blob: 60ece1b8bfd390bc3767f90d532006dd82a89acb [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001#
Dan Williams685784a2007-07-09 11:56:42 -07002# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
7#
Dan Williams9bc89cd2007-01-02 11:10:44 -07008# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
Linus Torvalds1da177e2005-04-16 15:20:36 -070013# Cryptographic API Configuration
14#
Jan Engelhardt2e290f42007-05-18 15:11:01 +100015menuconfig CRYPTO
Sebastian Siewiorc3715cb92008-03-30 16:36:09 +080016 tristate "Cryptographic API"
Linus Torvalds1da177e2005-04-16 15:20:36 -070017 help
18 This option provides the core Cryptographic API.
19
Herbert Xucce9e062006-08-21 21:08:13 +100020if CRYPTO
21
Sebastian Siewior584fffc2008-04-05 21:04:48 +080022comment "Crypto core or helper"
23
Neil Hormanccb778e2008-08-05 14:13:08 +080024config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
Herbert Xuf2c89a12014-07-04 22:15:08 +080026 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
Jarod Wilson002c77a2014-07-02 15:37:30 -040027 depends on MODULE_SIG
Neil Hormanccb778e2008-08-05 14:13:08 +080028 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
Chuck Ebberte84c5482010-09-03 19:17:49 +080032 this is.
Neil Hormanccb778e2008-08-05 14:13:08 +080033
Herbert Xucce9e062006-08-21 21:08:13 +100034config CRYPTO_ALGAPI
35 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110036 select CRYPTO_ALGAPI2
Herbert Xucce9e062006-08-21 21:08:13 +100037 help
38 This option provides the API for cryptographic algorithms.
39
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110040config CRYPTO_ALGAPI2
41 tristate
42
Herbert Xu1ae97822007-08-30 15:36:14 +080043config CRYPTO_AEAD
44 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110045 select CRYPTO_AEAD2
Herbert Xu1ae97822007-08-30 15:36:14 +080046 select CRYPTO_ALGAPI
47
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110048config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
Herbert Xu149a3972015-08-13 17:28:58 +080051 select CRYPTO_NULL2
52 select CRYPTO_RNG2
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110053
Herbert Xu5cde0af2006-08-22 00:07:53 +100054config CRYPTO_BLKCIPHER
55 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110056 select CRYPTO_BLKCIPHER2
Herbert Xu5cde0af2006-08-22 00:07:53 +100057 select CRYPTO_ALGAPI
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110058
59config CRYPTO_BLKCIPHER2
60 tristate
61 select CRYPTO_ALGAPI2
62 select CRYPTO_RNG2
Huang Ying0a2e8212009-02-19 14:44:02 +080063 select CRYPTO_WORKQUEUE
Herbert Xu5cde0af2006-08-22 00:07:53 +100064
Herbert Xu055bcee2006-08-19 22:24:23 +100065config CRYPTO_HASH
66 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110067 select CRYPTO_HASH2
Herbert Xu055bcee2006-08-19 22:24:23 +100068 select CRYPTO_ALGAPI
69
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110070config CRYPTO_HASH2
71 tristate
72 select CRYPTO_ALGAPI2
73
Neil Horman17f0f4a2008-08-14 22:15:52 +100074config CRYPTO_RNG
75 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110076 select CRYPTO_RNG2
Neil Horman17f0f4a2008-08-14 22:15:52 +100077 select CRYPTO_ALGAPI
78
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110079config CRYPTO_RNG2
80 tristate
81 select CRYPTO_ALGAPI2
82
Herbert Xu401e4232015-06-03 14:49:31 +080083config CRYPTO_RNG_DEFAULT
84 tristate
85 select CRYPTO_DRBG_MENU
86
Tadeusz Struk3c339ab2015-06-16 10:30:55 -070087config CRYPTO_AKCIPHER2
88 tristate
89 select CRYPTO_ALGAPI2
90
91config CRYPTO_AKCIPHER
92 tristate
93 select CRYPTO_AKCIPHER2
94 select CRYPTO_ALGAPI
95
Salvatore Benedetto4e5f2c42016-06-22 17:49:13 +010096config CRYPTO_KPP2
97 tristate
98 select CRYPTO_ALGAPI2
99
100config CRYPTO_KPP
101 tristate
102 select CRYPTO_ALGAPI
103 select CRYPTO_KPP2
104
Tadeusz Strukcfc2bb32015-06-16 10:31:01 -0700105config CRYPTO_RSA
106 tristate "RSA algorithm"
Tadeusz Struk425e0172015-06-19 10:27:39 -0700107 select CRYPTO_AKCIPHER
Tadeusz Struk58446fe2016-05-04 06:38:46 -0700108 select CRYPTO_MANAGER
Tadeusz Strukcfc2bb32015-06-16 10:31:01 -0700109 select MPILIB
110 select ASN1
111 help
112 Generic implementation of the RSA public key algorithm.
113
Salvatore Benedetto802c7f12016-06-22 17:49:14 +0100114config CRYPTO_DH
115 tristate "Diffie-Hellman algorithm"
116 select CRYPTO_KPP
117 select MPILIB
118 help
119 Generic implementation of the Diffie-Hellman algorithm.
120
Salvatore Benedetto3c4b2392016-06-22 17:49:15 +0100121config CRYPTO_ECDH
122 tristate "ECDH algorithm"
Hauke Mehrtensf1803202017-11-26 00:16:46 +0100123 select CRYPTO_KPP
Salvatore Benedetto3c4b2392016-06-22 17:49:15 +0100124 help
125 Generic implementation of the ECDH algorithm
Salvatore Benedetto802c7f12016-06-22 17:49:14 +0100126
Herbert Xu2b8c19d2006-09-21 11:31:44 +1000127config CRYPTO_MANAGER
128 tristate "Cryptographic algorithm manager"
Herbert Xu6a0fcbb2008-12-10 23:29:44 +1100129 select CRYPTO_MANAGER2
Herbert Xu2b8c19d2006-09-21 11:31:44 +1000130 help
131 Create default cryptographic template instantiations such as
132 cbc(aes).
133
Herbert Xu6a0fcbb2008-12-10 23:29:44 +1100134config CRYPTO_MANAGER2
135 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
136 select CRYPTO_AEAD2
137 select CRYPTO_HASH2
138 select CRYPTO_BLKCIPHER2
Tadeusz Struk946cc462015-06-16 10:31:06 -0700139 select CRYPTO_AKCIPHER2
Salvatore Benedetto4e5f2c42016-06-22 17:49:13 +0100140 select CRYPTO_KPP2
Herbert Xu6a0fcbb2008-12-10 23:29:44 +1100141
Steffen Klasserta38f7902011-09-27 07:23:50 +0200142config CRYPTO_USER
143 tristate "Userspace cryptographic algorithm configuration"
Herbert Xu5db017a2011-11-01 12:12:43 +1100144 depends on NET
Steffen Klasserta38f7902011-09-27 07:23:50 +0200145 select CRYPTO_MANAGER
146 help
Valdis.Kletnieks@vt.edud19978f2011-11-09 01:29:20 -0500147 Userspace configuration for cryptographic instantiations such as
Steffen Klasserta38f7902011-09-27 07:23:50 +0200148 cbc(aes).
149
Herbert Xu326a6342010-08-06 09:40:28 +0800150config CRYPTO_MANAGER_DISABLE_TESTS
151 bool "Disable run-time self tests"
Herbert Xu00ca28a2010-08-06 10:34:00 +0800152 default y
153 depends on CRYPTO_MANAGER2
Alexander Shishkin0b767f92010-06-03 20:53:43 +1000154 help
Herbert Xu326a6342010-08-06 09:40:28 +0800155 Disable run-time self tests that normally take place at
156 algorithm registration.
Alexander Shishkin0b767f92010-06-03 20:53:43 +1000157
Rik Snelc494e072006-11-29 18:59:44 +1100158config CRYPTO_GF128MUL
Jussi Kivilinna08c70fc2011-12-13 12:53:22 +0200159 tristate "GF(2^128) multiplication functions"
Rik Snelc494e072006-11-29 18:59:44 +1100160 help
161 Efficient table driven implementation of multiplications in the
162 field GF(2^128). This is needed by some cypher modes. This
163 option will be selected automatically if you select such a
164 cipher mode. Only select this option by hand if you expect to load
165 an external module that requires these functions.
166
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800167config CRYPTO_NULL
168 tristate "Null algorithms"
Herbert Xu149a3972015-08-13 17:28:58 +0800169 select CRYPTO_NULL2
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800170 help
171 These are 'Null' algorithms, used by IPsec, which do nothing.
172
Herbert Xu149a3972015-08-13 17:28:58 +0800173config CRYPTO_NULL2
Herbert Xudd43c4e2015-08-17 20:39:40 +0800174 tristate
Herbert Xu149a3972015-08-13 17:28:58 +0800175 select CRYPTO_ALGAPI2
176 select CRYPTO_BLKCIPHER2
177 select CRYPTO_HASH2
178
Steffen Klassert5068c7a2010-01-07 15:57:19 +1100179config CRYPTO_PCRYPT
Kees Cook3b4afaf2012-10-02 11:16:49 -0700180 tristate "Parallel crypto engine"
181 depends on SMP
Steffen Klassert5068c7a2010-01-07 15:57:19 +1100182 select PADATA
183 select CRYPTO_MANAGER
184 select CRYPTO_AEAD
185 help
186 This converts an arbitrary crypto algorithm into a parallel
187 algorithm that executes in kernel threads.
188
Huang Ying25c38d32009-02-19 14:33:40 +0800189config CRYPTO_WORKQUEUE
190 tristate
191
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800192config CRYPTO_CRYPTD
193 tristate "Software async crypto daemon"
Herbert Xudb131ef2006-09-21 11:44:08 +1000194 select CRYPTO_BLKCIPHER
Loc Hob8a28252008-05-14 21:23:00 +0800195 select CRYPTO_HASH
Herbert Xu43518402006-10-16 21:28:58 +1000196 select CRYPTO_MANAGER
Huang Ying254eff72009-02-19 14:42:19 +0800197 select CRYPTO_WORKQUEUE
Herbert Xudb131ef2006-09-21 11:44:08 +1000198 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800199 This is a generic software asynchronous crypto daemon that
200 converts an arbitrary synchronous software crypto algorithm
201 into an asynchronous algorithm that executes in a kernel thread.
202
Tim Chen1e65b812014-07-31 10:29:51 -0700203config CRYPTO_MCRYPTD
204 tristate "Software async multi-buffer crypto daemon"
205 select CRYPTO_BLKCIPHER
206 select CRYPTO_HASH
207 select CRYPTO_MANAGER
208 select CRYPTO_WORKQUEUE
209 help
210 This is a generic software asynchronous crypto daemon that
211 provides the kernel thread to assist multi-buffer crypto
212 algorithms for submitting jobs and flushing jobs in multi-buffer
213 crypto algorithms. Multi-buffer crypto algorithms are executed
214 in the context of this kernel thread and drivers can post
Ted Percival0e566732014-09-04 15:18:21 +0800215 their crypto request asynchronously to be processed by this daemon.
Tim Chen1e65b812014-07-31 10:29:51 -0700216
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800217config CRYPTO_AUTHENC
218 tristate "Authenc support"
219 select CRYPTO_AEAD
220 select CRYPTO_BLKCIPHER
221 select CRYPTO_MANAGER
222 select CRYPTO_HASH
Herbert Xue94c6a72015-08-04 21:23:14 +0800223 select CRYPTO_NULL
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800224 help
225 Authenc: Combined mode wrapper for IPsec.
226 This is required for IPSec.
227
228config CRYPTO_TEST
229 tristate "Testing module"
230 depends on m
Herbert Xuda7f0332008-07-31 17:08:25 +0800231 select CRYPTO_MANAGER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800232 help
233 Quick & dirty crypto test module.
234
Ard Biesheuvela62b01c2013-09-20 09:55:40 +0200235config CRYPTO_ABLK_HELPER
Jussi Kivilinnaffaf9152012-06-18 14:06:58 +0300236 tristate
Jussi Kivilinnaffaf9152012-06-18 14:06:58 +0300237 select CRYPTO_CRYPTD
238
Jussi Kivilinna596d8752012-06-18 14:07:19 +0300239config CRYPTO_GLUE_HELPER_X86
240 tristate
241 depends on X86
242 select CRYPTO_ALGAPI
243
Baolin Wang735d37b2016-01-26 20:25:39 +0800244config CRYPTO_ENGINE
245 tristate
246
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800247comment "Authenticated Encryption with Associated Data"
248
249config CRYPTO_CCM
250 tristate "CCM support"
251 select CRYPTO_CTR
252 select CRYPTO_AEAD
253 help
254 Support for Counter with CBC MAC. Required for IPsec.
255
256config CRYPTO_GCM
257 tristate "GCM/GMAC support"
258 select CRYPTO_CTR
259 select CRYPTO_AEAD
Huang Ying9382d972009-08-06 15:34:26 +1000260 select CRYPTO_GHASH
Jussi Kivilinna9489667d2013-04-07 16:43:41 +0300261 select CRYPTO_NULL
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800262 help
263 Support for Galois/Counter Mode (GCM) and Galois Message
264 Authentication Code (GMAC). Required for IPSec.
265
Martin Willi71ebc4d2015-06-01 13:44:00 +0200266config CRYPTO_CHACHA20POLY1305
267 tristate "ChaCha20-Poly1305 AEAD support"
268 select CRYPTO_CHACHA20
269 select CRYPTO_POLY1305
270 select CRYPTO_AEAD
271 help
272 ChaCha20-Poly1305 AEAD support, RFC7539.
273
274 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
275 with the Poly1305 authenticator. It is defined in RFC7539 for use in
276 IETF protocols.
277
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800278config CRYPTO_SEQIV
279 tristate "Sequence Number IV Generator"
280 select CRYPTO_AEAD
281 select CRYPTO_BLKCIPHER
Herbert Xu856e3f402015-05-21 15:11:13 +0800282 select CRYPTO_NULL
Herbert Xu401e4232015-06-03 14:49:31 +0800283 select CRYPTO_RNG_DEFAULT
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800284 help
285 This IV generator generates an IV based on a sequence number by
286 xoring it with a salt. This algorithm is mainly useful for CTR
287
Herbert Xua10f5542015-05-21 15:11:15 +0800288config CRYPTO_ECHAINIV
289 tristate "Encrypted Chain IV Generator"
290 select CRYPTO_AEAD
291 select CRYPTO_NULL
Herbert Xu401e4232015-06-03 14:49:31 +0800292 select CRYPTO_RNG_DEFAULT
Herbert Xu34912442015-06-03 14:49:29 +0800293 default m
Herbert Xua10f5542015-05-21 15:11:15 +0800294 help
295 This IV generator generates an IV based on the encryption of
296 a sequence number xored with a salt. This is the default
297 algorithm for CBC.
298
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800299comment "Block modes"
Herbert Xudb131ef2006-09-21 11:44:08 +1000300
301config CRYPTO_CBC
302 tristate "CBC support"
303 select CRYPTO_BLKCIPHER
Herbert Xu43518402006-10-16 21:28:58 +1000304 select CRYPTO_MANAGER
Herbert Xudb131ef2006-09-21 11:44:08 +1000305 help
306 CBC: Cipher Block Chaining mode
307 This block cipher algorithm is required for IPSec.
308
Joy Latten23e353c2007-10-23 08:50:32 +0800309config CRYPTO_CTR
310 tristate "CTR support"
311 select CRYPTO_BLKCIPHER
Herbert Xu0a270322007-11-30 21:38:37 +1100312 select CRYPTO_SEQIV
Joy Latten23e353c2007-10-23 08:50:32 +0800313 select CRYPTO_MANAGER
Joy Latten23e353c2007-10-23 08:50:32 +0800314 help
315 CTR: Counter mode
316 This block cipher algorithm is required for IPSec.
317
Kevin Coffman76cb9522008-03-24 21:26:16 +0800318config CRYPTO_CTS
319 tristate "CTS support"
320 select CRYPTO_BLKCIPHER
321 help
322 CTS: Cipher Text Stealing
323 This is the Cipher Text Stealing mode as described by
324 Section 8 of rfc2040 and referenced by rfc3962.
325 (rfc3962 includes errata information in its Appendix A)
326 This mode is required for Kerberos gss mechanism support
327 for AES encryption.
328
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800329config CRYPTO_ECB
330 tristate "ECB support"
Herbert Xu653ebd92007-11-27 19:48:27 +0800331 select CRYPTO_BLKCIPHER
Herbert Xu124b53d2007-04-16 20:49:20 +1000332 select CRYPTO_MANAGER
333 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800334 ECB: Electronic CodeBook mode
335 This is the simplest block cipher algorithm. It simply encrypts
336 the input block by block.
Herbert Xu124b53d2007-04-16 20:49:20 +1000337
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800338config CRYPTO_LRW
Jussi Kivilinna2470a2b2011-12-13 12:52:51 +0200339 tristate "LRW support"
David Howells90831632006-12-16 12:13:14 +1100340 select CRYPTO_BLKCIPHER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800341 select CRYPTO_MANAGER
342 select CRYPTO_GF128MUL
David Howells90831632006-12-16 12:13:14 +1100343 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800344 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
345 narrow block cipher mode for dm-crypt. Use it with cipher
346 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
347 The first 128, 192 or 256 bits in the key are used for AES and the
348 rest is used to tie each cipher block to its logical position.
David Howells90831632006-12-16 12:13:14 +1100349
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800350config CRYPTO_PCBC
351 tristate "PCBC support"
352 select CRYPTO_BLKCIPHER
353 select CRYPTO_MANAGER
354 help
355 PCBC: Propagating Cipher Block Chaining mode
356 This block cipher algorithm is required for RxRPC.
357
358config CRYPTO_XTS
Jussi Kivilinna5bcf8e62011-12-13 12:52:56 +0200359 tristate "XTS support"
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800360 select CRYPTO_BLKCIPHER
361 select CRYPTO_MANAGER
362 select CRYPTO_GF128MUL
363 help
364 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
365 key size 256, 384 or 512 bits. This implementation currently
366 can't handle a sectorsize which is not a multiple of 16 bytes.
367
Stephan Mueller1c49678e2015-09-21 20:58:56 +0200368config CRYPTO_KEYWRAP
369 tristate "Key wrapping support"
370 select CRYPTO_BLKCIPHER
371 help
372 Support for key wrapping (NIST SP800-38F / RFC3394) without
373 padding.
374
Eric Biggers481f6612018-11-16 17:26:29 -0800375config CRYPTO_NHPOLY1305
376 tristate
377 select CRYPTO_HASH
378 select CRYPTO_POLY1305
379
Eric Biggersa73586b2018-11-16 17:26:31 -0800380config CRYPTO_ADIANTUM
381 tristate "Adiantum support"
382 select CRYPTO_CHACHA20
383 select CRYPTO_POLY1305
384 select CRYPTO_NHPOLY1305
385 help
386 Adiantum is a tweakable, length-preserving encryption mode
387 designed for fast and secure disk encryption, especially on
388 CPUs without dedicated crypto instructions. It encrypts
389 each sector using the XChaCha12 stream cipher, two passes of
390 an ε-almost-∆-universal hash function, and an invocation of
391 the AES-256 block cipher on a single 16-byte block. On CPUs
392 without AES instructions, Adiantum is much faster than
393 AES-XTS.
394
395 Adiantum's security is provably reducible to that of its
396 underlying stream and block ciphers, subject to a security
397 bound. Unlike XTS, Adiantum is a true wide-block encryption
398 mode, so it actually provides an even stronger notion of
399 security than XTS, subject to the security bound.
400
401 If unsure, say N.
402
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800403comment "Hash modes"
404
Jussi Kivilinna93b5e862013-04-08 10:48:44 +0300405config CRYPTO_CMAC
406 tristate "CMAC support"
407 select CRYPTO_HASH
408 select CRYPTO_MANAGER
409 help
410 Cipher-based Message Authentication Code (CMAC) specified by
411 The National Institute of Standards and Technology (NIST).
412
413 https://tools.ietf.org/html/rfc4493
414 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
415
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800416config CRYPTO_HMAC
417 tristate "HMAC support"
418 select CRYPTO_HASH
419 select CRYPTO_MANAGER
420 help
421 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
422 This is required for IPSec.
423
424config CRYPTO_XCBC
425 tristate "XCBC support"
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800426 select CRYPTO_HASH
427 select CRYPTO_MANAGER
428 help
429 XCBC: Keyed-Hashing with encryption algorithm
430 http://www.ietf.org/rfc/rfc3566.txt
431 http://csrc.nist.gov/encryption/modes/proposedmodes/
432 xcbc-mac/xcbc-mac-spec.pdf
433
Shane Wangf1939f72009-09-02 20:05:22 +1000434config CRYPTO_VMAC
435 tristate "VMAC support"
Shane Wangf1939f72009-09-02 20:05:22 +1000436 select CRYPTO_HASH
437 select CRYPTO_MANAGER
438 help
439 VMAC is a message authentication algorithm designed for
440 very high speed on 64-bit architectures.
441
442 See also:
443 <http://fastcrypto.org/vmac>
444
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800445comment "Digest"
446
447config CRYPTO_CRC32C
448 tristate "CRC32c CRC algorithm"
Herbert Xu5773a3e2008-07-08 20:54:28 +0800449 select CRYPTO_HASH
Darrick J. Wong6a0962b2012-03-23 15:02:25 -0700450 select CRC32
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800451 help
452 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
453 by iSCSI for header and data digests and by others.
Herbert Xu69c35ef2008-11-07 15:11:47 +0800454 See Castagnoli93. Module will be crc32c.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800455
Austin Zhang8cb51ba2008-08-07 09:57:03 +0800456config CRYPTO_CRC32C_INTEL
457 tristate "CRC32c INTEL hardware acceleration"
458 depends on X86
459 select CRYPTO_HASH
460 help
461 In Intel processor with SSE4.2 supported, the processor will
462 support CRC32C implementation using hardware accelerated CRC32
463 instruction. This option will create 'crc32c-intel' module,
464 which will enable any routine to use the CRC32 instruction to
465 gain performance compared with software implementation.
466 Module will be crc32c-intel.
467
Anton Blanchard6dd7a822016-07-01 08:19:45 +1000468config CRYPT_CRC32C_VPMSUM
469 tristate "CRC32c CRC algorithm (powerpc64)"
Michael Ellermanc12abf32016-08-09 08:46:15 +1000470 depends on PPC64 && ALTIVEC
Anton Blanchard6dd7a822016-07-01 08:19:45 +1000471 select CRYPTO_HASH
472 select CRC32
473 help
474 CRC32c algorithm implemented using vector polynomial multiply-sum
475 (vpmsum) instructions, introduced in POWER8. Enable on POWER8
476 and newer processors for improved performance.
477
478
David S. Miller442a7c42012-08-22 20:47:36 -0700479config CRYPTO_CRC32C_SPARC64
480 tristate "CRC32c CRC algorithm (SPARC64)"
481 depends on SPARC64
482 select CRYPTO_HASH
483 select CRC32
484 help
485 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
486 when available.
487
Alexander Boyko78c37d12013-01-10 18:54:59 +0400488config CRYPTO_CRC32
489 tristate "CRC32 CRC algorithm"
490 select CRYPTO_HASH
491 select CRC32
492 help
493 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
494 Shash crypto api wrappers to crc32_le function.
495
496config CRYPTO_CRC32_PCLMUL
497 tristate "CRC32 PCLMULQDQ hardware acceleration"
498 depends on X86
499 select CRYPTO_HASH
500 select CRC32
501 help
502 From Intel Westmere and AMD Bulldozer processor with SSE4.2
503 and PCLMULQDQ supported, the processor will support
504 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
505 instruction. This option will create 'crc32-plcmul' module,
506 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
507 and gain better performance as compared with the table implementation.
508
Herbert Xu684115212013-09-07 12:56:26 +1000509config CRYPTO_CRCT10DIF
510 tristate "CRCT10DIF algorithm"
511 select CRYPTO_HASH
512 help
513 CRC T10 Data Integrity Field computation is being cast as
514 a crypto transform. This allows for faster crc t10 diff
515 transforms to be used if they are available.
516
517config CRYPTO_CRCT10DIF_PCLMUL
518 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
519 depends on X86 && 64BIT && CRC_T10DIF
520 select CRYPTO_HASH
521 help
522 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
523 CRC T10 DIF PCLMULQDQ computation can be hardware
524 accelerated PCLMULQDQ instruction. This option will create
525 'crct10dif-plcmul' module, which is faster when computing the
526 crct10dif checksum as compared with the generic table implementation.
527
Huang Ying2cdc6892009-08-06 15:32:38 +1000528config CRYPTO_GHASH
529 tristate "GHASH digest algorithm"
Huang Ying2cdc6892009-08-06 15:32:38 +1000530 select CRYPTO_GF128MUL
Arnd Bergmann578c60fbe2016-01-25 17:51:21 +0100531 select CRYPTO_HASH
Huang Ying2cdc6892009-08-06 15:32:38 +1000532 help
533 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
534
Martin Willif979e012015-06-01 13:43:58 +0200535config CRYPTO_POLY1305
536 tristate "Poly1305 authenticator algorithm"
Arnd Bergmann578c60fbe2016-01-25 17:51:21 +0100537 select CRYPTO_HASH
Martin Willif979e012015-06-01 13:43:58 +0200538 help
539 Poly1305 authenticator algorithm, RFC7539.
540
541 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
542 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
543 in IETF protocols. This is the portable C implementation of Poly1305.
544
Martin Willic70f4ab2015-07-16 19:14:06 +0200545config CRYPTO_POLY1305_X86_64
Martin Willib1ccc8f2015-07-16 19:14:08 +0200546 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
Martin Willic70f4ab2015-07-16 19:14:06 +0200547 depends on X86 && 64BIT
548 select CRYPTO_POLY1305
549 help
550 Poly1305 authenticator algorithm, RFC7539.
551
552 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
553 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
554 in IETF protocols. This is the x86_64 assembler implementation using SIMD
555 instructions.
556
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800557config CRYPTO_MD4
558 tristate "MD4 digest algorithm"
Adrian-Ken Rueegsegger808a1762008-12-03 19:55:27 +0800559 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700560 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800561 MD4 message digest algorithm (RFC1320).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700562
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800563config CRYPTO_MD5
564 tristate "MD5 digest algorithm"
Adrian-Ken Rueegsegger14b75ba2008-12-03 19:57:12 +0800565 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700566 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800567 MD5 message digest algorithm (RFC1321).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700568
Aaro Koskinend69e75d2014-12-21 22:54:02 +0200569config CRYPTO_MD5_OCTEON
570 tristate "MD5 digest algorithm (OCTEON)"
571 depends on CPU_CAVIUM_OCTEON
572 select CRYPTO_MD5
573 select CRYPTO_HASH
574 help
575 MD5 message digest algorithm (RFC1321) implemented
576 using OCTEON crypto instructions, when available.
577
Markus Stockhausene8e59952015-03-01 19:30:46 +0100578config CRYPTO_MD5_PPC
579 tristate "MD5 digest algorithm (PPC)"
580 depends on PPC
581 select CRYPTO_HASH
582 help
583 MD5 message digest algorithm (RFC1321) implemented
584 in PPC assembler.
585
David S. Millerfa4dfed2012-08-19 21:51:26 -0700586config CRYPTO_MD5_SPARC64
587 tristate "MD5 digest algorithm (SPARC64)"
588 depends on SPARC64
589 select CRYPTO_MD5
590 select CRYPTO_HASH
591 help
592 MD5 message digest algorithm (RFC1321) implemented
593 using sparc64 crypto instructions, when available.
594
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800595config CRYPTO_MICHAEL_MIC
596 tristate "Michael MIC keyed digest algorithm"
Adrian-Ken Rueegsegger19e2bf12008-12-07 19:35:38 +0800597 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800598 help
599 Michael MIC is used for message integrity protection in TKIP
600 (IEEE 802.11i). This algorithm is required for TKIP, but it
601 should not be used for other purposes because of the weakness
602 of the algorithm.
603
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800604config CRYPTO_RMD128
Adrian Bunkb6d44342008-07-16 19:28:00 +0800605 tristate "RIPEMD-128 digest algorithm"
Herbert Xu7c4468b2008-11-08 09:10:40 +0800606 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800607 help
608 RIPEMD-128 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800609
Adrian Bunkb6d44342008-07-16 19:28:00 +0800610 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
Michael Witten35ed4b32011-07-09 04:02:31 +0000611 be used as a secure replacement for RIPEMD. For other use cases,
Adrian Bunkb6d44342008-07-16 19:28:00 +0800612 RIPEMD-160 should be used.
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800613
Adrian Bunkb6d44342008-07-16 19:28:00 +0800614 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800615 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800616
617config CRYPTO_RMD160
Adrian Bunkb6d44342008-07-16 19:28:00 +0800618 tristate "RIPEMD-160 digest algorithm"
Herbert Xue5835fb2008-11-08 09:18:51 +0800619 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800620 help
621 RIPEMD-160 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800622
Adrian Bunkb6d44342008-07-16 19:28:00 +0800623 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
624 to be used as a secure replacement for the 128-bit hash functions
625 MD4, MD5 and it's predecessor RIPEMD
626 (not to be confused with RIPEMD-128).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800627
Adrian Bunkb6d44342008-07-16 19:28:00 +0800628 It's speed is comparable to SHA1 and there are no known attacks
629 against RIPEMD-160.
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800630
Adrian Bunkb6d44342008-07-16 19:28:00 +0800631 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800632 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800633
634config CRYPTO_RMD256
Adrian Bunkb6d44342008-07-16 19:28:00 +0800635 tristate "RIPEMD-256 digest algorithm"
Herbert Xud8a5e2e2008-11-08 09:58:10 +0800636 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800637 help
638 RIPEMD-256 is an optional extension of RIPEMD-128 with a
639 256 bit hash. It is intended for applications that require
640 longer hash-results, without needing a larger security level
641 (than RIPEMD-128).
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800642
Adrian Bunkb6d44342008-07-16 19:28:00 +0800643 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800644 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800645
646config CRYPTO_RMD320
Adrian Bunkb6d44342008-07-16 19:28:00 +0800647 tristate "RIPEMD-320 digest algorithm"
Herbert Xu3b8efb42008-11-08 10:11:09 +0800648 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800649 help
650 RIPEMD-320 is an optional extension of RIPEMD-160 with a
651 320 bit hash. It is intended for applications that require
652 longer hash-results, without needing a larger security level
653 (than RIPEMD-160).
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800654
Adrian Bunkb6d44342008-07-16 19:28:00 +0800655 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800656 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800657
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800658config CRYPTO_SHA1
659 tristate "SHA1 digest algorithm"
Adrian-Ken Rueegsegger54ccb362008-12-02 21:08:20 +0800660 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800661 help
662 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
663
Mathias Krause66be8952011-08-04 20:19:25 +0200664config CRYPTO_SHA1_SSSE3
time38b6b72015-09-10 15:27:26 -0700665 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
Mathias Krause66be8952011-08-04 20:19:25 +0200666 depends on X86 && 64BIT
667 select CRYPTO_SHA1
668 select CRYPTO_HASH
669 help
670 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
671 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
time38b6b72015-09-10 15:27:26 -0700672 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
673 when available.
Mathias Krause66be8952011-08-04 20:19:25 +0200674
Tim Chen8275d1a2013-03-26 13:59:17 -0700675config CRYPTO_SHA256_SSSE3
time38b6b72015-09-10 15:27:26 -0700676 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
Tim Chen8275d1a2013-03-26 13:59:17 -0700677 depends on X86 && 64BIT
678 select CRYPTO_SHA256
679 select CRYPTO_HASH
680 help
681 SHA-256 secure hash standard (DFIPS 180-2) implemented
682 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
683 Extensions version 1 (AVX1), or Advanced Vector Extensions
time38b6b72015-09-10 15:27:26 -0700684 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
685 Instructions) when available.
Tim Chen8275d1a2013-03-26 13:59:17 -0700686
Tim Chen87de4572013-03-26 14:00:02 -0700687config CRYPTO_SHA512_SSSE3
688 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
689 depends on X86 && 64BIT
690 select CRYPTO_SHA512
691 select CRYPTO_HASH
692 help
693 SHA-512 secure hash standard (DFIPS 180-2) implemented
694 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
695 Extensions version 1 (AVX1), or Advanced Vector Extensions
696 version 2 (AVX2) instructions, when available.
697
Aaro Koskinenefdb6f62015-03-08 22:07:47 +0200698config CRYPTO_SHA1_OCTEON
699 tristate "SHA1 digest algorithm (OCTEON)"
700 depends on CPU_CAVIUM_OCTEON
701 select CRYPTO_SHA1
702 select CRYPTO_HASH
703 help
704 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
705 using OCTEON crypto instructions, when available.
706
David S. Miller4ff28d42012-08-19 15:41:53 -0700707config CRYPTO_SHA1_SPARC64
708 tristate "SHA1 digest algorithm (SPARC64)"
709 depends on SPARC64
710 select CRYPTO_SHA1
711 select CRYPTO_HASH
712 help
713 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
714 using sparc64 crypto instructions, when available.
715
Michael Ellerman323a6bf2012-09-13 23:00:49 +0000716config CRYPTO_SHA1_PPC
717 tristate "SHA1 digest algorithm (powerpc)"
718 depends on PPC
719 help
720 This is the powerpc hardware accelerated implementation of the
721 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
722
Markus Stockhausend9850fc2015-02-24 20:36:50 +0100723config CRYPTO_SHA1_PPC_SPE
724 tristate "SHA1 digest algorithm (PPC SPE)"
725 depends on PPC && SPE
726 help
727 SHA-1 secure hash standard (DFIPS 180-4) implemented
728 using powerpc SPE SIMD instruction set.
729
Tim Chen1e65b812014-07-31 10:29:51 -0700730config CRYPTO_SHA1_MB
731 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
732 depends on X86 && 64BIT
733 select CRYPTO_SHA1
734 select CRYPTO_HASH
735 select CRYPTO_MCRYPTD
736 help
737 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
738 using multi-buffer technique. This algorithm computes on
739 multiple data lanes concurrently with SIMD instructions for
740 better throughput. It should not be enabled by default but
741 used when there is significant amount of work to keep the keep
742 the data lanes filled to get performance benefit. If the data
743 lanes remain unfilled, a flush operation will be initiated to
744 process the crypto jobs, adding a slight latency.
745
Megha Dey9be7e242016-06-23 18:40:43 -0700746config CRYPTO_SHA256_MB
747 tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
748 depends on X86 && 64BIT
749 select CRYPTO_SHA256
750 select CRYPTO_HASH
751 select CRYPTO_MCRYPTD
752 help
753 SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
754 using multi-buffer technique. This algorithm computes on
755 multiple data lanes concurrently with SIMD instructions for
756 better throughput. It should not be enabled by default but
757 used when there is significant amount of work to keep the keep
758 the data lanes filled to get performance benefit. If the data
759 lanes remain unfilled, a flush operation will be initiated to
760 process the crypto jobs, adding a slight latency.
761
Megha Dey026bb8a2016-06-27 10:20:05 -0700762config CRYPTO_SHA512_MB
763 tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
764 depends on X86 && 64BIT
765 select CRYPTO_SHA512
766 select CRYPTO_HASH
767 select CRYPTO_MCRYPTD
768 help
769 SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
770 using multi-buffer technique. This algorithm computes on
771 multiple data lanes concurrently with SIMD instructions for
772 better throughput. It should not be enabled by default but
773 used when there is significant amount of work to keep the keep
774 the data lanes filled to get performance benefit. If the data
775 lanes remain unfilled, a flush operation will be initiated to
776 process the crypto jobs, adding a slight latency.
777
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800778config CRYPTO_SHA256
779 tristate "SHA224 and SHA256 digest algorithm"
Adrian-Ken Rueegsegger50e109b52008-12-03 19:57:49 +0800780 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800781 help
782 SHA256 secure hash standard (DFIPS 180-2).
783
784 This version of SHA implements a 256 bit hash with 128 bits of
785 security against collision attacks.
786
Adrian Bunkb6d44342008-07-16 19:28:00 +0800787 This code also includes SHA-224, a 224 bit hash with 112 bits
788 of security against collision attacks.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800789
Markus Stockhausen2ecc1e92015-01-30 15:39:34 +0100790config CRYPTO_SHA256_PPC_SPE
791 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
792 depends on PPC && SPE
793 select CRYPTO_SHA256
794 select CRYPTO_HASH
795 help
796 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
797 implemented using powerpc SPE SIMD instruction set.
798
Aaro Koskinenefdb6f62015-03-08 22:07:47 +0200799config CRYPTO_SHA256_OCTEON
800 tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
801 depends on CPU_CAVIUM_OCTEON
802 select CRYPTO_SHA256
803 select CRYPTO_HASH
804 help
805 SHA-256 secure hash standard (DFIPS 180-2) implemented
806 using OCTEON crypto instructions, when available.
807
David S. Miller86c93b22012-08-19 17:11:37 -0700808config CRYPTO_SHA256_SPARC64
809 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
810 depends on SPARC64
811 select CRYPTO_SHA256
812 select CRYPTO_HASH
813 help
814 SHA-256 secure hash standard (DFIPS 180-2) implemented
815 using sparc64 crypto instructions, when available.
816
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800817config CRYPTO_SHA512
818 tristate "SHA384 and SHA512 digest algorithms"
Adrian-Ken Rueegseggerbd9d20d2008-12-17 16:49:02 +1100819 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800820 help
821 SHA512 secure hash standard (DFIPS 180-2).
822
823 This version of SHA implements a 512 bit hash with 256 bits of
824 security against collision attacks.
825
826 This code also includes SHA-384, a 384 bit hash with 192 bits
827 of security against collision attacks.
828
Aaro Koskinenefdb6f62015-03-08 22:07:47 +0200829config CRYPTO_SHA512_OCTEON
830 tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
831 depends on CPU_CAVIUM_OCTEON
832 select CRYPTO_SHA512
833 select CRYPTO_HASH
834 help
835 SHA-512 secure hash standard (DFIPS 180-2) implemented
836 using OCTEON crypto instructions, when available.
837
David S. Miller775e0c62012-08-19 17:37:56 -0700838config CRYPTO_SHA512_SPARC64
839 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
840 depends on SPARC64
841 select CRYPTO_SHA512
842 select CRYPTO_HASH
843 help
844 SHA-512 secure hash standard (DFIPS 180-2) implemented
845 using sparc64 crypto instructions, when available.
846
Jeff Garzik53964b92016-06-17 10:30:35 +0530847config CRYPTO_SHA3
848 tristate "SHA3 digest algorithm"
849 select CRYPTO_HASH
850 help
851 SHA-3 secure hash standard (DFIPS 202). It's based on
852 cryptographic sponge function family called Keccak.
853
854 References:
855 http://keccak.noekeon.org/
856
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800857config CRYPTO_TGR192
858 tristate "Tiger digest algorithms"
Adrian-Ken Rueegseggerf63fbd32008-12-03 19:58:32 +0800859 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800860 help
861 Tiger hash algorithm 192, 160 and 128-bit hashes
862
863 Tiger is a hash function optimized for 64-bit processors while
864 still having decent performance on 32-bit processors.
865 Tiger was developed by Ross Anderson and Eli Biham.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700866
867 See also:
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800868 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
869
870config CRYPTO_WP512
871 tristate "Whirlpool digest algorithms"
Adrian-Ken Rueegsegger49465102008-12-07 19:34:37 +0800872 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800873 help
874 Whirlpool hash algorithm 512, 384 and 256-bit hashes
875
876 Whirlpool-512 is part of the NESSIE cryptographic primitives.
877 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
878
879 See also:
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800880 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800881
Huang Ying0e1227d2009-10-19 11:53:06 +0900882config CRYPTO_GHASH_CLMUL_NI_INTEL
883 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
Richard Weinberger8af00862011-06-08 20:56:29 +0800884 depends on X86 && 64BIT
Huang Ying0e1227d2009-10-19 11:53:06 +0900885 select CRYPTO_CRYPTD
886 help
887 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
888 The implementation is accelerated by CLMUL-NI of Intel.
889
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800890comment "Ciphers"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700891
892config CRYPTO_AES
893 tristate "AES cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000894 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700895 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800896 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700897 algorithm.
898
899 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800900 both hardware and software across a wide range of computing
901 environments regardless of its use in feedback or non-feedback
902 modes. Its key setup time is excellent, and its key agility is
903 good. Rijndael's very low memory requirements make it very well
904 suited for restricted-space environments, in which it also
905 demonstrates excellent performance. Rijndael's operations are
906 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700907
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800908 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700909
910 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
911
912config CRYPTO_AES_586
913 tristate "AES cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000914 depends on (X86 || UML_X86) && !64BIT
915 select CRYPTO_ALGAPI
Sebastian Siewior5157dea2007-11-10 19:07:16 +0800916 select CRYPTO_AES
Linus Torvalds1da177e2005-04-16 15:20:36 -0700917 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800918 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700919 algorithm.
920
921 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800922 both hardware and software across a wide range of computing
923 environments regardless of its use in feedback or non-feedback
924 modes. Its key setup time is excellent, and its key agility is
925 good. Rijndael's very low memory requirements make it very well
926 suited for restricted-space environments, in which it also
927 demonstrates excellent performance. Rijndael's operations are
928 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700929
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800930 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700931
932 See <http://csrc.nist.gov/encryption/aes/> for more information.
933
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700934config CRYPTO_AES_X86_64
935 tristate "AES cipher algorithms (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000936 depends on (X86 || UML_X86) && 64BIT
937 select CRYPTO_ALGAPI
Sebastian Siewior81190b32007-11-08 21:25:04 +0800938 select CRYPTO_AES
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700939 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800940 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700941 algorithm.
942
943 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800944 both hardware and software across a wide range of computing
945 environments regardless of its use in feedback or non-feedback
946 modes. Its key setup time is excellent, and its key agility is
947 good. Rijndael's very low memory requirements make it very well
948 suited for restricted-space environments, in which it also
949 demonstrates excellent performance. Rijndael's operations are
950 among the easiest to defend against power and timing attacks.
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700951
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800952 The AES specifies three key sizes: 128, 192 and 256 bits
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700953
954 See <http://csrc.nist.gov/encryption/aes/> for more information.
955
Huang Ying54b6a1b2009-01-18 16:28:34 +1100956config CRYPTO_AES_NI_INTEL
957 tristate "AES cipher algorithms (AES-NI)"
Richard Weinberger8af00862011-06-08 20:56:29 +0800958 depends on X86
Mathias Krause0d258ef2010-11-27 16:34:46 +0800959 select CRYPTO_AES_X86_64 if 64BIT
960 select CRYPTO_AES_586 if !64BIT
Huang Ying54b6a1b2009-01-18 16:28:34 +1100961 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +0200962 select CRYPTO_ABLK_HELPER
Huang Ying54b6a1b2009-01-18 16:28:34 +1100963 select CRYPTO_ALGAPI
Jussi Kivilinna7643a112013-04-10 18:39:20 +0300964 select CRYPTO_GLUE_HELPER_X86 if 64BIT
Jussi Kivilinna023af602012-07-22 18:18:37 +0300965 select CRYPTO_LRW
966 select CRYPTO_XTS
Huang Ying54b6a1b2009-01-18 16:28:34 +1100967 help
968 Use Intel AES-NI instructions for AES algorithm.
969
970 AES cipher algorithms (FIPS-197). AES uses the Rijndael
971 algorithm.
972
973 Rijndael appears to be consistently a very good performer in
974 both hardware and software across a wide range of computing
975 environments regardless of its use in feedback or non-feedback
976 modes. Its key setup time is excellent, and its key agility is
977 good. Rijndael's very low memory requirements make it very well
978 suited for restricted-space environments, in which it also
979 demonstrates excellent performance. Rijndael's operations are
980 among the easiest to defend against power and timing attacks.
981
982 The AES specifies three key sizes: 128, 192 and 256 bits
983
984 See <http://csrc.nist.gov/encryption/aes/> for more information.
985
Mathias Krause0d258ef2010-11-27 16:34:46 +0800986 In addition to AES cipher algorithm support, the acceleration
987 for some popular block cipher mode is supported too, including
988 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
989 acceleration for CTR.
Huang Ying2cf4ac82009-03-29 15:41:20 +0800990
David S. Miller9bf4852d2012-08-21 03:58:13 -0700991config CRYPTO_AES_SPARC64
992 tristate "AES cipher algorithms (SPARC64)"
993 depends on SPARC64
994 select CRYPTO_CRYPTD
995 select CRYPTO_ALGAPI
996 help
997 Use SPARC64 crypto opcodes for AES algorithm.
998
999 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1000 algorithm.
1001
1002 Rijndael appears to be consistently a very good performer in
1003 both hardware and software across a wide range of computing
1004 environments regardless of its use in feedback or non-feedback
1005 modes. Its key setup time is excellent, and its key agility is
1006 good. Rijndael's very low memory requirements make it very well
1007 suited for restricted-space environments, in which it also
1008 demonstrates excellent performance. Rijndael's operations are
1009 among the easiest to defend against power and timing attacks.
1010
1011 The AES specifies three key sizes: 128, 192 and 256 bits
1012
1013 See <http://csrc.nist.gov/encryption/aes/> for more information.
1014
1015 In addition to AES cipher algorithm support, the acceleration
1016 for some popular block cipher mode is supported too, including
1017 ECB and CBC.
1018
Markus Stockhausen504c6142015-02-22 10:00:10 +01001019config CRYPTO_AES_PPC_SPE
1020 tristate "AES cipher algorithms (PPC SPE)"
1021 depends on PPC && SPE
1022 help
1023 AES cipher algorithms (FIPS-197). Additionally the acceleration
1024 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1025 This module should only be used for low power (router) devices
1026 without hardware AES acceleration (e.g. caam crypto). It reduces the
1027 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1028 timining attacks. Nevertheless it might be not as secure as other
1029 architecture specific assembler implementations that work on 1KB
1030 tables or 256 bytes S-boxes.
1031
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001032config CRYPTO_ANUBIS
1033 tristate "Anubis cipher algorithm"
1034 select CRYPTO_ALGAPI
1035 help
1036 Anubis cipher algorithm.
1037
1038 Anubis is a variable key length cipher which can use keys from
1039 128 bits to 320 bits in length. It was evaluated as a entrant
1040 in the NESSIE competition.
1041
1042 See also:
Justin P. Mattock6d8de742010-09-12 10:42:47 +08001043 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1044 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001045
1046config CRYPTO_ARC4
1047 tristate "ARC4 cipher algorithm"
Sebastian Andrzej Siewiorb9b0f082012-06-26 18:13:46 +02001048 select CRYPTO_BLKCIPHER
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001049 help
1050 ARC4 cipher algorithm.
1051
1052 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1053 bits in length. This algorithm is required for driver-based
1054 WEP, but it should not be for other purposes because of the
1055 weakness of the algorithm.
1056
1057config CRYPTO_BLOWFISH
1058 tristate "Blowfish cipher algorithm"
1059 select CRYPTO_ALGAPI
Jussi Kivilinna52ba8672011-09-02 01:45:07 +03001060 select CRYPTO_BLOWFISH_COMMON
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001061 help
1062 Blowfish cipher algorithm, by Bruce Schneier.
1063
1064 This is a variable key length cipher which can use keys from 32
1065 bits to 448 bits in length. It's fast, simple and specifically
1066 designed for use on "large microprocessors".
1067
1068 See also:
1069 <http://www.schneier.com/blowfish.html>
1070
Jussi Kivilinna52ba8672011-09-02 01:45:07 +03001071config CRYPTO_BLOWFISH_COMMON
1072 tristate
1073 help
1074 Common parts of the Blowfish cipher algorithm shared by the
1075 generic c and the assembler implementations.
1076
1077 See also:
1078 <http://www.schneier.com/blowfish.html>
1079
Jussi Kivilinna64b94ce2011-09-02 01:45:22 +03001080config CRYPTO_BLOWFISH_X86_64
1081 tristate "Blowfish cipher algorithm (x86_64)"
Al Virof21a7c12012-04-08 20:31:22 -04001082 depends on X86 && 64BIT
Jussi Kivilinna64b94ce2011-09-02 01:45:22 +03001083 select CRYPTO_ALGAPI
1084 select CRYPTO_BLOWFISH_COMMON
1085 help
1086 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1087
1088 This is a variable key length cipher which can use keys from 32
1089 bits to 448 bits in length. It's fast, simple and specifically
1090 designed for use on "large microprocessors".
1091
1092 See also:
1093 <http://www.schneier.com/blowfish.html>
1094
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001095config CRYPTO_CAMELLIA
1096 tristate "Camellia cipher algorithms"
1097 depends on CRYPTO
1098 select CRYPTO_ALGAPI
1099 help
1100 Camellia cipher algorithms module.
1101
1102 Camellia is a symmetric key block cipher developed jointly
1103 at NTT and Mitsubishi Electric Corporation.
1104
1105 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1106
1107 See also:
1108 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1109
Jussi Kivilinna0b95ec52012-03-05 20:26:47 +02001110config CRYPTO_CAMELLIA_X86_64
1111 tristate "Camellia cipher algorithm (x86_64)"
Al Virof21a7c12012-04-08 20:31:22 -04001112 depends on X86 && 64BIT
Jussi Kivilinna0b95ec52012-03-05 20:26:47 +02001113 depends on CRYPTO
1114 select CRYPTO_ALGAPI
Jussi Kivilinna964263a2012-06-18 14:07:29 +03001115 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna0b95ec52012-03-05 20:26:47 +02001116 select CRYPTO_LRW
1117 select CRYPTO_XTS
1118 help
1119 Camellia cipher algorithm module (x86_64).
1120
1121 Camellia is a symmetric key block cipher developed jointly
1122 at NTT and Mitsubishi Electric Corporation.
1123
1124 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1125
1126 See also:
1127 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1128
Jussi Kivilinnad9b1d2e2012-10-26 14:49:01 +03001129config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1130 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1131 depends on X86 && 64BIT
1132 depends on CRYPTO
1133 select CRYPTO_ALGAPI
1134 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001135 select CRYPTO_ABLK_HELPER
Jussi Kivilinnad9b1d2e2012-10-26 14:49:01 +03001136 select CRYPTO_GLUE_HELPER_X86
1137 select CRYPTO_CAMELLIA_X86_64
1138 select CRYPTO_LRW
1139 select CRYPTO_XTS
1140 help
1141 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1142
1143 Camellia is a symmetric key block cipher developed jointly
1144 at NTT and Mitsubishi Electric Corporation.
1145
1146 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1147
1148 See also:
1149 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1150
Jussi Kivilinnaf3f935a2013-04-13 13:47:00 +03001151config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1152 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1153 depends on X86 && 64BIT
1154 depends on CRYPTO
1155 select CRYPTO_ALGAPI
1156 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001157 select CRYPTO_ABLK_HELPER
Jussi Kivilinnaf3f935a2013-04-13 13:47:00 +03001158 select CRYPTO_GLUE_HELPER_X86
1159 select CRYPTO_CAMELLIA_X86_64
1160 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1161 select CRYPTO_LRW
1162 select CRYPTO_XTS
1163 help
1164 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1165
1166 Camellia is a symmetric key block cipher developed jointly
1167 at NTT and Mitsubishi Electric Corporation.
1168
1169 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1170
1171 See also:
1172 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1173
David S. Miller81658ad2012-08-28 12:05:54 -07001174config CRYPTO_CAMELLIA_SPARC64
1175 tristate "Camellia cipher algorithm (SPARC64)"
1176 depends on SPARC64
1177 depends on CRYPTO
1178 select CRYPTO_ALGAPI
1179 help
1180 Camellia cipher algorithm module (SPARC64).
1181
1182 Camellia is a symmetric key block cipher developed jointly
1183 at NTT and Mitsubishi Electric Corporation.
1184
1185 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1186
1187 See also:
1188 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1189
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001190config CRYPTO_CAST_COMMON
1191 tristate
1192 help
1193 Common parts of the CAST cipher algorithms shared by the
1194 generic c and the assembler implementations.
1195
Linus Torvalds1da177e2005-04-16 15:20:36 -07001196config CRYPTO_CAST5
1197 tristate "CAST5 (CAST-128) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001198 select CRYPTO_ALGAPI
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001199 select CRYPTO_CAST_COMMON
Linus Torvalds1da177e2005-04-16 15:20:36 -07001200 help
1201 The CAST5 encryption algorithm (synonymous with CAST-128) is
1202 described in RFC2144.
1203
Johannes Goetzfried4d6d6a22012-07-11 19:37:37 +02001204config CRYPTO_CAST5_AVX_X86_64
1205 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1206 depends on X86 && 64BIT
1207 select CRYPTO_ALGAPI
1208 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001209 select CRYPTO_ABLK_HELPER
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001210 select CRYPTO_CAST_COMMON
Johannes Goetzfried4d6d6a22012-07-11 19:37:37 +02001211 select CRYPTO_CAST5
1212 help
1213 The CAST5 encryption algorithm (synonymous with CAST-128) is
1214 described in RFC2144.
1215
1216 This module provides the Cast5 cipher algorithm that processes
1217 sixteen blocks parallel using the AVX instruction set.
1218
Linus Torvalds1da177e2005-04-16 15:20:36 -07001219config CRYPTO_CAST6
1220 tristate "CAST6 (CAST-256) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001221 select CRYPTO_ALGAPI
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001222 select CRYPTO_CAST_COMMON
Linus Torvalds1da177e2005-04-16 15:20:36 -07001223 help
1224 The CAST6 encryption algorithm (synonymous with CAST-256) is
1225 described in RFC2612.
1226
Johannes Goetzfried4ea12772012-07-11 19:38:57 +02001227config CRYPTO_CAST6_AVX_X86_64
1228 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1229 depends on X86 && 64BIT
1230 select CRYPTO_ALGAPI
1231 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001232 select CRYPTO_ABLK_HELPER
Johannes Goetzfried4ea12772012-07-11 19:38:57 +02001233 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001234 select CRYPTO_CAST_COMMON
Johannes Goetzfried4ea12772012-07-11 19:38:57 +02001235 select CRYPTO_CAST6
1236 select CRYPTO_LRW
1237 select CRYPTO_XTS
1238 help
1239 The CAST6 encryption algorithm (synonymous with CAST-256) is
1240 described in RFC2612.
1241
1242 This module provides the Cast6 cipher algorithm that processes
1243 eight blocks parallel using the AVX instruction set.
1244
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001245config CRYPTO_DES
1246 tristate "DES and Triple DES EDE cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +10001247 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -07001248 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001249 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
Linus Torvalds1da177e2005-04-16 15:20:36 -07001250
David S. Millerc5aac2d2012-08-25 22:37:23 -07001251config CRYPTO_DES_SPARC64
1252 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
Dave Jones97da37b2012-10-02 17:13:20 -04001253 depends on SPARC64
David S. Millerc5aac2d2012-08-25 22:37:23 -07001254 select CRYPTO_ALGAPI
1255 select CRYPTO_DES
1256 help
1257 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1258 optimized using SPARC64 crypto opcodes.
1259
Jussi Kivilinna6574e6c2014-06-09 20:59:54 +03001260config CRYPTO_DES3_EDE_X86_64
1261 tristate "Triple DES EDE cipher algorithm (x86-64)"
1262 depends on X86 && 64BIT
1263 select CRYPTO_ALGAPI
1264 select CRYPTO_DES
1265 help
1266 Triple DES EDE (FIPS 46-3) algorithm.
1267
1268 This module provides implementation of the Triple DES EDE cipher
1269 algorithm that is optimized for x86-64 processors. Two versions of
1270 algorithm are provided; regular processing one input block and
1271 one that processes three blocks parallel.
1272
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001273config CRYPTO_FCRYPT
1274 tristate "FCrypt cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001275 select CRYPTO_ALGAPI
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001276 select CRYPTO_BLKCIPHER
Linus Torvalds1da177e2005-04-16 15:20:36 -07001277 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001278 FCrypt algorithm used by RxRPC.
Linus Torvalds1da177e2005-04-16 15:20:36 -07001279
1280config CRYPTO_KHAZAD
1281 tristate "Khazad cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001282 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -07001283 help
1284 Khazad cipher algorithm.
1285
1286 Khazad was a finalist in the initial NESSIE competition. It is
1287 an algorithm optimized for 64-bit processors with good performance
1288 on 32-bit processors. Khazad uses an 128 bit key size.
1289
1290 See also:
Justin P. Mattock6d8de742010-09-12 10:42:47 +08001291 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
Linus Torvalds1da177e2005-04-16 15:20:36 -07001292
Tan Swee Heng2407d602007-11-23 19:45:00 +08001293config CRYPTO_SALSA20
Kees Cook3b4afaf2012-10-02 11:16:49 -07001294 tristate "Salsa20 stream cipher algorithm"
Tan Swee Heng2407d602007-11-23 19:45:00 +08001295 select CRYPTO_BLKCIPHER
1296 help
1297 Salsa20 stream cipher algorithm.
1298
1299 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1300 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1301
1302 The Salsa20 stream cipher algorithm is designed by Daniel J.
1303 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
Linus Torvalds1da177e2005-04-16 15:20:36 -07001304
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001305config CRYPTO_SALSA20_586
Kees Cook3b4afaf2012-10-02 11:16:49 -07001306 tristate "Salsa20 stream cipher algorithm (i586)"
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001307 depends on (X86 || UML_X86) && !64BIT
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001308 select CRYPTO_BLKCIPHER
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001309 help
1310 Salsa20 stream cipher algorithm.
1311
1312 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1313 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1314
1315 The Salsa20 stream cipher algorithm is designed by Daniel J.
1316 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1317
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001318config CRYPTO_SALSA20_X86_64
Kees Cook3b4afaf2012-10-02 11:16:49 -07001319 tristate "Salsa20 stream cipher algorithm (x86_64)"
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001320 depends on (X86 || UML_X86) && 64BIT
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001321 select CRYPTO_BLKCIPHER
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001322 help
1323 Salsa20 stream cipher algorithm.
1324
1325 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1326 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1327
1328 The Salsa20 stream cipher algorithm is designed by Daniel J.
1329 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1330
Martin Willic08d0e62015-06-01 13:43:56 +02001331config CRYPTO_CHACHA20
Eric Biggersbb31ed52018-11-16 17:26:22 -08001332 tristate "ChaCha stream cipher algorithms"
Martin Willic08d0e62015-06-01 13:43:56 +02001333 select CRYPTO_BLKCIPHER
1334 help
Eric Biggersbb31ed52018-11-16 17:26:22 -08001335 The ChaCha20, XChaCha20, and XChaCha12 stream cipher algorithms.
Martin Willic08d0e62015-06-01 13:43:56 +02001336
1337 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1338 Bernstein and further specified in RFC7539 for use in IETF protocols.
Eric Biggers1141ebc2018-11-16 17:26:20 -08001339 This is the portable C implementation of ChaCha20. See also:
Martin Willic08d0e62015-06-01 13:43:56 +02001340 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1341
Eric Biggers1141ebc2018-11-16 17:26:20 -08001342 XChaCha20 is the application of the XSalsa20 construction to ChaCha20
1343 rather than to Salsa20. XChaCha20 extends ChaCha20's nonce length
1344 from 64 bits (or 96 bits using the RFC7539 convention) to 192 bits,
1345 while provably retaining ChaCha20's security. See also:
1346 <https://cr.yp.to/snuffle/xsalsa-20081128.pdf>
1347
Eric Biggersbb31ed52018-11-16 17:26:22 -08001348 XChaCha12 is XChaCha20 reduced to 12 rounds, with correspondingly
1349 reduced security margin but increased performance. It can be needed
1350 in some performance-sensitive scenarios.
1351
Martin Willic9320b62015-07-16 19:14:01 +02001352config CRYPTO_CHACHA20_X86_64
Martin Willi3d1e93c2015-07-16 19:14:03 +02001353 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
Martin Willic9320b62015-07-16 19:14:01 +02001354 depends on X86 && 64BIT
1355 select CRYPTO_BLKCIPHER
1356 select CRYPTO_CHACHA20
1357 help
1358 ChaCha20 cipher algorithm, RFC7539.
1359
1360 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1361 Bernstein and further specified in RFC7539 for use in IETF protocols.
1362 This is the x86_64 assembler implementation using SIMD instructions.
1363
1364 See also:
1365 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1366
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001367config CRYPTO_SEED
1368 tristate "SEED cipher algorithm"
1369 select CRYPTO_ALGAPI
1370 help
1371 SEED cipher algorithm (RFC4269).
1372
1373 SEED is a 128-bit symmetric key block cipher that has been
1374 developed by KISA (Korea Information Security Agency) as a
1375 national standard encryption algorithm of the Republic of Korea.
1376 It is a 16 round block cipher with the key size of 128 bit.
1377
1378 See also:
1379 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1380
1381config CRYPTO_SERPENT
1382 tristate "Serpent cipher algorithm"
1383 select CRYPTO_ALGAPI
1384 help
1385 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1386
1387 Keys are allowed to be from 0 to 256 bits in length, in steps
1388 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1389 variant of Serpent for compatibility with old kerneli.org code.
1390
1391 See also:
1392 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1393
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001394config CRYPTO_SERPENT_SSE2_X86_64
1395 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1396 depends on X86 && 64BIT
1397 select CRYPTO_ALGAPI
Jussi Kivilinna341975b2011-11-24 08:37:41 +02001398 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001399 select CRYPTO_ABLK_HELPER
Jussi Kivilinna596d8752012-06-18 14:07:19 +03001400 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001401 select CRYPTO_SERPENT
Jussi Kivilinnafeaf0cf2011-12-13 12:53:12 +02001402 select CRYPTO_LRW
1403 select CRYPTO_XTS
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001404 help
1405 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1406
1407 Keys are allowed to be from 0 to 256 bits in length, in steps
1408 of 8 bits.
1409
Masanari Iida1e6232f2015-04-04 00:20:30 +09001410 This module provides Serpent cipher algorithm that processes eight
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001411 blocks parallel using SSE2 instruction set.
1412
1413 See also:
1414 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1415
Jussi Kivilinna251496d2011-11-09 16:26:31 +02001416config CRYPTO_SERPENT_SSE2_586
1417 tristate "Serpent cipher algorithm (i586/SSE2)"
1418 depends on X86 && !64BIT
1419 select CRYPTO_ALGAPI
Jussi Kivilinna341975b2011-11-24 08:37:41 +02001420 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001421 select CRYPTO_ABLK_HELPER
Jussi Kivilinna596d8752012-06-18 14:07:19 +03001422 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna251496d2011-11-09 16:26:31 +02001423 select CRYPTO_SERPENT
Jussi Kivilinnafeaf0cf2011-12-13 12:53:12 +02001424 select CRYPTO_LRW
1425 select CRYPTO_XTS
Jussi Kivilinna251496d2011-11-09 16:26:31 +02001426 help
1427 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1428
1429 Keys are allowed to be from 0 to 256 bits in length, in steps
1430 of 8 bits.
1431
1432 This module provides Serpent cipher algorithm that processes four
1433 blocks parallel using SSE2 instruction set.
1434
1435 See also:
1436 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1437
Johannes Goetzfried7efe4072012-06-12 16:47:43 +08001438config CRYPTO_SERPENT_AVX_X86_64
1439 tristate "Serpent cipher algorithm (x86_64/AVX)"
1440 depends on X86 && 64BIT
1441 select CRYPTO_ALGAPI
1442 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001443 select CRYPTO_ABLK_HELPER
Jussi Kivilinna1d0debb2012-06-18 14:07:24 +03001444 select CRYPTO_GLUE_HELPER_X86
Johannes Goetzfried7efe4072012-06-12 16:47:43 +08001445 select CRYPTO_SERPENT
1446 select CRYPTO_LRW
1447 select CRYPTO_XTS
1448 help
1449 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1450
1451 Keys are allowed to be from 0 to 256 bits in length, in steps
1452 of 8 bits.
1453
1454 This module provides the Serpent cipher algorithm that processes
1455 eight blocks parallel using the AVX instruction set.
1456
1457 See also:
1458 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1459
Jussi Kivilinna56d76c92013-04-13 13:46:55 +03001460config CRYPTO_SERPENT_AVX2_X86_64
1461 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1462 depends on X86 && 64BIT
1463 select CRYPTO_ALGAPI
1464 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001465 select CRYPTO_ABLK_HELPER
Jussi Kivilinna56d76c92013-04-13 13:46:55 +03001466 select CRYPTO_GLUE_HELPER_X86
1467 select CRYPTO_SERPENT
1468 select CRYPTO_SERPENT_AVX_X86_64
1469 select CRYPTO_LRW
1470 select CRYPTO_XTS
1471 help
1472 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1473
1474 Keys are allowed to be from 0 to 256 bits in length, in steps
1475 of 8 bits.
1476
1477 This module provides Serpent cipher algorithm that processes 16
1478 blocks parallel using AVX2 instruction set.
1479
1480 See also:
1481 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1482
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001483config CRYPTO_TEA
1484 tristate "TEA, XTEA and XETA cipher algorithms"
1485 select CRYPTO_ALGAPI
1486 help
1487 TEA cipher algorithm.
1488
1489 Tiny Encryption Algorithm is a simple cipher that uses
1490 many rounds for security. It is very fast and uses
1491 little memory.
1492
1493 Xtendend Tiny Encryption Algorithm is a modification to
1494 the TEA algorithm to address a potential key weakness
1495 in the TEA algorithm.
1496
1497 Xtendend Encryption Tiny Algorithm is a mis-implementation
1498 of the XTEA algorithm for compatibility purposes.
1499
1500config CRYPTO_TWOFISH
1501 tristate "Twofish cipher algorithm"
1502 select CRYPTO_ALGAPI
1503 select CRYPTO_TWOFISH_COMMON
1504 help
1505 Twofish cipher algorithm.
1506
1507 Twofish was submitted as an AES (Advanced Encryption Standard)
1508 candidate cipher by researchers at CounterPane Systems. It is a
1509 16 round block cipher supporting key sizes of 128, 192, and 256
1510 bits.
1511
1512 See also:
1513 <http://www.schneier.com/twofish.html>
1514
1515config CRYPTO_TWOFISH_COMMON
1516 tristate
1517 help
1518 Common parts of the Twofish cipher algorithm shared by the
1519 generic c and the assembler implementations.
1520
1521config CRYPTO_TWOFISH_586
1522 tristate "Twofish cipher algorithms (i586)"
1523 depends on (X86 || UML_X86) && !64BIT
1524 select CRYPTO_ALGAPI
1525 select CRYPTO_TWOFISH_COMMON
1526 help
1527 Twofish cipher algorithm.
1528
1529 Twofish was submitted as an AES (Advanced Encryption Standard)
1530 candidate cipher by researchers at CounterPane Systems. It is a
1531 16 round block cipher supporting key sizes of 128, 192, and 256
1532 bits.
1533
1534 See also:
1535 <http://www.schneier.com/twofish.html>
1536
1537config CRYPTO_TWOFISH_X86_64
1538 tristate "Twofish cipher algorithm (x86_64)"
1539 depends on (X86 || UML_X86) && 64BIT
1540 select CRYPTO_ALGAPI
1541 select CRYPTO_TWOFISH_COMMON
1542 help
1543 Twofish cipher algorithm (x86_64).
1544
1545 Twofish was submitted as an AES (Advanced Encryption Standard)
1546 candidate cipher by researchers at CounterPane Systems. It is a
1547 16 round block cipher supporting key sizes of 128, 192, and 256
1548 bits.
1549
1550 See also:
1551 <http://www.schneier.com/twofish.html>
1552
Jussi Kivilinna8280daa2011-09-26 16:47:25 +03001553config CRYPTO_TWOFISH_X86_64_3WAY
1554 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
Al Virof21a7c12012-04-08 20:31:22 -04001555 depends on X86 && 64BIT
Jussi Kivilinna8280daa2011-09-26 16:47:25 +03001556 select CRYPTO_ALGAPI
1557 select CRYPTO_TWOFISH_COMMON
1558 select CRYPTO_TWOFISH_X86_64
Jussi Kivilinna414cb5e2012-06-18 14:07:34 +03001559 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinnae7cda5d2011-12-13 12:53:01 +02001560 select CRYPTO_LRW
1561 select CRYPTO_XTS
Jussi Kivilinna8280daa2011-09-26 16:47:25 +03001562 help
1563 Twofish cipher algorithm (x86_64, 3-way parallel).
1564
1565 Twofish was submitted as an AES (Advanced Encryption Standard)
1566 candidate cipher by researchers at CounterPane Systems. It is a
1567 16 round block cipher supporting key sizes of 128, 192, and 256
1568 bits.
1569
1570 This module provides Twofish cipher algorithm that processes three
1571 blocks parallel, utilizing resources of out-of-order CPUs better.
1572
1573 See also:
1574 <http://www.schneier.com/twofish.html>
1575
Johannes Goetzfried107778b2012-05-28 15:54:24 +02001576config CRYPTO_TWOFISH_AVX_X86_64
1577 tristate "Twofish cipher algorithm (x86_64/AVX)"
1578 depends on X86 && 64BIT
1579 select CRYPTO_ALGAPI
1580 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001581 select CRYPTO_ABLK_HELPER
Jussi Kivilinnaa7378d42012-06-18 14:07:39 +03001582 select CRYPTO_GLUE_HELPER_X86
Johannes Goetzfried107778b2012-05-28 15:54:24 +02001583 select CRYPTO_TWOFISH_COMMON
1584 select CRYPTO_TWOFISH_X86_64
1585 select CRYPTO_TWOFISH_X86_64_3WAY
1586 select CRYPTO_LRW
1587 select CRYPTO_XTS
1588 help
1589 Twofish cipher algorithm (x86_64/AVX).
1590
1591 Twofish was submitted as an AES (Advanced Encryption Standard)
1592 candidate cipher by researchers at CounterPane Systems. It is a
1593 16 round block cipher supporting key sizes of 128, 192, and 256
1594 bits.
1595
1596 This module provides the Twofish cipher algorithm that processes
1597 eight blocks parallel using the AVX Instruction Set.
1598
1599 See also:
1600 <http://www.schneier.com/twofish.html>
1601
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001602comment "Compression"
1603
Linus Torvalds1da177e2005-04-16 15:20:36 -07001604config CRYPTO_DEFLATE
1605 tristate "Deflate compression algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001606 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -07001607 select ZLIB_INFLATE
1608 select ZLIB_DEFLATE
1609 help
1610 This is the Deflate algorithm (RFC1951), specified for use in
1611 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001612
Linus Torvalds1da177e2005-04-16 15:20:36 -07001613 You will most probably want this if using IPSec.
1614
Zoltan Sogor0b77abb2007-12-07 16:53:23 +08001615config CRYPTO_LZO
1616 tristate "LZO compression algorithm"
1617 select CRYPTO_ALGAPI
1618 select LZO_COMPRESS
1619 select LZO_DECOMPRESS
1620 help
1621 This is the LZO algorithm.
1622
Seth Jennings35a1fc12012-07-19 09:42:41 -05001623config CRYPTO_842
1624 tristate "842 compression algorithm"
Dan Streetman2062c5b2015-05-07 13:49:15 -04001625 select CRYPTO_ALGAPI
1626 select 842_COMPRESS
1627 select 842_DECOMPRESS
Seth Jennings35a1fc12012-07-19 09:42:41 -05001628 help
1629 This is the 842 algorithm.
1630
Chanho Min0ea85302013-07-08 16:01:51 -07001631config CRYPTO_LZ4
1632 tristate "LZ4 compression algorithm"
1633 select CRYPTO_ALGAPI
1634 select LZ4_COMPRESS
1635 select LZ4_DECOMPRESS
1636 help
1637 This is the LZ4 algorithm.
1638
1639config CRYPTO_LZ4HC
1640 tristate "LZ4HC compression algorithm"
1641 select CRYPTO_ALGAPI
1642 select LZ4HC_COMPRESS
1643 select LZ4_DECOMPRESS
1644 help
1645 This is the LZ4 high compression mode algorithm.
1646
Nick Terrellcc388d22018-03-30 12:14:53 -07001647config CRYPTO_ZSTD
1648 tristate "Zstd compression algorithm"
1649 select CRYPTO_ALGAPI
1650 select CRYPTO_ACOMP2
1651 select ZSTD_COMPRESS
1652 select ZSTD_DECOMPRESS
1653 help
1654 This is the zstd algorithm.
1655
Neil Horman17f0f4a2008-08-14 22:15:52 +10001656comment "Random Number Generation"
1657
1658config CRYPTO_ANSI_CPRNG
1659 tristate "Pseudo Random Number Generation for Cryptographic modules"
1660 select CRYPTO_AES
1661 select CRYPTO_RNG
Neil Horman17f0f4a2008-08-14 22:15:52 +10001662 help
1663 This option enables the generic pseudo random number generator
1664 for cryptographic modules. Uses the Algorithm specified in
Jiri Kosina7dd607e2010-01-27 01:00:10 +01001665 ANSI X9.31 A.2.4. Note that this option must be enabled if
1666 CRYPTO_FIPS is selected
Neil Horman17f0f4a2008-08-14 22:15:52 +10001667
Herbert Xuf2c89a12014-07-04 22:15:08 +08001668menuconfig CRYPTO_DRBG_MENU
Stephan Mueller419090c2014-05-31 17:22:31 +02001669 tristate "NIST SP800-90A DRBG"
Stephan Mueller419090c2014-05-31 17:22:31 +02001670 help
1671 NIST SP800-90A compliant DRBG. In the following submenu, one or
1672 more of the DRBG types must be selected.
1673
Herbert Xuf2c89a12014-07-04 22:15:08 +08001674if CRYPTO_DRBG_MENU
Stephan Mueller419090c2014-05-31 17:22:31 +02001675
1676config CRYPTO_DRBG_HMAC
Herbert Xu401e4232015-06-03 14:49:31 +08001677 bool
Stephan Mueller419090c2014-05-31 17:22:31 +02001678 default y
Stephan Mueller419090c2014-05-31 17:22:31 +02001679 select CRYPTO_HMAC
Herbert Xu826775b2015-06-11 08:55:10 +08001680 select CRYPTO_SHA256
Stephan Mueller419090c2014-05-31 17:22:31 +02001681
1682config CRYPTO_DRBG_HASH
1683 bool "Enable Hash DRBG"
Herbert Xu826775b2015-06-11 08:55:10 +08001684 select CRYPTO_SHA256
Stephan Mueller419090c2014-05-31 17:22:31 +02001685 help
1686 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1687
1688config CRYPTO_DRBG_CTR
1689 bool "Enable CTR DRBG"
Stephan Mueller419090c2014-05-31 17:22:31 +02001690 select CRYPTO_AES
Stephan Mueller35591282016-06-14 07:34:13 +02001691 depends on CRYPTO_CTR
Stephan Mueller419090c2014-05-31 17:22:31 +02001692 help
1693 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1694
Herbert Xuf2c89a12014-07-04 22:15:08 +08001695config CRYPTO_DRBG
1696 tristate
Herbert Xu401e4232015-06-03 14:49:31 +08001697 default CRYPTO_DRBG_MENU
Herbert Xuf2c89a12014-07-04 22:15:08 +08001698 select CRYPTO_RNG
Stephan Muellerbb5530e2015-05-25 15:10:20 +02001699 select CRYPTO_JITTERENTROPY
Herbert Xuf2c89a12014-07-04 22:15:08 +08001700
1701endif # if CRYPTO_DRBG_MENU
Stephan Mueller419090c2014-05-31 17:22:31 +02001702
Stephan Muellerbb5530e2015-05-25 15:10:20 +02001703config CRYPTO_JITTERENTROPY
1704 tristate "Jitterentropy Non-Deterministic Random Number Generator"
Arnd Bergmann2f313e02016-01-26 14:47:10 +01001705 select CRYPTO_RNG
Stephan Muellerbb5530e2015-05-25 15:10:20 +02001706 help
1707 The Jitterentropy RNG is a noise that is intended
1708 to provide seed to another RNG. The RNG does not
1709 perform any cryptographic whitening of the generated
1710 random numbers. This Jitterentropy RNG registers with
1711 the kernel crypto API and can be used by any caller.
1712
Herbert Xu03c8efc2010-10-19 21:12:39 +08001713config CRYPTO_USER_API
1714 tristate
1715
Herbert Xufe869cd2010-10-19 21:23:00 +08001716config CRYPTO_USER_API_HASH
1717 tristate "User-space interface for hash algorithms"
Herbert Xu74517082010-11-29 22:56:03 +08001718 depends on NET
Herbert Xufe869cd2010-10-19 21:23:00 +08001719 select CRYPTO_HASH
1720 select CRYPTO_USER_API
1721 help
1722 This option enables the user-spaces interface for hash
1723 algorithms.
1724
Herbert Xu8ff59092010-10-19 21:31:55 +08001725config CRYPTO_USER_API_SKCIPHER
1726 tristate "User-space interface for symmetric key cipher algorithms"
Herbert Xu74517082010-11-29 22:56:03 +08001727 depends on NET
Herbert Xu8ff59092010-10-19 21:31:55 +08001728 select CRYPTO_BLKCIPHER
1729 select CRYPTO_USER_API
1730 help
1731 This option enables the user-spaces interface for symmetric
1732 key cipher algorithms.
1733
Stephan Mueller2f3755382014-12-25 23:00:39 +01001734config CRYPTO_USER_API_RNG
1735 tristate "User-space interface for random number generator algorithms"
1736 depends on NET
1737 select CRYPTO_RNG
1738 select CRYPTO_USER_API
1739 help
1740 This option enables the user-spaces interface for random
1741 number generator algorithms.
1742
Herbert Xub64a2d92015-05-28 11:30:35 +08001743config CRYPTO_USER_API_AEAD
1744 tristate "User-space interface for AEAD cipher algorithms"
1745 depends on NET
1746 select CRYPTO_AEAD
1747 select CRYPTO_USER_API
1748 help
1749 This option enables the user-spaces interface for AEAD
1750 cipher algorithms.
1751
Dmitry Kasatkinee089972013-05-06 15:40:01 +03001752config CRYPTO_HASH_INFO
1753 bool
1754
Linus Torvalds1da177e2005-04-16 15:20:36 -07001755source "drivers/crypto/Kconfig"
David Howells964f3b32012-09-13 15:17:21 +01001756source crypto/asymmetric_keys/Kconfig
David Howellscfc411e2015-08-14 15:20:41 +01001757source certs/Kconfig
Linus Torvalds1da177e2005-04-16 15:20:36 -07001758
Herbert Xucce9e062006-08-21 21:08:13 +10001759endif # if CRYPTO