1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 27 depends on MODULE_SIG 28 help 29 This options enables the fips boot option which is 30 required if you want to system to operate in a FIPS 200 31 certification. You should say no unless you know what 32 this is. 33 34config CRYPTO_ALGAPI 35 tristate 36 select CRYPTO_ALGAPI2 37 help 38 This option provides the API for cryptographic algorithms. 39 40config CRYPTO_ALGAPI2 41 tristate 42 43config CRYPTO_AEAD 44 tristate 45 select CRYPTO_AEAD2 46 select CRYPTO_ALGAPI 47 48config CRYPTO_AEAD2 49 tristate 50 select CRYPTO_ALGAPI2 51 52config CRYPTO_BLKCIPHER 53 tristate 54 select CRYPTO_BLKCIPHER2 55 select CRYPTO_ALGAPI 56 57config CRYPTO_BLKCIPHER2 58 tristate 59 select CRYPTO_ALGAPI2 60 select CRYPTO_RNG2 61 select CRYPTO_WORKQUEUE 62 63config CRYPTO_HASH 64 tristate 65 select CRYPTO_HASH2 66 select CRYPTO_ALGAPI 67 68config CRYPTO_HASH2 69 tristate 70 select CRYPTO_ALGAPI2 71 72config CRYPTO_RNG 73 tristate 74 select CRYPTO_RNG2 75 select CRYPTO_ALGAPI 76 77config CRYPTO_RNG2 78 tristate 79 select CRYPTO_ALGAPI2 80 81config CRYPTO_PCOMP 82 tristate 83 select CRYPTO_PCOMP2 84 select CRYPTO_ALGAPI 85 86config CRYPTO_PCOMP2 87 tristate 88 select CRYPTO_ALGAPI2 89 90config CRYPTO_MANAGER 91 tristate "Cryptographic algorithm manager" 92 select CRYPTO_MANAGER2 93 help 94 Create default cryptographic template instantiations such as 95 cbc(aes). 96 97config CRYPTO_MANAGER2 98 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 99 select CRYPTO_AEAD2 100 select CRYPTO_HASH2 101 select CRYPTO_BLKCIPHER2 102 select CRYPTO_PCOMP2 103 104config CRYPTO_USER 105 tristate "Userspace cryptographic algorithm configuration" 106 depends on NET 107 select CRYPTO_MANAGER 108 help 109 Userspace configuration for cryptographic instantiations such as 110 cbc(aes). 111 112config CRYPTO_MANAGER_DISABLE_TESTS 113 bool "Disable run-time self tests" 114 default y 115 depends on CRYPTO_MANAGER2 116 help 117 Disable run-time self tests that normally take place at 118 algorithm registration. 119 120config CRYPTO_GF128MUL 121 tristate "GF(2^128) multiplication functions" 122 help 123 Efficient table driven implementation of multiplications in the 124 field GF(2^128). This is needed by some cypher modes. This 125 option will be selected automatically if you select such a 126 cipher mode. Only select this option by hand if you expect to load 127 an external module that requires these functions. 128 129config CRYPTO_NULL 130 tristate "Null algorithms" 131 select CRYPTO_ALGAPI 132 select CRYPTO_BLKCIPHER 133 select CRYPTO_HASH 134 help 135 These are 'Null' algorithms, used by IPsec, which do nothing. 136 137config CRYPTO_PCRYPT 138 tristate "Parallel crypto engine" 139 depends on SMP 140 select PADATA 141 select CRYPTO_MANAGER 142 select CRYPTO_AEAD 143 help 144 This converts an arbitrary crypto algorithm into a parallel 145 algorithm that executes in kernel threads. 146 147config CRYPTO_WORKQUEUE 148 tristate 149 150config CRYPTO_CRYPTD 151 tristate "Software async crypto daemon" 152 select CRYPTO_BLKCIPHER 153 select CRYPTO_HASH 154 select CRYPTO_MANAGER 155 select CRYPTO_WORKQUEUE 156 help 157 This is a generic software asynchronous crypto daemon that 158 converts an arbitrary synchronous software crypto algorithm 159 into an asynchronous algorithm that executes in a kernel thread. 160 161config CRYPTO_MCRYPTD 162 tristate "Software async multi-buffer crypto daemon" 163 select CRYPTO_BLKCIPHER 164 select CRYPTO_HASH 165 select CRYPTO_MANAGER 166 select CRYPTO_WORKQUEUE 167 help 168 This is a generic software asynchronous crypto daemon that 169 provides the kernel thread to assist multi-buffer crypto 170 algorithms for submitting jobs and flushing jobs in multi-buffer 171 crypto algorithms. Multi-buffer crypto algorithms are executed 172 in the context of this kernel thread and drivers can post 173 their crypto request asynchronously to be processed by this daemon. 174 175config CRYPTO_AUTHENC 176 tristate "Authenc support" 177 select CRYPTO_AEAD 178 select CRYPTO_BLKCIPHER 179 select CRYPTO_MANAGER 180 select CRYPTO_HASH 181 help 182 Authenc: Combined mode wrapper for IPsec. 183 This is required for IPSec. 184 185config CRYPTO_TEST 186 tristate "Testing module" 187 depends on m 188 select CRYPTO_MANAGER 189 help 190 Quick & dirty crypto test module. 191 192config CRYPTO_ABLK_HELPER 193 tristate 194 select CRYPTO_CRYPTD 195 196config CRYPTO_GLUE_HELPER_X86 197 tristate 198 depends on X86 199 select CRYPTO_ALGAPI 200 201comment "Authenticated Encryption with Associated Data" 202 203config CRYPTO_CCM 204 tristate "CCM support" 205 select CRYPTO_CTR 206 select CRYPTO_AEAD 207 help 208 Support for Counter with CBC MAC. Required for IPsec. 209 210config CRYPTO_GCM 211 tristate "GCM/GMAC support" 212 select CRYPTO_CTR 213 select CRYPTO_AEAD 214 select CRYPTO_GHASH 215 select CRYPTO_NULL 216 help 217 Support for Galois/Counter Mode (GCM) and Galois Message 218 Authentication Code (GMAC). Required for IPSec. 219 220config CRYPTO_SEQIV 221 tristate "Sequence Number IV Generator" 222 select CRYPTO_AEAD 223 select CRYPTO_BLKCIPHER 224 select CRYPTO_RNG 225 help 226 This IV generator generates an IV based on a sequence number by 227 xoring it with a salt. This algorithm is mainly useful for CTR 228 229comment "Block modes" 230 231config CRYPTO_CBC 232 tristate "CBC support" 233 select CRYPTO_BLKCIPHER 234 select CRYPTO_MANAGER 235 help 236 CBC: Cipher Block Chaining mode 237 This block cipher algorithm is required for IPSec. 238 239config CRYPTO_CTR 240 tristate "CTR support" 241 select CRYPTO_BLKCIPHER 242 select CRYPTO_SEQIV 243 select CRYPTO_MANAGER 244 help 245 CTR: Counter mode 246 This block cipher algorithm is required for IPSec. 247 248config CRYPTO_CTS 249 tristate "CTS support" 250 select CRYPTO_BLKCIPHER 251 help 252 CTS: Cipher Text Stealing 253 This is the Cipher Text Stealing mode as described by 254 Section 8 of rfc2040 and referenced by rfc3962. 255 (rfc3962 includes errata information in its Appendix A) 256 This mode is required for Kerberos gss mechanism support 257 for AES encryption. 258 259config CRYPTO_ECB 260 tristate "ECB support" 261 select CRYPTO_BLKCIPHER 262 select CRYPTO_MANAGER 263 help 264 ECB: Electronic CodeBook mode 265 This is the simplest block cipher algorithm. It simply encrypts 266 the input block by block. 267 268config CRYPTO_LRW 269 tristate "LRW support" 270 select CRYPTO_BLKCIPHER 271 select CRYPTO_MANAGER 272 select CRYPTO_GF128MUL 273 help 274 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 275 narrow block cipher mode for dm-crypt. Use it with cipher 276 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 277 The first 128, 192 or 256 bits in the key are used for AES and the 278 rest is used to tie each cipher block to its logical position. 279 280config CRYPTO_PCBC 281 tristate "PCBC support" 282 select CRYPTO_BLKCIPHER 283 select CRYPTO_MANAGER 284 help 285 PCBC: Propagating Cipher Block Chaining mode 286 This block cipher algorithm is required for RxRPC. 287 288config CRYPTO_XTS 289 tristate "XTS support" 290 select CRYPTO_BLKCIPHER 291 select CRYPTO_MANAGER 292 select CRYPTO_GF128MUL 293 help 294 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 295 key size 256, 384 or 512 bits. This implementation currently 296 can't handle a sectorsize which is not a multiple of 16 bytes. 297 298comment "Hash modes" 299 300config CRYPTO_CMAC 301 tristate "CMAC support" 302 select CRYPTO_HASH 303 select CRYPTO_MANAGER 304 help 305 Cipher-based Message Authentication Code (CMAC) specified by 306 The National Institute of Standards and Technology (NIST). 307 308 https://tools.ietf.org/html/rfc4493 309 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf 310 311config CRYPTO_HMAC 312 tristate "HMAC support" 313 select CRYPTO_HASH 314 select CRYPTO_MANAGER 315 help 316 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 317 This is required for IPSec. 318 319config CRYPTO_XCBC 320 tristate "XCBC support" 321 select CRYPTO_HASH 322 select CRYPTO_MANAGER 323 help 324 XCBC: Keyed-Hashing with encryption algorithm 325 http://www.ietf.org/rfc/rfc3566.txt 326 http://csrc.nist.gov/encryption/modes/proposedmodes/ 327 xcbc-mac/xcbc-mac-spec.pdf 328 329config CRYPTO_VMAC 330 tristate "VMAC support" 331 select CRYPTO_HASH 332 select CRYPTO_MANAGER 333 help 334 VMAC is a message authentication algorithm designed for 335 very high speed on 64-bit architectures. 336 337 See also: 338 <http://fastcrypto.org/vmac> 339 340comment "Digest" 341 342config CRYPTO_CRC32C 343 tristate "CRC32c CRC algorithm" 344 select CRYPTO_HASH 345 select CRC32 346 help 347 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 348 by iSCSI for header and data digests and by others. 349 See Castagnoli93. Module will be crc32c. 350 351config CRYPTO_CRC32C_INTEL 352 tristate "CRC32c INTEL hardware acceleration" 353 depends on X86 354 select CRYPTO_HASH 355 help 356 In Intel processor with SSE4.2 supported, the processor will 357 support CRC32C implementation using hardware accelerated CRC32 358 instruction. This option will create 'crc32c-intel' module, 359 which will enable any routine to use the CRC32 instruction to 360 gain performance compared with software implementation. 361 Module will be crc32c-intel. 362 363config CRYPTO_CRC32C_SPARC64 364 tristate "CRC32c CRC algorithm (SPARC64)" 365 depends on SPARC64 366 select CRYPTO_HASH 367 select CRC32 368 help 369 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 370 when available. 371 372config CRYPTO_CRC32 373 tristate "CRC32 CRC algorithm" 374 select CRYPTO_HASH 375 select CRC32 376 help 377 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm. 378 Shash crypto api wrappers to crc32_le function. 379 380config CRYPTO_CRC32_PCLMUL 381 tristate "CRC32 PCLMULQDQ hardware acceleration" 382 depends on X86 383 select CRYPTO_HASH 384 select CRC32 385 help 386 From Intel Westmere and AMD Bulldozer processor with SSE4.2 387 and PCLMULQDQ supported, the processor will support 388 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ 389 instruction. This option will create 'crc32-plcmul' module, 390 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 391 and gain better performance as compared with the table implementation. 392 393config CRYPTO_CRCT10DIF 394 tristate "CRCT10DIF algorithm" 395 select CRYPTO_HASH 396 help 397 CRC T10 Data Integrity Field computation is being cast as 398 a crypto transform. This allows for faster crc t10 diff 399 transforms to be used if they are available. 400 401config CRYPTO_CRCT10DIF_PCLMUL 402 tristate "CRCT10DIF PCLMULQDQ hardware acceleration" 403 depends on X86 && 64BIT && CRC_T10DIF 404 select CRYPTO_HASH 405 help 406 For x86_64 processors with SSE4.2 and PCLMULQDQ supported, 407 CRC T10 DIF PCLMULQDQ computation can be hardware 408 accelerated PCLMULQDQ instruction. This option will create 409 'crct10dif-plcmul' module, which is faster when computing the 410 crct10dif checksum as compared with the generic table implementation. 411 412config CRYPTO_GHASH 413 tristate "GHASH digest algorithm" 414 select CRYPTO_GF128MUL 415 help 416 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 417 418config CRYPTO_MD4 419 tristate "MD4 digest algorithm" 420 select CRYPTO_HASH 421 help 422 MD4 message digest algorithm (RFC1320). 423 424config CRYPTO_MD5 425 tristate "MD5 digest algorithm" 426 select CRYPTO_HASH 427 help 428 MD5 message digest algorithm (RFC1321). 429 430config CRYPTO_MD5_OCTEON 431 tristate "MD5 digest algorithm (OCTEON)" 432 depends on CPU_CAVIUM_OCTEON 433 select CRYPTO_MD5 434 select CRYPTO_HASH 435 help 436 MD5 message digest algorithm (RFC1321) implemented 437 using OCTEON crypto instructions, when available. 438 439config CRYPTO_MD5_PPC 440 tristate "MD5 digest algorithm (PPC)" 441 depends on PPC 442 select CRYPTO_HASH 443 help 444 MD5 message digest algorithm (RFC1321) implemented 445 in PPC assembler. 446 447config CRYPTO_MD5_SPARC64 448 tristate "MD5 digest algorithm (SPARC64)" 449 depends on SPARC64 450 select CRYPTO_MD5 451 select CRYPTO_HASH 452 help 453 MD5 message digest algorithm (RFC1321) implemented 454 using sparc64 crypto instructions, when available. 455 456config CRYPTO_MICHAEL_MIC 457 tristate "Michael MIC keyed digest algorithm" 458 select CRYPTO_HASH 459 help 460 Michael MIC is used for message integrity protection in TKIP 461 (IEEE 802.11i). This algorithm is required for TKIP, but it 462 should not be used for other purposes because of the weakness 463 of the algorithm. 464 465config CRYPTO_RMD128 466 tristate "RIPEMD-128 digest algorithm" 467 select CRYPTO_HASH 468 help 469 RIPEMD-128 (ISO/IEC 10118-3:2004). 470 471 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 472 be used as a secure replacement for RIPEMD. For other use cases, 473 RIPEMD-160 should be used. 474 475 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 476 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 477 478config CRYPTO_RMD160 479 tristate "RIPEMD-160 digest algorithm" 480 select CRYPTO_HASH 481 help 482 RIPEMD-160 (ISO/IEC 10118-3:2004). 483 484 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 485 to be used as a secure replacement for the 128-bit hash functions 486 MD4, MD5 and it's predecessor RIPEMD 487 (not to be confused with RIPEMD-128). 488 489 It's speed is comparable to SHA1 and there are no known attacks 490 against RIPEMD-160. 491 492 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 493 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 494 495config CRYPTO_RMD256 496 tristate "RIPEMD-256 digest algorithm" 497 select CRYPTO_HASH 498 help 499 RIPEMD-256 is an optional extension of RIPEMD-128 with a 500 256 bit hash. It is intended for applications that require 501 longer hash-results, without needing a larger security level 502 (than RIPEMD-128). 503 504 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 505 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 506 507config CRYPTO_RMD320 508 tristate "RIPEMD-320 digest algorithm" 509 select CRYPTO_HASH 510 help 511 RIPEMD-320 is an optional extension of RIPEMD-160 with a 512 320 bit hash. It is intended for applications that require 513 longer hash-results, without needing a larger security level 514 (than RIPEMD-160). 515 516 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 517 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 518 519config CRYPTO_SHA1 520 tristate "SHA1 digest algorithm" 521 select CRYPTO_HASH 522 help 523 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 524 525config CRYPTO_SHA1_SSSE3 526 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)" 527 depends on X86 && 64BIT 528 select CRYPTO_SHA1 529 select CRYPTO_HASH 530 help 531 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 532 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 533 Extensions (AVX/AVX2), when available. 534 535config CRYPTO_SHA256_SSSE3 536 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)" 537 depends on X86 && 64BIT 538 select CRYPTO_SHA256 539 select CRYPTO_HASH 540 help 541 SHA-256 secure hash standard (DFIPS 180-2) implemented 542 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 543 Extensions version 1 (AVX1), or Advanced Vector Extensions 544 version 2 (AVX2) instructions, when available. 545 546config CRYPTO_SHA512_SSSE3 547 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)" 548 depends on X86 && 64BIT 549 select CRYPTO_SHA512 550 select CRYPTO_HASH 551 help 552 SHA-512 secure hash standard (DFIPS 180-2) implemented 553 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 554 Extensions version 1 (AVX1), or Advanced Vector Extensions 555 version 2 (AVX2) instructions, when available. 556 557config CRYPTO_SHA1_OCTEON 558 tristate "SHA1 digest algorithm (OCTEON)" 559 depends on CPU_CAVIUM_OCTEON 560 select CRYPTO_SHA1 561 select CRYPTO_HASH 562 help 563 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 564 using OCTEON crypto instructions, when available. 565 566config CRYPTO_SHA1_SPARC64 567 tristate "SHA1 digest algorithm (SPARC64)" 568 depends on SPARC64 569 select CRYPTO_SHA1 570 select CRYPTO_HASH 571 help 572 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 573 using sparc64 crypto instructions, when available. 574 575config CRYPTO_SHA1_PPC 576 tristate "SHA1 digest algorithm (powerpc)" 577 depends on PPC 578 help 579 This is the powerpc hardware accelerated implementation of the 580 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 581 582config CRYPTO_SHA1_PPC_SPE 583 tristate "SHA1 digest algorithm (PPC SPE)" 584 depends on PPC && SPE 585 help 586 SHA-1 secure hash standard (DFIPS 180-4) implemented 587 using powerpc SPE SIMD instruction set. 588 589config CRYPTO_SHA1_MB 590 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)" 591 depends on X86 && 64BIT 592 select CRYPTO_SHA1 593 select CRYPTO_HASH 594 select CRYPTO_MCRYPTD 595 help 596 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 597 using multi-buffer technique. This algorithm computes on 598 multiple data lanes concurrently with SIMD instructions for 599 better throughput. It should not be enabled by default but 600 used when there is significant amount of work to keep the keep 601 the data lanes filled to get performance benefit. If the data 602 lanes remain unfilled, a flush operation will be initiated to 603 process the crypto jobs, adding a slight latency. 604 605config CRYPTO_SHA256 606 tristate "SHA224 and SHA256 digest algorithm" 607 select CRYPTO_HASH 608 help 609 SHA256 secure hash standard (DFIPS 180-2). 610 611 This version of SHA implements a 256 bit hash with 128 bits of 612 security against collision attacks. 613 614 This code also includes SHA-224, a 224 bit hash with 112 bits 615 of security against collision attacks. 616 617config CRYPTO_SHA256_PPC_SPE 618 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)" 619 depends on PPC && SPE 620 select CRYPTO_SHA256 621 select CRYPTO_HASH 622 help 623 SHA224 and SHA256 secure hash standard (DFIPS 180-2) 624 implemented using powerpc SPE SIMD instruction set. 625 626config CRYPTO_SHA256_OCTEON 627 tristate "SHA224 and SHA256 digest algorithm (OCTEON)" 628 depends on CPU_CAVIUM_OCTEON 629 select CRYPTO_SHA256 630 select CRYPTO_HASH 631 help 632 SHA-256 secure hash standard (DFIPS 180-2) implemented 633 using OCTEON crypto instructions, when available. 634 635config CRYPTO_SHA256_SPARC64 636 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 637 depends on SPARC64 638 select CRYPTO_SHA256 639 select CRYPTO_HASH 640 help 641 SHA-256 secure hash standard (DFIPS 180-2) implemented 642 using sparc64 crypto instructions, when available. 643 644config CRYPTO_SHA512 645 tristate "SHA384 and SHA512 digest algorithms" 646 select CRYPTO_HASH 647 help 648 SHA512 secure hash standard (DFIPS 180-2). 649 650 This version of SHA implements a 512 bit hash with 256 bits of 651 security against collision attacks. 652 653 This code also includes SHA-384, a 384 bit hash with 192 bits 654 of security against collision attacks. 655 656config CRYPTO_SHA512_OCTEON 657 tristate "SHA384 and SHA512 digest algorithms (OCTEON)" 658 depends on CPU_CAVIUM_OCTEON 659 select CRYPTO_SHA512 660 select CRYPTO_HASH 661 help 662 SHA-512 secure hash standard (DFIPS 180-2) implemented 663 using OCTEON crypto instructions, when available. 664 665config CRYPTO_SHA512_SPARC64 666 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 667 depends on SPARC64 668 select CRYPTO_SHA512 669 select CRYPTO_HASH 670 help 671 SHA-512 secure hash standard (DFIPS 180-2) implemented 672 using sparc64 crypto instructions, when available. 673 674config CRYPTO_TGR192 675 tristate "Tiger digest algorithms" 676 select CRYPTO_HASH 677 help 678 Tiger hash algorithm 192, 160 and 128-bit hashes 679 680 Tiger is a hash function optimized for 64-bit processors while 681 still having decent performance on 32-bit processors. 682 Tiger was developed by Ross Anderson and Eli Biham. 683 684 See also: 685 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 686 687config CRYPTO_WP512 688 tristate "Whirlpool digest algorithms" 689 select CRYPTO_HASH 690 help 691 Whirlpool hash algorithm 512, 384 and 256-bit hashes 692 693 Whirlpool-512 is part of the NESSIE cryptographic primitives. 694 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 695 696 See also: 697 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 698 699config CRYPTO_GHASH_CLMUL_NI_INTEL 700 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 701 depends on X86 && 64BIT 702 select CRYPTO_CRYPTD 703 help 704 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 705 The implementation is accelerated by CLMUL-NI of Intel. 706 707comment "Ciphers" 708 709config CRYPTO_AES 710 tristate "AES cipher algorithms" 711 select CRYPTO_ALGAPI 712 help 713 AES cipher algorithms (FIPS-197). AES uses the Rijndael 714 algorithm. 715 716 Rijndael appears to be consistently a very good performer in 717 both hardware and software across a wide range of computing 718 environments regardless of its use in feedback or non-feedback 719 modes. Its key setup time is excellent, and its key agility is 720 good. Rijndael's very low memory requirements make it very well 721 suited for restricted-space environments, in which it also 722 demonstrates excellent performance. Rijndael's operations are 723 among the easiest to defend against power and timing attacks. 724 725 The AES specifies three key sizes: 128, 192 and 256 bits 726 727 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 728 729config CRYPTO_AES_586 730 tristate "AES cipher algorithms (i586)" 731 depends on (X86 || UML_X86) && !64BIT 732 select CRYPTO_ALGAPI 733 select CRYPTO_AES 734 help 735 AES cipher algorithms (FIPS-197). AES uses the Rijndael 736 algorithm. 737 738 Rijndael appears to be consistently a very good performer in 739 both hardware and software across a wide range of computing 740 environments regardless of its use in feedback or non-feedback 741 modes. Its key setup time is excellent, and its key agility is 742 good. Rijndael's very low memory requirements make it very well 743 suited for restricted-space environments, in which it also 744 demonstrates excellent performance. Rijndael's operations are 745 among the easiest to defend against power and timing attacks. 746 747 The AES specifies three key sizes: 128, 192 and 256 bits 748 749 See <http://csrc.nist.gov/encryption/aes/> for more information. 750 751config CRYPTO_AES_X86_64 752 tristate "AES cipher algorithms (x86_64)" 753 depends on (X86 || UML_X86) && 64BIT 754 select CRYPTO_ALGAPI 755 select CRYPTO_AES 756 help 757 AES cipher algorithms (FIPS-197). AES uses the Rijndael 758 algorithm. 759 760 Rijndael appears to be consistently a very good performer in 761 both hardware and software across a wide range of computing 762 environments regardless of its use in feedback or non-feedback 763 modes. Its key setup time is excellent, and its key agility is 764 good. Rijndael's very low memory requirements make it very well 765 suited for restricted-space environments, in which it also 766 demonstrates excellent performance. Rijndael's operations are 767 among the easiest to defend against power and timing attacks. 768 769 The AES specifies three key sizes: 128, 192 and 256 bits 770 771 See <http://csrc.nist.gov/encryption/aes/> for more information. 772 773config CRYPTO_AES_NI_INTEL 774 tristate "AES cipher algorithms (AES-NI)" 775 depends on X86 776 select CRYPTO_AES_X86_64 if 64BIT 777 select CRYPTO_AES_586 if !64BIT 778 select CRYPTO_CRYPTD 779 select CRYPTO_ABLK_HELPER 780 select CRYPTO_ALGAPI 781 select CRYPTO_GLUE_HELPER_X86 if 64BIT 782 select CRYPTO_LRW 783 select CRYPTO_XTS 784 help 785 Use Intel AES-NI instructions for AES algorithm. 786 787 AES cipher algorithms (FIPS-197). AES uses the Rijndael 788 algorithm. 789 790 Rijndael appears to be consistently a very good performer in 791 both hardware and software across a wide range of computing 792 environments regardless of its use in feedback or non-feedback 793 modes. Its key setup time is excellent, and its key agility is 794 good. Rijndael's very low memory requirements make it very well 795 suited for restricted-space environments, in which it also 796 demonstrates excellent performance. Rijndael's operations are 797 among the easiest to defend against power and timing attacks. 798 799 The AES specifies three key sizes: 128, 192 and 256 bits 800 801 See <http://csrc.nist.gov/encryption/aes/> for more information. 802 803 In addition to AES cipher algorithm support, the acceleration 804 for some popular block cipher mode is supported too, including 805 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 806 acceleration for CTR. 807 808config CRYPTO_AES_SPARC64 809 tristate "AES cipher algorithms (SPARC64)" 810 depends on SPARC64 811 select CRYPTO_CRYPTD 812 select CRYPTO_ALGAPI 813 help 814 Use SPARC64 crypto opcodes for AES algorithm. 815 816 AES cipher algorithms (FIPS-197). AES uses the Rijndael 817 algorithm. 818 819 Rijndael appears to be consistently a very good performer in 820 both hardware and software across a wide range of computing 821 environments regardless of its use in feedback or non-feedback 822 modes. Its key setup time is excellent, and its key agility is 823 good. Rijndael's very low memory requirements make it very well 824 suited for restricted-space environments, in which it also 825 demonstrates excellent performance. Rijndael's operations are 826 among the easiest to defend against power and timing attacks. 827 828 The AES specifies three key sizes: 128, 192 and 256 bits 829 830 See <http://csrc.nist.gov/encryption/aes/> for more information. 831 832 In addition to AES cipher algorithm support, the acceleration 833 for some popular block cipher mode is supported too, including 834 ECB and CBC. 835 836config CRYPTO_AES_PPC_SPE 837 tristate "AES cipher algorithms (PPC SPE)" 838 depends on PPC && SPE 839 help 840 AES cipher algorithms (FIPS-197). Additionally the acceleration 841 for popular block cipher modes ECB, CBC, CTR and XTS is supported. 842 This module should only be used for low power (router) devices 843 without hardware AES acceleration (e.g. caam crypto). It reduces the 844 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates 845 timining attacks. Nevertheless it might be not as secure as other 846 architecture specific assembler implementations that work on 1KB 847 tables or 256 bytes S-boxes. 848 849config CRYPTO_ANUBIS 850 tristate "Anubis cipher algorithm" 851 select CRYPTO_ALGAPI 852 help 853 Anubis cipher algorithm. 854 855 Anubis is a variable key length cipher which can use keys from 856 128 bits to 320 bits in length. It was evaluated as a entrant 857 in the NESSIE competition. 858 859 See also: 860 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 861 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 862 863config CRYPTO_ARC4 864 tristate "ARC4 cipher algorithm" 865 select CRYPTO_BLKCIPHER 866 help 867 ARC4 cipher algorithm. 868 869 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 870 bits in length. This algorithm is required for driver-based 871 WEP, but it should not be for other purposes because of the 872 weakness of the algorithm. 873 874config CRYPTO_BLOWFISH 875 tristate "Blowfish cipher algorithm" 876 select CRYPTO_ALGAPI 877 select CRYPTO_BLOWFISH_COMMON 878 help 879 Blowfish cipher algorithm, by Bruce Schneier. 880 881 This is a variable key length cipher which can use keys from 32 882 bits to 448 bits in length. It's fast, simple and specifically 883 designed for use on "large microprocessors". 884 885 See also: 886 <http://www.schneier.com/blowfish.html> 887 888config CRYPTO_BLOWFISH_COMMON 889 tristate 890 help 891 Common parts of the Blowfish cipher algorithm shared by the 892 generic c and the assembler implementations. 893 894 See also: 895 <http://www.schneier.com/blowfish.html> 896 897config CRYPTO_BLOWFISH_X86_64 898 tristate "Blowfish cipher algorithm (x86_64)" 899 depends on X86 && 64BIT 900 select CRYPTO_ALGAPI 901 select CRYPTO_BLOWFISH_COMMON 902 help 903 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 904 905 This is a variable key length cipher which can use keys from 32 906 bits to 448 bits in length. It's fast, simple and specifically 907 designed for use on "large microprocessors". 908 909 See also: 910 <http://www.schneier.com/blowfish.html> 911 912config CRYPTO_CAMELLIA 913 tristate "Camellia cipher algorithms" 914 depends on CRYPTO 915 select CRYPTO_ALGAPI 916 help 917 Camellia cipher algorithms module. 918 919 Camellia is a symmetric key block cipher developed jointly 920 at NTT and Mitsubishi Electric Corporation. 921 922 The Camellia specifies three key sizes: 128, 192 and 256 bits. 923 924 See also: 925 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 926 927config CRYPTO_CAMELLIA_X86_64 928 tristate "Camellia cipher algorithm (x86_64)" 929 depends on X86 && 64BIT 930 depends on CRYPTO 931 select CRYPTO_ALGAPI 932 select CRYPTO_GLUE_HELPER_X86 933 select CRYPTO_LRW 934 select CRYPTO_XTS 935 help 936 Camellia cipher algorithm module (x86_64). 937 938 Camellia is a symmetric key block cipher developed jointly 939 at NTT and Mitsubishi Electric Corporation. 940 941 The Camellia specifies three key sizes: 128, 192 and 256 bits. 942 943 See also: 944 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 945 946config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 947 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 948 depends on X86 && 64BIT 949 depends on CRYPTO 950 select CRYPTO_ALGAPI 951 select CRYPTO_CRYPTD 952 select CRYPTO_ABLK_HELPER 953 select CRYPTO_GLUE_HELPER_X86 954 select CRYPTO_CAMELLIA_X86_64 955 select CRYPTO_LRW 956 select CRYPTO_XTS 957 help 958 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 959 960 Camellia is a symmetric key block cipher developed jointly 961 at NTT and Mitsubishi Electric Corporation. 962 963 The Camellia specifies three key sizes: 128, 192 and 256 bits. 964 965 See also: 966 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 967 968config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 969 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)" 970 depends on X86 && 64BIT 971 depends on CRYPTO 972 select CRYPTO_ALGAPI 973 select CRYPTO_CRYPTD 974 select CRYPTO_ABLK_HELPER 975 select CRYPTO_GLUE_HELPER_X86 976 select CRYPTO_CAMELLIA_X86_64 977 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64 978 select CRYPTO_LRW 979 select CRYPTO_XTS 980 help 981 Camellia cipher algorithm module (x86_64/AES-NI/AVX2). 982 983 Camellia is a symmetric key block cipher developed jointly 984 at NTT and Mitsubishi Electric Corporation. 985 986 The Camellia specifies three key sizes: 128, 192 and 256 bits. 987 988 See also: 989 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 990 991config CRYPTO_CAMELLIA_SPARC64 992 tristate "Camellia cipher algorithm (SPARC64)" 993 depends on SPARC64 994 depends on CRYPTO 995 select CRYPTO_ALGAPI 996 help 997 Camellia cipher algorithm module (SPARC64). 998 999 Camellia is a symmetric key block cipher developed jointly 1000 at NTT and Mitsubishi Electric Corporation. 1001 1002 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1003 1004 See also: 1005 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1006 1007config CRYPTO_CAST_COMMON 1008 tristate 1009 help 1010 Common parts of the CAST cipher algorithms shared by the 1011 generic c and the assembler implementations. 1012 1013config CRYPTO_CAST5 1014 tristate "CAST5 (CAST-128) cipher algorithm" 1015 select CRYPTO_ALGAPI 1016 select CRYPTO_CAST_COMMON 1017 help 1018 The CAST5 encryption algorithm (synonymous with CAST-128) is 1019 described in RFC2144. 1020 1021config CRYPTO_CAST5_AVX_X86_64 1022 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 1023 depends on X86 && 64BIT 1024 select CRYPTO_ALGAPI 1025 select CRYPTO_CRYPTD 1026 select CRYPTO_ABLK_HELPER 1027 select CRYPTO_CAST_COMMON 1028 select CRYPTO_CAST5 1029 help 1030 The CAST5 encryption algorithm (synonymous with CAST-128) is 1031 described in RFC2144. 1032 1033 This module provides the Cast5 cipher algorithm that processes 1034 sixteen blocks parallel using the AVX instruction set. 1035 1036config CRYPTO_CAST6 1037 tristate "CAST6 (CAST-256) cipher algorithm" 1038 select CRYPTO_ALGAPI 1039 select CRYPTO_CAST_COMMON 1040 help 1041 The CAST6 encryption algorithm (synonymous with CAST-256) is 1042 described in RFC2612. 1043 1044config CRYPTO_CAST6_AVX_X86_64 1045 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 1046 depends on X86 && 64BIT 1047 select CRYPTO_ALGAPI 1048 select CRYPTO_CRYPTD 1049 select CRYPTO_ABLK_HELPER 1050 select CRYPTO_GLUE_HELPER_X86 1051 select CRYPTO_CAST_COMMON 1052 select CRYPTO_CAST6 1053 select CRYPTO_LRW 1054 select CRYPTO_XTS 1055 help 1056 The CAST6 encryption algorithm (synonymous with CAST-256) is 1057 described in RFC2612. 1058 1059 This module provides the Cast6 cipher algorithm that processes 1060 eight blocks parallel using the AVX instruction set. 1061 1062config CRYPTO_DES 1063 tristate "DES and Triple DES EDE cipher algorithms" 1064 select CRYPTO_ALGAPI 1065 help 1066 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 1067 1068config CRYPTO_DES_SPARC64 1069 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 1070 depends on SPARC64 1071 select CRYPTO_ALGAPI 1072 select CRYPTO_DES 1073 help 1074 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 1075 optimized using SPARC64 crypto opcodes. 1076 1077config CRYPTO_DES3_EDE_X86_64 1078 tristate "Triple DES EDE cipher algorithm (x86-64)" 1079 depends on X86 && 64BIT 1080 select CRYPTO_ALGAPI 1081 select CRYPTO_DES 1082 help 1083 Triple DES EDE (FIPS 46-3) algorithm. 1084 1085 This module provides implementation of the Triple DES EDE cipher 1086 algorithm that is optimized for x86-64 processors. Two versions of 1087 algorithm are provided; regular processing one input block and 1088 one that processes three blocks parallel. 1089 1090config CRYPTO_FCRYPT 1091 tristate "FCrypt cipher algorithm" 1092 select CRYPTO_ALGAPI 1093 select CRYPTO_BLKCIPHER 1094 help 1095 FCrypt algorithm used by RxRPC. 1096 1097config CRYPTO_KHAZAD 1098 tristate "Khazad cipher algorithm" 1099 select CRYPTO_ALGAPI 1100 help 1101 Khazad cipher algorithm. 1102 1103 Khazad was a finalist in the initial NESSIE competition. It is 1104 an algorithm optimized for 64-bit processors with good performance 1105 on 32-bit processors. Khazad uses an 128 bit key size. 1106 1107 See also: 1108 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 1109 1110config CRYPTO_SALSA20 1111 tristate "Salsa20 stream cipher algorithm" 1112 select CRYPTO_BLKCIPHER 1113 help 1114 Salsa20 stream cipher algorithm. 1115 1116 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1117 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1118 1119 The Salsa20 stream cipher algorithm is designed by Daniel J. 1120 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1121 1122config CRYPTO_SALSA20_586 1123 tristate "Salsa20 stream cipher algorithm (i586)" 1124 depends on (X86 || UML_X86) && !64BIT 1125 select CRYPTO_BLKCIPHER 1126 help 1127 Salsa20 stream cipher algorithm. 1128 1129 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1130 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1131 1132 The Salsa20 stream cipher algorithm is designed by Daniel J. 1133 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1134 1135config CRYPTO_SALSA20_X86_64 1136 tristate "Salsa20 stream cipher algorithm (x86_64)" 1137 depends on (X86 || UML_X86) && 64BIT 1138 select CRYPTO_BLKCIPHER 1139 help 1140 Salsa20 stream cipher algorithm. 1141 1142 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1143 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1144 1145 The Salsa20 stream cipher algorithm is designed by Daniel J. 1146 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1147 1148config CRYPTO_SEED 1149 tristate "SEED cipher algorithm" 1150 select CRYPTO_ALGAPI 1151 help 1152 SEED cipher algorithm (RFC4269). 1153 1154 SEED is a 128-bit symmetric key block cipher that has been 1155 developed by KISA (Korea Information Security Agency) as a 1156 national standard encryption algorithm of the Republic of Korea. 1157 It is a 16 round block cipher with the key size of 128 bit. 1158 1159 See also: 1160 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 1161 1162config CRYPTO_SERPENT 1163 tristate "Serpent cipher algorithm" 1164 select CRYPTO_ALGAPI 1165 help 1166 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1167 1168 Keys are allowed to be from 0 to 256 bits in length, in steps 1169 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 1170 variant of Serpent for compatibility with old kerneli.org code. 1171 1172 See also: 1173 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1174 1175config CRYPTO_SERPENT_SSE2_X86_64 1176 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1177 depends on X86 && 64BIT 1178 select CRYPTO_ALGAPI 1179 select CRYPTO_CRYPTD 1180 select CRYPTO_ABLK_HELPER 1181 select CRYPTO_GLUE_HELPER_X86 1182 select CRYPTO_SERPENT 1183 select CRYPTO_LRW 1184 select CRYPTO_XTS 1185 help 1186 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1187 1188 Keys are allowed to be from 0 to 256 bits in length, in steps 1189 of 8 bits. 1190 1191 This module provides Serpent cipher algorithm that processes eight 1192 blocks parallel using SSE2 instruction set. 1193 1194 See also: 1195 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1196 1197config CRYPTO_SERPENT_SSE2_586 1198 tristate "Serpent cipher algorithm (i586/SSE2)" 1199 depends on X86 && !64BIT 1200 select CRYPTO_ALGAPI 1201 select CRYPTO_CRYPTD 1202 select CRYPTO_ABLK_HELPER 1203 select CRYPTO_GLUE_HELPER_X86 1204 select CRYPTO_SERPENT 1205 select CRYPTO_LRW 1206 select CRYPTO_XTS 1207 help 1208 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1209 1210 Keys are allowed to be from 0 to 256 bits in length, in steps 1211 of 8 bits. 1212 1213 This module provides Serpent cipher algorithm that processes four 1214 blocks parallel using SSE2 instruction set. 1215 1216 See also: 1217 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1218 1219config CRYPTO_SERPENT_AVX_X86_64 1220 tristate "Serpent cipher algorithm (x86_64/AVX)" 1221 depends on X86 && 64BIT 1222 select CRYPTO_ALGAPI 1223 select CRYPTO_CRYPTD 1224 select CRYPTO_ABLK_HELPER 1225 select CRYPTO_GLUE_HELPER_X86 1226 select CRYPTO_SERPENT 1227 select CRYPTO_LRW 1228 select CRYPTO_XTS 1229 help 1230 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1231 1232 Keys are allowed to be from 0 to 256 bits in length, in steps 1233 of 8 bits. 1234 1235 This module provides the Serpent cipher algorithm that processes 1236 eight blocks parallel using the AVX instruction set. 1237 1238 See also: 1239 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1240 1241config CRYPTO_SERPENT_AVX2_X86_64 1242 tristate "Serpent cipher algorithm (x86_64/AVX2)" 1243 depends on X86 && 64BIT 1244 select CRYPTO_ALGAPI 1245 select CRYPTO_CRYPTD 1246 select CRYPTO_ABLK_HELPER 1247 select CRYPTO_GLUE_HELPER_X86 1248 select CRYPTO_SERPENT 1249 select CRYPTO_SERPENT_AVX_X86_64 1250 select CRYPTO_LRW 1251 select CRYPTO_XTS 1252 help 1253 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1254 1255 Keys are allowed to be from 0 to 256 bits in length, in steps 1256 of 8 bits. 1257 1258 This module provides Serpent cipher algorithm that processes 16 1259 blocks parallel using AVX2 instruction set. 1260 1261 See also: 1262 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1263 1264config CRYPTO_TEA 1265 tristate "TEA, XTEA and XETA cipher algorithms" 1266 select CRYPTO_ALGAPI 1267 help 1268 TEA cipher algorithm. 1269 1270 Tiny Encryption Algorithm is a simple cipher that uses 1271 many rounds for security. It is very fast and uses 1272 little memory. 1273 1274 Xtendend Tiny Encryption Algorithm is a modification to 1275 the TEA algorithm to address a potential key weakness 1276 in the TEA algorithm. 1277 1278 Xtendend Encryption Tiny Algorithm is a mis-implementation 1279 of the XTEA algorithm for compatibility purposes. 1280 1281config CRYPTO_TWOFISH 1282 tristate "Twofish cipher algorithm" 1283 select CRYPTO_ALGAPI 1284 select CRYPTO_TWOFISH_COMMON 1285 help 1286 Twofish cipher algorithm. 1287 1288 Twofish was submitted as an AES (Advanced Encryption Standard) 1289 candidate cipher by researchers at CounterPane Systems. It is a 1290 16 round block cipher supporting key sizes of 128, 192, and 256 1291 bits. 1292 1293 See also: 1294 <http://www.schneier.com/twofish.html> 1295 1296config CRYPTO_TWOFISH_COMMON 1297 tristate 1298 help 1299 Common parts of the Twofish cipher algorithm shared by the 1300 generic c and the assembler implementations. 1301 1302config CRYPTO_TWOFISH_586 1303 tristate "Twofish cipher algorithms (i586)" 1304 depends on (X86 || UML_X86) && !64BIT 1305 select CRYPTO_ALGAPI 1306 select CRYPTO_TWOFISH_COMMON 1307 help 1308 Twofish cipher algorithm. 1309 1310 Twofish was submitted as an AES (Advanced Encryption Standard) 1311 candidate cipher by researchers at CounterPane Systems. It is a 1312 16 round block cipher supporting key sizes of 128, 192, and 256 1313 bits. 1314 1315 See also: 1316 <http://www.schneier.com/twofish.html> 1317 1318config CRYPTO_TWOFISH_X86_64 1319 tristate "Twofish cipher algorithm (x86_64)" 1320 depends on (X86 || UML_X86) && 64BIT 1321 select CRYPTO_ALGAPI 1322 select CRYPTO_TWOFISH_COMMON 1323 help 1324 Twofish cipher algorithm (x86_64). 1325 1326 Twofish was submitted as an AES (Advanced Encryption Standard) 1327 candidate cipher by researchers at CounterPane Systems. It is a 1328 16 round block cipher supporting key sizes of 128, 192, and 256 1329 bits. 1330 1331 See also: 1332 <http://www.schneier.com/twofish.html> 1333 1334config CRYPTO_TWOFISH_X86_64_3WAY 1335 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1336 depends on X86 && 64BIT 1337 select CRYPTO_ALGAPI 1338 select CRYPTO_TWOFISH_COMMON 1339 select CRYPTO_TWOFISH_X86_64 1340 select CRYPTO_GLUE_HELPER_X86 1341 select CRYPTO_LRW 1342 select CRYPTO_XTS 1343 help 1344 Twofish cipher algorithm (x86_64, 3-way parallel). 1345 1346 Twofish was submitted as an AES (Advanced Encryption Standard) 1347 candidate cipher by researchers at CounterPane Systems. It is a 1348 16 round block cipher supporting key sizes of 128, 192, and 256 1349 bits. 1350 1351 This module provides Twofish cipher algorithm that processes three 1352 blocks parallel, utilizing resources of out-of-order CPUs better. 1353 1354 See also: 1355 <http://www.schneier.com/twofish.html> 1356 1357config CRYPTO_TWOFISH_AVX_X86_64 1358 tristate "Twofish cipher algorithm (x86_64/AVX)" 1359 depends on X86 && 64BIT 1360 select CRYPTO_ALGAPI 1361 select CRYPTO_CRYPTD 1362 select CRYPTO_ABLK_HELPER 1363 select CRYPTO_GLUE_HELPER_X86 1364 select CRYPTO_TWOFISH_COMMON 1365 select CRYPTO_TWOFISH_X86_64 1366 select CRYPTO_TWOFISH_X86_64_3WAY 1367 select CRYPTO_LRW 1368 select CRYPTO_XTS 1369 help 1370 Twofish cipher algorithm (x86_64/AVX). 1371 1372 Twofish was submitted as an AES (Advanced Encryption Standard) 1373 candidate cipher by researchers at CounterPane Systems. It is a 1374 16 round block cipher supporting key sizes of 128, 192, and 256 1375 bits. 1376 1377 This module provides the Twofish cipher algorithm that processes 1378 eight blocks parallel using the AVX Instruction Set. 1379 1380 See also: 1381 <http://www.schneier.com/twofish.html> 1382 1383comment "Compression" 1384 1385config CRYPTO_DEFLATE 1386 tristate "Deflate compression algorithm" 1387 select CRYPTO_ALGAPI 1388 select ZLIB_INFLATE 1389 select ZLIB_DEFLATE 1390 help 1391 This is the Deflate algorithm (RFC1951), specified for use in 1392 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1393 1394 You will most probably want this if using IPSec. 1395 1396config CRYPTO_ZLIB 1397 tristate "Zlib compression algorithm" 1398 select CRYPTO_PCOMP 1399 select ZLIB_INFLATE 1400 select ZLIB_DEFLATE 1401 select NLATTR 1402 help 1403 This is the zlib algorithm. 1404 1405config CRYPTO_LZO 1406 tristate "LZO compression algorithm" 1407 select CRYPTO_ALGAPI 1408 select LZO_COMPRESS 1409 select LZO_DECOMPRESS 1410 help 1411 This is the LZO algorithm. 1412 1413config CRYPTO_842 1414 tristate "842 compression algorithm" 1415 depends on CRYPTO_DEV_NX_COMPRESS 1416 # 842 uses lzo if the hardware becomes unavailable 1417 select LZO_COMPRESS 1418 select LZO_DECOMPRESS 1419 help 1420 This is the 842 algorithm. 1421 1422config CRYPTO_LZ4 1423 tristate "LZ4 compression algorithm" 1424 select CRYPTO_ALGAPI 1425 select LZ4_COMPRESS 1426 select LZ4_DECOMPRESS 1427 help 1428 This is the LZ4 algorithm. 1429 1430config CRYPTO_LZ4HC 1431 tristate "LZ4HC compression algorithm" 1432 select CRYPTO_ALGAPI 1433 select LZ4HC_COMPRESS 1434 select LZ4_DECOMPRESS 1435 help 1436 This is the LZ4 high compression mode algorithm. 1437 1438comment "Random Number Generation" 1439 1440config CRYPTO_ANSI_CPRNG 1441 tristate "Pseudo Random Number Generation for Cryptographic modules" 1442 default m 1443 select CRYPTO_AES 1444 select CRYPTO_RNG 1445 help 1446 This option enables the generic pseudo random number generator 1447 for cryptographic modules. Uses the Algorithm specified in 1448 ANSI X9.31 A.2.4. Note that this option must be enabled if 1449 CRYPTO_FIPS is selected 1450 1451menuconfig CRYPTO_DRBG_MENU 1452 tristate "NIST SP800-90A DRBG" 1453 help 1454 NIST SP800-90A compliant DRBG. In the following submenu, one or 1455 more of the DRBG types must be selected. 1456 1457if CRYPTO_DRBG_MENU 1458 1459config CRYPTO_DRBG_HMAC 1460 bool "Enable HMAC DRBG" 1461 default y 1462 select CRYPTO_HMAC 1463 help 1464 Enable the HMAC DRBG variant as defined in NIST SP800-90A. 1465 1466config CRYPTO_DRBG_HASH 1467 bool "Enable Hash DRBG" 1468 select CRYPTO_HASH 1469 help 1470 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1471 1472config CRYPTO_DRBG_CTR 1473 bool "Enable CTR DRBG" 1474 select CRYPTO_AES 1475 help 1476 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1477 1478config CRYPTO_DRBG 1479 tristate 1480 default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR) 1481 select CRYPTO_RNG 1482 1483endif # if CRYPTO_DRBG_MENU 1484 1485config CRYPTO_USER_API 1486 tristate 1487 1488config CRYPTO_USER_API_HASH 1489 tristate "User-space interface for hash algorithms" 1490 depends on NET 1491 select CRYPTO_HASH 1492 select CRYPTO_USER_API 1493 help 1494 This option enables the user-spaces interface for hash 1495 algorithms. 1496 1497config CRYPTO_USER_API_SKCIPHER 1498 tristate "User-space interface for symmetric key cipher algorithms" 1499 depends on NET 1500 select CRYPTO_BLKCIPHER 1501 select CRYPTO_USER_API 1502 help 1503 This option enables the user-spaces interface for symmetric 1504 key cipher algorithms. 1505 1506config CRYPTO_USER_API_RNG 1507 tristate "User-space interface for random number generator algorithms" 1508 depends on NET 1509 select CRYPTO_RNG 1510 select CRYPTO_USER_API 1511 help 1512 This option enables the user-spaces interface for random 1513 number generator algorithms. 1514 1515config CRYPTO_USER_API_AEAD 1516 tristate "User-space interface for AEAD cipher algorithms" 1517 depends on NET 1518 select CRYPTO_AEAD 1519 select CRYPTO_USER_API 1520 help 1521 This option enables the user-spaces interface for AEAD 1522 cipher algorithms. 1523 1524config CRYPTO_HASH_INFO 1525 bool 1526 1527source "drivers/crypto/Kconfig" 1528source crypto/asymmetric_keys/Kconfig 1529 1530endif # if CRYPTO 1531