xref: /openbmc/linux/crypto/Kconfig (revision 82ced6fd) 
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	help
27	  This options enables the fips boot option which is
28	  required if you want to system to operate in a FIPS 200
29	  certification.  You should say no unless you know what
30	  this is.
31
32config CRYPTO_ALGAPI
33	tristate
34	select CRYPTO_ALGAPI2
35	help
36	  This option provides the API for cryptographic algorithms.
37
38config CRYPTO_ALGAPI2
39	tristate
40
41config CRYPTO_AEAD
42	tristate
43	select CRYPTO_AEAD2
44	select CRYPTO_ALGAPI
45
46config CRYPTO_AEAD2
47	tristate
48	select CRYPTO_ALGAPI2
49
50config CRYPTO_BLKCIPHER
51	tristate
52	select CRYPTO_BLKCIPHER2
53	select CRYPTO_ALGAPI
54
55config CRYPTO_BLKCIPHER2
56	tristate
57	select CRYPTO_ALGAPI2
58	select CRYPTO_RNG2
59	select CRYPTO_WORKQUEUE
60
61config CRYPTO_HASH
62	tristate
63	select CRYPTO_HASH2
64	select CRYPTO_ALGAPI
65
66config CRYPTO_HASH2
67	tristate
68	select CRYPTO_ALGAPI2
69
70config CRYPTO_RNG
71	tristate
72	select CRYPTO_RNG2
73	select CRYPTO_ALGAPI
74
75config CRYPTO_RNG2
76	tristate
77	select CRYPTO_ALGAPI2
78
79config CRYPTO_PCOMP
80	tristate
81	select CRYPTO_ALGAPI2
82
83config CRYPTO_MANAGER
84	tristate "Cryptographic algorithm manager"
85	select CRYPTO_MANAGER2
86	help
87	  Create default cryptographic template instantiations such as
88	  cbc(aes).
89
90config CRYPTO_MANAGER2
91	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
92	select CRYPTO_AEAD2
93	select CRYPTO_HASH2
94	select CRYPTO_BLKCIPHER2
95	select CRYPTO_PCOMP
96
97config CRYPTO_GF128MUL
98	tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
99	depends on EXPERIMENTAL
100	help
101	  Efficient table driven implementation of multiplications in the
102	  field GF(2^128).  This is needed by some cypher modes. This
103	  option will be selected automatically if you select such a
104	  cipher mode.  Only select this option by hand if you expect to load
105	  an external module that requires these functions.
106
107config CRYPTO_NULL
108	tristate "Null algorithms"
109	select CRYPTO_ALGAPI
110	select CRYPTO_BLKCIPHER
111	select CRYPTO_HASH
112	help
113	  These are 'Null' algorithms, used by IPsec, which do nothing.
114
115config CRYPTO_WORKQUEUE
116       tristate
117
118config CRYPTO_CRYPTD
119	tristate "Software async crypto daemon"
120	select CRYPTO_BLKCIPHER
121	select CRYPTO_HASH
122	select CRYPTO_MANAGER
123	select CRYPTO_WORKQUEUE
124	help
125	  This is a generic software asynchronous crypto daemon that
126	  converts an arbitrary synchronous software crypto algorithm
127	  into an asynchronous algorithm that executes in a kernel thread.
128
129config CRYPTO_AUTHENC
130	tristate "Authenc support"
131	select CRYPTO_AEAD
132	select CRYPTO_BLKCIPHER
133	select CRYPTO_MANAGER
134	select CRYPTO_HASH
135	help
136	  Authenc: Combined mode wrapper for IPsec.
137	  This is required for IPSec.
138
139config CRYPTO_TEST
140	tristate "Testing module"
141	depends on m
142	select CRYPTO_MANAGER
143	help
144	  Quick & dirty crypto test module.
145
146comment "Authenticated Encryption with Associated Data"
147
148config CRYPTO_CCM
149	tristate "CCM support"
150	select CRYPTO_CTR
151	select CRYPTO_AEAD
152	help
153	  Support for Counter with CBC MAC. Required for IPsec.
154
155config CRYPTO_GCM
156	tristate "GCM/GMAC support"
157	select CRYPTO_CTR
158	select CRYPTO_AEAD
159	select CRYPTO_GF128MUL
160	help
161	  Support for Galois/Counter Mode (GCM) and Galois Message
162	  Authentication Code (GMAC). Required for IPSec.
163
164config CRYPTO_SEQIV
165	tristate "Sequence Number IV Generator"
166	select CRYPTO_AEAD
167	select CRYPTO_BLKCIPHER
168	select CRYPTO_RNG
169	help
170	  This IV generator generates an IV based on a sequence number by
171	  xoring it with a salt.  This algorithm is mainly useful for CTR
172
173comment "Block modes"
174
175config CRYPTO_CBC
176	tristate "CBC support"
177	select CRYPTO_BLKCIPHER
178	select CRYPTO_MANAGER
179	help
180	  CBC: Cipher Block Chaining mode
181	  This block cipher algorithm is required for IPSec.
182
183config CRYPTO_CTR
184	tristate "CTR support"
185	select CRYPTO_BLKCIPHER
186	select CRYPTO_SEQIV
187	select CRYPTO_MANAGER
188	help
189	  CTR: Counter mode
190	  This block cipher algorithm is required for IPSec.
191
192config CRYPTO_CTS
193	tristate "CTS support"
194	select CRYPTO_BLKCIPHER
195	help
196	  CTS: Cipher Text Stealing
197	  This is the Cipher Text Stealing mode as described by
198	  Section 8 of rfc2040 and referenced by rfc3962.
199	  (rfc3962 includes errata information in its Appendix A)
200	  This mode is required for Kerberos gss mechanism support
201	  for AES encryption.
202
203config CRYPTO_ECB
204	tristate "ECB support"
205	select CRYPTO_BLKCIPHER
206	select CRYPTO_MANAGER
207	help
208	  ECB: Electronic CodeBook mode
209	  This is the simplest block cipher algorithm.  It simply encrypts
210	  the input block by block.
211
212config CRYPTO_LRW
213	tristate "LRW support (EXPERIMENTAL)"
214	depends on EXPERIMENTAL
215	select CRYPTO_BLKCIPHER
216	select CRYPTO_MANAGER
217	select CRYPTO_GF128MUL
218	help
219	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
220	  narrow block cipher mode for dm-crypt.  Use it with cipher
221	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
222	  The first 128, 192 or 256 bits in the key are used for AES and the
223	  rest is used to tie each cipher block to its logical position.
224
225config CRYPTO_PCBC
226	tristate "PCBC support"
227	select CRYPTO_BLKCIPHER
228	select CRYPTO_MANAGER
229	help
230	  PCBC: Propagating Cipher Block Chaining mode
231	  This block cipher algorithm is required for RxRPC.
232
233config CRYPTO_XTS
234	tristate "XTS support (EXPERIMENTAL)"
235	depends on EXPERIMENTAL
236	select CRYPTO_BLKCIPHER
237	select CRYPTO_MANAGER
238	select CRYPTO_GF128MUL
239	help
240	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
241	  key size 256, 384 or 512 bits. This implementation currently
242	  can't handle a sectorsize which is not a multiple of 16 bytes.
243
244comment "Hash modes"
245
246config CRYPTO_HMAC
247	tristate "HMAC support"
248	select CRYPTO_HASH
249	select CRYPTO_MANAGER
250	help
251	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
252	  This is required for IPSec.
253
254config CRYPTO_XCBC
255	tristate "XCBC support"
256	depends on EXPERIMENTAL
257	select CRYPTO_HASH
258	select CRYPTO_MANAGER
259	help
260	  XCBC: Keyed-Hashing with encryption algorithm
261		http://www.ietf.org/rfc/rfc3566.txt
262		http://csrc.nist.gov/encryption/modes/proposedmodes/
263		 xcbc-mac/xcbc-mac-spec.pdf
264
265comment "Digest"
266
267config CRYPTO_CRC32C
268	tristate "CRC32c CRC algorithm"
269	select CRYPTO_HASH
270	help
271	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
272	  by iSCSI for header and data digests and by others.
273	  See Castagnoli93.  Module will be crc32c.
274
275config CRYPTO_CRC32C_INTEL
276	tristate "CRC32c INTEL hardware acceleration"
277	depends on X86
278	select CRYPTO_HASH
279	help
280	  In Intel processor with SSE4.2 supported, the processor will
281	  support CRC32C implementation using hardware accelerated CRC32
282	  instruction. This option will create 'crc32c-intel' module,
283	  which will enable any routine to use the CRC32 instruction to
284	  gain performance compared with software implementation.
285	  Module will be crc32c-intel.
286
287config CRYPTO_MD4
288	tristate "MD4 digest algorithm"
289	select CRYPTO_HASH
290	help
291	  MD4 message digest algorithm (RFC1320).
292
293config CRYPTO_MD5
294	tristate "MD5 digest algorithm"
295	select CRYPTO_HASH
296	help
297	  MD5 message digest algorithm (RFC1321).
298
299config CRYPTO_MICHAEL_MIC
300	tristate "Michael MIC keyed digest algorithm"
301	select CRYPTO_HASH
302	help
303	  Michael MIC is used for message integrity protection in TKIP
304	  (IEEE 802.11i). This algorithm is required for TKIP, but it
305	  should not be used for other purposes because of the weakness
306	  of the algorithm.
307
308config CRYPTO_RMD128
309	tristate "RIPEMD-128 digest algorithm"
310	select CRYPTO_HASH
311	help
312	  RIPEMD-128 (ISO/IEC 10118-3:2004).
313
314	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
315	  to be used as a secure replacement for RIPEMD. For other use cases
316	  RIPEMD-160 should be used.
317
318	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
319	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
320
321config CRYPTO_RMD160
322	tristate "RIPEMD-160 digest algorithm"
323	select CRYPTO_HASH
324	help
325	  RIPEMD-160 (ISO/IEC 10118-3:2004).
326
327	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
328	  to be used as a secure replacement for the 128-bit hash functions
329	  MD4, MD5 and it's predecessor RIPEMD
330	  (not to be confused with RIPEMD-128).
331
332	  It's speed is comparable to SHA1 and there are no known attacks
333	  against RIPEMD-160.
334
335	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
336	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
337
338config CRYPTO_RMD256
339	tristate "RIPEMD-256 digest algorithm"
340	select CRYPTO_HASH
341	help
342	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
343	  256 bit hash. It is intended for applications that require
344	  longer hash-results, without needing a larger security level
345	  (than RIPEMD-128).
346
347	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
348	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
349
350config CRYPTO_RMD320
351	tristate "RIPEMD-320 digest algorithm"
352	select CRYPTO_HASH
353	help
354	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
355	  320 bit hash. It is intended for applications that require
356	  longer hash-results, without needing a larger security level
357	  (than RIPEMD-160).
358
359	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
360	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
361
362config CRYPTO_SHA1
363	tristate "SHA1 digest algorithm"
364	select CRYPTO_HASH
365	help
366	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
367
368config CRYPTO_SHA256
369	tristate "SHA224 and SHA256 digest algorithm"
370	select CRYPTO_HASH
371	help
372	  SHA256 secure hash standard (DFIPS 180-2).
373
374	  This version of SHA implements a 256 bit hash with 128 bits of
375	  security against collision attacks.
376
377	  This code also includes SHA-224, a 224 bit hash with 112 bits
378	  of security against collision attacks.
379
380config CRYPTO_SHA512
381	tristate "SHA384 and SHA512 digest algorithms"
382	select CRYPTO_HASH
383	help
384	  SHA512 secure hash standard (DFIPS 180-2).
385
386	  This version of SHA implements a 512 bit hash with 256 bits of
387	  security against collision attacks.
388
389	  This code also includes SHA-384, a 384 bit hash with 192 bits
390	  of security against collision attacks.
391
392config CRYPTO_TGR192
393	tristate "Tiger digest algorithms"
394	select CRYPTO_HASH
395	help
396	  Tiger hash algorithm 192, 160 and 128-bit hashes
397
398	  Tiger is a hash function optimized for 64-bit processors while
399	  still having decent performance on 32-bit processors.
400	  Tiger was developed by Ross Anderson and Eli Biham.
401
402	  See also:
403	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
404
405config CRYPTO_WP512
406	tristate "Whirlpool digest algorithms"
407	select CRYPTO_HASH
408	help
409	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
410
411	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
412	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
413
414	  See also:
415	  <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
416
417comment "Ciphers"
418
419config CRYPTO_AES
420	tristate "AES cipher algorithms"
421	select CRYPTO_ALGAPI
422	help
423	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
424	  algorithm.
425
426	  Rijndael appears to be consistently a very good performer in
427	  both hardware and software across a wide range of computing
428	  environments regardless of its use in feedback or non-feedback
429	  modes. Its key setup time is excellent, and its key agility is
430	  good. Rijndael's very low memory requirements make it very well
431	  suited for restricted-space environments, in which it also
432	  demonstrates excellent performance. Rijndael's operations are
433	  among the easiest to defend against power and timing attacks.
434
435	  The AES specifies three key sizes: 128, 192 and 256 bits
436
437	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
438
439config CRYPTO_AES_586
440	tristate "AES cipher algorithms (i586)"
441	depends on (X86 || UML_X86) && !64BIT
442	select CRYPTO_ALGAPI
443	select CRYPTO_AES
444	help
445	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
446	  algorithm.
447
448	  Rijndael appears to be consistently a very good performer in
449	  both hardware and software across a wide range of computing
450	  environments regardless of its use in feedback or non-feedback
451	  modes. Its key setup time is excellent, and its key agility is
452	  good. Rijndael's very low memory requirements make it very well
453	  suited for restricted-space environments, in which it also
454	  demonstrates excellent performance. Rijndael's operations are
455	  among the easiest to defend against power and timing attacks.
456
457	  The AES specifies three key sizes: 128, 192 and 256 bits
458
459	  See <http://csrc.nist.gov/encryption/aes/> for more information.
460
461config CRYPTO_AES_X86_64
462	tristate "AES cipher algorithms (x86_64)"
463	depends on (X86 || UML_X86) && 64BIT
464	select CRYPTO_ALGAPI
465	select CRYPTO_AES
466	help
467	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
468	  algorithm.
469
470	  Rijndael appears to be consistently a very good performer in
471	  both hardware and software across a wide range of computing
472	  environments regardless of its use in feedback or non-feedback
473	  modes. Its key setup time is excellent, and its key agility is
474	  good. Rijndael's very low memory requirements make it very well
475	  suited for restricted-space environments, in which it also
476	  demonstrates excellent performance. Rijndael's operations are
477	  among the easiest to defend against power and timing attacks.
478
479	  The AES specifies three key sizes: 128, 192 and 256 bits
480
481	  See <http://csrc.nist.gov/encryption/aes/> for more information.
482
483config CRYPTO_AES_NI_INTEL
484	tristate "AES cipher algorithms (AES-NI)"
485	depends on (X86 || UML_X86) && 64BIT
486	select CRYPTO_AES_X86_64
487	select CRYPTO_CRYPTD
488	select CRYPTO_ALGAPI
489	help
490	  Use Intel AES-NI instructions for AES algorithm.
491
492	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
493	  algorithm.
494
495	  Rijndael appears to be consistently a very good performer in
496	  both hardware and software across a wide range of computing
497	  environments regardless of its use in feedback or non-feedback
498	  modes. Its key setup time is excellent, and its key agility is
499	  good. Rijndael's very low memory requirements make it very well
500	  suited for restricted-space environments, in which it also
501	  demonstrates excellent performance. Rijndael's operations are
502	  among the easiest to defend against power and timing attacks.
503
504	  The AES specifies three key sizes: 128, 192 and 256 bits
505
506	  See <http://csrc.nist.gov/encryption/aes/> for more information.
507
508config CRYPTO_ANUBIS
509	tristate "Anubis cipher algorithm"
510	select CRYPTO_ALGAPI
511	help
512	  Anubis cipher algorithm.
513
514	  Anubis is a variable key length cipher which can use keys from
515	  128 bits to 320 bits in length.  It was evaluated as a entrant
516	  in the NESSIE competition.
517
518	  See also:
519	  <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
520	  <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
521
522config CRYPTO_ARC4
523	tristate "ARC4 cipher algorithm"
524	select CRYPTO_ALGAPI
525	help
526	  ARC4 cipher algorithm.
527
528	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
529	  bits in length.  This algorithm is required for driver-based
530	  WEP, but it should not be for other purposes because of the
531	  weakness of the algorithm.
532
533config CRYPTO_BLOWFISH
534	tristate "Blowfish cipher algorithm"
535	select CRYPTO_ALGAPI
536	help
537	  Blowfish cipher algorithm, by Bruce Schneier.
538
539	  This is a variable key length cipher which can use keys from 32
540	  bits to 448 bits in length.  It's fast, simple and specifically
541	  designed for use on "large microprocessors".
542
543	  See also:
544	  <http://www.schneier.com/blowfish.html>
545
546config CRYPTO_CAMELLIA
547	tristate "Camellia cipher algorithms"
548	depends on CRYPTO
549	select CRYPTO_ALGAPI
550	help
551	  Camellia cipher algorithms module.
552
553	  Camellia is a symmetric key block cipher developed jointly
554	  at NTT and Mitsubishi Electric Corporation.
555
556	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
557
558	  See also:
559	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
560
561config CRYPTO_CAST5
562	tristate "CAST5 (CAST-128) cipher algorithm"
563	select CRYPTO_ALGAPI
564	help
565	  The CAST5 encryption algorithm (synonymous with CAST-128) is
566	  described in RFC2144.
567
568config CRYPTO_CAST6
569	tristate "CAST6 (CAST-256) cipher algorithm"
570	select CRYPTO_ALGAPI
571	help
572	  The CAST6 encryption algorithm (synonymous with CAST-256) is
573	  described in RFC2612.
574
575config CRYPTO_DES
576	tristate "DES and Triple DES EDE cipher algorithms"
577	select CRYPTO_ALGAPI
578	help
579	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
580
581config CRYPTO_FCRYPT
582	tristate "FCrypt cipher algorithm"
583	select CRYPTO_ALGAPI
584	select CRYPTO_BLKCIPHER
585	help
586	  FCrypt algorithm used by RxRPC.
587
588config CRYPTO_KHAZAD
589	tristate "Khazad cipher algorithm"
590	select CRYPTO_ALGAPI
591	help
592	  Khazad cipher algorithm.
593
594	  Khazad was a finalist in the initial NESSIE competition.  It is
595	  an algorithm optimized for 64-bit processors with good performance
596	  on 32-bit processors.  Khazad uses an 128 bit key size.
597
598	  See also:
599	  <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
600
601config CRYPTO_SALSA20
602	tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
603	depends on EXPERIMENTAL
604	select CRYPTO_BLKCIPHER
605	help
606	  Salsa20 stream cipher algorithm.
607
608	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
609	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
610
611	  The Salsa20 stream cipher algorithm is designed by Daniel J.
612	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
613
614config CRYPTO_SALSA20_586
615	tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
616	depends on (X86 || UML_X86) && !64BIT
617	depends on EXPERIMENTAL
618	select CRYPTO_BLKCIPHER
619	help
620	  Salsa20 stream cipher algorithm.
621
622	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
623	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
624
625	  The Salsa20 stream cipher algorithm is designed by Daniel J.
626	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
627
628config CRYPTO_SALSA20_X86_64
629	tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
630	depends on (X86 || UML_X86) && 64BIT
631	depends on EXPERIMENTAL
632	select CRYPTO_BLKCIPHER
633	help
634	  Salsa20 stream cipher algorithm.
635
636	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
637	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
638
639	  The Salsa20 stream cipher algorithm is designed by Daniel J.
640	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
641
642config CRYPTO_SEED
643	tristate "SEED cipher algorithm"
644	select CRYPTO_ALGAPI
645	help
646	  SEED cipher algorithm (RFC4269).
647
648	  SEED is a 128-bit symmetric key block cipher that has been
649	  developed by KISA (Korea Information Security Agency) as a
650	  national standard encryption algorithm of the Republic of Korea.
651	  It is a 16 round block cipher with the key size of 128 bit.
652
653	  See also:
654	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
655
656config CRYPTO_SERPENT
657	tristate "Serpent cipher algorithm"
658	select CRYPTO_ALGAPI
659	help
660	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
661
662	  Keys are allowed to be from 0 to 256 bits in length, in steps
663	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
664	  variant of Serpent for compatibility with old kerneli.org code.
665
666	  See also:
667	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
668
669config CRYPTO_TEA
670	tristate "TEA, XTEA and XETA cipher algorithms"
671	select CRYPTO_ALGAPI
672	help
673	  TEA cipher algorithm.
674
675	  Tiny Encryption Algorithm is a simple cipher that uses
676	  many rounds for security.  It is very fast and uses
677	  little memory.
678
679	  Xtendend Tiny Encryption Algorithm is a modification to
680	  the TEA algorithm to address a potential key weakness
681	  in the TEA algorithm.
682
683	  Xtendend Encryption Tiny Algorithm is a mis-implementation
684	  of the XTEA algorithm for compatibility purposes.
685
686config CRYPTO_TWOFISH
687	tristate "Twofish cipher algorithm"
688	select CRYPTO_ALGAPI
689	select CRYPTO_TWOFISH_COMMON
690	help
691	  Twofish cipher algorithm.
692
693	  Twofish was submitted as an AES (Advanced Encryption Standard)
694	  candidate cipher by researchers at CounterPane Systems.  It is a
695	  16 round block cipher supporting key sizes of 128, 192, and 256
696	  bits.
697
698	  See also:
699	  <http://www.schneier.com/twofish.html>
700
701config CRYPTO_TWOFISH_COMMON
702	tristate
703	help
704	  Common parts of the Twofish cipher algorithm shared by the
705	  generic c and the assembler implementations.
706
707config CRYPTO_TWOFISH_586
708	tristate "Twofish cipher algorithms (i586)"
709	depends on (X86 || UML_X86) && !64BIT
710	select CRYPTO_ALGAPI
711	select CRYPTO_TWOFISH_COMMON
712	help
713	  Twofish cipher algorithm.
714
715	  Twofish was submitted as an AES (Advanced Encryption Standard)
716	  candidate cipher by researchers at CounterPane Systems.  It is a
717	  16 round block cipher supporting key sizes of 128, 192, and 256
718	  bits.
719
720	  See also:
721	  <http://www.schneier.com/twofish.html>
722
723config CRYPTO_TWOFISH_X86_64
724	tristate "Twofish cipher algorithm (x86_64)"
725	depends on (X86 || UML_X86) && 64BIT
726	select CRYPTO_ALGAPI
727	select CRYPTO_TWOFISH_COMMON
728	help
729	  Twofish cipher algorithm (x86_64).
730
731	  Twofish was submitted as an AES (Advanced Encryption Standard)
732	  candidate cipher by researchers at CounterPane Systems.  It is a
733	  16 round block cipher supporting key sizes of 128, 192, and 256
734	  bits.
735
736	  See also:
737	  <http://www.schneier.com/twofish.html>
738
739comment "Compression"
740
741config CRYPTO_DEFLATE
742	tristate "Deflate compression algorithm"
743	select CRYPTO_ALGAPI
744	select ZLIB_INFLATE
745	select ZLIB_DEFLATE
746	help
747	  This is the Deflate algorithm (RFC1951), specified for use in
748	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
749
750	  You will most probably want this if using IPSec.
751
752config CRYPTO_ZLIB
753	tristate "Zlib compression algorithm"
754	select CRYPTO_PCOMP
755	select ZLIB_INFLATE
756	select ZLIB_DEFLATE
757	select NLATTR
758	help
759	  This is the zlib algorithm.
760
761config CRYPTO_LZO
762	tristate "LZO compression algorithm"
763	select CRYPTO_ALGAPI
764	select LZO_COMPRESS
765	select LZO_DECOMPRESS
766	help
767	  This is the LZO algorithm.
768
769comment "Random Number Generation"
770
771config CRYPTO_ANSI_CPRNG
772	tristate "Pseudo Random Number Generation for Cryptographic modules"
773	select CRYPTO_AES
774	select CRYPTO_RNG
775	select CRYPTO_FIPS
776	help
777	  This option enables the generic pseudo random number generator
778	  for cryptographic modules.  Uses the Algorithm specified in
779	  ANSI X9.31 A.2.4
780
781source "drivers/crypto/Kconfig"
782
783endif	# if CRYPTO
784