]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - crypto/Kconfig
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: cryptd - Add support for skcipher
[mirror_ubuntu-bionic-kernel.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
f2c89a10 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
1f696097 27 depends on (MODULE_SIG || !MODULES)
ccb778e1
NH		 28 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
e84c5480 32 this is.
ccb778e1 33
cce9e06d
HX		 34config CRYPTO_ALGAPI
35 tristate
6a0fcbb4 36 select CRYPTO_ALGAPI2
cce9e06d
HX		 37 help
38 This option provides the API for cryptographic algorithms.
39
6a0fcbb4
HX		 40config CRYPTO_ALGAPI2
41 tristate
42
1ae97820
HX		 43config CRYPTO_AEAD
44 tristate
6a0fcbb4 45 select CRYPTO_AEAD2
1ae97820
HX		 46 select CRYPTO_ALGAPI
47
6a0fcbb4
HX		 48config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
149a3971
HX		 51 select CRYPTO_NULL2
52 select CRYPTO_RNG2
6a0fcbb4 53
5cde0af2
HX		 54config CRYPTO_BLKCIPHER
55 tristate
6a0fcbb4 56 select CRYPTO_BLKCIPHER2
5cde0af2 57 select CRYPTO_ALGAPI
6a0fcbb4
HX		 58
59config CRYPTO_BLKCIPHER2
60 tristate
61 select CRYPTO_ALGAPI2
62 select CRYPTO_RNG2
0a2e821d 63 select CRYPTO_WORKQUEUE
5cde0af2 64
055bcee3
HX		 65config CRYPTO_HASH
66 tristate
6a0fcbb4 67 select CRYPTO_HASH2
055bcee3
HX		 68 select CRYPTO_ALGAPI
69
6a0fcbb4
HX		 70config CRYPTO_HASH2
71 tristate
72 select CRYPTO_ALGAPI2
73
17f0f4a4
NH		 74config CRYPTO_RNG
75 tristate
6a0fcbb4 76 select CRYPTO_RNG2
17f0f4a4
NH		 77 select CRYPTO_ALGAPI
78
6a0fcbb4
HX		 79config CRYPTO_RNG2
80 tristate
81 select CRYPTO_ALGAPI2
82
401e4238
HX		 83config CRYPTO_RNG_DEFAULT
84 tristate
85 select CRYPTO_DRBG_MENU
86
3c339ab8
TS		 87config CRYPTO_AKCIPHER2
88 tristate
89 select CRYPTO_ALGAPI2
90
91config CRYPTO_AKCIPHER
92 tristate
93 select CRYPTO_AKCIPHER2
94 select CRYPTO_ALGAPI
95
4e5f2c40
SB		 96config CRYPTO_KPP2
97 tristate
98 select CRYPTO_ALGAPI2
99
100config CRYPTO_KPP
101 tristate
102 select CRYPTO_ALGAPI
103 select CRYPTO_KPP2
104
2ebda74f
GC		 105config CRYPTO_ACOMP2
106 tristate
107 select CRYPTO_ALGAPI2
108
109config CRYPTO_ACOMP
110 tristate
111 select CRYPTO_ALGAPI
112 select CRYPTO_ACOMP2
113
cfc2bb32
TS		 114config CRYPTO_RSA
115 tristate "RSA algorithm"
425e0172 116 select CRYPTO_AKCIPHER
58446fef 117 select CRYPTO_MANAGER
cfc2bb32
TS		 118 select MPILIB
119 select ASN1
120 help
121 Generic implementation of the RSA public key algorithm.
122
802c7f1c
SB		 123config CRYPTO_DH
124 tristate "Diffie-Hellman algorithm"
125 select CRYPTO_KPP
126 select MPILIB
127 help
128 Generic implementation of the Diffie-Hellman algorithm.
129
3c4b2390
SB		 130config CRYPTO_ECDH
131 tristate "ECDH algorithm"
132 select CRYTPO_KPP
133 help
134 Generic implementation of the ECDH algorithm
802c7f1c 135
2b8c19db
HX		 136config CRYPTO_MANAGER
137 tristate "Cryptographic algorithm manager"
6a0fcbb4 138 select CRYPTO_MANAGER2
2b8c19db
HX		 139 help
140 Create default cryptographic template instantiations such as
141 cbc(aes).
142
6a0fcbb4
HX		 143config CRYPTO_MANAGER2
144 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
145 select CRYPTO_AEAD2
146 select CRYPTO_HASH2
147 select CRYPTO_BLKCIPHER2
946cc463 148 select CRYPTO_AKCIPHER2
4e5f2c40 149 select CRYPTO_KPP2
2ebda74f 150 select CRYPTO_ACOMP2
6a0fcbb4 151
a38f7907
SK		 152config CRYPTO_USER
153 tristate "Userspace cryptographic algorithm configuration"
5db017aa 154 depends on NET
a38f7907
SK		 155 select CRYPTO_MANAGER
156 help
d19978f5 157 Userspace configuration for cryptographic instantiations such as
a38f7907
SK		 158 cbc(aes).
159
326a6346
HX		 160config CRYPTO_MANAGER_DISABLE_TESTS
161 bool "Disable run-time self tests"
00ca28a5
HX		 162 default y
163 depends on CRYPTO_MANAGER2
0b767f96 164 help
326a6346
HX		 165 Disable run-time self tests that normally take place at
166 algorithm registration.
0b767f96 167
584fffc8 168config CRYPTO_GF128MUL
08c70fc3 169 tristate "GF(2^128) multiplication functions"
333b0d7e 170 help
584fffc8
SS		 171 Efficient table driven implementation of multiplications in the
172 field GF(2^128). This is needed by some cypher modes. This
173 option will be selected automatically if you select such a
174 cipher mode. Only select this option by hand if you expect to load
175 an external module that requires these functions.
333b0d7e 176
1da177e4
LT		 177config CRYPTO_NULL
178 tristate "Null algorithms"
149a3971 179 select CRYPTO_NULL2
1da177e4
LT		 180 help
181 These are 'Null' algorithms, used by IPsec, which do nothing.
182
149a3971 183config CRYPTO_NULL2
dd43c4e9 184 tristate
149a3971
HX		 185 select CRYPTO_ALGAPI2
186 select CRYPTO_BLKCIPHER2
187 select CRYPTO_HASH2
188
5068c7a8 189config CRYPTO_PCRYPT
3b4afaf2
KC		 190 tristate "Parallel crypto engine"
191 depends on SMP
5068c7a8
SK		 192 select PADATA
193 select CRYPTO_MANAGER
194 select CRYPTO_AEAD
195 help
196 This converts an arbitrary crypto algorithm into a parallel
197 algorithm that executes in kernel threads.
198
25c38d3f
HY		 199config CRYPTO_WORKQUEUE
200 tristate
201
584fffc8
SS		 202config CRYPTO_CRYPTD
203 tristate "Software async crypto daemon"
204 select CRYPTO_BLKCIPHER
b8a28251 205 select CRYPTO_HASH
584fffc8 206 select CRYPTO_MANAGER
254eff77 207 select CRYPTO_WORKQUEUE
1da177e4 208 help
584fffc8
SS		 209 This is a generic software asynchronous crypto daemon that
210 converts an arbitrary synchronous software crypto algorithm
211 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 212
1e65b81a
TC		 213config CRYPTO_MCRYPTD
214 tristate "Software async multi-buffer crypto daemon"
215 select CRYPTO_BLKCIPHER
216 select CRYPTO_HASH
217 select CRYPTO_MANAGER
218 select CRYPTO_WORKQUEUE
219 help
220 This is a generic software asynchronous crypto daemon that
221 provides the kernel thread to assist multi-buffer crypto
222 algorithms for submitting jobs and flushing jobs in multi-buffer
223 crypto algorithms. Multi-buffer crypto algorithms are executed
224 in the context of this kernel thread and drivers can post
0e56673b 225 their crypto request asynchronously to be processed by this daemon.
1e65b81a 226
584fffc8
SS		 227config CRYPTO_AUTHENC
228 tristate "Authenc support"
229 select CRYPTO_AEAD
230 select CRYPTO_BLKCIPHER
231 select CRYPTO_MANAGER
232 select CRYPTO_HASH
e94c6a7a 233 select CRYPTO_NULL
1da177e4 234 help
584fffc8
SS		 235 Authenc: Combined mode wrapper for IPsec.
236 This is required for IPSec.
1da177e4 237
584fffc8
SS		 238config CRYPTO_TEST
239 tristate "Testing module"
240 depends on m
da7f033d 241 select CRYPTO_MANAGER
1da177e4 242 help
584fffc8 243 Quick & dirty crypto test module.
1da177e4 244
a62b01cd 245config CRYPTO_ABLK_HELPER
ffaf9156 246 tristate
ffaf9156
JK		 247 select CRYPTO_CRYPTD
248
596d8750
JK		 249config CRYPTO_GLUE_HELPER_X86
250 tristate
251 depends on X86
252 select CRYPTO_ALGAPI
253
735d37b5
BW		 254config CRYPTO_ENGINE
255 tristate
256
584fffc8 257comment "Authenticated Encryption with Associated Data"
cd12fb90 258
584fffc8
SS		 259config CRYPTO_CCM
260 tristate "CCM support"
261 select CRYPTO_CTR
262 select CRYPTO_AEAD
1da177e4 263 help
584fffc8 264 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 265
584fffc8
SS		 266config CRYPTO_GCM
267 tristate "GCM/GMAC support"
268 select CRYPTO_CTR
269 select CRYPTO_AEAD
9382d97a 270 select CRYPTO_GHASH
9489667d 271 select CRYPTO_NULL
1da177e4 272 help
584fffc8
SS		 273 Support for Galois/Counter Mode (GCM) and Galois Message
274 Authentication Code (GMAC). Required for IPSec.
1da177e4 275
71ebc4d1
MW		 276config CRYPTO_CHACHA20POLY1305
277 tristate "ChaCha20-Poly1305 AEAD support"
278 select CRYPTO_CHACHA20
279 select CRYPTO_POLY1305
280 select CRYPTO_AEAD
281 help
282 ChaCha20-Poly1305 AEAD support, RFC7539.
283
284 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
285 with the Poly1305 authenticator. It is defined in RFC7539 for use in
286 IETF protocols.
287
584fffc8
SS		 288config CRYPTO_SEQIV
289 tristate "Sequence Number IV Generator"
290 select CRYPTO_AEAD
291 select CRYPTO_BLKCIPHER
856e3f40 292 select CRYPTO_NULL
401e4238 293 select CRYPTO_RNG_DEFAULT
1da177e4 294 help
584fffc8
SS		 295 This IV generator generates an IV based on a sequence number by
296 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 297
a10f554f
HX		 298config CRYPTO_ECHAINIV
299 tristate "Encrypted Chain IV Generator"
300 select CRYPTO_AEAD
301 select CRYPTO_NULL
401e4238 302 select CRYPTO_RNG_DEFAULT
3491244c 303 default m
a10f554f
HX		 304 help
305 This IV generator generates an IV based on the encryption of
306 a sequence number xored with a salt. This is the default
307 algorithm for CBC.
308
584fffc8 309comment "Block modes"
c494e070 310
584fffc8
SS		 311config CRYPTO_CBC
312 tristate "CBC support"
db131ef9 313 select CRYPTO_BLKCIPHER
43518407 314 select CRYPTO_MANAGER
db131ef9 315 help
584fffc8
SS		 316 CBC: Cipher Block Chaining mode
317 This block cipher algorithm is required for IPSec.
db131ef9 318
584fffc8
SS		 319config CRYPTO_CTR
320 tristate "CTR support"
db131ef9 321 select CRYPTO_BLKCIPHER
584fffc8 322 select CRYPTO_SEQIV
43518407 323 select CRYPTO_MANAGER
db131ef9 324 help
584fffc8 325 CTR: Counter mode
db131ef9
HX		 326 This block cipher algorithm is required for IPSec.
327
584fffc8
SS		 328config CRYPTO_CTS
329 tristate "CTS support"
330 select CRYPTO_BLKCIPHER
331 help
332 CTS: Cipher Text Stealing
333 This is the Cipher Text Stealing mode as described by
334 Section 8 of rfc2040 and referenced by rfc3962.
335 (rfc3962 includes errata information in its Appendix A)
336 This mode is required for Kerberos gss mechanism support
337 for AES encryption.
338
339config CRYPTO_ECB
340 tristate "ECB support"
91652be5
DH		 341 select CRYPTO_BLKCIPHER
342 select CRYPTO_MANAGER
91652be5 343 help
584fffc8
SS		 344 ECB: Electronic CodeBook mode
345 This is the simplest block cipher algorithm. It simply encrypts
346 the input block by block.
91652be5 347
64470f1b 348config CRYPTO_LRW
2470a2b2 349 tristate "LRW support"
64470f1b
RS		 350 select CRYPTO_BLKCIPHER
351 select CRYPTO_MANAGER
352 select CRYPTO_GF128MUL
353 help
354 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
355 narrow block cipher mode for dm-crypt. Use it with cipher
356 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
357 The first 128, 192 or 256 bits in the key are used for AES and the
358 rest is used to tie each cipher block to its logical position.
359
584fffc8
SS		 360config CRYPTO_PCBC
361 tristate "PCBC support"
362 select CRYPTO_BLKCIPHER
363 select CRYPTO_MANAGER
364 help
365 PCBC: Propagating Cipher Block Chaining mode
366 This block cipher algorithm is required for RxRPC.
367
f19f5111 368config CRYPTO_XTS
5bcf8e6d 369 tristate "XTS support"
f19f5111
RS		 370 select CRYPTO_BLKCIPHER
371 select CRYPTO_MANAGER
372 select CRYPTO_GF128MUL
373 help
374 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
375 key size 256, 384 or 512 bits. This implementation currently
376 can't handle a sectorsize which is not a multiple of 16 bytes.
377
1c49678e
SM		 378config CRYPTO_KEYWRAP
379 tristate "Key wrapping support"
380 select CRYPTO_BLKCIPHER
381 help
382 Support for key wrapping (NIST SP800-38F / RFC3394) without
383 padding.
384
584fffc8
SS		 385comment "Hash modes"
386
93b5e86a
JK		 387config CRYPTO_CMAC
388 tristate "CMAC support"
389 select CRYPTO_HASH
390 select CRYPTO_MANAGER
391 help
392 Cipher-based Message Authentication Code (CMAC) specified by
393 The National Institute of Standards and Technology (NIST).
394
395 https://tools.ietf.org/html/rfc4493
396 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
397
584fffc8
SS		 398config CRYPTO_HMAC
399 tristate "HMAC support"
400 select CRYPTO_HASH
23e353c8 401 select CRYPTO_MANAGER
23e353c8 402 help
584fffc8
SS		 403 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
404 This is required for IPSec.
23e353c8 405
584fffc8
SS		 406config CRYPTO_XCBC
407 tristate "XCBC support"
584fffc8
SS		 408 select CRYPTO_HASH
409 select CRYPTO_MANAGER
76cb9521 410 help
584fffc8
SS		 411 XCBC: Keyed-Hashing with encryption algorithm
412 http://www.ietf.org/rfc/rfc3566.txt
413 http://csrc.nist.gov/encryption/modes/proposedmodes/
414 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 415
f1939f7c
SW		 416config CRYPTO_VMAC
417 tristate "VMAC support"
f1939f7c
SW		 418 select CRYPTO_HASH
419 select CRYPTO_MANAGER
420 help
421 VMAC is a message authentication algorithm designed for
422 very high speed on 64-bit architectures.
423
424 See also:
425 <http://fastcrypto.org/vmac>
426
584fffc8 427comment "Digest"
28db8e3e 428
584fffc8
SS		 429config CRYPTO_CRC32C
430 tristate "CRC32c CRC algorithm"
5773a3e6 431 select CRYPTO_HASH
6a0962b2 432 select CRC32
4a49b499 433 help
584fffc8
SS		 434 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
435 by iSCSI for header and data digests and by others.
69c35efc 436 See Castagnoli93. Module will be crc32c.
4a49b499 437
8cb51ba8
AZ		 438config CRYPTO_CRC32C_INTEL
439 tristate "CRC32c INTEL hardware acceleration"
440 depends on X86
441 select CRYPTO_HASH
442 help
443 In Intel processor with SSE4.2 supported, the processor will
444 support CRC32C implementation using hardware accelerated CRC32
445 instruction. This option will create 'crc32c-intel' module,
446 which will enable any routine to use the CRC32 instruction to
447 gain performance compared with software implementation.
448 Module will be crc32c-intel.
449
7cf31864 450config CRYPTO_CRC32C_VPMSUM
6dd7a82c 451 tristate "CRC32c CRC algorithm (powerpc64)"
c12abf34 452 depends on PPC64 && ALTIVEC
6dd7a82c
AB		 453 select CRYPTO_HASH
454 select CRC32
455 help
456 CRC32c algorithm implemented using vector polynomial multiply-sum
457 (vpmsum) instructions, introduced in POWER8. Enable on POWER8
458 and newer processors for improved performance.
459
460
442a7c40
DM		 461config CRYPTO_CRC32C_SPARC64
462 tristate "CRC32c CRC algorithm (SPARC64)"
463 depends on SPARC64
464 select CRYPTO_HASH
465 select CRC32
466 help
467 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
468 when available.
469
78c37d19
AB		 470config CRYPTO_CRC32
471 tristate "CRC32 CRC algorithm"
472 select CRYPTO_HASH
473 select CRC32
474 help
475 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
476 Shash crypto api wrappers to crc32_le function.
477
478config CRYPTO_CRC32_PCLMUL
479 tristate "CRC32 PCLMULQDQ hardware acceleration"
480 depends on X86
481 select CRYPTO_HASH
482 select CRC32
483 help
484 From Intel Westmere and AMD Bulldozer processor with SSE4.2
485 and PCLMULQDQ supported, the processor will support
486 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
487 instruction. This option will create 'crc32-plcmul' module,
488 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
489 and gain better performance as compared with the table implementation.
490
68411521
HX		 491config CRYPTO_CRCT10DIF
492 tristate "CRCT10DIF algorithm"
493 select CRYPTO_HASH
494 help
495 CRC T10 Data Integrity Field computation is being cast as
496 a crypto transform. This allows for faster crc t10 diff
497 transforms to be used if they are available.
498
499config CRYPTO_CRCT10DIF_PCLMUL
500 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
501 depends on X86 && 64BIT && CRC_T10DIF
502 select CRYPTO_HASH
503 help
504 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
505 CRC T10 DIF PCLMULQDQ computation can be hardware
506 accelerated PCLMULQDQ instruction. This option will create
507 'crct10dif-plcmul' module, which is faster when computing the
508 crct10dif checksum as compared with the generic table implementation.
509
2cdc6899
HY		 510config CRYPTO_GHASH
511 tristate "GHASH digest algorithm"
2cdc6899 512 select CRYPTO_GF128MUL
578c60fb 513 select CRYPTO_HASH
2cdc6899
HY		 514 help
515 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
516
f979e014
MW		 517config CRYPTO_POLY1305
518 tristate "Poly1305 authenticator algorithm"
578c60fb 519 select CRYPTO_HASH
f979e014
MW		 520 help
521 Poly1305 authenticator algorithm, RFC7539.
522
523 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
524 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
525 in IETF protocols. This is the portable C implementation of Poly1305.
526
c70f4abe 527config CRYPTO_POLY1305_X86_64
b1ccc8f4 528 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
c70f4abe
MW		 529 depends on X86 && 64BIT
530 select CRYPTO_POLY1305
531 help
532 Poly1305 authenticator algorithm, RFC7539.
533
534 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
535 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
536 in IETF protocols. This is the x86_64 assembler implementation using SIMD
537 instructions.
538
584fffc8
SS		 539config CRYPTO_MD4
540 tristate "MD4 digest algorithm"
808a1763 541 select CRYPTO_HASH
124b53d0 542 help
584fffc8 543 MD4 message digest algorithm (RFC1320).
124b53d0 544
584fffc8
SS		 545config CRYPTO_MD5
546 tristate "MD5 digest algorithm"
14b75ba7 547 select CRYPTO_HASH
1da177e4 548 help
584fffc8 549 MD5 message digest algorithm (RFC1321).
1da177e4 550
d69e75de
AK		 551config CRYPTO_MD5_OCTEON
552 tristate "MD5 digest algorithm (OCTEON)"
553 depends on CPU_CAVIUM_OCTEON
554 select CRYPTO_MD5
555 select CRYPTO_HASH
556 help
557 MD5 message digest algorithm (RFC1321) implemented
558 using OCTEON crypto instructions, when available.
559
e8e59953
MS		 560config CRYPTO_MD5_PPC
561 tristate "MD5 digest algorithm (PPC)"
562 depends on PPC
563 select CRYPTO_HASH
564 help
565 MD5 message digest algorithm (RFC1321) implemented
566 in PPC assembler.
567
fa4dfedc
DM		 568config CRYPTO_MD5_SPARC64
569 tristate "MD5 digest algorithm (SPARC64)"
570 depends on SPARC64
571 select CRYPTO_MD5
572 select CRYPTO_HASH
573 help
574 MD5 message digest algorithm (RFC1321) implemented
575 using sparc64 crypto instructions, when available.
576
584fffc8
SS		 577config CRYPTO_MICHAEL_MIC
578 tristate "Michael MIC keyed digest algorithm"
19e2bf14 579 select CRYPTO_HASH
90831639 580 help
584fffc8
SS		 581 Michael MIC is used for message integrity protection in TKIP
582 (IEEE 802.11i). This algorithm is required for TKIP, but it
583 should not be used for other purposes because of the weakness
584 of the algorithm.
90831639 585
82798f90 586config CRYPTO_RMD128
b6d44341 587 tristate "RIPEMD-128 digest algorithm"
7c4468bc 588 select CRYPTO_HASH
b6d44341
AB		 589 help
590 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 591
b6d44341 592 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 593 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 594 RIPEMD-160 should be used.
82798f90 595
b6d44341 596 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 597 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 598
599config CRYPTO_RMD160
b6d44341 600 tristate "RIPEMD-160 digest algorithm"
e5835fba 601 select CRYPTO_HASH
b6d44341
AB		 602 help
603 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 604
b6d44341
AB		 605 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
606 to be used as a secure replacement for the 128-bit hash functions
607 MD4, MD5 and it's predecessor RIPEMD
608 (not to be confused with RIPEMD-128).
82798f90 609
b6d44341
AB		 610 It's speed is comparable to SHA1 and there are no known attacks
611 against RIPEMD-160.
534fe2c1 612
b6d44341 613 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 614 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 615
616config CRYPTO_RMD256
b6d44341 617 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 618 select CRYPTO_HASH
b6d44341
AB		 619 help
620 RIPEMD-256 is an optional extension of RIPEMD-128 with a
621 256 bit hash. It is intended for applications that require
622 longer hash-results, without needing a larger security level
623 (than RIPEMD-128).
534fe2c1 624
b6d44341 625 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 626 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 627
628config CRYPTO_RMD320
b6d44341 629 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 630 select CRYPTO_HASH
b6d44341
AB		 631 help
632 RIPEMD-320 is an optional extension of RIPEMD-160 with a
633 320 bit hash. It is intended for applications that require
634 longer hash-results, without needing a larger security level
635 (than RIPEMD-160).
534fe2c1 636
b6d44341 637 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 638 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 639
584fffc8
SS		 640config CRYPTO_SHA1
641 tristate "SHA1 digest algorithm"
54ccb367 642 select CRYPTO_HASH
1da177e4 643 help
584fffc8 644 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 645
66be8951 646config CRYPTO_SHA1_SSSE3
e38b6b7f 647 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
66be8951
MK		 648 depends on X86 && 64BIT
649 select CRYPTO_SHA1
650 select CRYPTO_HASH
651 help
652 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
653 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
e38b6b7f 654 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
655 when available.
66be8951 656
8275d1aa 657config CRYPTO_SHA256_SSSE3
e38b6b7f 658 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
8275d1aa
TC		 659 depends on X86 && 64BIT
660 select CRYPTO_SHA256
661 select CRYPTO_HASH
662 help
663 SHA-256 secure hash standard (DFIPS 180-2) implemented
664 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
665 Extensions version 1 (AVX1), or Advanced Vector Extensions
e38b6b7f 666 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
667 Instructions) when available.
87de4579
TC		 668
669config CRYPTO_SHA512_SSSE3
670 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
671 depends on X86 && 64BIT
672 select CRYPTO_SHA512
673 select CRYPTO_HASH
674 help
675 SHA-512 secure hash standard (DFIPS 180-2) implemented
676 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
677 Extensions version 1 (AVX1), or Advanced Vector Extensions
8275d1aa
TC		 678 version 2 (AVX2) instructions, when available.
679
efdb6f6e
AK		 680config CRYPTO_SHA1_OCTEON
681 tristate "SHA1 digest algorithm (OCTEON)"
682 depends on CPU_CAVIUM_OCTEON
683 select CRYPTO_SHA1
684 select CRYPTO_HASH
685 help
686 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
687 using OCTEON crypto instructions, when available.
688
4ff28d4c
DM		 689config CRYPTO_SHA1_SPARC64
690 tristate "SHA1 digest algorithm (SPARC64)"
691 depends on SPARC64
692 select CRYPTO_SHA1
693 select CRYPTO_HASH
694 help
695 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
696 using sparc64 crypto instructions, when available.
697
323a6bf1
ME		 698config CRYPTO_SHA1_PPC
699 tristate "SHA1 digest algorithm (powerpc)"
700 depends on PPC
701 help
702 This is the powerpc hardware accelerated implementation of the
703 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
704
d9850fc5
MS		 705config CRYPTO_SHA1_PPC_SPE
706 tristate "SHA1 digest algorithm (PPC SPE)"
707 depends on PPC && SPE
708 help
709 SHA-1 secure hash standard (DFIPS 180-4) implemented
710 using powerpc SPE SIMD instruction set.
711
1e65b81a
TC		 712config CRYPTO_SHA1_MB
713 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
714 depends on X86 && 64BIT
715 select CRYPTO_SHA1
716 select CRYPTO_HASH
717 select CRYPTO_MCRYPTD
718 help
719 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
720 using multi-buffer technique. This algorithm computes on
721 multiple data lanes concurrently with SIMD instructions for
722 better throughput. It should not be enabled by default but
723 used when there is significant amount of work to keep the keep
724 the data lanes filled to get performance benefit. If the data
725 lanes remain unfilled, a flush operation will be initiated to
726 process the crypto jobs, adding a slight latency.
727
9be7e244
MD		 728config CRYPTO_SHA256_MB
729 tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
730 depends on X86 && 64BIT
731 select CRYPTO_SHA256
732 select CRYPTO_HASH
733 select CRYPTO_MCRYPTD
734 help
735 SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
736 using multi-buffer technique. This algorithm computes on
737 multiple data lanes concurrently with SIMD instructions for
738 better throughput. It should not be enabled by default but
739 used when there is significant amount of work to keep the keep
740 the data lanes filled to get performance benefit. If the data
741 lanes remain unfilled, a flush operation will be initiated to
742 process the crypto jobs, adding a slight latency.
743
026bb8aa
MD		 744config CRYPTO_SHA512_MB
745 tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
746 depends on X86 && 64BIT
747 select CRYPTO_SHA512
748 select CRYPTO_HASH
749 select CRYPTO_MCRYPTD
750 help
751 SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
752 using multi-buffer technique. This algorithm computes on
753 multiple data lanes concurrently with SIMD instructions for
754 better throughput. It should not be enabled by default but
755 used when there is significant amount of work to keep the keep
756 the data lanes filled to get performance benefit. If the data
757 lanes remain unfilled, a flush operation will be initiated to
758 process the crypto jobs, adding a slight latency.
759
584fffc8
SS		 760config CRYPTO_SHA256
761 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 762 select CRYPTO_HASH
1da177e4 763 help
584fffc8 764 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 765
584fffc8
SS		 766 This version of SHA implements a 256 bit hash with 128 bits of
767 security against collision attacks.
2729bb42 768
b6d44341
AB		 769 This code also includes SHA-224, a 224 bit hash with 112 bits
770 of security against collision attacks.
584fffc8 771
2ecc1e95
MS		 772config CRYPTO_SHA256_PPC_SPE
773 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
774 depends on PPC && SPE
775 select CRYPTO_SHA256
776 select CRYPTO_HASH
777 help
778 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
779 implemented using powerpc SPE SIMD instruction set.
780
efdb6f6e
AK		 781config CRYPTO_SHA256_OCTEON
782 tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
783 depends on CPU_CAVIUM_OCTEON
784 select CRYPTO_SHA256
785 select CRYPTO_HASH
786 help
787 SHA-256 secure hash standard (DFIPS 180-2) implemented
788 using OCTEON crypto instructions, when available.
789
86c93b24
DM		 790config CRYPTO_SHA256_SPARC64
791 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
792 depends on SPARC64
793 select CRYPTO_SHA256
794 select CRYPTO_HASH
795 help
796 SHA-256 secure hash standard (DFIPS 180-2) implemented
797 using sparc64 crypto instructions, when available.
798
584fffc8
SS		 799config CRYPTO_SHA512
800 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 801 select CRYPTO_HASH
b9f535ff 802 help
584fffc8 803 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 804
584fffc8
SS		 805 This version of SHA implements a 512 bit hash with 256 bits of
806 security against collision attacks.
b9f535ff 807
584fffc8
SS		 808 This code also includes SHA-384, a 384 bit hash with 192 bits
809 of security against collision attacks.
b9f535ff 810
efdb6f6e
AK		 811config CRYPTO_SHA512_OCTEON
812 tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
813 depends on CPU_CAVIUM_OCTEON
814 select CRYPTO_SHA512
815 select CRYPTO_HASH
816 help
817 SHA-512 secure hash standard (DFIPS 180-2) implemented
818 using OCTEON crypto instructions, when available.
819
775e0c69
DM		 820config CRYPTO_SHA512_SPARC64
821 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
822 depends on SPARC64
823 select CRYPTO_SHA512
824 select CRYPTO_HASH
825 help
826 SHA-512 secure hash standard (DFIPS 180-2) implemented
827 using sparc64 crypto instructions, when available.
828
53964b9e
JG		 829config CRYPTO_SHA3
830 tristate "SHA3 digest algorithm"
831 select CRYPTO_HASH
832 help
833 SHA-3 secure hash standard (DFIPS 202). It's based on
834 cryptographic sponge function family called Keccak.
835
836 References:
837 http://keccak.noekeon.org/
838
584fffc8
SS		 839config CRYPTO_TGR192
840 tristate "Tiger digest algorithms"
f63fbd3d 841 select CRYPTO_HASH
eaf44088 842 help
584fffc8 843 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 844
584fffc8
SS		 845 Tiger is a hash function optimized for 64-bit processors while
846 still having decent performance on 32-bit processors.
847 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 848
849 See also:
584fffc8 850 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 851
584fffc8
SS		 852config CRYPTO_WP512
853 tristate "Whirlpool digest algorithms"
4946510b 854 select CRYPTO_HASH
1da177e4 855 help
584fffc8 856 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 857
584fffc8
SS		 858 Whirlpool-512 is part of the NESSIE cryptographic primitives.
859 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 860
861 See also:
6d8de74c 862 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 863
0e1227d3
HY		 864config CRYPTO_GHASH_CLMUL_NI_INTEL
865 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 866 depends on X86 && 64BIT
0e1227d3
HY		 867 select CRYPTO_CRYPTD
868 help
869 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
870 The implementation is accelerated by CLMUL-NI of Intel.
871
584fffc8 872comment "Ciphers"
1da177e4
LT		 873
874config CRYPTO_AES
875 tristate "AES cipher algorithms"
cce9e06d 876 select CRYPTO_ALGAPI
1da177e4 877 help
584fffc8 878 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 879 algorithm.
880
881 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 882 both hardware and software across a wide range of computing
883 environments regardless of its use in feedback or non-feedback
884 modes. Its key setup time is excellent, and its key agility is
885 good. Rijndael's very low memory requirements make it very well
886 suited for restricted-space environments, in which it also
887 demonstrates excellent performance. Rijndael's operations are
888 among the easiest to defend against power and timing attacks.
1da177e4 889
584fffc8 890 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 891
892 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
893
894config CRYPTO_AES_586
895 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 896 depends on (X86 || UML_X86) && !64BIT
897 select CRYPTO_ALGAPI
5157dea8 898 select CRYPTO_AES
1da177e4 899 help
584fffc8 900 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 901 algorithm.
902
903 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 904 both hardware and software across a wide range of computing
905 environments regardless of its use in feedback or non-feedback
906 modes. Its key setup time is excellent, and its key agility is
907 good. Rijndael's very low memory requirements make it very well
908 suited for restricted-space environments, in which it also
909 demonstrates excellent performance. Rijndael's operations are
910 among the easiest to defend against power and timing attacks.
1da177e4 911
584fffc8 912 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 913
914 See <http://csrc.nist.gov/encryption/aes/> for more information.
915
916config CRYPTO_AES_X86_64
917 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 918 depends on (X86 || UML_X86) && 64BIT
919 select CRYPTO_ALGAPI
81190b32 920 select CRYPTO_AES
a2a892a2 921 help
584fffc8 922 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 923 algorithm.
924
925 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 926 both hardware and software across a wide range of computing
927 environments regardless of its use in feedback or non-feedback
928 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 929 good. Rijndael's very low memory requirements make it very well
930 suited for restricted-space environments, in which it also
931 demonstrates excellent performance. Rijndael's operations are
932 among the easiest to defend against power and timing attacks.
933
934 The AES specifies three key sizes: 128, 192 and 256 bits
935
936 See <http://csrc.nist.gov/encryption/aes/> for more information.
937
938config CRYPTO_AES_NI_INTEL
939 tristate "AES cipher algorithms (AES-NI)"
8af00860 940 depends on X86
0d258efb
MK		 941 select CRYPTO_AES_X86_64 if 64BIT
942 select CRYPTO_AES_586 if !64BIT
54b6a1bd 943 select CRYPTO_CRYPTD
801201aa 944 select CRYPTO_ABLK_HELPER
54b6a1bd 945 select CRYPTO_ALGAPI
7643a11a 946 select CRYPTO_GLUE_HELPER_X86 if 64BIT
023af608
JK		 947 select CRYPTO_LRW
948 select CRYPTO_XTS
54b6a1bd
HY		 949 help
950 Use Intel AES-NI instructions for AES algorithm.
951
952 AES cipher algorithms (FIPS-197). AES uses the Rijndael
953 algorithm.
954
955 Rijndael appears to be consistently a very good performer in
956 both hardware and software across a wide range of computing
957 environments regardless of its use in feedback or non-feedback
958 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 959 good. Rijndael's very low memory requirements make it very well
960 suited for restricted-space environments, in which it also
961 demonstrates excellent performance. Rijndael's operations are
962 among the easiest to defend against power and timing attacks.
a2a892a2 963
584fffc8 964 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 965
966 See <http://csrc.nist.gov/encryption/aes/> for more information.
967
0d258efb
MK		 968 In addition to AES cipher algorithm support, the acceleration
969 for some popular block cipher mode is supported too, including
970 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
971 acceleration for CTR.
2cf4ac8b 972
9bf4852d
DM		 973config CRYPTO_AES_SPARC64
974 tristate "AES cipher algorithms (SPARC64)"
975 depends on SPARC64
976 select CRYPTO_CRYPTD
977 select CRYPTO_ALGAPI
978 help
979 Use SPARC64 crypto opcodes for AES algorithm.
980
981 AES cipher algorithms (FIPS-197). AES uses the Rijndael
982 algorithm.
983
984 Rijndael appears to be consistently a very good performer in
985 both hardware and software across a wide range of computing
986 environments regardless of its use in feedback or non-feedback
987 modes. Its key setup time is excellent, and its key agility is
988 good. Rijndael's very low memory requirements make it very well
989 suited for restricted-space environments, in which it also
990 demonstrates excellent performance. Rijndael's operations are
991 among the easiest to defend against power and timing attacks.
992
993 The AES specifies three key sizes: 128, 192 and 256 bits
994
995 See <http://csrc.nist.gov/encryption/aes/> for more information.
996
997 In addition to AES cipher algorithm support, the acceleration
998 for some popular block cipher mode is supported too, including
999 ECB and CBC.
1000
504c6143
MS		 1001config CRYPTO_AES_PPC_SPE
1002 tristate "AES cipher algorithms (PPC SPE)"
1003 depends on PPC && SPE
1004 help
1005 AES cipher algorithms (FIPS-197). Additionally the acceleration
1006 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1007 This module should only be used for low power (router) devices
1008 without hardware AES acceleration (e.g. caam crypto). It reduces the
1009 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1010 timining attacks. Nevertheless it might be not as secure as other
1011 architecture specific assembler implementations that work on 1KB
1012 tables or 256 bytes S-boxes.
1013
584fffc8
SS		 1014config CRYPTO_ANUBIS
1015 tristate "Anubis cipher algorithm"
1016 select CRYPTO_ALGAPI
1017 help
1018 Anubis cipher algorithm.
1019
1020 Anubis is a variable key length cipher which can use keys from
1021 128 bits to 320 bits in length. It was evaluated as a entrant
1022 in the NESSIE competition.
1023
1024 See also:
6d8de74c
JM		 1025 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1026 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS		 1027
1028config CRYPTO_ARC4
1029 tristate "ARC4 cipher algorithm"
b9b0f080 1030 select CRYPTO_BLKCIPHER
584fffc8
SS		 1031 help
1032 ARC4 cipher algorithm.
1033
1034 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1035 bits in length. This algorithm is required for driver-based
1036 WEP, but it should not be for other purposes because of the
1037 weakness of the algorithm.
1038
1039config CRYPTO_BLOWFISH
1040 tristate "Blowfish cipher algorithm"
1041 select CRYPTO_ALGAPI
52ba867c 1042 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS		 1043 help
1044 Blowfish cipher algorithm, by Bruce Schneier.
1045
1046 This is a variable key length cipher which can use keys from 32
1047 bits to 448 bits in length. It's fast, simple and specifically
1048 designed for use on "large microprocessors".
1049
1050 See also:
1051 <http://www.schneier.com/blowfish.html>
1052
52ba867c
JK		 1053config CRYPTO_BLOWFISH_COMMON
1054 tristate
1055 help
1056 Common parts of the Blowfish cipher algorithm shared by the
1057 generic c and the assembler implementations.
1058
1059 See also:
1060 <http://www.schneier.com/blowfish.html>
1061
64b94cea
JK		 1062config CRYPTO_BLOWFISH_X86_64
1063 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 1064 depends on X86 && 64BIT
64b94cea
JK		 1065 select CRYPTO_ALGAPI
1066 select CRYPTO_BLOWFISH_COMMON
1067 help
1068 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1069
1070 This is a variable key length cipher which can use keys from 32
1071 bits to 448 bits in length. It's fast, simple and specifically
1072 designed for use on "large microprocessors".
1073
1074 See also:
1075 <http://www.schneier.com/blowfish.html>
1076
584fffc8
SS		 1077config CRYPTO_CAMELLIA
1078 tristate "Camellia cipher algorithms"
1079 depends on CRYPTO
1080 select CRYPTO_ALGAPI
1081 help
1082 Camellia cipher algorithms module.
1083
1084 Camellia is a symmetric key block cipher developed jointly
1085 at NTT and Mitsubishi Electric Corporation.
1086
1087 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1088
1089 See also:
1090 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1091
0b95ec56
JK		 1092config CRYPTO_CAMELLIA_X86_64
1093 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 1094 depends on X86 && 64BIT
0b95ec56
JK		 1095 depends on CRYPTO
1096 select CRYPTO_ALGAPI
964263af 1097 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK		 1098 select CRYPTO_LRW
1099 select CRYPTO_XTS
1100 help
1101 Camellia cipher algorithm module (x86_64).
1102
1103 Camellia is a symmetric key block cipher developed jointly
1104 at NTT and Mitsubishi Electric Corporation.
1105
1106 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1107
1108 See also:
d9b1d2e7
JK		 1109 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1110
1111config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1112 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1113 depends on X86 && 64BIT
1114 depends on CRYPTO
1115 select CRYPTO_ALGAPI
1116 select CRYPTO_CRYPTD
801201aa 1117 select CRYPTO_ABLK_HELPER
d9b1d2e7
JK		 1118 select CRYPTO_GLUE_HELPER_X86
1119 select CRYPTO_CAMELLIA_X86_64
1120 select CRYPTO_LRW
1121 select CRYPTO_XTS
1122 help
1123 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1124
1125 Camellia is a symmetric key block cipher developed jointly
1126 at NTT and Mitsubishi Electric Corporation.
1127
1128 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1129
1130 See also:
0b95ec56
JK		 1131 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1132
f3f935a7
JK		 1133config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1134 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1135 depends on X86 && 64BIT
1136 depends on CRYPTO
1137 select CRYPTO_ALGAPI
1138 select CRYPTO_CRYPTD
801201aa 1139 select CRYPTO_ABLK_HELPER
f3f935a7
JK		 1140 select CRYPTO_GLUE_HELPER_X86
1141 select CRYPTO_CAMELLIA_X86_64
1142 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1143 select CRYPTO_LRW
1144 select CRYPTO_XTS
1145 help
1146 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1147
1148 Camellia is a symmetric key block cipher developed jointly
1149 at NTT and Mitsubishi Electric Corporation.
1150
1151 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1152
1153 See also:
1154 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1155
81658ad0
DM		 1156config CRYPTO_CAMELLIA_SPARC64
1157 tristate "Camellia cipher algorithm (SPARC64)"
1158 depends on SPARC64
1159 depends on CRYPTO
1160 select CRYPTO_ALGAPI
1161 help
1162 Camellia cipher algorithm module (SPARC64).
1163
1164 Camellia is a symmetric key block cipher developed jointly
1165 at NTT and Mitsubishi Electric Corporation.
1166
1167 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1168
1169 See also:
1170 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1171
044ab525
JK		 1172config CRYPTO_CAST_COMMON
1173 tristate
1174 help
1175 Common parts of the CAST cipher algorithms shared by the
1176 generic c and the assembler implementations.
1177
1da177e4
LT		 1178config CRYPTO_CAST5
1179 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 1180 select CRYPTO_ALGAPI
044ab525 1181 select CRYPTO_CAST_COMMON
1da177e4
LT		 1182 help
1183 The CAST5 encryption algorithm (synonymous with CAST-128) is
1184 described in RFC2144.
1185
4d6d6a2c
JG		 1186config CRYPTO_CAST5_AVX_X86_64
1187 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1188 depends on X86 && 64BIT
1189 select CRYPTO_ALGAPI
1190 select CRYPTO_CRYPTD
801201aa 1191 select CRYPTO_ABLK_HELPER
044ab525 1192 select CRYPTO_CAST_COMMON
4d6d6a2c
JG		 1193 select CRYPTO_CAST5
1194 help
1195 The CAST5 encryption algorithm (synonymous with CAST-128) is
1196 described in RFC2144.
1197
1198 This module provides the Cast5 cipher algorithm that processes
1199 sixteen blocks parallel using the AVX instruction set.
1200
1da177e4
LT		 1201config CRYPTO_CAST6
1202 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 1203 select CRYPTO_ALGAPI
044ab525 1204 select CRYPTO_CAST_COMMON
1da177e4
LT		 1205 help
1206 The CAST6 encryption algorithm (synonymous with CAST-256) is
1207 described in RFC2612.
1208
4ea1277d
JG		 1209config CRYPTO_CAST6_AVX_X86_64
1210 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1211 depends on X86 && 64BIT
1212 select CRYPTO_ALGAPI
1213 select CRYPTO_CRYPTD
801201aa 1214 select CRYPTO_ABLK_HELPER
4ea1277d 1215 select CRYPTO_GLUE_HELPER_X86
044ab525 1216 select CRYPTO_CAST_COMMON
4ea1277d
JG		 1217 select CRYPTO_CAST6
1218 select CRYPTO_LRW
1219 select CRYPTO_XTS
1220 help
1221 The CAST6 encryption algorithm (synonymous with CAST-256) is
1222 described in RFC2612.
1223
1224 This module provides the Cast6 cipher algorithm that processes
1225 eight blocks parallel using the AVX instruction set.
1226
584fffc8
SS		 1227config CRYPTO_DES
1228 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 1229 select CRYPTO_ALGAPI
1da177e4 1230 help
584fffc8 1231 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 1232
c5aac2df
DM		 1233config CRYPTO_DES_SPARC64
1234 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
97da37b3 1235 depends on SPARC64
c5aac2df
DM		 1236 select CRYPTO_ALGAPI
1237 select CRYPTO_DES
1238 help
1239 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1240 optimized using SPARC64 crypto opcodes.
1241
6574e6c6
JK		 1242config CRYPTO_DES3_EDE_X86_64
1243 tristate "Triple DES EDE cipher algorithm (x86-64)"
1244 depends on X86 && 64BIT
1245 select CRYPTO_ALGAPI
1246 select CRYPTO_DES
1247 help
1248 Triple DES EDE (FIPS 46-3) algorithm.
1249
1250 This module provides implementation of the Triple DES EDE cipher
1251 algorithm that is optimized for x86-64 processors. Two versions of
1252 algorithm are provided; regular processing one input block and
1253 one that processes three blocks parallel.
1254
584fffc8
SS		 1255config CRYPTO_FCRYPT
1256 tristate "FCrypt cipher algorithm"
cce9e06d 1257 select CRYPTO_ALGAPI
584fffc8 1258 select CRYPTO_BLKCIPHER
1da177e4 1259 help
584fffc8 1260 FCrypt algorithm used by RxRPC.
1da177e4
LT		 1261
1262config CRYPTO_KHAZAD
1263 tristate "Khazad cipher algorithm"
cce9e06d 1264 select CRYPTO_ALGAPI
1da177e4
LT		 1265 help
1266 Khazad cipher algorithm.
1267
1268 Khazad was a finalist in the initial NESSIE competition. It is
1269 an algorithm optimized for 64-bit processors with good performance
1270 on 32-bit processors. Khazad uses an 128 bit key size.
1271
1272 See also:
6d8de74c 1273 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 1274
2407d608 1275config CRYPTO_SALSA20
3b4afaf2 1276 tristate "Salsa20 stream cipher algorithm"
2407d608
TSH		 1277 select CRYPTO_BLKCIPHER
1278 help
1279 Salsa20 stream cipher algorithm.
1280
1281 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1282 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 1283
1284 The Salsa20 stream cipher algorithm is designed by Daniel J.
1285 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1286
1287config CRYPTO_SALSA20_586
3b4afaf2 1288 tristate "Salsa20 stream cipher algorithm (i586)"
974e4b75 1289 depends on (X86 || UML_X86) && !64BIT
974e4b75 1290 select CRYPTO_BLKCIPHER
974e4b75
TSH		 1291 help
1292 Salsa20 stream cipher algorithm.
1293
1294 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1295 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 1296
1297 The Salsa20 stream cipher algorithm is designed by Daniel J.
1298 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1299
1300config CRYPTO_SALSA20_X86_64
3b4afaf2 1301 tristate "Salsa20 stream cipher algorithm (x86_64)"
9a7dafbb 1302 depends on (X86 || UML_X86) && 64BIT
9a7dafbb 1303 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 1304 help
1305 Salsa20 stream cipher algorithm.
1306
1307 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1308 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 1309
1310 The Salsa20 stream cipher algorithm is designed by Daniel J.
1311 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 1312
c08d0e64
MW		 1313config CRYPTO_CHACHA20
1314 tristate "ChaCha20 cipher algorithm"
1315 select CRYPTO_BLKCIPHER
1316 help
1317 ChaCha20 cipher algorithm, RFC7539.
1318
1319 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1320 Bernstein and further specified in RFC7539 for use in IETF protocols.
1321 This is the portable C implementation of ChaCha20.
1322
1323 See also:
1324 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1325
c9320b6d 1326config CRYPTO_CHACHA20_X86_64
3d1e93cd 1327 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
c9320b6d
MW		 1328 depends on X86 && 64BIT
1329 select CRYPTO_BLKCIPHER
1330 select CRYPTO_CHACHA20
1331 help
1332 ChaCha20 cipher algorithm, RFC7539.
1333
1334 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1335 Bernstein and further specified in RFC7539 for use in IETF protocols.
1336 This is the x86_64 assembler implementation using SIMD instructions.
1337
1338 See also:
1339 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1340
584fffc8
SS		 1341config CRYPTO_SEED
1342 tristate "SEED cipher algorithm"
cce9e06d 1343 select CRYPTO_ALGAPI
1da177e4 1344 help
584fffc8 1345 SEED cipher algorithm (RFC4269).
1da177e4 1346
584fffc8
SS		 1347 SEED is a 128-bit symmetric key block cipher that has been
1348 developed by KISA (Korea Information Security Agency) as a
1349 national standard encryption algorithm of the Republic of Korea.
1350 It is a 16 round block cipher with the key size of 128 bit.
1351
1352 See also:
1353 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1354
1355config CRYPTO_SERPENT
1356 tristate "Serpent cipher algorithm"
cce9e06d 1357 select CRYPTO_ALGAPI
1da177e4 1358 help
584fffc8 1359 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 1360
584fffc8
SS		 1361 Keys are allowed to be from 0 to 256 bits in length, in steps
1362 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1363 variant of Serpent for compatibility with old kerneli.org code.
1364
1365 See also:
1366 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1367
937c30d7
JK		 1368config CRYPTO_SERPENT_SSE2_X86_64
1369 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1370 depends on X86 && 64BIT
1371 select CRYPTO_ALGAPI
341975bf 1372 select CRYPTO_CRYPTD
801201aa 1373 select CRYPTO_ABLK_HELPER
596d8750 1374 select CRYPTO_GLUE_HELPER_X86
937c30d7 1375 select CRYPTO_SERPENT
feaf0cfc
JK		 1376 select CRYPTO_LRW
1377 select CRYPTO_XTS
937c30d7
JK		 1378 help
1379 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1380
1381 Keys are allowed to be from 0 to 256 bits in length, in steps
1382 of 8 bits.
1383
1e6232f8 1384 This module provides Serpent cipher algorithm that processes eight
937c30d7
JK		 1385 blocks parallel using SSE2 instruction set.
1386
1387 See also:
1388 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1389
251496db
JK		 1390config CRYPTO_SERPENT_SSE2_586
1391 tristate "Serpent cipher algorithm (i586/SSE2)"
1392 depends on X86 && !64BIT
1393 select CRYPTO_ALGAPI
341975bf 1394 select CRYPTO_CRYPTD
801201aa 1395 select CRYPTO_ABLK_HELPER
596d8750 1396 select CRYPTO_GLUE_HELPER_X86
251496db 1397 select CRYPTO_SERPENT
feaf0cfc
JK		 1398 select CRYPTO_LRW
1399 select CRYPTO_XTS
251496db
JK		 1400 help
1401 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1402
1403 Keys are allowed to be from 0 to 256 bits in length, in steps
1404 of 8 bits.
1405
1406 This module provides Serpent cipher algorithm that processes four
1407 blocks parallel using SSE2 instruction set.
1408
1409 See also:
1410 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG		 1411
1412config CRYPTO_SERPENT_AVX_X86_64
1413 tristate "Serpent cipher algorithm (x86_64/AVX)"
1414 depends on X86 && 64BIT
1415 select CRYPTO_ALGAPI
1416 select CRYPTO_CRYPTD
801201aa 1417 select CRYPTO_ABLK_HELPER
1d0debbd 1418 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG		 1419 select CRYPTO_SERPENT
1420 select CRYPTO_LRW
1421 select CRYPTO_XTS
1422 help
1423 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1424
1425 Keys are allowed to be from 0 to 256 bits in length, in steps
1426 of 8 bits.
1427
1428 This module provides the Serpent cipher algorithm that processes
1429 eight blocks parallel using the AVX instruction set.
1430
1431 See also:
1432 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 1433
56d76c96
JK		 1434config CRYPTO_SERPENT_AVX2_X86_64
1435 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1436 depends on X86 && 64BIT
1437 select CRYPTO_ALGAPI
1438 select CRYPTO_CRYPTD
801201aa 1439 select CRYPTO_ABLK_HELPER
56d76c96
JK		 1440 select CRYPTO_GLUE_HELPER_X86
1441 select CRYPTO_SERPENT
1442 select CRYPTO_SERPENT_AVX_X86_64
1443 select CRYPTO_LRW
1444 select CRYPTO_XTS
1445 help
1446 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1447
1448 Keys are allowed to be from 0 to 256 bits in length, in steps
1449 of 8 bits.
1450
1451 This module provides Serpent cipher algorithm that processes 16
1452 blocks parallel using AVX2 instruction set.
1453
1454 See also:
1455 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1456
584fffc8
SS		 1457config CRYPTO_TEA
1458 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 1459 select CRYPTO_ALGAPI
1da177e4 1460 help
584fffc8 1461 TEA cipher algorithm.
1da177e4 1462
584fffc8
SS		 1463 Tiny Encryption Algorithm is a simple cipher that uses
1464 many rounds for security. It is very fast and uses
1465 little memory.
1466
1467 Xtendend Tiny Encryption Algorithm is a modification to
1468 the TEA algorithm to address a potential key weakness
1469 in the TEA algorithm.
1470
1471 Xtendend Encryption Tiny Algorithm is a mis-implementation
1472 of the XTEA algorithm for compatibility purposes.
1473
1474config CRYPTO_TWOFISH
1475 tristate "Twofish cipher algorithm"
04ac7db3 1476 select CRYPTO_ALGAPI
584fffc8 1477 select CRYPTO_TWOFISH_COMMON
04ac7db3 1478 help
584fffc8 1479 Twofish cipher algorithm.
04ac7db3 1480
584fffc8
SS		 1481 Twofish was submitted as an AES (Advanced Encryption Standard)
1482 candidate cipher by researchers at CounterPane Systems. It is a
1483 16 round block cipher supporting key sizes of 128, 192, and 256
1484 bits.
04ac7db3 1485
584fffc8
SS		 1486 See also:
1487 <http://www.schneier.com/twofish.html>
1488
1489config CRYPTO_TWOFISH_COMMON
1490 tristate
1491 help
1492 Common parts of the Twofish cipher algorithm shared by the
1493 generic c and the assembler implementations.
1494
1495config CRYPTO_TWOFISH_586
1496 tristate "Twofish cipher algorithms (i586)"
1497 depends on (X86 || UML_X86) && !64BIT
1498 select CRYPTO_ALGAPI
1499 select CRYPTO_TWOFISH_COMMON
1500 help
1501 Twofish cipher algorithm.
1502
1503 Twofish was submitted as an AES (Advanced Encryption Standard)
1504 candidate cipher by researchers at CounterPane Systems. It is a
1505 16 round block cipher supporting key sizes of 128, 192, and 256
1506 bits.
04ac7db3
NT		 1507
1508 See also:
584fffc8 1509 <http://www.schneier.com/twofish.html>
04ac7db3 1510
584fffc8
SS		 1511config CRYPTO_TWOFISH_X86_64
1512 tristate "Twofish cipher algorithm (x86_64)"
1513 depends on (X86 || UML_X86) && 64BIT
cce9e06d 1514 select CRYPTO_ALGAPI
584fffc8 1515 select CRYPTO_TWOFISH_COMMON
1da177e4 1516 help
584fffc8 1517 Twofish cipher algorithm (x86_64).
1da177e4 1518
584fffc8
SS		 1519 Twofish was submitted as an AES (Advanced Encryption Standard)
1520 candidate cipher by researchers at CounterPane Systems. It is a
1521 16 round block cipher supporting key sizes of 128, 192, and 256
1522 bits.
1523
1524 See also:
1525 <http://www.schneier.com/twofish.html>
1526
8280daad
JK		 1527config CRYPTO_TWOFISH_X86_64_3WAY
1528 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1529 depends on X86 && 64BIT
8280daad
JK		 1530 select CRYPTO_ALGAPI
1531 select CRYPTO_TWOFISH_COMMON
1532 select CRYPTO_TWOFISH_X86_64
414cb5e7 1533 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK		 1534 select CRYPTO_LRW
1535 select CRYPTO_XTS
8280daad
JK		 1536 help
1537 Twofish cipher algorithm (x86_64, 3-way parallel).
1538
1539 Twofish was submitted as an AES (Advanced Encryption Standard)
1540 candidate cipher by researchers at CounterPane Systems. It is a
1541 16 round block cipher supporting key sizes of 128, 192, and 256
1542 bits.
1543
1544 This module provides Twofish cipher algorithm that processes three
1545 blocks parallel, utilizing resources of out-of-order CPUs better.
1546
1547 See also:
1548 <http://www.schneier.com/twofish.html>
1549
107778b5
JG		 1550config CRYPTO_TWOFISH_AVX_X86_64
1551 tristate "Twofish cipher algorithm (x86_64/AVX)"
1552 depends on X86 && 64BIT
1553 select CRYPTO_ALGAPI
1554 select CRYPTO_CRYPTD
801201aa 1555 select CRYPTO_ABLK_HELPER
a7378d4e 1556 select CRYPTO_GLUE_HELPER_X86
107778b5
JG		 1557 select CRYPTO_TWOFISH_COMMON
1558 select CRYPTO_TWOFISH_X86_64
1559 select CRYPTO_TWOFISH_X86_64_3WAY
1560 select CRYPTO_LRW
1561 select CRYPTO_XTS
1562 help
1563 Twofish cipher algorithm (x86_64/AVX).
1564
1565 Twofish was submitted as an AES (Advanced Encryption Standard)
1566 candidate cipher by researchers at CounterPane Systems. It is a
1567 16 round block cipher supporting key sizes of 128, 192, and 256
1568 bits.
1569
1570 This module provides the Twofish cipher algorithm that processes
1571 eight blocks parallel using the AVX Instruction Set.
1572
1573 See also:
1574 <http://www.schneier.com/twofish.html>
1575
584fffc8
SS		 1576comment "Compression"
1577
1578config CRYPTO_DEFLATE
1579 tristate "Deflate compression algorithm"
1580 select CRYPTO_ALGAPI
f6ded09d 1581 select CRYPTO_ACOMP2
584fffc8
SS		 1582 select ZLIB_INFLATE
1583 select ZLIB_DEFLATE
3c09f17c 1584 help
584fffc8
SS		 1585 This is the Deflate algorithm (RFC1951), specified for use in
1586 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1587
1588 You will most probably want this if using IPSec.
3c09f17c 1589
0b77abb3
ZS		 1590config CRYPTO_LZO
1591 tristate "LZO compression algorithm"
1592 select CRYPTO_ALGAPI
ac9d2c4b 1593 select CRYPTO_ACOMP2
0b77abb3
ZS		 1594 select LZO_COMPRESS
1595 select LZO_DECOMPRESS
1596 help
1597 This is the LZO algorithm.
1598
35a1fc18
SJ		 1599config CRYPTO_842
1600 tristate "842 compression algorithm"
2062c5b6 1601 select CRYPTO_ALGAPI
6a8de3ae 1602 select CRYPTO_ACOMP2
2062c5b6
DS		 1603 select 842_COMPRESS
1604 select 842_DECOMPRESS
35a1fc18
SJ		 1605 help
1606 This is the 842 algorithm.
0ea8530d
CM		 1607
1608config CRYPTO_LZ4
1609 tristate "LZ4 compression algorithm"
1610 select CRYPTO_ALGAPI
8cd9330e 1611 select CRYPTO_ACOMP2
0ea8530d
CM		 1612 select LZ4_COMPRESS
1613 select LZ4_DECOMPRESS
1614 help
1615 This is the LZ4 algorithm.
1616
1617config CRYPTO_LZ4HC
1618 tristate "LZ4HC compression algorithm"
1619 select CRYPTO_ALGAPI
91d53d96 1620 select CRYPTO_ACOMP2
0ea8530d
CM		 1621 select LZ4HC_COMPRESS
1622 select LZ4_DECOMPRESS
1623 help
1624 This is the LZ4 high compression mode algorithm.
35a1fc18 1625
17f0f4a4
NH		 1626comment "Random Number Generation"
1627
1628config CRYPTO_ANSI_CPRNG
1629 tristate "Pseudo Random Number Generation for Cryptographic modules"
1630 select CRYPTO_AES
1631 select CRYPTO_RNG
17f0f4a4
NH		 1632 help
1633 This option enables the generic pseudo random number generator
1634 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 1635 ANSI X9.31 A.2.4. Note that this option must be enabled if
1636 CRYPTO_FIPS is selected
17f0f4a4 1637
f2c89a10 1638menuconfig CRYPTO_DRBG_MENU
419090c6 1639 tristate "NIST SP800-90A DRBG"
419090c6
SM		 1640 help
1641 NIST SP800-90A compliant DRBG. In the following submenu, one or
1642 more of the DRBG types must be selected.
1643
f2c89a10 1644if CRYPTO_DRBG_MENU
419090c6
SM		 1645
1646config CRYPTO_DRBG_HMAC
401e4238 1647 bool
419090c6 1648 default y
419090c6 1649 select CRYPTO_HMAC
826775bb 1650 select CRYPTO_SHA256
419090c6
SM		 1651
1652config CRYPTO_DRBG_HASH
1653 bool "Enable Hash DRBG"
826775bb 1654 select CRYPTO_SHA256
419090c6
SM		 1655 help
1656 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1657
1658config CRYPTO_DRBG_CTR
1659 bool "Enable CTR DRBG"
419090c6 1660 select CRYPTO_AES
35591285 1661 depends on CRYPTO_CTR
419090c6
SM		 1662 help
1663 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1664
f2c89a10
HX		 1665config CRYPTO_DRBG
1666 tristate
401e4238 1667 default CRYPTO_DRBG_MENU
f2c89a10 1668 select CRYPTO_RNG
bb5530e4 1669 select CRYPTO_JITTERENTROPY
f2c89a10
HX		 1670
1671endif # if CRYPTO_DRBG_MENU
419090c6 1672
bb5530e4
SM		 1673config CRYPTO_JITTERENTROPY
1674 tristate "Jitterentropy Non-Deterministic Random Number Generator"
2f313e02 1675 select CRYPTO_RNG
bb5530e4
SM		 1676 help
1677 The Jitterentropy RNG is a noise that is intended
1678 to provide seed to another RNG. The RNG does not
1679 perform any cryptographic whitening of the generated
1680 random numbers. This Jitterentropy RNG registers with
1681 the kernel crypto API and can be used by any caller.
1682
03c8efc1
HX		 1683config CRYPTO_USER_API
1684 tristate
1685
fe869cdb
HX		 1686config CRYPTO_USER_API_HASH
1687 tristate "User-space interface for hash algorithms"
7451708f 1688 depends on NET
fe869cdb
HX		 1689 select CRYPTO_HASH
1690 select CRYPTO_USER_API
1691 help
1692 This option enables the user-spaces interface for hash
1693 algorithms.
1694
8ff59090
HX		 1695config CRYPTO_USER_API_SKCIPHER
1696 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1697 depends on NET
8ff59090
HX		 1698 select CRYPTO_BLKCIPHER
1699 select CRYPTO_USER_API
1700 help
1701 This option enables the user-spaces interface for symmetric
1702 key cipher algorithms.
1703
2f375538
SM		 1704config CRYPTO_USER_API_RNG
1705 tristate "User-space interface for random number generator algorithms"
1706 depends on NET
1707 select CRYPTO_RNG
1708 select CRYPTO_USER_API
1709 help
1710 This option enables the user-spaces interface for random
1711 number generator algorithms.
1712
b64a2d95
HX		 1713config CRYPTO_USER_API_AEAD
1714 tristate "User-space interface for AEAD cipher algorithms"
1715 depends on NET
1716 select CRYPTO_AEAD
1717 select CRYPTO_USER_API
1718 help
1719 This option enables the user-spaces interface for AEAD
1720 cipher algorithms.
1721
ee08997f
DK		 1722config CRYPTO_HASH_INFO
1723 bool
1724
1da177e4 1725source "drivers/crypto/Kconfig"
964f3b3b 1726source crypto/asymmetric_keys/Kconfig
cfc411e7 1727source certs/Kconfig
1da177e4 1728
cce9e06d 1729endif # if CRYPTO
ubuntu-bionic-kernel mirror