1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 27 depends on MODULE_SIG 28 help 29 This options enables the fips boot option which is 30 required if you want to system to operate in a FIPS 200 31 certification. You should say no unless you know what 32 this is. 33 34config CRYPTO_ALGAPI 35 tristate 36 select CRYPTO_ALGAPI2 37 help 38 This option provides the API for cryptographic algorithms. 39 40config CRYPTO_ALGAPI2 41 tristate 42 43config CRYPTO_AEAD 44 tristate 45 select CRYPTO_AEAD2 46 select CRYPTO_ALGAPI 47 48config CRYPTO_AEAD2 49 tristate 50 select CRYPTO_ALGAPI2 51 52config CRYPTO_BLKCIPHER 53 tristate 54 select CRYPTO_BLKCIPHER2 55 select CRYPTO_ALGAPI 56 57config CRYPTO_BLKCIPHER2 58 tristate 59 select CRYPTO_ALGAPI2 60 select CRYPTO_RNG2 61 select CRYPTO_WORKQUEUE 62 63config CRYPTO_HASH 64 tristate 65 select CRYPTO_HASH2 66 select CRYPTO_ALGAPI 67 68config CRYPTO_HASH2 69 tristate 70 select CRYPTO_ALGAPI2 71 72config CRYPTO_RNG 73 tristate 74 select CRYPTO_RNG2 75 select CRYPTO_ALGAPI 76 77config CRYPTO_RNG2 78 tristate 79 select CRYPTO_ALGAPI2 80 81config CRYPTO_PCOMP 82 tristate 83 select CRYPTO_PCOMP2 84 select CRYPTO_ALGAPI 85 86config CRYPTO_PCOMP2 87 tristate 88 select CRYPTO_ALGAPI2 89 90config CRYPTO_MANAGER 91 tristate "Cryptographic algorithm manager" 92 select CRYPTO_MANAGER2 93 help 94 Create default cryptographic template instantiations such as 95 cbc(aes). 96 97config CRYPTO_MANAGER2 98 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 99 select CRYPTO_AEAD2 100 select CRYPTO_HASH2 101 select CRYPTO_BLKCIPHER2 102 select CRYPTO_PCOMP2 103 104config CRYPTO_USER 105 tristate "Userspace cryptographic algorithm configuration" 106 depends on NET 107 select CRYPTO_MANAGER 108 help 109 Userspace configuration for cryptographic instantiations such as 110 cbc(aes). 111 112config CRYPTO_MANAGER_DISABLE_TESTS 113 bool "Disable run-time self tests" 114 default y 115 depends on CRYPTO_MANAGER2 116 help 117 Disable run-time self tests that normally take place at 118 algorithm registration. 119 120config CRYPTO_GF128MUL 121 tristate "GF(2^128) multiplication functions" 122 help 123 Efficient table driven implementation of multiplications in the 124 field GF(2^128). This is needed by some cypher modes. This 125 option will be selected automatically if you select such a 126 cipher mode. Only select this option by hand if you expect to load 127 an external module that requires these functions. 128 129config CRYPTO_NULL 130 tristate "Null algorithms" 131 select CRYPTO_ALGAPI 132 select CRYPTO_BLKCIPHER 133 select CRYPTO_HASH 134 help 135 These are 'Null' algorithms, used by IPsec, which do nothing. 136 137config CRYPTO_PCRYPT 138 tristate "Parallel crypto engine" 139 depends on SMP 140 select PADATA 141 select CRYPTO_MANAGER 142 select CRYPTO_AEAD 143 help 144 This converts an arbitrary crypto algorithm into a parallel 145 algorithm that executes in kernel threads. 146 147config CRYPTO_WORKQUEUE 148 tristate 149 150config CRYPTO_CRYPTD 151 tristate "Software async crypto daemon" 152 select CRYPTO_BLKCIPHER 153 select CRYPTO_HASH 154 select CRYPTO_MANAGER 155 select CRYPTO_WORKQUEUE 156 help 157 This is a generic software asynchronous crypto daemon that 158 converts an arbitrary synchronous software crypto algorithm 159 into an asynchronous algorithm that executes in a kernel thread. 160 161config CRYPTO_AUTHENC 162 tristate "Authenc support" 163 select CRYPTO_AEAD 164 select CRYPTO_BLKCIPHER 165 select CRYPTO_MANAGER 166 select CRYPTO_HASH 167 help 168 Authenc: Combined mode wrapper for IPsec. 169 This is required for IPSec. 170 171config CRYPTO_TEST 172 tristate "Testing module" 173 depends on m 174 select CRYPTO_MANAGER 175 help 176 Quick & dirty crypto test module. 177 178config CRYPTO_ABLK_HELPER 179 tristate 180 select CRYPTO_CRYPTD 181 182config CRYPTO_GLUE_HELPER_X86 183 tristate 184 depends on X86 185 select CRYPTO_ALGAPI 186 187comment "Authenticated Encryption with Associated Data" 188 189config CRYPTO_CCM 190 tristate "CCM support" 191 select CRYPTO_CTR 192 select CRYPTO_AEAD 193 help 194 Support for Counter with CBC MAC. Required for IPsec. 195 196config CRYPTO_GCM 197 tristate "GCM/GMAC support" 198 select CRYPTO_CTR 199 select CRYPTO_AEAD 200 select CRYPTO_GHASH 201 select CRYPTO_NULL 202 help 203 Support for Galois/Counter Mode (GCM) and Galois Message 204 Authentication Code (GMAC). Required for IPSec. 205 206config CRYPTO_SEQIV 207 tristate "Sequence Number IV Generator" 208 select CRYPTO_AEAD 209 select CRYPTO_BLKCIPHER 210 select CRYPTO_RNG 211 help 212 This IV generator generates an IV based on a sequence number by 213 xoring it with a salt. This algorithm is mainly useful for CTR 214 215comment "Block modes" 216 217config CRYPTO_CBC 218 tristate "CBC support" 219 select CRYPTO_BLKCIPHER 220 select CRYPTO_MANAGER 221 help 222 CBC: Cipher Block Chaining mode 223 This block cipher algorithm is required for IPSec. 224 225config CRYPTO_CTR 226 tristate "CTR support" 227 select CRYPTO_BLKCIPHER 228 select CRYPTO_SEQIV 229 select CRYPTO_MANAGER 230 help 231 CTR: Counter mode 232 This block cipher algorithm is required for IPSec. 233 234config CRYPTO_CTS 235 tristate "CTS support" 236 select CRYPTO_BLKCIPHER 237 help 238 CTS: Cipher Text Stealing 239 This is the Cipher Text Stealing mode as described by 240 Section 8 of rfc2040 and referenced by rfc3962. 241 (rfc3962 includes errata information in its Appendix A) 242 This mode is required for Kerberos gss mechanism support 243 for AES encryption. 244 245config CRYPTO_ECB 246 tristate "ECB support" 247 select CRYPTO_BLKCIPHER 248 select CRYPTO_MANAGER 249 help 250 ECB: Electronic CodeBook mode 251 This is the simplest block cipher algorithm. It simply encrypts 252 the input block by block. 253 254config CRYPTO_LRW 255 tristate "LRW support" 256 select CRYPTO_BLKCIPHER 257 select CRYPTO_MANAGER 258 select CRYPTO_GF128MUL 259 help 260 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 261 narrow block cipher mode for dm-crypt. Use it with cipher 262 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 263 The first 128, 192 or 256 bits in the key are used for AES and the 264 rest is used to tie each cipher block to its logical position. 265 266config CRYPTO_PCBC 267 tristate "PCBC support" 268 select CRYPTO_BLKCIPHER 269 select CRYPTO_MANAGER 270 help 271 PCBC: Propagating Cipher Block Chaining mode 272 This block cipher algorithm is required for RxRPC. 273 274config CRYPTO_XTS 275 tristate "XTS support" 276 select CRYPTO_BLKCIPHER 277 select CRYPTO_MANAGER 278 select CRYPTO_GF128MUL 279 help 280 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 281 key size 256, 384 or 512 bits. This implementation currently 282 can't handle a sectorsize which is not a multiple of 16 bytes. 283 284comment "Hash modes" 285 286config CRYPTO_CMAC 287 tristate "CMAC support" 288 select CRYPTO_HASH 289 select CRYPTO_MANAGER 290 help 291 Cipher-based Message Authentication Code (CMAC) specified by 292 The National Institute of Standards and Technology (NIST). 293 294 https://tools.ietf.org/html/rfc4493 295 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf 296 297config CRYPTO_HMAC 298 tristate "HMAC support" 299 select CRYPTO_HASH 300 select CRYPTO_MANAGER 301 help 302 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 303 This is required for IPSec. 304 305config CRYPTO_XCBC 306 tristate "XCBC support" 307 select CRYPTO_HASH 308 select CRYPTO_MANAGER 309 help 310 XCBC: Keyed-Hashing with encryption algorithm 311 http://www.ietf.org/rfc/rfc3566.txt 312 http://csrc.nist.gov/encryption/modes/proposedmodes/ 313 xcbc-mac/xcbc-mac-spec.pdf 314 315config CRYPTO_VMAC 316 tristate "VMAC support" 317 select CRYPTO_HASH 318 select CRYPTO_MANAGER 319 help 320 VMAC is a message authentication algorithm designed for 321 very high speed on 64-bit architectures. 322 323 See also: 324 <http://fastcrypto.org/vmac> 325 326comment "Digest" 327 328config CRYPTO_CRC32C 329 tristate "CRC32c CRC algorithm" 330 select CRYPTO_HASH 331 select CRC32 332 help 333 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 334 by iSCSI for header and data digests and by others. 335 See Castagnoli93. Module will be crc32c. 336 337config CRYPTO_CRC32C_INTEL 338 tristate "CRC32c INTEL hardware acceleration" 339 depends on X86 340 select CRYPTO_HASH 341 help 342 In Intel processor with SSE4.2 supported, the processor will 343 support CRC32C implementation using hardware accelerated CRC32 344 instruction. This option will create 'crc32c-intel' module, 345 which will enable any routine to use the CRC32 instruction to 346 gain performance compared with software implementation. 347 Module will be crc32c-intel. 348 349config CRYPTO_CRC32C_SPARC64 350 tristate "CRC32c CRC algorithm (SPARC64)" 351 depends on SPARC64 352 select CRYPTO_HASH 353 select CRC32 354 help 355 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 356 when available. 357 358config CRYPTO_CRC32 359 tristate "CRC32 CRC algorithm" 360 select CRYPTO_HASH 361 select CRC32 362 help 363 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm. 364 Shash crypto api wrappers to crc32_le function. 365 366config CRYPTO_CRC32_PCLMUL 367 tristate "CRC32 PCLMULQDQ hardware acceleration" 368 depends on X86 369 select CRYPTO_HASH 370 select CRC32 371 help 372 From Intel Westmere and AMD Bulldozer processor with SSE4.2 373 and PCLMULQDQ supported, the processor will support 374 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ 375 instruction. This option will create 'crc32-plcmul' module, 376 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 377 and gain better performance as compared with the table implementation. 378 379config CRYPTO_CRCT10DIF 380 tristate "CRCT10DIF algorithm" 381 select CRYPTO_HASH 382 help 383 CRC T10 Data Integrity Field computation is being cast as 384 a crypto transform. This allows for faster crc t10 diff 385 transforms to be used if they are available. 386 387config CRYPTO_CRCT10DIF_PCLMUL 388 tristate "CRCT10DIF PCLMULQDQ hardware acceleration" 389 depends on X86 && 64BIT && CRC_T10DIF 390 select CRYPTO_HASH 391 help 392 For x86_64 processors with SSE4.2 and PCLMULQDQ supported, 393 CRC T10 DIF PCLMULQDQ computation can be hardware 394 accelerated PCLMULQDQ instruction. This option will create 395 'crct10dif-plcmul' module, which is faster when computing the 396 crct10dif checksum as compared with the generic table implementation. 397 398config CRYPTO_GHASH 399 tristate "GHASH digest algorithm" 400 select CRYPTO_GF128MUL 401 help 402 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 403 404config CRYPTO_MD4 405 tristate "MD4 digest algorithm" 406 select CRYPTO_HASH 407 help 408 MD4 message digest algorithm (RFC1320). 409 410config CRYPTO_MD5 411 tristate "MD5 digest algorithm" 412 select CRYPTO_HASH 413 help 414 MD5 message digest algorithm (RFC1321). 415 416config CRYPTO_MD5_SPARC64 417 tristate "MD5 digest algorithm (SPARC64)" 418 depends on SPARC64 419 select CRYPTO_MD5 420 select CRYPTO_HASH 421 help 422 MD5 message digest algorithm (RFC1321) implemented 423 using sparc64 crypto instructions, when available. 424 425config CRYPTO_MICHAEL_MIC 426 tristate "Michael MIC keyed digest algorithm" 427 select CRYPTO_HASH 428 help 429 Michael MIC is used for message integrity protection in TKIP 430 (IEEE 802.11i). This algorithm is required for TKIP, but it 431 should not be used for other purposes because of the weakness 432 of the algorithm. 433 434config CRYPTO_RMD128 435 tristate "RIPEMD-128 digest algorithm" 436 select CRYPTO_HASH 437 help 438 RIPEMD-128 (ISO/IEC 10118-3:2004). 439 440 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 441 be used as a secure replacement for RIPEMD. For other use cases, 442 RIPEMD-160 should be used. 443 444 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 445 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 446 447config CRYPTO_RMD160 448 tristate "RIPEMD-160 digest algorithm" 449 select CRYPTO_HASH 450 help 451 RIPEMD-160 (ISO/IEC 10118-3:2004). 452 453 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 454 to be used as a secure replacement for the 128-bit hash functions 455 MD4, MD5 and it's predecessor RIPEMD 456 (not to be confused with RIPEMD-128). 457 458 It's speed is comparable to SHA1 and there are no known attacks 459 against RIPEMD-160. 460 461 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 462 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 463 464config CRYPTO_RMD256 465 tristate "RIPEMD-256 digest algorithm" 466 select CRYPTO_HASH 467 help 468 RIPEMD-256 is an optional extension of RIPEMD-128 with a 469 256 bit hash. It is intended for applications that require 470 longer hash-results, without needing a larger security level 471 (than RIPEMD-128). 472 473 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 474 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 475 476config CRYPTO_RMD320 477 tristate "RIPEMD-320 digest algorithm" 478 select CRYPTO_HASH 479 help 480 RIPEMD-320 is an optional extension of RIPEMD-160 with a 481 320 bit hash. It is intended for applications that require 482 longer hash-results, without needing a larger security level 483 (than RIPEMD-160). 484 485 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 486 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 487 488config CRYPTO_SHA1 489 tristate "SHA1 digest algorithm" 490 select CRYPTO_HASH 491 help 492 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 493 494config CRYPTO_SHA1_SSSE3 495 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)" 496 depends on X86 && 64BIT 497 select CRYPTO_SHA1 498 select CRYPTO_HASH 499 help 500 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 501 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 502 Extensions (AVX/AVX2), when available. 503 504config CRYPTO_SHA256_SSSE3 505 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)" 506 depends on X86 && 64BIT 507 select CRYPTO_SHA256 508 select CRYPTO_HASH 509 help 510 SHA-256 secure hash standard (DFIPS 180-2) implemented 511 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 512 Extensions version 1 (AVX1), or Advanced Vector Extensions 513 version 2 (AVX2) instructions, when available. 514 515config CRYPTO_SHA512_SSSE3 516 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)" 517 depends on X86 && 64BIT 518 select CRYPTO_SHA512 519 select CRYPTO_HASH 520 help 521 SHA-512 secure hash standard (DFIPS 180-2) implemented 522 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 523 Extensions version 1 (AVX1), or Advanced Vector Extensions 524 version 2 (AVX2) instructions, when available. 525 526config CRYPTO_SHA1_SPARC64 527 tristate "SHA1 digest algorithm (SPARC64)" 528 depends on SPARC64 529 select CRYPTO_SHA1 530 select CRYPTO_HASH 531 help 532 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 533 using sparc64 crypto instructions, when available. 534 535config CRYPTO_SHA1_ARM 536 tristate "SHA1 digest algorithm (ARM-asm)" 537 depends on ARM 538 select CRYPTO_SHA1 539 select CRYPTO_HASH 540 help 541 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 542 using optimized ARM assembler. 543 544config CRYPTO_SHA1_ARM_NEON 545 tristate "SHA1 digest algorithm (ARM NEON)" 546 depends on ARM && KERNEL_MODE_NEON && !CPU_BIG_ENDIAN 547 select CRYPTO_SHA1_ARM 548 select CRYPTO_SHA1 549 select CRYPTO_HASH 550 help 551 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 552 using optimized ARM NEON assembly, when NEON instructions are 553 available. 554 555config CRYPTO_SHA1_PPC 556 tristate "SHA1 digest algorithm (powerpc)" 557 depends on PPC 558 help 559 This is the powerpc hardware accelerated implementation of the 560 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 561 562config CRYPTO_SHA256 563 tristate "SHA224 and SHA256 digest algorithm" 564 select CRYPTO_HASH 565 help 566 SHA256 secure hash standard (DFIPS 180-2). 567 568 This version of SHA implements a 256 bit hash with 128 bits of 569 security against collision attacks. 570 571 This code also includes SHA-224, a 224 bit hash with 112 bits 572 of security against collision attacks. 573 574config CRYPTO_SHA256_SPARC64 575 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 576 depends on SPARC64 577 select CRYPTO_SHA256 578 select CRYPTO_HASH 579 help 580 SHA-256 secure hash standard (DFIPS 180-2) implemented 581 using sparc64 crypto instructions, when available. 582 583config CRYPTO_SHA512 584 tristate "SHA384 and SHA512 digest algorithms" 585 select CRYPTO_HASH 586 help 587 SHA512 secure hash standard (DFIPS 180-2). 588 589 This version of SHA implements a 512 bit hash with 256 bits of 590 security against collision attacks. 591 592 This code also includes SHA-384, a 384 bit hash with 192 bits 593 of security against collision attacks. 594 595config CRYPTO_SHA512_SPARC64 596 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 597 depends on SPARC64 598 select CRYPTO_SHA512 599 select CRYPTO_HASH 600 help 601 SHA-512 secure hash standard (DFIPS 180-2) implemented 602 using sparc64 crypto instructions, when available. 603 604config CRYPTO_SHA512_ARM_NEON 605 tristate "SHA384 and SHA512 digest algorithm (ARM NEON)" 606 depends on ARM && KERNEL_MODE_NEON && !CPU_BIG_ENDIAN 607 select CRYPTO_SHA512 608 select CRYPTO_HASH 609 help 610 SHA-512 secure hash standard (DFIPS 180-2) implemented 611 using ARM NEON instructions, when available. 612 613 This version of SHA implements a 512 bit hash with 256 bits of 614 security against collision attacks. 615 616 This code also includes SHA-384, a 384 bit hash with 192 bits 617 of security against collision attacks. 618 619config CRYPTO_TGR192 620 tristate "Tiger digest algorithms" 621 select CRYPTO_HASH 622 help 623 Tiger hash algorithm 192, 160 and 128-bit hashes 624 625 Tiger is a hash function optimized for 64-bit processors while 626 still having decent performance on 32-bit processors. 627 Tiger was developed by Ross Anderson and Eli Biham. 628 629 See also: 630 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 631 632config CRYPTO_WP512 633 tristate "Whirlpool digest algorithms" 634 select CRYPTO_HASH 635 help 636 Whirlpool hash algorithm 512, 384 and 256-bit hashes 637 638 Whirlpool-512 is part of the NESSIE cryptographic primitives. 639 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 640 641 See also: 642 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 643 644config CRYPTO_GHASH_CLMUL_NI_INTEL 645 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 646 depends on X86 && 64BIT 647 select CRYPTO_CRYPTD 648 help 649 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 650 The implementation is accelerated by CLMUL-NI of Intel. 651 652comment "Ciphers" 653 654config CRYPTO_AES 655 tristate "AES cipher algorithms" 656 select CRYPTO_ALGAPI 657 help 658 AES cipher algorithms (FIPS-197). AES uses the Rijndael 659 algorithm. 660 661 Rijndael appears to be consistently a very good performer in 662 both hardware and software across a wide range of computing 663 environments regardless of its use in feedback or non-feedback 664 modes. Its key setup time is excellent, and its key agility is 665 good. Rijndael's very low memory requirements make it very well 666 suited for restricted-space environments, in which it also 667 demonstrates excellent performance. Rijndael's operations are 668 among the easiest to defend against power and timing attacks. 669 670 The AES specifies three key sizes: 128, 192 and 256 bits 671 672 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 673 674config CRYPTO_AES_586 675 tristate "AES cipher algorithms (i586)" 676 depends on (X86 || UML_X86) && !64BIT 677 select CRYPTO_ALGAPI 678 select CRYPTO_AES 679 help 680 AES cipher algorithms (FIPS-197). AES uses the Rijndael 681 algorithm. 682 683 Rijndael appears to be consistently a very good performer in 684 both hardware and software across a wide range of computing 685 environments regardless of its use in feedback or non-feedback 686 modes. Its key setup time is excellent, and its key agility is 687 good. Rijndael's very low memory requirements make it very well 688 suited for restricted-space environments, in which it also 689 demonstrates excellent performance. Rijndael's operations are 690 among the easiest to defend against power and timing attacks. 691 692 The AES specifies three key sizes: 128, 192 and 256 bits 693 694 See <http://csrc.nist.gov/encryption/aes/> for more information. 695 696config CRYPTO_AES_X86_64 697 tristate "AES cipher algorithms (x86_64)" 698 depends on (X86 || UML_X86) && 64BIT 699 select CRYPTO_ALGAPI 700 select CRYPTO_AES 701 help 702 AES cipher algorithms (FIPS-197). AES uses the Rijndael 703 algorithm. 704 705 Rijndael appears to be consistently a very good performer in 706 both hardware and software across a wide range of computing 707 environments regardless of its use in feedback or non-feedback 708 modes. Its key setup time is excellent, and its key agility is 709 good. Rijndael's very low memory requirements make it very well 710 suited for restricted-space environments, in which it also 711 demonstrates excellent performance. Rijndael's operations are 712 among the easiest to defend against power and timing attacks. 713 714 The AES specifies three key sizes: 128, 192 and 256 bits 715 716 See <http://csrc.nist.gov/encryption/aes/> for more information. 717 718config CRYPTO_AES_NI_INTEL 719 tristate "AES cipher algorithms (AES-NI)" 720 depends on X86 721 select CRYPTO_AES_X86_64 if 64BIT 722 select CRYPTO_AES_586 if !64BIT 723 select CRYPTO_CRYPTD 724 select CRYPTO_ABLK_HELPER 725 select CRYPTO_ALGAPI 726 select CRYPTO_GLUE_HELPER_X86 if 64BIT 727 select CRYPTO_LRW 728 select CRYPTO_XTS 729 help 730 Use Intel AES-NI instructions for AES algorithm. 731 732 AES cipher algorithms (FIPS-197). AES uses the Rijndael 733 algorithm. 734 735 Rijndael appears to be consistently a very good performer in 736 both hardware and software across a wide range of computing 737 environments regardless of its use in feedback or non-feedback 738 modes. Its key setup time is excellent, and its key agility is 739 good. Rijndael's very low memory requirements make it very well 740 suited for restricted-space environments, in which it also 741 demonstrates excellent performance. Rijndael's operations are 742 among the easiest to defend against power and timing attacks. 743 744 The AES specifies three key sizes: 128, 192 and 256 bits 745 746 See <http://csrc.nist.gov/encryption/aes/> for more information. 747 748 In addition to AES cipher algorithm support, the acceleration 749 for some popular block cipher mode is supported too, including 750 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 751 acceleration for CTR. 752 753config CRYPTO_AES_SPARC64 754 tristate "AES cipher algorithms (SPARC64)" 755 depends on SPARC64 756 select CRYPTO_CRYPTD 757 select CRYPTO_ALGAPI 758 help 759 Use SPARC64 crypto opcodes for AES algorithm. 760 761 AES cipher algorithms (FIPS-197). AES uses the Rijndael 762 algorithm. 763 764 Rijndael appears to be consistently a very good performer in 765 both hardware and software across a wide range of computing 766 environments regardless of its use in feedback or non-feedback 767 modes. Its key setup time is excellent, and its key agility is 768 good. Rijndael's very low memory requirements make it very well 769 suited for restricted-space environments, in which it also 770 demonstrates excellent performance. Rijndael's operations are 771 among the easiest to defend against power and timing attacks. 772 773 The AES specifies three key sizes: 128, 192 and 256 bits 774 775 See <http://csrc.nist.gov/encryption/aes/> for more information. 776 777 In addition to AES cipher algorithm support, the acceleration 778 for some popular block cipher mode is supported too, including 779 ECB and CBC. 780 781config CRYPTO_AES_ARM 782 tristate "AES cipher algorithms (ARM-asm)" 783 depends on ARM 784 select CRYPTO_ALGAPI 785 select CRYPTO_AES 786 help 787 Use optimized AES assembler routines for ARM platforms. 788 789 AES cipher algorithms (FIPS-197). AES uses the Rijndael 790 algorithm. 791 792 Rijndael appears to be consistently a very good performer in 793 both hardware and software across a wide range of computing 794 environments regardless of its use in feedback or non-feedback 795 modes. Its key setup time is excellent, and its key agility is 796 good. Rijndael's very low memory requirements make it very well 797 suited for restricted-space environments, in which it also 798 demonstrates excellent performance. Rijndael's operations are 799 among the easiest to defend against power and timing attacks. 800 801 The AES specifies three key sizes: 128, 192 and 256 bits 802 803 See <http://csrc.nist.gov/encryption/aes/> for more information. 804 805config CRYPTO_AES_ARM_BS 806 tristate "Bit sliced AES using NEON instructions" 807 depends on ARM && KERNEL_MODE_NEON 808 select CRYPTO_ALGAPI 809 select CRYPTO_AES_ARM 810 select CRYPTO_ABLK_HELPER 811 help 812 Use a faster and more secure NEON based implementation of AES in CBC, 813 CTR and XTS modes 814 815 Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode 816 and for XTS mode encryption, CBC and XTS mode decryption speedup is 817 around 25%. (CBC encryption speed is not affected by this driver.) 818 This implementation does not rely on any lookup tables so it is 819 believed to be invulnerable to cache timing attacks. 820 821config CRYPTO_ANUBIS 822 tristate "Anubis cipher algorithm" 823 select CRYPTO_ALGAPI 824 help 825 Anubis cipher algorithm. 826 827 Anubis is a variable key length cipher which can use keys from 828 128 bits to 320 bits in length. It was evaluated as a entrant 829 in the NESSIE competition. 830 831 See also: 832 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 833 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 834 835config CRYPTO_ARC4 836 tristate "ARC4 cipher algorithm" 837 select CRYPTO_BLKCIPHER 838 help 839 ARC4 cipher algorithm. 840 841 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 842 bits in length. This algorithm is required for driver-based 843 WEP, but it should not be for other purposes because of the 844 weakness of the algorithm. 845 846config CRYPTO_BLOWFISH 847 tristate "Blowfish cipher algorithm" 848 select CRYPTO_ALGAPI 849 select CRYPTO_BLOWFISH_COMMON 850 help 851 Blowfish cipher algorithm, by Bruce Schneier. 852 853 This is a variable key length cipher which can use keys from 32 854 bits to 448 bits in length. It's fast, simple and specifically 855 designed for use on "large microprocessors". 856 857 See also: 858 <http://www.schneier.com/blowfish.html> 859 860config CRYPTO_BLOWFISH_COMMON 861 tristate 862 help 863 Common parts of the Blowfish cipher algorithm shared by the 864 generic c and the assembler implementations. 865 866 See also: 867 <http://www.schneier.com/blowfish.html> 868 869config CRYPTO_BLOWFISH_X86_64 870 tristate "Blowfish cipher algorithm (x86_64)" 871 depends on X86 && 64BIT 872 select CRYPTO_ALGAPI 873 select CRYPTO_BLOWFISH_COMMON 874 help 875 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 876 877 This is a variable key length cipher which can use keys from 32 878 bits to 448 bits in length. It's fast, simple and specifically 879 designed for use on "large microprocessors". 880 881 See also: 882 <http://www.schneier.com/blowfish.html> 883 884config CRYPTO_CAMELLIA 885 tristate "Camellia cipher algorithms" 886 depends on CRYPTO 887 select CRYPTO_ALGAPI 888 help 889 Camellia cipher algorithms module. 890 891 Camellia is a symmetric key block cipher developed jointly 892 at NTT and Mitsubishi Electric Corporation. 893 894 The Camellia specifies three key sizes: 128, 192 and 256 bits. 895 896 See also: 897 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 898 899config CRYPTO_CAMELLIA_X86_64 900 tristate "Camellia cipher algorithm (x86_64)" 901 depends on X86 && 64BIT 902 depends on CRYPTO 903 select CRYPTO_ALGAPI 904 select CRYPTO_GLUE_HELPER_X86 905 select CRYPTO_LRW 906 select CRYPTO_XTS 907 help 908 Camellia cipher algorithm module (x86_64). 909 910 Camellia is a symmetric key block cipher developed jointly 911 at NTT and Mitsubishi Electric Corporation. 912 913 The Camellia specifies three key sizes: 128, 192 and 256 bits. 914 915 See also: 916 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 917 918config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 919 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 920 depends on X86 && 64BIT 921 depends on CRYPTO 922 select CRYPTO_ALGAPI 923 select CRYPTO_CRYPTD 924 select CRYPTO_ABLK_HELPER 925 select CRYPTO_GLUE_HELPER_X86 926 select CRYPTO_CAMELLIA_X86_64 927 select CRYPTO_LRW 928 select CRYPTO_XTS 929 help 930 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 931 932 Camellia is a symmetric key block cipher developed jointly 933 at NTT and Mitsubishi Electric Corporation. 934 935 The Camellia specifies three key sizes: 128, 192 and 256 bits. 936 937 See also: 938 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 939 940config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 941 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)" 942 depends on X86 && 64BIT 943 depends on CRYPTO 944 select CRYPTO_ALGAPI 945 select CRYPTO_CRYPTD 946 select CRYPTO_ABLK_HELPER 947 select CRYPTO_GLUE_HELPER_X86 948 select CRYPTO_CAMELLIA_X86_64 949 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64 950 select CRYPTO_LRW 951 select CRYPTO_XTS 952 help 953 Camellia cipher algorithm module (x86_64/AES-NI/AVX2). 954 955 Camellia is a symmetric key block cipher developed jointly 956 at NTT and Mitsubishi Electric Corporation. 957 958 The Camellia specifies three key sizes: 128, 192 and 256 bits. 959 960 See also: 961 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 962 963config CRYPTO_CAMELLIA_SPARC64 964 tristate "Camellia cipher algorithm (SPARC64)" 965 depends on SPARC64 966 depends on CRYPTO 967 select CRYPTO_ALGAPI 968 help 969 Camellia cipher algorithm module (SPARC64). 970 971 Camellia is a symmetric key block cipher developed jointly 972 at NTT and Mitsubishi Electric Corporation. 973 974 The Camellia specifies three key sizes: 128, 192 and 256 bits. 975 976 See also: 977 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 978 979config CRYPTO_CAST_COMMON 980 tristate 981 help 982 Common parts of the CAST cipher algorithms shared by the 983 generic c and the assembler implementations. 984 985config CRYPTO_CAST5 986 tristate "CAST5 (CAST-128) cipher algorithm" 987 select CRYPTO_ALGAPI 988 select CRYPTO_CAST_COMMON 989 help 990 The CAST5 encryption algorithm (synonymous with CAST-128) is 991 described in RFC2144. 992 993config CRYPTO_CAST5_AVX_X86_64 994 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 995 depends on X86 && 64BIT 996 select CRYPTO_ALGAPI 997 select CRYPTO_CRYPTD 998 select CRYPTO_ABLK_HELPER 999 select CRYPTO_CAST_COMMON 1000 select CRYPTO_CAST5 1001 help 1002 The CAST5 encryption algorithm (synonymous with CAST-128) is 1003 described in RFC2144. 1004 1005 This module provides the Cast5 cipher algorithm that processes 1006 sixteen blocks parallel using the AVX instruction set. 1007 1008config CRYPTO_CAST6 1009 tristate "CAST6 (CAST-256) cipher algorithm" 1010 select CRYPTO_ALGAPI 1011 select CRYPTO_CAST_COMMON 1012 help 1013 The CAST6 encryption algorithm (synonymous with CAST-256) is 1014 described in RFC2612. 1015 1016config CRYPTO_CAST6_AVX_X86_64 1017 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 1018 depends on X86 && 64BIT 1019 select CRYPTO_ALGAPI 1020 select CRYPTO_CRYPTD 1021 select CRYPTO_ABLK_HELPER 1022 select CRYPTO_GLUE_HELPER_X86 1023 select CRYPTO_CAST_COMMON 1024 select CRYPTO_CAST6 1025 select CRYPTO_LRW 1026 select CRYPTO_XTS 1027 help 1028 The CAST6 encryption algorithm (synonymous with CAST-256) is 1029 described in RFC2612. 1030 1031 This module provides the Cast6 cipher algorithm that processes 1032 eight blocks parallel using the AVX instruction set. 1033 1034config CRYPTO_DES 1035 tristate "DES and Triple DES EDE cipher algorithms" 1036 select CRYPTO_ALGAPI 1037 help 1038 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 1039 1040config CRYPTO_DES_SPARC64 1041 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 1042 depends on SPARC64 1043 select CRYPTO_ALGAPI 1044 select CRYPTO_DES 1045 help 1046 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 1047 optimized using SPARC64 crypto opcodes. 1048 1049config CRYPTO_DES3_EDE_X86_64 1050 tristate "Triple DES EDE cipher algorithm (x86-64)" 1051 depends on X86 && 64BIT 1052 select CRYPTO_ALGAPI 1053 select CRYPTO_DES 1054 help 1055 Triple DES EDE (FIPS 46-3) algorithm. 1056 1057 This module provides implementation of the Triple DES EDE cipher 1058 algorithm that is optimized for x86-64 processors. Two versions of 1059 algorithm are provided; regular processing one input block and 1060 one that processes three blocks parallel. 1061 1062config CRYPTO_FCRYPT 1063 tristate "FCrypt cipher algorithm" 1064 select CRYPTO_ALGAPI 1065 select CRYPTO_BLKCIPHER 1066 help 1067 FCrypt algorithm used by RxRPC. 1068 1069config CRYPTO_KHAZAD 1070 tristate "Khazad cipher algorithm" 1071 select CRYPTO_ALGAPI 1072 help 1073 Khazad cipher algorithm. 1074 1075 Khazad was a finalist in the initial NESSIE competition. It is 1076 an algorithm optimized for 64-bit processors with good performance 1077 on 32-bit processors. Khazad uses an 128 bit key size. 1078 1079 See also: 1080 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 1081 1082config CRYPTO_SALSA20 1083 tristate "Salsa20 stream cipher algorithm" 1084 select CRYPTO_BLKCIPHER 1085 help 1086 Salsa20 stream cipher algorithm. 1087 1088 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1089 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1090 1091 The Salsa20 stream cipher algorithm is designed by Daniel J. 1092 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1093 1094config CRYPTO_SALSA20_586 1095 tristate "Salsa20 stream cipher algorithm (i586)" 1096 depends on (X86 || UML_X86) && !64BIT 1097 select CRYPTO_BLKCIPHER 1098 help 1099 Salsa20 stream cipher algorithm. 1100 1101 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1102 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1103 1104 The Salsa20 stream cipher algorithm is designed by Daniel J. 1105 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1106 1107config CRYPTO_SALSA20_X86_64 1108 tristate "Salsa20 stream cipher algorithm (x86_64)" 1109 depends on (X86 || UML_X86) && 64BIT 1110 select CRYPTO_BLKCIPHER 1111 help 1112 Salsa20 stream cipher algorithm. 1113 1114 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1115 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1116 1117 The Salsa20 stream cipher algorithm is designed by Daniel J. 1118 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1119 1120config CRYPTO_SEED 1121 tristate "SEED cipher algorithm" 1122 select CRYPTO_ALGAPI 1123 help 1124 SEED cipher algorithm (RFC4269). 1125 1126 SEED is a 128-bit symmetric key block cipher that has been 1127 developed by KISA (Korea Information Security Agency) as a 1128 national standard encryption algorithm of the Republic of Korea. 1129 It is a 16 round block cipher with the key size of 128 bit. 1130 1131 See also: 1132 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 1133 1134config CRYPTO_SERPENT 1135 tristate "Serpent cipher algorithm" 1136 select CRYPTO_ALGAPI 1137 help 1138 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1139 1140 Keys are allowed to be from 0 to 256 bits in length, in steps 1141 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 1142 variant of Serpent for compatibility with old kerneli.org code. 1143 1144 See also: 1145 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1146 1147config CRYPTO_SERPENT_SSE2_X86_64 1148 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1149 depends on X86 && 64BIT 1150 select CRYPTO_ALGAPI 1151 select CRYPTO_CRYPTD 1152 select CRYPTO_ABLK_HELPER 1153 select CRYPTO_GLUE_HELPER_X86 1154 select CRYPTO_SERPENT 1155 select CRYPTO_LRW 1156 select CRYPTO_XTS 1157 help 1158 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1159 1160 Keys are allowed to be from 0 to 256 bits in length, in steps 1161 of 8 bits. 1162 1163 This module provides Serpent cipher algorithm that processes eigth 1164 blocks parallel using SSE2 instruction set. 1165 1166 See also: 1167 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1168 1169config CRYPTO_SERPENT_SSE2_586 1170 tristate "Serpent cipher algorithm (i586/SSE2)" 1171 depends on X86 && !64BIT 1172 select CRYPTO_ALGAPI 1173 select CRYPTO_CRYPTD 1174 select CRYPTO_ABLK_HELPER 1175 select CRYPTO_GLUE_HELPER_X86 1176 select CRYPTO_SERPENT 1177 select CRYPTO_LRW 1178 select CRYPTO_XTS 1179 help 1180 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1181 1182 Keys are allowed to be from 0 to 256 bits in length, in steps 1183 of 8 bits. 1184 1185 This module provides Serpent cipher algorithm that processes four 1186 blocks parallel using SSE2 instruction set. 1187 1188 See also: 1189 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1190 1191config CRYPTO_SERPENT_AVX_X86_64 1192 tristate "Serpent cipher algorithm (x86_64/AVX)" 1193 depends on X86 && 64BIT 1194 select CRYPTO_ALGAPI 1195 select CRYPTO_CRYPTD 1196 select CRYPTO_ABLK_HELPER 1197 select CRYPTO_GLUE_HELPER_X86 1198 select CRYPTO_SERPENT 1199 select CRYPTO_LRW 1200 select CRYPTO_XTS 1201 help 1202 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1203 1204 Keys are allowed to be from 0 to 256 bits in length, in steps 1205 of 8 bits. 1206 1207 This module provides the Serpent cipher algorithm that processes 1208 eight blocks parallel using the AVX instruction set. 1209 1210 See also: 1211 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1212 1213config CRYPTO_SERPENT_AVX2_X86_64 1214 tristate "Serpent cipher algorithm (x86_64/AVX2)" 1215 depends on X86 && 64BIT 1216 select CRYPTO_ALGAPI 1217 select CRYPTO_CRYPTD 1218 select CRYPTO_ABLK_HELPER 1219 select CRYPTO_GLUE_HELPER_X86 1220 select CRYPTO_SERPENT 1221 select CRYPTO_SERPENT_AVX_X86_64 1222 select CRYPTO_LRW 1223 select CRYPTO_XTS 1224 help 1225 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1226 1227 Keys are allowed to be from 0 to 256 bits in length, in steps 1228 of 8 bits. 1229 1230 This module provides Serpent cipher algorithm that processes 16 1231 blocks parallel using AVX2 instruction set. 1232 1233 See also: 1234 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1235 1236config CRYPTO_TEA 1237 tristate "TEA, XTEA and XETA cipher algorithms" 1238 select CRYPTO_ALGAPI 1239 help 1240 TEA cipher algorithm. 1241 1242 Tiny Encryption Algorithm is a simple cipher that uses 1243 many rounds for security. It is very fast and uses 1244 little memory. 1245 1246 Xtendend Tiny Encryption Algorithm is a modification to 1247 the TEA algorithm to address a potential key weakness 1248 in the TEA algorithm. 1249 1250 Xtendend Encryption Tiny Algorithm is a mis-implementation 1251 of the XTEA algorithm for compatibility purposes. 1252 1253config CRYPTO_TWOFISH 1254 tristate "Twofish cipher algorithm" 1255 select CRYPTO_ALGAPI 1256 select CRYPTO_TWOFISH_COMMON 1257 help 1258 Twofish cipher algorithm. 1259 1260 Twofish was submitted as an AES (Advanced Encryption Standard) 1261 candidate cipher by researchers at CounterPane Systems. It is a 1262 16 round block cipher supporting key sizes of 128, 192, and 256 1263 bits. 1264 1265 See also: 1266 <http://www.schneier.com/twofish.html> 1267 1268config CRYPTO_TWOFISH_COMMON 1269 tristate 1270 help 1271 Common parts of the Twofish cipher algorithm shared by the 1272 generic c and the assembler implementations. 1273 1274config CRYPTO_TWOFISH_586 1275 tristate "Twofish cipher algorithms (i586)" 1276 depends on (X86 || UML_X86) && !64BIT 1277 select CRYPTO_ALGAPI 1278 select CRYPTO_TWOFISH_COMMON 1279 help 1280 Twofish cipher algorithm. 1281 1282 Twofish was submitted as an AES (Advanced Encryption Standard) 1283 candidate cipher by researchers at CounterPane Systems. It is a 1284 16 round block cipher supporting key sizes of 128, 192, and 256 1285 bits. 1286 1287 See also: 1288 <http://www.schneier.com/twofish.html> 1289 1290config CRYPTO_TWOFISH_X86_64 1291 tristate "Twofish cipher algorithm (x86_64)" 1292 depends on (X86 || UML_X86) && 64BIT 1293 select CRYPTO_ALGAPI 1294 select CRYPTO_TWOFISH_COMMON 1295 help 1296 Twofish cipher algorithm (x86_64). 1297 1298 Twofish was submitted as an AES (Advanced Encryption Standard) 1299 candidate cipher by researchers at CounterPane Systems. It is a 1300 16 round block cipher supporting key sizes of 128, 192, and 256 1301 bits. 1302 1303 See also: 1304 <http://www.schneier.com/twofish.html> 1305 1306config CRYPTO_TWOFISH_X86_64_3WAY 1307 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1308 depends on X86 && 64BIT 1309 select CRYPTO_ALGAPI 1310 select CRYPTO_TWOFISH_COMMON 1311 select CRYPTO_TWOFISH_X86_64 1312 select CRYPTO_GLUE_HELPER_X86 1313 select CRYPTO_LRW 1314 select CRYPTO_XTS 1315 help 1316 Twofish cipher algorithm (x86_64, 3-way parallel). 1317 1318 Twofish was submitted as an AES (Advanced Encryption Standard) 1319 candidate cipher by researchers at CounterPane Systems. It is a 1320 16 round block cipher supporting key sizes of 128, 192, and 256 1321 bits. 1322 1323 This module provides Twofish cipher algorithm that processes three 1324 blocks parallel, utilizing resources of out-of-order CPUs better. 1325 1326 See also: 1327 <http://www.schneier.com/twofish.html> 1328 1329config CRYPTO_TWOFISH_AVX_X86_64 1330 tristate "Twofish cipher algorithm (x86_64/AVX)" 1331 depends on X86 && 64BIT 1332 select CRYPTO_ALGAPI 1333 select CRYPTO_CRYPTD 1334 select CRYPTO_ABLK_HELPER 1335 select CRYPTO_GLUE_HELPER_X86 1336 select CRYPTO_TWOFISH_COMMON 1337 select CRYPTO_TWOFISH_X86_64 1338 select CRYPTO_TWOFISH_X86_64_3WAY 1339 select CRYPTO_LRW 1340 select CRYPTO_XTS 1341 help 1342 Twofish cipher algorithm (x86_64/AVX). 1343 1344 Twofish was submitted as an AES (Advanced Encryption Standard) 1345 candidate cipher by researchers at CounterPane Systems. It is a 1346 16 round block cipher supporting key sizes of 128, 192, and 256 1347 bits. 1348 1349 This module provides the Twofish cipher algorithm that processes 1350 eight blocks parallel using the AVX Instruction Set. 1351 1352 See also: 1353 <http://www.schneier.com/twofish.html> 1354 1355comment "Compression" 1356 1357config CRYPTO_DEFLATE 1358 tristate "Deflate compression algorithm" 1359 select CRYPTO_ALGAPI 1360 select ZLIB_INFLATE 1361 select ZLIB_DEFLATE 1362 help 1363 This is the Deflate algorithm (RFC1951), specified for use in 1364 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1365 1366 You will most probably want this if using IPSec. 1367 1368config CRYPTO_ZLIB 1369 tristate "Zlib compression algorithm" 1370 select CRYPTO_PCOMP 1371 select ZLIB_INFLATE 1372 select ZLIB_DEFLATE 1373 select NLATTR 1374 help 1375 This is the zlib algorithm. 1376 1377config CRYPTO_LZO 1378 tristate "LZO compression algorithm" 1379 select CRYPTO_ALGAPI 1380 select LZO_COMPRESS 1381 select LZO_DECOMPRESS 1382 help 1383 This is the LZO algorithm. 1384 1385config CRYPTO_842 1386 tristate "842 compression algorithm" 1387 depends on CRYPTO_DEV_NX_COMPRESS 1388 # 842 uses lzo if the hardware becomes unavailable 1389 select LZO_COMPRESS 1390 select LZO_DECOMPRESS 1391 help 1392 This is the 842 algorithm. 1393 1394config CRYPTO_LZ4 1395 tristate "LZ4 compression algorithm" 1396 select CRYPTO_ALGAPI 1397 select LZ4_COMPRESS 1398 select LZ4_DECOMPRESS 1399 help 1400 This is the LZ4 algorithm. 1401 1402config CRYPTO_LZ4HC 1403 tristate "LZ4HC compression algorithm" 1404 select CRYPTO_ALGAPI 1405 select LZ4HC_COMPRESS 1406 select LZ4_DECOMPRESS 1407 help 1408 This is the LZ4 high compression mode algorithm. 1409 1410comment "Random Number Generation" 1411 1412config CRYPTO_ANSI_CPRNG 1413 tristate "Pseudo Random Number Generation for Cryptographic modules" 1414 default m 1415 select CRYPTO_AES 1416 select CRYPTO_RNG 1417 help 1418 This option enables the generic pseudo random number generator 1419 for cryptographic modules. Uses the Algorithm specified in 1420 ANSI X9.31 A.2.4. Note that this option must be enabled if 1421 CRYPTO_FIPS is selected 1422 1423menuconfig CRYPTO_DRBG_MENU 1424 tristate "NIST SP800-90A DRBG" 1425 help 1426 NIST SP800-90A compliant DRBG. In the following submenu, one or 1427 more of the DRBG types must be selected. 1428 1429if CRYPTO_DRBG_MENU 1430 1431config CRYPTO_DRBG_HMAC 1432 bool "Enable HMAC DRBG" 1433 default y 1434 select CRYPTO_HMAC 1435 help 1436 Enable the HMAC DRBG variant as defined in NIST SP800-90A. 1437 1438config CRYPTO_DRBG_HASH 1439 bool "Enable Hash DRBG" 1440 select CRYPTO_HASH 1441 help 1442 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1443 1444config CRYPTO_DRBG_CTR 1445 bool "Enable CTR DRBG" 1446 select CRYPTO_AES 1447 help 1448 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1449 1450config CRYPTO_DRBG 1451 tristate 1452 default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR) 1453 select CRYPTO_RNG 1454 1455endif # if CRYPTO_DRBG_MENU 1456 1457config CRYPTO_USER_API 1458 tristate 1459 1460config CRYPTO_USER_API_HASH 1461 tristate "User-space interface for hash algorithms" 1462 depends on NET 1463 select CRYPTO_HASH 1464 select CRYPTO_USER_API 1465 help 1466 This option enables the user-spaces interface for hash 1467 algorithms. 1468 1469config CRYPTO_USER_API_SKCIPHER 1470 tristate "User-space interface for symmetric key cipher algorithms" 1471 depends on NET 1472 select CRYPTO_BLKCIPHER 1473 select CRYPTO_USER_API 1474 help 1475 This option enables the user-spaces interface for symmetric 1476 key cipher algorithms. 1477 1478config CRYPTO_HASH_INFO 1479 bool 1480 1481source "drivers/crypto/Kconfig" 1482source crypto/asymmetric_keys/Kconfig 1483 1484endif # if CRYPTO 1485