1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 27 depends on MODULE_SIG 28 help 29 This options enables the fips boot option which is 30 required if you want to system to operate in a FIPS 200 31 certification. You should say no unless you know what 32 this is. 33 34config CRYPTO_ALGAPI 35 tristate 36 select CRYPTO_ALGAPI2 37 help 38 This option provides the API for cryptographic algorithms. 39 40config CRYPTO_ALGAPI2 41 tristate 42 43config CRYPTO_AEAD 44 tristate 45 select CRYPTO_AEAD2 46 select CRYPTO_ALGAPI 47 48config CRYPTO_AEAD2 49 tristate 50 select CRYPTO_ALGAPI2 51 select CRYPTO_NULL2 52 select CRYPTO_RNG2 53 54config CRYPTO_BLKCIPHER 55 tristate 56 select CRYPTO_BLKCIPHER2 57 select CRYPTO_ALGAPI 58 59config CRYPTO_BLKCIPHER2 60 tristate 61 select CRYPTO_ALGAPI2 62 select CRYPTO_RNG2 63 select CRYPTO_WORKQUEUE 64 65config CRYPTO_HASH 66 tristate 67 select CRYPTO_HASH2 68 select CRYPTO_ALGAPI 69 70config CRYPTO_HASH2 71 tristate 72 select CRYPTO_ALGAPI2 73 74config CRYPTO_RNG 75 tristate 76 select CRYPTO_RNG2 77 select CRYPTO_ALGAPI 78 79config CRYPTO_RNG2 80 tristate 81 select CRYPTO_ALGAPI2 82 83config CRYPTO_RNG_DEFAULT 84 tristate 85 select CRYPTO_DRBG_MENU 86 87config CRYPTO_AKCIPHER2 88 tristate 89 select CRYPTO_ALGAPI2 90 91config CRYPTO_AKCIPHER 92 tristate 93 select CRYPTO_AKCIPHER2 94 select CRYPTO_ALGAPI 95 96config CRYPTO_RSA 97 tristate "RSA algorithm" 98 select CRYPTO_AKCIPHER 99 select MPILIB 100 select ASN1 101 help 102 Generic implementation of the RSA public key algorithm. 103 104config CRYPTO_MANAGER 105 tristate "Cryptographic algorithm manager" 106 select CRYPTO_MANAGER2 107 help 108 Create default cryptographic template instantiations such as 109 cbc(aes). 110 111config CRYPTO_MANAGER2 112 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 113 select CRYPTO_AEAD2 114 select CRYPTO_HASH2 115 select CRYPTO_BLKCIPHER2 116 select CRYPTO_AKCIPHER2 117 118config CRYPTO_USER 119 tristate "Userspace cryptographic algorithm configuration" 120 depends on NET 121 select CRYPTO_MANAGER 122 help 123 Userspace configuration for cryptographic instantiations such as 124 cbc(aes). 125 126config CRYPTO_MANAGER_DISABLE_TESTS 127 bool "Disable run-time self tests" 128 default y 129 depends on CRYPTO_MANAGER2 130 help 131 Disable run-time self tests that normally take place at 132 algorithm registration. 133 134config CRYPTO_GF128MUL 135 tristate "GF(2^128) multiplication functions" 136 help 137 Efficient table driven implementation of multiplications in the 138 field GF(2^128). This is needed by some cypher modes. This 139 option will be selected automatically if you select such a 140 cipher mode. Only select this option by hand if you expect to load 141 an external module that requires these functions. 142 143config CRYPTO_NULL 144 tristate "Null algorithms" 145 select CRYPTO_NULL2 146 help 147 These are 'Null' algorithms, used by IPsec, which do nothing. 148 149config CRYPTO_NULL2 150 tristate 151 select CRYPTO_ALGAPI2 152 select CRYPTO_BLKCIPHER2 153 select CRYPTO_HASH2 154 155config CRYPTO_PCRYPT 156 tristate "Parallel crypto engine" 157 depends on SMP 158 select PADATA 159 select CRYPTO_MANAGER 160 select CRYPTO_AEAD 161 help 162 This converts an arbitrary crypto algorithm into a parallel 163 algorithm that executes in kernel threads. 164 165config CRYPTO_WORKQUEUE 166 tristate 167 168config CRYPTO_CRYPTD 169 tristate "Software async crypto daemon" 170 select CRYPTO_BLKCIPHER 171 select CRYPTO_HASH 172 select CRYPTO_MANAGER 173 select CRYPTO_WORKQUEUE 174 help 175 This is a generic software asynchronous crypto daemon that 176 converts an arbitrary synchronous software crypto algorithm 177 into an asynchronous algorithm that executes in a kernel thread. 178 179config CRYPTO_MCRYPTD 180 tristate "Software async multi-buffer crypto daemon" 181 select CRYPTO_BLKCIPHER 182 select CRYPTO_HASH 183 select CRYPTO_MANAGER 184 select CRYPTO_WORKQUEUE 185 help 186 This is a generic software asynchronous crypto daemon that 187 provides the kernel thread to assist multi-buffer crypto 188 algorithms for submitting jobs and flushing jobs in multi-buffer 189 crypto algorithms. Multi-buffer crypto algorithms are executed 190 in the context of this kernel thread and drivers can post 191 their crypto request asynchronously to be processed by this daemon. 192 193config CRYPTO_AUTHENC 194 tristate "Authenc support" 195 select CRYPTO_AEAD 196 select CRYPTO_BLKCIPHER 197 select CRYPTO_MANAGER 198 select CRYPTO_HASH 199 select CRYPTO_NULL 200 help 201 Authenc: Combined mode wrapper for IPsec. 202 This is required for IPSec. 203 204config CRYPTO_TEST 205 tristate "Testing module" 206 depends on m 207 select CRYPTO_MANAGER 208 help 209 Quick & dirty crypto test module. 210 211config CRYPTO_ABLK_HELPER 212 tristate 213 select CRYPTO_CRYPTD 214 215config CRYPTO_GLUE_HELPER_X86 216 tristate 217 depends on X86 218 select CRYPTO_ALGAPI 219 220config CRYPTO_ENGINE 221 tristate 222 223comment "Authenticated Encryption with Associated Data" 224 225config CRYPTO_CCM 226 tristate "CCM support" 227 select CRYPTO_CTR 228 select CRYPTO_AEAD 229 help 230 Support for Counter with CBC MAC. Required for IPsec. 231 232config CRYPTO_GCM 233 tristate "GCM/GMAC support" 234 select CRYPTO_CTR 235 select CRYPTO_AEAD 236 select CRYPTO_GHASH 237 select CRYPTO_NULL 238 help 239 Support for Galois/Counter Mode (GCM) and Galois Message 240 Authentication Code (GMAC). Required for IPSec. 241 242config CRYPTO_CHACHA20POLY1305 243 tristate "ChaCha20-Poly1305 AEAD support" 244 select CRYPTO_CHACHA20 245 select CRYPTO_POLY1305 246 select CRYPTO_AEAD 247 help 248 ChaCha20-Poly1305 AEAD support, RFC7539. 249 250 Support for the AEAD wrapper using the ChaCha20 stream cipher combined 251 with the Poly1305 authenticator. It is defined in RFC7539 for use in 252 IETF protocols. 253 254config CRYPTO_SEQIV 255 tristate "Sequence Number IV Generator" 256 select CRYPTO_AEAD 257 select CRYPTO_BLKCIPHER 258 select CRYPTO_NULL 259 select CRYPTO_RNG_DEFAULT 260 help 261 This IV generator generates an IV based on a sequence number by 262 xoring it with a salt. This algorithm is mainly useful for CTR 263 264config CRYPTO_ECHAINIV 265 tristate "Encrypted Chain IV Generator" 266 select CRYPTO_AEAD 267 select CRYPTO_NULL 268 select CRYPTO_RNG_DEFAULT 269 default m 270 help 271 This IV generator generates an IV based on the encryption of 272 a sequence number xored with a salt. This is the default 273 algorithm for CBC. 274 275comment "Block modes" 276 277config CRYPTO_CBC 278 tristate "CBC support" 279 select CRYPTO_BLKCIPHER 280 select CRYPTO_MANAGER 281 help 282 CBC: Cipher Block Chaining mode 283 This block cipher algorithm is required for IPSec. 284 285config CRYPTO_CTR 286 tristate "CTR support" 287 select CRYPTO_BLKCIPHER 288 select CRYPTO_SEQIV 289 select CRYPTO_MANAGER 290 help 291 CTR: Counter mode 292 This block cipher algorithm is required for IPSec. 293 294config CRYPTO_CTS 295 tristate "CTS support" 296 select CRYPTO_BLKCIPHER 297 help 298 CTS: Cipher Text Stealing 299 This is the Cipher Text Stealing mode as described by 300 Section 8 of rfc2040 and referenced by rfc3962. 301 (rfc3962 includes errata information in its Appendix A) 302 This mode is required for Kerberos gss mechanism support 303 for AES encryption. 304 305config CRYPTO_ECB 306 tristate "ECB support" 307 select CRYPTO_BLKCIPHER 308 select CRYPTO_MANAGER 309 help 310 ECB: Electronic CodeBook mode 311 This is the simplest block cipher algorithm. It simply encrypts 312 the input block by block. 313 314config CRYPTO_LRW 315 tristate "LRW support" 316 select CRYPTO_BLKCIPHER 317 select CRYPTO_MANAGER 318 select CRYPTO_GF128MUL 319 help 320 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 321 narrow block cipher mode for dm-crypt. Use it with cipher 322 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 323 The first 128, 192 or 256 bits in the key are used for AES and the 324 rest is used to tie each cipher block to its logical position. 325 326config CRYPTO_PCBC 327 tristate "PCBC support" 328 select CRYPTO_BLKCIPHER 329 select CRYPTO_MANAGER 330 help 331 PCBC: Propagating Cipher Block Chaining mode 332 This block cipher algorithm is required for RxRPC. 333 334config CRYPTO_XTS 335 tristate "XTS support" 336 select CRYPTO_BLKCIPHER 337 select CRYPTO_MANAGER 338 select CRYPTO_GF128MUL 339 help 340 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 341 key size 256, 384 or 512 bits. This implementation currently 342 can't handle a sectorsize which is not a multiple of 16 bytes. 343 344config CRYPTO_KEYWRAP 345 tristate "Key wrapping support" 346 select CRYPTO_BLKCIPHER 347 help 348 Support for key wrapping (NIST SP800-38F / RFC3394) without 349 padding. 350 351comment "Hash modes" 352 353config CRYPTO_CMAC 354 tristate "CMAC support" 355 select CRYPTO_HASH 356 select CRYPTO_MANAGER 357 help 358 Cipher-based Message Authentication Code (CMAC) specified by 359 The National Institute of Standards and Technology (NIST). 360 361 https://tools.ietf.org/html/rfc4493 362 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf 363 364config CRYPTO_HMAC 365 tristate "HMAC support" 366 select CRYPTO_HASH 367 select CRYPTO_MANAGER 368 help 369 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 370 This is required for IPSec. 371 372config CRYPTO_XCBC 373 tristate "XCBC support" 374 select CRYPTO_HASH 375 select CRYPTO_MANAGER 376 help 377 XCBC: Keyed-Hashing with encryption algorithm 378 http://www.ietf.org/rfc/rfc3566.txt 379 http://csrc.nist.gov/encryption/modes/proposedmodes/ 380 xcbc-mac/xcbc-mac-spec.pdf 381 382config CRYPTO_VMAC 383 tristate "VMAC support" 384 select CRYPTO_HASH 385 select CRYPTO_MANAGER 386 help 387 VMAC is a message authentication algorithm designed for 388 very high speed on 64-bit architectures. 389 390 See also: 391 <http://fastcrypto.org/vmac> 392 393comment "Digest" 394 395config CRYPTO_CRC32C 396 tristate "CRC32c CRC algorithm" 397 select CRYPTO_HASH 398 select CRC32 399 help 400 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 401 by iSCSI for header and data digests and by others. 402 See Castagnoli93. Module will be crc32c. 403 404config CRYPTO_CRC32C_INTEL 405 tristate "CRC32c INTEL hardware acceleration" 406 depends on X86 407 select CRYPTO_HASH 408 help 409 In Intel processor with SSE4.2 supported, the processor will 410 support CRC32C implementation using hardware accelerated CRC32 411 instruction. This option will create 'crc32c-intel' module, 412 which will enable any routine to use the CRC32 instruction to 413 gain performance compared with software implementation. 414 Module will be crc32c-intel. 415 416config CRYPTO_CRC32C_SPARC64 417 tristate "CRC32c CRC algorithm (SPARC64)" 418 depends on SPARC64 419 select CRYPTO_HASH 420 select CRC32 421 help 422 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 423 when available. 424 425config CRYPTO_CRC32 426 tristate "CRC32 CRC algorithm" 427 select CRYPTO_HASH 428 select CRC32 429 help 430 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm. 431 Shash crypto api wrappers to crc32_le function. 432 433config CRYPTO_CRC32_PCLMUL 434 tristate "CRC32 PCLMULQDQ hardware acceleration" 435 depends on X86 436 select CRYPTO_HASH 437 select CRC32 438 help 439 From Intel Westmere and AMD Bulldozer processor with SSE4.2 440 and PCLMULQDQ supported, the processor will support 441 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ 442 instruction. This option will create 'crc32-plcmul' module, 443 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 444 and gain better performance as compared with the table implementation. 445 446config CRYPTO_CRCT10DIF 447 tristate "CRCT10DIF algorithm" 448 select CRYPTO_HASH 449 help 450 CRC T10 Data Integrity Field computation is being cast as 451 a crypto transform. This allows for faster crc t10 diff 452 transforms to be used if they are available. 453 454config CRYPTO_CRCT10DIF_PCLMUL 455 tristate "CRCT10DIF PCLMULQDQ hardware acceleration" 456 depends on X86 && 64BIT && CRC_T10DIF 457 select CRYPTO_HASH 458 help 459 For x86_64 processors with SSE4.2 and PCLMULQDQ supported, 460 CRC T10 DIF PCLMULQDQ computation can be hardware 461 accelerated PCLMULQDQ instruction. This option will create 462 'crct10dif-plcmul' module, which is faster when computing the 463 crct10dif checksum as compared with the generic table implementation. 464 465config CRYPTO_GHASH 466 tristate "GHASH digest algorithm" 467 select CRYPTO_GF128MUL 468 select CRYPTO_HASH 469 help 470 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 471 472config CRYPTO_POLY1305 473 tristate "Poly1305 authenticator algorithm" 474 select CRYPTO_HASH 475 help 476 Poly1305 authenticator algorithm, RFC7539. 477 478 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein. 479 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use 480 in IETF protocols. This is the portable C implementation of Poly1305. 481 482config CRYPTO_POLY1305_X86_64 483 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)" 484 depends on X86 && 64BIT 485 select CRYPTO_POLY1305 486 help 487 Poly1305 authenticator algorithm, RFC7539. 488 489 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein. 490 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use 491 in IETF protocols. This is the x86_64 assembler implementation using SIMD 492 instructions. 493 494config CRYPTO_MD4 495 tristate "MD4 digest algorithm" 496 select CRYPTO_HASH 497 help 498 MD4 message digest algorithm (RFC1320). 499 500config CRYPTO_MD5 501 tristate "MD5 digest algorithm" 502 select CRYPTO_HASH 503 help 504 MD5 message digest algorithm (RFC1321). 505 506config CRYPTO_MD5_OCTEON 507 tristate "MD5 digest algorithm (OCTEON)" 508 depends on CPU_CAVIUM_OCTEON 509 select CRYPTO_MD5 510 select CRYPTO_HASH 511 help 512 MD5 message digest algorithm (RFC1321) implemented 513 using OCTEON crypto instructions, when available. 514 515config CRYPTO_MD5_PPC 516 tristate "MD5 digest algorithm (PPC)" 517 depends on PPC 518 select CRYPTO_HASH 519 help 520 MD5 message digest algorithm (RFC1321) implemented 521 in PPC assembler. 522 523config CRYPTO_MD5_SPARC64 524 tristate "MD5 digest algorithm (SPARC64)" 525 depends on SPARC64 526 select CRYPTO_MD5 527 select CRYPTO_HASH 528 help 529 MD5 message digest algorithm (RFC1321) implemented 530 using sparc64 crypto instructions, when available. 531 532config CRYPTO_MICHAEL_MIC 533 tristate "Michael MIC keyed digest algorithm" 534 select CRYPTO_HASH 535 help 536 Michael MIC is used for message integrity protection in TKIP 537 (IEEE 802.11i). This algorithm is required for TKIP, but it 538 should not be used for other purposes because of the weakness 539 of the algorithm. 540 541config CRYPTO_RMD128 542 tristate "RIPEMD-128 digest algorithm" 543 select CRYPTO_HASH 544 help 545 RIPEMD-128 (ISO/IEC 10118-3:2004). 546 547 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 548 be used as a secure replacement for RIPEMD. For other use cases, 549 RIPEMD-160 should be used. 550 551 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 552 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 553 554config CRYPTO_RMD160 555 tristate "RIPEMD-160 digest algorithm" 556 select CRYPTO_HASH 557 help 558 RIPEMD-160 (ISO/IEC 10118-3:2004). 559 560 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 561 to be used as a secure replacement for the 128-bit hash functions 562 MD4, MD5 and it's predecessor RIPEMD 563 (not to be confused with RIPEMD-128). 564 565 It's speed is comparable to SHA1 and there are no known attacks 566 against RIPEMD-160. 567 568 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 569 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 570 571config CRYPTO_RMD256 572 tristate "RIPEMD-256 digest algorithm" 573 select CRYPTO_HASH 574 help 575 RIPEMD-256 is an optional extension of RIPEMD-128 with a 576 256 bit hash. It is intended for applications that require 577 longer hash-results, without needing a larger security level 578 (than RIPEMD-128). 579 580 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 581 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 582 583config CRYPTO_RMD320 584 tristate "RIPEMD-320 digest algorithm" 585 select CRYPTO_HASH 586 help 587 RIPEMD-320 is an optional extension of RIPEMD-160 with a 588 320 bit hash. It is intended for applications that require 589 longer hash-results, without needing a larger security level 590 (than RIPEMD-160). 591 592 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 593 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 594 595config CRYPTO_SHA1 596 tristate "SHA1 digest algorithm" 597 select CRYPTO_HASH 598 help 599 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 600 601config CRYPTO_SHA1_SSSE3 602 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)" 603 depends on X86 && 64BIT 604 select CRYPTO_SHA1 605 select CRYPTO_HASH 606 help 607 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 608 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 609 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions), 610 when available. 611 612config CRYPTO_SHA256_SSSE3 613 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)" 614 depends on X86 && 64BIT 615 select CRYPTO_SHA256 616 select CRYPTO_HASH 617 help 618 SHA-256 secure hash standard (DFIPS 180-2) implemented 619 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 620 Extensions version 1 (AVX1), or Advanced Vector Extensions 621 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New 622 Instructions) when available. 623 624config CRYPTO_SHA512_SSSE3 625 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)" 626 depends on X86 && 64BIT 627 select CRYPTO_SHA512 628 select CRYPTO_HASH 629 help 630 SHA-512 secure hash standard (DFIPS 180-2) implemented 631 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 632 Extensions version 1 (AVX1), or Advanced Vector Extensions 633 version 2 (AVX2) instructions, when available. 634 635config CRYPTO_SHA1_OCTEON 636 tristate "SHA1 digest algorithm (OCTEON)" 637 depends on CPU_CAVIUM_OCTEON 638 select CRYPTO_SHA1 639 select CRYPTO_HASH 640 help 641 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 642 using OCTEON crypto instructions, when available. 643 644config CRYPTO_SHA1_SPARC64 645 tristate "SHA1 digest algorithm (SPARC64)" 646 depends on SPARC64 647 select CRYPTO_SHA1 648 select CRYPTO_HASH 649 help 650 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 651 using sparc64 crypto instructions, when available. 652 653config CRYPTO_SHA1_PPC 654 tristate "SHA1 digest algorithm (powerpc)" 655 depends on PPC 656 help 657 This is the powerpc hardware accelerated implementation of the 658 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 659 660config CRYPTO_SHA1_PPC_SPE 661 tristate "SHA1 digest algorithm (PPC SPE)" 662 depends on PPC && SPE 663 help 664 SHA-1 secure hash standard (DFIPS 180-4) implemented 665 using powerpc SPE SIMD instruction set. 666 667config CRYPTO_SHA1_MB 668 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)" 669 depends on X86 && 64BIT 670 select CRYPTO_SHA1 671 select CRYPTO_HASH 672 select CRYPTO_MCRYPTD 673 help 674 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 675 using multi-buffer technique. This algorithm computes on 676 multiple data lanes concurrently with SIMD instructions for 677 better throughput. It should not be enabled by default but 678 used when there is significant amount of work to keep the keep 679 the data lanes filled to get performance benefit. If the data 680 lanes remain unfilled, a flush operation will be initiated to 681 process the crypto jobs, adding a slight latency. 682 683config CRYPTO_SHA256 684 tristate "SHA224 and SHA256 digest algorithm" 685 select CRYPTO_HASH 686 help 687 SHA256 secure hash standard (DFIPS 180-2). 688 689 This version of SHA implements a 256 bit hash with 128 bits of 690 security against collision attacks. 691 692 This code also includes SHA-224, a 224 bit hash with 112 bits 693 of security against collision attacks. 694 695config CRYPTO_SHA256_PPC_SPE 696 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)" 697 depends on PPC && SPE 698 select CRYPTO_SHA256 699 select CRYPTO_HASH 700 help 701 SHA224 and SHA256 secure hash standard (DFIPS 180-2) 702 implemented using powerpc SPE SIMD instruction set. 703 704config CRYPTO_SHA256_OCTEON 705 tristate "SHA224 and SHA256 digest algorithm (OCTEON)" 706 depends on CPU_CAVIUM_OCTEON 707 select CRYPTO_SHA256 708 select CRYPTO_HASH 709 help 710 SHA-256 secure hash standard (DFIPS 180-2) implemented 711 using OCTEON crypto instructions, when available. 712 713config CRYPTO_SHA256_SPARC64 714 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 715 depends on SPARC64 716 select CRYPTO_SHA256 717 select CRYPTO_HASH 718 help 719 SHA-256 secure hash standard (DFIPS 180-2) implemented 720 using sparc64 crypto instructions, when available. 721 722config CRYPTO_SHA512 723 tristate "SHA384 and SHA512 digest algorithms" 724 select CRYPTO_HASH 725 help 726 SHA512 secure hash standard (DFIPS 180-2). 727 728 This version of SHA implements a 512 bit hash with 256 bits of 729 security against collision attacks. 730 731 This code also includes SHA-384, a 384 bit hash with 192 bits 732 of security against collision attacks. 733 734config CRYPTO_SHA512_OCTEON 735 tristate "SHA384 and SHA512 digest algorithms (OCTEON)" 736 depends on CPU_CAVIUM_OCTEON 737 select CRYPTO_SHA512 738 select CRYPTO_HASH 739 help 740 SHA-512 secure hash standard (DFIPS 180-2) implemented 741 using OCTEON crypto instructions, when available. 742 743config CRYPTO_SHA512_SPARC64 744 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 745 depends on SPARC64 746 select CRYPTO_SHA512 747 select CRYPTO_HASH 748 help 749 SHA-512 secure hash standard (DFIPS 180-2) implemented 750 using sparc64 crypto instructions, when available. 751 752config CRYPTO_TGR192 753 tristate "Tiger digest algorithms" 754 select CRYPTO_HASH 755 help 756 Tiger hash algorithm 192, 160 and 128-bit hashes 757 758 Tiger is a hash function optimized for 64-bit processors while 759 still having decent performance on 32-bit processors. 760 Tiger was developed by Ross Anderson and Eli Biham. 761 762 See also: 763 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 764 765config CRYPTO_WP512 766 tristate "Whirlpool digest algorithms" 767 select CRYPTO_HASH 768 help 769 Whirlpool hash algorithm 512, 384 and 256-bit hashes 770 771 Whirlpool-512 is part of the NESSIE cryptographic primitives. 772 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 773 774 See also: 775 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 776 777config CRYPTO_GHASH_CLMUL_NI_INTEL 778 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 779 depends on X86 && 64BIT 780 select CRYPTO_CRYPTD 781 help 782 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 783 The implementation is accelerated by CLMUL-NI of Intel. 784 785comment "Ciphers" 786 787config CRYPTO_AES 788 tristate "AES cipher algorithms" 789 select CRYPTO_ALGAPI 790 help 791 AES cipher algorithms (FIPS-197). AES uses the Rijndael 792 algorithm. 793 794 Rijndael appears to be consistently a very good performer in 795 both hardware and software across a wide range of computing 796 environments regardless of its use in feedback or non-feedback 797 modes. Its key setup time is excellent, and its key agility is 798 good. Rijndael's very low memory requirements make it very well 799 suited for restricted-space environments, in which it also 800 demonstrates excellent performance. Rijndael's operations are 801 among the easiest to defend against power and timing attacks. 802 803 The AES specifies three key sizes: 128, 192 and 256 bits 804 805 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 806 807config CRYPTO_AES_586 808 tristate "AES cipher algorithms (i586)" 809 depends on (X86 || UML_X86) && !64BIT 810 select CRYPTO_ALGAPI 811 select CRYPTO_AES 812 help 813 AES cipher algorithms (FIPS-197). AES uses the Rijndael 814 algorithm. 815 816 Rijndael appears to be consistently a very good performer in 817 both hardware and software across a wide range of computing 818 environments regardless of its use in feedback or non-feedback 819 modes. Its key setup time is excellent, and its key agility is 820 good. Rijndael's very low memory requirements make it very well 821 suited for restricted-space environments, in which it also 822 demonstrates excellent performance. Rijndael's operations are 823 among the easiest to defend against power and timing attacks. 824 825 The AES specifies three key sizes: 128, 192 and 256 bits 826 827 See <http://csrc.nist.gov/encryption/aes/> for more information. 828 829config CRYPTO_AES_X86_64 830 tristate "AES cipher algorithms (x86_64)" 831 depends on (X86 || UML_X86) && 64BIT 832 select CRYPTO_ALGAPI 833 select CRYPTO_AES 834 help 835 AES cipher algorithms (FIPS-197). AES uses the Rijndael 836 algorithm. 837 838 Rijndael appears to be consistently a very good performer in 839 both hardware and software across a wide range of computing 840 environments regardless of its use in feedback or non-feedback 841 modes. Its key setup time is excellent, and its key agility is 842 good. Rijndael's very low memory requirements make it very well 843 suited for restricted-space environments, in which it also 844 demonstrates excellent performance. Rijndael's operations are 845 among the easiest to defend against power and timing attacks. 846 847 The AES specifies three key sizes: 128, 192 and 256 bits 848 849 See <http://csrc.nist.gov/encryption/aes/> for more information. 850 851config CRYPTO_AES_NI_INTEL 852 tristate "AES cipher algorithms (AES-NI)" 853 depends on X86 854 select CRYPTO_AES_X86_64 if 64BIT 855 select CRYPTO_AES_586 if !64BIT 856 select CRYPTO_CRYPTD 857 select CRYPTO_ABLK_HELPER 858 select CRYPTO_ALGAPI 859 select CRYPTO_GLUE_HELPER_X86 if 64BIT 860 select CRYPTO_LRW 861 select CRYPTO_XTS 862 help 863 Use Intel AES-NI instructions for AES algorithm. 864 865 AES cipher algorithms (FIPS-197). AES uses the Rijndael 866 algorithm. 867 868 Rijndael appears to be consistently a very good performer in 869 both hardware and software across a wide range of computing 870 environments regardless of its use in feedback or non-feedback 871 modes. Its key setup time is excellent, and its key agility is 872 good. Rijndael's very low memory requirements make it very well 873 suited for restricted-space environments, in which it also 874 demonstrates excellent performance. Rijndael's operations are 875 among the easiest to defend against power and timing attacks. 876 877 The AES specifies three key sizes: 128, 192 and 256 bits 878 879 See <http://csrc.nist.gov/encryption/aes/> for more information. 880 881 In addition to AES cipher algorithm support, the acceleration 882 for some popular block cipher mode is supported too, including 883 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 884 acceleration for CTR. 885 886config CRYPTO_AES_SPARC64 887 tristate "AES cipher algorithms (SPARC64)" 888 depends on SPARC64 889 select CRYPTO_CRYPTD 890 select CRYPTO_ALGAPI 891 help 892 Use SPARC64 crypto opcodes for AES algorithm. 893 894 AES cipher algorithms (FIPS-197). AES uses the Rijndael 895 algorithm. 896 897 Rijndael appears to be consistently a very good performer in 898 both hardware and software across a wide range of computing 899 environments regardless of its use in feedback or non-feedback 900 modes. Its key setup time is excellent, and its key agility is 901 good. Rijndael's very low memory requirements make it very well 902 suited for restricted-space environments, in which it also 903 demonstrates excellent performance. Rijndael's operations are 904 among the easiest to defend against power and timing attacks. 905 906 The AES specifies three key sizes: 128, 192 and 256 bits 907 908 See <http://csrc.nist.gov/encryption/aes/> for more information. 909 910 In addition to AES cipher algorithm support, the acceleration 911 for some popular block cipher mode is supported too, including 912 ECB and CBC. 913 914config CRYPTO_AES_PPC_SPE 915 tristate "AES cipher algorithms (PPC SPE)" 916 depends on PPC && SPE 917 help 918 AES cipher algorithms (FIPS-197). Additionally the acceleration 919 for popular block cipher modes ECB, CBC, CTR and XTS is supported. 920 This module should only be used for low power (router) devices 921 without hardware AES acceleration (e.g. caam crypto). It reduces the 922 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates 923 timining attacks. Nevertheless it might be not as secure as other 924 architecture specific assembler implementations that work on 1KB 925 tables or 256 bytes S-boxes. 926 927config CRYPTO_ANUBIS 928 tristate "Anubis cipher algorithm" 929 select CRYPTO_ALGAPI 930 help 931 Anubis cipher algorithm. 932 933 Anubis is a variable key length cipher which can use keys from 934 128 bits to 320 bits in length. It was evaluated as a entrant 935 in the NESSIE competition. 936 937 See also: 938 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 939 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 940 941config CRYPTO_ARC4 942 tristate "ARC4 cipher algorithm" 943 select CRYPTO_BLKCIPHER 944 help 945 ARC4 cipher algorithm. 946 947 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 948 bits in length. This algorithm is required for driver-based 949 WEP, but it should not be for other purposes because of the 950 weakness of the algorithm. 951 952config CRYPTO_BLOWFISH 953 tristate "Blowfish cipher algorithm" 954 select CRYPTO_ALGAPI 955 select CRYPTO_BLOWFISH_COMMON 956 help 957 Blowfish cipher algorithm, by Bruce Schneier. 958 959 This is a variable key length cipher which can use keys from 32 960 bits to 448 bits in length. It's fast, simple and specifically 961 designed for use on "large microprocessors". 962 963 See also: 964 <http://www.schneier.com/blowfish.html> 965 966config CRYPTO_BLOWFISH_COMMON 967 tristate 968 help 969 Common parts of the Blowfish cipher algorithm shared by the 970 generic c and the assembler implementations. 971 972 See also: 973 <http://www.schneier.com/blowfish.html> 974 975config CRYPTO_BLOWFISH_X86_64 976 tristate "Blowfish cipher algorithm (x86_64)" 977 depends on X86 && 64BIT 978 select CRYPTO_ALGAPI 979 select CRYPTO_BLOWFISH_COMMON 980 help 981 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 982 983 This is a variable key length cipher which can use keys from 32 984 bits to 448 bits in length. It's fast, simple and specifically 985 designed for use on "large microprocessors". 986 987 See also: 988 <http://www.schneier.com/blowfish.html> 989 990config CRYPTO_CAMELLIA 991 tristate "Camellia cipher algorithms" 992 depends on CRYPTO 993 select CRYPTO_ALGAPI 994 help 995 Camellia cipher algorithms module. 996 997 Camellia is a symmetric key block cipher developed jointly 998 at NTT and Mitsubishi Electric Corporation. 999 1000 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1001 1002 See also: 1003 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1004 1005config CRYPTO_CAMELLIA_X86_64 1006 tristate "Camellia cipher algorithm (x86_64)" 1007 depends on X86 && 64BIT 1008 depends on CRYPTO 1009 select CRYPTO_ALGAPI 1010 select CRYPTO_GLUE_HELPER_X86 1011 select CRYPTO_LRW 1012 select CRYPTO_XTS 1013 help 1014 Camellia cipher algorithm module (x86_64). 1015 1016 Camellia is a symmetric key block cipher developed jointly 1017 at NTT and Mitsubishi Electric Corporation. 1018 1019 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1020 1021 See also: 1022 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1023 1024config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 1025 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 1026 depends on X86 && 64BIT 1027 depends on CRYPTO 1028 select CRYPTO_ALGAPI 1029 select CRYPTO_CRYPTD 1030 select CRYPTO_ABLK_HELPER 1031 select CRYPTO_GLUE_HELPER_X86 1032 select CRYPTO_CAMELLIA_X86_64 1033 select CRYPTO_LRW 1034 select CRYPTO_XTS 1035 help 1036 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 1037 1038 Camellia is a symmetric key block cipher developed jointly 1039 at NTT and Mitsubishi Electric Corporation. 1040 1041 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1042 1043 See also: 1044 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1045 1046config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 1047 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)" 1048 depends on X86 && 64BIT 1049 depends on CRYPTO 1050 select CRYPTO_ALGAPI 1051 select CRYPTO_CRYPTD 1052 select CRYPTO_ABLK_HELPER 1053 select CRYPTO_GLUE_HELPER_X86 1054 select CRYPTO_CAMELLIA_X86_64 1055 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64 1056 select CRYPTO_LRW 1057 select CRYPTO_XTS 1058 help 1059 Camellia cipher algorithm module (x86_64/AES-NI/AVX2). 1060 1061 Camellia is a symmetric key block cipher developed jointly 1062 at NTT and Mitsubishi Electric Corporation. 1063 1064 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1065 1066 See also: 1067 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1068 1069config CRYPTO_CAMELLIA_SPARC64 1070 tristate "Camellia cipher algorithm (SPARC64)" 1071 depends on SPARC64 1072 depends on CRYPTO 1073 select CRYPTO_ALGAPI 1074 help 1075 Camellia cipher algorithm module (SPARC64). 1076 1077 Camellia is a symmetric key block cipher developed jointly 1078 at NTT and Mitsubishi Electric Corporation. 1079 1080 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1081 1082 See also: 1083 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1084 1085config CRYPTO_CAST_COMMON 1086 tristate 1087 help 1088 Common parts of the CAST cipher algorithms shared by the 1089 generic c and the assembler implementations. 1090 1091config CRYPTO_CAST5 1092 tristate "CAST5 (CAST-128) cipher algorithm" 1093 select CRYPTO_ALGAPI 1094 select CRYPTO_CAST_COMMON 1095 help 1096 The CAST5 encryption algorithm (synonymous with CAST-128) is 1097 described in RFC2144. 1098 1099config CRYPTO_CAST5_AVX_X86_64 1100 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 1101 depends on X86 && 64BIT 1102 select CRYPTO_ALGAPI 1103 select CRYPTO_CRYPTD 1104 select CRYPTO_ABLK_HELPER 1105 select CRYPTO_CAST_COMMON 1106 select CRYPTO_CAST5 1107 help 1108 The CAST5 encryption algorithm (synonymous with CAST-128) is 1109 described in RFC2144. 1110 1111 This module provides the Cast5 cipher algorithm that processes 1112 sixteen blocks parallel using the AVX instruction set. 1113 1114config CRYPTO_CAST6 1115 tristate "CAST6 (CAST-256) cipher algorithm" 1116 select CRYPTO_ALGAPI 1117 select CRYPTO_CAST_COMMON 1118 help 1119 The CAST6 encryption algorithm (synonymous with CAST-256) is 1120 described in RFC2612. 1121 1122config CRYPTO_CAST6_AVX_X86_64 1123 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 1124 depends on X86 && 64BIT 1125 select CRYPTO_ALGAPI 1126 select CRYPTO_CRYPTD 1127 select CRYPTO_ABLK_HELPER 1128 select CRYPTO_GLUE_HELPER_X86 1129 select CRYPTO_CAST_COMMON 1130 select CRYPTO_CAST6 1131 select CRYPTO_LRW 1132 select CRYPTO_XTS 1133 help 1134 The CAST6 encryption algorithm (synonymous with CAST-256) is 1135 described in RFC2612. 1136 1137 This module provides the Cast6 cipher algorithm that processes 1138 eight blocks parallel using the AVX instruction set. 1139 1140config CRYPTO_DES 1141 tristate "DES and Triple DES EDE cipher algorithms" 1142 select CRYPTO_ALGAPI 1143 help 1144 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 1145 1146config CRYPTO_DES_SPARC64 1147 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 1148 depends on SPARC64 1149 select CRYPTO_ALGAPI 1150 select CRYPTO_DES 1151 help 1152 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 1153 optimized using SPARC64 crypto opcodes. 1154 1155config CRYPTO_DES3_EDE_X86_64 1156 tristate "Triple DES EDE cipher algorithm (x86-64)" 1157 depends on X86 && 64BIT 1158 select CRYPTO_ALGAPI 1159 select CRYPTO_DES 1160 help 1161 Triple DES EDE (FIPS 46-3) algorithm. 1162 1163 This module provides implementation of the Triple DES EDE cipher 1164 algorithm that is optimized for x86-64 processors. Two versions of 1165 algorithm are provided; regular processing one input block and 1166 one that processes three blocks parallel. 1167 1168config CRYPTO_FCRYPT 1169 tristate "FCrypt cipher algorithm" 1170 select CRYPTO_ALGAPI 1171 select CRYPTO_BLKCIPHER 1172 help 1173 FCrypt algorithm used by RxRPC. 1174 1175config CRYPTO_KHAZAD 1176 tristate "Khazad cipher algorithm" 1177 select CRYPTO_ALGAPI 1178 help 1179 Khazad cipher algorithm. 1180 1181 Khazad was a finalist in the initial NESSIE competition. It is 1182 an algorithm optimized for 64-bit processors with good performance 1183 on 32-bit processors. Khazad uses an 128 bit key size. 1184 1185 See also: 1186 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 1187 1188config CRYPTO_SALSA20 1189 tristate "Salsa20 stream cipher algorithm" 1190 select CRYPTO_BLKCIPHER 1191 help 1192 Salsa20 stream cipher algorithm. 1193 1194 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1195 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1196 1197 The Salsa20 stream cipher algorithm is designed by Daniel J. 1198 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1199 1200config CRYPTO_SALSA20_586 1201 tristate "Salsa20 stream cipher algorithm (i586)" 1202 depends on (X86 || UML_X86) && !64BIT 1203 select CRYPTO_BLKCIPHER 1204 help 1205 Salsa20 stream cipher algorithm. 1206 1207 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1208 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1209 1210 The Salsa20 stream cipher algorithm is designed by Daniel J. 1211 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1212 1213config CRYPTO_SALSA20_X86_64 1214 tristate "Salsa20 stream cipher algorithm (x86_64)" 1215 depends on (X86 || UML_X86) && 64BIT 1216 select CRYPTO_BLKCIPHER 1217 help 1218 Salsa20 stream cipher algorithm. 1219 1220 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1221 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1222 1223 The Salsa20 stream cipher algorithm is designed by Daniel J. 1224 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1225 1226config CRYPTO_CHACHA20 1227 tristate "ChaCha20 cipher algorithm" 1228 select CRYPTO_BLKCIPHER 1229 help 1230 ChaCha20 cipher algorithm, RFC7539. 1231 1232 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. 1233 Bernstein and further specified in RFC7539 for use in IETF protocols. 1234 This is the portable C implementation of ChaCha20. 1235 1236 See also: 1237 <http://cr.yp.to/chacha/chacha-20080128.pdf> 1238 1239config CRYPTO_CHACHA20_X86_64 1240 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)" 1241 depends on X86 && 64BIT 1242 select CRYPTO_BLKCIPHER 1243 select CRYPTO_CHACHA20 1244 help 1245 ChaCha20 cipher algorithm, RFC7539. 1246 1247 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. 1248 Bernstein and further specified in RFC7539 for use in IETF protocols. 1249 This is the x86_64 assembler implementation using SIMD instructions. 1250 1251 See also: 1252 <http://cr.yp.to/chacha/chacha-20080128.pdf> 1253 1254config CRYPTO_SEED 1255 tristate "SEED cipher algorithm" 1256 select CRYPTO_ALGAPI 1257 help 1258 SEED cipher algorithm (RFC4269). 1259 1260 SEED is a 128-bit symmetric key block cipher that has been 1261 developed by KISA (Korea Information Security Agency) as a 1262 national standard encryption algorithm of the Republic of Korea. 1263 It is a 16 round block cipher with the key size of 128 bit. 1264 1265 See also: 1266 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 1267 1268config CRYPTO_SERPENT 1269 tristate "Serpent cipher algorithm" 1270 select CRYPTO_ALGAPI 1271 help 1272 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1273 1274 Keys are allowed to be from 0 to 256 bits in length, in steps 1275 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 1276 variant of Serpent for compatibility with old kerneli.org code. 1277 1278 See also: 1279 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1280 1281config CRYPTO_SERPENT_SSE2_X86_64 1282 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1283 depends on X86 && 64BIT 1284 select CRYPTO_ALGAPI 1285 select CRYPTO_CRYPTD 1286 select CRYPTO_ABLK_HELPER 1287 select CRYPTO_GLUE_HELPER_X86 1288 select CRYPTO_SERPENT 1289 select CRYPTO_LRW 1290 select CRYPTO_XTS 1291 help 1292 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1293 1294 Keys are allowed to be from 0 to 256 bits in length, in steps 1295 of 8 bits. 1296 1297 This module provides Serpent cipher algorithm that processes eight 1298 blocks parallel using SSE2 instruction set. 1299 1300 See also: 1301 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1302 1303config CRYPTO_SERPENT_SSE2_586 1304 tristate "Serpent cipher algorithm (i586/SSE2)" 1305 depends on X86 && !64BIT 1306 select CRYPTO_ALGAPI 1307 select CRYPTO_CRYPTD 1308 select CRYPTO_ABLK_HELPER 1309 select CRYPTO_GLUE_HELPER_X86 1310 select CRYPTO_SERPENT 1311 select CRYPTO_LRW 1312 select CRYPTO_XTS 1313 help 1314 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1315 1316 Keys are allowed to be from 0 to 256 bits in length, in steps 1317 of 8 bits. 1318 1319 This module provides Serpent cipher algorithm that processes four 1320 blocks parallel using SSE2 instruction set. 1321 1322 See also: 1323 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1324 1325config CRYPTO_SERPENT_AVX_X86_64 1326 tristate "Serpent cipher algorithm (x86_64/AVX)" 1327 depends on X86 && 64BIT 1328 select CRYPTO_ALGAPI 1329 select CRYPTO_CRYPTD 1330 select CRYPTO_ABLK_HELPER 1331 select CRYPTO_GLUE_HELPER_X86 1332 select CRYPTO_SERPENT 1333 select CRYPTO_LRW 1334 select CRYPTO_XTS 1335 help 1336 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1337 1338 Keys are allowed to be from 0 to 256 bits in length, in steps 1339 of 8 bits. 1340 1341 This module provides the Serpent cipher algorithm that processes 1342 eight blocks parallel using the AVX instruction set. 1343 1344 See also: 1345 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1346 1347config CRYPTO_SERPENT_AVX2_X86_64 1348 tristate "Serpent cipher algorithm (x86_64/AVX2)" 1349 depends on X86 && 64BIT 1350 select CRYPTO_ALGAPI 1351 select CRYPTO_CRYPTD 1352 select CRYPTO_ABLK_HELPER 1353 select CRYPTO_GLUE_HELPER_X86 1354 select CRYPTO_SERPENT 1355 select CRYPTO_SERPENT_AVX_X86_64 1356 select CRYPTO_LRW 1357 select CRYPTO_XTS 1358 help 1359 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1360 1361 Keys are allowed to be from 0 to 256 bits in length, in steps 1362 of 8 bits. 1363 1364 This module provides Serpent cipher algorithm that processes 16 1365 blocks parallel using AVX2 instruction set. 1366 1367 See also: 1368 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1369 1370config CRYPTO_TEA 1371 tristate "TEA, XTEA and XETA cipher algorithms" 1372 select CRYPTO_ALGAPI 1373 help 1374 TEA cipher algorithm. 1375 1376 Tiny Encryption Algorithm is a simple cipher that uses 1377 many rounds for security. It is very fast and uses 1378 little memory. 1379 1380 Xtendend Tiny Encryption Algorithm is a modification to 1381 the TEA algorithm to address a potential key weakness 1382 in the TEA algorithm. 1383 1384 Xtendend Encryption Tiny Algorithm is a mis-implementation 1385 of the XTEA algorithm for compatibility purposes. 1386 1387config CRYPTO_TWOFISH 1388 tristate "Twofish cipher algorithm" 1389 select CRYPTO_ALGAPI 1390 select CRYPTO_TWOFISH_COMMON 1391 help 1392 Twofish cipher algorithm. 1393 1394 Twofish was submitted as an AES (Advanced Encryption Standard) 1395 candidate cipher by researchers at CounterPane Systems. It is a 1396 16 round block cipher supporting key sizes of 128, 192, and 256 1397 bits. 1398 1399 See also: 1400 <http://www.schneier.com/twofish.html> 1401 1402config CRYPTO_TWOFISH_COMMON 1403 tristate 1404 help 1405 Common parts of the Twofish cipher algorithm shared by the 1406 generic c and the assembler implementations. 1407 1408config CRYPTO_TWOFISH_586 1409 tristate "Twofish cipher algorithms (i586)" 1410 depends on (X86 || UML_X86) && !64BIT 1411 select CRYPTO_ALGAPI 1412 select CRYPTO_TWOFISH_COMMON 1413 help 1414 Twofish cipher algorithm. 1415 1416 Twofish was submitted as an AES (Advanced Encryption Standard) 1417 candidate cipher by researchers at CounterPane Systems. It is a 1418 16 round block cipher supporting key sizes of 128, 192, and 256 1419 bits. 1420 1421 See also: 1422 <http://www.schneier.com/twofish.html> 1423 1424config CRYPTO_TWOFISH_X86_64 1425 tristate "Twofish cipher algorithm (x86_64)" 1426 depends on (X86 || UML_X86) && 64BIT 1427 select CRYPTO_ALGAPI 1428 select CRYPTO_TWOFISH_COMMON 1429 help 1430 Twofish cipher algorithm (x86_64). 1431 1432 Twofish was submitted as an AES (Advanced Encryption Standard) 1433 candidate cipher by researchers at CounterPane Systems. It is a 1434 16 round block cipher supporting key sizes of 128, 192, and 256 1435 bits. 1436 1437 See also: 1438 <http://www.schneier.com/twofish.html> 1439 1440config CRYPTO_TWOFISH_X86_64_3WAY 1441 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1442 depends on X86 && 64BIT 1443 select CRYPTO_ALGAPI 1444 select CRYPTO_TWOFISH_COMMON 1445 select CRYPTO_TWOFISH_X86_64 1446 select CRYPTO_GLUE_HELPER_X86 1447 select CRYPTO_LRW 1448 select CRYPTO_XTS 1449 help 1450 Twofish cipher algorithm (x86_64, 3-way parallel). 1451 1452 Twofish was submitted as an AES (Advanced Encryption Standard) 1453 candidate cipher by researchers at CounterPane Systems. It is a 1454 16 round block cipher supporting key sizes of 128, 192, and 256 1455 bits. 1456 1457 This module provides Twofish cipher algorithm that processes three 1458 blocks parallel, utilizing resources of out-of-order CPUs better. 1459 1460 See also: 1461 <http://www.schneier.com/twofish.html> 1462 1463config CRYPTO_TWOFISH_AVX_X86_64 1464 tristate "Twofish cipher algorithm (x86_64/AVX)" 1465 depends on X86 && 64BIT 1466 select CRYPTO_ALGAPI 1467 select CRYPTO_CRYPTD 1468 select CRYPTO_ABLK_HELPER 1469 select CRYPTO_GLUE_HELPER_X86 1470 select CRYPTO_TWOFISH_COMMON 1471 select CRYPTO_TWOFISH_X86_64 1472 select CRYPTO_TWOFISH_X86_64_3WAY 1473 select CRYPTO_LRW 1474 select CRYPTO_XTS 1475 help 1476 Twofish cipher algorithm (x86_64/AVX). 1477 1478 Twofish was submitted as an AES (Advanced Encryption Standard) 1479 candidate cipher by researchers at CounterPane Systems. It is a 1480 16 round block cipher supporting key sizes of 128, 192, and 256 1481 bits. 1482 1483 This module provides the Twofish cipher algorithm that processes 1484 eight blocks parallel using the AVX Instruction Set. 1485 1486 See also: 1487 <http://www.schneier.com/twofish.html> 1488 1489comment "Compression" 1490 1491config CRYPTO_DEFLATE 1492 tristate "Deflate compression algorithm" 1493 select CRYPTO_ALGAPI 1494 select ZLIB_INFLATE 1495 select ZLIB_DEFLATE 1496 help 1497 This is the Deflate algorithm (RFC1951), specified for use in 1498 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1499 1500 You will most probably want this if using IPSec. 1501 1502config CRYPTO_LZO 1503 tristate "LZO compression algorithm" 1504 select CRYPTO_ALGAPI 1505 select LZO_COMPRESS 1506 select LZO_DECOMPRESS 1507 help 1508 This is the LZO algorithm. 1509 1510config CRYPTO_842 1511 tristate "842 compression algorithm" 1512 select CRYPTO_ALGAPI 1513 select 842_COMPRESS 1514 select 842_DECOMPRESS 1515 help 1516 This is the 842 algorithm. 1517 1518config CRYPTO_LZ4 1519 tristate "LZ4 compression algorithm" 1520 select CRYPTO_ALGAPI 1521 select LZ4_COMPRESS 1522 select LZ4_DECOMPRESS 1523 help 1524 This is the LZ4 algorithm. 1525 1526config CRYPTO_LZ4HC 1527 tristate "LZ4HC compression algorithm" 1528 select CRYPTO_ALGAPI 1529 select LZ4HC_COMPRESS 1530 select LZ4_DECOMPRESS 1531 help 1532 This is the LZ4 high compression mode algorithm. 1533 1534comment "Random Number Generation" 1535 1536config CRYPTO_ANSI_CPRNG 1537 tristate "Pseudo Random Number Generation for Cryptographic modules" 1538 select CRYPTO_AES 1539 select CRYPTO_RNG 1540 help 1541 This option enables the generic pseudo random number generator 1542 for cryptographic modules. Uses the Algorithm specified in 1543 ANSI X9.31 A.2.4. Note that this option must be enabled if 1544 CRYPTO_FIPS is selected 1545 1546menuconfig CRYPTO_DRBG_MENU 1547 tristate "NIST SP800-90A DRBG" 1548 help 1549 NIST SP800-90A compliant DRBG. In the following submenu, one or 1550 more of the DRBG types must be selected. 1551 1552if CRYPTO_DRBG_MENU 1553 1554config CRYPTO_DRBG_HMAC 1555 bool 1556 default y 1557 select CRYPTO_HMAC 1558 select CRYPTO_SHA256 1559 1560config CRYPTO_DRBG_HASH 1561 bool "Enable Hash DRBG" 1562 select CRYPTO_SHA256 1563 help 1564 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1565 1566config CRYPTO_DRBG_CTR 1567 bool "Enable CTR DRBG" 1568 select CRYPTO_AES 1569 help 1570 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1571 1572config CRYPTO_DRBG 1573 tristate 1574 default CRYPTO_DRBG_MENU 1575 select CRYPTO_RNG 1576 select CRYPTO_JITTERENTROPY 1577 1578endif # if CRYPTO_DRBG_MENU 1579 1580config CRYPTO_JITTERENTROPY 1581 tristate "Jitterentropy Non-Deterministic Random Number Generator" 1582 select CRYPTO_RNG 1583 help 1584 The Jitterentropy RNG is a noise that is intended 1585 to provide seed to another RNG. The RNG does not 1586 perform any cryptographic whitening of the generated 1587 random numbers. This Jitterentropy RNG registers with 1588 the kernel crypto API and can be used by any caller. 1589 1590config CRYPTO_USER_API 1591 tristate 1592 1593config CRYPTO_USER_API_HASH 1594 tristate "User-space interface for hash algorithms" 1595 depends on NET 1596 select CRYPTO_HASH 1597 select CRYPTO_USER_API 1598 help 1599 This option enables the user-spaces interface for hash 1600 algorithms. 1601 1602config CRYPTO_USER_API_SKCIPHER 1603 tristate "User-space interface for symmetric key cipher algorithms" 1604 depends on NET 1605 select CRYPTO_BLKCIPHER 1606 select CRYPTO_USER_API 1607 help 1608 This option enables the user-spaces interface for symmetric 1609 key cipher algorithms. 1610 1611config CRYPTO_USER_API_RNG 1612 tristate "User-space interface for random number generator algorithms" 1613 depends on NET 1614 select CRYPTO_RNG 1615 select CRYPTO_USER_API 1616 help 1617 This option enables the user-spaces interface for random 1618 number generator algorithms. 1619 1620config CRYPTO_USER_API_AEAD 1621 tristate "User-space interface for AEAD cipher algorithms" 1622 depends on NET 1623 select CRYPTO_AEAD 1624 select CRYPTO_USER_API 1625 help 1626 This option enables the user-spaces interface for AEAD 1627 cipher algorithms. 1628 1629config CRYPTO_HASH_INFO 1630 bool 1631 1632source "drivers/crypto/Kconfig" 1633source crypto/asymmetric_keys/Kconfig 1634source certs/Kconfig 1635 1636endif # if CRYPTO 1637