]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blame - crypto/Kconfig
projects / mirror_ubuntu-zesty-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: ppc/sha256 - glue
[mirror_ubuntu-zesty-kernel.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
f2c89a10 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
002c77a4 27 depends on MODULE_SIG
ccb778e1
NH		 28 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
e84c5480 32 this is.
ccb778e1 33
cce9e06d
HX		 34config CRYPTO_ALGAPI
35 tristate
6a0fcbb4 36 select CRYPTO_ALGAPI2
cce9e06d
HX		 37 help
38 This option provides the API for cryptographic algorithms.
39
6a0fcbb4
HX		 40config CRYPTO_ALGAPI2
41 tristate
42
1ae97820
HX		 43config CRYPTO_AEAD
44 tristate
6a0fcbb4 45 select CRYPTO_AEAD2
1ae97820
HX		 46 select CRYPTO_ALGAPI
47
6a0fcbb4
HX		 48config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
51
5cde0af2
HX		 52config CRYPTO_BLKCIPHER
53 tristate
6a0fcbb4 54 select CRYPTO_BLKCIPHER2
5cde0af2 55 select CRYPTO_ALGAPI
6a0fcbb4
HX		 56
57config CRYPTO_BLKCIPHER2
58 tristate
59 select CRYPTO_ALGAPI2
60 select CRYPTO_RNG2
0a2e821d 61 select CRYPTO_WORKQUEUE
5cde0af2 62
055bcee3
HX		 63config CRYPTO_HASH
64 tristate
6a0fcbb4 65 select CRYPTO_HASH2
055bcee3
HX		 66 select CRYPTO_ALGAPI
67
6a0fcbb4
HX		 68config CRYPTO_HASH2
69 tristate
70 select CRYPTO_ALGAPI2
71
17f0f4a4
NH		 72config CRYPTO_RNG
73 tristate
6a0fcbb4 74 select CRYPTO_RNG2
17f0f4a4
NH		 75 select CRYPTO_ALGAPI
76
6a0fcbb4
HX		 77config CRYPTO_RNG2
78 tristate
79 select CRYPTO_ALGAPI2
80
a1d2f095 81config CRYPTO_PCOMP
bc94e596
HX		 82 tristate
83 select CRYPTO_PCOMP2
84 select CRYPTO_ALGAPI
85
86config CRYPTO_PCOMP2
a1d2f095
GU		 87 tristate
88 select CRYPTO_ALGAPI2
89
2b8c19db
HX		 90config CRYPTO_MANAGER
91 tristate "Cryptographic algorithm manager"
6a0fcbb4 92 select CRYPTO_MANAGER2
2b8c19db
HX		 93 help
94 Create default cryptographic template instantiations such as
95 cbc(aes).
96
6a0fcbb4
HX		 97config CRYPTO_MANAGER2
98 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
99 select CRYPTO_AEAD2
100 select CRYPTO_HASH2
101 select CRYPTO_BLKCIPHER2
bc94e596 102 select CRYPTO_PCOMP2
6a0fcbb4 103
a38f7907
SK		 104config CRYPTO_USER
105 tristate "Userspace cryptographic algorithm configuration"
5db017aa 106 depends on NET
a38f7907
SK		 107 select CRYPTO_MANAGER
108 help
d19978f5 109 Userspace configuration for cryptographic instantiations such as
a38f7907
SK		 110 cbc(aes).
111
326a6346
HX		 112config CRYPTO_MANAGER_DISABLE_TESTS
113 bool "Disable run-time self tests"
00ca28a5
HX		 114 default y
115 depends on CRYPTO_MANAGER2
0b767f96 116 help
326a6346
HX		 117 Disable run-time self tests that normally take place at
118 algorithm registration.
0b767f96 119
584fffc8 120config CRYPTO_GF128MUL
08c70fc3 121 tristate "GF(2^128) multiplication functions"
333b0d7e 122 help
584fffc8
SS		 123 Efficient table driven implementation of multiplications in the
124 field GF(2^128). This is needed by some cypher modes. This
125 option will be selected automatically if you select such a
126 cipher mode. Only select this option by hand if you expect to load
127 an external module that requires these functions.
333b0d7e 128
1da177e4
LT		 129config CRYPTO_NULL
130 tristate "Null algorithms"
cce9e06d 131 select CRYPTO_ALGAPI
c8620c25 132 select CRYPTO_BLKCIPHER
d35d2454 133 select CRYPTO_HASH
1da177e4
LT		 134 help
135 These are 'Null' algorithms, used by IPsec, which do nothing.
136
5068c7a8 137config CRYPTO_PCRYPT
3b4afaf2
KC		 138 tristate "Parallel crypto engine"
139 depends on SMP
5068c7a8
SK		 140 select PADATA
141 select CRYPTO_MANAGER
142 select CRYPTO_AEAD
143 help
144 This converts an arbitrary crypto algorithm into a parallel
145 algorithm that executes in kernel threads.
146
25c38d3f
HY		 147config CRYPTO_WORKQUEUE
148 tristate
149
584fffc8
SS		 150config CRYPTO_CRYPTD
151 tristate "Software async crypto daemon"
152 select CRYPTO_BLKCIPHER
b8a28251 153 select CRYPTO_HASH
584fffc8 154 select CRYPTO_MANAGER
254eff77 155 select CRYPTO_WORKQUEUE
1da177e4 156 help
584fffc8
SS		 157 This is a generic software asynchronous crypto daemon that
158 converts an arbitrary synchronous software crypto algorithm
159 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 160
1e65b81a
TC		 161config CRYPTO_MCRYPTD
162 tristate "Software async multi-buffer crypto daemon"
163 select CRYPTO_BLKCIPHER
164 select CRYPTO_HASH
165 select CRYPTO_MANAGER
166 select CRYPTO_WORKQUEUE
167 help
168 This is a generic software asynchronous crypto daemon that
169 provides the kernel thread to assist multi-buffer crypto
170 algorithms for submitting jobs and flushing jobs in multi-buffer
171 crypto algorithms. Multi-buffer crypto algorithms are executed
172 in the context of this kernel thread and drivers can post
0e56673b 173 their crypto request asynchronously to be processed by this daemon.
1e65b81a 174
584fffc8
SS		 175config CRYPTO_AUTHENC
176 tristate "Authenc support"
177 select CRYPTO_AEAD
178 select CRYPTO_BLKCIPHER
179 select CRYPTO_MANAGER
180 select CRYPTO_HASH
1da177e4 181 help
584fffc8
SS		 182 Authenc: Combined mode wrapper for IPsec.
183 This is required for IPSec.
1da177e4 184
584fffc8
SS		 185config CRYPTO_TEST
186 tristate "Testing module"
187 depends on m
da7f033d 188 select CRYPTO_MANAGER
1da177e4 189 help
584fffc8 190 Quick & dirty crypto test module.
1da177e4 191
a62b01cd 192config CRYPTO_ABLK_HELPER
ffaf9156 193 tristate
ffaf9156
JK		 194 select CRYPTO_CRYPTD
195
596d8750
JK		 196config CRYPTO_GLUE_HELPER_X86
197 tristate
198 depends on X86
199 select CRYPTO_ALGAPI
200
584fffc8 201comment "Authenticated Encryption with Associated Data"
cd12fb90 202
584fffc8
SS		 203config CRYPTO_CCM
204 tristate "CCM support"
205 select CRYPTO_CTR
206 select CRYPTO_AEAD
1da177e4 207 help
584fffc8 208 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 209
584fffc8
SS		 210config CRYPTO_GCM
211 tristate "GCM/GMAC support"
212 select CRYPTO_CTR
213 select CRYPTO_AEAD
9382d97a 214 select CRYPTO_GHASH
9489667d 215 select CRYPTO_NULL
1da177e4 216 help
584fffc8
SS		 217 Support for Galois/Counter Mode (GCM) and Galois Message
218 Authentication Code (GMAC). Required for IPSec.
1da177e4 219
584fffc8
SS		 220config CRYPTO_SEQIV
221 tristate "Sequence Number IV Generator"
222 select CRYPTO_AEAD
223 select CRYPTO_BLKCIPHER
a0f000ec 224 select CRYPTO_RNG
1da177e4 225 help
584fffc8
SS		 226 This IV generator generates an IV based on a sequence number by
227 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 228
584fffc8 229comment "Block modes"
c494e070 230
584fffc8
SS		 231config CRYPTO_CBC
232 tristate "CBC support"
db131ef9 233 select CRYPTO_BLKCIPHER
43518407 234 select CRYPTO_MANAGER
db131ef9 235 help
584fffc8
SS		 236 CBC: Cipher Block Chaining mode
237 This block cipher algorithm is required for IPSec.
db131ef9 238
584fffc8
SS		 239config CRYPTO_CTR
240 tristate "CTR support"
db131ef9 241 select CRYPTO_BLKCIPHER
584fffc8 242 select CRYPTO_SEQIV
43518407 243 select CRYPTO_MANAGER
db131ef9 244 help
584fffc8 245 CTR: Counter mode
db131ef9
HX		 246 This block cipher algorithm is required for IPSec.
247
584fffc8
SS		 248config CRYPTO_CTS
249 tristate "CTS support"
250 select CRYPTO_BLKCIPHER
251 help
252 CTS: Cipher Text Stealing
253 This is the Cipher Text Stealing mode as described by
254 Section 8 of rfc2040 and referenced by rfc3962.
255 (rfc3962 includes errata information in its Appendix A)
256 This mode is required for Kerberos gss mechanism support
257 for AES encryption.
258
259config CRYPTO_ECB
260 tristate "ECB support"
91652be5
DH		 261 select CRYPTO_BLKCIPHER
262 select CRYPTO_MANAGER
91652be5 263 help
584fffc8
SS		 264 ECB: Electronic CodeBook mode
265 This is the simplest block cipher algorithm. It simply encrypts
266 the input block by block.
91652be5 267
64470f1b 268config CRYPTO_LRW
2470a2b2 269 tristate "LRW support"
64470f1b
RS		 270 select CRYPTO_BLKCIPHER
271 select CRYPTO_MANAGER
272 select CRYPTO_GF128MUL
273 help
274 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
275 narrow block cipher mode for dm-crypt. Use it with cipher
276 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
277 The first 128, 192 or 256 bits in the key are used for AES and the
278 rest is used to tie each cipher block to its logical position.
279
584fffc8
SS		 280config CRYPTO_PCBC
281 tristate "PCBC support"
282 select CRYPTO_BLKCIPHER
283 select CRYPTO_MANAGER
284 help
285 PCBC: Propagating Cipher Block Chaining mode
286 This block cipher algorithm is required for RxRPC.
287
f19f5111 288config CRYPTO_XTS
5bcf8e6d 289 tristate "XTS support"
f19f5111
RS		 290 select CRYPTO_BLKCIPHER
291 select CRYPTO_MANAGER
292 select CRYPTO_GF128MUL
293 help
294 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
295 key size 256, 384 or 512 bits. This implementation currently
296 can't handle a sectorsize which is not a multiple of 16 bytes.
297
584fffc8
SS		 298comment "Hash modes"
299
93b5e86a
JK		 300config CRYPTO_CMAC
301 tristate "CMAC support"
302 select CRYPTO_HASH
303 select CRYPTO_MANAGER
304 help
305 Cipher-based Message Authentication Code (CMAC) specified by
306 The National Institute of Standards and Technology (NIST).
307
308 https://tools.ietf.org/html/rfc4493
309 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
310
584fffc8
SS		 311config CRYPTO_HMAC
312 tristate "HMAC support"
313 select CRYPTO_HASH
23e353c8 314 select CRYPTO_MANAGER
23e353c8 315 help
584fffc8
SS		 316 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
317 This is required for IPSec.
23e353c8 318
584fffc8
SS		 319config CRYPTO_XCBC
320 tristate "XCBC support"
584fffc8
SS		 321 select CRYPTO_HASH
322 select CRYPTO_MANAGER
76cb9521 323 help
584fffc8
SS		 324 XCBC: Keyed-Hashing with encryption algorithm
325 http://www.ietf.org/rfc/rfc3566.txt
326 http://csrc.nist.gov/encryption/modes/proposedmodes/
327 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 328
f1939f7c
SW		 329config CRYPTO_VMAC
330 tristate "VMAC support"
f1939f7c
SW		 331 select CRYPTO_HASH
332 select CRYPTO_MANAGER
333 help
334 VMAC is a message authentication algorithm designed for
335 very high speed on 64-bit architectures.
336
337 See also:
338 <http://fastcrypto.org/vmac>
339
584fffc8 340comment "Digest"
28db8e3e 341
584fffc8
SS		 342config CRYPTO_CRC32C
343 tristate "CRC32c CRC algorithm"
5773a3e6 344 select CRYPTO_HASH
6a0962b2 345 select CRC32
4a49b499 346 help
584fffc8
SS		 347 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
348 by iSCSI for header and data digests and by others.
69c35efc 349 See Castagnoli93. Module will be crc32c.
4a49b499 350
8cb51ba8
AZ		 351config CRYPTO_CRC32C_INTEL
352 tristate "CRC32c INTEL hardware acceleration"
353 depends on X86
354 select CRYPTO_HASH
355 help
356 In Intel processor with SSE4.2 supported, the processor will
357 support CRC32C implementation using hardware accelerated CRC32
358 instruction. This option will create 'crc32c-intel' module,
359 which will enable any routine to use the CRC32 instruction to
360 gain performance compared with software implementation.
361 Module will be crc32c-intel.
362
442a7c40
DM		 363config CRYPTO_CRC32C_SPARC64
364 tristate "CRC32c CRC algorithm (SPARC64)"
365 depends on SPARC64
366 select CRYPTO_HASH
367 select CRC32
368 help
369 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
370 when available.
371
78c37d19
AB		 372config CRYPTO_CRC32
373 tristate "CRC32 CRC algorithm"
374 select CRYPTO_HASH
375 select CRC32
376 help
377 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
378 Shash crypto api wrappers to crc32_le function.
379
380config CRYPTO_CRC32_PCLMUL
381 tristate "CRC32 PCLMULQDQ hardware acceleration"
382 depends on X86
383 select CRYPTO_HASH
384 select CRC32
385 help
386 From Intel Westmere and AMD Bulldozer processor with SSE4.2
387 and PCLMULQDQ supported, the processor will support
388 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
389 instruction. This option will create 'crc32-plcmul' module,
390 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
391 and gain better performance as compared with the table implementation.
392
68411521
HX		 393config CRYPTO_CRCT10DIF
394 tristate "CRCT10DIF algorithm"
395 select CRYPTO_HASH
396 help
397 CRC T10 Data Integrity Field computation is being cast as
398 a crypto transform. This allows for faster crc t10 diff
399 transforms to be used if they are available.
400
401config CRYPTO_CRCT10DIF_PCLMUL
402 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
403 depends on X86 && 64BIT && CRC_T10DIF
404 select CRYPTO_HASH
405 help
406 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
407 CRC T10 DIF PCLMULQDQ computation can be hardware
408 accelerated PCLMULQDQ instruction. This option will create
409 'crct10dif-plcmul' module, which is faster when computing the
410 crct10dif checksum as compared with the generic table implementation.
411
2cdc6899
HY		 412config CRYPTO_GHASH
413 tristate "GHASH digest algorithm"
2cdc6899
HY		 414 select CRYPTO_GF128MUL
415 help
416 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
417
584fffc8
SS		 418config CRYPTO_MD4
419 tristate "MD4 digest algorithm"
808a1763 420 select CRYPTO_HASH
124b53d0 421 help
584fffc8 422 MD4 message digest algorithm (RFC1320).
124b53d0 423
584fffc8
SS		 424config CRYPTO_MD5
425 tristate "MD5 digest algorithm"
14b75ba7 426 select CRYPTO_HASH
1da177e4 427 help
584fffc8 428 MD5 message digest algorithm (RFC1321).
1da177e4 429
d69e75de
AK		 430config CRYPTO_MD5_OCTEON
431 tristate "MD5 digest algorithm (OCTEON)"
432 depends on CPU_CAVIUM_OCTEON
433 select CRYPTO_MD5
434 select CRYPTO_HASH
435 help
436 MD5 message digest algorithm (RFC1321) implemented
437 using OCTEON crypto instructions, when available.
438
fa4dfedc
DM		 439config CRYPTO_MD5_SPARC64
440 tristate "MD5 digest algorithm (SPARC64)"
441 depends on SPARC64
442 select CRYPTO_MD5
443 select CRYPTO_HASH
444 help
445 MD5 message digest algorithm (RFC1321) implemented
446 using sparc64 crypto instructions, when available.
447
584fffc8
SS		 448config CRYPTO_MICHAEL_MIC
449 tristate "Michael MIC keyed digest algorithm"
19e2bf14 450 select CRYPTO_HASH
90831639 451 help
584fffc8
SS		 452 Michael MIC is used for message integrity protection in TKIP
453 (IEEE 802.11i). This algorithm is required for TKIP, but it
454 should not be used for other purposes because of the weakness
455 of the algorithm.
90831639 456
82798f90 457config CRYPTO_RMD128
b6d44341 458 tristate "RIPEMD-128 digest algorithm"
7c4468bc 459 select CRYPTO_HASH
b6d44341
AB		 460 help
461 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 462
b6d44341 463 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 464 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 465 RIPEMD-160 should be used.
82798f90 466
b6d44341 467 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 468 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 469
470config CRYPTO_RMD160
b6d44341 471 tristate "RIPEMD-160 digest algorithm"
e5835fba 472 select CRYPTO_HASH
b6d44341
AB		 473 help
474 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 475
b6d44341
AB		 476 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
477 to be used as a secure replacement for the 128-bit hash functions
478 MD4, MD5 and it's predecessor RIPEMD
479 (not to be confused with RIPEMD-128).
82798f90 480
b6d44341
AB		 481 It's speed is comparable to SHA1 and there are no known attacks
482 against RIPEMD-160.
534fe2c1 483
b6d44341 484 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 485 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 486
487config CRYPTO_RMD256
b6d44341 488 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 489 select CRYPTO_HASH
b6d44341
AB		 490 help
491 RIPEMD-256 is an optional extension of RIPEMD-128 with a
492 256 bit hash. It is intended for applications that require
493 longer hash-results, without needing a larger security level
494 (than RIPEMD-128).
534fe2c1 495
b6d44341 496 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 497 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 498
499config CRYPTO_RMD320
b6d44341 500 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 501 select CRYPTO_HASH
b6d44341
AB		 502 help
503 RIPEMD-320 is an optional extension of RIPEMD-160 with a
504 320 bit hash. It is intended for applications that require
505 longer hash-results, without needing a larger security level
506 (than RIPEMD-160).
534fe2c1 507
b6d44341 508 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 509 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 510
584fffc8
SS		 511config CRYPTO_SHA1
512 tristate "SHA1 digest algorithm"
54ccb367 513 select CRYPTO_HASH
1da177e4 514 help
584fffc8 515 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 516
66be8951 517config CRYPTO_SHA1_SSSE3
7c1da8d0 518 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)"
66be8951
MK		 519 depends on X86 && 64BIT
520 select CRYPTO_SHA1
521 select CRYPTO_HASH
522 help
523 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
524 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
7c1da8d0 525 Extensions (AVX/AVX2), when available.
66be8951 526
8275d1aa
TC		 527config CRYPTO_SHA256_SSSE3
528 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)"
529 depends on X86 && 64BIT
530 select CRYPTO_SHA256
531 select CRYPTO_HASH
532 help
533 SHA-256 secure hash standard (DFIPS 180-2) implemented
534 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
535 Extensions version 1 (AVX1), or Advanced Vector Extensions
87de4579
TC		 536 version 2 (AVX2) instructions, when available.
537
538config CRYPTO_SHA512_SSSE3
539 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
540 depends on X86 && 64BIT
541 select CRYPTO_SHA512
542 select CRYPTO_HASH
543 help
544 SHA-512 secure hash standard (DFIPS 180-2) implemented
545 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
546 Extensions version 1 (AVX1), or Advanced Vector Extensions
8275d1aa
TC		 547 version 2 (AVX2) instructions, when available.
548
4ff28d4c
DM		 549config CRYPTO_SHA1_SPARC64
550 tristate "SHA1 digest algorithm (SPARC64)"
551 depends on SPARC64
552 select CRYPTO_SHA1
553 select CRYPTO_HASH
554 help
555 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
556 using sparc64 crypto instructions, when available.
557
f0be44f4
DM		 558config CRYPTO_SHA1_ARM
559 tristate "SHA1 digest algorithm (ARM-asm)"
560 depends on ARM
561 select CRYPTO_SHA1
562 select CRYPTO_HASH
563 help
564 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
565 using optimized ARM assembler.
566
60468255
JK		 567config CRYPTO_SHA1_ARM_NEON
568 tristate "SHA1 digest algorithm (ARM NEON)"
0777e3e1 569 depends on ARM && KERNEL_MODE_NEON
60468255
JK		 570 select CRYPTO_SHA1_ARM
571 select CRYPTO_SHA1
572 select CRYPTO_HASH
573 help
574 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
575 using optimized ARM NEON assembly, when NEON instructions are
576 available.
577
323a6bf1
ME		 578config CRYPTO_SHA1_PPC
579 tristate "SHA1 digest algorithm (powerpc)"
580 depends on PPC
581 help
582 This is the powerpc hardware accelerated implementation of the
583 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
584
1e65b81a
TC		 585config CRYPTO_SHA1_MB
586 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
587 depends on X86 && 64BIT
588 select CRYPTO_SHA1
589 select CRYPTO_HASH
590 select CRYPTO_MCRYPTD
591 help
592 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
593 using multi-buffer technique. This algorithm computes on
594 multiple data lanes concurrently with SIMD instructions for
595 better throughput. It should not be enabled by default but
596 used when there is significant amount of work to keep the keep
597 the data lanes filled to get performance benefit. If the data
598 lanes remain unfilled, a flush operation will be initiated to
599 process the crypto jobs, adding a slight latency.
600
584fffc8
SS		 601config CRYPTO_SHA256
602 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 603 select CRYPTO_HASH
1da177e4 604 help
584fffc8 605 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 606
584fffc8
SS		 607 This version of SHA implements a 256 bit hash with 128 bits of
608 security against collision attacks.
2729bb42 609
b6d44341
AB		 610 This code also includes SHA-224, a 224 bit hash with 112 bits
611 of security against collision attacks.
584fffc8 612
86c93b24
DM		 613config CRYPTO_SHA256_SPARC64
614 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
615 depends on SPARC64
616 select CRYPTO_SHA256
617 select CRYPTO_HASH
618 help
619 SHA-256 secure hash standard (DFIPS 180-2) implemented
620 using sparc64 crypto instructions, when available.
621
584fffc8
SS		 622config CRYPTO_SHA512
623 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 624 select CRYPTO_HASH
b9f535ff 625 help
584fffc8 626 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 627
584fffc8
SS		 628 This version of SHA implements a 512 bit hash with 256 bits of
629 security against collision attacks.
b9f535ff 630
584fffc8
SS		 631 This code also includes SHA-384, a 384 bit hash with 192 bits
632 of security against collision attacks.
b9f535ff 633
775e0c69
DM		 634config CRYPTO_SHA512_SPARC64
635 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
636 depends on SPARC64
637 select CRYPTO_SHA512
638 select CRYPTO_HASH
639 help
640 SHA-512 secure hash standard (DFIPS 180-2) implemented
641 using sparc64 crypto instructions, when available.
642
c8611d71
JK		 643config CRYPTO_SHA512_ARM_NEON
644 tristate "SHA384 and SHA512 digest algorithm (ARM NEON)"
31e1a602 645 depends on ARM && KERNEL_MODE_NEON
c8611d71
JK		 646 select CRYPTO_SHA512
647 select CRYPTO_HASH
648 help
649 SHA-512 secure hash standard (DFIPS 180-2) implemented
650 using ARM NEON instructions, when available.
651
652 This version of SHA implements a 512 bit hash with 256 bits of
653 security against collision attacks.
654
655 This code also includes SHA-384, a 384 bit hash with 192 bits
656 of security against collision attacks.
657
584fffc8
SS		 658config CRYPTO_TGR192
659 tristate "Tiger digest algorithms"
f63fbd3d 660 select CRYPTO_HASH
eaf44088 661 help
584fffc8 662 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 663
584fffc8
SS		 664 Tiger is a hash function optimized for 64-bit processors while
665 still having decent performance on 32-bit processors.
666 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 667
668 See also:
584fffc8 669 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 670
584fffc8
SS		 671config CRYPTO_WP512
672 tristate "Whirlpool digest algorithms"
4946510b 673 select CRYPTO_HASH
1da177e4 674 help
584fffc8 675 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 676
584fffc8
SS		 677 Whirlpool-512 is part of the NESSIE cryptographic primitives.
678 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 679
680 See also:
6d8de74c 681 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 682
0e1227d3
HY		 683config CRYPTO_GHASH_CLMUL_NI_INTEL
684 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 685 depends on X86 && 64BIT
0e1227d3
HY		 686 select CRYPTO_CRYPTD
687 help
688 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
689 The implementation is accelerated by CLMUL-NI of Intel.
690
584fffc8 691comment "Ciphers"
1da177e4
LT		 692
693config CRYPTO_AES
694 tristate "AES cipher algorithms"
cce9e06d 695 select CRYPTO_ALGAPI
1da177e4 696 help
584fffc8 697 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 698 algorithm.
699
700 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 701 both hardware and software across a wide range of computing
702 environments regardless of its use in feedback or non-feedback
703 modes. Its key setup time is excellent, and its key agility is
704 good. Rijndael's very low memory requirements make it very well
705 suited for restricted-space environments, in which it also
706 demonstrates excellent performance. Rijndael's operations are
707 among the easiest to defend against power and timing attacks.
1da177e4 708
584fffc8 709 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 710
711 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
712
713config CRYPTO_AES_586
714 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 715 depends on (X86 || UML_X86) && !64BIT
716 select CRYPTO_ALGAPI
5157dea8 717 select CRYPTO_AES
1da177e4 718 help
584fffc8 719 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 720 algorithm.
721
722 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 723 both hardware and software across a wide range of computing
724 environments regardless of its use in feedback or non-feedback
725 modes. Its key setup time is excellent, and its key agility is
726 good. Rijndael's very low memory requirements make it very well
727 suited for restricted-space environments, in which it also
728 demonstrates excellent performance. Rijndael's operations are
729 among the easiest to defend against power and timing attacks.
1da177e4 730
584fffc8 731 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 732
733 See <http://csrc.nist.gov/encryption/aes/> for more information.
734
735config CRYPTO_AES_X86_64
736 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 737 depends on (X86 || UML_X86) && 64BIT
738 select CRYPTO_ALGAPI
81190b32 739 select CRYPTO_AES
a2a892a2 740 help
584fffc8 741 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 742 algorithm.
743
744 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 745 both hardware and software across a wide range of computing
746 environments regardless of its use in feedback or non-feedback
747 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 748 good. Rijndael's very low memory requirements make it very well
749 suited for restricted-space environments, in which it also
750 demonstrates excellent performance. Rijndael's operations are
751 among the easiest to defend against power and timing attacks.
752
753 The AES specifies three key sizes: 128, 192 and 256 bits
754
755 See <http://csrc.nist.gov/encryption/aes/> for more information.
756
757config CRYPTO_AES_NI_INTEL
758 tristate "AES cipher algorithms (AES-NI)"
8af00860 759 depends on X86
0d258efb
MK		 760 select CRYPTO_AES_X86_64 if 64BIT
761 select CRYPTO_AES_586 if !64BIT
54b6a1bd 762 select CRYPTO_CRYPTD
801201aa 763 select CRYPTO_ABLK_HELPER
54b6a1bd 764 select CRYPTO_ALGAPI
7643a11a 765 select CRYPTO_GLUE_HELPER_X86 if 64BIT
023af608
JK		 766 select CRYPTO_LRW
767 select CRYPTO_XTS
54b6a1bd
HY		 768 help
769 Use Intel AES-NI instructions for AES algorithm.
770
771 AES cipher algorithms (FIPS-197). AES uses the Rijndael
772 algorithm.
773
774 Rijndael appears to be consistently a very good performer in
775 both hardware and software across a wide range of computing
776 environments regardless of its use in feedback or non-feedback
777 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 778 good. Rijndael's very low memory requirements make it very well
779 suited for restricted-space environments, in which it also
780 demonstrates excellent performance. Rijndael's operations are
781 among the easiest to defend against power and timing attacks.
a2a892a2 782
584fffc8 783 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 784
785 See <http://csrc.nist.gov/encryption/aes/> for more information.
786
0d258efb
MK		 787 In addition to AES cipher algorithm support, the acceleration
788 for some popular block cipher mode is supported too, including
789 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
790 acceleration for CTR.
2cf4ac8b 791
9bf4852d
DM		 792config CRYPTO_AES_SPARC64
793 tristate "AES cipher algorithms (SPARC64)"
794 depends on SPARC64
795 select CRYPTO_CRYPTD
796 select CRYPTO_ALGAPI
797 help
798 Use SPARC64 crypto opcodes for AES algorithm.
799
800 AES cipher algorithms (FIPS-197). AES uses the Rijndael
801 algorithm.
802
803 Rijndael appears to be consistently a very good performer in
804 both hardware and software across a wide range of computing
805 environments regardless of its use in feedback or non-feedback
806 modes. Its key setup time is excellent, and its key agility is
807 good. Rijndael's very low memory requirements make it very well
808 suited for restricted-space environments, in which it also
809 demonstrates excellent performance. Rijndael's operations are
810 among the easiest to defend against power and timing attacks.
811
812 The AES specifies three key sizes: 128, 192 and 256 bits
813
814 See <http://csrc.nist.gov/encryption/aes/> for more information.
815
816 In addition to AES cipher algorithm support, the acceleration
817 for some popular block cipher mode is supported too, including
818 ECB and CBC.
819
f0be44f4
DM		 820config CRYPTO_AES_ARM
821 tristate "AES cipher algorithms (ARM-asm)"
822 depends on ARM
823 select CRYPTO_ALGAPI
824 select CRYPTO_AES
825 help
826 Use optimized AES assembler routines for ARM platforms.
827
828 AES cipher algorithms (FIPS-197). AES uses the Rijndael
829 algorithm.
830
831 Rijndael appears to be consistently a very good performer in
832 both hardware and software across a wide range of computing
833 environments regardless of its use in feedback or non-feedback
834 modes. Its key setup time is excellent, and its key agility is
835 good. Rijndael's very low memory requirements make it very well
836 suited for restricted-space environments, in which it also
837 demonstrates excellent performance. Rijndael's operations are
838 among the easiest to defend against power and timing attacks.
839
840 The AES specifies three key sizes: 128, 192 and 256 bits
841
842 See <http://csrc.nist.gov/encryption/aes/> for more information.
843
e4e7f10b
AB		 844config CRYPTO_AES_ARM_BS
845 tristate "Bit sliced AES using NEON instructions"
846 depends on ARM && KERNEL_MODE_NEON
847 select CRYPTO_ALGAPI
848 select CRYPTO_AES_ARM
849 select CRYPTO_ABLK_HELPER
850 help
851 Use a faster and more secure NEON based implementation of AES in CBC,
852 CTR and XTS modes
853
854 Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
855 and for XTS mode encryption, CBC and XTS mode decryption speedup is
856 around 25%. (CBC encryption speed is not affected by this driver.)
857 This implementation does not rely on any lookup tables so it is
858 believed to be invulnerable to cache timing attacks.
859
584fffc8
SS		 860config CRYPTO_ANUBIS
861 tristate "Anubis cipher algorithm"
862 select CRYPTO_ALGAPI
863 help
864 Anubis cipher algorithm.
865
866 Anubis is a variable key length cipher which can use keys from
867 128 bits to 320 bits in length. It was evaluated as a entrant
868 in the NESSIE competition.
869
870 See also:
6d8de74c
JM		 871 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
872 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS		 873
874config CRYPTO_ARC4
875 tristate "ARC4 cipher algorithm"
b9b0f080 876 select CRYPTO_BLKCIPHER
584fffc8
SS		 877 help
878 ARC4 cipher algorithm.
879
880 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
881 bits in length. This algorithm is required for driver-based
882 WEP, but it should not be for other purposes because of the
883 weakness of the algorithm.
884
885config CRYPTO_BLOWFISH
886 tristate "Blowfish cipher algorithm"
887 select CRYPTO_ALGAPI
52ba867c 888 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS		 889 help
890 Blowfish cipher algorithm, by Bruce Schneier.
891
892 This is a variable key length cipher which can use keys from 32
893 bits to 448 bits in length. It's fast, simple and specifically
894 designed for use on "large microprocessors".
895
896 See also:
897 <http://www.schneier.com/blowfish.html>
898
52ba867c
JK		 899config CRYPTO_BLOWFISH_COMMON
900 tristate
901 help
902 Common parts of the Blowfish cipher algorithm shared by the
903 generic c and the assembler implementations.
904
905 See also:
906 <http://www.schneier.com/blowfish.html>
907
64b94cea
JK		 908config CRYPTO_BLOWFISH_X86_64
909 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 910 depends on X86 && 64BIT
64b94cea
JK		 911 select CRYPTO_ALGAPI
912 select CRYPTO_BLOWFISH_COMMON
913 help
914 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
915
916 This is a variable key length cipher which can use keys from 32
917 bits to 448 bits in length. It's fast, simple and specifically
918 designed for use on "large microprocessors".
919
920 See also:
921 <http://www.schneier.com/blowfish.html>
922
584fffc8
SS		 923config CRYPTO_CAMELLIA
924 tristate "Camellia cipher algorithms"
925 depends on CRYPTO
926 select CRYPTO_ALGAPI
927 help
928 Camellia cipher algorithms module.
929
930 Camellia is a symmetric key block cipher developed jointly
931 at NTT and Mitsubishi Electric Corporation.
932
933 The Camellia specifies three key sizes: 128, 192 and 256 bits.
934
935 See also:
936 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
937
0b95ec56
JK		 938config CRYPTO_CAMELLIA_X86_64
939 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 940 depends on X86 && 64BIT
0b95ec56
JK		 941 depends on CRYPTO
942 select CRYPTO_ALGAPI
964263af 943 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK		 944 select CRYPTO_LRW
945 select CRYPTO_XTS
946 help
947 Camellia cipher algorithm module (x86_64).
948
949 Camellia is a symmetric key block cipher developed jointly
950 at NTT and Mitsubishi Electric Corporation.
951
952 The Camellia specifies three key sizes: 128, 192 and 256 bits.
953
954 See also:
d9b1d2e7
JK		 955 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
956
957config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
958 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
959 depends on X86 && 64BIT
960 depends on CRYPTO
961 select CRYPTO_ALGAPI
962 select CRYPTO_CRYPTD
801201aa 963 select CRYPTO_ABLK_HELPER
d9b1d2e7
JK		 964 select CRYPTO_GLUE_HELPER_X86
965 select CRYPTO_CAMELLIA_X86_64
966 select CRYPTO_LRW
967 select CRYPTO_XTS
968 help
969 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
970
971 Camellia is a symmetric key block cipher developed jointly
972 at NTT and Mitsubishi Electric Corporation.
973
974 The Camellia specifies three key sizes: 128, 192 and 256 bits.
975
976 See also:
0b95ec56
JK		 977 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
978
f3f935a7
JK		 979config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
980 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
981 depends on X86 && 64BIT
982 depends on CRYPTO
983 select CRYPTO_ALGAPI
984 select CRYPTO_CRYPTD
801201aa 985 select CRYPTO_ABLK_HELPER
f3f935a7
JK		 986 select CRYPTO_GLUE_HELPER_X86
987 select CRYPTO_CAMELLIA_X86_64
988 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
989 select CRYPTO_LRW
990 select CRYPTO_XTS
991 help
992 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
993
994 Camellia is a symmetric key block cipher developed jointly
995 at NTT and Mitsubishi Electric Corporation.
996
997 The Camellia specifies three key sizes: 128, 192 and 256 bits.
998
999 See also:
1000 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1001
81658ad0
DM		 1002config CRYPTO_CAMELLIA_SPARC64
1003 tristate "Camellia cipher algorithm (SPARC64)"
1004 depends on SPARC64
1005 depends on CRYPTO
1006 select CRYPTO_ALGAPI
1007 help
1008 Camellia cipher algorithm module (SPARC64).
1009
1010 Camellia is a symmetric key block cipher developed jointly
1011 at NTT and Mitsubishi Electric Corporation.
1012
1013 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1014
1015 See also:
1016 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1017
044ab525
JK		 1018config CRYPTO_CAST_COMMON
1019 tristate
1020 help
1021 Common parts of the CAST cipher algorithms shared by the
1022 generic c and the assembler implementations.
1023
1da177e4
LT		 1024config CRYPTO_CAST5
1025 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 1026 select CRYPTO_ALGAPI
044ab525 1027 select CRYPTO_CAST_COMMON
1da177e4
LT		 1028 help
1029 The CAST5 encryption algorithm (synonymous with CAST-128) is
1030 described in RFC2144.
1031
4d6d6a2c
JG		 1032config CRYPTO_CAST5_AVX_X86_64
1033 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1034 depends on X86 && 64BIT
1035 select CRYPTO_ALGAPI
1036 select CRYPTO_CRYPTD
801201aa 1037 select CRYPTO_ABLK_HELPER
044ab525 1038 select CRYPTO_CAST_COMMON
4d6d6a2c
JG		 1039 select CRYPTO_CAST5
1040 help
1041 The CAST5 encryption algorithm (synonymous with CAST-128) is
1042 described in RFC2144.
1043
1044 This module provides the Cast5 cipher algorithm that processes
1045 sixteen blocks parallel using the AVX instruction set.
1046
1da177e4
LT		 1047config CRYPTO_CAST6
1048 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 1049 select CRYPTO_ALGAPI
044ab525 1050 select CRYPTO_CAST_COMMON
1da177e4
LT		 1051 help
1052 The CAST6 encryption algorithm (synonymous with CAST-256) is
1053 described in RFC2612.
1054
4ea1277d
JG		 1055config CRYPTO_CAST6_AVX_X86_64
1056 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1057 depends on X86 && 64BIT
1058 select CRYPTO_ALGAPI
1059 select CRYPTO_CRYPTD
801201aa 1060 select CRYPTO_ABLK_HELPER
4ea1277d 1061 select CRYPTO_GLUE_HELPER_X86
044ab525 1062 select CRYPTO_CAST_COMMON
4ea1277d
JG		 1063 select CRYPTO_CAST6
1064 select CRYPTO_LRW
1065 select CRYPTO_XTS
1066 help
1067 The CAST6 encryption algorithm (synonymous with CAST-256) is
1068 described in RFC2612.
1069
1070 This module provides the Cast6 cipher algorithm that processes
1071 eight blocks parallel using the AVX instruction set.
1072
584fffc8
SS		 1073config CRYPTO_DES
1074 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 1075 select CRYPTO_ALGAPI
1da177e4 1076 help
584fffc8 1077 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 1078
c5aac2df
DM		 1079config CRYPTO_DES_SPARC64
1080 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
97da37b3 1081 depends on SPARC64
c5aac2df
DM		 1082 select CRYPTO_ALGAPI
1083 select CRYPTO_DES
1084 help
1085 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1086 optimized using SPARC64 crypto opcodes.
1087
6574e6c6
JK		 1088config CRYPTO_DES3_EDE_X86_64
1089 tristate "Triple DES EDE cipher algorithm (x86-64)"
1090 depends on X86 && 64BIT
1091 select CRYPTO_ALGAPI
1092 select CRYPTO_DES
1093 help
1094 Triple DES EDE (FIPS 46-3) algorithm.
1095
1096 This module provides implementation of the Triple DES EDE cipher
1097 algorithm that is optimized for x86-64 processors. Two versions of
1098 algorithm are provided; regular processing one input block and
1099 one that processes three blocks parallel.
1100
584fffc8
SS		 1101config CRYPTO_FCRYPT
1102 tristate "FCrypt cipher algorithm"
cce9e06d 1103 select CRYPTO_ALGAPI
584fffc8 1104 select CRYPTO_BLKCIPHER
1da177e4 1105 help
584fffc8 1106 FCrypt algorithm used by RxRPC.
1da177e4
LT		 1107
1108config CRYPTO_KHAZAD
1109 tristate "Khazad cipher algorithm"
cce9e06d 1110 select CRYPTO_ALGAPI
1da177e4
LT		 1111 help
1112 Khazad cipher algorithm.
1113
1114 Khazad was a finalist in the initial NESSIE competition. It is
1115 an algorithm optimized for 64-bit processors with good performance
1116 on 32-bit processors. Khazad uses an 128 bit key size.
1117
1118 See also:
6d8de74c 1119 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 1120
2407d608 1121config CRYPTO_SALSA20
3b4afaf2 1122 tristate "Salsa20 stream cipher algorithm"
2407d608
TSH		 1123 select CRYPTO_BLKCIPHER
1124 help
1125 Salsa20 stream cipher algorithm.
1126
1127 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1128 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 1129
1130 The Salsa20 stream cipher algorithm is designed by Daniel J.
1131 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1132
1133config CRYPTO_SALSA20_586
3b4afaf2 1134 tristate "Salsa20 stream cipher algorithm (i586)"
974e4b75 1135 depends on (X86 || UML_X86) && !64BIT
974e4b75 1136 select CRYPTO_BLKCIPHER
974e4b75
TSH		 1137 help
1138 Salsa20 stream cipher algorithm.
1139
1140 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1141 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 1142
1143 The Salsa20 stream cipher algorithm is designed by Daniel J.
1144 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1145
1146config CRYPTO_SALSA20_X86_64
3b4afaf2 1147 tristate "Salsa20 stream cipher algorithm (x86_64)"
9a7dafbb 1148 depends on (X86 || UML_X86) && 64BIT
9a7dafbb 1149 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 1150 help
1151 Salsa20 stream cipher algorithm.
1152
1153 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1154 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 1155
1156 The Salsa20 stream cipher algorithm is designed by Daniel J.
1157 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 1158
584fffc8
SS		 1159config CRYPTO_SEED
1160 tristate "SEED cipher algorithm"
cce9e06d 1161 select CRYPTO_ALGAPI
1da177e4 1162 help
584fffc8 1163 SEED cipher algorithm (RFC4269).
1da177e4 1164
584fffc8
SS		 1165 SEED is a 128-bit symmetric key block cipher that has been
1166 developed by KISA (Korea Information Security Agency) as a
1167 national standard encryption algorithm of the Republic of Korea.
1168 It is a 16 round block cipher with the key size of 128 bit.
1169
1170 See also:
1171 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1172
1173config CRYPTO_SERPENT
1174 tristate "Serpent cipher algorithm"
cce9e06d 1175 select CRYPTO_ALGAPI
1da177e4 1176 help
584fffc8 1177 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 1178
584fffc8
SS		 1179 Keys are allowed to be from 0 to 256 bits in length, in steps
1180 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1181 variant of Serpent for compatibility with old kerneli.org code.
1182
1183 See also:
1184 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1185
937c30d7
JK		 1186config CRYPTO_SERPENT_SSE2_X86_64
1187 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1188 depends on X86 && 64BIT
1189 select CRYPTO_ALGAPI
341975bf 1190 select CRYPTO_CRYPTD
801201aa 1191 select CRYPTO_ABLK_HELPER
596d8750 1192 select CRYPTO_GLUE_HELPER_X86
937c30d7 1193 select CRYPTO_SERPENT
feaf0cfc
JK		 1194 select CRYPTO_LRW
1195 select CRYPTO_XTS
937c30d7
JK		 1196 help
1197 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1198
1199 Keys are allowed to be from 0 to 256 bits in length, in steps
1200 of 8 bits.
1201
1202 This module provides Serpent cipher algorithm that processes eigth
1203 blocks parallel using SSE2 instruction set.
1204
1205 See also:
1206 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1207
251496db
JK		 1208config CRYPTO_SERPENT_SSE2_586
1209 tristate "Serpent cipher algorithm (i586/SSE2)"
1210 depends on X86 && !64BIT
1211 select CRYPTO_ALGAPI
341975bf 1212 select CRYPTO_CRYPTD
801201aa 1213 select CRYPTO_ABLK_HELPER
596d8750 1214 select CRYPTO_GLUE_HELPER_X86
251496db 1215 select CRYPTO_SERPENT
feaf0cfc
JK		 1216 select CRYPTO_LRW
1217 select CRYPTO_XTS
251496db
JK		 1218 help
1219 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1220
1221 Keys are allowed to be from 0 to 256 bits in length, in steps
1222 of 8 bits.
1223
1224 This module provides Serpent cipher algorithm that processes four
1225 blocks parallel using SSE2 instruction set.
1226
1227 See also:
1228 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG		 1229
1230config CRYPTO_SERPENT_AVX_X86_64
1231 tristate "Serpent cipher algorithm (x86_64/AVX)"
1232 depends on X86 && 64BIT
1233 select CRYPTO_ALGAPI
1234 select CRYPTO_CRYPTD
801201aa 1235 select CRYPTO_ABLK_HELPER
1d0debbd 1236 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG		 1237 select CRYPTO_SERPENT
1238 select CRYPTO_LRW
1239 select CRYPTO_XTS
1240 help
1241 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1242
1243 Keys are allowed to be from 0 to 256 bits in length, in steps
1244 of 8 bits.
1245
1246 This module provides the Serpent cipher algorithm that processes
1247 eight blocks parallel using the AVX instruction set.
1248
1249 See also:
1250 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 1251
56d76c96
JK		 1252config CRYPTO_SERPENT_AVX2_X86_64
1253 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1254 depends on X86 && 64BIT
1255 select CRYPTO_ALGAPI
1256 select CRYPTO_CRYPTD
801201aa 1257 select CRYPTO_ABLK_HELPER
56d76c96
JK		 1258 select CRYPTO_GLUE_HELPER_X86
1259 select CRYPTO_SERPENT
1260 select CRYPTO_SERPENT_AVX_X86_64
1261 select CRYPTO_LRW
1262 select CRYPTO_XTS
1263 help
1264 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1265
1266 Keys are allowed to be from 0 to 256 bits in length, in steps
1267 of 8 bits.
1268
1269 This module provides Serpent cipher algorithm that processes 16
1270 blocks parallel using AVX2 instruction set.
1271
1272 See also:
1273 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1274
584fffc8
SS		 1275config CRYPTO_TEA
1276 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 1277 select CRYPTO_ALGAPI
1da177e4 1278 help
584fffc8 1279 TEA cipher algorithm.
1da177e4 1280
584fffc8
SS		 1281 Tiny Encryption Algorithm is a simple cipher that uses
1282 many rounds for security. It is very fast and uses
1283 little memory.
1284
1285 Xtendend Tiny Encryption Algorithm is a modification to
1286 the TEA algorithm to address a potential key weakness
1287 in the TEA algorithm.
1288
1289 Xtendend Encryption Tiny Algorithm is a mis-implementation
1290 of the XTEA algorithm for compatibility purposes.
1291
1292config CRYPTO_TWOFISH
1293 tristate "Twofish cipher algorithm"
04ac7db3 1294 select CRYPTO_ALGAPI
584fffc8 1295 select CRYPTO_TWOFISH_COMMON
04ac7db3 1296 help
584fffc8 1297 Twofish cipher algorithm.
04ac7db3 1298
584fffc8
SS		 1299 Twofish was submitted as an AES (Advanced Encryption Standard)
1300 candidate cipher by researchers at CounterPane Systems. It is a
1301 16 round block cipher supporting key sizes of 128, 192, and 256
1302 bits.
04ac7db3 1303
584fffc8
SS		 1304 See also:
1305 <http://www.schneier.com/twofish.html>
1306
1307config CRYPTO_TWOFISH_COMMON
1308 tristate
1309 help
1310 Common parts of the Twofish cipher algorithm shared by the
1311 generic c and the assembler implementations.
1312
1313config CRYPTO_TWOFISH_586
1314 tristate "Twofish cipher algorithms (i586)"
1315 depends on (X86 || UML_X86) && !64BIT
1316 select CRYPTO_ALGAPI
1317 select CRYPTO_TWOFISH_COMMON
1318 help
1319 Twofish cipher algorithm.
1320
1321 Twofish was submitted as an AES (Advanced Encryption Standard)
1322 candidate cipher by researchers at CounterPane Systems. It is a
1323 16 round block cipher supporting key sizes of 128, 192, and 256
1324 bits.
04ac7db3
NT		 1325
1326 See also:
584fffc8 1327 <http://www.schneier.com/twofish.html>
04ac7db3 1328
584fffc8
SS		 1329config CRYPTO_TWOFISH_X86_64
1330 tristate "Twofish cipher algorithm (x86_64)"
1331 depends on (X86 || UML_X86) && 64BIT
cce9e06d 1332 select CRYPTO_ALGAPI
584fffc8 1333 select CRYPTO_TWOFISH_COMMON
1da177e4 1334 help
584fffc8 1335 Twofish cipher algorithm (x86_64).
1da177e4 1336
584fffc8
SS		 1337 Twofish was submitted as an AES (Advanced Encryption Standard)
1338 candidate cipher by researchers at CounterPane Systems. It is a
1339 16 round block cipher supporting key sizes of 128, 192, and 256
1340 bits.
1341
1342 See also:
1343 <http://www.schneier.com/twofish.html>
1344
8280daad
JK		 1345config CRYPTO_TWOFISH_X86_64_3WAY
1346 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1347 depends on X86 && 64BIT
8280daad
JK		 1348 select CRYPTO_ALGAPI
1349 select CRYPTO_TWOFISH_COMMON
1350 select CRYPTO_TWOFISH_X86_64
414cb5e7 1351 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK		 1352 select CRYPTO_LRW
1353 select CRYPTO_XTS
8280daad
JK		 1354 help
1355 Twofish cipher algorithm (x86_64, 3-way parallel).
1356
1357 Twofish was submitted as an AES (Advanced Encryption Standard)
1358 candidate cipher by researchers at CounterPane Systems. It is a
1359 16 round block cipher supporting key sizes of 128, 192, and 256
1360 bits.
1361
1362 This module provides Twofish cipher algorithm that processes three
1363 blocks parallel, utilizing resources of out-of-order CPUs better.
1364
1365 See also:
1366 <http://www.schneier.com/twofish.html>
1367
107778b5
JG		 1368config CRYPTO_TWOFISH_AVX_X86_64
1369 tristate "Twofish cipher algorithm (x86_64/AVX)"
1370 depends on X86 && 64BIT
1371 select CRYPTO_ALGAPI
1372 select CRYPTO_CRYPTD
801201aa 1373 select CRYPTO_ABLK_HELPER
a7378d4e 1374 select CRYPTO_GLUE_HELPER_X86
107778b5
JG		 1375 select CRYPTO_TWOFISH_COMMON
1376 select CRYPTO_TWOFISH_X86_64
1377 select CRYPTO_TWOFISH_X86_64_3WAY
1378 select CRYPTO_LRW
1379 select CRYPTO_XTS
1380 help
1381 Twofish cipher algorithm (x86_64/AVX).
1382
1383 Twofish was submitted as an AES (Advanced Encryption Standard)
1384 candidate cipher by researchers at CounterPane Systems. It is a
1385 16 round block cipher supporting key sizes of 128, 192, and 256
1386 bits.
1387
1388 This module provides the Twofish cipher algorithm that processes
1389 eight blocks parallel using the AVX Instruction Set.
1390
1391 See also:
1392 <http://www.schneier.com/twofish.html>
1393
584fffc8
SS		 1394comment "Compression"
1395
1396config CRYPTO_DEFLATE
1397 tristate "Deflate compression algorithm"
1398 select CRYPTO_ALGAPI
1399 select ZLIB_INFLATE
1400 select ZLIB_DEFLATE
3c09f17c 1401 help
584fffc8
SS		 1402 This is the Deflate algorithm (RFC1951), specified for use in
1403 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1404
1405 You will most probably want this if using IPSec.
3c09f17c 1406
bf68e65e
GU		 1407config CRYPTO_ZLIB
1408 tristate "Zlib compression algorithm"
1409 select CRYPTO_PCOMP
1410 select ZLIB_INFLATE
1411 select ZLIB_DEFLATE
1412 select NLATTR
1413 help
1414 This is the zlib algorithm.
1415
0b77abb3
ZS		 1416config CRYPTO_LZO
1417 tristate "LZO compression algorithm"
1418 select CRYPTO_ALGAPI
1419 select LZO_COMPRESS
1420 select LZO_DECOMPRESS
1421 help
1422 This is the LZO algorithm.
1423
35a1fc18
SJ		 1424config CRYPTO_842
1425 tristate "842 compression algorithm"
1426 depends on CRYPTO_DEV_NX_COMPRESS
1427 # 842 uses lzo if the hardware becomes unavailable
1428 select LZO_COMPRESS
1429 select LZO_DECOMPRESS
1430 help
1431 This is the 842 algorithm.
0ea8530d
CM		 1432
1433config CRYPTO_LZ4
1434 tristate "LZ4 compression algorithm"
1435 select CRYPTO_ALGAPI
1436 select LZ4_COMPRESS
1437 select LZ4_DECOMPRESS
1438 help
1439 This is the LZ4 algorithm.
1440
1441config CRYPTO_LZ4HC
1442 tristate "LZ4HC compression algorithm"
1443 select CRYPTO_ALGAPI
1444 select LZ4HC_COMPRESS
1445 select LZ4_DECOMPRESS
1446 help
1447 This is the LZ4 high compression mode algorithm.
35a1fc18 1448
17f0f4a4
NH		 1449comment "Random Number Generation"
1450
1451config CRYPTO_ANSI_CPRNG
1452 tristate "Pseudo Random Number Generation for Cryptographic modules"
4e4ed83b 1453 default m
17f0f4a4
NH		 1454 select CRYPTO_AES
1455 select CRYPTO_RNG
17f0f4a4
NH		 1456 help
1457 This option enables the generic pseudo random number generator
1458 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 1459 ANSI X9.31 A.2.4. Note that this option must be enabled if
1460 CRYPTO_FIPS is selected
17f0f4a4 1461
f2c89a10 1462menuconfig CRYPTO_DRBG_MENU
419090c6 1463 tristate "NIST SP800-90A DRBG"
419090c6
SM		 1464 help
1465 NIST SP800-90A compliant DRBG. In the following submenu, one or
1466 more of the DRBG types must be selected.
1467
f2c89a10 1468if CRYPTO_DRBG_MENU
419090c6
SM		 1469
1470config CRYPTO_DRBG_HMAC
1471 bool "Enable HMAC DRBG"
1472 default y
419090c6
SM		 1473 select CRYPTO_HMAC
1474 help
1475 Enable the HMAC DRBG variant as defined in NIST SP800-90A.
1476
1477config CRYPTO_DRBG_HASH
1478 bool "Enable Hash DRBG"
419090c6
SM		 1479 select CRYPTO_HASH
1480 help
1481 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1482
1483config CRYPTO_DRBG_CTR
1484 bool "Enable CTR DRBG"
419090c6
SM		 1485 select CRYPTO_AES
1486 help
1487 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1488
f2c89a10
HX		 1489config CRYPTO_DRBG
1490 tristate
1491 default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR)
1492 select CRYPTO_RNG
1493
1494endif # if CRYPTO_DRBG_MENU
419090c6 1495
03c8efc1
HX		 1496config CRYPTO_USER_API
1497 tristate
1498
fe869cdb
HX		 1499config CRYPTO_USER_API_HASH
1500 tristate "User-space interface for hash algorithms"
7451708f 1501 depends on NET
fe869cdb
HX		 1502 select CRYPTO_HASH
1503 select CRYPTO_USER_API
1504 help
1505 This option enables the user-spaces interface for hash
1506 algorithms.
1507
8ff59090
HX		 1508config CRYPTO_USER_API_SKCIPHER
1509 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1510 depends on NET
8ff59090
HX		 1511 select CRYPTO_BLKCIPHER
1512 select CRYPTO_USER_API
1513 help
1514 This option enables the user-spaces interface for symmetric
1515 key cipher algorithms.
1516
2f375538
SM		 1517config CRYPTO_USER_API_RNG
1518 tristate "User-space interface for random number generator algorithms"
1519 depends on NET
1520 select CRYPTO_RNG
1521 select CRYPTO_USER_API
1522 help
1523 This option enables the user-spaces interface for random
1524 number generator algorithms.
1525
ee08997f
DK		 1526config CRYPTO_HASH_INFO
1527 bool
1528
1da177e4 1529source "drivers/crypto/Kconfig"
964f3b3b 1530source crypto/asymmetric_keys/Kconfig
1da177e4 1531
cce9e06d 1532endif # if CRYPTO
ubuntu-zesty-kernel mirror