Root/crypto/Kconfig

Source at commit b386be689295730688885552666ea40b2e639b14 created 11 years 11 months ago.
By Maarten ter Huurne, Revert "MIPS: JZ4740: reset: Initialize hibernate wakeup counters."
1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5    tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16    tristate "Cryptographic API"
17    help
18      This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25    bool "FIPS 200 compliance"
26    depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
27    help
28      This options enables the fips boot option which is
29      required if you want to system to operate in a FIPS 200
30      certification. You should say no unless you know what
31      this is.
32
33config CRYPTO_ALGAPI
34    tristate
35    select CRYPTO_ALGAPI2
36    help
37      This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40    tristate
41
42config CRYPTO_AEAD
43    tristate
44    select CRYPTO_AEAD2
45    select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48    tristate
49    select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52    tristate
53    select CRYPTO_BLKCIPHER2
54    select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57    tristate
58    select CRYPTO_ALGAPI2
59    select CRYPTO_RNG2
60    select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63    tristate
64    select CRYPTO_HASH2
65    select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68    tristate
69    select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72    tristate
73    select CRYPTO_RNG2
74    select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77    tristate
78    select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81    tristate
82    select CRYPTO_PCOMP2
83    select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86    tristate
87    select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90    tristate "Cryptographic algorithm manager"
91    select CRYPTO_MANAGER2
92    help
93      Create default cryptographic template instantiations such as
94      cbc(aes).
95
96config CRYPTO_MANAGER2
97    def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98    select CRYPTO_AEAD2
99    select CRYPTO_HASH2
100    select CRYPTO_BLKCIPHER2
101    select CRYPTO_PCOMP2
102
103config CRYPTO_USER
104    tristate "Userspace cryptographic algorithm configuration"
105    depends on NET
106    select CRYPTO_MANAGER
107    help
108      Userspace configuration for cryptographic instantiations such as
109      cbc(aes).
110
111config CRYPTO_MANAGER_DISABLE_TESTS
112    bool "Disable run-time self tests"
113    default y
114    depends on CRYPTO_MANAGER2
115    help
116      Disable run-time self tests that normally take place at
117      algorithm registration.
118
119config CRYPTO_GF128MUL
120    tristate "GF(2^128) multiplication functions"
121    help
122      Efficient table driven implementation of multiplications in the
123      field GF(2^128). This is needed by some cypher modes. This
124      option will be selected automatically if you select such a
125      cipher mode. Only select this option by hand if you expect to load
126      an external module that requires these functions.
127
128config CRYPTO_NULL
129    tristate "Null algorithms"
130    select CRYPTO_ALGAPI
131    select CRYPTO_BLKCIPHER
132    select CRYPTO_HASH
133    help
134      These are 'Null' algorithms, used by IPsec, which do nothing.
135
136config CRYPTO_PCRYPT
137    tristate "Parallel crypto engine (EXPERIMENTAL)"
138    depends on SMP && EXPERIMENTAL
139    select PADATA
140    select CRYPTO_MANAGER
141    select CRYPTO_AEAD
142    help
143      This converts an arbitrary crypto algorithm into a parallel
144      algorithm that executes in kernel threads.
145
146config CRYPTO_WORKQUEUE
147       tristate
148
149config CRYPTO_CRYPTD
150    tristate "Software async crypto daemon"
151    select CRYPTO_BLKCIPHER
152    select CRYPTO_HASH
153    select CRYPTO_MANAGER
154    select CRYPTO_WORKQUEUE
155    help
156      This is a generic software asynchronous crypto daemon that
157      converts an arbitrary synchronous software crypto algorithm
158      into an asynchronous algorithm that executes in a kernel thread.
159
160config CRYPTO_AUTHENC
161    tristate "Authenc support"
162    select CRYPTO_AEAD
163    select CRYPTO_BLKCIPHER
164    select CRYPTO_MANAGER
165    select CRYPTO_HASH
166    help
167      Authenc: Combined mode wrapper for IPsec.
168      This is required for IPSec.
169
170config CRYPTO_TEST
171    tristate "Testing module"
172    depends on m
173    select CRYPTO_MANAGER
174    help
175      Quick & dirty crypto test module.
176
177comment "Authenticated Encryption with Associated Data"
178
179config CRYPTO_CCM
180    tristate "CCM support"
181    select CRYPTO_CTR
182    select CRYPTO_AEAD
183    help
184      Support for Counter with CBC MAC. Required for IPsec.
185
186config CRYPTO_GCM
187    tristate "GCM/GMAC support"
188    select CRYPTO_CTR
189    select CRYPTO_AEAD
190    select CRYPTO_GHASH
191    help
192      Support for Galois/Counter Mode (GCM) and Galois Message
193      Authentication Code (GMAC). Required for IPSec.
194
195config CRYPTO_SEQIV
196    tristate "Sequence Number IV Generator"
197    select CRYPTO_AEAD
198    select CRYPTO_BLKCIPHER
199    select CRYPTO_RNG
200    help
201      This IV generator generates an IV based on a sequence number by
202      xoring it with a salt. This algorithm is mainly useful for CTR
203
204comment "Block modes"
205
206config CRYPTO_CBC
207    tristate "CBC support"
208    select CRYPTO_BLKCIPHER
209    select CRYPTO_MANAGER
210    help
211      CBC: Cipher Block Chaining mode
212      This block cipher algorithm is required for IPSec.
213
214config CRYPTO_CTR
215    tristate "CTR support"
216    select CRYPTO_BLKCIPHER
217    select CRYPTO_SEQIV
218    select CRYPTO_MANAGER
219    help
220      CTR: Counter mode
221      This block cipher algorithm is required for IPSec.
222
223config CRYPTO_CTS
224    tristate "CTS support"
225    select CRYPTO_BLKCIPHER
226    help
227      CTS: Cipher Text Stealing
228      This is the Cipher Text Stealing mode as described by
229      Section 8 of rfc2040 and referenced by rfc3962.
230      (rfc3962 includes errata information in its Appendix A)
231      This mode is required for Kerberos gss mechanism support
232      for AES encryption.
233
234config CRYPTO_ECB
235    tristate "ECB support"
236    select CRYPTO_BLKCIPHER
237    select CRYPTO_MANAGER
238    help
239      ECB: Electronic CodeBook mode
240      This is the simplest block cipher algorithm. It simply encrypts
241      the input block by block.
242
243config CRYPTO_LRW
244    tristate "LRW support"
245    select CRYPTO_BLKCIPHER
246    select CRYPTO_MANAGER
247    select CRYPTO_GF128MUL
248    help
249      LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
250      narrow block cipher mode for dm-crypt. Use it with cipher
251      specification string aes-lrw-benbi, the key must be 256, 320 or 384.
252      The first 128, 192 or 256 bits in the key are used for AES and the
253      rest is used to tie each cipher block to its logical position.
254
255config CRYPTO_PCBC
256    tristate "PCBC support"
257    select CRYPTO_BLKCIPHER
258    select CRYPTO_MANAGER
259    help
260      PCBC: Propagating Cipher Block Chaining mode
261      This block cipher algorithm is required for RxRPC.
262
263config CRYPTO_XTS
264    tristate "XTS support"
265    select CRYPTO_BLKCIPHER
266    select CRYPTO_MANAGER
267    select CRYPTO_GF128MUL
268    help
269      XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
270      key size 256, 384 or 512 bits. This implementation currently
271      can't handle a sectorsize which is not a multiple of 16 bytes.
272
273comment "Hash modes"
274
275config CRYPTO_HMAC
276    tristate "HMAC support"
277    select CRYPTO_HASH
278    select CRYPTO_MANAGER
279    help
280      HMAC: Keyed-Hashing for Message Authentication (RFC2104).
281      This is required for IPSec.
282
283config CRYPTO_XCBC
284    tristate "XCBC support"
285    depends on EXPERIMENTAL
286    select CRYPTO_HASH
287    select CRYPTO_MANAGER
288    help
289      XCBC: Keyed-Hashing with encryption algorithm
290        http://www.ietf.org/rfc/rfc3566.txt
291        http://csrc.nist.gov/encryption/modes/proposedmodes/
292         xcbc-mac/xcbc-mac-spec.pdf
293
294config CRYPTO_VMAC
295    tristate "VMAC support"
296    depends on EXPERIMENTAL
297    select CRYPTO_HASH
298    select CRYPTO_MANAGER
299    help
300      VMAC is a message authentication algorithm designed for
301      very high speed on 64-bit architectures.
302
303      See also:
304      <http://fastcrypto.org/vmac>
305
306comment "Digest"
307
308config CRYPTO_CRC32C
309    tristate "CRC32c CRC algorithm"
310    select CRYPTO_HASH
311    help
312      Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
313      by iSCSI for header and data digests and by others.
314      See Castagnoli93. Module will be crc32c.
315
316config CRYPTO_CRC32C_INTEL
317    tristate "CRC32c INTEL hardware acceleration"
318    depends on X86
319    select CRYPTO_HASH
320    help
321      In Intel processor with SSE4.2 supported, the processor will
322      support CRC32C implementation using hardware accelerated CRC32
323      instruction. This option will create 'crc32c-intel' module,
324      which will enable any routine to use the CRC32 instruction to
325      gain performance compared with software implementation.
326      Module will be crc32c-intel.
327
328config CRYPTO_GHASH
329    tristate "GHASH digest algorithm"
330    select CRYPTO_GF128MUL
331    help
332      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
333
334config CRYPTO_MD4
335    tristate "MD4 digest algorithm"
336    select CRYPTO_HASH
337    help
338      MD4 message digest algorithm (RFC1320).
339
340config CRYPTO_MD5
341    tristate "MD5 digest algorithm"
342    select CRYPTO_HASH
343    help
344      MD5 message digest algorithm (RFC1321).
345
346config CRYPTO_MICHAEL_MIC
347    tristate "Michael MIC keyed digest algorithm"
348    select CRYPTO_HASH
349    help
350      Michael MIC is used for message integrity protection in TKIP
351      (IEEE 802.11i). This algorithm is required for TKIP, but it
352      should not be used for other purposes because of the weakness
353      of the algorithm.
354
355config CRYPTO_RMD128
356    tristate "RIPEMD-128 digest algorithm"
357    select CRYPTO_HASH
358    help
359      RIPEMD-128 (ISO/IEC 10118-3:2004).
360
361      RIPEMD-128 is a 128-bit cryptographic hash function. It should only
362      be used as a secure replacement for RIPEMD. For other use cases,
363      RIPEMD-160 should be used.
364
365      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
366      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
367
368config CRYPTO_RMD160
369    tristate "RIPEMD-160 digest algorithm"
370    select CRYPTO_HASH
371    help
372      RIPEMD-160 (ISO/IEC 10118-3:2004).
373
374      RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
375      to be used as a secure replacement for the 128-bit hash functions
376      MD4, MD5 and it's predecessor RIPEMD
377      (not to be confused with RIPEMD-128).
378
379      It's speed is comparable to SHA1 and there are no known attacks
380      against RIPEMD-160.
381
382      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
383      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
384
385config CRYPTO_RMD256
386    tristate "RIPEMD-256 digest algorithm"
387    select CRYPTO_HASH
388    help
389      RIPEMD-256 is an optional extension of RIPEMD-128 with a
390      256 bit hash. It is intended for applications that require
391      longer hash-results, without needing a larger security level
392      (than RIPEMD-128).
393
394      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
395      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
396
397config CRYPTO_RMD320
398    tristate "RIPEMD-320 digest algorithm"
399    select CRYPTO_HASH
400    help
401      RIPEMD-320 is an optional extension of RIPEMD-160 with a
402      320 bit hash. It is intended for applications that require
403      longer hash-results, without needing a larger security level
404      (than RIPEMD-160).
405
406      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
407      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
408
409config CRYPTO_SHA1
410    tristate "SHA1 digest algorithm"
411    select CRYPTO_HASH
412    help
413      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
414
415config CRYPTO_SHA1_SSSE3
416    tristate "SHA1 digest algorithm (SSSE3/AVX)"
417    depends on X86 && 64BIT
418    select CRYPTO_SHA1
419    select CRYPTO_HASH
420    help
421      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
422      using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
423      Extensions (AVX), when available.
424
425config CRYPTO_SHA256
426    tristate "SHA224 and SHA256 digest algorithm"
427    select CRYPTO_HASH
428    help
429      SHA256 secure hash standard (DFIPS 180-2).
430
431      This version of SHA implements a 256 bit hash with 128 bits of
432      security against collision attacks.
433
434      This code also includes SHA-224, a 224 bit hash with 112 bits
435      of security against collision attacks.
436
437config CRYPTO_SHA512
438    tristate "SHA384 and SHA512 digest algorithms"
439    select CRYPTO_HASH
440    help
441      SHA512 secure hash standard (DFIPS 180-2).
442
443      This version of SHA implements a 512 bit hash with 256 bits of
444      security against collision attacks.
445
446      This code also includes SHA-384, a 384 bit hash with 192 bits
447      of security against collision attacks.
448
449config CRYPTO_TGR192
450    tristate "Tiger digest algorithms"
451    select CRYPTO_HASH
452    help
453      Tiger hash algorithm 192, 160 and 128-bit hashes
454
455      Tiger is a hash function optimized for 64-bit processors while
456      still having decent performance on 32-bit processors.
457      Tiger was developed by Ross Anderson and Eli Biham.
458
459      See also:
460      <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
461
462config CRYPTO_WP512
463    tristate "Whirlpool digest algorithms"
464    select CRYPTO_HASH
465    help
466      Whirlpool hash algorithm 512, 384 and 256-bit hashes
467
468      Whirlpool-512 is part of the NESSIE cryptographic primitives.
469      Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
470
471      See also:
472      <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
473
474config CRYPTO_GHASH_CLMUL_NI_INTEL
475    tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
476    depends on X86 && 64BIT
477    select CRYPTO_CRYPTD
478    help
479      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
480      The implementation is accelerated by CLMUL-NI of Intel.
481
482comment "Ciphers"
483
484config CRYPTO_AES
485    tristate "AES cipher algorithms"
486    select CRYPTO_ALGAPI
487    help
488      AES cipher algorithms (FIPS-197). AES uses the Rijndael
489      algorithm.
490
491      Rijndael appears to be consistently a very good performer in
492      both hardware and software across a wide range of computing
493      environments regardless of its use in feedback or non-feedback
494      modes. Its key setup time is excellent, and its key agility is
495      good. Rijndael's very low memory requirements make it very well
496      suited for restricted-space environments, in which it also
497      demonstrates excellent performance. Rijndael's operations are
498      among the easiest to defend against power and timing attacks.
499
500      The AES specifies three key sizes: 128, 192 and 256 bits
501
502      See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
503
504config CRYPTO_AES_586
505    tristate "AES cipher algorithms (i586)"
506    depends on (X86 || UML_X86) && !64BIT
507    select CRYPTO_ALGAPI
508    select CRYPTO_AES
509    help
510      AES cipher algorithms (FIPS-197). AES uses the Rijndael
511      algorithm.
512
513      Rijndael appears to be consistently a very good performer in
514      both hardware and software across a wide range of computing
515      environments regardless of its use in feedback or non-feedback
516      modes. Its key setup time is excellent, and its key agility is
517      good. Rijndael's very low memory requirements make it very well
518      suited for restricted-space environments, in which it also
519      demonstrates excellent performance. Rijndael's operations are
520      among the easiest to defend against power and timing attacks.
521
522      The AES specifies three key sizes: 128, 192 and 256 bits
523
524      See <http://csrc.nist.gov/encryption/aes/> for more information.
525
526config CRYPTO_AES_X86_64
527    tristate "AES cipher algorithms (x86_64)"
528    depends on (X86 || UML_X86) && 64BIT
529    select CRYPTO_ALGAPI
530    select CRYPTO_AES
531    help
532      AES cipher algorithms (FIPS-197). AES uses the Rijndael
533      algorithm.
534
535      Rijndael appears to be consistently a very good performer in
536      both hardware and software across a wide range of computing
537      environments regardless of its use in feedback or non-feedback
538      modes. Its key setup time is excellent, and its key agility is
539      good. Rijndael's very low memory requirements make it very well
540      suited for restricted-space environments, in which it also
541      demonstrates excellent performance. Rijndael's operations are
542      among the easiest to defend against power and timing attacks.
543
544      The AES specifies three key sizes: 128, 192 and 256 bits
545
546      See <http://csrc.nist.gov/encryption/aes/> for more information.
547
548config CRYPTO_AES_NI_INTEL
549    tristate "AES cipher algorithms (AES-NI)"
550    depends on X86
551    select CRYPTO_AES_X86_64 if 64BIT
552    select CRYPTO_AES_586 if !64BIT
553    select CRYPTO_CRYPTD
554    select CRYPTO_ALGAPI
555    help
556      Use Intel AES-NI instructions for AES algorithm.
557
558      AES cipher algorithms (FIPS-197). AES uses the Rijndael
559      algorithm.
560
561      Rijndael appears to be consistently a very good performer in
562      both hardware and software across a wide range of computing
563      environments regardless of its use in feedback or non-feedback
564      modes. Its key setup time is excellent, and its key agility is
565      good. Rijndael's very low memory requirements make it very well
566      suited for restricted-space environments, in which it also
567      demonstrates excellent performance. Rijndael's operations are
568      among the easiest to defend against power and timing attacks.
569
570      The AES specifies three key sizes: 128, 192 and 256 bits
571
572      See <http://csrc.nist.gov/encryption/aes/> for more information.
573
574      In addition to AES cipher algorithm support, the acceleration
575      for some popular block cipher mode is supported too, including
576      ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
577      acceleration for CTR.
578
579config CRYPTO_ANUBIS
580    tristate "Anubis cipher algorithm"
581    select CRYPTO_ALGAPI
582    help
583      Anubis cipher algorithm.
584
585      Anubis is a variable key length cipher which can use keys from
586      128 bits to 320 bits in length. It was evaluated as a entrant
587      in the NESSIE competition.
588
589      See also:
590      <https://www.cosic.esat.kuleuven.be/nessie/reports/>
591      <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
592
593config CRYPTO_ARC4
594    tristate "ARC4 cipher algorithm"
595    select CRYPTO_ALGAPI
596    help
597      ARC4 cipher algorithm.
598
599      ARC4 is a stream cipher using keys ranging from 8 bits to 2048
600      bits in length. This algorithm is required for driver-based
601      WEP, but it should not be for other purposes because of the
602      weakness of the algorithm.
603
604config CRYPTO_BLOWFISH
605    tristate "Blowfish cipher algorithm"
606    select CRYPTO_ALGAPI
607    select CRYPTO_BLOWFISH_COMMON
608    help
609      Blowfish cipher algorithm, by Bruce Schneier.
610
611      This is a variable key length cipher which can use keys from 32
612      bits to 448 bits in length. It's fast, simple and specifically
613      designed for use on "large microprocessors".
614
615      See also:
616      <http://www.schneier.com/blowfish.html>
617
618config CRYPTO_BLOWFISH_COMMON
619    tristate
620    help
621      Common parts of the Blowfish cipher algorithm shared by the
622      generic c and the assembler implementations.
623
624      See also:
625      <http://www.schneier.com/blowfish.html>
626
627config CRYPTO_BLOWFISH_X86_64
628    tristate "Blowfish cipher algorithm (x86_64)"
629    depends on (X86 || UML_X86) && 64BIT
630    select CRYPTO_ALGAPI
631    select CRYPTO_BLOWFISH_COMMON
632    help
633      Blowfish cipher algorithm (x86_64), by Bruce Schneier.
634
635      This is a variable key length cipher which can use keys from 32
636      bits to 448 bits in length. It's fast, simple and specifically
637      designed for use on "large microprocessors".
638
639      See also:
640      <http://www.schneier.com/blowfish.html>
641
642config CRYPTO_CAMELLIA
643    tristate "Camellia cipher algorithms"
644    depends on CRYPTO
645    select CRYPTO_ALGAPI
646    help
647      Camellia cipher algorithms module.
648
649      Camellia is a symmetric key block cipher developed jointly
650      at NTT and Mitsubishi Electric Corporation.
651
652      The Camellia specifies three key sizes: 128, 192 and 256 bits.
653
654      See also:
655      <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
656
657config CRYPTO_CAST5
658    tristate "CAST5 (CAST-128) cipher algorithm"
659    select CRYPTO_ALGAPI
660    help
661      The CAST5 encryption algorithm (synonymous with CAST-128) is
662      described in RFC2144.
663
664config CRYPTO_CAST6
665    tristate "CAST6 (CAST-256) cipher algorithm"
666    select CRYPTO_ALGAPI
667    help
668      The CAST6 encryption algorithm (synonymous with CAST-256) is
669      described in RFC2612.
670
671config CRYPTO_DES
672    tristate "DES and Triple DES EDE cipher algorithms"
673    select CRYPTO_ALGAPI
674    help
675      DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
676
677config CRYPTO_FCRYPT
678    tristate "FCrypt cipher algorithm"
679    select CRYPTO_ALGAPI
680    select CRYPTO_BLKCIPHER
681    help
682      FCrypt algorithm used by RxRPC.
683
684config CRYPTO_KHAZAD
685    tristate "Khazad cipher algorithm"
686    select CRYPTO_ALGAPI
687    help
688      Khazad cipher algorithm.
689
690      Khazad was a finalist in the initial NESSIE competition. It is
691      an algorithm optimized for 64-bit processors with good performance
692      on 32-bit processors. Khazad uses an 128 bit key size.
693
694      See also:
695      <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
696
697config CRYPTO_SALSA20
698    tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
699    depends on EXPERIMENTAL
700    select CRYPTO_BLKCIPHER
701    help
702      Salsa20 stream cipher algorithm.
703
704      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
705      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
706
707      The Salsa20 stream cipher algorithm is designed by Daniel J.
708      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
709
710config CRYPTO_SALSA20_586
711    tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
712    depends on (X86 || UML_X86) && !64BIT
713    depends on EXPERIMENTAL
714    select CRYPTO_BLKCIPHER
715    help
716      Salsa20 stream cipher algorithm.
717
718      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
719      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
720
721      The Salsa20 stream cipher algorithm is designed by Daniel J.
722      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
723
724config CRYPTO_SALSA20_X86_64
725    tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
726    depends on (X86 || UML_X86) && 64BIT
727    depends on EXPERIMENTAL
728    select CRYPTO_BLKCIPHER
729    help
730      Salsa20 stream cipher algorithm.
731
732      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
733      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
734
735      The Salsa20 stream cipher algorithm is designed by Daniel J.
736      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
737
738config CRYPTO_SEED
739    tristate "SEED cipher algorithm"
740    select CRYPTO_ALGAPI
741    help
742      SEED cipher algorithm (RFC4269).
743
744      SEED is a 128-bit symmetric key block cipher that has been
745      developed by KISA (Korea Information Security Agency) as a
746      national standard encryption algorithm of the Republic of Korea.
747      It is a 16 round block cipher with the key size of 128 bit.
748
749      See also:
750      <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
751
752config CRYPTO_SERPENT
753    tristate "Serpent cipher algorithm"
754    select CRYPTO_ALGAPI
755    help
756      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
757
758      Keys are allowed to be from 0 to 256 bits in length, in steps
759      of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
760      variant of Serpent for compatibility with old kerneli.org code.
761
762      See also:
763      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
764
765config CRYPTO_SERPENT_SSE2_X86_64
766    tristate "Serpent cipher algorithm (x86_64/SSE2)"
767    depends on X86 && 64BIT
768    select CRYPTO_ALGAPI
769    select CRYPTO_CRYPTD
770    select CRYPTO_SERPENT
771    select CRYPTO_LRW
772    select CRYPTO_XTS
773    help
774      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
775
776      Keys are allowed to be from 0 to 256 bits in length, in steps
777      of 8 bits.
778
779      This module provides Serpent cipher algorithm that processes eigth
780      blocks parallel using SSE2 instruction set.
781
782      See also:
783      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
784
785config CRYPTO_SERPENT_SSE2_586
786    tristate "Serpent cipher algorithm (i586/SSE2)"
787    depends on X86 && !64BIT
788    select CRYPTO_ALGAPI
789    select CRYPTO_CRYPTD
790    select CRYPTO_SERPENT
791    select CRYPTO_LRW
792    select CRYPTO_XTS
793    help
794      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
795
796      Keys are allowed to be from 0 to 256 bits in length, in steps
797      of 8 bits.
798
799      This module provides Serpent cipher algorithm that processes four
800      blocks parallel using SSE2 instruction set.
801
802      See also:
803      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
804
805config CRYPTO_TEA
806    tristate "TEA, XTEA and XETA cipher algorithms"
807    select CRYPTO_ALGAPI
808    help
809      TEA cipher algorithm.
810
811      Tiny Encryption Algorithm is a simple cipher that uses
812      many rounds for security. It is very fast and uses
813      little memory.
814
815      Xtendend Tiny Encryption Algorithm is a modification to
816      the TEA algorithm to address a potential key weakness
817      in the TEA algorithm.
818
819      Xtendend Encryption Tiny Algorithm is a mis-implementation
820      of the XTEA algorithm for compatibility purposes.
821
822config CRYPTO_TWOFISH
823    tristate "Twofish cipher algorithm"
824    select CRYPTO_ALGAPI
825    select CRYPTO_TWOFISH_COMMON
826    help
827      Twofish cipher algorithm.
828
829      Twofish was submitted as an AES (Advanced Encryption Standard)
830      candidate cipher by researchers at CounterPane Systems. It is a
831      16 round block cipher supporting key sizes of 128, 192, and 256
832      bits.
833
834      See also:
835      <http://www.schneier.com/twofish.html>
836
837config CRYPTO_TWOFISH_COMMON
838    tristate
839    help
840      Common parts of the Twofish cipher algorithm shared by the
841      generic c and the assembler implementations.
842
843config CRYPTO_TWOFISH_586
844    tristate "Twofish cipher algorithms (i586)"
845    depends on (X86 || UML_X86) && !64BIT
846    select CRYPTO_ALGAPI
847    select CRYPTO_TWOFISH_COMMON
848    help
849      Twofish cipher algorithm.
850
851      Twofish was submitted as an AES (Advanced Encryption Standard)
852      candidate cipher by researchers at CounterPane Systems. It is a
853      16 round block cipher supporting key sizes of 128, 192, and 256
854      bits.
855
856      See also:
857      <http://www.schneier.com/twofish.html>
858
859config CRYPTO_TWOFISH_X86_64
860    tristate "Twofish cipher algorithm (x86_64)"
861    depends on (X86 || UML_X86) && 64BIT
862    select CRYPTO_ALGAPI
863    select CRYPTO_TWOFISH_COMMON
864    help
865      Twofish cipher algorithm (x86_64).
866
867      Twofish was submitted as an AES (Advanced Encryption Standard)
868      candidate cipher by researchers at CounterPane Systems. It is a
869      16 round block cipher supporting key sizes of 128, 192, and 256
870      bits.
871
872      See also:
873      <http://www.schneier.com/twofish.html>
874
875config CRYPTO_TWOFISH_X86_64_3WAY
876    tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
877    depends on (X86 || UML_X86) && 64BIT
878    select CRYPTO_ALGAPI
879    select CRYPTO_TWOFISH_COMMON
880    select CRYPTO_TWOFISH_X86_64
881    select CRYPTO_LRW
882    select CRYPTO_XTS
883    help
884      Twofish cipher algorithm (x86_64, 3-way parallel).
885
886      Twofish was submitted as an AES (Advanced Encryption Standard)
887      candidate cipher by researchers at CounterPane Systems. It is a
888      16 round block cipher supporting key sizes of 128, 192, and 256
889      bits.
890
891      This module provides Twofish cipher algorithm that processes three
892      blocks parallel, utilizing resources of out-of-order CPUs better.
893
894      See also:
895      <http://www.schneier.com/twofish.html>
896
897comment "Compression"
898
899config CRYPTO_DEFLATE
900    tristate "Deflate compression algorithm"
901    select CRYPTO_ALGAPI
902    select ZLIB_INFLATE
903    select ZLIB_DEFLATE
904    help
905      This is the Deflate algorithm (RFC1951), specified for use in
906      IPSec with the IPCOMP protocol (RFC3173, RFC2394).
907
908      You will most probably want this if using IPSec.
909
910config CRYPTO_ZLIB
911    tristate "Zlib compression algorithm"
912    select CRYPTO_PCOMP
913    select ZLIB_INFLATE
914    select ZLIB_DEFLATE
915    select NLATTR
916    help
917      This is the zlib algorithm.
918
919config CRYPTO_LZO
920    tristate "LZO compression algorithm"
921    select CRYPTO_ALGAPI
922    select LZO_COMPRESS
923    select LZO_DECOMPRESS
924    help
925      This is the LZO algorithm.
926
927comment "Random Number Generation"
928
929config CRYPTO_ANSI_CPRNG
930    tristate "Pseudo Random Number Generation for Cryptographic modules"
931    default m
932    select CRYPTO_AES
933    select CRYPTO_RNG
934    help
935      This option enables the generic pseudo random number generator
936      for cryptographic modules. Uses the Algorithm specified in
937      ANSI X9.31 A.2.4. Note that this option must be enabled if
938      CRYPTO_FIPS is selected
939
940config CRYPTO_USER_API
941    tristate
942
943config CRYPTO_USER_API_HASH
944    tristate "User-space interface for hash algorithms"
945    depends on NET
946    select CRYPTO_HASH
947    select CRYPTO_USER_API
948    help
949      This option enables the user-spaces interface for hash
950      algorithms.
951
952config CRYPTO_USER_API_SKCIPHER
953    tristate "User-space interface for symmetric key cipher algorithms"
954    depends on NET
955    select CRYPTO_BLKCIPHER
956    select CRYPTO_USER_API
957    help
958      This option enables the user-spaces interface for symmetric
959      key cipher algorithms.
960
961source "drivers/crypto/Kconfig"
962
963endif # if CRYPTO
964

Archive Download this file



interactive