]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - crypto/Kconfig
Merge tag 'gpio-v4.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw...
[mirror_ubuntu-artful-kernel.git] / crypto / Kconfig
CommitLineData
685784aa
DW
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW
12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT
17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX
20if CRYPTO
21
584fffc8
SS
22comment "Crypto core or helper"
23
ccb778e1
NH
24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
f2c89a10 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
1f696097 27 depends on (MODULE_SIG || !MODULES)
ccb778e1
NH
28 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
e84c5480 32 this is.
ccb778e1 33
cce9e06d
HX
34config CRYPTO_ALGAPI
35 tristate
6a0fcbb4 36 select CRYPTO_ALGAPI2
cce9e06d
HX
37 help
38 This option provides the API for cryptographic algorithms.
39
6a0fcbb4
HX
40config CRYPTO_ALGAPI2
41 tristate
42
1ae97820
HX
43config CRYPTO_AEAD
44 tristate
6a0fcbb4 45 select CRYPTO_AEAD2
1ae97820
HX
46 select CRYPTO_ALGAPI
47
6a0fcbb4
HX
48config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
149a3971
HX
51 select CRYPTO_NULL2
52 select CRYPTO_RNG2
6a0fcbb4 53
5cde0af2
HX
54config CRYPTO_BLKCIPHER
55 tristate
6a0fcbb4 56 select CRYPTO_BLKCIPHER2
5cde0af2 57 select CRYPTO_ALGAPI
6a0fcbb4
HX
58
59config CRYPTO_BLKCIPHER2
60 tristate
61 select CRYPTO_ALGAPI2
62 select CRYPTO_RNG2
0a2e821d 63 select CRYPTO_WORKQUEUE
5cde0af2 64
055bcee3
HX
65config CRYPTO_HASH
66 tristate
6a0fcbb4 67 select CRYPTO_HASH2
055bcee3
HX
68 select CRYPTO_ALGAPI
69
6a0fcbb4
HX
70config CRYPTO_HASH2
71 tristate
72 select CRYPTO_ALGAPI2
73
17f0f4a4
NH
74config CRYPTO_RNG
75 tristate
6a0fcbb4 76 select CRYPTO_RNG2
17f0f4a4
NH
77 select CRYPTO_ALGAPI
78
6a0fcbb4
HX
79config CRYPTO_RNG2
80 tristate
81 select CRYPTO_ALGAPI2
82
401e4238
HX
83config CRYPTO_RNG_DEFAULT
84 tristate
85 select CRYPTO_DRBG_MENU
86
3c339ab8
TS
87config CRYPTO_AKCIPHER2
88 tristate
89 select CRYPTO_ALGAPI2
90
91config CRYPTO_AKCIPHER
92 tristate
93 select CRYPTO_AKCIPHER2
94 select CRYPTO_ALGAPI
95
4e5f2c40
SB
96config CRYPTO_KPP2
97 tristate
98 select CRYPTO_ALGAPI2
99
100config CRYPTO_KPP
101 tristate
102 select CRYPTO_ALGAPI
103 select CRYPTO_KPP2
104
2ebda74f
GC
105config CRYPTO_ACOMP2
106 tristate
107 select CRYPTO_ALGAPI2
108
109config CRYPTO_ACOMP
110 tristate
111 select CRYPTO_ALGAPI
112 select CRYPTO_ACOMP2
113
cfc2bb32
TS
114config CRYPTO_RSA
115 tristate "RSA algorithm"
425e0172 116 select CRYPTO_AKCIPHER
58446fef 117 select CRYPTO_MANAGER
cfc2bb32
TS
118 select MPILIB
119 select ASN1
120 help
121 Generic implementation of the RSA public key algorithm.
122
802c7f1c
SB
123config CRYPTO_DH
124 tristate "Diffie-Hellman algorithm"
125 select CRYPTO_KPP
126 select MPILIB
127 help
128 Generic implementation of the Diffie-Hellman algorithm.
129
3c4b2390
SB
130config CRYPTO_ECDH
131 tristate "ECDH algorithm"
132 select CRYTPO_KPP
133 help
134 Generic implementation of the ECDH algorithm
802c7f1c 135
2b8c19db
HX
136config CRYPTO_MANAGER
137 tristate "Cryptographic algorithm manager"
6a0fcbb4 138 select CRYPTO_MANAGER2
2b8c19db
HX
139 help
140 Create default cryptographic template instantiations such as
141 cbc(aes).
142
6a0fcbb4
HX
143config CRYPTO_MANAGER2
144 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
145 select CRYPTO_AEAD2
146 select CRYPTO_HASH2
147 select CRYPTO_BLKCIPHER2
946cc463 148 select CRYPTO_AKCIPHER2
4e5f2c40 149 select CRYPTO_KPP2
2ebda74f 150 select CRYPTO_ACOMP2
6a0fcbb4 151
a38f7907
SK
152config CRYPTO_USER
153 tristate "Userspace cryptographic algorithm configuration"
5db017aa 154 depends on NET
a38f7907
SK
155 select CRYPTO_MANAGER
156 help
d19978f5 157 Userspace configuration for cryptographic instantiations such as
a38f7907
SK
158 cbc(aes).
159
326a6346
HX
160config CRYPTO_MANAGER_DISABLE_TESTS
161 bool "Disable run-time self tests"
00ca28a5
HX
162 default y
163 depends on CRYPTO_MANAGER2
0b767f96 164 help
326a6346
HX
165 Disable run-time self tests that normally take place at
166 algorithm registration.
0b767f96 167
584fffc8 168config CRYPTO_GF128MUL
08c70fc3 169 tristate "GF(2^128) multiplication functions"
333b0d7e 170 help
584fffc8
SS
171 Efficient table driven implementation of multiplications in the
172 field GF(2^128). This is needed by some cypher modes. This
173 option will be selected automatically if you select such a
174 cipher mode. Only select this option by hand if you expect to load
175 an external module that requires these functions.
333b0d7e 176
1da177e4
LT
177config CRYPTO_NULL
178 tristate "Null algorithms"
149a3971 179 select CRYPTO_NULL2
1da177e4
LT
180 help
181 These are 'Null' algorithms, used by IPsec, which do nothing.
182
149a3971 183config CRYPTO_NULL2
dd43c4e9 184 tristate
149a3971
HX
185 select CRYPTO_ALGAPI2
186 select CRYPTO_BLKCIPHER2
187 select CRYPTO_HASH2
188
5068c7a8 189config CRYPTO_PCRYPT
3b4afaf2
KC
190 tristate "Parallel crypto engine"
191 depends on SMP
5068c7a8
SK
192 select PADATA
193 select CRYPTO_MANAGER
194 select CRYPTO_AEAD
195 help
196 This converts an arbitrary crypto algorithm into a parallel
197 algorithm that executes in kernel threads.
198
25c38d3f
HY
199config CRYPTO_WORKQUEUE
200 tristate
201
584fffc8
SS
202config CRYPTO_CRYPTD
203 tristate "Software async crypto daemon"
204 select CRYPTO_BLKCIPHER
b8a28251 205 select CRYPTO_HASH
584fffc8 206 select CRYPTO_MANAGER
254eff77 207 select CRYPTO_WORKQUEUE
1da177e4 208 help
584fffc8
SS
209 This is a generic software asynchronous crypto daemon that
210 converts an arbitrary synchronous software crypto algorithm
211 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 212
1e65b81a
TC
213config CRYPTO_MCRYPTD
214 tristate "Software async multi-buffer crypto daemon"
215 select CRYPTO_BLKCIPHER
216 select CRYPTO_HASH
217 select CRYPTO_MANAGER
218 select CRYPTO_WORKQUEUE
219 help
220 This is a generic software asynchronous crypto daemon that
221 provides the kernel thread to assist multi-buffer crypto
222 algorithms for submitting jobs and flushing jobs in multi-buffer
223 crypto algorithms. Multi-buffer crypto algorithms are executed
224 in the context of this kernel thread and drivers can post
0e56673b 225 their crypto request asynchronously to be processed by this daemon.
1e65b81a 226
584fffc8
SS
227config CRYPTO_AUTHENC
228 tristate "Authenc support"
229 select CRYPTO_AEAD
230 select CRYPTO_BLKCIPHER
231 select CRYPTO_MANAGER
232 select CRYPTO_HASH
e94c6a7a 233 select CRYPTO_NULL
1da177e4 234 help
584fffc8
SS
235 Authenc: Combined mode wrapper for IPsec.
236 This is required for IPSec.
1da177e4 237
584fffc8
SS
238config CRYPTO_TEST
239 tristate "Testing module"
240 depends on m
da7f033d 241 select CRYPTO_MANAGER
1da177e4 242 help
584fffc8 243 Quick & dirty crypto test module.
1da177e4 244
a62b01cd 245config CRYPTO_ABLK_HELPER
ffaf9156 246 tristate
266d0516
HX
247 select CRYPTO_CRYPTD
248
249config CRYPTO_SIMD
250 tristate
ffaf9156
JK
251 select CRYPTO_CRYPTD
252
596d8750
JK
253config CRYPTO_GLUE_HELPER_X86
254 tristate
255 depends on X86
065ce327 256 select CRYPTO_BLKCIPHER
596d8750 257
735d37b5
BW
258config CRYPTO_ENGINE
259 tristate
260
584fffc8 261comment "Authenticated Encryption with Associated Data"
cd12fb90 262
584fffc8
SS
263config CRYPTO_CCM
264 tristate "CCM support"
265 select CRYPTO_CTR
266 select CRYPTO_AEAD
1da177e4 267 help
584fffc8 268 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 269
584fffc8
SS
270config CRYPTO_GCM
271 tristate "GCM/GMAC support"
272 select CRYPTO_CTR
273 select CRYPTO_AEAD
9382d97a 274 select CRYPTO_GHASH
9489667d 275 select CRYPTO_NULL
1da177e4 276 help
584fffc8
SS
277 Support for Galois/Counter Mode (GCM) and Galois Message
278 Authentication Code (GMAC). Required for IPSec.
1da177e4 279
71ebc4d1
MW
280config CRYPTO_CHACHA20POLY1305
281 tristate "ChaCha20-Poly1305 AEAD support"
282 select CRYPTO_CHACHA20
283 select CRYPTO_POLY1305
284 select CRYPTO_AEAD
285 help
286 ChaCha20-Poly1305 AEAD support, RFC7539.
287
288 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
289 with the Poly1305 authenticator. It is defined in RFC7539 for use in
290 IETF protocols.
291
584fffc8
SS
292config CRYPTO_SEQIV
293 tristate "Sequence Number IV Generator"
294 select CRYPTO_AEAD
295 select CRYPTO_BLKCIPHER
856e3f40 296 select CRYPTO_NULL
401e4238 297 select CRYPTO_RNG_DEFAULT
1da177e4 298 help
584fffc8
SS
299 This IV generator generates an IV based on a sequence number by
300 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 301
a10f554f
HX
302config CRYPTO_ECHAINIV
303 tristate "Encrypted Chain IV Generator"
304 select CRYPTO_AEAD
305 select CRYPTO_NULL
401e4238 306 select CRYPTO_RNG_DEFAULT
3491244c 307 default m
a10f554f
HX
308 help
309 This IV generator generates an IV based on the encryption of
310 a sequence number xored with a salt. This is the default
311 algorithm for CBC.
312
584fffc8 313comment "Block modes"
c494e070 314
584fffc8
SS
315config CRYPTO_CBC
316 tristate "CBC support"
db131ef9 317 select CRYPTO_BLKCIPHER
43518407 318 select CRYPTO_MANAGER
db131ef9 319 help
584fffc8
SS
320 CBC: Cipher Block Chaining mode
321 This block cipher algorithm is required for IPSec.
db131ef9 322
584fffc8
SS
323config CRYPTO_CTR
324 tristate "CTR support"
db131ef9 325 select CRYPTO_BLKCIPHER
584fffc8 326 select CRYPTO_SEQIV
43518407 327 select CRYPTO_MANAGER
db131ef9 328 help
584fffc8 329 CTR: Counter mode
db131ef9
HX
330 This block cipher algorithm is required for IPSec.
331
584fffc8
SS
332config CRYPTO_CTS
333 tristate "CTS support"
334 select CRYPTO_BLKCIPHER
335 help
336 CTS: Cipher Text Stealing
337 This is the Cipher Text Stealing mode as described by
338 Section 8 of rfc2040 and referenced by rfc3962.
339 (rfc3962 includes errata information in its Appendix A)
340 This mode is required for Kerberos gss mechanism support
341 for AES encryption.
342
343config CRYPTO_ECB
344 tristate "ECB support"
91652be5
DH
345 select CRYPTO_BLKCIPHER
346 select CRYPTO_MANAGER
91652be5 347 help
584fffc8
SS
348 ECB: Electronic CodeBook mode
349 This is the simplest block cipher algorithm. It simply encrypts
350 the input block by block.
91652be5 351
64470f1b 352config CRYPTO_LRW
2470a2b2 353 tristate "LRW support"
64470f1b
RS
354 select CRYPTO_BLKCIPHER
355 select CRYPTO_MANAGER
356 select CRYPTO_GF128MUL
357 help
358 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
359 narrow block cipher mode for dm-crypt. Use it with cipher
360 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
361 The first 128, 192 or 256 bits in the key are used for AES and the
362 rest is used to tie each cipher block to its logical position.
363
584fffc8
SS
364config CRYPTO_PCBC
365 tristate "PCBC support"
366 select CRYPTO_BLKCIPHER
367 select CRYPTO_MANAGER
368 help
369 PCBC: Propagating Cipher Block Chaining mode
370 This block cipher algorithm is required for RxRPC.
371
f19f5111 372config CRYPTO_XTS
5bcf8e6d 373 tristate "XTS support"
f19f5111
RS
374 select CRYPTO_BLKCIPHER
375 select CRYPTO_MANAGER
376 select CRYPTO_GF128MUL
377 help
378 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
379 key size 256, 384 or 512 bits. This implementation currently
380 can't handle a sectorsize which is not a multiple of 16 bytes.
381
1c49678e
SM
382config CRYPTO_KEYWRAP
383 tristate "Key wrapping support"
384 select CRYPTO_BLKCIPHER
385 help
386 Support for key wrapping (NIST SP800-38F / RFC3394) without
387 padding.
388
584fffc8
SS
389comment "Hash modes"
390
93b5e86a
JK
391config CRYPTO_CMAC
392 tristate "CMAC support"
393 select CRYPTO_HASH
394 select CRYPTO_MANAGER
395 help
396 Cipher-based Message Authentication Code (CMAC) specified by
397 The National Institute of Standards and Technology (NIST).
398
399 https://tools.ietf.org/html/rfc4493
400 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
401
584fffc8
SS
402config CRYPTO_HMAC
403 tristate "HMAC support"
404 select CRYPTO_HASH
23e353c8 405 select CRYPTO_MANAGER
23e353c8 406 help
584fffc8
SS
407 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
408 This is required for IPSec.
23e353c8 409
584fffc8
SS
410config CRYPTO_XCBC
411 tristate "XCBC support"
584fffc8
SS
412 select CRYPTO_HASH
413 select CRYPTO_MANAGER
76cb9521 414 help
584fffc8
SS
415 XCBC: Keyed-Hashing with encryption algorithm
416 http://www.ietf.org/rfc/rfc3566.txt
417 http://csrc.nist.gov/encryption/modes/proposedmodes/
418 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 419
f1939f7c
SW
420config CRYPTO_VMAC
421 tristate "VMAC support"
f1939f7c
SW
422 select CRYPTO_HASH
423 select CRYPTO_MANAGER
424 help
425 VMAC is a message authentication algorithm designed for
426 very high speed on 64-bit architectures.
427
428 See also:
429 <http://fastcrypto.org/vmac>
430
584fffc8 431comment "Digest"
28db8e3e 432
584fffc8
SS
433config CRYPTO_CRC32C
434 tristate "CRC32c CRC algorithm"
5773a3e6 435 select CRYPTO_HASH
6a0962b2 436 select CRC32
4a49b499 437 help
584fffc8
SS
438 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
439 by iSCSI for header and data digests and by others.
69c35efc 440 See Castagnoli93. Module will be crc32c.
4a49b499 441
8cb51ba8
AZ
442config CRYPTO_CRC32C_INTEL
443 tristate "CRC32c INTEL hardware acceleration"
444 depends on X86
445 select CRYPTO_HASH
446 help
447 In Intel processor with SSE4.2 supported, the processor will
448 support CRC32C implementation using hardware accelerated CRC32
449 instruction. This option will create 'crc32c-intel' module,
450 which will enable any routine to use the CRC32 instruction to
451 gain performance compared with software implementation.
452 Module will be crc32c-intel.
453
7cf31864 454config CRYPTO_CRC32C_VPMSUM
6dd7a82c 455 tristate "CRC32c CRC algorithm (powerpc64)"
c12abf34 456 depends on PPC64 && ALTIVEC
6dd7a82c
AB
457 select CRYPTO_HASH
458 select CRC32
459 help
460 CRC32c algorithm implemented using vector polynomial multiply-sum
461 (vpmsum) instructions, introduced in POWER8. Enable on POWER8
462 and newer processors for improved performance.
463
464
442a7c40
DM
465config CRYPTO_CRC32C_SPARC64
466 tristate "CRC32c CRC algorithm (SPARC64)"
467 depends on SPARC64
468 select CRYPTO_HASH
469 select CRC32
470 help
471 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
472 when available.
473
78c37d19
AB
474config CRYPTO_CRC32
475 tristate "CRC32 CRC algorithm"
476 select CRYPTO_HASH
477 select CRC32
478 help
479 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
480 Shash crypto api wrappers to crc32_le function.
481
482config CRYPTO_CRC32_PCLMUL
483 tristate "CRC32 PCLMULQDQ hardware acceleration"
484 depends on X86
485 select CRYPTO_HASH
486 select CRC32
487 help
488 From Intel Westmere and AMD Bulldozer processor with SSE4.2
489 and PCLMULQDQ supported, the processor will support
490 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
491 instruction. This option will create 'crc32-plcmul' module,
492 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
493 and gain better performance as compared with the table implementation.
494
68411521
HX
495config CRYPTO_CRCT10DIF
496 tristate "CRCT10DIF algorithm"
497 select CRYPTO_HASH
498 help
499 CRC T10 Data Integrity Field computation is being cast as
500 a crypto transform. This allows for faster crc t10 diff
501 transforms to be used if they are available.
502
503config CRYPTO_CRCT10DIF_PCLMUL
504 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
505 depends on X86 && 64BIT && CRC_T10DIF
506 select CRYPTO_HASH
507 help
508 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
509 CRC T10 DIF PCLMULQDQ computation can be hardware
510 accelerated PCLMULQDQ instruction. This option will create
511 'crct10dif-plcmul' module, which is faster when computing the
512 crct10dif checksum as compared with the generic table implementation.
513
2cdc6899
HY
514config CRYPTO_GHASH
515 tristate "GHASH digest algorithm"
2cdc6899 516 select CRYPTO_GF128MUL
578c60fb 517 select CRYPTO_HASH
2cdc6899
HY
518 help
519 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
520
f979e014
MW
521config CRYPTO_POLY1305
522 tristate "Poly1305 authenticator algorithm"
578c60fb 523 select CRYPTO_HASH
f979e014
MW
524 help
525 Poly1305 authenticator algorithm, RFC7539.
526
527 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
528 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
529 in IETF protocols. This is the portable C implementation of Poly1305.
530
c70f4abe 531config CRYPTO_POLY1305_X86_64
b1ccc8f4 532 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
c70f4abe
MW
533 depends on X86 && 64BIT
534 select CRYPTO_POLY1305
535 help
536 Poly1305 authenticator algorithm, RFC7539.
537
538 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
539 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
540 in IETF protocols. This is the x86_64 assembler implementation using SIMD
541 instructions.
542
584fffc8
SS
543config CRYPTO_MD4
544 tristate "MD4 digest algorithm"
808a1763 545 select CRYPTO_HASH
124b53d0 546 help
584fffc8 547 MD4 message digest algorithm (RFC1320).
124b53d0 548
584fffc8
SS
549config CRYPTO_MD5
550 tristate "MD5 digest algorithm"
14b75ba7 551 select CRYPTO_HASH
1da177e4 552 help
584fffc8 553 MD5 message digest algorithm (RFC1321).
1da177e4 554
d69e75de
AK
555config CRYPTO_MD5_OCTEON
556 tristate "MD5 digest algorithm (OCTEON)"
557 depends on CPU_CAVIUM_OCTEON
558 select CRYPTO_MD5
559 select CRYPTO_HASH
560 help
561 MD5 message digest algorithm (RFC1321) implemented
562 using OCTEON crypto instructions, when available.
563
e8e59953
MS
564config CRYPTO_MD5_PPC
565 tristate "MD5 digest algorithm (PPC)"
566 depends on PPC
567 select CRYPTO_HASH
568 help
569 MD5 message digest algorithm (RFC1321) implemented
570 in PPC assembler.
571
fa4dfedc
DM
572config CRYPTO_MD5_SPARC64
573 tristate "MD5 digest algorithm (SPARC64)"
574 depends on SPARC64
575 select CRYPTO_MD5
576 select CRYPTO_HASH
577 help
578 MD5 message digest algorithm (RFC1321) implemented
579 using sparc64 crypto instructions, when available.
580
584fffc8
SS
581config CRYPTO_MICHAEL_MIC
582 tristate "Michael MIC keyed digest algorithm"
19e2bf14 583 select CRYPTO_HASH
90831639 584 help
584fffc8
SS
585 Michael MIC is used for message integrity protection in TKIP
586 (IEEE 802.11i). This algorithm is required for TKIP, but it
587 should not be used for other purposes because of the weakness
588 of the algorithm.
90831639 589
82798f90 590config CRYPTO_RMD128
b6d44341 591 tristate "RIPEMD-128 digest algorithm"
7c4468bc 592 select CRYPTO_HASH
b6d44341
AB
593 help
594 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 595
b6d44341 596 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 597 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 598 RIPEMD-160 should be used.
82798f90 599
b6d44341 600 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 601 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR
602
603config CRYPTO_RMD160
b6d44341 604 tristate "RIPEMD-160 digest algorithm"
e5835fba 605 select CRYPTO_HASH
b6d44341
AB
606 help
607 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 608
b6d44341
AB
609 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
610 to be used as a secure replacement for the 128-bit hash functions
611 MD4, MD5 and it's predecessor RIPEMD
612 (not to be confused with RIPEMD-128).
82798f90 613
b6d44341
AB
614 It's speed is comparable to SHA1 and there are no known attacks
615 against RIPEMD-160.
534fe2c1 616
b6d44341 617 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 618 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR
619
620config CRYPTO_RMD256
b6d44341 621 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 622 select CRYPTO_HASH
b6d44341
AB
623 help
624 RIPEMD-256 is an optional extension of RIPEMD-128 with a
625 256 bit hash. It is intended for applications that require
626 longer hash-results, without needing a larger security level
627 (than RIPEMD-128).
534fe2c1 628
b6d44341 629 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 630 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR
631
632config CRYPTO_RMD320
b6d44341 633 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 634 select CRYPTO_HASH
b6d44341
AB
635 help
636 RIPEMD-320 is an optional extension of RIPEMD-160 with a
637 320 bit hash. It is intended for applications that require
638 longer hash-results, without needing a larger security level
639 (than RIPEMD-160).
534fe2c1 640
b6d44341 641 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 642 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 643
584fffc8
SS
644config CRYPTO_SHA1
645 tristate "SHA1 digest algorithm"
54ccb367 646 select CRYPTO_HASH
1da177e4 647 help
584fffc8 648 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 649
66be8951 650config CRYPTO_SHA1_SSSE3
e38b6b7f 651 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
66be8951
MK
652 depends on X86 && 64BIT
653 select CRYPTO_SHA1
654 select CRYPTO_HASH
655 help
656 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
657 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
e38b6b7f 658 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
659 when available.
66be8951 660
8275d1aa 661config CRYPTO_SHA256_SSSE3
e38b6b7f 662 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
8275d1aa
TC
663 depends on X86 && 64BIT
664 select CRYPTO_SHA256
665 select CRYPTO_HASH
666 help
667 SHA-256 secure hash standard (DFIPS 180-2) implemented
668 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
669 Extensions version 1 (AVX1), or Advanced Vector Extensions
e38b6b7f 670 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
671 Instructions) when available.
87de4579
TC
672
673config CRYPTO_SHA512_SSSE3
674 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
675 depends on X86 && 64BIT
676 select CRYPTO_SHA512
677 select CRYPTO_HASH
678 help
679 SHA-512 secure hash standard (DFIPS 180-2) implemented
680 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
681 Extensions version 1 (AVX1), or Advanced Vector Extensions
8275d1aa
TC
682 version 2 (AVX2) instructions, when available.
683
efdb6f6e
AK
684config CRYPTO_SHA1_OCTEON
685 tristate "SHA1 digest algorithm (OCTEON)"
686 depends on CPU_CAVIUM_OCTEON
687 select CRYPTO_SHA1
688 select CRYPTO_HASH
689 help
690 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
691 using OCTEON crypto instructions, when available.
692
4ff28d4c
DM
693config CRYPTO_SHA1_SPARC64
694 tristate "SHA1 digest algorithm (SPARC64)"
695 depends on SPARC64
696 select CRYPTO_SHA1
697 select CRYPTO_HASH
698 help
699 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
700 using sparc64 crypto instructions, when available.
701
323a6bf1
ME
702config CRYPTO_SHA1_PPC
703 tristate "SHA1 digest algorithm (powerpc)"
704 depends on PPC
705 help
706 This is the powerpc hardware accelerated implementation of the
707 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
708
d9850fc5
MS
709config CRYPTO_SHA1_PPC_SPE
710 tristate "SHA1 digest algorithm (PPC SPE)"
711 depends on PPC && SPE
712 help
713 SHA-1 secure hash standard (DFIPS 180-4) implemented
714 using powerpc SPE SIMD instruction set.
715
1e65b81a
TC
716config CRYPTO_SHA1_MB
717 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
718 depends on X86 && 64BIT
719 select CRYPTO_SHA1
720 select CRYPTO_HASH
721 select CRYPTO_MCRYPTD
722 help
723 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
724 using multi-buffer technique. This algorithm computes on
725 multiple data lanes concurrently with SIMD instructions for
726 better throughput. It should not be enabled by default but
727 used when there is significant amount of work to keep the keep
728 the data lanes filled to get performance benefit. If the data
729 lanes remain unfilled, a flush operation will be initiated to
730 process the crypto jobs, adding a slight latency.
731
9be7e244
MD
732config CRYPTO_SHA256_MB
733 tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
734 depends on X86 && 64BIT
735 select CRYPTO_SHA256
736 select CRYPTO_HASH
737 select CRYPTO_MCRYPTD
738 help
739 SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
740 using multi-buffer technique. This algorithm computes on
741 multiple data lanes concurrently with SIMD instructions for
742 better throughput. It should not be enabled by default but
743 used when there is significant amount of work to keep the keep
744 the data lanes filled to get performance benefit. If the data
745 lanes remain unfilled, a flush operation will be initiated to
746 process the crypto jobs, adding a slight latency.
747
026bb8aa
MD
748config CRYPTO_SHA512_MB
749 tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
750 depends on X86 && 64BIT
751 select CRYPTO_SHA512
752 select CRYPTO_HASH
753 select CRYPTO_MCRYPTD
754 help
755 SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
756 using multi-buffer technique. This algorithm computes on
757 multiple data lanes concurrently with SIMD instructions for
758 better throughput. It should not be enabled by default but
759 used when there is significant amount of work to keep the keep
760 the data lanes filled to get performance benefit. If the data
761 lanes remain unfilled, a flush operation will be initiated to
762 process the crypto jobs, adding a slight latency.
763
584fffc8
SS
764config CRYPTO_SHA256
765 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 766 select CRYPTO_HASH
1da177e4 767 help
584fffc8 768 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 769
584fffc8
SS
770 This version of SHA implements a 256 bit hash with 128 bits of
771 security against collision attacks.
2729bb42 772
b6d44341
AB
773 This code also includes SHA-224, a 224 bit hash with 112 bits
774 of security against collision attacks.
584fffc8 775
2ecc1e95
MS
776config CRYPTO_SHA256_PPC_SPE
777 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
778 depends on PPC && SPE
779 select CRYPTO_SHA256
780 select CRYPTO_HASH
781 help
782 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
783 implemented using powerpc SPE SIMD instruction set.
784
efdb6f6e
AK
785config CRYPTO_SHA256_OCTEON
786 tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
787 depends on CPU_CAVIUM_OCTEON
788 select CRYPTO_SHA256
789 select CRYPTO_HASH
790 help
791 SHA-256 secure hash standard (DFIPS 180-2) implemented
792 using OCTEON crypto instructions, when available.
793
86c93b24
DM
794config CRYPTO_SHA256_SPARC64
795 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
796 depends on SPARC64
797 select CRYPTO_SHA256
798 select CRYPTO_HASH
799 help
800 SHA-256 secure hash standard (DFIPS 180-2) implemented
801 using sparc64 crypto instructions, when available.
802
584fffc8
SS
803config CRYPTO_SHA512
804 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 805 select CRYPTO_HASH
b9f535ff 806 help
584fffc8 807 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 808
584fffc8
SS
809 This version of SHA implements a 512 bit hash with 256 bits of
810 security against collision attacks.
b9f535ff 811
584fffc8
SS
812 This code also includes SHA-384, a 384 bit hash with 192 bits
813 of security against collision attacks.
b9f535ff 814
efdb6f6e
AK
815config CRYPTO_SHA512_OCTEON
816 tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
817 depends on CPU_CAVIUM_OCTEON
818 select CRYPTO_SHA512
819 select CRYPTO_HASH
820 help
821 SHA-512 secure hash standard (DFIPS 180-2) implemented
822 using OCTEON crypto instructions, when available.
823
775e0c69
DM
824config CRYPTO_SHA512_SPARC64
825 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
826 depends on SPARC64
827 select CRYPTO_SHA512
828 select CRYPTO_HASH
829 help
830 SHA-512 secure hash standard (DFIPS 180-2) implemented
831 using sparc64 crypto instructions, when available.
832
53964b9e
JG
833config CRYPTO_SHA3
834 tristate "SHA3 digest algorithm"
835 select CRYPTO_HASH
836 help
837 SHA-3 secure hash standard (DFIPS 202). It's based on
838 cryptographic sponge function family called Keccak.
839
840 References:
841 http://keccak.noekeon.org/
842
584fffc8
SS
843config CRYPTO_TGR192
844 tristate "Tiger digest algorithms"
f63fbd3d 845 select CRYPTO_HASH
eaf44088 846 help
584fffc8 847 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 848
584fffc8
SS
849 Tiger is a hash function optimized for 64-bit processors while
850 still having decent performance on 32-bit processors.
851 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF
852
853 See also:
584fffc8 854 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 855
584fffc8
SS
856config CRYPTO_WP512
857 tristate "Whirlpool digest algorithms"
4946510b 858 select CRYPTO_HASH
1da177e4 859 help
584fffc8 860 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 861
584fffc8
SS
862 Whirlpool-512 is part of the NESSIE cryptographic primitives.
863 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT
864
865 See also:
6d8de74c 866 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 867
0e1227d3
HY
868config CRYPTO_GHASH_CLMUL_NI_INTEL
869 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 870 depends on X86 && 64BIT
0e1227d3
HY
871 select CRYPTO_CRYPTD
872 help
873 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
874 The implementation is accelerated by CLMUL-NI of Intel.
875
584fffc8 876comment "Ciphers"
1da177e4
LT
877
878config CRYPTO_AES
879 tristate "AES cipher algorithms"
cce9e06d 880 select CRYPTO_ALGAPI
1da177e4 881 help
584fffc8 882 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT
883 algorithm.
884
885 Rijndael appears to be consistently a very good performer in
584fffc8
SS
886 both hardware and software across a wide range of computing
887 environments regardless of its use in feedback or non-feedback
888 modes. Its key setup time is excellent, and its key agility is
889 good. Rijndael's very low memory requirements make it very well
890 suited for restricted-space environments, in which it also
891 demonstrates excellent performance. Rijndael's operations are
892 among the easiest to defend against power and timing attacks.
1da177e4 893
584fffc8 894 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT
895
896 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
897
898config CRYPTO_AES_586
899 tristate "AES cipher algorithms (i586)"
cce9e06d
HX
900 depends on (X86 || UML_X86) && !64BIT
901 select CRYPTO_ALGAPI
5157dea8 902 select CRYPTO_AES
1da177e4 903 help
584fffc8 904 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT
905 algorithm.
906
907 Rijndael appears to be consistently a very good performer in
584fffc8
SS
908 both hardware and software across a wide range of computing
909 environments regardless of its use in feedback or non-feedback
910 modes. Its key setup time is excellent, and its key agility is
911 good. Rijndael's very low memory requirements make it very well
912 suited for restricted-space environments, in which it also
913 demonstrates excellent performance. Rijndael's operations are
914 among the easiest to defend against power and timing attacks.
1da177e4 915
584fffc8 916 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS
917
918 See <http://csrc.nist.gov/encryption/aes/> for more information.
919
920config CRYPTO_AES_X86_64
921 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX
922 depends on (X86 || UML_X86) && 64BIT
923 select CRYPTO_ALGAPI
81190b32 924 select CRYPTO_AES
a2a892a2 925 help
584fffc8 926 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS
927 algorithm.
928
929 Rijndael appears to be consistently a very good performer in
584fffc8
SS
930 both hardware and software across a wide range of computing
931 environments regardless of its use in feedback or non-feedback
932 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY
933 good. Rijndael's very low memory requirements make it very well
934 suited for restricted-space environments, in which it also
935 demonstrates excellent performance. Rijndael's operations are
936 among the easiest to defend against power and timing attacks.
937
938 The AES specifies three key sizes: 128, 192 and 256 bits
939
940 See <http://csrc.nist.gov/encryption/aes/> for more information.
941
942config CRYPTO_AES_NI_INTEL
943 tristate "AES cipher algorithms (AES-NI)"
8af00860 944 depends on X86
85671860 945 select CRYPTO_AEAD
0d258efb
MK
946 select CRYPTO_AES_X86_64 if 64BIT
947 select CRYPTO_AES_586 if !64BIT
54b6a1bd 948 select CRYPTO_ALGAPI
85671860 949 select CRYPTO_BLKCIPHER
7643a11a 950 select CRYPTO_GLUE_HELPER_X86 if 64BIT
85671860 951 select CRYPTO_SIMD
54b6a1bd
HY
952 help
953 Use Intel AES-NI instructions for AES algorithm.
954
955 AES cipher algorithms (FIPS-197). AES uses the Rijndael
956 algorithm.
957
958 Rijndael appears to be consistently a very good performer in
959 both hardware and software across a wide range of computing
960 environments regardless of its use in feedback or non-feedback
961 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS
962 good. Rijndael's very low memory requirements make it very well
963 suited for restricted-space environments, in which it also
964 demonstrates excellent performance. Rijndael's operations are
965 among the easiest to defend against power and timing attacks.
a2a892a2 966
584fffc8 967 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT
968
969 See <http://csrc.nist.gov/encryption/aes/> for more information.
970
0d258efb
MK
971 In addition to AES cipher algorithm support, the acceleration
972 for some popular block cipher mode is supported too, including
973 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
974 acceleration for CTR.
2cf4ac8b 975
9bf4852d
DM
976config CRYPTO_AES_SPARC64
977 tristate "AES cipher algorithms (SPARC64)"
978 depends on SPARC64
979 select CRYPTO_CRYPTD
980 select CRYPTO_ALGAPI
981 help
982 Use SPARC64 crypto opcodes for AES algorithm.
983
984 AES cipher algorithms (FIPS-197). AES uses the Rijndael
985 algorithm.
986
987 Rijndael appears to be consistently a very good performer in
988 both hardware and software across a wide range of computing
989 environments regardless of its use in feedback or non-feedback
990 modes. Its key setup time is excellent, and its key agility is
991 good. Rijndael's very low memory requirements make it very well
992 suited for restricted-space environments, in which it also
993 demonstrates excellent performance. Rijndael's operations are
994 among the easiest to defend against power and timing attacks.
995
996 The AES specifies three key sizes: 128, 192 and 256 bits
997
998 See <http://csrc.nist.gov/encryption/aes/> for more information.
999
1000 In addition to AES cipher algorithm support, the acceleration
1001 for some popular block cipher mode is supported too, including
1002 ECB and CBC.
1003
504c6143
MS
1004config CRYPTO_AES_PPC_SPE
1005 tristate "AES cipher algorithms (PPC SPE)"
1006 depends on PPC && SPE
1007 help
1008 AES cipher algorithms (FIPS-197). Additionally the acceleration
1009 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1010 This module should only be used for low power (router) devices
1011 without hardware AES acceleration (e.g. caam crypto). It reduces the
1012 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1013 timining attacks. Nevertheless it might be not as secure as other
1014 architecture specific assembler implementations that work on 1KB
1015 tables or 256 bytes S-boxes.
1016
584fffc8
SS
1017config CRYPTO_ANUBIS
1018 tristate "Anubis cipher algorithm"
1019 select CRYPTO_ALGAPI
1020 help
1021 Anubis cipher algorithm.
1022
1023 Anubis is a variable key length cipher which can use keys from
1024 128 bits to 320 bits in length. It was evaluated as a entrant
1025 in the NESSIE competition.
1026
1027 See also:
6d8de74c
JM
1028 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1029 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS
1030
1031config CRYPTO_ARC4
1032 tristate "ARC4 cipher algorithm"
b9b0f080 1033 select CRYPTO_BLKCIPHER
584fffc8
SS
1034 help
1035 ARC4 cipher algorithm.
1036
1037 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1038 bits in length. This algorithm is required for driver-based
1039 WEP, but it should not be for other purposes because of the
1040 weakness of the algorithm.
1041
1042config CRYPTO_BLOWFISH
1043 tristate "Blowfish cipher algorithm"
1044 select CRYPTO_ALGAPI
52ba867c 1045 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS
1046 help
1047 Blowfish cipher algorithm, by Bruce Schneier.
1048
1049 This is a variable key length cipher which can use keys from 32
1050 bits to 448 bits in length. It's fast, simple and specifically
1051 designed for use on "large microprocessors".
1052
1053 See also:
1054 <http://www.schneier.com/blowfish.html>
1055
52ba867c
JK
1056config CRYPTO_BLOWFISH_COMMON
1057 tristate
1058 help
1059 Common parts of the Blowfish cipher algorithm shared by the
1060 generic c and the assembler implementations.
1061
1062 See also:
1063 <http://www.schneier.com/blowfish.html>
1064
64b94cea
JK
1065config CRYPTO_BLOWFISH_X86_64
1066 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 1067 depends on X86 && 64BIT
64b94cea
JK
1068 select CRYPTO_ALGAPI
1069 select CRYPTO_BLOWFISH_COMMON
1070 help
1071 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1072
1073 This is a variable key length cipher which can use keys from 32
1074 bits to 448 bits in length. It's fast, simple and specifically
1075 designed for use on "large microprocessors".
1076
1077 See also:
1078 <http://www.schneier.com/blowfish.html>
1079
584fffc8
SS
1080config CRYPTO_CAMELLIA
1081 tristate "Camellia cipher algorithms"
1082 depends on CRYPTO
1083 select CRYPTO_ALGAPI
1084 help
1085 Camellia cipher algorithms module.
1086
1087 Camellia is a symmetric key block cipher developed jointly
1088 at NTT and Mitsubishi Electric Corporation.
1089
1090 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1091
1092 See also:
1093 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1094
0b95ec56
JK
1095config CRYPTO_CAMELLIA_X86_64
1096 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 1097 depends on X86 && 64BIT
0b95ec56
JK
1098 depends on CRYPTO
1099 select CRYPTO_ALGAPI
964263af 1100 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK
1101 select CRYPTO_LRW
1102 select CRYPTO_XTS
1103 help
1104 Camellia cipher algorithm module (x86_64).
1105
1106 Camellia is a symmetric key block cipher developed jointly
1107 at NTT and Mitsubishi Electric Corporation.
1108
1109 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1110
1111 See also:
d9b1d2e7
JK
1112 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1113
1114config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1115 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1116 depends on X86 && 64BIT
1117 depends on CRYPTO
1118 select CRYPTO_ALGAPI
1119 select CRYPTO_CRYPTD
801201aa 1120 select CRYPTO_ABLK_HELPER
d9b1d2e7
JK
1121 select CRYPTO_GLUE_HELPER_X86
1122 select CRYPTO_CAMELLIA_X86_64
1123 select CRYPTO_LRW
1124 select CRYPTO_XTS
1125 help
1126 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1127
1128 Camellia is a symmetric key block cipher developed jointly
1129 at NTT and Mitsubishi Electric Corporation.
1130
1131 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1132
1133 See also:
0b95ec56
JK
1134 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1135
f3f935a7
JK
1136config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1137 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1138 depends on X86 && 64BIT
1139 depends on CRYPTO
1140 select CRYPTO_ALGAPI
1141 select CRYPTO_CRYPTD
801201aa 1142 select CRYPTO_ABLK_HELPER
f3f935a7
JK
1143 select CRYPTO_GLUE_HELPER_X86
1144 select CRYPTO_CAMELLIA_X86_64
1145 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1146 select CRYPTO_LRW
1147 select CRYPTO_XTS
1148 help
1149 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1150
1151 Camellia is a symmetric key block cipher developed jointly
1152 at NTT and Mitsubishi Electric Corporation.
1153
1154 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1155
1156 See also:
1157 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1158
81658ad0
DM
1159config CRYPTO_CAMELLIA_SPARC64
1160 tristate "Camellia cipher algorithm (SPARC64)"
1161 depends on SPARC64
1162 depends on CRYPTO
1163 select CRYPTO_ALGAPI
1164 help
1165 Camellia cipher algorithm module (SPARC64).
1166
1167 Camellia is a symmetric key block cipher developed jointly
1168 at NTT and Mitsubishi Electric Corporation.
1169
1170 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1171
1172 See also:
1173 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1174
044ab525
JK
1175config CRYPTO_CAST_COMMON
1176 tristate
1177 help
1178 Common parts of the CAST cipher algorithms shared by the
1179 generic c and the assembler implementations.
1180
1da177e4
LT
1181config CRYPTO_CAST5
1182 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 1183 select CRYPTO_ALGAPI
044ab525 1184 select CRYPTO_CAST_COMMON
1da177e4
LT
1185 help
1186 The CAST5 encryption algorithm (synonymous with CAST-128) is
1187 described in RFC2144.
1188
4d6d6a2c
JG
1189config CRYPTO_CAST5_AVX_X86_64
1190 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1191 depends on X86 && 64BIT
1192 select CRYPTO_ALGAPI
1193 select CRYPTO_CRYPTD
801201aa 1194 select CRYPTO_ABLK_HELPER
044ab525 1195 select CRYPTO_CAST_COMMON
4d6d6a2c
JG
1196 select CRYPTO_CAST5
1197 help
1198 The CAST5 encryption algorithm (synonymous with CAST-128) is
1199 described in RFC2144.
1200
1201 This module provides the Cast5 cipher algorithm that processes
1202 sixteen blocks parallel using the AVX instruction set.
1203
1da177e4
LT
1204config CRYPTO_CAST6
1205 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 1206 select CRYPTO_ALGAPI
044ab525 1207 select CRYPTO_CAST_COMMON
1da177e4
LT
1208 help
1209 The CAST6 encryption algorithm (synonymous with CAST-256) is
1210 described in RFC2612.
1211
4ea1277d
JG
1212config CRYPTO_CAST6_AVX_X86_64
1213 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1214 depends on X86 && 64BIT
1215 select CRYPTO_ALGAPI
1216 select CRYPTO_CRYPTD
801201aa 1217 select CRYPTO_ABLK_HELPER
4ea1277d 1218 select CRYPTO_GLUE_HELPER_X86
044ab525 1219 select CRYPTO_CAST_COMMON
4ea1277d
JG
1220 select CRYPTO_CAST6
1221 select CRYPTO_LRW
1222 select CRYPTO_XTS
1223 help
1224 The CAST6 encryption algorithm (synonymous with CAST-256) is
1225 described in RFC2612.
1226
1227 This module provides the Cast6 cipher algorithm that processes
1228 eight blocks parallel using the AVX instruction set.
1229
584fffc8
SS
1230config CRYPTO_DES
1231 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 1232 select CRYPTO_ALGAPI
1da177e4 1233 help
584fffc8 1234 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 1235
c5aac2df
DM
1236config CRYPTO_DES_SPARC64
1237 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
97da37b3 1238 depends on SPARC64
c5aac2df
DM
1239 select CRYPTO_ALGAPI
1240 select CRYPTO_DES
1241 help
1242 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1243 optimized using SPARC64 crypto opcodes.
1244
6574e6c6
JK
1245config CRYPTO_DES3_EDE_X86_64
1246 tristate "Triple DES EDE cipher algorithm (x86-64)"
1247 depends on X86 && 64BIT
1248 select CRYPTO_ALGAPI
1249 select CRYPTO_DES
1250 help
1251 Triple DES EDE (FIPS 46-3) algorithm.
1252
1253 This module provides implementation of the Triple DES EDE cipher
1254 algorithm that is optimized for x86-64 processors. Two versions of
1255 algorithm are provided; regular processing one input block and
1256 one that processes three blocks parallel.
1257
584fffc8
SS
1258config CRYPTO_FCRYPT
1259 tristate "FCrypt cipher algorithm"
cce9e06d 1260 select CRYPTO_ALGAPI
584fffc8 1261 select CRYPTO_BLKCIPHER
1da177e4 1262 help
584fffc8 1263 FCrypt algorithm used by RxRPC.
1da177e4
LT
1264
1265config CRYPTO_KHAZAD
1266 tristate "Khazad cipher algorithm"
cce9e06d 1267 select CRYPTO_ALGAPI
1da177e4
LT
1268 help
1269 Khazad cipher algorithm.
1270
1271 Khazad was a finalist in the initial NESSIE competition. It is
1272 an algorithm optimized for 64-bit processors with good performance
1273 on 32-bit processors. Khazad uses an 128 bit key size.
1274
1275 See also:
6d8de74c 1276 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 1277
2407d608 1278config CRYPTO_SALSA20
3b4afaf2 1279 tristate "Salsa20 stream cipher algorithm"
2407d608
TSH
1280 select CRYPTO_BLKCIPHER
1281 help
1282 Salsa20 stream cipher algorithm.
1283
1284 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1285 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH
1286
1287 The Salsa20 stream cipher algorithm is designed by Daniel J.
1288 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1289
1290config CRYPTO_SALSA20_586
3b4afaf2 1291 tristate "Salsa20 stream cipher algorithm (i586)"
974e4b75 1292 depends on (X86 || UML_X86) && !64BIT
974e4b75 1293 select CRYPTO_BLKCIPHER
974e4b75
TSH
1294 help
1295 Salsa20 stream cipher algorithm.
1296
1297 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1298 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH
1299
1300 The Salsa20 stream cipher algorithm is designed by Daniel J.
1301 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1302
1303config CRYPTO_SALSA20_X86_64
3b4afaf2 1304 tristate "Salsa20 stream cipher algorithm (x86_64)"
9a7dafbb 1305 depends on (X86 || UML_X86) && 64BIT
9a7dafbb 1306 select CRYPTO_BLKCIPHER
9a7dafbb
TSH
1307 help
1308 Salsa20 stream cipher algorithm.
1309
1310 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1311 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH
1312
1313 The Salsa20 stream cipher algorithm is designed by Daniel J.
1314 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 1315
c08d0e64
MW
1316config CRYPTO_CHACHA20
1317 tristate "ChaCha20 cipher algorithm"
1318 select CRYPTO_BLKCIPHER
1319 help
1320 ChaCha20 cipher algorithm, RFC7539.
1321
1322 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1323 Bernstein and further specified in RFC7539 for use in IETF protocols.
1324 This is the portable C implementation of ChaCha20.
1325
1326 See also:
1327 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1328
c9320b6d 1329config CRYPTO_CHACHA20_X86_64
3d1e93cd 1330 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
c9320b6d
MW
1331 depends on X86 && 64BIT
1332 select CRYPTO_BLKCIPHER
1333 select CRYPTO_CHACHA20
1334 help
1335 ChaCha20 cipher algorithm, RFC7539.
1336
1337 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1338 Bernstein and further specified in RFC7539 for use in IETF protocols.
1339 This is the x86_64 assembler implementation using SIMD instructions.
1340
1341 See also:
1342 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1343
584fffc8
SS
1344config CRYPTO_SEED
1345 tristate "SEED cipher algorithm"
cce9e06d 1346 select CRYPTO_ALGAPI
1da177e4 1347 help
584fffc8 1348 SEED cipher algorithm (RFC4269).
1da177e4 1349
584fffc8
SS
1350 SEED is a 128-bit symmetric key block cipher that has been
1351 developed by KISA (Korea Information Security Agency) as a
1352 national standard encryption algorithm of the Republic of Korea.
1353 It is a 16 round block cipher with the key size of 128 bit.
1354
1355 See also:
1356 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1357
1358config CRYPTO_SERPENT
1359 tristate "Serpent cipher algorithm"
cce9e06d 1360 select CRYPTO_ALGAPI
1da177e4 1361 help
584fffc8 1362 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 1363
584fffc8
SS
1364 Keys are allowed to be from 0 to 256 bits in length, in steps
1365 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1366 variant of Serpent for compatibility with old kerneli.org code.
1367
1368 See also:
1369 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1370
937c30d7
JK
1371config CRYPTO_SERPENT_SSE2_X86_64
1372 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1373 depends on X86 && 64BIT
1374 select CRYPTO_ALGAPI
341975bf 1375 select CRYPTO_CRYPTD
801201aa 1376 select CRYPTO_ABLK_HELPER
596d8750 1377 select CRYPTO_GLUE_HELPER_X86
937c30d7 1378 select CRYPTO_SERPENT
feaf0cfc
JK
1379 select CRYPTO_LRW
1380 select CRYPTO_XTS
937c30d7
JK
1381 help
1382 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1383
1384 Keys are allowed to be from 0 to 256 bits in length, in steps
1385 of 8 bits.
1386
1e6232f8 1387 This module provides Serpent cipher algorithm that processes eight
937c30d7
JK
1388 blocks parallel using SSE2 instruction set.
1389
1390 See also:
1391 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1392
251496db
JK
1393config CRYPTO_SERPENT_SSE2_586
1394 tristate "Serpent cipher algorithm (i586/SSE2)"
1395 depends on X86 && !64BIT
1396 select CRYPTO_ALGAPI
341975bf 1397 select CRYPTO_CRYPTD
801201aa 1398 select CRYPTO_ABLK_HELPER
596d8750 1399 select CRYPTO_GLUE_HELPER_X86
251496db 1400 select CRYPTO_SERPENT
feaf0cfc
JK
1401 select CRYPTO_LRW
1402 select CRYPTO_XTS
251496db
JK
1403 help
1404 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1405
1406 Keys are allowed to be from 0 to 256 bits in length, in steps
1407 of 8 bits.
1408
1409 This module provides Serpent cipher algorithm that processes four
1410 blocks parallel using SSE2 instruction set.
1411
1412 See also:
1413 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG
1414
1415config CRYPTO_SERPENT_AVX_X86_64
1416 tristate "Serpent cipher algorithm (x86_64/AVX)"
1417 depends on X86 && 64BIT
1418 select CRYPTO_ALGAPI
1419 select CRYPTO_CRYPTD
801201aa 1420 select CRYPTO_ABLK_HELPER
1d0debbd 1421 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG
1422 select CRYPTO_SERPENT
1423 select CRYPTO_LRW
1424 select CRYPTO_XTS
1425 help
1426 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1427
1428 Keys are allowed to be from 0 to 256 bits in length, in steps
1429 of 8 bits.
1430
1431 This module provides the Serpent cipher algorithm that processes
1432 eight blocks parallel using the AVX instruction set.
1433
1434 See also:
1435 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 1436
56d76c96
JK
1437config CRYPTO_SERPENT_AVX2_X86_64
1438 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1439 depends on X86 && 64BIT
1440 select CRYPTO_ALGAPI
1441 select CRYPTO_CRYPTD
801201aa 1442 select CRYPTO_ABLK_HELPER
56d76c96
JK
1443 select CRYPTO_GLUE_HELPER_X86
1444 select CRYPTO_SERPENT
1445 select CRYPTO_SERPENT_AVX_X86_64
1446 select CRYPTO_LRW
1447 select CRYPTO_XTS
1448 help
1449 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1450
1451 Keys are allowed to be from 0 to 256 bits in length, in steps
1452 of 8 bits.
1453
1454 This module provides Serpent cipher algorithm that processes 16
1455 blocks parallel using AVX2 instruction set.
1456
1457 See also:
1458 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1459
584fffc8
SS
1460config CRYPTO_TEA
1461 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 1462 select CRYPTO_ALGAPI
1da177e4 1463 help
584fffc8 1464 TEA cipher algorithm.
1da177e4 1465
584fffc8
SS
1466 Tiny Encryption Algorithm is a simple cipher that uses
1467 many rounds for security. It is very fast and uses
1468 little memory.
1469
1470 Xtendend Tiny Encryption Algorithm is a modification to
1471 the TEA algorithm to address a potential key weakness
1472 in the TEA algorithm.
1473
1474 Xtendend Encryption Tiny Algorithm is a mis-implementation
1475 of the XTEA algorithm for compatibility purposes.
1476
1477config CRYPTO_TWOFISH
1478 tristate "Twofish cipher algorithm"
04ac7db3 1479 select CRYPTO_ALGAPI
584fffc8 1480 select CRYPTO_TWOFISH_COMMON
04ac7db3 1481 help
584fffc8 1482 Twofish cipher algorithm.
04ac7db3 1483
584fffc8
SS
1484 Twofish was submitted as an AES (Advanced Encryption Standard)
1485 candidate cipher by researchers at CounterPane Systems. It is a
1486 16 round block cipher supporting key sizes of 128, 192, and 256
1487 bits.
04ac7db3 1488
584fffc8
SS
1489 See also:
1490 <http://www.schneier.com/twofish.html>
1491
1492config CRYPTO_TWOFISH_COMMON
1493 tristate
1494 help
1495 Common parts of the Twofish cipher algorithm shared by the
1496 generic c and the assembler implementations.
1497
1498config CRYPTO_TWOFISH_586
1499 tristate "Twofish cipher algorithms (i586)"
1500 depends on (X86 || UML_X86) && !64BIT
1501 select CRYPTO_ALGAPI
1502 select CRYPTO_TWOFISH_COMMON
1503 help
1504 Twofish cipher algorithm.
1505
1506 Twofish was submitted as an AES (Advanced Encryption Standard)
1507 candidate cipher by researchers at CounterPane Systems. It is a
1508 16 round block cipher supporting key sizes of 128, 192, and 256
1509 bits.
04ac7db3
NT
1510
1511 See also:
584fffc8 1512 <http://www.schneier.com/twofish.html>
04ac7db3 1513
584fffc8
SS
1514config CRYPTO_TWOFISH_X86_64
1515 tristate "Twofish cipher algorithm (x86_64)"
1516 depends on (X86 || UML_X86) && 64BIT
cce9e06d 1517 select CRYPTO_ALGAPI
584fffc8 1518 select CRYPTO_TWOFISH_COMMON
1da177e4 1519 help
584fffc8 1520 Twofish cipher algorithm (x86_64).
1da177e4 1521
584fffc8
SS
1522 Twofish was submitted as an AES (Advanced Encryption Standard)
1523 candidate cipher by researchers at CounterPane Systems. It is a
1524 16 round block cipher supporting key sizes of 128, 192, and 256
1525 bits.
1526
1527 See also:
1528 <http://www.schneier.com/twofish.html>
1529
8280daad
JK
1530config CRYPTO_TWOFISH_X86_64_3WAY
1531 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1532 depends on X86 && 64BIT
8280daad
JK
1533 select CRYPTO_ALGAPI
1534 select CRYPTO_TWOFISH_COMMON
1535 select CRYPTO_TWOFISH_X86_64
414cb5e7 1536 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK
1537 select CRYPTO_LRW
1538 select CRYPTO_XTS
8280daad
JK
1539 help
1540 Twofish cipher algorithm (x86_64, 3-way parallel).
1541
1542 Twofish was submitted as an AES (Advanced Encryption Standard)
1543 candidate cipher by researchers at CounterPane Systems. It is a
1544 16 round block cipher supporting key sizes of 128, 192, and 256
1545 bits.
1546
1547 This module provides Twofish cipher algorithm that processes three
1548 blocks parallel, utilizing resources of out-of-order CPUs better.
1549
1550 See also:
1551 <http://www.schneier.com/twofish.html>
1552
107778b5
JG
1553config CRYPTO_TWOFISH_AVX_X86_64
1554 tristate "Twofish cipher algorithm (x86_64/AVX)"
1555 depends on X86 && 64BIT
1556 select CRYPTO_ALGAPI
1557 select CRYPTO_CRYPTD
801201aa 1558 select CRYPTO_ABLK_HELPER
a7378d4e 1559 select CRYPTO_GLUE_HELPER_X86
107778b5
JG
1560 select CRYPTO_TWOFISH_COMMON
1561 select CRYPTO_TWOFISH_X86_64
1562 select CRYPTO_TWOFISH_X86_64_3WAY
1563 select CRYPTO_LRW
1564 select CRYPTO_XTS
1565 help
1566 Twofish cipher algorithm (x86_64/AVX).
1567
1568 Twofish was submitted as an AES (Advanced Encryption Standard)
1569 candidate cipher by researchers at CounterPane Systems. It is a
1570 16 round block cipher supporting key sizes of 128, 192, and 256
1571 bits.
1572
1573 This module provides the Twofish cipher algorithm that processes
1574 eight blocks parallel using the AVX Instruction Set.
1575
1576 See also:
1577 <http://www.schneier.com/twofish.html>
1578
584fffc8
SS
1579comment "Compression"
1580
1581config CRYPTO_DEFLATE
1582 tristate "Deflate compression algorithm"
1583 select CRYPTO_ALGAPI
f6ded09d 1584 select CRYPTO_ACOMP2
584fffc8
SS
1585 select ZLIB_INFLATE
1586 select ZLIB_DEFLATE
3c09f17c 1587 help
584fffc8
SS
1588 This is the Deflate algorithm (RFC1951), specified for use in
1589 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1590
1591 You will most probably want this if using IPSec.
3c09f17c 1592
0b77abb3
ZS
1593config CRYPTO_LZO
1594 tristate "LZO compression algorithm"
1595 select CRYPTO_ALGAPI
ac9d2c4b 1596 select CRYPTO_ACOMP2
0b77abb3
ZS
1597 select LZO_COMPRESS
1598 select LZO_DECOMPRESS
1599 help
1600 This is the LZO algorithm.
1601
35a1fc18
SJ
1602config CRYPTO_842
1603 tristate "842 compression algorithm"
2062c5b6 1604 select CRYPTO_ALGAPI
6a8de3ae 1605 select CRYPTO_ACOMP2
2062c5b6
DS
1606 select 842_COMPRESS
1607 select 842_DECOMPRESS
35a1fc18
SJ
1608 help
1609 This is the 842 algorithm.
0ea8530d
CM
1610
1611config CRYPTO_LZ4
1612 tristate "LZ4 compression algorithm"
1613 select CRYPTO_ALGAPI
8cd9330e 1614 select CRYPTO_ACOMP2
0ea8530d
CM
1615 select LZ4_COMPRESS
1616 select LZ4_DECOMPRESS
1617 help
1618 This is the LZ4 algorithm.
1619
1620config CRYPTO_LZ4HC
1621 tristate "LZ4HC compression algorithm"
1622 select CRYPTO_ALGAPI
91d53d96 1623 select CRYPTO_ACOMP2
0ea8530d
CM
1624 select LZ4HC_COMPRESS
1625 select LZ4_DECOMPRESS
1626 help
1627 This is the LZ4 high compression mode algorithm.
35a1fc18 1628
17f0f4a4
NH
1629comment "Random Number Generation"
1630
1631config CRYPTO_ANSI_CPRNG
1632 tristate "Pseudo Random Number Generation for Cryptographic modules"
1633 select CRYPTO_AES
1634 select CRYPTO_RNG
17f0f4a4
NH
1635 help
1636 This option enables the generic pseudo random number generator
1637 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK
1638 ANSI X9.31 A.2.4. Note that this option must be enabled if
1639 CRYPTO_FIPS is selected
17f0f4a4 1640
f2c89a10 1641menuconfig CRYPTO_DRBG_MENU
419090c6 1642 tristate "NIST SP800-90A DRBG"
419090c6
SM
1643 help
1644 NIST SP800-90A compliant DRBG. In the following submenu, one or
1645 more of the DRBG types must be selected.
1646
f2c89a10 1647if CRYPTO_DRBG_MENU
419090c6
SM
1648
1649config CRYPTO_DRBG_HMAC
401e4238 1650 bool
419090c6 1651 default y
419090c6 1652 select CRYPTO_HMAC
826775bb 1653 select CRYPTO_SHA256
419090c6
SM
1654
1655config CRYPTO_DRBG_HASH
1656 bool "Enable Hash DRBG"
826775bb 1657 select CRYPTO_SHA256
419090c6
SM
1658 help
1659 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1660
1661config CRYPTO_DRBG_CTR
1662 bool "Enable CTR DRBG"
419090c6 1663 select CRYPTO_AES
35591285 1664 depends on CRYPTO_CTR
419090c6
SM
1665 help
1666 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1667
f2c89a10
HX
1668config CRYPTO_DRBG
1669 tristate
401e4238 1670 default CRYPTO_DRBG_MENU
f2c89a10 1671 select CRYPTO_RNG
bb5530e4 1672 select CRYPTO_JITTERENTROPY
f2c89a10
HX
1673
1674endif # if CRYPTO_DRBG_MENU
419090c6 1675
bb5530e4
SM
1676config CRYPTO_JITTERENTROPY
1677 tristate "Jitterentropy Non-Deterministic Random Number Generator"
2f313e02 1678 select CRYPTO_RNG
bb5530e4
SM
1679 help
1680 The Jitterentropy RNG is a noise that is intended
1681 to provide seed to another RNG. The RNG does not
1682 perform any cryptographic whitening of the generated
1683 random numbers. This Jitterentropy RNG registers with
1684 the kernel crypto API and can be used by any caller.
1685
03c8efc1
HX
1686config CRYPTO_USER_API
1687 tristate
1688
fe869cdb
HX
1689config CRYPTO_USER_API_HASH
1690 tristate "User-space interface for hash algorithms"
7451708f 1691 depends on NET
fe869cdb
HX
1692 select CRYPTO_HASH
1693 select CRYPTO_USER_API
1694 help
1695 This option enables the user-spaces interface for hash
1696 algorithms.
1697
8ff59090
HX
1698config CRYPTO_USER_API_SKCIPHER
1699 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1700 depends on NET
8ff59090
HX
1701 select CRYPTO_BLKCIPHER
1702 select CRYPTO_USER_API
1703 help
1704 This option enables the user-spaces interface for symmetric
1705 key cipher algorithms.
1706
2f375538
SM
1707config CRYPTO_USER_API_RNG
1708 tristate "User-space interface for random number generator algorithms"
1709 depends on NET
1710 select CRYPTO_RNG
1711 select CRYPTO_USER_API
1712 help
1713 This option enables the user-spaces interface for random
1714 number generator algorithms.
1715
b64a2d95
HX
1716config CRYPTO_USER_API_AEAD
1717 tristate "User-space interface for AEAD cipher algorithms"
1718 depends on NET
1719 select CRYPTO_AEAD
1720 select CRYPTO_USER_API
1721 help
1722 This option enables the user-spaces interface for AEAD
1723 cipher algorithms.
1724
ee08997f
DK
1725config CRYPTO_HASH_INFO
1726 bool
1727
1da177e4 1728source "drivers/crypto/Kconfig"
964f3b3b 1729source crypto/asymmetric_keys/Kconfig
cfc411e7 1730source certs/Kconfig
1da177e4 1731
cce9e06d 1732endif # if CRYPTO