linux/crypto/Kconfig
<<
>>
Prefs
   1#
   2# Generic algorithms support
   3#
   4config XOR_BLOCKS
   5        tristate
   6
   7#
   8# async_tx api: hardware offloaded memory transfer/transform support
   9#
  10source "crypto/async_tx/Kconfig"
  11
  12#
  13# Cryptographic API Configuration
  14#
  15menuconfig CRYPTO
  16        tristate "Cryptographic API"
  17        help
  18          This option provides the core Cryptographic API.
  19
  20if CRYPTO
  21
  22comment "Crypto core or helper"
  23
  24config CRYPTO_FIPS
  25        bool "FIPS 200 compliance"
  26        depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
  27        help
  28          This options enables the fips boot option which is
  29          required if you want to system to operate in a FIPS 200
  30          certification.  You should say no unless you know what
  31          this is.
  32
  33config CRYPTO_ALGAPI
  34        tristate
  35        select CRYPTO_ALGAPI2
  36        help
  37          This option provides the API for cryptographic algorithms.
  38
  39config CRYPTO_ALGAPI2
  40        tristate
  41
  42config CRYPTO_AEAD
  43        tristate
  44        select CRYPTO_AEAD2
  45        select CRYPTO_ALGAPI
  46
  47config CRYPTO_AEAD2
  48        tristate
  49        select CRYPTO_ALGAPI2
  50
  51config CRYPTO_BLKCIPHER
  52        tristate
  53        select CRYPTO_BLKCIPHER2
  54        select CRYPTO_ALGAPI
  55
  56config CRYPTO_BLKCIPHER2
  57        tristate
  58        select CRYPTO_ALGAPI2
  59        select CRYPTO_RNG2
  60        select CRYPTO_WORKQUEUE
  61
  62config CRYPTO_HASH
  63        tristate
  64        select CRYPTO_HASH2
  65        select CRYPTO_ALGAPI
  66
  67config CRYPTO_HASH2
  68        tristate
  69        select CRYPTO_ALGAPI2
  70
  71config CRYPTO_RNG
  72        tristate
  73        select CRYPTO_RNG2
  74        select CRYPTO_ALGAPI
  75
  76config CRYPTO_RNG2
  77        tristate
  78        select CRYPTO_ALGAPI2
  79
  80config CRYPTO_PCOMP
  81        tristate
  82        select CRYPTO_PCOMP2
  83        select CRYPTO_ALGAPI
  84
  85config CRYPTO_PCOMP2
  86        tristate
  87        select CRYPTO_ALGAPI2
  88
  89config CRYPTO_MANAGER
  90        tristate "Cryptographic algorithm manager"
  91        select CRYPTO_MANAGER2
  92        help
  93          Create default cryptographic template instantiations such as
  94          cbc(aes).
  95
  96config CRYPTO_MANAGER2
  97        def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
  98        select CRYPTO_AEAD2
  99        select CRYPTO_HASH2
 100        select CRYPTO_BLKCIPHER2
 101        select CRYPTO_PCOMP2
 102
 103config CRYPTO_USER
 104        tristate "Userspace cryptographic algorithm configuration"
 105        depends on NET
 106        select CRYPTO_MANAGER
 107        help
 108          Userspace configuration for cryptographic instantiations such as
 109          cbc(aes).
 110
 111config CRYPTO_MANAGER_DISABLE_TESTS
 112        bool "Disable run-time self tests"
 113        default y
 114        depends on CRYPTO_MANAGER2
 115        help
 116          Disable run-time self tests that normally take place at
 117          algorithm registration.
 118
 119config CRYPTO_GF128MUL
 120        tristate "GF(2^128) multiplication functions"
 121        help
 122          Efficient table driven implementation of multiplications in the
 123          field GF(2^128).  This is needed by some cypher modes. This
 124          option will be selected automatically if you select such a
 125          cipher mode.  Only select this option by hand if you expect to load
 126          an external module that requires these functions.
 127
 128config CRYPTO_NULL
 129        tristate "Null algorithms"
 130        select CRYPTO_ALGAPI
 131        select CRYPTO_BLKCIPHER
 132        select CRYPTO_HASH
 133        help
 134          These are 'Null' algorithms, used by IPsec, which do nothing.
 135
 136config CRYPTO_PCRYPT
 137        tristate "Parallel crypto engine (EXPERIMENTAL)"
 138        depends on SMP && EXPERIMENTAL
 139        select PADATA
 140        select CRYPTO_MANAGER
 141        select CRYPTO_AEAD
 142        help
 143          This converts an arbitrary crypto algorithm into a parallel
 144          algorithm that executes in kernel threads.
 145
 146config CRYPTO_WORKQUEUE
 147       tristate
 148
 149config CRYPTO_CRYPTD
 150        tristate "Software async crypto daemon"
 151        select CRYPTO_BLKCIPHER
 152        select CRYPTO_HASH
 153        select CRYPTO_MANAGER
 154        select CRYPTO_WORKQUEUE
 155        help
 156          This is a generic software asynchronous crypto daemon that
 157          converts an arbitrary synchronous software crypto algorithm
 158          into an asynchronous algorithm that executes in a kernel thread.
 159
 160config CRYPTO_AUTHENC
 161        tristate "Authenc support"
 162        select CRYPTO_AEAD
 163        select CRYPTO_BLKCIPHER
 164        select CRYPTO_MANAGER
 165        select CRYPTO_HASH
 166        help
 167          Authenc: Combined mode wrapper for IPsec.
 168          This is required for IPSec.
 169
 170config CRYPTO_TEST
 171        tristate "Testing module"
 172        depends on m
 173        select CRYPTO_MANAGER
 174        help
 175          Quick & dirty crypto test module.
 176
 177config CRYPTO_ABLK_HELPER_X86
 178        tristate
 179        depends on X86
 180        select CRYPTO_CRYPTD
 181
 182config CRYPTO_GLUE_HELPER_X86
 183        tristate
 184        depends on X86
 185        select CRYPTO_ALGAPI
 186
 187comment "Authenticated Encryption with Associated Data"
 188
 189config CRYPTO_CCM
 190        tristate "CCM support"
 191        select CRYPTO_CTR
 192        select CRYPTO_AEAD
 193        help
 194          Support for Counter with CBC MAC. Required for IPsec.
 195
 196config CRYPTO_GCM
 197        tristate "GCM/GMAC support"
 198        select CRYPTO_CTR
 199        select CRYPTO_AEAD
 200        select CRYPTO_GHASH
 201        help
 202          Support for Galois/Counter Mode (GCM) and Galois Message
 203          Authentication Code (GMAC). Required for IPSec.
 204
 205config CRYPTO_SEQIV
 206        tristate "Sequence Number IV Generator"
 207        select CRYPTO_AEAD
 208        select CRYPTO_BLKCIPHER
 209        select CRYPTO_RNG
 210        help
 211          This IV generator generates an IV based on a sequence number by
 212          xoring it with a salt.  This algorithm is mainly useful for CTR
 213
 214comment "Block modes"
 215
 216config CRYPTO_CBC
 217        tristate "CBC support"
 218        select CRYPTO_BLKCIPHER
 219        select CRYPTO_MANAGER
 220        help
 221          CBC: Cipher Block Chaining mode
 222          This block cipher algorithm is required for IPSec.
 223
 224config CRYPTO_CTR
 225        tristate "CTR support"
 226        select CRYPTO_BLKCIPHER
 227        select CRYPTO_SEQIV
 228        select CRYPTO_MANAGER
 229        help
 230          CTR: Counter mode
 231          This block cipher algorithm is required for IPSec.
 232
 233config CRYPTO_CTS
 234        tristate "CTS support"
 235        select CRYPTO_BLKCIPHER
 236        help
 237          CTS: Cipher Text Stealing
 238          This is the Cipher Text Stealing mode as described by
 239          Section 8 of rfc2040 and referenced by rfc3962.
 240          (rfc3962 includes errata information in its Appendix A)
 241          This mode is required for Kerberos gss mechanism support
 242          for AES encryption.
 243
 244config CRYPTO_ECB
 245        tristate "ECB support"
 246        select CRYPTO_BLKCIPHER
 247        select CRYPTO_MANAGER
 248        help
 249          ECB: Electronic CodeBook mode
 250          This is the simplest block cipher algorithm.  It simply encrypts
 251          the input block by block.
 252
 253config CRYPTO_LRW
 254        tristate "LRW support"
 255        select CRYPTO_BLKCIPHER
 256        select CRYPTO_MANAGER
 257        select CRYPTO_GF128MUL
 258        help
 259          LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
 260          narrow block cipher mode for dm-crypt.  Use it with cipher
 261          specification string aes-lrw-benbi, the key must be 256, 320 or 384.
 262          The first 128, 192 or 256 bits in the key are used for AES and the
 263          rest is used to tie each cipher block to its logical position.
 264
 265config CRYPTO_PCBC
 266        tristate "PCBC support"
 267        select CRYPTO_BLKCIPHER
 268        select CRYPTO_MANAGER
 269        help
 270          PCBC: Propagating Cipher Block Chaining mode
 271          This block cipher algorithm is required for RxRPC.
 272
 273config CRYPTO_XTS
 274        tristate "XTS support"
 275        select CRYPTO_BLKCIPHER
 276        select CRYPTO_MANAGER
 277        select CRYPTO_GF128MUL
 278        help
 279          XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
 280          key size 256, 384 or 512 bits. This implementation currently
 281          can't handle a sectorsize which is not a multiple of 16 bytes.
 282
 283comment "Hash modes"
 284
 285config CRYPTO_HMAC
 286        tristate "HMAC support"
 287        select CRYPTO_HASH
 288        select CRYPTO_MANAGER
 289        help
 290          HMAC: Keyed-Hashing for Message Authentication (RFC2104).
 291          This is required for IPSec.
 292
 293config CRYPTO_XCBC
 294        tristate "XCBC support"
 295        depends on EXPERIMENTAL
 296        select CRYPTO_HASH
 297        select CRYPTO_MANAGER
 298        help
 299          XCBC: Keyed-Hashing with encryption algorithm
 300                http://www.ietf.org/rfc/rfc3566.txt
 301                http://csrc.nist.gov/encryption/modes/proposedmodes/
 302                 xcbc-mac/xcbc-mac-spec.pdf
 303
 304config CRYPTO_VMAC
 305        tristate "VMAC support"
 306        depends on EXPERIMENTAL
 307        select CRYPTO_HASH
 308        select CRYPTO_MANAGER
 309        help
 310          VMAC is a message authentication algorithm designed for
 311          very high speed on 64-bit architectures.
 312
 313          See also:
 314          <http://fastcrypto.org/vmac>
 315
 316comment "Digest"
 317
 318config CRYPTO_CRC32C
 319        tristate "CRC32c CRC algorithm"
 320        select CRYPTO_HASH
 321        select CRC32
 322        help
 323          Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
 324          by iSCSI for header and data digests and by others.
 325          See Castagnoli93.  Module will be crc32c.
 326
 327config CRYPTO_CRC32C_INTEL
 328        tristate "CRC32c INTEL hardware acceleration"
 329        depends on X86
 330        select CRYPTO_HASH
 331        help
 332          In Intel processor with SSE4.2 supported, the processor will
 333          support CRC32C implementation using hardware accelerated CRC32
 334          instruction. This option will create 'crc32c-intel' module,
 335          which will enable any routine to use the CRC32 instruction to
 336          gain performance compared with software implementation.
 337          Module will be crc32c-intel.
 338
 339config CRYPTO_GHASH
 340        tristate "GHASH digest algorithm"
 341        select CRYPTO_GF128MUL
 342        help
 343          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 344
 345config CRYPTO_MD4
 346        tristate "MD4 digest algorithm"
 347        select CRYPTO_HASH
 348        help
 349          MD4 message digest algorithm (RFC1320).
 350
 351config CRYPTO_MD5
 352        tristate "MD5 digest algorithm"
 353        select CRYPTO_HASH
 354        help
 355          MD5 message digest algorithm (RFC1321).
 356
 357config CRYPTO_MICHAEL_MIC
 358        tristate "Michael MIC keyed digest algorithm"
 359        select CRYPTO_HASH
 360        help
 361          Michael MIC is used for message integrity protection in TKIP
 362          (IEEE 802.11i). This algorithm is required for TKIP, but it
 363          should not be used for other purposes because of the weakness
 364          of the algorithm.
 365
 366config CRYPTO_RMD128
 367        tristate "RIPEMD-128 digest algorithm"
 368        select CRYPTO_HASH
 369        help
 370          RIPEMD-128 (ISO/IEC 10118-3:2004).
 371
 372          RIPEMD-128 is a 128-bit cryptographic hash function. It should only
 373          be used as a secure replacement for RIPEMD. For other use cases,
 374          RIPEMD-160 should be used.
 375
 376          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 377          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 378
 379config CRYPTO_RMD160
 380        tristate "RIPEMD-160 digest algorithm"
 381        select CRYPTO_HASH
 382        help
 383          RIPEMD-160 (ISO/IEC 10118-3:2004).
 384
 385          RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
 386          to be used as a secure replacement for the 128-bit hash functions
 387          MD4, MD5 and it's predecessor RIPEMD
 388          (not to be confused with RIPEMD-128).
 389
 390          It's speed is comparable to SHA1 and there are no known attacks
 391          against RIPEMD-160.
 392
 393          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 394          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 395
 396config CRYPTO_RMD256
 397        tristate "RIPEMD-256 digest algorithm"
 398        select CRYPTO_HASH
 399        help
 400          RIPEMD-256 is an optional extension of RIPEMD-128 with a
 401          256 bit hash. It is intended for applications that require
 402          longer hash-results, without needing a larger security level
 403          (than RIPEMD-128).
 404
 405          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 406          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 407
 408config CRYPTO_RMD320
 409        tristate "RIPEMD-320 digest algorithm"
 410        select CRYPTO_HASH
 411        help
 412          RIPEMD-320 is an optional extension of RIPEMD-160 with a
 413          320 bit hash. It is intended for applications that require
 414          longer hash-results, without needing a larger security level
 415          (than RIPEMD-160).
 416
 417          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 418          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 419
 420config CRYPTO_SHA1
 421        tristate "SHA1 digest algorithm"
 422        select CRYPTO_HASH
 423        help
 424          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
 425
 426config CRYPTO_SHA1_SSSE3
 427        tristate "SHA1 digest algorithm (SSSE3/AVX)"
 428        depends on X86 && 64BIT
 429        select CRYPTO_SHA1
 430        select CRYPTO_HASH
 431        help
 432          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
 433          using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
 434          Extensions (AVX), when available.
 435
 436config CRYPTO_SHA256
 437        tristate "SHA224 and SHA256 digest algorithm"
 438        select CRYPTO_HASH
 439        help
 440          SHA256 secure hash standard (DFIPS 180-2).
 441
 442          This version of SHA implements a 256 bit hash with 128 bits of
 443          security against collision attacks.
 444
 445          This code also includes SHA-224, a 224 bit hash with 112 bits
 446          of security against collision attacks.
 447
 448config CRYPTO_SHA512
 449        tristate "SHA384 and SHA512 digest algorithms"
 450        select CRYPTO_HASH
 451        help
 452          SHA512 secure hash standard (DFIPS 180-2).
 453
 454          This version of SHA implements a 512 bit hash with 256 bits of
 455          security against collision attacks.
 456
 457          This code also includes SHA-384, a 384 bit hash with 192 bits
 458          of security against collision attacks.
 459
 460config CRYPTO_TGR192
 461        tristate "Tiger digest algorithms"
 462        select CRYPTO_HASH
 463        help
 464          Tiger hash algorithm 192, 160 and 128-bit hashes
 465
 466          Tiger is a hash function optimized for 64-bit processors while
 467          still having decent performance on 32-bit processors.
 468          Tiger was developed by Ross Anderson and Eli Biham.
 469
 470          See also:
 471          <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
 472
 473config CRYPTO_WP512
 474        tristate "Whirlpool digest algorithms"
 475        select CRYPTO_HASH
 476        help
 477          Whirlpool hash algorithm 512, 384 and 256-bit hashes
 478
 479          Whirlpool-512 is part of the NESSIE cryptographic primitives.
 480          Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
 481
 482          See also:
 483          <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
 484
 485config CRYPTO_GHASH_CLMUL_NI_INTEL
 486        tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
 487        depends on X86 && 64BIT
 488        select CRYPTO_CRYPTD
 489        help
 490          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 491          The implementation is accelerated by CLMUL-NI of Intel.
 492
 493comment "Ciphers"
 494
 495config CRYPTO_AES
 496        tristate "AES cipher algorithms"
 497        select CRYPTO_ALGAPI
 498        help
 499          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 500          algorithm.
 501
 502          Rijndael appears to be consistently a very good performer in
 503          both hardware and software across a wide range of computing
 504          environments regardless of its use in feedback or non-feedback
 505          modes. Its key setup time is excellent, and its key agility is
 506          good. Rijndael's very low memory requirements make it very well
 507          suited for restricted-space environments, in which it also
 508          demonstrates excellent performance. Rijndael's operations are
 509          among the easiest to defend against power and timing attacks.
 510
 511          The AES specifies three key sizes: 128, 192 and 256 bits
 512
 513          See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
 514
 515config CRYPTO_AES_586
 516        tristate "AES cipher algorithms (i586)"
 517        depends on (X86 || UML_X86) && !64BIT
 518        select CRYPTO_ALGAPI
 519        select CRYPTO_AES
 520        help
 521          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 522          algorithm.
 523
 524          Rijndael appears to be consistently a very good performer in
 525          both hardware and software across a wide range of computing
 526          environments regardless of its use in feedback or non-feedback
 527          modes. Its key setup time is excellent, and its key agility is
 528          good. Rijndael's very low memory requirements make it very well
 529          suited for restricted-space environments, in which it also
 530          demonstrates excellent performance. Rijndael's operations are
 531          among the easiest to defend against power and timing attacks.
 532
 533          The AES specifies three key sizes: 128, 192 and 256 bits
 534
 535          See <http://csrc.nist.gov/encryption/aes/> for more information.
 536
 537config CRYPTO_AES_X86_64
 538        tristate "AES cipher algorithms (x86_64)"
 539        depends on (X86 || UML_X86) && 64BIT
 540        select CRYPTO_ALGAPI
 541        select CRYPTO_AES
 542        help
 543          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 544          algorithm.
 545
 546          Rijndael appears to be consistently a very good performer in
 547          both hardware and software across a wide range of computing
 548          environments regardless of its use in feedback or non-feedback
 549          modes. Its key setup time is excellent, and its key agility is
 550          good. Rijndael's very low memory requirements make it very well
 551          suited for restricted-space environments, in which it also
 552          demonstrates excellent performance. Rijndael's operations are
 553          among the easiest to defend against power and timing attacks.
 554
 555          The AES specifies three key sizes: 128, 192 and 256 bits
 556
 557          See <http://csrc.nist.gov/encryption/aes/> for more information.
 558
 559config CRYPTO_AES_NI_INTEL
 560        tristate "AES cipher algorithms (AES-NI)"
 561        depends on X86
 562        select CRYPTO_AES_X86_64 if 64BIT
 563        select CRYPTO_AES_586 if !64BIT
 564        select CRYPTO_CRYPTD
 565        select CRYPTO_ABLK_HELPER_X86
 566        select CRYPTO_ALGAPI
 567        help
 568          Use Intel AES-NI instructions for AES algorithm.
 569
 570          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 571          algorithm.
 572
 573          Rijndael appears to be consistently a very good performer in
 574          both hardware and software across a wide range of computing
 575          environments regardless of its use in feedback or non-feedback
 576          modes. Its key setup time is excellent, and its key agility is
 577          good. Rijndael's very low memory requirements make it very well
 578          suited for restricted-space environments, in which it also
 579          demonstrates excellent performance. Rijndael's operations are
 580          among the easiest to defend against power and timing attacks.
 581
 582          The AES specifies three key sizes: 128, 192 and 256 bits
 583
 584          See <http://csrc.nist.gov/encryption/aes/> for more information.
 585
 586          In addition to AES cipher algorithm support, the acceleration
 587          for some popular block cipher mode is supported too, including
 588          ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
 589          acceleration for CTR.
 590
 591config CRYPTO_ANUBIS
 592        tristate "Anubis cipher algorithm"
 593        select CRYPTO_ALGAPI
 594        help
 595          Anubis cipher algorithm.
 596
 597          Anubis is a variable key length cipher which can use keys from
 598          128 bits to 320 bits in length.  It was evaluated as a entrant
 599          in the NESSIE competition.
 600
 601          See also:
 602          <https://www.cosic.esat.kuleuven.be/nessie/reports/>
 603          <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
 604
 605config CRYPTO_ARC4
 606        tristate "ARC4 cipher algorithm"
 607        select CRYPTO_BLKCIPHER
 608        help
 609          ARC4 cipher algorithm.
 610
 611          ARC4 is a stream cipher using keys ranging from 8 bits to 2048
 612          bits in length.  This algorithm is required for driver-based
 613          WEP, but it should not be for other purposes because of the
 614          weakness of the algorithm.
 615
 616config CRYPTO_BLOWFISH
 617        tristate "Blowfish cipher algorithm"
 618        select CRYPTO_ALGAPI
 619        select CRYPTO_BLOWFISH_COMMON
 620        help
 621          Blowfish cipher algorithm, by Bruce Schneier.
 622
 623          This is a variable key length cipher which can use keys from 32
 624          bits to 448 bits in length.  It's fast, simple and specifically
 625          designed for use on "large microprocessors".
 626
 627          See also:
 628          <http://www.schneier.com/blowfish.html>
 629
 630config CRYPTO_BLOWFISH_COMMON
 631        tristate
 632        help
 633          Common parts of the Blowfish cipher algorithm shared by the
 634          generic c and the assembler implementations.
 635
 636          See also:
 637          <http://www.schneier.com/blowfish.html>
 638
 639config CRYPTO_BLOWFISH_X86_64
 640        tristate "Blowfish cipher algorithm (x86_64)"
 641        depends on X86 && 64BIT
 642        select CRYPTO_ALGAPI
 643        select CRYPTO_BLOWFISH_COMMON
 644        help
 645          Blowfish cipher algorithm (x86_64), by Bruce Schneier.
 646
 647          This is a variable key length cipher which can use keys from 32
 648          bits to 448 bits in length.  It's fast, simple and specifically
 649          designed for use on "large microprocessors".
 650
 651          See also:
 652          <http://www.schneier.com/blowfish.html>
 653
 654config CRYPTO_CAMELLIA
 655        tristate "Camellia cipher algorithms"
 656        depends on CRYPTO
 657        select CRYPTO_ALGAPI
 658        help
 659          Camellia cipher algorithms module.
 660
 661          Camellia is a symmetric key block cipher developed jointly
 662          at NTT and Mitsubishi Electric Corporation.
 663
 664          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 665
 666          See also:
 667          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 668
 669config CRYPTO_CAMELLIA_X86_64
 670        tristate "Camellia cipher algorithm (x86_64)"
 671        depends on X86 && 64BIT
 672        depends on CRYPTO
 673        select CRYPTO_ALGAPI
 674        select CRYPTO_GLUE_HELPER_X86
 675        select CRYPTO_LRW
 676        select CRYPTO_XTS
 677        help
 678          Camellia cipher algorithm module (x86_64).
 679
 680          Camellia is a symmetric key block cipher developed jointly
 681          at NTT and Mitsubishi Electric Corporation.
 682
 683          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 684
 685          See also:
 686          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 687
 688config CRYPTO_CAST5
 689        tristate "CAST5 (CAST-128) cipher algorithm"
 690        select CRYPTO_ALGAPI
 691        help
 692          The CAST5 encryption algorithm (synonymous with CAST-128) is
 693          described in RFC2144.
 694
 695config CRYPTO_CAST6
 696        tristate "CAST6 (CAST-256) cipher algorithm"
 697        select CRYPTO_ALGAPI
 698        help
 699          The CAST6 encryption algorithm (synonymous with CAST-256) is
 700          described in RFC2612.
 701
 702config CRYPTO_DES
 703        tristate "DES and Triple DES EDE cipher algorithms"
 704        select CRYPTO_ALGAPI
 705        help
 706          DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
 707
 708config CRYPTO_FCRYPT
 709        tristate "FCrypt cipher algorithm"
 710        select CRYPTO_ALGAPI
 711        select CRYPTO_BLKCIPHER
 712        help
 713          FCrypt algorithm used by RxRPC.
 714
 715config CRYPTO_KHAZAD
 716        tristate "Khazad cipher algorithm"
 717        select CRYPTO_ALGAPI
 718        help
 719          Khazad cipher algorithm.
 720
 721          Khazad was a finalist in the initial NESSIE competition.  It is
 722          an algorithm optimized for 64-bit processors with good performance
 723          on 32-bit processors.  Khazad uses an 128 bit key size.
 724
 725          See also:
 726          <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
 727
 728config CRYPTO_SALSA20
 729        tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
 730        depends on EXPERIMENTAL
 731        select CRYPTO_BLKCIPHER
 732        help
 733          Salsa20 stream cipher algorithm.
 734
 735          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 736          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 737
 738          The Salsa20 stream cipher algorithm is designed by Daniel J.
 739          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 740
 741config CRYPTO_SALSA20_586
 742        tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
 743        depends on (X86 || UML_X86) && !64BIT
 744        depends on EXPERIMENTAL
 745        select CRYPTO_BLKCIPHER
 746        help
 747          Salsa20 stream cipher algorithm.
 748
 749          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 750          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 751
 752          The Salsa20 stream cipher algorithm is designed by Daniel J.
 753          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 754
 755config CRYPTO_SALSA20_X86_64
 756        tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
 757        depends on (X86 || UML_X86) && 64BIT
 758        depends on EXPERIMENTAL
 759        select CRYPTO_BLKCIPHER
 760        help
 761          Salsa20 stream cipher algorithm.
 762
 763          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 764          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 765
 766          The Salsa20 stream cipher algorithm is designed by Daniel J.
 767          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 768
 769config CRYPTO_SEED
 770        tristate "SEED cipher algorithm"
 771        select CRYPTO_ALGAPI
 772        help
 773          SEED cipher algorithm (RFC4269).
 774
 775          SEED is a 128-bit symmetric key block cipher that has been
 776          developed by KISA (Korea Information Security Agency) as a
 777          national standard encryption algorithm of the Republic of Korea.
 778          It is a 16 round block cipher with the key size of 128 bit.
 779
 780          See also:
 781          <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
 782
 783config CRYPTO_SERPENT
 784        tristate "Serpent cipher algorithm"
 785        select CRYPTO_ALGAPI
 786        help
 787          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 788
 789          Keys are allowed to be from 0 to 256 bits in length, in steps
 790          of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
 791          variant of Serpent for compatibility with old kerneli.org code.
 792
 793          See also:
 794          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 795
 796config CRYPTO_SERPENT_SSE2_X86_64
 797        tristate "Serpent cipher algorithm (x86_64/SSE2)"
 798        depends on X86 && 64BIT
 799        select CRYPTO_ALGAPI
 800        select CRYPTO_CRYPTD
 801        select CRYPTO_ABLK_HELPER_X86
 802        select CRYPTO_GLUE_HELPER_X86
 803        select CRYPTO_SERPENT
 804        select CRYPTO_LRW
 805        select CRYPTO_XTS
 806        help
 807          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 808
 809          Keys are allowed to be from 0 to 256 bits in length, in steps
 810          of 8 bits.
 811
 812          This module provides Serpent cipher algorithm that processes eigth
 813          blocks parallel using SSE2 instruction set.
 814
 815          See also:
 816          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 817
 818config CRYPTO_SERPENT_SSE2_586
 819        tristate "Serpent cipher algorithm (i586/SSE2)"
 820        depends on X86 && !64BIT
 821        select CRYPTO_ALGAPI
 822        select CRYPTO_CRYPTD
 823        select CRYPTO_ABLK_HELPER_X86
 824        select CRYPTO_GLUE_HELPER_X86
 825        select CRYPTO_SERPENT
 826        select CRYPTO_LRW
 827        select CRYPTO_XTS
 828        help
 829          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 830
 831          Keys are allowed to be from 0 to 256 bits in length, in steps
 832          of 8 bits.
 833
 834          This module provides Serpent cipher algorithm that processes four
 835          blocks parallel using SSE2 instruction set.
 836
 837          See also:
 838          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 839
 840config CRYPTO_SERPENT_AVX_X86_64
 841        tristate "Serpent cipher algorithm (x86_64/AVX)"
 842        depends on X86 && 64BIT
 843        select CRYPTO_ALGAPI
 844        select CRYPTO_CRYPTD
 845        select CRYPTO_ABLK_HELPER_X86
 846        select CRYPTO_GLUE_HELPER_X86
 847        select CRYPTO_SERPENT
 848        select CRYPTO_LRW
 849        select CRYPTO_XTS
 850        help
 851          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 852
 853          Keys are allowed to be from 0 to 256 bits in length, in steps
 854          of 8 bits.
 855
 856          This module provides the Serpent cipher algorithm that processes
 857          eight blocks parallel using the AVX instruction set.
 858
 859          See also:
 860          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
 861
 862config CRYPTO_TEA
 863        tristate "TEA, XTEA and XETA cipher algorithms"
 864        select CRYPTO_ALGAPI
 865        help
 866          TEA cipher algorithm.
 867
 868          Tiny Encryption Algorithm is a simple cipher that uses
 869          many rounds for security.  It is very fast and uses
 870          little memory.
 871
 872          Xtendend Tiny Encryption Algorithm is a modification to
 873          the TEA algorithm to address a potential key weakness
 874          in the TEA algorithm.
 875
 876          Xtendend Encryption Tiny Algorithm is a mis-implementation
 877          of the XTEA algorithm for compatibility purposes.
 878
 879config CRYPTO_TWOFISH
 880        tristate "Twofish cipher algorithm"
 881        select CRYPTO_ALGAPI
 882        select CRYPTO_TWOFISH_COMMON
 883        help
 884          Twofish cipher algorithm.
 885
 886          Twofish was submitted as an AES (Advanced Encryption Standard)
 887          candidate cipher by researchers at CounterPane Systems.  It is a
 888          16 round block cipher supporting key sizes of 128, 192, and 256
 889          bits.
 890
 891          See also:
 892          <http://www.schneier.com/twofish.html>
 893
 894config CRYPTO_TWOFISH_COMMON
 895        tristate
 896        help
 897          Common parts of the Twofish cipher algorithm shared by the
 898          generic c and the assembler implementations.
 899
 900config CRYPTO_TWOFISH_586
 901        tristate "Twofish cipher algorithms (i586)"
 902        depends on (X86 || UML_X86) && !64BIT
 903        select CRYPTO_ALGAPI
 904        select CRYPTO_TWOFISH_COMMON
 905        help
 906          Twofish cipher algorithm.
 907
 908          Twofish was submitted as an AES (Advanced Encryption Standard)
 909          candidate cipher by researchers at CounterPane Systems.  It is a
 910          16 round block cipher supporting key sizes of 128, 192, and 256
 911          bits.
 912
 913          See also:
 914          <http://www.schneier.com/twofish.html>
 915
 916config CRYPTO_TWOFISH_X86_64
 917        tristate "Twofish cipher algorithm (x86_64)"
 918        depends on (X86 || UML_X86) && 64BIT
 919        select CRYPTO_ALGAPI
 920        select CRYPTO_TWOFISH_COMMON
 921        help
 922          Twofish cipher algorithm (x86_64).
 923
 924          Twofish was submitted as an AES (Advanced Encryption Standard)
 925          candidate cipher by researchers at CounterPane Systems.  It is a
 926          16 round block cipher supporting key sizes of 128, 192, and 256
 927          bits.
 928
 929          See also:
 930          <http://www.schneier.com/twofish.html>
 931
 932config CRYPTO_TWOFISH_X86_64_3WAY
 933        tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
 934        depends on X86 && 64BIT
 935        select CRYPTO_ALGAPI
 936        select CRYPTO_TWOFISH_COMMON
 937        select CRYPTO_TWOFISH_X86_64
 938        select CRYPTO_GLUE_HELPER_X86
 939        select CRYPTO_LRW
 940        select CRYPTO_XTS
 941        help
 942          Twofish cipher algorithm (x86_64, 3-way parallel).
 943
 944          Twofish was submitted as an AES (Advanced Encryption Standard)
 945          candidate cipher by researchers at CounterPane Systems.  It is a
 946          16 round block cipher supporting key sizes of 128, 192, and 256
 947          bits.
 948
 949          This module provides Twofish cipher algorithm that processes three
 950          blocks parallel, utilizing resources of out-of-order CPUs better.
 951
 952          See also:
 953          <http://www.schneier.com/twofish.html>
 954
 955config CRYPTO_TWOFISH_AVX_X86_64
 956        tristate "Twofish cipher algorithm (x86_64/AVX)"
 957        depends on X86 && 64BIT
 958        select CRYPTO_ALGAPI
 959        select CRYPTO_CRYPTD
 960        select CRYPTO_ABLK_HELPER_X86
 961        select CRYPTO_GLUE_HELPER_X86
 962        select CRYPTO_TWOFISH_COMMON
 963        select CRYPTO_TWOFISH_X86_64
 964        select CRYPTO_TWOFISH_X86_64_3WAY
 965        select CRYPTO_LRW
 966        select CRYPTO_XTS
 967        help
 968          Twofish cipher algorithm (x86_64/AVX).
 969
 970          Twofish was submitted as an AES (Advanced Encryption Standard)
 971          candidate cipher by researchers at CounterPane Systems.  It is a
 972          16 round block cipher supporting key sizes of 128, 192, and 256
 973          bits.
 974
 975          This module provides the Twofish cipher algorithm that processes
 976          eight blocks parallel using the AVX Instruction Set.
 977
 978          See also:
 979          <http://www.schneier.com/twofish.html>
 980
 981comment "Compression"
 982
 983config CRYPTO_DEFLATE
 984        tristate "Deflate compression algorithm"
 985        select CRYPTO_ALGAPI
 986        select ZLIB_INFLATE
 987        select ZLIB_DEFLATE
 988        help
 989          This is the Deflate algorithm (RFC1951), specified for use in
 990          IPSec with the IPCOMP protocol (RFC3173, RFC2394).
 991
 992          You will most probably want this if using IPSec.
 993
 994config CRYPTO_ZLIB
 995        tristate "Zlib compression algorithm"
 996        select CRYPTO_PCOMP
 997        select ZLIB_INFLATE
 998        select ZLIB_DEFLATE
 999        select NLATTR
1000        help
1001          This is the zlib algorithm.
1002
1003config CRYPTO_LZO
1004        tristate "LZO compression algorithm"
1005        select CRYPTO_ALGAPI
1006        select LZO_COMPRESS
1007        select LZO_DECOMPRESS
1008        help
1009          This is the LZO algorithm.
1010
1011comment "Random Number Generation"
1012
1013config CRYPTO_ANSI_CPRNG
1014        tristate "Pseudo Random Number Generation for Cryptographic modules"
1015        default m
1016        select CRYPTO_AES
1017        select CRYPTO_RNG
1018        help
1019          This option enables the generic pseudo random number generator
1020          for cryptographic modules.  Uses the Algorithm specified in
1021          ANSI X9.31 A.2.4. Note that this option must be enabled if
1022          CRYPTO_FIPS is selected
1023
1024config CRYPTO_USER_API
1025        tristate
1026
1027config CRYPTO_USER_API_HASH
1028        tristate "User-space interface for hash algorithms"
1029        depends on NET
1030        select CRYPTO_HASH
1031        select CRYPTO_USER_API
1032        help
1033          This option enables the user-spaces interface for hash
1034          algorithms.
1035
1036config CRYPTO_USER_API_SKCIPHER
1037        tristate "User-space interface for symmetric key cipher algorithms"
1038        depends on NET
1039        select CRYPTO_BLKCIPHER
1040        select CRYPTO_USER_API
1041        help
1042          This option enables the user-spaces interface for symmetric
1043          key cipher algorithms.
1044
1045source "drivers/crypto/Kconfig"
1046
1047endif   # if CRYPTO
1048
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.