Root/crypto/Kconfig

1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5    tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16    tristate "Cryptographic API"
17    help
18      This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25    bool "FIPS 200 compliance"
26    depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
27    help
28      This options enables the fips boot option which is
29      required if you want to system to operate in a FIPS 200
30      certification. You should say no unless you know what
31      this is.
32
33config CRYPTO_ALGAPI
34    tristate
35    select CRYPTO_ALGAPI2
36    help
37      This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40    tristate
41
42config CRYPTO_AEAD
43    tristate
44    select CRYPTO_AEAD2
45    select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48    tristate
49    select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52    tristate
53    select CRYPTO_BLKCIPHER2
54    select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57    tristate
58    select CRYPTO_ALGAPI2
59    select CRYPTO_RNG2
60    select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63    tristate
64    select CRYPTO_HASH2
65    select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68    tristate
69    select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72    tristate
73    select CRYPTO_RNG2
74    select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77    tristate
78    select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81    tristate
82    select CRYPTO_PCOMP2
83    select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86    tristate
87    select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90    tristate "Cryptographic algorithm manager"
91    select CRYPTO_MANAGER2
92    help
93      Create default cryptographic template instantiations such as
94      cbc(aes).
95
96config CRYPTO_MANAGER2
97    def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98    select CRYPTO_AEAD2
99    select CRYPTO_HASH2
100    select CRYPTO_BLKCIPHER2
101    select CRYPTO_PCOMP2
102
103config CRYPTO_USER
104    tristate "Userspace cryptographic algorithm configuration"
105    depends on NET
106    select CRYPTO_MANAGER
107    help
108      Userspace configuration for cryptographic instantiations such as
109      cbc(aes).
110
111config CRYPTO_MANAGER_DISABLE_TESTS
112    bool "Disable run-time self tests"
113    default y
114    depends on CRYPTO_MANAGER2
115    help
116      Disable run-time self tests that normally take place at
117      algorithm registration.
118
119config CRYPTO_GF128MUL
120    tristate "GF(2^128) multiplication functions"
121    help
122      Efficient table driven implementation of multiplications in the
123      field GF(2^128). This is needed by some cypher modes. This
124      option will be selected automatically if you select such a
125      cipher mode. Only select this option by hand if you expect to load
126      an external module that requires these functions.
127
128config CRYPTO_NULL
129    tristate "Null algorithms"
130    select CRYPTO_ALGAPI
131    select CRYPTO_BLKCIPHER
132    select CRYPTO_HASH
133    help
134      These are 'Null' algorithms, used by IPsec, which do nothing.
135
136config CRYPTO_PCRYPT
137    tristate "Parallel crypto engine"
138    depends on SMP
139    select PADATA
140    select CRYPTO_MANAGER
141    select CRYPTO_AEAD
142    help
143      This converts an arbitrary crypto algorithm into a parallel
144      algorithm that executes in kernel threads.
145
146config CRYPTO_WORKQUEUE
147       tristate
148
149config CRYPTO_CRYPTD
150    tristate "Software async crypto daemon"
151    select CRYPTO_BLKCIPHER
152    select CRYPTO_HASH
153    select CRYPTO_MANAGER
154    select CRYPTO_WORKQUEUE
155    help
156      This is a generic software asynchronous crypto daemon that
157      converts an arbitrary synchronous software crypto algorithm
158      into an asynchronous algorithm that executes in a kernel thread.
159
160config CRYPTO_AUTHENC
161    tristate "Authenc support"
162    select CRYPTO_AEAD
163    select CRYPTO_BLKCIPHER
164    select CRYPTO_MANAGER
165    select CRYPTO_HASH
166    help
167      Authenc: Combined mode wrapper for IPsec.
168      This is required for IPSec.
169
170config CRYPTO_TEST
171    tristate "Testing module"
172    depends on m
173    select CRYPTO_MANAGER
174    help
175      Quick & dirty crypto test module.
176
177config CRYPTO_ABLK_HELPER_X86
178    tristate
179    depends on X86
180    select CRYPTO_CRYPTD
181
182config CRYPTO_GLUE_HELPER_X86
183    tristate
184    depends on X86
185    select CRYPTO_ALGAPI
186
187comment "Authenticated Encryption with Associated Data"
188
189config CRYPTO_CCM
190    tristate "CCM support"
191    select CRYPTO_CTR
192    select CRYPTO_AEAD
193    help
194      Support for Counter with CBC MAC. Required for IPsec.
195
196config CRYPTO_GCM
197    tristate "GCM/GMAC support"
198    select CRYPTO_CTR
199    select CRYPTO_AEAD
200    select CRYPTO_GHASH
201    help
202      Support for Galois/Counter Mode (GCM) and Galois Message
203      Authentication Code (GMAC). Required for IPSec.
204
205config CRYPTO_SEQIV
206    tristate "Sequence Number IV Generator"
207    select CRYPTO_AEAD
208    select CRYPTO_BLKCIPHER
209    select CRYPTO_RNG
210    help
211      This IV generator generates an IV based on a sequence number by
212      xoring it with a salt. This algorithm is mainly useful for CTR
213
214comment "Block modes"
215
216config CRYPTO_CBC
217    tristate "CBC support"
218    select CRYPTO_BLKCIPHER
219    select CRYPTO_MANAGER
220    help
221      CBC: Cipher Block Chaining mode
222      This block cipher algorithm is required for IPSec.
223
224config CRYPTO_CTR
225    tristate "CTR support"
226    select CRYPTO_BLKCIPHER
227    select CRYPTO_SEQIV
228    select CRYPTO_MANAGER
229    help
230      CTR: Counter mode
231      This block cipher algorithm is required for IPSec.
232
233config CRYPTO_CTS
234    tristate "CTS support"
235    select CRYPTO_BLKCIPHER
236    help
237      CTS: Cipher Text Stealing
238      This is the Cipher Text Stealing mode as described by
239      Section 8 of rfc2040 and referenced by rfc3962.
240      (rfc3962 includes errata information in its Appendix A)
241      This mode is required for Kerberos gss mechanism support
242      for AES encryption.
243
244config CRYPTO_ECB
245    tristate "ECB support"
246    select CRYPTO_BLKCIPHER
247    select CRYPTO_MANAGER
248    help
249      ECB: Electronic CodeBook mode
250      This is the simplest block cipher algorithm. It simply encrypts
251      the input block by block.
252
253config CRYPTO_LRW
254    tristate "LRW support"
255    select CRYPTO_BLKCIPHER
256    select CRYPTO_MANAGER
257    select CRYPTO_GF128MUL
258    help
259      LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
260      narrow block cipher mode for dm-crypt. Use it with cipher
261      specification string aes-lrw-benbi, the key must be 256, 320 or 384.
262      The first 128, 192 or 256 bits in the key are used for AES and the
263      rest is used to tie each cipher block to its logical position.
264
265config CRYPTO_PCBC
266    tristate "PCBC support"
267    select CRYPTO_BLKCIPHER
268    select CRYPTO_MANAGER
269    help
270      PCBC: Propagating Cipher Block Chaining mode
271      This block cipher algorithm is required for RxRPC.
272
273config CRYPTO_XTS
274    tristate "XTS support"
275    select CRYPTO_BLKCIPHER
276    select CRYPTO_MANAGER
277    select CRYPTO_GF128MUL
278    help
279      XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
280      key size 256, 384 or 512 bits. This implementation currently
281      can't handle a sectorsize which is not a multiple of 16 bytes.
282
283comment "Hash modes"
284
285config CRYPTO_HMAC
286    tristate "HMAC support"
287    select CRYPTO_HASH
288    select CRYPTO_MANAGER
289    help
290      HMAC: Keyed-Hashing for Message Authentication (RFC2104).
291      This is required for IPSec.
292
293config CRYPTO_XCBC
294    tristate "XCBC support"
295    select CRYPTO_HASH
296    select CRYPTO_MANAGER
297    help
298      XCBC: Keyed-Hashing with encryption algorithm
299        http://www.ietf.org/rfc/rfc3566.txt
300        http://csrc.nist.gov/encryption/modes/proposedmodes/
301         xcbc-mac/xcbc-mac-spec.pdf
302
303config CRYPTO_VMAC
304    tristate "VMAC support"
305    select CRYPTO_HASH
306    select CRYPTO_MANAGER
307    help
308      VMAC is a message authentication algorithm designed for
309      very high speed on 64-bit architectures.
310
311      See also:
312      <http://fastcrypto.org/vmac>
313
314comment "Digest"
315
316config CRYPTO_CRC32C
317    tristate "CRC32c CRC algorithm"
318    select CRYPTO_HASH
319    select CRC32
320    help
321      Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
322      by iSCSI for header and data digests and by others.
323      See Castagnoli93. Module will be crc32c.
324
325config CRYPTO_CRC32C_X86_64
326    bool
327    depends on X86 && 64BIT
328    select CRYPTO_HASH
329    help
330      In Intel processor with SSE4.2 supported, the processor will
331      support CRC32C calculation using hardware accelerated CRC32
332      instruction optimized with PCLMULQDQ instruction when available.
333
334config CRYPTO_CRC32C_INTEL
335    tristate "CRC32c INTEL hardware acceleration"
336    depends on X86
337    select CRYPTO_CRC32C_X86_64 if 64BIT
338    select CRYPTO_HASH
339    help
340      In Intel processor with SSE4.2 supported, the processor will
341      support CRC32C implementation using hardware accelerated CRC32
342      instruction. This option will create 'crc32c-intel' module,
343      which will enable any routine to use the CRC32 instruction to
344      gain performance compared with software implementation.
345      Module will be crc32c-intel.
346
347config CRYPTO_CRC32C_SPARC64
348    tristate "CRC32c CRC algorithm (SPARC64)"
349    depends on SPARC64
350    select CRYPTO_HASH
351    select CRC32
352    help
353      CRC32c CRC algorithm implemented using sparc64 crypto instructions,
354      when available.
355
356config CRYPTO_CRC32
357    tristate "CRC32 CRC algorithm"
358    select CRYPTO_HASH
359    select CRC32
360    help
361      CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
362      Shash crypto api wrappers to crc32_le function.
363
364config CRYPTO_CRC32_PCLMUL
365    tristate "CRC32 PCLMULQDQ hardware acceleration"
366    depends on X86
367    select CRYPTO_HASH
368    select CRC32
369    help
370      From Intel Westmere and AMD Bulldozer processor with SSE4.2
371      and PCLMULQDQ supported, the processor will support
372      CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
373      instruction. This option will create 'crc32-plcmul' module,
374      which will enable any routine to use the CRC-32-IEEE 802.3 checksum
375      and gain better performance as compared with the table implementation.
376
377config CRYPTO_GHASH
378    tristate "GHASH digest algorithm"
379    select CRYPTO_GF128MUL
380    help
381      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
382
383config CRYPTO_MD4
384    tristate "MD4 digest algorithm"
385    select CRYPTO_HASH
386    help
387      MD4 message digest algorithm (RFC1320).
388
389config CRYPTO_MD5
390    tristate "MD5 digest algorithm"
391    select CRYPTO_HASH
392    help
393      MD5 message digest algorithm (RFC1321).
394
395config CRYPTO_MD5_SPARC64
396    tristate "MD5 digest algorithm (SPARC64)"
397    depends on SPARC64
398    select CRYPTO_MD5
399    select CRYPTO_HASH
400    help
401      MD5 message digest algorithm (RFC1321) implemented
402      using sparc64 crypto instructions, when available.
403
404config CRYPTO_MICHAEL_MIC
405    tristate "Michael MIC keyed digest algorithm"
406    select CRYPTO_HASH
407    help
408      Michael MIC is used for message integrity protection in TKIP
409      (IEEE 802.11i). This algorithm is required for TKIP, but it
410      should not be used for other purposes because of the weakness
411      of the algorithm.
412
413config CRYPTO_RMD128
414    tristate "RIPEMD-128 digest algorithm"
415    select CRYPTO_HASH
416    help
417      RIPEMD-128 (ISO/IEC 10118-3:2004).
418
419      RIPEMD-128 is a 128-bit cryptographic hash function. It should only
420      be used as a secure replacement for RIPEMD. For other use cases,
421      RIPEMD-160 should be used.
422
423      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
424      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
425
426config CRYPTO_RMD160
427    tristate "RIPEMD-160 digest algorithm"
428    select CRYPTO_HASH
429    help
430      RIPEMD-160 (ISO/IEC 10118-3:2004).
431
432      RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
433      to be used as a secure replacement for the 128-bit hash functions
434      MD4, MD5 and it's predecessor RIPEMD
435      (not to be confused with RIPEMD-128).
436
437      It's speed is comparable to SHA1 and there are no known attacks
438      against RIPEMD-160.
439
440      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
441      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
442
443config CRYPTO_RMD256
444    tristate "RIPEMD-256 digest algorithm"
445    select CRYPTO_HASH
446    help
447      RIPEMD-256 is an optional extension of RIPEMD-128 with a
448      256 bit hash. It is intended for applications that require
449      longer hash-results, without needing a larger security level
450      (than RIPEMD-128).
451
452      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
453      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
454
455config CRYPTO_RMD320
456    tristate "RIPEMD-320 digest algorithm"
457    select CRYPTO_HASH
458    help
459      RIPEMD-320 is an optional extension of RIPEMD-160 with a
460      320 bit hash. It is intended for applications that require
461      longer hash-results, without needing a larger security level
462      (than RIPEMD-160).
463
464      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
465      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
466
467config CRYPTO_SHA1
468    tristate "SHA1 digest algorithm"
469    select CRYPTO_HASH
470    help
471      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
472
473config CRYPTO_SHA1_SSSE3
474    tristate "SHA1 digest algorithm (SSSE3/AVX)"
475    depends on X86 && 64BIT
476    select CRYPTO_SHA1
477    select CRYPTO_HASH
478    help
479      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
480      using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
481      Extensions (AVX), when available.
482
483config CRYPTO_SHA1_SPARC64
484    tristate "SHA1 digest algorithm (SPARC64)"
485    depends on SPARC64
486    select CRYPTO_SHA1
487    select CRYPTO_HASH
488    help
489      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
490      using sparc64 crypto instructions, when available.
491
492config CRYPTO_SHA1_ARM
493    tristate "SHA1 digest algorithm (ARM-asm)"
494    depends on ARM
495    select CRYPTO_SHA1
496    select CRYPTO_HASH
497    help
498      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
499      using optimized ARM assembler.
500
501config CRYPTO_SHA1_PPC
502    tristate "SHA1 digest algorithm (powerpc)"
503    depends on PPC
504    help
505      This is the powerpc hardware accelerated implementation of the
506      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
507
508config CRYPTO_SHA256
509    tristate "SHA224 and SHA256 digest algorithm"
510    select CRYPTO_HASH
511    help
512      SHA256 secure hash standard (DFIPS 180-2).
513
514      This version of SHA implements a 256 bit hash with 128 bits of
515      security against collision attacks.
516
517      This code also includes SHA-224, a 224 bit hash with 112 bits
518      of security against collision attacks.
519
520config CRYPTO_SHA256_SPARC64
521    tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
522    depends on SPARC64
523    select CRYPTO_SHA256
524    select CRYPTO_HASH
525    help
526      SHA-256 secure hash standard (DFIPS 180-2) implemented
527      using sparc64 crypto instructions, when available.
528
529config CRYPTO_SHA512
530    tristate "SHA384 and SHA512 digest algorithms"
531    select CRYPTO_HASH
532    help
533      SHA512 secure hash standard (DFIPS 180-2).
534
535      This version of SHA implements a 512 bit hash with 256 bits of
536      security against collision attacks.
537
538      This code also includes SHA-384, a 384 bit hash with 192 bits
539      of security against collision attacks.
540
541config CRYPTO_SHA512_SPARC64
542    tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
543    depends on SPARC64
544    select CRYPTO_SHA512
545    select CRYPTO_HASH
546    help
547      SHA-512 secure hash standard (DFIPS 180-2) implemented
548      using sparc64 crypto instructions, when available.
549
550config CRYPTO_TGR192
551    tristate "Tiger digest algorithms"
552    select CRYPTO_HASH
553    help
554      Tiger hash algorithm 192, 160 and 128-bit hashes
555
556      Tiger is a hash function optimized for 64-bit processors while
557      still having decent performance on 32-bit processors.
558      Tiger was developed by Ross Anderson and Eli Biham.
559
560      See also:
561      <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
562
563config CRYPTO_WP512
564    tristate "Whirlpool digest algorithms"
565    select CRYPTO_HASH
566    help
567      Whirlpool hash algorithm 512, 384 and 256-bit hashes
568
569      Whirlpool-512 is part of the NESSIE cryptographic primitives.
570      Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
571
572      See also:
573      <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
574
575config CRYPTO_GHASH_CLMUL_NI_INTEL
576    tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
577    depends on X86 && 64BIT
578    select CRYPTO_CRYPTD
579    help
580      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
581      The implementation is accelerated by CLMUL-NI of Intel.
582
583comment "Ciphers"
584
585config CRYPTO_AES
586    tristate "AES cipher algorithms"
587    select CRYPTO_ALGAPI
588    help
589      AES cipher algorithms (FIPS-197). AES uses the Rijndael
590      algorithm.
591
592      Rijndael appears to be consistently a very good performer in
593      both hardware and software across a wide range of computing
594      environments regardless of its use in feedback or non-feedback
595      modes. Its key setup time is excellent, and its key agility is
596      good. Rijndael's very low memory requirements make it very well
597      suited for restricted-space environments, in which it also
598      demonstrates excellent performance. Rijndael's operations are
599      among the easiest to defend against power and timing attacks.
600
601      The AES specifies three key sizes: 128, 192 and 256 bits
602
603      See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
604
605config CRYPTO_AES_586
606    tristate "AES cipher algorithms (i586)"
607    depends on (X86 || UML_X86) && !64BIT
608    select CRYPTO_ALGAPI
609    select CRYPTO_AES
610    help
611      AES cipher algorithms (FIPS-197). AES uses the Rijndael
612      algorithm.
613
614      Rijndael appears to be consistently a very good performer in
615      both hardware and software across a wide range of computing
616      environments regardless of its use in feedback or non-feedback
617      modes. Its key setup time is excellent, and its key agility is
618      good. Rijndael's very low memory requirements make it very well
619      suited for restricted-space environments, in which it also
620      demonstrates excellent performance. Rijndael's operations are
621      among the easiest to defend against power and timing attacks.
622
623      The AES specifies three key sizes: 128, 192 and 256 bits
624
625      See <http://csrc.nist.gov/encryption/aes/> for more information.
626
627config CRYPTO_AES_X86_64
628    tristate "AES cipher algorithms (x86_64)"
629    depends on (X86 || UML_X86) && 64BIT
630    select CRYPTO_ALGAPI
631    select CRYPTO_AES
632    help
633      AES cipher algorithms (FIPS-197). AES uses the Rijndael
634      algorithm.
635
636      Rijndael appears to be consistently a very good performer in
637      both hardware and software across a wide range of computing
638      environments regardless of its use in feedback or non-feedback
639      modes. Its key setup time is excellent, and its key agility is
640      good. Rijndael's very low memory requirements make it very well
641      suited for restricted-space environments, in which it also
642      demonstrates excellent performance. Rijndael's operations are
643      among the easiest to defend against power and timing attacks.
644
645      The AES specifies three key sizes: 128, 192 and 256 bits
646
647      See <http://csrc.nist.gov/encryption/aes/> for more information.
648
649config CRYPTO_AES_NI_INTEL
650    tristate "AES cipher algorithms (AES-NI)"
651    depends on X86
652    select CRYPTO_AES_X86_64 if 64BIT
653    select CRYPTO_AES_586 if !64BIT
654    select CRYPTO_CRYPTD
655    select CRYPTO_ABLK_HELPER_X86
656    select CRYPTO_ALGAPI
657    select CRYPTO_LRW
658    select CRYPTO_XTS
659    help
660      Use Intel AES-NI instructions for AES algorithm.
661
662      AES cipher algorithms (FIPS-197). AES uses the Rijndael
663      algorithm.
664
665      Rijndael appears to be consistently a very good performer in
666      both hardware and software across a wide range of computing
667      environments regardless of its use in feedback or non-feedback
668      modes. Its key setup time is excellent, and its key agility is
669      good. Rijndael's very low memory requirements make it very well
670      suited for restricted-space environments, in which it also
671      demonstrates excellent performance. Rijndael's operations are
672      among the easiest to defend against power and timing attacks.
673
674      The AES specifies three key sizes: 128, 192 and 256 bits
675
676      See <http://csrc.nist.gov/encryption/aes/> for more information.
677
678      In addition to AES cipher algorithm support, the acceleration
679      for some popular block cipher mode is supported too, including
680      ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
681      acceleration for CTR.
682
683config CRYPTO_AES_SPARC64
684    tristate "AES cipher algorithms (SPARC64)"
685    depends on SPARC64
686    select CRYPTO_CRYPTD
687    select CRYPTO_ALGAPI
688    help
689      Use SPARC64 crypto opcodes for AES algorithm.
690
691      AES cipher algorithms (FIPS-197). AES uses the Rijndael
692      algorithm.
693
694      Rijndael appears to be consistently a very good performer in
695      both hardware and software across a wide range of computing
696      environments regardless of its use in feedback or non-feedback
697      modes. Its key setup time is excellent, and its key agility is
698      good. Rijndael's very low memory requirements make it very well
699      suited for restricted-space environments, in which it also
700      demonstrates excellent performance. Rijndael's operations are
701      among the easiest to defend against power and timing attacks.
702
703      The AES specifies three key sizes: 128, 192 and 256 bits
704
705      See <http://csrc.nist.gov/encryption/aes/> for more information.
706
707      In addition to AES cipher algorithm support, the acceleration
708      for some popular block cipher mode is supported too, including
709      ECB and CBC.
710
711config CRYPTO_AES_ARM
712    tristate "AES cipher algorithms (ARM-asm)"
713    depends on ARM
714    select CRYPTO_ALGAPI
715    select CRYPTO_AES
716    help
717      Use optimized AES assembler routines for ARM platforms.
718
719      AES cipher algorithms (FIPS-197). AES uses the Rijndael
720      algorithm.
721
722      Rijndael appears to be consistently a very good performer in
723      both hardware and software across a wide range of computing
724      environments regardless of its use in feedback or non-feedback
725      modes. Its key setup time is excellent, and its key agility is
726      good. Rijndael's very low memory requirements make it very well
727      suited for restricted-space environments, in which it also
728      demonstrates excellent performance. Rijndael's operations are
729      among the easiest to defend against power and timing attacks.
730
731      The AES specifies three key sizes: 128, 192 and 256 bits
732
733      See <http://csrc.nist.gov/encryption/aes/> for more information.
734
735config CRYPTO_ANUBIS
736    tristate "Anubis cipher algorithm"
737    select CRYPTO_ALGAPI
738    help
739      Anubis cipher algorithm.
740
741      Anubis is a variable key length cipher which can use keys from
742      128 bits to 320 bits in length. It was evaluated as a entrant
743      in the NESSIE competition.
744
745      See also:
746      <https://www.cosic.esat.kuleuven.be/nessie/reports/>
747      <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
748
749config CRYPTO_ARC4
750    tristate "ARC4 cipher algorithm"
751    select CRYPTO_BLKCIPHER
752    help
753      ARC4 cipher algorithm.
754
755      ARC4 is a stream cipher using keys ranging from 8 bits to 2048
756      bits in length. This algorithm is required for driver-based
757      WEP, but it should not be for other purposes because of the
758      weakness of the algorithm.
759
760config CRYPTO_BLOWFISH
761    tristate "Blowfish cipher algorithm"
762    select CRYPTO_ALGAPI
763    select CRYPTO_BLOWFISH_COMMON
764    help
765      Blowfish cipher algorithm, by Bruce Schneier.
766
767      This is a variable key length cipher which can use keys from 32
768      bits to 448 bits in length. It's fast, simple and specifically
769      designed for use on "large microprocessors".
770
771      See also:
772      <http://www.schneier.com/blowfish.html>
773
774config CRYPTO_BLOWFISH_COMMON
775    tristate
776    help
777      Common parts of the Blowfish cipher algorithm shared by the
778      generic c and the assembler implementations.
779
780      See also:
781      <http://www.schneier.com/blowfish.html>
782
783config CRYPTO_BLOWFISH_X86_64
784    tristate "Blowfish cipher algorithm (x86_64)"
785    depends on X86 && 64BIT
786    select CRYPTO_ALGAPI
787    select CRYPTO_BLOWFISH_COMMON
788    help
789      Blowfish cipher algorithm (x86_64), by Bruce Schneier.
790
791      This is a variable key length cipher which can use keys from 32
792      bits to 448 bits in length. It's fast, simple and specifically
793      designed for use on "large microprocessors".
794
795      See also:
796      <http://www.schneier.com/blowfish.html>
797
798config CRYPTO_CAMELLIA
799    tristate "Camellia cipher algorithms"
800    depends on CRYPTO
801    select CRYPTO_ALGAPI
802    help
803      Camellia cipher algorithms module.
804
805      Camellia is a symmetric key block cipher developed jointly
806      at NTT and Mitsubishi Electric Corporation.
807
808      The Camellia specifies three key sizes: 128, 192 and 256 bits.
809
810      See also:
811      <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
812
813config CRYPTO_CAMELLIA_X86_64
814    tristate "Camellia cipher algorithm (x86_64)"
815    depends on X86 && 64BIT
816    depends on CRYPTO
817    select CRYPTO_ALGAPI
818    select CRYPTO_GLUE_HELPER_X86
819    select CRYPTO_LRW
820    select CRYPTO_XTS
821    help
822      Camellia cipher algorithm module (x86_64).
823
824      Camellia is a symmetric key block cipher developed jointly
825      at NTT and Mitsubishi Electric Corporation.
826
827      The Camellia specifies three key sizes: 128, 192 and 256 bits.
828
829      See also:
830      <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
831
832config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
833    tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
834    depends on X86 && 64BIT
835    depends on CRYPTO
836    select CRYPTO_ALGAPI
837    select CRYPTO_CRYPTD
838    select CRYPTO_ABLK_HELPER_X86
839    select CRYPTO_GLUE_HELPER_X86
840    select CRYPTO_CAMELLIA_X86_64
841    select CRYPTO_LRW
842    select CRYPTO_XTS
843    help
844      Camellia cipher algorithm module (x86_64/AES-NI/AVX).
845
846      Camellia is a symmetric key block cipher developed jointly
847      at NTT and Mitsubishi Electric Corporation.
848
849      The Camellia specifies three key sizes: 128, 192 and 256 bits.
850
851      See also:
852      <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
853
854config CRYPTO_CAMELLIA_SPARC64
855    tristate "Camellia cipher algorithm (SPARC64)"
856    depends on SPARC64
857    depends on CRYPTO
858    select CRYPTO_ALGAPI
859    help
860      Camellia cipher algorithm module (SPARC64).
861
862      Camellia is a symmetric key block cipher developed jointly
863      at NTT and Mitsubishi Electric Corporation.
864
865      The Camellia specifies three key sizes: 128, 192 and 256 bits.
866
867      See also:
868      <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
869
870config CRYPTO_CAST_COMMON
871    tristate
872    help
873      Common parts of the CAST cipher algorithms shared by the
874      generic c and the assembler implementations.
875
876config CRYPTO_CAST5
877    tristate "CAST5 (CAST-128) cipher algorithm"
878    select CRYPTO_ALGAPI
879    select CRYPTO_CAST_COMMON
880    help
881      The CAST5 encryption algorithm (synonymous with CAST-128) is
882      described in RFC2144.
883
884config CRYPTO_CAST5_AVX_X86_64
885    tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
886    depends on X86 && 64BIT
887    select CRYPTO_ALGAPI
888    select CRYPTO_CRYPTD
889    select CRYPTO_ABLK_HELPER_X86
890    select CRYPTO_CAST_COMMON
891    select CRYPTO_CAST5
892    help
893      The CAST5 encryption algorithm (synonymous with CAST-128) is
894      described in RFC2144.
895
896      This module provides the Cast5 cipher algorithm that processes
897      sixteen blocks parallel using the AVX instruction set.
898
899config CRYPTO_CAST6
900    tristate "CAST6 (CAST-256) cipher algorithm"
901    select CRYPTO_ALGAPI
902    select CRYPTO_CAST_COMMON
903    help
904      The CAST6 encryption algorithm (synonymous with CAST-256) is
905      described in RFC2612.
906
907config CRYPTO_CAST6_AVX_X86_64
908    tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
909    depends on X86 && 64BIT
910    select CRYPTO_ALGAPI
911    select CRYPTO_CRYPTD
912    select CRYPTO_ABLK_HELPER_X86
913    select CRYPTO_GLUE_HELPER_X86
914    select CRYPTO_CAST_COMMON
915    select CRYPTO_CAST6
916    select CRYPTO_LRW
917    select CRYPTO_XTS
918    help
919      The CAST6 encryption algorithm (synonymous with CAST-256) is
920      described in RFC2612.
921
922      This module provides the Cast6 cipher algorithm that processes
923      eight blocks parallel using the AVX instruction set.
924
925config CRYPTO_DES
926    tristate "DES and Triple DES EDE cipher algorithms"
927    select CRYPTO_ALGAPI
928    help
929      DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
930
931config CRYPTO_DES_SPARC64
932    tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
933    depends on SPARC64
934    select CRYPTO_ALGAPI
935    select CRYPTO_DES
936    help
937      DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
938      optimized using SPARC64 crypto opcodes.
939
940config CRYPTO_FCRYPT
941    tristate "FCrypt cipher algorithm"
942    select CRYPTO_ALGAPI
943    select CRYPTO_BLKCIPHER
944    help
945      FCrypt algorithm used by RxRPC.
946
947config CRYPTO_KHAZAD
948    tristate "Khazad cipher algorithm"
949    select CRYPTO_ALGAPI
950    help
951      Khazad cipher algorithm.
952
953      Khazad was a finalist in the initial NESSIE competition. It is
954      an algorithm optimized for 64-bit processors with good performance
955      on 32-bit processors. Khazad uses an 128 bit key size.
956
957      See also:
958      <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
959
960config CRYPTO_SALSA20
961    tristate "Salsa20 stream cipher algorithm"
962    select CRYPTO_BLKCIPHER
963    help
964      Salsa20 stream cipher algorithm.
965
966      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
967      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
968
969      The Salsa20 stream cipher algorithm is designed by Daniel J.
970      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
971
972config CRYPTO_SALSA20_586
973    tristate "Salsa20 stream cipher algorithm (i586)"
974    depends on (X86 || UML_X86) && !64BIT
975    select CRYPTO_BLKCIPHER
976    help
977      Salsa20 stream cipher algorithm.
978
979      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
980      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
981
982      The Salsa20 stream cipher algorithm is designed by Daniel J.
983      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
984
985config CRYPTO_SALSA20_X86_64
986    tristate "Salsa20 stream cipher algorithm (x86_64)"
987    depends on (X86 || UML_X86) && 64BIT
988    select CRYPTO_BLKCIPHER
989    help
990      Salsa20 stream cipher algorithm.
991
992      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
993      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
994
995      The Salsa20 stream cipher algorithm is designed by Daniel J.
996      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
997
998config CRYPTO_SEED
999    tristate "SEED cipher algorithm"
1000    select CRYPTO_ALGAPI
1001    help
1002      SEED cipher algorithm (RFC4269).
1003
1004      SEED is a 128-bit symmetric key block cipher that has been
1005      developed by KISA (Korea Information Security Agency) as a
1006      national standard encryption algorithm of the Republic of Korea.
1007      It is a 16 round block cipher with the key size of 128 bit.
1008
1009      See also:
1010      <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1011
1012config CRYPTO_SERPENT
1013    tristate "Serpent cipher algorithm"
1014    select CRYPTO_ALGAPI
1015    help
1016      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1017
1018      Keys are allowed to be from 0 to 256 bits in length, in steps
1019      of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1020      variant of Serpent for compatibility with old kerneli.org code.
1021
1022      See also:
1023      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1024
1025config CRYPTO_SERPENT_SSE2_X86_64
1026    tristate "Serpent cipher algorithm (x86_64/SSE2)"
1027    depends on X86 && 64BIT
1028    select CRYPTO_ALGAPI
1029    select CRYPTO_CRYPTD
1030    select CRYPTO_ABLK_HELPER_X86
1031    select CRYPTO_GLUE_HELPER_X86
1032    select CRYPTO_SERPENT
1033    select CRYPTO_LRW
1034    select CRYPTO_XTS
1035    help
1036      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1037
1038      Keys are allowed to be from 0 to 256 bits in length, in steps
1039      of 8 bits.
1040
1041      This module provides Serpent cipher algorithm that processes eigth
1042      blocks parallel using SSE2 instruction set.
1043
1044      See also:
1045      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1046
1047config CRYPTO_SERPENT_SSE2_586
1048    tristate "Serpent cipher algorithm (i586/SSE2)"
1049    depends on X86 && !64BIT
1050    select CRYPTO_ALGAPI
1051    select CRYPTO_CRYPTD
1052    select CRYPTO_ABLK_HELPER_X86
1053    select CRYPTO_GLUE_HELPER_X86
1054    select CRYPTO_SERPENT
1055    select CRYPTO_LRW
1056    select CRYPTO_XTS
1057    help
1058      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1059
1060      Keys are allowed to be from 0 to 256 bits in length, in steps
1061      of 8 bits.
1062
1063      This module provides Serpent cipher algorithm that processes four
1064      blocks parallel using SSE2 instruction set.
1065
1066      See also:
1067      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1068
1069config CRYPTO_SERPENT_AVX_X86_64
1070    tristate "Serpent cipher algorithm (x86_64/AVX)"
1071    depends on X86 && 64BIT
1072    select CRYPTO_ALGAPI
1073    select CRYPTO_CRYPTD
1074    select CRYPTO_ABLK_HELPER_X86
1075    select CRYPTO_GLUE_HELPER_X86
1076    select CRYPTO_SERPENT
1077    select CRYPTO_LRW
1078    select CRYPTO_XTS
1079    help
1080      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1081
1082      Keys are allowed to be from 0 to 256 bits in length, in steps
1083      of 8 bits.
1084
1085      This module provides the Serpent cipher algorithm that processes
1086      eight blocks parallel using the AVX instruction set.
1087
1088      See also:
1089      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1090
1091config CRYPTO_TEA
1092    tristate "TEA, XTEA and XETA cipher algorithms"
1093    select CRYPTO_ALGAPI
1094    help
1095      TEA cipher algorithm.
1096
1097      Tiny Encryption Algorithm is a simple cipher that uses
1098      many rounds for security. It is very fast and uses
1099      little memory.
1100
1101      Xtendend Tiny Encryption Algorithm is a modification to
1102      the TEA algorithm to address a potential key weakness
1103      in the TEA algorithm.
1104
1105      Xtendend Encryption Tiny Algorithm is a mis-implementation
1106      of the XTEA algorithm for compatibility purposes.
1107
1108config CRYPTO_TWOFISH
1109    tristate "Twofish cipher algorithm"
1110    select CRYPTO_ALGAPI
1111    select CRYPTO_TWOFISH_COMMON
1112    help
1113      Twofish cipher algorithm.
1114
1115      Twofish was submitted as an AES (Advanced Encryption Standard)
1116      candidate cipher by researchers at CounterPane Systems. It is a
1117      16 round block cipher supporting key sizes of 128, 192, and 256
1118      bits.
1119
1120      See also:
1121      <http://www.schneier.com/twofish.html>
1122
1123config CRYPTO_TWOFISH_COMMON
1124    tristate
1125    help
1126      Common parts of the Twofish cipher algorithm shared by the
1127      generic c and the assembler implementations.
1128
1129config CRYPTO_TWOFISH_586
1130    tristate "Twofish cipher algorithms (i586)"
1131    depends on (X86 || UML_X86) && !64BIT
1132    select CRYPTO_ALGAPI
1133    select CRYPTO_TWOFISH_COMMON
1134    help
1135      Twofish cipher algorithm.
1136
1137      Twofish was submitted as an AES (Advanced Encryption Standard)
1138      candidate cipher by researchers at CounterPane Systems. It is a
1139      16 round block cipher supporting key sizes of 128, 192, and 256
1140      bits.
1141
1142      See also:
1143      <http://www.schneier.com/twofish.html>
1144
1145config CRYPTO_TWOFISH_X86_64
1146    tristate "Twofish cipher algorithm (x86_64)"
1147    depends on (X86 || UML_X86) && 64BIT
1148    select CRYPTO_ALGAPI
1149    select CRYPTO_TWOFISH_COMMON
1150    help
1151      Twofish cipher algorithm (x86_64).
1152
1153      Twofish was submitted as an AES (Advanced Encryption Standard)
1154      candidate cipher by researchers at CounterPane Systems. It is a
1155      16 round block cipher supporting key sizes of 128, 192, and 256
1156      bits.
1157
1158      See also:
1159      <http://www.schneier.com/twofish.html>
1160
1161config CRYPTO_TWOFISH_X86_64_3WAY
1162    tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1163    depends on X86 && 64BIT
1164    select CRYPTO_ALGAPI
1165    select CRYPTO_TWOFISH_COMMON
1166    select CRYPTO_TWOFISH_X86_64
1167    select CRYPTO_GLUE_HELPER_X86
1168    select CRYPTO_LRW
1169    select CRYPTO_XTS
1170    help
1171      Twofish cipher algorithm (x86_64, 3-way parallel).
1172
1173      Twofish was submitted as an AES (Advanced Encryption Standard)
1174      candidate cipher by researchers at CounterPane Systems. It is a
1175      16 round block cipher supporting key sizes of 128, 192, and 256
1176      bits.
1177
1178      This module provides Twofish cipher algorithm that processes three
1179      blocks parallel, utilizing resources of out-of-order CPUs better.
1180
1181      See also:
1182      <http://www.schneier.com/twofish.html>
1183
1184config CRYPTO_TWOFISH_AVX_X86_64
1185    tristate "Twofish cipher algorithm (x86_64/AVX)"
1186    depends on X86 && 64BIT
1187    select CRYPTO_ALGAPI
1188    select CRYPTO_CRYPTD
1189    select CRYPTO_ABLK_HELPER_X86
1190    select CRYPTO_GLUE_HELPER_X86
1191    select CRYPTO_TWOFISH_COMMON
1192    select CRYPTO_TWOFISH_X86_64
1193    select CRYPTO_TWOFISH_X86_64_3WAY
1194    select CRYPTO_LRW
1195    select CRYPTO_XTS
1196    help
1197      Twofish cipher algorithm (x86_64/AVX).
1198
1199      Twofish was submitted as an AES (Advanced Encryption Standard)
1200      candidate cipher by researchers at CounterPane Systems. It is a
1201      16 round block cipher supporting key sizes of 128, 192, and 256
1202      bits.
1203
1204      This module provides the Twofish cipher algorithm that processes
1205      eight blocks parallel using the AVX Instruction Set.
1206
1207      See also:
1208      <http://www.schneier.com/twofish.html>
1209
1210comment "Compression"
1211
1212config CRYPTO_DEFLATE
1213    tristate "Deflate compression algorithm"
1214    select CRYPTO_ALGAPI
1215    select ZLIB_INFLATE
1216    select ZLIB_DEFLATE
1217    help
1218      This is the Deflate algorithm (RFC1951), specified for use in
1219      IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1220
1221      You will most probably want this if using IPSec.
1222
1223config CRYPTO_ZLIB
1224    tristate "Zlib compression algorithm"
1225    select CRYPTO_PCOMP
1226    select ZLIB_INFLATE
1227    select ZLIB_DEFLATE
1228    select NLATTR
1229    help
1230      This is the zlib algorithm.
1231
1232config CRYPTO_LZO
1233    tristate "LZO compression algorithm"
1234    select CRYPTO_ALGAPI
1235    select LZO_COMPRESS
1236    select LZO_DECOMPRESS
1237    help
1238      This is the LZO algorithm.
1239
1240config CRYPTO_842
1241    tristate "842 compression algorithm"
1242    depends on CRYPTO_DEV_NX_COMPRESS
1243    # 842 uses lzo if the hardware becomes unavailable
1244    select LZO_COMPRESS
1245    select LZO_DECOMPRESS
1246    help
1247      This is the 842 algorithm.
1248
1249comment "Random Number Generation"
1250
1251config CRYPTO_ANSI_CPRNG
1252    tristate "Pseudo Random Number Generation for Cryptographic modules"
1253    default m
1254    select CRYPTO_AES
1255    select CRYPTO_RNG
1256    help
1257      This option enables the generic pseudo random number generator
1258      for cryptographic modules. Uses the Algorithm specified in
1259      ANSI X9.31 A.2.4. Note that this option must be enabled if
1260      CRYPTO_FIPS is selected
1261
1262config CRYPTO_USER_API
1263    tristate
1264
1265config CRYPTO_USER_API_HASH
1266    tristate "User-space interface for hash algorithms"
1267    depends on NET
1268    select CRYPTO_HASH
1269    select CRYPTO_USER_API
1270    help
1271      This option enables the user-spaces interface for hash
1272      algorithms.
1273
1274config CRYPTO_USER_API_SKCIPHER
1275    tristate "User-space interface for symmetric key cipher algorithms"
1276    depends on NET
1277    select CRYPTO_BLKCIPHER
1278    select CRYPTO_USER_API
1279    help
1280      This option enables the user-spaces interface for symmetric
1281      key cipher algorithms.
1282
1283source "drivers/crypto/Kconfig"
1284source crypto/asymmetric_keys/Kconfig
1285
1286endif # if CRYPTO
1287

Archive Download this file



interactive