1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 27 depends on MODULE_SIG 28 help 29 This options enables the fips boot option which is 30 required if you want to system to operate in a FIPS 200 31 certification. You should say no unless you know what 32 this is. 33 34config CRYPTO_ALGAPI 35 tristate 36 select CRYPTO_ALGAPI2 37 help 38 This option provides the API for cryptographic algorithms. 39 40config CRYPTO_ALGAPI2 41 tristate 42 43config CRYPTO_AEAD 44 tristate 45 select CRYPTO_AEAD2 46 select CRYPTO_ALGAPI 47 48config CRYPTO_AEAD2 49 tristate 50 select CRYPTO_ALGAPI2 51 select CRYPTO_NULL2 52 select CRYPTO_RNG2 53 54config CRYPTO_BLKCIPHER 55 tristate 56 select CRYPTO_BLKCIPHER2 57 select CRYPTO_ALGAPI 58 59config CRYPTO_BLKCIPHER2 60 tristate 61 select CRYPTO_ALGAPI2 62 select CRYPTO_RNG2 63 select CRYPTO_WORKQUEUE 64 65config CRYPTO_HASH 66 tristate 67 select CRYPTO_HASH2 68 select CRYPTO_ALGAPI 69 70config CRYPTO_HASH2 71 tristate 72 select CRYPTO_ALGAPI2 73 74config CRYPTO_RNG 75 tristate 76 select CRYPTO_RNG2 77 select CRYPTO_ALGAPI 78 79config CRYPTO_RNG2 80 tristate 81 select CRYPTO_ALGAPI2 82 83config CRYPTO_RNG_DEFAULT 84 tristate 85 select CRYPTO_DRBG_MENU 86 87config CRYPTO_AKCIPHER2 88 tristate 89 select CRYPTO_ALGAPI2 90 91config CRYPTO_AKCIPHER 92 tristate 93 select CRYPTO_AKCIPHER2 94 select CRYPTO_ALGAPI 95 96config CRYPTO_RSA 97 tristate "RSA algorithm" 98 select CRYPTO_AKCIPHER 99 select CRYPTO_MANAGER 100 select MPILIB 101 select ASN1 102 help 103 Generic implementation of the RSA public key algorithm. 104 105config CRYPTO_MANAGER 106 tristate "Cryptographic algorithm manager" 107 select CRYPTO_MANAGER2 108 help 109 Create default cryptographic template instantiations such as 110 cbc(aes). 111 112config CRYPTO_MANAGER2 113 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 114 select CRYPTO_AEAD2 115 select CRYPTO_HASH2 116 select CRYPTO_BLKCIPHER2 117 select CRYPTO_AKCIPHER2 118 119config CRYPTO_USER 120 tristate "Userspace cryptographic algorithm configuration" 121 depends on NET 122 select CRYPTO_MANAGER 123 help 124 Userspace configuration for cryptographic instantiations such as 125 cbc(aes). 126 127config CRYPTO_MANAGER_DISABLE_TESTS 128 bool "Disable run-time self tests" 129 default y 130 depends on CRYPTO_MANAGER2 131 help 132 Disable run-time self tests that normally take place at 133 algorithm registration. 134 135config CRYPTO_GF128MUL 136 tristate "GF(2^128) multiplication functions" 137 help 138 Efficient table driven implementation of multiplications in the 139 field GF(2^128). This is needed by some cypher modes. This 140 option will be selected automatically if you select such a 141 cipher mode. Only select this option by hand if you expect to load 142 an external module that requires these functions. 143 144config CRYPTO_NULL 145 tristate "Null algorithms" 146 select CRYPTO_NULL2 147 help 148 These are 'Null' algorithms, used by IPsec, which do nothing. 149 150config CRYPTO_NULL2 151 tristate 152 select CRYPTO_ALGAPI2 153 select CRYPTO_BLKCIPHER2 154 select CRYPTO_HASH2 155 156config CRYPTO_PCRYPT 157 tristate "Parallel crypto engine" 158 depends on SMP 159 select PADATA 160 select CRYPTO_MANAGER 161 select CRYPTO_AEAD 162 help 163 This converts an arbitrary crypto algorithm into a parallel 164 algorithm that executes in kernel threads. 165 166config CRYPTO_WORKQUEUE 167 tristate 168 169config CRYPTO_CRYPTD 170 tristate "Software async crypto daemon" 171 select CRYPTO_BLKCIPHER 172 select CRYPTO_HASH 173 select CRYPTO_MANAGER 174 select CRYPTO_WORKQUEUE 175 help 176 This is a generic software asynchronous crypto daemon that 177 converts an arbitrary synchronous software crypto algorithm 178 into an asynchronous algorithm that executes in a kernel thread. 179 180config CRYPTO_MCRYPTD 181 tristate "Software async multi-buffer crypto daemon" 182 select CRYPTO_BLKCIPHER 183 select CRYPTO_HASH 184 select CRYPTO_MANAGER 185 select CRYPTO_WORKQUEUE 186 help 187 This is a generic software asynchronous crypto daemon that 188 provides the kernel thread to assist multi-buffer crypto 189 algorithms for submitting jobs and flushing jobs in multi-buffer 190 crypto algorithms. Multi-buffer crypto algorithms are executed 191 in the context of this kernel thread and drivers can post 192 their crypto request asynchronously to be processed by this daemon. 193 194config CRYPTO_AUTHENC 195 tristate "Authenc support" 196 select CRYPTO_AEAD 197 select CRYPTO_BLKCIPHER 198 select CRYPTO_MANAGER 199 select CRYPTO_HASH 200 select CRYPTO_NULL 201 help 202 Authenc: Combined mode wrapper for IPsec. 203 This is required for IPSec. 204 205config CRYPTO_TEST 206 tristate "Testing module" 207 depends on m 208 select CRYPTO_MANAGER 209 help 210 Quick & dirty crypto test module. 211 212config CRYPTO_ABLK_HELPER 213 tristate 214 select CRYPTO_CRYPTD 215 216config CRYPTO_GLUE_HELPER_X86 217 tristate 218 depends on X86 219 select CRYPTO_ALGAPI 220 221config CRYPTO_ENGINE 222 tristate 223 224comment "Authenticated Encryption with Associated Data" 225 226config CRYPTO_CCM 227 tristate "CCM support" 228 select CRYPTO_CTR 229 select CRYPTO_AEAD 230 help 231 Support for Counter with CBC MAC. Required for IPsec. 232 233config CRYPTO_GCM 234 tristate "GCM/GMAC support" 235 select CRYPTO_CTR 236 select CRYPTO_AEAD 237 select CRYPTO_GHASH 238 select CRYPTO_NULL 239 help 240 Support for Galois/Counter Mode (GCM) and Galois Message 241 Authentication Code (GMAC). Required for IPSec. 242 243config CRYPTO_CHACHA20POLY1305 244 tristate "ChaCha20-Poly1305 AEAD support" 245 select CRYPTO_CHACHA20 246 select CRYPTO_POLY1305 247 select CRYPTO_AEAD 248 help 249 ChaCha20-Poly1305 AEAD support, RFC7539. 250 251 Support for the AEAD wrapper using the ChaCha20 stream cipher combined 252 with the Poly1305 authenticator. It is defined in RFC7539 for use in 253 IETF protocols. 254 255config CRYPTO_SEQIV 256 tristate "Sequence Number IV Generator" 257 select CRYPTO_AEAD 258 select CRYPTO_BLKCIPHER 259 select CRYPTO_NULL 260 select CRYPTO_RNG_DEFAULT 261 help 262 This IV generator generates an IV based on a sequence number by 263 xoring it with a salt. This algorithm is mainly useful for CTR 264 265config CRYPTO_ECHAINIV 266 tristate "Encrypted Chain IV Generator" 267 select CRYPTO_AEAD 268 select CRYPTO_NULL 269 select CRYPTO_RNG_DEFAULT 270 default m 271 help 272 This IV generator generates an IV based on the encryption of 273 a sequence number xored with a salt. This is the default 274 algorithm for CBC. 275 276comment "Block modes" 277 278config CRYPTO_CBC 279 tristate "CBC support" 280 select CRYPTO_BLKCIPHER 281 select CRYPTO_MANAGER 282 help 283 CBC: Cipher Block Chaining mode 284 This block cipher algorithm is required for IPSec. 285 286config CRYPTO_CTR 287 tristate "CTR support" 288 select CRYPTO_BLKCIPHER 289 select CRYPTO_SEQIV 290 select CRYPTO_MANAGER 291 help 292 CTR: Counter mode 293 This block cipher algorithm is required for IPSec. 294 295config CRYPTO_CTS 296 tristate "CTS support" 297 select CRYPTO_BLKCIPHER 298 help 299 CTS: Cipher Text Stealing 300 This is the Cipher Text Stealing mode as described by 301 Section 8 of rfc2040 and referenced by rfc3962. 302 (rfc3962 includes errata information in its Appendix A) 303 This mode is required for Kerberos gss mechanism support 304 for AES encryption. 305 306config CRYPTO_ECB 307 tristate "ECB support" 308 select CRYPTO_BLKCIPHER 309 select CRYPTO_MANAGER 310 help 311 ECB: Electronic CodeBook mode 312 This is the simplest block cipher algorithm. It simply encrypts 313 the input block by block. 314 315config CRYPTO_LRW 316 tristate "LRW support" 317 select CRYPTO_BLKCIPHER 318 select CRYPTO_MANAGER 319 select CRYPTO_GF128MUL 320 help 321 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 322 narrow block cipher mode for dm-crypt. Use it with cipher 323 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 324 The first 128, 192 or 256 bits in the key are used for AES and the 325 rest is used to tie each cipher block to its logical position. 326 327config CRYPTO_PCBC 328 tristate "PCBC support" 329 select CRYPTO_BLKCIPHER 330 select CRYPTO_MANAGER 331 help 332 PCBC: Propagating Cipher Block Chaining mode 333 This block cipher algorithm is required for RxRPC. 334 335config CRYPTO_XTS 336 tristate "XTS support" 337 select CRYPTO_BLKCIPHER 338 select CRYPTO_MANAGER 339 select CRYPTO_GF128MUL 340 help 341 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 342 key size 256, 384 or 512 bits. This implementation currently 343 can't handle a sectorsize which is not a multiple of 16 bytes. 344 345config CRYPTO_KEYWRAP 346 tristate "Key wrapping support" 347 select CRYPTO_BLKCIPHER 348 help 349 Support for key wrapping (NIST SP800-38F / RFC3394) without 350 padding. 351 352comment "Hash modes" 353 354config CRYPTO_CMAC 355 tristate "CMAC support" 356 select CRYPTO_HASH 357 select CRYPTO_MANAGER 358 help 359 Cipher-based Message Authentication Code (CMAC) specified by 360 The National Institute of Standards and Technology (NIST). 361 362 https://tools.ietf.org/html/rfc4493 363 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf 364 365config CRYPTO_HMAC 366 tristate "HMAC support" 367 select CRYPTO_HASH 368 select CRYPTO_MANAGER 369 help 370 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 371 This is required for IPSec. 372 373config CRYPTO_XCBC 374 tristate "XCBC support" 375 select CRYPTO_HASH 376 select CRYPTO_MANAGER 377 help 378 XCBC: Keyed-Hashing with encryption algorithm 379 http://www.ietf.org/rfc/rfc3566.txt 380 http://csrc.nist.gov/encryption/modes/proposedmodes/ 381 xcbc-mac/xcbc-mac-spec.pdf 382 383config CRYPTO_VMAC 384 tristate "VMAC support" 385 select CRYPTO_HASH 386 select CRYPTO_MANAGER 387 help 388 VMAC is a message authentication algorithm designed for 389 very high speed on 64-bit architectures. 390 391 See also: 392 <http://fastcrypto.org/vmac> 393 394comment "Digest" 395 396config CRYPTO_CRC32C 397 tristate "CRC32c CRC algorithm" 398 select CRYPTO_HASH 399 select CRC32 400 help 401 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 402 by iSCSI for header and data digests and by others. 403 See Castagnoli93. Module will be crc32c. 404 405config CRYPTO_CRC32C_INTEL 406 tristate "CRC32c INTEL hardware acceleration" 407 depends on X86 408 select CRYPTO_HASH 409 help 410 In Intel processor with SSE4.2 supported, the processor will 411 support CRC32C implementation using hardware accelerated CRC32 412 instruction. This option will create 'crc32c-intel' module, 413 which will enable any routine to use the CRC32 instruction to 414 gain performance compared with software implementation. 415 Module will be crc32c-intel. 416 417config CRYPTO_CRC32C_SPARC64 418 tristate "CRC32c CRC algorithm (SPARC64)" 419 depends on SPARC64 420 select CRYPTO_HASH 421 select CRC32 422 help 423 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 424 when available. 425 426config CRYPTO_CRC32 427 tristate "CRC32 CRC algorithm" 428 select CRYPTO_HASH 429 select CRC32 430 help 431 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm. 432 Shash crypto api wrappers to crc32_le function. 433 434config CRYPTO_CRC32_PCLMUL 435 tristate "CRC32 PCLMULQDQ hardware acceleration" 436 depends on X86 437 select CRYPTO_HASH 438 select CRC32 439 help 440 From Intel Westmere and AMD Bulldozer processor with SSE4.2 441 and PCLMULQDQ supported, the processor will support 442 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ 443 instruction. This option will create 'crc32-plcmul' module, 444 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 445 and gain better performance as compared with the table implementation. 446 447config CRYPTO_CRCT10DIF 448 tristate "CRCT10DIF algorithm" 449 select CRYPTO_HASH 450 help 451 CRC T10 Data Integrity Field computation is being cast as 452 a crypto transform. This allows for faster crc t10 diff 453 transforms to be used if they are available. 454 455config CRYPTO_CRCT10DIF_PCLMUL 456 tristate "CRCT10DIF PCLMULQDQ hardware acceleration" 457 depends on X86 && 64BIT && CRC_T10DIF 458 select CRYPTO_HASH 459 help 460 For x86_64 processors with SSE4.2 and PCLMULQDQ supported, 461 CRC T10 DIF PCLMULQDQ computation can be hardware 462 accelerated PCLMULQDQ instruction. This option will create 463 'crct10dif-plcmul' module, which is faster when computing the 464 crct10dif checksum as compared with the generic table implementation. 465 466config CRYPTO_GHASH 467 tristate "GHASH digest algorithm" 468 select CRYPTO_GF128MUL 469 select CRYPTO_HASH 470 help 471 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 472 473config CRYPTO_POLY1305 474 tristate "Poly1305 authenticator algorithm" 475 select CRYPTO_HASH 476 help 477 Poly1305 authenticator algorithm, RFC7539. 478 479 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein. 480 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use 481 in IETF protocols. This is the portable C implementation of Poly1305. 482 483config CRYPTO_POLY1305_X86_64 484 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)" 485 depends on X86 && 64BIT 486 select CRYPTO_POLY1305 487 help 488 Poly1305 authenticator algorithm, RFC7539. 489 490 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein. 491 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use 492 in IETF protocols. This is the x86_64 assembler implementation using SIMD 493 instructions. 494 495config CRYPTO_MD4 496 tristate "MD4 digest algorithm" 497 select CRYPTO_HASH 498 help 499 MD4 message digest algorithm (RFC1320). 500 501config CRYPTO_MD5 502 tristate "MD5 digest algorithm" 503 select CRYPTO_HASH 504 help 505 MD5 message digest algorithm (RFC1321). 506 507config CRYPTO_MD5_OCTEON 508 tristate "MD5 digest algorithm (OCTEON)" 509 depends on CPU_CAVIUM_OCTEON 510 select CRYPTO_MD5 511 select CRYPTO_HASH 512 help 513 MD5 message digest algorithm (RFC1321) implemented 514 using OCTEON crypto instructions, when available. 515 516config CRYPTO_MD5_PPC 517 tristate "MD5 digest algorithm (PPC)" 518 depends on PPC 519 select CRYPTO_HASH 520 help 521 MD5 message digest algorithm (RFC1321) implemented 522 in PPC assembler. 523 524config CRYPTO_MD5_SPARC64 525 tristate "MD5 digest algorithm (SPARC64)" 526 depends on SPARC64 527 select CRYPTO_MD5 528 select CRYPTO_HASH 529 help 530 MD5 message digest algorithm (RFC1321) implemented 531 using sparc64 crypto instructions, when available. 532 533config CRYPTO_MICHAEL_MIC 534 tristate "Michael MIC keyed digest algorithm" 535 select CRYPTO_HASH 536 help 537 Michael MIC is used for message integrity protection in TKIP 538 (IEEE 802.11i). This algorithm is required for TKIP, but it 539 should not be used for other purposes because of the weakness 540 of the algorithm. 541 542config CRYPTO_RMD128 543 tristate "RIPEMD-128 digest algorithm" 544 select CRYPTO_HASH 545 help 546 RIPEMD-128 (ISO/IEC 10118-3:2004). 547 548 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 549 be used as a secure replacement for RIPEMD. For other use cases, 550 RIPEMD-160 should be used. 551 552 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 553 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 554 555config CRYPTO_RMD160 556 tristate "RIPEMD-160 digest algorithm" 557 select CRYPTO_HASH 558 help 559 RIPEMD-160 (ISO/IEC 10118-3:2004). 560 561 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 562 to be used as a secure replacement for the 128-bit hash functions 563 MD4, MD5 and it's predecessor RIPEMD 564 (not to be confused with RIPEMD-128). 565 566 It's speed is comparable to SHA1 and there are no known attacks 567 against RIPEMD-160. 568 569 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 570 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 571 572config CRYPTO_RMD256 573 tristate "RIPEMD-256 digest algorithm" 574 select CRYPTO_HASH 575 help 576 RIPEMD-256 is an optional extension of RIPEMD-128 with a 577 256 bit hash. It is intended for applications that require 578 longer hash-results, without needing a larger security level 579 (than RIPEMD-128). 580 581 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 582 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 583 584config CRYPTO_RMD320 585 tristate "RIPEMD-320 digest algorithm" 586 select CRYPTO_HASH 587 help 588 RIPEMD-320 is an optional extension of RIPEMD-160 with a 589 320 bit hash. It is intended for applications that require 590 longer hash-results, without needing a larger security level 591 (than RIPEMD-160). 592 593 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 594 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 595 596config CRYPTO_SHA1 597 tristate "SHA1 digest algorithm" 598 select CRYPTO_HASH 599 help 600 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 601 602config CRYPTO_SHA1_SSSE3 603 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)" 604 depends on X86 && 64BIT 605 select CRYPTO_SHA1 606 select CRYPTO_HASH 607 help 608 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 609 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 610 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions), 611 when available. 612 613config CRYPTO_SHA256_SSSE3 614 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)" 615 depends on X86 && 64BIT 616 select CRYPTO_SHA256 617 select CRYPTO_HASH 618 help 619 SHA-256 secure hash standard (DFIPS 180-2) implemented 620 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 621 Extensions version 1 (AVX1), or Advanced Vector Extensions 622 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New 623 Instructions) when available. 624 625config CRYPTO_SHA512_SSSE3 626 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)" 627 depends on X86 && 64BIT 628 select CRYPTO_SHA512 629 select CRYPTO_HASH 630 help 631 SHA-512 secure hash standard (DFIPS 180-2) implemented 632 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 633 Extensions version 1 (AVX1), or Advanced Vector Extensions 634 version 2 (AVX2) instructions, when available. 635 636config CRYPTO_SHA1_OCTEON 637 tristate "SHA1 digest algorithm (OCTEON)" 638 depends on CPU_CAVIUM_OCTEON 639 select CRYPTO_SHA1 640 select CRYPTO_HASH 641 help 642 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 643 using OCTEON crypto instructions, when available. 644 645config CRYPTO_SHA1_SPARC64 646 tristate "SHA1 digest algorithm (SPARC64)" 647 depends on SPARC64 648 select CRYPTO_SHA1 649 select CRYPTO_HASH 650 help 651 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 652 using sparc64 crypto instructions, when available. 653 654config CRYPTO_SHA1_PPC 655 tristate "SHA1 digest algorithm (powerpc)" 656 depends on PPC 657 help 658 This is the powerpc hardware accelerated implementation of the 659 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 660 661config CRYPTO_SHA1_PPC_SPE 662 tristate "SHA1 digest algorithm (PPC SPE)" 663 depends on PPC && SPE 664 help 665 SHA-1 secure hash standard (DFIPS 180-4) implemented 666 using powerpc SPE SIMD instruction set. 667 668config CRYPTO_SHA1_MB 669 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)" 670 depends on X86 && 64BIT 671 select CRYPTO_SHA1 672 select CRYPTO_HASH 673 select CRYPTO_MCRYPTD 674 help 675 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 676 using multi-buffer technique. This algorithm computes on 677 multiple data lanes concurrently with SIMD instructions for 678 better throughput. It should not be enabled by default but 679 used when there is significant amount of work to keep the keep 680 the data lanes filled to get performance benefit. If the data 681 lanes remain unfilled, a flush operation will be initiated to 682 process the crypto jobs, adding a slight latency. 683 684config CRYPTO_SHA256 685 tristate "SHA224 and SHA256 digest algorithm" 686 select CRYPTO_HASH 687 help 688 SHA256 secure hash standard (DFIPS 180-2). 689 690 This version of SHA implements a 256 bit hash with 128 bits of 691 security against collision attacks. 692 693 This code also includes SHA-224, a 224 bit hash with 112 bits 694 of security against collision attacks. 695 696config CRYPTO_SHA256_PPC_SPE 697 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)" 698 depends on PPC && SPE 699 select CRYPTO_SHA256 700 select CRYPTO_HASH 701 help 702 SHA224 and SHA256 secure hash standard (DFIPS 180-2) 703 implemented using powerpc SPE SIMD instruction set. 704 705config CRYPTO_SHA256_OCTEON 706 tristate "SHA224 and SHA256 digest algorithm (OCTEON)" 707 depends on CPU_CAVIUM_OCTEON 708 select CRYPTO_SHA256 709 select CRYPTO_HASH 710 help 711 SHA-256 secure hash standard (DFIPS 180-2) implemented 712 using OCTEON crypto instructions, when available. 713 714config CRYPTO_SHA256_SPARC64 715 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 716 depends on SPARC64 717 select CRYPTO_SHA256 718 select CRYPTO_HASH 719 help 720 SHA-256 secure hash standard (DFIPS 180-2) implemented 721 using sparc64 crypto instructions, when available. 722 723config CRYPTO_SHA512 724 tristate "SHA384 and SHA512 digest algorithms" 725 select CRYPTO_HASH 726 help 727 SHA512 secure hash standard (DFIPS 180-2). 728 729 This version of SHA implements a 512 bit hash with 256 bits of 730 security against collision attacks. 731 732 This code also includes SHA-384, a 384 bit hash with 192 bits 733 of security against collision attacks. 734 735config CRYPTO_SHA512_OCTEON 736 tristate "SHA384 and SHA512 digest algorithms (OCTEON)" 737 depends on CPU_CAVIUM_OCTEON 738 select CRYPTO_SHA512 739 select CRYPTO_HASH 740 help 741 SHA-512 secure hash standard (DFIPS 180-2) implemented 742 using OCTEON crypto instructions, when available. 743 744config CRYPTO_SHA512_SPARC64 745 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 746 depends on SPARC64 747 select CRYPTO_SHA512 748 select CRYPTO_HASH 749 help 750 SHA-512 secure hash standard (DFIPS 180-2) implemented 751 using sparc64 crypto instructions, when available. 752 753config CRYPTO_TGR192 754 tristate "Tiger digest algorithms" 755 select CRYPTO_HASH 756 help 757 Tiger hash algorithm 192, 160 and 128-bit hashes 758 759 Tiger is a hash function optimized for 64-bit processors while 760 still having decent performance on 32-bit processors. 761 Tiger was developed by Ross Anderson and Eli Biham. 762 763 See also: 764 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 765 766config CRYPTO_WP512 767 tristate "Whirlpool digest algorithms" 768 select CRYPTO_HASH 769 help 770 Whirlpool hash algorithm 512, 384 and 256-bit hashes 771 772 Whirlpool-512 is part of the NESSIE cryptographic primitives. 773 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 774 775 See also: 776 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 777 778config CRYPTO_GHASH_CLMUL_NI_INTEL 779 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 780 depends on X86 && 64BIT 781 select CRYPTO_CRYPTD 782 help 783 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 784 The implementation is accelerated by CLMUL-NI of Intel. 785 786comment "Ciphers" 787 788config CRYPTO_AES 789 tristate "AES cipher algorithms" 790 select CRYPTO_ALGAPI 791 help 792 AES cipher algorithms (FIPS-197). AES uses the Rijndael 793 algorithm. 794 795 Rijndael appears to be consistently a very good performer in 796 both hardware and software across a wide range of computing 797 environments regardless of its use in feedback or non-feedback 798 modes. Its key setup time is excellent, and its key agility is 799 good. Rijndael's very low memory requirements make it very well 800 suited for restricted-space environments, in which it also 801 demonstrates excellent performance. Rijndael's operations are 802 among the easiest to defend against power and timing attacks. 803 804 The AES specifies three key sizes: 128, 192 and 256 bits 805 806 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 807 808config CRYPTO_AES_586 809 tristate "AES cipher algorithms (i586)" 810 depends on (X86 || UML_X86) && !64BIT 811 select CRYPTO_ALGAPI 812 select CRYPTO_AES 813 help 814 AES cipher algorithms (FIPS-197). AES uses the Rijndael 815 algorithm. 816 817 Rijndael appears to be consistently a very good performer in 818 both hardware and software across a wide range of computing 819 environments regardless of its use in feedback or non-feedback 820 modes. Its key setup time is excellent, and its key agility is 821 good. Rijndael's very low memory requirements make it very well 822 suited for restricted-space environments, in which it also 823 demonstrates excellent performance. Rijndael's operations are 824 among the easiest to defend against power and timing attacks. 825 826 The AES specifies three key sizes: 128, 192 and 256 bits 827 828 See <http://csrc.nist.gov/encryption/aes/> for more information. 829 830config CRYPTO_AES_X86_64 831 tristate "AES cipher algorithms (x86_64)" 832 depends on (X86 || UML_X86) && 64BIT 833 select CRYPTO_ALGAPI 834 select CRYPTO_AES 835 help 836 AES cipher algorithms (FIPS-197). AES uses the Rijndael 837 algorithm. 838 839 Rijndael appears to be consistently a very good performer in 840 both hardware and software across a wide range of computing 841 environments regardless of its use in feedback or non-feedback 842 modes. Its key setup time is excellent, and its key agility is 843 good. Rijndael's very low memory requirements make it very well 844 suited for restricted-space environments, in which it also 845 demonstrates excellent performance. Rijndael's operations are 846 among the easiest to defend against power and timing attacks. 847 848 The AES specifies three key sizes: 128, 192 and 256 bits 849 850 See <http://csrc.nist.gov/encryption/aes/> for more information. 851 852config CRYPTO_AES_NI_INTEL 853 tristate "AES cipher algorithms (AES-NI)" 854 depends on X86 855 select CRYPTO_AES_X86_64 if 64BIT 856 select CRYPTO_AES_586 if !64BIT 857 select CRYPTO_CRYPTD 858 select CRYPTO_ABLK_HELPER 859 select CRYPTO_ALGAPI 860 select CRYPTO_GLUE_HELPER_X86 if 64BIT 861 select CRYPTO_LRW 862 select CRYPTO_XTS 863 help 864 Use Intel AES-NI instructions for AES algorithm. 865 866 AES cipher algorithms (FIPS-197). AES uses the Rijndael 867 algorithm. 868 869 Rijndael appears to be consistently a very good performer in 870 both hardware and software across a wide range of computing 871 environments regardless of its use in feedback or non-feedback 872 modes. Its key setup time is excellent, and its key agility is 873 good. Rijndael's very low memory requirements make it very well 874 suited for restricted-space environments, in which it also 875 demonstrates excellent performance. Rijndael's operations are 876 among the easiest to defend against power and timing attacks. 877 878 The AES specifies three key sizes: 128, 192 and 256 bits 879 880 See <http://csrc.nist.gov/encryption/aes/> for more information. 881 882 In addition to AES cipher algorithm support, the acceleration 883 for some popular block cipher mode is supported too, including 884 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 885 acceleration for CTR. 886 887config CRYPTO_AES_SPARC64 888 tristate "AES cipher algorithms (SPARC64)" 889 depends on SPARC64 890 select CRYPTO_CRYPTD 891 select CRYPTO_ALGAPI 892 help 893 Use SPARC64 crypto opcodes for AES algorithm. 894 895 AES cipher algorithms (FIPS-197). AES uses the Rijndael 896 algorithm. 897 898 Rijndael appears to be consistently a very good performer in 899 both hardware and software across a wide range of computing 900 environments regardless of its use in feedback or non-feedback 901 modes. Its key setup time is excellent, and its key agility is 902 good. Rijndael's very low memory requirements make it very well 903 suited for restricted-space environments, in which it also 904 demonstrates excellent performance. Rijndael's operations are 905 among the easiest to defend against power and timing attacks. 906 907 The AES specifies three key sizes: 128, 192 and 256 bits 908 909 See <http://csrc.nist.gov/encryption/aes/> for more information. 910 911 In addition to AES cipher algorithm support, the acceleration 912 for some popular block cipher mode is supported too, including 913 ECB and CBC. 914 915config CRYPTO_AES_PPC_SPE 916 tristate "AES cipher algorithms (PPC SPE)" 917 depends on PPC && SPE 918 help 919 AES cipher algorithms (FIPS-197). Additionally the acceleration 920 for popular block cipher modes ECB, CBC, CTR and XTS is supported. 921 This module should only be used for low power (router) devices 922 without hardware AES acceleration (e.g. caam crypto). It reduces the 923 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates 924 timining attacks. Nevertheless it might be not as secure as other 925 architecture specific assembler implementations that work on 1KB 926 tables or 256 bytes S-boxes. 927 928config CRYPTO_ANUBIS 929 tristate "Anubis cipher algorithm" 930 select CRYPTO_ALGAPI 931 help 932 Anubis cipher algorithm. 933 934 Anubis is a variable key length cipher which can use keys from 935 128 bits to 320 bits in length. It was evaluated as a entrant 936 in the NESSIE competition. 937 938 See also: 939 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 940 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 941 942config CRYPTO_ARC4 943 tristate "ARC4 cipher algorithm" 944 select CRYPTO_BLKCIPHER 945 help 946 ARC4 cipher algorithm. 947 948 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 949 bits in length. This algorithm is required for driver-based 950 WEP, but it should not be for other purposes because of the 951 weakness of the algorithm. 952 953config CRYPTO_BLOWFISH 954 tristate "Blowfish cipher algorithm" 955 select CRYPTO_ALGAPI 956 select CRYPTO_BLOWFISH_COMMON 957 help 958 Blowfish cipher algorithm, by Bruce Schneier. 959 960 This is a variable key length cipher which can use keys from 32 961 bits to 448 bits in length. It's fast, simple and specifically 962 designed for use on "large microprocessors". 963 964 See also: 965 <http://www.schneier.com/blowfish.html> 966 967config CRYPTO_BLOWFISH_COMMON 968 tristate 969 help 970 Common parts of the Blowfish cipher algorithm shared by the 971 generic c and the assembler implementations. 972 973 See also: 974 <http://www.schneier.com/blowfish.html> 975 976config CRYPTO_BLOWFISH_X86_64 977 tristate "Blowfish cipher algorithm (x86_64)" 978 depends on X86 && 64BIT 979 select CRYPTO_ALGAPI 980 select CRYPTO_BLOWFISH_COMMON 981 help 982 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 983 984 This is a variable key length cipher which can use keys from 32 985 bits to 448 bits in length. It's fast, simple and specifically 986 designed for use on "large microprocessors". 987 988 See also: 989 <http://www.schneier.com/blowfish.html> 990 991config CRYPTO_CAMELLIA 992 tristate "Camellia cipher algorithms" 993 depends on CRYPTO 994 select CRYPTO_ALGAPI 995 help 996 Camellia cipher algorithms module. 997 998 Camellia is a symmetric key block cipher developed jointly 999 at NTT and Mitsubishi Electric Corporation. 1000 1001 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1002 1003 See also: 1004 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1005 1006config CRYPTO_CAMELLIA_X86_64 1007 tristate "Camellia cipher algorithm (x86_64)" 1008 depends on X86 && 64BIT 1009 depends on CRYPTO 1010 select CRYPTO_ALGAPI 1011 select CRYPTO_GLUE_HELPER_X86 1012 select CRYPTO_LRW 1013 select CRYPTO_XTS 1014 help 1015 Camellia cipher algorithm module (x86_64). 1016 1017 Camellia is a symmetric key block cipher developed jointly 1018 at NTT and Mitsubishi Electric Corporation. 1019 1020 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1021 1022 See also: 1023 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1024 1025config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 1026 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 1027 depends on X86 && 64BIT 1028 depends on CRYPTO 1029 select CRYPTO_ALGAPI 1030 select CRYPTO_CRYPTD 1031 select CRYPTO_ABLK_HELPER 1032 select CRYPTO_GLUE_HELPER_X86 1033 select CRYPTO_CAMELLIA_X86_64 1034 select CRYPTO_LRW 1035 select CRYPTO_XTS 1036 help 1037 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 1038 1039 Camellia is a symmetric key block cipher developed jointly 1040 at NTT and Mitsubishi Electric Corporation. 1041 1042 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1043 1044 See also: 1045 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1046 1047config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 1048 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)" 1049 depends on X86 && 64BIT 1050 depends on CRYPTO 1051 select CRYPTO_ALGAPI 1052 select CRYPTO_CRYPTD 1053 select CRYPTO_ABLK_HELPER 1054 select CRYPTO_GLUE_HELPER_X86 1055 select CRYPTO_CAMELLIA_X86_64 1056 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64 1057 select CRYPTO_LRW 1058 select CRYPTO_XTS 1059 help 1060 Camellia cipher algorithm module (x86_64/AES-NI/AVX2). 1061 1062 Camellia is a symmetric key block cipher developed jointly 1063 at NTT and Mitsubishi Electric Corporation. 1064 1065 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1066 1067 See also: 1068 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1069 1070config CRYPTO_CAMELLIA_SPARC64 1071 tristate "Camellia cipher algorithm (SPARC64)" 1072 depends on SPARC64 1073 depends on CRYPTO 1074 select CRYPTO_ALGAPI 1075 help 1076 Camellia cipher algorithm module (SPARC64). 1077 1078 Camellia is a symmetric key block cipher developed jointly 1079 at NTT and Mitsubishi Electric Corporation. 1080 1081 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1082 1083 See also: 1084 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1085 1086config CRYPTO_CAST_COMMON 1087 tristate 1088 help 1089 Common parts of the CAST cipher algorithms shared by the 1090 generic c and the assembler implementations. 1091 1092config CRYPTO_CAST5 1093 tristate "CAST5 (CAST-128) cipher algorithm" 1094 select CRYPTO_ALGAPI 1095 select CRYPTO_CAST_COMMON 1096 help 1097 The CAST5 encryption algorithm (synonymous with CAST-128) is 1098 described in RFC2144. 1099 1100config CRYPTO_CAST5_AVX_X86_64 1101 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 1102 depends on X86 && 64BIT 1103 select CRYPTO_ALGAPI 1104 select CRYPTO_CRYPTD 1105 select CRYPTO_ABLK_HELPER 1106 select CRYPTO_CAST_COMMON 1107 select CRYPTO_CAST5 1108 help 1109 The CAST5 encryption algorithm (synonymous with CAST-128) is 1110 described in RFC2144. 1111 1112 This module provides the Cast5 cipher algorithm that processes 1113 sixteen blocks parallel using the AVX instruction set. 1114 1115config CRYPTO_CAST6 1116 tristate "CAST6 (CAST-256) cipher algorithm" 1117 select CRYPTO_ALGAPI 1118 select CRYPTO_CAST_COMMON 1119 help 1120 The CAST6 encryption algorithm (synonymous with CAST-256) is 1121 described in RFC2612. 1122 1123config CRYPTO_CAST6_AVX_X86_64 1124 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 1125 depends on X86 && 64BIT 1126 select CRYPTO_ALGAPI 1127 select CRYPTO_CRYPTD 1128 select CRYPTO_ABLK_HELPER 1129 select CRYPTO_GLUE_HELPER_X86 1130 select CRYPTO_CAST_COMMON 1131 select CRYPTO_CAST6 1132 select CRYPTO_LRW 1133 select CRYPTO_XTS 1134 help 1135 The CAST6 encryption algorithm (synonymous with CAST-256) is 1136 described in RFC2612. 1137 1138 This module provides the Cast6 cipher algorithm that processes 1139 eight blocks parallel using the AVX instruction set. 1140 1141config CRYPTO_DES 1142 tristate "DES and Triple DES EDE cipher algorithms" 1143 select CRYPTO_ALGAPI 1144 help 1145 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 1146 1147config CRYPTO_DES_SPARC64 1148 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 1149 depends on SPARC64 1150 select CRYPTO_ALGAPI 1151 select CRYPTO_DES 1152 help 1153 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 1154 optimized using SPARC64 crypto opcodes. 1155 1156config CRYPTO_DES3_EDE_X86_64 1157 tristate "Triple DES EDE cipher algorithm (x86-64)" 1158 depends on X86 && 64BIT 1159 select CRYPTO_ALGAPI 1160 select CRYPTO_DES 1161 help 1162 Triple DES EDE (FIPS 46-3) algorithm. 1163 1164 This module provides implementation of the Triple DES EDE cipher 1165 algorithm that is optimized for x86-64 processors. Two versions of 1166 algorithm are provided; regular processing one input block and 1167 one that processes three blocks parallel. 1168 1169config CRYPTO_FCRYPT 1170 tristate "FCrypt cipher algorithm" 1171 select CRYPTO_ALGAPI 1172 select CRYPTO_BLKCIPHER 1173 help 1174 FCrypt algorithm used by RxRPC. 1175 1176config CRYPTO_KHAZAD 1177 tristate "Khazad cipher algorithm" 1178 select CRYPTO_ALGAPI 1179 help 1180 Khazad cipher algorithm. 1181 1182 Khazad was a finalist in the initial NESSIE competition. It is 1183 an algorithm optimized for 64-bit processors with good performance 1184 on 32-bit processors. Khazad uses an 128 bit key size. 1185 1186 See also: 1187 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 1188 1189config CRYPTO_SALSA20 1190 tristate "Salsa20 stream cipher algorithm" 1191 select CRYPTO_BLKCIPHER 1192 help 1193 Salsa20 stream cipher algorithm. 1194 1195 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1196 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1197 1198 The Salsa20 stream cipher algorithm is designed by Daniel J. 1199 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1200 1201config CRYPTO_SALSA20_586 1202 tristate "Salsa20 stream cipher algorithm (i586)" 1203 depends on (X86 || UML_X86) && !64BIT 1204 select CRYPTO_BLKCIPHER 1205 help 1206 Salsa20 stream cipher algorithm. 1207 1208 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1209 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1210 1211 The Salsa20 stream cipher algorithm is designed by Daniel J. 1212 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1213 1214config CRYPTO_SALSA20_X86_64 1215 tristate "Salsa20 stream cipher algorithm (x86_64)" 1216 depends on (X86 || UML_X86) && 64BIT 1217 select CRYPTO_BLKCIPHER 1218 help 1219 Salsa20 stream cipher algorithm. 1220 1221 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1222 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1223 1224 The Salsa20 stream cipher algorithm is designed by Daniel J. 1225 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1226 1227config CRYPTO_CHACHA20 1228 tristate "ChaCha20 cipher algorithm" 1229 select CRYPTO_BLKCIPHER 1230 help 1231 ChaCha20 cipher algorithm, RFC7539. 1232 1233 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. 1234 Bernstein and further specified in RFC7539 for use in IETF protocols. 1235 This is the portable C implementation of ChaCha20. 1236 1237 See also: 1238 <http://cr.yp.to/chacha/chacha-20080128.pdf> 1239 1240config CRYPTO_CHACHA20_X86_64 1241 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)" 1242 depends on X86 && 64BIT 1243 select CRYPTO_BLKCIPHER 1244 select CRYPTO_CHACHA20 1245 help 1246 ChaCha20 cipher algorithm, RFC7539. 1247 1248 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. 1249 Bernstein and further specified in RFC7539 for use in IETF protocols. 1250 This is the x86_64 assembler implementation using SIMD instructions. 1251 1252 See also: 1253 <http://cr.yp.to/chacha/chacha-20080128.pdf> 1254 1255config CRYPTO_SEED 1256 tristate "SEED cipher algorithm" 1257 select CRYPTO_ALGAPI 1258 help 1259 SEED cipher algorithm (RFC4269). 1260 1261 SEED is a 128-bit symmetric key block cipher that has been 1262 developed by KISA (Korea Information Security Agency) as a 1263 national standard encryption algorithm of the Republic of Korea. 1264 It is a 16 round block cipher with the key size of 128 bit. 1265 1266 See also: 1267 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 1268 1269config CRYPTO_SERPENT 1270 tristate "Serpent cipher algorithm" 1271 select CRYPTO_ALGAPI 1272 help 1273 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1274 1275 Keys are allowed to be from 0 to 256 bits in length, in steps 1276 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 1277 variant of Serpent for compatibility with old kerneli.org code. 1278 1279 See also: 1280 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1281 1282config CRYPTO_SERPENT_SSE2_X86_64 1283 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1284 depends on X86 && 64BIT 1285 select CRYPTO_ALGAPI 1286 select CRYPTO_CRYPTD 1287 select CRYPTO_ABLK_HELPER 1288 select CRYPTO_GLUE_HELPER_X86 1289 select CRYPTO_SERPENT 1290 select CRYPTO_LRW 1291 select CRYPTO_XTS 1292 help 1293 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1294 1295 Keys are allowed to be from 0 to 256 bits in length, in steps 1296 of 8 bits. 1297 1298 This module provides Serpent cipher algorithm that processes eight 1299 blocks parallel using SSE2 instruction set. 1300 1301 See also: 1302 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1303 1304config CRYPTO_SERPENT_SSE2_586 1305 tristate "Serpent cipher algorithm (i586/SSE2)" 1306 depends on X86 && !64BIT 1307 select CRYPTO_ALGAPI 1308 select CRYPTO_CRYPTD 1309 select CRYPTO_ABLK_HELPER 1310 select CRYPTO_GLUE_HELPER_X86 1311 select CRYPTO_SERPENT 1312 select CRYPTO_LRW 1313 select CRYPTO_XTS 1314 help 1315 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1316 1317 Keys are allowed to be from 0 to 256 bits in length, in steps 1318 of 8 bits. 1319 1320 This module provides Serpent cipher algorithm that processes four 1321 blocks parallel using SSE2 instruction set. 1322 1323 See also: 1324 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1325 1326config CRYPTO_SERPENT_AVX_X86_64 1327 tristate "Serpent cipher algorithm (x86_64/AVX)" 1328 depends on X86 && 64BIT 1329 select CRYPTO_ALGAPI 1330 select CRYPTO_CRYPTD 1331 select CRYPTO_ABLK_HELPER 1332 select CRYPTO_GLUE_HELPER_X86 1333 select CRYPTO_SERPENT 1334 select CRYPTO_LRW 1335 select CRYPTO_XTS 1336 help 1337 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1338 1339 Keys are allowed to be from 0 to 256 bits in length, in steps 1340 of 8 bits. 1341 1342 This module provides the Serpent cipher algorithm that processes 1343 eight blocks parallel using the AVX instruction set. 1344 1345 See also: 1346 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1347 1348config CRYPTO_SERPENT_AVX2_X86_64 1349 tristate "Serpent cipher algorithm (x86_64/AVX2)" 1350 depends on X86 && 64BIT 1351 select CRYPTO_ALGAPI 1352 select CRYPTO_CRYPTD 1353 select CRYPTO_ABLK_HELPER 1354 select CRYPTO_GLUE_HELPER_X86 1355 select CRYPTO_SERPENT 1356 select CRYPTO_SERPENT_AVX_X86_64 1357 select CRYPTO_LRW 1358 select CRYPTO_XTS 1359 help 1360 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1361 1362 Keys are allowed to be from 0 to 256 bits in length, in steps 1363 of 8 bits. 1364 1365 This module provides Serpent cipher algorithm that processes 16 1366 blocks parallel using AVX2 instruction set. 1367 1368 See also: 1369 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1370 1371config CRYPTO_TEA 1372 tristate "TEA, XTEA and XETA cipher algorithms" 1373 select CRYPTO_ALGAPI 1374 help 1375 TEA cipher algorithm. 1376 1377 Tiny Encryption Algorithm is a simple cipher that uses 1378 many rounds for security. It is very fast and uses 1379 little memory. 1380 1381 Xtendend Tiny Encryption Algorithm is a modification to 1382 the TEA algorithm to address a potential key weakness 1383 in the TEA algorithm. 1384 1385 Xtendend Encryption Tiny Algorithm is a mis-implementation 1386 of the XTEA algorithm for compatibility purposes. 1387 1388config CRYPTO_TWOFISH 1389 tristate "Twofish cipher algorithm" 1390 select CRYPTO_ALGAPI 1391 select CRYPTO_TWOFISH_COMMON 1392 help 1393 Twofish cipher algorithm. 1394 1395 Twofish was submitted as an AES (Advanced Encryption Standard) 1396 candidate cipher by researchers at CounterPane Systems. It is a 1397 16 round block cipher supporting key sizes of 128, 192, and 256 1398 bits. 1399 1400 See also: 1401 <http://www.schneier.com/twofish.html> 1402 1403config CRYPTO_TWOFISH_COMMON 1404 tristate 1405 help 1406 Common parts of the Twofish cipher algorithm shared by the 1407 generic c and the assembler implementations. 1408 1409config CRYPTO_TWOFISH_586 1410 tristate "Twofish cipher algorithms (i586)" 1411 depends on (X86 || UML_X86) && !64BIT 1412 select CRYPTO_ALGAPI 1413 select CRYPTO_TWOFISH_COMMON 1414 help 1415 Twofish cipher algorithm. 1416 1417 Twofish was submitted as an AES (Advanced Encryption Standard) 1418 candidate cipher by researchers at CounterPane Systems. It is a 1419 16 round block cipher supporting key sizes of 128, 192, and 256 1420 bits. 1421 1422 See also: 1423 <http://www.schneier.com/twofish.html> 1424 1425config CRYPTO_TWOFISH_X86_64 1426 tristate "Twofish cipher algorithm (x86_64)" 1427 depends on (X86 || UML_X86) && 64BIT 1428 select CRYPTO_ALGAPI 1429 select CRYPTO_TWOFISH_COMMON 1430 help 1431 Twofish cipher algorithm (x86_64). 1432 1433 Twofish was submitted as an AES (Advanced Encryption Standard) 1434 candidate cipher by researchers at CounterPane Systems. It is a 1435 16 round block cipher supporting key sizes of 128, 192, and 256 1436 bits. 1437 1438 See also: 1439 <http://www.schneier.com/twofish.html> 1440 1441config CRYPTO_TWOFISH_X86_64_3WAY 1442 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1443 depends on X86 && 64BIT 1444 select CRYPTO_ALGAPI 1445 select CRYPTO_TWOFISH_COMMON 1446 select CRYPTO_TWOFISH_X86_64 1447 select CRYPTO_GLUE_HELPER_X86 1448 select CRYPTO_LRW 1449 select CRYPTO_XTS 1450 help 1451 Twofish cipher algorithm (x86_64, 3-way parallel). 1452 1453 Twofish was submitted as an AES (Advanced Encryption Standard) 1454 candidate cipher by researchers at CounterPane Systems. It is a 1455 16 round block cipher supporting key sizes of 128, 192, and 256 1456 bits. 1457 1458 This module provides Twofish cipher algorithm that processes three 1459 blocks parallel, utilizing resources of out-of-order CPUs better. 1460 1461 See also: 1462 <http://www.schneier.com/twofish.html> 1463 1464config CRYPTO_TWOFISH_AVX_X86_64 1465 tristate "Twofish cipher algorithm (x86_64/AVX)" 1466 depends on X86 && 64BIT 1467 select CRYPTO_ALGAPI 1468 select CRYPTO_CRYPTD 1469 select CRYPTO_ABLK_HELPER 1470 select CRYPTO_GLUE_HELPER_X86 1471 select CRYPTO_TWOFISH_COMMON 1472 select CRYPTO_TWOFISH_X86_64 1473 select CRYPTO_TWOFISH_X86_64_3WAY 1474 select CRYPTO_LRW 1475 select CRYPTO_XTS 1476 help 1477 Twofish cipher algorithm (x86_64/AVX). 1478 1479 Twofish was submitted as an AES (Advanced Encryption Standard) 1480 candidate cipher by researchers at CounterPane Systems. It is a 1481 16 round block cipher supporting key sizes of 128, 192, and 256 1482 bits. 1483 1484 This module provides the Twofish cipher algorithm that processes 1485 eight blocks parallel using the AVX Instruction Set. 1486 1487 See also: 1488 <http://www.schneier.com/twofish.html> 1489 1490comment "Compression" 1491 1492config CRYPTO_DEFLATE 1493 tristate "Deflate compression algorithm" 1494 select CRYPTO_ALGAPI 1495 select ZLIB_INFLATE 1496 select ZLIB_DEFLATE 1497 help 1498 This is the Deflate algorithm (RFC1951), specified for use in 1499 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1500 1501 You will most probably want this if using IPSec. 1502 1503config CRYPTO_LZO 1504 tristate "LZO compression algorithm" 1505 select CRYPTO_ALGAPI 1506 select LZO_COMPRESS 1507 select LZO_DECOMPRESS 1508 help 1509 This is the LZO algorithm. 1510 1511config CRYPTO_842 1512 tristate "842 compression algorithm" 1513 select CRYPTO_ALGAPI 1514 select 842_COMPRESS 1515 select 842_DECOMPRESS 1516 help 1517 This is the 842 algorithm. 1518 1519config CRYPTO_LZ4 1520 tristate "LZ4 compression algorithm" 1521 select CRYPTO_ALGAPI 1522 select LZ4_COMPRESS 1523 select LZ4_DECOMPRESS 1524 help 1525 This is the LZ4 algorithm. 1526 1527config CRYPTO_LZ4HC 1528 tristate "LZ4HC compression algorithm" 1529 select CRYPTO_ALGAPI 1530 select LZ4HC_COMPRESS 1531 select LZ4_DECOMPRESS 1532 help 1533 This is the LZ4 high compression mode algorithm. 1534 1535comment "Random Number Generation" 1536 1537config CRYPTO_ANSI_CPRNG 1538 tristate "Pseudo Random Number Generation for Cryptographic modules" 1539 select CRYPTO_AES 1540 select CRYPTO_RNG 1541 help 1542 This option enables the generic pseudo random number generator 1543 for cryptographic modules. Uses the Algorithm specified in 1544 ANSI X9.31 A.2.4. Note that this option must be enabled if 1545 CRYPTO_FIPS is selected 1546 1547menuconfig CRYPTO_DRBG_MENU 1548 tristate "NIST SP800-90A DRBG" 1549 help 1550 NIST SP800-90A compliant DRBG. In the following submenu, one or 1551 more of the DRBG types must be selected. 1552 1553if CRYPTO_DRBG_MENU 1554 1555config CRYPTO_DRBG_HMAC 1556 bool 1557 default y 1558 select CRYPTO_HMAC 1559 select CRYPTO_SHA256 1560 1561config CRYPTO_DRBG_HASH 1562 bool "Enable Hash DRBG" 1563 select CRYPTO_SHA256 1564 help 1565 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1566 1567config CRYPTO_DRBG_CTR 1568 bool "Enable CTR DRBG" 1569 select CRYPTO_AES 1570 help 1571 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1572 1573config CRYPTO_DRBG 1574 tristate 1575 default CRYPTO_DRBG_MENU 1576 select CRYPTO_RNG 1577 select CRYPTO_JITTERENTROPY 1578 1579endif # if CRYPTO_DRBG_MENU 1580 1581config CRYPTO_JITTERENTROPY 1582 tristate "Jitterentropy Non-Deterministic Random Number Generator" 1583 select CRYPTO_RNG 1584 help 1585 The Jitterentropy RNG is a noise that is intended 1586 to provide seed to another RNG. The RNG does not 1587 perform any cryptographic whitening of the generated 1588 random numbers. This Jitterentropy RNG registers with 1589 the kernel crypto API and can be used by any caller. 1590 1591config CRYPTO_USER_API 1592 tristate 1593 1594config CRYPTO_USER_API_HASH 1595 tristate "User-space interface for hash algorithms" 1596 depends on NET 1597 select CRYPTO_HASH 1598 select CRYPTO_USER_API 1599 help 1600 This option enables the user-spaces interface for hash 1601 algorithms. 1602 1603config CRYPTO_USER_API_SKCIPHER 1604 tristate "User-space interface for symmetric key cipher algorithms" 1605 depends on NET 1606 select CRYPTO_BLKCIPHER 1607 select CRYPTO_USER_API 1608 help 1609 This option enables the user-spaces interface for symmetric 1610 key cipher algorithms. 1611 1612config CRYPTO_USER_API_RNG 1613 tristate "User-space interface for random number generator algorithms" 1614 depends on NET 1615 select CRYPTO_RNG 1616 select CRYPTO_USER_API 1617 help 1618 This option enables the user-spaces interface for random 1619 number generator algorithms. 1620 1621config CRYPTO_USER_API_AEAD 1622 tristate "User-space interface for AEAD cipher algorithms" 1623 depends on NET 1624 select CRYPTO_AEAD 1625 select CRYPTO_USER_API 1626 help 1627 This option enables the user-spaces interface for AEAD 1628 cipher algorithms. 1629 1630config CRYPTO_HASH_INFO 1631 bool 1632 1633source "drivers/crypto/Kconfig" 1634source crypto/asymmetric_keys/Kconfig 1635source certs/Kconfig 1636 1637endif # if CRYPTO 1638