-asm)" 685 depends on ARM 686 select CRYPTO_ALGAPI 687 select CRYPTO_AES 688 help 689 Use optimized AES assembler routines for ARM platforms. 690 691 AES cipher algorithms (FIPS-197). AES uses the Rijndael 692 algorithm. 693 694 Rijndael appears to be consistently a very good performer in 695 both hardware and software across a wide range of computing 696 environments regardless of its use in feedback or non-feedback 697 modes. Its key setup time is excellent, and its key agility is 698 good. Rijndael's very low memory requirements make it very well 699 suited for restricted-space environments, in which it also 700 demonstrates excellent performance. Rijndael's operations are 701 among the easiest to defend against power and timing attacks. 702 703 The AES specifies three key sizes: 128, 192 and 256 bits 704 705 See <http://csrc.nist.gov/encryption/aes/> for more information. 706 707config CRYPTO_ANUBIS 708 tristate "Anubis cipher algorithm" 709 select CRYPTO_ALGAPI 710 help 711 Anubis cipher algorithm. 712 713 Anubis is a variable key length cipher which can use keys from 714 128 bits to 320 bits in length. It was evaluated as a entrant 715 in the NESSIE competition. 716 717 See also: 718 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 719 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 720 721config CRYPTO_ARC4 722 tristate "ARC4 cipher algorithm" 723 select CRYPTO_BLKCIPHER 724 help 725 ARC4 cipher algorithm. 726 727 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 728 bits in length. This algorithm is required for driver-based 729 WEP, but it should not be for other purposes because of the 730 weakness of the algorithm. 731 732config CRYPTO_BLOWFISH 733 tristate "Blowfish cipher algorithm" 734 select CRYPTO_ALGAPI 735 select CRYPTO_BLOWFISH_COMMON 736 help 737 Blowfish cipher algorithm, by Bruce Schneier. 738 739 This is a variable key length cipher which can use keys from 32 740 bits to 448 bits in length. It's fast, simple and specifically 741 designed for use on "large microprocessors". 742 743 See also: 744 <http://www.schneier.com/blowfish.html> 745 746config CRYPTO_BLOWFISH_COMMON 747 tristate 748 help 749 Common parts of the Blowfish cipher algorithm shared by the 750 generic c and the assembler implementations. 751 752 See also: 753 <http://www.schneier.com/blowfish.html> 754 755config CRYPTO_BLOWFISH_X86_64 756 tristate "Blowfish cipher algorithm (x86_64)" 757 depends on X86 && 64BIT 758 select CRYPTO_ALGAPI 759 select CRYPTO_BLOWFISH_COMMON 760 help 761 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 762 763 This is a variable key length cipher which can use keys from 32 764 bits to 448 bits in length. It's fast, simple and specifically 765 designed for use on "large microprocessors". 766 767 See also: 768 <http://www.schneier.com/blowfish.html> 769 770config CRYPTO_CAMELLIA 771 tristate "Camellia cipher algorithms" 772 depends on CRYPTO 773 select CRYPTO_ALGAPI 774 help 775 Camellia cipher algorithms module. 776 777 Camellia is a symmetric key block cipher developed jointly 778 at NTT and Mitsubishi Electric Corporation. 779 780 The Camellia specifies three key sizes: 128, 192 and 256 bits. 781 782 See also: 783 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 784 785config CRYPTO_CAMELLIA_X86_64 786 tristate "Camellia cipher algorithm (x86_64)" 787 depends on X86 && 64BIT 788 depends on CRYPTO 789 select CRYPTO_ALGAPI 790 select CRYPTO_GLUE_HELPER_X86 791 select CRYPTO_LRW 792 select CRYPTO_XTS 793 help 794 Camellia cipher algorithm module (x86_64). 795 796 Camellia is a symmetric key block cipher developed jointly 797 at NTT and Mitsubishi Electric Corporation. 798 799 The Camellia specifies three key sizes: 128, 192 and 256 bits. 800 801 See also: 802 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 803 804config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 805 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 806 depends on X86 && 64BIT 807 depends on CRYPTO 808 select CRYPTO_ALGAPI 809 select CRYPTO_CRYPTD 810 select CRYPTO_ABLK_HELPER_X86 811 select CRYPTO_GLUE_HELPER_X86 812 select CRYPTO_CAMELLIA_X86_64 813 select CRYPTO_LRW 814 select CRYPTO_XTS 815 help 816 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 817 818 Camellia is a symmetric key block cipher developed jointly 819 at NTT and Mitsubishi Electric Corporation. 820 821 The Camellia specifies three key sizes: 128, 192 and 256 bits. 822 823 See also: 824 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 825 826config CRYPTO_CAMELLIA_SPARC64 827 tristate "Camellia cipher algorithm (SPARC64)" 828 depends on SPARC64 829 depends on CRYPTO 830 select CRYPTO_ALGAPI 831 help 832 Camellia cipher algorithm module (SPARC64). 833 834 Camellia is a symmetric key block cipher developed jointly 835 at NTT and Mitsubishi Electric Corporation. 836 837 The Camellia specifies three key sizes: 128, 192 and 256 bits. 838 839 See also: 840 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 841 842config CRYPTO_CAST_COMMON 843 tristate 844 help 845 Common parts of the CAST cipher algorithms shared by the 846 generic c and the assembler implementations. 847 848config CRYPTO_CAST5 849 tristate "CAST5 (CAST-128) cipher algorithm" 850 select CRYPTO_ALGAPI 851 select CRYPTO_CAST_COMMON 852 help 853 The CAST5 encryption algorithm (synonymous with CAST-128) is 854 described in RFC2144. 855 856config CRYPTO_CAST5_AVX_X86_64 857 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 858 depends on X86 && 64BIT 859 select CRYPTO_ALGAPI 860 select CRYPTO_CRYPTD 861 select CRYPTO_ABLK_HELPER_X86 862 select CRYPTO_CAST_COMMON 863 select CRYPTO_CAST5 864 help 865 The CAST5 encryption algorithm (synonymous with CAST-128) is 866 described in RFC2144. 867 868 This module provides the Cast5 cipher algorithm that processes 869 sixteen blocks parallel using the AVX instruction set. 870 871config CRYPTO_CAST6 872 tristate "CAST6 (CAST-256) cipher algorithm" 873 select CRYPTO_ALGAPI 874 select CRYPTO_CAST_COMMON 875 help 876 The CAST6 encryption algorithm (synonymous with CAST-256) is 877 described in RFC2612. 878 879config CRYPTO_CAST6_AVX_X86_64 880 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 881 depends on X86 && 64BIT 882 select CRYPTO_ALGAPI 883 select CRYPTO_CRYPTD 884 select CRYPTO_ABLK_HELPER_X86 885 select CRYPTO_GLUE_HELPER_X86 886 select CRYPTO_CAST_COMMON 887 select CRYPTO_CAST6 888 select CRYPTO_LRW 889 select CRYPTO_XTS 890 help 891 The CAST6 encryption algorithm (synonymous with CAST-256) is 892 described in RFC2612. 893 894 This module provides the Cast6 cipher algorithm that processes 895 eight blocks parallel using the AVX instruction set. 896 897config CRYPTO_DES 898 tristate "DES and Triple DES EDE cipher algorithms" 899 select CRYPTO_ALGAPI 900 help 901 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 902 903config CRYPTO_DES_SPARC64 904 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 905 depends on SPARC64 906 select CRYPTO_ALGAPI 907 select CRYPTO_DES 908 help 909 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 910 optimized using SPARC64 crypto opcodes. 911 912config CRYPTO_FCRYPT 913 tristate "FCrypt cipher algorithm" 914 select CRYPTO_ALGAPI 915 select CRYPTO_BLKCIPHER 916 help 917 FCrypt algorithm used by RxRPC. 918 919config CRYPTO_KHAZAD 920 tristate "Khazad cipher algorithm" 921 select CRYPTO_ALGAPI 922 help 923 Khazad cipher algorithm. 924 925 Khazad was a finalist in the initial NESSIE competition. It is 926 an algorithm optimized for 64-bit processors with good performance 927 on 32-bit processors. Khazad uses an 128 bit key size. 928 929 See also: 930 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 931 932config CRYPTO_SALSA20 933 tristate "Salsa20 stream cipher algorithm" 934 select CRYPTO_BLKCIPHER 935 help 936 Salsa20 stream cipher algorithm. 937 938 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 939 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 940 941 The Salsa20 stream cipher algorithm is designed by Daniel J. 942 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 943 944config CRYPTO_SALSA20_586 945 tristate "Salsa20 stream cipher algorithm (i586)" 946 depends on (X86 || UML_X86) && !64BIT 947 select CRYPTO_BLKCIPHER 948 help 949 Salsa20 stream cipher algorithm. 950 951 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 952 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 953 954 The Salsa20 stream cipher algorithm is designed by Daniel J. 955 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 956 957config CRYPTO_SALSA20_X86_64 958 tristate "Salsa20 stream cipher algorithm (x86_64)" 959 depends on (X86 || UML_X86) && 64BIT 960 select CRYPTO_BLKCIPHER 961 help 962 Salsa20 stream cipher algorithm. 963 964 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 965 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 966 967 The Salsa20 stream cipher algorithm is designed by Daniel J. 968 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 969 970config CRYPTO_SEED 971 tristate "SEED cipher algorithm" 972 select CRYPTO_ALGAPI 973 help 974 SEED cipher algorithm (RFC4269). 975 976 SEED is a 128-bit symmetric key block cipher that has been 977 developed by KISA (Korea Information Security Agency) as a 978 national standard encryption algorithm of the Republic of Korea. 979 It is a 16 round block cipher with the key size of 128 bit. 980 981 See also: 982 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 983 984config CRYPTO_SERPENT 985 tristate "Serpent cipher algorithm" 986 select CRYPTO_ALGAPI 987 help 988 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 989 990 Keys are allowed to be from 0 to 256 bits in length, in steps 991 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 992 variant of Serpent for compatibility with old kerneli.org code. 993 994 See also: 995 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 996 997config CRYPTO_SERPENT_SSE2_X86_64 998 tristate "Serpent cipher algorithm (x86_64/SSE2)" 999 depends on X86 && 64BIT 1000 select CRYPTO_ALGAPI 1001 select CRYPTO_CRYPTD 1002 select CRYPTO_ABLK_HELPER_X86 1003 select CRYPTO_GLUE_HELPER_X86 1004 select CRYPTO_SERPENT 1005 select CRYPTO_LRW 1006 select CRYPTO_XTS 1007 help 1008 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1009 1010 Keys are allowed to be from 0 to 256 bits in length, in steps 1011 of 8 bits. 1012 1013 This module provides Serpent cipher algorithm that processes eigth 1014 blocks parallel using SSE2 instruction set. 1015 1016 See also: 1017 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1018 1019config CRYPTO_SERPENT_SSE2_586 1020 tristate "Serpent cipher algorithm (i586/SSE2)" 1021 depends on X86 && !64BIT 1022 select CRYPTO_ALGAPI 1023 select CRYPTO_CRYPTD 1024 select CRYPTO_ABLK_HELPER_X86 1025 select CRYPTO_GLUE_HELPER_X86 1026 select CRYPTO_SERPENT 1027 select CRYPTO_LRW 1028 select CRYPTO_XTS 1029 help 1030 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1031 1032 Keys are allowed to be from 0 to 256 bits in length, in steps 1033 of 8 bits. 1034 1035 This module provides Serpent cipher algorithm that processes four 1036 blocks parallel using SSE2 instruction set. 1037 1038 See also: 1039 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1040 1041config CRYPTO_SERPENT_AVX_X86_64 1042 tristate "Serpent cipher algorithm (x86_64/AVX)" 1043 depends on X86 && 64BIT 1044 select CRYPTO_ALGAPI 1045 select CRYPTO_CRYPTD 1046 select CRYPTO_ABLK_HELPER_X86 1047 select CRYPTO_GLUE_HELPER_X86 1048 select CRYPTO_SERPENT 1049 select CRYPTO_LRW 1050 select CRYPTO_XTS 1051 help 1052 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1053 1054 Keys are allowed to be from 0 to 256 bits in length, in steps 1055 of 8 bits. 1056 1057 This module provides the Serpent cipher algorithm that processes 1058 eight blocks parallel using the AVX instruction set. 1059 1060 See also: 1061 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1062 1063config CRYPTO_TEA 1064 tristate "TEA, XTEA and XETA cipher algorithms" 1065 select CRYPTO_ALGAPI 1066 help 1067 TEA cipher algorithm. 1068 1069 Tiny Encryption Algorithm is a simple cipher that uses 1070 many rounds for security. It is very fast and uses 1071 little memory. 1072 1073 Xtendend Tiny Encryption Algorithm is a modification to 1074 the TEA algorithm to address a potential key weakness 1075 in the TEA algorithm. 1076 1077 Xtendend Encryption Tiny Algorithm is a mis-implementation 1078 of the XTEA algorithm for compatibility purposes. 1079 1080config CRYPTO_TWOFISH 1081 tristate "Twofish cipher algorithm" 1082 select CRYPTO_ALGAPI 1083 select CRYPTO_TWOFISH_COMMON 1084 help 1085 Twofish cipher algorithm. 1086 1087 Twofish was submitted as an AES (Advanced Encryption Standard) 1088 candidate cipher by researchers at CounterPane Systems. It is a 1089 16 round block cipher supporting key sizes of 128, 192, and 256 1090 bits. 1091 1092 See also: 1093 <http://www.schneier.com/twofish.html> 1094 1095config CRYPTO_TWOFISH_COMMON 1096 tristate 1097 help 1098 Common parts of the Twofish cipher algorithm shared by the 1099 generic c and the assembler implementations. 1100 1101config CRYPTO_TWOFISH_586 1102 tristate "Twofish cipher algorithms (i586)" 1103 depends on (X86 || UML_X86) && !64BIT 1104 select CRYPTO_ALGAPI 1105 select CRYPTO_TWOFISH_COMMON 1106 help 1107 Twofish cipher algorithm. 1108 1109 Twofish was submitted as an AES (Advanced Encryption Standard) 1110 candidate cipher by researchers at CounterPane Systems. It is a 1111 16 round block cipher supporting key sizes of 128, 192, and 256 1112 bits. 1113 1114 See also: 1115 <http://www.schneier.com/twofish.html> 1116 1117config CRYPTO_TWOFISH_X86_64 1118 tristate "Twofish cipher algorithm (x86_64)" 1119 depends on (X86 || UML_X86) && 64BIT 1120 select CRYPTO_ALGAPI 1121 select CRYPTO_TWOFISH_COMMON 1122 help 1123 Twofish cipher algorithm (x86_64). 1124 1125 Twofish was submitted as an AES (Advanced Encryption Standard) 1126 candidate cipher by researchers at CounterPane Systems. It is a 1127 16 round block cipher supporting key sizes of 128, 192, and 256 1128 bits. 1129 1130 See also: 1131 <http://www.schneier.com/twofish.html> 1132 1133config CRYPTO_TWOFISH_X86_64_3WAY 1134 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1135 depends on X86 && 64BIT 1136 select CRYPTO_ALGAPI 1137 select CRYPTO_TWOFISH_COMMON 1138 select CRYPTO_TWOFISH_X86_64 1139 select CRYPTO_GLUE_HELPER_X86 1140 select CRYPTO_LRW 1141 select CRYPTO_XTS 1142 help 1143 Twofish cipher algorithm (x86_64, 3-way parallel). 1144 1145 Twofish was submitted as an AES (Advanced Encryption Standard) 1146 candidate cipher by researchers at CounterPane Systems. It is a 1147 16 round block cipher supporting key sizes of 128, 192, and 256 1148 bits. 1149 1150 This module provides Twofish cipher algorithm that processes three 1151 blocks parallel, utilizing resources of out-of-order CPUs better. 1152 1153 See also: 1154 <http://www.schneier.com/twofish.html> 1155 1156config CRYPTO_TWOFISH_AVX_X86_64 1157 tristate "Twofish cipher algorithm (x86_64/AVX)" 1158 depends on X86 && 64BIT 1159 select CRYPTO_ALGAPI 1160 select CRYPTO_CRYPTD 1161 select CRYPTO_ABLK_HELPER_X86 1162 select CRYPTO_GLUE_HELPER_X86 1163 select CRYPTO_TWOFISH_COMMON 1164 select CRYPTO_TWOFISH_X86_64 1165 select CRYPTO_TWOFISH_X86_64_3WAY 1166 select CRYPTO_LRW 1167 select CRYPTO_XTS 1168 help 1169 Twofish cipher algorithm (x86_64/AVX). 1170 1171 Twofish was submitted as an AES (Advanced Encryption Standard) 1172 candidate cipher by researchers at CounterPane Systems. It is a 1173 16 round block cipher supporting key sizes of 128, 192, and 256 1174 bits. 1175 1176 This module provides the Twofish cipher algorithm that processes 1177 eight blocks parallel using the AVX Instruction Set. 1178 1179 See also: 1180 <http://www.schneier.com/twofish.html> 1181 1182comment "Compression" 1183 1184config CRYPTO_DEFLATE 1185 tristate "Deflate compression algorithm" 1186 select CRYPTO_ALGAPI 1187 select ZLIB_INFLATE 1188 select ZLIB_DEFLATE 1189 help 1190 This is the Deflate algorithm (RFC1951), specified for use in 1191 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1192 1193 You will most probably want this if using IPSec. 1194 1195config CRYPTO_ZLIB 1196 tristate "Zlib compression algorithm" 1197 select CRYPTO_PCOMP 1198 select ZLIB_INFLATE 1199 select ZLIB_DEFLATE 1200 select NLATTR 1201 help 1202 This is the zlib algorithm. 1203 1204config CRYPTO_LZO 1205 tristate "LZO compression algorithm" 1206 select CRYPTO_ALGAPI 1207 select LZO_COMPRESS 1208 select LZO_DECOMPRESS 1209 help 1210 This is the LZO algorithm. 1211 1212config CRYPTO_842 1213 tristate "842 compression algorithm" 1214 depends on CRYPTO_DEV_NX_COMPRESS 1215 # 842 uses lzo if the hardware becomes unavailable 1216 select LZO_COMPRESS 1217 select LZO_DECOMPRESS 1218 help 1219 This is the 842 algorithm. 1220 1221comment "Random Number Generation" 1222 1223config CRYPTO_ANSI_CPRNG 1224 tristate "Pseudo Random Number Generation for Cryptographic modules" 1225 default m 1226 select CRYPTO_AES 1227 select CRYPTO_RNG 1228 help 1229 This option enables the generic pseudo random number generator 1230 for cryptographic modules. Uses the Algorithm specified in 1231 ANSI X9.31 A.2.4. Note that this option must be enabled if 1232 CRYPTO_FIPS is selected 1233 1234config CRYPTO_USER_API 1235 tristate 1236 1237config CRYPTO_USER_API_HASH 1238 tristate "User-space interface for hash algorithms" 1239 depends on NET 1240 select CRYPTO_HASH 1241 select CRYPTO_USER_API 1242 help 1243 This option enables the user-spaces interface for hash 1244 algorithms. 1245 1246config CRYPTO_USER_API_SKCIPHER 1247 tristate "User-space interface for symmetric key cipher algorithms" 1248 depends on NET 1249 select CRYPTO_BLKCIPHER 1250 select CRYPTO_USER_API 1251 help 1252 This option enables the user-spaces interface for symmetric 1253 key cipher algorithms. 1254 1255source "drivers/crypto/Kconfig" 1256source crypto/asymmetric_keys/Kconfig 1257 1258endif # if CRYPTO 1259