xref: /openbmc/linux/crypto/Kconfig (revision df2634f43f5106947f3735a0b61a6527a4b278cd)
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
27	help
28	  This options enables the fips boot option which is
29	  required if you want to system to operate in a FIPS 200
30	  certification.  You should say no unless you know what
31	  this is.
32
33config CRYPTO_ALGAPI
34	tristate
35	select CRYPTO_ALGAPI2
36	help
37	  This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40	tristate
41
42config CRYPTO_AEAD
43	tristate
44	select CRYPTO_AEAD2
45	select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48	tristate
49	select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52	tristate
53	select CRYPTO_BLKCIPHER2
54	select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57	tristate
58	select CRYPTO_ALGAPI2
59	select CRYPTO_RNG2
60	select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63	tristate
64	select CRYPTO_HASH2
65	select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68	tristate
69	select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72	tristate
73	select CRYPTO_RNG2
74	select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77	tristate
78	select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81	tristate
82	select CRYPTO_PCOMP2
83	select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86	tristate
87	select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90	tristate "Cryptographic algorithm manager"
91	select CRYPTO_MANAGER2
92	help
93	  Create default cryptographic template instantiations such as
94	  cbc(aes).
95
96config CRYPTO_MANAGER2
97	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98	select CRYPTO_AEAD2
99	select CRYPTO_HASH2
100	select CRYPTO_BLKCIPHER2
101	select CRYPTO_PCOMP2
102
103config CRYPTO_MANAGER_DISABLE_TESTS
104	bool "Disable run-time self tests"
105	default y
106	depends on CRYPTO_MANAGER2
107	help
108	  Disable run-time self tests that normally take place at
109	  algorithm registration.
110
111config CRYPTO_GF128MUL
112	tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
113	help
114	  Efficient table driven implementation of multiplications in the
115	  field GF(2^128).  This is needed by some cypher modes. This
116	  option will be selected automatically if you select such a
117	  cipher mode.  Only select this option by hand if you expect to load
118	  an external module that requires these functions.
119
120config CRYPTO_NULL
121	tristate "Null algorithms"
122	select CRYPTO_ALGAPI
123	select CRYPTO_BLKCIPHER
124	select CRYPTO_HASH
125	help
126	  These are 'Null' algorithms, used by IPsec, which do nothing.
127
128config CRYPTO_PCRYPT
129	tristate "Parallel crypto engine (EXPERIMENTAL)"
130	depends on SMP && EXPERIMENTAL
131	select PADATA
132	select CRYPTO_MANAGER
133	select CRYPTO_AEAD
134	help
135	  This converts an arbitrary crypto algorithm into a parallel
136	  algorithm that executes in kernel threads.
137
138config CRYPTO_WORKQUEUE
139       tristate
140
141config CRYPTO_CRYPTD
142	tristate "Software async crypto daemon"
143	select CRYPTO_BLKCIPHER
144	select CRYPTO_HASH
145	select CRYPTO_MANAGER
146	select CRYPTO_WORKQUEUE
147	help
148	  This is a generic software asynchronous crypto daemon that
149	  converts an arbitrary synchronous software crypto algorithm
150	  into an asynchronous algorithm that executes in a kernel thread.
151
152config CRYPTO_AUTHENC
153	tristate "Authenc support"
154	select CRYPTO_AEAD
155	select CRYPTO_BLKCIPHER
156	select CRYPTO_MANAGER
157	select CRYPTO_HASH
158	help
159	  Authenc: Combined mode wrapper for IPsec.
160	  This is required for IPSec.
161
162config CRYPTO_TEST
163	tristate "Testing module"
164	depends on m
165	select CRYPTO_MANAGER
166	help
167	  Quick & dirty crypto test module.
168
169comment "Authenticated Encryption with Associated Data"
170
171config CRYPTO_CCM
172	tristate "CCM support"
173	select CRYPTO_CTR
174	select CRYPTO_AEAD
175	help
176	  Support for Counter with CBC MAC. Required for IPsec.
177
178config CRYPTO_GCM
179	tristate "GCM/GMAC support"
180	select CRYPTO_CTR
181	select CRYPTO_AEAD
182	select CRYPTO_GHASH
183	help
184	  Support for Galois/Counter Mode (GCM) and Galois Message
185	  Authentication Code (GMAC). Required for IPSec.
186
187config CRYPTO_SEQIV
188	tristate "Sequence Number IV Generator"
189	select CRYPTO_AEAD
190	select CRYPTO_BLKCIPHER
191	select CRYPTO_RNG
192	help
193	  This IV generator generates an IV based on a sequence number by
194	  xoring it with a salt.  This algorithm is mainly useful for CTR
195
196comment "Block modes"
197
198config CRYPTO_CBC
199	tristate "CBC support"
200	select CRYPTO_BLKCIPHER
201	select CRYPTO_MANAGER
202	help
203	  CBC: Cipher Block Chaining mode
204	  This block cipher algorithm is required for IPSec.
205
206config CRYPTO_CTR
207	tristate "CTR support"
208	select CRYPTO_BLKCIPHER
209	select CRYPTO_SEQIV
210	select CRYPTO_MANAGER
211	help
212	  CTR: Counter mode
213	  This block cipher algorithm is required for IPSec.
214
215config CRYPTO_CTS
216	tristate "CTS support"
217	select CRYPTO_BLKCIPHER
218	help
219	  CTS: Cipher Text Stealing
220	  This is the Cipher Text Stealing mode as described by
221	  Section 8 of rfc2040 and referenced by rfc3962.
222	  (rfc3962 includes errata information in its Appendix A)
223	  This mode is required for Kerberos gss mechanism support
224	  for AES encryption.
225
226config CRYPTO_ECB
227	tristate "ECB support"
228	select CRYPTO_BLKCIPHER
229	select CRYPTO_MANAGER
230	help
231	  ECB: Electronic CodeBook mode
232	  This is the simplest block cipher algorithm.  It simply encrypts
233	  the input block by block.
234
235config CRYPTO_LRW
236	tristate "LRW support (EXPERIMENTAL)"
237	depends on EXPERIMENTAL
238	select CRYPTO_BLKCIPHER
239	select CRYPTO_MANAGER
240	select CRYPTO_GF128MUL
241	help
242	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
243	  narrow block cipher mode for dm-crypt.  Use it with cipher
244	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
245	  The first 128, 192 or 256 bits in the key are used for AES and the
246	  rest is used to tie each cipher block to its logical position.
247
248config CRYPTO_PCBC
249	tristate "PCBC support"
250	select CRYPTO_BLKCIPHER
251	select CRYPTO_MANAGER
252	help
253	  PCBC: Propagating Cipher Block Chaining mode
254	  This block cipher algorithm is required for RxRPC.
255
256config CRYPTO_XTS
257	tristate "XTS support (EXPERIMENTAL)"
258	depends on EXPERIMENTAL
259	select CRYPTO_BLKCIPHER
260	select CRYPTO_MANAGER
261	select CRYPTO_GF128MUL
262	help
263	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
264	  key size 256, 384 or 512 bits. This implementation currently
265	  can't handle a sectorsize which is not a multiple of 16 bytes.
266
267config CRYPTO_FPU
268	tristate
269	select CRYPTO_BLKCIPHER
270	select CRYPTO_MANAGER
271
272comment "Hash modes"
273
274config CRYPTO_HMAC
275	tristate "HMAC support"
276	select CRYPTO_HASH
277	select CRYPTO_MANAGER
278	help
279	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
280	  This is required for IPSec.
281
282config CRYPTO_XCBC
283	tristate "XCBC support"
284	depends on EXPERIMENTAL
285	select CRYPTO_HASH
286	select CRYPTO_MANAGER
287	help
288	  XCBC: Keyed-Hashing with encryption algorithm
289		http://www.ietf.org/rfc/rfc3566.txt
290		http://csrc.nist.gov/encryption/modes/proposedmodes/
291		 xcbc-mac/xcbc-mac-spec.pdf
292
293config CRYPTO_VMAC
294	tristate "VMAC support"
295	depends on EXPERIMENTAL
296	select CRYPTO_HASH
297	select CRYPTO_MANAGER
298	help
299	  VMAC is a message authentication algorithm designed for
300	  very high speed on 64-bit architectures.
301
302	  See also:
303	  <http://fastcrypto.org/vmac>
304
305comment "Digest"
306
307config CRYPTO_CRC32C
308	tristate "CRC32c CRC algorithm"
309	select CRYPTO_HASH
310	help
311	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
312	  by iSCSI for header and data digests and by others.
313	  See Castagnoli93.  Module will be crc32c.
314
315config CRYPTO_CRC32C_INTEL
316	tristate "CRC32c INTEL hardware acceleration"
317	depends on X86
318	select CRYPTO_HASH
319	help
320	  In Intel processor with SSE4.2 supported, the processor will
321	  support CRC32C implementation using hardware accelerated CRC32
322	  instruction. This option will create 'crc32c-intel' module,
323	  which will enable any routine to use the CRC32 instruction to
324	  gain performance compared with software implementation.
325	  Module will be crc32c-intel.
326
327config CRYPTO_GHASH
328	tristate "GHASH digest algorithm"
329	select CRYPTO_SHASH
330	select CRYPTO_GF128MUL
331	help
332	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
333
334config CRYPTO_MD4
335	tristate "MD4 digest algorithm"
336	select CRYPTO_HASH
337	help
338	  MD4 message digest algorithm (RFC1320).
339
340config CRYPTO_MD5
341	tristate "MD5 digest algorithm"
342	select CRYPTO_HASH
343	help
344	  MD5 message digest algorithm (RFC1321).
345
346config CRYPTO_MICHAEL_MIC
347	tristate "Michael MIC keyed digest algorithm"
348	select CRYPTO_HASH
349	help
350	  Michael MIC is used for message integrity protection in TKIP
351	  (IEEE 802.11i). This algorithm is required for TKIP, but it
352	  should not be used for other purposes because of the weakness
353	  of the algorithm.
354
355config CRYPTO_RMD128
356	tristate "RIPEMD-128 digest algorithm"
357	select CRYPTO_HASH
358	help
359	  RIPEMD-128 (ISO/IEC 10118-3:2004).
360
361	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
362	  to be used as a secure replacement for RIPEMD. For other use cases
363	  RIPEMD-160 should be used.
364
365	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
366	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
367
368config CRYPTO_RMD160
369	tristate "RIPEMD-160 digest algorithm"
370	select CRYPTO_HASH
371	help
372	  RIPEMD-160 (ISO/IEC 10118-3:2004).
373
374	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
375	  to be used as a secure replacement for the 128-bit hash functions
376	  MD4, MD5 and it's predecessor RIPEMD
377	  (not to be confused with RIPEMD-128).
378
379	  It's speed is comparable to SHA1 and there are no known attacks
380	  against RIPEMD-160.
381
382	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
383	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
384
385config CRYPTO_RMD256
386	tristate "RIPEMD-256 digest algorithm"
387	select CRYPTO_HASH
388	help
389	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
390	  256 bit hash. It is intended for applications that require
391	  longer hash-results, without needing a larger security level
392	  (than RIPEMD-128).
393
394	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
395	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
396
397config CRYPTO_RMD320
398	tristate "RIPEMD-320 digest algorithm"
399	select CRYPTO_HASH
400	help
401	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
402	  320 bit hash. It is intended for applications that require
403	  longer hash-results, without needing a larger security level
404	  (than RIPEMD-160).
405
406	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
407	  See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
408
409config CRYPTO_SHA1
410	tristate "SHA1 digest algorithm"
411	select CRYPTO_HASH
412	help
413	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
414
415config CRYPTO_SHA256
416	tristate "SHA224 and SHA256 digest algorithm"
417	select CRYPTO_HASH
418	help
419	  SHA256 secure hash standard (DFIPS 180-2).
420
421	  This version of SHA implements a 256 bit hash with 128 bits of
422	  security against collision attacks.
423
424	  This code also includes SHA-224, a 224 bit hash with 112 bits
425	  of security against collision attacks.
426
427config CRYPTO_SHA512
428	tristate "SHA384 and SHA512 digest algorithms"
429	select CRYPTO_HASH
430	help
431	  SHA512 secure hash standard (DFIPS 180-2).
432
433	  This version of SHA implements a 512 bit hash with 256 bits of
434	  security against collision attacks.
435
436	  This code also includes SHA-384, a 384 bit hash with 192 bits
437	  of security against collision attacks.
438
439config CRYPTO_TGR192
440	tristate "Tiger digest algorithms"
441	select CRYPTO_HASH
442	help
443	  Tiger hash algorithm 192, 160 and 128-bit hashes
444
445	  Tiger is a hash function optimized for 64-bit processors while
446	  still having decent performance on 32-bit processors.
447	  Tiger was developed by Ross Anderson and Eli Biham.
448
449	  See also:
450	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
451
452config CRYPTO_WP512
453	tristate "Whirlpool digest algorithms"
454	select CRYPTO_HASH
455	help
456	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
457
458	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
459	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
460
461	  See also:
462	  <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
463
464config CRYPTO_GHASH_CLMUL_NI_INTEL
465	tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
466	depends on (X86 || UML_X86) && 64BIT
467	select CRYPTO_SHASH
468	select CRYPTO_CRYPTD
469	help
470	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
471	  The implementation is accelerated by CLMUL-NI of Intel.
472
473comment "Ciphers"
474
475config CRYPTO_AES
476	tristate "AES cipher algorithms"
477	select CRYPTO_ALGAPI
478	help
479	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
480	  algorithm.
481
482	  Rijndael appears to be consistently a very good performer in
483	  both hardware and software across a wide range of computing
484	  environments regardless of its use in feedback or non-feedback
485	  modes. Its key setup time is excellent, and its key agility is
486	  good. Rijndael's very low memory requirements make it very well
487	  suited for restricted-space environments, in which it also
488	  demonstrates excellent performance. Rijndael's operations are
489	  among the easiest to defend against power and timing attacks.
490
491	  The AES specifies three key sizes: 128, 192 and 256 bits
492
493	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
494
495config CRYPTO_AES_586
496	tristate "AES cipher algorithms (i586)"
497	depends on (X86 || UML_X86) && !64BIT
498	select CRYPTO_ALGAPI
499	select CRYPTO_AES
500	help
501	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
502	  algorithm.
503
504	  Rijndael appears to be consistently a very good performer in
505	  both hardware and software across a wide range of computing
506	  environments regardless of its use in feedback or non-feedback
507	  modes. Its key setup time is excellent, and its key agility is
508	  good. Rijndael's very low memory requirements make it very well
509	  suited for restricted-space environments, in which it also
510	  demonstrates excellent performance. Rijndael's operations are
511	  among the easiest to defend against power and timing attacks.
512
513	  The AES specifies three key sizes: 128, 192 and 256 bits
514
515	  See <http://csrc.nist.gov/encryption/aes/> for more information.
516
517config CRYPTO_AES_X86_64
518	tristate "AES cipher algorithms (x86_64)"
519	depends on (X86 || UML_X86) && 64BIT
520	select CRYPTO_ALGAPI
521	select CRYPTO_AES
522	help
523	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
524	  algorithm.
525
526	  Rijndael appears to be consistently a very good performer in
527	  both hardware and software across a wide range of computing
528	  environments regardless of its use in feedback or non-feedback
529	  modes. Its key setup time is excellent, and its key agility is
530	  good. Rijndael's very low memory requirements make it very well
531	  suited for restricted-space environments, in which it also
532	  demonstrates excellent performance. Rijndael's operations are
533	  among the easiest to defend against power and timing attacks.
534
535	  The AES specifies three key sizes: 128, 192 and 256 bits
536
537	  See <http://csrc.nist.gov/encryption/aes/> for more information.
538
539config CRYPTO_AES_NI_INTEL
540	tristate "AES cipher algorithms (AES-NI)"
541	depends on (X86 || UML_X86)
542	select CRYPTO_AES_X86_64 if 64BIT
543	select CRYPTO_AES_586 if !64BIT
544	select CRYPTO_CRYPTD
545	select CRYPTO_ALGAPI
546	select CRYPTO_FPU
547	help
548	  Use Intel AES-NI instructions for AES algorithm.
549
550	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
551	  algorithm.
552
553	  Rijndael appears to be consistently a very good performer in
554	  both hardware and software across a wide range of computing
555	  environments regardless of its use in feedback or non-feedback
556	  modes. Its key setup time is excellent, and its key agility is
557	  good. Rijndael's very low memory requirements make it very well
558	  suited for restricted-space environments, in which it also
559	  demonstrates excellent performance. Rijndael's operations are
560	  among the easiest to defend against power and timing attacks.
561
562	  The AES specifies three key sizes: 128, 192 and 256 bits
563
564	  See <http://csrc.nist.gov/encryption/aes/> for more information.
565
566	  In addition to AES cipher algorithm support, the acceleration
567	  for some popular block cipher mode is supported too, including
568	  ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
569	  acceleration for CTR.
570
571config CRYPTO_ANUBIS
572	tristate "Anubis cipher algorithm"
573	select CRYPTO_ALGAPI
574	help
575	  Anubis cipher algorithm.
576
577	  Anubis is a variable key length cipher which can use keys from
578	  128 bits to 320 bits in length.  It was evaluated as a entrant
579	  in the NESSIE competition.
580
581	  See also:
582	  <https://www.cosic.esat.kuleuven.be/nessie/reports/>
583	  <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584
585config CRYPTO_ARC4
586	tristate "ARC4 cipher algorithm"
587	select CRYPTO_ALGAPI
588	help
589	  ARC4 cipher algorithm.
590
591	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
592	  bits in length.  This algorithm is required for driver-based
593	  WEP, but it should not be for other purposes because of the
594	  weakness of the algorithm.
595
596config CRYPTO_BLOWFISH
597	tristate "Blowfish cipher algorithm"
598	select CRYPTO_ALGAPI
599	help
600	  Blowfish cipher algorithm, by Bruce Schneier.
601
602	  This is a variable key length cipher which can use keys from 32
603	  bits to 448 bits in length.  It's fast, simple and specifically
604	  designed for use on "large microprocessors".
605
606	  See also:
607	  <http://www.schneier.com/blowfish.html>
608
609config CRYPTO_CAMELLIA
610	tristate "Camellia cipher algorithms"
611	depends on CRYPTO
612	select CRYPTO_ALGAPI
613	help
614	  Camellia cipher algorithms module.
615
616	  Camellia is a symmetric key block cipher developed jointly
617	  at NTT and Mitsubishi Electric Corporation.
618
619	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
620
621	  See also:
622	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
623
624config CRYPTO_CAST5
625	tristate "CAST5 (CAST-128) cipher algorithm"
626	select CRYPTO_ALGAPI
627	help
628	  The CAST5 encryption algorithm (synonymous with CAST-128) is
629	  described in RFC2144.
630
631config CRYPTO_CAST6
632	tristate "CAST6 (CAST-256) cipher algorithm"
633	select CRYPTO_ALGAPI
634	help
635	  The CAST6 encryption algorithm (synonymous with CAST-256) is
636	  described in RFC2612.
637
638config CRYPTO_DES
639	tristate "DES and Triple DES EDE cipher algorithms"
640	select CRYPTO_ALGAPI
641	help
642	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
643
644config CRYPTO_FCRYPT
645	tristate "FCrypt cipher algorithm"
646	select CRYPTO_ALGAPI
647	select CRYPTO_BLKCIPHER
648	help
649	  FCrypt algorithm used by RxRPC.
650
651config CRYPTO_KHAZAD
652	tristate "Khazad cipher algorithm"
653	select CRYPTO_ALGAPI
654	help
655	  Khazad cipher algorithm.
656
657	  Khazad was a finalist in the initial NESSIE competition.  It is
658	  an algorithm optimized for 64-bit processors with good performance
659	  on 32-bit processors.  Khazad uses an 128 bit key size.
660
661	  See also:
662	  <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
663
664config CRYPTO_SALSA20
665	tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
666	depends on EXPERIMENTAL
667	select CRYPTO_BLKCIPHER
668	help
669	  Salsa20 stream cipher algorithm.
670
671	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
672	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
673
674	  The Salsa20 stream cipher algorithm is designed by Daniel J.
675	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
676
677config CRYPTO_SALSA20_586
678	tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
679	depends on (X86 || UML_X86) && !64BIT
680	depends on EXPERIMENTAL
681	select CRYPTO_BLKCIPHER
682	help
683	  Salsa20 stream cipher algorithm.
684
685	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
686	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
687
688	  The Salsa20 stream cipher algorithm is designed by Daniel J.
689	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
690
691config CRYPTO_SALSA20_X86_64
692	tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
693	depends on (X86 || UML_X86) && 64BIT
694	depends on EXPERIMENTAL
695	select CRYPTO_BLKCIPHER
696	help
697	  Salsa20 stream cipher algorithm.
698
699	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
700	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
701
702	  The Salsa20 stream cipher algorithm is designed by Daniel J.
703	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
704
705config CRYPTO_SEED
706	tristate "SEED cipher algorithm"
707	select CRYPTO_ALGAPI
708	help
709	  SEED cipher algorithm (RFC4269).
710
711	  SEED is a 128-bit symmetric key block cipher that has been
712	  developed by KISA (Korea Information Security Agency) as a
713	  national standard encryption algorithm of the Republic of Korea.
714	  It is a 16 round block cipher with the key size of 128 bit.
715
716	  See also:
717	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
718
719config CRYPTO_SERPENT
720	tristate "Serpent cipher algorithm"
721	select CRYPTO_ALGAPI
722	help
723	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
724
725	  Keys are allowed to be from 0 to 256 bits in length, in steps
726	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
727	  variant of Serpent for compatibility with old kerneli.org code.
728
729	  See also:
730	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
731
732config CRYPTO_TEA
733	tristate "TEA, XTEA and XETA cipher algorithms"
734	select CRYPTO_ALGAPI
735	help
736	  TEA cipher algorithm.
737
738	  Tiny Encryption Algorithm is a simple cipher that uses
739	  many rounds for security.  It is very fast and uses
740	  little memory.
741
742	  Xtendend Tiny Encryption Algorithm is a modification to
743	  the TEA algorithm to address a potential key weakness
744	  in the TEA algorithm.
745
746	  Xtendend Encryption Tiny Algorithm is a mis-implementation
747	  of the XTEA algorithm for compatibility purposes.
748
749config CRYPTO_TWOFISH
750	tristate "Twofish cipher algorithm"
751	select CRYPTO_ALGAPI
752	select CRYPTO_TWOFISH_COMMON
753	help
754	  Twofish cipher algorithm.
755
756	  Twofish was submitted as an AES (Advanced Encryption Standard)
757	  candidate cipher by researchers at CounterPane Systems.  It is a
758	  16 round block cipher supporting key sizes of 128, 192, and 256
759	  bits.
760
761	  See also:
762	  <http://www.schneier.com/twofish.html>
763
764config CRYPTO_TWOFISH_COMMON
765	tristate
766	help
767	  Common parts of the Twofish cipher algorithm shared by the
768	  generic c and the assembler implementations.
769
770config CRYPTO_TWOFISH_586
771	tristate "Twofish cipher algorithms (i586)"
772	depends on (X86 || UML_X86) && !64BIT
773	select CRYPTO_ALGAPI
774	select CRYPTO_TWOFISH_COMMON
775	help
776	  Twofish cipher algorithm.
777
778	  Twofish was submitted as an AES (Advanced Encryption Standard)
779	  candidate cipher by researchers at CounterPane Systems.  It is a
780	  16 round block cipher supporting key sizes of 128, 192, and 256
781	  bits.
782
783	  See also:
784	  <http://www.schneier.com/twofish.html>
785
786config CRYPTO_TWOFISH_X86_64
787	tristate "Twofish cipher algorithm (x86_64)"
788	depends on (X86 || UML_X86) && 64BIT
789	select CRYPTO_ALGAPI
790	select CRYPTO_TWOFISH_COMMON
791	help
792	  Twofish cipher algorithm (x86_64).
793
794	  Twofish was submitted as an AES (Advanced Encryption Standard)
795	  candidate cipher by researchers at CounterPane Systems.  It is a
796	  16 round block cipher supporting key sizes of 128, 192, and 256
797	  bits.
798
799	  See also:
800	  <http://www.schneier.com/twofish.html>
801
802comment "Compression"
803
804config CRYPTO_DEFLATE
805	tristate "Deflate compression algorithm"
806	select CRYPTO_ALGAPI
807	select ZLIB_INFLATE
808	select ZLIB_DEFLATE
809	help
810	  This is the Deflate algorithm (RFC1951), specified for use in
811	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
812
813	  You will most probably want this if using IPSec.
814
815config CRYPTO_ZLIB
816	tristate "Zlib compression algorithm"
817	select CRYPTO_PCOMP
818	select ZLIB_INFLATE
819	select ZLIB_DEFLATE
820	select NLATTR
821	help
822	  This is the zlib algorithm.
823
824config CRYPTO_LZO
825	tristate "LZO compression algorithm"
826	select CRYPTO_ALGAPI
827	select LZO_COMPRESS
828	select LZO_DECOMPRESS
829	help
830	  This is the LZO algorithm.
831
832comment "Random Number Generation"
833
834config CRYPTO_ANSI_CPRNG
835	tristate "Pseudo Random Number Generation for Cryptographic modules"
836	default m
837	select CRYPTO_AES
838	select CRYPTO_RNG
839	help
840	  This option enables the generic pseudo random number generator
841	  for cryptographic modules.  Uses the Algorithm specified in
842	  ANSI X9.31 A.2.4. Note that this option must be enabled if
843	  CRYPTO_FIPS is selected
844
845config CRYPTO_USER_API
846	tristate
847
848config CRYPTO_USER_API_HASH
849	tristate "User-space interface for hash algorithms"
850	depends on NET
851	select CRYPTO_HASH
852	select CRYPTO_USER_API
853	help
854	  This option enables the user-spaces interface for hash
855	  algorithms.
856
857config CRYPTO_USER_API_SKCIPHER
858	tristate "User-space interface for symmetric key cipher algorithms"
859	depends on NET
860	select CRYPTO_BLKCIPHER
861	select CRYPTO_USER_API
862	help
863	  This option enables the user-spaces interface for symmetric
864	  key cipher algorithms.
865
866source "drivers/crypto/Kconfig"
867
868endif	# if CRYPTO
869