]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - crypto/Kconfig
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: octeon - add SHA512 module
[mirror_ubuntu-artful-kernel.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
f2c89a10 26 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
002c77a4 27 depends on MODULE_SIG
ccb778e1
NH		 28 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
e84c5480 32 this is.
ccb778e1 33
cce9e06d
HX		 34config CRYPTO_ALGAPI
35 tristate
6a0fcbb4 36 select CRYPTO_ALGAPI2
cce9e06d
HX		 37 help
38 This option provides the API for cryptographic algorithms.
39
6a0fcbb4
HX		 40config CRYPTO_ALGAPI2
41 tristate
42
1ae97820
HX		 43config CRYPTO_AEAD
44 tristate
6a0fcbb4 45 select CRYPTO_AEAD2
1ae97820
HX		 46 select CRYPTO_ALGAPI
47
6a0fcbb4
HX		 48config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
51
5cde0af2
HX		 52config CRYPTO_BLKCIPHER
53 tristate
6a0fcbb4 54 select CRYPTO_BLKCIPHER2
5cde0af2 55 select CRYPTO_ALGAPI
6a0fcbb4
HX		 56
57config CRYPTO_BLKCIPHER2
58 tristate
59 select CRYPTO_ALGAPI2
60 select CRYPTO_RNG2
0a2e821d 61 select CRYPTO_WORKQUEUE
5cde0af2 62
055bcee3
HX		 63config CRYPTO_HASH
64 tristate
6a0fcbb4 65 select CRYPTO_HASH2
055bcee3
HX		 66 select CRYPTO_ALGAPI
67
6a0fcbb4
HX		 68config CRYPTO_HASH2
69 tristate
70 select CRYPTO_ALGAPI2
71
17f0f4a4
NH		 72config CRYPTO_RNG
73 tristate
6a0fcbb4 74 select CRYPTO_RNG2
17f0f4a4
NH		 75 select CRYPTO_ALGAPI
76
6a0fcbb4
HX		 77config CRYPTO_RNG2
78 tristate
79 select CRYPTO_ALGAPI2
80
a1d2f095 81config CRYPTO_PCOMP
bc94e596
HX		 82 tristate
83 select CRYPTO_PCOMP2
84 select CRYPTO_ALGAPI
85
86config CRYPTO_PCOMP2
a1d2f095
GU		 87 tristate
88 select CRYPTO_ALGAPI2
89
2b8c19db
HX		 90config CRYPTO_MANAGER
91 tristate "Cryptographic algorithm manager"
6a0fcbb4 92 select CRYPTO_MANAGER2
2b8c19db
HX		 93 help
94 Create default cryptographic template instantiations such as
95 cbc(aes).
96
6a0fcbb4
HX		 97config CRYPTO_MANAGER2
98 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
99 select CRYPTO_AEAD2
100 select CRYPTO_HASH2
101 select CRYPTO_BLKCIPHER2
bc94e596 102 select CRYPTO_PCOMP2
6a0fcbb4 103
a38f7907
SK		 104config CRYPTO_USER
105 tristate "Userspace cryptographic algorithm configuration"
5db017aa 106 depends on NET
a38f7907
SK		 107 select CRYPTO_MANAGER
108 help
d19978f5 109 Userspace configuration for cryptographic instantiations such as
a38f7907
SK		 110 cbc(aes).
111
326a6346
HX		 112config CRYPTO_MANAGER_DISABLE_TESTS
113 bool "Disable run-time self tests"
00ca28a5
HX		 114 default y
115 depends on CRYPTO_MANAGER2
0b767f96 116 help
326a6346
HX		 117 Disable run-time self tests that normally take place at
118 algorithm registration.
0b767f96 119
584fffc8 120config CRYPTO_GF128MUL
08c70fc3 121 tristate "GF(2^128) multiplication functions"
333b0d7e 122 help
584fffc8
SS		 123 Efficient table driven implementation of multiplications in the
124 field GF(2^128). This is needed by some cypher modes. This
125 option will be selected automatically if you select such a
126 cipher mode. Only select this option by hand if you expect to load
127 an external module that requires these functions.
333b0d7e 128
1da177e4
LT		 129config CRYPTO_NULL
130 tristate "Null algorithms"
cce9e06d 131 select CRYPTO_ALGAPI
c8620c25 132 select CRYPTO_BLKCIPHER
d35d2454 133 select CRYPTO_HASH
1da177e4
LT		 134 help
135 These are 'Null' algorithms, used by IPsec, which do nothing.
136
5068c7a8 137config CRYPTO_PCRYPT
3b4afaf2
KC		 138 tristate "Parallel crypto engine"
139 depends on SMP
5068c7a8
SK		 140 select PADATA
141 select CRYPTO_MANAGER
142 select CRYPTO_AEAD
143 help
144 This converts an arbitrary crypto algorithm into a parallel
145 algorithm that executes in kernel threads.
146
25c38d3f
HY		 147config CRYPTO_WORKQUEUE
148 tristate
149
584fffc8
SS		 150config CRYPTO_CRYPTD
151 tristate "Software async crypto daemon"
152 select CRYPTO_BLKCIPHER
b8a28251 153 select CRYPTO_HASH
584fffc8 154 select CRYPTO_MANAGER
254eff77 155 select CRYPTO_WORKQUEUE
1da177e4 156 help
584fffc8
SS		 157 This is a generic software asynchronous crypto daemon that
158 converts an arbitrary synchronous software crypto algorithm
159 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 160
1e65b81a
TC		 161config CRYPTO_MCRYPTD
162 tristate "Software async multi-buffer crypto daemon"
163 select CRYPTO_BLKCIPHER
164 select CRYPTO_HASH
165 select CRYPTO_MANAGER
166 select CRYPTO_WORKQUEUE
167 help
168 This is a generic software asynchronous crypto daemon that
169 provides the kernel thread to assist multi-buffer crypto
170 algorithms for submitting jobs and flushing jobs in multi-buffer
171 crypto algorithms. Multi-buffer crypto algorithms are executed
172 in the context of this kernel thread and drivers can post
0e56673b 173 their crypto request asynchronously to be processed by this daemon.
1e65b81a 174
584fffc8
SS		 175config CRYPTO_AUTHENC
176 tristate "Authenc support"
177 select CRYPTO_AEAD
178 select CRYPTO_BLKCIPHER
179 select CRYPTO_MANAGER
180 select CRYPTO_HASH
1da177e4 181 help
584fffc8
SS		 182 Authenc: Combined mode wrapper for IPsec.
183 This is required for IPSec.
1da177e4 184
584fffc8
SS		 185config CRYPTO_TEST
186 tristate "Testing module"
187 depends on m
da7f033d 188 select CRYPTO_MANAGER
1da177e4 189 help
584fffc8 190 Quick & dirty crypto test module.
1da177e4 191
a62b01cd 192config CRYPTO_ABLK_HELPER
ffaf9156 193 tristate
ffaf9156
JK		 194 select CRYPTO_CRYPTD
195
596d8750
JK		 196config CRYPTO_GLUE_HELPER_X86
197 tristate
198 depends on X86
199 select CRYPTO_ALGAPI
200
584fffc8 201comment "Authenticated Encryption with Associated Data"
cd12fb90 202
584fffc8
SS		 203config CRYPTO_CCM
204 tristate "CCM support"
205 select CRYPTO_CTR
206 select CRYPTO_AEAD
1da177e4 207 help
584fffc8 208 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 209
584fffc8
SS		 210config CRYPTO_GCM
211 tristate "GCM/GMAC support"
212 select CRYPTO_CTR
213 select CRYPTO_AEAD
9382d97a 214 select CRYPTO_GHASH
9489667d 215 select CRYPTO_NULL
1da177e4 216 help
584fffc8
SS		 217 Support for Galois/Counter Mode (GCM) and Galois Message
218 Authentication Code (GMAC). Required for IPSec.
1da177e4 219
584fffc8
SS		 220config CRYPTO_SEQIV
221 tristate "Sequence Number IV Generator"
222 select CRYPTO_AEAD
223 select CRYPTO_BLKCIPHER
a0f000ec 224 select CRYPTO_RNG
1da177e4 225 help
584fffc8
SS		 226 This IV generator generates an IV based on a sequence number by
227 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 228
584fffc8 229comment "Block modes"
c494e070 230
584fffc8
SS		 231config CRYPTO_CBC
232 tristate "CBC support"
db131ef9 233 select CRYPTO_BLKCIPHER
43518407 234 select CRYPTO_MANAGER
db131ef9 235 help
584fffc8
SS		 236 CBC: Cipher Block Chaining mode
237 This block cipher algorithm is required for IPSec.
db131ef9 238
584fffc8
SS		 239config CRYPTO_CTR
240 tristate "CTR support"
db131ef9 241 select CRYPTO_BLKCIPHER
584fffc8 242 select CRYPTO_SEQIV
43518407 243 select CRYPTO_MANAGER
db131ef9 244 help
584fffc8 245 CTR: Counter mode
db131ef9
HX		 246 This block cipher algorithm is required for IPSec.
247
584fffc8
SS		 248config CRYPTO_CTS
249 tristate "CTS support"
250 select CRYPTO_BLKCIPHER
251 help
252 CTS: Cipher Text Stealing
253 This is the Cipher Text Stealing mode as described by
254 Section 8 of rfc2040 and referenced by rfc3962.
255 (rfc3962 includes errata information in its Appendix A)
256 This mode is required for Kerberos gss mechanism support
257 for AES encryption.
258
259config CRYPTO_ECB
260 tristate "ECB support"
91652be5
DH		 261 select CRYPTO_BLKCIPHER
262 select CRYPTO_MANAGER
91652be5 263 help
584fffc8
SS		 264 ECB: Electronic CodeBook mode
265 This is the simplest block cipher algorithm. It simply encrypts
266 the input block by block.
91652be5 267
64470f1b 268config CRYPTO_LRW
2470a2b2 269 tristate "LRW support"
64470f1b
RS		 270 select CRYPTO_BLKCIPHER
271 select CRYPTO_MANAGER
272 select CRYPTO_GF128MUL
273 help
274 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
275 narrow block cipher mode for dm-crypt. Use it with cipher
276 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
277 The first 128, 192 or 256 bits in the key are used for AES and the
278 rest is used to tie each cipher block to its logical position.
279
584fffc8
SS		 280config CRYPTO_PCBC
281 tristate "PCBC support"
282 select CRYPTO_BLKCIPHER
283 select CRYPTO_MANAGER
284 help
285 PCBC: Propagating Cipher Block Chaining mode
286 This block cipher algorithm is required for RxRPC.
287
f19f5111 288config CRYPTO_XTS
5bcf8e6d 289 tristate "XTS support"
f19f5111
RS		 290 select CRYPTO_BLKCIPHER
291 select CRYPTO_MANAGER
292 select CRYPTO_GF128MUL
293 help
294 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
295 key size 256, 384 or 512 bits. This implementation currently
296 can't handle a sectorsize which is not a multiple of 16 bytes.
297
584fffc8
SS		 298comment "Hash modes"
299
93b5e86a
JK		 300config CRYPTO_CMAC
301 tristate "CMAC support"
302 select CRYPTO_HASH
303 select CRYPTO_MANAGER
304 help
305 Cipher-based Message Authentication Code (CMAC) specified by
306 The National Institute of Standards and Technology (NIST).
307
308 https://tools.ietf.org/html/rfc4493
309 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
310
584fffc8
SS		 311config CRYPTO_HMAC
312 tristate "HMAC support"
313 select CRYPTO_HASH
23e353c8 314 select CRYPTO_MANAGER
23e353c8 315 help
584fffc8
SS		 316 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
317 This is required for IPSec.
23e353c8 318
584fffc8
SS		 319config CRYPTO_XCBC
320 tristate "XCBC support"
584fffc8
SS		 321 select CRYPTO_HASH
322 select CRYPTO_MANAGER
76cb9521 323 help
584fffc8
SS		 324 XCBC: Keyed-Hashing with encryption algorithm
325 http://www.ietf.org/rfc/rfc3566.txt
326 http://csrc.nist.gov/encryption/modes/proposedmodes/
327 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 328
f1939f7c
SW		 329config CRYPTO_VMAC
330 tristate "VMAC support"
f1939f7c
SW		 331 select CRYPTO_HASH
332 select CRYPTO_MANAGER
333 help
334 VMAC is a message authentication algorithm designed for
335 very high speed on 64-bit architectures.
336
337 See also:
338 <http://fastcrypto.org/vmac>
339
584fffc8 340comment "Digest"
28db8e3e 341
584fffc8
SS		 342config CRYPTO_CRC32C
343 tristate "CRC32c CRC algorithm"
5773a3e6 344 select CRYPTO_HASH
6a0962b2 345 select CRC32
4a49b499 346 help
584fffc8
SS		 347 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
348 by iSCSI for header and data digests and by others.
69c35efc 349 See Castagnoli93. Module will be crc32c.
4a49b499 350
8cb51ba8
AZ		 351config CRYPTO_CRC32C_INTEL
352 tristate "CRC32c INTEL hardware acceleration"
353 depends on X86
354 select CRYPTO_HASH
355 help
356 In Intel processor with SSE4.2 supported, the processor will
357 support CRC32C implementation using hardware accelerated CRC32
358 instruction. This option will create 'crc32c-intel' module,
359 which will enable any routine to use the CRC32 instruction to
360 gain performance compared with software implementation.
361 Module will be crc32c-intel.
362
442a7c40
DM		 363config CRYPTO_CRC32C_SPARC64
364 tristate "CRC32c CRC algorithm (SPARC64)"
365 depends on SPARC64
366 select CRYPTO_HASH
367 select CRC32
368 help
369 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
370 when available.
371
78c37d19
AB		 372config CRYPTO_CRC32
373 tristate "CRC32 CRC algorithm"
374 select CRYPTO_HASH
375 select CRC32
376 help
377 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
378 Shash crypto api wrappers to crc32_le function.
379
380config CRYPTO_CRC32_PCLMUL
381 tristate "CRC32 PCLMULQDQ hardware acceleration"
382 depends on X86
383 select CRYPTO_HASH
384 select CRC32
385 help
386 From Intel Westmere and AMD Bulldozer processor with SSE4.2
387 and PCLMULQDQ supported, the processor will support
388 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
389 instruction. This option will create 'crc32-plcmul' module,
390 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
391 and gain better performance as compared with the table implementation.
392
68411521
HX		 393config CRYPTO_CRCT10DIF
394 tristate "CRCT10DIF algorithm"
395 select CRYPTO_HASH
396 help
397 CRC T10 Data Integrity Field computation is being cast as
398 a crypto transform. This allows for faster crc t10 diff
399 transforms to be used if they are available.
400
401config CRYPTO_CRCT10DIF_PCLMUL
402 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
403 depends on X86 && 64BIT && CRC_T10DIF
404 select CRYPTO_HASH
405 help
406 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
407 CRC T10 DIF PCLMULQDQ computation can be hardware
408 accelerated PCLMULQDQ instruction. This option will create
409 'crct10dif-plcmul' module, which is faster when computing the
410 crct10dif checksum as compared with the generic table implementation.
411
2cdc6899
HY		 412config CRYPTO_GHASH
413 tristate "GHASH digest algorithm"
2cdc6899
HY		 414 select CRYPTO_GF128MUL
415 help
416 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
417
584fffc8
SS		 418config CRYPTO_MD4
419 tristate "MD4 digest algorithm"
808a1763 420 select CRYPTO_HASH
124b53d0 421 help
584fffc8 422 MD4 message digest algorithm (RFC1320).
124b53d0 423
584fffc8
SS		 424config CRYPTO_MD5
425 tristate "MD5 digest algorithm"
14b75ba7 426 select CRYPTO_HASH
1da177e4 427 help
584fffc8 428 MD5 message digest algorithm (RFC1321).
1da177e4 429
d69e75de
AK		 430config CRYPTO_MD5_OCTEON
431 tristate "MD5 digest algorithm (OCTEON)"
432 depends on CPU_CAVIUM_OCTEON
433 select CRYPTO_MD5
434 select CRYPTO_HASH
435 help
436 MD5 message digest algorithm (RFC1321) implemented
437 using OCTEON crypto instructions, when available.
438
e8e59953
MS		 439config CRYPTO_MD5_PPC
440 tristate "MD5 digest algorithm (PPC)"
441 depends on PPC
442 select CRYPTO_HASH
443 help
444 MD5 message digest algorithm (RFC1321) implemented
445 in PPC assembler.
446
fa4dfedc
DM		 447config CRYPTO_MD5_SPARC64
448 tristate "MD5 digest algorithm (SPARC64)"
449 depends on SPARC64
450 select CRYPTO_MD5
451 select CRYPTO_HASH
452 help
453 MD5 message digest algorithm (RFC1321) implemented
454 using sparc64 crypto instructions, when available.
455
584fffc8
SS		 456config CRYPTO_MICHAEL_MIC
457 tristate "Michael MIC keyed digest algorithm"
19e2bf14 458 select CRYPTO_HASH
90831639 459 help
584fffc8
SS		 460 Michael MIC is used for message integrity protection in TKIP
461 (IEEE 802.11i). This algorithm is required for TKIP, but it
462 should not be used for other purposes because of the weakness
463 of the algorithm.
90831639 464
82798f90 465config CRYPTO_RMD128
b6d44341 466 tristate "RIPEMD-128 digest algorithm"
7c4468bc 467 select CRYPTO_HASH
b6d44341
AB		 468 help
469 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 470
b6d44341 471 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 472 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 473 RIPEMD-160 should be used.
82798f90 474
b6d44341 475 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 476 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 477
478config CRYPTO_RMD160
b6d44341 479 tristate "RIPEMD-160 digest algorithm"
e5835fba 480 select CRYPTO_HASH
b6d44341
AB		 481 help
482 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 483
b6d44341
AB		 484 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
485 to be used as a secure replacement for the 128-bit hash functions
486 MD4, MD5 and it's predecessor RIPEMD
487 (not to be confused with RIPEMD-128).
82798f90 488
b6d44341
AB		 489 It's speed is comparable to SHA1 and there are no known attacks
490 against RIPEMD-160.
534fe2c1 491
b6d44341 492 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 493 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 494
495config CRYPTO_RMD256
b6d44341 496 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 497 select CRYPTO_HASH
b6d44341
AB		 498 help
499 RIPEMD-256 is an optional extension of RIPEMD-128 with a
500 256 bit hash. It is intended for applications that require
501 longer hash-results, without needing a larger security level
502 (than RIPEMD-128).
534fe2c1 503
b6d44341 504 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 505 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 506
507config CRYPTO_RMD320
b6d44341 508 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 509 select CRYPTO_HASH
b6d44341
AB		 510 help
511 RIPEMD-320 is an optional extension of RIPEMD-160 with a
512 320 bit hash. It is intended for applications that require
513 longer hash-results, without needing a larger security level
514 (than RIPEMD-160).
534fe2c1 515
b6d44341 516 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 517 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 518
584fffc8
SS		 519config CRYPTO_SHA1
520 tristate "SHA1 digest algorithm"
54ccb367 521 select CRYPTO_HASH
1da177e4 522 help
584fffc8 523 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 524
66be8951 525config CRYPTO_SHA1_SSSE3
7c1da8d0 526 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2)"
66be8951
MK		 527 depends on X86 && 64BIT
528 select CRYPTO_SHA1
529 select CRYPTO_HASH
530 help
531 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
532 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
7c1da8d0 533 Extensions (AVX/AVX2), when available.
66be8951 534
8275d1aa
TC		 535config CRYPTO_SHA256_SSSE3
536 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2)"
537 depends on X86 && 64BIT
538 select CRYPTO_SHA256
539 select CRYPTO_HASH
540 help
541 SHA-256 secure hash standard (DFIPS 180-2) implemented
542 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
543 Extensions version 1 (AVX1), or Advanced Vector Extensions
87de4579
TC		 544 version 2 (AVX2) instructions, when available.
545
546config CRYPTO_SHA512_SSSE3
547 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
548 depends on X86 && 64BIT
549 select CRYPTO_SHA512
550 select CRYPTO_HASH
551 help
552 SHA-512 secure hash standard (DFIPS 180-2) implemented
553 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
554 Extensions version 1 (AVX1), or Advanced Vector Extensions
8275d1aa
TC		 555 version 2 (AVX2) instructions, when available.
556
4ff28d4c
DM		 557config CRYPTO_SHA1_SPARC64
558 tristate "SHA1 digest algorithm (SPARC64)"
559 depends on SPARC64
560 select CRYPTO_SHA1
561 select CRYPTO_HASH
562 help
563 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
564 using sparc64 crypto instructions, when available.
565
f0be44f4
DM		 566config CRYPTO_SHA1_ARM
567 tristate "SHA1 digest algorithm (ARM-asm)"
568 depends on ARM
569 select CRYPTO_SHA1
570 select CRYPTO_HASH
571 help
572 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
573 using optimized ARM assembler.
574
60468255
JK		 575config CRYPTO_SHA1_ARM_NEON
576 tristate "SHA1 digest algorithm (ARM NEON)"
0777e3e1 577 depends on ARM && KERNEL_MODE_NEON
60468255
JK		 578 select CRYPTO_SHA1_ARM
579 select CRYPTO_SHA1
580 select CRYPTO_HASH
581 help
582 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
583 using optimized ARM NEON assembly, when NEON instructions are
584 available.
585
323a6bf1
ME		 586config CRYPTO_SHA1_PPC
587 tristate "SHA1 digest algorithm (powerpc)"
588 depends on PPC
589 help
590 This is the powerpc hardware accelerated implementation of the
591 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
592
d9850fc5
MS		 593config CRYPTO_SHA1_PPC_SPE
594 tristate "SHA1 digest algorithm (PPC SPE)"
595 depends on PPC && SPE
596 help
597 SHA-1 secure hash standard (DFIPS 180-4) implemented
598 using powerpc SPE SIMD instruction set.
599
1e65b81a
TC		 600config CRYPTO_SHA1_MB
601 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
602 depends on X86 && 64BIT
603 select CRYPTO_SHA1
604 select CRYPTO_HASH
605 select CRYPTO_MCRYPTD
606 help
607 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
608 using multi-buffer technique. This algorithm computes on
609 multiple data lanes concurrently with SIMD instructions for
610 better throughput. It should not be enabled by default but
611 used when there is significant amount of work to keep the keep
612 the data lanes filled to get performance benefit. If the data
613 lanes remain unfilled, a flush operation will be initiated to
614 process the crypto jobs, adding a slight latency.
615
584fffc8
SS		 616config CRYPTO_SHA256
617 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 618 select CRYPTO_HASH
1da177e4 619 help
584fffc8 620 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 621
584fffc8
SS		 622 This version of SHA implements a 256 bit hash with 128 bits of
623 security against collision attacks.
2729bb42 624
b6d44341
AB		 625 This code also includes SHA-224, a 224 bit hash with 112 bits
626 of security against collision attacks.
584fffc8 627
2ecc1e95
MS		 628config CRYPTO_SHA256_PPC_SPE
629 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
630 depends on PPC && SPE
631 select CRYPTO_SHA256
632 select CRYPTO_HASH
633 help
634 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
635 implemented using powerpc SPE SIMD instruction set.
636
86c93b24
DM		 637config CRYPTO_SHA256_SPARC64
638 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
639 depends on SPARC64
640 select CRYPTO_SHA256
641 select CRYPTO_HASH
642 help
643 SHA-256 secure hash standard (DFIPS 180-2) implemented
644 using sparc64 crypto instructions, when available.
645
584fffc8
SS		 646config CRYPTO_SHA512
647 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 648 select CRYPTO_HASH
b9f535ff 649 help
584fffc8 650 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 651
584fffc8
SS		 652 This version of SHA implements a 512 bit hash with 256 bits of
653 security against collision attacks.
b9f535ff 654
584fffc8
SS		 655 This code also includes SHA-384, a 384 bit hash with 192 bits
656 of security against collision attacks.
b9f535ff 657
775e0c69
DM		 658config CRYPTO_SHA512_SPARC64
659 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
660 depends on SPARC64
661 select CRYPTO_SHA512
662 select CRYPTO_HASH
663 help
664 SHA-512 secure hash standard (DFIPS 180-2) implemented
665 using sparc64 crypto instructions, when available.
666
c8611d71
JK		 667config CRYPTO_SHA512_ARM_NEON
668 tristate "SHA384 and SHA512 digest algorithm (ARM NEON)"
31e1a602 669 depends on ARM && KERNEL_MODE_NEON
c8611d71
JK		 670 select CRYPTO_SHA512
671 select CRYPTO_HASH
672 help
673 SHA-512 secure hash standard (DFIPS 180-2) implemented
674 using ARM NEON instructions, when available.
675
676 This version of SHA implements a 512 bit hash with 256 bits of
677 security against collision attacks.
678
679 This code also includes SHA-384, a 384 bit hash with 192 bits
680 of security against collision attacks.
681
584fffc8
SS		 682config CRYPTO_TGR192
683 tristate "Tiger digest algorithms"
f63fbd3d 684 select CRYPTO_HASH
eaf44088 685 help
584fffc8 686 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 687
584fffc8
SS		 688 Tiger is a hash function optimized for 64-bit processors while
689 still having decent performance on 32-bit processors.
690 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 691
692 See also:
584fffc8 693 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 694
584fffc8
SS		 695config CRYPTO_WP512
696 tristate "Whirlpool digest algorithms"
4946510b 697 select CRYPTO_HASH
1da177e4 698 help
584fffc8 699 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 700
584fffc8
SS		 701 Whirlpool-512 is part of the NESSIE cryptographic primitives.
702 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 703
704 See also:
6d8de74c 705 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 706
0e1227d3
HY		 707config CRYPTO_GHASH_CLMUL_NI_INTEL
708 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 709 depends on X86 && 64BIT
0e1227d3
HY		 710 select CRYPTO_CRYPTD
711 help
712 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
713 The implementation is accelerated by CLMUL-NI of Intel.
714
584fffc8 715comment "Ciphers"
1da177e4
LT		 716
717config CRYPTO_AES
718 tristate "AES cipher algorithms"
cce9e06d 719 select CRYPTO_ALGAPI
1da177e4 720 help
584fffc8 721 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 722 algorithm.
723
724 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 725 both hardware and software across a wide range of computing
726 environments regardless of its use in feedback or non-feedback
727 modes. Its key setup time is excellent, and its key agility is
728 good. Rijndael's very low memory requirements make it very well
729 suited for restricted-space environments, in which it also
730 demonstrates excellent performance. Rijndael's operations are
731 among the easiest to defend against power and timing attacks.
1da177e4 732
584fffc8 733 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 734
735 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
736
737config CRYPTO_AES_586
738 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 739 depends on (X86 || UML_X86) && !64BIT
740 select CRYPTO_ALGAPI
5157dea8 741 select CRYPTO_AES
1da177e4 742 help
584fffc8 743 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 744 algorithm.
745
746 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 747 both hardware and software across a wide range of computing
748 environments regardless of its use in feedback or non-feedback
749 modes. Its key setup time is excellent, and its key agility is
750 good. Rijndael's very low memory requirements make it very well
751 suited for restricted-space environments, in which it also
752 demonstrates excellent performance. Rijndael's operations are
753 among the easiest to defend against power and timing attacks.
1da177e4 754
584fffc8 755 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 756
757 See <http://csrc.nist.gov/encryption/aes/> for more information.
758
759config CRYPTO_AES_X86_64
760 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 761 depends on (X86 || UML_X86) && 64BIT
762 select CRYPTO_ALGAPI
81190b32 763 select CRYPTO_AES
a2a892a2 764 help
584fffc8 765 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 766 algorithm.
767
768 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 769 both hardware and software across a wide range of computing
770 environments regardless of its use in feedback or non-feedback
771 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 772 good. Rijndael's very low memory requirements make it very well
773 suited for restricted-space environments, in which it also
774 demonstrates excellent performance. Rijndael's operations are
775 among the easiest to defend against power and timing attacks.
776
777 The AES specifies three key sizes: 128, 192 and 256 bits
778
779 See <http://csrc.nist.gov/encryption/aes/> for more information.
780
781config CRYPTO_AES_NI_INTEL
782 tristate "AES cipher algorithms (AES-NI)"
8af00860 783 depends on X86
0d258efb
MK		 784 select CRYPTO_AES_X86_64 if 64BIT
785 select CRYPTO_AES_586 if !64BIT
54b6a1bd 786 select CRYPTO_CRYPTD
801201aa 787 select CRYPTO_ABLK_HELPER
54b6a1bd 788 select CRYPTO_ALGAPI
7643a11a 789 select CRYPTO_GLUE_HELPER_X86 if 64BIT
023af608
JK		 790 select CRYPTO_LRW
791 select CRYPTO_XTS
54b6a1bd
HY		 792 help
793 Use Intel AES-NI instructions for AES algorithm.
794
795 AES cipher algorithms (FIPS-197). AES uses the Rijndael
796 algorithm.
797
798 Rijndael appears to be consistently a very good performer in
799 both hardware and software across a wide range of computing
800 environments regardless of its use in feedback or non-feedback
801 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 802 good. Rijndael's very low memory requirements make it very well
803 suited for restricted-space environments, in which it also
804 demonstrates excellent performance. Rijndael's operations are
805 among the easiest to defend against power and timing attacks.
a2a892a2 806
584fffc8 807 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 808
809 See <http://csrc.nist.gov/encryption/aes/> for more information.
810
0d258efb
MK		 811 In addition to AES cipher algorithm support, the acceleration
812 for some popular block cipher mode is supported too, including
813 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
814 acceleration for CTR.
2cf4ac8b 815
9bf4852d
DM		 816config CRYPTO_AES_SPARC64
817 tristate "AES cipher algorithms (SPARC64)"
818 depends on SPARC64
819 select CRYPTO_CRYPTD
820 select CRYPTO_ALGAPI
821 help
822 Use SPARC64 crypto opcodes for AES algorithm.
823
824 AES cipher algorithms (FIPS-197). AES uses the Rijndael
825 algorithm.
826
827 Rijndael appears to be consistently a very good performer in
828 both hardware and software across a wide range of computing
829 environments regardless of its use in feedback or non-feedback
830 modes. Its key setup time is excellent, and its key agility is
831 good. Rijndael's very low memory requirements make it very well
832 suited for restricted-space environments, in which it also
833 demonstrates excellent performance. Rijndael's operations are
834 among the easiest to defend against power and timing attacks.
835
836 The AES specifies three key sizes: 128, 192 and 256 bits
837
838 See <http://csrc.nist.gov/encryption/aes/> for more information.
839
840 In addition to AES cipher algorithm support, the acceleration
841 for some popular block cipher mode is supported too, including
842 ECB and CBC.
843
f0be44f4
DM		 844config CRYPTO_AES_ARM
845 tristate "AES cipher algorithms (ARM-asm)"
846 depends on ARM
847 select CRYPTO_ALGAPI
848 select CRYPTO_AES
849 help
850 Use optimized AES assembler routines for ARM platforms.
851
852 AES cipher algorithms (FIPS-197). AES uses the Rijndael
853 algorithm.
854
855 Rijndael appears to be consistently a very good performer in
856 both hardware and software across a wide range of computing
857 environments regardless of its use in feedback or non-feedback
858 modes. Its key setup time is excellent, and its key agility is
859 good. Rijndael's very low memory requirements make it very well
860 suited for restricted-space environments, in which it also
861 demonstrates excellent performance. Rijndael's operations are
862 among the easiest to defend against power and timing attacks.
863
864 The AES specifies three key sizes: 128, 192 and 256 bits
865
866 See <http://csrc.nist.gov/encryption/aes/> for more information.
867
e4e7f10b
AB		 868config CRYPTO_AES_ARM_BS
869 tristate "Bit sliced AES using NEON instructions"
870 depends on ARM && KERNEL_MODE_NEON
871 select CRYPTO_ALGAPI
872 select CRYPTO_AES_ARM
873 select CRYPTO_ABLK_HELPER
874 help
875 Use a faster and more secure NEON based implementation of AES in CBC,
876 CTR and XTS modes
877
878 Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
879 and for XTS mode encryption, CBC and XTS mode decryption speedup is
880 around 25%. (CBC encryption speed is not affected by this driver.)
881 This implementation does not rely on any lookup tables so it is
882 believed to be invulnerable to cache timing attacks.
883
504c6143
MS		 884config CRYPTO_AES_PPC_SPE
885 tristate "AES cipher algorithms (PPC SPE)"
886 depends on PPC && SPE
887 help
888 AES cipher algorithms (FIPS-197). Additionally the acceleration
889 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
890 This module should only be used for low power (router) devices
891 without hardware AES acceleration (e.g. caam crypto). It reduces the
892 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
893 timining attacks. Nevertheless it might be not as secure as other
894 architecture specific assembler implementations that work on 1KB
895 tables or 256 bytes S-boxes.
896
584fffc8
SS		 897config CRYPTO_ANUBIS
898 tristate "Anubis cipher algorithm"
899 select CRYPTO_ALGAPI
900 help
901 Anubis cipher algorithm.
902
903 Anubis is a variable key length cipher which can use keys from
904 128 bits to 320 bits in length. It was evaluated as a entrant
905 in the NESSIE competition.
906
907 See also:
6d8de74c
JM		 908 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
909 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS		 910
911config CRYPTO_ARC4
912 tristate "ARC4 cipher algorithm"
b9b0f080 913 select CRYPTO_BLKCIPHER
584fffc8
SS		 914 help
915 ARC4 cipher algorithm.
916
917 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
918 bits in length. This algorithm is required for driver-based
919 WEP, but it should not be for other purposes because of the
920 weakness of the algorithm.
921
922config CRYPTO_BLOWFISH
923 tristate "Blowfish cipher algorithm"
924 select CRYPTO_ALGAPI
52ba867c 925 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS		 926 help
927 Blowfish cipher algorithm, by Bruce Schneier.
928
929 This is a variable key length cipher which can use keys from 32
930 bits to 448 bits in length. It's fast, simple and specifically
931 designed for use on "large microprocessors".
932
933 See also:
934 <http://www.schneier.com/blowfish.html>
935
52ba867c
JK		 936config CRYPTO_BLOWFISH_COMMON
937 tristate
938 help
939 Common parts of the Blowfish cipher algorithm shared by the
940 generic c and the assembler implementations.
941
942 See also:
943 <http://www.schneier.com/blowfish.html>
944
64b94cea
JK		 945config CRYPTO_BLOWFISH_X86_64
946 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 947 depends on X86 && 64BIT
64b94cea
JK		 948 select CRYPTO_ALGAPI
949 select CRYPTO_BLOWFISH_COMMON
950 help
951 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
952
953 This is a variable key length cipher which can use keys from 32
954 bits to 448 bits in length. It's fast, simple and specifically
955 designed for use on "large microprocessors".
956
957 See also:
958 <http://www.schneier.com/blowfish.html>
959
584fffc8
SS		 960config CRYPTO_CAMELLIA
961 tristate "Camellia cipher algorithms"
962 depends on CRYPTO
963 select CRYPTO_ALGAPI
964 help
965 Camellia cipher algorithms module.
966
967 Camellia is a symmetric key block cipher developed jointly
968 at NTT and Mitsubishi Electric Corporation.
969
970 The Camellia specifies three key sizes: 128, 192 and 256 bits.
971
972 See also:
973 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
974
0b95ec56
JK		 975config CRYPTO_CAMELLIA_X86_64
976 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 977 depends on X86 && 64BIT
0b95ec56
JK		 978 depends on CRYPTO
979 select CRYPTO_ALGAPI
964263af 980 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK		 981 select CRYPTO_LRW
982 select CRYPTO_XTS
983 help
984 Camellia cipher algorithm module (x86_64).
985
986 Camellia is a symmetric key block cipher developed jointly
987 at NTT and Mitsubishi Electric Corporation.
988
989 The Camellia specifies three key sizes: 128, 192 and 256 bits.
990
991 See also:
d9b1d2e7
JK		 992 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
993
994config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
995 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
996 depends on X86 && 64BIT
997 depends on CRYPTO
998 select CRYPTO_ALGAPI
999 select CRYPTO_CRYPTD
801201aa 1000 select CRYPTO_ABLK_HELPER
d9b1d2e7
JK		 1001 select CRYPTO_GLUE_HELPER_X86
1002 select CRYPTO_CAMELLIA_X86_64
1003 select CRYPTO_LRW
1004 select CRYPTO_XTS
1005 help
1006 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1007
1008 Camellia is a symmetric key block cipher developed jointly
1009 at NTT and Mitsubishi Electric Corporation.
1010
1011 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1012
1013 See also:
0b95ec56
JK		 1014 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1015
f3f935a7
JK		 1016config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1017 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1018 depends on X86 && 64BIT
1019 depends on CRYPTO
1020 select CRYPTO_ALGAPI
1021 select CRYPTO_CRYPTD
801201aa 1022 select CRYPTO_ABLK_HELPER
f3f935a7
JK		 1023 select CRYPTO_GLUE_HELPER_X86
1024 select CRYPTO_CAMELLIA_X86_64
1025 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1026 select CRYPTO_LRW
1027 select CRYPTO_XTS
1028 help
1029 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1030
1031 Camellia is a symmetric key block cipher developed jointly
1032 at NTT and Mitsubishi Electric Corporation.
1033
1034 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1035
1036 See also:
1037 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1038
81658ad0
DM		 1039config CRYPTO_CAMELLIA_SPARC64
1040 tristate "Camellia cipher algorithm (SPARC64)"
1041 depends on SPARC64
1042 depends on CRYPTO
1043 select CRYPTO_ALGAPI
1044 help
1045 Camellia cipher algorithm module (SPARC64).
1046
1047 Camellia is a symmetric key block cipher developed jointly
1048 at NTT and Mitsubishi Electric Corporation.
1049
1050 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1051
1052 See also:
1053 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1054
044ab525
JK		 1055config CRYPTO_CAST_COMMON
1056 tristate
1057 help
1058 Common parts of the CAST cipher algorithms shared by the
1059 generic c and the assembler implementations.
1060
1da177e4
LT		 1061config CRYPTO_CAST5
1062 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 1063 select CRYPTO_ALGAPI
044ab525 1064 select CRYPTO_CAST_COMMON
1da177e4
LT		 1065 help
1066 The CAST5 encryption algorithm (synonymous with CAST-128) is
1067 described in RFC2144.
1068
4d6d6a2c
JG		 1069config CRYPTO_CAST5_AVX_X86_64
1070 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1071 depends on X86 && 64BIT
1072 select CRYPTO_ALGAPI
1073 select CRYPTO_CRYPTD
801201aa 1074 select CRYPTO_ABLK_HELPER
044ab525 1075 select CRYPTO_CAST_COMMON
4d6d6a2c
JG		 1076 select CRYPTO_CAST5
1077 help
1078 The CAST5 encryption algorithm (synonymous with CAST-128) is
1079 described in RFC2144.
1080
1081 This module provides the Cast5 cipher algorithm that processes
1082 sixteen blocks parallel using the AVX instruction set.
1083
1da177e4
LT		 1084config CRYPTO_CAST6
1085 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 1086 select CRYPTO_ALGAPI
044ab525 1087 select CRYPTO_CAST_COMMON
1da177e4
LT		 1088 help
1089 The CAST6 encryption algorithm (synonymous with CAST-256) is
1090 described in RFC2612.
1091
4ea1277d
JG		 1092config CRYPTO_CAST6_AVX_X86_64
1093 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1094 depends on X86 && 64BIT
1095 select CRYPTO_ALGAPI
1096 select CRYPTO_CRYPTD
801201aa 1097 select CRYPTO_ABLK_HELPER
4ea1277d 1098 select CRYPTO_GLUE_HELPER_X86
044ab525 1099 select CRYPTO_CAST_COMMON
4ea1277d
JG		 1100 select CRYPTO_CAST6
1101 select CRYPTO_LRW
1102 select CRYPTO_XTS
1103 help
1104 The CAST6 encryption algorithm (synonymous with CAST-256) is
1105 described in RFC2612.
1106
1107 This module provides the Cast6 cipher algorithm that processes
1108 eight blocks parallel using the AVX instruction set.
1109
584fffc8
SS		 1110config CRYPTO_DES
1111 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 1112 select CRYPTO_ALGAPI
1da177e4 1113 help
584fffc8 1114 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 1115
c5aac2df
DM		 1116config CRYPTO_DES_SPARC64
1117 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
97da37b3 1118 depends on SPARC64
c5aac2df
DM		 1119 select CRYPTO_ALGAPI
1120 select CRYPTO_DES
1121 help
1122 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1123 optimized using SPARC64 crypto opcodes.
1124
6574e6c6
JK		 1125config CRYPTO_DES3_EDE_X86_64
1126 tristate "Triple DES EDE cipher algorithm (x86-64)"
1127 depends on X86 && 64BIT
1128 select CRYPTO_ALGAPI
1129 select CRYPTO_DES
1130 help
1131 Triple DES EDE (FIPS 46-3) algorithm.
1132
1133 This module provides implementation of the Triple DES EDE cipher
1134 algorithm that is optimized for x86-64 processors. Two versions of
1135 algorithm are provided; regular processing one input block and
1136 one that processes three blocks parallel.
1137
584fffc8
SS		 1138config CRYPTO_FCRYPT
1139 tristate "FCrypt cipher algorithm"
cce9e06d 1140 select CRYPTO_ALGAPI
584fffc8 1141 select CRYPTO_BLKCIPHER
1da177e4 1142 help
584fffc8 1143 FCrypt algorithm used by RxRPC.
1da177e4
LT		 1144
1145config CRYPTO_KHAZAD
1146 tristate "Khazad cipher algorithm"
cce9e06d 1147 select CRYPTO_ALGAPI
1da177e4
LT		 1148 help
1149 Khazad cipher algorithm.
1150
1151 Khazad was a finalist in the initial NESSIE competition. It is
1152 an algorithm optimized for 64-bit processors with good performance
1153 on 32-bit processors. Khazad uses an 128 bit key size.
1154
1155 See also:
6d8de74c 1156 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 1157
2407d608 1158config CRYPTO_SALSA20
3b4afaf2 1159 tristate "Salsa20 stream cipher algorithm"
2407d608
TSH		 1160 select CRYPTO_BLKCIPHER
1161 help
1162 Salsa20 stream cipher algorithm.
1163
1164 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1165 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 1166
1167 The Salsa20 stream cipher algorithm is designed by Daniel J.
1168 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1169
1170config CRYPTO_SALSA20_586
3b4afaf2 1171 tristate "Salsa20 stream cipher algorithm (i586)"
974e4b75 1172 depends on (X86 || UML_X86) && !64BIT
974e4b75 1173 select CRYPTO_BLKCIPHER
974e4b75
TSH		 1174 help
1175 Salsa20 stream cipher algorithm.
1176
1177 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1178 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 1179
1180 The Salsa20 stream cipher algorithm is designed by Daniel J.
1181 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1182
1183config CRYPTO_SALSA20_X86_64
3b4afaf2 1184 tristate "Salsa20 stream cipher algorithm (x86_64)"
9a7dafbb 1185 depends on (X86 || UML_X86) && 64BIT
9a7dafbb 1186 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 1187 help
1188 Salsa20 stream cipher algorithm.
1189
1190 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1191 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 1192
1193 The Salsa20 stream cipher algorithm is designed by Daniel J.
1194 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 1195
584fffc8
SS		 1196config CRYPTO_SEED
1197 tristate "SEED cipher algorithm"
cce9e06d 1198 select CRYPTO_ALGAPI
1da177e4 1199 help
584fffc8 1200 SEED cipher algorithm (RFC4269).
1da177e4 1201
584fffc8
SS		 1202 SEED is a 128-bit symmetric key block cipher that has been
1203 developed by KISA (Korea Information Security Agency) as a
1204 national standard encryption algorithm of the Republic of Korea.
1205 It is a 16 round block cipher with the key size of 128 bit.
1206
1207 See also:
1208 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1209
1210config CRYPTO_SERPENT
1211 tristate "Serpent cipher algorithm"
cce9e06d 1212 select CRYPTO_ALGAPI
1da177e4 1213 help
584fffc8 1214 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 1215
584fffc8
SS		 1216 Keys are allowed to be from 0 to 256 bits in length, in steps
1217 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1218 variant of Serpent for compatibility with old kerneli.org code.
1219
1220 See also:
1221 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1222
937c30d7
JK		 1223config CRYPTO_SERPENT_SSE2_X86_64
1224 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1225 depends on X86 && 64BIT
1226 select CRYPTO_ALGAPI
341975bf 1227 select CRYPTO_CRYPTD
801201aa 1228 select CRYPTO_ABLK_HELPER
596d8750 1229 select CRYPTO_GLUE_HELPER_X86
937c30d7 1230 select CRYPTO_SERPENT
feaf0cfc
JK		 1231 select CRYPTO_LRW
1232 select CRYPTO_XTS
937c30d7
JK		 1233 help
1234 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1235
1236 Keys are allowed to be from 0 to 256 bits in length, in steps
1237 of 8 bits.
1238
1239 This module provides Serpent cipher algorithm that processes eigth
1240 blocks parallel using SSE2 instruction set.
1241
1242 See also:
1243 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1244
251496db
JK		 1245config CRYPTO_SERPENT_SSE2_586
1246 tristate "Serpent cipher algorithm (i586/SSE2)"
1247 depends on X86 && !64BIT
1248 select CRYPTO_ALGAPI
341975bf 1249 select CRYPTO_CRYPTD
801201aa 1250 select CRYPTO_ABLK_HELPER
596d8750 1251 select CRYPTO_GLUE_HELPER_X86
251496db 1252 select CRYPTO_SERPENT
feaf0cfc
JK		 1253 select CRYPTO_LRW
1254 select CRYPTO_XTS
251496db
JK		 1255 help
1256 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1257
1258 Keys are allowed to be from 0 to 256 bits in length, in steps
1259 of 8 bits.
1260
1261 This module provides Serpent cipher algorithm that processes four
1262 blocks parallel using SSE2 instruction set.
1263
1264 See also:
1265 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG		 1266
1267config CRYPTO_SERPENT_AVX_X86_64
1268 tristate "Serpent cipher algorithm (x86_64/AVX)"
1269 depends on X86 && 64BIT
1270 select CRYPTO_ALGAPI
1271 select CRYPTO_CRYPTD
801201aa 1272 select CRYPTO_ABLK_HELPER
1d0debbd 1273 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG		 1274 select CRYPTO_SERPENT
1275 select CRYPTO_LRW
1276 select CRYPTO_XTS
1277 help
1278 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1279
1280 Keys are allowed to be from 0 to 256 bits in length, in steps
1281 of 8 bits.
1282
1283 This module provides the Serpent cipher algorithm that processes
1284 eight blocks parallel using the AVX instruction set.
1285
1286 See also:
1287 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 1288
56d76c96
JK		 1289config CRYPTO_SERPENT_AVX2_X86_64
1290 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1291 depends on X86 && 64BIT
1292 select CRYPTO_ALGAPI
1293 select CRYPTO_CRYPTD
801201aa 1294 select CRYPTO_ABLK_HELPER
56d76c96
JK		 1295 select CRYPTO_GLUE_HELPER_X86
1296 select CRYPTO_SERPENT
1297 select CRYPTO_SERPENT_AVX_X86_64
1298 select CRYPTO_LRW
1299 select CRYPTO_XTS
1300 help
1301 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1302
1303 Keys are allowed to be from 0 to 256 bits in length, in steps
1304 of 8 bits.
1305
1306 This module provides Serpent cipher algorithm that processes 16
1307 blocks parallel using AVX2 instruction set.
1308
1309 See also:
1310 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1311
584fffc8
SS		 1312config CRYPTO_TEA
1313 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 1314 select CRYPTO_ALGAPI
1da177e4 1315 help
584fffc8 1316 TEA cipher algorithm.
1da177e4 1317
584fffc8
SS		 1318 Tiny Encryption Algorithm is a simple cipher that uses
1319 many rounds for security. It is very fast and uses
1320 little memory.
1321
1322 Xtendend Tiny Encryption Algorithm is a modification to
1323 the TEA algorithm to address a potential key weakness
1324 in the TEA algorithm.
1325
1326 Xtendend Encryption Tiny Algorithm is a mis-implementation
1327 of the XTEA algorithm for compatibility purposes.
1328
1329config CRYPTO_TWOFISH
1330 tristate "Twofish cipher algorithm"
04ac7db3 1331 select CRYPTO_ALGAPI
584fffc8 1332 select CRYPTO_TWOFISH_COMMON
04ac7db3 1333 help
584fffc8 1334 Twofish cipher algorithm.
04ac7db3 1335
584fffc8
SS		 1336 Twofish was submitted as an AES (Advanced Encryption Standard)
1337 candidate cipher by researchers at CounterPane Systems. It is a
1338 16 round block cipher supporting key sizes of 128, 192, and 256
1339 bits.
04ac7db3 1340
584fffc8
SS		 1341 See also:
1342 <http://www.schneier.com/twofish.html>
1343
1344config CRYPTO_TWOFISH_COMMON
1345 tristate
1346 help
1347 Common parts of the Twofish cipher algorithm shared by the
1348 generic c and the assembler implementations.
1349
1350config CRYPTO_TWOFISH_586
1351 tristate "Twofish cipher algorithms (i586)"
1352 depends on (X86 || UML_X86) && !64BIT
1353 select CRYPTO_ALGAPI
1354 select CRYPTO_TWOFISH_COMMON
1355 help
1356 Twofish cipher algorithm.
1357
1358 Twofish was submitted as an AES (Advanced Encryption Standard)
1359 candidate cipher by researchers at CounterPane Systems. It is a
1360 16 round block cipher supporting key sizes of 128, 192, and 256
1361 bits.
04ac7db3
NT		 1362
1363 See also:
584fffc8 1364 <http://www.schneier.com/twofish.html>
04ac7db3 1365
584fffc8
SS		 1366config CRYPTO_TWOFISH_X86_64
1367 tristate "Twofish cipher algorithm (x86_64)"
1368 depends on (X86 || UML_X86) && 64BIT
cce9e06d 1369 select CRYPTO_ALGAPI
584fffc8 1370 select CRYPTO_TWOFISH_COMMON
1da177e4 1371 help
584fffc8 1372 Twofish cipher algorithm (x86_64).
1da177e4 1373
584fffc8
SS		 1374 Twofish was submitted as an AES (Advanced Encryption Standard)
1375 candidate cipher by researchers at CounterPane Systems. It is a
1376 16 round block cipher supporting key sizes of 128, 192, and 256
1377 bits.
1378
1379 See also:
1380 <http://www.schneier.com/twofish.html>
1381
8280daad
JK		 1382config CRYPTO_TWOFISH_X86_64_3WAY
1383 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1384 depends on X86 && 64BIT
8280daad
JK		 1385 select CRYPTO_ALGAPI
1386 select CRYPTO_TWOFISH_COMMON
1387 select CRYPTO_TWOFISH_X86_64
414cb5e7 1388 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK		 1389 select CRYPTO_LRW
1390 select CRYPTO_XTS
8280daad
JK		 1391 help
1392 Twofish cipher algorithm (x86_64, 3-way parallel).
1393
1394 Twofish was submitted as an AES (Advanced Encryption Standard)
1395 candidate cipher by researchers at CounterPane Systems. It is a
1396 16 round block cipher supporting key sizes of 128, 192, and 256
1397 bits.
1398
1399 This module provides Twofish cipher algorithm that processes three
1400 blocks parallel, utilizing resources of out-of-order CPUs better.
1401
1402 See also:
1403 <http://www.schneier.com/twofish.html>
1404
107778b5
JG		 1405config CRYPTO_TWOFISH_AVX_X86_64
1406 tristate "Twofish cipher algorithm (x86_64/AVX)"
1407 depends on X86 && 64BIT
1408 select CRYPTO_ALGAPI
1409 select CRYPTO_CRYPTD
801201aa 1410 select CRYPTO_ABLK_HELPER
a7378d4e 1411 select CRYPTO_GLUE_HELPER_X86
107778b5
JG		 1412 select CRYPTO_TWOFISH_COMMON
1413 select CRYPTO_TWOFISH_X86_64
1414 select CRYPTO_TWOFISH_X86_64_3WAY
1415 select CRYPTO_LRW
1416 select CRYPTO_XTS
1417 help
1418 Twofish cipher algorithm (x86_64/AVX).
1419
1420 Twofish was submitted as an AES (Advanced Encryption Standard)
1421 candidate cipher by researchers at CounterPane Systems. It is a
1422 16 round block cipher supporting key sizes of 128, 192, and 256
1423 bits.
1424
1425 This module provides the Twofish cipher algorithm that processes
1426 eight blocks parallel using the AVX Instruction Set.
1427
1428 See also:
1429 <http://www.schneier.com/twofish.html>
1430
584fffc8
SS		 1431comment "Compression"
1432
1433config CRYPTO_DEFLATE
1434 tristate "Deflate compression algorithm"
1435 select CRYPTO_ALGAPI
1436 select ZLIB_INFLATE
1437 select ZLIB_DEFLATE
3c09f17c 1438 help
584fffc8
SS		 1439 This is the Deflate algorithm (RFC1951), specified for use in
1440 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1441
1442 You will most probably want this if using IPSec.
3c09f17c 1443
bf68e65e
GU		 1444config CRYPTO_ZLIB
1445 tristate "Zlib compression algorithm"
1446 select CRYPTO_PCOMP
1447 select ZLIB_INFLATE
1448 select ZLIB_DEFLATE
1449 select NLATTR
1450 help
1451 This is the zlib algorithm.
1452
0b77abb3
ZS		 1453config CRYPTO_LZO
1454 tristate "LZO compression algorithm"
1455 select CRYPTO_ALGAPI
1456 select LZO_COMPRESS
1457 select LZO_DECOMPRESS
1458 help
1459 This is the LZO algorithm.
1460
35a1fc18
SJ		 1461config CRYPTO_842
1462 tristate "842 compression algorithm"
1463 depends on CRYPTO_DEV_NX_COMPRESS
1464 # 842 uses lzo if the hardware becomes unavailable
1465 select LZO_COMPRESS
1466 select LZO_DECOMPRESS
1467 help
1468 This is the 842 algorithm.
0ea8530d
CM		 1469
1470config CRYPTO_LZ4
1471 tristate "LZ4 compression algorithm"
1472 select CRYPTO_ALGAPI
1473 select LZ4_COMPRESS
1474 select LZ4_DECOMPRESS
1475 help
1476 This is the LZ4 algorithm.
1477
1478config CRYPTO_LZ4HC
1479 tristate "LZ4HC compression algorithm"
1480 select CRYPTO_ALGAPI
1481 select LZ4HC_COMPRESS
1482 select LZ4_DECOMPRESS
1483 help
1484 This is the LZ4 high compression mode algorithm.
35a1fc18 1485
17f0f4a4
NH		 1486comment "Random Number Generation"
1487
1488config CRYPTO_ANSI_CPRNG
1489 tristate "Pseudo Random Number Generation for Cryptographic modules"
4e4ed83b 1490 default m
17f0f4a4
NH		 1491 select CRYPTO_AES
1492 select CRYPTO_RNG
17f0f4a4
NH		 1493 help
1494 This option enables the generic pseudo random number generator
1495 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 1496 ANSI X9.31 A.2.4. Note that this option must be enabled if
1497 CRYPTO_FIPS is selected
17f0f4a4 1498
f2c89a10 1499menuconfig CRYPTO_DRBG_MENU
419090c6 1500 tristate "NIST SP800-90A DRBG"
419090c6
SM		 1501 help
1502 NIST SP800-90A compliant DRBG. In the following submenu, one or
1503 more of the DRBG types must be selected.
1504
f2c89a10 1505if CRYPTO_DRBG_MENU
419090c6
SM		 1506
1507config CRYPTO_DRBG_HMAC
1508 bool "Enable HMAC DRBG"
1509 default y
419090c6
SM		 1510 select CRYPTO_HMAC
1511 help
1512 Enable the HMAC DRBG variant as defined in NIST SP800-90A.
1513
1514config CRYPTO_DRBG_HASH
1515 bool "Enable Hash DRBG"
419090c6
SM		 1516 select CRYPTO_HASH
1517 help
1518 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1519
1520config CRYPTO_DRBG_CTR
1521 bool "Enable CTR DRBG"
419090c6
SM		 1522 select CRYPTO_AES
1523 help
1524 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1525
f2c89a10
HX		 1526config CRYPTO_DRBG
1527 tristate
1528 default CRYPTO_DRBG_MENU if (CRYPTO_DRBG_HMAC || CRYPTO_DRBG_HASH || CRYPTO_DRBG_CTR)
1529 select CRYPTO_RNG
1530
1531endif # if CRYPTO_DRBG_MENU
419090c6 1532
03c8efc1
HX		 1533config CRYPTO_USER_API
1534 tristate
1535
fe869cdb
HX		 1536config CRYPTO_USER_API_HASH
1537 tristate "User-space interface for hash algorithms"
7451708f 1538 depends on NET
fe869cdb
HX		 1539 select CRYPTO_HASH
1540 select CRYPTO_USER_API
1541 help
1542 This option enables the user-spaces interface for hash
1543 algorithms.
1544
8ff59090
HX		 1545config CRYPTO_USER_API_SKCIPHER
1546 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1547 depends on NET
8ff59090
HX		 1548 select CRYPTO_BLKCIPHER
1549 select CRYPTO_USER_API
1550 help
1551 This option enables the user-spaces interface for symmetric
1552 key cipher algorithms.
1553
2f375538
SM		 1554config CRYPTO_USER_API_RNG
1555 tristate "User-space interface for random number generator algorithms"
1556 depends on NET
1557 select CRYPTO_RNG
1558 select CRYPTO_USER_API
1559 help
1560 This option enables the user-spaces interface for random
1561 number generator algorithms.
1562
44cac4fc
SM		 1563config CRYPTO_USER_API_AEAD
1564 tristate "User-space interface for AEAD cipher algorithms"
1565 depends on NET
1566 select CRYPTO_AEAD
1567 select CRYPTO_USER_API
1568 help
1569 This option enables the user-spaces interface for AEAD
1570 cipher algorithms.
1571
ee08997f
DK		 1572config CRYPTO_HASH_INFO
1573 bool
1574
1da177e4 1575source "drivers/crypto/Kconfig"
964f3b3b 1576source crypto/asymmetric_keys/Kconfig
1da177e4 1577
cce9e06d 1578endif # if CRYPTO
Ubuntu Artful kernel mirror