blob: 4a3e6b22518947fb4093b36805a0592a772b3173 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001#
Dan Williams685784a2007-07-09 11:56:42 -07002# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
7#
Dan Williams9bc89cd2007-01-02 11:10:44 -07008# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
Linus Torvalds1da177e2005-04-16 15:20:36 -070013# Cryptographic API Configuration
14#
Jan Engelhardt2e290f42007-05-18 15:11:01 +100015menuconfig CRYPTO
Sebastian Siewiorc3715cb92008-03-30 16:36:09 +080016 tristate "Cryptographic API"
Linus Torvalds1da177e2005-04-16 15:20:36 -070017 help
18 This option provides the core Cryptographic API.
19
Herbert Xucce9e062006-08-21 21:08:13 +100020if CRYPTO
21
Sebastian Siewior584fffc2008-04-05 21:04:48 +080022comment "Crypto core or helper"
23
Neil Hormanccb778e2008-08-05 14:13:08 +080024config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 help
27 This options enables the fips boot option which is
28 required if you want to system to operate in a FIPS 200
29 certification. You should say no unless you know what
30 this is.
31
Herbert Xucce9e062006-08-21 21:08:13 +100032config CRYPTO_ALGAPI
33 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110034 select CRYPTO_ALGAPI2
Herbert Xucce9e062006-08-21 21:08:13 +100035 help
36 This option provides the API for cryptographic algorithms.
37
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110038config CRYPTO_ALGAPI2
39 tristate
40
Herbert Xu1ae97822007-08-30 15:36:14 +080041config CRYPTO_AEAD
42 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110043 select CRYPTO_AEAD2
Herbert Xu1ae97822007-08-30 15:36:14 +080044 select CRYPTO_ALGAPI
45
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110046config CRYPTO_AEAD2
47 tristate
48 select CRYPTO_ALGAPI2
49
Herbert Xu5cde0af2006-08-22 00:07:53 +100050config CRYPTO_BLKCIPHER
51 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110052 select CRYPTO_BLKCIPHER2
Herbert Xu5cde0af2006-08-22 00:07:53 +100053 select CRYPTO_ALGAPI
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110054
55config CRYPTO_BLKCIPHER2
56 tristate
57 select CRYPTO_ALGAPI2
58 select CRYPTO_RNG2
Huang Ying0a2e8212009-02-19 14:44:02 +080059 select CRYPTO_WORKQUEUE
Herbert Xu5cde0af2006-08-22 00:07:53 +100060
Herbert Xu055bcee2006-08-19 22:24:23 +100061config CRYPTO_HASH
62 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110063 select CRYPTO_HASH2
Herbert Xu055bcee2006-08-19 22:24:23 +100064 select CRYPTO_ALGAPI
65
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110066config CRYPTO_HASH2
67 tristate
68 select CRYPTO_ALGAPI2
69
Neil Horman17f0f4a2008-08-14 22:15:52 +100070config CRYPTO_RNG
71 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110072 select CRYPTO_RNG2
Neil Horman17f0f4a2008-08-14 22:15:52 +100073 select CRYPTO_ALGAPI
74
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110075config CRYPTO_RNG2
76 tristate
77 select CRYPTO_ALGAPI2
78
Herbert Xu2b8c19d2006-09-21 11:31:44 +100079config CRYPTO_MANAGER
80 tristate "Cryptographic algorithm manager"
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110081 select CRYPTO_MANAGER2
Herbert Xu2b8c19d2006-09-21 11:31:44 +100082 help
83 Create default cryptographic template instantiations such as
84 cbc(aes).
85
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110086config CRYPTO_MANAGER2
87 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
88 select CRYPTO_AEAD2
89 select CRYPTO_HASH2
90 select CRYPTO_BLKCIPHER2
91
Rik Snelc494e072006-11-29 18:59:44 +110092config CRYPTO_GF128MUL
93 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
94 depends on EXPERIMENTAL
95 help
96 Efficient table driven implementation of multiplications in the
97 field GF(2^128). This is needed by some cypher modes. This
98 option will be selected automatically if you select such a
99 cipher mode. Only select this option by hand if you expect to load
100 an external module that requires these functions.
101
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800102config CRYPTO_NULL
103 tristate "Null algorithms"
104 select CRYPTO_ALGAPI
105 select CRYPTO_BLKCIPHER
Herbert Xud35d2452008-11-08 08:09:56 +0800106 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800107 help
108 These are 'Null' algorithms, used by IPsec, which do nothing.
109
Huang Ying25c38d32009-02-19 14:33:40 +0800110config CRYPTO_WORKQUEUE
111 tristate
112
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800113config CRYPTO_CRYPTD
114 tristate "Software async crypto daemon"
Herbert Xudb131ef2006-09-21 11:44:08 +1000115 select CRYPTO_BLKCIPHER
Loc Hob8a28252008-05-14 21:23:00 +0800116 select CRYPTO_HASH
Herbert Xu43518402006-10-16 21:28:58 +1000117 select CRYPTO_MANAGER
Huang Ying254eff72009-02-19 14:42:19 +0800118 select CRYPTO_WORKQUEUE
Herbert Xudb131ef2006-09-21 11:44:08 +1000119 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800120 This is a generic software asynchronous crypto daemon that
121 converts an arbitrary synchronous software crypto algorithm
122 into an asynchronous algorithm that executes in a kernel thread.
123
124config CRYPTO_AUTHENC
125 tristate "Authenc support"
126 select CRYPTO_AEAD
127 select CRYPTO_BLKCIPHER
128 select CRYPTO_MANAGER
129 select CRYPTO_HASH
130 help
131 Authenc: Combined mode wrapper for IPsec.
132 This is required for IPSec.
133
134config CRYPTO_TEST
135 tristate "Testing module"
136 depends on m
Herbert Xuda7f0332008-07-31 17:08:25 +0800137 select CRYPTO_MANAGER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800138 help
139 Quick & dirty crypto test module.
140
141comment "Authenticated Encryption with Associated Data"
142
143config CRYPTO_CCM
144 tristate "CCM support"
145 select CRYPTO_CTR
146 select CRYPTO_AEAD
147 help
148 Support for Counter with CBC MAC. Required for IPsec.
149
150config CRYPTO_GCM
151 tristate "GCM/GMAC support"
152 select CRYPTO_CTR
153 select CRYPTO_AEAD
154 select CRYPTO_GF128MUL
155 help
156 Support for Galois/Counter Mode (GCM) and Galois Message
157 Authentication Code (GMAC). Required for IPSec.
158
159config CRYPTO_SEQIV
160 tristate "Sequence Number IV Generator"
161 select CRYPTO_AEAD
162 select CRYPTO_BLKCIPHER
Herbert Xua0f000e2008-08-14 22:21:31 +1000163 select CRYPTO_RNG
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800164 help
165 This IV generator generates an IV based on a sequence number by
166 xoring it with a salt. This algorithm is mainly useful for CTR
167
168comment "Block modes"
Herbert Xudb131ef2006-09-21 11:44:08 +1000169
170config CRYPTO_CBC
171 tristate "CBC support"
172 select CRYPTO_BLKCIPHER
Herbert Xu43518402006-10-16 21:28:58 +1000173 select CRYPTO_MANAGER
Herbert Xudb131ef2006-09-21 11:44:08 +1000174 help
175 CBC: Cipher Block Chaining mode
176 This block cipher algorithm is required for IPSec.
177
Joy Latten23e353c2007-10-23 08:50:32 +0800178config CRYPTO_CTR
179 tristate "CTR support"
180 select CRYPTO_BLKCIPHER
Herbert Xu0a270322007-11-30 21:38:37 +1100181 select CRYPTO_SEQIV
Joy Latten23e353c2007-10-23 08:50:32 +0800182 select CRYPTO_MANAGER
Joy Latten23e353c2007-10-23 08:50:32 +0800183 help
184 CTR: Counter mode
185 This block cipher algorithm is required for IPSec.
186
Kevin Coffman76cb9522008-03-24 21:26:16 +0800187config CRYPTO_CTS
188 tristate "CTS support"
189 select CRYPTO_BLKCIPHER
190 help
191 CTS: Cipher Text Stealing
192 This is the Cipher Text Stealing mode as described by
193 Section 8 of rfc2040 and referenced by rfc3962.
194 (rfc3962 includes errata information in its Appendix A)
195 This mode is required for Kerberos gss mechanism support
196 for AES encryption.
197
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800198config CRYPTO_ECB
199 tristate "ECB support"
Herbert Xu653ebd92007-11-27 19:48:27 +0800200 select CRYPTO_BLKCIPHER
Herbert Xu124b53d2007-04-16 20:49:20 +1000201 select CRYPTO_MANAGER
202 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800203 ECB: Electronic CodeBook mode
204 This is the simplest block cipher algorithm. It simply encrypts
205 the input block by block.
Herbert Xu124b53d2007-04-16 20:49:20 +1000206
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800207config CRYPTO_LRW
208 tristate "LRW support (EXPERIMENTAL)"
209 depends on EXPERIMENTAL
David Howells90831632006-12-16 12:13:14 +1100210 select CRYPTO_BLKCIPHER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800211 select CRYPTO_MANAGER
212 select CRYPTO_GF128MUL
David Howells90831632006-12-16 12:13:14 +1100213 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800214 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
215 narrow block cipher mode for dm-crypt. Use it with cipher
216 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
217 The first 128, 192 or 256 bits in the key are used for AES and the
218 rest is used to tie each cipher block to its logical position.
David Howells90831632006-12-16 12:13:14 +1100219
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800220config CRYPTO_PCBC
221 tristate "PCBC support"
222 select CRYPTO_BLKCIPHER
223 select CRYPTO_MANAGER
224 help
225 PCBC: Propagating Cipher Block Chaining mode
226 This block cipher algorithm is required for RxRPC.
227
228config CRYPTO_XTS
229 tristate "XTS support (EXPERIMENTAL)"
230 depends on EXPERIMENTAL
231 select CRYPTO_BLKCIPHER
232 select CRYPTO_MANAGER
233 select CRYPTO_GF128MUL
234 help
235 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
236 key size 256, 384 or 512 bits. This implementation currently
237 can't handle a sectorsize which is not a multiple of 16 bytes.
238
239comment "Hash modes"
240
241config CRYPTO_HMAC
242 tristate "HMAC support"
243 select CRYPTO_HASH
244 select CRYPTO_MANAGER
245 help
246 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
247 This is required for IPSec.
248
249config CRYPTO_XCBC
250 tristate "XCBC support"
251 depends on EXPERIMENTAL
252 select CRYPTO_HASH
253 select CRYPTO_MANAGER
254 help
255 XCBC: Keyed-Hashing with encryption algorithm
256 http://www.ietf.org/rfc/rfc3566.txt
257 http://csrc.nist.gov/encryption/modes/proposedmodes/
258 xcbc-mac/xcbc-mac-spec.pdf
259
260comment "Digest"
261
262config CRYPTO_CRC32C
263 tristate "CRC32c CRC algorithm"
Herbert Xu5773a3e2008-07-08 20:54:28 +0800264 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800265 help
266 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
267 by iSCSI for header and data digests and by others.
Herbert Xu69c35ef2008-11-07 15:11:47 +0800268 See Castagnoli93. Module will be crc32c.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800269
Austin Zhang8cb51ba2008-08-07 09:57:03 +0800270config CRYPTO_CRC32C_INTEL
271 tristate "CRC32c INTEL hardware acceleration"
272 depends on X86
273 select CRYPTO_HASH
274 help
275 In Intel processor with SSE4.2 supported, the processor will
276 support CRC32C implementation using hardware accelerated CRC32
277 instruction. This option will create 'crc32c-intel' module,
278 which will enable any routine to use the CRC32 instruction to
279 gain performance compared with software implementation.
280 Module will be crc32c-intel.
281
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800282config CRYPTO_MD4
283 tristate "MD4 digest algorithm"
Adrian-Ken Rueegsegger808a1762008-12-03 19:55:27 +0800284 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700285 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800286 MD4 message digest algorithm (RFC1320).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700287
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800288config CRYPTO_MD5
289 tristate "MD5 digest algorithm"
Adrian-Ken Rueegsegger14b75ba2008-12-03 19:57:12 +0800290 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700291 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800292 MD5 message digest algorithm (RFC1321).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700293
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800294config CRYPTO_MICHAEL_MIC
295 tristate "Michael MIC keyed digest algorithm"
Adrian-Ken Rueegsegger19e2bf12008-12-07 19:35:38 +0800296 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800297 help
298 Michael MIC is used for message integrity protection in TKIP
299 (IEEE 802.11i). This algorithm is required for TKIP, but it
300 should not be used for other purposes because of the weakness
301 of the algorithm.
302
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800303config CRYPTO_RMD128
Adrian Bunkb6d44342008-07-16 19:28:00 +0800304 tristate "RIPEMD-128 digest algorithm"
Herbert Xu7c4468b2008-11-08 09:10:40 +0800305 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800306 help
307 RIPEMD-128 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800308
Adrian Bunkb6d44342008-07-16 19:28:00 +0800309 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
310 to be used as a secure replacement for RIPEMD. For other use cases
311 RIPEMD-160 should be used.
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800312
Adrian Bunkb6d44342008-07-16 19:28:00 +0800313 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
314 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800315
316config CRYPTO_RMD160
Adrian Bunkb6d44342008-07-16 19:28:00 +0800317 tristate "RIPEMD-160 digest algorithm"
Herbert Xue5835fb2008-11-08 09:18:51 +0800318 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800319 help
320 RIPEMD-160 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800321
Adrian Bunkb6d44342008-07-16 19:28:00 +0800322 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
323 to be used as a secure replacement for the 128-bit hash functions
324 MD4, MD5 and it's predecessor RIPEMD
325 (not to be confused with RIPEMD-128).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800326
Adrian Bunkb6d44342008-07-16 19:28:00 +0800327 It's speed is comparable to SHA1 and there are no known attacks
328 against RIPEMD-160.
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800329
Adrian Bunkb6d44342008-07-16 19:28:00 +0800330 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
331 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800332
333config CRYPTO_RMD256
Adrian Bunkb6d44342008-07-16 19:28:00 +0800334 tristate "RIPEMD-256 digest algorithm"
Herbert Xud8a5e2e2008-11-08 09:58:10 +0800335 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800336 help
337 RIPEMD-256 is an optional extension of RIPEMD-128 with a
338 256 bit hash. It is intended for applications that require
339 longer hash-results, without needing a larger security level
340 (than RIPEMD-128).
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800341
Adrian Bunkb6d44342008-07-16 19:28:00 +0800342 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
343 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800344
345config CRYPTO_RMD320
Adrian Bunkb6d44342008-07-16 19:28:00 +0800346 tristate "RIPEMD-320 digest algorithm"
Herbert Xu3b8efb42008-11-08 10:11:09 +0800347 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800348 help
349 RIPEMD-320 is an optional extension of RIPEMD-160 with a
350 320 bit hash. It is intended for applications that require
351 longer hash-results, without needing a larger security level
352 (than RIPEMD-160).
Adrian-Ken Rueegsegger534fe2c2008-05-09 21:30:27 +0800353
Adrian Bunkb6d44342008-07-16 19:28:00 +0800354 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
355 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800356
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800357config CRYPTO_SHA1
358 tristate "SHA1 digest algorithm"
Adrian-Ken Rueegsegger54ccb362008-12-02 21:08:20 +0800359 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800360 help
361 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
362
363config CRYPTO_SHA256
364 tristate "SHA224 and SHA256 digest algorithm"
Adrian-Ken Rueegsegger50e109b2008-12-03 19:57:49 +0800365 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800366 help
367 SHA256 secure hash standard (DFIPS 180-2).
368
369 This version of SHA implements a 256 bit hash with 128 bits of
370 security against collision attacks.
371
Adrian Bunkb6d44342008-07-16 19:28:00 +0800372 This code also includes SHA-224, a 224 bit hash with 112 bits
373 of security against collision attacks.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800374
375config CRYPTO_SHA512
376 tristate "SHA384 and SHA512 digest algorithms"
Adrian-Ken Rueegseggerbd9d20d2008-12-17 16:49:02 +1100377 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800378 help
379 SHA512 secure hash standard (DFIPS 180-2).
380
381 This version of SHA implements a 512 bit hash with 256 bits of
382 security against collision attacks.
383
384 This code also includes SHA-384, a 384 bit hash with 192 bits
385 of security against collision attacks.
386
387config CRYPTO_TGR192
388 tristate "Tiger digest algorithms"
Adrian-Ken Rueegseggerf63fbd32008-12-03 19:58:32 +0800389 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800390 help
391 Tiger hash algorithm 192, 160 and 128-bit hashes
392
393 Tiger is a hash function optimized for 64-bit processors while
394 still having decent performance on 32-bit processors.
395 Tiger was developed by Ross Anderson and Eli Biham.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700396
397 See also:
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800398 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
399
400config CRYPTO_WP512
401 tristate "Whirlpool digest algorithms"
Adrian-Ken Rueegsegger49465102008-12-07 19:34:37 +0800402 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800403 help
404 Whirlpool hash algorithm 512, 384 and 256-bit hashes
405
406 Whirlpool-512 is part of the NESSIE cryptographic primitives.
407 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
408
409 See also:
410 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
411
412comment "Ciphers"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700413
414config CRYPTO_AES
415 tristate "AES cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000416 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700417 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800418 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700419 algorithm.
420
421 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800422 both hardware and software across a wide range of computing
423 environments regardless of its use in feedback or non-feedback
424 modes. Its key setup time is excellent, and its key agility is
425 good. Rijndael's very low memory requirements make it very well
426 suited for restricted-space environments, in which it also
427 demonstrates excellent performance. Rijndael's operations are
428 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700429
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800430 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700431
432 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
433
434config CRYPTO_AES_586
435 tristate "AES cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000436 depends on (X86 || UML_X86) && !64BIT
437 select CRYPTO_ALGAPI
Sebastian Siewior5157dea2007-11-10 19:07:16 +0800438 select CRYPTO_AES
Linus Torvalds1da177e2005-04-16 15:20:36 -0700439 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800440 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700441 algorithm.
442
443 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800444 both hardware and software across a wide range of computing
445 environments regardless of its use in feedback or non-feedback
446 modes. Its key setup time is excellent, and its key agility is
447 good. Rijndael's very low memory requirements make it very well
448 suited for restricted-space environments, in which it also
449 demonstrates excellent performance. Rijndael's operations are
450 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700451
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800452 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700453
454 See <http://csrc.nist.gov/encryption/aes/> for more information.
455
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700456config CRYPTO_AES_X86_64
457 tristate "AES cipher algorithms (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000458 depends on (X86 || UML_X86) && 64BIT
459 select CRYPTO_ALGAPI
Sebastian Siewior81190b32007-11-08 21:25:04 +0800460 select CRYPTO_AES
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700461 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800462 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700463 algorithm.
464
465 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800466 both hardware and software across a wide range of computing
467 environments regardless of its use in feedback or non-feedback
468 modes. Its key setup time is excellent, and its key agility is
469 good. Rijndael's very low memory requirements make it very well
470 suited for restricted-space environments, in which it also
471 demonstrates excellent performance. Rijndael's operations are
472 among the easiest to defend against power and timing attacks.
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700473
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800474 The AES specifies three key sizes: 128, 192 and 256 bits
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700475
476 See <http://csrc.nist.gov/encryption/aes/> for more information.
477
Huang Ying54b6a1b2009-01-18 16:28:34 +1100478config CRYPTO_AES_NI_INTEL
479 tristate "AES cipher algorithms (AES-NI)"
480 depends on (X86 || UML_X86) && 64BIT
481 select CRYPTO_AES_X86_64
482 select CRYPTO_CRYPTD
483 select CRYPTO_ALGAPI
484 help
485 Use Intel AES-NI instructions for AES algorithm.
486
487 AES cipher algorithms (FIPS-197). AES uses the Rijndael
488 algorithm.
489
490 Rijndael appears to be consistently a very good performer in
491 both hardware and software across a wide range of computing
492 environments regardless of its use in feedback or non-feedback
493 modes. Its key setup time is excellent, and its key agility is
494 good. Rijndael's very low memory requirements make it very well
495 suited for restricted-space environments, in which it also
496 demonstrates excellent performance. Rijndael's operations are
497 among the easiest to defend against power and timing attacks.
498
499 The AES specifies three key sizes: 128, 192 and 256 bits
500
501 See <http://csrc.nist.gov/encryption/aes/> for more information.
502
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800503config CRYPTO_ANUBIS
504 tristate "Anubis cipher algorithm"
505 select CRYPTO_ALGAPI
506 help
507 Anubis cipher algorithm.
508
509 Anubis is a variable key length cipher which can use keys from
510 128 bits to 320 bits in length. It was evaluated as a entrant
511 in the NESSIE competition.
512
513 See also:
514 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
515 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
516
517config CRYPTO_ARC4
518 tristate "ARC4 cipher algorithm"
519 select CRYPTO_ALGAPI
520 help
521 ARC4 cipher algorithm.
522
523 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
524 bits in length. This algorithm is required for driver-based
525 WEP, but it should not be for other purposes because of the
526 weakness of the algorithm.
527
528config CRYPTO_BLOWFISH
529 tristate "Blowfish cipher algorithm"
530 select CRYPTO_ALGAPI
531 help
532 Blowfish cipher algorithm, by Bruce Schneier.
533
534 This is a variable key length cipher which can use keys from 32
535 bits to 448 bits in length. It's fast, simple and specifically
536 designed for use on "large microprocessors".
537
538 See also:
539 <http://www.schneier.com/blowfish.html>
540
541config CRYPTO_CAMELLIA
542 tristate "Camellia cipher algorithms"
543 depends on CRYPTO
544 select CRYPTO_ALGAPI
545 help
546 Camellia cipher algorithms module.
547
548 Camellia is a symmetric key block cipher developed jointly
549 at NTT and Mitsubishi Electric Corporation.
550
551 The Camellia specifies three key sizes: 128, 192 and 256 bits.
552
553 See also:
554 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
555
Linus Torvalds1da177e2005-04-16 15:20:36 -0700556config CRYPTO_CAST5
557 tristate "CAST5 (CAST-128) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000558 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700559 help
560 The CAST5 encryption algorithm (synonymous with CAST-128) is
561 described in RFC2144.
562
563config CRYPTO_CAST6
564 tristate "CAST6 (CAST-256) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000565 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700566 help
567 The CAST6 encryption algorithm (synonymous with CAST-256) is
568 described in RFC2612.
569
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800570config CRYPTO_DES
571 tristate "DES and Triple DES EDE cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000572 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700573 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800574 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700575
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800576config CRYPTO_FCRYPT
577 tristate "FCrypt cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000578 select CRYPTO_ALGAPI
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800579 select CRYPTO_BLKCIPHER
Linus Torvalds1da177e2005-04-16 15:20:36 -0700580 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800581 FCrypt algorithm used by RxRPC.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700582
583config CRYPTO_KHAZAD
584 tristate "Khazad cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000585 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700586 help
587 Khazad cipher algorithm.
588
589 Khazad was a finalist in the initial NESSIE competition. It is
590 an algorithm optimized for 64-bit processors with good performance
591 on 32-bit processors. Khazad uses an 128 bit key size.
592
593 See also:
594 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
595
Tan Swee Heng2407d602007-11-23 19:45:00 +0800596config CRYPTO_SALSA20
597 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
598 depends on EXPERIMENTAL
599 select CRYPTO_BLKCIPHER
600 help
601 Salsa20 stream cipher algorithm.
602
603 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
604 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
605
606 The Salsa20 stream cipher algorithm is designed by Daniel J.
607 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700608
Tan Swee Heng974e4b72007-12-10 15:52:56 +0800609config CRYPTO_SALSA20_586
610 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
611 depends on (X86 || UML_X86) && !64BIT
612 depends on EXPERIMENTAL
613 select CRYPTO_BLKCIPHER
Tan Swee Heng974e4b72007-12-10 15:52:56 +0800614 help
615 Salsa20 stream cipher algorithm.
616
617 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
618 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
619
620 The Salsa20 stream cipher algorithm is designed by Daniel J.
621 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
622
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +0800623config CRYPTO_SALSA20_X86_64
624 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
625 depends on (X86 || UML_X86) && 64BIT
626 depends on EXPERIMENTAL
627 select CRYPTO_BLKCIPHER
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +0800628 help
629 Salsa20 stream cipher algorithm.
630
631 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
632 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
633
634 The Salsa20 stream cipher algorithm is designed by Daniel J.
635 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
636
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800637config CRYPTO_SEED
638 tristate "SEED cipher algorithm"
639 select CRYPTO_ALGAPI
640 help
641 SEED cipher algorithm (RFC4269).
642
643 SEED is a 128-bit symmetric key block cipher that has been
644 developed by KISA (Korea Information Security Agency) as a
645 national standard encryption algorithm of the Republic of Korea.
646 It is a 16 round block cipher with the key size of 128 bit.
647
648 See also:
649 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
650
651config CRYPTO_SERPENT
652 tristate "Serpent cipher algorithm"
653 select CRYPTO_ALGAPI
654 help
655 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
656
657 Keys are allowed to be from 0 to 256 bits in length, in steps
658 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
659 variant of Serpent for compatibility with old kerneli.org code.
660
661 See also:
662 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
663
664config CRYPTO_TEA
665 tristate "TEA, XTEA and XETA cipher algorithms"
666 select CRYPTO_ALGAPI
667 help
668 TEA cipher algorithm.
669
670 Tiny Encryption Algorithm is a simple cipher that uses
671 many rounds for security. It is very fast and uses
672 little memory.
673
674 Xtendend Tiny Encryption Algorithm is a modification to
675 the TEA algorithm to address a potential key weakness
676 in the TEA algorithm.
677
678 Xtendend Encryption Tiny Algorithm is a mis-implementation
679 of the XTEA algorithm for compatibility purposes.
680
681config CRYPTO_TWOFISH
682 tristate "Twofish cipher algorithm"
683 select CRYPTO_ALGAPI
684 select CRYPTO_TWOFISH_COMMON
685 help
686 Twofish cipher algorithm.
687
688 Twofish was submitted as an AES (Advanced Encryption Standard)
689 candidate cipher by researchers at CounterPane Systems. It is a
690 16 round block cipher supporting key sizes of 128, 192, and 256
691 bits.
692
693 See also:
694 <http://www.schneier.com/twofish.html>
695
696config CRYPTO_TWOFISH_COMMON
697 tristate
698 help
699 Common parts of the Twofish cipher algorithm shared by the
700 generic c and the assembler implementations.
701
702config CRYPTO_TWOFISH_586
703 tristate "Twofish cipher algorithms (i586)"
704 depends on (X86 || UML_X86) && !64BIT
705 select CRYPTO_ALGAPI
706 select CRYPTO_TWOFISH_COMMON
707 help
708 Twofish cipher algorithm.
709
710 Twofish was submitted as an AES (Advanced Encryption Standard)
711 candidate cipher by researchers at CounterPane Systems. It is a
712 16 round block cipher supporting key sizes of 128, 192, and 256
713 bits.
714
715 See also:
716 <http://www.schneier.com/twofish.html>
717
718config CRYPTO_TWOFISH_X86_64
719 tristate "Twofish cipher algorithm (x86_64)"
720 depends on (X86 || UML_X86) && 64BIT
721 select CRYPTO_ALGAPI
722 select CRYPTO_TWOFISH_COMMON
723 help
724 Twofish cipher algorithm (x86_64).
725
726 Twofish was submitted as an AES (Advanced Encryption Standard)
727 candidate cipher by researchers at CounterPane Systems. It is a
728 16 round block cipher supporting key sizes of 128, 192, and 256
729 bits.
730
731 See also:
732 <http://www.schneier.com/twofish.html>
733
734comment "Compression"
735
Linus Torvalds1da177e2005-04-16 15:20:36 -0700736config CRYPTO_DEFLATE
737 tristate "Deflate compression algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +1000738 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700739 select ZLIB_INFLATE
740 select ZLIB_DEFLATE
741 help
742 This is the Deflate algorithm (RFC1951), specified for use in
743 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800744
Linus Torvalds1da177e2005-04-16 15:20:36 -0700745 You will most probably want this if using IPSec.
746
Zoltan Sogor0b77abb2007-12-07 16:53:23 +0800747config CRYPTO_LZO
748 tristate "LZO compression algorithm"
749 select CRYPTO_ALGAPI
750 select LZO_COMPRESS
751 select LZO_DECOMPRESS
752 help
753 This is the LZO algorithm.
754
Neil Horman17f0f4a2008-08-14 22:15:52 +1000755comment "Random Number Generation"
756
757config CRYPTO_ANSI_CPRNG
758 tristate "Pseudo Random Number Generation for Cryptographic modules"
759 select CRYPTO_AES
760 select CRYPTO_RNG
761 select CRYPTO_FIPS
762 help
763 This option enables the generic pseudo random number generator
764 for cryptographic modules. Uses the Algorithm specified in
765 ANSI X9.31 A.2.4
766
Linus Torvalds1da177e2005-04-16 15:20:36 -0700767source "drivers/crypto/Kconfig"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700768
Herbert Xucce9e062006-08-21 21:08:13 +1000769endif # if CRYPTO