]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - crypto/Kconfig
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
rhashtable: remove insecure_elasticity
[mirror_ubuntu-artful-kernel.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
f2c89a10 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
1f696097 27 depends on (MODULE_SIG || !MODULES)
ccb778e1
NH		 28 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
e84c5480 32 this is.
ccb778e1 33
cce9e06d
HX		 34config CRYPTO_ALGAPI
35 tristate
6a0fcbb4 36 select CRYPTO_ALGAPI2
cce9e06d
HX		 37 help
38 This option provides the API for cryptographic algorithms.
39
6a0fcbb4
HX		 40config CRYPTO_ALGAPI2
41 tristate
42
1ae97820
HX		 43config CRYPTO_AEAD
44 tristate
6a0fcbb4 45 select CRYPTO_AEAD2
1ae97820
HX		 46 select CRYPTO_ALGAPI
47
6a0fcbb4
HX		 48config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
149a3971
HX		 51 select CRYPTO_NULL2
52 select CRYPTO_RNG2
6a0fcbb4 53
5cde0af2
HX		 54config CRYPTO_BLKCIPHER
55 tristate
6a0fcbb4 56 select CRYPTO_BLKCIPHER2
5cde0af2 57 select CRYPTO_ALGAPI
6a0fcbb4
HX		 58
59config CRYPTO_BLKCIPHER2
60 tristate
61 select CRYPTO_ALGAPI2
62 select CRYPTO_RNG2
0a2e821d 63 select CRYPTO_WORKQUEUE
5cde0af2 64
055bcee3
HX		 65config CRYPTO_HASH
66 tristate
6a0fcbb4 67 select CRYPTO_HASH2
055bcee3
HX		 68 select CRYPTO_ALGAPI
69
6a0fcbb4
HX		 70config CRYPTO_HASH2
71 tristate
72 select CRYPTO_ALGAPI2
73
17f0f4a4
NH		 74config CRYPTO_RNG
75 tristate
6a0fcbb4 76 select CRYPTO_RNG2
17f0f4a4
NH		 77 select CRYPTO_ALGAPI
78
6a0fcbb4
HX		 79config CRYPTO_RNG2
80 tristate
81 select CRYPTO_ALGAPI2
82
401e4238
HX		 83config CRYPTO_RNG_DEFAULT
84 tristate
85 select CRYPTO_DRBG_MENU
86
3c339ab8
TS		 87config CRYPTO_AKCIPHER2
88 tristate
89 select CRYPTO_ALGAPI2
90
91config CRYPTO_AKCIPHER
92 tristate
93 select CRYPTO_AKCIPHER2
94 select CRYPTO_ALGAPI
95
4e5f2c40
SB		 96config CRYPTO_KPP2
97 tristate
98 select CRYPTO_ALGAPI2
99
100config CRYPTO_KPP
101 tristate
102 select CRYPTO_ALGAPI
103 select CRYPTO_KPP2
104
2ebda74f
GC		 105config CRYPTO_ACOMP2
106 tristate
107 select CRYPTO_ALGAPI2
108
109config CRYPTO_ACOMP
110 tristate
111 select CRYPTO_ALGAPI
112 select CRYPTO_ACOMP2
113
cfc2bb32
TS		 114config CRYPTO_RSA
115 tristate "RSA algorithm"
425e0172 116 select CRYPTO_AKCIPHER
58446fef 117 select CRYPTO_MANAGER
cfc2bb32
TS		 118 select MPILIB
119 select ASN1
120 help
121 Generic implementation of the RSA public key algorithm.
122
802c7f1c
SB		 123config CRYPTO_DH
124 tristate "Diffie-Hellman algorithm"
125 select CRYPTO_KPP
126 select MPILIB
127 help
128 Generic implementation of the Diffie-Hellman algorithm.
129
3c4b2390
SB		 130config CRYPTO_ECDH
131 tristate "ECDH algorithm"
132 select CRYTPO_KPP
133 help
134 Generic implementation of the ECDH algorithm
802c7f1c 135
2b8c19db
HX		 136config CRYPTO_MANAGER
137 tristate "Cryptographic algorithm manager"
6a0fcbb4 138 select CRYPTO_MANAGER2
2b8c19db
HX		 139 help
140 Create default cryptographic template instantiations such as
141 cbc(aes).
142
6a0fcbb4
HX		 143config CRYPTO_MANAGER2
144 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
145 select CRYPTO_AEAD2
146 select CRYPTO_HASH2
147 select CRYPTO_BLKCIPHER2
946cc463 148 select CRYPTO_AKCIPHER2
4e5f2c40 149 select CRYPTO_KPP2
2ebda74f 150 select CRYPTO_ACOMP2
6a0fcbb4 151
a38f7907
SK		 152config CRYPTO_USER
153 tristate "Userspace cryptographic algorithm configuration"
5db017aa 154 depends on NET
a38f7907
SK		 155 select CRYPTO_MANAGER
156 help
d19978f5 157 Userspace configuration for cryptographic instantiations such as
a38f7907
SK		 158 cbc(aes).
159
326a6346
HX		 160config CRYPTO_MANAGER_DISABLE_TESTS
161 bool "Disable run-time self tests"
00ca28a5
HX		 162 default y
163 depends on CRYPTO_MANAGER2
0b767f96 164 help
326a6346
HX		 165 Disable run-time self tests that normally take place at
166 algorithm registration.
0b767f96 167
584fffc8 168config CRYPTO_GF128MUL
08c70fc3 169 tristate "GF(2^128) multiplication functions"
333b0d7e 170 help
584fffc8
SS		 171 Efficient table driven implementation of multiplications in the
172 field GF(2^128). This is needed by some cypher modes. This
173 option will be selected automatically if you select such a
174 cipher mode. Only select this option by hand if you expect to load
175 an external module that requires these functions.
333b0d7e 176
1da177e4
LT		 177config CRYPTO_NULL
178 tristate "Null algorithms"
149a3971 179 select CRYPTO_NULL2
1da177e4
LT		 180 help
181 These are 'Null' algorithms, used by IPsec, which do nothing.
182
149a3971 183config CRYPTO_NULL2
dd43c4e9 184 tristate
149a3971
HX		 185 select CRYPTO_ALGAPI2
186 select CRYPTO_BLKCIPHER2
187 select CRYPTO_HASH2
188
5068c7a8 189config CRYPTO_PCRYPT
3b4afaf2
KC		 190 tristate "Parallel crypto engine"
191 depends on SMP
5068c7a8
SK		 192 select PADATA
193 select CRYPTO_MANAGER
194 select CRYPTO_AEAD
195 help
196 This converts an arbitrary crypto algorithm into a parallel
197 algorithm that executes in kernel threads.
198
25c38d3f
HY		 199config CRYPTO_WORKQUEUE
200 tristate
201
584fffc8
SS		 202config CRYPTO_CRYPTD
203 tristate "Software async crypto daemon"
204 select CRYPTO_BLKCIPHER
b8a28251 205 select CRYPTO_HASH
584fffc8 206 select CRYPTO_MANAGER
254eff77 207 select CRYPTO_WORKQUEUE
1da177e4 208 help
584fffc8
SS		 209 This is a generic software asynchronous crypto daemon that
210 converts an arbitrary synchronous software crypto algorithm
211 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 212
1e65b81a
TC		 213config CRYPTO_MCRYPTD
214 tristate "Software async multi-buffer crypto daemon"
215 select CRYPTO_BLKCIPHER
216 select CRYPTO_HASH
217 select CRYPTO_MANAGER
218 select CRYPTO_WORKQUEUE
219 help
220 This is a generic software asynchronous crypto daemon that
221 provides the kernel thread to assist multi-buffer crypto
222 algorithms for submitting jobs and flushing jobs in multi-buffer
223 crypto algorithms. Multi-buffer crypto algorithms are executed
224 in the context of this kernel thread and drivers can post
0e56673b 225 their crypto request asynchronously to be processed by this daemon.
1e65b81a 226
584fffc8
SS		 227config CRYPTO_AUTHENC
228 tristate "Authenc support"
229 select CRYPTO_AEAD
230 select CRYPTO_BLKCIPHER
231 select CRYPTO_MANAGER
232 select CRYPTO_HASH
e94c6a7a 233 select CRYPTO_NULL
1da177e4 234 help
584fffc8
SS		 235 Authenc: Combined mode wrapper for IPsec.
236 This is required for IPSec.
1da177e4 237
584fffc8
SS		 238config CRYPTO_TEST
239 tristate "Testing module"
240 depends on m
da7f033d 241 select CRYPTO_MANAGER
1da177e4 242 help
584fffc8 243 Quick & dirty crypto test module.
1da177e4 244
a62b01cd 245config CRYPTO_ABLK_HELPER
ffaf9156 246 tristate
266d0516
HX		 247 select CRYPTO_CRYPTD
248
249config CRYPTO_SIMD
250 tristate
ffaf9156
JK		 251 select CRYPTO_CRYPTD
252
596d8750
JK		 253config CRYPTO_GLUE_HELPER_X86
254 tristate
255 depends on X86
065ce327 256 select CRYPTO_BLKCIPHER
596d8750 257
735d37b5
BW		 258config CRYPTO_ENGINE
259 tristate
260
584fffc8 261comment "Authenticated Encryption with Associated Data"
cd12fb90 262
584fffc8
SS		 263config CRYPTO_CCM
264 tristate "CCM support"
265 select CRYPTO_CTR
f15f05b0 266 select CRYPTO_HASH
584fffc8 267 select CRYPTO_AEAD
1da177e4 268 help
584fffc8 269 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 270
584fffc8
SS		 271config CRYPTO_GCM
272 tristate "GCM/GMAC support"
273 select CRYPTO_CTR
274 select CRYPTO_AEAD
9382d97a 275 select CRYPTO_GHASH
9489667d 276 select CRYPTO_NULL
1da177e4 277 help
584fffc8
SS		 278 Support for Galois/Counter Mode (GCM) and Galois Message
279 Authentication Code (GMAC). Required for IPSec.
1da177e4 280
71ebc4d1
MW		 281config CRYPTO_CHACHA20POLY1305
282 tristate "ChaCha20-Poly1305 AEAD support"
283 select CRYPTO_CHACHA20
284 select CRYPTO_POLY1305
285 select CRYPTO_AEAD
286 help
287 ChaCha20-Poly1305 AEAD support, RFC7539.
288
289 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
290 with the Poly1305 authenticator. It is defined in RFC7539 for use in
291 IETF protocols.
292
584fffc8
SS		 293config CRYPTO_SEQIV
294 tristate "Sequence Number IV Generator"
295 select CRYPTO_AEAD
296 select CRYPTO_BLKCIPHER
856e3f40 297 select CRYPTO_NULL
401e4238 298 select CRYPTO_RNG_DEFAULT
1da177e4 299 help
584fffc8
SS		 300 This IV generator generates an IV based on a sequence number by
301 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 302
a10f554f
HX		 303config CRYPTO_ECHAINIV
304 tristate "Encrypted Chain IV Generator"
305 select CRYPTO_AEAD
306 select CRYPTO_NULL
401e4238 307 select CRYPTO_RNG_DEFAULT
3491244c 308 default m
a10f554f
HX		 309 help
310 This IV generator generates an IV based on the encryption of
311 a sequence number xored with a salt. This is the default
312 algorithm for CBC.
313
584fffc8 314comment "Block modes"
c494e070 315
584fffc8
SS		 316config CRYPTO_CBC
317 tristate "CBC support"
db131ef9 318 select CRYPTO_BLKCIPHER
43518407 319 select CRYPTO_MANAGER
db131ef9 320 help
584fffc8
SS		 321 CBC: Cipher Block Chaining mode
322 This block cipher algorithm is required for IPSec.
db131ef9 323
584fffc8
SS		 324config CRYPTO_CTR
325 tristate "CTR support"
db131ef9 326 select CRYPTO_BLKCIPHER
584fffc8 327 select CRYPTO_SEQIV
43518407 328 select CRYPTO_MANAGER
db131ef9 329 help
584fffc8 330 CTR: Counter mode
db131ef9
HX		 331 This block cipher algorithm is required for IPSec.
332
584fffc8
SS		 333config CRYPTO_CTS
334 tristate "CTS support"
335 select CRYPTO_BLKCIPHER
336 help
337 CTS: Cipher Text Stealing
338 This is the Cipher Text Stealing mode as described by
339 Section 8 of rfc2040 and referenced by rfc3962.
340 (rfc3962 includes errata information in its Appendix A)
341 This mode is required for Kerberos gss mechanism support
342 for AES encryption.
343
344config CRYPTO_ECB
345 tristate "ECB support"
91652be5
DH		 346 select CRYPTO_BLKCIPHER
347 select CRYPTO_MANAGER
91652be5 348 help
584fffc8
SS		 349 ECB: Electronic CodeBook mode
350 This is the simplest block cipher algorithm. It simply encrypts
351 the input block by block.
91652be5 352
64470f1b 353config CRYPTO_LRW
2470a2b2 354 tristate "LRW support"
64470f1b
RS		 355 select CRYPTO_BLKCIPHER
356 select CRYPTO_MANAGER
357 select CRYPTO_GF128MUL
358 help
359 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
360 narrow block cipher mode for dm-crypt. Use it with cipher
361 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
362 The first 128, 192 or 256 bits in the key are used for AES and the
363 rest is used to tie each cipher block to its logical position.
364
584fffc8
SS		 365config CRYPTO_PCBC
366 tristate "PCBC support"
367 select CRYPTO_BLKCIPHER
368 select CRYPTO_MANAGER
369 help
370 PCBC: Propagating Cipher Block Chaining mode
371 This block cipher algorithm is required for RxRPC.
372
f19f5111 373config CRYPTO_XTS
5bcf8e6d 374 tristate "XTS support"
f19f5111
RS		 375 select CRYPTO_BLKCIPHER
376 select CRYPTO_MANAGER
377 select CRYPTO_GF128MUL
12cb3a1c 378 select CRYPTO_ECB
f19f5111
RS		 379 help
380 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
381 key size 256, 384 or 512 bits. This implementation currently
382 can't handle a sectorsize which is not a multiple of 16 bytes.
383
1c49678e
SM		 384config CRYPTO_KEYWRAP
385 tristate "Key wrapping support"
386 select CRYPTO_BLKCIPHER
387 help
388 Support for key wrapping (NIST SP800-38F / RFC3394) without
389 padding.
390
584fffc8
SS		 391comment "Hash modes"
392
93b5e86a
JK		 393config CRYPTO_CMAC
394 tristate "CMAC support"
395 select CRYPTO_HASH
396 select CRYPTO_MANAGER
397 help
398 Cipher-based Message Authentication Code (CMAC) specified by
399 The National Institute of Standards and Technology (NIST).
400
401 https://tools.ietf.org/html/rfc4493
402 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
403
584fffc8
SS		 404config CRYPTO_HMAC
405 tristate "HMAC support"
406 select CRYPTO_HASH
23e353c8 407 select CRYPTO_MANAGER
23e353c8 408 help
584fffc8
SS		 409 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
410 This is required for IPSec.
23e353c8 411
584fffc8
SS		 412config CRYPTO_XCBC
413 tristate "XCBC support"
584fffc8
SS		 414 select CRYPTO_HASH
415 select CRYPTO_MANAGER
76cb9521 416 help
584fffc8
SS		 417 XCBC: Keyed-Hashing with encryption algorithm
418 http://www.ietf.org/rfc/rfc3566.txt
419 http://csrc.nist.gov/encryption/modes/proposedmodes/
420 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 421
f1939f7c
SW		 422config CRYPTO_VMAC
423 tristate "VMAC support"
f1939f7c
SW		 424 select CRYPTO_HASH
425 select CRYPTO_MANAGER
426 help
427 VMAC is a message authentication algorithm designed for
428 very high speed on 64-bit architectures.
429
430 See also:
431 <http://fastcrypto.org/vmac>
432
584fffc8 433comment "Digest"
28db8e3e 434
584fffc8
SS		 435config CRYPTO_CRC32C
436 tristate "CRC32c CRC algorithm"
5773a3e6 437 select CRYPTO_HASH
6a0962b2 438 select CRC32
4a49b499 439 help
584fffc8
SS		 440 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
441 by iSCSI for header and data digests and by others.
69c35efc 442 See Castagnoli93. Module will be crc32c.
4a49b499 443
8cb51ba8
AZ		 444config CRYPTO_CRC32C_INTEL
445 tristate "CRC32c INTEL hardware acceleration"
446 depends on X86
447 select CRYPTO_HASH
448 help
449 In Intel processor with SSE4.2 supported, the processor will
450 support CRC32C implementation using hardware accelerated CRC32
451 instruction. This option will create 'crc32c-intel' module,
452 which will enable any routine to use the CRC32 instruction to
453 gain performance compared with software implementation.
454 Module will be crc32c-intel.
455
7cf31864 456config CRYPTO_CRC32C_VPMSUM
6dd7a82c 457 tristate "CRC32c CRC algorithm (powerpc64)"
c12abf34 458 depends on PPC64 && ALTIVEC
6dd7a82c
AB		 459 select CRYPTO_HASH
460 select CRC32
461 help
462 CRC32c algorithm implemented using vector polynomial multiply-sum
463 (vpmsum) instructions, introduced in POWER8. Enable on POWER8
464 and newer processors for improved performance.
465
466
442a7c40
DM		 467config CRYPTO_CRC32C_SPARC64
468 tristate "CRC32c CRC algorithm (SPARC64)"
469 depends on SPARC64
470 select CRYPTO_HASH
471 select CRC32
472 help
473 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
474 when available.
475
78c37d19
AB		 476config CRYPTO_CRC32
477 tristate "CRC32 CRC algorithm"
478 select CRYPTO_HASH
479 select CRC32
480 help
481 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
482 Shash crypto api wrappers to crc32_le function.
483
484config CRYPTO_CRC32_PCLMUL
485 tristate "CRC32 PCLMULQDQ hardware acceleration"
486 depends on X86
487 select CRYPTO_HASH
488 select CRC32
489 help
490 From Intel Westmere and AMD Bulldozer processor with SSE4.2
491 and PCLMULQDQ supported, the processor will support
492 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
493 instruction. This option will create 'crc32-plcmul' module,
494 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
495 and gain better performance as compared with the table implementation.
496
68411521
HX		 497config CRYPTO_CRCT10DIF
498 tristate "CRCT10DIF algorithm"
499 select CRYPTO_HASH
500 help
501 CRC T10 Data Integrity Field computation is being cast as
502 a crypto transform. This allows for faster crc t10 diff
503 transforms to be used if they are available.
504
505config CRYPTO_CRCT10DIF_PCLMUL
506 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
507 depends on X86 && 64BIT && CRC_T10DIF
508 select CRYPTO_HASH
509 help
510 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
511 CRC T10 DIF PCLMULQDQ computation can be hardware
512 accelerated PCLMULQDQ instruction. This option will create
513 'crct10dif-plcmul' module, which is faster when computing the
514 crct10dif checksum as compared with the generic table implementation.
515
2cdc6899
HY		 516config CRYPTO_GHASH
517 tristate "GHASH digest algorithm"
2cdc6899 518 select CRYPTO_GF128MUL
578c60fb 519 select CRYPTO_HASH
2cdc6899
HY		 520 help
521 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
522
f979e014
MW		 523config CRYPTO_POLY1305
524 tristate "Poly1305 authenticator algorithm"
578c60fb 525 select CRYPTO_HASH
f979e014
MW		 526 help
527 Poly1305 authenticator algorithm, RFC7539.
528
529 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
530 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
531 in IETF protocols. This is the portable C implementation of Poly1305.
532
c70f4abe 533config CRYPTO_POLY1305_X86_64
b1ccc8f4 534 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
c70f4abe
MW		 535 depends on X86 && 64BIT
536 select CRYPTO_POLY1305
537 help
538 Poly1305 authenticator algorithm, RFC7539.
539
540 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
541 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
542 in IETF protocols. This is the x86_64 assembler implementation using SIMD
543 instructions.
544
584fffc8
SS		 545config CRYPTO_MD4
546 tristate "MD4 digest algorithm"
808a1763 547 select CRYPTO_HASH
124b53d0 548 help
584fffc8 549 MD4 message digest algorithm (RFC1320).
124b53d0 550
584fffc8
SS		 551config CRYPTO_MD5
552 tristate "MD5 digest algorithm"
14b75ba7 553 select CRYPTO_HASH
1da177e4 554 help
584fffc8 555 MD5 message digest algorithm (RFC1321).
1da177e4 556
d69e75de
AK		 557config CRYPTO_MD5_OCTEON
558 tristate "MD5 digest algorithm (OCTEON)"
559 depends on CPU_CAVIUM_OCTEON
560 select CRYPTO_MD5
561 select CRYPTO_HASH
562 help
563 MD5 message digest algorithm (RFC1321) implemented
564 using OCTEON crypto instructions, when available.
565
e8e59953
MS		 566config CRYPTO_MD5_PPC
567 tristate "MD5 digest algorithm (PPC)"
568 depends on PPC
569 select CRYPTO_HASH
570 help
571 MD5 message digest algorithm (RFC1321) implemented
572 in PPC assembler.
573
fa4dfedc
DM		 574config CRYPTO_MD5_SPARC64
575 tristate "MD5 digest algorithm (SPARC64)"
576 depends on SPARC64
577 select CRYPTO_MD5
578 select CRYPTO_HASH
579 help
580 MD5 message digest algorithm (RFC1321) implemented
581 using sparc64 crypto instructions, when available.
582
584fffc8
SS		 583config CRYPTO_MICHAEL_MIC
584 tristate "Michael MIC keyed digest algorithm"
19e2bf14 585 select CRYPTO_HASH
90831639 586 help
584fffc8
SS		 587 Michael MIC is used for message integrity protection in TKIP
588 (IEEE 802.11i). This algorithm is required for TKIP, but it
589 should not be used for other purposes because of the weakness
590 of the algorithm.
90831639 591
82798f90 592config CRYPTO_RMD128
b6d44341 593 tristate "RIPEMD-128 digest algorithm"
7c4468bc 594 select CRYPTO_HASH
b6d44341
AB		 595 help
596 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 597
b6d44341 598 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 599 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 600 RIPEMD-160 should be used.
82798f90 601
b6d44341 602 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 603 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 604
605config CRYPTO_RMD160
b6d44341 606 tristate "RIPEMD-160 digest algorithm"
e5835fba 607 select CRYPTO_HASH
b6d44341
AB		 608 help
609 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 610
b6d44341
AB		 611 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
612 to be used as a secure replacement for the 128-bit hash functions
613 MD4, MD5 and it's predecessor RIPEMD
614 (not to be confused with RIPEMD-128).
82798f90 615
b6d44341
AB		 616 It's speed is comparable to SHA1 and there are no known attacks
617 against RIPEMD-160.
534fe2c1 618
b6d44341 619 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 620 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 621
622config CRYPTO_RMD256
b6d44341 623 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 624 select CRYPTO_HASH
b6d44341
AB		 625 help
626 RIPEMD-256 is an optional extension of RIPEMD-128 with a
627 256 bit hash. It is intended for applications that require
628 longer hash-results, without needing a larger security level
629 (than RIPEMD-128).
534fe2c1 630
b6d44341 631 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 632 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 633
634config CRYPTO_RMD320
b6d44341 635 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 636 select CRYPTO_HASH
b6d44341
AB		 637 help
638 RIPEMD-320 is an optional extension of RIPEMD-160 with a
639 320 bit hash. It is intended for applications that require
640 longer hash-results, without needing a larger security level
641 (than RIPEMD-160).
534fe2c1 642
b6d44341 643 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 644 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 645
584fffc8
SS		 646config CRYPTO_SHA1
647 tristate "SHA1 digest algorithm"
54ccb367 648 select CRYPTO_HASH
1da177e4 649 help
584fffc8 650 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 651
66be8951 652config CRYPTO_SHA1_SSSE3
e38b6b7f 653 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
66be8951
MK		 654 depends on X86 && 64BIT
655 select CRYPTO_SHA1
656 select CRYPTO_HASH
657 help
658 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
659 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
e38b6b7f 660 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
661 when available.
66be8951 662
8275d1aa 663config CRYPTO_SHA256_SSSE3
e38b6b7f 664 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
8275d1aa
TC		 665 depends on X86 && 64BIT
666 select CRYPTO_SHA256
667 select CRYPTO_HASH
668 help
669 SHA-256 secure hash standard (DFIPS 180-2) implemented
670 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
671 Extensions version 1 (AVX1), or Advanced Vector Extensions
e38b6b7f 672 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
673 Instructions) when available.
87de4579
TC		 674
675config CRYPTO_SHA512_SSSE3
676 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
677 depends on X86 && 64BIT
678 select CRYPTO_SHA512
679 select CRYPTO_HASH
680 help
681 SHA-512 secure hash standard (DFIPS 180-2) implemented
682 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
683 Extensions version 1 (AVX1), or Advanced Vector Extensions
8275d1aa
TC		 684 version 2 (AVX2) instructions, when available.
685
efdb6f6e
AK		 686config CRYPTO_SHA1_OCTEON
687 tristate "SHA1 digest algorithm (OCTEON)"
688 depends on CPU_CAVIUM_OCTEON
689 select CRYPTO_SHA1
690 select CRYPTO_HASH
691 help
692 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
693 using OCTEON crypto instructions, when available.
694
4ff28d4c
DM		 695config CRYPTO_SHA1_SPARC64
696 tristate "SHA1 digest algorithm (SPARC64)"
697 depends on SPARC64
698 select CRYPTO_SHA1
699 select CRYPTO_HASH
700 help
701 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
702 using sparc64 crypto instructions, when available.
703
323a6bf1
ME		 704config CRYPTO_SHA1_PPC
705 tristate "SHA1 digest algorithm (powerpc)"
706 depends on PPC
707 help
708 This is the powerpc hardware accelerated implementation of the
709 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
710
d9850fc5
MS		 711config CRYPTO_SHA1_PPC_SPE
712 tristate "SHA1 digest algorithm (PPC SPE)"
713 depends on PPC && SPE
714 help
715 SHA-1 secure hash standard (DFIPS 180-4) implemented
716 using powerpc SPE SIMD instruction set.
717
1e65b81a
TC		 718config CRYPTO_SHA1_MB
719 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
720 depends on X86 && 64BIT
721 select CRYPTO_SHA1
722 select CRYPTO_HASH
723 select CRYPTO_MCRYPTD
724 help
725 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
726 using multi-buffer technique. This algorithm computes on
727 multiple data lanes concurrently with SIMD instructions for
728 better throughput. It should not be enabled by default but
729 used when there is significant amount of work to keep the keep
730 the data lanes filled to get performance benefit. If the data
731 lanes remain unfilled, a flush operation will be initiated to
732 process the crypto jobs, adding a slight latency.
733
9be7e244
MD		 734config CRYPTO_SHA256_MB
735 tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
736 depends on X86 && 64BIT
737 select CRYPTO_SHA256
738 select CRYPTO_HASH
739 select CRYPTO_MCRYPTD
740 help
741 SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
742 using multi-buffer technique. This algorithm computes on
743 multiple data lanes concurrently with SIMD instructions for
744 better throughput. It should not be enabled by default but
745 used when there is significant amount of work to keep the keep
746 the data lanes filled to get performance benefit. If the data
747 lanes remain unfilled, a flush operation will be initiated to
748 process the crypto jobs, adding a slight latency.
749
026bb8aa
MD		 750config CRYPTO_SHA512_MB
751 tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
752 depends on X86 && 64BIT
753 select CRYPTO_SHA512
754 select CRYPTO_HASH
755 select CRYPTO_MCRYPTD
756 help
757 SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
758 using multi-buffer technique. This algorithm computes on
759 multiple data lanes concurrently with SIMD instructions for
760 better throughput. It should not be enabled by default but
761 used when there is significant amount of work to keep the keep
762 the data lanes filled to get performance benefit. If the data
763 lanes remain unfilled, a flush operation will be initiated to
764 process the crypto jobs, adding a slight latency.
765
584fffc8
SS		 766config CRYPTO_SHA256
767 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 768 select CRYPTO_HASH
1da177e4 769 help
584fffc8 770 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 771
584fffc8
SS		 772 This version of SHA implements a 256 bit hash with 128 bits of
773 security against collision attacks.
2729bb42 774
b6d44341
AB		 775 This code also includes SHA-224, a 224 bit hash with 112 bits
776 of security against collision attacks.
584fffc8 777
2ecc1e95
MS		 778config CRYPTO_SHA256_PPC_SPE
779 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
780 depends on PPC && SPE
781 select CRYPTO_SHA256
782 select CRYPTO_HASH
783 help
784 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
785 implemented using powerpc SPE SIMD instruction set.
786
efdb6f6e
AK		 787config CRYPTO_SHA256_OCTEON
788 tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
789 depends on CPU_CAVIUM_OCTEON
790 select CRYPTO_SHA256
791 select CRYPTO_HASH
792 help
793 SHA-256 secure hash standard (DFIPS 180-2) implemented
794 using OCTEON crypto instructions, when available.
795
86c93b24
DM		 796config CRYPTO_SHA256_SPARC64
797 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
798 depends on SPARC64
799 select CRYPTO_SHA256
800 select CRYPTO_HASH
801 help
802 SHA-256 secure hash standard (DFIPS 180-2) implemented
803 using sparc64 crypto instructions, when available.
804
584fffc8
SS		 805config CRYPTO_SHA512
806 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 807 select CRYPTO_HASH
b9f535ff 808 help
584fffc8 809 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 810
584fffc8
SS		 811 This version of SHA implements a 512 bit hash with 256 bits of
812 security against collision attacks.
b9f535ff 813
584fffc8
SS		 814 This code also includes SHA-384, a 384 bit hash with 192 bits
815 of security against collision attacks.
b9f535ff 816
efdb6f6e
AK		 817config CRYPTO_SHA512_OCTEON
818 tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
819 depends on CPU_CAVIUM_OCTEON
820 select CRYPTO_SHA512
821 select CRYPTO_HASH
822 help
823 SHA-512 secure hash standard (DFIPS 180-2) implemented
824 using OCTEON crypto instructions, when available.
825
775e0c69
DM		 826config CRYPTO_SHA512_SPARC64
827 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
828 depends on SPARC64
829 select CRYPTO_SHA512
830 select CRYPTO_HASH
831 help
832 SHA-512 secure hash standard (DFIPS 180-2) implemented
833 using sparc64 crypto instructions, when available.
834
53964b9e
JG		 835config CRYPTO_SHA3
836 tristate "SHA3 digest algorithm"
837 select CRYPTO_HASH
838 help
839 SHA-3 secure hash standard (DFIPS 202). It's based on
840 cryptographic sponge function family called Keccak.
841
842 References:
843 http://keccak.noekeon.org/
844
584fffc8
SS		 845config CRYPTO_TGR192
846 tristate "Tiger digest algorithms"
f63fbd3d 847 select CRYPTO_HASH
eaf44088 848 help
584fffc8 849 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 850
584fffc8
SS		 851 Tiger is a hash function optimized for 64-bit processors while
852 still having decent performance on 32-bit processors.
853 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 854
855 See also:
584fffc8 856 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 857
584fffc8
SS		 858config CRYPTO_WP512
859 tristate "Whirlpool digest algorithms"
4946510b 860 select CRYPTO_HASH
1da177e4 861 help
584fffc8 862 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 863
584fffc8
SS		 864 Whirlpool-512 is part of the NESSIE cryptographic primitives.
865 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 866
867 See also:
6d8de74c 868 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 869
0e1227d3
HY		 870config CRYPTO_GHASH_CLMUL_NI_INTEL
871 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 872 depends on X86 && 64BIT
0e1227d3
HY		 873 select CRYPTO_CRYPTD
874 help
875 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
876 The implementation is accelerated by CLMUL-NI of Intel.
877
584fffc8 878comment "Ciphers"
1da177e4
LT		 879
880config CRYPTO_AES
881 tristate "AES cipher algorithms"
cce9e06d 882 select CRYPTO_ALGAPI
1da177e4 883 help
584fffc8 884 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 885 algorithm.
886
887 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 888 both hardware and software across a wide range of computing
889 environments regardless of its use in feedback or non-feedback
890 modes. Its key setup time is excellent, and its key agility is
891 good. Rijndael's very low memory requirements make it very well
892 suited for restricted-space environments, in which it also
893 demonstrates excellent performance. Rijndael's operations are
894 among the easiest to defend against power and timing attacks.
1da177e4 895
584fffc8 896 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 897
898 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
899
b5e0b032
AB		 900config CRYPTO_AES_TI
901 tristate "Fixed time AES cipher"
902 select CRYPTO_ALGAPI
903 help
904 This is a generic implementation of AES that attempts to eliminate
905 data dependent latencies as much as possible without affecting
906 performance too much. It is intended for use by the generic CCM
907 and GCM drivers, and other CTR or CMAC/XCBC based modes that rely
908 solely on encryption (although decryption is supported as well, but
909 with a more dramatic performance hit)
910
911 Instead of using 16 lookup tables of 1 KB each, (8 for encryption and
912 8 for decryption), this implementation only uses just two S-boxes of
913 256 bytes each, and attempts to eliminate data dependent latencies by
914 prefetching the entire table into the cache at the start of each
915 block.
916
1da177e4
LT		 917config CRYPTO_AES_586
918 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 919 depends on (X86 || UML_X86) && !64BIT
920 select CRYPTO_ALGAPI
5157dea8 921 select CRYPTO_AES
1da177e4 922 help
584fffc8 923 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 924 algorithm.
925
926 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 927 both hardware and software across a wide range of computing
928 environments regardless of its use in feedback or non-feedback
929 modes. Its key setup time is excellent, and its key agility is
930 good. Rijndael's very low memory requirements make it very well
931 suited for restricted-space environments, in which it also
932 demonstrates excellent performance. Rijndael's operations are
933 among the easiest to defend against power and timing attacks.
1da177e4 934
584fffc8 935 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 936
937 See <http://csrc.nist.gov/encryption/aes/> for more information.
938
939config CRYPTO_AES_X86_64
940 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 941 depends on (X86 || UML_X86) && 64BIT
942 select CRYPTO_ALGAPI
81190b32 943 select CRYPTO_AES
a2a892a2 944 help
584fffc8 945 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 946 algorithm.
947
948 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 949 both hardware and software across a wide range of computing
950 environments regardless of its use in feedback or non-feedback
951 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 952 good. Rijndael's very low memory requirements make it very well
953 suited for restricted-space environments, in which it also
954 demonstrates excellent performance. Rijndael's operations are
955 among the easiest to defend against power and timing attacks.
956
957 The AES specifies three key sizes: 128, 192 and 256 bits
958
959 See <http://csrc.nist.gov/encryption/aes/> for more information.
960
961config CRYPTO_AES_NI_INTEL
962 tristate "AES cipher algorithms (AES-NI)"
8af00860 963 depends on X86
85671860 964 select CRYPTO_AEAD
0d258efb
MK		 965 select CRYPTO_AES_X86_64 if 64BIT
966 select CRYPTO_AES_586 if !64BIT
54b6a1bd 967 select CRYPTO_ALGAPI
85671860 968 select CRYPTO_BLKCIPHER
7643a11a 969 select CRYPTO_GLUE_HELPER_X86 if 64BIT
85671860 970 select CRYPTO_SIMD
54b6a1bd
HY		 971 help
972 Use Intel AES-NI instructions for AES algorithm.
973
974 AES cipher algorithms (FIPS-197). AES uses the Rijndael
975 algorithm.
976
977 Rijndael appears to be consistently a very good performer in
978 both hardware and software across a wide range of computing
979 environments regardless of its use in feedback or non-feedback
980 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 981 good. Rijndael's very low memory requirements make it very well
982 suited for restricted-space environments, in which it also
983 demonstrates excellent performance. Rijndael's operations are
984 among the easiest to defend against power and timing attacks.
a2a892a2 985
584fffc8 986 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 987
988 See <http://csrc.nist.gov/encryption/aes/> for more information.
989
0d258efb
MK		 990 In addition to AES cipher algorithm support, the acceleration
991 for some popular block cipher mode is supported too, including
992 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
993 acceleration for CTR.
2cf4ac8b 994
9bf4852d
DM		 995config CRYPTO_AES_SPARC64
996 tristate "AES cipher algorithms (SPARC64)"
997 depends on SPARC64
998 select CRYPTO_CRYPTD
999 select CRYPTO_ALGAPI
1000 help
1001 Use SPARC64 crypto opcodes for AES algorithm.
1002
1003 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1004 algorithm.
1005
1006 Rijndael appears to be consistently a very good performer in
1007 both hardware and software across a wide range of computing
1008 environments regardless of its use in feedback or non-feedback
1009 modes. Its key setup time is excellent, and its key agility is
1010 good. Rijndael's very low memory requirements make it very well
1011 suited for restricted-space environments, in which it also
1012 demonstrates excellent performance. Rijndael's operations are
1013 among the easiest to defend against power and timing attacks.
1014
1015 The AES specifies three key sizes: 128, 192 and 256 bits
1016
1017 See <http://csrc.nist.gov/encryption/aes/> for more information.
1018
1019 In addition to AES cipher algorithm support, the acceleration
1020 for some popular block cipher mode is supported too, including
1021 ECB and CBC.
1022
504c6143
MS		 1023config CRYPTO_AES_PPC_SPE
1024 tristate "AES cipher algorithms (PPC SPE)"
1025 depends on PPC && SPE
1026 help
1027 AES cipher algorithms (FIPS-197). Additionally the acceleration
1028 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1029 This module should only be used for low power (router) devices
1030 without hardware AES acceleration (e.g. caam crypto). It reduces the
1031 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1032 timining attacks. Nevertheless it might be not as secure as other
1033 architecture specific assembler implementations that work on 1KB
1034 tables or 256 bytes S-boxes.
1035
584fffc8
SS		 1036config CRYPTO_ANUBIS
1037 tristate "Anubis cipher algorithm"
1038 select CRYPTO_ALGAPI
1039 help
1040 Anubis cipher algorithm.
1041
1042 Anubis is a variable key length cipher which can use keys from
1043 128 bits to 320 bits in length. It was evaluated as a entrant
1044 in the NESSIE competition.
1045
1046 See also:
6d8de74c
JM		 1047 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1048 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS		 1049
1050config CRYPTO_ARC4
1051 tristate "ARC4 cipher algorithm"
b9b0f080 1052 select CRYPTO_BLKCIPHER
584fffc8
SS		 1053 help
1054 ARC4 cipher algorithm.
1055
1056 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1057 bits in length. This algorithm is required for driver-based
1058 WEP, but it should not be for other purposes because of the
1059 weakness of the algorithm.
1060
1061config CRYPTO_BLOWFISH
1062 tristate "Blowfish cipher algorithm"
1063 select CRYPTO_ALGAPI
52ba867c 1064 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS		 1065 help
1066 Blowfish cipher algorithm, by Bruce Schneier.
1067
1068 This is a variable key length cipher which can use keys from 32
1069 bits to 448 bits in length. It's fast, simple and specifically
1070 designed for use on "large microprocessors".
1071
1072 See also:
1073 <http://www.schneier.com/blowfish.html>
1074
52ba867c
JK		 1075config CRYPTO_BLOWFISH_COMMON
1076 tristate
1077 help
1078 Common parts of the Blowfish cipher algorithm shared by the
1079 generic c and the assembler implementations.
1080
1081 See also:
1082 <http://www.schneier.com/blowfish.html>
1083
64b94cea
JK		 1084config CRYPTO_BLOWFISH_X86_64
1085 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 1086 depends on X86 && 64BIT
64b94cea
JK		 1087 select CRYPTO_ALGAPI
1088 select CRYPTO_BLOWFISH_COMMON
1089 help
1090 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1091
1092 This is a variable key length cipher which can use keys from 32
1093 bits to 448 bits in length. It's fast, simple and specifically
1094 designed for use on "large microprocessors".
1095
1096 See also:
1097 <http://www.schneier.com/blowfish.html>
1098
584fffc8
SS		 1099config CRYPTO_CAMELLIA
1100 tristate "Camellia cipher algorithms"
1101 depends on CRYPTO
1102 select CRYPTO_ALGAPI
1103 help
1104 Camellia cipher algorithms module.
1105
1106 Camellia is a symmetric key block cipher developed jointly
1107 at NTT and Mitsubishi Electric Corporation.
1108
1109 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1110
1111 See also:
1112 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1113
0b95ec56
JK		 1114config CRYPTO_CAMELLIA_X86_64
1115 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 1116 depends on X86 && 64BIT
0b95ec56
JK		 1117 depends on CRYPTO
1118 select CRYPTO_ALGAPI
964263af 1119 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK		 1120 select CRYPTO_LRW
1121 select CRYPTO_XTS
1122 help
1123 Camellia cipher algorithm module (x86_64).
1124
1125 Camellia is a symmetric key block cipher developed jointly
1126 at NTT and Mitsubishi Electric Corporation.
1127
1128 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1129
1130 See also:
d9b1d2e7
JK		 1131 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1132
1133config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1134 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1135 depends on X86 && 64BIT
1136 depends on CRYPTO
1137 select CRYPTO_ALGAPI
1138 select CRYPTO_CRYPTD
801201aa 1139 select CRYPTO_ABLK_HELPER
d9b1d2e7
JK		 1140 select CRYPTO_GLUE_HELPER_X86
1141 select CRYPTO_CAMELLIA_X86_64
1142 select CRYPTO_LRW
1143 select CRYPTO_XTS
1144 help
1145 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1146
1147 Camellia is a symmetric key block cipher developed jointly
1148 at NTT and Mitsubishi Electric Corporation.
1149
1150 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1151
1152 See also:
0b95ec56
JK		 1153 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1154
f3f935a7
JK		 1155config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1156 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1157 depends on X86 && 64BIT
1158 depends on CRYPTO
1159 select CRYPTO_ALGAPI
1160 select CRYPTO_CRYPTD
801201aa 1161 select CRYPTO_ABLK_HELPER
f3f935a7
JK		 1162 select CRYPTO_GLUE_HELPER_X86
1163 select CRYPTO_CAMELLIA_X86_64
1164 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1165 select CRYPTO_LRW
1166 select CRYPTO_XTS
1167 help
1168 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1169
1170 Camellia is a symmetric key block cipher developed jointly
1171 at NTT and Mitsubishi Electric Corporation.
1172
1173 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1174
1175 See also:
1176 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1177
81658ad0
DM		 1178config CRYPTO_CAMELLIA_SPARC64
1179 tristate "Camellia cipher algorithm (SPARC64)"
1180 depends on SPARC64
1181 depends on CRYPTO
1182 select CRYPTO_ALGAPI
1183 help
1184 Camellia cipher algorithm module (SPARC64).
1185
1186 Camellia is a symmetric key block cipher developed jointly
1187 at NTT and Mitsubishi Electric Corporation.
1188
1189 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1190
1191 See also:
1192 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1193
044ab525
JK		 1194config CRYPTO_CAST_COMMON
1195 tristate
1196 help
1197 Common parts of the CAST cipher algorithms shared by the
1198 generic c and the assembler implementations.
1199
1da177e4
LT		 1200config CRYPTO_CAST5
1201 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 1202 select CRYPTO_ALGAPI
044ab525 1203 select CRYPTO_CAST_COMMON
1da177e4
LT		 1204 help
1205 The CAST5 encryption algorithm (synonymous with CAST-128) is
1206 described in RFC2144.
1207
4d6d6a2c
JG		 1208config CRYPTO_CAST5_AVX_X86_64
1209 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1210 depends on X86 && 64BIT
1211 select CRYPTO_ALGAPI
1212 select CRYPTO_CRYPTD
801201aa 1213 select CRYPTO_ABLK_HELPER
044ab525 1214 select CRYPTO_CAST_COMMON
4d6d6a2c
JG		 1215 select CRYPTO_CAST5
1216 help
1217 The CAST5 encryption algorithm (synonymous with CAST-128) is
1218 described in RFC2144.
1219
1220 This module provides the Cast5 cipher algorithm that processes
1221 sixteen blocks parallel using the AVX instruction set.
1222
1da177e4
LT		 1223config CRYPTO_CAST6
1224 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 1225 select CRYPTO_ALGAPI
044ab525 1226 select CRYPTO_CAST_COMMON
1da177e4
LT		 1227 help
1228 The CAST6 encryption algorithm (synonymous with CAST-256) is
1229 described in RFC2612.
1230
4ea1277d
JG		 1231config CRYPTO_CAST6_AVX_X86_64
1232 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1233 depends on X86 && 64BIT
1234 select CRYPTO_ALGAPI
1235 select CRYPTO_CRYPTD
801201aa 1236 select CRYPTO_ABLK_HELPER
4ea1277d 1237 select CRYPTO_GLUE_HELPER_X86
044ab525 1238 select CRYPTO_CAST_COMMON
4ea1277d
JG		 1239 select CRYPTO_CAST6
1240 select CRYPTO_LRW
1241 select CRYPTO_XTS
1242 help
1243 The CAST6 encryption algorithm (synonymous with CAST-256) is
1244 described in RFC2612.
1245
1246 This module provides the Cast6 cipher algorithm that processes
1247 eight blocks parallel using the AVX instruction set.
1248
584fffc8
SS		 1249config CRYPTO_DES
1250 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 1251 select CRYPTO_ALGAPI
1da177e4 1252 help
584fffc8 1253 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 1254
c5aac2df
DM		 1255config CRYPTO_DES_SPARC64
1256 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
97da37b3 1257 depends on SPARC64
c5aac2df
DM		 1258 select CRYPTO_ALGAPI
1259 select CRYPTO_DES
1260 help
1261 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1262 optimized using SPARC64 crypto opcodes.
1263
6574e6c6
JK		 1264config CRYPTO_DES3_EDE_X86_64
1265 tristate "Triple DES EDE cipher algorithm (x86-64)"
1266 depends on X86 && 64BIT
1267 select CRYPTO_ALGAPI
1268 select CRYPTO_DES
1269 help
1270 Triple DES EDE (FIPS 46-3) algorithm.
1271
1272 This module provides implementation of the Triple DES EDE cipher
1273 algorithm that is optimized for x86-64 processors. Two versions of
1274 algorithm are provided; regular processing one input block and
1275 one that processes three blocks parallel.
1276
584fffc8
SS		 1277config CRYPTO_FCRYPT
1278 tristate "FCrypt cipher algorithm"
cce9e06d 1279 select CRYPTO_ALGAPI
584fffc8 1280 select CRYPTO_BLKCIPHER
1da177e4 1281 help
584fffc8 1282 FCrypt algorithm used by RxRPC.
1da177e4
LT		 1283
1284config CRYPTO_KHAZAD
1285 tristate "Khazad cipher algorithm"
cce9e06d 1286 select CRYPTO_ALGAPI
1da177e4
LT		 1287 help
1288 Khazad cipher algorithm.
1289
1290 Khazad was a finalist in the initial NESSIE competition. It is
1291 an algorithm optimized for 64-bit processors with good performance
1292 on 32-bit processors. Khazad uses an 128 bit key size.
1293
1294 See also:
6d8de74c 1295 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 1296
2407d608 1297config CRYPTO_SALSA20
3b4afaf2 1298 tristate "Salsa20 stream cipher algorithm"
2407d608
TSH		 1299 select CRYPTO_BLKCIPHER
1300 help
1301 Salsa20 stream cipher algorithm.
1302
1303 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1304 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 1305
1306 The Salsa20 stream cipher algorithm is designed by Daniel J.
1307 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1308
1309config CRYPTO_SALSA20_586
3b4afaf2 1310 tristate "Salsa20 stream cipher algorithm (i586)"
974e4b75 1311 depends on (X86 || UML_X86) && !64BIT
974e4b75 1312 select CRYPTO_BLKCIPHER
974e4b75
TSH		 1313 help
1314 Salsa20 stream cipher algorithm.
1315
1316 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1317 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 1318
1319 The Salsa20 stream cipher algorithm is designed by Daniel J.
1320 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1321
1322config CRYPTO_SALSA20_X86_64
3b4afaf2 1323 tristate "Salsa20 stream cipher algorithm (x86_64)"
9a7dafbb 1324 depends on (X86 || UML_X86) && 64BIT
9a7dafbb 1325 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 1326 help
1327 Salsa20 stream cipher algorithm.
1328
1329 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1330 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 1331
1332 The Salsa20 stream cipher algorithm is designed by Daniel J.
1333 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 1334
c08d0e64
MW		 1335config CRYPTO_CHACHA20
1336 tristate "ChaCha20 cipher algorithm"
1337 select CRYPTO_BLKCIPHER
1338 help
1339 ChaCha20 cipher algorithm, RFC7539.
1340
1341 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1342 Bernstein and further specified in RFC7539 for use in IETF protocols.
1343 This is the portable C implementation of ChaCha20.
1344
1345 See also:
1346 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1347
c9320b6d 1348config CRYPTO_CHACHA20_X86_64
3d1e93cd 1349 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
c9320b6d
MW		 1350 depends on X86 && 64BIT
1351 select CRYPTO_BLKCIPHER
1352 select CRYPTO_CHACHA20
1353 help
1354 ChaCha20 cipher algorithm, RFC7539.
1355
1356 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1357 Bernstein and further specified in RFC7539 for use in IETF protocols.
1358 This is the x86_64 assembler implementation using SIMD instructions.
1359
1360 See also:
1361 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1362
584fffc8
SS		 1363config CRYPTO_SEED
1364 tristate "SEED cipher algorithm"
cce9e06d 1365 select CRYPTO_ALGAPI
1da177e4 1366 help
584fffc8 1367 SEED cipher algorithm (RFC4269).
1da177e4 1368
584fffc8
SS		 1369 SEED is a 128-bit symmetric key block cipher that has been
1370 developed by KISA (Korea Information Security Agency) as a
1371 national standard encryption algorithm of the Republic of Korea.
1372 It is a 16 round block cipher with the key size of 128 bit.
1373
1374 See also:
1375 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1376
1377config CRYPTO_SERPENT
1378 tristate "Serpent cipher algorithm"
cce9e06d 1379 select CRYPTO_ALGAPI
1da177e4 1380 help
584fffc8 1381 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 1382
584fffc8
SS		 1383 Keys are allowed to be from 0 to 256 bits in length, in steps
1384 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1385 variant of Serpent for compatibility with old kerneli.org code.
1386
1387 See also:
1388 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1389
937c30d7
JK		 1390config CRYPTO_SERPENT_SSE2_X86_64
1391 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1392 depends on X86 && 64BIT
1393 select CRYPTO_ALGAPI
341975bf 1394 select CRYPTO_CRYPTD
801201aa 1395 select CRYPTO_ABLK_HELPER
596d8750 1396 select CRYPTO_GLUE_HELPER_X86
937c30d7 1397 select CRYPTO_SERPENT
feaf0cfc
JK		 1398 select CRYPTO_LRW
1399 select CRYPTO_XTS
937c30d7
JK		 1400 help
1401 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1402
1403 Keys are allowed to be from 0 to 256 bits in length, in steps
1404 of 8 bits.
1405
1e6232f8 1406 This module provides Serpent cipher algorithm that processes eight
937c30d7
JK		 1407 blocks parallel using SSE2 instruction set.
1408
1409 See also:
1410 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1411
251496db
JK		 1412config CRYPTO_SERPENT_SSE2_586
1413 tristate "Serpent cipher algorithm (i586/SSE2)"
1414 depends on X86 && !64BIT
1415 select CRYPTO_ALGAPI
341975bf 1416 select CRYPTO_CRYPTD
801201aa 1417 select CRYPTO_ABLK_HELPER
596d8750 1418 select CRYPTO_GLUE_HELPER_X86
251496db 1419 select CRYPTO_SERPENT
feaf0cfc
JK		 1420 select CRYPTO_LRW
1421 select CRYPTO_XTS
251496db
JK		 1422 help
1423 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1424
1425 Keys are allowed to be from 0 to 256 bits in length, in steps
1426 of 8 bits.
1427
1428 This module provides Serpent cipher algorithm that processes four
1429 blocks parallel using SSE2 instruction set.
1430
1431 See also:
1432 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG		 1433
1434config CRYPTO_SERPENT_AVX_X86_64
1435 tristate "Serpent cipher algorithm (x86_64/AVX)"
1436 depends on X86 && 64BIT
1437 select CRYPTO_ALGAPI
1438 select CRYPTO_CRYPTD
801201aa 1439 select CRYPTO_ABLK_HELPER
1d0debbd 1440 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG		 1441 select CRYPTO_SERPENT
1442 select CRYPTO_LRW
1443 select CRYPTO_XTS
1444 help
1445 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1446
1447 Keys are allowed to be from 0 to 256 bits in length, in steps
1448 of 8 bits.
1449
1450 This module provides the Serpent cipher algorithm that processes
1451 eight blocks parallel using the AVX instruction set.
1452
1453 See also:
1454 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 1455
56d76c96
JK		 1456config CRYPTO_SERPENT_AVX2_X86_64
1457 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1458 depends on X86 && 64BIT
1459 select CRYPTO_ALGAPI
1460 select CRYPTO_CRYPTD
801201aa 1461 select CRYPTO_ABLK_HELPER
56d76c96
JK		 1462 select CRYPTO_GLUE_HELPER_X86
1463 select CRYPTO_SERPENT
1464 select CRYPTO_SERPENT_AVX_X86_64
1465 select CRYPTO_LRW
1466 select CRYPTO_XTS
1467 help
1468 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1469
1470 Keys are allowed to be from 0 to 256 bits in length, in steps
1471 of 8 bits.
1472
1473 This module provides Serpent cipher algorithm that processes 16
1474 blocks parallel using AVX2 instruction set.
1475
1476 See also:
1477 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1478
584fffc8
SS		 1479config CRYPTO_TEA
1480 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 1481 select CRYPTO_ALGAPI
1da177e4 1482 help
584fffc8 1483 TEA cipher algorithm.
1da177e4 1484
584fffc8
SS		 1485 Tiny Encryption Algorithm is a simple cipher that uses
1486 many rounds for security. It is very fast and uses
1487 little memory.
1488
1489 Xtendend Tiny Encryption Algorithm is a modification to
1490 the TEA algorithm to address a potential key weakness
1491 in the TEA algorithm.
1492
1493 Xtendend Encryption Tiny Algorithm is a mis-implementation
1494 of the XTEA algorithm for compatibility purposes.
1495
1496config CRYPTO_TWOFISH
1497 tristate "Twofish cipher algorithm"
04ac7db3 1498 select CRYPTO_ALGAPI
584fffc8 1499 select CRYPTO_TWOFISH_COMMON
04ac7db3 1500 help
584fffc8 1501 Twofish cipher algorithm.
04ac7db3 1502
584fffc8
SS		 1503 Twofish was submitted as an AES (Advanced Encryption Standard)
1504 candidate cipher by researchers at CounterPane Systems. It is a
1505 16 round block cipher supporting key sizes of 128, 192, and 256
1506 bits.
04ac7db3 1507
584fffc8
SS		 1508 See also:
1509 <http://www.schneier.com/twofish.html>
1510
1511config CRYPTO_TWOFISH_COMMON
1512 tristate
1513 help
1514 Common parts of the Twofish cipher algorithm shared by the
1515 generic c and the assembler implementations.
1516
1517config CRYPTO_TWOFISH_586
1518 tristate "Twofish cipher algorithms (i586)"
1519 depends on (X86 || UML_X86) && !64BIT
1520 select CRYPTO_ALGAPI
1521 select CRYPTO_TWOFISH_COMMON
1522 help
1523 Twofish cipher algorithm.
1524
1525 Twofish was submitted as an AES (Advanced Encryption Standard)
1526 candidate cipher by researchers at CounterPane Systems. It is a
1527 16 round block cipher supporting key sizes of 128, 192, and 256
1528 bits.
04ac7db3
NT		 1529
1530 See also:
584fffc8 1531 <http://www.schneier.com/twofish.html>
04ac7db3 1532
584fffc8
SS		 1533config CRYPTO_TWOFISH_X86_64
1534 tristate "Twofish cipher algorithm (x86_64)"
1535 depends on (X86 || UML_X86) && 64BIT
cce9e06d 1536 select CRYPTO_ALGAPI
584fffc8 1537 select CRYPTO_TWOFISH_COMMON
1da177e4 1538 help
584fffc8 1539 Twofish cipher algorithm (x86_64).
1da177e4 1540
584fffc8
SS		 1541 Twofish was submitted as an AES (Advanced Encryption Standard)
1542 candidate cipher by researchers at CounterPane Systems. It is a
1543 16 round block cipher supporting key sizes of 128, 192, and 256
1544 bits.
1545
1546 See also:
1547 <http://www.schneier.com/twofish.html>
1548
8280daad
JK		 1549config CRYPTO_TWOFISH_X86_64_3WAY
1550 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1551 depends on X86 && 64BIT
8280daad
JK		 1552 select CRYPTO_ALGAPI
1553 select CRYPTO_TWOFISH_COMMON
1554 select CRYPTO_TWOFISH_X86_64
414cb5e7 1555 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK		 1556 select CRYPTO_LRW
1557 select CRYPTO_XTS
8280daad
JK		 1558 help
1559 Twofish cipher algorithm (x86_64, 3-way parallel).
1560
1561 Twofish was submitted as an AES (Advanced Encryption Standard)
1562 candidate cipher by researchers at CounterPane Systems. It is a
1563 16 round block cipher supporting key sizes of 128, 192, and 256
1564 bits.
1565
1566 This module provides Twofish cipher algorithm that processes three
1567 blocks parallel, utilizing resources of out-of-order CPUs better.
1568
1569 See also:
1570 <http://www.schneier.com/twofish.html>
1571
107778b5
JG		 1572config CRYPTO_TWOFISH_AVX_X86_64
1573 tristate "Twofish cipher algorithm (x86_64/AVX)"
1574 depends on X86 && 64BIT
1575 select CRYPTO_ALGAPI
1576 select CRYPTO_CRYPTD
801201aa 1577 select CRYPTO_ABLK_HELPER
a7378d4e 1578 select CRYPTO_GLUE_HELPER_X86
107778b5
JG		 1579 select CRYPTO_TWOFISH_COMMON
1580 select CRYPTO_TWOFISH_X86_64
1581 select CRYPTO_TWOFISH_X86_64_3WAY
1582 select CRYPTO_LRW
1583 select CRYPTO_XTS
1584 help
1585 Twofish cipher algorithm (x86_64/AVX).
1586
1587 Twofish was submitted as an AES (Advanced Encryption Standard)
1588 candidate cipher by researchers at CounterPane Systems. It is a
1589 16 round block cipher supporting key sizes of 128, 192, and 256
1590 bits.
1591
1592 This module provides the Twofish cipher algorithm that processes
1593 eight blocks parallel using the AVX Instruction Set.
1594
1595 See also:
1596 <http://www.schneier.com/twofish.html>
1597
584fffc8
SS		 1598comment "Compression"
1599
1600config CRYPTO_DEFLATE
1601 tristate "Deflate compression algorithm"
1602 select CRYPTO_ALGAPI
f6ded09d 1603 select CRYPTO_ACOMP2
584fffc8
SS		 1604 select ZLIB_INFLATE
1605 select ZLIB_DEFLATE
3c09f17c 1606 help
584fffc8
SS		 1607 This is the Deflate algorithm (RFC1951), specified for use in
1608 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1609
1610 You will most probably want this if using IPSec.
3c09f17c 1611
0b77abb3
ZS		 1612config CRYPTO_LZO
1613 tristate "LZO compression algorithm"
1614 select CRYPTO_ALGAPI
ac9d2c4b 1615 select CRYPTO_ACOMP2
0b77abb3
ZS		 1616 select LZO_COMPRESS
1617 select LZO_DECOMPRESS
1618 help
1619 This is the LZO algorithm.
1620
35a1fc18
SJ		 1621config CRYPTO_842
1622 tristate "842 compression algorithm"
2062c5b6 1623 select CRYPTO_ALGAPI
6a8de3ae 1624 select CRYPTO_ACOMP2
2062c5b6
DS		 1625 select 842_COMPRESS
1626 select 842_DECOMPRESS
35a1fc18
SJ		 1627 help
1628 This is the 842 algorithm.
0ea8530d
CM		 1629
1630config CRYPTO_LZ4
1631 tristate "LZ4 compression algorithm"
1632 select CRYPTO_ALGAPI
8cd9330e 1633 select CRYPTO_ACOMP2
0ea8530d
CM		 1634 select LZ4_COMPRESS
1635 select LZ4_DECOMPRESS
1636 help
1637 This is the LZ4 algorithm.
1638
1639config CRYPTO_LZ4HC
1640 tristate "LZ4HC compression algorithm"
1641 select CRYPTO_ALGAPI
91d53d96 1642 select CRYPTO_ACOMP2
0ea8530d
CM		 1643 select LZ4HC_COMPRESS
1644 select LZ4_DECOMPRESS
1645 help
1646 This is the LZ4 high compression mode algorithm.
35a1fc18 1647
17f0f4a4
NH		 1648comment "Random Number Generation"
1649
1650config CRYPTO_ANSI_CPRNG
1651 tristate "Pseudo Random Number Generation for Cryptographic modules"
1652 select CRYPTO_AES
1653 select CRYPTO_RNG
17f0f4a4
NH		 1654 help
1655 This option enables the generic pseudo random number generator
1656 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 1657 ANSI X9.31 A.2.4. Note that this option must be enabled if
1658 CRYPTO_FIPS is selected
17f0f4a4 1659
f2c89a10 1660menuconfig CRYPTO_DRBG_MENU
419090c6 1661 tristate "NIST SP800-90A DRBG"
419090c6
SM		 1662 help
1663 NIST SP800-90A compliant DRBG. In the following submenu, one or
1664 more of the DRBG types must be selected.
1665
f2c89a10 1666if CRYPTO_DRBG_MENU
419090c6
SM		 1667
1668config CRYPTO_DRBG_HMAC
401e4238 1669 bool
419090c6 1670 default y
419090c6 1671 select CRYPTO_HMAC
826775bb 1672 select CRYPTO_SHA256
419090c6
SM		 1673
1674config CRYPTO_DRBG_HASH
1675 bool "Enable Hash DRBG"
826775bb 1676 select CRYPTO_SHA256
419090c6
SM		 1677 help
1678 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1679
1680config CRYPTO_DRBG_CTR
1681 bool "Enable CTR DRBG"
419090c6 1682 select CRYPTO_AES
35591285 1683 depends on CRYPTO_CTR
419090c6
SM		 1684 help
1685 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1686
f2c89a10
HX		 1687config CRYPTO_DRBG
1688 tristate
401e4238 1689 default CRYPTO_DRBG_MENU
f2c89a10 1690 select CRYPTO_RNG
bb5530e4 1691 select CRYPTO_JITTERENTROPY
f2c89a10
HX		 1692
1693endif # if CRYPTO_DRBG_MENU
419090c6 1694
bb5530e4
SM		 1695config CRYPTO_JITTERENTROPY
1696 tristate "Jitterentropy Non-Deterministic Random Number Generator"
2f313e02 1697 select CRYPTO_RNG
bb5530e4
SM		 1698 help
1699 The Jitterentropy RNG is a noise that is intended
1700 to provide seed to another RNG. The RNG does not
1701 perform any cryptographic whitening of the generated
1702 random numbers. This Jitterentropy RNG registers with
1703 the kernel crypto API and can be used by any caller.
1704
03c8efc1
HX		 1705config CRYPTO_USER_API
1706 tristate
1707
fe869cdb
HX		 1708config CRYPTO_USER_API_HASH
1709 tristate "User-space interface for hash algorithms"
7451708f 1710 depends on NET
fe869cdb
HX		 1711 select CRYPTO_HASH
1712 select CRYPTO_USER_API
1713 help
1714 This option enables the user-spaces interface for hash
1715 algorithms.
1716
8ff59090
HX		 1717config CRYPTO_USER_API_SKCIPHER
1718 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1719 depends on NET
8ff59090
HX		 1720 select CRYPTO_BLKCIPHER
1721 select CRYPTO_USER_API
1722 help
1723 This option enables the user-spaces interface for symmetric
1724 key cipher algorithms.
1725
2f375538
SM		 1726config CRYPTO_USER_API_RNG
1727 tristate "User-space interface for random number generator algorithms"
1728 depends on NET
1729 select CRYPTO_RNG
1730 select CRYPTO_USER_API
1731 help
1732 This option enables the user-spaces interface for random
1733 number generator algorithms.
1734
b64a2d95
HX		 1735config CRYPTO_USER_API_AEAD
1736 tristate "User-space interface for AEAD cipher algorithms"
1737 depends on NET
1738 select CRYPTO_AEAD
1739 select CRYPTO_USER_API
1740 help
1741 This option enables the user-spaces interface for AEAD
1742 cipher algorithms.
1743
ee08997f
DK		 1744config CRYPTO_HASH_INFO
1745 bool
1746
1da177e4 1747source "drivers/crypto/Kconfig"
964f3b3b 1748source crypto/asymmetric_keys/Kconfig
cfc411e7 1749source certs/Kconfig
1da177e4 1750
cce9e06d 1751endif # if CRYPTO
Ubuntu Artful kernel mirror