1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 27 depends on MODULE_SIG 28 help 29 This options enables the fips boot option which is 30 required if you want to system to operate in a FIPS 200 31 certification. You should say no unless you know what 32 this is. 33 34config CRYPTO_ALGAPI 35 tristate 36 select CRYPTO_ALGAPI2 37 help 38 This option provides the API for cryptographic algorithms. 39 40config CRYPTO_ALGAPI2 41 tristate 42 43config CRYPTO_AEAD 44 tristate 45 select CRYPTO_AEAD2 46 select CRYPTO_ALGAPI 47 48config CRYPTO_AEAD2 49 tristate 50 select CRYPTO_ALGAPI2 51 52config CRYPTO_BLKCIPHER 53 tristate 54 select CRYPTO_BLKCIPHER2 55 select CRYPTO_ALGAPI 56 57config CRYPTO_BLKCIPHER2 58 tristate 59 select CRYPTO_ALGAPI2 60 select CRYPTO_RNG2 61 select CRYPTO_WORKQUEUE 62 63config CRYPTO_HASH 64 tristate 65 select CRYPTO_HASH2 66 select CRYPTO_ALGAPI 67 68config CRYPTO_HASH2 69 tristate 70 select CRYPTO_ALGAPI2 71 72config CRYPTO_RNG 73 tristate 74 select CRYPTO_RNG2 75 select CRYPTO_ALGAPI 76 77config CRYPTO_RNG2 78 tristate 79 select CRYPTO_ALGAPI2 80 81config CRYPTO_PCOMP 82 tristate 83 select CRYPTO_PCOMP2 84 select CRYPTO_ALGAPI 85 86config CRYPTO_PCOMP2 87 tristate 88 select CRYPTO_ALGAPI2 89 90config CRYPTO_MANAGER 91 tristate "Cryptographic algorithm manager" 92 select CRYPTO_MANAGER2 93 help 94 Create default cryptographic template instantiations such as 95 cbc(aes). 96 97config CRYPTO_MANAGER2 98 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 99 select CRYPTO_AEAD2 100 select CRYPTO_HASH2 101 select CRYPTO_BLKCIPHER2 102 select CRYPTO_PCOMP2 103 104config CRYPTO_USER 105 tristate "Userspace cryptographic algorithm configuration" 106 depends on NET 107 select CRYPTO_MANAGER 108 help 109 Userspace configuration for cryptographic instantiations such as 110 cbc(aes). 111 112config CRYPTO_MANAGER_DISABLE_TESTS 113 bool "Disable run-time self tests" 114 default y 115 depends on CRYPTO_MANAGER2 116 help 117 Disable run-time self tests that normally take place at 118 algorithm registration. 119 120config CRYPTO_GF128MUL 121 tristate "GF(2^128) multiplication functions" 122 help 123 Efficient table driven implementation of multiplications in the 124 field GF(2^128). This is needed by some cypher modes. This 125 option will be selected automatically if you select such a 126 cipher mode. Only select this option by hand if you expect to load 127 an external module that requires these functions. 128 129config CRYPTO_NULL 130 tristate "Null algorithms" 131 select CRYPTO_ALGAPI 132 select CRYPTO_BLKCIPHER 133 select CRYPTO_HASH 134 help 135 These are 'Null' algorithms, used by IPsec, which do nothing. 136 137config CRYPTO_PCRYPT 138 tristate "Parallel crypto engine" 139 depends on SMP 140 select PADATA 141 select CRYPTO_MANAGER 142 select CRYPTO_AEAD 143 help 144 This converts an arbitrary crypto algorithm into a parallel 145 algorithm that executes in kernel threads. 146 147config CRYPTO_WORKQUEUE 148 tristate 149 150config CRYPTO_CRYPTD 151 tristate "Software async crypto daemon" 152 select CRYPTO_BLKCIPHER 153 select CRYPTO_HASH 154 select CRYPTO_MANAGER 155 select CRYPTO_WORKQUEUE 156 help 157 This is a generic software asynchronous crypto daemon that 158 converts an arbitrary synchronous software crypto algorithm 159 into an asynchronous algorithm that executes in a kernel thread. 160 161config CRYPTO_MCRYPTD 162 tristate "Software async multi-buffer crypto daemon" 163 select CRYPTO_BLKCIPHER 164 select CRYPTO_HASH 165 select CRYPTO_MANAGER 166 select CRYPTO_WORKQUEUE 167 help 168 This is a generic software asynchronous crypto daemon that 169 provides the kernel thread to assist multi-buffer crypto 170 algorithms for submitting jobs and flushing jobs in multi-buffer 171 crypto algorithms. Multi-buffer crypto algorithms are executed 172 in the context of this kernel thread and drivers can post 173 their crypto request asynchronously to be processed by this daemon. 174 175config CRYPTO_AUTHENC 176 tristate "Authenc support" 177 select CRYPTO_AEAD 178 select CRYPTO_BLKCIPHER 179 select CRYPTO_MANAGER 180 select CRYPTO_HASH 181 help 182 Authenc: Combined mode wrapper for IPsec. 183 This is required for IPSec. 184 185config CRYPTO_TEST 186 tristate "Testing module" 187 depends on m 188 select CRYPTO_MANAGER 189 help 190 Quick & dirty crypto test module. 191 192config CRYPTO_ABLK_HELPER 193 tristate 194 select CRYPTO_CRYPTD 195 196config CRYPTO_GLUE_HELPER_X86 197 tristate 198 depends on X86 199 select CRYPTO_ALGAPI 200 201comment "Authenticated Encryption with Associated Data" 202 203config CRYPTO_CCM 204 tristate "CCM support" 205 select CRYPTO_CTR 206 select CRYPTO_AEAD 207 help 208 Support for Counter with CBC MAC. Required for IPsec. 209 210config CRYPTO_GCM 211 tristate "GCM/GMAC support" 212 select CRYPTO_CTR 213 select CRYPTO_AEAD 214 select CRYPTO_GHASH 215 select CRYPTO_NULL 216 help 217 Support for Galois/Counter Mode (GCM) and Galois Message 218 Authentication Code (GMAC). Required for IPSec. 219 220config CRYPTO_SEQIV 221 tristate "Sequence Number IV Generator" 222 select CRYPTO_AEAD 223 select CRYPTO_BLKCIPHER 224 select CRYPTO_RNG 225 help 226 This IV generator generates an IV based on a sequence number by 227 xoring it with a salt. This algorithm is mainly useful for CTR 228 229comment "Block modes" 230 231config CRYPTO_CBC 232 tristate "CBC support" 233 select CRYPTO_BLKCIPHER 234 select CRYPTO_MANAGER 235 help 236 CBC: Cipher Block Chaining mode 237 This block cipher algorithm is required for IPSec. 238 239config CRYPTO_CTR 240 tristate "CTR support" 241 select CRYPTO_BLKCIPHER 242 select CRYPTO_SEQIV 243 select CRYPTO_MANAGER 244 help 245 CTR: Counter mode 246 This block cipher algorithm is required for IPSec. 247 248config CRYPTO_CTS 249 tristate "CTS support" 250 select CRYPTO_BLKCIPHER 251 help 252 CTS: Cipher Text Stealing 253 This is the Cipher Text Stealing mode as described by 254 Section 8 of rfc2040 and referenced by rfc3962. 255 (rfc3962 includes errata information in its Appendix A) 256 This mode is required for Kerberos gss mechanism support 257 for AES encryption. 258 259config CRYPTO_ECB 260 tristate "ECB support" 261 select CRYPTO_BLKCIPHER 262 select CRYPTO_MANAGER 263 help 264 ECB: Electronic CodeBook mode 265 This is the simplest block cipher algorithm. It simply encrypts 266 the input block by block. 267 268config CRYPTO_LRW 269 tristate "LRW support" 270 select CRYPTO_BLKCIPHER 271 select CRYPTO_MANAGER 272 select CRYPTO_GF128MUL 273 help 274 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 275 narrow block cipher mode for dm-crypt. Use it with cipher 276 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 277 The first 128, 192 or 256 bits in the key are used for AES and the 278 rest is used to tie each cipher block to its logical position. 279 280config CRYPTO_PCBC 281 tristate "PCBC support" 282 select CRYPTO_BLKCIPHER 283 select CRYPTO_MANAGER 284 help 285 PCBC: Propagating Cipher Block Chaining mode 286 This block cipher algorithm is required for RxRPC. 287 288config CRYPTO_XTS 289 tristate "XTS support" 290 select CRYPTO_BLKCIPHER 291 select CRYPTO_MANAGER 292 select CRYPTO_GF128MUL 293 help 294 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 295 key size 256, 384 or 512 bits. This implementation currently 296 can't handle a sectorsize which is not a multiple of 16 bytes. 297 298comment "Hash modes" 299 300config CRYPTO_CMAC 301 tristate "CMAC support" 302 select CRYPTO_HASH 303 select CRYPTO_MANAGER 304 help 305 Cipher-based Message Authentication Code (CMAC) specified by 306 The National Institute of Standards and Technology (NIST). 307 308 https://tools.ietf.org/html/rfc4493 309 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf 310 311config CRYPTO_HMAC 312 tristate "HMAC support" 313 select CRYPTO_HASH 314 select CRYPTO_MANAGER 315 help 316 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 317 This is required for IPSec. 318 319config CRYPTO_XCBC 320 tristate "XCBC support" 321 select CRYPTO_HASH 322 select CRYPTO_MANAGER 323 help 324 XCBC: Keyed-Hashing with encryption algorithm 325 http://www.ietf.org/rfc/rfc3566.txt 326 http://csrc.nist.gov/encryption/modes/proposedmodes/ 327 xcbc-mac/xcbc-mac-spec.pdf 328 329config CRYPTO_VMAC 330 tristate "VMAC support" 331 select CRYPTO_HASH 332 select CRYPTO_MANAGER 333 help 334 VMAC is a message authentication algorithm designed for 335 very high speed on 64-bit architectures. 336 337 See also: 338 <http://fastcrypto.org/vmac> 339 340comment "Digest" 341 342config CRYPTO_CRC32C 343 tristate "CRC32c CRC algorithm" 344 select CRYPTO_HASH 345 select CRC32 346 help 347 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 348 by iSCSI for header and data digests and by others. 349 See Castagnoli93. Module will be crc32c. 350 351config CRYPTO_CRC32C_INTEL 352 tristate "CRC32c INTEL hardware acceleration" 353 depends on X86 354 select CRYPTO_HASH 355 help 356 In Intel processor with SSE4.2 supported, the processor will 357 support CRC32C implementation using hardware accelerated CRC32 358 instruction. This option will create 'crc32c-intel' module, 359 which will enable any routine to use the CRC32 instruction to 360 gain performance compared with software implementation. 361 Module will be crc32c-intel. 362 363config CRYPTO_CRC32C_SPARC64 364 tristate "CRC32c CRC algorithm (SPARC64)" 365 depends on SPARC64 366 select CRYPTO_HASH 367 select CRC32 368 help 369 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 370 when available. 371 372config CRYPTO_CRC32 373 tristate "CRC32 CRC algorithm" 374 select CRYPTO_HASH 375 select CRC32 376 help 377 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm. 378 Shash crypto api wrappers to crc32_le function. 379 380config CRYPTO_CRC32_PCLMUL 381 tristate "CRC32 PCLMULQDQ hardware acceleration" 382 depends on X86 383 select CRYPTO_HASH 384 select CRC32 385 help 386 From Intel Westmere and AMD Bulldozer processor with SSE4.2 387 and PCLMULQDQ supported, the processor will support 388 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ 389 instruction. This option will create 'crc32-plcmul' module, 390 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 391 and gain better performance as compared with the table implementation. 392 393config CRYPTO_CRCT10DIF 394 tristate "CRCT10DIF algorithm" 395 select CRYPTO_HASH 396 help 397 CRC T10 Data Integrity Field computation is being cast as 398 a crypto transform. This allows for faster crc t10 diff 399 transforms to be used if they are available. 400 401config CRYPTO_CRCT10DIF_PCLMUL 402 tristate "CRCT10DIF PCLMULQDQ hardware acceleration" 403 depends on X86 && 64BIT && CRC_T10DIF 404 select CRYPTO_HASH 405 help 406 For x86_64 processors with SSE4.2 and PCLMULQDQ supported, 407 CRC T10 DIF PCLMULQDQ computation can be hardware 408 accelerated PCLMULQDQ instruction. This option will create 409 'crct10dif-plcmul' module, which is faster when computing the 410 crct10dif checksum as compared with the generic table implementation. 411 412config CRYPTO_GHASH 413 tristate "GHASH digest algorithm" 414 select CRYPTO_GF128MUL 415 help 416 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 417 418config CRYPTO_MD4 419 tristate "MD4 digest algorithm" 420 select CRYPTO_HASH 421 help 422 MD4 message digest algorithm (RFC1320). 423 424config CRYPTO_MD5 425 tristate "MD5 digest algorithm" 426 select CRYPTO_HASH 427 help 428 MD5 message digest algorithm (RFC1321). 429 430config CRYPTO_MD5_OCTEON 431 tristate "MD5 digest algorithm (OCTEON)" 432 depends on CPU_CAVIUM_OCTEON 433 select CRYPTO_MD5 434 select CRYPTO_HASH 435 help 436 MD5 message digest algorithm (RFC1321) implemented 437 using OCTEON crypto instructions, when available. 438 439config CRYPTO_MD5_SPARC64 440 tristate "MD5 digest algorithm (SPARC64)" 441 depends on SPARC64 442 select CRYPTO_MD5 443 select CRYPTO_HASH 444 help 445 MD5 message digest algorithm (RFC1321) implemented 446 using sparc64 crypto instructions, when available. 447 448config CRYPTO_MICHAEL_MIC 449 tristate "Michael MIC keyed digest algorithm" 450 select CRYPTO_HASH 451 help 452 Michael MIC is used for message integrity protection in TKIP 453 (IEEE 802.11i). This algorithm is required for TKIP, but it 454 should not be used for other purposes because of the weakness 455 of the algorithm. 456 457config CRYPTO_RMD128 458 tristate "RIPEMD-128 digest algorithm" 459 select CRYPTO_HASH 460 help 461 RIPEMD-128 (ISO/IEC 10118-3:2004). 462 463 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 464 be used as a secure replacement for RIPEMD. For other use cases, 465 RIPEMD-160 should be used. 466 467 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 468 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 469 470config CRYPTO_RMD160 471 tristate "RIPEMD-160 digest algorithm" 472 select CRYPTO_HASH 473 help 474 RIPEMD-160 (ISO/IEC 10118-3:2004). 475 476 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 477 to be used as a secure replacement for the 128-bit hash functions 478 MD4, MD5 and it's predecessor RIPEMD 479 (not to be confused with RIPEMD-128). 480 481 It's speed is comparable to SHA1 and there are no known attacks 482 against RIPEMD-160. 483 484 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 485 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 486 487config CRYPTO_RMD256 488 tristate "RIPEMD-256 digest algorithm" 489 select CRYPTO_HASH 490 help 491 RIPEMD-256 is an optional extension of RIPEMD-128 with a 492 256 bit hash. It is intended for applications that require 493 longer hash-results, without needing a larger security level 494 (than RIPEMD-128). 495 496 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 497 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 498 499config CRYPTO_RMD320 500 tristate "RIPEMD-320 digest algorithm" 501 select CRYPTO_HASH 502 help 503 RIPEMD-320 is an optional extension of RIPEMD-160 with a 504 320 bit hash. It is intended for applications that require 505 longer hash-results, without needing a larger security level 506 (than RIPEMD-160). 507 508 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 509 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 510 511config CRYPTO_SHA1 512 tristate "SHA1 digest algorithm" 513 select CRYPTO_HASH 514 help 515 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 516 517config CRYPTO_SHA1_SSSE3 518 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)" 519 depends on X86 && 64BIT 520 select CRYPTO_SHA1 521 select CRYPTO_HASH 522 help 523 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 524 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 525 Extensions (AVX/AVX2), when available. 526 527config CRYPTO_SHA256_SSSE3 528 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)" 529 depends on X86 && 64BIT 530 select CRYPTO_SHA256 531 select CRYPTO_HASH 532 help 533 SHA-256 secure hash standard (DFIPS 180-2) implemented 534 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 535 Extensions version 1 (AVX1), or Advanced Vector Extensions 536 version 2 (AVX2) instructions, when available. 537 538config CRYPTO_SHA512_SSSE3 539 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)" 540 depends on X86 && 64BIT 541 select CRYPTO_SHA512 542 select CRYPTO_HASH 543 help 544 SHA-512 secure hash standard (DFIPS 180-2) implemented 545 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 546 Extensions version 1 (AVX1), or Advanced Vector Extensions 547 version 2 (AVX2) instructions, when available. 548 549config CRYPTO_SHA1_SPARC64 550 tristate "SHA1 digest algorithm (SPARC64)" 551 depends on SPARC64 552 select CRYPTO_SHA1 553 select CRYPTO_HASH 554 help 555 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 556 using sparc64 crypto instructions, when available. 557 558config CRYPTO_SHA1_ARM 559 tristate "SHA1 digest algorithm (ARM-asm)" 560 depends on ARM 561 select CRYPTO_SHA1 562 select CRYPTO_HASH 563 help 564 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 565 using optimized ARM assembler. 566 567config CRYPTO_SHA1_ARM_NEON 568 tristate "SHA1 digest algorithm (ARM NEON)" 569 depends on ARM && KERNEL_MODE_NEON 570 select CRYPTO_SHA1_ARM 571 select CRYPTO_SHA1 572 select CRYPTO_HASH 573 help 574 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 575 using optimized ARM NEON assembly, when NEON instructions are 576 available. 577 578config CRYPTO_SHA1_PPC 579 tristate "SHA1 digest algorithm (powerpc)" 580 depends on PPC 581 help 582 This is the powerpc hardware accelerated implementation of the 583 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 584 585config CRYPTO_SHA1_MB 586 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)" 587 depends on X86 && 64BIT 588 select CRYPTO_SHA1 589 select CRYPTO_HASH 590 select CRYPTO_MCRYPTD 591 help 592 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 593 using multi-buffer technique. This algorithm computes on 594 multiple data lanes concurrently with SIMD instructions for 595 better throughput. It should not be enabled by default but 596 used when there is significant amount of work to keep the keep 597 the data lanes filled to get performance benefit. If the data 598 lanes remain unfilled, a flush operation will be initiated to 599 process the crypto jobs, adding a slight latency. 600 601config CRYPTO_SHA256 602 tristate "SHA224 and SHA256 digest algorithm" 603 select CRYPTO_HASH 604 help 605 SHA256 secure hash standard (DFIPS 180-2). 606 607 This version of SHA implements a 256 bit hash with 128 bits of 608 security against collision attacks. 609 610 This code also includes SHA-224, a 224 bit hash with 112 bits 611 of security against collision attacks. 612 613config CRYPTO_SHA256_SPARC64 614 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 615 depends on SPARC64 616 select CRYPTO_SHA256 617 select CRYPTO_HASH 618 help 619 SHA-256 secure hash standard (DFIPS 180-2) implemented 620 using sparc64 crypto instructions, when available. 621 622config CRYPTO_SHA512 623 tristate "SHA384 and SHA512 digest algorithms" 624 select CRYPTO_HASH 625 help 626 SHA512 secure hash standard (DFIPS 180-2). 627 628 This version of SHA implements a 512 bit hash with 256 bits of 629 security against collision attacks. 630 631 This code also includes SHA-384, a 384 bit hash with 192 bits 632 of security against collision attacks. 633 634config CRYPTO_SHA512_SPARC64 635 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 636 depends on SPARC64 637 select CRYPTO_SHA512 638 select CRYPTO_HASH 639 help 640 SHA-512 secure hash standard (DFIPS 180-2) implemented 641 using sparc64 crypto instructions, when available. 642 643config CRYPTO_SHA512_ARM_NEON 644 tristate "SHA384 and SHA512 digest algorithm (ARM NEON)" 645 depends on ARM && KERNEL_MODE_NEON 646 select CRYPTO_SHA512 647 select CRYPTO_HASH 648 help 649 SHA-512 secure hash standard (DFIPS 180-2) implemented 650 using ARM NEON instructions, when available. 651 652 This version of SHA implements a 512 bit hash with 256 bits of 653 security against collision attacks. 654 655 This code also includes SHA-384, a 384 bit hash with 192 bits 656 of security against collision attacks. 657 658config CRYPTO_TGR192 659 tristate "Tiger digest algorithms" 660 select CRYPTO_HASH 661 help 662 Tiger hash algorithm 192, 160 and 128-bit hashes 663 664 Tiger is a hash function optimized for 64-bit processors while 665 still having decent performance on 32-bit processors. 666 Tiger was developed by Ross Anderson and Eli Biham. 667 668 See also: 669 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 670 671config CRYPTO_WP512 672 tristate "Whirlpool digest algorithms" 673 select CRYPTO_HASH 674 help 675 Whirlpool hash algorithm 512, 384 and 256-bit hashes 676 677 Whirlpool-512 is part of the NESSIE cryptographic primitives. 678 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 679 680 See also: 681 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 682 683config CRYPTO_GHASH_CLMUL_NI_INTEL 684 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 685 depends on X86 && 64BIT 686 select CRYPTO_CRYPTD 687 help 688 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 689 The implementation is accelerated by CLMUL-NI of Intel. 690 691comment "Ciphers" 692 693config CRYPTO_AES 694 tristate "AES cipher algorithms" 695 select CRYPTO_ALGAPI 696 help 697 AES cipher algorithms (FIPS-197). AES uses the Rijndael 698 algorithm. 699 700 Rijndael appears to be consistently a very good performer in 701 both hardware and software across a wide range of computing 702 environments regardless of its use in feedback or non-feedback 703 modes. Its key setup time is excellent, and its key agility is 704 good. Rijndael's very low memory requirements make it very well 705 suited for restricted-space environments, in which it also 706 demonstrates excellent performance. Rijndael's operations are 707 among the easiest to defend against power and timing attacks. 708 709 The AES specifies three key sizes: 128, 192 and 256 bits 710 711 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 712 713config CRYPTO_AES_586 714 tristate "AES cipher algorithms (i586)" 715 depends on (X86 || UML_X86) && !64BIT 716 select CRYPTO_ALGAPI 717 select CRYPTO_AES 718 help 719 AES cipher algorithms (FIPS-197). AES uses the Rijndael 720 algorithm. 721 722 Rijndael appears to be consistently a very good performer in 723 both hardware and software across a wide range of computing 724 environments regardless of its use in feedback or non-feedback 725 modes. Its key setup time is excellent, and its key agility is 726 good. Rijndael's very low memory requirements make it very well 727 suited for restricted-space environments, in which it also 728 demonstrates excellent performance. Rijndael's operations are 729 among the easiest to defend against power and timing attacks. 730 731 The AES specifies three key sizes: 128, 192 and 256 bits 732 733 See <http://csrc.nist.gov/encryption/aes/> for more information. 734 735config CRYPTO_AES_X86_64 736 tristate "AES cipher algorithms (x86_64)" 737 depends on (X86 || UML_X86) && 64BIT 738 select CRYPTO_ALGAPI 739 select CRYPTO_AES 740 help 741 AES cipher algorithms (FIPS-197). AES uses the Rijndael 742 algorithm. 743 744 Rijndael appears to be consistently a very good performer in 745 both hardware and software across a wide range of computing 746 environments regardless of its use in feedback or non-feedback 747 modes. Its key setup time is excellent, and its key agility is 748 good. Rijndael's very low memory requirements make it very well 749 suited for restricted-space environments, in which it also 750 demonstrates excellent performance. Rijndael's operations are 751 among the easiest to defend against power and timing attacks. 752 753 The AES specifies three key sizes: 128, 192 and 256 bits 754 755 See <http://csrc.nist.gov/encryption/aes/> for more information. 756 757config CRYPTO_AES_NI_INTEL 758 tristate "AES cipher algorithms (AES-NI)" 759 depends on X86 760 select CRYPTO_AES_X86_64 if 64BIT 761 select CRYPTO_AES_586 if !64BIT 762 select CRYPTO_CRYPTD 763 select CRYPTO_ABLK_HELPER 764 select CRYPTO_ALGAPI 765 select CRYPTO_GLUE_HELPER_X86 if 64BIT 766 select CRYPTO_LRW 767 select CRYPTO_XTS 768 help 769 Use Intel AES-NI instructions for AES algorithm. 770 771 AES cipher algorithms (FIPS-197). AES uses the Rijndael 772 algorithm. 773 774 Rijndael appears to be consistently a very good performer in 775 both hardware and software across a wide range of computing 776 environments regardless of its use in feedback or non-feedback 777 modes. Its key setup time is excellent, and its key agility is 778 good. Rijndael's very low memory requirements make it very well 779 suited for restricted-space environments, in which it also 780 demonstrates excellent performance. Rijndael's operations are 781 among the easiest to defend against power and timing attacks. 782 783 The AES specifies three key sizes: 128, 192 and 256 bits 784 785 See <http://csrc.nist.gov/encryption/aes/> for more information. 786 787 In addition to AES cipher algorithm support, the acceleration 788 for some popular block cipher mode is supported too, including 789 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 790 acceleration for CTR. 791 792config CRYPTO_AES_SPARC64 793 tristate "AES cipher algorithms (SPARC64)" 794 depends on SPARC64 795 select CRYPTO_CRYPTD 796 select CRYPTO_ALGAPI 797 help 798 Use SPARC64 crypto opcodes for AES algorithm. 799 800 AES cipher algorithms (FIPS-197). AES uses the Rijndael 801 algorithm. 802 803 Rijndael appears to be consistently a very good performer in 804 both hardware and software across a wide range of computing 805 environments regardless of its use in feedback or non-feedback 806 modes. Its key setup time is excellent, and its key agility is 807 good. Rijndael's very low memory requirements make it very well 808 suited for restricted-space environments, in which it also 809 demonstrates excellent performance. Rijndael's operations are 810 among the easiest to defend against power and timing attacks. 811 812 The AES specifies three key sizes: 128, 192 and 256 bits 813 814 See <http://csrc.nist.gov/encryption/aes/> for more information. 815 816 In addition to AES cipher algorithm support, the acceleration 817 for some popular block cipher mode is supported too, including 818 ECB and CBC. 819 820config CRYPTO_AES_ARM 821 tristate "AES cipher algorithms (ARM-asm)" 822 depends on ARM 823 select CRYPTO_ALGAPI 824 select CRYPTO_AES 825 help 826 Use optimized AES assembler routines for ARM platforms. 827 828 AES cipher algorithms (FIPS-197). AES uses the Rijndael 829 algorithm. 830 831 Rijndael appears to be consistently a very good performer in 832 both hardware and software across a wide range of computing 833 environments regardless of its use in feedback or non-feedback 834 modes. Its key setup time is excellent, and its key agility is 835 good. Rijndael's very low memory requirements make it very well 836 suited for restricted-space environments, in which it also 837 demonstrates excellent performance. Rijndael's operations are 838 among the easiest to defend against power and timing attacks. 839 840 The AES specifies three key sizes: 128, 192 and 256 bits 841 842 See <http://csrc.nist.gov/encryption/aes/> for more information. 843 844config CRYPTO_AES_ARM_BS 845 tristate "Bit sliced AES using NEON instructions" 846 depends on ARM && KERNEL_MODE_NEON 847 select CRYPTO_ALGAPI 848 select CRYPTO_AES_ARM 849 select CRYPTO_ABLK_HELPER 850 help 851 Use a faster and more secure NEON based implementation of AES in CBC, 852 CTR and XTS modes 853 854 Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode 855 and for XTS mode encryption, CBC and XTS mode decryption speedup is 856 around 25%. (CBC encryption speed is not affected by this driver.) 857 This implementation does not rely on any lookup tables so it is 858 believed to be invulnerable to cache timing attacks. 859 860config CRYPTO_ANUBIS 861 tristate "Anubis cipher algorithm" 862 select CRYPTO_ALGAPI 863 help 864 Anubis cipher algorithm. 865 866 Anubis is a variable key length cipher which can use keys from 867 128 bits to 320 bits in length. It was evaluated as a entrant 868 in the NESSIE competition. 869 870 See also: 871 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 872 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 873 874config CRYPTO_ARC4 875 tristate "ARC4 cipher algorithm" 876 select CRYPTO_BLKCIPHER 877 help 878 ARC4 cipher algorithm. 879 880 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 881 bits in length. This algorithm is required for driver-based 882 WEP, but it should not be for other purposes because of the 883 weakness of the algorithm. 884 885config CRYPTO_BLOWFISH 886 tristate "Blowfish cipher algorithm" 887 select CRYPTO_ALGAPI 888 select CRYPTO_BLOWFISH_COMMON 889 help 890 Blowfish cipher algorithm, by Bruce Schneier. 891 892 This is a variable key length cipher which can use keys from 32 893 bits to 448 bits in length. It's fast, simple and specifically 894 designed for use on "large microprocessors". 895 896 See also: 897 <http://www.schneier.com/blowfish.html> 898 899config CRYPTO_BLOWFISH_COMMON 900 tristate 901 help 902 Common parts of the Blowfish cipher algorithm shared by the 903 generic c and the assembler implementations. 904 905 See also: 906 <http://www.schneier.com/blowfish.html> 907 908config CRYPTO_BLOWFISH_X86_64 909 tristate "Blowfish cipher algorithm (x86_64)" 910 depends on X86 && 64BIT 911 select CRYPTO_ALGAPI 912 select CRYPTO_BLOWFISH_COMMON 913 help 914 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 915 916 This is a variable key length cipher which can use keys from 32 917 bits to 448 bits in length. It's fast, simple and specifically 918 designed for use on "large microprocessors". 919 920 See also: 921 <http://www.schneier.com/blowfish.html> 922 923config CRYPTO_CAMELLIA 924 tristate "Camellia cipher algorithms" 925 depends on CRYPTO 926 select CRYPTO_ALGAPI 927 help 928 Camellia cipher algorithms module. 929 930 Camellia is a symmetric key block cipher developed jointly 931 at NTT and Mitsubishi Electric Corporation. 932 933 The Camellia specifies three key sizes: 128, 192 and 256 bits. 934 935 See also: 936 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 937 938config CRYPTO_CAMELLIA_X86_64 939 tristate "Camellia cipher algorithm (x86_64)" 940 depends on X86 && 64BIT 941 depends on CRYPTO 942 select CRYPTO_ALGAPI 943 select CRYPTO_GLUE_HELPER_X86 944 select CRYPTO_LRW 945 select CRYPTO_XTS 946 help 947 Camellia cipher algorithm module (x86_64). 948 949 Camellia is a symmetric key block cipher developed jointly 950 at NTT and Mitsubishi Electric Corporation. 951 952 The Camellia specifies three key sizes: 128, 192 and 256 bits. 953 954 See also: 955 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 956 957config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 958 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 959 depends on X86 && 64BIT 960 depends on CRYPTO 961 select CRYPTO_ALGAPI 962 select CRYPTO_CRYPTD 963 select CRYPTO_ABLK_HELPER 964 select CRYPTO_GLUE_HELPER_X86 965 select CRYPTO_CAMELLIA_X86_64 966 select CRYPTO_LRW 967 select CRYPTO_XTS 968 help 969 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 970 971 Camellia is a symmetric key block cipher developed jointly 972 at NTT and Mitsubishi Electric Corporation. 973 974 The Camellia specifies three key sizes: 128, 192 and 256 bits. 975 976 See also: 977 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 978 979config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 980 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)" 981 depends on X86 && 64BIT 982 depends on CRYPTO 983 select CRYPTO_ALGAPI 984 select CRYPTO_CRYPTD 985 select CRYPTO_ABLK_HELPER 986 select CRYPTO_GLUE_HELPER_X86 987 select CRYPTO_CAMELLIA_X86_64 988 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64 989 select CRYPTO_LRW 990 select CRYPTO_XTS 991 help 992 Camellia cipher algorithm module (x86_64/AES-NI/AVX2). 993 994 Camellia is a symmetric key block cipher developed jointly 995 at NTT and Mitsubishi Electric Corporation. 996 997 The Camellia specifies three key sizes: 128, 192 and 256 bits. 998 999 See also: 1000 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1001 1002config CRYPTO_CAMELLIA_SPARC64 1003 tristate "Camellia cipher algorithm (SPARC64)" 1004 depends on SPARC64 1005 depends on CRYPTO 1006 select CRYPTO_ALGAPI 1007 help 1008 Camellia cipher algorithm module (SPARC64). 1009 1010 Camellia is a symmetric key block cipher developed jointly 1011 at NTT and Mitsubishi Electric Corporation. 1012 1013 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1014 1015 See also: 1016 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1017 1018config CRYPTO_CAST_COMMON 1019 tristate 1020 help 1021 Common parts of the CAST cipher algorithms shared by the 1022 generic c and the assembler implementations. 1023 1024config CRYPTO_CAST5 1025 tristate "CAST5 (CAST-128) cipher algorithm" 1026 select CRYPTO_ALGAPI 1027 select CRYPTO_CAST_COMMON 1028 help 1029 The CAST5 encryption algorithm (synonymous with CAST-128) is 1030 described in RFC2144. 1031 1032config CRYPTO_CAST5_AVX_X86_64 1033 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 1034 depends on X86 && 64BIT 1035 select CRYPTO_ALGAPI 1036 select CRYPTO_CRYPTD 1037 select CRYPTO_ABLK_HELPER 1038 select CRYPTO_CAST_COMMON 1039 select CRYPTO_CAST5 1040 help 1041 The CAST5 encryption algorithm (synonymous with CAST-128) is 1042 described in RFC2144. 1043 1044 This module provides the Cast5 cipher algorithm that processes 1045 sixteen blocks parallel using the AVX instruction set. 1046 1047config CRYPTO_CAST6 1048 tristate "CAST6 (CAST-256) cipher algorithm" 1049 select CRYPTO_ALGAPI 1050 select CRYPTO_CAST_COMMON 1051 help 1052 The CAST6 encryption algorithm (synonymous with CAST-256) is 1053 described in RFC2612. 1054 1055config CRYPTO_CAST6_AVX_X86_64 1056 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 1057 depends on X86 && 64BIT 1058 select CRYPTO_ALGAPI 1059 select CRYPTO_CRYPTD 1060 select CRYPTO_ABLK_HELPER 1061 select CRYPTO_GLUE_HELPER_X86 1062 select CRYPTO_CAST_COMMON 1063 select CRYPTO_CAST6 1064 select CRYPTO_LRW 1065 select CRYPTO_XTS 1066 help 1067 The CAST6 encryption algorithm (synonymous with CAST-256) is 1068 described in RFC2612. 1069 1070 This module provides the Cast6 cipher algorithm that processes 1071 eight blocks parallel using the AVX instruction set. 1072 1073config CRYPTO_DES 1074 tristate "DES and Triple DES EDE cipher algorithms" 1075 select CRYPTO_ALGAPI 1076 help 1077 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 1078 1079config CRYPTO_DES_SPARC64 1080 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 1081 depends on SPARC64 1082 select CRYPTO_ALGAPI 1083 select CRYPTO_DES 1084 help 1085 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 1086 optimized using SPARC64 crypto opcodes. 1087 1088config CRYPTO_DES3_EDE_X86_64 1089 tristate "Triple DES EDE cipher algorithm (x86-64)" 1090 depends on X86 && 64BIT 1091 select CRYPTO_ALGAPI 1092 select CRYPTO_DES 1093 help 1094 Triple DES EDE (FIPS 46-3) algorithm. 1095 1096 This module provides implementation of the Triple DES EDE cipher 1097 algorithm that is optimized for x86-64 processors. Two versions of 1098 algorithm are provided; regular processing one input block and 1099 one that processes three blocks parallel. 1100 1101config CRYPTO_FCRYPT 1102 tristate "FCrypt cipher algorithm" 1103 select CRYPTO_ALGAPI 1104 select CRYPTO_BLKCIPHER 1105 help 1106 FCrypt algorithm used by RxRPC. 1107 1108config CRYPTO_KHAZAD 1109 tristate "Khazad cipher algorithm" 1110 select CRYPTO_ALGAPI 1111 help 1112 Khazad cipher algorithm. 1113 1114 Khazad was a finalist in the initial NESSIE competition. It is 1115 an algorithm optimized for 64-bit processors with good performance 1116 on 32-bit processors. Khazad uses an 128 bit key size. 1117 1118 See also: 1119 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 1120 1121config CRYPTO_SALSA20 1122 tristate "Salsa20 stream cipher algorithm" 1123 select CRYPTO_BLKCIPHER 1124 help 1125 Salsa20 stream cipher algorithm. 1126 1127 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1128 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1129 1130 The Salsa20 stream cipher algorithm is designed by Daniel J. 1131 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1132 1133config CRYPTO_SALSA20_586 1134 tristate "Salsa20 stream cipher algorithm (i586)" 1135 depends on (X86 || UML_X86) && !64BIT 1136 select CRYPTO_BLKCIPHER 1137 help 1138 Salsa20 stream cipher algorithm. 1139 1140 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1141 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1142 1143 The Salsa20 stream cipher algorithm is designed by Daniel J. 1144 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1145 1146config CRYPTO_SALSA20_X86_64 1147 tristate "Salsa20 stream cipher algorithm (x86_64)" 1148 depends on (X86 || UML_X86) && 64BIT 1149 select CRYPTO_BLKCIPHER 1150 help 1151 Salsa20 stream cipher algorithm. 1152 1153 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1154 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1155 1156 The Salsa20 stream cipher algorithm is designed by Daniel J. 1157 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1158 1159config CRYPTO_SEED 1160 tristate "SEED cipher algorithm" 1161 select CRYPTO_ALGAPI 1162 help 1163 SEED cipher algorithm (RFC4269). 1164 1165 SEED is a 128-bit symmetric key block cipher that has been 1166 developed by KISA (Korea Information Security Agency) as a 1167 national standard encryption algorithm of the Republic of Korea. 1168 It is a 16 round block cipher with the key size of 128 bit. 1169 1170 See also: 1171 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 1172 1173config CRYPTO_SERPENT 1174 tristate "Serpent cipher algorithm" 1175 select CRYPTO_ALGAPI 1176 help 1177 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1178 1179 Keys are allowed to be from 0 to 256 bits in length, in steps 1180 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 1181 variant of Serpent for compatibility with old kerneli.org code. 1182 1183 See also: 1184 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1185 1186config CRYPTO_SERPENT_SSE2_X86_64 1187 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1188 depends on X86 && 64BIT 1189 select CRYPTO_ALGAPI 1190 select CRYPTO_CRYPTD 1191 select CRYPTO_ABLK_HELPER 1192 select CRYPTO_GLUE_HELPER_X86 1193 select CRYPTO_SERPENT 1194 select CRYPTO_LRW 1195 select CRYPTO_XTS 1196 help 1197 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1198 1199 Keys are allowed to be from 0 to 256 bits in length, in steps 1200 of 8 bits. 1201 1202 This module provides Serpent cipher algorithm that processes eigth 1203 blocks parallel using SSE2 instruction set. 1204 1205 See also: 1206 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1207 1208config CRYPTO_SERPENT_SSE2_586 1209 tristate "Serpent cipher algorithm (i586/SSE2)" 1210 depends on X86 && !64BIT 1211 select CRYPTO_ALGAPI 1212 select CRYPTO_CRYPTD 1213 select CRYPTO_ABLK_HELPER 1214 select CRYPTO_GLUE_HELPER_X86 1215 select CRYPTO_SERPENT 1216 select CRYPTO_LRW 1217 select CRYPTO_XTS 1218 help 1219 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1220 1221 Keys are allowed to be from 0 to 256 bits in length, in steps 1222 of 8 bits. 1223 1224 This module provides Serpent cipher algorithm that processes four 1225 blocks parallel using SSE2 instruction set. 1226 1227 See also: 1228 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1229 1230config CRYPTO_SERPENT_AVX_X86_64 1231 tristate "Serpent cipher algorithm (x86_64/AVX)" 1232 depends on X86 && 64BIT 1233 select CRYPTO_ALGAPI 1234 select CRYPTO_CRYPTD 1235 select CRYPTO_ABLK_HELPER 1236 select CRYPTO_GLUE_HELPER_X86 1237 select CRYPTO_SERPENT 1238 select CRYPTO_LRW 1239 select CRYPTO_XTS 1240 help 1241 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1242 1243 Keys are allowed to be from 0 to 256 bits in length, in steps 1244 of 8 bits. 1245 1246 This module provides the Serpent cipher algorithm that processes 1247 eight blocks parallel using the AVX instruction set. 1248 1249 See also: 1250 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1251 1252config CRYPTO_SERPENT_AVX2_X86_64 1253 tristate "Serpent cipher algorithm (x86_64/AVX2)" 1254 depends on X86 && 64BIT 1255 select CRYPTO_ALGAPI 1256 select CRYPTO_CRYPTD 1257 select CRYPTO_ABLK_HELPER 1258 select CRYPTO_GLUE_HELPER_X86 1259 select CRYPTO_SERPENT 1260 select CRYPTO_SERPENT_AVX_X86_64 1261 select CRYPTO_LRW 1262 select CRYPTO_XTS 1263 help 1264 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1265 1266 Keys are allowed to be from 0 to 256 bits in length, in steps 1267 of 8 bits. 1268 1269 This module provides Serpent cipher algorithm that processes 16 1270 blocks parallel using AVX2 instruction set. 1271 1272 See also: 1273 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1274 1275config CRYPTO_TEA 1276 tristate "TEA, XTEA and XETA cipher algorithms" 1277 select CRYPTO_ALGAPI 1278 help 1279 TEA cipher algorithm. 1280 1281 Tiny Encryption Algorithm is a simple cipher that uses 1282 many rounds for security. It is very fast and uses 1283 little memory. 1284 1285 Xtendend Tiny Encryption Algorithm is a modification to 1286 the TEA algorithm to address a potential key weakness 1287 in the TEA algorithm. 1288 1289 Xtendend Encryption Tiny Algorithm is a mis-implementation 1290 of the XTEA algorithm for compatibility purposes. 1291 1292config CRYPTO_TWOFISH 1293 tristate "Twofish cipher algorithm" 1294 select CRYPTO_ALGAPI 1295 select CRYPTO_TWOFISH_COMMON 1296 help 1297 Twofish cipher algorithm. 1298 1299 Twofish was submitted as an AES (Advanced Encryption Standard) 1300 candidate cipher by researchers at CounterPane Systems. It is a 1301 16 round block cipher supporting key sizes of 128, 192, and 256 1302 bits. 1303 1304 See also: 1305 <http://www.schneier.com/twofish.html> 1306 1307config CRYPTO_TWOFISH_COMMON 1308 tristate 1309 help 1310 Common parts of the Twofish cipher algorithm shared by the 1311 generic c and the assembler implementations. 1312 1313config CRYPTO_TWOFISH_586 1314 tristate "Twofish cipher algorithms (i586)" 1315 depends on (X86 || UML_X86) && !64BIT 1316 select CRYPTO_ALGAPI 1317 select CRYPTO_TWOFISH_COMMON 1318 help 1319 Twofish cipher algorithm. 1320 1321 Twofish was submitted as an AES (Advanced Encryption Standard) 1322 candidate cipher by researchers at CounterPane Systems. It is a 1323 16 round block cipher supporting key sizes of 128, 192, and 256 1324 bits. 1325 1326 See also: 1327 <http://www.schneier.com/twofish.html> 1328 1329config CRYPTO_TWOFISH_X86_64 1330 tristate "Twofish cipher algorithm (x86_64)" 1331 depends on (X86 || UML_X86) && 64BIT 1332 select CRYPTO_ALGAPI 1333 select CRYPTO_TWOFISH_COMMON 1334 help 1335 Twofish cipher algorithm (x86_64). 1336 1337 Twofish was submitted as an AES (Advanced Encryption Standard) 1338 candidate cipher by researchers at CounterPane Systems. It is a 1339 16 round block cipher supporting key sizes of 128, 192, and 256 1340 bits. 1341 1342 See also: 1343 <http://www.schneier.com/twofish.html> 1344 1345config CRYPTO_TWOFISH_X86_64_3WAY 1346 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1347 depends on X86 && 64BIT 1348 select CRYPTO_ALGAPI 1349 select CRYPTO_TWOFISH_COMMON 1350 select CRYPTO_TWOFISH_X86_64 1351 select CRYPTO_GLUE_HELPER_X86 1352 select CRYPTO_LRW 1353 select CRYPTO_XTS 1354 help 1355 Twofish cipher algorithm (x86_64, 3-way parallel). 1356 1357 Twofish was submitted as an AES (Advanced Encryption Standard) 1358 candidate cipher by researchers at CounterPane Systems. It is a 1359 16 round block cipher supporting key sizes of 128, 192, and 256 1360 bits. 1361 1362 This module provides Twofish cipher algorithm that processes three 1363 blocks parallel, utilizing resources of out-of-order CPUs better. 1364 1365 See also: 1366 <http://www.schneier.com/twofish.html> 1367 1368config CRYPTO_TWOFISH_AVX_X86_64 1369 tristate "Twofish cipher algorithm (x86_64/AVX)" 1370 depends on X86 && 64BIT 1371 select CRYPTO_ALGAPI 1372 select CRYPTO_CRYPTD 1373 select CRYPTO_ABLK_HELPER 1374 select CRYPTO_GLUE_HELPER_X86 1375 select CRYPTO_TWOFISH_COMMON 1376 select CRYPTO_TWOFISH_X86_64 1377 select CRYPTO_TWOFISH_X86_64_3WAY 1378 select CRYPTO_LRW 1379 select CRYPTO_XTS 1380 help 1381 Twofish cipher algorithm (x86_64/AVX). 1382 1383 Twofish was submitted as an AES (Advanced Encryption Standard) 1384 candidate cipher by researchers at CounterPane Systems. It is a 1385 16 round block cipher supporting key sizes of 128, 192, and 256 1386 bits. 1387 1388 This module provides the Twofish cipher algorithm that processes 1389 eight blocks parallel using the AVX Instruction Set. 1390 1391 See also: 1392 <http://www.schneier.com/twofish.html> 1393 1394comment "Compression" 1395 1396config CRYPTO_DEFLATE 1397 tristate "Deflate compression algorithm" 1398 select CRYPTO_ALGAPI 1399 select ZLIB_INFLATE 1400 select ZLIB_DEFLATE 1401 help 1402 This is the Deflate algorithm (RFC1951), specified for use in 1403 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1404 1405 You will most probably want this if using IPSec. 1406 1407config CRYPTO_ZLIB 1408 tristate "Zlib compression algorithm" 1409 select CRYPTO_PCOMP 1410 select ZLIB_INFLATE 1411 select ZLIB_DEFLATE 1412 select NLATTR 1413 help 1414 This is the zlib algorithm. 1415 1416config CRYPTO_LZO 1417 tristate "LZO compression algorithm" 1418 select CRYPTO_ALGAPI 1419 select LZO_COMPRESS 1420 select LZO_DECOMPRESS 1421 help 1422 This is the LZO algorithm. 1423 1424config CRYPTO_842 1425 tristate "842 compression algorithm" 1426 depends on CRYPTO_DEV_NX_COMPRESS 1427 # 842 uses lzo if the hardware becomes unavailable 1428 select LZO_COMPRESS 1429 select LZO_DECOMPRESS 1430 help 1431 This is the 842 algorithm. 1432 1433config CRYPTO_LZ4 1434 tristate "LZ4 compression algorithm" 1435 select CRYPTO_ALGAPI 1436 select LZ4_COMPRESS 1437 select LZ4_DECOMPRESS 1438 help 1439 This is the LZ4 algorithm. 1440 1441config CRYPTO_LZ4HC 1442 tristate "LZ4HC compression algorithm" 1443 select CRYPTO_ALGAPI 1444 select LZ4HC_COMPRESS 1445 select LZ4_DECOMPRESS 1446 help 1447 This is the LZ4 high compression mode algorithm. 1448 1449comment "Random Number Generation" 1450 1451config CRYPTO_ANSI_CPRNG 1452 tristate "Pseudo Random Number Generation for Cryptographic modules" 1453 default m 1454 select CRYPTO_AES 1455 select CRYPTO_RNG 1456 help 1457 This option enables the generic pseudo random number generator 1458 for cryptographic modules. Uses the Algorithm specified in 1459 ANSI X9.31 A.2.4. Note that this option must be enabled if 1460 CRYPTO_FIPS is selected 1461 1462menuconfig CRYPTO_DRBG_MENU 1463 tristate "NIST SP800-90A DRBG" 1464 help 1465 NIST SP800-90A compliant DRBG. In the following submenu, one or 1466 more of the DRBG types must be selected. 1467 1468if CRYPTO_DRBG_MENU 1469 1470config CRYPTO_DRBG_HMAC 1471 bool "Enable HMAC DRBG" 1472 default y 1473 select CRYPTO_HMAC 1474 help 1475 Enable the HMAC DRBG variant as defined in NIST SP800-90A. 1476 1477config CRYPTO_DRBG_HASH 1478 bool "Enable Hash DRBG" 1479 select CRYPTO_HASH 1480 help 1481 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1482 1483config CRYPTO_DRBG_CTR 1484 bool "Enable CTR DRBG" 1485 select CRYPTO_AES 1486 help 1487 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1488 1489config CRYPTO_DRBG 1490 tristate 1491 default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR) 1492 select CRYPTO_RNG 1493 1494endif # if CRYPTO_DRBG_MENU 1495 1496config CRYPTO_USER_API 1497 tristate 1498 1499config CRYPTO_USER_API_HASH 1500 tristate "User-space interface for hash algorithms" 1501 depends on NET 1502 select CRYPTO_HASH 1503 select CRYPTO_USER_API 1504 help 1505 This option enables the user-spaces interface for hash 1506 algorithms. 1507 1508config CRYPTO_USER_API_SKCIPHER 1509 tristate "User-space interface for symmetric key cipher algorithms" 1510 depends on NET 1511 select CRYPTO_BLKCIPHER 1512 select CRYPTO_USER_API 1513 help 1514 This option enables the user-spaces interface for symmetric 1515 key cipher algorithms. 1516 1517config CRYPTO_USER_API_RNG 1518 tristate "User-space interface for random number generator algorithms" 1519 depends on NET 1520 select CRYPTO_RNG 1521 select CRYPTO_USER_API 1522 help 1523 This option enables the user-spaces interface for random 1524 number generator algorithms. 1525 1526config CRYPTO_HASH_INFO 1527 bool 1528 1529source "drivers/crypto/Kconfig" 1530source crypto/asymmetric_keys/Kconfig 1531 1532endif # if CRYPTO 1533