Root/crypto/Kconfig

1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5    tristate
6
7#
8# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
13# Cryptographic API Configuration
14#
15menuconfig CRYPTO
16    tristate "Cryptographic API"
17    help
18      This option provides the core Cryptographic API.
19
20if CRYPTO
21
22comment "Crypto core or helper"
23
24config CRYPTO_FIPS
25    bool "FIPS 200 compliance"
26    depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS
27    help
28      This options enables the fips boot option which is
29      required if you want to system to operate in a FIPS 200
30      certification. You should say no unless you know what
31      this is.
32
33config CRYPTO_ALGAPI
34    tristate
35    select CRYPTO_ALGAPI2
36    help
37      This option provides the API for cryptographic algorithms.
38
39config CRYPTO_ALGAPI2
40    tristate
41
42config CRYPTO_AEAD
43    tristate
44    select CRYPTO_AEAD2
45    select CRYPTO_ALGAPI
46
47config CRYPTO_AEAD2
48    tristate
49    select CRYPTO_ALGAPI2
50
51config CRYPTO_BLKCIPHER
52    tristate
53    select CRYPTO_BLKCIPHER2
54    select CRYPTO_ALGAPI
55
56config CRYPTO_BLKCIPHER2
57    tristate
58    select CRYPTO_ALGAPI2
59    select CRYPTO_RNG2
60    select CRYPTO_WORKQUEUE
61
62config CRYPTO_HASH
63    tristate
64    select CRYPTO_HASH2
65    select CRYPTO_ALGAPI
66
67config CRYPTO_HASH2
68    tristate
69    select CRYPTO_ALGAPI2
70
71config CRYPTO_RNG
72    tristate
73    select CRYPTO_RNG2
74    select CRYPTO_ALGAPI
75
76config CRYPTO_RNG2
77    tristate
78    select CRYPTO_ALGAPI2
79
80config CRYPTO_PCOMP
81    tristate
82    select CRYPTO_PCOMP2
83    select CRYPTO_ALGAPI
84
85config CRYPTO_PCOMP2
86    tristate
87    select CRYPTO_ALGAPI2
88
89config CRYPTO_MANAGER
90    tristate "Cryptographic algorithm manager"
91    select CRYPTO_MANAGER2
92    help
93      Create default cryptographic template instantiations such as
94      cbc(aes).
95
96config CRYPTO_MANAGER2
97    def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
98    select CRYPTO_AEAD2
99    select CRYPTO_HASH2
100    select CRYPTO_BLKCIPHER2
101    select CRYPTO_PCOMP2
102
103config CRYPTO_MANAGER_DISABLE_TESTS
104    bool "Disable run-time self tests"
105    default y
106    depends on CRYPTO_MANAGER2
107    help
108      Disable run-time self tests that normally take place at
109      algorithm registration.
110
111config CRYPTO_GF128MUL
112    tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
113    depends on EXPERIMENTAL
114    help
115      Efficient table driven implementation of multiplications in the
116      field GF(2^128). This is needed by some cypher modes. This
117      option will be selected automatically if you select such a
118      cipher mode. Only select this option by hand if you expect to load
119      an external module that requires these functions.
120
121config CRYPTO_NULL
122    tristate "Null algorithms"
123    select CRYPTO_ALGAPI
124    select CRYPTO_BLKCIPHER
125    select CRYPTO_HASH
126    help
127      These are 'Null' algorithms, used by IPsec, which do nothing.
128
129config CRYPTO_PCRYPT
130    tristate "Parallel crypto engine (EXPERIMENTAL)"
131    depends on SMP && EXPERIMENTAL
132    select PADATA
133    select CRYPTO_MANAGER
134    select CRYPTO_AEAD
135    help
136      This converts an arbitrary crypto algorithm into a parallel
137      algorithm that executes in kernel threads.
138
139config CRYPTO_WORKQUEUE
140       tristate
141
142config CRYPTO_CRYPTD
143    tristate "Software async crypto daemon"
144    select CRYPTO_BLKCIPHER
145    select CRYPTO_HASH
146    select CRYPTO_MANAGER
147    select CRYPTO_WORKQUEUE
148    help
149      This is a generic software asynchronous crypto daemon that
150      converts an arbitrary synchronous software crypto algorithm
151      into an asynchronous algorithm that executes in a kernel thread.
152
153config CRYPTO_AUTHENC
154    tristate "Authenc support"
155    select CRYPTO_AEAD
156    select CRYPTO_BLKCIPHER
157    select CRYPTO_MANAGER
158    select CRYPTO_HASH
159    help
160      Authenc: Combined mode wrapper for IPsec.
161      This is required for IPSec.
162
163config CRYPTO_TEST
164    tristate "Testing module"
165    depends on m
166    select CRYPTO_MANAGER
167    help
168      Quick & dirty crypto test module.
169
170comment "Authenticated Encryption with Associated Data"
171
172config CRYPTO_CCM
173    tristate "CCM support"
174    select CRYPTO_CTR
175    select CRYPTO_AEAD
176    help
177      Support for Counter with CBC MAC. Required for IPsec.
178
179config CRYPTO_GCM
180    tristate "GCM/GMAC support"
181    select CRYPTO_CTR
182    select CRYPTO_AEAD
183    select CRYPTO_GHASH
184    help
185      Support for Galois/Counter Mode (GCM) and Galois Message
186      Authentication Code (GMAC). Required for IPSec.
187
188config CRYPTO_SEQIV
189    tristate "Sequence Number IV Generator"
190    select CRYPTO_AEAD
191    select CRYPTO_BLKCIPHER
192    select CRYPTO_RNG
193    help
194      This IV generator generates an IV based on a sequence number by
195      xoring it with a salt. This algorithm is mainly useful for CTR
196
197comment "Block modes"
198
199config CRYPTO_CBC
200    tristate "CBC support"
201    select CRYPTO_BLKCIPHER
202    select CRYPTO_MANAGER
203    help
204      CBC: Cipher Block Chaining mode
205      This block cipher algorithm is required for IPSec.
206
207config CRYPTO_CTR
208    tristate "CTR support"
209    select CRYPTO_BLKCIPHER
210    select CRYPTO_SEQIV
211    select CRYPTO_MANAGER
212    help
213      CTR: Counter mode
214      This block cipher algorithm is required for IPSec.
215
216config CRYPTO_CTS
217    tristate "CTS support"
218    select CRYPTO_BLKCIPHER
219    help
220      CTS: Cipher Text Stealing
221      This is the Cipher Text Stealing mode as described by
222      Section 8 of rfc2040 and referenced by rfc3962.
223      (rfc3962 includes errata information in its Appendix A)
224      This mode is required for Kerberos gss mechanism support
225      for AES encryption.
226
227config CRYPTO_ECB
228    tristate "ECB support"
229    select CRYPTO_BLKCIPHER
230    select CRYPTO_MANAGER
231    help
232      ECB: Electronic CodeBook mode
233      This is the simplest block cipher algorithm. It simply encrypts
234      the input block by block.
235
236config CRYPTO_LRW
237    tristate "LRW support (EXPERIMENTAL)"
238    depends on EXPERIMENTAL
239    select CRYPTO_BLKCIPHER
240    select CRYPTO_MANAGER
241    select CRYPTO_GF128MUL
242    help
243      LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
244      narrow block cipher mode for dm-crypt. Use it with cipher
245      specification string aes-lrw-benbi, the key must be 256, 320 or 384.
246      The first 128, 192 or 256 bits in the key are used for AES and the
247      rest is used to tie each cipher block to its logical position.
248
249config CRYPTO_PCBC
250    tristate "PCBC support"
251    select CRYPTO_BLKCIPHER
252    select CRYPTO_MANAGER
253    help
254      PCBC: Propagating Cipher Block Chaining mode
255      This block cipher algorithm is required for RxRPC.
256
257config CRYPTO_XTS
258    tristate "XTS support (EXPERIMENTAL)"
259    depends on EXPERIMENTAL
260    select CRYPTO_BLKCIPHER
261    select CRYPTO_MANAGER
262    select CRYPTO_GF128MUL
263    help
264      XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
265      key size 256, 384 or 512 bits. This implementation currently
266      can't handle a sectorsize which is not a multiple of 16 bytes.
267
268config CRYPTO_FPU
269    tristate
270    select CRYPTO_BLKCIPHER
271    select CRYPTO_MANAGER
272
273comment "Hash modes"
274
275config CRYPTO_HMAC
276    tristate "HMAC support"
277    select CRYPTO_HASH
278    select CRYPTO_MANAGER
279    help
280      HMAC: Keyed-Hashing for Message Authentication (RFC2104).
281      This is required for IPSec.
282
283config CRYPTO_XCBC
284    tristate "XCBC support"
285    depends on EXPERIMENTAL
286    select CRYPTO_HASH
287    select CRYPTO_MANAGER
288    help
289      XCBC: Keyed-Hashing with encryption algorithm
290        http://www.ietf.org/rfc/rfc3566.txt
291        http://csrc.nist.gov/encryption/modes/proposedmodes/
292         xcbc-mac/xcbc-mac-spec.pdf
293
294config CRYPTO_VMAC
295    tristate "VMAC support"
296    depends on EXPERIMENTAL
297    select CRYPTO_HASH
298    select CRYPTO_MANAGER
299    help
300      VMAC is a message authentication algorithm designed for
301      very high speed on 64-bit architectures.
302
303      See also:
304      <http://fastcrypto.org/vmac>
305
306comment "Digest"
307
308config CRYPTO_CRC32C
309    tristate "CRC32c CRC algorithm"
310    select CRYPTO_HASH
311    help
312      Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
313      by iSCSI for header and data digests and by others.
314      See Castagnoli93. Module will be crc32c.
315
316config CRYPTO_CRC32C_INTEL
317    tristate "CRC32c INTEL hardware acceleration"
318    depends on X86
319    select CRYPTO_HASH
320    help
321      In Intel processor with SSE4.2 supported, the processor will
322      support CRC32C implementation using hardware accelerated CRC32
323      instruction. This option will create 'crc32c-intel' module,
324      which will enable any routine to use the CRC32 instruction to
325      gain performance compared with software implementation.
326      Module will be crc32c-intel.
327
328config CRYPTO_GHASH
329    tristate "GHASH digest algorithm"
330    select CRYPTO_SHASH
331    select CRYPTO_GF128MUL
332    help
333      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
334
335config CRYPTO_MD4
336    tristate "MD4 digest algorithm"
337    select CRYPTO_HASH
338    help
339      MD4 message digest algorithm (RFC1320).
340
341config CRYPTO_MD5
342    tristate "MD5 digest algorithm"
343    select CRYPTO_HASH
344    help
345      MD5 message digest algorithm (RFC1321).
346
347config CRYPTO_MICHAEL_MIC
348    tristate "Michael MIC keyed digest algorithm"
349    select CRYPTO_HASH
350    help
351      Michael MIC is used for message integrity protection in TKIP
352      (IEEE 802.11i). This algorithm is required for TKIP, but it
353      should not be used for other purposes because of the weakness
354      of the algorithm.
355
356config CRYPTO_RMD128
357    tristate "RIPEMD-128 digest algorithm"
358    select CRYPTO_HASH
359    help
360      RIPEMD-128 (ISO/IEC 10118-3:2004).
361
362      RIPEMD-128 is a 128-bit cryptographic hash function. It should only
363      to be used as a secure replacement for RIPEMD. For other use cases
364      RIPEMD-160 should be used.
365
366      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
367      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
368
369config CRYPTO_RMD160
370    tristate "RIPEMD-160 digest algorithm"
371    select CRYPTO_HASH
372    help
373      RIPEMD-160 (ISO/IEC 10118-3:2004).
374
375      RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
376      to be used as a secure replacement for the 128-bit hash functions
377      MD4, MD5 and it's predecessor RIPEMD
378      (not to be confused with RIPEMD-128).
379
380      It's speed is comparable to SHA1 and there are no known attacks
381      against RIPEMD-160.
382
383      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
384      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
385
386config CRYPTO_RMD256
387    tristate "RIPEMD-256 digest algorithm"
388    select CRYPTO_HASH
389    help
390      RIPEMD-256 is an optional extension of RIPEMD-128 with a
391      256 bit hash. It is intended for applications that require
392      longer hash-results, without needing a larger security level
393      (than RIPEMD-128).
394
395      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
396      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
397
398config CRYPTO_RMD320
399    tristate "RIPEMD-320 digest algorithm"
400    select CRYPTO_HASH
401    help
402      RIPEMD-320 is an optional extension of RIPEMD-160 with a
403      320 bit hash. It is intended for applications that require
404      longer hash-results, without needing a larger security level
405      (than RIPEMD-160).
406
407      Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
408      See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
409
410config CRYPTO_SHA1
411    tristate "SHA1 digest algorithm"
412    select CRYPTO_HASH
413    help
414      SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
415
416config CRYPTO_SHA256
417    tristate "SHA224 and SHA256 digest algorithm"
418    select CRYPTO_HASH
419    help
420      SHA256 secure hash standard (DFIPS 180-2).
421
422      This version of SHA implements a 256 bit hash with 128 bits of
423      security against collision attacks.
424
425      This code also includes SHA-224, a 224 bit hash with 112 bits
426      of security against collision attacks.
427
428config CRYPTO_SHA512
429    tristate "SHA384 and SHA512 digest algorithms"
430    select CRYPTO_HASH
431    help
432      SHA512 secure hash standard (DFIPS 180-2).
433
434      This version of SHA implements a 512 bit hash with 256 bits of
435      security against collision attacks.
436
437      This code also includes SHA-384, a 384 bit hash with 192 bits
438      of security against collision attacks.
439
440config CRYPTO_TGR192
441    tristate "Tiger digest algorithms"
442    select CRYPTO_HASH
443    help
444      Tiger hash algorithm 192, 160 and 128-bit hashes
445
446      Tiger is a hash function optimized for 64-bit processors while
447      still having decent performance on 32-bit processors.
448      Tiger was developed by Ross Anderson and Eli Biham.
449
450      See also:
451      <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
452
453config CRYPTO_WP512
454    tristate "Whirlpool digest algorithms"
455    select CRYPTO_HASH
456    help
457      Whirlpool hash algorithm 512, 384 and 256-bit hashes
458
459      Whirlpool-512 is part of the NESSIE cryptographic primitives.
460      Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
461
462      See also:
463      <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
464
465config CRYPTO_GHASH_CLMUL_NI_INTEL
466    tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
467    depends on (X86 || UML_X86) && 64BIT
468    select CRYPTO_SHASH
469    select CRYPTO_CRYPTD
470    help
471      GHASH is message digest algorithm for GCM (Galois/Counter Mode).
472      The implementation is accelerated by CLMUL-NI of Intel.
473
474comment "Ciphers"
475
476config CRYPTO_AES
477    tristate "AES cipher algorithms"
478    select CRYPTO_ALGAPI
479    help
480      AES cipher algorithms (FIPS-197). AES uses the Rijndael
481      algorithm.
482
483      Rijndael appears to be consistently a very good performer in
484      both hardware and software across a wide range of computing
485      environments regardless of its use in feedback or non-feedback
486      modes. Its key setup time is excellent, and its key agility is
487      good. Rijndael's very low memory requirements make it very well
488      suited for restricted-space environments, in which it also
489      demonstrates excellent performance. Rijndael's operations are
490      among the easiest to defend against power and timing attacks.
491
492      The AES specifies three key sizes: 128, 192 and 256 bits
493
494      See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
495
496config CRYPTO_AES_586
497    tristate "AES cipher algorithms (i586)"
498    depends on (X86 || UML_X86) && !64BIT
499    select CRYPTO_ALGAPI
500    select CRYPTO_AES
501    help
502      AES cipher algorithms (FIPS-197). AES uses the Rijndael
503      algorithm.
504
505      Rijndael appears to be consistently a very good performer in
506      both hardware and software across a wide range of computing
507      environments regardless of its use in feedback or non-feedback
508      modes. Its key setup time is excellent, and its key agility is
509      good. Rijndael's very low memory requirements make it very well
510      suited for restricted-space environments, in which it also
511      demonstrates excellent performance. Rijndael's operations are
512      among the easiest to defend against power and timing attacks.
513
514      The AES specifies three key sizes: 128, 192 and 256 bits
515
516      See <http://csrc.nist.gov/encryption/aes/> for more information.
517
518config CRYPTO_AES_X86_64
519    tristate "AES cipher algorithms (x86_64)"
520    depends on (X86 || UML_X86) && 64BIT
521    select CRYPTO_ALGAPI
522    select CRYPTO_AES
523    help
524      AES cipher algorithms (FIPS-197). AES uses the Rijndael
525      algorithm.
526
527      Rijndael appears to be consistently a very good performer in
528      both hardware and software across a wide range of computing
529      environments regardless of its use in feedback or non-feedback
530      modes. Its key setup time is excellent, and its key agility is
531      good. Rijndael's very low memory requirements make it very well
532      suited for restricted-space environments, in which it also
533      demonstrates excellent performance. Rijndael's operations are
534      among the easiest to defend against power and timing attacks.
535
536      The AES specifies three key sizes: 128, 192 and 256 bits
537
538      See <http://csrc.nist.gov/encryption/aes/> for more information.
539
540config CRYPTO_AES_NI_INTEL
541    tristate "AES cipher algorithms (AES-NI)"
542    depends on (X86 || UML_X86) && 64BIT
543    select CRYPTO_AES_X86_64
544    select CRYPTO_CRYPTD
545    select CRYPTO_ALGAPI
546    select CRYPTO_FPU
547    help
548      Use Intel AES-NI instructions for AES algorithm.
549
550      AES cipher algorithms (FIPS-197). AES uses the Rijndael
551      algorithm.
552
553      Rijndael appears to be consistently a very good performer in
554      both hardware and software across a wide range of computing
555      environments regardless of its use in feedback or non-feedback
556      modes. Its key setup time is excellent, and its key agility is
557      good. Rijndael's very low memory requirements make it very well
558      suited for restricted-space environments, in which it also
559      demonstrates excellent performance. Rijndael's operations are
560      among the easiest to defend against power and timing attacks.
561
562      The AES specifies three key sizes: 128, 192 and 256 bits
563
564      See <http://csrc.nist.gov/encryption/aes/> for more information.
565
566      In addition to AES cipher algorithm support, the
567      acceleration for some popular block cipher mode is supported
568      too, including ECB, CBC, CTR, LRW, PCBC, XTS.
569
570config CRYPTO_ANUBIS
571    tristate "Anubis cipher algorithm"
572    select CRYPTO_ALGAPI
573    help
574      Anubis cipher algorithm.
575
576      Anubis is a variable key length cipher which can use keys from
577      128 bits to 320 bits in length. It was evaluated as a entrant
578      in the NESSIE competition.
579
580      See also:
581      <https://www.cosic.esat.kuleuven.be/nessie/reports/>
582      <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
583
584config CRYPTO_ARC4
585    tristate "ARC4 cipher algorithm"
586    select CRYPTO_ALGAPI
587    help
588      ARC4 cipher algorithm.
589
590      ARC4 is a stream cipher using keys ranging from 8 bits to 2048
591      bits in length. This algorithm is required for driver-based
592      WEP, but it should not be for other purposes because of the
593      weakness of the algorithm.
594
595config CRYPTO_BLOWFISH
596    tristate "Blowfish cipher algorithm"
597    select CRYPTO_ALGAPI
598    help
599      Blowfish cipher algorithm, by Bruce Schneier.
600
601      This is a variable key length cipher which can use keys from 32
602      bits to 448 bits in length. It's fast, simple and specifically
603      designed for use on "large microprocessors".
604
605      See also:
606      <http://www.schneier.com/blowfish.html>
607
608config CRYPTO_CAMELLIA
609    tristate "Camellia cipher algorithms"
610    depends on CRYPTO
611    select CRYPTO_ALGAPI
612    help
613      Camellia cipher algorithms module.
614
615      Camellia is a symmetric key block cipher developed jointly
616      at NTT and Mitsubishi Electric Corporation.
617
618      The Camellia specifies three key sizes: 128, 192 and 256 bits.
619
620      See also:
621      <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
622
623config CRYPTO_CAST5
624    tristate "CAST5 (CAST-128) cipher algorithm"
625    select CRYPTO_ALGAPI
626    help
627      The CAST5 encryption algorithm (synonymous with CAST-128) is
628      described in RFC2144.
629
630config CRYPTO_CAST6
631    tristate "CAST6 (CAST-256) cipher algorithm"
632    select CRYPTO_ALGAPI
633    help
634      The CAST6 encryption algorithm (synonymous with CAST-256) is
635      described in RFC2612.
636
637config CRYPTO_DES
638    tristate "DES and Triple DES EDE cipher algorithms"
639    select CRYPTO_ALGAPI
640    help
641      DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
642
643config CRYPTO_FCRYPT
644    tristate "FCrypt cipher algorithm"
645    select CRYPTO_ALGAPI
646    select CRYPTO_BLKCIPHER
647    help
648      FCrypt algorithm used by RxRPC.
649
650config CRYPTO_KHAZAD
651    tristate "Khazad cipher algorithm"
652    select CRYPTO_ALGAPI
653    help
654      Khazad cipher algorithm.
655
656      Khazad was a finalist in the initial NESSIE competition. It is
657      an algorithm optimized for 64-bit processors with good performance
658      on 32-bit processors. Khazad uses an 128 bit key size.
659
660      See also:
661      <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
662
663config CRYPTO_SALSA20
664    tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
665    depends on EXPERIMENTAL
666    select CRYPTO_BLKCIPHER
667    help
668      Salsa20 stream cipher algorithm.
669
670      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
671      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
672
673      The Salsa20 stream cipher algorithm is designed by Daniel J.
674      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
675
676config CRYPTO_SALSA20_586
677    tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
678    depends on (X86 || UML_X86) && !64BIT
679    depends on EXPERIMENTAL
680    select CRYPTO_BLKCIPHER
681    help
682      Salsa20 stream cipher algorithm.
683
684      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
685      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
686
687      The Salsa20 stream cipher algorithm is designed by Daniel J.
688      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
689
690config CRYPTO_SALSA20_X86_64
691    tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
692    depends on (X86 || UML_X86) && 64BIT
693    depends on EXPERIMENTAL
694    select CRYPTO_BLKCIPHER
695    help
696      Salsa20 stream cipher algorithm.
697
698      Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
699      Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
700
701      The Salsa20 stream cipher algorithm is designed by Daniel J.
702      Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
703
704config CRYPTO_SEED
705    tristate "SEED cipher algorithm"
706    select CRYPTO_ALGAPI
707    help
708      SEED cipher algorithm (RFC4269).
709
710      SEED is a 128-bit symmetric key block cipher that has been
711      developed by KISA (Korea Information Security Agency) as a
712      national standard encryption algorithm of the Republic of Korea.
713      It is a 16 round block cipher with the key size of 128 bit.
714
715      See also:
716      <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
717
718config CRYPTO_SERPENT
719    tristate "Serpent cipher algorithm"
720    select CRYPTO_ALGAPI
721    help
722      Serpent cipher algorithm, by Anderson, Biham & Knudsen.
723
724      Keys are allowed to be from 0 to 256 bits in length, in steps
725      of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
726      variant of Serpent for compatibility with old kerneli.org code.
727
728      See also:
729      <http://www.cl.cam.ac.uk/~rja14/serpent.html>
730
731config CRYPTO_TEA
732    tristate "TEA, XTEA and XETA cipher algorithms"
733    select CRYPTO_ALGAPI
734    help
735      TEA cipher algorithm.
736
737      Tiny Encryption Algorithm is a simple cipher that uses
738      many rounds for security. It is very fast and uses
739      little memory.
740
741      Xtendend Tiny Encryption Algorithm is a modification to
742      the TEA algorithm to address a potential key weakness
743      in the TEA algorithm.
744
745      Xtendend Encryption Tiny Algorithm is a mis-implementation
746      of the XTEA algorithm for compatibility purposes.
747
748config CRYPTO_TWOFISH
749    tristate "Twofish cipher algorithm"
750    select CRYPTO_ALGAPI
751    select CRYPTO_TWOFISH_COMMON
752    help
753      Twofish cipher algorithm.
754
755      Twofish was submitted as an AES (Advanced Encryption Standard)
756      candidate cipher by researchers at CounterPane Systems. It is a
757      16 round block cipher supporting key sizes of 128, 192, and 256
758      bits.
759
760      See also:
761      <http://www.schneier.com/twofish.html>
762
763config CRYPTO_TWOFISH_COMMON
764    tristate
765    help
766      Common parts of the Twofish cipher algorithm shared by the
767      generic c and the assembler implementations.
768
769config CRYPTO_TWOFISH_586
770    tristate "Twofish cipher algorithms (i586)"
771    depends on (X86 || UML_X86) && !64BIT
772    select CRYPTO_ALGAPI
773    select CRYPTO_TWOFISH_COMMON
774    help
775      Twofish cipher algorithm.
776
777      Twofish was submitted as an AES (Advanced Encryption Standard)
778      candidate cipher by researchers at CounterPane Systems. It is a
779      16 round block cipher supporting key sizes of 128, 192, and 256
780      bits.
781
782      See also:
783      <http://www.schneier.com/twofish.html>
784
785config CRYPTO_TWOFISH_X86_64
786    tristate "Twofish cipher algorithm (x86_64)"
787    depends on (X86 || UML_X86) && 64BIT
788    select CRYPTO_ALGAPI
789    select CRYPTO_TWOFISH_COMMON
790    help
791      Twofish cipher algorithm (x86_64).
792
793      Twofish was submitted as an AES (Advanced Encryption Standard)
794      candidate cipher by researchers at CounterPane Systems. It is a
795      16 round block cipher supporting key sizes of 128, 192, and 256
796      bits.
797
798      See also:
799      <http://www.schneier.com/twofish.html>
800
801comment "Compression"
802
803config CRYPTO_DEFLATE
804    tristate "Deflate compression algorithm"
805    select CRYPTO_ALGAPI
806    select ZLIB_INFLATE
807    select ZLIB_DEFLATE
808    help
809      This is the Deflate algorithm (RFC1951), specified for use in
810      IPSec with the IPCOMP protocol (RFC3173, RFC2394).
811
812      You will most probably want this if using IPSec.
813
814config CRYPTO_ZLIB
815    tristate "Zlib compression algorithm"
816    select CRYPTO_PCOMP
817    select ZLIB_INFLATE
818    select ZLIB_DEFLATE
819    select NLATTR
820    help
821      This is the zlib algorithm.
822
823config CRYPTO_LZO
824    tristate "LZO compression algorithm"
825    select CRYPTO_ALGAPI
826    select LZO_COMPRESS
827    select LZO_DECOMPRESS
828    help
829      This is the LZO algorithm.
830
831comment "Random Number Generation"
832
833config CRYPTO_ANSI_CPRNG
834    tristate "Pseudo Random Number Generation for Cryptographic modules"
835    default m
836    select CRYPTO_AES
837    select CRYPTO_RNG
838    help
839      This option enables the generic pseudo random number generator
840      for cryptographic modules. Uses the Algorithm specified in
841      ANSI X9.31 A.2.4. Note that this option must be enabled if
842      CRYPTO_FIPS is selected
843
844source "drivers/crypto/Kconfig"
845
846endif # if CRYPTO
847

Archive Download this file



interactive