]> Git Repo - linux.git/blame - crypto/Kconfig
projects / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
sparc64: Add CRC32C driver making use of the new crc32c opcode.
[linux.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
e84c5480 26 depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
ccb778e1
NH		 27 help
28 This options enables the fips boot option which is
29 required if you want to system to operate in a FIPS 200
30 certification. You should say no unless you know what
e84c5480 31 this is.
ccb778e1 32
cce9e06d
HX		 33config CRYPTO_ALGAPI
34 tristate
6a0fcbb4 35 select CRYPTO_ALGAPI2
cce9e06d
HX		 36 help
37 This option provides the API for cryptographic algorithms.
38
6a0fcbb4
HX		 39config CRYPTO_ALGAPI2
40 tristate
41
1ae97820
HX		 42config CRYPTO_AEAD
43 tristate
6a0fcbb4 44 select CRYPTO_AEAD2
1ae97820
HX		 45 select CRYPTO_ALGAPI
46
6a0fcbb4
HX		 47config CRYPTO_AEAD2
48 tristate
49 select CRYPTO_ALGAPI2
50
5cde0af2
HX		 51config CRYPTO_BLKCIPHER
52 tristate
6a0fcbb4 53 select CRYPTO_BLKCIPHER2
5cde0af2 54 select CRYPTO_ALGAPI
6a0fcbb4
HX		 55
56config CRYPTO_BLKCIPHER2
57 tristate
58 select CRYPTO_ALGAPI2
59 select CRYPTO_RNG2
0a2e821d 60 select CRYPTO_WORKQUEUE
5cde0af2 61
055bcee3
HX		 62config CRYPTO_HASH
63 tristate
6a0fcbb4 64 select CRYPTO_HASH2
055bcee3
HX		 65 select CRYPTO_ALGAPI
66
6a0fcbb4
HX		 67config CRYPTO_HASH2
68 tristate
69 select CRYPTO_ALGAPI2
70
17f0f4a4
NH		 71config CRYPTO_RNG
72 tristate
6a0fcbb4 73 select CRYPTO_RNG2
17f0f4a4
NH		 74 select CRYPTO_ALGAPI
75
6a0fcbb4
HX		 76config CRYPTO_RNG2
77 tristate
78 select CRYPTO_ALGAPI2
79
a1d2f095 80config CRYPTO_PCOMP
bc94e596
HX		 81 tristate
82 select CRYPTO_PCOMP2
83 select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
a1d2f095
GU		 86 tristate
87 select CRYPTO_ALGAPI2
88
2b8c19db
HX		 89config CRYPTO_MANAGER
90 tristate "Cryptographic algorithm manager"
6a0fcbb4 91 select CRYPTO_MANAGER2
2b8c19db
HX		 92 help
93 Create default cryptographic template instantiations such as
94 cbc(aes).
95
6a0fcbb4
HX		 96config CRYPTO_MANAGER2
97 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98 select CRYPTO_AEAD2
99 select CRYPTO_HASH2
100 select CRYPTO_BLKCIPHER2
bc94e596 101 select CRYPTO_PCOMP2
6a0fcbb4 102
a38f7907
SK		 103config CRYPTO_USER
104 tristate "Userspace cryptographic algorithm configuration"
5db017aa 105 depends on NET
a38f7907
SK		 106 select CRYPTO_MANAGER
107 help
d19978f5 108 Userspace configuration for cryptographic instantiations such as
a38f7907
SK		 109 cbc(aes).
110
326a6346
HX		 111config CRYPTO_MANAGER_DISABLE_TESTS
112 bool "Disable run-time self tests"
00ca28a5
HX		 113 default y
114 depends on CRYPTO_MANAGER2
0b767f96 115 help
326a6346
HX		 116 Disable run-time self tests that normally take place at
117 algorithm registration.
0b767f96 118
584fffc8 119config CRYPTO_GF128MUL
08c70fc3 120 tristate "GF(2^128) multiplication functions"
333b0d7e 121 help
584fffc8
SS		 122 Efficient table driven implementation of multiplications in the
123 field GF(2^128). This is needed by some cypher modes. This
124 option will be selected automatically if you select such a
125 cipher mode. Only select this option by hand if you expect to load
126 an external module that requires these functions.
333b0d7e 127
1da177e4
LT		 128config CRYPTO_NULL
129 tristate "Null algorithms"
cce9e06d 130 select CRYPTO_ALGAPI
c8620c25 131 select CRYPTO_BLKCIPHER
d35d2454 132 select CRYPTO_HASH
1da177e4
LT		 133 help
134 These are 'Null' algorithms, used by IPsec, which do nothing.
135
5068c7a8
SK		 136config CRYPTO_PCRYPT
137 tristate "Parallel crypto engine (EXPERIMENTAL)"
138 depends on SMP && EXPERIMENTAL
139 select PADATA
140 select CRYPTO_MANAGER
141 select CRYPTO_AEAD
142 help
143 This converts an arbitrary crypto algorithm into a parallel
144 algorithm that executes in kernel threads.
145
25c38d3f
YH		 146config CRYPTO_WORKQUEUE
147 tristate
148
584fffc8
SS		 149config CRYPTO_CRYPTD
150 tristate "Software async crypto daemon"
151 select CRYPTO_BLKCIPHER
b8a28251 152 select CRYPTO_HASH
584fffc8 153 select CRYPTO_MANAGER
254eff77 154 select CRYPTO_WORKQUEUE
1da177e4 155 help
584fffc8
SS		 156 This is a generic software asynchronous crypto daemon that
157 converts an arbitrary synchronous software crypto algorithm
158 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 159
584fffc8
SS		 160config CRYPTO_AUTHENC
161 tristate "Authenc support"
162 select CRYPTO_AEAD
163 select CRYPTO_BLKCIPHER
164 select CRYPTO_MANAGER
165 select CRYPTO_HASH
1da177e4 166 help
584fffc8
SS		 167 Authenc: Combined mode wrapper for IPsec.
168 This is required for IPSec.
1da177e4 169
584fffc8
SS		 170config CRYPTO_TEST
171 tristate "Testing module"
172 depends on m
da7f033d 173 select CRYPTO_MANAGER
1da177e4 174 help
584fffc8 175 Quick & dirty crypto test module.
1da177e4 176
ffaf9156
JK		 177config CRYPTO_ABLK_HELPER_X86
178 tristate
179 depends on X86
180 select CRYPTO_CRYPTD
181
596d8750
JK		 182config CRYPTO_GLUE_HELPER_X86
183 tristate
184 depends on X86
185 select CRYPTO_ALGAPI
186
584fffc8 187comment "Authenticated Encryption with Associated Data"
cd12fb90 188
584fffc8
SS		 189config CRYPTO_CCM
190 tristate "CCM support"
191 select CRYPTO_CTR
192 select CRYPTO_AEAD
1da177e4 193 help
584fffc8 194 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 195
584fffc8
SS		 196config CRYPTO_GCM
197 tristate "GCM/GMAC support"
198 select CRYPTO_CTR
199 select CRYPTO_AEAD
9382d97a 200 select CRYPTO_GHASH
1da177e4 201 help
584fffc8
SS		 202 Support for Galois/Counter Mode (GCM) and Galois Message
203 Authentication Code (GMAC). Required for IPSec.
1da177e4 204
584fffc8
SS		 205config CRYPTO_SEQIV
206 tristate "Sequence Number IV Generator"
207 select CRYPTO_AEAD
208 select CRYPTO_BLKCIPHER
a0f000ec 209 select CRYPTO_RNG
1da177e4 210 help
584fffc8
SS		 211 This IV generator generates an IV based on a sequence number by
212 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 213
584fffc8 214comment "Block modes"
c494e070 215
584fffc8
SS		 216config CRYPTO_CBC
217 tristate "CBC support"
db131ef9 218 select CRYPTO_BLKCIPHER
43518407 219 select CRYPTO_MANAGER
db131ef9 220 help
584fffc8
SS		 221 CBC: Cipher Block Chaining mode
222 This block cipher algorithm is required for IPSec.
db131ef9 223
584fffc8
SS		 224config CRYPTO_CTR
225 tristate "CTR support"
db131ef9 226 select CRYPTO_BLKCIPHER
584fffc8 227 select CRYPTO_SEQIV
43518407 228 select CRYPTO_MANAGER
db131ef9 229 help
584fffc8 230 CTR: Counter mode
db131ef9
HX		 231 This block cipher algorithm is required for IPSec.
232
584fffc8
SS		 233config CRYPTO_CTS
234 tristate "CTS support"
235 select CRYPTO_BLKCIPHER
236 help
237 CTS: Cipher Text Stealing
238 This is the Cipher Text Stealing mode as described by
239 Section 8 of rfc2040 and referenced by rfc3962.
240 (rfc3962 includes errata information in its Appendix A)
241 This mode is required for Kerberos gss mechanism support
242 for AES encryption.
243
244config CRYPTO_ECB
245 tristate "ECB support"
91652be5
DH		 246 select CRYPTO_BLKCIPHER
247 select CRYPTO_MANAGER
91652be5 248 help
584fffc8
SS		 249 ECB: Electronic CodeBook mode
250 This is the simplest block cipher algorithm. It simply encrypts
251 the input block by block.
91652be5 252
64470f1b 253config CRYPTO_LRW
2470a2b2 254 tristate "LRW support"
64470f1b
RS		 255 select CRYPTO_BLKCIPHER
256 select CRYPTO_MANAGER
257 select CRYPTO_GF128MUL
258 help
259 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
260 narrow block cipher mode for dm-crypt. Use it with cipher
261 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
262 The first 128, 192 or 256 bits in the key are used for AES and the
263 rest is used to tie each cipher block to its logical position.
264
584fffc8
SS		 265config CRYPTO_PCBC
266 tristate "PCBC support"
267 select CRYPTO_BLKCIPHER
268 select CRYPTO_MANAGER
269 help
270 PCBC: Propagating Cipher Block Chaining mode
271 This block cipher algorithm is required for RxRPC.
272
f19f5111 273config CRYPTO_XTS
5bcf8e6d 274 tristate "XTS support"
f19f5111
RS		 275 select CRYPTO_BLKCIPHER
276 select CRYPTO_MANAGER
277 select CRYPTO_GF128MUL
278 help
279 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
280 key size 256, 384 or 512 bits. This implementation currently
281 can't handle a sectorsize which is not a multiple of 16 bytes.
282
584fffc8
SS		 283comment "Hash modes"
284
285config CRYPTO_HMAC
286 tristate "HMAC support"
287 select CRYPTO_HASH
23e353c8 288 select CRYPTO_MANAGER
23e353c8 289 help
584fffc8
SS		 290 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
291 This is required for IPSec.
23e353c8 292
584fffc8
SS		 293config CRYPTO_XCBC
294 tristate "XCBC support"
295 depends on EXPERIMENTAL
296 select CRYPTO_HASH
297 select CRYPTO_MANAGER
76cb9521 298 help
584fffc8
SS		 299 XCBC: Keyed-Hashing with encryption algorithm
300 http://www.ietf.org/rfc/rfc3566.txt
301 http://csrc.nist.gov/encryption/modes/proposedmodes/
302 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 303
f1939f7c
SW		 304config CRYPTO_VMAC
305 tristate "VMAC support"
306 depends on EXPERIMENTAL
307 select CRYPTO_HASH
308 select CRYPTO_MANAGER
309 help
310 VMAC is a message authentication algorithm designed for
311 very high speed on 64-bit architectures.
312
313 See also:
314 <http://fastcrypto.org/vmac>
315
584fffc8 316comment "Digest"
28db8e3e 317
584fffc8
SS		 318config CRYPTO_CRC32C
319 tristate "CRC32c CRC algorithm"
5773a3e6 320 select CRYPTO_HASH
6a0962b2 321 select CRC32
4a49b499 322 help
584fffc8
SS		 323 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
324 by iSCSI for header and data digests and by others.
69c35efc 325 See Castagnoli93. Module will be crc32c.
4a49b499 326
8cb51ba8
AZ		 327config CRYPTO_CRC32C_INTEL
328 tristate "CRC32c INTEL hardware acceleration"
329 depends on X86
330 select CRYPTO_HASH
331 help
332 In Intel processor with SSE4.2 supported, the processor will
333 support CRC32C implementation using hardware accelerated CRC32
334 instruction. This option will create 'crc32c-intel' module,
335 which will enable any routine to use the CRC32 instruction to
336 gain performance compared with software implementation.
337 Module will be crc32c-intel.
338
442a7c40
DM		 339config CRYPTO_CRC32C_SPARC64
340 tristate "CRC32c CRC algorithm (SPARC64)"
341 depends on SPARC64
342 select CRYPTO_HASH
343 select CRC32
344 help
345 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
346 when available.
347
2cdc6899
YH		 348config CRYPTO_GHASH
349 tristate "GHASH digest algorithm"
2cdc6899
YH		 350 select CRYPTO_GF128MUL
351 help
352 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
353
584fffc8
SS		 354config CRYPTO_MD4
355 tristate "MD4 digest algorithm"
808a1763 356 select CRYPTO_HASH
124b53d0 357 help
584fffc8 358 MD4 message digest algorithm (RFC1320).
124b53d0 359
584fffc8
SS		 360config CRYPTO_MD5
361 tristate "MD5 digest algorithm"
14b75ba7 362 select CRYPTO_HASH
1da177e4 363 help
584fffc8 364 MD5 message digest algorithm (RFC1321).
1da177e4 365
fa4dfedc
DM		 366config CRYPTO_MD5_SPARC64
367 tristate "MD5 digest algorithm (SPARC64)"
368 depends on SPARC64
369 select CRYPTO_MD5
370 select CRYPTO_HASH
371 help
372 MD5 message digest algorithm (RFC1321) implemented
373 using sparc64 crypto instructions, when available.
374
584fffc8
SS		 375config CRYPTO_MICHAEL_MIC
376 tristate "Michael MIC keyed digest algorithm"
19e2bf14 377 select CRYPTO_HASH
90831639 378 help
584fffc8
SS		 379 Michael MIC is used for message integrity protection in TKIP
380 (IEEE 802.11i). This algorithm is required for TKIP, but it
381 should not be used for other purposes because of the weakness
382 of the algorithm.
90831639 383
82798f90 384config CRYPTO_RMD128
b6d44341 385 tristate "RIPEMD-128 digest algorithm"
7c4468bc 386 select CRYPTO_HASH
b6d44341
AB		 387 help
388 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 389
b6d44341 390 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 391 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 392 RIPEMD-160 should be used.
82798f90 393
b6d44341 394 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 395 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 396
397config CRYPTO_RMD160
b6d44341 398 tristate "RIPEMD-160 digest algorithm"
e5835fba 399 select CRYPTO_HASH
b6d44341
AB		 400 help
401 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 402
b6d44341
AB		 403 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
404 to be used as a secure replacement for the 128-bit hash functions
405 MD4, MD5 and it's predecessor RIPEMD
406 (not to be confused with RIPEMD-128).
82798f90 407
b6d44341
AB		 408 It's speed is comparable to SHA1 and there are no known attacks
409 against RIPEMD-160.
534fe2c1 410
b6d44341 411 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 412 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 413
414config CRYPTO_RMD256
b6d44341 415 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 416 select CRYPTO_HASH
b6d44341
AB		 417 help
418 RIPEMD-256 is an optional extension of RIPEMD-128 with a
419 256 bit hash. It is intended for applications that require
420 longer hash-results, without needing a larger security level
421 (than RIPEMD-128).
534fe2c1 422
b6d44341 423 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 424 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 425
426config CRYPTO_RMD320
b6d44341 427 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 428 select CRYPTO_HASH
b6d44341
AB		 429 help
430 RIPEMD-320 is an optional extension of RIPEMD-160 with a
431 320 bit hash. It is intended for applications that require
432 longer hash-results, without needing a larger security level
433 (than RIPEMD-160).
534fe2c1 434
b6d44341 435 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 436 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 437
584fffc8
SS		 438config CRYPTO_SHA1
439 tristate "SHA1 digest algorithm"
54ccb367 440 select CRYPTO_HASH
1da177e4 441 help
584fffc8 442 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 443
66be8951
MK		 444config CRYPTO_SHA1_SSSE3
445 tristate "SHA1 digest algorithm (SSSE3/AVX)"
446 depends on X86 && 64BIT
447 select CRYPTO_SHA1
448 select CRYPTO_HASH
449 help
450 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
451 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
452 Extensions (AVX), when available.
453
4ff28d4c
DM		 454config CRYPTO_SHA1_SPARC64
455 tristate "SHA1 digest algorithm (SPARC64)"
456 depends on SPARC64
457 select CRYPTO_SHA1
458 select CRYPTO_HASH
459 help
460 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
461 using sparc64 crypto instructions, when available.
462
584fffc8
SS		 463config CRYPTO_SHA256
464 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 465 select CRYPTO_HASH
1da177e4 466 help
584fffc8 467 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 468
584fffc8
SS		 469 This version of SHA implements a 256 bit hash with 128 bits of
470 security against collision attacks.
2729bb42 471
b6d44341
AB		 472 This code also includes SHA-224, a 224 bit hash with 112 bits
473 of security against collision attacks.
584fffc8 474
86c93b24
DM		 475config CRYPTO_SHA256_SPARC64
476 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
477 depends on SPARC64
478 select CRYPTO_SHA256
479 select CRYPTO_HASH
480 help
481 SHA-256 secure hash standard (DFIPS 180-2) implemented
482 using sparc64 crypto instructions, when available.
483
584fffc8
SS		 484config CRYPTO_SHA512
485 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 486 select CRYPTO_HASH
b9f535ff 487 help
584fffc8 488 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 489
584fffc8
SS		 490 This version of SHA implements a 512 bit hash with 256 bits of
491 security against collision attacks.
b9f535ff 492
584fffc8
SS		 493 This code also includes SHA-384, a 384 bit hash with 192 bits
494 of security against collision attacks.
b9f535ff 495
775e0c69
DM		 496config CRYPTO_SHA512_SPARC64
497 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
498 depends on SPARC64
499 select CRYPTO_SHA512
500 select CRYPTO_HASH
501 help
502 SHA-512 secure hash standard (DFIPS 180-2) implemented
503 using sparc64 crypto instructions, when available.
504
584fffc8
SS		 505config CRYPTO_TGR192
506 tristate "Tiger digest algorithms"
f63fbd3d 507 select CRYPTO_HASH
eaf44088 508 help
584fffc8 509 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 510
584fffc8
SS		 511 Tiger is a hash function optimized for 64-bit processors while
512 still having decent performance on 32-bit processors.
513 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 514
515 See also:
584fffc8 516 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 517
584fffc8
SS		 518config CRYPTO_WP512
519 tristate "Whirlpool digest algorithms"
4946510b 520 select CRYPTO_HASH
1da177e4 521 help
584fffc8 522 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 523
584fffc8
SS		 524 Whirlpool-512 is part of the NESSIE cryptographic primitives.
525 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 526
527 See also:
6d8de74c 528 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 529
0e1227d3
YH		 530config CRYPTO_GHASH_CLMUL_NI_INTEL
531 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 532 depends on X86 && 64BIT
0e1227d3
YH		 533 select CRYPTO_CRYPTD
534 help
535 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
536 The implementation is accelerated by CLMUL-NI of Intel.
537
584fffc8 538comment "Ciphers"
1da177e4
LT		 539
540config CRYPTO_AES
541 tristate "AES cipher algorithms"
cce9e06d 542 select CRYPTO_ALGAPI
1da177e4 543 help
584fffc8 544 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 545 algorithm.
546
547 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 548 both hardware and software across a wide range of computing
549 environments regardless of its use in feedback or non-feedback
550 modes. Its key setup time is excellent, and its key agility is
551 good. Rijndael's very low memory requirements make it very well
552 suited for restricted-space environments, in which it also
553 demonstrates excellent performance. Rijndael's operations are
554 among the easiest to defend against power and timing attacks.
1da177e4 555
584fffc8 556 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 557
558 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
559
560config CRYPTO_AES_586
561 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 562 depends on (X86 || UML_X86) && !64BIT
563 select CRYPTO_ALGAPI
5157dea8 564 select CRYPTO_AES
1da177e4 565 help
584fffc8 566 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 567 algorithm.
568
569 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 570 both hardware and software across a wide range of computing
571 environments regardless of its use in feedback or non-feedback
572 modes. Its key setup time is excellent, and its key agility is
573 good. Rijndael's very low memory requirements make it very well
574 suited for restricted-space environments, in which it also
575 demonstrates excellent performance. Rijndael's operations are
576 among the easiest to defend against power and timing attacks.
1da177e4 577
584fffc8 578 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 579
580 See <http://csrc.nist.gov/encryption/aes/> for more information.
581
582config CRYPTO_AES_X86_64
583 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 584 depends on (X86 || UML_X86) && 64BIT
585 select CRYPTO_ALGAPI
81190b32 586 select CRYPTO_AES
a2a892a2 587 help
584fffc8 588 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 589 algorithm.
590
591 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 592 both hardware and software across a wide range of computing
593 environments regardless of its use in feedback or non-feedback
594 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
YH		 595 good. Rijndael's very low memory requirements make it very well
596 suited for restricted-space environments, in which it also
597 demonstrates excellent performance. Rijndael's operations are
598 among the easiest to defend against power and timing attacks.
599
600 The AES specifies three key sizes: 128, 192 and 256 bits
601
602 See <http://csrc.nist.gov/encryption/aes/> for more information.
603
604config CRYPTO_AES_NI_INTEL
605 tristate "AES cipher algorithms (AES-NI)"
8af00860 606 depends on X86
0d258efb
MK		 607 select CRYPTO_AES_X86_64 if 64BIT
608 select CRYPTO_AES_586 if !64BIT
54b6a1bd 609 select CRYPTO_CRYPTD
a9629d71 610 select CRYPTO_ABLK_HELPER_X86
54b6a1bd
YH		 611 select CRYPTO_ALGAPI
612 help
613 Use Intel AES-NI instructions for AES algorithm.
614
615 AES cipher algorithms (FIPS-197). AES uses the Rijndael
616 algorithm.
617
618 Rijndael appears to be consistently a very good performer in
619 both hardware and software across a wide range of computing
620 environments regardless of its use in feedback or non-feedback
621 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 622 good. Rijndael's very low memory requirements make it very well
623 suited for restricted-space environments, in which it also
624 demonstrates excellent performance. Rijndael's operations are
625 among the easiest to defend against power and timing attacks.
a2a892a2 626
584fffc8 627 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 628
629 See <http://csrc.nist.gov/encryption/aes/> for more information.
630
0d258efb
MK		 631 In addition to AES cipher algorithm support, the acceleration
632 for some popular block cipher mode is supported too, including
633 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
634 acceleration for CTR.
2cf4ac8b 635
9bf4852d
DM		 636config CRYPTO_AES_SPARC64
637 tristate "AES cipher algorithms (SPARC64)"
638 depends on SPARC64
639 select CRYPTO_CRYPTD
640 select CRYPTO_ALGAPI
641 help
642 Use SPARC64 crypto opcodes for AES algorithm.
643
644 AES cipher algorithms (FIPS-197). AES uses the Rijndael
645 algorithm.
646
647 Rijndael appears to be consistently a very good performer in
648 both hardware and software across a wide range of computing
649 environments regardless of its use in feedback or non-feedback
650 modes. Its key setup time is excellent, and its key agility is
651 good. Rijndael's very low memory requirements make it very well
652 suited for restricted-space environments, in which it also
653 demonstrates excellent performance. Rijndael's operations are
654 among the easiest to defend against power and timing attacks.
655
656 The AES specifies three key sizes: 128, 192 and 256 bits
657
658 See <http://csrc.nist.gov/encryption/aes/> for more information.
659
660 In addition to AES cipher algorithm support, the acceleration
661 for some popular block cipher mode is supported too, including
662 ECB and CBC.
663
584fffc8
SS		 664config CRYPTO_ANUBIS
665 tristate "Anubis cipher algorithm"
666 select CRYPTO_ALGAPI
667 help
668 Anubis cipher algorithm.
669
670 Anubis is a variable key length cipher which can use keys from
671 128 bits to 320 bits in length. It was evaluated as a entrant
672 in the NESSIE competition.
673
674 See also:
6d8de74c
JM		 675 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
676 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS		 677
678config CRYPTO_ARC4
679 tristate "ARC4 cipher algorithm"
b9b0f080 680 select CRYPTO_BLKCIPHER
584fffc8
SS		 681 help
682 ARC4 cipher algorithm.
683
684 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
685 bits in length. This algorithm is required for driver-based
686 WEP, but it should not be for other purposes because of the
687 weakness of the algorithm.
688
689config CRYPTO_BLOWFISH
690 tristate "Blowfish cipher algorithm"
691 select CRYPTO_ALGAPI
52ba867c 692 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS		 693 help
694 Blowfish cipher algorithm, by Bruce Schneier.
695
696 This is a variable key length cipher which can use keys from 32
697 bits to 448 bits in length. It's fast, simple and specifically
698 designed for use on "large microprocessors".
699
700 See also:
701 <http://www.schneier.com/blowfish.html>
702
52ba867c
JK		 703config CRYPTO_BLOWFISH_COMMON
704 tristate
705 help
706 Common parts of the Blowfish cipher algorithm shared by the
707 generic c and the assembler implementations.
708
709 See also:
710 <http://www.schneier.com/blowfish.html>
711
64b94cea
JK		 712config CRYPTO_BLOWFISH_X86_64
713 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 714 depends on X86 && 64BIT
64b94cea
JK		 715 select CRYPTO_ALGAPI
716 select CRYPTO_BLOWFISH_COMMON
717 help
718 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
719
720 This is a variable key length cipher which can use keys from 32
721 bits to 448 bits in length. It's fast, simple and specifically
722 designed for use on "large microprocessors".
723
724 See also:
725 <http://www.schneier.com/blowfish.html>
726
584fffc8
SS		 727config CRYPTO_CAMELLIA
728 tristate "Camellia cipher algorithms"
729 depends on CRYPTO
730 select CRYPTO_ALGAPI
731 help
732 Camellia cipher algorithms module.
733
734 Camellia is a symmetric key block cipher developed jointly
735 at NTT and Mitsubishi Electric Corporation.
736
737 The Camellia specifies three key sizes: 128, 192 and 256 bits.
738
739 See also:
740 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
741
0b95ec56
JK		 742config CRYPTO_CAMELLIA_X86_64
743 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 744 depends on X86 && 64BIT
0b95ec56
JK		 745 depends on CRYPTO
746 select CRYPTO_ALGAPI
964263af 747 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK		 748 select CRYPTO_LRW
749 select CRYPTO_XTS
750 help
751 Camellia cipher algorithm module (x86_64).
752
753 Camellia is a symmetric key block cipher developed jointly
754 at NTT and Mitsubishi Electric Corporation.
755
756 The Camellia specifies three key sizes: 128, 192 and 256 bits.
757
758 See also:
759 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
760
1da177e4
LT		 761config CRYPTO_CAST5
762 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 763 select CRYPTO_ALGAPI
1da177e4
LT		 764 help
765 The CAST5 encryption algorithm (synonymous with CAST-128) is
766 described in RFC2144.
767
768config CRYPTO_CAST6
769 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 770 select CRYPTO_ALGAPI
1da177e4
LT		 771 help
772 The CAST6 encryption algorithm (synonymous with CAST-256) is
773 described in RFC2612.
774
584fffc8
SS		 775config CRYPTO_DES
776 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 777 select CRYPTO_ALGAPI
1da177e4 778 help
584fffc8 779 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 780
584fffc8
SS		 781config CRYPTO_FCRYPT
782 tristate "FCrypt cipher algorithm"
cce9e06d 783 select CRYPTO_ALGAPI
584fffc8 784 select CRYPTO_BLKCIPHER
1da177e4 785 help
584fffc8 786 FCrypt algorithm used by RxRPC.
1da177e4
LT		 787
788config CRYPTO_KHAZAD
789 tristate "Khazad cipher algorithm"
cce9e06d 790 select CRYPTO_ALGAPI
1da177e4
LT		 791 help
792 Khazad cipher algorithm.
793
794 Khazad was a finalist in the initial NESSIE competition. It is
795 an algorithm optimized for 64-bit processors with good performance
796 on 32-bit processors. Khazad uses an 128 bit key size.
797
798 See also:
6d8de74c 799 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 800
2407d608
TSH		 801config CRYPTO_SALSA20
802 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
803 depends on EXPERIMENTAL
804 select CRYPTO_BLKCIPHER
805 help
806 Salsa20 stream cipher algorithm.
807
808 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
809 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 810
811 The Salsa20 stream cipher algorithm is designed by Daniel J.
812 Bernstein <[email protected]>. See <http://cr.yp.to/snuffle.html>
813
814config CRYPTO_SALSA20_586
815 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
816 depends on (X86 || UML_X86) && !64BIT
817 depends on EXPERIMENTAL
818 select CRYPTO_BLKCIPHER
974e4b75
TSH		 819 help
820 Salsa20 stream cipher algorithm.
821
822 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
823 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 824
825 The Salsa20 stream cipher algorithm is designed by Daniel J.
826 Bernstein <[email protected]>. See <http://cr.yp.to/snuffle.html>
827
828config CRYPTO_SALSA20_X86_64
829 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
830 depends on (X86 || UML_X86) && 64BIT
831 depends on EXPERIMENTAL
832 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 833 help
834 Salsa20 stream cipher algorithm.
835
836 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
837 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 838
839 The Salsa20 stream cipher algorithm is designed by Daniel J.
840 Bernstein <[email protected]>. See <http://cr.yp.to/snuffle.html>
1da177e4 841
584fffc8
SS		 842config CRYPTO_SEED
843 tristate "SEED cipher algorithm"
cce9e06d 844 select CRYPTO_ALGAPI
1da177e4 845 help
584fffc8 846 SEED cipher algorithm (RFC4269).
1da177e4 847
584fffc8
SS		 848 SEED is a 128-bit symmetric key block cipher that has been
849 developed by KISA (Korea Information Security Agency) as a
850 national standard encryption algorithm of the Republic of Korea.
851 It is a 16 round block cipher with the key size of 128 bit.
852
853 See also:
854 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
855
856config CRYPTO_SERPENT
857 tristate "Serpent cipher algorithm"
cce9e06d 858 select CRYPTO_ALGAPI
1da177e4 859 help
584fffc8 860 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 861
584fffc8
SS		 862 Keys are allowed to be from 0 to 256 bits in length, in steps
863 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
864 variant of Serpent for compatibility with old kerneli.org code.
865
866 See also:
867 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
868
937c30d7
JK		 869config CRYPTO_SERPENT_SSE2_X86_64
870 tristate "Serpent cipher algorithm (x86_64/SSE2)"
871 depends on X86 && 64BIT
872 select CRYPTO_ALGAPI
341975bf 873 select CRYPTO_CRYPTD
ffaf9156 874 select CRYPTO_ABLK_HELPER_X86
596d8750 875 select CRYPTO_GLUE_HELPER_X86
937c30d7 876 select CRYPTO_SERPENT
feaf0cfc
JK		 877 select CRYPTO_LRW
878 select CRYPTO_XTS
937c30d7
JK		 879 help
880 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
881
882 Keys are allowed to be from 0 to 256 bits in length, in steps
883 of 8 bits.
884
885 This module provides Serpent cipher algorithm that processes eigth
886 blocks parallel using SSE2 instruction set.
887
888 See also:
889 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
890
251496db
JK		 891config CRYPTO_SERPENT_SSE2_586
892 tristate "Serpent cipher algorithm (i586/SSE2)"
893 depends on X86 && !64BIT
894 select CRYPTO_ALGAPI
341975bf 895 select CRYPTO_CRYPTD
ffaf9156 896 select CRYPTO_ABLK_HELPER_X86
596d8750 897 select CRYPTO_GLUE_HELPER_X86
251496db 898 select CRYPTO_SERPENT
feaf0cfc
JK		 899 select CRYPTO_LRW
900 select CRYPTO_XTS
251496db
JK		 901 help
902 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
903
904 Keys are allowed to be from 0 to 256 bits in length, in steps
905 of 8 bits.
906
907 This module provides Serpent cipher algorithm that processes four
908 blocks parallel using SSE2 instruction set.
909
910 See also:
911 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG		 912
913config CRYPTO_SERPENT_AVX_X86_64
914 tristate "Serpent cipher algorithm (x86_64/AVX)"
915 depends on X86 && 64BIT
916 select CRYPTO_ALGAPI
917 select CRYPTO_CRYPTD
ffaf9156 918 select CRYPTO_ABLK_HELPER_X86
1d0debbd 919 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG		 920 select CRYPTO_SERPENT
921 select CRYPTO_LRW
922 select CRYPTO_XTS
923 help
924 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
925
926 Keys are allowed to be from 0 to 256 bits in length, in steps
927 of 8 bits.
928
929 This module provides the Serpent cipher algorithm that processes
930 eight blocks parallel using the AVX instruction set.
931
932 See also:
933 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 934
584fffc8
SS		 935config CRYPTO_TEA
936 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 937 select CRYPTO_ALGAPI
1da177e4 938 help
584fffc8 939 TEA cipher algorithm.
1da177e4 940
584fffc8
SS		 941 Tiny Encryption Algorithm is a simple cipher that uses
942 many rounds for security. It is very fast and uses
943 little memory.
944
945 Xtendend Tiny Encryption Algorithm is a modification to
946 the TEA algorithm to address a potential key weakness
947 in the TEA algorithm.
948
949 Xtendend Encryption Tiny Algorithm is a mis-implementation
950 of the XTEA algorithm for compatibility purposes.
951
952config CRYPTO_TWOFISH
953 tristate "Twofish cipher algorithm"
04ac7db3 954 select CRYPTO_ALGAPI
584fffc8 955 select CRYPTO_TWOFISH_COMMON
04ac7db3 956 help
584fffc8 957 Twofish cipher algorithm.
04ac7db3 958
584fffc8
SS		 959 Twofish was submitted as an AES (Advanced Encryption Standard)
960 candidate cipher by researchers at CounterPane Systems. It is a
961 16 round block cipher supporting key sizes of 128, 192, and 256
962 bits.
04ac7db3 963
584fffc8
SS		 964 See also:
965 <http://www.schneier.com/twofish.html>
966
967config CRYPTO_TWOFISH_COMMON
968 tristate
969 help
970 Common parts of the Twofish cipher algorithm shared by the
971 generic c and the assembler implementations.
972
973config CRYPTO_TWOFISH_586
974 tristate "Twofish cipher algorithms (i586)"
975 depends on (X86 || UML_X86) && !64BIT
976 select CRYPTO_ALGAPI
977 select CRYPTO_TWOFISH_COMMON
978 help
979 Twofish cipher algorithm.
980
981 Twofish was submitted as an AES (Advanced Encryption Standard)
982 candidate cipher by researchers at CounterPane Systems. It is a
983 16 round block cipher supporting key sizes of 128, 192, and 256
984 bits.
04ac7db3
NT		 985
986 See also:
584fffc8 987 <http://www.schneier.com/twofish.html>
04ac7db3 988
584fffc8
SS		 989config CRYPTO_TWOFISH_X86_64
990 tristate "Twofish cipher algorithm (x86_64)"
991 depends on (X86 || UML_X86) && 64BIT
cce9e06d 992 select CRYPTO_ALGAPI
584fffc8 993 select CRYPTO_TWOFISH_COMMON
1da177e4 994 help
584fffc8 995 Twofish cipher algorithm (x86_64).
1da177e4 996
584fffc8
SS		 997 Twofish was submitted as an AES (Advanced Encryption Standard)
998 candidate cipher by researchers at CounterPane Systems. It is a
999 16 round block cipher supporting key sizes of 128, 192, and 256
1000 bits.
1001
1002 See also:
1003 <http://www.schneier.com/twofish.html>
1004
8280daad
JK		 1005config CRYPTO_TWOFISH_X86_64_3WAY
1006 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1007 depends on X86 && 64BIT
8280daad
JK		 1008 select CRYPTO_ALGAPI
1009 select CRYPTO_TWOFISH_COMMON
1010 select CRYPTO_TWOFISH_X86_64
414cb5e7 1011 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK		 1012 select CRYPTO_LRW
1013 select CRYPTO_XTS
8280daad
JK		 1014 help
1015 Twofish cipher algorithm (x86_64, 3-way parallel).
1016
1017 Twofish was submitted as an AES (Advanced Encryption Standard)
1018 candidate cipher by researchers at CounterPane Systems. It is a
1019 16 round block cipher supporting key sizes of 128, 192, and 256
1020 bits.
1021
1022 This module provides Twofish cipher algorithm that processes three
1023 blocks parallel, utilizing resources of out-of-order CPUs better.
1024
1025 See also:
1026 <http://www.schneier.com/twofish.html>
1027
107778b5
JG		 1028config CRYPTO_TWOFISH_AVX_X86_64
1029 tristate "Twofish cipher algorithm (x86_64/AVX)"
1030 depends on X86 && 64BIT
1031 select CRYPTO_ALGAPI
1032 select CRYPTO_CRYPTD
30a04008 1033 select CRYPTO_ABLK_HELPER_X86
a7378d4e 1034 select CRYPTO_GLUE_HELPER_X86
107778b5
JG		 1035 select CRYPTO_TWOFISH_COMMON
1036 select CRYPTO_TWOFISH_X86_64
1037 select CRYPTO_TWOFISH_X86_64_3WAY
1038 select CRYPTO_LRW
1039 select CRYPTO_XTS
1040 help
1041 Twofish cipher algorithm (x86_64/AVX).
1042
1043 Twofish was submitted as an AES (Advanced Encryption Standard)
1044 candidate cipher by researchers at CounterPane Systems. It is a
1045 16 round block cipher supporting key sizes of 128, 192, and 256
1046 bits.
1047
1048 This module provides the Twofish cipher algorithm that processes
1049 eight blocks parallel using the AVX Instruction Set.
1050
1051 See also:
1052 <http://www.schneier.com/twofish.html>
1053
584fffc8
SS		 1054comment "Compression"
1055
1056config CRYPTO_DEFLATE
1057 tristate "Deflate compression algorithm"
1058 select CRYPTO_ALGAPI
1059 select ZLIB_INFLATE
1060 select ZLIB_DEFLATE
3c09f17c 1061 help
584fffc8
SS		 1062 This is the Deflate algorithm (RFC1951), specified for use in
1063 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1064
1065 You will most probably want this if using IPSec.
3c09f17c 1066
bf68e65e
GU		 1067config CRYPTO_ZLIB
1068 tristate "Zlib compression algorithm"
1069 select CRYPTO_PCOMP
1070 select ZLIB_INFLATE
1071 select ZLIB_DEFLATE
1072 select NLATTR
1073 help
1074 This is the zlib algorithm.
1075
0b77abb3
ZS		 1076config CRYPTO_LZO
1077 tristate "LZO compression algorithm"
1078 select CRYPTO_ALGAPI
1079 select LZO_COMPRESS
1080 select LZO_DECOMPRESS
1081 help
1082 This is the LZO algorithm.
1083
17f0f4a4
NH		 1084comment "Random Number Generation"
1085
1086config CRYPTO_ANSI_CPRNG
1087 tristate "Pseudo Random Number Generation for Cryptographic modules"
4e4ed83b 1088 default m
17f0f4a4
NH		 1089 select CRYPTO_AES
1090 select CRYPTO_RNG
17f0f4a4
NH		 1091 help
1092 This option enables the generic pseudo random number generator
1093 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 1094 ANSI X9.31 A.2.4. Note that this option must be enabled if
1095 CRYPTO_FIPS is selected
17f0f4a4 1096
03c8efc1
HX		 1097config CRYPTO_USER_API
1098 tristate
1099
fe869cdb
HX		 1100config CRYPTO_USER_API_HASH
1101 tristate "User-space interface for hash algorithms"
7451708f 1102 depends on NET
fe869cdb
HX		 1103 select CRYPTO_HASH
1104 select CRYPTO_USER_API
1105 help
1106 This option enables the user-spaces interface for hash
1107 algorithms.
1108
8ff59090
HX		 1109config CRYPTO_USER_API_SKCIPHER
1110 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1111 depends on NET
8ff59090
HX		 1112 select CRYPTO_BLKCIPHER
1113 select CRYPTO_USER_API
1114 help
1115 This option enables the user-spaces interface for symmetric
1116 key cipher algorithms.
1117
1da177e4 1118source "drivers/crypto/Kconfig"
1da177e4 1119
cce9e06d 1120endif # if CRYPTO
Empty description
This page took 0.619662 seconds and 4 git commands to generate.