]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - crypto/Kconfig
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branches 'for-4.13/ish' and 'for-4.13/ite' into for-linus
[mirror_ubuntu-artful-kernel.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
f2c89a10 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
1f696097 27 depends on (MODULE_SIG || !MODULES)
ccb778e1
NH		 28 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
e84c5480 32 this is.
ccb778e1 33
cce9e06d
HX		 34config CRYPTO_ALGAPI
35 tristate
6a0fcbb4 36 select CRYPTO_ALGAPI2
cce9e06d
HX		 37 help
38 This option provides the API for cryptographic algorithms.
39
6a0fcbb4
HX		 40config CRYPTO_ALGAPI2
41 tristate
42
1ae97820
HX		 43config CRYPTO_AEAD
44 tristate
6a0fcbb4 45 select CRYPTO_AEAD2
1ae97820
HX		 46 select CRYPTO_ALGAPI
47
6a0fcbb4
HX		 48config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
149a3971
HX		 51 select CRYPTO_NULL2
52 select CRYPTO_RNG2
6a0fcbb4 53
5cde0af2
HX		 54config CRYPTO_BLKCIPHER
55 tristate
6a0fcbb4 56 select CRYPTO_BLKCIPHER2
5cde0af2 57 select CRYPTO_ALGAPI
6a0fcbb4
HX		 58
59config CRYPTO_BLKCIPHER2
60 tristate
61 select CRYPTO_ALGAPI2
62 select CRYPTO_RNG2
0a2e821d 63 select CRYPTO_WORKQUEUE
5cde0af2 64
055bcee3
HX		 65config CRYPTO_HASH
66 tristate
6a0fcbb4 67 select CRYPTO_HASH2
055bcee3
HX		 68 select CRYPTO_ALGAPI
69
6a0fcbb4
HX		 70config CRYPTO_HASH2
71 tristate
72 select CRYPTO_ALGAPI2
73
17f0f4a4
NH		 74config CRYPTO_RNG
75 tristate
6a0fcbb4 76 select CRYPTO_RNG2
17f0f4a4
NH		 77 select CRYPTO_ALGAPI
78
6a0fcbb4
HX		 79config CRYPTO_RNG2
80 tristate
81 select CRYPTO_ALGAPI2
82
401e4238
HX		 83config CRYPTO_RNG_DEFAULT
84 tristate
85 select CRYPTO_DRBG_MENU
86
3c339ab8
TS		 87config CRYPTO_AKCIPHER2
88 tristate
89 select CRYPTO_ALGAPI2
90
91config CRYPTO_AKCIPHER
92 tristate
93 select CRYPTO_AKCIPHER2
94 select CRYPTO_ALGAPI
95
4e5f2c40
SB		 96config CRYPTO_KPP2
97 tristate
98 select CRYPTO_ALGAPI2
99
100config CRYPTO_KPP
101 tristate
102 select CRYPTO_ALGAPI
103 select CRYPTO_KPP2
104
2ebda74f
GC		 105config CRYPTO_ACOMP2
106 tristate
107 select CRYPTO_ALGAPI2
108
109config CRYPTO_ACOMP
110 tristate
111 select CRYPTO_ALGAPI
112 select CRYPTO_ACOMP2
113
cfc2bb32
TS		 114config CRYPTO_RSA
115 tristate "RSA algorithm"
425e0172 116 select CRYPTO_AKCIPHER
58446fef 117 select CRYPTO_MANAGER
cfc2bb32
TS		 118 select MPILIB
119 select ASN1
120 help
121 Generic implementation of the RSA public key algorithm.
122
802c7f1c
SB		 123config CRYPTO_DH
124 tristate "Diffie-Hellman algorithm"
125 select CRYPTO_KPP
126 select MPILIB
127 help
128 Generic implementation of the Diffie-Hellman algorithm.
129
3c4b2390
SB		 130config CRYPTO_ECDH
131 tristate "ECDH algorithm"
132 select CRYTPO_KPP
133 help
134 Generic implementation of the ECDH algorithm
802c7f1c 135
2b8c19db
HX		 136config CRYPTO_MANAGER
137 tristate "Cryptographic algorithm manager"
6a0fcbb4 138 select CRYPTO_MANAGER2
2b8c19db
HX		 139 help
140 Create default cryptographic template instantiations such as
141 cbc(aes).
142
6a0fcbb4
HX		 143config CRYPTO_MANAGER2
144 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
145 select CRYPTO_AEAD2
146 select CRYPTO_HASH2
147 select CRYPTO_BLKCIPHER2
946cc463 148 select CRYPTO_AKCIPHER2
4e5f2c40 149 select CRYPTO_KPP2
2ebda74f 150 select CRYPTO_ACOMP2
6a0fcbb4 151
a38f7907
SK		 152config CRYPTO_USER
153 tristate "Userspace cryptographic algorithm configuration"
5db017aa 154 depends on NET
a38f7907
SK		 155 select CRYPTO_MANAGER
156 help
d19978f5 157 Userspace configuration for cryptographic instantiations such as
a38f7907
SK		 158 cbc(aes).
159
326a6346
HX		 160config CRYPTO_MANAGER_DISABLE_TESTS
161 bool "Disable run-time self tests"
00ca28a5
HX		 162 default y
163 depends on CRYPTO_MANAGER2
0b767f96 164 help
326a6346
HX		 165 Disable run-time self tests that normally take place at
166 algorithm registration.
0b767f96 167
584fffc8 168config CRYPTO_GF128MUL
08c70fc3 169 tristate "GF(2^128) multiplication functions"
333b0d7e 170 help
584fffc8
SS		 171 Efficient table driven implementation of multiplications in the
172 field GF(2^128). This is needed by some cypher modes. This
173 option will be selected automatically if you select such a
174 cipher mode. Only select this option by hand if you expect to load
175 an external module that requires these functions.
333b0d7e 176
1da177e4
LT		 177config CRYPTO_NULL
178 tristate "Null algorithms"
149a3971 179 select CRYPTO_NULL2
1da177e4
LT		 180 help
181 These are 'Null' algorithms, used by IPsec, which do nothing.
182
149a3971 183config CRYPTO_NULL2
dd43c4e9 184 tristate
149a3971
HX		 185 select CRYPTO_ALGAPI2
186 select CRYPTO_BLKCIPHER2
187 select CRYPTO_HASH2
188
5068c7a8 189config CRYPTO_PCRYPT
3b4afaf2
KC		 190 tristate "Parallel crypto engine"
191 depends on SMP
5068c7a8
SK		 192 select PADATA
193 select CRYPTO_MANAGER
194 select CRYPTO_AEAD
195 help
196 This converts an arbitrary crypto algorithm into a parallel
197 algorithm that executes in kernel threads.
198
25c38d3f
HY		 199config CRYPTO_WORKQUEUE
200 tristate
201
584fffc8
SS		 202config CRYPTO_CRYPTD
203 tristate "Software async crypto daemon"
204 select CRYPTO_BLKCIPHER
b8a28251 205 select CRYPTO_HASH
584fffc8 206 select CRYPTO_MANAGER
254eff77 207 select CRYPTO_WORKQUEUE
1da177e4 208 help
584fffc8
SS		 209 This is a generic software asynchronous crypto daemon that
210 converts an arbitrary synchronous software crypto algorithm
211 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 212
1e65b81a
TC		 213config CRYPTO_MCRYPTD
214 tristate "Software async multi-buffer crypto daemon"
215 select CRYPTO_BLKCIPHER
216 select CRYPTO_HASH
217 select CRYPTO_MANAGER
218 select CRYPTO_WORKQUEUE
219 help
220 This is a generic software asynchronous crypto daemon that
221 provides the kernel thread to assist multi-buffer crypto
222 algorithms for submitting jobs and flushing jobs in multi-buffer
223 crypto algorithms. Multi-buffer crypto algorithms are executed
224 in the context of this kernel thread and drivers can post
0e56673b 225 their crypto request asynchronously to be processed by this daemon.
1e65b81a 226
584fffc8
SS		 227config CRYPTO_AUTHENC
228 tristate "Authenc support"
229 select CRYPTO_AEAD
230 select CRYPTO_BLKCIPHER
231 select CRYPTO_MANAGER
232 select CRYPTO_HASH
e94c6a7a 233 select CRYPTO_NULL
1da177e4 234 help
584fffc8
SS		 235 Authenc: Combined mode wrapper for IPsec.
236 This is required for IPSec.
1da177e4 237
584fffc8
SS		 238config CRYPTO_TEST
239 tristate "Testing module"
240 depends on m
da7f033d 241 select CRYPTO_MANAGER
1da177e4 242 help
584fffc8 243 Quick & dirty crypto test module.
1da177e4 244
a62b01cd 245config CRYPTO_ABLK_HELPER
ffaf9156 246 tristate
266d0516
HX		 247 select CRYPTO_CRYPTD
248
249config CRYPTO_SIMD
250 tristate
ffaf9156
JK		 251 select CRYPTO_CRYPTD
252
596d8750
JK		 253config CRYPTO_GLUE_HELPER_X86
254 tristate
255 depends on X86
065ce327 256 select CRYPTO_BLKCIPHER
596d8750 257
735d37b5
BW		 258config CRYPTO_ENGINE
259 tristate
260
584fffc8 261comment "Authenticated Encryption with Associated Data"
cd12fb90 262
584fffc8
SS		 263config CRYPTO_CCM
264 tristate "CCM support"
265 select CRYPTO_CTR
f15f05b0 266 select CRYPTO_HASH
584fffc8 267 select CRYPTO_AEAD
1da177e4 268 help
584fffc8 269 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 270
584fffc8
SS		 271config CRYPTO_GCM
272 tristate "GCM/GMAC support"
273 select CRYPTO_CTR
274 select CRYPTO_AEAD
9382d97a 275 select CRYPTO_GHASH
9489667d 276 select CRYPTO_NULL
1da177e4 277 help
584fffc8
SS		 278 Support for Galois/Counter Mode (GCM) and Galois Message
279 Authentication Code (GMAC). Required for IPSec.
1da177e4 280
71ebc4d1
MW		 281config CRYPTO_CHACHA20POLY1305
282 tristate "ChaCha20-Poly1305 AEAD support"
283 select CRYPTO_CHACHA20
284 select CRYPTO_POLY1305
285 select CRYPTO_AEAD
286 help
287 ChaCha20-Poly1305 AEAD support, RFC7539.
288
289 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
290 with the Poly1305 authenticator. It is defined in RFC7539 for use in
291 IETF protocols.
292
584fffc8
SS		 293config CRYPTO_SEQIV
294 tristate "Sequence Number IV Generator"
295 select CRYPTO_AEAD
296 select CRYPTO_BLKCIPHER
856e3f40 297 select CRYPTO_NULL
401e4238 298 select CRYPTO_RNG_DEFAULT
1da177e4 299 help
584fffc8
SS		 300 This IV generator generates an IV based on a sequence number by
301 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 302
a10f554f
HX		 303config CRYPTO_ECHAINIV
304 tristate "Encrypted Chain IV Generator"
305 select CRYPTO_AEAD
306 select CRYPTO_NULL
401e4238 307 select CRYPTO_RNG_DEFAULT
3491244c 308 default m
a10f554f
HX		 309 help
310 This IV generator generates an IV based on the encryption of
311 a sequence number xored with a salt. This is the default
312 algorithm for CBC.
313
584fffc8 314comment "Block modes"
c494e070 315
584fffc8
SS		 316config CRYPTO_CBC
317 tristate "CBC support"
db131ef9 318 select CRYPTO_BLKCIPHER
43518407 319 select CRYPTO_MANAGER
db131ef9 320 help
584fffc8
SS		 321 CBC: Cipher Block Chaining mode
322 This block cipher algorithm is required for IPSec.
db131ef9 323
584fffc8
SS		 324config CRYPTO_CTR
325 tristate "CTR support"
db131ef9 326 select CRYPTO_BLKCIPHER
584fffc8 327 select CRYPTO_SEQIV
43518407 328 select CRYPTO_MANAGER
db131ef9 329 help
584fffc8 330 CTR: Counter mode
db131ef9
HX		 331 This block cipher algorithm is required for IPSec.
332
584fffc8
SS		 333config CRYPTO_CTS
334 tristate "CTS support"
335 select CRYPTO_BLKCIPHER
336 help
337 CTS: Cipher Text Stealing
338 This is the Cipher Text Stealing mode as described by
339 Section 8 of rfc2040 and referenced by rfc3962.
340 (rfc3962 includes errata information in its Appendix A)
341 This mode is required for Kerberos gss mechanism support
342 for AES encryption.
343
344config CRYPTO_ECB
345 tristate "ECB support"
91652be5
DH		 346 select CRYPTO_BLKCIPHER
347 select CRYPTO_MANAGER
91652be5 348 help
584fffc8
SS		 349 ECB: Electronic CodeBook mode
350 This is the simplest block cipher algorithm. It simply encrypts
351 the input block by block.
91652be5 352
64470f1b 353config CRYPTO_LRW
2470a2b2 354 tristate "LRW support"
64470f1b
RS		 355 select CRYPTO_BLKCIPHER
356 select CRYPTO_MANAGER
357 select CRYPTO_GF128MUL
358 help
359 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
360 narrow block cipher mode for dm-crypt. Use it with cipher
361 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
362 The first 128, 192 or 256 bits in the key are used for AES and the
363 rest is used to tie each cipher block to its logical position.
364
584fffc8
SS		 365config CRYPTO_PCBC
366 tristate "PCBC support"
367 select CRYPTO_BLKCIPHER
368 select CRYPTO_MANAGER
369 help
370 PCBC: Propagating Cipher Block Chaining mode
371 This block cipher algorithm is required for RxRPC.
372
f19f5111 373config CRYPTO_XTS
5bcf8e6d 374 tristate "XTS support"
f19f5111
RS		 375 select CRYPTO_BLKCIPHER
376 select CRYPTO_MANAGER
12cb3a1c 377 select CRYPTO_ECB
f19f5111
RS		 378 help
379 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
380 key size 256, 384 or 512 bits. This implementation currently
381 can't handle a sectorsize which is not a multiple of 16 bytes.
382
1c49678e
SM		 383config CRYPTO_KEYWRAP
384 tristate "Key wrapping support"
385 select CRYPTO_BLKCIPHER
386 help
387 Support for key wrapping (NIST SP800-38F / RFC3394) without
388 padding.
389
584fffc8
SS		 390comment "Hash modes"
391
93b5e86a
JK		 392config CRYPTO_CMAC
393 tristate "CMAC support"
394 select CRYPTO_HASH
395 select CRYPTO_MANAGER
396 help
397 Cipher-based Message Authentication Code (CMAC) specified by
398 The National Institute of Standards and Technology (NIST).
399
400 https://tools.ietf.org/html/rfc4493
401 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
402
584fffc8
SS		 403config CRYPTO_HMAC
404 tristate "HMAC support"
405 select CRYPTO_HASH
23e353c8 406 select CRYPTO_MANAGER
23e353c8 407 help
584fffc8
SS		 408 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
409 This is required for IPSec.
23e353c8 410
584fffc8
SS		 411config CRYPTO_XCBC
412 tristate "XCBC support"
584fffc8
SS		 413 select CRYPTO_HASH
414 select CRYPTO_MANAGER
76cb9521 415 help
584fffc8
SS		 416 XCBC: Keyed-Hashing with encryption algorithm
417 http://www.ietf.org/rfc/rfc3566.txt
418 http://csrc.nist.gov/encryption/modes/proposedmodes/
419 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 420
f1939f7c
SW		 421config CRYPTO_VMAC
422 tristate "VMAC support"
f1939f7c
SW		 423 select CRYPTO_HASH
424 select CRYPTO_MANAGER
425 help
426 VMAC is a message authentication algorithm designed for
427 very high speed on 64-bit architectures.
428
429 See also:
430 <http://fastcrypto.org/vmac>
431
584fffc8 432comment "Digest"
28db8e3e 433
584fffc8
SS		 434config CRYPTO_CRC32C
435 tristate "CRC32c CRC algorithm"
5773a3e6 436 select CRYPTO_HASH
6a0962b2 437 select CRC32
4a49b499 438 help
584fffc8
SS		 439 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
440 by iSCSI for header and data digests and by others.
69c35efc 441 See Castagnoli93. Module will be crc32c.
4a49b499 442
8cb51ba8
AZ		 443config CRYPTO_CRC32C_INTEL
444 tristate "CRC32c INTEL hardware acceleration"
445 depends on X86
446 select CRYPTO_HASH
447 help
448 In Intel processor with SSE4.2 supported, the processor will
449 support CRC32C implementation using hardware accelerated CRC32
450 instruction. This option will create 'crc32c-intel' module,
451 which will enable any routine to use the CRC32 instruction to
452 gain performance compared with software implementation.
453 Module will be crc32c-intel.
454
7cf31864 455config CRYPTO_CRC32C_VPMSUM
6dd7a82c 456 tristate "CRC32c CRC algorithm (powerpc64)"
c12abf34 457 depends on PPC64 && ALTIVEC
6dd7a82c
AB		 458 select CRYPTO_HASH
459 select CRC32
460 help
461 CRC32c algorithm implemented using vector polynomial multiply-sum
462 (vpmsum) instructions, introduced in POWER8. Enable on POWER8
463 and newer processors for improved performance.
464
465
442a7c40
DM		 466config CRYPTO_CRC32C_SPARC64
467 tristate "CRC32c CRC algorithm (SPARC64)"
468 depends on SPARC64
469 select CRYPTO_HASH
470 select CRC32
471 help
472 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
473 when available.
474
78c37d19
AB		 475config CRYPTO_CRC32
476 tristate "CRC32 CRC algorithm"
477 select CRYPTO_HASH
478 select CRC32
479 help
480 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
481 Shash crypto api wrappers to crc32_le function.
482
483config CRYPTO_CRC32_PCLMUL
484 tristate "CRC32 PCLMULQDQ hardware acceleration"
485 depends on X86
486 select CRYPTO_HASH
487 select CRC32
488 help
489 From Intel Westmere and AMD Bulldozer processor with SSE4.2
490 and PCLMULQDQ supported, the processor will support
491 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
492 instruction. This option will create 'crc32-plcmul' module,
493 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
494 and gain better performance as compared with the table implementation.
495
68411521
HX		 496config CRYPTO_CRCT10DIF
497 tristate "CRCT10DIF algorithm"
498 select CRYPTO_HASH
499 help
500 CRC T10 Data Integrity Field computation is being cast as
501 a crypto transform. This allows for faster crc t10 diff
502 transforms to be used if they are available.
503
504config CRYPTO_CRCT10DIF_PCLMUL
505 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
506 depends on X86 && 64BIT && CRC_T10DIF
507 select CRYPTO_HASH
508 help
509 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
510 CRC T10 DIF PCLMULQDQ computation can be hardware
511 accelerated PCLMULQDQ instruction. This option will create
512 'crct10dif-plcmul' module, which is faster when computing the
513 crct10dif checksum as compared with the generic table implementation.
514
b01df1c1
DA		 515config CRYPTO_CRCT10DIF_VPMSUM
516 tristate "CRC32T10DIF powerpc64 hardware acceleration"
517 depends on PPC64 && ALTIVEC && CRC_T10DIF
518 select CRYPTO_HASH
519 help
520 CRC10T10DIF algorithm implemented using vector polynomial
521 multiply-sum (vpmsum) instructions, introduced in POWER8. Enable on
522 POWER8 and newer processors for improved performance.
523
146c8688
DA		 524config CRYPTO_VPMSUM_TESTER
525 tristate "Powerpc64 vpmsum hardware acceleration tester"
526 depends on CRYPTO_CRCT10DIF_VPMSUM && CRYPTO_CRC32C_VPMSUM
527 help
528 Stress test for CRC32c and CRC-T10DIF algorithms implemented with
529 POWER8 vpmsum instructions.
530 Unless you are testing these algorithms, you don't need this.
531
2cdc6899
HY		 532config CRYPTO_GHASH
533 tristate "GHASH digest algorithm"
2cdc6899 534 select CRYPTO_GF128MUL
578c60fb 535 select CRYPTO_HASH
2cdc6899
HY		 536 help
537 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
538
f979e014
MW		 539config CRYPTO_POLY1305
540 tristate "Poly1305 authenticator algorithm"
578c60fb 541 select CRYPTO_HASH
f979e014
MW		 542 help
543 Poly1305 authenticator algorithm, RFC7539.
544
545 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
546 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
547 in IETF protocols. This is the portable C implementation of Poly1305.
548
c70f4abe 549config CRYPTO_POLY1305_X86_64
b1ccc8f4 550 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
c70f4abe
MW		 551 depends on X86 && 64BIT
552 select CRYPTO_POLY1305
553 help
554 Poly1305 authenticator algorithm, RFC7539.
555
556 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
557 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
558 in IETF protocols. This is the x86_64 assembler implementation using SIMD
559 instructions.
560
584fffc8
SS		 561config CRYPTO_MD4
562 tristate "MD4 digest algorithm"
808a1763 563 select CRYPTO_HASH
124b53d0 564 help
584fffc8 565 MD4 message digest algorithm (RFC1320).
124b53d0 566
584fffc8
SS		 567config CRYPTO_MD5
568 tristate "MD5 digest algorithm"
14b75ba7 569 select CRYPTO_HASH
1da177e4 570 help
584fffc8 571 MD5 message digest algorithm (RFC1321).
1da177e4 572
d69e75de
AK		 573config CRYPTO_MD5_OCTEON
574 tristate "MD5 digest algorithm (OCTEON)"
575 depends on CPU_CAVIUM_OCTEON
576 select CRYPTO_MD5
577 select CRYPTO_HASH
578 help
579 MD5 message digest algorithm (RFC1321) implemented
580 using OCTEON crypto instructions, when available.
581
e8e59953
MS		 582config CRYPTO_MD5_PPC
583 tristate "MD5 digest algorithm (PPC)"
584 depends on PPC
585 select CRYPTO_HASH
586 help
587 MD5 message digest algorithm (RFC1321) implemented
588 in PPC assembler.
589
fa4dfedc
DM		 590config CRYPTO_MD5_SPARC64
591 tristate "MD5 digest algorithm (SPARC64)"
592 depends on SPARC64
593 select CRYPTO_MD5
594 select CRYPTO_HASH
595 help
596 MD5 message digest algorithm (RFC1321) implemented
597 using sparc64 crypto instructions, when available.
598
584fffc8
SS		 599config CRYPTO_MICHAEL_MIC
600 tristate "Michael MIC keyed digest algorithm"
19e2bf14 601 select CRYPTO_HASH
90831639 602 help
584fffc8
SS		 603 Michael MIC is used for message integrity protection in TKIP
604 (IEEE 802.11i). This algorithm is required for TKIP, but it
605 should not be used for other purposes because of the weakness
606 of the algorithm.
90831639 607
82798f90 608config CRYPTO_RMD128
b6d44341 609 tristate "RIPEMD-128 digest algorithm"
7c4468bc 610 select CRYPTO_HASH
b6d44341
AB		 611 help
612 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 613
b6d44341 614 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 615 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 616 RIPEMD-160 should be used.
82798f90 617
b6d44341 618 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 619 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 620
621config CRYPTO_RMD160
b6d44341 622 tristate "RIPEMD-160 digest algorithm"
e5835fba 623 select CRYPTO_HASH
b6d44341
AB		 624 help
625 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 626
b6d44341
AB		 627 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
628 to be used as a secure replacement for the 128-bit hash functions
629 MD4, MD5 and it's predecessor RIPEMD
630 (not to be confused with RIPEMD-128).
82798f90 631
b6d44341
AB		 632 It's speed is comparable to SHA1 and there are no known attacks
633 against RIPEMD-160.
534fe2c1 634
b6d44341 635 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 636 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 637
638config CRYPTO_RMD256
b6d44341 639 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 640 select CRYPTO_HASH
b6d44341
AB		 641 help
642 RIPEMD-256 is an optional extension of RIPEMD-128 with a
643 256 bit hash. It is intended for applications that require
644 longer hash-results, without needing a larger security level
645 (than RIPEMD-128).
534fe2c1 646
b6d44341 647 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 648 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 649
650config CRYPTO_RMD320
b6d44341 651 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 652 select CRYPTO_HASH
b6d44341
AB		 653 help
654 RIPEMD-320 is an optional extension of RIPEMD-160 with a
655 320 bit hash. It is intended for applications that require
656 longer hash-results, without needing a larger security level
657 (than RIPEMD-160).
534fe2c1 658
b6d44341 659 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 660 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 661
584fffc8
SS		 662config CRYPTO_SHA1
663 tristate "SHA1 digest algorithm"
54ccb367 664 select CRYPTO_HASH
1da177e4 665 help
584fffc8 666 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 667
66be8951 668config CRYPTO_SHA1_SSSE3
e38b6b7f 669 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
66be8951
MK		 670 depends on X86 && 64BIT
671 select CRYPTO_SHA1
672 select CRYPTO_HASH
673 help
674 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
675 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
e38b6b7f 676 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
677 when available.
66be8951 678
8275d1aa 679config CRYPTO_SHA256_SSSE3
e38b6b7f 680 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
8275d1aa
TC		 681 depends on X86 && 64BIT
682 select CRYPTO_SHA256
683 select CRYPTO_HASH
684 help
685 SHA-256 secure hash standard (DFIPS 180-2) implemented
686 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
687 Extensions version 1 (AVX1), or Advanced Vector Extensions
e38b6b7f 688 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
689 Instructions) when available.
87de4579
TC		 690
691config CRYPTO_SHA512_SSSE3
692 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
693 depends on X86 && 64BIT
694 select CRYPTO_SHA512
695 select CRYPTO_HASH
696 help
697 SHA-512 secure hash standard (DFIPS 180-2) implemented
698 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
699 Extensions version 1 (AVX1), or Advanced Vector Extensions
8275d1aa
TC		 700 version 2 (AVX2) instructions, when available.
701
efdb6f6e
AK		 702config CRYPTO_SHA1_OCTEON
703 tristate "SHA1 digest algorithm (OCTEON)"
704 depends on CPU_CAVIUM_OCTEON
705 select CRYPTO_SHA1
706 select CRYPTO_HASH
707 help
708 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
709 using OCTEON crypto instructions, when available.
710
4ff28d4c
DM		 711config CRYPTO_SHA1_SPARC64
712 tristate "SHA1 digest algorithm (SPARC64)"
713 depends on SPARC64
714 select CRYPTO_SHA1
715 select CRYPTO_HASH
716 help
717 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
718 using sparc64 crypto instructions, when available.
719
323a6bf1
ME		 720config CRYPTO_SHA1_PPC
721 tristate "SHA1 digest algorithm (powerpc)"
722 depends on PPC
723 help
724 This is the powerpc hardware accelerated implementation of the
725 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
726
d9850fc5
MS		 727config CRYPTO_SHA1_PPC_SPE
728 tristate "SHA1 digest algorithm (PPC SPE)"
729 depends on PPC && SPE
730 help
731 SHA-1 secure hash standard (DFIPS 180-4) implemented
732 using powerpc SPE SIMD instruction set.
733
1e65b81a
TC		 734config CRYPTO_SHA1_MB
735 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
736 depends on X86 && 64BIT
737 select CRYPTO_SHA1
738 select CRYPTO_HASH
739 select CRYPTO_MCRYPTD
740 help
741 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
742 using multi-buffer technique. This algorithm computes on
743 multiple data lanes concurrently with SIMD instructions for
744 better throughput. It should not be enabled by default but
745 used when there is significant amount of work to keep the keep
746 the data lanes filled to get performance benefit. If the data
747 lanes remain unfilled, a flush operation will be initiated to
748 process the crypto jobs, adding a slight latency.
749
9be7e244
MD		 750config CRYPTO_SHA256_MB
751 tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
752 depends on X86 && 64BIT
753 select CRYPTO_SHA256
754 select CRYPTO_HASH
755 select CRYPTO_MCRYPTD
756 help
757 SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
758 using multi-buffer technique. This algorithm computes on
759 multiple data lanes concurrently with SIMD instructions for
760 better throughput. It should not be enabled by default but
761 used when there is significant amount of work to keep the keep
762 the data lanes filled to get performance benefit. If the data
763 lanes remain unfilled, a flush operation will be initiated to
764 process the crypto jobs, adding a slight latency.
765
026bb8aa
MD		 766config CRYPTO_SHA512_MB
767 tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
768 depends on X86 && 64BIT
769 select CRYPTO_SHA512
770 select CRYPTO_HASH
771 select CRYPTO_MCRYPTD
772 help
773 SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
774 using multi-buffer technique. This algorithm computes on
775 multiple data lanes concurrently with SIMD instructions for
776 better throughput. It should not be enabled by default but
777 used when there is significant amount of work to keep the keep
778 the data lanes filled to get performance benefit. If the data
779 lanes remain unfilled, a flush operation will be initiated to
780 process the crypto jobs, adding a slight latency.
781
584fffc8
SS		 782config CRYPTO_SHA256
783 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 784 select CRYPTO_HASH
1da177e4 785 help
584fffc8 786 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 787
584fffc8
SS		 788 This version of SHA implements a 256 bit hash with 128 bits of
789 security against collision attacks.
2729bb42 790
b6d44341
AB		 791 This code also includes SHA-224, a 224 bit hash with 112 bits
792 of security against collision attacks.
584fffc8 793
2ecc1e95
MS		 794config CRYPTO_SHA256_PPC_SPE
795 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
796 depends on PPC && SPE
797 select CRYPTO_SHA256
798 select CRYPTO_HASH
799 help
800 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
801 implemented using powerpc SPE SIMD instruction set.
802
efdb6f6e
AK		 803config CRYPTO_SHA256_OCTEON
804 tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
805 depends on CPU_CAVIUM_OCTEON
806 select CRYPTO_SHA256
807 select CRYPTO_HASH
808 help
809 SHA-256 secure hash standard (DFIPS 180-2) implemented
810 using OCTEON crypto instructions, when available.
811
86c93b24
DM		 812config CRYPTO_SHA256_SPARC64
813 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
814 depends on SPARC64
815 select CRYPTO_SHA256
816 select CRYPTO_HASH
817 help
818 SHA-256 secure hash standard (DFIPS 180-2) implemented
819 using sparc64 crypto instructions, when available.
820
584fffc8
SS		 821config CRYPTO_SHA512
822 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 823 select CRYPTO_HASH
b9f535ff 824 help
584fffc8 825 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 826
584fffc8
SS		 827 This version of SHA implements a 512 bit hash with 256 bits of
828 security against collision attacks.
b9f535ff 829
584fffc8
SS		 830 This code also includes SHA-384, a 384 bit hash with 192 bits
831 of security against collision attacks.
b9f535ff 832
efdb6f6e
AK		 833config CRYPTO_SHA512_OCTEON
834 tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
835 depends on CPU_CAVIUM_OCTEON
836 select CRYPTO_SHA512
837 select CRYPTO_HASH
838 help
839 SHA-512 secure hash standard (DFIPS 180-2) implemented
840 using OCTEON crypto instructions, when available.
841
775e0c69
DM		 842config CRYPTO_SHA512_SPARC64
843 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
844 depends on SPARC64
845 select CRYPTO_SHA512
846 select CRYPTO_HASH
847 help
848 SHA-512 secure hash standard (DFIPS 180-2) implemented
849 using sparc64 crypto instructions, when available.
850
53964b9e
JG		 851config CRYPTO_SHA3
852 tristate "SHA3 digest algorithm"
853 select CRYPTO_HASH
854 help
855 SHA-3 secure hash standard (DFIPS 202). It's based on
856 cryptographic sponge function family called Keccak.
857
858 References:
859 http://keccak.noekeon.org/
860
584fffc8
SS		 861config CRYPTO_TGR192
862 tristate "Tiger digest algorithms"
f63fbd3d 863 select CRYPTO_HASH
eaf44088 864 help
584fffc8 865 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 866
584fffc8
SS		 867 Tiger is a hash function optimized for 64-bit processors while
868 still having decent performance on 32-bit processors.
869 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 870
871 See also:
584fffc8 872 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 873
584fffc8
SS		 874config CRYPTO_WP512
875 tristate "Whirlpool digest algorithms"
4946510b 876 select CRYPTO_HASH
1da177e4 877 help
584fffc8 878 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 879
584fffc8
SS		 880 Whirlpool-512 is part of the NESSIE cryptographic primitives.
881 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 882
883 See also:
6d8de74c 884 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 885
0e1227d3
HY		 886config CRYPTO_GHASH_CLMUL_NI_INTEL
887 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 888 depends on X86 && 64BIT
0e1227d3
HY		 889 select CRYPTO_CRYPTD
890 help
891 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
892 The implementation is accelerated by CLMUL-NI of Intel.
893
584fffc8 894comment "Ciphers"
1da177e4
LT		 895
896config CRYPTO_AES
897 tristate "AES cipher algorithms"
cce9e06d 898 select CRYPTO_ALGAPI
1da177e4 899 help
584fffc8 900 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 901 algorithm.
902
903 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 904 both hardware and software across a wide range of computing
905 environments regardless of its use in feedback or non-feedback
906 modes. Its key setup time is excellent, and its key agility is
907 good. Rijndael's very low memory requirements make it very well
908 suited for restricted-space environments, in which it also
909 demonstrates excellent performance. Rijndael's operations are
910 among the easiest to defend against power and timing attacks.
1da177e4 911
584fffc8 912 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 913
914 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
915
b5e0b032
AB		 916config CRYPTO_AES_TI
917 tristate "Fixed time AES cipher"
918 select CRYPTO_ALGAPI
919 help
920 This is a generic implementation of AES that attempts to eliminate
921 data dependent latencies as much as possible without affecting
922 performance too much. It is intended for use by the generic CCM
923 and GCM drivers, and other CTR or CMAC/XCBC based modes that rely
924 solely on encryption (although decryption is supported as well, but
925 with a more dramatic performance hit)
926
927 Instead of using 16 lookup tables of 1 KB each, (8 for encryption and
928 8 for decryption), this implementation only uses just two S-boxes of
929 256 bytes each, and attempts to eliminate data dependent latencies by
930 prefetching the entire table into the cache at the start of each
931 block.
932
1da177e4
LT		 933config CRYPTO_AES_586
934 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 935 depends on (X86 || UML_X86) && !64BIT
936 select CRYPTO_ALGAPI
5157dea8 937 select CRYPTO_AES
1da177e4 938 help
584fffc8 939 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 940 algorithm.
941
942 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 943 both hardware and software across a wide range of computing
944 environments regardless of its use in feedback or non-feedback
945 modes. Its key setup time is excellent, and its key agility is
946 good. Rijndael's very low memory requirements make it very well
947 suited for restricted-space environments, in which it also
948 demonstrates excellent performance. Rijndael's operations are
949 among the easiest to defend against power and timing attacks.
1da177e4 950
584fffc8 951 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 952
953 See <http://csrc.nist.gov/encryption/aes/> for more information.
954
955config CRYPTO_AES_X86_64
956 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 957 depends on (X86 || UML_X86) && 64BIT
958 select CRYPTO_ALGAPI
81190b32 959 select CRYPTO_AES
a2a892a2 960 help
584fffc8 961 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 962 algorithm.
963
964 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 965 both hardware and software across a wide range of computing
966 environments regardless of its use in feedback or non-feedback
967 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 968 good. Rijndael's very low memory requirements make it very well
969 suited for restricted-space environments, in which it also
970 demonstrates excellent performance. Rijndael's operations are
971 among the easiest to defend against power and timing attacks.
972
973 The AES specifies three key sizes: 128, 192 and 256 bits
974
975 See <http://csrc.nist.gov/encryption/aes/> for more information.
976
977config CRYPTO_AES_NI_INTEL
978 tristate "AES cipher algorithms (AES-NI)"
8af00860 979 depends on X86
85671860 980 select CRYPTO_AEAD
0d258efb
MK		 981 select CRYPTO_AES_X86_64 if 64BIT
982 select CRYPTO_AES_586 if !64BIT
54b6a1bd 983 select CRYPTO_ALGAPI
85671860 984 select CRYPTO_BLKCIPHER
7643a11a 985 select CRYPTO_GLUE_HELPER_X86 if 64BIT
85671860 986 select CRYPTO_SIMD
54b6a1bd
HY		 987 help
988 Use Intel AES-NI instructions for AES algorithm.
989
990 AES cipher algorithms (FIPS-197). AES uses the Rijndael
991 algorithm.
992
993 Rijndael appears to be consistently a very good performer in
994 both hardware and software across a wide range of computing
995 environments regardless of its use in feedback or non-feedback
996 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 997 good. Rijndael's very low memory requirements make it very well
998 suited for restricted-space environments, in which it also
999 demonstrates excellent performance. Rijndael's operations are
1000 among the easiest to defend against power and timing attacks.
a2a892a2 1001
584fffc8 1002 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 1003
1004 See <http://csrc.nist.gov/encryption/aes/> for more information.
1005
0d258efb
MK		 1006 In addition to AES cipher algorithm support, the acceleration
1007 for some popular block cipher mode is supported too, including
1008 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
1009 acceleration for CTR.
2cf4ac8b 1010
9bf4852d
DM		 1011config CRYPTO_AES_SPARC64
1012 tristate "AES cipher algorithms (SPARC64)"
1013 depends on SPARC64
1014 select CRYPTO_CRYPTD
1015 select CRYPTO_ALGAPI
1016 help
1017 Use SPARC64 crypto opcodes for AES algorithm.
1018
1019 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1020 algorithm.
1021
1022 Rijndael appears to be consistently a very good performer in
1023 both hardware and software across a wide range of computing
1024 environments regardless of its use in feedback or non-feedback
1025 modes. Its key setup time is excellent, and its key agility is
1026 good. Rijndael's very low memory requirements make it very well
1027 suited for restricted-space environments, in which it also
1028 demonstrates excellent performance. Rijndael's operations are
1029 among the easiest to defend against power and timing attacks.
1030
1031 The AES specifies three key sizes: 128, 192 and 256 bits
1032
1033 See <http://csrc.nist.gov/encryption/aes/> for more information.
1034
1035 In addition to AES cipher algorithm support, the acceleration
1036 for some popular block cipher mode is supported too, including
1037 ECB and CBC.
1038
504c6143
MS		 1039config CRYPTO_AES_PPC_SPE
1040 tristate "AES cipher algorithms (PPC SPE)"
1041 depends on PPC && SPE
1042 help
1043 AES cipher algorithms (FIPS-197). Additionally the acceleration
1044 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1045 This module should only be used for low power (router) devices
1046 without hardware AES acceleration (e.g. caam crypto). It reduces the
1047 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1048 timining attacks. Nevertheless it might be not as secure as other
1049 architecture specific assembler implementations that work on 1KB
1050 tables or 256 bytes S-boxes.
1051
584fffc8
SS		 1052config CRYPTO_ANUBIS
1053 tristate "Anubis cipher algorithm"
1054 select CRYPTO_ALGAPI
1055 help
1056 Anubis cipher algorithm.
1057
1058 Anubis is a variable key length cipher which can use keys from
1059 128 bits to 320 bits in length. It was evaluated as a entrant
1060 in the NESSIE competition.
1061
1062 See also:
6d8de74c
JM		 1063 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1064 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS		 1065
1066config CRYPTO_ARC4
1067 tristate "ARC4 cipher algorithm"
b9b0f080 1068 select CRYPTO_BLKCIPHER
584fffc8
SS		 1069 help
1070 ARC4 cipher algorithm.
1071
1072 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1073 bits in length. This algorithm is required for driver-based
1074 WEP, but it should not be for other purposes because of the
1075 weakness of the algorithm.
1076
1077config CRYPTO_BLOWFISH
1078 tristate "Blowfish cipher algorithm"
1079 select CRYPTO_ALGAPI
52ba867c 1080 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS		 1081 help
1082 Blowfish cipher algorithm, by Bruce Schneier.
1083
1084 This is a variable key length cipher which can use keys from 32
1085 bits to 448 bits in length. It's fast, simple and specifically
1086 designed for use on "large microprocessors".
1087
1088 See also:
1089 <http://www.schneier.com/blowfish.html>
1090
52ba867c
JK		 1091config CRYPTO_BLOWFISH_COMMON
1092 tristate
1093 help
1094 Common parts of the Blowfish cipher algorithm shared by the
1095 generic c and the assembler implementations.
1096
1097 See also:
1098 <http://www.schneier.com/blowfish.html>
1099
64b94cea
JK		 1100config CRYPTO_BLOWFISH_X86_64
1101 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 1102 depends on X86 && 64BIT
64b94cea
JK		 1103 select CRYPTO_ALGAPI
1104 select CRYPTO_BLOWFISH_COMMON
1105 help
1106 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1107
1108 This is a variable key length cipher which can use keys from 32
1109 bits to 448 bits in length. It's fast, simple and specifically
1110 designed for use on "large microprocessors".
1111
1112 See also:
1113 <http://www.schneier.com/blowfish.html>
1114
584fffc8
SS		 1115config CRYPTO_CAMELLIA
1116 tristate "Camellia cipher algorithms"
1117 depends on CRYPTO
1118 select CRYPTO_ALGAPI
1119 help
1120 Camellia cipher algorithms module.
1121
1122 Camellia is a symmetric key block cipher developed jointly
1123 at NTT and Mitsubishi Electric Corporation.
1124
1125 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1126
1127 See also:
1128 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1129
0b95ec56
JK		 1130config CRYPTO_CAMELLIA_X86_64
1131 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 1132 depends on X86 && 64BIT
0b95ec56
JK		 1133 depends on CRYPTO
1134 select CRYPTO_ALGAPI
964263af 1135 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK		 1136 select CRYPTO_LRW
1137 select CRYPTO_XTS
1138 help
1139 Camellia cipher algorithm module (x86_64).
1140
1141 Camellia is a symmetric key block cipher developed jointly
1142 at NTT and Mitsubishi Electric Corporation.
1143
1144 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1145
1146 See also:
d9b1d2e7
JK		 1147 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1148
1149config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1150 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1151 depends on X86 && 64BIT
1152 depends on CRYPTO
1153 select CRYPTO_ALGAPI
1154 select CRYPTO_CRYPTD
801201aa 1155 select CRYPTO_ABLK_HELPER
d9b1d2e7
JK		 1156 select CRYPTO_GLUE_HELPER_X86
1157 select CRYPTO_CAMELLIA_X86_64
1158 select CRYPTO_LRW
1159 select CRYPTO_XTS
1160 help
1161 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1162
1163 Camellia is a symmetric key block cipher developed jointly
1164 at NTT and Mitsubishi Electric Corporation.
1165
1166 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1167
1168 See also:
0b95ec56
JK		 1169 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1170
f3f935a7
JK		 1171config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1172 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1173 depends on X86 && 64BIT
1174 depends on CRYPTO
1175 select CRYPTO_ALGAPI
1176 select CRYPTO_CRYPTD
801201aa 1177 select CRYPTO_ABLK_HELPER
f3f935a7
JK		 1178 select CRYPTO_GLUE_HELPER_X86
1179 select CRYPTO_CAMELLIA_X86_64
1180 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1181 select CRYPTO_LRW
1182 select CRYPTO_XTS
1183 help
1184 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1185
1186 Camellia is a symmetric key block cipher developed jointly
1187 at NTT and Mitsubishi Electric Corporation.
1188
1189 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1190
1191 See also:
1192 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1193
81658ad0
DM		 1194config CRYPTO_CAMELLIA_SPARC64
1195 tristate "Camellia cipher algorithm (SPARC64)"
1196 depends on SPARC64
1197 depends on CRYPTO
1198 select CRYPTO_ALGAPI
1199 help
1200 Camellia cipher algorithm module (SPARC64).
1201
1202 Camellia is a symmetric key block cipher developed jointly
1203 at NTT and Mitsubishi Electric Corporation.
1204
1205 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1206
1207 See also:
1208 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1209
044ab525
JK		 1210config CRYPTO_CAST_COMMON
1211 tristate
1212 help
1213 Common parts of the CAST cipher algorithms shared by the
1214 generic c and the assembler implementations.
1215
1da177e4
LT		 1216config CRYPTO_CAST5
1217 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 1218 select CRYPTO_ALGAPI
044ab525 1219 select CRYPTO_CAST_COMMON
1da177e4
LT		 1220 help
1221 The CAST5 encryption algorithm (synonymous with CAST-128) is
1222 described in RFC2144.
1223
4d6d6a2c
JG		 1224config CRYPTO_CAST5_AVX_X86_64
1225 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1226 depends on X86 && 64BIT
1227 select CRYPTO_ALGAPI
1228 select CRYPTO_CRYPTD
801201aa 1229 select CRYPTO_ABLK_HELPER
044ab525 1230 select CRYPTO_CAST_COMMON
4d6d6a2c
JG		 1231 select CRYPTO_CAST5
1232 help
1233 The CAST5 encryption algorithm (synonymous with CAST-128) is
1234 described in RFC2144.
1235
1236 This module provides the Cast5 cipher algorithm that processes
1237 sixteen blocks parallel using the AVX instruction set.
1238
1da177e4
LT		 1239config CRYPTO_CAST6
1240 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 1241 select CRYPTO_ALGAPI
044ab525 1242 select CRYPTO_CAST_COMMON
1da177e4
LT		 1243 help
1244 The CAST6 encryption algorithm (synonymous with CAST-256) is
1245 described in RFC2612.
1246
4ea1277d
JG		 1247config CRYPTO_CAST6_AVX_X86_64
1248 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1249 depends on X86 && 64BIT
1250 select CRYPTO_ALGAPI
1251 select CRYPTO_CRYPTD
801201aa 1252 select CRYPTO_ABLK_HELPER
4ea1277d 1253 select CRYPTO_GLUE_HELPER_X86
044ab525 1254 select CRYPTO_CAST_COMMON
4ea1277d
JG		 1255 select CRYPTO_CAST6
1256 select CRYPTO_LRW
1257 select CRYPTO_XTS
1258 help
1259 The CAST6 encryption algorithm (synonymous with CAST-256) is
1260 described in RFC2612.
1261
1262 This module provides the Cast6 cipher algorithm that processes
1263 eight blocks parallel using the AVX instruction set.
1264
584fffc8
SS		 1265config CRYPTO_DES
1266 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 1267 select CRYPTO_ALGAPI
1da177e4 1268 help
584fffc8 1269 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 1270
c5aac2df
DM		 1271config CRYPTO_DES_SPARC64
1272 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
97da37b3 1273 depends on SPARC64
c5aac2df
DM		 1274 select CRYPTO_ALGAPI
1275 select CRYPTO_DES
1276 help
1277 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1278 optimized using SPARC64 crypto opcodes.
1279
6574e6c6
JK		 1280config CRYPTO_DES3_EDE_X86_64
1281 tristate "Triple DES EDE cipher algorithm (x86-64)"
1282 depends on X86 && 64BIT
1283 select CRYPTO_ALGAPI
1284 select CRYPTO_DES
1285 help
1286 Triple DES EDE (FIPS 46-3) algorithm.
1287
1288 This module provides implementation of the Triple DES EDE cipher
1289 algorithm that is optimized for x86-64 processors. Two versions of
1290 algorithm are provided; regular processing one input block and
1291 one that processes three blocks parallel.
1292
584fffc8
SS		 1293config CRYPTO_FCRYPT
1294 tristate "FCrypt cipher algorithm"
cce9e06d 1295 select CRYPTO_ALGAPI
584fffc8 1296 select CRYPTO_BLKCIPHER
1da177e4 1297 help
584fffc8 1298 FCrypt algorithm used by RxRPC.
1da177e4
LT		 1299
1300config CRYPTO_KHAZAD
1301 tristate "Khazad cipher algorithm"
cce9e06d 1302 select CRYPTO_ALGAPI
1da177e4
LT		 1303 help
1304 Khazad cipher algorithm.
1305
1306 Khazad was a finalist in the initial NESSIE competition. It is
1307 an algorithm optimized for 64-bit processors with good performance
1308 on 32-bit processors. Khazad uses an 128 bit key size.
1309
1310 See also:
6d8de74c 1311 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 1312
2407d608 1313config CRYPTO_SALSA20
3b4afaf2 1314 tristate "Salsa20 stream cipher algorithm"
2407d608
TSH		 1315 select CRYPTO_BLKCIPHER
1316 help
1317 Salsa20 stream cipher algorithm.
1318
1319 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1320 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 1321
1322 The Salsa20 stream cipher algorithm is designed by Daniel J.
1323 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1324
1325config CRYPTO_SALSA20_586
3b4afaf2 1326 tristate "Salsa20 stream cipher algorithm (i586)"
974e4b75 1327 depends on (X86 || UML_X86) && !64BIT
974e4b75 1328 select CRYPTO_BLKCIPHER
974e4b75
TSH		 1329 help
1330 Salsa20 stream cipher algorithm.
1331
1332 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1333 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 1334
1335 The Salsa20 stream cipher algorithm is designed by Daniel J.
1336 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1337
1338config CRYPTO_SALSA20_X86_64
3b4afaf2 1339 tristate "Salsa20 stream cipher algorithm (x86_64)"
9a7dafbb 1340 depends on (X86 || UML_X86) && 64BIT
9a7dafbb 1341 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 1342 help
1343 Salsa20 stream cipher algorithm.
1344
1345 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1346 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 1347
1348 The Salsa20 stream cipher algorithm is designed by Daniel J.
1349 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 1350
c08d0e64
MW		 1351config CRYPTO_CHACHA20
1352 tristate "ChaCha20 cipher algorithm"
1353 select CRYPTO_BLKCIPHER
1354 help
1355 ChaCha20 cipher algorithm, RFC7539.
1356
1357 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1358 Bernstein and further specified in RFC7539 for use in IETF protocols.
1359 This is the portable C implementation of ChaCha20.
1360
1361 See also:
1362 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1363
c9320b6d 1364config CRYPTO_CHACHA20_X86_64
3d1e93cd 1365 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
c9320b6d
MW		 1366 depends on X86 && 64BIT
1367 select CRYPTO_BLKCIPHER
1368 select CRYPTO_CHACHA20
1369 help
1370 ChaCha20 cipher algorithm, RFC7539.
1371
1372 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1373 Bernstein and further specified in RFC7539 for use in IETF protocols.
1374 This is the x86_64 assembler implementation using SIMD instructions.
1375
1376 See also:
1377 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1378
584fffc8
SS		 1379config CRYPTO_SEED
1380 tristate "SEED cipher algorithm"
cce9e06d 1381 select CRYPTO_ALGAPI
1da177e4 1382 help
584fffc8 1383 SEED cipher algorithm (RFC4269).
1da177e4 1384
584fffc8
SS		 1385 SEED is a 128-bit symmetric key block cipher that has been
1386 developed by KISA (Korea Information Security Agency) as a
1387 national standard encryption algorithm of the Republic of Korea.
1388 It is a 16 round block cipher with the key size of 128 bit.
1389
1390 See also:
1391 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1392
1393config CRYPTO_SERPENT
1394 tristate "Serpent cipher algorithm"
cce9e06d 1395 select CRYPTO_ALGAPI
1da177e4 1396 help
584fffc8 1397 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 1398
584fffc8
SS		 1399 Keys are allowed to be from 0 to 256 bits in length, in steps
1400 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1401 variant of Serpent for compatibility with old kerneli.org code.
1402
1403 See also:
1404 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1405
937c30d7
JK		 1406config CRYPTO_SERPENT_SSE2_X86_64
1407 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1408 depends on X86 && 64BIT
1409 select CRYPTO_ALGAPI
341975bf 1410 select CRYPTO_CRYPTD
801201aa 1411 select CRYPTO_ABLK_HELPER
596d8750 1412 select CRYPTO_GLUE_HELPER_X86
937c30d7 1413 select CRYPTO_SERPENT
feaf0cfc
JK		 1414 select CRYPTO_LRW
1415 select CRYPTO_XTS
937c30d7
JK		 1416 help
1417 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1418
1419 Keys are allowed to be from 0 to 256 bits in length, in steps
1420 of 8 bits.
1421
1e6232f8 1422 This module provides Serpent cipher algorithm that processes eight
937c30d7
JK		 1423 blocks parallel using SSE2 instruction set.
1424
1425 See also:
1426 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1427
251496db
JK		 1428config CRYPTO_SERPENT_SSE2_586
1429 tristate "Serpent cipher algorithm (i586/SSE2)"
1430 depends on X86 && !64BIT
1431 select CRYPTO_ALGAPI
341975bf 1432 select CRYPTO_CRYPTD
801201aa 1433 select CRYPTO_ABLK_HELPER
596d8750 1434 select CRYPTO_GLUE_HELPER_X86
251496db 1435 select CRYPTO_SERPENT
feaf0cfc
JK		 1436 select CRYPTO_LRW
1437 select CRYPTO_XTS
251496db
JK		 1438 help
1439 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1440
1441 Keys are allowed to be from 0 to 256 bits in length, in steps
1442 of 8 bits.
1443
1444 This module provides Serpent cipher algorithm that processes four
1445 blocks parallel using SSE2 instruction set.
1446
1447 See also:
1448 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG		 1449
1450config CRYPTO_SERPENT_AVX_X86_64
1451 tristate "Serpent cipher algorithm (x86_64/AVX)"
1452 depends on X86 && 64BIT
1453 select CRYPTO_ALGAPI
1454 select CRYPTO_CRYPTD
801201aa 1455 select CRYPTO_ABLK_HELPER
1d0debbd 1456 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG		 1457 select CRYPTO_SERPENT
1458 select CRYPTO_LRW
1459 select CRYPTO_XTS
1460 help
1461 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1462
1463 Keys are allowed to be from 0 to 256 bits in length, in steps
1464 of 8 bits.
1465
1466 This module provides the Serpent cipher algorithm that processes
1467 eight blocks parallel using the AVX instruction set.
1468
1469 See also:
1470 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 1471
56d76c96
JK		 1472config CRYPTO_SERPENT_AVX2_X86_64
1473 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1474 depends on X86 && 64BIT
1475 select CRYPTO_ALGAPI
1476 select CRYPTO_CRYPTD
801201aa 1477 select CRYPTO_ABLK_HELPER
56d76c96
JK		 1478 select CRYPTO_GLUE_HELPER_X86
1479 select CRYPTO_SERPENT
1480 select CRYPTO_SERPENT_AVX_X86_64
1481 select CRYPTO_LRW
1482 select CRYPTO_XTS
1483 help
1484 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1485
1486 Keys are allowed to be from 0 to 256 bits in length, in steps
1487 of 8 bits.
1488
1489 This module provides Serpent cipher algorithm that processes 16
1490 blocks parallel using AVX2 instruction set.
1491
1492 See also:
1493 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1494
584fffc8
SS		 1495config CRYPTO_TEA
1496 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 1497 select CRYPTO_ALGAPI
1da177e4 1498 help
584fffc8 1499 TEA cipher algorithm.
1da177e4 1500
584fffc8
SS		 1501 Tiny Encryption Algorithm is a simple cipher that uses
1502 many rounds for security. It is very fast and uses
1503 little memory.
1504
1505 Xtendend Tiny Encryption Algorithm is a modification to
1506 the TEA algorithm to address a potential key weakness
1507 in the TEA algorithm.
1508
1509 Xtendend Encryption Tiny Algorithm is a mis-implementation
1510 of the XTEA algorithm for compatibility purposes.
1511
1512config CRYPTO_TWOFISH
1513 tristate "Twofish cipher algorithm"
04ac7db3 1514 select CRYPTO_ALGAPI
584fffc8 1515 select CRYPTO_TWOFISH_COMMON
04ac7db3 1516 help
584fffc8 1517 Twofish cipher algorithm.
04ac7db3 1518
584fffc8
SS		 1519 Twofish was submitted as an AES (Advanced Encryption Standard)
1520 candidate cipher by researchers at CounterPane Systems. It is a
1521 16 round block cipher supporting key sizes of 128, 192, and 256
1522 bits.
04ac7db3 1523
584fffc8
SS		 1524 See also:
1525 <http://www.schneier.com/twofish.html>
1526
1527config CRYPTO_TWOFISH_COMMON
1528 tristate
1529 help
1530 Common parts of the Twofish cipher algorithm shared by the
1531 generic c and the assembler implementations.
1532
1533config CRYPTO_TWOFISH_586
1534 tristate "Twofish cipher algorithms (i586)"
1535 depends on (X86 || UML_X86) && !64BIT
1536 select CRYPTO_ALGAPI
1537 select CRYPTO_TWOFISH_COMMON
1538 help
1539 Twofish cipher algorithm.
1540
1541 Twofish was submitted as an AES (Advanced Encryption Standard)
1542 candidate cipher by researchers at CounterPane Systems. It is a
1543 16 round block cipher supporting key sizes of 128, 192, and 256
1544 bits.
04ac7db3
NT		 1545
1546 See also:
584fffc8 1547 <http://www.schneier.com/twofish.html>
04ac7db3 1548
584fffc8
SS		 1549config CRYPTO_TWOFISH_X86_64
1550 tristate "Twofish cipher algorithm (x86_64)"
1551 depends on (X86 || UML_X86) && 64BIT
cce9e06d 1552 select CRYPTO_ALGAPI
584fffc8 1553 select CRYPTO_TWOFISH_COMMON
1da177e4 1554 help
584fffc8 1555 Twofish cipher algorithm (x86_64).
1da177e4 1556
584fffc8
SS		 1557 Twofish was submitted as an AES (Advanced Encryption Standard)
1558 candidate cipher by researchers at CounterPane Systems. It is a
1559 16 round block cipher supporting key sizes of 128, 192, and 256
1560 bits.
1561
1562 See also:
1563 <http://www.schneier.com/twofish.html>
1564
8280daad
JK		 1565config CRYPTO_TWOFISH_X86_64_3WAY
1566 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1567 depends on X86 && 64BIT
8280daad
JK		 1568 select CRYPTO_ALGAPI
1569 select CRYPTO_TWOFISH_COMMON
1570 select CRYPTO_TWOFISH_X86_64
414cb5e7 1571 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK		 1572 select CRYPTO_LRW
1573 select CRYPTO_XTS
8280daad
JK		 1574 help
1575 Twofish cipher algorithm (x86_64, 3-way parallel).
1576
1577 Twofish was submitted as an AES (Advanced Encryption Standard)
1578 candidate cipher by researchers at CounterPane Systems. It is a
1579 16 round block cipher supporting key sizes of 128, 192, and 256
1580 bits.
1581
1582 This module provides Twofish cipher algorithm that processes three
1583 blocks parallel, utilizing resources of out-of-order CPUs better.
1584
1585 See also:
1586 <http://www.schneier.com/twofish.html>
1587
107778b5
JG		 1588config CRYPTO_TWOFISH_AVX_X86_64
1589 tristate "Twofish cipher algorithm (x86_64/AVX)"
1590 depends on X86 && 64BIT
1591 select CRYPTO_ALGAPI
1592 select CRYPTO_CRYPTD
801201aa 1593 select CRYPTO_ABLK_HELPER
a7378d4e 1594 select CRYPTO_GLUE_HELPER_X86
107778b5
JG		 1595 select CRYPTO_TWOFISH_COMMON
1596 select CRYPTO_TWOFISH_X86_64
1597 select CRYPTO_TWOFISH_X86_64_3WAY
1598 select CRYPTO_LRW
1599 select CRYPTO_XTS
1600 help
1601 Twofish cipher algorithm (x86_64/AVX).
1602
1603 Twofish was submitted as an AES (Advanced Encryption Standard)
1604 candidate cipher by researchers at CounterPane Systems. It is a
1605 16 round block cipher supporting key sizes of 128, 192, and 256
1606 bits.
1607
1608 This module provides the Twofish cipher algorithm that processes
1609 eight blocks parallel using the AVX Instruction Set.
1610
1611 See also:
1612 <http://www.schneier.com/twofish.html>
1613
584fffc8
SS		 1614comment "Compression"
1615
1616config CRYPTO_DEFLATE
1617 tristate "Deflate compression algorithm"
1618 select CRYPTO_ALGAPI
f6ded09d 1619 select CRYPTO_ACOMP2
584fffc8
SS		 1620 select ZLIB_INFLATE
1621 select ZLIB_DEFLATE
3c09f17c 1622 help
584fffc8
SS		 1623 This is the Deflate algorithm (RFC1951), specified for use in
1624 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1625
1626 You will most probably want this if using IPSec.
3c09f17c 1627
0b77abb3
ZS		 1628config CRYPTO_LZO
1629 tristate "LZO compression algorithm"
1630 select CRYPTO_ALGAPI
ac9d2c4b 1631 select CRYPTO_ACOMP2
0b77abb3
ZS		 1632 select LZO_COMPRESS
1633 select LZO_DECOMPRESS
1634 help
1635 This is the LZO algorithm.
1636
35a1fc18
SJ		 1637config CRYPTO_842
1638 tristate "842 compression algorithm"
2062c5b6 1639 select CRYPTO_ALGAPI
6a8de3ae 1640 select CRYPTO_ACOMP2
2062c5b6
DS		 1641 select 842_COMPRESS
1642 select 842_DECOMPRESS
35a1fc18
SJ		 1643 help
1644 This is the 842 algorithm.
0ea8530d
CM		 1645
1646config CRYPTO_LZ4
1647 tristate "LZ4 compression algorithm"
1648 select CRYPTO_ALGAPI
8cd9330e 1649 select CRYPTO_ACOMP2
0ea8530d
CM		 1650 select LZ4_COMPRESS
1651 select LZ4_DECOMPRESS
1652 help
1653 This is the LZ4 algorithm.
1654
1655config CRYPTO_LZ4HC
1656 tristate "LZ4HC compression algorithm"
1657 select CRYPTO_ALGAPI
91d53d96 1658 select CRYPTO_ACOMP2
0ea8530d
CM		 1659 select LZ4HC_COMPRESS
1660 select LZ4_DECOMPRESS
1661 help
1662 This is the LZ4 high compression mode algorithm.
35a1fc18 1663
17f0f4a4
NH		 1664comment "Random Number Generation"
1665
1666config CRYPTO_ANSI_CPRNG
1667 tristate "Pseudo Random Number Generation for Cryptographic modules"
1668 select CRYPTO_AES
1669 select CRYPTO_RNG
17f0f4a4
NH		 1670 help
1671 This option enables the generic pseudo random number generator
1672 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 1673 ANSI X9.31 A.2.4. Note that this option must be enabled if
1674 CRYPTO_FIPS is selected
17f0f4a4 1675
f2c89a10 1676menuconfig CRYPTO_DRBG_MENU
419090c6 1677 tristate "NIST SP800-90A DRBG"
419090c6
SM		 1678 help
1679 NIST SP800-90A compliant DRBG. In the following submenu, one or
1680 more of the DRBG types must be selected.
1681
f2c89a10 1682if CRYPTO_DRBG_MENU
419090c6
SM		 1683
1684config CRYPTO_DRBG_HMAC
401e4238 1685 bool
419090c6 1686 default y
419090c6 1687 select CRYPTO_HMAC
826775bb 1688 select CRYPTO_SHA256
419090c6
SM		 1689
1690config CRYPTO_DRBG_HASH
1691 bool "Enable Hash DRBG"
826775bb 1692 select CRYPTO_SHA256
419090c6
SM		 1693 help
1694 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1695
1696config CRYPTO_DRBG_CTR
1697 bool "Enable CTR DRBG"
419090c6 1698 select CRYPTO_AES
35591285 1699 depends on CRYPTO_CTR
419090c6
SM		 1700 help
1701 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1702
f2c89a10
HX		 1703config CRYPTO_DRBG
1704 tristate
401e4238 1705 default CRYPTO_DRBG_MENU
f2c89a10 1706 select CRYPTO_RNG
bb5530e4 1707 select CRYPTO_JITTERENTROPY
f2c89a10
HX		 1708
1709endif # if CRYPTO_DRBG_MENU
419090c6 1710
bb5530e4
SM		 1711config CRYPTO_JITTERENTROPY
1712 tristate "Jitterentropy Non-Deterministic Random Number Generator"
2f313e02 1713 select CRYPTO_RNG
bb5530e4
SM		 1714 help
1715 The Jitterentropy RNG is a noise that is intended
1716 to provide seed to another RNG. The RNG does not
1717 perform any cryptographic whitening of the generated
1718 random numbers. This Jitterentropy RNG registers with
1719 the kernel crypto API and can be used by any caller.
1720
03c8efc1
HX		 1721config CRYPTO_USER_API
1722 tristate
1723
fe869cdb
HX		 1724config CRYPTO_USER_API_HASH
1725 tristate "User-space interface for hash algorithms"
7451708f 1726 depends on NET
fe869cdb
HX		 1727 select CRYPTO_HASH
1728 select CRYPTO_USER_API
1729 help
1730 This option enables the user-spaces interface for hash
1731 algorithms.
1732
8ff59090
HX		 1733config CRYPTO_USER_API_SKCIPHER
1734 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1735 depends on NET
8ff59090
HX		 1736 select CRYPTO_BLKCIPHER
1737 select CRYPTO_USER_API
1738 help
1739 This option enables the user-spaces interface for symmetric
1740 key cipher algorithms.
1741
2f375538
SM		 1742config CRYPTO_USER_API_RNG
1743 tristate "User-space interface for random number generator algorithms"
1744 depends on NET
1745 select CRYPTO_RNG
1746 select CRYPTO_USER_API
1747 help
1748 This option enables the user-spaces interface for random
1749 number generator algorithms.
1750
b64a2d95
HX		 1751config CRYPTO_USER_API_AEAD
1752 tristate "User-space interface for AEAD cipher algorithms"
1753 depends on NET
1754 select CRYPTO_AEAD
1755 select CRYPTO_USER_API
1756 help
1757 This option enables the user-spaces interface for AEAD
1758 cipher algorithms.
1759
ee08997f
DK		 1760config CRYPTO_HASH_INFO
1761 bool
1762
1da177e4 1763source "drivers/crypto/Kconfig"
964f3b3b 1764source crypto/asymmetric_keys/Kconfig
cfc411e7 1765source certs/Kconfig
1da177e4 1766
cce9e06d 1767endif # if CRYPTO
Ubuntu Artful kernel mirror