xref: /openbmc/linux/crypto/Kconfig (revision 6ee73861) 
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	depends on CRYPTO_ANSI_CPRNG
27	help
28	  This options enables the fips boot option which is
29	  required if you want to system to operate in a FIPS 200
30	  certification.  You should say no unless you know what
31	  this is. Note that CRYPTO_ANSI_CPRNG is requred if this
32	  option is selected
33
34config CRYPTO_ALGAPI
35	tristate
36	select CRYPTO_ALGAPI2
37	help
38	  This option provides the API for cryptographic algorithms.
39
40config CRYPTO_ALGAPI2
41	tristate
42
43config CRYPTO_AEAD
44	tristate
45	select CRYPTO_AEAD2
46	select CRYPTO_ALGAPI
47
48config CRYPTO_AEAD2
49	tristate
50	select CRYPTO_ALGAPI2
51
52config CRYPTO_BLKCIPHER
53	tristate
54	select CRYPTO_BLKCIPHER2
55	select CRYPTO_ALGAPI
56
57config CRYPTO_BLKCIPHER2
58	tristate
59	select CRYPTO_ALGAPI2
60	select CRYPTO_RNG2
61	select CRYPTO_WORKQUEUE
62
63config CRYPTO_HASH
64	tristate
65	select CRYPTO_HASH2
66	select CRYPTO_ALGAPI
67
68config CRYPTO_HASH2
69	tristate
70	select CRYPTO_ALGAPI2
71
72config CRYPTO_RNG
73	tristate
74	select CRYPTO_RNG2
75	select CRYPTO_ALGAPI
76
77config CRYPTO_RNG2
78	tristate
79	select CRYPTO_ALGAPI2
80
81config CRYPTO_PCOMP
82	tristate
83	select CRYPTO_ALGAPI2
84
85config CRYPTO_MANAGER
86	tristate "Cryptographic algorithm manager"
87	select CRYPTO_MANAGER2
88	help
89	  Create default cryptographic template instantiations such as
90	  cbc(aes).
91
92config CRYPTO_MANAGER2
93	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
94	select CRYPTO_AEAD2
95	select CRYPTO_HASH2
96	select CRYPTO_BLKCIPHER2
97	select CRYPTO_PCOMP
98
99config CRYPTO_GF128MUL
100	tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
101	depends on EXPERIMENTAL
102	help
103	  Efficient table driven implementation of multiplications in the
104	  field GF(2^128).  This is needed by some cypher modes. This
105	  option will be selected automatically if you select such a
106	  cipher mode.  Only select this option by hand if you expect to load
107	  an external module that requires these functions.
108
109config CRYPTO_NULL
110	tristate "Null algorithms"
111	select CRYPTO_ALGAPI
112	select CRYPTO_BLKCIPHER
113	select CRYPTO_HASH
114	help
115	  These are 'Null' algorithms, used by IPsec, which do nothing.
116
117config CRYPTO_WORKQUEUE
118       tristate
119
120config CRYPTO_CRYPTD
121	tristate "Software async crypto daemon"
122	select CRYPTO_BLKCIPHER
123	select CRYPTO_HASH
124	select CRYPTO_MANAGER
125	select CRYPTO_WORKQUEUE
126	help
127	  This is a generic software asynchronous crypto daemon that
128	  converts an arbitrary synchronous software crypto algorithm
129	  into an asynchronous algorithm that executes in a kernel thread.
130
131config CRYPTO_AUTHENC
132	tristate "Authenc support"
133	select CRYPTO_AEAD
134	select CRYPTO_BLKCIPHER
135	select CRYPTO_MANAGER
136	select CRYPTO_HASH
137	help
138	  Authenc: Combined mode wrapper for IPsec.
139	  This is required for IPSec.
140
141config CRYPTO_TEST
142	tristate "Testing module"
143	depends on m
144	select CRYPTO_MANAGER
145	help
146	  Quick & dirty crypto test module.
147
148comment "Authenticated Encryption with Associated Data"
149
150config CRYPTO_CCM
151	tristate "CCM support"
152	select CRYPTO_CTR
153	select CRYPTO_AEAD
154	help
155	  Support for Counter with CBC MAC. Required for IPsec.
156
157config CRYPTO_GCM
158	tristate "GCM/GMAC support"
159	select CRYPTO_CTR
160	select CRYPTO_AEAD
161	select CRYPTO_GHASH
162	help
163	  Support for Galois/Counter Mode (GCM) and Galois Message
164	  Authentication Code (GMAC). Required for IPSec.
165
166config CRYPTO_SEQIV
167	tristate "Sequence Number IV Generator"
168	select CRYPTO_AEAD
169	select CRYPTO_BLKCIPHER
170	select CRYPTO_RNG
171	help
172	  This IV generator generates an IV based on a sequence number by
173	  xoring it with a salt.  This algorithm is mainly useful for CTR
174
175comment "Block modes"
176
177config CRYPTO_CBC
178	tristate "CBC support"
179	select CRYPTO_BLKCIPHER
180	select CRYPTO_MANAGER
181	help
182	  CBC: Cipher Block Chaining mode
183	  This block cipher algorithm is required for IPSec.
184
185config CRYPTO_CTR
186	tristate "CTR support"
187	select CRYPTO_BLKCIPHER
188	select CRYPTO_SEQIV
189	select CRYPTO_MANAGER
190	help
191	  CTR: Counter mode
192	  This block cipher algorithm is required for IPSec.
193
194config CRYPTO_CTS
195	tristate "CTS support"
196	select CRYPTO_BLKCIPHER
197	help
198	  CTS: Cipher Text Stealing
199	  This is the Cipher Text Stealing mode as described by
200	  Section 8 of rfc2040 and referenced by rfc3962.
201	  (rfc3962 includes errata information in its Appendix A)
202	  This mode is required for Kerberos gss mechanism support
203	  for AES encryption.
204
205config CRYPTO_ECB
206	tristate "ECB support"
207	select CRYPTO_BLKCIPHER
208	select CRYPTO_MANAGER
209	help
210	  ECB: Electronic CodeBook mode
211	  This is the simplest block cipher algorithm.  It simply encrypts
212	  the input block by block.
213
214config CRYPTO_LRW
215	tristate "LRW support (EXPERIMENTAL)"
216	depends on EXPERIMENTAL
217	select CRYPTO_BLKCIPHER
218	select CRYPTO_MANAGER
219	select CRYPTO_GF128MUL
220	help
221	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
222	  narrow block cipher mode for dm-crypt.  Use it with cipher
223	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
224	  The first 128, 192 or 256 bits in the key are used for AES and the
225	  rest is used to tie each cipher block to its logical position.
226
227config CRYPTO_PCBC
228	tristate "PCBC support"
229	select CRYPTO_BLKCIPHER
230	select CRYPTO_MANAGER
231	help
232	  PCBC: Propagating Cipher Block Chaining mode
233	  This block cipher algorithm is required for RxRPC.
234
235config CRYPTO_XTS
236	tristate "XTS support (EXPERIMENTAL)"
237	depends on EXPERIMENTAL
238	select CRYPTO_BLKCIPHER
239	select CRYPTO_MANAGER
240	select CRYPTO_GF128MUL
241	help
242	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
243	  key size 256, 384 or 512 bits. This implementation currently
244	  can't handle a sectorsize which is not a multiple of 16 bytes.
245
246config CRYPTO_FPU
247	tristate
248	select CRYPTO_BLKCIPHER
249	select CRYPTO_MANAGER
250
251comment "Hash modes"
252
253config CRYPTO_HMAC
254	tristate "HMAC support"
255	select CRYPTO_HASH
256	select CRYPTO_MANAGER
257	help
258	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
259	  This is required for IPSec.
260
261config CRYPTO_XCBC
262	tristate "XCBC support"
263	depends on EXPERIMENTAL
264	select CRYPTO_HASH
265	select CRYPTO_MANAGER
266	help
267	  XCBC: Keyed-Hashing with encryption algorithm
268		http://www.ietf.org/rfc/rfc3566.txt
269		http://csrc.nist.gov/encryption/modes/proposedmodes/
270		 xcbc-mac/xcbc-mac-spec.pdf
271
272config CRYPTO_VMAC
273	tristate "VMAC support"
274	depends on EXPERIMENTAL
275	select CRYPTO_HASH
276	select CRYPTO_MANAGER
277	help
278	  VMAC is a message authentication algorithm designed for
279	  very high speed on 64-bit architectures.
280
281	  See also:
282	  <http://fastcrypto.org/vmac>
283
284comment "Digest"
285
286config CRYPTO_CRC32C
287	tristate "CRC32c CRC algorithm"
288	select CRYPTO_HASH
289	help
290	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
291	  by iSCSI for header and data digests and by others.
292	  See Castagnoli93.  Module will be crc32c.
293
294config CRYPTO_CRC32C_INTEL
295	tristate "CRC32c INTEL hardware acceleration"
296	depends on X86
297	select CRYPTO_HASH
298	help
299	  In Intel processor with SSE4.2 supported, the processor will
300	  support CRC32C implementation using hardware accelerated CRC32
301	  instruction. This option will create 'crc32c-intel' module,
302	  which will enable any routine to use the CRC32 instruction to
303	  gain performance compared with software implementation.
304	  Module will be crc32c-intel.
305
306config CRYPTO_GHASH
307	tristate "GHASH digest algorithm"
308	select CRYPTO_SHASH
309	select CRYPTO_GF128MUL
310	help
311	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
312
313config CRYPTO_MD4
314	tristate "MD4 digest algorithm"
315	select CRYPTO_HASH
316	help
317	  MD4 message digest algorithm (RFC1320).
318
319config CRYPTO_MD5
320	tristate "MD5 digest algorithm"
321	select CRYPTO_HASH
322	help
323	  MD5 message digest algorithm (RFC1321).
324
325config CRYPTO_MICHAEL_MIC
326	tristate "Michael MIC keyed digest algorithm"
327	select CRYPTO_HASH
328	help
329	  Michael MIC is used for message integrity protection in TKIP
330	  (IEEE 802.11i). This algorithm is required for TKIP, but it
331	  should not be used for other purposes because of the weakness
332	  of the algorithm.
333
334config CRYPTO_RMD128
335	tristate "RIPEMD-128 digest algorithm"
336	select CRYPTO_HASH
337	help
338	  RIPEMD-128 (ISO/IEC 10118-3:2004).
339
340	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
341	  to be used as a secure replacement for RIPEMD. For other use cases
342	  RIPEMD-160 should be used.
343
344	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
345	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
346
347config CRYPTO_RMD160
348	tristate "RIPEMD-160 digest algorithm"
349	select CRYPTO_HASH
350	help
351	  RIPEMD-160 (ISO/IEC 10118-3:2004).
352
353	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
354	  to be used as a secure replacement for the 128-bit hash functions
355	  MD4, MD5 and it's predecessor RIPEMD
356	  (not to be confused with RIPEMD-128).
357
358	  It's speed is comparable to SHA1 and there are no known attacks
359	  against RIPEMD-160.
360
361	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
362	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
363
364config CRYPTO_RMD256
365	tristate "RIPEMD-256 digest algorithm"
366	select CRYPTO_HASH
367	help
368	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
369	  256 bit hash. It is intended for applications that require
370	  longer hash-results, without needing a larger security level
371	  (than RIPEMD-128).
372
373	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
374	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
375
376config CRYPTO_RMD320
377	tristate "RIPEMD-320 digest algorithm"
378	select CRYPTO_HASH
379	help
380	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
381	  320 bit hash. It is intended for applications that require
382	  longer hash-results, without needing a larger security level
383	  (than RIPEMD-160).
384
385	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
386	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
387
388config CRYPTO_SHA1
389	tristate "SHA1 digest algorithm"
390	select CRYPTO_HASH
391	help
392	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
393
394config CRYPTO_SHA256
395	tristate "SHA224 and SHA256 digest algorithm"
396	select CRYPTO_HASH
397	help
398	  SHA256 secure hash standard (DFIPS 180-2).
399
400	  This version of SHA implements a 256 bit hash with 128 bits of
401	  security against collision attacks.
402
403	  This code also includes SHA-224, a 224 bit hash with 112 bits
404	  of security against collision attacks.
405
406config CRYPTO_SHA512
407	tristate "SHA384 and SHA512 digest algorithms"
408	select CRYPTO_HASH
409	help
410	  SHA512 secure hash standard (DFIPS 180-2).
411
412	  This version of SHA implements a 512 bit hash with 256 bits of
413	  security against collision attacks.
414
415	  This code also includes SHA-384, a 384 bit hash with 192 bits
416	  of security against collision attacks.
417
418config CRYPTO_TGR192
419	tristate "Tiger digest algorithms"
420	select CRYPTO_HASH
421	help
422	  Tiger hash algorithm 192, 160 and 128-bit hashes
423
424	  Tiger is a hash function optimized for 64-bit processors while
425	  still having decent performance on 32-bit processors.
426	  Tiger was developed by Ross Anderson and Eli Biham.
427
428	  See also:
429	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
430
431config CRYPTO_WP512
432	tristate "Whirlpool digest algorithms"
433	select CRYPTO_HASH
434	help
435	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
436
437	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
438	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
439
440	  See also:
441	  <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
442
443comment "Ciphers"
444
445config CRYPTO_AES
446	tristate "AES cipher algorithms"
447	select CRYPTO_ALGAPI
448	help
449	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
450	  algorithm.
451
452	  Rijndael appears to be consistently a very good performer in
453	  both hardware and software across a wide range of computing
454	  environments regardless of its use in feedback or non-feedback
455	  modes. Its key setup time is excellent, and its key agility is
456	  good. Rijndael's very low memory requirements make it very well
457	  suited for restricted-space environments, in which it also
458	  demonstrates excellent performance. Rijndael's operations are
459	  among the easiest to defend against power and timing attacks.
460
461	  The AES specifies three key sizes: 128, 192 and 256 bits
462
463	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
464
465config CRYPTO_AES_586
466	tristate "AES cipher algorithms (i586)"
467	depends on (X86 || UML_X86) && !64BIT
468	select CRYPTO_ALGAPI
469	select CRYPTO_AES
470	help
471	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
472	  algorithm.
473
474	  Rijndael appears to be consistently a very good performer in
475	  both hardware and software across a wide range of computing
476	  environments regardless of its use in feedback or non-feedback
477	  modes. Its key setup time is excellent, and its key agility is
478	  good. Rijndael's very low memory requirements make it very well
479	  suited for restricted-space environments, in which it also
480	  demonstrates excellent performance. Rijndael's operations are
481	  among the easiest to defend against power and timing attacks.
482
483	  The AES specifies three key sizes: 128, 192 and 256 bits
484
485	  See <http://csrc.nist.gov/encryption/aes/> for more information.
486
487config CRYPTO_AES_X86_64
488	tristate "AES cipher algorithms (x86_64)"
489	depends on (X86 || UML_X86) && 64BIT
490	select CRYPTO_ALGAPI
491	select CRYPTO_AES
492	help
493	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
494	  algorithm.
495
496	  Rijndael appears to be consistently a very good performer in
497	  both hardware and software across a wide range of computing
498	  environments regardless of its use in feedback or non-feedback
499	  modes. Its key setup time is excellent, and its key agility is
500	  good. Rijndael's very low memory requirements make it very well
501	  suited for restricted-space environments, in which it also
502	  demonstrates excellent performance. Rijndael's operations are
503	  among the easiest to defend against power and timing attacks.
504
505	  The AES specifies three key sizes: 128, 192 and 256 bits
506
507	  See <http://csrc.nist.gov/encryption/aes/> for more information.
508
509config CRYPTO_AES_NI_INTEL
510	tristate "AES cipher algorithms (AES-NI)"
511	depends on (X86 || UML_X86) && 64BIT
512	select CRYPTO_AES_X86_64
513	select CRYPTO_CRYPTD
514	select CRYPTO_ALGAPI
515	select CRYPTO_FPU
516	help
517	  Use Intel AES-NI instructions for AES algorithm.
518
519	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
520	  algorithm.
521
522	  Rijndael appears to be consistently a very good performer in
523	  both hardware and software across a wide range of computing
524	  environments regardless of its use in feedback or non-feedback
525	  modes. Its key setup time is excellent, and its key agility is
526	  good. Rijndael's very low memory requirements make it very well
527	  suited for restricted-space environments, in which it also
528	  demonstrates excellent performance. Rijndael's operations are
529	  among the easiest to defend against power and timing attacks.
530
531	  The AES specifies three key sizes: 128, 192 and 256 bits
532
533	  See <http://csrc.nist.gov/encryption/aes/> for more information.
534
535	  In addition to AES cipher algorithm support, the
536	  acceleration for some popular block cipher mode is supported
537	  too, including ECB, CBC, CTR, LRW, PCBC, XTS.
538
539config CRYPTO_ANUBIS
540	tristate "Anubis cipher algorithm"
541	select CRYPTO_ALGAPI
542	help
543	  Anubis cipher algorithm.
544
545	  Anubis is a variable key length cipher which can use keys from
546	  128 bits to 320 bits in length.  It was evaluated as a entrant
547	  in the NESSIE competition.
548
549	  See also:
550	  <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
551	  <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
552
553config CRYPTO_ARC4
554	tristate "ARC4 cipher algorithm"
555	select CRYPTO_ALGAPI
556	help
557	  ARC4 cipher algorithm.
558
559	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
560	  bits in length.  This algorithm is required for driver-based
561	  WEP, but it should not be for other purposes because of the
562	  weakness of the algorithm.
563
564config CRYPTO_BLOWFISH
565	tristate "Blowfish cipher algorithm"
566	select CRYPTO_ALGAPI
567	help
568	  Blowfish cipher algorithm, by Bruce Schneier.
569
570	  This is a variable key length cipher which can use keys from 32
571	  bits to 448 bits in length.  It's fast, simple and specifically
572	  designed for use on "large microprocessors".
573
574	  See also:
575	  <http://www.schneier.com/blowfish.html>
576
577config CRYPTO_CAMELLIA
578	tristate "Camellia cipher algorithms"
579	depends on CRYPTO
580	select CRYPTO_ALGAPI
581	help
582	  Camellia cipher algorithms module.
583
584	  Camellia is a symmetric key block cipher developed jointly
585	  at NTT and Mitsubishi Electric Corporation.
586
587	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
588
589	  See also:
590	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
591
592config CRYPTO_CAST5
593	tristate "CAST5 (CAST-128) cipher algorithm"
594	select CRYPTO_ALGAPI
595	help
596	  The CAST5 encryption algorithm (synonymous with CAST-128) is
597	  described in RFC2144.
598
599config CRYPTO_CAST6
600	tristate "CAST6 (CAST-256) cipher algorithm"
601	select CRYPTO_ALGAPI
602	help
603	  The CAST6 encryption algorithm (synonymous with CAST-256) is
604	  described in RFC2612.
605
606config CRYPTO_DES
607	tristate "DES and Triple DES EDE cipher algorithms"
608	select CRYPTO_ALGAPI
609	help
610	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
611
612config CRYPTO_FCRYPT
613	tristate "FCrypt cipher algorithm"
614	select CRYPTO_ALGAPI
615	select CRYPTO_BLKCIPHER
616	help
617	  FCrypt algorithm used by RxRPC.
618
619config CRYPTO_KHAZAD
620	tristate "Khazad cipher algorithm"
621	select CRYPTO_ALGAPI
622	help
623	  Khazad cipher algorithm.
624
625	  Khazad was a finalist in the initial NESSIE competition.  It is
626	  an algorithm optimized for 64-bit processors with good performance
627	  on 32-bit processors.  Khazad uses an 128 bit key size.
628
629	  See also:
630	  <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
631
632config CRYPTO_SALSA20
633	tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
634	depends on EXPERIMENTAL
635	select CRYPTO_BLKCIPHER
636	help
637	  Salsa20 stream cipher algorithm.
638
639	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
640	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
641
642	  The Salsa20 stream cipher algorithm is designed by Daniel J.
643	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
644
645config CRYPTO_SALSA20_586
646	tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
647	depends on (X86 || UML_X86) && !64BIT
648	depends on EXPERIMENTAL
649	select CRYPTO_BLKCIPHER
650	help
651	  Salsa20 stream cipher algorithm.
652
653	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
654	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
655
656	  The Salsa20 stream cipher algorithm is designed by Daniel J.
657	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
658
659config CRYPTO_SALSA20_X86_64
660	tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
661	depends on (X86 || UML_X86) && 64BIT
662	depends on EXPERIMENTAL
663	select CRYPTO_BLKCIPHER
664	help
665	  Salsa20 stream cipher algorithm.
666
667	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
668	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
669
670	  The Salsa20 stream cipher algorithm is designed by Daniel J.
671	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
672
673config CRYPTO_SEED
674	tristate "SEED cipher algorithm"
675	select CRYPTO_ALGAPI
676	help
677	  SEED cipher algorithm (RFC4269).
678
679	  SEED is a 128-bit symmetric key block cipher that has been
680	  developed by KISA (Korea Information Security Agency) as a
681	  national standard encryption algorithm of the Republic of Korea.
682	  It is a 16 round block cipher with the key size of 128 bit.
683
684	  See also:
685	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
686
687config CRYPTO_SERPENT
688	tristate "Serpent cipher algorithm"
689	select CRYPTO_ALGAPI
690	help
691	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
692
693	  Keys are allowed to be from 0 to 256 bits in length, in steps
694	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
695	  variant of Serpent for compatibility with old kerneli.org code.
696
697	  See also:
698	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
699
700config CRYPTO_TEA
701	tristate "TEA, XTEA and XETA cipher algorithms"
702	select CRYPTO_ALGAPI
703	help
704	  TEA cipher algorithm.
705
706	  Tiny Encryption Algorithm is a simple cipher that uses
707	  many rounds for security.  It is very fast and uses
708	  little memory.
709
710	  Xtendend Tiny Encryption Algorithm is a modification to
711	  the TEA algorithm to address a potential key weakness
712	  in the TEA algorithm.
713
714	  Xtendend Encryption Tiny Algorithm is a mis-implementation
715	  of the XTEA algorithm for compatibility purposes.
716
717config CRYPTO_TWOFISH
718	tristate "Twofish cipher algorithm"
719	select CRYPTO_ALGAPI
720	select CRYPTO_TWOFISH_COMMON
721	help
722	  Twofish cipher algorithm.
723
724	  Twofish was submitted as an AES (Advanced Encryption Standard)
725	  candidate cipher by researchers at CounterPane Systems.  It is a
726	  16 round block cipher supporting key sizes of 128, 192, and 256
727	  bits.
728
729	  See also:
730	  <http://www.schneier.com/twofish.html>
731
732config CRYPTO_TWOFISH_COMMON
733	tristate
734	help
735	  Common parts of the Twofish cipher algorithm shared by the
736	  generic c and the assembler implementations.
737
738config CRYPTO_TWOFISH_586
739	tristate "Twofish cipher algorithms (i586)"
740	depends on (X86 || UML_X86) && !64BIT
741	select CRYPTO_ALGAPI
742	select CRYPTO_TWOFISH_COMMON
743	help
744	  Twofish cipher algorithm.
745
746	  Twofish was submitted as an AES (Advanced Encryption Standard)
747	  candidate cipher by researchers at CounterPane Systems.  It is a
748	  16 round block cipher supporting key sizes of 128, 192, and 256
749	  bits.
750
751	  See also:
752	  <http://www.schneier.com/twofish.html>
753
754config CRYPTO_TWOFISH_X86_64
755	tristate "Twofish cipher algorithm (x86_64)"
756	depends on (X86 || UML_X86) && 64BIT
757	select CRYPTO_ALGAPI
758	select CRYPTO_TWOFISH_COMMON
759	help
760	  Twofish cipher algorithm (x86_64).
761
762	  Twofish was submitted as an AES (Advanced Encryption Standard)
763	  candidate cipher by researchers at CounterPane Systems.  It is a
764	  16 round block cipher supporting key sizes of 128, 192, and 256
765	  bits.
766
767	  See also:
768	  <http://www.schneier.com/twofish.html>
769
770comment "Compression"
771
772config CRYPTO_DEFLATE
773	tristate "Deflate compression algorithm"
774	select CRYPTO_ALGAPI
775	select ZLIB_INFLATE
776	select ZLIB_DEFLATE
777	help
778	  This is the Deflate algorithm (RFC1951), specified for use in
779	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
780
781	  You will most probably want this if using IPSec.
782
783config CRYPTO_ZLIB
784	tristate "Zlib compression algorithm"
785	select CRYPTO_PCOMP
786	select ZLIB_INFLATE
787	select ZLIB_DEFLATE
788	select NLATTR
789	help
790	  This is the zlib algorithm.
791
792config CRYPTO_LZO
793	tristate "LZO compression algorithm"
794	select CRYPTO_ALGAPI
795	select LZO_COMPRESS
796	select LZO_DECOMPRESS
797	help
798	  This is the LZO algorithm.
799
800comment "Random Number Generation"
801
802config CRYPTO_ANSI_CPRNG
803	tristate "Pseudo Random Number Generation for Cryptographic modules"
804	default m
805	select CRYPTO_AES
806	select CRYPTO_RNG
807	help
808	  This option enables the generic pseudo random number generator
809	  for cryptographic modules.  Uses the Algorithm specified in
810	  ANSI X9.31 A.2.4. Not this option must be enabled if CRYPTO_FIPS
811	  is selected
812
813source "drivers/crypto/Kconfig"
814
815endif	# if CRYPTO
816