xref: /openbmc/linux/crypto/Kconfig (revision 80ecbd24) 
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
27	help
28	  This options enables the fips boot option which is
29	  required if you want to system to operate in a FIPS 200
30	  certification.  You should say no unless you know what
31	  this is.
32
33config CRYPTO_ALGAPI
34	tristate
35	select CRYPTO_ALGAPI2
36	help
37	  This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40	tristate
41
42config CRYPTO_AEAD
43	tristate
44	select CRYPTO_AEAD2
45	select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48	tristate
49	select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52	tristate
53	select CRYPTO_BLKCIPHER2
54	select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57	tristate
58	select CRYPTO_ALGAPI2
59	select CRYPTO_RNG2
60	select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63	tristate
64	select CRYPTO_HASH2
65	select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68	tristate
69	select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72	tristate
73	select CRYPTO_RNG2
74	select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77	tristate
78	select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81	tristate
82	select CRYPTO_PCOMP2
83	select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86	tristate
87	select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90	tristate "Cryptographic algorithm manager"
91	select CRYPTO_MANAGER2
92	help
93	  Create default cryptographic template instantiations such as
94	  cbc(aes).
95
96config CRYPTO_MANAGER2
97	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98	select CRYPTO_AEAD2
99	select CRYPTO_HASH2
100	select CRYPTO_BLKCIPHER2
101	select CRYPTO_PCOMP2
102
103config CRYPTO_USER
104	tristate "Userspace cryptographic algorithm configuration"
105	depends on NET
106	select CRYPTO_MANAGER
107	help
108	  Userspace configuration for cryptographic instantiations such as
109	  cbc(aes).
110
111config CRYPTO_MANAGER_DISABLE_TESTS
112	bool "Disable run-time self tests"
113	default y
114	depends on CRYPTO_MANAGER2
115	help
116	  Disable run-time self tests that normally take place at
117	  algorithm registration.
118
119config CRYPTO_GF128MUL
120	tristate "GF(2^128) multiplication functions"
121	help
122	  Efficient table driven implementation of multiplications in the
123	  field GF(2^128).  This is needed by some cypher modes. This
124	  option will be selected automatically if you select such a
125	  cipher mode.  Only select this option by hand if you expect to load
126	  an external module that requires these functions.
127
128config CRYPTO_NULL
129	tristate "Null algorithms"
130	select CRYPTO_ALGAPI
131	select CRYPTO_BLKCIPHER
132	select CRYPTO_HASH
133	help
134	  These are 'Null' algorithms, used by IPsec, which do nothing.
135
136config CRYPTO_PCRYPT
137	tristate "Parallel crypto engine"
138	depends on SMP
139	select PADATA
140	select CRYPTO_MANAGER
141	select CRYPTO_AEAD
142	help
143	  This converts an arbitrary crypto algorithm into a parallel
144	  algorithm that executes in kernel threads.
145
146config CRYPTO_WORKQUEUE
147       tristate
148
149config CRYPTO_CRYPTD
150	tristate "Software async crypto daemon"
151	select CRYPTO_BLKCIPHER
152	select CRYPTO_HASH
153	select CRYPTO_MANAGER
154	select CRYPTO_WORKQUEUE
155	help
156	  This is a generic software asynchronous crypto daemon that
157	  converts an arbitrary synchronous software crypto algorithm
158	  into an asynchronous algorithm that executes in a kernel thread.
159
160config CRYPTO_AUTHENC
161	tristate "Authenc support"
162	select CRYPTO_AEAD
163	select CRYPTO_BLKCIPHER
164	select CRYPTO_MANAGER
165	select CRYPTO_HASH
166	help
167	  Authenc: Combined mode wrapper for IPsec.
168	  This is required for IPSec.
169
170config CRYPTO_TEST
171	tristate "Testing module"
172	depends on m
173	select CRYPTO_MANAGER
174	help
175	  Quick & dirty crypto test module.
176
177config CRYPTO_ABLK_HELPER_X86
178	tristate
179	depends on X86
180	select CRYPTO_CRYPTD
181
182config CRYPTO_GLUE_HELPER_X86
183	tristate
184	depends on X86
185	select CRYPTO_ALGAPI
186
187comment "Authenticated Encryption with Associated Data"
188
189config CRYPTO_CCM
190	tristate "CCM support"
191	select CRYPTO_CTR
192	select CRYPTO_AEAD
193	help
194	  Support for Counter with CBC MAC. Required for IPsec.
195
196config CRYPTO_GCM
197	tristate "GCM/GMAC support"
198	select CRYPTO_CTR
199	select CRYPTO_AEAD
200	select CRYPTO_GHASH
201	select CRYPTO_NULL
202	help
203	  Support for Galois/Counter Mode (GCM) and Galois Message
204	  Authentication Code (GMAC). Required for IPSec.
205
206config CRYPTO_SEQIV
207	tristate "Sequence Number IV Generator"
208	select CRYPTO_AEAD
209	select CRYPTO_BLKCIPHER
210	select CRYPTO_RNG
211	help
212	  This IV generator generates an IV based on a sequence number by
213	  xoring it with a salt.  This algorithm is mainly useful for CTR
214
215comment "Block modes"
216
217config CRYPTO_CBC
218	tristate "CBC support"
219	select CRYPTO_BLKCIPHER
220	select CRYPTO_MANAGER
221	help
222	  CBC: Cipher Block Chaining mode
223	  This block cipher algorithm is required for IPSec.
224
225config CRYPTO_CTR
226	tristate "CTR support"
227	select CRYPTO_BLKCIPHER
228	select CRYPTO_SEQIV
229	select CRYPTO_MANAGER
230	help
231	  CTR: Counter mode
232	  This block cipher algorithm is required for IPSec.
233
234config CRYPTO_CTS
235	tristate "CTS support"
236	select CRYPTO_BLKCIPHER
237	help
238	  CTS: Cipher Text Stealing
239	  This is the Cipher Text Stealing mode as described by
240	  Section 8 of rfc2040 and referenced by rfc3962.
241	  (rfc3962 includes errata information in its Appendix A)
242	  This mode is required for Kerberos gss mechanism support
243	  for AES encryption.
244
245config CRYPTO_ECB
246	tristate "ECB support"
247	select CRYPTO_BLKCIPHER
248	select CRYPTO_MANAGER
249	help
250	  ECB: Electronic CodeBook mode
251	  This is the simplest block cipher algorithm.  It simply encrypts
252	  the input block by block.
253
254config CRYPTO_LRW
255	tristate "LRW support"
256	select CRYPTO_BLKCIPHER
257	select CRYPTO_MANAGER
258	select CRYPTO_GF128MUL
259	help
260	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
261	  narrow block cipher mode for dm-crypt.  Use it with cipher
262	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
263	  The first 128, 192 or 256 bits in the key are used for AES and the
264	  rest is used to tie each cipher block to its logical position.
265
266config CRYPTO_PCBC
267	tristate "PCBC support"
268	select CRYPTO_BLKCIPHER
269	select CRYPTO_MANAGER
270	help
271	  PCBC: Propagating Cipher Block Chaining mode
272	  This block cipher algorithm is required for RxRPC.
273
274config CRYPTO_XTS
275	tristate "XTS support"
276	select CRYPTO_BLKCIPHER
277	select CRYPTO_MANAGER
278	select CRYPTO_GF128MUL
279	help
280	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
281	  key size 256, 384 or 512 bits. This implementation currently
282	  can't handle a sectorsize which is not a multiple of 16 bytes.
283
284comment "Hash modes"
285
286config CRYPTO_CMAC
287	tristate "CMAC support"
288	select CRYPTO_HASH
289	select CRYPTO_MANAGER
290	help
291	  Cipher-based Message Authentication Code (CMAC) specified by
292	  The National Institute of Standards and Technology (NIST).
293
294	  https://tools.ietf.org/html/rfc4493
295	  http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
296
297config CRYPTO_HMAC
298	tristate "HMAC support"
299	select CRYPTO_HASH
300	select CRYPTO_MANAGER
301	help
302	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
303	  This is required for IPSec.
304
305config CRYPTO_XCBC
306	tristate "XCBC support"
307	select CRYPTO_HASH
308	select CRYPTO_MANAGER
309	help
310	  XCBC: Keyed-Hashing with encryption algorithm
311		http://www.ietf.org/rfc/rfc3566.txt
312		http://csrc.nist.gov/encryption/modes/proposedmodes/
313		 xcbc-mac/xcbc-mac-spec.pdf
314
315config CRYPTO_VMAC
316	tristate "VMAC support"
317	select CRYPTO_HASH
318	select CRYPTO_MANAGER
319	help
320	  VMAC is a message authentication algorithm designed for
321	  very high speed on 64-bit architectures.
322
323	  See also:
324	  <http://fastcrypto.org/vmac>
325
326comment "Digest"
327
328config CRYPTO_CRC32C
329	tristate "CRC32c CRC algorithm"
330	select CRYPTO_HASH
331	select CRC32
332	help
333	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
334	  by iSCSI for header and data digests and by others.
335	  See Castagnoli93.  Module will be crc32c.
336
337config CRYPTO_CRC32C_INTEL
338	tristate "CRC32c INTEL hardware acceleration"
339	depends on X86
340	select CRYPTO_HASH
341	help
342	  In Intel processor with SSE4.2 supported, the processor will
343	  support CRC32C implementation using hardware accelerated CRC32
344	  instruction. This option will create 'crc32c-intel' module,
345	  which will enable any routine to use the CRC32 instruction to
346	  gain performance compared with software implementation.
347	  Module will be crc32c-intel.
348
349config CRYPTO_CRC32C_SPARC64
350	tristate "CRC32c CRC algorithm (SPARC64)"
351	depends on SPARC64
352	select CRYPTO_HASH
353	select CRC32
354	help
355	  CRC32c CRC algorithm implemented using sparc64 crypto instructions,
356	  when available.
357
358config CRYPTO_CRC32
359	tristate "CRC32 CRC algorithm"
360	select CRYPTO_HASH
361	select CRC32
362	help
363	  CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
364	  Shash crypto api wrappers to crc32_le function.
365
366config CRYPTO_CRC32_PCLMUL
367	tristate "CRC32 PCLMULQDQ hardware acceleration"
368	depends on X86
369	select CRYPTO_HASH
370	select CRC32
371	help
372	  From Intel Westmere and AMD Bulldozer processor with SSE4.2
373	  and PCLMULQDQ supported, the processor will support
374	  CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
375	  instruction. This option will create 'crc32-plcmul' module,
376	  which will enable any routine to use the CRC-32-IEEE 802.3 checksum
377	  and gain better performance as compared with the table implementation.
378
379config CRYPTO_GHASH
380	tristate "GHASH digest algorithm"
381	select CRYPTO_GF128MUL
382	help
383	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
384
385config CRYPTO_MD4
386	tristate "MD4 digest algorithm"
387	select CRYPTO_HASH
388	help
389	  MD4 message digest algorithm (RFC1320).
390
391config CRYPTO_MD5
392	tristate "MD5 digest algorithm"
393	select CRYPTO_HASH
394	help
395	  MD5 message digest algorithm (RFC1321).
396
397config CRYPTO_MD5_SPARC64
398	tristate "MD5 digest algorithm (SPARC64)"
399	depends on SPARC64
400	select CRYPTO_MD5
401	select CRYPTO_HASH
402	help
403	  MD5 message digest algorithm (RFC1321) implemented
404	  using sparc64 crypto instructions, when available.
405
406config CRYPTO_MICHAEL_MIC
407	tristate "Michael MIC keyed digest algorithm"
408	select CRYPTO_HASH
409	help
410	  Michael MIC is used for message integrity protection in TKIP
411	  (IEEE 802.11i). This algorithm is required for TKIP, but it
412	  should not be used for other purposes because of the weakness
413	  of the algorithm.
414
415config CRYPTO_RMD128
416	tristate "RIPEMD-128 digest algorithm"
417	select CRYPTO_HASH
418	help
419	  RIPEMD-128 (ISO/IEC 10118-3:2004).
420
421	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
422	  be used as a secure replacement for RIPEMD. For other use cases,
423	  RIPEMD-160 should be used.
424
425	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
426	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
427
428config CRYPTO_RMD160
429	tristate "RIPEMD-160 digest algorithm"
430	select CRYPTO_HASH
431	help
432	  RIPEMD-160 (ISO/IEC 10118-3:2004).
433
434	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
435	  to be used as a secure replacement for the 128-bit hash functions
436	  MD4, MD5 and it's predecessor RIPEMD
437	  (not to be confused with RIPEMD-128).
438
439	  It's speed is comparable to SHA1 and there are no known attacks
440	  against RIPEMD-160.
441
442	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
443	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
444
445config CRYPTO_RMD256
446	tristate "RIPEMD-256 digest algorithm"
447	select CRYPTO_HASH
448	help
449	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
450	  256 bit hash. It is intended for applications that require
451	  longer hash-results, without needing a larger security level
452	  (than RIPEMD-128).
453
454	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
455	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
456
457config CRYPTO_RMD320
458	tristate "RIPEMD-320 digest algorithm"
459	select CRYPTO_HASH
460	help
461	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
462	  320 bit hash. It is intended for applications that require
463	  longer hash-results, without needing a larger security level
464	  (than RIPEMD-160).
465
466	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
467	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
468
469config CRYPTO_SHA1
470	tristate "SHA1 digest algorithm"
471	select CRYPTO_HASH
472	help
473	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
474
475config CRYPTO_SHA1_SSSE3
476	tristate "SHA1 digest algorithm (SSSE3/AVX)"
477	depends on X86 && 64BIT
478	select CRYPTO_SHA1
479	select CRYPTO_HASH
480	help
481	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
482	  using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
483	  Extensions (AVX), when available.
484
485config CRYPTO_SHA256_SSSE3
486	tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)"
487	depends on X86 && 64BIT
488	select CRYPTO_SHA256
489	select CRYPTO_HASH
490	help
491	  SHA-256 secure hash standard (DFIPS 180-2) implemented
492	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
493	  Extensions version 1 (AVX1), or Advanced Vector Extensions
494	  version 2 (AVX2) instructions, when available.
495
496config CRYPTO_SHA512_SSSE3
497	tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
498	depends on X86 && 64BIT
499	select CRYPTO_SHA512
500	select CRYPTO_HASH
501	help
502	  SHA-512 secure hash standard (DFIPS 180-2) implemented
503	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
504	  Extensions version 1 (AVX1), or Advanced Vector Extensions
505	  version 2 (AVX2) instructions, when available.
506
507config CRYPTO_SHA1_SPARC64
508	tristate "SHA1 digest algorithm (SPARC64)"
509	depends on SPARC64
510	select CRYPTO_SHA1
511	select CRYPTO_HASH
512	help
513	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
514	  using sparc64 crypto instructions, when available.
515
516config CRYPTO_SHA1_ARM
517	tristate "SHA1 digest algorithm (ARM-asm)"
518	depends on ARM
519	select CRYPTO_SHA1
520	select CRYPTO_HASH
521	help
522	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
523	  using optimized ARM assembler.
524
525config CRYPTO_SHA1_PPC
526	tristate "SHA1 digest algorithm (powerpc)"
527	depends on PPC
528	help
529	  This is the powerpc hardware accelerated implementation of the
530	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
531
532config CRYPTO_SHA256
533	tristate "SHA224 and SHA256 digest algorithm"
534	select CRYPTO_HASH
535	help
536	  SHA256 secure hash standard (DFIPS 180-2).
537
538	  This version of SHA implements a 256 bit hash with 128 bits of
539	  security against collision attacks.
540
541	  This code also includes SHA-224, a 224 bit hash with 112 bits
542	  of security against collision attacks.
543
544config CRYPTO_SHA256_SPARC64
545	tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
546	depends on SPARC64
547	select CRYPTO_SHA256
548	select CRYPTO_HASH
549	help
550	  SHA-256 secure hash standard (DFIPS 180-2) implemented
551	  using sparc64 crypto instructions, when available.
552
553config CRYPTO_SHA512
554	tristate "SHA384 and SHA512 digest algorithms"
555	select CRYPTO_HASH
556	help
557	  SHA512 secure hash standard (DFIPS 180-2).
558
559	  This version of SHA implements a 512 bit hash with 256 bits of
560	  security against collision attacks.
561
562	  This code also includes SHA-384, a 384 bit hash with 192 bits
563	  of security against collision attacks.
564
565config CRYPTO_SHA512_SPARC64
566	tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
567	depends on SPARC64
568	select CRYPTO_SHA512
569	select CRYPTO_HASH
570	help
571	  SHA-512 secure hash standard (DFIPS 180-2) implemented
572	  using sparc64 crypto instructions, when available.
573
574config CRYPTO_TGR192
575	tristate "Tiger digest algorithms"
576	select CRYPTO_HASH
577	help
578	  Tiger hash algorithm 192, 160 and 128-bit hashes
579
580	  Tiger is a hash function optimized for 64-bit processors while
581	  still having decent performance on 32-bit processors.
582	  Tiger was developed by Ross Anderson and Eli Biham.
583
584	  See also:
585	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
586
587config CRYPTO_WP512
588	tristate "Whirlpool digest algorithms"
589	select CRYPTO_HASH
590	help
591	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
592
593	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
594	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
595
596	  See also:
597	  <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
598
599config CRYPTO_GHASH_CLMUL_NI_INTEL
600	tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
601	depends on X86 && 64BIT
602	select CRYPTO_CRYPTD
603	help
604	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
605	  The implementation is accelerated by CLMUL-NI of Intel.
606
607comment "Ciphers"
608
609config CRYPTO_AES
610	tristate "AES cipher algorithms"
611	select CRYPTO_ALGAPI
612	help
613	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
614	  algorithm.
615
616	  Rijndael appears to be consistently a very good performer in
617	  both hardware and software across a wide range of computing
618	  environments regardless of its use in feedback or non-feedback
619	  modes. Its key setup time is excellent, and its key agility is
620	  good. Rijndael's very low memory requirements make it very well
621	  suited for restricted-space environments, in which it also
622	  demonstrates excellent performance. Rijndael's operations are
623	  among the easiest to defend against power and timing attacks.
624
625	  The AES specifies three key sizes: 128, 192 and 256 bits
626
627	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
628
629config CRYPTO_AES_586
630	tristate "AES cipher algorithms (i586)"
631	depends on (X86 || UML_X86) && !64BIT
632	select CRYPTO_ALGAPI
633	select CRYPTO_AES
634	help
635	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
636	  algorithm.
637
638	  Rijndael appears to be consistently a very good performer in
639	  both hardware and software across a wide range of computing
640	  environments regardless of its use in feedback or non-feedback
641	  modes. Its key setup time is excellent, and its key agility is
642	  good. Rijndael's very low memory requirements make it very well
643	  suited for restricted-space environments, in which it also
644	  demonstrates excellent performance. Rijndael's operations are
645	  among the easiest to defend against power and timing attacks.
646
647	  The AES specifies three key sizes: 128, 192 and 256 bits
648
649	  See <http://csrc.nist.gov/encryption/aes/> for more information.
650
651config CRYPTO_AES_X86_64
652	tristate "AES cipher algorithms (x86_64)"
653	depends on (X86 || UML_X86) && 64BIT
654	select CRYPTO_ALGAPI
655	select CRYPTO_AES
656	help
657	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
658	  algorithm.
659
660	  Rijndael appears to be consistently a very good performer in
661	  both hardware and software across a wide range of computing
662	  environments regardless of its use in feedback or non-feedback
663	  modes. Its key setup time is excellent, and its key agility is
664	  good. Rijndael's very low memory requirements make it very well
665	  suited for restricted-space environments, in which it also
666	  demonstrates excellent performance. Rijndael's operations are
667	  among the easiest to defend against power and timing attacks.
668
669	  The AES specifies three key sizes: 128, 192 and 256 bits
670
671	  See <http://csrc.nist.gov/encryption/aes/> for more information.
672
673config CRYPTO_AES_NI_INTEL
674	tristate "AES cipher algorithms (AES-NI)"
675	depends on X86
676	select CRYPTO_AES_X86_64 if 64BIT
677	select CRYPTO_AES_586 if !64BIT
678	select CRYPTO_CRYPTD
679	select CRYPTO_ABLK_HELPER_X86
680	select CRYPTO_ALGAPI
681	select CRYPTO_GLUE_HELPER_X86 if 64BIT
682	select CRYPTO_LRW
683	select CRYPTO_XTS
684	help
685	  Use Intel AES-NI instructions for AES algorithm.
686
687	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
688	  algorithm.
689
690	  Rijndael appears to be consistently a very good performer in
691	  both hardware and software across a wide range of computing
692	  environments regardless of its use in feedback or non-feedback
693	  modes. Its key setup time is excellent, and its key agility is
694	  good. Rijndael's very low memory requirements make it very well
695	  suited for restricted-space environments, in which it also
696	  demonstrates excellent performance. Rijndael's operations are
697	  among the easiest to defend against power and timing attacks.
698
699	  The AES specifies three key sizes: 128, 192 and 256 bits
700
701	  See <http://csrc.nist.gov/encryption/aes/> for more information.
702
703	  In addition to AES cipher algorithm support, the acceleration
704	  for some popular block cipher mode is supported too, including
705	  ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
706	  acceleration for CTR.
707
708config CRYPTO_AES_SPARC64
709	tristate "AES cipher algorithms (SPARC64)"
710	depends on SPARC64
711	select CRYPTO_CRYPTD
712	select CRYPTO_ALGAPI
713	help
714	  Use SPARC64 crypto opcodes for AES algorithm.
715
716	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
717	  algorithm.
718
719	  Rijndael appears to be consistently a very good performer in
720	  both hardware and software across a wide range of computing
721	  environments regardless of its use in feedback or non-feedback
722	  modes. Its key setup time is excellent, and its key agility is
723	  good. Rijndael's very low memory requirements make it very well
724	  suited for restricted-space environments, in which it also
725	  demonstrates excellent performance. Rijndael's operations are
726	  among the easiest to defend against power and timing attacks.
727
728	  The AES specifies three key sizes: 128, 192 and 256 bits
729
730	  See <http://csrc.nist.gov/encryption/aes/> for more information.
731
732	  In addition to AES cipher algorithm support, the acceleration
733	  for some popular block cipher mode is supported too, including
734	  ECB and CBC.
735
736config CRYPTO_AES_ARM
737	tristate "AES cipher algorithms (ARM-asm)"
738	depends on ARM
739	select CRYPTO_ALGAPI
740	select CRYPTO_AES
741	help
742	  Use optimized AES assembler routines for ARM platforms.
743
744	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
745	  algorithm.
746
747	  Rijndael appears to be consistently a very good performer in
748	  both hardware and software across a wide range of computing
749	  environments regardless of its use in feedback or non-feedback
750	  modes. Its key setup time is excellent, and its key agility is
751	  good. Rijndael's very low memory requirements make it very well
752	  suited for restricted-space environments, in which it also
753	  demonstrates excellent performance. Rijndael's operations are
754	  among the easiest to defend against power and timing attacks.
755
756	  The AES specifies three key sizes: 128, 192 and 256 bits
757
758	  See <http://csrc.nist.gov/encryption/aes/> for more information.
759
760config CRYPTO_ANUBIS
761	tristate "Anubis cipher algorithm"
762	select CRYPTO_ALGAPI
763	help
764	  Anubis cipher algorithm.
765
766	  Anubis is a variable key length cipher which can use keys from
767	  128 bits to 320 bits in length.  It was evaluated as a entrant
768	  in the NESSIE competition.
769
770	  See also:
771	  <https://www.cosic.esat.kuleuven.be/nessie/reports/>
772	  <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
773
774config CRYPTO_ARC4
775	tristate "ARC4 cipher algorithm"
776	select CRYPTO_BLKCIPHER
777	help
778	  ARC4 cipher algorithm.
779
780	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
781	  bits in length.  This algorithm is required for driver-based
782	  WEP, but it should not be for other purposes because of the
783	  weakness of the algorithm.
784
785config CRYPTO_BLOWFISH
786	tristate "Blowfish cipher algorithm"
787	select CRYPTO_ALGAPI
788	select CRYPTO_BLOWFISH_COMMON
789	help
790	  Blowfish cipher algorithm, by Bruce Schneier.
791
792	  This is a variable key length cipher which can use keys from 32
793	  bits to 448 bits in length.  It's fast, simple and specifically
794	  designed for use on "large microprocessors".
795
796	  See also:
797	  <http://www.schneier.com/blowfish.html>
798
799config CRYPTO_BLOWFISH_COMMON
800	tristate
801	help
802	  Common parts of the Blowfish cipher algorithm shared by the
803	  generic c and the assembler implementations.
804
805	  See also:
806	  <http://www.schneier.com/blowfish.html>
807
808config CRYPTO_BLOWFISH_X86_64
809	tristate "Blowfish cipher algorithm (x86_64)"
810	depends on X86 && 64BIT
811	select CRYPTO_ALGAPI
812	select CRYPTO_BLOWFISH_COMMON
813	help
814	  Blowfish cipher algorithm (x86_64), by Bruce Schneier.
815
816	  This is a variable key length cipher which can use keys from 32
817	  bits to 448 bits in length.  It's fast, simple and specifically
818	  designed for use on "large microprocessors".
819
820	  See also:
821	  <http://www.schneier.com/blowfish.html>
822
823config CRYPTO_CAMELLIA
824	tristate "Camellia cipher algorithms"
825	depends on CRYPTO
826	select CRYPTO_ALGAPI
827	help
828	  Camellia cipher algorithms module.
829
830	  Camellia is a symmetric key block cipher developed jointly
831	  at NTT and Mitsubishi Electric Corporation.
832
833	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
834
835	  See also:
836	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
837
838config CRYPTO_CAMELLIA_X86_64
839	tristate "Camellia cipher algorithm (x86_64)"
840	depends on X86 && 64BIT
841	depends on CRYPTO
842	select CRYPTO_ALGAPI
843	select CRYPTO_GLUE_HELPER_X86
844	select CRYPTO_LRW
845	select CRYPTO_XTS
846	help
847	  Camellia cipher algorithm module (x86_64).
848
849	  Camellia is a symmetric key block cipher developed jointly
850	  at NTT and Mitsubishi Electric Corporation.
851
852	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
853
854	  See also:
855	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
856
857config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
858	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
859	depends on X86 && 64BIT
860	depends on CRYPTO
861	select CRYPTO_ALGAPI
862	select CRYPTO_CRYPTD
863	select CRYPTO_ABLK_HELPER_X86
864	select CRYPTO_GLUE_HELPER_X86
865	select CRYPTO_CAMELLIA_X86_64
866	select CRYPTO_LRW
867	select CRYPTO_XTS
868	help
869	  Camellia cipher algorithm module (x86_64/AES-NI/AVX).
870
871	  Camellia is a symmetric key block cipher developed jointly
872	  at NTT and Mitsubishi Electric Corporation.
873
874	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
875
876	  See also:
877	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
878
879config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
880	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
881	depends on X86 && 64BIT
882	depends on CRYPTO
883	select CRYPTO_ALGAPI
884	select CRYPTO_CRYPTD
885	select CRYPTO_ABLK_HELPER_X86
886	select CRYPTO_GLUE_HELPER_X86
887	select CRYPTO_CAMELLIA_X86_64
888	select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
889	select CRYPTO_LRW
890	select CRYPTO_XTS
891	help
892	  Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
893
894	  Camellia is a symmetric key block cipher developed jointly
895	  at NTT and Mitsubishi Electric Corporation.
896
897	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
898
899	  See also:
900	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
901
902config CRYPTO_CAMELLIA_SPARC64
903	tristate "Camellia cipher algorithm (SPARC64)"
904	depends on SPARC64
905	depends on CRYPTO
906	select CRYPTO_ALGAPI
907	help
908	  Camellia cipher algorithm module (SPARC64).
909
910	  Camellia is a symmetric key block cipher developed jointly
911	  at NTT and Mitsubishi Electric Corporation.
912
913	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
914
915	  See also:
916	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
917
918config CRYPTO_CAST_COMMON
919	tristate
920	help
921	  Common parts of the CAST cipher algorithms shared by the
922	  generic c and the assembler implementations.
923
924config CRYPTO_CAST5
925	tristate "CAST5 (CAST-128) cipher algorithm"
926	select CRYPTO_ALGAPI
927	select CRYPTO_CAST_COMMON
928	help
929	  The CAST5 encryption algorithm (synonymous with CAST-128) is
930	  described in RFC2144.
931
932config CRYPTO_CAST5_AVX_X86_64
933	tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
934	depends on X86 && 64BIT
935	select CRYPTO_ALGAPI
936	select CRYPTO_CRYPTD
937	select CRYPTO_ABLK_HELPER_X86
938	select CRYPTO_CAST_COMMON
939	select CRYPTO_CAST5
940	help
941	  The CAST5 encryption algorithm (synonymous with CAST-128) is
942	  described in RFC2144.
943
944	  This module provides the Cast5 cipher algorithm that processes
945	  sixteen blocks parallel using the AVX instruction set.
946
947config CRYPTO_CAST6
948	tristate "CAST6 (CAST-256) cipher algorithm"
949	select CRYPTO_ALGAPI
950	select CRYPTO_CAST_COMMON
951	help
952	  The CAST6 encryption algorithm (synonymous with CAST-256) is
953	  described in RFC2612.
954
955config CRYPTO_CAST6_AVX_X86_64
956	tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
957	depends on X86 && 64BIT
958	select CRYPTO_ALGAPI
959	select CRYPTO_CRYPTD
960	select CRYPTO_ABLK_HELPER_X86
961	select CRYPTO_GLUE_HELPER_X86
962	select CRYPTO_CAST_COMMON
963	select CRYPTO_CAST6
964	select CRYPTO_LRW
965	select CRYPTO_XTS
966	help
967	  The CAST6 encryption algorithm (synonymous with CAST-256) is
968	  described in RFC2612.
969
970	  This module provides the Cast6 cipher algorithm that processes
971	  eight blocks parallel using the AVX instruction set.
972
973config CRYPTO_DES
974	tristate "DES and Triple DES EDE cipher algorithms"
975	select CRYPTO_ALGAPI
976	help
977	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
978
979config CRYPTO_DES_SPARC64
980	tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
981	depends on SPARC64
982	select CRYPTO_ALGAPI
983	select CRYPTO_DES
984	help
985	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
986	  optimized using SPARC64 crypto opcodes.
987
988config CRYPTO_FCRYPT
989	tristate "FCrypt cipher algorithm"
990	select CRYPTO_ALGAPI
991	select CRYPTO_BLKCIPHER
992	help
993	  FCrypt algorithm used by RxRPC.
994
995config CRYPTO_KHAZAD
996	tristate "Khazad cipher algorithm"
997	select CRYPTO_ALGAPI
998	help
999	  Khazad cipher algorithm.
1000
1001	  Khazad was a finalist in the initial NESSIE competition.  It is
1002	  an algorithm optimized for 64-bit processors with good performance
1003	  on 32-bit processors.  Khazad uses an 128 bit key size.
1004
1005	  See also:
1006	  <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1007
1008config CRYPTO_SALSA20
1009	tristate "Salsa20 stream cipher algorithm"
1010	select CRYPTO_BLKCIPHER
1011	help
1012	  Salsa20 stream cipher algorithm.
1013
1014	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1015	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1016
1017	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1018	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1019
1020config CRYPTO_SALSA20_586
1021	tristate "Salsa20 stream cipher algorithm (i586)"
1022	depends on (X86 || UML_X86) && !64BIT
1023	select CRYPTO_BLKCIPHER
1024	help
1025	  Salsa20 stream cipher algorithm.
1026
1027	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1028	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1029
1030	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1031	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1032
1033config CRYPTO_SALSA20_X86_64
1034	tristate "Salsa20 stream cipher algorithm (x86_64)"
1035	depends on (X86 || UML_X86) && 64BIT
1036	select CRYPTO_BLKCIPHER
1037	help
1038	  Salsa20 stream cipher algorithm.
1039
1040	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1041	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1042
1043	  The Salsa20 stream cipher algorithm is designed by Daniel J.
1044	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1045
1046config CRYPTO_SEED
1047	tristate "SEED cipher algorithm"
1048	select CRYPTO_ALGAPI
1049	help
1050	  SEED cipher algorithm (RFC4269).
1051
1052	  SEED is a 128-bit symmetric key block cipher that has been
1053	  developed by KISA (Korea Information Security Agency) as a
1054	  national standard encryption algorithm of the Republic of Korea.
1055	  It is a 16 round block cipher with the key size of 128 bit.
1056
1057	  See also:
1058	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1059
1060config CRYPTO_SERPENT
1061	tristate "Serpent cipher algorithm"
1062	select CRYPTO_ALGAPI
1063	help
1064	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1065
1066	  Keys are allowed to be from 0 to 256 bits in length, in steps
1067	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
1068	  variant of Serpent for compatibility with old kerneli.org code.
1069
1070	  See also:
1071	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1072
1073config CRYPTO_SERPENT_SSE2_X86_64
1074	tristate "Serpent cipher algorithm (x86_64/SSE2)"
1075	depends on X86 && 64BIT
1076	select CRYPTO_ALGAPI
1077	select CRYPTO_CRYPTD
1078	select CRYPTO_ABLK_HELPER_X86
1079	select CRYPTO_GLUE_HELPER_X86
1080	select CRYPTO_SERPENT
1081	select CRYPTO_LRW
1082	select CRYPTO_XTS
1083	help
1084	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1085
1086	  Keys are allowed to be from 0 to 256 bits in length, in steps
1087	  of 8 bits.
1088
1089	  This module provides Serpent cipher algorithm that processes eigth
1090	  blocks parallel using SSE2 instruction set.
1091
1092	  See also:
1093	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1094
1095config CRYPTO_SERPENT_SSE2_586
1096	tristate "Serpent cipher algorithm (i586/SSE2)"
1097	depends on X86 && !64BIT
1098	select CRYPTO_ALGAPI
1099	select CRYPTO_CRYPTD
1100	select CRYPTO_ABLK_HELPER_X86
1101	select CRYPTO_GLUE_HELPER_X86
1102	select CRYPTO_SERPENT
1103	select CRYPTO_LRW
1104	select CRYPTO_XTS
1105	help
1106	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1107
1108	  Keys are allowed to be from 0 to 256 bits in length, in steps
1109	  of 8 bits.
1110
1111	  This module provides Serpent cipher algorithm that processes four
1112	  blocks parallel using SSE2 instruction set.
1113
1114	  See also:
1115	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1116
1117config CRYPTO_SERPENT_AVX_X86_64
1118	tristate "Serpent cipher algorithm (x86_64/AVX)"
1119	depends on X86 && 64BIT
1120	select CRYPTO_ALGAPI
1121	select CRYPTO_CRYPTD
1122	select CRYPTO_ABLK_HELPER_X86
1123	select CRYPTO_GLUE_HELPER_X86
1124	select CRYPTO_SERPENT
1125	select CRYPTO_LRW
1126	select CRYPTO_XTS
1127	help
1128	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1129
1130	  Keys are allowed to be from 0 to 256 bits in length, in steps
1131	  of 8 bits.
1132
1133	  This module provides the Serpent cipher algorithm that processes
1134	  eight blocks parallel using the AVX instruction set.
1135
1136	  See also:
1137	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1138
1139config CRYPTO_SERPENT_AVX2_X86_64
1140	tristate "Serpent cipher algorithm (x86_64/AVX2)"
1141	depends on X86 && 64BIT
1142	select CRYPTO_ALGAPI
1143	select CRYPTO_CRYPTD
1144	select CRYPTO_ABLK_HELPER_X86
1145	select CRYPTO_GLUE_HELPER_X86
1146	select CRYPTO_SERPENT
1147	select CRYPTO_SERPENT_AVX_X86_64
1148	select CRYPTO_LRW
1149	select CRYPTO_XTS
1150	help
1151	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1152
1153	  Keys are allowed to be from 0 to 256 bits in length, in steps
1154	  of 8 bits.
1155
1156	  This module provides Serpent cipher algorithm that processes 16
1157	  blocks parallel using AVX2 instruction set.
1158
1159	  See also:
1160	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1161
1162config CRYPTO_TEA
1163	tristate "TEA, XTEA and XETA cipher algorithms"
1164	select CRYPTO_ALGAPI
1165	help
1166	  TEA cipher algorithm.
1167
1168	  Tiny Encryption Algorithm is a simple cipher that uses
1169	  many rounds for security.  It is very fast and uses
1170	  little memory.
1171
1172	  Xtendend Tiny Encryption Algorithm is a modification to
1173	  the TEA algorithm to address a potential key weakness
1174	  in the TEA algorithm.
1175
1176	  Xtendend Encryption Tiny Algorithm is a mis-implementation
1177	  of the XTEA algorithm for compatibility purposes.
1178
1179config CRYPTO_TWOFISH
1180	tristate "Twofish cipher algorithm"
1181	select CRYPTO_ALGAPI
1182	select CRYPTO_TWOFISH_COMMON
1183	help
1184	  Twofish cipher algorithm.
1185
1186	  Twofish was submitted as an AES (Advanced Encryption Standard)
1187	  candidate cipher by researchers at CounterPane Systems.  It is a
1188	  16 round block cipher supporting key sizes of 128, 192, and 256
1189	  bits.
1190
1191	  See also:
1192	  <http://www.schneier.com/twofish.html>
1193
1194config CRYPTO_TWOFISH_COMMON
1195	tristate
1196	help
1197	  Common parts of the Twofish cipher algorithm shared by the
1198	  generic c and the assembler implementations.
1199
1200config CRYPTO_TWOFISH_586
1201	tristate "Twofish cipher algorithms (i586)"
1202	depends on (X86 || UML_X86) && !64BIT
1203	select CRYPTO_ALGAPI
1204	select CRYPTO_TWOFISH_COMMON
1205	help
1206	  Twofish cipher algorithm.
1207
1208	  Twofish was submitted as an AES (Advanced Encryption Standard)
1209	  candidate cipher by researchers at CounterPane Systems.  It is a
1210	  16 round block cipher supporting key sizes of 128, 192, and 256
1211	  bits.
1212
1213	  See also:
1214	  <http://www.schneier.com/twofish.html>
1215
1216config CRYPTO_TWOFISH_X86_64
1217	tristate "Twofish cipher algorithm (x86_64)"
1218	depends on (X86 || UML_X86) && 64BIT
1219	select CRYPTO_ALGAPI
1220	select CRYPTO_TWOFISH_COMMON
1221	help
1222	  Twofish cipher algorithm (x86_64).
1223
1224	  Twofish was submitted as an AES (Advanced Encryption Standard)
1225	  candidate cipher by researchers at CounterPane Systems.  It is a
1226	  16 round block cipher supporting key sizes of 128, 192, and 256
1227	  bits.
1228
1229	  See also:
1230	  <http://www.schneier.com/twofish.html>
1231
1232config CRYPTO_TWOFISH_X86_64_3WAY
1233	tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1234	depends on X86 && 64BIT
1235	select CRYPTO_ALGAPI
1236	select CRYPTO_TWOFISH_COMMON
1237	select CRYPTO_TWOFISH_X86_64
1238	select CRYPTO_GLUE_HELPER_X86
1239	select CRYPTO_LRW
1240	select CRYPTO_XTS
1241	help
1242	  Twofish cipher algorithm (x86_64, 3-way parallel).
1243
1244	  Twofish was submitted as an AES (Advanced Encryption Standard)
1245	  candidate cipher by researchers at CounterPane Systems.  It is a
1246	  16 round block cipher supporting key sizes of 128, 192, and 256
1247	  bits.
1248
1249	  This module provides Twofish cipher algorithm that processes three
1250	  blocks parallel, utilizing resources of out-of-order CPUs better.
1251
1252	  See also:
1253	  <http://www.schneier.com/twofish.html>
1254
1255config CRYPTO_TWOFISH_AVX_X86_64
1256	tristate "Twofish cipher algorithm (x86_64/AVX)"
1257	depends on X86 && 64BIT
1258	select CRYPTO_ALGAPI
1259	select CRYPTO_CRYPTD
1260	select CRYPTO_ABLK_HELPER_X86
1261	select CRYPTO_GLUE_HELPER_X86
1262	select CRYPTO_TWOFISH_COMMON
1263	select CRYPTO_TWOFISH_X86_64
1264	select CRYPTO_TWOFISH_X86_64_3WAY
1265	select CRYPTO_LRW
1266	select CRYPTO_XTS
1267	help
1268	  Twofish cipher algorithm (x86_64/AVX).
1269
1270	  Twofish was submitted as an AES (Advanced Encryption Standard)
1271	  candidate cipher by researchers at CounterPane Systems.  It is a
1272	  16 round block cipher supporting key sizes of 128, 192, and 256
1273	  bits.
1274
1275	  This module provides the Twofish cipher algorithm that processes
1276	  eight blocks parallel using the AVX Instruction Set.
1277
1278	  See also:
1279	  <http://www.schneier.com/twofish.html>
1280
1281comment "Compression"
1282
1283config CRYPTO_DEFLATE
1284	tristate "Deflate compression algorithm"
1285	select CRYPTO_ALGAPI
1286	select ZLIB_INFLATE
1287	select ZLIB_DEFLATE
1288	help
1289	  This is the Deflate algorithm (RFC1951), specified for use in
1290	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1291
1292	  You will most probably want this if using IPSec.
1293
1294config CRYPTO_ZLIB
1295	tristate "Zlib compression algorithm"
1296	select CRYPTO_PCOMP
1297	select ZLIB_INFLATE
1298	select ZLIB_DEFLATE
1299	select NLATTR
1300	help
1301	  This is the zlib algorithm.
1302
1303config CRYPTO_LZO
1304	tristate "LZO compression algorithm"
1305	select CRYPTO_ALGAPI
1306	select LZO_COMPRESS
1307	select LZO_DECOMPRESS
1308	help
1309	  This is the LZO algorithm.
1310
1311config CRYPTO_842
1312	tristate "842 compression algorithm"
1313	depends on CRYPTO_DEV_NX_COMPRESS
1314	# 842 uses lzo if the hardware becomes unavailable
1315	select LZO_COMPRESS
1316	select LZO_DECOMPRESS
1317	help
1318	  This is the 842 algorithm.
1319
1320config CRYPTO_LZ4
1321	tristate "LZ4 compression algorithm"
1322	select CRYPTO_ALGAPI
1323	select LZ4_COMPRESS
1324	select LZ4_DECOMPRESS
1325	help
1326	  This is the LZ4 algorithm.
1327
1328config CRYPTO_LZ4HC
1329	tristate "LZ4HC compression algorithm"
1330	select CRYPTO_ALGAPI
1331	select LZ4HC_COMPRESS
1332	select LZ4_DECOMPRESS
1333	help
1334	  This is the LZ4 high compression mode algorithm.
1335
1336comment "Random Number Generation"
1337
1338config CRYPTO_ANSI_CPRNG
1339	tristate "Pseudo Random Number Generation for Cryptographic modules"
1340	default m
1341	select CRYPTO_AES
1342	select CRYPTO_RNG
1343	help
1344	  This option enables the generic pseudo random number generator
1345	  for cryptographic modules.  Uses the Algorithm specified in
1346	  ANSI X9.31 A.2.4. Note that this option must be enabled if
1347	  CRYPTO_FIPS is selected
1348
1349config CRYPTO_USER_API
1350	tristate
1351
1352config CRYPTO_USER_API_HASH
1353	tristate "User-space interface for hash algorithms"
1354	depends on NET
1355	select CRYPTO_HASH
1356	select CRYPTO_USER_API
1357	help
1358	  This option enables the user-spaces interface for hash
1359	  algorithms.
1360
1361config CRYPTO_USER_API_SKCIPHER
1362	tristate "User-space interface for symmetric key cipher algorithms"
1363	depends on NET
1364	select CRYPTO_BLKCIPHER
1365	select CRYPTO_USER_API
1366	help
1367	  This option enables the user-spaces interface for symmetric
1368	  key cipher algorithms.
1369
1370source "drivers/crypto/Kconfig"
1371source crypto/asymmetric_keys/Kconfig
1372
1373endif	# if CRYPTO
1374