xref: /openbmc/linux/crypto/Kconfig (revision e190bfe5) 
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5	tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16	tristate "Cryptographic API"
17	help
18	  This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25	bool "FIPS 200 compliance"
26	depends on CRYPTO_ANSI_CPRNG
27	help
28	  This options enables the fips boot option which is
29	  required if you want to system to operate in a FIPS 200
30	  certification.  You should say no unless you know what
31	  this is. Note that CRYPTO_ANSI_CPRNG is required if this
32	  option is selected
33
34config CRYPTO_ALGAPI
35	tristate
36	select CRYPTO_ALGAPI2
37	help
38	  This option provides the API for cryptographic algorithms.
39
40config CRYPTO_ALGAPI2
41	tristate
42
43config CRYPTO_AEAD
44	tristate
45	select CRYPTO_AEAD2
46	select CRYPTO_ALGAPI
47
48config CRYPTO_AEAD2
49	tristate
50	select CRYPTO_ALGAPI2
51
52config CRYPTO_BLKCIPHER
53	tristate
54	select CRYPTO_BLKCIPHER2
55	select CRYPTO_ALGAPI
56
57config CRYPTO_BLKCIPHER2
58	tristate
59	select CRYPTO_ALGAPI2
60	select CRYPTO_RNG2
61	select CRYPTO_WORKQUEUE
62
63config CRYPTO_HASH
64	tristate
65	select CRYPTO_HASH2
66	select CRYPTO_ALGAPI
67
68config CRYPTO_HASH2
69	tristate
70	select CRYPTO_ALGAPI2
71
72config CRYPTO_RNG
73	tristate
74	select CRYPTO_RNG2
75	select CRYPTO_ALGAPI
76
77config CRYPTO_RNG2
78	tristate
79	select CRYPTO_ALGAPI2
80
81config CRYPTO_PCOMP
82	tristate
83	select CRYPTO_ALGAPI2
84
85config CRYPTO_MANAGER
86	tristate "Cryptographic algorithm manager"
87	select CRYPTO_MANAGER2
88	help
89	  Create default cryptographic template instantiations such as
90	  cbc(aes).
91
92config CRYPTO_MANAGER2
93	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
94	select CRYPTO_AEAD2
95	select CRYPTO_HASH2
96	select CRYPTO_BLKCIPHER2
97	select CRYPTO_PCOMP
98
99config CRYPTO_GF128MUL
100	tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
101	depends on EXPERIMENTAL
102	help
103	  Efficient table driven implementation of multiplications in the
104	  field GF(2^128).  This is needed by some cypher modes. This
105	  option will be selected automatically if you select such a
106	  cipher mode.  Only select this option by hand if you expect to load
107	  an external module that requires these functions.
108
109config CRYPTO_NULL
110	tristate "Null algorithms"
111	select CRYPTO_ALGAPI
112	select CRYPTO_BLKCIPHER
113	select CRYPTO_HASH
114	help
115	  These are 'Null' algorithms, used by IPsec, which do nothing.
116
117config CRYPTO_PCRYPT
118	tristate "Parallel crypto engine (EXPERIMENTAL)"
119	depends on SMP && EXPERIMENTAL
120	select PADATA
121	select CRYPTO_MANAGER
122	select CRYPTO_AEAD
123	help
124	  This converts an arbitrary crypto algorithm into a parallel
125	  algorithm that executes in kernel threads.
126
127config CRYPTO_WORKQUEUE
128       tristate
129
130config CRYPTO_CRYPTD
131	tristate "Software async crypto daemon"
132	select CRYPTO_BLKCIPHER
133	select CRYPTO_HASH
134	select CRYPTO_MANAGER
135	select CRYPTO_WORKQUEUE
136	help
137	  This is a generic software asynchronous crypto daemon that
138	  converts an arbitrary synchronous software crypto algorithm
139	  into an asynchronous algorithm that executes in a kernel thread.
140
141config CRYPTO_AUTHENC
142	tristate "Authenc support"
143	select CRYPTO_AEAD
144	select CRYPTO_BLKCIPHER
145	select CRYPTO_MANAGER
146	select CRYPTO_HASH
147	help
148	  Authenc: Combined mode wrapper for IPsec.
149	  This is required for IPSec.
150
151config CRYPTO_TEST
152	tristate "Testing module"
153	depends on m
154	select CRYPTO_MANAGER
155	help
156	  Quick & dirty crypto test module.
157
158comment "Authenticated Encryption with Associated Data"
159
160config CRYPTO_CCM
161	tristate "CCM support"
162	select CRYPTO_CTR
163	select CRYPTO_AEAD
164	help
165	  Support for Counter with CBC MAC. Required for IPsec.
166
167config CRYPTO_GCM
168	tristate "GCM/GMAC support"
169	select CRYPTO_CTR
170	select CRYPTO_AEAD
171	select CRYPTO_GHASH
172	help
173	  Support for Galois/Counter Mode (GCM) and Galois Message
174	  Authentication Code (GMAC). Required for IPSec.
175
176config CRYPTO_SEQIV
177	tristate "Sequence Number IV Generator"
178	select CRYPTO_AEAD
179	select CRYPTO_BLKCIPHER
180	select CRYPTO_RNG
181	help
182	  This IV generator generates an IV based on a sequence number by
183	  xoring it with a salt.  This algorithm is mainly useful for CTR
184
185comment "Block modes"
186
187config CRYPTO_CBC
188	tristate "CBC support"
189	select CRYPTO_BLKCIPHER
190	select CRYPTO_MANAGER
191	help
192	  CBC: Cipher Block Chaining mode
193	  This block cipher algorithm is required for IPSec.
194
195config CRYPTO_CTR
196	tristate "CTR support"
197	select CRYPTO_BLKCIPHER
198	select CRYPTO_SEQIV
199	select CRYPTO_MANAGER
200	help
201	  CTR: Counter mode
202	  This block cipher algorithm is required for IPSec.
203
204config CRYPTO_CTS
205	tristate "CTS support"
206	select CRYPTO_BLKCIPHER
207	help
208	  CTS: Cipher Text Stealing
209	  This is the Cipher Text Stealing mode as described by
210	  Section 8 of rfc2040 and referenced by rfc3962.
211	  (rfc3962 includes errata information in its Appendix A)
212	  This mode is required for Kerberos gss mechanism support
213	  for AES encryption.
214
215config CRYPTO_ECB
216	tristate "ECB support"
217	select CRYPTO_BLKCIPHER
218	select CRYPTO_MANAGER
219	help
220	  ECB: Electronic CodeBook mode
221	  This is the simplest block cipher algorithm.  It simply encrypts
222	  the input block by block.
223
224config CRYPTO_LRW
225	tristate "LRW support (EXPERIMENTAL)"
226	depends on EXPERIMENTAL
227	select CRYPTO_BLKCIPHER
228	select CRYPTO_MANAGER
229	select CRYPTO_GF128MUL
230	help
231	  LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
232	  narrow block cipher mode for dm-crypt.  Use it with cipher
233	  specification string aes-lrw-benbi, the key must be 256, 320 or 384.
234	  The first 128, 192 or 256 bits in the key are used for AES and the
235	  rest is used to tie each cipher block to its logical position.
236
237config CRYPTO_PCBC
238	tristate "PCBC support"
239	select CRYPTO_BLKCIPHER
240	select CRYPTO_MANAGER
241	help
242	  PCBC: Propagating Cipher Block Chaining mode
243	  This block cipher algorithm is required for RxRPC.
244
245config CRYPTO_XTS
246	tristate "XTS support (EXPERIMENTAL)"
247	depends on EXPERIMENTAL
248	select CRYPTO_BLKCIPHER
249	select CRYPTO_MANAGER
250	select CRYPTO_GF128MUL
251	help
252	  XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
253	  key size 256, 384 or 512 bits. This implementation currently
254	  can't handle a sectorsize which is not a multiple of 16 bytes.
255
256config CRYPTO_FPU
257	tristate
258	select CRYPTO_BLKCIPHER
259	select CRYPTO_MANAGER
260
261comment "Hash modes"
262
263config CRYPTO_HMAC
264	tristate "HMAC support"
265	select CRYPTO_HASH
266	select CRYPTO_MANAGER
267	help
268	  HMAC: Keyed-Hashing for Message Authentication (RFC2104).
269	  This is required for IPSec.
270
271config CRYPTO_XCBC
272	tristate "XCBC support"
273	depends on EXPERIMENTAL
274	select CRYPTO_HASH
275	select CRYPTO_MANAGER
276	help
277	  XCBC: Keyed-Hashing with encryption algorithm
278		http://www.ietf.org/rfc/rfc3566.txt
279		http://csrc.nist.gov/encryption/modes/proposedmodes/
280		 xcbc-mac/xcbc-mac-spec.pdf
281
282config CRYPTO_VMAC
283	tristate "VMAC support"
284	depends on EXPERIMENTAL
285	select CRYPTO_HASH
286	select CRYPTO_MANAGER
287	help
288	  VMAC is a message authentication algorithm designed for
289	  very high speed on 64-bit architectures.
290
291	  See also:
292	  <http://fastcrypto.org/vmac>
293
294comment "Digest"
295
296config CRYPTO_CRC32C
297	tristate "CRC32c CRC algorithm"
298	select CRYPTO_HASH
299	help
300	  Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
301	  by iSCSI for header and data digests and by others.
302	  See Castagnoli93.  Module will be crc32c.
303
304config CRYPTO_CRC32C_INTEL
305	tristate "CRC32c INTEL hardware acceleration"
306	depends on X86
307	select CRYPTO_HASH
308	help
309	  In Intel processor with SSE4.2 supported, the processor will
310	  support CRC32C implementation using hardware accelerated CRC32
311	  instruction. This option will create 'crc32c-intel' module,
312	  which will enable any routine to use the CRC32 instruction to
313	  gain performance compared with software implementation.
314	  Module will be crc32c-intel.
315
316config CRYPTO_GHASH
317	tristate "GHASH digest algorithm"
318	select CRYPTO_SHASH
319	select CRYPTO_GF128MUL
320	help
321	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
322
323config CRYPTO_MD4
324	tristate "MD4 digest algorithm"
325	select CRYPTO_HASH
326	help
327	  MD4 message digest algorithm (RFC1320).
328
329config CRYPTO_MD5
330	tristate "MD5 digest algorithm"
331	select CRYPTO_HASH
332	help
333	  MD5 message digest algorithm (RFC1321).
334
335config CRYPTO_MICHAEL_MIC
336	tristate "Michael MIC keyed digest algorithm"
337	select CRYPTO_HASH
338	help
339	  Michael MIC is used for message integrity protection in TKIP
340	  (IEEE 802.11i). This algorithm is required for TKIP, but it
341	  should not be used for other purposes because of the weakness
342	  of the algorithm.
343
344config CRYPTO_RMD128
345	tristate "RIPEMD-128 digest algorithm"
346	select CRYPTO_HASH
347	help
348	  RIPEMD-128 (ISO/IEC 10118-3:2004).
349
350	  RIPEMD-128 is a 128-bit cryptographic hash function. It should only
351	  to be used as a secure replacement for RIPEMD. For other use cases
352	  RIPEMD-160 should be used.
353
354	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
355	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
356
357config CRYPTO_RMD160
358	tristate "RIPEMD-160 digest algorithm"
359	select CRYPTO_HASH
360	help
361	  RIPEMD-160 (ISO/IEC 10118-3:2004).
362
363	  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
364	  to be used as a secure replacement for the 128-bit hash functions
365	  MD4, MD5 and it's predecessor RIPEMD
366	  (not to be confused with RIPEMD-128).
367
368	  It's speed is comparable to SHA1 and there are no known attacks
369	  against RIPEMD-160.
370
371	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
372	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
373
374config CRYPTO_RMD256
375	tristate "RIPEMD-256 digest algorithm"
376	select CRYPTO_HASH
377	help
378	  RIPEMD-256 is an optional extension of RIPEMD-128 with a
379	  256 bit hash. It is intended for applications that require
380	  longer hash-results, without needing a larger security level
381	  (than RIPEMD-128).
382
383	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
384	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
385
386config CRYPTO_RMD320
387	tristate "RIPEMD-320 digest algorithm"
388	select CRYPTO_HASH
389	help
390	  RIPEMD-320 is an optional extension of RIPEMD-160 with a
391	  320 bit hash. It is intended for applications that require
392	  longer hash-results, without needing a larger security level
393	  (than RIPEMD-160).
394
395	  Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
396	  See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
397
398config CRYPTO_SHA1
399	tristate "SHA1 digest algorithm"
400	select CRYPTO_HASH
401	help
402	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
403
404config CRYPTO_SHA256
405	tristate "SHA224 and SHA256 digest algorithm"
406	select CRYPTO_HASH
407	help
408	  SHA256 secure hash standard (DFIPS 180-2).
409
410	  This version of SHA implements a 256 bit hash with 128 bits of
411	  security against collision attacks.
412
413	  This code also includes SHA-224, a 224 bit hash with 112 bits
414	  of security against collision attacks.
415
416config CRYPTO_SHA512
417	tristate "SHA384 and SHA512 digest algorithms"
418	select CRYPTO_HASH
419	help
420	  SHA512 secure hash standard (DFIPS 180-2).
421
422	  This version of SHA implements a 512 bit hash with 256 bits of
423	  security against collision attacks.
424
425	  This code also includes SHA-384, a 384 bit hash with 192 bits
426	  of security against collision attacks.
427
428config CRYPTO_TGR192
429	tristate "Tiger digest algorithms"
430	select CRYPTO_HASH
431	help
432	  Tiger hash algorithm 192, 160 and 128-bit hashes
433
434	  Tiger is a hash function optimized for 64-bit processors while
435	  still having decent performance on 32-bit processors.
436	  Tiger was developed by Ross Anderson and Eli Biham.
437
438	  See also:
439	  <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
440
441config CRYPTO_WP512
442	tristate "Whirlpool digest algorithms"
443	select CRYPTO_HASH
444	help
445	  Whirlpool hash algorithm 512, 384 and 256-bit hashes
446
447	  Whirlpool-512 is part of the NESSIE cryptographic primitives.
448	  Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
449
450	  See also:
451	  <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
452
453config CRYPTO_GHASH_CLMUL_NI_INTEL
454	tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
455	depends on (X86 || UML_X86) && 64BIT
456	select CRYPTO_SHASH
457	select CRYPTO_CRYPTD
458	help
459	  GHASH is message digest algorithm for GCM (Galois/Counter Mode).
460	  The implementation is accelerated by CLMUL-NI of Intel.
461
462comment "Ciphers"
463
464config CRYPTO_AES
465	tristate "AES cipher algorithms"
466	select CRYPTO_ALGAPI
467	help
468	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
469	  algorithm.
470
471	  Rijndael appears to be consistently a very good performer in
472	  both hardware and software across a wide range of computing
473	  environments regardless of its use in feedback or non-feedback
474	  modes. Its key setup time is excellent, and its key agility is
475	  good. Rijndael's very low memory requirements make it very well
476	  suited for restricted-space environments, in which it also
477	  demonstrates excellent performance. Rijndael's operations are
478	  among the easiest to defend against power and timing attacks.
479
480	  The AES specifies three key sizes: 128, 192 and 256 bits
481
482	  See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
483
484config CRYPTO_AES_586
485	tristate "AES cipher algorithms (i586)"
486	depends on (X86 || UML_X86) && !64BIT
487	select CRYPTO_ALGAPI
488	select CRYPTO_AES
489	help
490	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
491	  algorithm.
492
493	  Rijndael appears to be consistently a very good performer in
494	  both hardware and software across a wide range of computing
495	  environments regardless of its use in feedback or non-feedback
496	  modes. Its key setup time is excellent, and its key agility is
497	  good. Rijndael's very low memory requirements make it very well
498	  suited for restricted-space environments, in which it also
499	  demonstrates excellent performance. Rijndael's operations are
500	  among the easiest to defend against power and timing attacks.
501
502	  The AES specifies three key sizes: 128, 192 and 256 bits
503
504	  See <http://csrc.nist.gov/encryption/aes/> for more information.
505
506config CRYPTO_AES_X86_64
507	tristate "AES cipher algorithms (x86_64)"
508	depends on (X86 || UML_X86) && 64BIT
509	select CRYPTO_ALGAPI
510	select CRYPTO_AES
511	help
512	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
513	  algorithm.
514
515	  Rijndael appears to be consistently a very good performer in
516	  both hardware and software across a wide range of computing
517	  environments regardless of its use in feedback or non-feedback
518	  modes. Its key setup time is excellent, and its key agility is
519	  good. Rijndael's very low memory requirements make it very well
520	  suited for restricted-space environments, in which it also
521	  demonstrates excellent performance. Rijndael's operations are
522	  among the easiest to defend against power and timing attacks.
523
524	  The AES specifies three key sizes: 128, 192 and 256 bits
525
526	  See <http://csrc.nist.gov/encryption/aes/> for more information.
527
528config CRYPTO_AES_NI_INTEL
529	tristate "AES cipher algorithms (AES-NI)"
530	depends on (X86 || UML_X86) && 64BIT
531	select CRYPTO_AES_X86_64
532	select CRYPTO_CRYPTD
533	select CRYPTO_ALGAPI
534	select CRYPTO_FPU
535	help
536	  Use Intel AES-NI instructions for AES algorithm.
537
538	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
539	  algorithm.
540
541	  Rijndael appears to be consistently a very good performer in
542	  both hardware and software across a wide range of computing
543	  environments regardless of its use in feedback or non-feedback
544	  modes. Its key setup time is excellent, and its key agility is
545	  good. Rijndael's very low memory requirements make it very well
546	  suited for restricted-space environments, in which it also
547	  demonstrates excellent performance. Rijndael's operations are
548	  among the easiest to defend against power and timing attacks.
549
550	  The AES specifies three key sizes: 128, 192 and 256 bits
551
552	  See <http://csrc.nist.gov/encryption/aes/> for more information.
553
554	  In addition to AES cipher algorithm support, the
555	  acceleration for some popular block cipher mode is supported
556	  too, including ECB, CBC, CTR, LRW, PCBC, XTS.
557
558config CRYPTO_ANUBIS
559	tristate "Anubis cipher algorithm"
560	select CRYPTO_ALGAPI
561	help
562	  Anubis cipher algorithm.
563
564	  Anubis is a variable key length cipher which can use keys from
565	  128 bits to 320 bits in length.  It was evaluated as a entrant
566	  in the NESSIE competition.
567
568	  See also:
569	  <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
570	  <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
571
572config CRYPTO_ARC4
573	tristate "ARC4 cipher algorithm"
574	select CRYPTO_ALGAPI
575	help
576	  ARC4 cipher algorithm.
577
578	  ARC4 is a stream cipher using keys ranging from 8 bits to 2048
579	  bits in length.  This algorithm is required for driver-based
580	  WEP, but it should not be for other purposes because of the
581	  weakness of the algorithm.
582
583config CRYPTO_BLOWFISH
584	tristate "Blowfish cipher algorithm"
585	select CRYPTO_ALGAPI
586	help
587	  Blowfish cipher algorithm, by Bruce Schneier.
588
589	  This is a variable key length cipher which can use keys from 32
590	  bits to 448 bits in length.  It's fast, simple and specifically
591	  designed for use on "large microprocessors".
592
593	  See also:
594	  <http://www.schneier.com/blowfish.html>
595
596config CRYPTO_CAMELLIA
597	tristate "Camellia cipher algorithms"
598	depends on CRYPTO
599	select CRYPTO_ALGAPI
600	help
601	  Camellia cipher algorithms module.
602
603	  Camellia is a symmetric key block cipher developed jointly
604	  at NTT and Mitsubishi Electric Corporation.
605
606	  The Camellia specifies three key sizes: 128, 192 and 256 bits.
607
608	  See also:
609	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
610
611config CRYPTO_CAST5
612	tristate "CAST5 (CAST-128) cipher algorithm"
613	select CRYPTO_ALGAPI
614	help
615	  The CAST5 encryption algorithm (synonymous with CAST-128) is
616	  described in RFC2144.
617
618config CRYPTO_CAST6
619	tristate "CAST6 (CAST-256) cipher algorithm"
620	select CRYPTO_ALGAPI
621	help
622	  The CAST6 encryption algorithm (synonymous with CAST-256) is
623	  described in RFC2612.
624
625config CRYPTO_DES
626	tristate "DES and Triple DES EDE cipher algorithms"
627	select CRYPTO_ALGAPI
628	help
629	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
630
631config CRYPTO_FCRYPT
632	tristate "FCrypt cipher algorithm"
633	select CRYPTO_ALGAPI
634	select CRYPTO_BLKCIPHER
635	help
636	  FCrypt algorithm used by RxRPC.
637
638config CRYPTO_KHAZAD
639	tristate "Khazad cipher algorithm"
640	select CRYPTO_ALGAPI
641	help
642	  Khazad cipher algorithm.
643
644	  Khazad was a finalist in the initial NESSIE competition.  It is
645	  an algorithm optimized for 64-bit processors with good performance
646	  on 32-bit processors.  Khazad uses an 128 bit key size.
647
648	  See also:
649	  <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
650
651config CRYPTO_SALSA20
652	tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
653	depends on EXPERIMENTAL
654	select CRYPTO_BLKCIPHER
655	help
656	  Salsa20 stream cipher algorithm.
657
658	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
659	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
660
661	  The Salsa20 stream cipher algorithm is designed by Daniel J.
662	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
663
664config CRYPTO_SALSA20_586
665	tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
666	depends on (X86 || UML_X86) && !64BIT
667	depends on EXPERIMENTAL
668	select CRYPTO_BLKCIPHER
669	help
670	  Salsa20 stream cipher algorithm.
671
672	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
673	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
674
675	  The Salsa20 stream cipher algorithm is designed by Daniel J.
676	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
677
678config CRYPTO_SALSA20_X86_64
679	tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
680	depends on (X86 || UML_X86) && 64BIT
681	depends on EXPERIMENTAL
682	select CRYPTO_BLKCIPHER
683	help
684	  Salsa20 stream cipher algorithm.
685
686	  Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
687	  Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
688
689	  The Salsa20 stream cipher algorithm is designed by Daniel J.
690	  Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
691
692config CRYPTO_SEED
693	tristate "SEED cipher algorithm"
694	select CRYPTO_ALGAPI
695	help
696	  SEED cipher algorithm (RFC4269).
697
698	  SEED is a 128-bit symmetric key block cipher that has been
699	  developed by KISA (Korea Information Security Agency) as a
700	  national standard encryption algorithm of the Republic of Korea.
701	  It is a 16 round block cipher with the key size of 128 bit.
702
703	  See also:
704	  <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
705
706config CRYPTO_SERPENT
707	tristate "Serpent cipher algorithm"
708	select CRYPTO_ALGAPI
709	help
710	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.
711
712	  Keys are allowed to be from 0 to 256 bits in length, in steps
713	  of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
714	  variant of Serpent for compatibility with old kerneli.org code.
715
716	  See also:
717	  <http://www.cl.cam.ac.uk/~rja14/serpent.html>
718
719config CRYPTO_TEA
720	tristate "TEA, XTEA and XETA cipher algorithms"
721	select CRYPTO_ALGAPI
722	help
723	  TEA cipher algorithm.
724
725	  Tiny Encryption Algorithm is a simple cipher that uses
726	  many rounds for security.  It is very fast and uses
727	  little memory.
728
729	  Xtendend Tiny Encryption Algorithm is a modification to
730	  the TEA algorithm to address a potential key weakness
731	  in the TEA algorithm.
732
733	  Xtendend Encryption Tiny Algorithm is a mis-implementation
734	  of the XTEA algorithm for compatibility purposes.
735
736config CRYPTO_TWOFISH
737	tristate "Twofish cipher algorithm"
738	select CRYPTO_ALGAPI
739	select CRYPTO_TWOFISH_COMMON
740	help
741	  Twofish cipher algorithm.
742
743	  Twofish was submitted as an AES (Advanced Encryption Standard)
744	  candidate cipher by researchers at CounterPane Systems.  It is a
745	  16 round block cipher supporting key sizes of 128, 192, and 256
746	  bits.
747
748	  See also:
749	  <http://www.schneier.com/twofish.html>
750
751config CRYPTO_TWOFISH_COMMON
752	tristate
753	help
754	  Common parts of the Twofish cipher algorithm shared by the
755	  generic c and the assembler implementations.
756
757config CRYPTO_TWOFISH_586
758	tristate "Twofish cipher algorithms (i586)"
759	depends on (X86 || UML_X86) && !64BIT
760	select CRYPTO_ALGAPI
761	select CRYPTO_TWOFISH_COMMON
762	help
763	  Twofish cipher algorithm.
764
765	  Twofish was submitted as an AES (Advanced Encryption Standard)
766	  candidate cipher by researchers at CounterPane Systems.  It is a
767	  16 round block cipher supporting key sizes of 128, 192, and 256
768	  bits.
769
770	  See also:
771	  <http://www.schneier.com/twofish.html>
772
773config CRYPTO_TWOFISH_X86_64
774	tristate "Twofish cipher algorithm (x86_64)"
775	depends on (X86 || UML_X86) && 64BIT
776	select CRYPTO_ALGAPI
777	select CRYPTO_TWOFISH_COMMON
778	help
779	  Twofish cipher algorithm (x86_64).
780
781	  Twofish was submitted as an AES (Advanced Encryption Standard)
782	  candidate cipher by researchers at CounterPane Systems.  It is a
783	  16 round block cipher supporting key sizes of 128, 192, and 256
784	  bits.
785
786	  See also:
787	  <http://www.schneier.com/twofish.html>
788
789comment "Compression"
790
791config CRYPTO_DEFLATE
792	tristate "Deflate compression algorithm"
793	select CRYPTO_ALGAPI
794	select ZLIB_INFLATE
795	select ZLIB_DEFLATE
796	help
797	  This is the Deflate algorithm (RFC1951), specified for use in
798	  IPSec with the IPCOMP protocol (RFC3173, RFC2394).
799
800	  You will most probably want this if using IPSec.
801
802config CRYPTO_ZLIB
803	tristate "Zlib compression algorithm"
804	select CRYPTO_PCOMP
805	select ZLIB_INFLATE
806	select ZLIB_DEFLATE
807	select NLATTR
808	help
809	  This is the zlib algorithm.
810
811config CRYPTO_LZO
812	tristate "LZO compression algorithm"
813	select CRYPTO_ALGAPI
814	select LZO_COMPRESS
815	select LZO_DECOMPRESS
816	help
817	  This is the LZO algorithm.
818
819comment "Random Number Generation"
820
821config CRYPTO_ANSI_CPRNG
822	tristate "Pseudo Random Number Generation for Cryptographic modules"
823	default m
824	select CRYPTO_AES
825	select CRYPTO_RNG
826	help
827	  This option enables the generic pseudo random number generator
828	  for cryptographic modules.  Uses the Algorithm specified in
829	  ANSI X9.31 A.2.4. Note that this option must be enabled if
830	  CRYPTO_FIPS is selected
831
832source "drivers/crypto/Kconfig"
833
834endif	# if CRYPTO
835