linux/crypto/Kconfig
<<
>>
Prefs
   1#
   2# Generic algorithms support
   3#
   4config XOR_BLOCKS
   5        tristate
   6
   7#
   8# async_tx api: hardware offloaded memory transfer/transform support
   9#
  10source "crypto/async_tx/Kconfig"
  11
  12#
  13# Cryptographic API Configuration
  14#
  15menuconfig CRYPTO
  16        tristate "Cryptographic API"
  17        help
  18          This option provides the core Cryptographic API.
  19
  20if CRYPTO
  21
  22comment "Crypto core or helper"
  23
  24config CRYPTO_FIPS
  25        bool "FIPS 200 compliance"
  26        depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
  27        help
  28          This options enables the fips boot option which is
  29          required if you want to system to operate in a FIPS 200
  30          certification.  You should say no unless you know what
  31          this is.
  32
  33config CRYPTO_ALGAPI
  34        tristate
  35        select CRYPTO_ALGAPI2
  36        help
  37          This option provides the API for cryptographic algorithms.
  38
  39config CRYPTO_ALGAPI2
  40        tristate
  41
  42config CRYPTO_AEAD
  43        tristate
  44        select CRYPTO_AEAD2
  45        select CRYPTO_ALGAPI
  46
  47config CRYPTO_AEAD2
  48        tristate
  49        select CRYPTO_ALGAPI2
  50
  51config CRYPTO_BLKCIPHER
  52        tristate
  53        select CRYPTO_BLKCIPHER2
  54        select CRYPTO_ALGAPI
  55
  56config CRYPTO_BLKCIPHER2
  57        tristate
  58        select CRYPTO_ALGAPI2
  59        select CRYPTO_RNG2
  60        select CRYPTO_WORKQUEUE
  61
  62config CRYPTO_HASH
  63        tristate
  64        select CRYPTO_HASH2
  65        select CRYPTO_ALGAPI
  66
  67config CRYPTO_HASH2
  68        tristate
  69        select CRYPTO_ALGAPI2
  70
  71config CRYPTO_RNG
  72        tristate
  73        select CRYPTO_RNG2
  74        select CRYPTO_ALGAPI
  75
  76config CRYPTO_RNG2
  77        tristate
  78        select CRYPTO_ALGAPI2
  79
  80config CRYPTO_PCOMP
  81        tristate
  82        select CRYPTO_PCOMP2
  83        select CRYPTO_ALGAPI
  84
  85config CRYPTO_PCOMP2
  86        tristate
  87        select CRYPTO_ALGAPI2
  88
  89config CRYPTO_MANAGER
  90        tristate "Cryptographic algorithm manager"
  91        select CRYPTO_MANAGER2
  92        help
  93          Create default cryptographic template instantiations such as
  94          cbc(aes).
  95
  96config CRYPTO_MANAGER2
  97        def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
  98        select CRYPTO_AEAD2
  99        select CRYPTO_HASH2
 100        select CRYPTO_BLKCIPHER2
 101        select CRYPTO_PCOMP2
 102
 103config CRYPTO_USER
 104        tristate "Userspace cryptographic algorithm configuration"
 105        depends on NET
 106        select CRYPTO_MANAGER
 107        help
 108          Userspace configuration for cryptographic instantiations such as
 109          cbc(aes).
 110
 111config CRYPTO_MANAGER_DISABLE_TESTS
 112        bool "Disable run-time self tests"
 113        default y
 114        depends on CRYPTO_MANAGER2
 115        help
 116          Disable run-time self tests that normally take place at
 117          algorithm registration.
 118
 119config CRYPTO_GF128MUL
 120        tristate "GF(2^128) multiplication functions"
 121        help
 122          Efficient table driven implementation of multiplications in the
 123          field GF(2^128).  This is needed by some cypher modes. This
 124          option will be selected automatically if you select such a
 125          cipher mode.  Only select this option by hand if you expect to load
 126          an external module that requires these functions.
 127
 128config CRYPTO_NULL
 129        tristate "Null algorithms"
 130        select CRYPTO_ALGAPI
 131        select CRYPTO_BLKCIPHER
 132        select CRYPTO_HASH
 133        help
 134          These are 'Null' algorithms, used by IPsec, which do nothing.
 135
 136config CRYPTO_PCRYPT
 137        tristate "Parallel crypto engine (EXPERIMENTAL)"
 138        depends on SMP && EXPERIMENTAL
 139        select PADATA
 140        select CRYPTO_MANAGER
 141        select CRYPTO_AEAD
 142        help
 143          This converts an arbitrary crypto algorithm into a parallel
 144          algorithm that executes in kernel threads.
 145
 146config CRYPTO_WORKQUEUE
 147       tristate
 148
 149config CRYPTO_CRYPTD
 150        tristate "Software async crypto daemon"
 151        select CRYPTO_BLKCIPHER
 152        select CRYPTO_HASH
 153        select CRYPTO_MANAGER
 154        select CRYPTO_WORKQUEUE
 155        help
 156          This is a generic software asynchronous crypto daemon that
 157          converts an arbitrary synchronous software crypto algorithm
 158          into an asynchronous algorithm that executes in a kernel thread.
 159
 160config CRYPTO_AUTHENC
 161        tristate "Authenc support"
 162        select CRYPTO_AEAD
 163        select CRYPTO_BLKCIPHER
 164        select CRYPTO_MANAGER
 165        select CRYPTO_HASH
 166        help
 167          Authenc: Combined mode wrapper for IPsec.
 168          This is required for IPSec.
 169
 170config CRYPTO_TEST
 171        tristate "Testing module"
 172        depends on m
 173        select CRYPTO_MANAGER
 174        help
 175          Quick & dirty crypto test module.
 176
 177config CRYPTO_ABLK_HELPER_X86
 178        tristate
 179        depends on X86
 180        select CRYPTO_CRYPTD
 181
 182config CRYPTO_GLUE_HELPER_X86
 183        tristate
 184        depends on X86
 185        select CRYPTO_ALGAPI
 186
 187comment "Authenticated Encryption with Associated Data"
 188
 189config CRYPTO_CCM
 190        tristate "CCM support"
 191        select CRYPTO_CTR
 192        select CRYPTO_AEAD
 193        help
 194          Support for Counter with CBC MAC. Required for IPsec.
 195
 196config CRYPTO_GCM
 197        tristate "GCM/GMAC support"
 198        select CRYPTO_CTR
 199        select CRYPTO_AEAD
 200        select CRYPTO_GHASH
 201        help
 202          Support for Galois/Counter Mode (GCM) and Galois Message
 203          Authentication Code (GMAC). Required for IPSec.
 204
 205config CRYPTO_SEQIV
 206        tristate "Sequence Number IV Generator"
 207        select CRYPTO_AEAD
 208        select CRYPTO_BLKCIPHER
 209        select CRYPTO_RNG
 210        help
 211          This IV generator generates an IV based on a sequence number by
 212          xoring it with a salt.  This algorithm is mainly useful for CTR
 213
 214comment "Block modes"
 215
 216config CRYPTO_CBC
 217        tristate "CBC support"
 218        select CRYPTO_BLKCIPHER
 219        select CRYPTO_MANAGER
 220        help
 221          CBC: Cipher Block Chaining mode
 222          This block cipher algorithm is required for IPSec.
 223
 224config CRYPTO_CTR
 225        tristate "CTR support"
 226        select CRYPTO_BLKCIPHER
 227        select CRYPTO_SEQIV
 228        select CRYPTO_MANAGER
 229        help
 230          CTR: Counter mode
 231          This block cipher algorithm is required for IPSec.
 232
 233config CRYPTO_CTS
 234        tristate "CTS support"
 235        select CRYPTO_BLKCIPHER
 236        help
 237          CTS: Cipher Text Stealing
 238          This is the Cipher Text Stealing mode as described by
 239          Section 8 of rfc2040 and referenced by rfc3962.
 240          (rfc3962 includes errata information in its Appendix A)
 241          This mode is required for Kerberos gss mechanism support
 242          for AES encryption.
 243
 244config CRYPTO_ECB
 245        tristate "ECB support"
 246        select CRYPTO_BLKCIPHER
 247        select CRYPTO_MANAGER
 248        help
 249          ECB: Electronic CodeBook mode
 250          This is the simplest block cipher algorithm.  It simply encrypts
 251          the input block by block.
 252
 253config CRYPTO_LRW
 254        tristate "LRW support"
 255        select CRYPTO_BLKCIPHER
 256        select CRYPTO_MANAGER
 257        select CRYPTO_GF128MUL
 258        help
 259          LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
 260          narrow block cipher mode for dm-crypt.  Use it with cipher
 261          specification string aes-lrw-benbi, the key must be 256, 320 or 384.
 262          The first 128, 192 or 256 bits in the key are used for AES and the
 263          rest is used to tie each cipher block to its logical position.
 264
 265config CRYPTO_PCBC
 266        tristate "PCBC support"
 267        select CRYPTO_BLKCIPHER
 268        select CRYPTO_MANAGER
 269        help
 270          PCBC: Propagating Cipher Block Chaining mode
 271          This block cipher algorithm is required for RxRPC.
 272
 273config CRYPTO_XTS
 274        tristate "XTS support"
 275        select CRYPTO_BLKCIPHER
 276        select CRYPTO_MANAGER
 277        select CRYPTO_GF128MUL
 278        help
 279          XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
 280          key size 256, 384 or 512 bits. This implementation currently
 281          can't handle a sectorsize which is not a multiple of 16 bytes.
 282
 283comment "Hash modes"
 284
 285config CRYPTO_HMAC
 286        tristate "HMAC support"
 287        select CRYPTO_HASH
 288        select CRYPTO_MANAGER
 289        help
 290          HMAC: Keyed-Hashing for Message Authentication (RFC2104).
 291          This is required for IPSec.
 292
 293config CRYPTO_XCBC
 294        tristate "XCBC support"
 295        depends on EXPERIMENTAL
 296        select CRYPTO_HASH
 297        select CRYPTO_MANAGER
 298        help
 299          XCBC: Keyed-Hashing with encryption algorithm
 300                http://www.ietf.org/rfc/rfc3566.txt
 301                http://csrc.nist.gov/encryption/modes/proposedmodes/
 302                 xcbc-mac/xcbc-mac-spec.pdf
 303
 304config CRYPTO_VMAC
 305        tristate "VMAC support"
 306        depends on EXPERIMENTAL
 307        select CRYPTO_HASH
 308        select CRYPTO_MANAGER
 309        help
 310          VMAC is a message authentication algorithm designed for
 311          very high speed on 64-bit architectures.
 312
 313          See also:
 314          <http://fastcrypto.org/vmac>
 315
 316comment "Digest"
 317
 318config CRYPTO_CRC32C
 319        tristate "CRC32c CRC algorithm"
 320        select CRYPTO_HASH
 321        select CRC32
 322        help
 323          Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
 324          by iSCSI for header and data digests and by others.
 325          See Castagnoli93.  Module will be crc32c.
 326
 327config CRYPTO_CRC32C_X86_64
 328        bool
 329        depends on X86 && 64BIT
 330        select CRYPTO_HASH
 331        help
 332          In Intel processor with SSE4.2 supported, the processor will
 333          support CRC32C calculation using hardware accelerated CRC32
 334          instruction optimized with PCLMULQDQ instruction when available.
 335
 336config CRYPTO_CRC32C_INTEL
 337        tristate "CRC32c INTEL hardware acceleration"
 338        depends on X86
 339        select CRYPTO_CRC32C_X86_64 if 64BIT
 340        select CRYPTO_HASH
 341        help
 342          In Intel processor with SSE4.2 supported, the processor will
 343          support CRC32C implementation using hardware accelerated CRC32
 344          instruction. This option will create 'crc32c-intel' module,
 345          which will enable any routine to use the CRC32 instruction to
 346          gain performance compared with software implementation.
 347          Module will be crc32c-intel.
 348
 349config CRYPTO_CRC32C_SPARC64
 350        tristate "CRC32c CRC algorithm (SPARC64)"
 351        depends on SPARC64
 352        select CRYPTO_HASH
 353        select CRC32
 354        help
 355          CRC32c CRC algorithm implemented using sparc64 crypto instructions,
 356          when available.
 357
 358config CRYPTO_GHASH
 359        tristate "GHASH digest algorithm"
 360        select CRYPTO_GF128MUL
 361        help
 362          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 363
 364config CRYPTO_MD4
 365        tristate "MD4 digest algorithm"
 366        select CRYPTO_HASH
 367        help
 368          MD4 message digest algorithm (RFC1320).
 369
 370config CRYPTO_MD5
 371        tristate "MD5 digest algorithm"
 372        select CRYPTO_HASH
 373        help
 374          MD5 message digest algorithm (RFC1321).
 375
 376config CRYPTO_MD5_SPARC64
 377        tristate "MD5 digest algorithm (SPARC64)"
 378        depends on SPARC64
 379        select CRYPTO_MD5
 380        select CRYPTO_HASH
 381        help
 382          MD5 message digest algorithm (RFC1321) implemented
 383          using sparc64 crypto instructions, when available.
 384
 385config CRYPTO_MICHAEL_MIC
 386        tristate "Michael MIC keyed digest algorithm"
 387        select CRYPTO_HASH
 388        help
 389          Michael MIC is used for message integrity protection in TKIP
 390          (IEEE 802.11i). This algorithm is required for TKIP, but it
 391          should not be used for other purposes because of the weakness
 392          of the algorithm.
 393
 394config CRYPTO_RMD128
 395        tristate "RIPEMD-128 digest algorithm"
 396        select CRYPTO_HASH
 397        help
 398          RIPEMD-128 (ISO/IEC 10118-3:2004).
 399
 400          RIPEMD-128 is a 128-bit cryptographic hash function. It should only
 401          be used as a secure replacement for RIPEMD. For other use cases,
 402          RIPEMD-160 should be used.
 403
 404          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 405          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 406
 407config CRYPTO_RMD160
 408        tristate "RIPEMD-160 digest algorithm"
 409        select CRYPTO_HASH
 410        help
 411          RIPEMD-160 (ISO/IEC 10118-3:2004).
 412
 413          RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
 414          to be used as a secure replacement for the 128-bit hash functions
 415          MD4, MD5 and it's predecessor RIPEMD
 416          (not to be confused with RIPEMD-128).
 417
 418          It's speed is comparable to SHA1 and there are no known attacks
 419          against RIPEMD-160.
 420
 421          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 422          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 423
 424config CRYPTO_RMD256
 425        tristate "RIPEMD-256 digest algorithm"
 426        select CRYPTO_HASH
 427        help
 428          RIPEMD-256 is an optional extension of RIPEMD-128 with a
 429          256 bit hash. It is intended for applications that require
 430          longer hash-results, without needing a larger security level
 431          (than RIPEMD-128).
 432
 433          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 434          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 435
 436config CRYPTO_RMD320
 437        tristate "RIPEMD-320 digest algorithm"
 438        select CRYPTO_HASH
 439        help
 440          RIPEMD-320 is an optional extension of RIPEMD-160 with a
 441          320 bit hash. It is intended for applications that require
 442          longer hash-results, without needing a larger security level
 443          (than RIPEMD-160).
 444
 445          Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
 446          See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
 447
 448config CRYPTO_SHA1
 449        tristate "SHA1 digest algorithm"
 450        select CRYPTO_HASH
 451        help
 452          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
 453
 454config CRYPTO_SHA1_SSSE3
 455        tristate "SHA1 digest algorithm (SSSE3/AVX)"
 456        depends on X86 && 64BIT
 457        select CRYPTO_SHA1
 458        select CRYPTO_HASH
 459        help
 460          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
 461          using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
 462          Extensions (AVX), when available.
 463
 464config CRYPTO_SHA1_SPARC64
 465        tristate "SHA1 digest algorithm (SPARC64)"
 466        depends on SPARC64
 467        select CRYPTO_SHA1
 468        select CRYPTO_HASH
 469        help
 470          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
 471          using sparc64 crypto instructions, when available.
 472
 473config CRYPTO_SHA1_ARM
 474        tristate "SHA1 digest algorithm (ARM-asm)"
 475        depends on ARM
 476        select CRYPTO_SHA1
 477        select CRYPTO_HASH
 478        help
 479          SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
 480          using optimized ARM assembler.
 481
 482config CRYPTO_SHA256
 483        tristate "SHA224 and SHA256 digest algorithm"
 484        select CRYPTO_HASH
 485        help
 486          SHA256 secure hash standard (DFIPS 180-2).
 487
 488          This version of SHA implements a 256 bit hash with 128 bits of
 489          security against collision attacks.
 490
 491          This code also includes SHA-224, a 224 bit hash with 112 bits
 492          of security against collision attacks.
 493
 494config CRYPTO_SHA256_SPARC64
 495        tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
 496        depends on SPARC64
 497        select CRYPTO_SHA256
 498        select CRYPTO_HASH
 499        help
 500          SHA-256 secure hash standard (DFIPS 180-2) implemented
 501          using sparc64 crypto instructions, when available.
 502
 503config CRYPTO_SHA512
 504        tristate "SHA384 and SHA512 digest algorithms"
 505        select CRYPTO_HASH
 506        help
 507          SHA512 secure hash standard (DFIPS 180-2).
 508
 509          This version of SHA implements a 512 bit hash with 256 bits of
 510          security against collision attacks.
 511
 512          This code also includes SHA-384, a 384 bit hash with 192 bits
 513          of security against collision attacks.
 514
 515config CRYPTO_SHA512_SPARC64
 516        tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
 517        depends on SPARC64
 518        select CRYPTO_SHA512
 519        select CRYPTO_HASH
 520        help
 521          SHA-512 secure hash standard (DFIPS 180-2) implemented
 522          using sparc64 crypto instructions, when available.
 523
 524config CRYPTO_TGR192
 525        tristate "Tiger digest algorithms"
 526        select CRYPTO_HASH
 527        help
 528          Tiger hash algorithm 192, 160 and 128-bit hashes
 529
 530          Tiger is a hash function optimized for 64-bit processors while
 531          still having decent performance on 32-bit processors.
 532          Tiger was developed by Ross Anderson and Eli Biham.
 533
 534          See also:
 535          <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
 536
 537config CRYPTO_WP512
 538        tristate "Whirlpool digest algorithms"
 539        select CRYPTO_HASH
 540        help
 541          Whirlpool hash algorithm 512, 384 and 256-bit hashes
 542
 543          Whirlpool-512 is part of the NESSIE cryptographic primitives.
 544          Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
 545
 546          See also:
 547          <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
 548
 549config CRYPTO_GHASH_CLMUL_NI_INTEL
 550        tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
 551        depends on X86 && 64BIT
 552        select CRYPTO_CRYPTD
 553        help
 554          GHASH is message digest algorithm for GCM (Galois/Counter Mode).
 555          The implementation is accelerated by CLMUL-NI of Intel.
 556
 557comment "Ciphers"
 558
 559config CRYPTO_AES
 560        tristate "AES cipher algorithms"
 561        select CRYPTO_ALGAPI
 562        help
 563          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 564          algorithm.
 565
 566          Rijndael appears to be consistently a very good performer in
 567          both hardware and software across a wide range of computing
 568          environments regardless of its use in feedback or non-feedback
 569          modes. Its key setup time is excellent, and its key agility is
 570          good. Rijndael's very low memory requirements make it very well
 571          suited for restricted-space environments, in which it also
 572          demonstrates excellent performance. Rijndael's operations are
 573          among the easiest to defend against power and timing attacks.
 574
 575          The AES specifies three key sizes: 128, 192 and 256 bits
 576
 577          See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
 578
 579config CRYPTO_AES_586
 580        tristate "AES cipher algorithms (i586)"
 581        depends on (X86 || UML_X86) && !64BIT
 582        select CRYPTO_ALGAPI
 583        select CRYPTO_AES
 584        help
 585          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 586          algorithm.
 587
 588          Rijndael appears to be consistently a very good performer in
 589          both hardware and software across a wide range of computing
 590          environments regardless of its use in feedback or non-feedback
 591          modes. Its key setup time is excellent, and its key agility is
 592          good. Rijndael's very low memory requirements make it very well
 593          suited for restricted-space environments, in which it also
 594          demonstrates excellent performance. Rijndael's operations are
 595          among the easiest to defend against power and timing attacks.
 596
 597          The AES specifies three key sizes: 128, 192 and 256 bits
 598
 599          See <http://csrc.nist.gov/encryption/aes/> for more information.
 600
 601config CRYPTO_AES_X86_64
 602        tristate "AES cipher algorithms (x86_64)"
 603        depends on (X86 || UML_X86) && 64BIT
 604        select CRYPTO_ALGAPI
 605        select CRYPTO_AES
 606        help
 607          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 608          algorithm.
 609
 610          Rijndael appears to be consistently a very good performer in
 611          both hardware and software across a wide range of computing
 612          environments regardless of its use in feedback or non-feedback
 613          modes. Its key setup time is excellent, and its key agility is
 614          good. Rijndael's very low memory requirements make it very well
 615          suited for restricted-space environments, in which it also
 616          demonstrates excellent performance. Rijndael's operations are
 617          among the easiest to defend against power and timing attacks.
 618
 619          The AES specifies three key sizes: 128, 192 and 256 bits
 620
 621          See <http://csrc.nist.gov/encryption/aes/> for more information.
 622
 623config CRYPTO_AES_NI_INTEL
 624        tristate "AES cipher algorithms (AES-NI)"
 625        depends on X86
 626        select CRYPTO_AES_X86_64 if 64BIT
 627        select CRYPTO_AES_586 if !64BIT
 628        select CRYPTO_CRYPTD
 629        select CRYPTO_ABLK_HELPER_X86
 630        select CRYPTO_ALGAPI
 631        select CRYPTO_LRW
 632        select CRYPTO_XTS
 633        help
 634          Use Intel AES-NI instructions for AES algorithm.
 635
 636          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 637          algorithm.
 638
 639          Rijndael appears to be consistently a very good performer in
 640          both hardware and software across a wide range of computing
 641          environments regardless of its use in feedback or non-feedback
 642          modes. Its key setup time is excellent, and its key agility is
 643          good. Rijndael's very low memory requirements make it very well
 644          suited for restricted-space environments, in which it also
 645          demonstrates excellent performance. Rijndael's operations are
 646          among the easiest to defend against power and timing attacks.
 647
 648          The AES specifies three key sizes: 128, 192 and 256 bits
 649
 650          See <http://csrc.nist.gov/encryption/aes/> for more information.
 651
 652          In addition to AES cipher algorithm support, the acceleration
 653          for some popular block cipher mode is supported too, including
 654          ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
 655          acceleration for CTR.
 656
 657config CRYPTO_AES_SPARC64
 658        tristate "AES cipher algorithms (SPARC64)"
 659        depends on SPARC64
 660        select CRYPTO_CRYPTD
 661        select CRYPTO_ALGAPI
 662        help
 663          Use SPARC64 crypto opcodes for AES algorithm.
 664
 665          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 666          algorithm.
 667
 668          Rijndael appears to be consistently a very good performer in
 669          both hardware and software across a wide range of computing
 670          environments regardless of its use in feedback or non-feedback
 671          modes. Its key setup time is excellent, and its key agility is
 672          good. Rijndael's very low memory requirements make it very well
 673          suited for restricted-space environments, in which it also
 674          demonstrates excellent performance. Rijndael's operations are
 675          among the easiest to defend against power and timing attacks.
 676
 677          The AES specifies three key sizes: 128, 192 and 256 bits
 678
 679          See <http://csrc.nist.gov/encryption/aes/> for more information.
 680
 681          In addition to AES cipher algorithm support, the acceleration
 682          for some popular block cipher mode is supported too, including
 683          ECB and CBC.
 684
 685config CRYPTO_AES_ARM
 686        tristate "AES cipher algorithms (ARM-asm)"
 687        depends on ARM
 688        select CRYPTO_ALGAPI
 689        select CRYPTO_AES
 690        help
 691          Use optimized AES assembler routines for ARM platforms.
 692
 693          AES cipher algorithms (FIPS-197). AES uses the Rijndael
 694          algorithm.
 695
 696          Rijndael appears to be consistently a very good performer in
 697          both hardware and software across a wide range of computing
 698          environments regardless of its use in feedback or non-feedback
 699          modes. Its key setup time is excellent, and its key agility is
 700          good. Rijndael's very low memory requirements make it very well
 701          suited for restricted-space environments, in which it also
 702          demonstrates excellent performance. Rijndael's operations are
 703          among the easiest to defend against power and timing attacks.
 704
 705          The AES specifies three key sizes: 128, 192 and 256 bits
 706
 707          See <http://csrc.nist.gov/encryption/aes/> for more information.
 708
 709config CRYPTO_ANUBIS
 710        tristate "Anubis cipher algorithm"
 711        select CRYPTO_ALGAPI
 712        help
 713          Anubis cipher algorithm.
 714
 715          Anubis is a variable key length cipher which can use keys from
 716          128 bits to 320 bits in length.  It was evaluated as a entrant
 717          in the NESSIE competition.
 718
 719          See also:
 720          <https://www.cosic.esat.kuleuven.be/nessie/reports/>
 721          <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
 722
 723config CRYPTO_ARC4
 724        tristate "ARC4 cipher algorithm"
 725        select CRYPTO_BLKCIPHER
 726        help
 727          ARC4 cipher algorithm.
 728
 729          ARC4 is a stream cipher using keys ranging from 8 bits to 2048
 730          bits in length.  This algorithm is required for driver-based
 731          WEP, but it should not be for other purposes because of the
 732          weakness of the algorithm.
 733
 734config CRYPTO_BLOWFISH
 735        tristate "Blowfish cipher algorithm"
 736        select CRYPTO_ALGAPI
 737        select CRYPTO_BLOWFISH_COMMON
 738        help
 739          Blowfish cipher algorithm, by Bruce Schneier.
 740
 741          This is a variable key length cipher which can use keys from 32
 742          bits to 448 bits in length.  It's fast, simple and specifically
 743          designed for use on "large microprocessors".
 744
 745          See also:
 746          <http://www.schneier.com/blowfish.html>
 747
 748config CRYPTO_BLOWFISH_COMMON
 749        tristate
 750        help
 751          Common parts of the Blowfish cipher algorithm shared by the
 752          generic c and the assembler implementations.
 753
 754          See also:
 755          <http://www.schneier.com/blowfish.html>
 756
 757config CRYPTO_BLOWFISH_X86_64
 758        tristate "Blowfish cipher algorithm (x86_64)"
 759        depends on X86 && 64BIT
 760        select CRYPTO_ALGAPI
 761        select CRYPTO_BLOWFISH_COMMON
 762        help
 763          Blowfish cipher algorithm (x86_64), by Bruce Schneier.
 764
 765          This is a variable key length cipher which can use keys from 32
 766          bits to 448 bits in length.  It's fast, simple and specifically
 767          designed for use on "large microprocessors".
 768
 769          See also:
 770          <http://www.schneier.com/blowfish.html>
 771
 772config CRYPTO_CAMELLIA
 773        tristate "Camellia cipher algorithms"
 774        depends on CRYPTO
 775        select CRYPTO_ALGAPI
 776        help
 777          Camellia cipher algorithms module.
 778
 779          Camellia is a symmetric key block cipher developed jointly
 780          at NTT and Mitsubishi Electric Corporation.
 781
 782          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 783
 784          See also:
 785          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 786
 787config CRYPTO_CAMELLIA_X86_64
 788        tristate "Camellia cipher algorithm (x86_64)"
 789        depends on X86 && 64BIT
 790        depends on CRYPTO
 791        select CRYPTO_ALGAPI
 792        select CRYPTO_GLUE_HELPER_X86
 793        select CRYPTO_LRW
 794        select CRYPTO_XTS
 795        help
 796          Camellia cipher algorithm module (x86_64).
 797
 798          Camellia is a symmetric key block cipher developed jointly
 799          at NTT and Mitsubishi Electric Corporation.
 800
 801          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 802
 803          See also:
 804          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 805
 806config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
 807        tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
 808        depends on X86 && 64BIT
 809        depends on CRYPTO
 810        select CRYPTO_ALGAPI
 811        select CRYPTO_CRYPTD
 812        select CRYPTO_ABLK_HELPER_X86
 813        select CRYPTO_GLUE_HELPER_X86
 814        select CRYPTO_CAMELLIA_X86_64
 815        select CRYPTO_LRW
 816        select CRYPTO_XTS
 817        help
 818          Camellia cipher algorithm module (x86_64/AES-NI/AVX).
 819
 820          Camellia is a symmetric key block cipher developed jointly
 821          at NTT and Mitsubishi Electric Corporation.
 822
 823          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 824
 825          See also:
 826          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 827
 828config CRYPTO_CAMELLIA_SPARC64
 829        tristate "Camellia cipher algorithm (SPARC64)"
 830        depends on SPARC64
 831        depends on CRYPTO
 832        select CRYPTO_ALGAPI
 833        help
 834          Camellia cipher algorithm module (SPARC64).
 835
 836          Camellia is a symmetric key block cipher developed jointly
 837          at NTT and Mitsubishi Electric Corporation.
 838
 839          The Camellia specifies three key sizes: 128, 192 and 256 bits.
 840
 841          See also:
 842          <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
 843
 844config CRYPTO_CAST_COMMON
 845        tristate
 846        help
 847          Common parts of the CAST cipher algorithms shared by the
 848          generic c and the assembler implementations.
 849
 850config CRYPTO_CAST5
 851        tristate "CAST5 (CAST-128) cipher algorithm"
 852        select CRYPTO_ALGAPI
 853        select CRYPTO_CAST_COMMON
 854        help
 855          The CAST5 encryption algorithm (synonymous with CAST-128) is
 856          described in RFC2144.
 857
 858config CRYPTO_CAST5_AVX_X86_64
 859        tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
 860        depends on X86 && 64BIT
 861        select CRYPTO_ALGAPI
 862        select CRYPTO_CRYPTD
 863        select CRYPTO_ABLK_HELPER_X86
 864        select CRYPTO_CAST_COMMON
 865        select CRYPTO_CAST5
 866        help
 867          The CAST5 encryption algorithm (synonymous with CAST-128) is
 868          described in RFC2144.
 869
 870          This module provides the Cast5 cipher algorithm that processes
 871          sixteen blocks parallel using the AVX instruction set.
 872
 873config CRYPTO_CAST6
 874        tristate "CAST6 (CAST-256) cipher algorithm"
 875        select CRYPTO_ALGAPI
 876        select CRYPTO_CAST_COMMON
 877        help
 878          The CAST6 encryption algorithm (synonymous with CAST-256) is
 879          described in RFC2612.
 880
 881config CRYPTO_CAST6_AVX_X86_64
 882        tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
 883        depends on X86 && 64BIT
 884        select CRYPTO_ALGAPI
 885        select CRYPTO_CRYPTD
 886        select CRYPTO_ABLK_HELPER_X86
 887        select CRYPTO_GLUE_HELPER_X86
 888        select CRYPTO_CAST_COMMON
 889        select CRYPTO_CAST6
 890        select CRYPTO_LRW
 891        select CRYPTO_XTS
 892        help
 893          The CAST6 encryption algorithm (synonymous with CAST-256) is
 894          described in RFC2612.
 895
 896          This module provides the Cast6 cipher algorithm that processes
 897          eight blocks parallel using the AVX instruction set.
 898
 899config CRYPTO_DES
 900        tristate "DES and Triple DES EDE cipher algorithms"
 901        select CRYPTO_ALGAPI
 902        help
 903          DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
 904
 905config CRYPTO_DES_SPARC64
 906        tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
 907        depends on SPARC64
 908        select CRYPTO_ALGAPI
 909        select CRYPTO_DES
 910        help
 911          DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
 912          optimized using SPARC64 crypto opcodes.
 913
 914config CRYPTO_FCRYPT
 915        tristate "FCrypt cipher algorithm"
 916        select CRYPTO_ALGAPI
 917        select CRYPTO_BLKCIPHER
 918        help
 919          FCrypt algorithm used by RxRPC.
 920
 921config CRYPTO_KHAZAD
 922        tristate "Khazad cipher algorithm"
 923        select CRYPTO_ALGAPI
 924        help
 925          Khazad cipher algorithm.
 926
 927          Khazad was a finalist in the initial NESSIE competition.  It is
 928          an algorithm optimized for 64-bit processors with good performance
 929          on 32-bit processors.  Khazad uses an 128 bit key size.
 930
 931          See also:
 932          <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
 933
 934config CRYPTO_SALSA20
 935        tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
 936        depends on EXPERIMENTAL
 937        select CRYPTO_BLKCIPHER
 938        help
 939          Salsa20 stream cipher algorithm.
 940
 941          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 942          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 943
 944          The Salsa20 stream cipher algorithm is designed by Daniel J.
 945          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 946
 947config CRYPTO_SALSA20_586
 948        tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
 949        depends on (X86 || UML_X86) && !64BIT
 950        depends on EXPERIMENTAL
 951        select CRYPTO_BLKCIPHER
 952        help
 953          Salsa20 stream cipher algorithm.
 954
 955          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 956          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 957
 958          The Salsa20 stream cipher algorithm is designed by Daniel J.
 959          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 960
 961config CRYPTO_SALSA20_X86_64
 962        tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
 963        depends on (X86 || UML_X86) && 64BIT
 964        depends on EXPERIMENTAL
 965        select CRYPTO_BLKCIPHER
 966        help
 967          Salsa20 stream cipher algorithm.
 968
 969          Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
 970          Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
 971
 972          The Salsa20 stream cipher algorithm is designed by Daniel J.
 973          Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
 974
 975config CRYPTO_SEED
 976        tristate "SEED cipher algorithm"
 977        select CRYPTO_ALGAPI
 978        help
 979          SEED cipher algorithm (RFC4269).
 980
 981          SEED is a 128-bit symmetric key block cipher that has been
 982          developed by KISA (Korea Information Security Agency) as a
 983          national standard encryption algorithm of the Republic of Korea.
 984          It is a 16 round block cipher with the key size of 128 bit.
 985
 986          See also:
 987          <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
 988
 989config CRYPTO_SERPENT
 990        tristate "Serpent cipher algorithm"
 991        select CRYPTO_ALGAPI
 992        help
 993          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
 994
 995          Keys are allowed to be from 0 to 256 bits in length, in steps
 996          of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
 997          variant of Serpent for compatibility with old kerneli.org code.
 998
 999          See also:
1000          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1001
1002config CRYPTO_SERPENT_SSE2_X86_64
1003        tristate "Serpent cipher algorithm (x86_64/SSE2)"
1004        depends on X86 && 64BIT
1005        select CRYPTO_ALGAPI
1006        select CRYPTO_CRYPTD
1007        select CRYPTO_ABLK_HELPER_X86
1008        select CRYPTO_GLUE_HELPER_X86
1009        select CRYPTO_SERPENT
1010        select CRYPTO_LRW
1011        select CRYPTO_XTS
1012        help
1013          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1014
1015          Keys are allowed to be from 0 to 256 bits in length, in steps
1016          of 8 bits.
1017
1018          This module provides Serpent cipher algorithm that processes eigth
1019          blocks parallel using SSE2 instruction set.
1020
1021          See also:
1022          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1023
1024config CRYPTO_SERPENT_SSE2_586
1025        tristate "Serpent cipher algorithm (i586/SSE2)"
1026        depends on X86 && !64BIT
1027        select CRYPTO_ALGAPI
1028        select CRYPTO_CRYPTD
1029        select CRYPTO_ABLK_HELPER_X86
1030        select CRYPTO_GLUE_HELPER_X86
1031        select CRYPTO_SERPENT
1032        select CRYPTO_LRW
1033        select CRYPTO_XTS
1034        help
1035          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1036
1037          Keys are allowed to be from 0 to 256 bits in length, in steps
1038          of 8 bits.
1039
1040          This module provides Serpent cipher algorithm that processes four
1041          blocks parallel using SSE2 instruction set.
1042
1043          See also:
1044          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1045
1046config CRYPTO_SERPENT_AVX_X86_64
1047        tristate "Serpent cipher algorithm (x86_64/AVX)"
1048        depends on X86 && 64BIT
1049        select CRYPTO_ALGAPI
1050        select CRYPTO_CRYPTD
1051        select CRYPTO_ABLK_HELPER_X86
1052        select CRYPTO_GLUE_HELPER_X86
1053        select CRYPTO_SERPENT
1054        select CRYPTO_LRW
1055        select CRYPTO_XTS
1056        help
1057          Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1058
1059          Keys are allowed to be from 0 to 256 bits in length, in steps
1060          of 8 bits.
1061
1062          This module provides the Serpent cipher algorithm that processes
1063          eight blocks parallel using the AVX instruction set.
1064
1065          See also:
1066          <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1067
1068config CRYPTO_TEA
1069        tristate "TEA, XTEA and XETA cipher algorithms"
1070        select CRYPTO_ALGAPI
1071        help
1072          TEA cipher algorithm.
1073
1074          Tiny Encryption Algorithm is a simple cipher that uses
1075          many rounds for security.  It is very fast and uses
1076          little memory.
1077
1078          Xtendend Tiny Encryption Algorithm is a modification to
1079          the TEA algorithm to address a potential key weakness
1080          in the TEA algorithm.
1081
1082          Xtendend Encryption Tiny Algorithm is a mis-implementation
1083          of the XTEA algorithm for compatibility purposes.
1084
1085config CRYPTO_TWOFISH
1086        tristate "Twofish cipher algorithm"
1087        select CRYPTO_ALGAPI
1088        select CRYPTO_TWOFISH_COMMON
1089        help
1090          Twofish cipher algorithm.
1091
1092          Twofish was submitted as an AES (Advanced Encryption Standard)
1093          candidate cipher by researchers at CounterPane Systems.  It is a
1094          16 round block cipher supporting key sizes of 128, 192, and 256
1095          bits.
1096
1097          See also:
1098          <http://www.schneier.com/twofish.html>
1099
1100config CRYPTO_TWOFISH_COMMON
1101        tristate
1102        help
1103          Common parts of the Twofish cipher algorithm shared by the
1104          generic c and the assembler implementations.
1105
1106config CRYPTO_TWOFISH_586
1107        tristate "Twofish cipher algorithms (i586)"
1108        depends on (X86 || UML_X86) && !64BIT
1109        select CRYPTO_ALGAPI
1110        select CRYPTO_TWOFISH_COMMON
1111        help
1112          Twofish cipher algorithm.
1113
1114          Twofish was submitted as an AES (Advanced Encryption Standard)
1115          candidate cipher by researchers at CounterPane Systems.  It is a
1116          16 round block cipher supporting key sizes of 128, 192, and 256
1117          bits.
1118
1119          See also:
1120          <http://www.schneier.com/twofish.html>
1121
1122config CRYPTO_TWOFISH_X86_64
1123        tristate "Twofish cipher algorithm (x86_64)"
1124        depends on (X86 || UML_X86) && 64BIT
1125        select CRYPTO_ALGAPI
1126        select CRYPTO_TWOFISH_COMMON
1127        help
1128          Twofish cipher algorithm (x86_64).
1129
1130          Twofish was submitted as an AES (Advanced Encryption Standard)
1131          candidate cipher by researchers at CounterPane Systems.  It is a
1132          16 round block cipher supporting key sizes of 128, 192, and 256
1133          bits.
1134
1135          See also:
1136          <http://www.schneier.com/twofish.html>
1137
1138config CRYPTO_TWOFISH_X86_64_3WAY
1139        tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1140        depends on X86 && 64BIT
1141        select CRYPTO_ALGAPI
1142        select CRYPTO_TWOFISH_COMMON
1143        select CRYPTO_TWOFISH_X86_64
1144        select CRYPTO_GLUE_HELPER_X86
1145        select CRYPTO_LRW
1146        select CRYPTO_XTS
1147        help
1148          Twofish cipher algorithm (x86_64, 3-way parallel).
1149
1150          Twofish was submitted as an AES (Advanced Encryption Standard)
1151          candidate cipher by researchers at CounterPane Systems.  It is a
1152          16 round block cipher supporting key sizes of 128, 192, and 256
1153          bits.
1154
1155          This module provides Twofish cipher algorithm that processes three
1156          blocks parallel, utilizing resources of out-of-order CPUs better.
1157
1158          See also:
1159          <http://www.schneier.com/twofish.html>
1160
1161config CRYPTO_TWOFISH_AVX_X86_64
1162        tristate "Twofish cipher algorithm (x86_64/AVX)"
1163        depends on X86 && 64BIT
1164        select CRYPTO_ALGAPI
1165        select CRYPTO_CRYPTD
1166        select CRYPTO_ABLK_HELPER_X86
1167        select CRYPTO_GLUE_HELPER_X86
1168        select CRYPTO_TWOFISH_COMMON
1169        select CRYPTO_TWOFISH_X86_64
1170        select CRYPTO_TWOFISH_X86_64_3WAY
1171        select CRYPTO_LRW
1172        select CRYPTO_XTS
1173        help
1174          Twofish cipher algorithm (x86_64/AVX).
1175
1176          Twofish was submitted as an AES (Advanced Encryption Standard)
1177          candidate cipher by researchers at CounterPane Systems.  It is a
1178          16 round block cipher supporting key sizes of 128, 192, and 256
1179          bits.
1180
1181          This module provides the Twofish cipher algorithm that processes
1182          eight blocks parallel using the AVX Instruction Set.
1183
1184          See also:
1185          <http://www.schneier.com/twofish.html>
1186
1187comment "Compression"
1188
1189config CRYPTO_DEFLATE
1190        tristate "Deflate compression algorithm"
1191        select CRYPTO_ALGAPI
1192        select ZLIB_INFLATE
1193        select ZLIB_DEFLATE
1194        help
1195          This is the Deflate algorithm (RFC1951), specified for use in
1196          IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1197
1198          You will most probably want this if using IPSec.
1199
1200config CRYPTO_ZLIB
1201        tristate "Zlib compression algorithm"
1202        select CRYPTO_PCOMP
1203        select ZLIB_INFLATE
1204        select ZLIB_DEFLATE
1205        select NLATTR
1206        help
1207          This is the zlib algorithm.
1208
1209config CRYPTO_LZO
1210        tristate "LZO compression algorithm"
1211        select CRYPTO_ALGAPI
1212        select LZO_COMPRESS
1213        select LZO_DECOMPRESS
1214        help
1215          This is the LZO algorithm.
1216
1217config CRYPTO_842
1218        tristate "842 compression algorithm"
1219        depends on CRYPTO_DEV_NX_COMPRESS
1220        # 842 uses lzo if the hardware becomes unavailable
1221        select LZO_COMPRESS
1222        select LZO_DECOMPRESS
1223        help
1224          This is the 842 algorithm.
1225
1226comment "Random Number Generation"
1227
1228config CRYPTO_ANSI_CPRNG
1229        tristate "Pseudo Random Number Generation for Cryptographic modules"
1230        default m
1231        select CRYPTO_AES
1232        select CRYPTO_RNG
1233        help
1234          This option enables the generic pseudo random number generator
1235          for cryptographic modules.  Uses the Algorithm specified in
1236          ANSI X9.31 A.2.4. Note that this option must be enabled if
1237          CRYPTO_FIPS is selected
1238
1239config CRYPTO_USER_API
1240        tristate
1241
1242config CRYPTO_USER_API_HASH
1243        tristate "User-space interface for hash algorithms"
1244        depends on NET
1245        select CRYPTO_HASH
1246        select CRYPTO_USER_API
1247        help
1248          This option enables the user-spaces interface for hash
1249          algorithms.
1250
1251config CRYPTO_USER_API_SKCIPHER
1252        tristate "User-space interface for symmetric key cipher algorithms"
1253        depends on NET
1254        select CRYPTO_BLKCIPHER
1255        select CRYPTO_USER_API
1256        help
1257          This option enables the user-spaces interface for symmetric
1258          key cipher algorithms.
1259
1260source "drivers/crypto/Kconfig"
1261source crypto/asymmetric_keys/Kconfig
1262
1263endif   # if CRYPTO
1264
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.