linux/crypto/Kconfig
<<
>>
Prefs
   1#
   2# Generic algorithms support
   3#
   4config XOR_BLOCKS
   5        tristate
   6
   7#
   8# async_tx api: hardware offloaded memory transfer/transform support
   9#
  10source "crypto/async_tx/Kconfig"
  11
  12#
  13# Cryptographic API Configuration
  14#
  15menuconfig CRYPTO
  16        tristate "Cryptographic API"
  17        help
  18          This option provides the core Cryptographic API.
  19
  20if CRYPTO
  21
  22comment "Crypto core or helper"
  23
  24config CRYPTO_FIPS
  25        bool "FIPS 200 compliance"
  26        depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
  27        help
  28          This options enables the fips boot option which is
  29          required if you want to system to operate in a FIPS 200
  30          certification.  You should say no unless you know what
  31          this is.
  32
  33config CRYPTO_ALGAPI
  34        tristate
  35        select CRYPTO_ALGAPI2
  36        help
  37          This option provides the API for cryptographic algorithms.
  38
  39config CRYPTO_ALGAPI2
  40        tristate
  41
  42config CRYPTO_AEAD
  43        tristate
  44        select CRYPTO_AEAD2
  45        select CRYPTO_ALGAPI
  46
  47config CRYPTO_AEAD2
  48        tristate
  49        select CRYPTO_ALGAPI2
  50
  51config CRYPTO_BLKCIPHER
  52        tristate
  53        select CRYPTO_BLKCIPHER2
  54        select CRYPTO_ALGAPI
  55
  56config CRYPTO_BLKCIPHER2
  57        tristate
  58        select CRYPTO_ALGAPI2
  59        select CRYPTO_RNG2
  60        select CRYPTO_WORKQUEUE
  61
  62config CRYPTO_HASH
  63        tristate
  64        select CRYPTO_HASH2
  65        select CRYPTO_ALGAPI
  66
  67config CRYPTO_HASH2
  68        tristate
  69        select CRYPTO_ALGAPI2
  70
  71config CRYPTO_RNG
  72        tristate
  73        select CRYPTO_RNG2
  74        select CRYPTO_ALGAPI
  75
  76config CRYPTO_RNG2
  77        tristate
  78        select CRYPTO_ALGAPI2
  79
  80config CRYPTO_PCOMP
  81        tristate
  82        select CRYPTO_PCOMP2
  83        select CRYPTO_ALGAPI
  84
  85config CRYPTO_PCOMP2
  86        tristate
  87        select CRYPTO_ALGAPI2
  88
  89config CRYPTO_MANAGER
  90        tristate "Cryptographic algorithm manager"
  91        select CRYPTO_MANAGER2
  92        help
  93          Create default cryptographic template instantiations such as
  94          cbc(aes).
  95
  96config CRYPTO_MANAGER2
  97        def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
  98        select CRYPTO_AEAD2
  99        select CRYPTO_HASH2
 100        select CRYPTO_BLKCIPHER2
 101        select CRYPTO_PCOMP2
 102
 103config CRYPTO_MANAGER_DISABLE_TESTS
 104        bool "Disable run-time self tests"
 105        default y
 106        depends on CRYPTO_MANAGER2
 107        help
 108          Disable run-time self tests that normally take place at
 109          algorithm registration.
 110
 111config CRYPTO_GF128MUL
 112        tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
 113        help
 114          Efficient table driven implementation of multiplications in the
 115          field GF(2^128).  This is needed by some cypher modes. This
 116          option will be selected automatically if you select such a
 117          cipher mode.  Only select this option by hand if you expect to load
 118          an external module that requires these functions.
 119
 120config CRYPTO_NULL
 121        tristate "Null algorithms"
 122        select CRYPTO_ALGAPI
 123        select CRYPTO_BLKCIPHER
 124        select CRYPTO_HASH
 125        help
 126          These are 'Null' algorithms, used by IPsec, which do nothing.
 127
 128config CRYPTO_PCRYPT
 129        tristate "Parallel crypto engine (EXPERIMENTAL)"
 130        depends on SMP && EXPERIMENTAL
 131        select PADATA
 132        select CRYPTO_MANAGER
 133        select CRYPTO_AEAD
 134        help
 135          This converts an arbitrary crypto algorithm into a parallel
 136          algorithm that executes in kernel threads.
 137
 138config CRYPTO_WORKQUEUE
 139       tristate
 140
 141config CRYPTO_CRYPTD
 142        tristate "Software async crypto daemon"
 143        select CRYPTO_BLKCIPHER
 144        select CRYPTO_HASH
 145        select CRYPTO_MANAGER
 146        select CRYPTO_WORKQUEUE
 147        help
 148          This is a generic software asynchronous crypto daemon that
 149          converts an arbitrary synchronous software crypto algorithm
 150          into an asynchronous algorithm that executes in a kernel thread.
 151
 152config CRYPTO_AUTHENC
 153        tristate "Authenc support"
 154        select CRYPTO_AEAD
 155        select CRYPTO_BLKCIPHER
 156        select CRYPTO_MANAGER
 157        select CRYPTO_HASH
 158        help
 159          Authenc: Combined mode wrapper for IPsec.
 160          This is required for IPSec.
 161
 162config CRYPTO_TEST
 163        tristate "Testing module"
 164        depends on m
 165        select CRYPTO_MANAGER
 166        help
 167          Quick & dirty crypto test module.
 168
 169comment "Authenticated Encryption with Associated Data"
 170
 171config CRYPTO_CCM
 172        tristate "CCM support"
 173        select CRYPTO_CTR
 174        select CRYPTO_AEAD
 175        help
 176          Support for Counter with CBC MAC. Required for IPsec.
 177
 178config CRYPTO_GCM
 179        tristate "GCM/GMAC support"
 180        select CRYPTO_CTR
 181        select CRYPTO_AEAD
 182        select CRYPTO_GHASH
 183        help
 184          Support for Galois/Counter Mode (GCM) and Galois Message
 185          Authentication Code (GMAC). Required for IPSec.
 186
 187config CRYPTO_SEQIV
 188        tristate "Sequence Number IV Generator"
 189        select CRYPTO_AEAD
 190        select CRYPTO_BLKCIPHER
 191        select CRYPTO_RNG
 192        help
 193          This IV generator generates an IV based on a sequence number by
 194          xoring it with a salt.  This algorithm is mainly useful for CTR
 195
 196comment "Block modes"
 197
 198config CRYPTO_CBC
 199        tristate "CBC support"
 200        select CRYPTO_BLKCIPHER
 201        select CRYPTO_MANAGER
 202        help
 203          CBC: Cipher Block Chaining mode
 204          This block cipher algorithm is required for IPSec.
 205
 206config CRYPTO_CTR
 207        tristate "CTR support"
 208        select CRYPTO_BLKCIPHER
 209        select CRYPTO_SEQIV
 210        select CRYPTO_MANAGER
 211        help
 212          CTR: Counter mode
 213          This block cipher algorithm is required for IPSec.
 214
 215config CRYPTO_CTS
 216        tristate "CTS support"
 217        select CRYPTO_BLKCIPHER
 218        help
 219          CTS: Cipher Text Stealing
 220          This is the Cipher Text Stealing mode as described by
 221          Section 8 of rfc2040 and referenced by rfc3962.
 222          (rfc3962 includes errata information in its Appendix A)
 223          This mode is required for Kerberos gss mechanism support
 224          for AES encryption.
 225
 226config CRYPTO_ECB
 227        tristate "ECB support"
 228        select CRYPTO_BLKCIPHER
 229        select CRYPTO_MANAGER
 230        help
 231          ECB: Electronic CodeBook mode
 232          This is the simplest block cipher algorithm.  It simply encrypts
 233          the input block by block.
 234
 235config CRYPTO_LRW
 236        tristate "LRW support (EXPERIMENTAL)"
 237        depends on EXPERIMENTAL
 238        select CRYPTO_BLKCIPHER
 239        select CRYPTO_MANAGER
 240        select CRYPTO_GF128MUL
 241        help
 242          LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
 243          narrow block cipher mode for dm-crypt.  Use it with cipher
 244          specification string aes-lrw-benbi, the key must be 256, 320 or 384.
 245          The first 128, 192 or 256 bits in the key are used for AES and the
 246          rest is used to tie each cipher block to its logical position.
 247
 248config CRYPTO_PCBC
 249        tristate "PCBC support"
 250        select CRYPTO_BLKCIPHER
 251        select CRYPTO_MANAGER
 252        help
 253          PCBC: Propagating Cipher Block Chaining mode
 254          This block cipher algorithm is required for RxRPC.
 255
 256config CRYPTO_XTS
 257        tristate "XTS support (EXPERIMENTAL)"
 258        depends on EXPERIMENTAL
 259        select CRYPTO_BLKCIPHER
 260        select CRYPTO_MANAGER
 261        select CRYPTO_GF128MUL
 262        help
 263          XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
 264          key size 256, 384 or 512 bits. This implementation currently
 265          can't handle a sectorsize which is not a multiple of 16 bytes.
 266
 267comment "Hash modes"
 268
 269config CRYPTO_HMAC
 270        tristate "HMAC support"
 271        select CRYPTO_HASH
 272        select CRYPTO_MANAGER
 273        help
 274          HMAC: Keyed-Hashing for Message Authentication (RFC2104).
 275          This is required for IPSec.
 276
 277config CRYPTO_XCBC
 278        tristate "XCBC support"
 279        depends on EXPERIMENTAL
 280        select CRYPTO_HASH
 281        select CRYPTO_MANAGER
 282        help
 283          XCBC: Keyed-Hashing with encryption algorithm
 284                http://www.ietf.org/rfc/rfc3566.txt
 285                http://csrc.nist.gov/encryption/modes/proposedmodes/
 286                 xcbc-mac/xcbc-mac-spec.pdf
 287
 288config CRYPTO_VMAC
 289        tristate "VMAC support"
 290        depends on EXPERIMENTAL
 291        select CRYPTO_HASH
 292        select CRYPTO_MANAGER
 293        help
 294          VMAC is a message authentication algorithm designed for
 295          very high speed on 64-bit architectures.
 296
 297          See also:
 298          <http://fastcrypto.org/vmac>
 299
 300comment "Digest"
 301
 302config CRYPTO_CRC32C
 303        tristate "CRC32c CRC algorithm"
 304        select CRYPTO_HASH
 305        help
 306          Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
 307          by iSCSI for header and data digests and by others.
 308          See Castagnoli93.  Module will be crc32c.
 309
 310config CRYPTO_CRC32C_INTEL
 311        tristate "CRC32c INTEL hardware acceleration"
 312        depends on X86
 313        select CRYPTO_HASH
 314        help
 315          In Intel processor with SSE4.2 supported, the processor will
 316          support CRC32C implementation using hardware accelerated CRC32
 317          instruction. This option will create 'crc32c-intel' module,
 318          which will enable any routine to use the CRC32 instruction to
 319          gain performance compared with software implementation.
 320          Module will be crc32c-intel.
 321
 322config CRYPTO_GHASH
 323        tristate "GHASH digest algorithm"
 324        select CRYPTO_SHASH
 325        select CRYPTO_GF128MUL
 326        help
 327          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 328
 329config CRYPTO_MD4
 330        tristate "MD4 digest algorithm"
 331        select CRYPTO_HASH
 332        help
 333          MD4 message digest algorithm (RFC1320).
 334
 335config CRYPTO_MD5
 336        tristate "MD5 digest algorithm"
 337        select CRYPTO_HASH
 338        help
 339          MD5 message digest algorithm (RFC1321).
 340
 341config CRYPTO_MICHAEL_MIC
 342        tristate "Michael MIC keyed digest algorithm"
 343        select CRYPTO_HASH
 344        help
 345          Michael MIC is used for message integrity protection in TKIP
 346          (IEEE 802.11i). This algorithm is required for TKIP, but it
 347          should not be used for other purposes because of the weakness
 348          of the algorithm.
 349
 350config CRYPTO_RMD128
 351        tristate "RIPEMD-128 digest algorithm"
 352        select CRYPTO_HASH
 353        help
 354          RIPEMD-128 (ISO/IEC 10118-3:2004).
 355
 356          RIPEMD-128 is a 128-bit cryptographic hash function. It should only
 357          be used as a secure replacement for RIPEMD. For other use cases,
 358          RIPEMD-160 should be used.
 359
 360          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 361          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 362
 363config CRYPTO_RMD160
 364        tristate "RIPEMD-160 digest algorithm"
 365        select CRYPTO_HASH
 366        help
 367          RIPEMD-160 (ISO/IEC 10118-3:2004).
 368
 369          RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
 370          to be used as a secure replacement for the 128-bit hash functions
 371          MD4, MD5 and it's predecessor RIPEMD
 372          (not to be confused with RIPEMD-128).
 373
 374          It's speed is comparable to SHA1 and there are no known attacks
 375          against RIPEMD-160.
 376
 377          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 378          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 379
 380config CRYPTO_RMD256
 381        tristate "RIPEMD-256 digest algorithm"
 382        select CRYPTO_HASH
 383        help
 384          RIPEMD-256 is an optional extension of RIPEMD-128 with a
 385          256 bit hash. It is intended for applications that require
 386          longer hash-results, without needing a larger security level
 387          (than RIPEMD-128).
 388
 389          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 390          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 391
 392config CRYPTO_RMD320
 393        tristate "RIPEMD-320 digest algorithm"
 394        select CRYPTO_HASH
 395        help
 396          RIPEMD-320 is an optional extension of RIPEMD-160 with a
 397          320 bit hash. It is intended for applications that require
 398          longer hash-results, without needing a larger security level
 399          (than RIPEMD-160).
 400
 401          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 402          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 403
 404config CRYPTO_SHA1
 405        tristate "SHA1 digest algorithm"
 406        select CRYPTO_HASH
 407        help
 408          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
 409
 410config CRYPTO_SHA256
 411        tristate "SHA224 and SHA256 digest algorithm"
 412        select CRYPTO_HASH
 413        help
 414          SHA256 secure hash standard (DFIPS 180-2).
 415
 416          This version of SHA implements a 256 bit hash with 128 bits of
 417          security against collision attacks.
 418
 419          This code also includes SHA-224, a 224 bit hash with 112 bits
 420          of security against collision attacks.
 421
 422config CRYPTO_SHA512
 423        tristate "SHA384 and SHA512 digest algorithms"
 424        select CRYPTO_HASH
 425        help
 426          SHA512 secure hash standard (DFIPS 180-2).
 427
 428          This version of SHA implements a 512 bit hash with 256 bits of
 429          security against collision attacks.
 430
 431          This code also includes SHA-384, a 384 bit hash with 192 bits
 432          of security against collision attacks.
 433
 434config CRYPTO_TGR192
 435        tristate "Tiger digest algorithms"
 436        select CRYPTO_HASH
 437        help
 438          Tiger hash algorithm 192, 160 and 128-bit hashes
 439
 440          Tiger is a hash function optimized for 64-bit processors while
 441          still having decent performance on 32-bit processors.
 442          Tiger was developed by Ross Anderson and Eli Biham.
 443
 444          See also:
 445          <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
 446
 447config CRYPTO_WP512
 448        tristate "Whirlpool digest algorithms"
 449        select CRYPTO_HASH
 450        help
 451          Whirlpool hash algorithm 512, 384 and 256-bit hashes
 452
 453          Whirlpool-512 is part of the NESSIE cryptographic primitives.
 454          Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
 455
 456          See also:
 457          <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
 458
 459config CRYPTO_GHASH_CLMUL_NI_INTEL
 460        tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
 461        depends on X86 && 64BIT
 462        select CRYPTO_SHASH
 463        select CRYPTO_CRYPTD
 464        help
 465          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 466          The implementation is accelerated by CLMUL-NI of Intel.
 467
 468comment "Ciphers"
 469
 470config CRYPTO_AES
 471        tristate "AES cipher algorithms"
 472        select CRYPTO_ALGAPI
 473        help
 474          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 475          algorithm.
 476
 477          Rijndael appears to be consistently a very good performer in
 478          both hardware and software across a wide range of computing
 479          environments regardless of its use in feedback or non-feedback
 480          modes. Its key setup time is excellent, and its key agility is
 481          good. Rijndael's very low memory requirements make it very well
 482          suited for restricted-space environments, in which it also
 483          demonstrates excellent performance. Rijndael's operations are
 484          among the easiest to defend against power and timing attacks.
 485
 486          The AES specifies three key sizes: 128, 192 and 256 bits
 487
 488          See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
 489
 490config CRYPTO_AES_586
 491        tristate "AES cipher algorithms (i586)"
 492        depends on (X86 || UML_X86) && !64BIT
 493        select CRYPTO_ALGAPI
 494        select CRYPTO_AES
 495        help
 496          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 497          algorithm.
 498
 499          Rijndael appears to be consistently a very good performer in
 500          both hardware and software across a wide range of computing
 501          environments regardless of its use in feedback or non-feedback
 502          modes. Its key setup time is excellent, and its key agility is
 503          good. Rijndael's very low memory requirements make it very well
 504          suited for restricted-space environments, in which it also
 505          demonstrates excellent performance. Rijndael's operations are
 506          among the easiest to defend against power and timing attacks.
 507
 508          The AES specifies three key sizes: 128, 192 and 256 bits
 509
 510          See <http://csrc.nist.gov/encryption/aes/> for more information.
 511
 512config CRYPTO_AES_X86_64
 513        tristate "AES cipher algorithms (x86_64)"
 514        depends on (X86 || UML_X86) && 64BIT
 515        select CRYPTO_ALGAPI
 516        select CRYPTO_AES
 517        help
 518          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 519          algorithm.
 520
 521          Rijndael appears to be consistently a very good performer in
 522          both hardware and software across a wide range of computing
 523          environments regardless of its use in feedback or non-feedback
 524          modes. Its key setup time is excellent, and its key agility is
 525          good. Rijndael's very low memory requirements make it very well
 526          suited for restricted-space environments, in which it also
 527          demonstrates excellent performance. Rijndael's operations are
 528          among the easiest to defend against power and timing attacks.
 529
 530          The AES specifies three key sizes: 128, 192 and 256 bits
 531
 532          See <http://csrc.nist.gov/encryption/aes/> for more information.
 533
 534config CRYPTO_AES_NI_INTEL
 535        tristate "AES cipher algorithms (AES-NI)"
 536        depends on X86
 537        select CRYPTO_AES_X86_64 if 64BIT
 538        select CRYPTO_AES_586 if !64BIT
 539        select CRYPTO_CRYPTD
 540        select CRYPTO_ALGAPI
 541        help
 542          Use Intel AES-NI instructions for AES algorithm.
 543
 544          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 545          algorithm.
 546
 547          Rijndael appears to be consistently a very good performer in
 548          both hardware and software across a wide range of computing
 549          environments regardless of its use in feedback or non-feedback
 550          modes. Its key setup time is excellent, and its key agility is
 551          good. Rijndael's very low memory requirements make it very well
 552          suited for restricted-space environments, in which it also
 553          demonstrates excellent performance. Rijndael's operations are
 554          among the easiest to defend against power and timing attacks.
 555
 556          The AES specifies three key sizes: 128, 192 and 256 bits
 557
 558          See <http://csrc.nist.gov/encryption/aes/> for more information.
 559
 560          In addition to AES cipher algorithm support, the acceleration
 561          for some popular block cipher mode is supported too, including
 562          ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
 563          acceleration for CTR.
 564
 565config CRYPTO_ANUBIS
 566        tristate "Anubis cipher algorithm"
 567        select CRYPTO_ALGAPI
 568        help
 569          Anubis cipher algorithm.
 570
 571          Anubis is a variable key length cipher which can use keys from
 572          128 bits to 320 bits in length.  It was evaluated as a entrant
 573          in the NESSIE competition.
 574
 575          See also:
 576          <https://www.cosic.esat.kuleuven.be/nessie/reports/>
 577          <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
 578
 579config CRYPTO_ARC4
 580        tristate "ARC4 cipher algorithm"
 581        select CRYPTO_ALGAPI
 582        help
 583          ARC4 cipher algorithm.
 584
 585          ARC4 is a stream cipher using keys ranging from 8 bits to 2048
 586          bits in length.  This algorithm is required for driver-based
 587          WEP, but it should not be for other purposes because of the
 588          weakness of the algorithm.
 589
 590config CRYPTO_BLOWFISH
 591        tristate "Blowfish cipher algorithm"
 592        select CRYPTO_ALGAPI
 593        help
 594          Blowfish cipher algorithm, by Bruce Schneier.
 595
 596          This is a variable key length cipher which can use keys from 32
 597          bits to 448 bits in length.  It's fast, simple and specifically
 598          designed for use on "large microprocessors".
 599
 600          See also:
 601          <http://www.schneier.com/blowfish.html>
 602
 603config CRYPTO_CAMELLIA
 604        tristate "Camellia cipher algorithms"
 605        depends on CRYPTO
 606        select CRYPTO_ALGAPI
 607        help
 608          Camellia cipher algorithms module.
 609
 610          Camellia is a symmetric key block cipher developed jointly
 611          at NTT and Mitsubishi Electric Corporation.
 612
 613          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 614
 615          See also:
 616          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 617
 618config CRYPTO_CAST5
 619        tristate "CAST5 (CAST-128) cipher algorithm"
 620        select CRYPTO_ALGAPI
 621        help
 622          The CAST5 encryption algorithm (synonymous with CAST-128) is
 623          described in RFC2144.
 624
 625config CRYPTO_CAST6
 626        tristate "CAST6 (CAST-256) cipher algorithm"
 627        select CRYPTO_ALGAPI
 628        help
 629          The CAST6 encryption algorithm (synonymous with CAST-256) is
 630          described in RFC2612.
 631
 632config CRYPTO_DES
 633        tristate "DES and Triple DES EDE cipher algorithms"
 634        select CRYPTO_ALGAPI
 635        help
 636          DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
 637
 638config CRYPTO_FCRYPT
 639        tristate "FCrypt cipher algorithm"
 640        select CRYPTO_ALGAPI
 641        select CRYPTO_BLKCIPHER
 642        help
 643          FCrypt algorithm used by RxRPC.
 644
 645config CRYPTO_KHAZAD
 646        tristate "Khazad cipher algorithm"
 647        select CRYPTO_ALGAPI
 648        help
 649          Khazad cipher algorithm.
 650
 651          Khazad was a finalist in the initial NESSIE competition.  It is
 652          an algorithm optimized for 64-bit processors with good performance
 653          on 32-bit processors.  Khazad uses an 128 bit key size.
 654
 655          See also:
 656          <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
 657
 658config CRYPTO_SALSA20
 659        tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
 660        depends on EXPERIMENTAL
 661        select CRYPTO_BLKCIPHER
 662        help
 663          Salsa20 stream cipher algorithm.
 664
 665          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 666          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 667
 668          The Salsa20 stream cipher algorithm is designed by Daniel J.
 669          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 670
 671config CRYPTO_SALSA20_586
 672        tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
 673        depends on (X86 || UML_X86) && !64BIT
 674        depends on EXPERIMENTAL
 675        select CRYPTO_BLKCIPHER
 676        help
 677          Salsa20 stream cipher algorithm.
 678
 679          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 680          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 681
 682          The Salsa20 stream cipher algorithm is designed by Daniel J.
 683          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 684
 685config CRYPTO_SALSA20_X86_64
 686        tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
 687        depends on (X86 || UML_X86) && 64BIT
 688        depends on EXPERIMENTAL
 689        select CRYPTO_BLKCIPHER
 690        help
 691          Salsa20 stream cipher algorithm.
 692
 693          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 694          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 695
 696          The Salsa20 stream cipher algorithm is designed by Daniel J.
 697          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 698
 699config CRYPTO_SEED
 700        tristate "SEED cipher algorithm"
 701        select CRYPTO_ALGAPI
 702        help
 703          SEED cipher algorithm (RFC4269).
 704
 705          SEED is a 128-bit symmetric key block cipher that has been
 706          developed by KISA (Korea Information Security Agency) as a
 707          national standard encryption algorithm of the Republic of Korea.
 708          It is a 16 round block cipher with the key size of 128 bit.
 709
 710          See also:
 711          <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
 712
 713config CRYPTO_SERPENT
 714        tristate "Serpent cipher algorithm"
 715        select CRYPTO_ALGAPI
 716        help
 717          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 718
 719          Keys are allowed to be from 0 to 256 bits in length, in steps
 720          of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
 721          variant of Serpent for compatibility with old kerneli.org code.
 722
 723          See also:
 724          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 725
 726config CRYPTO_TEA
 727        tristate "TEA, XTEA and XETA cipher algorithms"
 728        select CRYPTO_ALGAPI
 729        help
 730          TEA cipher algorithm.
 731
 732          Tiny Encryption Algorithm is a simple cipher that uses
 733          many rounds for security.  It is very fast and uses
 734          little memory.
 735
 736          Xtendend Tiny Encryption Algorithm is a modification to
 737          the TEA algorithm to address a potential key weakness
 738          in the TEA algorithm.
 739
 740          Xtendend Encryption Tiny Algorithm is a mis-implementation
 741          of the XTEA algorithm for compatibility purposes.
 742
 743config CRYPTO_TWOFISH
 744        tristate "Twofish cipher algorithm"
 745        select CRYPTO_ALGAPI
 746        select CRYPTO_TWOFISH_COMMON
 747        help
 748          Twofish cipher algorithm.
 749
 750          Twofish was submitted as an AES (Advanced Encryption Standard)
 751          candidate cipher by researchers at CounterPane Systems.  It is a
 752          16 round block cipher supporting key sizes of 128, 192, and 256
 753          bits.
 754
 755          See also:
 756          <http://www.schneier.com/twofish.html>
 757
 758config CRYPTO_TWOFISH_COMMON
 759        tristate
 760        help
 761          Common parts of the Twofish cipher algorithm shared by the
 762          generic c and the assembler implementations.
 763
 764config CRYPTO_TWOFISH_586
 765        tristate "Twofish cipher algorithms (i586)"
 766        depends on (X86 || UML_X86) && !64BIT
 767        select CRYPTO_ALGAPI
 768        select CRYPTO_TWOFISH_COMMON
 769        help
 770          Twofish cipher algorithm.
 771
 772          Twofish was submitted as an AES (Advanced Encryption Standard)
 773          candidate cipher by researchers at CounterPane Systems.  It is a
 774          16 round block cipher supporting key sizes of 128, 192, and 256
 775          bits.
 776
 777          See also:
 778          <http://www.schneier.com/twofish.html>
 779
 780config CRYPTO_TWOFISH_X86_64
 781        tristate "Twofish cipher algorithm (x86_64)"
 782        depends on (X86 || UML_X86) && 64BIT
 783        select CRYPTO_ALGAPI
 784        select CRYPTO_TWOFISH_COMMON
 785        help
 786          Twofish cipher algorithm (x86_64).
 787
 788          Twofish was submitted as an AES (Advanced Encryption Standard)
 789          candidate cipher by researchers at CounterPane Systems.  It is a
 790          16 round block cipher supporting key sizes of 128, 192, and 256
 791          bits.
 792
 793          See also:
 794          <http://www.schneier.com/twofish.html>
 795
 796comment "Compression"
 797
 798config CRYPTO_DEFLATE
 799        tristate "Deflate compression algorithm"
 800        select CRYPTO_ALGAPI
 801        select ZLIB_INFLATE
 802        select ZLIB_DEFLATE
 803        help
 804          This is the Deflate algorithm (RFC1951), specified for use in
 805          IPSec with the IPCOMP protocol (RFC3173, RFC2394).
 806
 807          You will most probably want this if using IPSec.
 808
 809config CRYPTO_ZLIB
 810        tristate "Zlib compression algorithm"
 811        select CRYPTO_PCOMP
 812        select ZLIB_INFLATE
 813        select ZLIB_DEFLATE
 814        select NLATTR
 815        help
 816          This is the zlib algorithm.
 817
 818config CRYPTO_LZO
 819        tristate "LZO compression algorithm"
 820        select CRYPTO_ALGAPI
 821        select LZO_COMPRESS
 822        select LZO_DECOMPRESS
 823        help
 824          This is the LZO algorithm.
 825
 826comment "Random Number Generation"
 827
 828config CRYPTO_ANSI_CPRNG
 829        tristate "Pseudo Random Number Generation for Cryptographic modules"
 830        default m
 831        select CRYPTO_AES
 832        select CRYPTO_RNG
 833        help
 834          This option enables the generic pseudo random number generator
 835          for cryptographic modules.  Uses the Algorithm specified in
 836          ANSI X9.31 A.2.4. Note that this option must be enabled if
 837          CRYPTO_FIPS is selected
 838
 839config CRYPTO_USER_API
 840        tristate
 841
 842config CRYPTO_USER_API_HASH
 843        tristate "User-space interface for hash algorithms"
 844        depends on NET
 845        select CRYPTO_HASH
 846        select CRYPTO_USER_API
 847        help
 848          This option enables the user-spaces interface for hash
 849          algorithms.
 850
 851config CRYPTO_USER_API_SKCIPHER
 852        tristate "User-space interface for symmetric key cipher algorithms"
 853        depends on NET
 854        select CRYPTO_BLKCIPHER
 855        select CRYPTO_USER_API
 856        help
 857          This option enables the user-spaces interface for symmetric
 858          key cipher algorithms.
 859
 860source "drivers/crypto/Kconfig"
 861
 862endif   # if CRYPTO
 863
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.