1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 27 depends on MODULE_SIG 28 help 29 This options enables the fips boot option which is 30 required if you want to system to operate in a FIPS 200 31 certification. You should say no unless you know what 32 this is. 33 34config CRYPTO_ALGAPI 35 tristate 36 select CRYPTO_ALGAPI2 37 help 38 This option provides the API for cryptographic algorithms. 39 40config CRYPTO_ALGAPI2 41 tristate 42 43config CRYPTO_AEAD 44 tristate 45 select CRYPTO_AEAD2 46 select CRYPTO_ALGAPI 47 48config CRYPTO_AEAD2 49 tristate 50 select CRYPTO_ALGAPI2 51 52config CRYPTO_BLKCIPHER 53 tristate 54 select CRYPTO_BLKCIPHER2 55 select CRYPTO_ALGAPI 56 57config CRYPTO_BLKCIPHER2 58 tristate 59 select CRYPTO_ALGAPI2 60 select CRYPTO_RNG2 61 select CRYPTO_WORKQUEUE 62 63config CRYPTO_HASH 64 tristate 65 select CRYPTO_HASH2 66 select CRYPTO_ALGAPI 67 68config CRYPTO_HASH2 69 tristate 70 select CRYPTO_ALGAPI2 71 72config CRYPTO_RNG 73 tristate 74 select CRYPTO_RNG2 75 select CRYPTO_ALGAPI 76 77config CRYPTO_RNG2 78 tristate 79 select CRYPTO_ALGAPI2 80 81config CRYPTO_PCOMP 82 tristate 83 select CRYPTO_PCOMP2 84 select CRYPTO_ALGAPI 85 86config CRYPTO_PCOMP2 87 tristate 88 select CRYPTO_ALGAPI2 89 90config CRYPTO_MANAGER 91 tristate "Cryptographic algorithm manager" 92 select CRYPTO_MANAGER2 93 help 94 Create default cryptographic template instantiations such as 95 cbc(aes). 96 97config CRYPTO_MANAGER2 98 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 99 select CRYPTO_AEAD2 100 select CRYPTO_HASH2 101 select CRYPTO_BLKCIPHER2 102 select CRYPTO_PCOMP2 103 104config CRYPTO_USER 105 tristate "Userspace cryptographic algorithm configuration" 106 depends on NET 107 select CRYPTO_MANAGER 108 help 109 Userspace configuration for cryptographic instantiations such as 110 cbc(aes). 111 112config CRYPTO_MANAGER_DISABLE_TESTS 113 bool "Disable run-time self tests" 114 default y 115 depends on CRYPTO_MANAGER2 116 help 117 Disable run-time self tests that normally take place at 118 algorithm registration. 119 120config CRYPTO_GF128MUL 121 tristate "GF(2^128) multiplication functions" 122 help 123 Efficient table driven implementation of multiplications in the 124 field GF(2^128). This is needed by some cypher modes. This 125 option will be selected automatically if you select such a 126 cipher mode. Only select this option by hand if you expect to load 127 an external module that requires these functions. 128 129config CRYPTO_NULL 130 tristate "Null algorithms" 131 select CRYPTO_ALGAPI 132 select CRYPTO_BLKCIPHER 133 select CRYPTO_HASH 134 help 135 These are 'Null' algorithms, used by IPsec, which do nothing. 136 137config CRYPTO_PCRYPT 138 tristate "Parallel crypto engine" 139 depends on SMP 140 select PADATA 141 select CRYPTO_MANAGER 142 select CRYPTO_AEAD 143 help 144 This converts an arbitrary crypto algorithm into a parallel 145 algorithm that executes in kernel threads. 146 147config CRYPTO_WORKQUEUE 148 tristate 149 150config CRYPTO_CRYPTD 151 tristate "Software async crypto daemon" 152 select CRYPTO_BLKCIPHER 153 select CRYPTO_HASH 154 select CRYPTO_MANAGER 155 select CRYPTO_WORKQUEUE 156 help 157 This is a generic software asynchronous crypto daemon that 158 converts an arbitrary synchronous software crypto algorithm 159 into an asynchronous algorithm that executes in a kernel thread. 160 161config CRYPTO_MCRYPTD 162 tristate "Software async multi-buffer crypto daemon" 163 select CRYPTO_BLKCIPHER 164 select CRYPTO_HASH 165 select CRYPTO_MANAGER 166 select CRYPTO_WORKQUEUE 167 help 168 This is a generic software asynchronous crypto daemon that 169 provides the kernel thread to assist multi-buffer crypto 170 algorithms for submitting jobs and flushing jobs in multi-buffer 171 crypto algorithms. Multi-buffer crypto algorithms are executed 172 in the context of this kernel thread and drivers can post 173 their crypto request asynchronously to be processed by this daemon. 174 175config CRYPTO_AUTHENC 176 tristate "Authenc support" 177 select CRYPTO_AEAD 178 select CRYPTO_BLKCIPHER 179 select CRYPTO_MANAGER 180 select CRYPTO_HASH 181 help 182 Authenc: Combined mode wrapper for IPsec. 183 This is required for IPSec. 184 185config CRYPTO_TEST 186 tristate "Testing module" 187 depends on m 188 select CRYPTO_MANAGER 189 help 190 Quick & dirty crypto test module. 191 192config CRYPTO_ABLK_HELPER 193 tristate 194 select CRYPTO_CRYPTD 195 196config CRYPTO_GLUE_HELPER_X86 197 tristate 198 depends on X86 199 select CRYPTO_ALGAPI 200 201comment "Authenticated Encryption with Associated Data" 202 203config CRYPTO_CCM 204 tristate "CCM support" 205 select CRYPTO_CTR 206 select CRYPTO_AEAD 207 help 208 Support for Counter with CBC MAC. Required for IPsec. 209 210config CRYPTO_GCM 211 tristate "GCM/GMAC support" 212 select CRYPTO_CTR 213 select CRYPTO_AEAD 214 select CRYPTO_GHASH 215 select CRYPTO_NULL 216 help 217 Support for Galois/Counter Mode (GCM) and Galois Message 218 Authentication Code (GMAC). Required for IPSec. 219 220config CRYPTO_SEQIV 221 tristate "Sequence Number IV Generator" 222 select CRYPTO_AEAD 223 select CRYPTO_BLKCIPHER 224 select CRYPTO_RNG 225 help 226 This IV generator generates an IV based on a sequence number by 227 xoring it with a salt. This algorithm is mainly useful for CTR 228 229comment "Block modes" 230 231config CRYPTO_CBC 232 tristate "CBC support" 233 select CRYPTO_BLKCIPHER 234 select CRYPTO_MANAGER 235 help 236 CBC: Cipher Block Chaining mode 237 This block cipher algorithm is required for IPSec. 238 239config CRYPTO_CTR 240 tristate "CTR support" 241 select CRYPTO_BLKCIPHER 242 select CRYPTO_SEQIV 243 select CRYPTO_MANAGER 244 help 245 CTR: Counter mode 246 This block cipher algorithm is required for IPSec. 247 248config CRYPTO_CTS 249 tristate "CTS support" 250 select CRYPTO_BLKCIPHER 251 help 252 CTS: Cipher Text Stealing 253 This is the Cipher Text Stealing mode as described by 254 Section 8 of rfc2040 and referenced by rfc3962. 255 (rfc3962 includes errata information in its Appendix A) 256 This mode is required for Kerberos gss mechanism support 257 for AES encryption. 258 259config CRYPTO_ECB 260 tristate "ECB support" 261 select CRYPTO_BLKCIPHER 262 select CRYPTO_MANAGER 263 help 264 ECB: Electronic CodeBook mode 265 This is the simplest block cipher algorithm. It simply encrypts 266 the input block by block. 267 268config CRYPTO_LRW 269 tristate "LRW support" 270 select CRYPTO_BLKCIPHER 271 select CRYPTO_MANAGER 272 select CRYPTO_GF128MUL 273 help 274 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 275 narrow block cipher mode for dm-crypt. Use it with cipher 276 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 277 The first 128, 192 or 256 bits in the key are used for AES and the 278 rest is used to tie each cipher block to its logical position. 279 280config CRYPTO_PCBC 281 tristate "PCBC support" 282 select CRYPTO_BLKCIPHER 283 select CRYPTO_MANAGER 284 help 285 PCBC: Propagating Cipher Block Chaining mode 286 This block cipher algorithm is required for RxRPC. 287 288config CRYPTO_XTS 289 tristate "XTS support" 290 select CRYPTO_BLKCIPHER 291 select CRYPTO_MANAGER 292 select CRYPTO_GF128MUL 293 help 294 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 295 key size 256, 384 or 512 bits. This implementation currently 296 can't handle a sectorsize which is not a multiple of 16 bytes. 297 298comment "Hash modes" 299 300config CRYPTO_CMAC 301 tristate "CMAC support" 302 select CRYPTO_HASH 303 select CRYPTO_MANAGER 304 help 305 Cipher-based Message Authentication Code (CMAC) specified by 306 The National Institute of Standards and Technology (NIST). 307 308 https://tools.ietf.org/html/rfc4493 309 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf 310 311config CRYPTO_HMAC 312 tristate "HMAC support" 313 select CRYPTO_HASH 314 select CRYPTO_MANAGER 315 help 316 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 317 This is required for IPSec. 318 319config CRYPTO_XCBC 320 tristate "XCBC support" 321 select CRYPTO_HASH 322 select CRYPTO_MANAGER 323 help 324 XCBC: Keyed-Hashing with encryption algorithm 325 http://www.ietf.org/rfc/rfc3566.txt 326 http://csrc.nist.gov/encryption/modes/proposedmodes/ 327 xcbc-mac/xcbc-mac-spec.pdf 328 329config CRYPTO_VMAC 330 tristate "VMAC support" 331 select CRYPTO_HASH 332 select CRYPTO_MANAGER 333 help 334 VMAC is a message authentication algorithm designed for 335 very high speed on 64-bit architectures. 336 337 See also: 338 <http://fastcrypto.org/vmac> 339 340comment "Digest" 341 342config CRYPTO_CRC32C 343 tristate "CRC32c CRC algorithm" 344 select CRYPTO_HASH 345 select CRC32 346 help 347 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 348 by iSCSI for header and data digests and by others. 349 See Castagnoli93. Module will be crc32c. 350 351config CRYPTO_CRC32C_INTEL 352 tristate "CRC32c INTEL hardware acceleration" 353 depends on X86 354 select CRYPTO_HASH 355 help 356 In Intel processor with SSE4.2 supported, the processor will 357 support CRC32C implementation using hardware accelerated CRC32 358 instruction. This option will create 'crc32c-intel' module, 359 which will enable any routine to use the CRC32 instruction to 360 gain performance compared with software implementation. 361 Module will be crc32c-intel. 362 363config CRYPTO_CRC32C_SPARC64 364 tristate "CRC32c CRC algorithm (SPARC64)" 365 depends on SPARC64 366 select CRYPTO_HASH 367 select CRC32 368 help 369 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 370 when available. 371 372config CRYPTO_CRC32 373 tristate "CRC32 CRC algorithm" 374 select CRYPTO_HASH 375 select CRC32 376 help 377 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm. 378 Shash crypto api wrappers to crc32_le function. 379 380config CRYPTO_CRC32_PCLMUL 381 tristate "CRC32 PCLMULQDQ hardware acceleration" 382 depends on X86 383 select CRYPTO_HASH 384 select CRC32 385 help 386 From Intel Westmere and AMD Bulldozer processor with SSE4.2 387 and PCLMULQDQ supported, the processor will support 388 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ 389 instruction. This option will create 'crc32-plcmul' module, 390 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 391 and gain better performance as compared with the table implementation. 392 393config CRYPTO_CRCT10DIF 394 tristate "CRCT10DIF algorithm" 395 select CRYPTO_HASH 396 help 397 CRC T10 Data Integrity Field computation is being cast as 398 a crypto transform. This allows for faster crc t10 diff 399 transforms to be used if they are available. 400 401config CRYPTO_CRCT10DIF_PCLMUL 402 tristate "CRCT10DIF PCLMULQDQ hardware acceleration" 403 depends on X86 && 64BIT && CRC_T10DIF 404 select CRYPTO_HASH 405 help 406 For x86_64 processors with SSE4.2 and PCLMULQDQ supported, 407 CRC T10 DIF PCLMULQDQ computation can be hardware 408 accelerated PCLMULQDQ instruction. This option will create 409 'crct10dif-plcmul' module, which is faster when computing the 410 crct10dif checksum as compared with the generic table implementation. 411 412config CRYPTO_GHASH 413 tristate "GHASH digest algorithm" 414 select CRYPTO_GF128MUL 415 help 416 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 417 418config CRYPTO_MD4 419 tristate "MD4 digest algorithm" 420 select CRYPTO_HASH 421 help 422 MD4 message digest algorithm (RFC1320). 423 424config CRYPTO_MD5 425 tristate "MD5 digest algorithm" 426 select CRYPTO_HASH 427 help 428 MD5 message digest algorithm (RFC1321). 429 430config CRYPTO_MD5_OCTEON 431 tristate "MD5 digest algorithm (OCTEON)" 432 depends on CPU_CAVIUM_OCTEON 433 select CRYPTO_MD5 434 select CRYPTO_HASH 435 help 436 MD5 message digest algorithm (RFC1321) implemented 437 using OCTEON crypto instructions, when available. 438 439config CRYPTO_MD5_SPARC64 440 tristate "MD5 digest algorithm (SPARC64)" 441 depends on SPARC64 442 select CRYPTO_MD5 443 select CRYPTO_HASH 444 help 445 MD5 message digest algorithm (RFC1321) implemented 446 using sparc64 crypto instructions, when available. 447 448config CRYPTO_MICHAEL_MIC 449 tristate "Michael MIC keyed digest algorithm" 450 select CRYPTO_HASH 451 help 452 Michael MIC is used for message integrity protection in TKIP 453 (IEEE 802.11i). This algorithm is required for TKIP, but it 454 should not be used for other purposes because of the weakness 455 of the algorithm. 456 457config CRYPTO_RMD128 458 tristate "RIPEMD-128 digest algorithm" 459 select CRYPTO_HASH 460 help 461 RIPEMD-128 (ISO/IEC 10118-3:2004). 462 463 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 464 be used as a secure replacement for RIPEMD. For other use cases, 465 RIPEMD-160 should be used. 466 467 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 468 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 469 470config CRYPTO_RMD160 471 tristate "RIPEMD-160 digest algorithm" 472 select CRYPTO_HASH 473 help 474 RIPEMD-160 (ISO/IEC 10118-3:2004). 475 476 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 477 to be used as a secure replacement for the 128-bit hash functions 478 MD4, MD5 and it's predecessor RIPEMD 479 (not to be confused with RIPEMD-128). 480 481 It's speed is comparable to SHA1 and there are no known attacks 482 against RIPEMD-160. 483 484 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 485 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 486 487config CRYPTO_RMD256 488 tristate "RIPEMD-256 digest algorithm" 489 select CRYPTO_HASH 490 help 491 RIPEMD-256 is an optional extension of RIPEMD-128 with a 492 256 bit hash. It is intended for applications that require 493 longer hash-results, without needing a larger security level 494 (than RIPEMD-128). 495 496 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 497 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 498 499config CRYPTO_RMD320 500 tristate "RIPEMD-320 digest algorithm" 501 select CRYPTO_HASH 502 help 503 RIPEMD-320 is an optional extension of RIPEMD-160 with a 504 320 bit hash. It is intended for applications that require 505 longer hash-results, without needing a larger security level 506 (than RIPEMD-160). 507 508 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 509 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 510 511config CRYPTO_SHA1 512 tristate "SHA1 digest algorithm" 513 select CRYPTO_HASH 514 help 515 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 516 517config CRYPTO_SHA1_SSSE3 518 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)" 519 depends on X86 && 64BIT 520 select CRYPTO_SHA1 521 select CRYPTO_HASH 522 help 523 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 524 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 525 Extensions (AVX/AVX2), when available. 526 527config CRYPTO_SHA256_SSSE3 528 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)" 529 depends on X86 && 64BIT 530 select CRYPTO_SHA256 531 select CRYPTO_HASH 532 help 533 SHA-256 secure hash standard (DFIPS 180-2) implemented 534 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 535 Extensions version 1 (AVX1), or Advanced Vector Extensions 536 version 2 (AVX2) instructions, when available. 537 538config CRYPTO_SHA512_SSSE3 539 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)" 540 depends on X86 && 64BIT 541 select CRYPTO_SHA512 542 select CRYPTO_HASH 543 help 544 SHA-512 secure hash standard (DFIPS 180-2) implemented 545 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector 546 Extensions version 1 (AVX1), or Advanced Vector Extensions 547 version 2 (AVX2) instructions, when available. 548 549config CRYPTO_SHA1_OCTEON 550 tristate "SHA1 digest algorithm (OCTEON)" 551 depends on CPU_CAVIUM_OCTEON 552 select CRYPTO_SHA1 553 select CRYPTO_HASH 554 help 555 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 556 using OCTEON crypto instructions, when available. 557 558config CRYPTO_SHA1_SPARC64 559 tristate "SHA1 digest algorithm (SPARC64)" 560 depends on SPARC64 561 select CRYPTO_SHA1 562 select CRYPTO_HASH 563 help 564 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 565 using sparc64 crypto instructions, when available. 566 567config CRYPTO_SHA1_ARM 568 tristate "SHA1 digest algorithm (ARM-asm)" 569 depends on ARM 570 select CRYPTO_SHA1 571 select CRYPTO_HASH 572 help 573 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 574 using optimized ARM assembler. 575 576config CRYPTO_SHA1_ARM_NEON 577 tristate "SHA1 digest algorithm (ARM NEON)" 578 depends on ARM && KERNEL_MODE_NEON 579 select CRYPTO_SHA1_ARM 580 select CRYPTO_SHA1 581 select CRYPTO_HASH 582 help 583 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 584 using optimized ARM NEON assembly, when NEON instructions are 585 available. 586 587config CRYPTO_SHA1_PPC 588 tristate "SHA1 digest algorithm (powerpc)" 589 depends on PPC 590 help 591 This is the powerpc hardware accelerated implementation of the 592 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 593 594config CRYPTO_SHA1_MB 595 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)" 596 depends on X86 && 64BIT 597 select CRYPTO_SHA1 598 select CRYPTO_HASH 599 select CRYPTO_MCRYPTD 600 help 601 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 602 using multi-buffer technique. This algorithm computes on 603 multiple data lanes concurrently with SIMD instructions for 604 better throughput. It should not be enabled by default but 605 used when there is significant amount of work to keep the keep 606 the data lanes filled to get performance benefit. If the data 607 lanes remain unfilled, a flush operation will be initiated to 608 process the crypto jobs, adding a slight latency. 609 610config CRYPTO_SHA256 611 tristate "SHA224 and SHA256 digest algorithm" 612 select CRYPTO_HASH 613 help 614 SHA256 secure hash standard (DFIPS 180-2). 615 616 This version of SHA implements a 256 bit hash with 128 bits of 617 security against collision attacks. 618 619 This code also includes SHA-224, a 224 bit hash with 112 bits 620 of security against collision attacks. 621 622config CRYPTO_SHA256_OCTEON 623 tristate "SHA224 and SHA256 digest algorithm (OCTEON)" 624 depends on CPU_CAVIUM_OCTEON 625 select CRYPTO_SHA256 626 select CRYPTO_HASH 627 help 628 SHA-256 secure hash standard (DFIPS 180-2) implemented 629 using OCTEON crypto instructions, when available. 630 631config CRYPTO_SHA256_SPARC64 632 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 633 depends on SPARC64 634 select CRYPTO_SHA256 635 select CRYPTO_HASH 636 help 637 SHA-256 secure hash standard (DFIPS 180-2) implemented 638 using sparc64 crypto instructions, when available. 639 640config CRYPTO_SHA512 641 tristate "SHA384 and SHA512 digest algorithms" 642 select CRYPTO_HASH 643 help 644 SHA512 secure hash standard (DFIPS 180-2). 645 646 This version of SHA implements a 512 bit hash with 256 bits of 647 security against collision attacks. 648 649 This code also includes SHA-384, a 384 bit hash with 192 bits 650 of security against collision attacks. 651 652config CRYPTO_SHA512_OCTEON 653 tristate "SHA384 and SHA512 digest algorithms (OCTEON)" 654 depends on CPU_CAVIUM_OCTEON 655 select CRYPTO_SHA512 656 select CRYPTO_HASH 657 help 658 SHA-512 secure hash standard (DFIPS 180-2) implemented 659 using OCTEON crypto instructions, when available. 660 661config CRYPTO_SHA512_SPARC64 662 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 663 depends on SPARC64 664 select CRYPTO_SHA512 665 select CRYPTO_HASH 666 help 667 SHA-512 secure hash standard (DFIPS 180-2) implemented 668 using sparc64 crypto instructions, when available. 669 670config CRYPTO_SHA512_ARM_NEON 671 tristate "SHA384 and SHA512 digest algorithm (ARM NEON)" 672 depends on ARM && KERNEL_MODE_NEON 673 select CRYPTO_SHA512 674 select CRYPTO_HASH 675 help 676 SHA-512 secure hash standard (DFIPS 180-2) implemented 677 using ARM NEON instructions, when available. 678 679 This version of SHA implements a 512 bit hash with 256 bits of 680 security against collision attacks. 681 682 This code also includes SHA-384, a 384 bit hash with 192 bits 683 of security against collision attacks. 684 685config CRYPTO_TGR192 686 tristate "Tiger digest algorithms" 687 select CRYPTO_HASH 688 help 689 Tiger hash algorithm 192, 160 and 128-bit hashes 690 691 Tiger is a hash function optimized for 64-bit processors while 692 still having decent performance on 32-bit processors. 693 Tiger was developed by Ross Anderson and Eli Biham. 694 695 See also: 696 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 697 698config CRYPTO_WP512 699 tristate "Whirlpool digest algorithms" 700 select CRYPTO_HASH 701 help 702 Whirlpool hash algorithm 512, 384 and 256-bit hashes 703 704 Whirlpool-512 is part of the NESSIE cryptographic primitives. 705 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 706 707 See also: 708 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 709 710config CRYPTO_GHASH_CLMUL_NI_INTEL 711 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 712 depends on X86 && 64BIT 713 select CRYPTO_CRYPTD 714 help 715 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 716 The implementation is accelerated by CLMUL-NI of Intel. 717 718comment "Ciphers" 719 720config CRYPTO_AES 721 tristate "AES cipher algorithms" 722 select CRYPTO_ALGAPI 723 help 724 AES cipher algorithms (FIPS-197). AES uses the Rijndael 725 algorithm. 726 727 Rijndael appears to be consistently a very good performer in 728 both hardware and software across a wide range of computing 729 environments regardless of its use in feedback or non-feedback 730 modes. Its key setup time is excellent, and its key agility is 731 good. Rijndael's very low memory requirements make it very well 732 suited for restricted-space environments, in which it also 733 demonstrates excellent performance. Rijndael's operations are 734 among the easiest to defend against power and timing attacks. 735 736 The AES specifies three key sizes: 128, 192 and 256 bits 737 738 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 739 740config CRYPTO_AES_586 741 tristate "AES cipher algorithms (i586)" 742 depends on (X86 || UML_X86) && !64BIT 743 select CRYPTO_ALGAPI 744 select CRYPTO_AES 745 help 746 AES cipher algorithms (FIPS-197). AES uses the Rijndael 747 algorithm. 748 749 Rijndael appears to be consistently a very good performer in 750 both hardware and software across a wide range of computing 751 environments regardless of its use in feedback or non-feedback 752 modes. Its key setup time is excellent, and its key agility is 753 good. Rijndael's very low memory requirements make it very well 754 suited for restricted-space environments, in which it also 755 demonstrates excellent performance. Rijndael's operations are 756 among the easiest to defend against power and timing attacks. 757 758 The AES specifies three key sizes: 128, 192 and 256 bits 759 760 See <http://csrc.nist.gov/encryption/aes/> for more information. 761 762config CRYPTO_AES_X86_64 763 tristate "AES cipher algorithms (x86_64)" 764 depends on (X86 || UML_X86) && 64BIT 765 select CRYPTO_ALGAPI 766 select CRYPTO_AES 767 help 768 AES cipher algorithms (FIPS-197). AES uses the Rijndael 769 algorithm. 770 771 Rijndael appears to be consistently a very good performer in 772 both hardware and software across a wide range of computing 773 environments regardless of its use in feedback or non-feedback 774 modes. Its key setup time is excellent, and its key agility is 775 good. Rijndael's very low memory requirements make it very well 776 suited for restricted-space environments, in which it also 777 demonstrates excellent performance. Rijndael's operations are 778 among the easiest to defend against power and timing attacks. 779 780 The AES specifies three key sizes: 128, 192 and 256 bits 781 782 See <http://csrc.nist.gov/encryption/aes/> for more information. 783 784config CRYPTO_AES_NI_INTEL 785 tristate "AES cipher algorithms (AES-NI)" 786 depends on X86 787 select CRYPTO_AES_X86_64 if 64BIT 788 select CRYPTO_AES_586 if !64BIT 789 select CRYPTO_CRYPTD 790 select CRYPTO_ABLK_HELPER 791 select CRYPTO_ALGAPI 792 select CRYPTO_GLUE_HELPER_X86 if 64BIT 793 select CRYPTO_LRW 794 select CRYPTO_XTS 795 help 796 Use Intel AES-NI instructions for AES algorithm. 797 798 AES cipher algorithms (FIPS-197). AES uses the Rijndael 799 algorithm. 800 801 Rijndael appears to be consistently a very good performer in 802 both hardware and software across a wide range of computing 803 environments regardless of its use in feedback or non-feedback 804 modes. Its key setup time is excellent, and its key agility is 805 good. Rijndael's very low memory requirements make it very well 806 suited for restricted-space environments, in which it also 807 demonstrates excellent performance. Rijndael's operations are 808 among the easiest to defend against power and timing attacks. 809 810 The AES specifies three key sizes: 128, 192 and 256 bits 811 812 See <http://csrc.nist.gov/encryption/aes/> for more information. 813 814 In addition to AES cipher algorithm support, the acceleration 815 for some popular block cipher mode is supported too, including 816 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 817 acceleration for CTR. 818 819config CRYPTO_AES_SPARC64 820 tristate "AES cipher algorithms (SPARC64)" 821 depends on SPARC64 822 select CRYPTO_CRYPTD 823 select CRYPTO_ALGAPI 824 help 825 Use SPARC64 crypto opcodes for AES algorithm. 826 827 AES cipher algorithms (FIPS-197). AES uses the Rijndael 828 algorithm. 829 830 Rijndael appears to be consistently a very good performer in 831 both hardware and software across a wide range of computing 832 environments regardless of its use in feedback or non-feedback 833 modes. Its key setup time is excellent, and its key agility is 834 good. Rijndael's very low memory requirements make it very well 835 suited for restricted-space environments, in which it also 836 demonstrates excellent performance. Rijndael's operations are 837 among the easiest to defend against power and timing attacks. 838 839 The AES specifies three key sizes: 128, 192 and 256 bits 840 841 See <http://csrc.nist.gov/encryption/aes/> for more information. 842 843 In addition to AES cipher algorithm support, the acceleration 844 for some popular block cipher mode is supported too, including 845 ECB and CBC. 846 847config CRYPTO_AES_ARM 848 tristate "AES cipher algorithms (ARM-asm)" 849 depends on ARM 850 select CRYPTO_ALGAPI 851 select CRYPTO_AES 852 help 853 Use optimized AES assembler routines for ARM platforms. 854 855 AES cipher algorithms (FIPS-197). AES uses the Rijndael 856 algorithm. 857 858 Rijndael appears to be consistently a very good performer in 859 both hardware and software across a wide range of computing 860 environments regardless of its use in feedback or non-feedback 861 modes. Its key setup time is excellent, and its key agility is 862 good. Rijndael's very low memory requirements make it very well 863 suited for restricted-space environments, in which it also 864 demonstrates excellent performance. Rijndael's operations are 865 among the easiest to defend against power and timing attacks. 866 867 The AES specifies three key sizes: 128, 192 and 256 bits 868 869 See <http://csrc.nist.gov/encryption/aes/> for more information. 870 871config CRYPTO_AES_ARM_BS 872 tristate "Bit sliced AES using NEON instructions" 873 depends on ARM && KERNEL_MODE_NEON 874 select CRYPTO_ALGAPI 875 select CRYPTO_AES_ARM 876 select CRYPTO_ABLK_HELPER 877 help 878 Use a faster and more secure NEON based implementation of AES in CBC, 879 CTR and XTS modes 880 881 Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode 882 and for XTS mode encryption, CBC and XTS mode decryption speedup is 883 around 25%. (CBC encryption speed is not affected by this driver.) 884 This implementation does not rely on any lookup tables so it is 885 believed to be invulnerable to cache timing attacks. 886 887config CRYPTO_ANUBIS 888 tristate "Anubis cipher algorithm" 889 select CRYPTO_ALGAPI 890 help 891 Anubis cipher algorithm. 892 893 Anubis is a variable key length cipher which can use keys from 894 128 bits to 320 bits in length. It was evaluated as a entrant 895 in the NESSIE competition. 896 897 See also: 898 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 899 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 900 901config CRYPTO_ARC4 902 tristate "ARC4 cipher algorithm" 903 select CRYPTO_BLKCIPHER 904 help 905 ARC4 cipher algorithm. 906 907 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 908 bits in length. This algorithm is required for driver-based 909 WEP, but it should not be for other purposes because of the 910 weakness of the algorithm. 911 912config CRYPTO_BLOWFISH 913 tristate "Blowfish cipher algorithm" 914 select CRYPTO_ALGAPI 915 select CRYPTO_BLOWFISH_COMMON 916 help 917 Blowfish cipher algorithm, by Bruce Schneier. 918 919 This is a variable key length cipher which can use keys from 32 920 bits to 448 bits in length. It's fast, simple and specifically 921 designed for use on "large microprocessors". 922 923 See also: 924 <http://www.schneier.com/blowfish.html> 925 926config CRYPTO_BLOWFISH_COMMON 927 tristate 928 help 929 Common parts of the Blowfish cipher algorithm shared by the 930 generic c and the assembler implementations. 931 932 See also: 933 <http://www.schneier.com/blowfish.html> 934 935config CRYPTO_BLOWFISH_X86_64 936 tristate "Blowfish cipher algorithm (x86_64)" 937 depends on X86 && 64BIT 938 select CRYPTO_ALGAPI 939 select CRYPTO_BLOWFISH_COMMON 940 help 941 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 942 943 This is a variable key length cipher which can use keys from 32 944 bits to 448 bits in length. It's fast, simple and specifically 945 designed for use on "large microprocessors". 946 947 See also: 948 <http://www.schneier.com/blowfish.html> 949 950config CRYPTO_CAMELLIA 951 tristate "Camellia cipher algorithms" 952 depends on CRYPTO 953 select CRYPTO_ALGAPI 954 help 955 Camellia cipher algorithms module. 956 957 Camellia is a symmetric key block cipher developed jointly 958 at NTT and Mitsubishi Electric Corporation. 959 960 The Camellia specifies three key sizes: 128, 192 and 256 bits. 961 962 See also: 963 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 964 965config CRYPTO_CAMELLIA_X86_64 966 tristate "Camellia cipher algorithm (x86_64)" 967 depends on X86 && 64BIT 968 depends on CRYPTO 969 select CRYPTO_ALGAPI 970 select CRYPTO_GLUE_HELPER_X86 971 select CRYPTO_LRW 972 select CRYPTO_XTS 973 help 974 Camellia cipher algorithm module (x86_64). 975 976 Camellia is a symmetric key block cipher developed jointly 977 at NTT and Mitsubishi Electric Corporation. 978 979 The Camellia specifies three key sizes: 128, 192 and 256 bits. 980 981 See also: 982 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 983 984config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 985 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 986 depends on X86 && 64BIT 987 depends on CRYPTO 988 select CRYPTO_ALGAPI 989 select CRYPTO_CRYPTD 990 select CRYPTO_ABLK_HELPER 991 select CRYPTO_GLUE_HELPER_X86 992 select CRYPTO_CAMELLIA_X86_64 993 select CRYPTO_LRW 994 select CRYPTO_XTS 995 help 996 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 997 998 Camellia is a symmetric key block cipher developed jointly 999 at NTT and Mitsubishi Electric Corporation. 1000 1001 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1002 1003 See also: 1004 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1005 1006config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 1007 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)" 1008 depends on X86 && 64BIT 1009 depends on CRYPTO 1010 select CRYPTO_ALGAPI 1011 select CRYPTO_CRYPTD 1012 select CRYPTO_ABLK_HELPER 1013 select CRYPTO_GLUE_HELPER_X86 1014 select CRYPTO_CAMELLIA_X86_64 1015 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64 1016 select CRYPTO_LRW 1017 select CRYPTO_XTS 1018 help 1019 Camellia cipher algorithm module (x86_64/AES-NI/AVX2). 1020 1021 Camellia is a symmetric key block cipher developed jointly 1022 at NTT and Mitsubishi Electric Corporation. 1023 1024 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1025 1026 See also: 1027 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1028 1029config CRYPTO_CAMELLIA_SPARC64 1030 tristate "Camellia cipher algorithm (SPARC64)" 1031 depends on SPARC64 1032 depends on CRYPTO 1033 select CRYPTO_ALGAPI 1034 help 1035 Camellia cipher algorithm module (SPARC64). 1036 1037 Camellia is a symmetric key block cipher developed jointly 1038 at NTT and Mitsubishi Electric Corporation. 1039 1040 The Camellia specifies three key sizes: 128, 192 and 256 bits. 1041 1042 See also: 1043 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 1044 1045config CRYPTO_CAST_COMMON 1046 tristate 1047 help 1048 Common parts of the CAST cipher algorithms shared by the 1049 generic c and the assembler implementations. 1050 1051config CRYPTO_CAST5 1052 tristate "CAST5 (CAST-128) cipher algorithm" 1053 select CRYPTO_ALGAPI 1054 select CRYPTO_CAST_COMMON 1055 help 1056 The CAST5 encryption algorithm (synonymous with CAST-128) is 1057 described in RFC2144. 1058 1059config CRYPTO_CAST5_AVX_X86_64 1060 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 1061 depends on X86 && 64BIT 1062 select CRYPTO_ALGAPI 1063 select CRYPTO_CRYPTD 1064 select CRYPTO_ABLK_HELPER 1065 select CRYPTO_CAST_COMMON 1066 select CRYPTO_CAST5 1067 help 1068 The CAST5 encryption algorithm (synonymous with CAST-128) is 1069 described in RFC2144. 1070 1071 This module provides the Cast5 cipher algorithm that processes 1072 sixteen blocks parallel using the AVX instruction set. 1073 1074config CRYPTO_CAST6 1075 tristate "CAST6 (CAST-256) cipher algorithm" 1076 select CRYPTO_ALGAPI 1077 select CRYPTO_CAST_COMMON 1078 help 1079 The CAST6 encryption algorithm (synonymous with CAST-256) is 1080 described in RFC2612. 1081 1082config CRYPTO_CAST6_AVX_X86_64 1083 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 1084 depends on X86 && 64BIT 1085 select CRYPTO_ALGAPI 1086 select CRYPTO_CRYPTD 1087 select CRYPTO_ABLK_HELPER 1088 select CRYPTO_GLUE_HELPER_X86 1089 select CRYPTO_CAST_COMMON 1090 select CRYPTO_CAST6 1091 select CRYPTO_LRW 1092 select CRYPTO_XTS 1093 help 1094 The CAST6 encryption algorithm (synonymous with CAST-256) is 1095 described in RFC2612. 1096 1097 This module provides the Cast6 cipher algorithm that processes 1098 eight blocks parallel using the AVX instruction set. 1099 1100config CRYPTO_DES 1101 tristate "DES and Triple DES EDE cipher algorithms" 1102 select CRYPTO_ALGAPI 1103 help 1104 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 1105 1106config CRYPTO_DES_SPARC64 1107 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 1108 depends on SPARC64 1109 select CRYPTO_ALGAPI 1110 select CRYPTO_DES 1111 help 1112 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 1113 optimized using SPARC64 crypto opcodes. 1114 1115config CRYPTO_DES3_EDE_X86_64 1116 tristate "Triple DES EDE cipher algorithm (x86-64)" 1117 depends on X86 && 64BIT 1118 select CRYPTO_ALGAPI 1119 select CRYPTO_DES 1120 help 1121 Triple DES EDE (FIPS 46-3) algorithm. 1122 1123 This module provides implementation of the Triple DES EDE cipher 1124 algorithm that is optimized for x86-64 processors. Two versions of 1125 algorithm are provided; regular processing one input block and 1126 one that processes three blocks parallel. 1127 1128config CRYPTO_FCRYPT 1129 tristate "FCrypt cipher algorithm" 1130 select CRYPTO_ALGAPI 1131 select CRYPTO_BLKCIPHER 1132 help 1133 FCrypt algorithm used by RxRPC. 1134 1135config CRYPTO_KHAZAD 1136 tristate "Khazad cipher algorithm" 1137 select CRYPTO_ALGAPI 1138 help 1139 Khazad cipher algorithm. 1140 1141 Khazad was a finalist in the initial NESSIE competition. It is 1142 an algorithm optimized for 64-bit processors with good performance 1143 on 32-bit processors. Khazad uses an 128 bit key size. 1144 1145 See also: 1146 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 1147 1148config CRYPTO_SALSA20 1149 tristate "Salsa20 stream cipher algorithm" 1150 select CRYPTO_BLKCIPHER 1151 help 1152 Salsa20 stream cipher algorithm. 1153 1154 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1155 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1156 1157 The Salsa20 stream cipher algorithm is designed by Daniel J. 1158 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1159 1160config CRYPTO_SALSA20_586 1161 tristate "Salsa20 stream cipher algorithm (i586)" 1162 depends on (X86 || UML_X86) && !64BIT 1163 select CRYPTO_BLKCIPHER 1164 help 1165 Salsa20 stream cipher algorithm. 1166 1167 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1168 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1169 1170 The Salsa20 stream cipher algorithm is designed by Daniel J. 1171 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1172 1173config CRYPTO_SALSA20_X86_64 1174 tristate "Salsa20 stream cipher algorithm (x86_64)" 1175 depends on (X86 || UML_X86) && 64BIT 1176 select CRYPTO_BLKCIPHER 1177 help 1178 Salsa20 stream cipher algorithm. 1179 1180 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 1181 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 1182 1183 The Salsa20 stream cipher algorithm is designed by Daniel J. 1184 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 1185 1186config CRYPTO_SEED 1187 tristate "SEED cipher algorithm" 1188 select CRYPTO_ALGAPI 1189 help 1190 SEED cipher algorithm (RFC4269). 1191 1192 SEED is a 128-bit symmetric key block cipher that has been 1193 developed by KISA (Korea Information Security Agency) as a 1194 national standard encryption algorithm of the Republic of Korea. 1195 It is a 16 round block cipher with the key size of 128 bit. 1196 1197 See also: 1198 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 1199 1200config CRYPTO_SERPENT 1201 tristate "Serpent cipher algorithm" 1202 select CRYPTO_ALGAPI 1203 help 1204 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1205 1206 Keys are allowed to be from 0 to 256 bits in length, in steps 1207 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 1208 variant of Serpent for compatibility with old kerneli.org code. 1209 1210 See also: 1211 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1212 1213config CRYPTO_SERPENT_SSE2_X86_64 1214 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1215 depends on X86 && 64BIT 1216 select CRYPTO_ALGAPI 1217 select CRYPTO_CRYPTD 1218 select CRYPTO_ABLK_HELPER 1219 select CRYPTO_GLUE_HELPER_X86 1220 select CRYPTO_SERPENT 1221 select CRYPTO_LRW 1222 select CRYPTO_XTS 1223 help 1224 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1225 1226 Keys are allowed to be from 0 to 256 bits in length, in steps 1227 of 8 bits. 1228 1229 This module provides Serpent cipher algorithm that processes eigth 1230 blocks parallel using SSE2 instruction set. 1231 1232 See also: 1233 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1234 1235config CRYPTO_SERPENT_SSE2_586 1236 tristate "Serpent cipher algorithm (i586/SSE2)" 1237 depends on X86 && !64BIT 1238 select CRYPTO_ALGAPI 1239 select CRYPTO_CRYPTD 1240 select CRYPTO_ABLK_HELPER 1241 select CRYPTO_GLUE_HELPER_X86 1242 select CRYPTO_SERPENT 1243 select CRYPTO_LRW 1244 select CRYPTO_XTS 1245 help 1246 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1247 1248 Keys are allowed to be from 0 to 256 bits in length, in steps 1249 of 8 bits. 1250 1251 This module provides Serpent cipher algorithm that processes four 1252 blocks parallel using SSE2 instruction set. 1253 1254 See also: 1255 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1256 1257config CRYPTO_SERPENT_AVX_X86_64 1258 tristate "Serpent cipher algorithm (x86_64/AVX)" 1259 depends on X86 && 64BIT 1260 select CRYPTO_ALGAPI 1261 select CRYPTO_CRYPTD 1262 select CRYPTO_ABLK_HELPER 1263 select CRYPTO_GLUE_HELPER_X86 1264 select CRYPTO_SERPENT 1265 select CRYPTO_LRW 1266 select CRYPTO_XTS 1267 help 1268 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1269 1270 Keys are allowed to be from 0 to 256 bits in length, in steps 1271 of 8 bits. 1272 1273 This module provides the Serpent cipher algorithm that processes 1274 eight blocks parallel using the AVX instruction set. 1275 1276 See also: 1277 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1278 1279config CRYPTO_SERPENT_AVX2_X86_64 1280 tristate "Serpent cipher algorithm (x86_64/AVX2)" 1281 depends on X86 && 64BIT 1282 select CRYPTO_ALGAPI 1283 select CRYPTO_CRYPTD 1284 select CRYPTO_ABLK_HELPER 1285 select CRYPTO_GLUE_HELPER_X86 1286 select CRYPTO_SERPENT 1287 select CRYPTO_SERPENT_AVX_X86_64 1288 select CRYPTO_LRW 1289 select CRYPTO_XTS 1290 help 1291 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1292 1293 Keys are allowed to be from 0 to 256 bits in length, in steps 1294 of 8 bits. 1295 1296 This module provides Serpent cipher algorithm that processes 16 1297 blocks parallel using AVX2 instruction set. 1298 1299 See also: 1300 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1301 1302config CRYPTO_TEA 1303 tristate "TEA, XTEA and XETA cipher algorithms" 1304 select CRYPTO_ALGAPI 1305 help 1306 TEA cipher algorithm. 1307 1308 Tiny Encryption Algorithm is a simple cipher that uses 1309 many rounds for security. It is very fast and uses 1310 little memory. 1311 1312 Xtendend Tiny Encryption Algorithm is a modification to 1313 the TEA algorithm to address a potential key weakness 1314 in the TEA algorithm. 1315 1316 Xtendend Encryption Tiny Algorithm is a mis-implementation 1317 of the XTEA algorithm for compatibility purposes. 1318 1319config CRYPTO_TWOFISH 1320 tristate "Twofish cipher algorithm" 1321 select CRYPTO_ALGAPI 1322 select CRYPTO_TWOFISH_COMMON 1323 help 1324 Twofish cipher algorithm. 1325 1326 Twofish was submitted as an AES (Advanced Encryption Standard) 1327 candidate cipher by researchers at CounterPane Systems. It is a 1328 16 round block cipher supporting key sizes of 128, 192, and 256 1329 bits. 1330 1331 See also: 1332 <http://www.schneier.com/twofish.html> 1333 1334config CRYPTO_TWOFISH_COMMON 1335 tristate 1336 help 1337 Common parts of the Twofish cipher algorithm shared by the 1338 generic c and the assembler implementations. 1339 1340config CRYPTO_TWOFISH_586 1341 tristate "Twofish cipher algorithms (i586)" 1342 depends on (X86 || UML_X86) && !64BIT 1343 select CRYPTO_ALGAPI 1344 select CRYPTO_TWOFISH_COMMON 1345 help 1346 Twofish cipher algorithm. 1347 1348 Twofish was submitted as an AES (Advanced Encryption Standard) 1349 candidate cipher by researchers at CounterPane Systems. It is a 1350 16 round block cipher supporting key sizes of 128, 192, and 256 1351 bits. 1352 1353 See also: 1354 <http://www.schneier.com/twofish.html> 1355 1356config CRYPTO_TWOFISH_X86_64 1357 tristate "Twofish cipher algorithm (x86_64)" 1358 depends on (X86 || UML_X86) && 64BIT 1359 select CRYPTO_ALGAPI 1360 select CRYPTO_TWOFISH_COMMON 1361 help 1362 Twofish cipher algorithm (x86_64). 1363 1364 Twofish was submitted as an AES (Advanced Encryption Standard) 1365 candidate cipher by researchers at CounterPane Systems. It is a 1366 16 round block cipher supporting key sizes of 128, 192, and 256 1367 bits. 1368 1369 See also: 1370 <http://www.schneier.com/twofish.html> 1371 1372config CRYPTO_TWOFISH_X86_64_3WAY 1373 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1374 depends on X86 && 64BIT 1375 select CRYPTO_ALGAPI 1376 select CRYPTO_TWOFISH_COMMON 1377 select CRYPTO_TWOFISH_X86_64 1378 select CRYPTO_GLUE_HELPER_X86 1379 select CRYPTO_LRW 1380 select CRYPTO_XTS 1381 help 1382 Twofish cipher algorithm (x86_64, 3-way parallel). 1383 1384 Twofish was submitted as an AES (Advanced Encryption Standard) 1385 candidate cipher by researchers at CounterPane Systems. It is a 1386 16 round block cipher supporting key sizes of 128, 192, and 256 1387 bits. 1388 1389 This module provides Twofish cipher algorithm that processes three 1390 blocks parallel, utilizing resources of out-of-order CPUs better. 1391 1392 See also: 1393 <http://www.schneier.com/twofish.html> 1394 1395config CRYPTO_TWOFISH_AVX_X86_64 1396 tristate "Twofish cipher algorithm (x86_64/AVX)" 1397 depends on X86 && 64BIT 1398 select CRYPTO_ALGAPI 1399 select CRYPTO_CRYPTD 1400 select CRYPTO_ABLK_HELPER 1401 select CRYPTO_GLUE_HELPER_X86 1402 select CRYPTO_TWOFISH_COMMON 1403 select CRYPTO_TWOFISH_X86_64 1404 select CRYPTO_TWOFISH_X86_64_3WAY 1405 select CRYPTO_LRW 1406 select CRYPTO_XTS 1407 help 1408 Twofish cipher algorithm (x86_64/AVX). 1409 1410 Twofish was submitted as an AES (Advanced Encryption Standard) 1411 candidate cipher by researchers at CounterPane Systems. It is a 1412 16 round block cipher supporting key sizes of 128, 192, and 256 1413 bits. 1414 1415 This module provides the Twofish cipher algorithm that processes 1416 eight blocks parallel using the AVX Instruction Set. 1417 1418 See also: 1419 <http://www.schneier.com/twofish.html> 1420 1421comment "Compression" 1422 1423config CRYPTO_DEFLATE 1424 tristate "Deflate compression algorithm" 1425 select CRYPTO_ALGAPI 1426 select ZLIB_INFLATE 1427 select ZLIB_DEFLATE 1428 help 1429 This is the Deflate algorithm (RFC1951), specified for use in 1430 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1431 1432 You will most probably want this if using IPSec. 1433 1434config CRYPTO_ZLIB 1435 tristate "Zlib compression algorithm" 1436 select CRYPTO_PCOMP 1437 select ZLIB_INFLATE 1438 select ZLIB_DEFLATE 1439 select NLATTR 1440 help 1441 This is the zlib algorithm. 1442 1443config CRYPTO_LZO 1444 tristate "LZO compression algorithm" 1445 select CRYPTO_ALGAPI 1446 select LZO_COMPRESS 1447 select LZO_DECOMPRESS 1448 help 1449 This is the LZO algorithm. 1450 1451config CRYPTO_842 1452 tristate "842 compression algorithm" 1453 depends on CRYPTO_DEV_NX_COMPRESS 1454 # 842 uses lzo if the hardware becomes unavailable 1455 select LZO_COMPRESS 1456 select LZO_DECOMPRESS 1457 help 1458 This is the 842 algorithm. 1459 1460config CRYPTO_LZ4 1461 tristate "LZ4 compression algorithm" 1462 select CRYPTO_ALGAPI 1463 select LZ4_COMPRESS 1464 select LZ4_DECOMPRESS 1465 help 1466 This is the LZ4 algorithm. 1467 1468config CRYPTO_LZ4HC 1469 tristate "LZ4HC compression algorithm" 1470 select CRYPTO_ALGAPI 1471 select LZ4HC_COMPRESS 1472 select LZ4_DECOMPRESS 1473 help 1474 This is the LZ4 high compression mode algorithm. 1475 1476comment "Random Number Generation" 1477 1478config CRYPTO_ANSI_CPRNG 1479 tristate "Pseudo Random Number Generation for Cryptographic modules" 1480 default m 1481 select CRYPTO_AES 1482 select CRYPTO_RNG 1483 help 1484 This option enables the generic pseudo random number generator 1485 for cryptographic modules. Uses the Algorithm specified in 1486 ANSI X9.31 A.2.4. Note that this option must be enabled if 1487 CRYPTO_FIPS is selected 1488 1489menuconfig CRYPTO_DRBG_MENU 1490 tristate "NIST SP800-90A DRBG" 1491 help 1492 NIST SP800-90A compliant DRBG. In the following submenu, one or 1493 more of the DRBG types must be selected. 1494 1495if CRYPTO_DRBG_MENU 1496 1497config CRYPTO_DRBG_HMAC 1498 bool "Enable HMAC DRBG" 1499 default y 1500 select CRYPTO_HMAC 1501 help 1502 Enable the HMAC DRBG variant as defined in NIST SP800-90A. 1503 1504config CRYPTO_DRBG_HASH 1505 bool "Enable Hash DRBG" 1506 select CRYPTO_HASH 1507 help 1508 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1509 1510config CRYPTO_DRBG_CTR 1511 bool "Enable CTR DRBG" 1512 select CRYPTO_AES 1513 help 1514 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1515 1516config CRYPTO_DRBG 1517 tristate 1518 default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR) 1519 select CRYPTO_RNG 1520 1521endif # if CRYPTO_DRBG_MENU 1522 1523config CRYPTO_USER_API 1524 tristate 1525 1526config CRYPTO_USER_API_HASH 1527 tristate "User-space interface for hash algorithms" 1528 depends on NET 1529 select CRYPTO_HASH 1530 select CRYPTO_USER_API 1531 help 1532 This option enables the user-spaces interface for hash 1533 algorithms. 1534 1535config CRYPTO_USER_API_SKCIPHER 1536 tristate "User-space interface for symmetric key cipher algorithms" 1537 depends on NET 1538 select CRYPTO_BLKCIPHER 1539 select CRYPTO_USER_API 1540 help 1541 This option enables the user-spaces interface for symmetric 1542 key cipher algorithms. 1543 1544config CRYPTO_USER_API_RNG 1545 tristate "User-space interface for random number generator algorithms" 1546 depends on NET 1547 select CRYPTO_RNG 1548 select CRYPTO_USER_API 1549 help 1550 This option enables the user-spaces interface for random 1551 number generator algorithms. 1552 1553config CRYPTO_HASH_INFO 1554 bool 1555 1556source "drivers/crypto/Kconfig" 1557source crypto/asymmetric_keys/Kconfig 1558 1559endif # if CRYPTO 1560