Version:  2.0.40 2.2.26 2.4.37 3.13 3.14 3.15 3.16 3.17 3.18 3.19 4.0 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10

Linux/crypto/Kconfig

  1 #
  2 # Generic algorithms support
  3 #
  4 config XOR_BLOCKS
  5         tristate
  6 
  7 #
  8 # async_tx api: hardware offloaded memory transfer/transform support
  9 #
 10 source "crypto/async_tx/Kconfig"
 11 
 12 #
 13 # Cryptographic API Configuration
 14 #
 15 menuconfig CRYPTO
 16         tristate "Cryptographic API"
 17         help
 18           This option provides the core Cryptographic API.
 19 
 20 if CRYPTO
 21 
 22 comment "Crypto core or helper"
 23 
 24 config CRYPTO_FIPS
 25         bool "FIPS 200 compliance"
 26         depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
 27         depends on (MODULE_SIG || !MODULES)
 28         help
 29           This options enables the fips boot option which is
 30           required if you want to system to operate in a FIPS 200
 31           certification.  You should say no unless you know what
 32           this is.
 33 
 34 config CRYPTO_ALGAPI
 35         tristate
 36         select CRYPTO_ALGAPI2
 37         help
 38           This option provides the API for cryptographic algorithms.
 39 
 40 config CRYPTO_ALGAPI2
 41         tristate
 42 
 43 config CRYPTO_AEAD
 44         tristate
 45         select CRYPTO_AEAD2
 46         select CRYPTO_ALGAPI
 47 
 48 config CRYPTO_AEAD2
 49         tristate
 50         select CRYPTO_ALGAPI2
 51         select CRYPTO_NULL2
 52         select CRYPTO_RNG2
 53 
 54 config CRYPTO_BLKCIPHER
 55         tristate
 56         select CRYPTO_BLKCIPHER2
 57         select CRYPTO_ALGAPI
 58 
 59 config CRYPTO_BLKCIPHER2
 60         tristate
 61         select CRYPTO_ALGAPI2
 62         select CRYPTO_RNG2
 63         select CRYPTO_WORKQUEUE
 64 
 65 config CRYPTO_HASH
 66         tristate
 67         select CRYPTO_HASH2
 68         select CRYPTO_ALGAPI
 69 
 70 config CRYPTO_HASH2
 71         tristate
 72         select CRYPTO_ALGAPI2
 73 
 74 config CRYPTO_RNG
 75         tristate
 76         select CRYPTO_RNG2
 77         select CRYPTO_ALGAPI
 78 
 79 config CRYPTO_RNG2
 80         tristate
 81         select CRYPTO_ALGAPI2
 82 
 83 config CRYPTO_RNG_DEFAULT
 84         tristate
 85         select CRYPTO_DRBG_MENU
 86 
 87 config CRYPTO_AKCIPHER2
 88         tristate
 89         select CRYPTO_ALGAPI2
 90 
 91 config CRYPTO_AKCIPHER
 92         tristate
 93         select CRYPTO_AKCIPHER2
 94         select CRYPTO_ALGAPI
 95 
 96 config CRYPTO_KPP2
 97         tristate
 98         select CRYPTO_ALGAPI2
 99 
100 config CRYPTO_KPP
101         tristate
102         select CRYPTO_ALGAPI
103         select CRYPTO_KPP2
104 
105 config CRYPTO_ACOMP2
106         tristate
107         select CRYPTO_ALGAPI2
108 
109 config CRYPTO_ACOMP
110         tristate
111         select CRYPTO_ALGAPI
112         select CRYPTO_ACOMP2
113 
114 config CRYPTO_RSA
115         tristate "RSA algorithm"
116         select CRYPTO_AKCIPHER
117         select CRYPTO_MANAGER
118         select MPILIB
119         select ASN1
120         help
121           Generic implementation of the RSA public key algorithm.
122 
123 config CRYPTO_DH
124         tristate "Diffie-Hellman algorithm"
125         select CRYPTO_KPP
126         select MPILIB
127         help
128           Generic implementation of the Diffie-Hellman algorithm.
129 
130 config CRYPTO_ECDH
131         tristate "ECDH algorithm"
132         select CRYTPO_KPP
133         help
134           Generic implementation of the ECDH algorithm
135 
136 config CRYPTO_MANAGER
137         tristate "Cryptographic algorithm manager"
138         select CRYPTO_MANAGER2
139         help
140           Create default cryptographic template instantiations such as
141           cbc(aes).
142 
143 config CRYPTO_MANAGER2
144         def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
145         select CRYPTO_AEAD2
146         select CRYPTO_HASH2
147         select CRYPTO_BLKCIPHER2
148         select CRYPTO_AKCIPHER2
149         select CRYPTO_KPP2
150         select CRYPTO_ACOMP2
151 
152 config CRYPTO_USER
153         tristate "Userspace cryptographic algorithm configuration"
154         depends on NET
155         select CRYPTO_MANAGER
156         help
157           Userspace configuration for cryptographic instantiations such as
158           cbc(aes).
159 
160 config CRYPTO_MANAGER_DISABLE_TESTS
161         bool "Disable run-time self tests"
162         default y
163         depends on CRYPTO_MANAGER2
164         help
165           Disable run-time self tests that normally take place at
166           algorithm registration.
167 
168 config CRYPTO_GF128MUL
169         tristate "GF(2^128) multiplication functions"
170         help
171           Efficient table driven implementation of multiplications in the
172           field GF(2^128).  This is needed by some cypher modes. This
173           option will be selected automatically if you select such a
174           cipher mode.  Only select this option by hand if you expect to load
175           an external module that requires these functions.
176 
177 config CRYPTO_NULL
178         tristate "Null algorithms"
179         select CRYPTO_NULL2
180         help
181           These are 'Null' algorithms, used by IPsec, which do nothing.
182 
183 config CRYPTO_NULL2
184         tristate
185         select CRYPTO_ALGAPI2
186         select CRYPTO_BLKCIPHER2
187         select CRYPTO_HASH2
188 
189 config CRYPTO_PCRYPT
190         tristate "Parallel crypto engine"
191         depends on SMP
192         select PADATA
193         select CRYPTO_MANAGER
194         select CRYPTO_AEAD
195         help
196           This converts an arbitrary crypto algorithm into a parallel
197           algorithm that executes in kernel threads.
198 
199 config CRYPTO_WORKQUEUE
200        tristate
201 
202 config CRYPTO_CRYPTD
203         tristate "Software async crypto daemon"
204         select CRYPTO_BLKCIPHER
205         select CRYPTO_HASH
206         select CRYPTO_MANAGER
207         select CRYPTO_WORKQUEUE
208         help
209           This is a generic software asynchronous crypto daemon that
210           converts an arbitrary synchronous software crypto algorithm
211           into an asynchronous algorithm that executes in a kernel thread.
212 
213 config CRYPTO_MCRYPTD
214         tristate "Software async multi-buffer crypto daemon"
215         select CRYPTO_BLKCIPHER
216         select CRYPTO_HASH
217         select CRYPTO_MANAGER
218         select CRYPTO_WORKQUEUE
219         help
220           This is a generic software asynchronous crypto daemon that
221           provides the kernel thread to assist multi-buffer crypto
222           algorithms for submitting jobs and flushing jobs in multi-buffer
223           crypto algorithms.  Multi-buffer crypto algorithms are executed
224           in the context of this kernel thread and drivers can post
225           their crypto request asynchronously to be processed by this daemon.
226 
227 config CRYPTO_AUTHENC
228         tristate "Authenc support"
229         select CRYPTO_AEAD
230         select CRYPTO_BLKCIPHER
231         select CRYPTO_MANAGER
232         select CRYPTO_HASH
233         select CRYPTO_NULL
234         help
235           Authenc: Combined mode wrapper for IPsec.
236           This is required for IPSec.
237 
238 config CRYPTO_TEST
239         tristate "Testing module"
240         depends on m
241         select CRYPTO_MANAGER
242         help
243           Quick & dirty crypto test module.
244 
245 config CRYPTO_ABLK_HELPER
246         tristate
247         select CRYPTO_CRYPTD
248 
249 config CRYPTO_SIMD
250         tristate
251         select CRYPTO_CRYPTD
252 
253 config CRYPTO_GLUE_HELPER_X86
254         tristate
255         depends on X86
256         select CRYPTO_BLKCIPHER
257 
258 config CRYPTO_ENGINE
259         tristate
260 
261 comment "Authenticated Encryption with Associated Data"
262 
263 config CRYPTO_CCM
264         tristate "CCM support"
265         select CRYPTO_CTR
266         select CRYPTO_AEAD
267         help
268           Support for Counter with CBC MAC. Required for IPsec.
269 
270 config CRYPTO_GCM
271         tristate "GCM/GMAC support"
272         select CRYPTO_CTR
273         select CRYPTO_AEAD
274         select CRYPTO_GHASH
275         select CRYPTO_NULL
276         help
277           Support for Galois/Counter Mode (GCM) and Galois Message
278           Authentication Code (GMAC). Required for IPSec.
279 
280 config CRYPTO_CHACHA20POLY1305
281         tristate "ChaCha20-Poly1305 AEAD support"
282         select CRYPTO_CHACHA20
283         select CRYPTO_POLY1305
284         select CRYPTO_AEAD
285         help
286           ChaCha20-Poly1305 AEAD support, RFC7539.
287 
288           Support for the AEAD wrapper using the ChaCha20 stream cipher combined
289           with the Poly1305 authenticator. It is defined in RFC7539 for use in
290           IETF protocols.
291 
292 config CRYPTO_SEQIV
293         tristate "Sequence Number IV Generator"
294         select CRYPTO_AEAD
295         select CRYPTO_BLKCIPHER
296         select CRYPTO_NULL
297         select CRYPTO_RNG_DEFAULT
298         help
299           This IV generator generates an IV based on a sequence number by
300           xoring it with a salt.  This algorithm is mainly useful for CTR
301 
302 config CRYPTO_ECHAINIV
303         tristate "Encrypted Chain IV Generator"
304         select CRYPTO_AEAD
305         select CRYPTO_NULL
306         select CRYPTO_RNG_DEFAULT
307         default m
308         help
309           This IV generator generates an IV based on the encryption of
310           a sequence number xored with a salt.  This is the default
311           algorithm for CBC.
312 
313 comment "Block modes"
314 
315 config CRYPTO_CBC
316         tristate "CBC support"
317         select CRYPTO_BLKCIPHER
318         select CRYPTO_MANAGER
319         help
320           CBC: Cipher Block Chaining mode
321           This block cipher algorithm is required for IPSec.
322 
323 config CRYPTO_CTR
324         tristate "CTR support"
325         select CRYPTO_BLKCIPHER
326         select CRYPTO_SEQIV
327         select CRYPTO_MANAGER
328         help
329           CTR: Counter mode
330           This block cipher algorithm is required for IPSec.
331 
332 config CRYPTO_CTS
333         tristate "CTS support"
334         select CRYPTO_BLKCIPHER
335         help
336           CTS: Cipher Text Stealing
337           This is the Cipher Text Stealing mode as described by
338           Section 8 of rfc2040 and referenced by rfc3962.
339           (rfc3962 includes errata information in its Appendix A)
340           This mode is required for Kerberos gss mechanism support
341           for AES encryption.
342 
343 config CRYPTO_ECB
344         tristate "ECB support"
345         select CRYPTO_BLKCIPHER
346         select CRYPTO_MANAGER
347         help
348           ECB: Electronic CodeBook mode
349           This is the simplest block cipher algorithm.  It simply encrypts
350           the input block by block.
351 
352 config CRYPTO_LRW
353         tristate "LRW support"
354         select CRYPTO_BLKCIPHER
355         select CRYPTO_MANAGER
356         select CRYPTO_GF128MUL
357         help
358           LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
359           narrow block cipher mode for dm-crypt.  Use it with cipher
360           specification string aes-lrw-benbi, the key must be 256, 320 or 384.
361           The first 128, 192 or 256 bits in the key are used for AES and the
362           rest is used to tie each cipher block to its logical position.
363 
364 config CRYPTO_PCBC
365         tristate "PCBC support"
366         select CRYPTO_BLKCIPHER
367         select CRYPTO_MANAGER
368         help
369           PCBC: Propagating Cipher Block Chaining mode
370           This block cipher algorithm is required for RxRPC.
371 
372 config CRYPTO_XTS
373         tristate "XTS support"
374         select CRYPTO_BLKCIPHER
375         select CRYPTO_MANAGER
376         select CRYPTO_GF128MUL
377         help
378           XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
379           key size 256, 384 or 512 bits. This implementation currently
380           can't handle a sectorsize which is not a multiple of 16 bytes.
381 
382 config CRYPTO_KEYWRAP
383         tristate "Key wrapping support"
384         select CRYPTO_BLKCIPHER
385         help
386           Support for key wrapping (NIST SP800-38F / RFC3394) without
387           padding.
388 
389 comment "Hash modes"
390 
391 config CRYPTO_CMAC
392         tristate "CMAC support"
393         select CRYPTO_HASH
394         select CRYPTO_MANAGER
395         help
396           Cipher-based Message Authentication Code (CMAC) specified by
397           The National Institute of Standards and Technology (NIST).
398 
399           https://tools.ietf.org/html/rfc4493
400           http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
401 
402 config CRYPTO_HMAC
403         tristate "HMAC support"
404         select CRYPTO_HASH
405         select CRYPTO_MANAGER
406         help
407           HMAC: Keyed-Hashing for Message Authentication (RFC2104).
408           This is required for IPSec.
409 
410 config CRYPTO_XCBC
411         tristate "XCBC support"
412         select CRYPTO_HASH
413         select CRYPTO_MANAGER
414         help
415           XCBC: Keyed-Hashing with encryption algorithm
416                 http://www.ietf.org/rfc/rfc3566.txt
417                 http://csrc.nist.gov/encryption/modes/proposedmodes/
418                  xcbc-mac/xcbc-mac-spec.pdf
419 
420 config CRYPTO_VMAC
421         tristate "VMAC support"
422         select CRYPTO_HASH
423         select CRYPTO_MANAGER
424         help
425           VMAC is a message authentication algorithm designed for
426           very high speed on 64-bit architectures.
427 
428           See also:
429           <http://fastcrypto.org/vmac>
430 
431 comment "Digest"
432 
433 config CRYPTO_CRC32C
434         tristate "CRC32c CRC algorithm"
435         select CRYPTO_HASH
436         select CRC32
437         help
438           Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
439           by iSCSI for header and data digests and by others.
440           See Castagnoli93.  Module will be crc32c.
441 
442 config CRYPTO_CRC32C_INTEL
443         tristate "CRC32c INTEL hardware acceleration"
444         depends on X86
445         select CRYPTO_HASH
446         help
447           In Intel processor with SSE4.2 supported, the processor will
448           support CRC32C implementation using hardware accelerated CRC32
449           instruction. This option will create 'crc32c-intel' module,
450           which will enable any routine to use the CRC32 instruction to
451           gain performance compared with software implementation.
452           Module will be crc32c-intel.
453 
454 config CRYPTO_CRC32C_VPMSUM
455         tristate "CRC32c CRC algorithm (powerpc64)"
456         depends on PPC64 && ALTIVEC
457         select CRYPTO_HASH
458         select CRC32
459         help
460           CRC32c algorithm implemented using vector polynomial multiply-sum
461           (vpmsum) instructions, introduced in POWER8. Enable on POWER8
462           and newer processors for improved performance.
463 
464 
465 config CRYPTO_CRC32C_SPARC64
466         tristate "CRC32c CRC algorithm (SPARC64)"
467         depends on SPARC64
468         select CRYPTO_HASH
469         select CRC32
470         help
471           CRC32c CRC algorithm implemented using sparc64 crypto instructions,
472           when available.
473 
474 config CRYPTO_CRC32
475         tristate "CRC32 CRC algorithm"
476         select CRYPTO_HASH
477         select CRC32
478         help
479           CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
480           Shash crypto api wrappers to crc32_le function.
481 
482 config CRYPTO_CRC32_PCLMUL
483         tristate "CRC32 PCLMULQDQ hardware acceleration"
484         depends on X86
485         select CRYPTO_HASH
486         select CRC32
487         help
488           From Intel Westmere and AMD Bulldozer processor with SSE4.2
489           and PCLMULQDQ supported, the processor will support
490           CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
491           instruction. This option will create 'crc32-plcmul' module,
492           which will enable any routine to use the CRC-32-IEEE 802.3 checksum
493           and gain better performance as compared with the table implementation.
494 
495 config CRYPTO_CRCT10DIF
496         tristate "CRCT10DIF algorithm"
497         select CRYPTO_HASH
498         help
499           CRC T10 Data Integrity Field computation is being cast as
500           a crypto transform.  This allows for faster crc t10 diff
501           transforms to be used if they are available.
502 
503 config CRYPTO_CRCT10DIF_PCLMUL
504         tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
505         depends on X86 && 64BIT && CRC_T10DIF
506         select CRYPTO_HASH
507         help
508           For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
509           CRC T10 DIF PCLMULQDQ computation can be hardware
510           accelerated PCLMULQDQ instruction. This option will create
511           'crct10dif-plcmul' module, which is faster when computing the
512           crct10dif checksum as compared with the generic table implementation.
513 
514 config CRYPTO_GHASH
515         tristate "GHASH digest algorithm"
516         select CRYPTO_GF128MUL
517         select CRYPTO_HASH
518         help
519           GHASH is message digest algorithm for GCM (Galois/Counter Mode).
520 
521 config CRYPTO_POLY1305
522         tristate "Poly1305 authenticator algorithm"
523         select CRYPTO_HASH
524         help
525           Poly1305 authenticator algorithm, RFC7539.
526 
527           Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
528           It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
529           in IETF protocols. This is the portable C implementation of Poly1305.
530 
531 config CRYPTO_POLY1305_X86_64
532         tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
533         depends on X86 && 64BIT
534         select CRYPTO_POLY1305
535         help
536           Poly1305 authenticator algorithm, RFC7539.
537 
538           Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
539           It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
540           in IETF protocols. This is the x86_64 assembler implementation using SIMD
541           instructions.
542 
543 config CRYPTO_MD4
544         tristate "MD4 digest algorithm"
545         select CRYPTO_HASH
546         help
547           MD4 message digest algorithm (RFC1320).
548 
549 config CRYPTO_MD5
550         tristate "MD5 digest algorithm"
551         select CRYPTO_HASH
552         help
553           MD5 message digest algorithm (RFC1321).
554 
555 config CRYPTO_MD5_OCTEON
556         tristate "MD5 digest algorithm (OCTEON)"
557         depends on CPU_CAVIUM_OCTEON
558         select CRYPTO_MD5
559         select CRYPTO_HASH
560         help
561           MD5 message digest algorithm (RFC1321) implemented
562           using OCTEON crypto instructions, when available.
563 
564 config CRYPTO_MD5_PPC
565         tristate "MD5 digest algorithm (PPC)"
566         depends on PPC
567         select CRYPTO_HASH
568         help
569           MD5 message digest algorithm (RFC1321) implemented
570           in PPC assembler.
571 
572 config CRYPTO_MD5_SPARC64
573         tristate "MD5 digest algorithm (SPARC64)"
574         depends on SPARC64
575         select CRYPTO_MD5
576         select CRYPTO_HASH
577         help
578           MD5 message digest algorithm (RFC1321) implemented
579           using sparc64 crypto instructions, when available.
580 
581 config CRYPTO_MICHAEL_MIC
582         tristate "Michael MIC keyed digest algorithm"
583         select CRYPTO_HASH
584         help
585           Michael MIC is used for message integrity protection in TKIP
586           (IEEE 802.11i). This algorithm is required for TKIP, but it
587           should not be used for other purposes because of the weakness
588           of the algorithm.
589 
590 config CRYPTO_RMD128
591         tristate "RIPEMD-128 digest algorithm"
592         select CRYPTO_HASH
593         help
594           RIPEMD-128 (ISO/IEC 10118-3:2004).
595 
596           RIPEMD-128 is a 128-bit cryptographic hash function. It should only
597           be used as a secure replacement for RIPEMD. For other use cases,
598           RIPEMD-160 should be used.
599 
600           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
601           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
602 
603 config CRYPTO_RMD160
604         tristate "RIPEMD-160 digest algorithm"
605         select CRYPTO_HASH
606         help
607           RIPEMD-160 (ISO/IEC 10118-3:2004).
608 
609           RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
610           to be used as a secure replacement for the 128-bit hash functions
611           MD4, MD5 and it's predecessor RIPEMD
612           (not to be confused with RIPEMD-128).
613 
614           It's speed is comparable to SHA1 and there are no known attacks
615           against RIPEMD-160.
616 
617           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
618           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
619 
620 config CRYPTO_RMD256
621         tristate "RIPEMD-256 digest algorithm"
622         select CRYPTO_HASH
623         help
624           RIPEMD-256 is an optional extension of RIPEMD-128 with a
625           256 bit hash. It is intended for applications that require
626           longer hash-results, without needing a larger security level
627           (than RIPEMD-128).
628 
629           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
630           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
631 
632 config CRYPTO_RMD320
633         tristate "RIPEMD-320 digest algorithm"
634         select CRYPTO_HASH
635         help
636           RIPEMD-320 is an optional extension of RIPEMD-160 with a
637           320 bit hash. It is intended for applications that require
638           longer hash-results, without needing a larger security level
639           (than RIPEMD-160).
640 
641           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
642           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
643 
644 config CRYPTO_SHA1
645         tristate "SHA1 digest algorithm"
646         select CRYPTO_HASH
647         help
648           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
649 
650 config CRYPTO_SHA1_SSSE3
651         tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
652         depends on X86 && 64BIT
653         select CRYPTO_SHA1
654         select CRYPTO_HASH
655         help
656           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
657           using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
658           Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
659           when available.
660 
661 config CRYPTO_SHA256_SSSE3
662         tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
663         depends on X86 && 64BIT
664         select CRYPTO_SHA256
665         select CRYPTO_HASH
666         help
667           SHA-256 secure hash standard (DFIPS 180-2) implemented
668           using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
669           Extensions version 1 (AVX1), or Advanced Vector Extensions
670           version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
671           Instructions) when available.
672 
673 config CRYPTO_SHA512_SSSE3
674         tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
675         depends on X86 && 64BIT
676         select CRYPTO_SHA512
677         select CRYPTO_HASH
678         help
679           SHA-512 secure hash standard (DFIPS 180-2) implemented
680           using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
681           Extensions version 1 (AVX1), or Advanced Vector Extensions
682           version 2 (AVX2) instructions, when available.
683 
684 config CRYPTO_SHA1_OCTEON
685         tristate "SHA1 digest algorithm (OCTEON)"
686         depends on CPU_CAVIUM_OCTEON
687         select CRYPTO_SHA1
688         select CRYPTO_HASH
689         help
690           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
691           using OCTEON crypto instructions, when available.
692 
693 config CRYPTO_SHA1_SPARC64
694         tristate "SHA1 digest algorithm (SPARC64)"
695         depends on SPARC64
696         select CRYPTO_SHA1
697         select CRYPTO_HASH
698         help
699           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
700           using sparc64 crypto instructions, when available.
701 
702 config CRYPTO_SHA1_PPC
703         tristate "SHA1 digest algorithm (powerpc)"
704         depends on PPC
705         help
706           This is the powerpc hardware accelerated implementation of the
707           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
708 
709 config CRYPTO_SHA1_PPC_SPE
710         tristate "SHA1 digest algorithm (PPC SPE)"
711         depends on PPC && SPE
712         help
713           SHA-1 secure hash standard (DFIPS 180-4) implemented
714           using powerpc SPE SIMD instruction set.
715 
716 config CRYPTO_SHA1_MB
717         tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
718         depends on X86 && 64BIT
719         select CRYPTO_SHA1
720         select CRYPTO_HASH
721         select CRYPTO_MCRYPTD
722         help
723           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
724           using multi-buffer technique.  This algorithm computes on
725           multiple data lanes concurrently with SIMD instructions for
726           better throughput.  It should not be enabled by default but
727           used when there is significant amount of work to keep the keep
728           the data lanes filled to get performance benefit.  If the data
729           lanes remain unfilled, a flush operation will be initiated to
730           process the crypto jobs, adding a slight latency.
731 
732 config CRYPTO_SHA256_MB
733         tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
734         depends on X86 && 64BIT
735         select CRYPTO_SHA256
736         select CRYPTO_HASH
737         select CRYPTO_MCRYPTD
738         help
739           SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
740           using multi-buffer technique.  This algorithm computes on
741           multiple data lanes concurrently with SIMD instructions for
742           better throughput.  It should not be enabled by default but
743           used when there is significant amount of work to keep the keep
744           the data lanes filled to get performance benefit.  If the data
745           lanes remain unfilled, a flush operation will be initiated to
746           process the crypto jobs, adding a slight latency.
747 
748 config CRYPTO_SHA512_MB
749         tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
750         depends on X86 && 64BIT
751         select CRYPTO_SHA512
752         select CRYPTO_HASH
753         select CRYPTO_MCRYPTD
754         help
755           SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
756           using multi-buffer technique.  This algorithm computes on
757           multiple data lanes concurrently with SIMD instructions for
758           better throughput.  It should not be enabled by default but
759           used when there is significant amount of work to keep the keep
760           the data lanes filled to get performance benefit.  If the data
761           lanes remain unfilled, a flush operation will be initiated to
762           process the crypto jobs, adding a slight latency.
763 
764 config CRYPTO_SHA256
765         tristate "SHA224 and SHA256 digest algorithm"
766         select CRYPTO_HASH
767         help
768           SHA256 secure hash standard (DFIPS 180-2).
769 
770           This version of SHA implements a 256 bit hash with 128 bits of
771           security against collision attacks.
772 
773           This code also includes SHA-224, a 224 bit hash with 112 bits
774           of security against collision attacks.
775 
776 config CRYPTO_SHA256_PPC_SPE
777         tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
778         depends on PPC && SPE
779         select CRYPTO_SHA256
780         select CRYPTO_HASH
781         help
782           SHA224 and SHA256 secure hash standard (DFIPS 180-2)
783           implemented using powerpc SPE SIMD instruction set.
784 
785 config CRYPTO_SHA256_OCTEON
786         tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
787         depends on CPU_CAVIUM_OCTEON
788         select CRYPTO_SHA256
789         select CRYPTO_HASH
790         help
791           SHA-256 secure hash standard (DFIPS 180-2) implemented
792           using OCTEON crypto instructions, when available.
793 
794 config CRYPTO_SHA256_SPARC64
795         tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
796         depends on SPARC64
797         select CRYPTO_SHA256
798         select CRYPTO_HASH
799         help
800           SHA-256 secure hash standard (DFIPS 180-2) implemented
801           using sparc64 crypto instructions, when available.
802 
803 config CRYPTO_SHA512
804         tristate "SHA384 and SHA512 digest algorithms"
805         select CRYPTO_HASH
806         help
807           SHA512 secure hash standard (DFIPS 180-2).
808 
809           This version of SHA implements a 512 bit hash with 256 bits of
810           security against collision attacks.
811 
812           This code also includes SHA-384, a 384 bit hash with 192 bits
813           of security against collision attacks.
814 
815 config CRYPTO_SHA512_OCTEON
816         tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
817         depends on CPU_CAVIUM_OCTEON
818         select CRYPTO_SHA512
819         select CRYPTO_HASH
820         help
821           SHA-512 secure hash standard (DFIPS 180-2) implemented
822           using OCTEON crypto instructions, when available.
823 
824 config CRYPTO_SHA512_SPARC64
825         tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
826         depends on SPARC64
827         select CRYPTO_SHA512
828         select CRYPTO_HASH
829         help
830           SHA-512 secure hash standard (DFIPS 180-2) implemented
831           using sparc64 crypto instructions, when available.
832 
833 config CRYPTO_SHA3
834         tristate "SHA3 digest algorithm"
835         select CRYPTO_HASH
836         help
837           SHA-3 secure hash standard (DFIPS 202). It's based on
838           cryptographic sponge function family called Keccak.
839 
840           References:
841           http://keccak.noekeon.org/
842 
843 config CRYPTO_TGR192
844         tristate "Tiger digest algorithms"
845         select CRYPTO_HASH
846         help
847           Tiger hash algorithm 192, 160 and 128-bit hashes
848 
849           Tiger is a hash function optimized for 64-bit processors while
850           still having decent performance on 32-bit processors.
851           Tiger was developed by Ross Anderson and Eli Biham.
852 
853           See also:
854           <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
855 
856 config CRYPTO_WP512
857         tristate "Whirlpool digest algorithms"
858         select CRYPTO_HASH
859         help
860           Whirlpool hash algorithm 512, 384 and 256-bit hashes
861 
862           Whirlpool-512 is part of the NESSIE cryptographic primitives.
863           Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
864 
865           See also:
866           <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
867 
868 config CRYPTO_GHASH_CLMUL_NI_INTEL
869         tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
870         depends on X86 && 64BIT
871         select CRYPTO_CRYPTD
872         help
873           GHASH is message digest algorithm for GCM (Galois/Counter Mode).
874           The implementation is accelerated by CLMUL-NI of Intel.
875 
876 comment "Ciphers"
877 
878 config CRYPTO_AES
879         tristate "AES cipher algorithms"
880         select CRYPTO_ALGAPI
881         help
882           AES cipher algorithms (FIPS-197). AES uses the Rijndael
883           algorithm.
884 
885           Rijndael appears to be consistently a very good performer in
886           both hardware and software across a wide range of computing
887           environments regardless of its use in feedback or non-feedback
888           modes. Its key setup time is excellent, and its key agility is
889           good. Rijndael's very low memory requirements make it very well
890           suited for restricted-space environments, in which it also
891           demonstrates excellent performance. Rijndael's operations are
892           among the easiest to defend against power and timing attacks.
893 
894           The AES specifies three key sizes: 128, 192 and 256 bits
895 
896           See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
897 
898 config CRYPTO_AES_586
899         tristate "AES cipher algorithms (i586)"
900         depends on (X86 || UML_X86) && !64BIT
901         select CRYPTO_ALGAPI
902         select CRYPTO_AES
903         help
904           AES cipher algorithms (FIPS-197). AES uses the Rijndael
905           algorithm.
906 
907           Rijndael appears to be consistently a very good performer in
908           both hardware and software across a wide range of computing
909           environments regardless of its use in feedback or non-feedback
910           modes. Its key setup time is excellent, and its key agility is
911           good. Rijndael's very low memory requirements make it very well
912           suited for restricted-space environments, in which it also
913           demonstrates excellent performance. Rijndael's operations are
914           among the easiest to defend against power and timing attacks.
915 
916           The AES specifies three key sizes: 128, 192 and 256 bits
917 
918           See <http://csrc.nist.gov/encryption/aes/> for more information.
919 
920 config CRYPTO_AES_X86_64
921         tristate "AES cipher algorithms (x86_64)"
922         depends on (X86 || UML_X86) && 64BIT
923         select CRYPTO_ALGAPI
924         select CRYPTO_AES
925         help
926           AES cipher algorithms (FIPS-197). AES uses the Rijndael
927           algorithm.
928 
929           Rijndael appears to be consistently a very good performer in
930           both hardware and software across a wide range of computing
931           environments regardless of its use in feedback or non-feedback
932           modes. Its key setup time is excellent, and its key agility is
933           good. Rijndael's very low memory requirements make it very well
934           suited for restricted-space environments, in which it also
935           demonstrates excellent performance. Rijndael's operations are
936           among the easiest to defend against power and timing attacks.
937 
938           The AES specifies three key sizes: 128, 192 and 256 bits
939 
940           See <http://csrc.nist.gov/encryption/aes/> for more information.
941 
942 config CRYPTO_AES_NI_INTEL
943         tristate "AES cipher algorithms (AES-NI)"
944         depends on X86
945         select CRYPTO_AEAD
946         select CRYPTO_AES_X86_64 if 64BIT
947         select CRYPTO_AES_586 if !64BIT
948         select CRYPTO_ALGAPI
949         select CRYPTO_BLKCIPHER
950         select CRYPTO_GLUE_HELPER_X86 if 64BIT
951         select CRYPTO_SIMD
952         help
953           Use Intel AES-NI instructions for AES algorithm.
954 
955           AES cipher algorithms (FIPS-197). AES uses the Rijndael
956           algorithm.
957 
958           Rijndael appears to be consistently a very good performer in
959           both hardware and software across a wide range of computing
960           environments regardless of its use in feedback or non-feedback
961           modes. Its key setup time is excellent, and its key agility is
962           good. Rijndael's very low memory requirements make it very well
963           suited for restricted-space environments, in which it also
964           demonstrates excellent performance. Rijndael's operations are
965           among the easiest to defend against power and timing attacks.
966 
967           The AES specifies three key sizes: 128, 192 and 256 bits
968 
969           See <http://csrc.nist.gov/encryption/aes/> for more information.
970 
971           In addition to AES cipher algorithm support, the acceleration
972           for some popular block cipher mode is supported too, including
973           ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
974           acceleration for CTR.
975 
976 config CRYPTO_AES_SPARC64
977         tristate "AES cipher algorithms (SPARC64)"
978         depends on SPARC64
979         select CRYPTO_CRYPTD
980         select CRYPTO_ALGAPI
981         help
982           Use SPARC64 crypto opcodes for AES algorithm.
983 
984           AES cipher algorithms (FIPS-197). AES uses the Rijndael
985           algorithm.
986 
987           Rijndael appears to be consistently a very good performer in
988           both hardware and software across a wide range of computing
989           environments regardless of its use in feedback or non-feedback
990           modes. Its key setup time is excellent, and its key agility is
991           good. Rijndael's very low memory requirements make it very well
992           suited for restricted-space environments, in which it also
993           demonstrates excellent performance. Rijndael's operations are
994           among the easiest to defend against power and timing attacks.
995 
996           The AES specifies three key sizes: 128, 192 and 256 bits
997 
998           See <http://csrc.nist.gov/encryption/aes/> for more information.
999 
1000           In addition to AES cipher algorithm support, the acceleration
1001           for some popular block cipher mode is supported too, including
1002           ECB and CBC.
1003 
1004 config CRYPTO_AES_PPC_SPE
1005         tristate "AES cipher algorithms (PPC SPE)"
1006         depends on PPC && SPE
1007         help
1008           AES cipher algorithms (FIPS-197). Additionally the acceleration
1009           for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1010           This module should only be used for low power (router) devices
1011           without hardware AES acceleration (e.g. caam crypto). It reduces the
1012           size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1013           timining attacks. Nevertheless it might be not as secure as other
1014           architecture specific assembler implementations that work on 1KB
1015           tables or 256 bytes S-boxes.
1016 
1017 config CRYPTO_ANUBIS
1018         tristate "Anubis cipher algorithm"
1019         select CRYPTO_ALGAPI
1020         help
1021           Anubis cipher algorithm.
1022 
1023           Anubis is a variable key length cipher which can use keys from
1024           128 bits to 320 bits in length.  It was evaluated as a entrant
1025           in the NESSIE competition.
1026 
1027           See also:
1028           <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1029           <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
1030 
1031 config CRYPTO_ARC4
1032         tristate "ARC4 cipher algorithm"
1033         select CRYPTO_BLKCIPHER
1034         help
1035           ARC4 cipher algorithm.
1036 
1037           ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1038           bits in length.  This algorithm is required for driver-based
1039           WEP, but it should not be for other purposes because of the
1040           weakness of the algorithm.
1041 
1042 config CRYPTO_BLOWFISH
1043         tristate "Blowfish cipher algorithm"
1044         select CRYPTO_ALGAPI
1045         select CRYPTO_BLOWFISH_COMMON
1046         help
1047           Blowfish cipher algorithm, by Bruce Schneier.
1048 
1049           This is a variable key length cipher which can use keys from 32
1050           bits to 448 bits in length.  It's fast, simple and specifically
1051           designed for use on "large microprocessors".
1052 
1053           See also:
1054           <http://www.schneier.com/blowfish.html>
1055 
1056 config CRYPTO_BLOWFISH_COMMON
1057         tristate
1058         help
1059           Common parts of the Blowfish cipher algorithm shared by the
1060           generic c and the assembler implementations.
1061 
1062           See also:
1063           <http://www.schneier.com/blowfish.html>
1064 
1065 config CRYPTO_BLOWFISH_X86_64
1066         tristate "Blowfish cipher algorithm (x86_64)"
1067         depends on X86 && 64BIT
1068         select CRYPTO_ALGAPI
1069         select CRYPTO_BLOWFISH_COMMON
1070         help
1071           Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1072 
1073           This is a variable key length cipher which can use keys from 32
1074           bits to 448 bits in length.  It's fast, simple and specifically
1075           designed for use on "large microprocessors".
1076 
1077           See also:
1078           <http://www.schneier.com/blowfish.html>
1079 
1080 config CRYPTO_CAMELLIA
1081         tristate "Camellia cipher algorithms"
1082         depends on CRYPTO
1083         select CRYPTO_ALGAPI
1084         help
1085           Camellia cipher algorithms module.
1086 
1087           Camellia is a symmetric key block cipher developed jointly
1088           at NTT and Mitsubishi Electric Corporation.
1089 
1090           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1091 
1092           See also:
1093           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1094 
1095 config CRYPTO_CAMELLIA_X86_64
1096         tristate "Camellia cipher algorithm (x86_64)"
1097         depends on X86 && 64BIT
1098         depends on CRYPTO
1099         select CRYPTO_ALGAPI
1100         select CRYPTO_GLUE_HELPER_X86
1101         select CRYPTO_LRW
1102         select CRYPTO_XTS
1103         help
1104           Camellia cipher algorithm module (x86_64).
1105 
1106           Camellia is a symmetric key block cipher developed jointly
1107           at NTT and Mitsubishi Electric Corporation.
1108 
1109           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1110 
1111           See also:
1112           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1113 
1114 config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1115         tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1116         depends on X86 && 64BIT
1117         depends on CRYPTO
1118         select CRYPTO_ALGAPI
1119         select CRYPTO_CRYPTD
1120         select CRYPTO_ABLK_HELPER
1121         select CRYPTO_GLUE_HELPER_X86
1122         select CRYPTO_CAMELLIA_X86_64
1123         select CRYPTO_LRW
1124         select CRYPTO_XTS
1125         help
1126           Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1127 
1128           Camellia is a symmetric key block cipher developed jointly
1129           at NTT and Mitsubishi Electric Corporation.
1130 
1131           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1132 
1133           See also:
1134           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1135 
1136 config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1137         tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1138         depends on X86 && 64BIT
1139         depends on CRYPTO
1140         select CRYPTO_ALGAPI
1141         select CRYPTO_CRYPTD
1142         select CRYPTO_ABLK_HELPER
1143         select CRYPTO_GLUE_HELPER_X86
1144         select CRYPTO_CAMELLIA_X86_64
1145         select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1146         select CRYPTO_LRW
1147         select CRYPTO_XTS
1148         help
1149           Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1150 
1151           Camellia is a symmetric key block cipher developed jointly
1152           at NTT and Mitsubishi Electric Corporation.
1153 
1154           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1155 
1156           See also:
1157           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1158 
1159 config CRYPTO_CAMELLIA_SPARC64
1160         tristate "Camellia cipher algorithm (SPARC64)"
1161         depends on SPARC64
1162         depends on CRYPTO
1163         select CRYPTO_ALGAPI
1164         help
1165           Camellia cipher algorithm module (SPARC64).
1166 
1167           Camellia is a symmetric key block cipher developed jointly
1168           at NTT and Mitsubishi Electric Corporation.
1169 
1170           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1171 
1172           See also:
1173           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1174 
1175 config CRYPTO_CAST_COMMON
1176         tristate
1177         help
1178           Common parts of the CAST cipher algorithms shared by the
1179           generic c and the assembler implementations.
1180 
1181 config CRYPTO_CAST5
1182         tristate "CAST5 (CAST-128) cipher algorithm"
1183         select CRYPTO_ALGAPI
1184         select CRYPTO_CAST_COMMON
1185         help
1186           The CAST5 encryption algorithm (synonymous with CAST-128) is
1187           described in RFC2144.
1188 
1189 config CRYPTO_CAST5_AVX_X86_64
1190         tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1191         depends on X86 && 64BIT
1192         select CRYPTO_ALGAPI
1193         select CRYPTO_CRYPTD
1194         select CRYPTO_ABLK_HELPER
1195         select CRYPTO_CAST_COMMON
1196         select CRYPTO_CAST5
1197         help
1198           The CAST5 encryption algorithm (synonymous with CAST-128) is
1199           described in RFC2144.
1200 
1201           This module provides the Cast5 cipher algorithm that processes
1202           sixteen blocks parallel using the AVX instruction set.
1203 
1204 config CRYPTO_CAST6
1205         tristate "CAST6 (CAST-256) cipher algorithm"
1206         select CRYPTO_ALGAPI
1207         select CRYPTO_CAST_COMMON
1208         help
1209           The CAST6 encryption algorithm (synonymous with CAST-256) is
1210           described in RFC2612.
1211 
1212 config CRYPTO_CAST6_AVX_X86_64
1213         tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1214         depends on X86 && 64BIT
1215         select CRYPTO_ALGAPI
1216         select CRYPTO_CRYPTD
1217         select CRYPTO_ABLK_HELPER
1218         select CRYPTO_GLUE_HELPER_X86
1219         select CRYPTO_CAST_COMMON
1220         select CRYPTO_CAST6
1221         select CRYPTO_LRW
1222         select CRYPTO_XTS
1223         help
1224           The CAST6 encryption algorithm (synonymous with CAST-256) is
1225           described in RFC2612.
1226 
1227           This module provides the Cast6 cipher algorithm that processes
1228           eight blocks parallel using the AVX instruction set.
1229 
1230 config CRYPTO_DES
1231         tristate "DES and Triple DES EDE cipher algorithms"
1232         select CRYPTO_ALGAPI
1233         help
1234           DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1235 
1236 config CRYPTO_DES_SPARC64
1237         tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
1238         depends on SPARC64
1239         select CRYPTO_ALGAPI
1240         select CRYPTO_DES
1241         help
1242           DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1243           optimized using SPARC64 crypto opcodes.
1244 
1245 config CRYPTO_DES3_EDE_X86_64
1246         tristate "Triple DES EDE cipher algorithm (x86-64)"
1247         depends on X86 && 64BIT
1248         select CRYPTO_ALGAPI
1249         select CRYPTO_DES
1250         help
1251           Triple DES EDE (FIPS 46-3) algorithm.
1252 
1253           This module provides implementation of the Triple DES EDE cipher
1254           algorithm that is optimized for x86-64 processors. Two versions of
1255           algorithm are provided; regular processing one input block and
1256           one that processes three blocks parallel.
1257 
1258 config CRYPTO_FCRYPT
1259         tristate "FCrypt cipher algorithm"
1260         select CRYPTO_ALGAPI
1261         select CRYPTO_BLKCIPHER
1262         help
1263           FCrypt algorithm used by RxRPC.
1264 
1265 config CRYPTO_KHAZAD
1266         tristate "Khazad cipher algorithm"
1267         select CRYPTO_ALGAPI
1268         help
1269           Khazad cipher algorithm.
1270 
1271           Khazad was a finalist in the initial NESSIE competition.  It is
1272           an algorithm optimized for 64-bit processors with good performance
1273           on 32-bit processors.  Khazad uses an 128 bit key size.
1274 
1275           See also:
1276           <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1277 
1278 config CRYPTO_SALSA20
1279         tristate "Salsa20 stream cipher algorithm"
1280         select CRYPTO_BLKCIPHER
1281         help
1282           Salsa20 stream cipher algorithm.
1283 
1284           Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1285           Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1286 
1287           The Salsa20 stream cipher algorithm is designed by Daniel J.
1288           Bernstein http://cr.yp.to/snuffle.html"><djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1289 
1290 config CRYPTO_SALSA20_586
1291         tristate "Salsa20 stream cipher algorithm (i586)"
1292         depends on (X86 || UML_X86) && !64BIT
1293         select CRYPTO_BLKCIPHER
1294         help
1295           Salsa20 stream cipher algorithm.
1296 
1297           Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1298           Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1299 
1300           The Salsa20 stream cipher algorithm is designed by Daniel J.
1301           Bernstein http://cr.yp.to/snuffle.html"><djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1302 
1303 config CRYPTO_SALSA20_X86_64
1304         tristate "Salsa20 stream cipher algorithm (x86_64)"
1305         depends on (X86 || UML_X86) && 64BIT
1306         select CRYPTO_BLKCIPHER
1307         help
1308           Salsa20 stream cipher algorithm.
1309 
1310           Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1311           Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1312 
1313           The Salsa20 stream cipher algorithm is designed by Daniel J.
1314           Bernstein http://cr.yp.to/snuffle.html"><djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1315 
1316 config CRYPTO_CHACHA20
1317         tristate "ChaCha20 cipher algorithm"
1318         select CRYPTO_BLKCIPHER
1319         help
1320           ChaCha20 cipher algorithm, RFC7539.
1321 
1322           ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1323           Bernstein and further specified in RFC7539 for use in IETF protocols.
1324           This is the portable C implementation of ChaCha20.
1325 
1326           See also:
1327           <http://cr.yp.to/chacha/chacha-20080128.pdf>
1328 
1329 config CRYPTO_CHACHA20_X86_64
1330         tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
1331         depends on X86 && 64BIT
1332         select CRYPTO_BLKCIPHER
1333         select CRYPTO_CHACHA20
1334         help
1335           ChaCha20 cipher algorithm, RFC7539.
1336 
1337           ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1338           Bernstein and further specified in RFC7539 for use in IETF protocols.
1339           This is the x86_64 assembler implementation using SIMD instructions.
1340 
1341           See also:
1342           <http://cr.yp.to/chacha/chacha-20080128.pdf>
1343 
1344 config CRYPTO_SEED
1345         tristate "SEED cipher algorithm"
1346         select CRYPTO_ALGAPI
1347         help
1348           SEED cipher algorithm (RFC4269).
1349 
1350           SEED is a 128-bit symmetric key block cipher that has been
1351           developed by KISA (Korea Information Security Agency) as a
1352           national standard encryption algorithm of the Republic of Korea.
1353           It is a 16 round block cipher with the key size of 128 bit.
1354 
1355           See also:
1356           <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1357 
1358 config CRYPTO_SERPENT
1359         tristate "Serpent cipher algorithm"
1360         select CRYPTO_ALGAPI
1361         help
1362           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1363 
1364           Keys are allowed to be from 0 to 256 bits in length, in steps
1365           of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
1366           variant of Serpent for compatibility with old kerneli.org code.
1367 
1368           See also:
1369           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1370 
1371 config CRYPTO_SERPENT_SSE2_X86_64
1372         tristate "Serpent cipher algorithm (x86_64/SSE2)"
1373         depends on X86 && 64BIT
1374         select CRYPTO_ALGAPI
1375         select CRYPTO_CRYPTD
1376         select CRYPTO_ABLK_HELPER
1377         select CRYPTO_GLUE_HELPER_X86
1378         select CRYPTO_SERPENT
1379         select CRYPTO_LRW
1380         select CRYPTO_XTS
1381         help
1382           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1383 
1384           Keys are allowed to be from 0 to 256 bits in length, in steps
1385           of 8 bits.
1386 
1387           This module provides Serpent cipher algorithm that processes eight
1388           blocks parallel using SSE2 instruction set.
1389 
1390           See also:
1391           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1392 
1393 config CRYPTO_SERPENT_SSE2_586
1394         tristate "Serpent cipher algorithm (i586/SSE2)"
1395         depends on X86 && !64BIT
1396         select CRYPTO_ALGAPI
1397         select CRYPTO_CRYPTD
1398         select CRYPTO_ABLK_HELPER
1399         select CRYPTO_GLUE_HELPER_X86
1400         select CRYPTO_SERPENT
1401         select CRYPTO_LRW
1402         select CRYPTO_XTS
1403         help
1404           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1405 
1406           Keys are allowed to be from 0 to 256 bits in length, in steps
1407           of 8 bits.
1408 
1409           This module provides Serpent cipher algorithm that processes four
1410           blocks parallel using SSE2 instruction set.
1411 
1412           See also:
1413           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1414 
1415 config CRYPTO_SERPENT_AVX_X86_64
1416         tristate "Serpent cipher algorithm (x86_64/AVX)"
1417         depends on X86 && 64BIT
1418         select CRYPTO_ALGAPI
1419         select CRYPTO_CRYPTD
1420         select CRYPTO_ABLK_HELPER
1421         select CRYPTO_GLUE_HELPER_X86
1422         select CRYPTO_SERPENT
1423         select CRYPTO_LRW
1424         select CRYPTO_XTS
1425         help
1426           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1427 
1428           Keys are allowed to be from 0 to 256 bits in length, in steps
1429           of 8 bits.
1430 
1431           This module provides the Serpent cipher algorithm that processes
1432           eight blocks parallel using the AVX instruction set.
1433 
1434           See also:
1435           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1436 
1437 config CRYPTO_SERPENT_AVX2_X86_64
1438         tristate "Serpent cipher algorithm (x86_64/AVX2)"
1439         depends on X86 && 64BIT
1440         select CRYPTO_ALGAPI
1441         select CRYPTO_CRYPTD
1442         select CRYPTO_ABLK_HELPER
1443         select CRYPTO_GLUE_HELPER_X86
1444         select CRYPTO_SERPENT
1445         select CRYPTO_SERPENT_AVX_X86_64
1446         select CRYPTO_LRW
1447         select CRYPTO_XTS
1448         help
1449           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1450 
1451           Keys are allowed to be from 0 to 256 bits in length, in steps
1452           of 8 bits.
1453 
1454           This module provides Serpent cipher algorithm that processes 16
1455           blocks parallel using AVX2 instruction set.
1456 
1457           See also:
1458           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1459 
1460 config CRYPTO_TEA
1461         tristate "TEA, XTEA and XETA cipher algorithms"
1462         select CRYPTO_ALGAPI
1463         help
1464           TEA cipher algorithm.
1465 
1466           Tiny Encryption Algorithm is a simple cipher that uses
1467           many rounds for security.  It is very fast and uses
1468           little memory.
1469 
1470           Xtendend Tiny Encryption Algorithm is a modification to
1471           the TEA algorithm to address a potential key weakness
1472           in the TEA algorithm.
1473 
1474           Xtendend Encryption Tiny Algorithm is a mis-implementation
1475           of the XTEA algorithm for compatibility purposes.
1476 
1477 config CRYPTO_TWOFISH
1478         tristate "Twofish cipher algorithm"
1479         select CRYPTO_ALGAPI
1480         select CRYPTO_TWOFISH_COMMON
1481         help
1482           Twofish cipher algorithm.
1483 
1484           Twofish was submitted as an AES (Advanced Encryption Standard)
1485           candidate cipher by researchers at CounterPane Systems.  It is a
1486           16 round block cipher supporting key sizes of 128, 192, and 256
1487           bits.
1488 
1489           See also:
1490           <http://www.schneier.com/twofish.html>
1491 
1492 config CRYPTO_TWOFISH_COMMON
1493         tristate
1494         help
1495           Common parts of the Twofish cipher algorithm shared by the
1496           generic c and the assembler implementations.
1497 
1498 config CRYPTO_TWOFISH_586
1499         tristate "Twofish cipher algorithms (i586)"
1500         depends on (X86 || UML_X86) && !64BIT
1501         select CRYPTO_ALGAPI
1502         select CRYPTO_TWOFISH_COMMON
1503         help
1504           Twofish cipher algorithm.
1505 
1506           Twofish was submitted as an AES (Advanced Encryption Standard)
1507           candidate cipher by researchers at CounterPane Systems.  It is a
1508           16 round block cipher supporting key sizes of 128, 192, and 256
1509           bits.
1510 
1511           See also:
1512           <http://www.schneier.com/twofish.html>
1513 
1514 config CRYPTO_TWOFISH_X86_64
1515         tristate "Twofish cipher algorithm (x86_64)"
1516         depends on (X86 || UML_X86) && 64BIT
1517         select CRYPTO_ALGAPI
1518         select CRYPTO_TWOFISH_COMMON
1519         help
1520           Twofish cipher algorithm (x86_64).
1521 
1522           Twofish was submitted as an AES (Advanced Encryption Standard)
1523           candidate cipher by researchers at CounterPane Systems.  It is a
1524           16 round block cipher supporting key sizes of 128, 192, and 256
1525           bits.
1526 
1527           See also:
1528           <http://www.schneier.com/twofish.html>
1529 
1530 config CRYPTO_TWOFISH_X86_64_3WAY
1531         tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1532         depends on X86 && 64BIT
1533         select CRYPTO_ALGAPI
1534         select CRYPTO_TWOFISH_COMMON
1535         select CRYPTO_TWOFISH_X86_64
1536         select CRYPTO_GLUE_HELPER_X86
1537         select CRYPTO_LRW
1538         select CRYPTO_XTS
1539         help
1540           Twofish cipher algorithm (x86_64, 3-way parallel).
1541 
1542           Twofish was submitted as an AES (Advanced Encryption Standard)
1543           candidate cipher by researchers at CounterPane Systems.  It is a
1544           16 round block cipher supporting key sizes of 128, 192, and 256
1545           bits.
1546 
1547           This module provides Twofish cipher algorithm that processes three
1548           blocks parallel, utilizing resources of out-of-order CPUs better.
1549 
1550           See also:
1551           <http://www.schneier.com/twofish.html>
1552 
1553 config CRYPTO_TWOFISH_AVX_X86_64
1554         tristate "Twofish cipher algorithm (x86_64/AVX)"
1555         depends on X86 && 64BIT
1556         select CRYPTO_ALGAPI
1557         select CRYPTO_CRYPTD
1558         select CRYPTO_ABLK_HELPER
1559         select CRYPTO_GLUE_HELPER_X86
1560         select CRYPTO_TWOFISH_COMMON
1561         select CRYPTO_TWOFISH_X86_64
1562         select CRYPTO_TWOFISH_X86_64_3WAY
1563         select CRYPTO_LRW
1564         select CRYPTO_XTS
1565         help
1566           Twofish cipher algorithm (x86_64/AVX).
1567 
1568           Twofish was submitted as an AES (Advanced Encryption Standard)
1569           candidate cipher by researchers at CounterPane Systems.  It is a
1570           16 round block cipher supporting key sizes of 128, 192, and 256
1571           bits.
1572 
1573           This module provides the Twofish cipher algorithm that processes
1574           eight blocks parallel using the AVX Instruction Set.
1575 
1576           See also:
1577           <http://www.schneier.com/twofish.html>
1578 
1579 comment "Compression"
1580 
1581 config CRYPTO_DEFLATE
1582         tristate "Deflate compression algorithm"
1583         select CRYPTO_ALGAPI
1584         select CRYPTO_ACOMP2
1585         select ZLIB_INFLATE
1586         select ZLIB_DEFLATE
1587         help
1588           This is the Deflate algorithm (RFC1951), specified for use in
1589           IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1590 
1591           You will most probably want this if using IPSec.
1592 
1593 config CRYPTO_LZO
1594         tristate "LZO compression algorithm"
1595         select CRYPTO_ALGAPI
1596         select CRYPTO_ACOMP2
1597         select LZO_COMPRESS
1598         select LZO_DECOMPRESS
1599         help
1600           This is the LZO algorithm.
1601 
1602 config CRYPTO_842
1603         tristate "842 compression algorithm"
1604         select CRYPTO_ALGAPI
1605         select CRYPTO_ACOMP2
1606         select 842_COMPRESS
1607         select 842_DECOMPRESS
1608         help
1609           This is the 842 algorithm.
1610 
1611 config CRYPTO_LZ4
1612         tristate "LZ4 compression algorithm"
1613         select CRYPTO_ALGAPI
1614         select CRYPTO_ACOMP2
1615         select LZ4_COMPRESS
1616         select LZ4_DECOMPRESS
1617         help
1618           This is the LZ4 algorithm.
1619 
1620 config CRYPTO_LZ4HC
1621         tristate "LZ4HC compression algorithm"
1622         select CRYPTO_ALGAPI
1623         select CRYPTO_ACOMP2
1624         select LZ4HC_COMPRESS
1625         select LZ4_DECOMPRESS
1626         help
1627           This is the LZ4 high compression mode algorithm.
1628 
1629 comment "Random Number Generation"
1630 
1631 config CRYPTO_ANSI_CPRNG
1632         tristate "Pseudo Random Number Generation for Cryptographic modules"
1633         select CRYPTO_AES
1634         select CRYPTO_RNG
1635         help
1636           This option enables the generic pseudo random number generator
1637           for cryptographic modules.  Uses the Algorithm specified in
1638           ANSI X9.31 A.2.4. Note that this option must be enabled if
1639           CRYPTO_FIPS is selected
1640 
1641 menuconfig CRYPTO_DRBG_MENU
1642         tristate "NIST SP800-90A DRBG"
1643         help
1644           NIST SP800-90A compliant DRBG. In the following submenu, one or
1645           more of the DRBG types must be selected.
1646 
1647 if CRYPTO_DRBG_MENU
1648 
1649 config CRYPTO_DRBG_HMAC
1650         bool
1651         default y
1652         select CRYPTO_HMAC
1653         select CRYPTO_SHA256
1654 
1655 config CRYPTO_DRBG_HASH
1656         bool "Enable Hash DRBG"
1657         select CRYPTO_SHA256
1658         help
1659           Enable the Hash DRBG variant as defined in NIST SP800-90A.
1660 
1661 config CRYPTO_DRBG_CTR
1662         bool "Enable CTR DRBG"
1663         select CRYPTO_AES
1664         depends on CRYPTO_CTR
1665         help
1666           Enable the CTR DRBG variant as defined in NIST SP800-90A.
1667 
1668 config CRYPTO_DRBG
1669         tristate
1670         default CRYPTO_DRBG_MENU
1671         select CRYPTO_RNG
1672         select CRYPTO_JITTERENTROPY
1673 
1674 endif   # if CRYPTO_DRBG_MENU
1675 
1676 config CRYPTO_JITTERENTROPY
1677         tristate "Jitterentropy Non-Deterministic Random Number Generator"
1678         select CRYPTO_RNG
1679         help
1680           The Jitterentropy RNG is a noise that is intended
1681           to provide seed to another RNG. The RNG does not
1682           perform any cryptographic whitening of the generated
1683           random numbers. This Jitterentropy RNG registers with
1684           the kernel crypto API and can be used by any caller.
1685 
1686 config CRYPTO_USER_API
1687         tristate
1688 
1689 config CRYPTO_USER_API_HASH
1690         tristate "User-space interface for hash algorithms"
1691         depends on NET
1692         select CRYPTO_HASH
1693         select CRYPTO_USER_API
1694         help
1695           This option enables the user-spaces interface for hash
1696           algorithms.
1697 
1698 config CRYPTO_USER_API_SKCIPHER
1699         tristate "User-space interface for symmetric key cipher algorithms"
1700         depends on NET
1701         select CRYPTO_BLKCIPHER
1702         select CRYPTO_USER_API
1703         help
1704           This option enables the user-spaces interface for symmetric
1705           key cipher algorithms.
1706 
1707 config CRYPTO_USER_API_RNG
1708         tristate "User-space interface for random number generator algorithms"
1709         depends on NET
1710         select CRYPTO_RNG
1711         select CRYPTO_USER_API
1712         help
1713           This option enables the user-spaces interface for random
1714           number generator algorithms.
1715 
1716 config CRYPTO_USER_API_AEAD
1717         tristate "User-space interface for AEAD cipher algorithms"
1718         depends on NET
1719         select CRYPTO_AEAD
1720         select CRYPTO_USER_API
1721         help
1722           This option enables the user-spaces interface for AEAD
1723           cipher algorithms.
1724 
1725 config CRYPTO_HASH_INFO
1726         bool
1727 
1728 source "drivers/crypto/Kconfig"
1729 source crypto/asymmetric_keys/Kconfig
1730 source certs/Kconfig
1731 
1732 endif   # if CRYPTO

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us