linux/crypto/Kconfig
<<
>>
Prefs
   1#
   2# Generic algorithms support
   3#
   4config XOR_BLOCKS
   5        tristate
   6
   7#
   8# async_tx api: hardware offloaded memory transfer/transform support
   9#
  10source "crypto/async_tx/Kconfig"
  11
  12#
  13# Cryptographic API Configuration
  14#
  15menuconfig CRYPTO
  16        tristate "Cryptographic API"
  17        help
  18          This option provides the core Cryptographic API.
  19
  20if CRYPTO
  21
  22comment "Crypto core or helper"
  23
  24config CRYPTO_FIPS
  25        bool "FIPS 200 compliance"
  26        depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
  27        help
  28          This options enables the fips boot option which is
  29          required if you want to system to operate in a FIPS 200
  30          certification.  You should say no unless you know what
  31          this is.
  32
  33config CRYPTO_ALGAPI
  34        tristate
  35        select CRYPTO_ALGAPI2
  36        help
  37          This option provides the API for cryptographic algorithms.
  38
  39config CRYPTO_ALGAPI2
  40        tristate
  41
  42config CRYPTO_AEAD
  43        tristate
  44        select CRYPTO_AEAD2
  45        select CRYPTO_ALGAPI
  46
  47config CRYPTO_AEAD2
  48        tristate
  49        select CRYPTO_ALGAPI2
  50
  51config CRYPTO_BLKCIPHER
  52        tristate
  53        select CRYPTO_BLKCIPHER2
  54        select CRYPTO_ALGAPI
  55
  56config CRYPTO_BLKCIPHER2
  57        tristate
  58        select CRYPTO_ALGAPI2
  59        select CRYPTO_RNG2
  60        select CRYPTO_WORKQUEUE
  61
  62config CRYPTO_HASH
  63        tristate
  64        select CRYPTO_HASH2
  65        select CRYPTO_ALGAPI
  66
  67config CRYPTO_HASH2
  68        tristate
  69        select CRYPTO_ALGAPI2
  70
  71config CRYPTO_RNG
  72        tristate
  73        select CRYPTO_RNG2
  74        select CRYPTO_ALGAPI
  75
  76config CRYPTO_RNG2
  77        tristate
  78        select CRYPTO_ALGAPI2
  79
  80config CRYPTO_PCOMP
  81        tristate
  82        select CRYPTO_PCOMP2
  83        select CRYPTO_ALGAPI
  84
  85config CRYPTO_PCOMP2
  86        tristate
  87        select CRYPTO_ALGAPI2
  88
  89config CRYPTO_MANAGER
  90        tristate "Cryptographic algorithm manager"
  91        select CRYPTO_MANAGER2
  92        help
  93          Create default cryptographic template instantiations such as
  94          cbc(aes).
  95
  96config CRYPTO_MANAGER2
  97        def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
  98        select CRYPTO_AEAD2
  99        select CRYPTO_HASH2
 100        select CRYPTO_BLKCIPHER2
 101        select CRYPTO_PCOMP2
 102
 103config CRYPTO_USER
 104        tristate "Userspace cryptographic algorithm configuration"
 105        depends on NET
 106        select CRYPTO_MANAGER
 107        help
 108          Userspace configuration for cryptographic instantiations such as
 109          cbc(aes).
 110
 111config CRYPTO_MANAGER_DISABLE_TESTS
 112        bool "Disable run-time self tests"
 113        default y
 114        depends on CRYPTO_MANAGER2
 115        help
 116          Disable run-time self tests that normally take place at
 117          algorithm registration.
 118
 119config CRYPTO_GF128MUL
 120        tristate "GF(2^128) multiplication functions"
 121        help
 122          Efficient table driven implementation of multiplications in the
 123          field GF(2^128).  This is needed by some cypher modes. This
 124          option will be selected automatically if you select such a
 125          cipher mode.  Only select this option by hand if you expect to load
 126          an external module that requires these functions.
 127
 128config CRYPTO_NULL
 129        tristate "Null algorithms"
 130        select CRYPTO_ALGAPI
 131        select CRYPTO_BLKCIPHER
 132        select CRYPTO_HASH
 133        help
 134          These are 'Null' algorithms, used by IPsec, which do nothing.
 135
 136config CRYPTO_PCRYPT
 137        tristate "Parallel crypto engine (EXPERIMENTAL)"
 138        depends on SMP && EXPERIMENTAL
 139        select PADATA
 140        select CRYPTO_MANAGER
 141        select CRYPTO_AEAD
 142        help
 143          This converts an arbitrary crypto algorithm into a parallel
 144          algorithm that executes in kernel threads.
 145
 146config CRYPTO_WORKQUEUE
 147       tristate
 148
 149config CRYPTO_CRYPTD
 150        tristate "Software async crypto daemon"
 151        select CRYPTO_BLKCIPHER
 152        select CRYPTO_HASH
 153        select CRYPTO_MANAGER
 154        select CRYPTO_WORKQUEUE
 155        help
 156          This is a generic software asynchronous crypto daemon that
 157          converts an arbitrary synchronous software crypto algorithm
 158          into an asynchronous algorithm that executes in a kernel thread.
 159
 160config CRYPTO_AUTHENC
 161        tristate "Authenc support"
 162        select CRYPTO_AEAD
 163        select CRYPTO_BLKCIPHER
 164        select CRYPTO_MANAGER
 165        select CRYPTO_HASH
 166        help
 167          Authenc: Combined mode wrapper for IPsec.
 168          This is required for IPSec.
 169
 170config CRYPTO_TEST
 171        tristate "Testing module"
 172        depends on m
 173        select CRYPTO_MANAGER
 174        help
 175          Quick & dirty crypto test module.
 176
 177comment "Authenticated Encryption with Associated Data"
 178
 179config CRYPTO_CCM
 180        tristate "CCM support"
 181        select CRYPTO_CTR
 182        select CRYPTO_AEAD
 183        help
 184          Support for Counter with CBC MAC. Required for IPsec.
 185
 186config CRYPTO_GCM
 187        tristate "GCM/GMAC support"
 188        select CRYPTO_CTR
 189        select CRYPTO_AEAD
 190        select CRYPTO_GHASH
 191        help
 192          Support for Galois/Counter Mode (GCM) and Galois Message
 193          Authentication Code (GMAC). Required for IPSec.
 194
 195config CRYPTO_SEQIV
 196        tristate "Sequence Number IV Generator"
 197        select CRYPTO_AEAD
 198        select CRYPTO_BLKCIPHER
 199        select CRYPTO_RNG
 200        help
 201          This IV generator generates an IV based on a sequence number by
 202          xoring it with a salt.  This algorithm is mainly useful for CTR
 203
 204comment "Block modes"
 205
 206config CRYPTO_CBC
 207        tristate "CBC support"
 208        select CRYPTO_BLKCIPHER
 209        select CRYPTO_MANAGER
 210        help
 211          CBC: Cipher Block Chaining mode
 212          This block cipher algorithm is required for IPSec.
 213
 214config CRYPTO_CTR
 215        tristate "CTR support"
 216        select CRYPTO_BLKCIPHER
 217        select CRYPTO_SEQIV
 218        select CRYPTO_MANAGER
 219        help
 220          CTR: Counter mode
 221          This block cipher algorithm is required for IPSec.
 222
 223config CRYPTO_CTS
 224        tristate "CTS support"
 225        select CRYPTO_BLKCIPHER
 226        help
 227          CTS: Cipher Text Stealing
 228          This is the Cipher Text Stealing mode as described by
 229          Section 8 of rfc2040 and referenced by rfc3962.
 230          (rfc3962 includes errata information in its Appendix A)
 231          This mode is required for Kerberos gss mechanism support
 232          for AES encryption.
 233
 234config CRYPTO_ECB
 235        tristate "ECB support"
 236        select CRYPTO_BLKCIPHER
 237        select CRYPTO_MANAGER
 238        help
 239          ECB: Electronic CodeBook mode
 240          This is the simplest block cipher algorithm.  It simply encrypts
 241          the input block by block.
 242
 243config CRYPTO_LRW
 244        tristate "LRW support"
 245        select CRYPTO_BLKCIPHER
 246        select CRYPTO_MANAGER
 247        select CRYPTO_GF128MUL
 248        help
 249          LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
 250          narrow block cipher mode for dm-crypt.  Use it with cipher
 251          specification string aes-lrw-benbi, the key must be 256, 320 or 384.
 252          The first 128, 192 or 256 bits in the key are used for AES and the
 253          rest is used to tie each cipher block to its logical position.
 254
 255config CRYPTO_PCBC
 256        tristate "PCBC support"
 257        select CRYPTO_BLKCIPHER
 258        select CRYPTO_MANAGER
 259        help
 260          PCBC: Propagating Cipher Block Chaining mode
 261          This block cipher algorithm is required for RxRPC.
 262
 263config CRYPTO_XTS
 264        tristate "XTS support"
 265        select CRYPTO_BLKCIPHER
 266        select CRYPTO_MANAGER
 267        select CRYPTO_GF128MUL
 268        help
 269          XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
 270          key size 256, 384 or 512 bits. This implementation currently
 271          can't handle a sectorsize which is not a multiple of 16 bytes.
 272
 273comment "Hash modes"
 274
 275config CRYPTO_HMAC
 276        tristate "HMAC support"
 277        select CRYPTO_HASH
 278        select CRYPTO_MANAGER
 279        help
 280          HMAC: Keyed-Hashing for Message Authentication (RFC2104).
 281          This is required for IPSec.
 282
 283config CRYPTO_XCBC
 284        tristate "XCBC support"
 285        depends on EXPERIMENTAL
 286        select CRYPTO_HASH
 287        select CRYPTO_MANAGER
 288        help
 289          XCBC: Keyed-Hashing with encryption algorithm
 290                http://www.ietf.org/rfc/rfc3566.txt
 291                http://csrc.nist.gov/encryption/modes/proposedmodes/
 292                 xcbc-mac/xcbc-mac-spec.pdf
 293
 294config CRYPTO_VMAC
 295        tristate "VMAC support"
 296        depends on EXPERIMENTAL
 297        select CRYPTO_HASH
 298        select CRYPTO_MANAGER
 299        help
 300          VMAC is a message authentication algorithm designed for
 301          very high speed on 64-bit architectures.
 302
 303          See also:
 304          <http://fastcrypto.org/vmac>
 305
 306comment "Digest"
 307
 308config CRYPTO_CRC32C
 309        tristate "CRC32c CRC algorithm"
 310        select CRYPTO_HASH
 311        select CRC32
 312        help
 313          Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
 314          by iSCSI for header and data digests and by others.
 315          See Castagnoli93.  Module will be crc32c.
 316
 317config CRYPTO_CRC32C_INTEL
 318        tristate "CRC32c INTEL hardware acceleration"
 319        depends on X86
 320        select CRYPTO_HASH
 321        help
 322          In Intel processor with SSE4.2 supported, the processor will
 323          support CRC32C implementation using hardware accelerated CRC32
 324          instruction. This option will create 'crc32c-intel' module,
 325          which will enable any routine to use the CRC32 instruction to
 326          gain performance compared with software implementation.
 327          Module will be crc32c-intel.
 328
 329config CRYPTO_GHASH
 330        tristate "GHASH digest algorithm"
 331        select CRYPTO_GF128MUL
 332        help
 333          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 334
 335config CRYPTO_MD4
 336        tristate "MD4 digest algorithm"
 337        select CRYPTO_HASH
 338        help
 339          MD4 message digest algorithm (RFC1320).
 340
 341config CRYPTO_MD5
 342        tristate "MD5 digest algorithm"
 343        select CRYPTO_HASH
 344        help
 345          MD5 message digest algorithm (RFC1321).
 346
 347config CRYPTO_MICHAEL_MIC
 348        tristate "Michael MIC keyed digest algorithm"
 349        select CRYPTO_HASH
 350        help
 351          Michael MIC is used for message integrity protection in TKIP
 352          (IEEE 802.11i). This algorithm is required for TKIP, but it
 353          should not be used for other purposes because of the weakness
 354          of the algorithm.
 355
 356config CRYPTO_RMD128
 357        tristate "RIPEMD-128 digest algorithm"
 358        select CRYPTO_HASH
 359        help
 360          RIPEMD-128 (ISO/IEC 10118-3:2004).
 361
 362          RIPEMD-128 is a 128-bit cryptographic hash function. It should only
 363          be used as a secure replacement for RIPEMD. For other use cases,
 364          RIPEMD-160 should be used.
 365
 366          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 367          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 368
 369config CRYPTO_RMD160
 370        tristate "RIPEMD-160 digest algorithm"
 371        select CRYPTO_HASH
 372        help
 373          RIPEMD-160 (ISO/IEC 10118-3:2004).
 374
 375          RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
 376          to be used as a secure replacement for the 128-bit hash functions
 377          MD4, MD5 and it's predecessor RIPEMD
 378          (not to be confused with RIPEMD-128).
 379
 380          It's speed is comparable to SHA1 and there are no known attacks
 381          against RIPEMD-160.
 382
 383          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 384          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 385
 386config CRYPTO_RMD256
 387        tristate "RIPEMD-256 digest algorithm"
 388        select CRYPTO_HASH
 389        help
 390          RIPEMD-256 is an optional extension of RIPEMD-128 with a
 391          256 bit hash. It is intended for applications that require
 392          longer hash-results, without needing a larger security level
 393          (than RIPEMD-128).
 394
 395          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 396          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 397
 398config CRYPTO_RMD320
 399        tristate "RIPEMD-320 digest algorithm"
 400        select CRYPTO_HASH
 401        help
 402          RIPEMD-320 is an optional extension of RIPEMD-160 with a
 403          320 bit hash. It is intended for applications that require
 404          longer hash-results, without needing a larger security level
 405          (than RIPEMD-160).
 406
 407          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 408          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 409
 410config CRYPTO_SHA1
 411        tristate "SHA1 digest algorithm"
 412        select CRYPTO_HASH
 413        help
 414          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
 415
 416config CRYPTO_SHA1_SSSE3
 417        tristate "SHA1 digest algorithm (SSSE3/AVX)"
 418        depends on X86 && 64BIT
 419        select CRYPTO_SHA1
 420        select CRYPTO_HASH
 421        help
 422          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
 423          using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
 424          Extensions (AVX), when available.
 425
 426config CRYPTO_SHA256
 427        tristate "SHA224 and SHA256 digest algorithm"
 428        select CRYPTO_HASH
 429        help
 430          SHA256 secure hash standard (DFIPS 180-2).
 431
 432          This version of SHA implements a 256 bit hash with 128 bits of
 433          security against collision attacks.
 434
 435          This code also includes SHA-224, a 224 bit hash with 112 bits
 436          of security against collision attacks.
 437
 438config CRYPTO_SHA512
 439        tristate "SHA384 and SHA512 digest algorithms"
 440        select CRYPTO_HASH
 441        help
 442          SHA512 secure hash standard (DFIPS 180-2).
 443
 444          This version of SHA implements a 512 bit hash with 256 bits of
 445          security against collision attacks.
 446
 447          This code also includes SHA-384, a 384 bit hash with 192 bits
 448          of security against collision attacks.
 449
 450config CRYPTO_TGR192
 451        tristate "Tiger digest algorithms"
 452        select CRYPTO_HASH
 453        help
 454          Tiger hash algorithm 192, 160 and 128-bit hashes
 455
 456          Tiger is a hash function optimized for 64-bit processors while
 457          still having decent performance on 32-bit processors.
 458          Tiger was developed by Ross Anderson and Eli Biham.
 459
 460          See also:
 461          <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
 462
 463config CRYPTO_WP512
 464        tristate "Whirlpool digest algorithms"
 465        select CRYPTO_HASH
 466        help
 467          Whirlpool hash algorithm 512, 384 and 256-bit hashes
 468
 469          Whirlpool-512 is part of the NESSIE cryptographic primitives.
 470          Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
 471
 472          See also:
 473          <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
 474
 475config CRYPTO_GHASH_CLMUL_NI_INTEL
 476        tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
 477        depends on X86 && 64BIT
 478        select CRYPTO_CRYPTD
 479        help
 480          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 481          The implementation is accelerated by CLMUL-NI of Intel.
 482
 483comment "Ciphers"
 484
 485config CRYPTO_AES
 486        tristate "AES cipher algorithms"
 487        select CRYPTO_ALGAPI
 488        help
 489          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 490          algorithm.
 491
 492          Rijndael appears to be consistently a very good performer in
 493          both hardware and software across a wide range of computing
 494          environments regardless of its use in feedback or non-feedback
 495          modes. Its key setup time is excellent, and its key agility is
 496          good. Rijndael's very low memory requirements make it very well
 497          suited for restricted-space environments, in which it also
 498          demonstrates excellent performance. Rijndael's operations are
 499          among the easiest to defend against power and timing attacks.
 500
 501          The AES specifies three key sizes: 128, 192 and 256 bits
 502
 503          See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
 504
 505config CRYPTO_AES_586
 506        tristate "AES cipher algorithms (i586)"
 507        depends on (X86 || UML_X86) && !64BIT
 508        select CRYPTO_ALGAPI
 509        select CRYPTO_AES
 510        help
 511          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 512          algorithm.
 513
 514          Rijndael appears to be consistently a very good performer in
 515          both hardware and software across a wide range of computing
 516          environments regardless of its use in feedback or non-feedback
 517          modes. Its key setup time is excellent, and its key agility is
 518          good. Rijndael's very low memory requirements make it very well
 519          suited for restricted-space environments, in which it also
 520          demonstrates excellent performance. Rijndael's operations are
 521          among the easiest to defend against power and timing attacks.
 522
 523          The AES specifies three key sizes: 128, 192 and 256 bits
 524
 525          See <http://csrc.nist.gov/encryption/aes/> for more information.
 526
 527config CRYPTO_AES_X86_64
 528        tristate "AES cipher algorithms (x86_64)"
 529        depends on (X86 || UML_X86) && 64BIT
 530        select CRYPTO_ALGAPI
 531        select CRYPTO_AES
 532        help
 533          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 534          algorithm.
 535
 536          Rijndael appears to be consistently a very good performer in
 537          both hardware and software across a wide range of computing
 538          environments regardless of its use in feedback or non-feedback
 539          modes. Its key setup time is excellent, and its key agility is
 540          good. Rijndael's very low memory requirements make it very well
 541          suited for restricted-space environments, in which it also
 542          demonstrates excellent performance. Rijndael's operations are
 543          among the easiest to defend against power and timing attacks.
 544
 545          The AES specifies three key sizes: 128, 192 and 256 bits
 546
 547          See <http://csrc.nist.gov/encryption/aes/> for more information.
 548
 549config CRYPTO_AES_NI_INTEL
 550        tristate "AES cipher algorithms (AES-NI)"
 551        depends on X86
 552        select CRYPTO_AES_X86_64 if 64BIT
 553        select CRYPTO_AES_586 if !64BIT
 554        select CRYPTO_CRYPTD
 555        select CRYPTO_ALGAPI
 556        help
 557          Use Intel AES-NI instructions for AES algorithm.
 558
 559          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 560          algorithm.
 561
 562          Rijndael appears to be consistently a very good performer in
 563          both hardware and software across a wide range of computing
 564          environments regardless of its use in feedback or non-feedback
 565          modes. Its key setup time is excellent, and its key agility is
 566          good. Rijndael's very low memory requirements make it very well
 567          suited for restricted-space environments, in which it also
 568          demonstrates excellent performance. Rijndael's operations are
 569          among the easiest to defend against power and timing attacks.
 570
 571          The AES specifies three key sizes: 128, 192 and 256 bits
 572
 573          See <http://csrc.nist.gov/encryption/aes/> for more information.
 574
 575          In addition to AES cipher algorithm support, the acceleration
 576          for some popular block cipher mode is supported too, including
 577          ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
 578          acceleration for CTR.
 579
 580config CRYPTO_ANUBIS
 581        tristate "Anubis cipher algorithm"
 582        select CRYPTO_ALGAPI
 583        help
 584          Anubis cipher algorithm.
 585
 586          Anubis is a variable key length cipher which can use keys from
 587          128 bits to 320 bits in length.  It was evaluated as a entrant
 588          in the NESSIE competition.
 589
 590          See also:
 591          <https://www.cosic.esat.kuleuven.be/nessie/reports/>
 592          <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
 593
 594config CRYPTO_ARC4
 595        tristate "ARC4 cipher algorithm"
 596        select CRYPTO_ALGAPI
 597        help
 598          ARC4 cipher algorithm.
 599
 600          ARC4 is a stream cipher using keys ranging from 8 bits to 2048
 601          bits in length.  This algorithm is required for driver-based
 602          WEP, but it should not be for other purposes because of the
 603          weakness of the algorithm.
 604
 605config CRYPTO_BLOWFISH
 606        tristate "Blowfish cipher algorithm"
 607        select CRYPTO_ALGAPI
 608        select CRYPTO_BLOWFISH_COMMON
 609        help
 610          Blowfish cipher algorithm, by Bruce Schneier.
 611
 612          This is a variable key length cipher which can use keys from 32
 613          bits to 448 bits in length.  It's fast, simple and specifically
 614          designed for use on "large microprocessors".
 615
 616          See also:
 617          <http://www.schneier.com/blowfish.html>
 618
 619config CRYPTO_BLOWFISH_COMMON
 620        tristate
 621        help
 622          Common parts of the Blowfish cipher algorithm shared by the
 623          generic c and the assembler implementations.
 624
 625          See also:
 626          <http://www.schneier.com/blowfish.html>
 627
 628config CRYPTO_BLOWFISH_X86_64
 629        tristate "Blowfish cipher algorithm (x86_64)"
 630        depends on X86 && 64BIT
 631        select CRYPTO_ALGAPI
 632        select CRYPTO_BLOWFISH_COMMON
 633        help
 634          Blowfish cipher algorithm (x86_64), by Bruce Schneier.
 635
 636          This is a variable key length cipher which can use keys from 32
 637          bits to 448 bits in length.  It's fast, simple and specifically
 638          designed for use on "large microprocessors".
 639
 640          See also:
 641          <http://www.schneier.com/blowfish.html>
 642
 643config CRYPTO_CAMELLIA
 644        tristate "Camellia cipher algorithms"
 645        depends on CRYPTO
 646        select CRYPTO_ALGAPI
 647        help
 648          Camellia cipher algorithms module.
 649
 650          Camellia is a symmetric key block cipher developed jointly
 651          at NTT and Mitsubishi Electric Corporation.
 652
 653          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 654
 655          See also:
 656          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 657
 658config CRYPTO_CAMELLIA_X86_64
 659        tristate "Camellia cipher algorithm (x86_64)"
 660        depends on X86 && 64BIT
 661        depends on CRYPTO
 662        select CRYPTO_ALGAPI
 663        select CRYPTO_LRW
 664        select CRYPTO_XTS
 665        help
 666          Camellia cipher algorithm module (x86_64).
 667
 668          Camellia is a symmetric key block cipher developed jointly
 669          at NTT and Mitsubishi Electric Corporation.
 670
 671          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 672
 673          See also:
 674          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 675
 676config CRYPTO_CAST5
 677        tristate "CAST5 (CAST-128) cipher algorithm"
 678        select CRYPTO_ALGAPI
 679        help
 680          The CAST5 encryption algorithm (synonymous with CAST-128) is
 681          described in RFC2144.
 682
 683config CRYPTO_CAST6
 684        tristate "CAST6 (CAST-256) cipher algorithm"
 685        select CRYPTO_ALGAPI
 686        help
 687          The CAST6 encryption algorithm (synonymous with CAST-256) is
 688          described in RFC2612.
 689
 690config CRYPTO_DES
 691        tristate "DES and Triple DES EDE cipher algorithms"
 692        select CRYPTO_ALGAPI
 693        help
 694          DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
 695
 696config CRYPTO_FCRYPT
 697        tristate "FCrypt cipher algorithm"
 698        select CRYPTO_ALGAPI
 699        select CRYPTO_BLKCIPHER
 700        help
 701          FCrypt algorithm used by RxRPC.
 702
 703config CRYPTO_KHAZAD
 704        tristate "Khazad cipher algorithm"
 705        select CRYPTO_ALGAPI
 706        help
 707          Khazad cipher algorithm.
 708
 709          Khazad was a finalist in the initial NESSIE competition.  It is
 710          an algorithm optimized for 64-bit processors with good performance
 711          on 32-bit processors.  Khazad uses an 128 bit key size.
 712
 713          See also:
 714          <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
 715
 716config CRYPTO_SALSA20
 717        tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
 718        depends on EXPERIMENTAL
 719        select CRYPTO_BLKCIPHER
 720        help
 721          Salsa20 stream cipher algorithm.
 722
 723          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 724          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 725
 726          The Salsa20 stream cipher algorithm is designed by Daniel J.
 727          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 728
 729config CRYPTO_SALSA20_586
 730        tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
 731        depends on (X86 || UML_X86) && !64BIT
 732        depends on EXPERIMENTAL
 733        select CRYPTO_BLKCIPHER
 734        help
 735          Salsa20 stream cipher algorithm.
 736
 737          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 738          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 739
 740          The Salsa20 stream cipher algorithm is designed by Daniel J.
 741          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 742
 743config CRYPTO_SALSA20_X86_64
 744        tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
 745        depends on (X86 || UML_X86) && 64BIT
 746        depends on EXPERIMENTAL
 747        select CRYPTO_BLKCIPHER
 748        help
 749          Salsa20 stream cipher algorithm.
 750
 751          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 752          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 753
 754          The Salsa20 stream cipher algorithm is designed by Daniel J.
 755          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 756
 757config CRYPTO_SEED
 758        tristate "SEED cipher algorithm"
 759        select CRYPTO_ALGAPI
 760        help
 761          SEED cipher algorithm (RFC4269).
 762
 763          SEED is a 128-bit symmetric key block cipher that has been
 764          developed by KISA (Korea Information Security Agency) as a
 765          national standard encryption algorithm of the Republic of Korea.
 766          It is a 16 round block cipher with the key size of 128 bit.
 767
 768          See also:
 769          <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
 770
 771config CRYPTO_SERPENT
 772        tristate "Serpent cipher algorithm"
 773        select CRYPTO_ALGAPI
 774        help
 775          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 776
 777          Keys are allowed to be from 0 to 256 bits in length, in steps
 778          of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
 779          variant of Serpent for compatibility with old kerneli.org code.
 780
 781          See also:
 782          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 783
 784config CRYPTO_SERPENT_SSE2_X86_64
 785        tristate "Serpent cipher algorithm (x86_64/SSE2)"
 786        depends on X86 && 64BIT
 787        select CRYPTO_ALGAPI
 788        select CRYPTO_CRYPTD
 789        select CRYPTO_SERPENT
 790        select CRYPTO_LRW
 791        select CRYPTO_XTS
 792        help
 793          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 794
 795          Keys are allowed to be from 0 to 256 bits in length, in steps
 796          of 8 bits.
 797
 798          This module provides Serpent cipher algorithm that processes eigth
 799          blocks parallel using SSE2 instruction set.
 800
 801          See also:
 802          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 803
 804config CRYPTO_SERPENT_SSE2_586
 805        tristate "Serpent cipher algorithm (i586/SSE2)"
 806        depends on X86 && !64BIT
 807        select CRYPTO_ALGAPI
 808        select CRYPTO_CRYPTD
 809        select CRYPTO_SERPENT
 810        select CRYPTO_LRW
 811        select CRYPTO_XTS
 812        help
 813          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 814
 815          Keys are allowed to be from 0 to 256 bits in length, in steps
 816          of 8 bits.
 817
 818          This module provides Serpent cipher algorithm that processes four
 819          blocks parallel using SSE2 instruction set.
 820
 821          See also:
 822          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 823
 824config CRYPTO_TEA
 825        tristate "TEA, XTEA and XETA cipher algorithms"
 826        select CRYPTO_ALGAPI
 827        help
 828          TEA cipher algorithm.
 829
 830          Tiny Encryption Algorithm is a simple cipher that uses
 831          many rounds for security.  It is very fast and uses
 832          little memory.
 833
 834          Xtendend Tiny Encryption Algorithm is a modification to
 835          the TEA algorithm to address a potential key weakness
 836          in the TEA algorithm.
 837
 838          Xtendend Encryption Tiny Algorithm is a mis-implementation
 839          of the XTEA algorithm for compatibility purposes.
 840
 841config CRYPTO_TWOFISH
 842        tristate "Twofish cipher algorithm"
 843        select CRYPTO_ALGAPI
 844        select CRYPTO_TWOFISH_COMMON
 845        help
 846          Twofish cipher algorithm.
 847
 848          Twofish was submitted as an AES (Advanced Encryption Standard)
 849          candidate cipher by researchers at CounterPane Systems.  It is a
 850          16 round block cipher supporting key sizes of 128, 192, and 256
 851          bits.
 852
 853          See also:
 854          <http://www.schneier.com/twofish.html>
 855
 856config CRYPTO_TWOFISH_COMMON
 857        tristate
 858        help
 859          Common parts of the Twofish cipher algorithm shared by the
 860          generic c and the assembler implementations.
 861
 862config CRYPTO_TWOFISH_586
 863        tristate "Twofish cipher algorithms (i586)"
 864        depends on (X86 || UML_X86) && !64BIT
 865        select CRYPTO_ALGAPI
 866        select CRYPTO_TWOFISH_COMMON
 867        help
 868          Twofish cipher algorithm.
 869
 870          Twofish was submitted as an AES (Advanced Encryption Standard)
 871          candidate cipher by researchers at CounterPane Systems.  It is a
 872          16 round block cipher supporting key sizes of 128, 192, and 256
 873          bits.
 874
 875          See also:
 876          <http://www.schneier.com/twofish.html>
 877
 878config CRYPTO_TWOFISH_X86_64
 879        tristate "Twofish cipher algorithm (x86_64)"
 880        depends on (X86 || UML_X86) && 64BIT
 881        select CRYPTO_ALGAPI
 882        select CRYPTO_TWOFISH_COMMON
 883        help
 884          Twofish cipher algorithm (x86_64).
 885
 886          Twofish was submitted as an AES (Advanced Encryption Standard)
 887          candidate cipher by researchers at CounterPane Systems.  It is a
 888          16 round block cipher supporting key sizes of 128, 192, and 256
 889          bits.
 890
 891          See also:
 892          <http://www.schneier.com/twofish.html>
 893
 894config CRYPTO_TWOFISH_X86_64_3WAY
 895        tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
 896        depends on X86 && 64BIT
 897        select CRYPTO_ALGAPI
 898        select CRYPTO_TWOFISH_COMMON
 899        select CRYPTO_TWOFISH_X86_64
 900        select CRYPTO_LRW
 901        select CRYPTO_XTS
 902        help
 903          Twofish cipher algorithm (x86_64, 3-way parallel).
 904
 905          Twofish was submitted as an AES (Advanced Encryption Standard)
 906          candidate cipher by researchers at CounterPane Systems.  It is a
 907          16 round block cipher supporting key sizes of 128, 192, and 256
 908          bits.
 909
 910          This module provides Twofish cipher algorithm that processes three
 911          blocks parallel, utilizing resources of out-of-order CPUs better.
 912
 913          See also:
 914          <http://www.schneier.com/twofish.html>
 915
 916comment "Compression"
 917
 918config CRYPTO_DEFLATE
 919        tristate "Deflate compression algorithm"
 920        select CRYPTO_ALGAPI
 921        select ZLIB_INFLATE
 922        select ZLIB_DEFLATE
 923        help
 924          This is the Deflate algorithm (RFC1951), specified for use in
 925          IPSec with the IPCOMP protocol (RFC3173, RFC2394).
 926
 927          You will most probably want this if using IPSec.
 928
 929config CRYPTO_ZLIB
 930        tristate "Zlib compression algorithm"
 931        select CRYPTO_PCOMP
 932        select ZLIB_INFLATE
 933        select ZLIB_DEFLATE
 934        select NLATTR
 935        help
 936          This is the zlib algorithm.
 937
 938config CRYPTO_LZO
 939        tristate "LZO compression algorithm"
 940        select CRYPTO_ALGAPI
 941        select LZO_COMPRESS
 942        select LZO_DECOMPRESS
 943        help
 944          This is the LZO algorithm.
 945
 946comment "Random Number Generation"
 947
 948config CRYPTO_ANSI_CPRNG
 949        tristate "Pseudo Random Number Generation for Cryptographic modules"
 950        default m
 951        select CRYPTO_AES
 952        select CRYPTO_RNG
 953        help
 954          This option enables the generic pseudo random number generator
 955          for cryptographic modules.  Uses the Algorithm specified in
 956          ANSI X9.31 A.2.4. Note that this option must be enabled if
 957          CRYPTO_FIPS is selected
 958
 959config CRYPTO_USER_API
 960        tristate
 961
 962config CRYPTO_USER_API_HASH
 963        tristate "User-space interface for hash algorithms"
 964        depends on NET
 965        select CRYPTO_HASH
 966        select CRYPTO_USER_API
 967        help
 968          This option enables the user-spaces interface for hash
 969          algorithms.
 970
 971config CRYPTO_USER_API_SKCIPHER
 972        tristate "User-space interface for symmetric key cipher algorithms"
 973        depends on NET
 974        select CRYPTO_BLKCIPHER
 975        select CRYPTO_USER_API
 976        help
 977          This option enables the user-spaces interface for symmetric
 978          key cipher algorithms.
 979
 980source "drivers/crypto/Kconfig"
 981
 982endif   # if CRYPTO
 983
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.