1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS 27 help 28 This options enables the fips boot option which is 29 required if you want to system to operate in a FIPS 200 30 certification. You should say no unless you know what 31 this is. 32 33config CRYPTO_ALGAPI 34 tristate 35 select CRYPTO_ALGAPI2 36 help 37 This option provides the API for cryptographic algorithms. 38 39config CRYPTO_ALGAPI2 40 tristate 41 42config CRYPTO_AEAD 43 tristate 44 select CRYPTO_AEAD2 45 select CRYPTO_ALGAPI 46 47config CRYPTO_AEAD2 48 tristate 49 select CRYPTO_ALGAPI2 50 51config CRYPTO_BLKCIPHER 52 tristate 53 select CRYPTO_BLKCIPHER2 54 select CRYPTO_ALGAPI 55 56config CRYPTO_BLKCIPHER2 57 tristate 58 select CRYPTO_ALGAPI2 59 select CRYPTO_RNG2 60 select CRYPTO_WORKQUEUE 61 62config CRYPTO_HASH 63 tristate 64 select CRYPTO_HASH2 65 select CRYPTO_ALGAPI 66 67config CRYPTO_HASH2 68 tristate 69 select CRYPTO_ALGAPI2 70 71config CRYPTO_RNG 72 tristate 73 select CRYPTO_RNG2 74 select CRYPTO_ALGAPI 75 76config CRYPTO_RNG2 77 tristate 78 select CRYPTO_ALGAPI2 79 80config CRYPTO_PCOMP 81 tristate 82 select CRYPTO_PCOMP2 83 select CRYPTO_ALGAPI 84 85config CRYPTO_PCOMP2 86 tristate 87 select CRYPTO_ALGAPI2 88 89config CRYPTO_MANAGER 90 tristate "Cryptographic algorithm manager" 91 select CRYPTO_MANAGER2 92 help 93 Create default cryptographic template instantiations such as 94 cbc(aes). 95 96config CRYPTO_MANAGER2 97 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 98 select CRYPTO_AEAD2 99 select CRYPTO_HASH2 100 select CRYPTO_BLKCIPHER2 101 select CRYPTO_PCOMP2 102 103config CRYPTO_USER 104 tristate "Userspace cryptographic algorithm configuration" 105 depends on NET 106 select CRYPTO_MANAGER 107 help 108 Userspace configuration for cryptographic instantiations such as 109 cbc(aes). 110 111config CRYPTO_MANAGER_DISABLE_TESTS 112 bool "Disable run-time self tests" 113 default y 114 depends on CRYPTO_MANAGER2 115 help 116 Disable run-time self tests that normally take place at 117 algorithm registration. 118 119config CRYPTO_GF128MUL 120 tristate "GF(2^128) multiplication functions" 121 help 122 Efficient table driven implementation of multiplications in the 123 field GF(2^128). This is needed by some cypher modes. This 124 option will be selected automatically if you select such a 125 cipher mode. Only select this option by hand if you expect to load 126 an external module that requires these functions. 127 128config CRYPTO_NULL 129 tristate "Null algorithms" 130 select CRYPTO_ALGAPI 131 select CRYPTO_BLKCIPHER 132 select CRYPTO_HASH 133 help 134 These are 'Null' algorithms, used by IPsec, which do nothing. 135 136config CRYPTO_PCRYPT 137 tristate "Parallel crypto engine (EXPERIMENTAL)" 138 depends on SMP && EXPERIMENTAL 139 select PADATA 140 select CRYPTO_MANAGER 141 select CRYPTO_AEAD 142 help 143 This converts an arbitrary crypto algorithm into a parallel 144 algorithm that executes in kernel threads. 145 146config CRYPTO_WORKQUEUE 147 tristate 148 149config CRYPTO_CRYPTD 150 tristate "Software async crypto daemon" 151 select CRYPTO_BLKCIPHER 152 select CRYPTO_HASH 153 select CRYPTO_MANAGER 154 select CRYPTO_WORKQUEUE 155 help 156 This is a generic software asynchronous crypto daemon that 157 converts an arbitrary synchronous software crypto algorithm 158 into an asynchronous algorithm that executes in a kernel thread. 159 160config CRYPTO_AUTHENC 161 tristate "Authenc support" 162 select CRYPTO_AEAD 163 select CRYPTO_BLKCIPHER 164 select CRYPTO_MANAGER 165 select CRYPTO_HASH 166 help 167 Authenc: Combined mode wrapper for IPsec. 168 This is required for IPSec. 169 170config CRYPTO_TEST 171 tristate "Testing module" 172 depends on m 173 select CRYPTO_MANAGER 174 help 175 Quick & dirty crypto test module. 176 177config CRYPTO_ABLK_HELPER_X86 178 tristate 179 depends on X86 180 select CRYPTO_CRYPTD 181 182config CRYPTO_GLUE_HELPER_X86 183 tristate 184 depends on X86 185 select CRYPTO_ALGAPI 186 187comment "Authenticated Encryption with Associated Data" 188 189config CRYPTO_CCM 190 tristate "CCM support" 191 select CRYPTO_CTR 192 select CRYPTO_AEAD 193 help 194 Support for Counter with CBC MAC. Required for IPsec. 195 196config CRYPTO_GCM 197 tristate "GCM/GMAC support" 198 select CRYPTO_CTR 199 select CRYPTO_AEAD 200 select CRYPTO_GHASH 201 help 202 Support for Galois/Counter Mode (GCM) and Galois Message 203 Authentication Code (GMAC). Required for IPSec. 204 205config CRYPTO_SEQIV 206 tristate "Sequence Number IV Generator" 207 select CRYPTO_AEAD 208 select CRYPTO_BLKCIPHER 209 select CRYPTO_RNG 210 help 211 This IV generator generates an IV based on a sequence number by 212 xoring it with a salt. This algorithm is mainly useful for CTR 213 214comment "Block modes" 215 216config CRYPTO_CBC 217 tristate "CBC support" 218 select CRYPTO_BLKCIPHER 219 select CRYPTO_MANAGER 220 help 221 CBC: Cipher Block Chaining mode 222 This block cipher algorithm is required for IPSec. 223 224config CRYPTO_CTR 225 tristate "CTR support" 226 select CRYPTO_BLKCIPHER 227 select CRYPTO_SEQIV 228 select CRYPTO_MANAGER 229 help 230 CTR: Counter mode 231 This block cipher algorithm is required for IPSec. 232 233config CRYPTO_CTS 234 tristate "CTS support" 235 select CRYPTO_BLKCIPHER 236 help 237 CTS: Cipher Text Stealing 238 This is the Cipher Text Stealing mode as described by 239 Section 8 of rfc2040 and referenced by rfc3962. 240 (rfc3962 includes errata information in its Appendix A) 241 This mode is required for Kerberos gss mechanism support 242 for AES encryption. 243 244config CRYPTO_ECB 245 tristate "ECB support" 246 select CRYPTO_BLKCIPHER 247 select CRYPTO_MANAGER 248 help 249 ECB: Electronic CodeBook mode 250 This is the simplest block cipher algorithm. It simply encrypts 251 the input block by block. 252 253config CRYPTO_LRW 254 tristate "LRW support" 255 select CRYPTO_BLKCIPHER 256 select CRYPTO_MANAGER 257 select CRYPTO_GF128MUL 258 help 259 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 260 narrow block cipher mode for dm-crypt. Use it with cipher 261 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 262 The first 128, 192 or 256 bits in the key are used for AES and the 263 rest is used to tie each cipher block to its logical position. 264 265config CRYPTO_PCBC 266 tristate "PCBC support" 267 select CRYPTO_BLKCIPHER 268 select CRYPTO_MANAGER 269 help 270 PCBC: Propagating Cipher Block Chaining mode 271 This block cipher algorithm is required for RxRPC. 272 273config CRYPTO_XTS 274 tristate "XTS support" 275 select CRYPTO_BLKCIPHER 276 select CRYPTO_MANAGER 277 select CRYPTO_GF128MUL 278 help 279 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 280 key size 256, 384 or 512 bits. This implementation currently 281 can't handle a sectorsize which is not a multiple of 16 bytes. 282 283comment "Hash modes" 284 285config CRYPTO_HMAC 286 tristate "HMAC support" 287 select CRYPTO_HASH 288 select CRYPTO_MANAGER 289 help 290 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 291 This is required for IPSec. 292 293config CRYPTO_XCBC 294 tristate "XCBC support" 295 depends on EXPERIMENTAL 296 select CRYPTO_HASH 297 select CRYPTO_MANAGER 298 help 299 XCBC: Keyed-Hashing with encryption algorithm 300 http://www.ietf.org/rfc/rfc3566.txt 301 http://csrc.nist.gov/encryption/modes/proposedmodes/ 302 xcbc-mac/xcbc-mac-spec.pdf 303 304config CRYPTO_VMAC 305 tristate "VMAC support" 306 depends on EXPERIMENTAL 307 select CRYPTO_HASH 308 select CRYPTO_MANAGER 309 help 310 VMAC is a message authentication algorithm designed for 311 very high speed on 64-bit architectures. 312 313 See also: 314 <http://fastcrypto.org/vmac> 315 316comment "Digest" 317 318config CRYPTO_CRC32C 319 tristate "CRC32c CRC algorithm" 320 select CRYPTO_HASH 321 select CRC32 322 help 323 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 324 by iSCSI for header and data digests and by others. 325 See Castagnoli93. Module will be crc32c. 326 327config CRYPTO_CRC32C_X86_64 328 bool 329 depends on X86 && 64BIT 330 select CRYPTO_HASH 331 help 332 In Intel processor with SSE4.2 supported, the processor will 333 support CRC32C calculation using hardware accelerated CRC32 334 instruction optimized with PCLMULQDQ instruction when available. 335 336config CRYPTO_CRC32C_INTEL 337 tristate "CRC32c INTEL hardware acceleration" 338 depends on X86 339 select CRYPTO_CRC32C_X86_64 if 64BIT 340 select CRYPTO_HASH 341 help 342 In Intel processor with SSE4.2 supported, the processor will 343 support CRC32C implementation using hardware accelerated CRC32 344 instruction. This option will create 'crc32c-intel' module, 345 which will enable any routine to use the CRC32 instruction to 346 gain performance compared with software implementation. 347 Module will be crc32c-intel. 348 349config CRYPTO_CRC32C_SPARC64 350 tristate "CRC32c CRC algorithm (SPARC64)" 351 depends on SPARC64 352 select CRYPTO_HASH 353 select CRC32 354 help 355 CRC32c CRC algorithm implemented using sparc64 crypto instructions, 356 when available. 357 358config CRYPTO_GHASH 359 tristate "GHASH digest algorithm" 360 select CRYPTO_GF128MUL 361 help 362 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 363 364config CRYPTO_MD4 365 tristate "MD4 digest algorithm" 366 select CRYPTO_HASH 367 help 368 MD4 message digest algorithm (RFC1320). 369 370config CRYPTO_MD5 371 tristate "MD5 digest algorithm" 372 select CRYPTO_HASH 373 help 374 MD5 message digest algorithm (RFC1321). 375 376config CRYPTO_MD5_SPARC64 377 tristate "MD5 digest algorithm (SPARC64)" 378 depends on SPARC64 379 select CRYPTO_MD5 380 select CRYPTO_HASH 381 help 382 MD5 message digest algorithm (RFC1321) implemented 383 using sparc64 crypto instructions, when available. 384 385config CRYPTO_MICHAEL_MIC 386 tristate "Michael MIC keyed digest algorithm" 387 select CRYPTO_HASH 388 help 389 Michael MIC is used for message integrity protection in TKIP 390 (IEEE 802.11i). This algorithm is required for TKIP, but it 391 should not be used for other purposes because of the weakness 392 of the algorithm. 393 394config CRYPTO_RMD128 395 tristate "RIPEMD-128 digest algorithm" 396 select CRYPTO_HASH 397 help 398 RIPEMD-128 (ISO/IEC 10118-3:2004). 399 400 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 401 be used as a secure replacement for RIPEMD. For other use cases, 402 RIPEMD-160 should be used. 403 404 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 405 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 406 407config CRYPTO_RMD160 408 tristate "RIPEMD-160 digest algorithm" 409 select CRYPTO_HASH 410 help 411 RIPEMD-160 (ISO/IEC 10118-3:2004). 412 413 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 414 to be used as a secure replacement for the 128-bit hash functions 415 MD4, MD5 and it's predecessor RIPEMD 416 (not to be confused with RIPEMD-128). 417 418 It's speed is comparable to SHA1 and there are no known attacks 419 against RIPEMD-160. 420 421 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 422 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 423 424config CRYPTO_RMD256 425 tristate "RIPEMD-256 digest algorithm" 426 select CRYPTO_HASH 427 help 428 RIPEMD-256 is an optional extension of RIPEMD-128 with a 429 256 bit hash. It is intended for applications that require 430 longer hash-results, without needing a larger security level 431 (than RIPEMD-128). 432 433 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 434 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 435 436config CRYPTO_RMD320 437 tristate "RIPEMD-320 digest algorithm" 438 select CRYPTO_HASH 439 help 440 RIPEMD-320 is an optional extension of RIPEMD-160 with a 441 320 bit hash. It is intended for applications that require 442 longer hash-results, without needing a larger security level 443 (than RIPEMD-160). 444 445 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 446 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 447 448config CRYPTO_SHA1 449 tristate "SHA1 digest algorithm" 450 select CRYPTO_HASH 451 help 452 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 453 454config CRYPTO_SHA1_SSSE3 455 tristate "SHA1 digest algorithm (SSSE3/AVX)" 456 depends on X86 && 64BIT 457 select CRYPTO_SHA1 458 select CRYPTO_HASH 459 help 460 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 461 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 462 Extensions (AVX), when available. 463 464config CRYPTO_SHA1_SPARC64 465 tristate "SHA1 digest algorithm (SPARC64)" 466 depends on SPARC64 467 select CRYPTO_SHA1 468 select CRYPTO_HASH 469 help 470 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 471 using sparc64 crypto instructions, when available. 472 473config CRYPTO_SHA1_ARM 474 tristate "SHA1 digest algorithm (ARM-asm)" 475 depends on ARM 476 select CRYPTO_SHA1 477 select CRYPTO_HASH 478 help 479 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 480 using optimized ARM assembler. 481 482config CRYPTO_SHA256 483 tristate "SHA224 and SHA256 digest algorithm" 484 select CRYPTO_HASH 485 help 486 SHA256 secure hash standard (DFIPS 180-2). 487 488 This version of SHA implements a 256 bit hash with 128 bits of 489 security against collision attacks. 490 491 This code also includes SHA-224, a 224 bit hash with 112 bits 492 of security against collision attacks. 493 494config CRYPTO_SHA256_SPARC64 495 tristate "SHA224 and SHA256 digest algorithm (SPARC64)" 496 depends on SPARC64 497 select CRYPTO_SHA256 498 select CRYPTO_HASH 499 help 500 SHA-256 secure hash standard (DFIPS 180-2) implemented 501 using sparc64 crypto instructions, when available. 502 503config CRYPTO_SHA512 504 tristate "SHA384 and SHA512 digest algorithms" 505 select CRYPTO_HASH 506 help 507 SHA512 secure hash standard (DFIPS 180-2). 508 509 This version of SHA implements a 512 bit hash with 256 bits of 510 security against collision attacks. 511 512 This code also includes SHA-384, a 384 bit hash with 192 bits 513 of security against collision attacks. 514 515config CRYPTO_SHA512_SPARC64 516 tristate "SHA384 and SHA512 digest algorithm (SPARC64)" 517 depends on SPARC64 518 select CRYPTO_SHA512 519 select CRYPTO_HASH 520 help 521 SHA-512 secure hash standard (DFIPS 180-2) implemented 522 using sparc64 crypto instructions, when available. 523 524config CRYPTO_TGR192 525 tristate "Tiger digest algorithms" 526 select CRYPTO_HASH 527 help 528 Tiger hash algorithm 192, 160 and 128-bit hashes 529 530 Tiger is a hash function optimized for 64-bit processors while 531 still having decent performance on 32-bit processors. 532 Tiger was developed by Ross Anderson and Eli Biham. 533 534 See also: 535 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 536 537config CRYPTO_WP512 538 tristate "Whirlpool digest algorithms" 539 select CRYPTO_HASH 540 help 541 Whirlpool hash algorithm 512, 384 and 256-bit hashes 542 543 Whirlpool-512 is part of the NESSIE cryptographic primitives. 544 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 545 546 See also: 547 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 548 549config CRYPTO_GHASH_CLMUL_NI_INTEL 550 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 551 depends on X86 && 64BIT 552 select CRYPTO_CRYPTD 553 help 554 GHASH is message digest algorithm for GCM (Galois/Counter Mode). 555 The implementation is accelerated by CLMUL-NI of Intel. 556 557comment "Ciphers" 558 559config CRYPTO_AES 560 tristate "AES cipher algorithms" 561 select CRYPTO_ALGAPI 562 help 563 AES cipher algorithms (FIPS-197). AES uses the Rijndael 564 algorithm. 565 566 Rijndael appears to be consistently a very good performer in 567 both hardware and software across a wide range of computing 568 environments regardless of its use in feedback or non-feedback 569 modes. Its key setup time is excellent, and its key agility is 570 good. Rijndael's very low memory requirements make it very well 571 suited for restricted-space environments, in which it also 572 demonstrates excellent performance. Rijndael's operations are 573 among the easiest to defend against power and timing attacks. 574 575 The AES specifies three key sizes: 128, 192 and 256 bits 576 577 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 578 579config CRYPTO_AES_586 580 tristate "AES cipher algorithms (i586)" 581 depends on (X86 || UML_X86) && !64BIT 582 select CRYPTO_ALGAPI 583 select CRYPTO_AES 584 help 585 AES cipher algorithms (FIPS-197). AES uses the Rijndael 586 algorithm. 587 588 Rijndael appears to be consistently a very good performer in 589 both hardware and software across a wide range of computing 590 environments regardless of its use in feedback or non-feedback 591 modes. Its key setup time is excellent, and its key agility is 592 good. Rijndael's very low memory requirements make it very well 593 suited for restricted-space environments, in which it also 594 demonstrates excellent performance. Rijndael's operations are 595 among the easiest to defend against power and timing attacks. 596 597 The AES specifies three key sizes: 128, 192 and 256 bits 598 599 See <http://csrc.nist.gov/encryption/aes/> for more information. 600 601config CRYPTO_AES_X86_64 602 tristate "AES cipher algorithms (x86_64)" 603 depends on (X86 || UML_X86) && 64BIT 604 select CRYPTO_ALGAPI 605 select CRYPTO_AES 606 help 607 AES cipher algorithms (FIPS-197). AES uses the Rijndael 608 algorithm. 609 610 Rijndael appears to be consistently a very good performer in 611 both hardware and software across a wide range of computing 612 environments regardless of its use in feedback or non-feedback 613 modes. Its key setup time is excellent, and its key agility is 614 good. Rijndael's very low memory requirements make it very well 615 suited for restricted-space environments, in which it also 616 demonstrates excellent performance. Rijndael's operations are 617 among the easiest to defend against power and timing attacks. 618 619 The AES specifies three key sizes: 128, 192 and 256 bits 620 621 See <http://csrc.nist.gov/encryption/aes/> for more information. 622 623config CRYPTO_AES_NI_INTEL 624 tristate "AES cipher algorithms (AES-NI)" 625 depends on X86 626 select CRYPTO_AES_X86_64 if 64BIT 627 select CRYPTO_AES_586 if !64BIT 628 select CRYPTO_CRYPTD 629 select CRYPTO_ABLK_HELPER_X86 630 select CRYPTO_ALGAPI 631 select CRYPTO_LRW 632 select CRYPTO_XTS 633 help 634 Use Intel AES-NI instructions for AES algorithm. 635 636 AES cipher algorithms (FIPS-197). AES uses the Rijndael 637 algorithm. 638 639 Rijndael appears to be consistently a very good performer in 640 both hardware and software across a wide range of computing 641 environments regardless of its use in feedback or non-feedback 642 modes. Its key setup time is excellent, and its key agility is 643 good. Rijndael's very low memory requirements make it very well 644 suited for restricted-space environments, in which it also 645 demonstrates excellent performance. Rijndael's operations are 646 among the easiest to defend against power and timing attacks. 647 648 The AES specifies three key sizes: 128, 192 and 256 bits 649 650 See <http://csrc.nist.gov/encryption/aes/> for more information. 651 652 In addition to AES cipher algorithm support, the acceleration 653 for some popular block cipher mode is supported too, including 654 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 655 acceleration for CTR. 656 657config CRYPTO_AES_SPARC64 658 tristate "AES cipher algorithms (SPARC64)" 659 depends on SPARC64 660 select CRYPTO_CRYPTD 661 select CRYPTO_ALGAPI 662 help 663 Use SPARC64 crypto opcodes for AES algorithm. 664 665 AES cipher algorithms (FIPS-197). AES uses the Rijndael 666 algorithm. 667 668 Rijndael appears to be consistently a very good performer in 669 both hardware and software across a wide range of computing 670 environments regardless of its use in feedback or non-feedback 671 modes. Its key setup time is excellent, and its key agility is 672 good. Rijndael's very low memory requirements make it very well 673 suited for restricted-space environments, in which it also 674 demonstrates excellent performance. Rijndael's operations are 675 among the easiest to defend against power and timing attacks. 676 677 The AES specifies three key sizes: 128, 192 and 256 bits 678 679 See <http://csrc.nist.gov/encryption/aes/> for more information. 680 681 In addition to AES cipher algorithm support, the acceleration 682 for some popular block cipher mode is supported too, including 683 ECB and CBC. 684 685config CRYPTO_AES_ARM 686 tristate "AES cipher algorithms (ARM-asm)" 687 depends on ARM 688 select CRYPTO_ALGAPI 689 select CRYPTO_AES 690 help 691 Use optimized AES assembler routines for ARM platforms. 692 693 AES cipher algorithms (FIPS-197). AES uses the Rijndael 694 algorithm. 695 696 Rijndael appears to be consistently a very good performer in 697 both hardware and software across a wide range of computing 698 environments regardless of its use in feedback or non-feedback 699 modes. Its key setup time is excellent, and its key agility is 700 good. Rijndael's very low memory requirements make it very well 701 suited for restricted-space environments, in which it also 702 demonstrates excellent performance. Rijndael's operations are 703 among the easiest to defend against power and timing attacks. 704 705 The AES specifies three key sizes: 128, 192 and 256 bits 706 707 See <http://csrc.nist.gov/encryption/aes/> for more information. 708 709config CRYPTO_ANUBIS 710 tristate "Anubis cipher algorithm" 711 select CRYPTO_ALGAPI 712 help 713 Anubis cipher algorithm. 714 715 Anubis is a variable key length cipher which can use keys from 716 128 bits to 320 bits in length. It was evaluated as a entrant 717 in the NESSIE competition. 718 719 See also: 720 <https://www.cosic.esat.kuleuven.be/nessie/reports/> 721 <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 722 723config CRYPTO_ARC4 724 tristate "ARC4 cipher algorithm" 725 select CRYPTO_BLKCIPHER 726 help 727 ARC4 cipher algorithm. 728 729 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 730 bits in length. This algorithm is required for driver-based 731 WEP, but it should not be for other purposes because of the 732 weakness of the algorithm. 733 734config CRYPTO_BLOWFISH 735 tristate "Blowfish cipher algorithm" 736 select CRYPTO_ALGAPI 737 select CRYPTO_BLOWFISH_COMMON 738 help 739 Blowfish cipher algorithm, by Bruce Schneier. 740 741 This is a variable key length cipher which can use keys from 32 742 bits to 448 bits in length. It's fast, simple and specifically 743 designed for use on "large microprocessors". 744 745 See also: 746 <http://www.schneier.com/blowfish.html> 747 748config CRYPTO_BLOWFISH_COMMON 749 tristate 750 help 751 Common parts of the Blowfish cipher algorithm shared by the 752 generic c and the assembler implementations. 753 754 See also: 755 <http://www.schneier.com/blowfish.html> 756 757config CRYPTO_BLOWFISH_X86_64 758 tristate "Blowfish cipher algorithm (x86_64)" 759 depends on X86 && 64BIT 760 select CRYPTO_ALGAPI 761 select CRYPTO_BLOWFISH_COMMON 762 help 763 Blowfish cipher algorithm (x86_64), by Bruce Schneier. 764 765 This is a variable key length cipher which can use keys from 32 766 bits to 448 bits in length. It's fast, simple and specifically 767 designed for use on "large microprocessors". 768 769 See also: 770 <http://www.schneier.com/blowfish.html> 771 772config CRYPTO_CAMELLIA 773 tristate "Camellia cipher algorithms" 774 depends on CRYPTO 775 select CRYPTO_ALGAPI 776 help 777 Camellia cipher algorithms module. 778 779 Camellia is a symmetric key block cipher developed jointly 780 at NTT and Mitsubishi Electric Corporation. 781 782 The Camellia specifies three key sizes: 128, 192 and 256 bits. 783 784 See also: 785 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 786 787config CRYPTO_CAMELLIA_X86_64 788 tristate "Camellia cipher algorithm (x86_64)" 789 depends on X86 && 64BIT 790 depends on CRYPTO 791 select CRYPTO_ALGAPI 792 select CRYPTO_GLUE_HELPER_X86 793 select CRYPTO_LRW 794 select CRYPTO_XTS 795 help 796 Camellia cipher algorithm module (x86_64). 797 798 Camellia is a symmetric key block cipher developed jointly 799 at NTT and Mitsubishi Electric Corporation. 800 801 The Camellia specifies three key sizes: 128, 192 and 256 bits. 802 803 See also: 804 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 805 806config CRYPTO_CAMELLIA_AESNI_AVX_X86_64 807 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)" 808 depends on X86 && 64BIT 809 depends on CRYPTO 810 select CRYPTO_ALGAPI 811 select CRYPTO_CRYPTD 812 select CRYPTO_ABLK_HELPER_X86 813 select CRYPTO_GLUE_HELPER_X86 814 select CRYPTO_CAMELLIA_X86_64 815 select CRYPTO_LRW 816 select CRYPTO_XTS 817 help 818 Camellia cipher algorithm module (x86_64/AES-NI/AVX). 819 820 Camellia is a symmetric key block cipher developed jointly 821 at NTT and Mitsubishi Electric Corporation. 822 823 The Camellia specifies three key sizes: 128, 192 and 256 bits. 824 825 See also: 826 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 827 828config CRYPTO_CAMELLIA_SPARC64 829 tristate "Camellia cipher algorithm (SPARC64)" 830 depends on SPARC64 831 depends on CRYPTO 832 select CRYPTO_ALGAPI 833 help 834 Camellia cipher algorithm module (SPARC64). 835 836 Camellia is a symmetric key block cipher developed jointly 837 at NTT and Mitsubishi Electric Corporation. 838 839 The Camellia specifies three key sizes: 128, 192 and 256 bits. 840 841 See also: 842 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 843 844config CRYPTO_CAST_COMMON 845 tristate 846 help 847 Common parts of the CAST cipher algorithms shared by the 848 generic c and the assembler implementations. 849 850config CRYPTO_CAST5 851 tristate "CAST5 (CAST-128) cipher algorithm" 852 select CRYPTO_ALGAPI 853 select CRYPTO_CAST_COMMON 854 help 855 The CAST5 encryption algorithm (synonymous with CAST-128) is 856 described in RFC2144. 857 858config CRYPTO_CAST5_AVX_X86_64 859 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)" 860 depends on X86 && 64BIT 861 select CRYPTO_ALGAPI 862 select CRYPTO_CRYPTD 863 select CRYPTO_ABLK_HELPER_X86 864 select CRYPTO_CAST_COMMON 865 select CRYPTO_CAST5 866 help 867 The CAST5 encryption algorithm (synonymous with CAST-128) is 868 described in RFC2144. 869 870 This module provides the Cast5 cipher algorithm that processes 871 sixteen blocks parallel using the AVX instruction set. 872 873config CRYPTO_CAST6 874 tristate "CAST6 (CAST-256) cipher algorithm" 875 select CRYPTO_ALGAPI 876 select CRYPTO_CAST_COMMON 877 help 878 The CAST6 encryption algorithm (synonymous with CAST-256) is 879 described in RFC2612. 880 881config CRYPTO_CAST6_AVX_X86_64 882 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)" 883 depends on X86 && 64BIT 884 select CRYPTO_ALGAPI 885 select CRYPTO_CRYPTD 886 select CRYPTO_ABLK_HELPER_X86 887 select CRYPTO_GLUE_HELPER_X86 888 select CRYPTO_CAST_COMMON 889 select CRYPTO_CAST6 890 select CRYPTO_LRW 891 select CRYPTO_XTS 892 help 893 The CAST6 encryption algorithm (synonymous with CAST-256) is 894 described in RFC2612. 895 896 This module provides the Cast6 cipher algorithm that processes 897 eight blocks parallel using the AVX instruction set. 898 899config CRYPTO_DES 900 tristate "DES and Triple DES EDE cipher algorithms" 901 select CRYPTO_ALGAPI 902 help 903 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 904 905config CRYPTO_DES_SPARC64 906 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" 907 depends on SPARC64 908 select CRYPTO_ALGAPI 909 select CRYPTO_DES 910 help 911 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), 912 optimized using SPARC64 crypto opcodes. 913 914config CRYPTO_FCRYPT 915 tristate "FCrypt cipher algorithm" 916 select CRYPTO_ALGAPI 917 select CRYPTO_BLKCIPHER 918 help 919 FCrypt algorithm used by RxRPC. 920 921config CRYPTO_KHAZAD 922 tristate "Khazad cipher algorithm" 923 select CRYPTO_ALGAPI 924 help 925 Khazad cipher algorithm. 926 927 Khazad was a finalist in the initial NESSIE competition. It is 928 an algorithm optimized for 64-bit processors with good performance 929 on 32-bit processors. Khazad uses an 128 bit key size. 930 931 See also: 932 <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 933 934config CRYPTO_SALSA20 935 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" 936 depends on EXPERIMENTAL 937 select CRYPTO_BLKCIPHER 938 help 939 Salsa20 stream cipher algorithm. 940 941 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 942 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 943 944 The Salsa20 stream cipher algorithm is designed by Daniel J. 945 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 946 947config CRYPTO_SALSA20_586 948 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" 949 depends on (X86 || UML_X86) && !64BIT 950 depends on EXPERIMENTAL 951 select CRYPTO_BLKCIPHER 952 help 953 Salsa20 stream cipher algorithm. 954 955 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 956 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 957 958 The Salsa20 stream cipher algorithm is designed by Daniel J. 959 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 960 961config CRYPTO_SALSA20_X86_64 962 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" 963 depends on (X86 || UML_X86) && 64BIT 964 depends on EXPERIMENTAL 965 select CRYPTO_BLKCIPHER 966 help 967 Salsa20 stream cipher algorithm. 968 969 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 970 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 971 972 The Salsa20 stream cipher algorithm is designed by Daniel J. 973 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 974 975config CRYPTO_SEED 976 tristate "SEED cipher algorithm" 977 select CRYPTO_ALGAPI 978 help 979 SEED cipher algorithm (RFC4269). 980 981 SEED is a 128-bit symmetric key block cipher that has been 982 developed by KISA (Korea Information Security Agency) as a 983 national standard encryption algorithm of the Republic of Korea. 984 It is a 16 round block cipher with the key size of 128 bit. 985 986 See also: 987 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 988 989config CRYPTO_SERPENT 990 tristate "Serpent cipher algorithm" 991 select CRYPTO_ALGAPI 992 help 993 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 994 995 Keys are allowed to be from 0 to 256 bits in length, in steps 996 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 997 variant of Serpent for compatibility with old kerneli.org code. 998 999 See also: 1000 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1001 1002config CRYPTO_SERPENT_SSE2_X86_64 1003 tristate "Serpent cipher algorithm (x86_64/SSE2)" 1004 depends on X86 && 64BIT 1005 select CRYPTO_ALGAPI 1006 select CRYPTO_CRYPTD 1007 select CRYPTO_ABLK_HELPER_X86 1008 select CRYPTO_GLUE_HELPER_X86 1009 select CRYPTO_SERPENT 1010 select CRYPTO_LRW 1011 select CRYPTO_XTS 1012 help 1013 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1014 1015 Keys are allowed to be from 0 to 256 bits in length, in steps 1016 of 8 bits. 1017 1018 This module provides Serpent cipher algorithm that processes eigth 1019 blocks parallel using SSE2 instruction set. 1020 1021 See also: 1022 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1023 1024config CRYPTO_SERPENT_SSE2_586 1025 tristate "Serpent cipher algorithm (i586/SSE2)" 1026 depends on X86 && !64BIT 1027 select CRYPTO_ALGAPI 1028 select CRYPTO_CRYPTD 1029 select CRYPTO_ABLK_HELPER_X86 1030 select CRYPTO_GLUE_HELPER_X86 1031 select CRYPTO_SERPENT 1032 select CRYPTO_LRW 1033 select CRYPTO_XTS 1034 help 1035 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1036 1037 Keys are allowed to be from 0 to 256 bits in length, in steps 1038 of 8 bits. 1039 1040 This module provides Serpent cipher algorithm that processes four 1041 blocks parallel using SSE2 instruction set. 1042 1043 See also: 1044 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1045 1046config CRYPTO_SERPENT_AVX_X86_64 1047 tristate "Serpent cipher algorithm (x86_64/AVX)" 1048 depends on X86 && 64BIT 1049 select CRYPTO_ALGAPI 1050 select CRYPTO_CRYPTD 1051 select CRYPTO_ABLK_HELPER_X86 1052 select CRYPTO_GLUE_HELPER_X86 1053 select CRYPTO_SERPENT 1054 select CRYPTO_LRW 1055 select CRYPTO_XTS 1056 help 1057 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 1058 1059 Keys are allowed to be from 0 to 256 bits in length, in steps 1060 of 8 bits. 1061 1062 This module provides the Serpent cipher algorithm that processes 1063 eight blocks parallel using the AVX instruction set. 1064 1065 See also: 1066 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 1067 1068config CRYPTO_TEA 1069 tristate "TEA, XTEA and XETA cipher algorithms" 1070 select CRYPTO_ALGAPI 1071 help 1072 TEA cipher algorithm. 1073 1074 Tiny Encryption Algorithm is a simple cipher that uses 1075 many rounds for security. It is very fast and uses 1076 little memory. 1077 1078 Xtendend Tiny Encryption Algorithm is a modification to 1079 the TEA algorithm to address a potential key weakness 1080 in the TEA algorithm. 1081 1082 Xtendend Encryption Tiny Algorithm is a mis-implementation 1083 of the XTEA algorithm for compatibility purposes. 1084 1085config CRYPTO_TWOFISH 1086 tristate "Twofish cipher algorithm" 1087 select CRYPTO_ALGAPI 1088 select CRYPTO_TWOFISH_COMMON 1089 help 1090 Twofish cipher algorithm. 1091 1092 Twofish was submitted as an AES (Advanced Encryption Standard) 1093 candidate cipher by researchers at CounterPane Systems. It is a 1094 16 round block cipher supporting key sizes of 128, 192, and 256 1095 bits. 1096 1097 See also: 1098 <http://www.schneier.com/twofish.html> 1099 1100config CRYPTO_TWOFISH_COMMON 1101 tristate 1102 help 1103 Common parts of the Twofish cipher algorithm shared by the 1104 generic c and the assembler implementations. 1105 1106config CRYPTO_TWOFISH_586 1107 tristate "Twofish cipher algorithms (i586)" 1108 depends on (X86 || UML_X86) && !64BIT 1109 select CRYPTO_ALGAPI 1110 select CRYPTO_TWOFISH_COMMON 1111 help 1112 Twofish cipher algorithm. 1113 1114 Twofish was submitted as an AES (Advanced Encryption Standard) 1115 candidate cipher by researchers at CounterPane Systems. It is a 1116 16 round block cipher supporting key sizes of 128, 192, and 256 1117 bits. 1118 1119 See also: 1120 <http://www.schneier.com/twofish.html> 1121 1122config CRYPTO_TWOFISH_X86_64 1123 tristate "Twofish cipher algorithm (x86_64)" 1124 depends on (X86 || UML_X86) && 64BIT 1125 select CRYPTO_ALGAPI 1126 select CRYPTO_TWOFISH_COMMON 1127 help 1128 Twofish cipher algorithm (x86_64). 1129 1130 Twofish was submitted as an AES (Advanced Encryption Standard) 1131 candidate cipher by researchers at CounterPane Systems. It is a 1132 16 round block cipher supporting key sizes of 128, 192, and 256 1133 bits. 1134 1135 See also: 1136 <http://www.schneier.com/twofish.html> 1137 1138config CRYPTO_TWOFISH_X86_64_3WAY 1139 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 1140 depends on X86 && 64BIT 1141 select CRYPTO_ALGAPI 1142 select CRYPTO_TWOFISH_COMMON 1143 select CRYPTO_TWOFISH_X86_64 1144 select CRYPTO_GLUE_HELPER_X86 1145 select CRYPTO_LRW 1146 select CRYPTO_XTS 1147 help 1148 Twofish cipher algorithm (x86_64, 3-way parallel). 1149 1150 Twofish was submitted as an AES (Advanced Encryption Standard) 1151 candidate cipher by researchers at CounterPane Systems. It is a 1152 16 round block cipher supporting key sizes of 128, 192, and 256 1153 bits. 1154 1155 This module provides Twofish cipher algorithm that processes three 1156 blocks parallel, utilizing resources of out-of-order CPUs better. 1157 1158 See also: 1159 <http://www.schneier.com/twofish.html> 1160 1161config CRYPTO_TWOFISH_AVX_X86_64 1162 tristate "Twofish cipher algorithm (x86_64/AVX)" 1163 depends on X86 && 64BIT 1164 select CRYPTO_ALGAPI 1165 select CRYPTO_CRYPTD 1166 select CRYPTO_ABLK_HELPER_X86 1167 select CRYPTO_GLUE_HELPER_X86 1168 select CRYPTO_TWOFISH_COMMON 1169 select CRYPTO_TWOFISH_X86_64 1170 select CRYPTO_TWOFISH_X86_64_3WAY 1171 select CRYPTO_LRW 1172 select CRYPTO_XTS 1173 help 1174 Twofish cipher algorithm (x86_64/AVX). 1175 1176 Twofish was submitted as an AES (Advanced Encryption Standard) 1177 candidate cipher by researchers at CounterPane Systems. It is a 1178 16 round block cipher supporting key sizes of 128, 192, and 256 1179 bits. 1180 1181 This module provides the Twofish cipher algorithm that processes 1182 eight blocks parallel using the AVX Instruction Set. 1183 1184 See also: 1185 <http://www.schneier.com/twofish.html> 1186 1187comment "Compression" 1188 1189config CRYPTO_DEFLATE 1190 tristate "Deflate compression algorithm" 1191 select CRYPTO_ALGAPI 1192 select ZLIB_INFLATE 1193 select ZLIB_DEFLATE 1194 help 1195 This is the Deflate algorithm (RFC1951), specified for use in 1196 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 1197 1198 You will most probably want this if using IPSec. 1199 1200config CRYPTO_ZLIB 1201 tristate "Zlib compression algorithm" 1202 select CRYPTO_PCOMP 1203 select ZLIB_INFLATE 1204 select ZLIB_DEFLATE 1205 select NLATTR 1206 help 1207 This is the zlib algorithm. 1208 1209config CRYPTO_LZO 1210 tristate "LZO compression algorithm" 1211 select CRYPTO_ALGAPI 1212 select LZO_COMPRESS 1213 select LZO_DECOMPRESS 1214 help 1215 This is the LZO algorithm. 1216 1217config CRYPTO_842 1218 tristate "842 compression algorithm" 1219 depends on CRYPTO_DEV_NX_COMPRESS 1220 # 842 uses lzo if the hardware becomes unavailable 1221 select LZO_COMPRESS 1222 select LZO_DECOMPRESS 1223 help 1224 This is the 842 algorithm. 1225 1226comment "Random Number Generation" 1227 1228config CRYPTO_ANSI_CPRNG 1229 tristate "Pseudo Random Number Generation for Cryptographic modules" 1230 default m 1231 select CRYPTO_AES 1232 select CRYPTO_RNG 1233 help 1234 This option enables the generic pseudo random number generator 1235 for cryptographic modules. Uses the Algorithm specified in 1236 ANSI X9.31 A.2.4. Note that this option must be enabled if 1237 CRYPTO_FIPS is selected 1238 1239config CRYPTO_USER_API 1240 tristate 1241 1242config CRYPTO_USER_API_HASH 1243 tristate "User-space interface for hash algorithms" 1244 depends on NET 1245 select CRYPTO_HASH 1246 select CRYPTO_USER_API 1247 help 1248 This option enables the user-spaces interface for hash 1249 algorithms. 1250 1251config CRYPTO_USER_API_SKCIPHER 1252 tristate "User-space interface for symmetric key cipher algorithms" 1253 depends on NET 1254 select CRYPTO_BLKCIPHER 1255 select CRYPTO_USER_API 1256 help 1257 This option enables the user-spaces interface for symmetric 1258 key cipher algorithms. 1259 1260source "drivers/crypto/Kconfig" 1261source crypto/asymmetric_keys/Kconfig 1262 1263endif # if CRYPTO 1264