blob: be5d3128f8a81f1063cc3834d824868afb48d77c [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001#
Dan Williams685784a2007-07-09 11:56:42 -07002# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
7#
Dan Williams9bc89cd2007-01-02 11:10:44 -07008# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
Linus Torvalds1da177e2005-04-16 15:20:36 -070013# Cryptographic API Configuration
14#
Jan Engelhardt2e290f42007-05-18 15:11:01 +100015menuconfig CRYPTO
Sebastian Siewiorc3715cb92008-03-30 16:36:09 +080016 tristate "Cryptographic API"
Linus Torvalds1da177e2005-04-16 15:20:36 -070017 help
18 This option provides the core Cryptographic API.
19
Herbert Xucce9e062006-08-21 21:08:13 +100020if CRYPTO
21
Sebastian Siewior584fffc2008-04-05 21:04:48 +080022comment "Crypto core or helper"
23
Neil Hormanccb778e2008-08-05 14:13:08 +080024config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 help
27 This options enables the fips boot option which is
28 required if you want to system to operate in a FIPS 200
29 certification. You should say no unless you know what
30 this is.
31
Herbert Xucce9e062006-08-21 21:08:13 +100032config CRYPTO_ALGAPI
33 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110034 select CRYPTO_ALGAPI2
Herbert Xucce9e062006-08-21 21:08:13 +100035 help
36 This option provides the API for cryptographic algorithms.
37
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110038config CRYPTO_ALGAPI2
39 tristate
40
Herbert Xu1ae97822007-08-30 15:36:14 +080041config CRYPTO_AEAD
42 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110043 select CRYPTO_AEAD2
Herbert Xu1ae97822007-08-30 15:36:14 +080044 select CRYPTO_ALGAPI
45
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110046config CRYPTO_AEAD2
47 tristate
48 select CRYPTO_ALGAPI2
49
Herbert Xu5cde0af2006-08-22 00:07:53 +100050config CRYPTO_BLKCIPHER
51 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110052 select CRYPTO_BLKCIPHER2
Herbert Xu5cde0af2006-08-22 00:07:53 +100053 select CRYPTO_ALGAPI
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110054
55config CRYPTO_BLKCIPHER2
56 tristate
57 select CRYPTO_ALGAPI2
58 select CRYPTO_RNG2
Huang Ying0a2e8212009-02-19 14:44:02 +080059 select CRYPTO_WORKQUEUE
Herbert Xu5cde0af2006-08-22 00:07:53 +100060
Herbert Xu055bcee2006-08-19 22:24:23 +100061config CRYPTO_HASH
62 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110063 select CRYPTO_HASH2
Herbert Xu055bcee2006-08-19 22:24:23 +100064 select CRYPTO_ALGAPI
65
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110066config CRYPTO_HASH2
67 tristate
68 select CRYPTO_ALGAPI2
69
Neil Horman17f0f4a2008-08-14 22:15:52 +100070config CRYPTO_RNG
71 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110072 select CRYPTO_RNG2
Neil Horman17f0f4a2008-08-14 22:15:52 +100073 select CRYPTO_ALGAPI
74
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110075config CRYPTO_RNG2
76 tristate
77 select CRYPTO_ALGAPI2
78
Geert Uytterhoevena1d2f092009-03-04 15:05:33 +080079config CRYPTO_PCOMP
80 tristate
81 select CRYPTO_ALGAPI2
82
Herbert Xu2b8c19d2006-09-21 11:31:44 +100083config CRYPTO_MANAGER
84 tristate "Cryptographic algorithm manager"
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110085 select CRYPTO_MANAGER2
Herbert Xu2b8c19d2006-09-21 11:31:44 +100086 help
87 Create default cryptographic template instantiations such as
88 cbc(aes).
89
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110090config CRYPTO_MANAGER2
91 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
92 select CRYPTO_AEAD2
93 select CRYPTO_HASH2
94 select CRYPTO_BLKCIPHER2
95
Rik Snelc494e072006-11-29 18:59:44 +110096config CRYPTO_GF128MUL
97 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
98 depends on EXPERIMENTAL
99 help
100 Efficient table driven implementation of multiplications in the
101 field GF(2^128). This is needed by some cypher modes. This
102 option will be selected automatically if you select such a
103 cipher mode. Only select this option by hand if you expect to load
104 an external module that requires these functions.
105
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800106config CRYPTO_NULL
107 tristate "Null algorithms"
108 select CRYPTO_ALGAPI
109 select CRYPTO_BLKCIPHER
Herbert Xud35d2452008-11-08 08:09:56 +0800110 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800111 help
112 These are 'Null' algorithms, used by IPsec, which do nothing.
113
Huang Ying25c38d32009-02-19 14:33:40 +0800114config CRYPTO_WORKQUEUE
115 tristate
116
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800117config CRYPTO_CRYPTD
118 tristate "Software async crypto daemon"
Herbert Xudb131ef2006-09-21 11:44:08 +1000119 select CRYPTO_BLKCIPHER
Loc Hob8a28252008-05-14 21:23:00 +0800120 select CRYPTO_HASH
Herbert Xu43518402006-10-16 21:28:58 +1000121 select CRYPTO_MANAGER
Huang Ying254eff72009-02-19 14:42:19 +0800122 select CRYPTO_WORKQUEUE
Herbert Xudb131ef2006-09-21 11:44:08 +1000123 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800124 This is a generic software asynchronous crypto daemon that
125 converts an arbitrary synchronous software crypto algorithm
126 into an asynchronous algorithm that executes in a kernel thread.
127
128config CRYPTO_AUTHENC
129 tristate "Authenc support"
130 select CRYPTO_AEAD
131 select CRYPTO_BLKCIPHER
132 select CRYPTO_MANAGER
133 select CRYPTO_HASH
134 help
135 Authenc: Combined mode wrapper for IPsec.
136 This is required for IPSec.
137
138config CRYPTO_TEST
139 tristate "Testing module"
140 depends on m
Herbert Xuda7f0332008-07-31 17:08:25 +0800141 select CRYPTO_MANAGER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800142 help
143 Quick & dirty crypto test module.
144
145comment "Authenticated Encryption with Associated Data"
146
147config CRYPTO_CCM
148 tristate "CCM support"
149 select CRYPTO_CTR
150 select CRYPTO_AEAD
151 help
152 Support for Counter with CBC MAC. Required for IPsec.
153
154config CRYPTO_GCM
155 tristate "GCM/GMAC support"
156 select CRYPTO_CTR
157 select CRYPTO_AEAD
158 select CRYPTO_GF128MUL
159 help
160 Support for Galois/Counter Mode (GCM) and Galois Message
161 Authentication Code (GMAC). Required for IPSec.
162
163config CRYPTO_SEQIV
164 tristate "Sequence Number IV Generator"
165 select CRYPTO_AEAD
166 select CRYPTO_BLKCIPHER
Herbert Xua0f000e2008-08-14 22:21:31 +1000167 select CRYPTO_RNG
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800168 help
169 This IV generator generates an IV based on a sequence number by
170 xoring it with a salt. This algorithm is mainly useful for CTR
171
172comment "Block modes"
Herbert Xudb131ef2006-09-21 11:44:08 +1000173
174config CRYPTO_CBC
175 tristate "CBC support"
176 select CRYPTO_BLKCIPHER
Herbert Xu43518402006-10-16 21:28:58 +1000177 select CRYPTO_MANAGER
Herbert Xudb131ef2006-09-21 11:44:08 +1000178 help
179 CBC: Cipher Block Chaining mode
180 This block cipher algorithm is required for IPSec.
181
Joy Latten23e353c2007-10-23 08:50:32 +0800182config CRYPTO_CTR
183 tristate "CTR support"
184 select CRYPTO_BLKCIPHER
Herbert Xu0a270322007-11-30 21:38:37 +1100185 select CRYPTO_SEQIV
Joy Latten23e353c2007-10-23 08:50:32 +0800186 select CRYPTO_MANAGER
Joy Latten23e353c2007-10-23 08:50:32 +0800187 help
188 CTR: Counter mode
189 This block cipher algorithm is required for IPSec.
190
Kevin Coffman76cb9522008-03-24 21:26:16 +0800191config CRYPTO_CTS
192 tristate "CTS support"
193 select CRYPTO_BLKCIPHER
194 help
195 CTS: Cipher Text Stealing
196 This is the Cipher Text Stealing mode as described by
197 Section 8 of rfc2040 and referenced by rfc3962.
198 (rfc3962 includes errata information in its Appendix A)
199 This mode is required for Kerberos gss mechanism support
200 for AES encryption.
201
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800202config CRYPTO_ECB
203 tristate "ECB support"
Herbert Xu653ebd92007-11-27 19:48:27 +0800204 select CRYPTO_BLKCIPHER
Herbert Xu124b53d2007-04-16 20:49:20 +1000205 select CRYPTO_MANAGER
206 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800207 ECB: Electronic CodeBook mode
208 This is the simplest block cipher algorithm. It simply encrypts
209 the input block by block.
Herbert Xu124b53d2007-04-16 20:49:20 +1000210
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800211config CRYPTO_LRW
212 tristate "LRW support (EXPERIMENTAL)"
213 depends on EXPERIMENTAL
David Howells90831632006-12-16 12:13:14 +1100214 select CRYPTO_BLKCIPHER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800215 select CRYPTO_MANAGER
216 select CRYPTO_GF128MUL
David Howells90831632006-12-16 12:13:14 +1100217 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800218 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
219 narrow block cipher mode for dm-crypt. Use it with cipher
220 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
221 The first 128, 192 or 256 bits in the key are used for AES and the
222 rest is used to tie each cipher block to its logical position.
David Howells90831632006-12-16 12:13:14 +1100223
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800224config CRYPTO_PCBC
225 tristate "PCBC support"
226 select CRYPTO_BLKCIPHER
227 select CRYPTO_MANAGER
228 help
229 PCBC: Propagating Cipher Block Chaining mode
230 This block cipher algorithm is required for RxRPC.
231
232config CRYPTO_XTS
233 tristate "XTS support (EXPERIMENTAL)"
234 depends on EXPERIMENTAL
235 select CRYPTO_BLKCIPHER
236 select CRYPTO_MANAGER
237 select CRYPTO_GF128MUL
238 help
239 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
240 key size 256, 384 or 512 bits. This implementation currently
241 can't handle a sectorsize which is not a multiple of 16 bytes.
242
243comment "Hash modes"
244
245config CRYPTO_HMAC
246 tristate "HMAC support"
247 select CRYPTO_HASH
248 select CRYPTO_MANAGER
249 help
250 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
251 This is required for IPSec.
252
253config CRYPTO_XCBC
254 tristate "XCBC support"
255 depends on EXPERIMENTAL
256 select CRYPTO_HASH
257 select CRYPTO_MANAGER
258 help
259 XCBC: Keyed-Hashing with encryption algorithm
260 http://www.ietf.org/rfc/rfc3566.txt
261 http://csrc.nist.gov/encryption/modes/proposedmodes/
262 xcbc-mac/xcbc-mac-spec.pdf
263
264comment "Digest"
265
266config CRYPTO_CRC32C
267 tristate "CRC32c CRC algorithm"
Herbert Xu5773a3e2008-07-08 20:54:28 +0800268 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800269 help
270 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
271 by iSCSI for header and data digests and by others.
Herbert Xu69c35ef2008-11-07 15:11:47 +0800272 See Castagnoli93. Module will be crc32c.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800273
Austin Zhang8cb51ba2008-08-07 09:57:03 +0800274config CRYPTO_CRC32C_INTEL
275 tristate "CRC32c INTEL hardware acceleration"
276 depends on X86
277 select CRYPTO_HASH
278 help
279 In Intel processor with SSE4.2 supported, the processor will
280 support CRC32C implementation using hardware accelerated CRC32
281 instruction. This option will create 'crc32c-intel' module,
282 which will enable any routine to use the CRC32 instruction to
283 gain performance compared with software implementation.
284 Module will be crc32c-intel.
285
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800286config CRYPTO_MD4
287 tristate "MD4 digest algorithm"
Adrian-Ken Rueegsegger808a1762008-12-03 19:55:27 +0800288 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700289 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800290 MD4 message digest algorithm (RFC1320).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700291
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800292config CRYPTO_MD5
293 tristate "MD5 digest algorithm"
Adrian-Ken Rueegsegger14b75ba2008-12-03 19:57:12 +0800294 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700295 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800296 MD5 message digest algorithm (RFC1321).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700297
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800298config CRYPTO_MICHAEL_MIC
299 tristate "Michael MIC keyed digest algorithm"
Adrian-Ken Rueegsegger19e2bf12008-12-07 19:35:38 +0800300 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800301 help
302 Michael MIC is used for message integrity protection in TKIP
303 (IEEE 802.11i). This algorithm is required for TKIP, but it
304 should not be used for other purposes because of the weakness
305 of the algorithm.
306
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800307config CRYPTO_RMD128
Adrian Bunkb6d44342008-07-16 19:28:00 +0800308 tristate "RIPEMD-128 digest algorithm"
Herbert Xu7c4468b2008-11-08 09:10:40 +0800309 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800310 help
311 RIPEMD-128 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800312
Adrian Bunkb6d44342008-07-16 19:28:00 +0800313 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
314 to be used as a secure replacement for RIPEMD. For other use cases
315 RIPEMD-160 should be used.
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800316
Adrian Bunkb6d44342008-07-16 19:28:00 +0800317 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
318 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800319
320config CRYPTO_RMD160
Adrian Bunkb6d44342008-07-16 19:28:00 +0800321 tristate "RIPEMD-160 digest algorithm"
Herbert Xue5835fb2008-11-08 09:18:51 +0800322 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800323 help
324 RIPEMD-160 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800325
Adrian Bunkb6d44342008-07-16 19:28:00 +0800326 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
327 to be used as a secure replacement for the 128-bit hash functions
328 MD4, MD5 and it's predecessor RIPEMD
329 (not to be confused with RIPEMD-128).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800330
Adrian Bunkb6d44342008-07-16 19:28:00 +0800331 It's speed is comparable to SHA1 and there are no known attacks
332 against RIPEMD-160.
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800333
Adrian Bunkb6d44342008-07-16 19:28:00 +0800334 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
335 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800336
337config CRYPTO_RMD256
Adrian Bunkb6d44342008-07-16 19:28:00 +0800338 tristate "RIPEMD-256 digest algorithm"
Herbert Xud8a5e2e2008-11-08 09:58:10 +0800339 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800340 help
341 RIPEMD-256 is an optional extension of RIPEMD-128 with a
342 256 bit hash. It is intended for applications that require
343 longer hash-results, without needing a larger security level
344 (than RIPEMD-128).
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800345
Adrian Bunkb6d44342008-07-16 19:28:00 +0800346 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
347 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800348
349config CRYPTO_RMD320
Adrian Bunkb6d44342008-07-16 19:28:00 +0800350 tristate "RIPEMD-320 digest algorithm"
Herbert Xu3b8efb42008-11-08 10:11:09 +0800351 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800352 help
353 RIPEMD-320 is an optional extension of RIPEMD-160 with a
354 320 bit hash. It is intended for applications that require
355 longer hash-results, without needing a larger security level
356 (than RIPEMD-160).
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800357
Adrian Bunkb6d44342008-07-16 19:28:00 +0800358 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
359 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800360
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800361config CRYPTO_SHA1
362 tristate "SHA1 digest algorithm"
Adrian-Ken Rueegsegger54ccb362008-12-02 21:08:20 +0800363 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800364 help
365 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
366
367config CRYPTO_SHA256
368 tristate "SHA224 and SHA256 digest algorithm"
Adrian-Ken Rueegsegger50e109b52008-12-03 19:57:49 +0800369 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800370 help
371 SHA256 secure hash standard (DFIPS 180-2).
372
373 This version of SHA implements a 256 bit hash with 128 bits of
374 security against collision attacks.
375
Adrian Bunkb6d44342008-07-16 19:28:00 +0800376 This code also includes SHA-224, a 224 bit hash with 112 bits
377 of security against collision attacks.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800378
379config CRYPTO_SHA512
380 tristate "SHA384 and SHA512 digest algorithms"
Adrian-Ken Rueegseggerbd9d20d2008-12-17 16:49:02 +1100381 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800382 help
383 SHA512 secure hash standard (DFIPS 180-2).
384
385 This version of SHA implements a 512 bit hash with 256 bits of
386 security against collision attacks.
387
388 This code also includes SHA-384, a 384 bit hash with 192 bits
389 of security against collision attacks.
390
391config CRYPTO_TGR192
392 tristate "Tiger digest algorithms"
Adrian-Ken Rueegseggerf63fbd32008-12-03 19:58:32 +0800393 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800394 help
395 Tiger hash algorithm 192, 160 and 128-bit hashes
396
397 Tiger is a hash function optimized for 64-bit processors while
398 still having decent performance on 32-bit processors.
399 Tiger was developed by Ross Anderson and Eli Biham.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700400
401 See also:
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800402 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
403
404config CRYPTO_WP512
405 tristate "Whirlpool digest algorithms"
Adrian-Ken Rueegsegger49465102008-12-07 19:34:37 +0800406 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800407 help
408 Whirlpool hash algorithm 512, 384 and 256-bit hashes
409
410 Whirlpool-512 is part of the NESSIE cryptographic primitives.
411 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
412
413 See also:
414 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
415
416comment "Ciphers"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700417
418config CRYPTO_AES
419 tristate "AES cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000420 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700421 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800422 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700423 algorithm.
424
425 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800426 both hardware and software across a wide range of computing
427 environments regardless of its use in feedback or non-feedback
428 modes. Its key setup time is excellent, and its key agility is
429 good. Rijndael's very low memory requirements make it very well
430 suited for restricted-space environments, in which it also
431 demonstrates excellent performance. Rijndael's operations are
432 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700433
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800434 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700435
436 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
437
438config CRYPTO_AES_586
439 tristate "AES cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000440 depends on (X86 || UML_X86) && !64BIT
441 select CRYPTO_ALGAPI
Sebastian Siewior5157dea2007-11-10 19:07:16 +0800442 select CRYPTO_AES
Linus Torvalds1da177e2005-04-16 15:20:36 -0700443 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800444 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700445 algorithm.
446
447 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800448 both hardware and software across a wide range of computing
449 environments regardless of its use in feedback or non-feedback
450 modes. Its key setup time is excellent, and its key agility is
451 good. Rijndael's very low memory requirements make it very well
452 suited for restricted-space environments, in which it also
453 demonstrates excellent performance. Rijndael's operations are
454 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700455
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800456 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700457
458 See <http://csrc.nist.gov/encryption/aes/> for more information.
459
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700460config CRYPTO_AES_X86_64
461 tristate "AES cipher algorithms (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000462 depends on (X86 || UML_X86) && 64BIT
463 select CRYPTO_ALGAPI
Sebastian Siewior81190b32007-11-08 21:25:04 +0800464 select CRYPTO_AES
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700465 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800466 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700467 algorithm.
468
469 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800470 both hardware and software across a wide range of computing
471 environments regardless of its use in feedback or non-feedback
472 modes. Its key setup time is excellent, and its key agility is
473 good. Rijndael's very low memory requirements make it very well
474 suited for restricted-space environments, in which it also
475 demonstrates excellent performance. Rijndael's operations are
476 among the easiest to defend against power and timing attacks.
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700477
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800478 The AES specifies three key sizes: 128, 192 and 256 bits
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700479
480 See <http://csrc.nist.gov/encryption/aes/> for more information.
481
Huang Ying54b6a1b2009-01-18 16:28:34 +1100482config CRYPTO_AES_NI_INTEL
483 tristate "AES cipher algorithms (AES-NI)"
484 depends on (X86 || UML_X86) && 64BIT
485 select CRYPTO_AES_X86_64
486 select CRYPTO_CRYPTD
487 select CRYPTO_ALGAPI
488 help
489 Use Intel AES-NI instructions for AES algorithm.
490
491 AES cipher algorithms (FIPS-197). AES uses the Rijndael
492 algorithm.
493
494 Rijndael appears to be consistently a very good performer in
495 both hardware and software across a wide range of computing
496 environments regardless of its use in feedback or non-feedback
497 modes. Its key setup time is excellent, and its key agility is
498 good. Rijndael's very low memory requirements make it very well
499 suited for restricted-space environments, in which it also
500 demonstrates excellent performance. Rijndael's operations are
501 among the easiest to defend against power and timing attacks.
502
503 The AES specifies three key sizes: 128, 192 and 256 bits
504
505 See <http://csrc.nist.gov/encryption/aes/> for more information.
506
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800507config CRYPTO_ANUBIS
508 tristate "Anubis cipher algorithm"
509 select CRYPTO_ALGAPI
510 help
511 Anubis cipher algorithm.
512
513 Anubis is a variable key length cipher which can use keys from
514 128 bits to 320 bits in length. It was evaluated as a entrant
515 in the NESSIE competition.
516
517 See also:
518 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
519 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
520
521config CRYPTO_ARC4
522 tristate "ARC4 cipher algorithm"
523 select CRYPTO_ALGAPI
524 help
525 ARC4 cipher algorithm.
526
527 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
528 bits in length. This algorithm is required for driver-based
529 WEP, but it should not be for other purposes because of the
530 weakness of the algorithm.
531
532config CRYPTO_BLOWFISH
533 tristate "Blowfish cipher algorithm"
534 select CRYPTO_ALGAPI
535 help
536 Blowfish cipher algorithm, by Bruce Schneier.
537
538 This is a variable key length cipher which can use keys from 32
539 bits to 448 bits in length. It's fast, simple and specifically
540 designed for use on "large microprocessors".
541
542 See also:
543 <http://www.schneier.com/blowfish.html>
544
545config CRYPTO_CAMELLIA
546 tristate "Camellia cipher algorithms"
547 depends on CRYPTO
548 select CRYPTO_ALGAPI
549 help
550 Camellia cipher algorithms module.
551
552 Camellia is a symmetric key block cipher developed jointly
553 at NTT and Mitsubishi Electric Corporation.
554
555 The Camellia specifies three key sizes: 128, 192 and 256 bits.
556
557 See also:
558 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
559
Linus Torvalds1da177e2005-04-16 15:20:36 -0700560config CRYPTO_CAST5
561 tristate "CAST5 (CAST-128) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000562 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700563 help
564 The CAST5 encryption algorithm (synonymous with CAST-128) is
565 described in RFC2144.
566
567config CRYPTO_CAST6
568 tristate "CAST6 (CAST-256) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000569 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700570 help
571 The CAST6 encryption algorithm (synonymous with CAST-256) is
572 described in RFC2612.
573
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800574config CRYPTO_DES
575 tristate "DES and Triple DES EDE cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000576 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700577 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800578 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700579
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800580config CRYPTO_FCRYPT
581 tristate "FCrypt cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000582 select CRYPTO_ALGAPI
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800583 select CRYPTO_BLKCIPHER
Linus Torvalds1da177e2005-04-16 15:20:36 -0700584 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800585 FCrypt algorithm used by RxRPC.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700586
587config CRYPTO_KHAZAD
588 tristate "Khazad cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000589 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700590 help
591 Khazad cipher algorithm.
592
593 Khazad was a finalist in the initial NESSIE competition. It is
594 an algorithm optimized for 64-bit processors with good performance
595 on 32-bit processors. Khazad uses an 128 bit key size.
596
597 See also:
598 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
599
Tan Swee Heng2407d602007-11-23 19:45:00 +0800600config CRYPTO_SALSA20
601 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
602 depends on EXPERIMENTAL
603 select CRYPTO_BLKCIPHER
604 help
605 Salsa20 stream cipher algorithm.
606
607 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
608 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
609
610 The Salsa20 stream cipher algorithm is designed by Daniel J.
611 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700612
Tan Swee Heng974e4b72007-12-10 15:52:56 +0800613config CRYPTO_SALSA20_586
614 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
615 depends on (X86 || UML_X86) && !64BIT
616 depends on EXPERIMENTAL
617 select CRYPTO_BLKCIPHER
Tan Swee Heng974e4b72007-12-10 15:52:56 +0800618 help
619 Salsa20 stream cipher algorithm.
620
621 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
622 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
623
624 The Salsa20 stream cipher algorithm is designed by Daniel J.
625 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
626
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +0800627config CRYPTO_SALSA20_X86_64
628 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
629 depends on (X86 || UML_X86) && 64BIT
630 depends on EXPERIMENTAL
631 select CRYPTO_BLKCIPHER
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +0800632 help
633 Salsa20 stream cipher algorithm.
634
635 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
636 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
637
638 The Salsa20 stream cipher algorithm is designed by Daniel J.
639 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
640
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800641config CRYPTO_SEED
642 tristate "SEED cipher algorithm"
643 select CRYPTO_ALGAPI
644 help
645 SEED cipher algorithm (RFC4269).
646
647 SEED is a 128-bit symmetric key block cipher that has been
648 developed by KISA (Korea Information Security Agency) as a
649 national standard encryption algorithm of the Republic of Korea.
650 It is a 16 round block cipher with the key size of 128 bit.
651
652 See also:
653 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
654
655config CRYPTO_SERPENT
656 tristate "Serpent cipher algorithm"
657 select CRYPTO_ALGAPI
658 help
659 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
660
661 Keys are allowed to be from 0 to 256 bits in length, in steps
662 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
663 variant of Serpent for compatibility with old kerneli.org code.
664
665 See also:
666 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
667
668config CRYPTO_TEA
669 tristate "TEA, XTEA and XETA cipher algorithms"
670 select CRYPTO_ALGAPI
671 help
672 TEA cipher algorithm.
673
674 Tiny Encryption Algorithm is a simple cipher that uses
675 many rounds for security. It is very fast and uses
676 little memory.
677
678 Xtendend Tiny Encryption Algorithm is a modification to
679 the TEA algorithm to address a potential key weakness
680 in the TEA algorithm.
681
682 Xtendend Encryption Tiny Algorithm is a mis-implementation
683 of the XTEA algorithm for compatibility purposes.
684
685config CRYPTO_TWOFISH
686 tristate "Twofish cipher algorithm"
687 select CRYPTO_ALGAPI
688 select CRYPTO_TWOFISH_COMMON
689 help
690 Twofish cipher algorithm.
691
692 Twofish was submitted as an AES (Advanced Encryption Standard)
693 candidate cipher by researchers at CounterPane Systems. It is a
694 16 round block cipher supporting key sizes of 128, 192, and 256
695 bits.
696
697 See also:
698 <http://www.schneier.com/twofish.html>
699
700config CRYPTO_TWOFISH_COMMON
701 tristate
702 help
703 Common parts of the Twofish cipher algorithm shared by the
704 generic c and the assembler implementations.
705
706config CRYPTO_TWOFISH_586
707 tristate "Twofish cipher algorithms (i586)"
708 depends on (X86 || UML_X86) && !64BIT
709 select CRYPTO_ALGAPI
710 select CRYPTO_TWOFISH_COMMON
711 help
712 Twofish cipher algorithm.
713
714 Twofish was submitted as an AES (Advanced Encryption Standard)
715 candidate cipher by researchers at CounterPane Systems. It is a
716 16 round block cipher supporting key sizes of 128, 192, and 256
717 bits.
718
719 See also:
720 <http://www.schneier.com/twofish.html>
721
722config CRYPTO_TWOFISH_X86_64
723 tristate "Twofish cipher algorithm (x86_64)"
724 depends on (X86 || UML_X86) && 64BIT
725 select CRYPTO_ALGAPI
726 select CRYPTO_TWOFISH_COMMON
727 help
728 Twofish cipher algorithm (x86_64).
729
730 Twofish was submitted as an AES (Advanced Encryption Standard)
731 candidate cipher by researchers at CounterPane Systems. It is a
732 16 round block cipher supporting key sizes of 128, 192, and 256
733 bits.
734
735 See also:
736 <http://www.schneier.com/twofish.html>
737
738comment "Compression"
739
Linus Torvalds1da177e2005-04-16 15:20:36 -0700740config CRYPTO_DEFLATE
741 tristate "Deflate compression algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000742 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700743 select ZLIB_INFLATE
744 select ZLIB_DEFLATE
745 help
746 This is the Deflate algorithm (RFC1951), specified for use in
747 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800748
Linus Torvalds1da177e2005-04-16 15:20:36 -0700749 You will most probably want this if using IPSec.
750
Geert Uytterhoevenbf68e652009-03-04 15:15:49 +0800751config CRYPTO_ZLIB
752 tristate "Zlib compression algorithm"
753 select CRYPTO_PCOMP
754 select ZLIB_INFLATE
755 select ZLIB_DEFLATE
756 select NLATTR
757 help
758 This is the zlib algorithm.
759
Zoltan Sogor0b77abb2007-12-07 16:53:23 +0800760config CRYPTO_LZO
761 tristate "LZO compression algorithm"
762 select CRYPTO_ALGAPI
763 select LZO_COMPRESS
764 select LZO_DECOMPRESS
765 help
766 This is the LZO algorithm.
767
Neil Horman17f0f4a2008-08-14 22:15:52 +1000768comment "Random Number Generation"
769
770config CRYPTO_ANSI_CPRNG
771 tristate "Pseudo Random Number Generation for Cryptographic modules"
772 select CRYPTO_AES
773 select CRYPTO_RNG
774 select CRYPTO_FIPS
775 help
776 This option enables the generic pseudo random number generator
777 for cryptographic modules. Uses the Algorithm specified in
778 ANSI X9.31 A.2.4
779
Linus Torvalds1da177e2005-04-16 15:20:36 -0700780source "drivers/crypto/Kconfig"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700781
Herbert Xucce9e062006-08-21 21:08:13 +1000782endif # if CRYPTO