1# SPDX-License-Identifier: GPL-2.0 2# 3# Generic algorithms support 4# 5config XOR_BLOCKS 6 tristate 7 8# 9# async_tx api: hardware offloaded memory transfer/transform support 10# 11source "crypto/async_tx/Kconfig" 12 13# 14# Cryptographic API Configuration 15# 16menuconfig CRYPTO 17 tristate "Cryptographic API" 18 select CRYPTO_LIB_UTILS 19 help 20 This option provides the core Cryptographic API. 21 22if CRYPTO 23 24menu "Crypto core or helper" 25 26config CRYPTO_FIPS 27 bool "FIPS 200 compliance" 28 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS 29 depends on (MODULE_SIG || !MODULES) 30 help 31 This option enables the fips boot option which is 32 required if you want the system to operate in a FIPS 200 33 certification. You should say no unless you know what 34 this is. 35 36config CRYPTO_FIPS_NAME 37 string "FIPS Module Name" 38 default "Linux Kernel Cryptographic API" 39 depends on CRYPTO_FIPS 40 help 41 This option sets the FIPS Module name reported by the Crypto API via 42 the /proc/sys/crypto/fips_name file. 43 44config CRYPTO_FIPS_CUSTOM_VERSION 45 bool "Use Custom FIPS Module Version" 46 depends on CRYPTO_FIPS 47 default n 48 49config CRYPTO_FIPS_VERSION 50 string "FIPS Module Version" 51 default "(none)" 52 depends on CRYPTO_FIPS_CUSTOM_VERSION 53 help 54 This option provides the ability to override the FIPS Module Version. 55 By default the KERNELRELEASE value is used. 56 57config CRYPTO_ALGAPI 58 tristate 59 select CRYPTO_ALGAPI2 60 help 61 This option provides the API for cryptographic algorithms. 62 63config CRYPTO_ALGAPI2 64 tristate 65 66config CRYPTO_AEAD 67 tristate 68 select CRYPTO_AEAD2 69 select CRYPTO_ALGAPI 70 71config CRYPTO_AEAD2 72 tristate 73 select CRYPTO_ALGAPI2 74 select CRYPTO_NULL2 75 select CRYPTO_RNG2 76 77config CRYPTO_SKCIPHER 78 tristate 79 select CRYPTO_SKCIPHER2 80 select CRYPTO_ALGAPI 81 82config CRYPTO_SKCIPHER2 83 tristate 84 select CRYPTO_ALGAPI2 85 select CRYPTO_RNG2 86 87config CRYPTO_HASH 88 tristate 89 select CRYPTO_HASH2 90 select CRYPTO_ALGAPI 91 92config CRYPTO_HASH2 93 tristate 94 select CRYPTO_ALGAPI2 95 96config CRYPTO_RNG 97 tristate 98 select CRYPTO_RNG2 99 select CRYPTO_ALGAPI 100 101config CRYPTO_RNG2 102 tristate 103 select CRYPTO_ALGAPI2 104 105config CRYPTO_RNG_DEFAULT 106 tristate 107 select CRYPTO_DRBG_MENU 108 109config CRYPTO_AKCIPHER2 110 tristate 111 select CRYPTO_ALGAPI2 112 113config CRYPTO_AKCIPHER 114 tristate 115 select CRYPTO_AKCIPHER2 116 select CRYPTO_ALGAPI 117 118config CRYPTO_KPP2 119 tristate 120 select CRYPTO_ALGAPI2 121 122config CRYPTO_KPP 123 tristate 124 select CRYPTO_ALGAPI 125 select CRYPTO_KPP2 126 127config CRYPTO_ACOMP2 128 tristate 129 select CRYPTO_ALGAPI2 130 select SGL_ALLOC 131 132config CRYPTO_ACOMP 133 tristate 134 select CRYPTO_ALGAPI 135 select CRYPTO_ACOMP2 136 137config CRYPTO_MANAGER 138 tristate "Cryptographic algorithm manager" 139 select CRYPTO_MANAGER2 140 help 141 Create default cryptographic template instantiations such as 142 cbc(aes). 143 144config CRYPTO_MANAGER2 145 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 146 select CRYPTO_AEAD2 147 select CRYPTO_HASH2 148 select CRYPTO_SKCIPHER2 149 select CRYPTO_AKCIPHER2 150 select CRYPTO_KPP2 151 select CRYPTO_ACOMP2 152 153config CRYPTO_USER 154 tristate "Userspace cryptographic algorithm configuration" 155 depends on NET 156 select CRYPTO_MANAGER 157 help 158 Userspace configuration for cryptographic instantiations such as 159 cbc(aes). 160 161config CRYPTO_MANAGER_DISABLE_TESTS 162 bool "Disable run-time self tests" 163 default y 164 help 165 Disable run-time self tests that normally take place at 166 algorithm registration. 167 168config CRYPTO_MANAGER_EXTRA_TESTS 169 bool "Enable extra run-time crypto self tests" 170 depends on DEBUG_KERNEL && !CRYPTO_MANAGER_DISABLE_TESTS && CRYPTO_MANAGER 171 help 172 Enable extra run-time self tests of registered crypto algorithms, 173 including randomized fuzz tests. 174 175 This is intended for developer use only, as these tests take much 176 longer to run than the normal self tests. 177 178config CRYPTO_GF128MUL 179 tristate 180 181config CRYPTO_NULL 182 tristate "Null algorithms" 183 select CRYPTO_NULL2 184 help 185 These are 'Null' algorithms, used by IPsec, which do nothing. 186 187config CRYPTO_NULL2 188 tristate 189 select CRYPTO_ALGAPI2 190 select CRYPTO_SKCIPHER2 191 select CRYPTO_HASH2 192 193config CRYPTO_PCRYPT 194 tristate "Parallel crypto engine" 195 depends on SMP 196 select PADATA 197 select CRYPTO_MANAGER 198 select CRYPTO_AEAD 199 help 200 This converts an arbitrary crypto algorithm into a parallel 201 algorithm that executes in kernel threads. 202 203config CRYPTO_CRYPTD 204 tristate "Software async crypto daemon" 205 select CRYPTO_SKCIPHER 206 select CRYPTO_HASH 207 select CRYPTO_MANAGER 208 help 209 This is a generic software asynchronous crypto daemon that 210 converts an arbitrary synchronous software crypto algorithm 211 into an asynchronous algorithm that executes in a kernel thread. 212 213config CRYPTO_AUTHENC 214 tristate "Authenc support" 215 select CRYPTO_AEAD 216 select CRYPTO_SKCIPHER 217 select CRYPTO_MANAGER 218 select CRYPTO_HASH 219 select CRYPTO_NULL 220 help 221 Authenc: Combined mode wrapper for IPsec. 222 This is required for IPSec. 223 224config CRYPTO_TEST 225 tristate "Testing module" 226 depends on m || EXPERT 227 select CRYPTO_MANAGER 228 help 229 Quick & dirty crypto test module. 230 231config CRYPTO_SIMD 232 tristate 233 select CRYPTO_CRYPTD 234 235config CRYPTO_ENGINE 236 tristate 237 238endmenu 239 240menu "Public-key cryptography" 241 242config CRYPTO_RSA 243 tristate "RSA (Rivest-Shamir-Adleman)" 244 select CRYPTO_AKCIPHER 245 select CRYPTO_MANAGER 246 select MPILIB 247 select ASN1 248 help 249 RSA (Rivest-Shamir-Adleman) public key algorithm (RFC8017) 250 251config CRYPTO_DH 252 tristate "DH (Diffie-Hellman)" 253 select CRYPTO_KPP 254 select MPILIB 255 help 256 DH (Diffie-Hellman) key exchange algorithm 257 258config CRYPTO_DH_RFC7919_GROUPS 259 bool "RFC 7919 FFDHE groups" 260 depends on CRYPTO_DH 261 select CRYPTO_RNG_DEFAULT 262 help 263 FFDHE (Finite-Field-based Diffie-Hellman Ephemeral) groups 264 defined in RFC7919. 265 266 Support these finite-field groups in DH key exchanges: 267 - ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192 268 269 If unsure, say N. 270 271config CRYPTO_ECC 272 tristate 273 select CRYPTO_RNG_DEFAULT 274 275config CRYPTO_ECDH 276 tristate "ECDH (Elliptic Curve Diffie-Hellman)" 277 select CRYPTO_ECC 278 select CRYPTO_KPP 279 help 280 ECDH (Elliptic Curve Diffie-Hellman) key exchange algorithm 281 using curves P-192, P-256, and P-384 (FIPS 186) 282 283config CRYPTO_ECDSA 284 tristate "ECDSA (Elliptic Curve Digital Signature Algorithm)" 285 select CRYPTO_ECC 286 select CRYPTO_AKCIPHER 287 select ASN1 288 help 289 ECDSA (Elliptic Curve Digital Signature Algorithm) (FIPS 186, 290 ISO/IEC 14888-3) 291 using curves P-192, P-256, and P-384 292 293 Only signature verification is implemented. 294 295config CRYPTO_ECRDSA 296 tristate "EC-RDSA (Elliptic Curve Russian Digital Signature Algorithm)" 297 select CRYPTO_ECC 298 select CRYPTO_AKCIPHER 299 select CRYPTO_STREEBOG 300 select OID_REGISTRY 301 select ASN1 302 help 303 Elliptic Curve Russian Digital Signature Algorithm (GOST R 34.10-2012, 304 RFC 7091, ISO/IEC 14888-3) 305 306 One of the Russian cryptographic standard algorithms (called GOST 307 algorithms). Only signature verification is implemented. 308 309config CRYPTO_SM2 310 tristate "SM2 (ShangMi 2)" 311 select CRYPTO_SM3 312 select CRYPTO_AKCIPHER 313 select CRYPTO_MANAGER 314 select MPILIB 315 select ASN1 316 help 317 SM2 (ShangMi 2) public key algorithm 318 319 Published by State Encryption Management Bureau, China, 320 as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012. 321 322 References: 323 https://datatracker.ietf.org/doc/draft-shen-sm2-ecdsa/ 324 http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml 325 http://www.gmbz.org.cn/main/bzlb.html 326 327config CRYPTO_CURVE25519 328 tristate "Curve25519" 329 select CRYPTO_KPP 330 select CRYPTO_LIB_CURVE25519_GENERIC 331 help 332 Curve25519 elliptic curve (RFC7748) 333 334endmenu 335 336menu "Block ciphers" 337 338config CRYPTO_AES 339 tristate "AES cipher algorithms" 340 select CRYPTO_ALGAPI 341 select CRYPTO_LIB_AES 342 help 343 AES cipher algorithms (FIPS-197). AES uses the Rijndael 344 algorithm. 345 346 Rijndael appears to be consistently a very good performer in 347 both hardware and software across a wide range of computing 348 environments regardless of its use in feedback or non-feedback 349 modes. Its key setup time is excellent, and its key agility is 350 good. Rijndael's very low memory requirements make it very well 351 suited for restricted-space environments, in which it also 352 demonstrates excellent performance. Rijndael's operations are 353 among the easiest to defend against power and timing attacks. 354 355 The AES specifies three key sizes: 128, 192 and 256 bits 356 357 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 358 359config CRYPTO_AES_TI 360 tristate "Fixed time AES cipher" 361 select CRYPTO_ALGAPI 362 select CRYPTO_LIB_AES 363 help 364 This is a generic implementation of AES that attempts to eliminate 365 data dependent latencies as much as possible without affecting 366 performance too much. It is intended for use by the generic CCM 367 and GCM drivers, and other CTR or CMAC/XCBC based modes that rely 368 solely on encryption (although decryption is supported as well, but 369 with a more dramatic performance hit) 370 371 Instead of using 16 lookup tables of 1 KB each, (8 for encryption and 372 8 for decryption), this implementation only uses just two S-boxes of 373 256 bytes each, and attempts to eliminate data dependent latencies by 374 prefetching the entire table into the cache at the start of each 375 block. Interrupts are also disabled to avoid races where cachelines 376 are evicted when the CPU is interrupted to do something else. 377 378config CRYPTO_ANUBIS 379 tristate "Anubis cipher algorithm" 380 depends on CRYPTO_USER_API_ENABLE_OBSOLETE 381 select CRYPTO_ALGAPI 382 help 383 Anubis cipher algorithm. 384 385 Anubis is a variable key length cipher which can use keys from 386 128 bits to 320 bits in length. It was evaluated as a entrant 387 in the NESSIE competition. 388 389 See also: 390 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 391 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 392 393config CRYPTO_ARIA 394 tristate "ARIA cipher algorithm" 395 select CRYPTO_ALGAPI 396 help 397 ARIA cipher algorithm (RFC5794). 398 399 ARIA is a standard encryption algorithm of the Republic of Korea. 400 The ARIA specifies three key sizes and rounds. 401 128-bit: 12 rounds. 402 192-bit: 14 rounds. 403 256-bit: 16 rounds. 404 405 See also: 406 <https://seed.kisa.or.kr/kisa/algorithm/EgovAriaInfo.do> 407 408config CRYPTO_BLOWFISH 409 tristate "Blowfish cipher algorithm" 410 select CRYPTO_ALGAPI 411 select CRYPTO_BLOWFISH_COMMON 412 help 413 Blowfish cipher algorithm, by Bruce Schneier. 414 415 This is a variable key length cipher which can use keys from 32 416 bits to 448 bits in length. It's fast, simple and specifically 417 designed for use on "large microprocessors". 418 419 See also: 420 <https://www.schneier.com/blowfish.html> 421 422config CRYPTO_BLOWFISH_COMMON 423 tristate 424 help 425 Common parts of the Blowfish cipher algorithm shared by the 426 generic c and the assembler implementations. 427 428 See also: 429 <https://www.schneier.com/blowfish.html> 430 431config CRYPTO_CAMELLIA 432 tristate "Camellia cipher algorithms" 433 select CRYPTO_ALGAPI 434 help 435 Camellia cipher algorithms module. 436 437 Camellia is a symmetric key block cipher developed jointly 438 at NTT and Mitsubishi Electric Corporation. 439 440 The Camellia specifies three key sizes: 128, 192 and 256 bits. 441 442 See also: 443 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 444 445config CRYPTO_CAST_COMMON 446 tristate 447 help 448 Common parts of the CAST cipher algorithms shared by the 449 generic c and the assembler implementations. 450 451config CRYPTO_CAST5 452 tristate "CAST5 (CAST-128) cipher algorithm" 453 select CRYPTO_ALGAPI 454 select CRYPTO_CAST_COMMON 455 help 456 The CAST5 encryption algorithm (synonymous with CAST-128) is 457 described in RFC2144. 458 459config CRYPTO_CAST6 460 tristate "CAST6 (CAST-256) cipher algorithm" 461 select CRYPTO_ALGAPI 462 select CRYPTO_CAST_COMMON 463 help 464 The CAST6 encryption algorithm (synonymous with CAST-256) is 465 described in RFC2612. 466 467config CRYPTO_DES 468 tristate "DES and Triple DES EDE cipher algorithms" 469 select CRYPTO_ALGAPI 470 select CRYPTO_LIB_DES 471 help 472 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 473 474config CRYPTO_FCRYPT 475 tristate "FCrypt cipher algorithm" 476 select CRYPTO_ALGAPI 477 select CRYPTO_SKCIPHER 478 help 479 FCrypt algorithm used by RxRPC. 480 481config CRYPTO_KHAZAD 482 tristate "Khazad cipher algorithm" 483 depends on CRYPTO_USER_API_ENABLE_OBSOLETE 484 select CRYPTO_ALGAPI 485 help 486 Khazad cipher algorithm. 487 488 Khazad was a finalist in the initial NESSIE competition. It is 489 an algorithm optimized for 64-bit processors with good performance 490 on 32-bit processors. Khazad uses an 128 bit key size. 491 492 See also: 493 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 494 495config CRYPTO_SEED 496 tristate "SEED cipher algorithm" 497 depends on CRYPTO_USER_API_ENABLE_OBSOLETE 498 select CRYPTO_ALGAPI 499 help 500 SEED cipher algorithm (RFC4269). 501 502 SEED is a 128-bit symmetric key block cipher that has been 503 developed by KISA (Korea Information Security Agency) as a 504 national standard encryption algorithm of the Republic of Korea. 505 It is a 16 round block cipher with the key size of 128 bit. 506 507 See also: 508 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 509 510config CRYPTO_SERPENT 511 tristate "Serpent cipher algorithm" 512 select CRYPTO_ALGAPI 513 help 514 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 515 516 Keys are allowed to be from 0 to 256 bits in length, in steps 517 of 8 bits. 518 519 See also: 520 <https://www.cl.cam.ac.uk/~rja14/serpent.html> 521 522config CRYPTO_SM4 523 tristate 524 525config CRYPTO_SM4_GENERIC 526 tristate "SM4 cipher algorithm" 527 select CRYPTO_ALGAPI 528 select CRYPTO_SM4 529 help 530 SM4 cipher algorithms (OSCCA GB/T 32907-2016). 531 532 SM4 (GBT.32907-2016) is a cryptographic standard issued by the 533 Organization of State Commercial Administration of China (OSCCA) 534 as an authorized cryptographic algorithms for the use within China. 535 536 SMS4 was originally created for use in protecting wireless 537 networks, and is mandated in the Chinese National Standard for 538 Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure) 539 (GB.15629.11-2003). 540 541 The latest SM4 standard (GBT.32907-2016) was proposed by OSCCA and 542 standardized through TC 260 of the Standardization Administration 543 of the People's Republic of China (SAC). 544 545 The input, output, and key of SMS4 are each 128 bits. 546 547 See also: <https://eprint.iacr.org/2008/329.pdf> 548 549 If unsure, say N. 550 551config CRYPTO_TEA 552 tristate "TEA, XTEA and XETA cipher algorithms" 553 depends on CRYPTO_USER_API_ENABLE_OBSOLETE 554 select CRYPTO_ALGAPI 555 help 556 TEA cipher algorithm. 557 558 Tiny Encryption Algorithm is a simple cipher that uses 559 many rounds for security. It is very fast and uses 560 little memory. 561 562 Xtendend Tiny Encryption Algorithm is a modification to 563 the TEA algorithm to address a potential key weakness 564 in the TEA algorithm. 565 566 Xtendend Encryption Tiny Algorithm is a mis-implementation 567 of the XTEA algorithm for compatibility purposes. 568 569config CRYPTO_TWOFISH 570 tristate "Twofish cipher algorithm" 571 select CRYPTO_ALGAPI 572 select CRYPTO_TWOFISH_COMMON 573 help 574 Twofish cipher algorithm. 575 576 Twofish was submitted as an AES (Advanced Encryption Standard) 577 candidate cipher by researchers at CounterPane Systems. It is a 578 16 round block cipher supporting key sizes of 128, 192, and 256 579 bits. 580 581 See also: 582 <https://www.schneier.com/twofish.html> 583 584config CRYPTO_TWOFISH_COMMON 585 tristate 586 help 587 Common parts of the Twofish cipher algorithm shared by the 588 generic c and the assembler implementations. 589 590endmenu 591 592menu "Length-preserving ciphers and modes" 593 594config CRYPTO_ADIANTUM 595 tristate "Adiantum support" 596 select CRYPTO_CHACHA20 597 select CRYPTO_LIB_POLY1305_GENERIC 598 select CRYPTO_NHPOLY1305 599 select CRYPTO_MANAGER 600 help 601 Adiantum is a tweakable, length-preserving encryption mode 602 designed for fast and secure disk encryption, especially on 603 CPUs without dedicated crypto instructions. It encrypts 604 each sector using the XChaCha12 stream cipher, two passes of 605 an ε-almost-∆-universal hash function, and an invocation of 606 the AES-256 block cipher on a single 16-byte block. On CPUs 607 without AES instructions, Adiantum is much faster than 608 AES-XTS. 609 610 Adiantum's security is provably reducible to that of its 611 underlying stream and block ciphers, subject to a security 612 bound. Unlike XTS, Adiantum is a true wide-block encryption 613 mode, so it actually provides an even stronger notion of 614 security than XTS, subject to the security bound. 615 616 If unsure, say N. 617 618config CRYPTO_ARC4 619 tristate "ARC4 cipher algorithm" 620 depends on CRYPTO_USER_API_ENABLE_OBSOLETE 621 select CRYPTO_SKCIPHER 622 select CRYPTO_LIB_ARC4 623 help 624 ARC4 cipher algorithm. 625 626 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 627 bits in length. This algorithm is required for driver-based 628 WEP, but it should not be for other purposes because of the 629 weakness of the algorithm. 630 631config CRYPTO_CHACHA20 632 tristate "ChaCha stream cipher algorithms" 633 select CRYPTO_LIB_CHACHA_GENERIC 634 select CRYPTO_SKCIPHER 635 help 636 The ChaCha20, XChaCha20, and XChaCha12 stream cipher algorithms. 637 638 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. 639 Bernstein and further specified in RFC7539 for use in IETF protocols. 640 This is the portable C implementation of ChaCha20. See also: 641 <https://cr.yp.to/chacha/chacha-20080128.pdf> 642 643 XChaCha20 is the application of the XSalsa20 construction to ChaCha20 644 rather than to Salsa20. XChaCha20 extends ChaCha20's nonce length 645 from 64 bits (or 96 bits using the RFC7539 convention) to 192 bits, 646 while provably retaining ChaCha20's security. See also: 647 <https://cr.yp.to/snuffle/xsalsa-20081128.pdf> 648 649 XChaCha12 is XChaCha20 reduced to 12 rounds, with correspondingly 650 reduced security margin but increased performance. It can be needed 651 in some performance-sensitive scenarios. 652 653config CRYPTO_CBC 654 tristate "CBC support" 655 select CRYPTO_SKCIPHER 656 select CRYPTO_MANAGER 657 help 658 CBC: Cipher Block Chaining mode 659 This block cipher algorithm is required for IPSec. 660 661config CRYPTO_CFB 662 tristate "CFB support" 663 select CRYPTO_SKCIPHER 664 select CRYPTO_MANAGER 665 help 666 CFB: Cipher FeedBack mode 667 This block cipher algorithm is required for TPM2 Cryptography. 668 669config CRYPTO_CTR 670 tristate "CTR support" 671 select CRYPTO_SKCIPHER 672 select CRYPTO_MANAGER 673 help 674 CTR: Counter mode 675 This block cipher algorithm is required for IPSec. 676 677config CRYPTO_CTS 678 tristate "CTS support" 679 select CRYPTO_SKCIPHER 680 select CRYPTO_MANAGER 681 help 682 CTS: Cipher Text Stealing 683 This is the Cipher Text Stealing mode as described by 684 Section 8 of rfc2040 and referenced by rfc3962 685 (rfc3962 includes errata information in its Appendix A) or 686 CBC-CS3 as defined by NIST in Sp800-38A addendum from Oct 2010. 687 This mode is required for Kerberos gss mechanism support 688 for AES encryption. 689 690 See: https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final 691 692config CRYPTO_ECB 693 tristate "ECB support" 694 select CRYPTO_SKCIPHER 695 select CRYPTO_MANAGER 696 help 697 ECB: Electronic CodeBook mode 698 This is the simplest block cipher algorithm. It simply encrypts 699 the input block by block. 700 701config CRYPTO_HCTR2 702 tristate "HCTR2 support" 703 select CRYPTO_XCTR 704 select CRYPTO_POLYVAL 705 select CRYPTO_MANAGER 706 help 707 HCTR2 is a length-preserving encryption mode for storage encryption that 708 is efficient on processors with instructions to accelerate AES and 709 carryless multiplication, e.g. x86 processors with AES-NI and CLMUL, and 710 ARM processors with the ARMv8 crypto extensions. 711 712config CRYPTO_KEYWRAP 713 tristate "Key wrapping support" 714 select CRYPTO_SKCIPHER 715 select CRYPTO_MANAGER 716 help 717 Support for key wrapping (NIST SP800-38F / RFC3394) without 718 padding. 719 720config CRYPTO_LRW 721 tristate "LRW support" 722 select CRYPTO_SKCIPHER 723 select CRYPTO_MANAGER 724 select CRYPTO_GF128MUL 725 select CRYPTO_ECB 726 help 727 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 728 narrow block cipher mode for dm-crypt. Use it with cipher 729 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 730 The first 128, 192 or 256 bits in the key are used for AES and the 731 rest is used to tie each cipher block to its logical position. 732 733config CRYPTO_OFB 734 tristate "OFB support" 735 select CRYPTO_SKCIPHER 736 select CRYPTO_MANAGER 737 help 738 OFB: the Output Feedback mode makes a block cipher into a synchronous 739 stream cipher. It generates keystream blocks, which are then XORed 740 with the plaintext blocks to get the ciphertext. Flipping a bit in the 741 ciphertext produces a flipped bit in the plaintext at the same 742 location. This property allows many error correcting codes to function 743 normally even when applied before encryption. 744 745config CRYPTO_PCBC 746 tristate "PCBC support" 747 select CRYPTO_SKCIPHER 748 select CRYPTO_MANAGER 749 help 750 PCBC: Propagating Cipher Block Chaining mode 751 This block cipher algorithm is required for RxRPC. 752 753config CRYPTO_XCTR 754 tristate 755 select CRYPTO_SKCIPHER 756 select CRYPTO_MANAGER 757 help 758 XCTR: XOR Counter mode. This blockcipher mode is a variant of CTR mode 759 using XORs and little-endian addition rather than big-endian arithmetic. 760 XCTR mode is used to implement HCTR2. 761 762config CRYPTO_XTS 763 tristate "XTS support" 764 select CRYPTO_SKCIPHER 765 select CRYPTO_MANAGER 766 select CRYPTO_ECB 767 help 768 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 769 key size 256, 384 or 512 bits. This implementation currently 770 can't handle a sectorsize which is not a multiple of 16 bytes. 771 772config CRYPTO_NHPOLY1305 773 tristate 774 select CRYPTO_HASH 775 select CRYPTO_LIB_POLY1305_GENERIC 776 777endmenu 778 779menu "AEAD (authenticated encryption with associated data) ciphers" 780 781config CRYPTO_AEGIS128 782 tristate "AEGIS-128" 783 select CRYPTO_AEAD 784 select CRYPTO_AES # for AES S-box tables 785 help 786 AEGIS-128 AEAD algorithm 787 788config CRYPTO_AEGIS128_SIMD 789 bool "AEGIS-128 (arm NEON, arm64 NEON)" 790 depends on CRYPTO_AEGIS128 && ((ARM || ARM64) && KERNEL_MODE_NEON) 791 default y 792 help 793 AEGIS-128 AEAD algorithm 794 795 Architecture: arm or arm64 using: 796 - NEON (Advanced SIMD) extension 797 798config CRYPTO_CHACHA20POLY1305 799 tristate "ChaCha20-Poly1305" 800 select CRYPTO_CHACHA20 801 select CRYPTO_POLY1305 802 select CRYPTO_AEAD 803 select CRYPTO_MANAGER 804 help 805 ChaCha20 stream cipher and Poly1305 authenticator combined 806 mode (RFC8439) 807 808config CRYPTO_CCM 809 tristate "CCM (Counter with Cipher Block Chaining-Message Authentication Code)" 810 select CRYPTO_CTR 811 select CRYPTO_HASH 812 select CRYPTO_AEAD 813 select CRYPTO_MANAGER 814 help 815 CCM (Counter with Cipher Block Chaining-Message Authentication Code) 816 authenticated encryption mode (NIST SP800-38C) 817 818config CRYPTO_GCM 819 tristate "GCM (Galois/Counter Mode) and GMAC (GCM Message Authentication Code)" 820 select CRYPTO_CTR 821 select CRYPTO_AEAD 822 select CRYPTO_GHASH 823 select CRYPTO_NULL 824 select CRYPTO_MANAGER 825 help 826 GCM (Galois/Counter Mode) authenticated encryption mode and GMAC 827 (GCM Message Authentication Code) (NIST SP800-38D) 828 829 This is required for IPSec ESP (XFRM_ESP). 830 831config CRYPTO_SEQIV 832 tristate "Sequence Number IV Generator" 833 select CRYPTO_AEAD 834 select CRYPTO_SKCIPHER 835 select CRYPTO_NULL 836 select CRYPTO_RNG_DEFAULT 837 select CRYPTO_MANAGER 838 help 839 Sequence Number IV generator 840 841 This IV generator generates an IV based on a sequence number by 842 xoring it with a salt. This algorithm is mainly useful for CTR. 843 844 This is required for IPsec ESP (XFRM_ESP). 845 846config CRYPTO_ECHAINIV 847 tristate "Encrypted Chain IV Generator" 848 select CRYPTO_AEAD 849 select CRYPTO_NULL 850 select CRYPTO_RNG_DEFAULT 851 select CRYPTO_MANAGER 852 help 853 Encrypted Chain IV generator 854 855 This IV generator generates an IV based on the encryption of 856 a sequence number xored with a salt. This is the default 857 algorithm for CBC. 858 859config CRYPTO_ESSIV 860 tristate "Encrypted Salt-Sector IV Generator" 861 select CRYPTO_AUTHENC 862 help 863 Encrypted Salt-Sector IV generator 864 865 This IV generator is used in some cases by fscrypt and/or 866 dm-crypt. It uses the hash of the block encryption key as the 867 symmetric key for a block encryption pass applied to the input 868 IV, making low entropy IV sources more suitable for block 869 encryption. 870 871 This driver implements a crypto API template that can be 872 instantiated either as an skcipher or as an AEAD (depending on the 873 type of the first template argument), and which defers encryption 874 and decryption requests to the encapsulated cipher after applying 875 ESSIV to the input IV. Note that in the AEAD case, it is assumed 876 that the keys are presented in the same format used by the authenc 877 template, and that the IV appears at the end of the authenticated 878 associated data (AAD) region (which is how dm-crypt uses it.) 879 880 Note that the use of ESSIV is not recommended for new deployments, 881 and so this only needs to be enabled when interoperability with 882 existing encrypted volumes of filesystems is required, or when 883 building for a particular system that requires it (e.g., when 884 the SoC in question has accelerated CBC but not XTS, making CBC 885 combined with ESSIV the only feasible mode for h/w accelerated 886 block encryption) 887 888endmenu 889 890menu "Hashes, digests, and MACs" 891 892config CRYPTO_BLAKE2B 893 tristate "BLAKE2b" 894 select CRYPTO_HASH 895 help 896 BLAKE2b cryptographic hash function (RFC 7693) 897 898 BLAKE2b is optimized for 64-bit platforms and can produce digests 899 of any size between 1 and 64 bytes. The keyed hash is also implemented. 900 901 This module provides the following algorithms: 902 - blake2b-160 903 - blake2b-256 904 - blake2b-384 905 - blake2b-512 906 907 Used by the btrfs filesystem. 908 909 See https://blake2.net for further information. 910 911 config CRYPTO_BLAKE2S 912 tristate "BLAKE2s" 913 select CRYPTO_LIB_BLAKE2S_GENERIC 914 select CRYPTO_HASH 915 help 916 BLAKE2s cryptographic hash function (RFC 7693) 917 918 BLAKE2s is optimized for 8 to 32-bit platforms and can produce 919 digests of any size between 1 and 32 bytes. The keyed hash is 920 also implemented. 921 922 This module provides the following algorithms: 923 - blake2s-128 924 - blake2s-160 925 - blake2s-224 926 - blake2s-256 927 928 Used by Wireguard. 929 930 See https://blake2.net for further information. 931 932config CRYPTO_CMAC 933 tristate "CMAC (Cipher-based MAC)" 934 select CRYPTO_HASH 935 select CRYPTO_MANAGER 936 help 937 CMAC (Cipher-based Message Authentication Code) authentication 938 mode (NIST SP800-38B and IETF RFC4493) 939 940config CRYPTO_GHASH 941 tristate "GHASH" 942 select CRYPTO_GF128MUL 943 select CRYPTO_HASH 944 help 945 GCM GHASH function (NIST SP800-38D) 946 947config CRYPTO_HMAC 948 tristate "HMAC (Keyed-Hash MAC)" 949 select CRYPTO_HASH 950 select CRYPTO_MANAGER 951 help 952 HMAC (Keyed-Hash Message Authentication Code) (FIPS 198 and 953 RFC2104) 954 955 This is required for IPsec AH (XFRM_AH) and IPsec ESP (XFRM_ESP). 956 957config CRYPTO_MD4 958 tristate "MD4" 959 select CRYPTO_HASH 960 help 961 MD4 message digest algorithm (RFC1320) 962 963config CRYPTO_MD5 964 tristate "MD5" 965 select CRYPTO_HASH 966 help 967 MD5 message digest algorithm (RFC1321) 968 969config CRYPTO_MICHAEL_MIC 970 tristate "Michael MIC" 971 select CRYPTO_HASH 972 help 973 Michael MIC (Message Integrity Code) (IEEE 802.11i) 974 975 Defined by the IEEE 802.11i TKIP (Temporal Key Integrity Protocol), 976 known as WPA (Wif-Fi Protected Access). 977 978 This algorithm is required for TKIP, but it should not be used for 979 other purposes because of the weakness of the algorithm. 980 981config CRYPTO_POLYVAL 982 tristate 983 select CRYPTO_GF128MUL 984 select CRYPTO_HASH 985 help 986 POLYVAL hash function for HCTR2 987 988 This is used in HCTR2. It is not a general-purpose 989 cryptographic hash function. 990 991config CRYPTO_POLY1305 992 tristate "Poly1305" 993 select CRYPTO_HASH 994 select CRYPTO_LIB_POLY1305_GENERIC 995 help 996 Poly1305 authenticator algorithm (RFC7539) 997 998 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein. 999 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use 1000 in IETF protocols. This is the portable C implementation of Poly1305. 1001 1002config CRYPTO_RMD160 1003 tristate "RIPEMD-160" 1004 select CRYPTO_HASH 1005 help 1006 RIPEMD-160 hash function (ISO/IEC 10118-3) 1007 1008 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 1009 to be used as a secure replacement for the 128-bit hash functions 1010 MD4, MD5 and its predecessor RIPEMD 1011 (not to be confused with RIPEMD-128). 1012 1013 Its speed is comparable to SHA-1 and there are no known attacks 1014 against RIPEMD-160. 1015 1016 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 1017 See https://homes.esat.kuleuven.be/~bosselae/ripemd160.html 1018 for further information. 1019 1020config CRYPTO_SHA1 1021 tristate "SHA-1" 1022 select CRYPTO_HASH 1023 select CRYPTO_LIB_SHA1 1024 help 1025 SHA-1 secure hash algorithm (FIPS 180, ISO/IEC 10118-3) 1026 1027config CRYPTO_SHA256 1028 tristate "SHA-224 and SHA-256" 1029 select CRYPTO_HASH 1030 select CRYPTO_LIB_SHA256 1031 help 1032 SHA-224 and SHA-256 secure hash algorithms (FIPS 180, ISO/IEC 10118-3) 1033 1034 This is required for IPsec AH (XFRM_AH) and IPsec ESP (XFRM_ESP). 1035 Used by the btrfs filesystem, Ceph, NFS, and SMB. 1036 1037config CRYPTO_SHA512 1038 tristate "SHA-384 and SHA-512" 1039 select CRYPTO_HASH 1040 help 1041 SHA-384 and SHA-512 secure hash algorithms (FIPS 180, ISO/IEC 10118-3) 1042 1043config CRYPTO_SHA3 1044 tristate "SHA-3" 1045 select CRYPTO_HASH 1046 help 1047 SHA-3 secure hash algorithms (FIPS 202, ISO/IEC 10118-3) 1048 1049config CRYPTO_SM3 1050 tristate 1051 1052config CRYPTO_SM3_GENERIC 1053 tristate "SM3 (ShangMi 3)" 1054 select CRYPTO_HASH 1055 select CRYPTO_SM3 1056 help 1057 SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012, ISO/IEC 10118-3) 1058 1059 This is part of the Chinese Commercial Cryptography suite. 1060 1061 References: 1062 http://www.oscca.gov.cn/UpFile/20101222141857786.pdf 1063 https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash 1064 1065config CRYPTO_STREEBOG 1066 tristate "Streebog" 1067 select CRYPTO_HASH 1068 help 1069 Streebog Hash Function (GOST R 34.11-2012, RFC 6986, ISO/IEC 10118-3) 1070 1071 This is one of the Russian cryptographic standard algorithms (called 1072 GOST algorithms). This setting enables two hash algorithms with 1073 256 and 512 bits output. 1074 1075 References: 1076 https://tc26.ru/upload/iblock/fed/feddbb4d26b685903faa2ba11aea43f6.pdf 1077 https://tools.ietf.org/html/rfc6986 1078 1079config CRYPTO_VMAC 1080 tristate "VMAC" 1081 select CRYPTO_HASH 1082 select CRYPTO_MANAGER 1083 help 1084 VMAC is a message authentication algorithm designed for 1085 very high speed on 64-bit architectures. 1086 1087 See https://fastcrypto.org/vmac for further information. 1088 1089config CRYPTO_WP512 1090 tristate "Whirlpool" 1091 select CRYPTO_HASH 1092 help 1093 Whirlpool hash function (ISO/IEC 10118-3) 1094 1095 512, 384 and 256-bit hashes. 1096 1097 Whirlpool-512 is part of the NESSIE cryptographic primitives. 1098 1099 See https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html 1100 for further information. 1101 1102config CRYPTO_XCBC 1103 tristate "XCBC-MAC (Extended Cipher Block Chaining MAC)" 1104 select CRYPTO_HASH 1105 select CRYPTO_MANAGER 1106 help 1107 XCBC-MAC (Extended Cipher Block Chaining Message Authentication 1108 Code) (RFC3566) 1109 1110config CRYPTO_XXHASH 1111 tristate "xxHash" 1112 select CRYPTO_HASH 1113 select XXHASH 1114 help 1115 xxHash non-cryptographic hash algorithm 1116 1117 Extremely fast, working at speeds close to RAM limits. 1118 1119 Used by the btrfs filesystem. 1120 1121endmenu 1122 1123menu "CRCs (cyclic redundancy checks)" 1124 1125config CRYPTO_CRC32C 1126 tristate "CRC32c" 1127 select CRYPTO_HASH 1128 select CRC32 1129 help 1130 CRC32c CRC algorithm with the iSCSI polynomial (RFC 3385 and RFC 3720) 1131 1132 A 32-bit CRC (cyclic redundancy check) with a polynomial defined 1133 by G. Castagnoli, S. Braeuer and M. Herrman in "Optimization of Cyclic 1134 Redundancy-Check Codes with 24 and 32 Parity Bits", IEEE Transactions 1135 on Communications, Vol. 41, No. 6, June 1993, selected for use with 1136 iSCSI. 1137 1138 Used by btrfs, ext4, jbd2, NVMeoF/TCP, and iSCSI. 1139 1140config CRYPTO_CRC32 1141 tristate "CRC32" 1142 select CRYPTO_HASH 1143 select CRC32 1144 help 1145 CRC32 CRC algorithm (IEEE 802.3) 1146 1147 Used by RoCEv2 and f2fs. 1148 1149config CRYPTO_CRCT10DIF 1150 tristate "CRCT10DIF" 1151 select CRYPTO_HASH 1152 help 1153 CRC16 CRC algorithm used for the T10 (SCSI) Data Integrity Field (DIF) 1154 1155 CRC algorithm used by the SCSI Block Commands standard. 1156 1157config CRYPTO_CRC64_ROCKSOFT 1158 tristate "CRC64 based on Rocksoft Model algorithm" 1159 depends on CRC64 1160 select CRYPTO_HASH 1161 help 1162 CRC64 CRC algorithm based on the Rocksoft Model CRC Algorithm 1163 1164 Used by the NVMe implementation of T10 DIF (BLK_DEV_INTEGRITY) 1165 1166 See https://zlib.net/crc_v3.txt 1167 1168endmenu 1169 1170menu "Compression" 1171 1172config CRYPTO_DEFLATE 1173 tristate "Deflate compression algorithm" 1174 select CRYPTO_ALGAPI 1175 select CRYPTO_ACOMP2 1176 select ZLIB_INFLATE 1177 select ZLIB_DEFLATE 1178 help 1179 This is the Deflate algorithm (RFC1951), specified for use in 1180 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1181 1182 You will most probably want this if using IPSec. 1183 1184config CRYPTO_LZO 1185 tristate "LZO compression algorithm" 1186 select CRYPTO_ALGAPI 1187 select CRYPTO_ACOMP2 1188 select LZO_COMPRESS 1189 select LZO_DECOMPRESS 1190 help 1191 This is the LZO algorithm. 1192 1193config CRYPTO_842 1194 tristate "842 compression algorithm" 1195 select CRYPTO_ALGAPI 1196 select CRYPTO_ACOMP2 1197 select 842_COMPRESS 1198 select 842_DECOMPRESS 1199 help 1200 This is the 842 algorithm. 1201 1202config CRYPTO_LZ4 1203 tristate "LZ4 compression algorithm" 1204 select CRYPTO_ALGAPI 1205 select CRYPTO_ACOMP2 1206 select LZ4_COMPRESS 1207 select LZ4_DECOMPRESS 1208 help 1209 This is the LZ4 algorithm. 1210 1211config CRYPTO_LZ4HC 1212 tristate "LZ4HC compression algorithm" 1213 select CRYPTO_ALGAPI 1214 select CRYPTO_ACOMP2 1215 select LZ4HC_COMPRESS 1216 select LZ4_DECOMPRESS 1217 help 1218 This is the LZ4 high compression mode algorithm. 1219 1220config CRYPTO_ZSTD 1221 tristate "Zstd compression algorithm" 1222 select CRYPTO_ALGAPI 1223 select CRYPTO_ACOMP2 1224 select ZSTD_COMPRESS 1225 select ZSTD_DECOMPRESS 1226 help 1227 This is the zstd algorithm. 1228 1229endmenu 1230 1231menu "Random number generation" 1232 1233config CRYPTO_ANSI_CPRNG 1234 tristate "Pseudo Random Number Generation for Cryptographic modules" 1235 select CRYPTO_AES 1236 select CRYPTO_RNG 1237 help 1238 This option enables the generic pseudo random number generator 1239 for cryptographic modules. Uses the Algorithm specified in 1240 ANSI X9.31 A.2.4. Note that this option must be enabled if 1241 CRYPTO_FIPS is selected 1242 1243menuconfig CRYPTO_DRBG_MENU 1244 tristate "NIST SP800-90A DRBG" 1245 help 1246 NIST SP800-90A compliant DRBG. In the following submenu, one or 1247 more of the DRBG types must be selected. 1248 1249if CRYPTO_DRBG_MENU 1250 1251config CRYPTO_DRBG_HMAC 1252 bool 1253 default y 1254 select CRYPTO_HMAC 1255 select CRYPTO_SHA512 1256 1257config CRYPTO_DRBG_HASH 1258 bool "Enable Hash DRBG" 1259 select CRYPTO_SHA256 1260 help 1261 Enable the Hash DRBG variant as defined in NIST SP800-90A. 1262 1263config CRYPTO_DRBG_CTR 1264 bool "Enable CTR DRBG" 1265 select CRYPTO_AES 1266 select CRYPTO_CTR 1267 help 1268 Enable the CTR DRBG variant as defined in NIST SP800-90A. 1269 1270config CRYPTO_DRBG 1271 tristate 1272 default CRYPTO_DRBG_MENU 1273 select CRYPTO_RNG 1274 select CRYPTO_JITTERENTROPY 1275 1276endif # if CRYPTO_DRBG_MENU 1277 1278config CRYPTO_JITTERENTROPY 1279 tristate "Jitterentropy Non-Deterministic Random Number Generator" 1280 select CRYPTO_RNG 1281 help 1282 The Jitterentropy RNG is a noise that is intended 1283 to provide seed to another RNG. The RNG does not 1284 perform any cryptographic whitening of the generated 1285 random numbers. This Jitterentropy RNG registers with 1286 the kernel crypto API and can be used by any caller. 1287 1288config CRYPTO_KDF800108_CTR 1289 tristate 1290 select CRYPTO_HMAC 1291 select CRYPTO_SHA256 1292 1293endmenu 1294menu "Userspace interface" 1295 1296config CRYPTO_USER_API 1297 tristate 1298 1299config CRYPTO_USER_API_HASH 1300 tristate "Hash algorithms" 1301 depends on NET 1302 select CRYPTO_HASH 1303 select CRYPTO_USER_API 1304 help 1305 Enable the userspace interface for hash algorithms. 1306 1307 See Documentation/crypto/userspace-if.rst and 1308 https://www.chronox.de/libkcapi/html/index.html 1309 1310config CRYPTO_USER_API_SKCIPHER 1311 tristate "Symmetric key cipher algorithms" 1312 depends on NET 1313 select CRYPTO_SKCIPHER 1314 select CRYPTO_USER_API 1315 help 1316 Enable the userspace interface for symmetric key cipher algorithms. 1317 1318 See Documentation/crypto/userspace-if.rst and 1319 https://www.chronox.de/libkcapi/html/index.html 1320 1321config CRYPTO_USER_API_RNG 1322 tristate "RNG (random number generator) algorithms" 1323 depends on NET 1324 select CRYPTO_RNG 1325 select CRYPTO_USER_API 1326 help 1327 Enable the userspace interface for RNG (random number generator) 1328 algorithms. 1329 1330 See Documentation/crypto/userspace-if.rst and 1331 https://www.chronox.de/libkcapi/html/index.html 1332 1333config CRYPTO_USER_API_RNG_CAVP 1334 bool "Enable CAVP testing of DRBG" 1335 depends on CRYPTO_USER_API_RNG && CRYPTO_DRBG 1336 help 1337 Enable extra APIs in the userspace interface for NIST CAVP 1338 (Cryptographic Algorithm Validation Program) testing: 1339 - resetting DRBG entropy 1340 - providing Additional Data 1341 1342 This should only be enabled for CAVP testing. You should say 1343 no unless you know what this is. 1344 1345config CRYPTO_USER_API_AEAD 1346 tristate "AEAD cipher algorithms" 1347 depends on NET 1348 select CRYPTO_AEAD 1349 select CRYPTO_SKCIPHER 1350 select CRYPTO_NULL 1351 select CRYPTO_USER_API 1352 help 1353 Enable the userspace interface for AEAD cipher algorithms. 1354 1355 See Documentation/crypto/userspace-if.rst and 1356 https://www.chronox.de/libkcapi/html/index.html 1357 1358config CRYPTO_USER_API_ENABLE_OBSOLETE 1359 bool "Obsolete cryptographic algorithms" 1360 depends on CRYPTO_USER_API 1361 default y 1362 help 1363 Allow obsolete cryptographic algorithms to be selected that have 1364 already been phased out from internal use by the kernel, and are 1365 only useful for userspace clients that still rely on them. 1366 1367config CRYPTO_STATS 1368 bool "Crypto usage statistics" 1369 depends on CRYPTO_USER 1370 help 1371 Enable the gathering of crypto stats. 1372 1373 This collects data sizes, numbers of requests, and numbers 1374 of errors processed by: 1375 - AEAD ciphers (encrypt, decrypt) 1376 - asymmetric key ciphers (encrypt, decrypt, verify, sign) 1377 - symmetric key ciphers (encrypt, decrypt) 1378 - compression algorithms (compress, decompress) 1379 - hash algorithms (hash) 1380 - key-agreement protocol primitives (setsecret, generate 1381 public key, compute shared secret) 1382 - RNG (generate, seed) 1383 1384endmenu 1385 1386config CRYPTO_HASH_INFO 1387 bool 1388 1389if ARM 1390source "arch/arm/crypto/Kconfig" 1391endif 1392if ARM64 1393source "arch/arm64/crypto/Kconfig" 1394endif 1395if MIPS 1396source "arch/mips/crypto/Kconfig" 1397endif 1398if PPC 1399source "arch/powerpc/crypto/Kconfig" 1400endif 1401if S390 1402source "arch/s390/crypto/Kconfig" 1403endif 1404if SPARC 1405source "arch/sparc/crypto/Kconfig" 1406endif 1407if X86 1408source "arch/x86/crypto/Kconfig" 1409endif 1410 1411source "drivers/crypto/Kconfig" 1412source "crypto/asymmetric_keys/Kconfig" 1413source "certs/Kconfig" 1414 1415endif # if CRYPTO 1416