xref: /openbmc/linux/crypto/Kconfig (revision 63dc02bd)
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
27	help
28	  This options enables the fips boot option which is
29	  required if you want to system to operate in a FIPS 200
30	  certification.  You should say no unless you know what
31	  this is.
32
33config CRYPTO_ALGAPI
34	tristate
35	select CRYPTO_ALGAPI2
36	help
37	  This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40	tristate
41
42config CRYPTO_AEAD
43	tristate
44	select CRYPTO_AEAD2
45	select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48	tristate
49	select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52	tristate
53	select CRYPTO_BLKCIPHER2
54	select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57	tristate
58	select CRYPTO_ALGAPI2
59	select CRYPTO_RNG2
60	select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63	tristate
64	select CRYPTO_HASH2
65	select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68	tristate
69	select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72	tristate
73	select CRYPTO_RNG2
74	select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77	tristate
78	select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81	tristate
82	select CRYPTO_PCOMP2
83	select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86	tristate
87	select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90	tristate "Cryptographic algorithm manager"
91	select CRYPTO_MANAGER2
92	help
93	  Create default cryptographic template instantiations such as
94	  cbc(aes).
95
96config CRYPTO_MANAGER2
97	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98	select CRYPTO_AEAD2
99	select CRYPTO_HASH2
100	select CRYPTO_BLKCIPHER2
101	select CRYPTO_PCOMP2
102
103config CRYPTO_USER
104	tristate "Userspace cryptographic algorithm configuration"
105	depends on NET
106	select CRYPTO_MANAGER
107	help
108	  Userspace configuration for cryptographic instantiations such as
109	  cbc(aes).
110
111config CRYPTO_MANAGER_DISABLE_TESTS
112	bool "Disable run-time self tests"
113	default y
114	depends on CRYPTO_MANAGER2
115	help
116	  Disable run-time self tests that normally take place at
117	  algorithm registration.
118
119config CRYPTO_GF128MUL
120	tristate "GF(2^128) multiplication functions"
121	help
122	  Efficient table driven implementation of multiplications in the
123	  field GF(2^128).  This is needed by some cypher modes. This
124	  option will be selected automatically if you select such a
125	  cipher mode.  Only select this option by hand if you expect to load
126	  an external module that requires these functions.
127
128config CRYPTO_NULL
129	tristate "Null algorithms"
130	select CRYPTO_ALGAPI
131	select CRYPTO_BLKCIPHER
132	select CRYPTO_HASH
133	help
134	  These are 'Null' algorithms, used by IPsec, which do nothing.
135
136config CRYPTO_PCRYPT
137	tristate "Parallel crypto engine (EXPERIMENTAL)"
138	depends on SMP && EXPERIMENTAL
139	select PADATA
140	select CRYPTO_MANAGER
141	select CRYPTO_AEAD
142	help
143	  This converts an arbitrary crypto algorithm into a parallel
144	  algorithm that executes in kernel threads.
145
146config CRYPTO_WORKQUEUE
147       tristate
148
149config CRYPTO_CRYPTD
150	tristate "Software async crypto daemon"
151	select CRYPTO_BLKCIPHER
152	select CRYPTO_HASH
153	select CRYPTO_MANAGER
154	select CRYPTO_WORKQUEUE
155	help
156	  This is a generic software asynchronous crypto daemon that
157	  converts an arbitrary synchronous software crypto algorithm
158	  into an asynchronous algorithm that executes in a kernel thread.
159
160config CRYPTO_AUTHENC
161	tristate "Authenc support"
162	select CRYPTO_AEAD
163	select CRYPTO_BLKCIPHER
164	select CRYPTO_MANAGER
165	select CRYPTO_HASH
166	help
167	  Authenc: Combined mode wrapper for IPsec.
168	  This is required for IPSec.
169
170config CRYPTO_TEST
171	tristate "Testing module"
172	depends on m
173	select CRYPTO_MANAGER
174	help
175	  Quick & dirty crypto test module.
176
177comment "Authenticated Encryption with Associated Data"
178
179config CRYPTO_CCM
180	tristate "CCM support"
181	select CRYPTO_CTR
182	select CRYPTO_AEAD
183	help
184	  Support for Counter with CBC MAC. Required for IPsec.
185
186config CRYPTO_GCM
187	tristate "GCM/GMAC support"
188	select CRYPTO_CTR
189	select CRYPTO_AEAD
190	select CRYPTO_GHASH
191	help
192	  Support for Galois/Counter Mode (GCM) and Galois Message
193	  Authentication Code (GMAC). Required for IPSec.
194
195config CRYPTO_SEQIV
196	tristate "Sequence Number IV Generator"
197	select CRYPTO_AEAD
198	select CRYPTO_BLKCIPHER
199	select CRYPTO_RNG
200	help
201	  This IV generator generates an IV based on a sequence number by
202	  xoring it with a salt.  This algorithm is mainly useful for CTR
203
204comment "Block modes"
205
206config CRYPTO_CBC
207	tristate "CBC support"
208	select CRYPTO_BLKCIPHER
209	select CRYPTO_MANAGER
210	help
211	  CBC: Cipher Block Chaining mode
212	  This block cipher algorithm is required for IPSec.
213
214config CRYPTO_CTR
215	tristate "CTR support"
216	select CRYPTO_BLKCIPHER
217	select CRYPTO_SEQIV
218	select CRYPTO_MANAGER
219	help
220	  CTR: Counter mode
221	  This block cipher algorithm is required for IPSec.
222
223config CRYPTO_CTS
224	tristate "CTS support"
225	select CRYPTO_BLKCIPHER
226	help
227	  CTS: Cipher Text Stealing
228	  This is the Cipher Text Stealing mode as described by
229	  Section 8 of rfc2040 and referenced by rfc3962.
230	  (rfc3962 includes errata information in its Appendix A)
231	  This mode is required for Kerberos gss mechanism support
232	  for AES encryption.
233
234config CRYPTO_ECB
235	tristate "ECB support"
236	select CRYPTO_BLKCIPHER
237	select CRYPTO_MANAGER
238	help
239	  ECB: Electronic CodeBook mode
240	  This is the simplest block cipher algorithm.  It simply encrypts
241	  the input block by block.
242
243config CRYPTO_LRW
244	tristate "LRW support"
245	select CRYPTO_BLKCIPHER
246	select CRYPTO_MANAGER
247	select CRYPTO_GF128MUL
248	help
249	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
250	  narrow block cipher mode for dm-crypt.  Use it with cipher
251	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
252	  The first 128, 192 or 256 bits in the key are used for AES and the
253	  rest is used to tie each cipher block to its logical position.
254
255config CRYPTO_PCBC
256	tristate "PCBC support"
257	select CRYPTO_BLKCIPHER
258	select CRYPTO_MANAGER
259	help
260	  PCBC: Propagating Cipher Block Chaining mode
261	  This block cipher algorithm is required for RxRPC.
262
263config CRYPTO_XTS
264	tristate "XTS support"
265	select CRYPTO_BLKCIPHER
266	select CRYPTO_MANAGER
267	select CRYPTO_GF128MUL
268	help
269	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
270	  key size 256, 384 or 512 bits. This implementation currently
271	  can't handle a sectorsize which is not a multiple of 16 bytes.
272
273comment "Hash modes"
274
275config CRYPTO_HMAC
276	tristate "HMAC support"
277	select CRYPTO_HASH
278	select CRYPTO_MANAGER
279	help
280	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
281	  This is required for IPSec.
282
283config CRYPTO_XCBC
284	tristate "XCBC support"
285	depends on EXPERIMENTAL
286	select CRYPTO_HASH
287	select CRYPTO_MANAGER
288	help
289	  XCBC: Keyed-Hashing with encryption algorithm
290		http://www.ietf.org/rfc/rfc3566.txt
291		http://csrc.nist.gov/encryption/modes/proposedmodes/
292		 xcbc-mac/xcbc-mac-spec.pdf
293
294config CRYPTO_VMAC
295	tristate "VMAC support"
296	depends on EXPERIMENTAL
297	select CRYPTO_HASH
298	select CRYPTO_MANAGER
299	help
300	  VMAC is a message authentication algorithm designed for
301	  very high speed on 64-bit architectures.
302
303	  See also:
304	  <http://fastcrypto.org/vmac>
305
306comment "Digest"
307
308config CRYPTO_CRC32C
309	tristate "CRC32c CRC algorithm"
310	select CRYPTO_HASH
311	select CRC32
312	help
313	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
314	  by iSCSI for header and data digests and by others.
315	  See Castagnoli93.  Module will be crc32c.
316
317config CRYPTO_CRC32C_INTEL
318	tristate "CRC32c INTEL hardware acceleration"
319	depends on X86
320	select CRYPTO_HASH
321	help
322	  In Intel processor with SSE4.2 supported, the processor will
323	  support CRC32C implementation using hardware accelerated CRC32
324	  instruction. This option will create 'crc32c-intel' module,
325	  which will enable any routine to use the CRC32 instruction to
326	  gain performance compared with software implementation.
327	  Module will be crc32c-intel.
328
329config CRYPTO_GHASH
330	tristate "GHASH digest algorithm"
331	select CRYPTO_GF128MUL
332	help
333	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
334
335config CRYPTO_MD4
336	tristate "MD4 digest algorithm"
337	select CRYPTO_HASH
338	help
339	  MD4 message digest algorithm (RFC1320).
340
341config CRYPTO_MD5
342	tristate "MD5 digest algorithm"
343	select CRYPTO_HASH
344	help
345	  MD5 message digest algorithm (RFC1321).
346
347config CRYPTO_MICHAEL_MIC
348	tristate "Michael MIC keyed digest algorithm"
349	select CRYPTO_HASH
350	help
351	  Michael MIC is used for message integrity protection in TKIP
352	  (IEEE 802.11i). This algorithm is required for TKIP, but it
353	  should not be used for other purposes because of the weakness
354	  of the algorithm.
355
356config CRYPTO_RMD128
357	tristate "RIPEMD-128 digest algorithm"
358	select CRYPTO_HASH
359	help
360	  RIPEMD-128 (ISO/IEC 10118-3:2004).
361
362	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
363	  be used as a secure replacement for RIPEMD. For other use cases,
364	  RIPEMD-160 should be used.
365
366	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
367	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
368
369config CRYPTO_RMD160
370	tristate "RIPEMD-160 digest algorithm"
371	select CRYPTO_HASH
372	help
373	  RIPEMD-160 (ISO/IEC 10118-3:2004).
374
375	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
376	  to be used as a secure replacement for the 128-bit hash functions
377	  MD4, MD5 and it's predecessor RIPEMD
378	  (not to be confused with RIPEMD-128).
379
380	  It's speed is comparable to SHA1 and there are no known attacks
381	  against RIPEMD-160.
382
383	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
384	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
385
386config CRYPTO_RMD256
387	tristate "RIPEMD-256 digest algorithm"
388	select CRYPTO_HASH
389	help
390	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
391	  256 bit hash. It is intended for applications that require
392	  longer hash-results, without needing a larger security level
393	  (than RIPEMD-128).
394
395	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
396	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
397
398config CRYPTO_RMD320
399	tristate "RIPEMD-320 digest algorithm"
400	select CRYPTO_HASH
401	help
402	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
403	  320 bit hash. It is intended for applications that require
404	  longer hash-results, without needing a larger security level
405	  (than RIPEMD-160).
406
407	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
408	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
409
410config CRYPTO_SHA1
411	tristate "SHA1 digest algorithm"
412	select CRYPTO_HASH
413	help
414	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
415
416config CRYPTO_SHA1_SSSE3
417	tristate "SHA1 digest algorithm (SSSE3/AVX)"
418	depends on X86 && 64BIT
419	select CRYPTO_SHA1
420	select CRYPTO_HASH
421	help
422	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
423	  using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
424	  Extensions (AVX), when available.
425
426config CRYPTO_SHA256
427	tristate "SHA224 and SHA256 digest algorithm"
428	select CRYPTO_HASH
429	help
430	  SHA256 secure hash standard (DFIPS 180-2).
431
432	  This version of SHA implements a 256 bit hash with 128 bits of
433	  security against collision attacks.
434
435	  This code also includes SHA-224, a 224 bit hash with 112 bits
436	  of security against collision attacks.
437
438config CRYPTO_SHA512
439	tristate "SHA384 and SHA512 digest algorithms"
440	select CRYPTO_HASH
441	help
442	  SHA512 secure hash standard (DFIPS 180-2).
443
444	  This version of SHA implements a 512 bit hash with 256 bits of
445	  security against collision attacks.
446
447	  This code also includes SHA-384, a 384 bit hash with 192 bits
448	  of security against collision attacks.
449
450config CRYPTO_TGR192
451	tristate "Tiger digest algorithms"
452	select CRYPTO_HASH
453	help
454	  Tiger hash algorithm 192, 160 and 128-bit hashes
455
456	  Tiger is a hash function optimized for 64-bit processors while
457	  still having decent performance on 32-bit processors.
458	  Tiger was developed by Ross Anderson and Eli Biham.
459
460	  See also:
461	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
462
463config CRYPTO_WP512
464	tristate "Whirlpool digest algorithms"
465	select CRYPTO_HASH
466	help
467	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
468
469	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
470	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
471
472	  See also:
473	  <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
474
475config CRYPTO_GHASH_CLMUL_NI_INTEL
476	tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
477	depends on X86 && 64BIT
478	select CRYPTO_CRYPTD
479	help
480	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
481	  The implementation is accelerated by CLMUL-NI of Intel.
482
483comment "Ciphers"
484
485config CRYPTO_AES
486	tristate "AES cipher algorithms"
487	select CRYPTO_ALGAPI
488	help
489	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
490	  algorithm.
491
492	  Rijndael appears to be consistently a very good performer in
493	  both hardware and software across a wide range of computing
494	  environments regardless of its use in feedback or non-feedback
495	  modes. Its key setup time is excellent, and its key agility is
496	  good. Rijndael's very low memory requirements make it very well
497	  suited for restricted-space environments, in which it also
498	  demonstrates excellent performance. Rijndael's operations are
499	  among the easiest to defend against power and timing attacks.
500
501	  The AES specifies three key sizes: 128, 192 and 256 bits
502
503	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
504
505config CRYPTO_AES_586
506	tristate "AES cipher algorithms (i586)"
507	depends on (X86 || UML_X86) && !64BIT
508	select CRYPTO_ALGAPI
509	select CRYPTO_AES
510	help
511	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
512	  algorithm.
513
514	  Rijndael appears to be consistently a very good performer in
515	  both hardware and software across a wide range of computing
516	  environments regardless of its use in feedback or non-feedback
517	  modes. Its key setup time is excellent, and its key agility is
518	  good. Rijndael's very low memory requirements make it very well
519	  suited for restricted-space environments, in which it also
520	  demonstrates excellent performance. Rijndael's operations are
521	  among the easiest to defend against power and timing attacks.
522
523	  The AES specifies three key sizes: 128, 192 and 256 bits
524
525	  See <http://csrc.nist.gov/encryption/aes/> for more information.
526
527config CRYPTO_AES_X86_64
528	tristate "AES cipher algorithms (x86_64)"
529	depends on (X86 || UML_X86) && 64BIT
530	select CRYPTO_ALGAPI
531	select CRYPTO_AES
532	help
533	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
534	  algorithm.
535
536	  Rijndael appears to be consistently a very good performer in
537	  both hardware and software across a wide range of computing
538	  environments regardless of its use in feedback or non-feedback
539	  modes. Its key setup time is excellent, and its key agility is
540	  good. Rijndael's very low memory requirements make it very well
541	  suited for restricted-space environments, in which it also
542	  demonstrates excellent performance. Rijndael's operations are
543	  among the easiest to defend against power and timing attacks.
544
545	  The AES specifies three key sizes: 128, 192 and 256 bits
546
547	  See <http://csrc.nist.gov/encryption/aes/> for more information.
548
549config CRYPTO_AES_NI_INTEL
550	tristate "AES cipher algorithms (AES-NI)"
551	depends on X86
552	select CRYPTO_AES_X86_64 if 64BIT
553	select CRYPTO_AES_586 if !64BIT
554	select CRYPTO_CRYPTD
555	select CRYPTO_ALGAPI
556	help
557	  Use Intel AES-NI instructions for AES algorithm.
558
559	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
560	  algorithm.
561
562	  Rijndael appears to be consistently a very good performer in
563	  both hardware and software across a wide range of computing
564	  environments regardless of its use in feedback or non-feedback
565	  modes. Its key setup time is excellent, and its key agility is
566	  good. Rijndael's very low memory requirements make it very well
567	  suited for restricted-space environments, in which it also
568	  demonstrates excellent performance. Rijndael's operations are
569	  among the easiest to defend against power and timing attacks.
570
571	  The AES specifies three key sizes: 128, 192 and 256 bits
572
573	  See <http://csrc.nist.gov/encryption/aes/> for more information.
574
575	  In addition to AES cipher algorithm support, the acceleration
576	  for some popular block cipher mode is supported too, including
577	  ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
578	  acceleration for CTR.
579
580config CRYPTO_ANUBIS
581	tristate "Anubis cipher algorithm"
582	select CRYPTO_ALGAPI
583	help
584	  Anubis cipher algorithm.
585
586	  Anubis is a variable key length cipher which can use keys from
587	  128 bits to 320 bits in length.  It was evaluated as a entrant
588	  in the NESSIE competition.
589
590	  See also:
591	  <https://www.cosic.esat.kuleuven.be/nessie/reports/>
592	  <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
593
594config CRYPTO_ARC4
595	tristate "ARC4 cipher algorithm"
596	select CRYPTO_ALGAPI
597	help
598	  ARC4 cipher algorithm.
599
600	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
601	  bits in length.  This algorithm is required for driver-based
602	  WEP, but it should not be for other purposes because of the
603	  weakness of the algorithm.
604
605config CRYPTO_BLOWFISH
606	tristate "Blowfish cipher algorithm"
607	select CRYPTO_ALGAPI
608	select CRYPTO_BLOWFISH_COMMON
609	help
610	  Blowfish cipher algorithm, by Bruce Schneier.
611
612	  This is a variable key length cipher which can use keys from 32
613	  bits to 448 bits in length.  It's fast, simple and specifically
614	  designed for use on "large microprocessors".
615
616	  See also:
617	  <http://www.schneier.com/blowfish.html>
618
619config CRYPTO_BLOWFISH_COMMON
620	tristate
621	help
622	  Common parts of the Blowfish cipher algorithm shared by the
623	  generic c and the assembler implementations.
624
625	  See also:
626	  <http://www.schneier.com/blowfish.html>
627
628config CRYPTO_BLOWFISH_X86_64
629	tristate "Blowfish cipher algorithm (x86_64)"
630	depends on X86 && 64BIT
631	select CRYPTO_ALGAPI
632	select CRYPTO_BLOWFISH_COMMON
633	help
634	  Blowfish cipher algorithm (x86_64), by Bruce Schneier.
635
636	  This is a variable key length cipher which can use keys from 32
637	  bits to 448 bits in length.  It's fast, simple and specifically
638	  designed for use on "large microprocessors".
639
640	  See also:
641	  <http://www.schneier.com/blowfish.html>
642
643config CRYPTO_CAMELLIA
644	tristate "Camellia cipher algorithms"
645	depends on CRYPTO
646	select CRYPTO_ALGAPI
647	help
648	  Camellia cipher algorithms module.
649
650	  Camellia is a symmetric key block cipher developed jointly
651	  at NTT and Mitsubishi Electric Corporation.
652
653	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
654
655	  See also:
656	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
657
658config CRYPTO_CAMELLIA_X86_64
659	tristate "Camellia cipher algorithm (x86_64)"
660	depends on X86 && 64BIT
661	depends on CRYPTO
662	select CRYPTO_ALGAPI
663	select CRYPTO_LRW
664	select CRYPTO_XTS
665	help
666	  Camellia cipher algorithm module (x86_64).
667
668	  Camellia is a symmetric key block cipher developed jointly
669	  at NTT and Mitsubishi Electric Corporation.
670
671	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
672
673	  See also:
674	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
675
676config CRYPTO_CAST5
677	tristate "CAST5 (CAST-128) cipher algorithm"
678	select CRYPTO_ALGAPI
679	help
680	  The CAST5 encryption algorithm (synonymous with CAST-128) is
681	  described in RFC2144.
682
683config CRYPTO_CAST6
684	tristate "CAST6 (CAST-256) cipher algorithm"
685	select CRYPTO_ALGAPI
686	help
687	  The CAST6 encryption algorithm (synonymous with CAST-256) is
688	  described in RFC2612.
689
690config CRYPTO_DES
691	tristate "DES and Triple DES EDE cipher algorithms"
692	select CRYPTO_ALGAPI
693	help
694	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
695
696config CRYPTO_FCRYPT
697	tristate "FCrypt cipher algorithm"
698	select CRYPTO_ALGAPI
699	select CRYPTO_BLKCIPHER
700	help
701	  FCrypt algorithm used by RxRPC.
702
703config CRYPTO_KHAZAD
704	tristate "Khazad cipher algorithm"
705	select CRYPTO_ALGAPI
706	help
707	  Khazad cipher algorithm.
708
709	  Khazad was a finalist in the initial NESSIE competition.  It is
710	  an algorithm optimized for 64-bit processors with good performance
711	  on 32-bit processors.  Khazad uses an 128 bit key size.
712
713	  See also:
714	  <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
715
716config CRYPTO_SALSA20
717	tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
718	depends on EXPERIMENTAL
719	select CRYPTO_BLKCIPHER
720	help
721	  Salsa20 stream cipher algorithm.
722
723	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
724	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
725
726	  The Salsa20 stream cipher algorithm is designed by Daniel J.
727	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
728
729config CRYPTO_SALSA20_586
730	tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
731	depends on (X86 || UML_X86) && !64BIT
732	depends on EXPERIMENTAL
733	select CRYPTO_BLKCIPHER
734	help
735	  Salsa20 stream cipher algorithm.
736
737	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
738	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
739
740	  The Salsa20 stream cipher algorithm is designed by Daniel J.
741	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
742
743config CRYPTO_SALSA20_X86_64
744	tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
745	depends on (X86 || UML_X86) && 64BIT
746	depends on EXPERIMENTAL
747	select CRYPTO_BLKCIPHER
748	help
749	  Salsa20 stream cipher algorithm.
750
751	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
752	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
753
754	  The Salsa20 stream cipher algorithm is designed by Daniel J.
755	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
756
757config CRYPTO_SEED
758	tristate "SEED cipher algorithm"
759	select CRYPTO_ALGAPI
760	help
761	  SEED cipher algorithm (RFC4269).
762
763	  SEED is a 128-bit symmetric key block cipher that has been
764	  developed by KISA (Korea Information Security Agency) as a
765	  national standard encryption algorithm of the Republic of Korea.
766	  It is a 16 round block cipher with the key size of 128 bit.
767
768	  See also:
769	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
770
771config CRYPTO_SERPENT
772	tristate "Serpent cipher algorithm"
773	select CRYPTO_ALGAPI
774	help
775	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
776
777	  Keys are allowed to be from 0 to 256 bits in length, in steps
778	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
779	  variant of Serpent for compatibility with old kerneli.org code.
780
781	  See also:
782	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
783
784config CRYPTO_SERPENT_SSE2_X86_64
785	tristate "Serpent cipher algorithm (x86_64/SSE2)"
786	depends on X86 && 64BIT
787	select CRYPTO_ALGAPI
788	select CRYPTO_CRYPTD
789	select CRYPTO_SERPENT
790	select CRYPTO_LRW
791	select CRYPTO_XTS
792	help
793	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
794
795	  Keys are allowed to be from 0 to 256 bits in length, in steps
796	  of 8 bits.
797
798	  This module provides Serpent cipher algorithm that processes eigth
799	  blocks parallel using SSE2 instruction set.
800
801	  See also:
802	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
803
804config CRYPTO_SERPENT_SSE2_586
805	tristate "Serpent cipher algorithm (i586/SSE2)"
806	depends on X86 && !64BIT
807	select CRYPTO_ALGAPI
808	select CRYPTO_CRYPTD
809	select CRYPTO_SERPENT
810	select CRYPTO_LRW
811	select CRYPTO_XTS
812	help
813	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
814
815	  Keys are allowed to be from 0 to 256 bits in length, in steps
816	  of 8 bits.
817
818	  This module provides Serpent cipher algorithm that processes four
819	  blocks parallel using SSE2 instruction set.
820
821	  See also:
822	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
823
824config CRYPTO_TEA
825	tristate "TEA, XTEA and XETA cipher algorithms"
826	select CRYPTO_ALGAPI
827	help
828	  TEA cipher algorithm.
829
830	  Tiny Encryption Algorithm is a simple cipher that uses
831	  many rounds for security.  It is very fast and uses
832	  little memory.
833
834	  Xtendend Tiny Encryption Algorithm is a modification to
835	  the TEA algorithm to address a potential key weakness
836	  in the TEA algorithm.
837
838	  Xtendend Encryption Tiny Algorithm is a mis-implementation
839	  of the XTEA algorithm for compatibility purposes.
840
841config CRYPTO_TWOFISH
842	tristate "Twofish cipher algorithm"
843	select CRYPTO_ALGAPI
844	select CRYPTO_TWOFISH_COMMON
845	help
846	  Twofish cipher algorithm.
847
848	  Twofish was submitted as an AES (Advanced Encryption Standard)
849	  candidate cipher by researchers at CounterPane Systems.  It is a
850	  16 round block cipher supporting key sizes of 128, 192, and 256
851	  bits.
852
853	  See also:
854	  <http://www.schneier.com/twofish.html>
855
856config CRYPTO_TWOFISH_COMMON
857	tristate
858	help
859	  Common parts of the Twofish cipher algorithm shared by the
860	  generic c and the assembler implementations.
861
862config CRYPTO_TWOFISH_586
863	tristate "Twofish cipher algorithms (i586)"
864	depends on (X86 || UML_X86) && !64BIT
865	select CRYPTO_ALGAPI
866	select CRYPTO_TWOFISH_COMMON
867	help
868	  Twofish cipher algorithm.
869
870	  Twofish was submitted as an AES (Advanced Encryption Standard)
871	  candidate cipher by researchers at CounterPane Systems.  It is a
872	  16 round block cipher supporting key sizes of 128, 192, and 256
873	  bits.
874
875	  See also:
876	  <http://www.schneier.com/twofish.html>
877
878config CRYPTO_TWOFISH_X86_64
879	tristate "Twofish cipher algorithm (x86_64)"
880	depends on (X86 || UML_X86) && 64BIT
881	select CRYPTO_ALGAPI
882	select CRYPTO_TWOFISH_COMMON
883	help
884	  Twofish cipher algorithm (x86_64).
885
886	  Twofish was submitted as an AES (Advanced Encryption Standard)
887	  candidate cipher by researchers at CounterPane Systems.  It is a
888	  16 round block cipher supporting key sizes of 128, 192, and 256
889	  bits.
890
891	  See also:
892	  <http://www.schneier.com/twofish.html>
893
894config CRYPTO_TWOFISH_X86_64_3WAY
895	tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
896	depends on X86 && 64BIT
897	select CRYPTO_ALGAPI
898	select CRYPTO_TWOFISH_COMMON
899	select CRYPTO_TWOFISH_X86_64
900	select CRYPTO_LRW
901	select CRYPTO_XTS
902	help
903	  Twofish cipher algorithm (x86_64, 3-way parallel).
904
905	  Twofish was submitted as an AES (Advanced Encryption Standard)
906	  candidate cipher by researchers at CounterPane Systems.  It is a
907	  16 round block cipher supporting key sizes of 128, 192, and 256
908	  bits.
909
910	  This module provides Twofish cipher algorithm that processes three
911	  blocks parallel, utilizing resources of out-of-order CPUs better.
912
913	  See also:
914	  <http://www.schneier.com/twofish.html>
915
916comment "Compression"
917
918config CRYPTO_DEFLATE
919	tristate "Deflate compression algorithm"
920	select CRYPTO_ALGAPI
921	select ZLIB_INFLATE
922	select ZLIB_DEFLATE
923	help
924	  This is the Deflate algorithm (RFC1951), specified for use in
925	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
926
927	  You will most probably want this if using IPSec.
928
929config CRYPTO_ZLIB
930	tristate "Zlib compression algorithm"
931	select CRYPTO_PCOMP
932	select ZLIB_INFLATE
933	select ZLIB_DEFLATE
934	select NLATTR
935	help
936	  This is the zlib algorithm.
937
938config CRYPTO_LZO
939	tristate "LZO compression algorithm"
940	select CRYPTO_ALGAPI
941	select LZO_COMPRESS
942	select LZO_DECOMPRESS
943	help
944	  This is the LZO algorithm.
945
946comment "Random Number Generation"
947
948config CRYPTO_ANSI_CPRNG
949	tristate "Pseudo Random Number Generation for Cryptographic modules"
950	default m
951	select CRYPTO_AES
952	select CRYPTO_RNG
953	help
954	  This option enables the generic pseudo random number generator
955	  for cryptographic modules.  Uses the Algorithm specified in
956	  ANSI X9.31 A.2.4. Note that this option must be enabled if
957	  CRYPTO_FIPS is selected
958
959config CRYPTO_USER_API
960	tristate
961
962config CRYPTO_USER_API_HASH
963	tristate "User-space interface for hash algorithms"
964	depends on NET
965	select CRYPTO_HASH
966	select CRYPTO_USER_API
967	help
968	  This option enables the user-spaces interface for hash
969	  algorithms.
970
971config CRYPTO_USER_API_SKCIPHER
972	tristate "User-space interface for symmetric key cipher algorithms"
973	depends on NET
974	select CRYPTO_BLKCIPHER
975	select CRYPTO_USER_API
976	help
977	  This option enables the user-spaces interface for symmetric
978	  key cipher algorithms.
979
980source "drivers/crypto/Kconfig"
981
982endif	# if CRYPTO
983