projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: rng - RNG interface and implementation
[linux-block.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 help
27 This options enables the fips boot option which is
28 required if you want to system to operate in a FIPS 200
29 certification. You should say no unless you know what
30 this is.
31
cce9e06d
HX		 32config CRYPTO_ALGAPI
33 tristate
34 help
35 This option provides the API for cryptographic algorithms.
36
1ae97820
HX		 37config CRYPTO_AEAD
38 tristate
39 select CRYPTO_ALGAPI
40
5cde0af2
HX		 41config CRYPTO_BLKCIPHER
42 tristate
43 select CRYPTO_ALGAPI
44
055bcee3
HX		 45config CRYPTO_HASH
46 tristate
47 select CRYPTO_ALGAPI
48
17f0f4a4
NH		 49config CRYPTO_RNG
50 tristate
51 select CRYPTO_ALGAPI
52
2b8c19db
HX		 53config CRYPTO_MANAGER
54 tristate "Cryptographic algorithm manager"
da7f033d
HX		 55 select CRYPTO_AEAD
56 select CRYPTO_HASH
57 select CRYPTO_BLKCIPHER
2b8c19db
HX		 58 help
59 Create default cryptographic template instantiations such as
60 cbc(aes).
61
584fffc8
SS		 62config CRYPTO_GF128MUL
63 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
333b0d7e 64 depends on EXPERIMENTAL
333b0d7e 65 help
584fffc8
SS		 66 Efficient table driven implementation of multiplications in the
67 field GF(2^128). This is needed by some cypher modes. This
68 option will be selected automatically if you select such a
69 cipher mode. Only select this option by hand if you expect to load
70 an external module that requires these functions.
333b0d7e 71
1da177e4
LT		 72config CRYPTO_NULL
73 tristate "Null algorithms"
cce9e06d 74 select CRYPTO_ALGAPI
c8620c25 75 select CRYPTO_BLKCIPHER
1da177e4
LT		 76 help
77 These are 'Null' algorithms, used by IPsec, which do nothing.
78
584fffc8
SS		 79config CRYPTO_CRYPTD
80 tristate "Software async crypto daemon"
81 select CRYPTO_BLKCIPHER
b8a28251 82 select CRYPTO_HASH
584fffc8 83 select CRYPTO_MANAGER
1da177e4 84 help
584fffc8
SS		 85 This is a generic software asynchronous crypto daemon that
86 converts an arbitrary synchronous software crypto algorithm
87 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 88
584fffc8
SS		 89config CRYPTO_AUTHENC
90 tristate "Authenc support"
91 select CRYPTO_AEAD
92 select CRYPTO_BLKCIPHER
93 select CRYPTO_MANAGER
94 select CRYPTO_HASH
1da177e4 95 help
584fffc8
SS		 96 Authenc: Combined mode wrapper for IPsec.
97 This is required for IPSec.
1da177e4 98
584fffc8
SS		 99config CRYPTO_TEST
100 tristate "Testing module"
101 depends on m
da7f033d 102 select CRYPTO_MANAGER
1da177e4 103 help
584fffc8 104 Quick & dirty crypto test module.
1da177e4 105
584fffc8 106comment "Authenticated Encryption with Associated Data"
cd12fb90 107
584fffc8
SS		 108config CRYPTO_CCM
109 tristate "CCM support"
110 select CRYPTO_CTR
111 select CRYPTO_AEAD
1da177e4 112 help
584fffc8 113 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 114
584fffc8
SS		 115config CRYPTO_GCM
116 tristate "GCM/GMAC support"
117 select CRYPTO_CTR
118 select CRYPTO_AEAD
119 select CRYPTO_GF128MUL
1da177e4 120 help
584fffc8
SS		 121 Support for Galois/Counter Mode (GCM) and Galois Message
122 Authentication Code (GMAC). Required for IPSec.
1da177e4 123
584fffc8
SS		 124config CRYPTO_SEQIV
125 tristate "Sequence Number IV Generator"
126 select CRYPTO_AEAD
127 select CRYPTO_BLKCIPHER
1da177e4 128 help
584fffc8
SS		 129 This IV generator generates an IV based on a sequence number by
130 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 131
584fffc8 132comment "Block modes"
c494e070 133
584fffc8
SS		 134config CRYPTO_CBC
135 tristate "CBC support"
db131ef9 136 select CRYPTO_BLKCIPHER
43518407 137 select CRYPTO_MANAGER
db131ef9 138 help
584fffc8
SS		 139 CBC: Cipher Block Chaining mode
140 This block cipher algorithm is required for IPSec.
db131ef9 141
584fffc8
SS		 142config CRYPTO_CTR
143 tristate "CTR support"
db131ef9 144 select CRYPTO_BLKCIPHER
584fffc8 145 select CRYPTO_SEQIV
43518407 146 select CRYPTO_MANAGER
db131ef9 147 help
584fffc8 148 CTR: Counter mode
db131ef9
HX		 149 This block cipher algorithm is required for IPSec.
150
584fffc8
SS		 151config CRYPTO_CTS
152 tristate "CTS support"
153 select CRYPTO_BLKCIPHER
154 help
155 CTS: Cipher Text Stealing
156 This is the Cipher Text Stealing mode as described by
157 Section 8 of rfc2040 and referenced by rfc3962.
158 (rfc3962 includes errata information in its Appendix A)
159 This mode is required for Kerberos gss mechanism support
160 for AES encryption.
161
162config CRYPTO_ECB
163 tristate "ECB support"
91652be5
DH		 164 select CRYPTO_BLKCIPHER
165 select CRYPTO_MANAGER
91652be5 166 help
584fffc8
SS		 167 ECB: Electronic CodeBook mode
168 This is the simplest block cipher algorithm. It simply encrypts
169 the input block by block.
91652be5 170
64470f1b
RS		 171config CRYPTO_LRW
172 tristate "LRW support (EXPERIMENTAL)"
173 depends on EXPERIMENTAL
174 select CRYPTO_BLKCIPHER
175 select CRYPTO_MANAGER
176 select CRYPTO_GF128MUL
177 help
178 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
179 narrow block cipher mode for dm-crypt. Use it with cipher
180 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
181 The first 128, 192 or 256 bits in the key are used for AES and the
182 rest is used to tie each cipher block to its logical position.
183
584fffc8
SS		 184config CRYPTO_PCBC
185 tristate "PCBC support"
186 select CRYPTO_BLKCIPHER
187 select CRYPTO_MANAGER
188 help
189 PCBC: Propagating Cipher Block Chaining mode
190 This block cipher algorithm is required for RxRPC.
191
f19f5111
RS		 192config CRYPTO_XTS
193 tristate "XTS support (EXPERIMENTAL)"
194 depends on EXPERIMENTAL
195 select CRYPTO_BLKCIPHER
196 select CRYPTO_MANAGER
197 select CRYPTO_GF128MUL
198 help
199 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
200 key size 256, 384 or 512 bits. This implementation currently
201 can't handle a sectorsize which is not a multiple of 16 bytes.
202
584fffc8
SS		 203comment "Hash modes"
204
205config CRYPTO_HMAC
206 tristate "HMAC support"
207 select CRYPTO_HASH
23e353c8 208 select CRYPTO_MANAGER
23e353c8 209 help
584fffc8
SS		 210 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
211 This is required for IPSec.
23e353c8 212
584fffc8
SS		 213config CRYPTO_XCBC
214 tristate "XCBC support"
215 depends on EXPERIMENTAL
216 select CRYPTO_HASH
217 select CRYPTO_MANAGER
76cb9521 218 help
584fffc8
SS		 219 XCBC: Keyed-Hashing with encryption algorithm
220 http://www.ietf.org/rfc/rfc3566.txt
221 http://csrc.nist.gov/encryption/modes/proposedmodes/
222 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 223
584fffc8 224comment "Digest"
28db8e3e 225
584fffc8
SS		 226config CRYPTO_CRC32C
227 tristate "CRC32c CRC algorithm"
5773a3e6 228 select CRYPTO_HASH
584fffc8 229 select LIBCRC32C
4a49b499 230 help
584fffc8
SS		 231 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
232 by iSCSI for header and data digests and by others.
233 See Castagnoli93. This implementation uses lib/libcrc32c.
b6d44341 234 Module will be crc32c.
4a49b499 235
8cb51ba8
AZ		 236config CRYPTO_CRC32C_INTEL
237 tristate "CRC32c INTEL hardware acceleration"
238 depends on X86
239 select CRYPTO_HASH
240 help
241 In Intel processor with SSE4.2 supported, the processor will
242 support CRC32C implementation using hardware accelerated CRC32
243 instruction. This option will create 'crc32c-intel' module,
244 which will enable any routine to use the CRC32 instruction to
245 gain performance compared with software implementation.
246 Module will be crc32c-intel.
247
584fffc8
SS		 248config CRYPTO_MD4
249 tristate "MD4 digest algorithm"
250 select CRYPTO_ALGAPI
124b53d0 251 help
584fffc8 252 MD4 message digest algorithm (RFC1320).
124b53d0 253
584fffc8
SS		 254config CRYPTO_MD5
255 tristate "MD5 digest algorithm"
cce9e06d 256 select CRYPTO_ALGAPI
1da177e4 257 help
584fffc8 258 MD5 message digest algorithm (RFC1321).
1da177e4 259
584fffc8
SS		 260config CRYPTO_MICHAEL_MIC
261 tristate "Michael MIC keyed digest algorithm"
90831639 262 select CRYPTO_ALGAPI
90831639 263 help
584fffc8
SS		 264 Michael MIC is used for message integrity protection in TKIP
265 (IEEE 802.11i). This algorithm is required for TKIP, but it
266 should not be used for other purposes because of the weakness
267 of the algorithm.
90831639 268
82798f90 269config CRYPTO_RMD128
b6d44341
AB		 270 tristate "RIPEMD-128 digest algorithm"
271 select CRYPTO_ALGAPI
272 help
273 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 274
b6d44341
AB		 275 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
276 to be used as a secure replacement for RIPEMD. For other use cases
277 RIPEMD-160 should be used.
82798f90 278
b6d44341
AB		 279 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
280 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 281
282config CRYPTO_RMD160
b6d44341
AB		 283 tristate "RIPEMD-160 digest algorithm"
284 select CRYPTO_ALGAPI
285 help
286 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 287
b6d44341
AB		 288 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
289 to be used as a secure replacement for the 128-bit hash functions
290 MD4, MD5 and it's predecessor RIPEMD
291 (not to be confused with RIPEMD-128).
82798f90 292
b6d44341
AB		 293 It's speed is comparable to SHA1 and there are no known attacks
294 against RIPEMD-160.
534fe2c1 295
b6d44341
AB		 296 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
297 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 298
299config CRYPTO_RMD256
b6d44341
AB		 300 tristate "RIPEMD-256 digest algorithm"
301 select CRYPTO_ALGAPI
302 help
303 RIPEMD-256 is an optional extension of RIPEMD-128 with a
304 256 bit hash. It is intended for applications that require
305 longer hash-results, without needing a larger security level
306 (than RIPEMD-128).
534fe2c1 307
b6d44341
AB		 308 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
309 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 310
311config CRYPTO_RMD320
b6d44341
AB		 312 tristate "RIPEMD-320 digest algorithm"
313 select CRYPTO_ALGAPI
314 help
315 RIPEMD-320 is an optional extension of RIPEMD-160 with a
316 320 bit hash. It is intended for applications that require
317 longer hash-results, without needing a larger security level
318 (than RIPEMD-160).
534fe2c1 319
b6d44341
AB		 320 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
321 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 322
584fffc8
SS		 323config CRYPTO_SHA1
324 tristate "SHA1 digest algorithm"
cce9e06d 325 select CRYPTO_ALGAPI
1da177e4 326 help
584fffc8 327 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 328
584fffc8
SS		 329config CRYPTO_SHA256
330 tristate "SHA224 and SHA256 digest algorithm"
cce9e06d 331 select CRYPTO_ALGAPI
1da177e4 332 help
584fffc8 333 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 334
584fffc8
SS		 335 This version of SHA implements a 256 bit hash with 128 bits of
336 security against collision attacks.
2729bb42 337
b6d44341
AB		 338 This code also includes SHA-224, a 224 bit hash with 112 bits
339 of security against collision attacks.
584fffc8
SS		 340
341config CRYPTO_SHA512
342 tristate "SHA384 and SHA512 digest algorithms"
cce9e06d 343 select CRYPTO_ALGAPI
b9f535ff 344 help
584fffc8 345 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 346
584fffc8
SS		 347 This version of SHA implements a 512 bit hash with 256 bits of
348 security against collision attacks.
b9f535ff 349
584fffc8
SS		 350 This code also includes SHA-384, a 384 bit hash with 192 bits
351 of security against collision attacks.
b9f535ff 352
584fffc8
SS		 353config CRYPTO_TGR192
354 tristate "Tiger digest algorithms"
cce9e06d 355 select CRYPTO_ALGAPI
eaf44088 356 help
584fffc8 357 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 358
584fffc8
SS		 359 Tiger is a hash function optimized for 64-bit processors while
360 still having decent performance on 32-bit processors.
361 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 362
363 See also:
584fffc8 364 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 365
584fffc8
SS		 366config CRYPTO_WP512
367 tristate "Whirlpool digest algorithms"
cce9e06d 368 select CRYPTO_ALGAPI
1da177e4 369 help
584fffc8 370 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 371
584fffc8
SS		 372 Whirlpool-512 is part of the NESSIE cryptographic primitives.
373 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 374
375 See also:
584fffc8
SS		 376 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
377
378comment "Ciphers"
1da177e4
LT		 379
380config CRYPTO_AES
381 tristate "AES cipher algorithms"
cce9e06d 382 select CRYPTO_ALGAPI
1da177e4 383 help
584fffc8 384 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 385 algorithm.
386
387 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 388 both hardware and software across a wide range of computing
389 environments regardless of its use in feedback or non-feedback
390 modes. Its key setup time is excellent, and its key agility is
391 good. Rijndael's very low memory requirements make it very well
392 suited for restricted-space environments, in which it also
393 demonstrates excellent performance. Rijndael's operations are
394 among the easiest to defend against power and timing attacks.
1da177e4 395
584fffc8 396 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 397
398 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
399
400config CRYPTO_AES_586
401 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 402 depends on (X86 || UML_X86) && !64BIT
403 select CRYPTO_ALGAPI
5157dea8 404 select CRYPTO_AES
1da177e4 405 help
584fffc8 406 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 407 algorithm.
408
409 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 410 both hardware and software across a wide range of computing
411 environments regardless of its use in feedback or non-feedback
412 modes. Its key setup time is excellent, and its key agility is
413 good. Rijndael's very low memory requirements make it very well
414 suited for restricted-space environments, in which it also
415 demonstrates excellent performance. Rijndael's operations are
416 among the easiest to defend against power and timing attacks.
1da177e4 417
584fffc8 418 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 419
420 See <http://csrc.nist.gov/encryption/aes/> for more information.
421
422config CRYPTO_AES_X86_64
423 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 424 depends on (X86 || UML_X86) && 64BIT
425 select CRYPTO_ALGAPI
81190b32 426 select CRYPTO_AES
a2a892a2 427 help
584fffc8 428 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 429 algorithm.
430
431 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 432 both hardware and software across a wide range of computing
433 environments regardless of its use in feedback or non-feedback
434 modes. Its key setup time is excellent, and its key agility is
435 good. Rijndael's very low memory requirements make it very well
436 suited for restricted-space environments, in which it also
437 demonstrates excellent performance. Rijndael's operations are
438 among the easiest to defend against power and timing attacks.
a2a892a2 439
584fffc8 440 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 441
442 See <http://csrc.nist.gov/encryption/aes/> for more information.
443
584fffc8
SS		 444config CRYPTO_ANUBIS
445 tristate "Anubis cipher algorithm"
446 select CRYPTO_ALGAPI
447 help
448 Anubis cipher algorithm.
449
450 Anubis is a variable key length cipher which can use keys from
451 128 bits to 320 bits in length. It was evaluated as a entrant
452 in the NESSIE competition.
453
454 See also:
455 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
456 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
457
458config CRYPTO_ARC4
459 tristate "ARC4 cipher algorithm"
460 select CRYPTO_ALGAPI
461 help
462 ARC4 cipher algorithm.
463
464 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
465 bits in length. This algorithm is required for driver-based
466 WEP, but it should not be for other purposes because of the
467 weakness of the algorithm.
468
469config CRYPTO_BLOWFISH
470 tristate "Blowfish cipher algorithm"
471 select CRYPTO_ALGAPI
472 help
473 Blowfish cipher algorithm, by Bruce Schneier.
474
475 This is a variable key length cipher which can use keys from 32
476 bits to 448 bits in length. It's fast, simple and specifically
477 designed for use on "large microprocessors".
478
479 See also:
480 <http://www.schneier.com/blowfish.html>
481
482config CRYPTO_CAMELLIA
483 tristate "Camellia cipher algorithms"
484 depends on CRYPTO
485 select CRYPTO_ALGAPI
486 help
487 Camellia cipher algorithms module.
488
489 Camellia is a symmetric key block cipher developed jointly
490 at NTT and Mitsubishi Electric Corporation.
491
492 The Camellia specifies three key sizes: 128, 192 and 256 bits.
493
494 See also:
495 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
496
1da177e4
LT		 497config CRYPTO_CAST5
498 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 499 select CRYPTO_ALGAPI
1da177e4
LT		 500 help
501 The CAST5 encryption algorithm (synonymous with CAST-128) is
502 described in RFC2144.
503
504config CRYPTO_CAST6
505 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 506 select CRYPTO_ALGAPI
1da177e4
LT		 507 help
508 The CAST6 encryption algorithm (synonymous with CAST-256) is
509 described in RFC2612.
510
584fffc8
SS		 511config CRYPTO_DES
512 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 513 select CRYPTO_ALGAPI
1da177e4 514 help
584fffc8 515 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 516
584fffc8
SS		 517config CRYPTO_FCRYPT
518 tristate "FCrypt cipher algorithm"
cce9e06d 519 select CRYPTO_ALGAPI
584fffc8 520 select CRYPTO_BLKCIPHER
1da177e4 521 help
584fffc8 522 FCrypt algorithm used by RxRPC.
1da177e4
LT		 523
524config CRYPTO_KHAZAD
525 tristate "Khazad cipher algorithm"
cce9e06d 526 select CRYPTO_ALGAPI
1da177e4
LT		 527 help
528 Khazad cipher algorithm.
529
530 Khazad was a finalist in the initial NESSIE competition. It is
531 an algorithm optimized for 64-bit processors with good performance
532 on 32-bit processors. Khazad uses an 128 bit key size.
533
534 See also:
535 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
536
2407d608
TSH		 537config CRYPTO_SALSA20
538 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
539 depends on EXPERIMENTAL
540 select CRYPTO_BLKCIPHER
541 help
542 Salsa20 stream cipher algorithm.
543
544 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
545 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 546
547 The Salsa20 stream cipher algorithm is designed by Daniel J.
548 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
549
550config CRYPTO_SALSA20_586
551 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
552 depends on (X86 || UML_X86) && !64BIT
553 depends on EXPERIMENTAL
554 select CRYPTO_BLKCIPHER
974e4b75
TSH		 555 help
556 Salsa20 stream cipher algorithm.
557
558 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
559 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 560
561 The Salsa20 stream cipher algorithm is designed by Daniel J.
562 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
563
564config CRYPTO_SALSA20_X86_64
565 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
566 depends on (X86 || UML_X86) && 64BIT
567 depends on EXPERIMENTAL
568 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 569 help
570 Salsa20 stream cipher algorithm.
571
572 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
573 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 574
575 The Salsa20 stream cipher algorithm is designed by Daniel J.
576 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 577
584fffc8
SS		 578config CRYPTO_SEED
579 tristate "SEED cipher algorithm"
cce9e06d 580 select CRYPTO_ALGAPI
1da177e4 581 help
584fffc8 582 SEED cipher algorithm (RFC4269).
1da177e4 583
584fffc8
SS		 584 SEED is a 128-bit symmetric key block cipher that has been
585 developed by KISA (Korea Information Security Agency) as a
586 national standard encryption algorithm of the Republic of Korea.
587 It is a 16 round block cipher with the key size of 128 bit.
588
589 See also:
590 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
591
592config CRYPTO_SERPENT
593 tristate "Serpent cipher algorithm"
cce9e06d 594 select CRYPTO_ALGAPI
1da177e4 595 help
584fffc8 596 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 597
584fffc8
SS		 598 Keys are allowed to be from 0 to 256 bits in length, in steps
599 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
600 variant of Serpent for compatibility with old kerneli.org code.
601
602 See also:
603 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
604
605config CRYPTO_TEA
606 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 607 select CRYPTO_ALGAPI
1da177e4 608 help
584fffc8 609 TEA cipher algorithm.
1da177e4 610
584fffc8
SS		 611 Tiny Encryption Algorithm is a simple cipher that uses
612 many rounds for security. It is very fast and uses
613 little memory.
614
615 Xtendend Tiny Encryption Algorithm is a modification to
616 the TEA algorithm to address a potential key weakness
617 in the TEA algorithm.
618
619 Xtendend Encryption Tiny Algorithm is a mis-implementation
620 of the XTEA algorithm for compatibility purposes.
621
622config CRYPTO_TWOFISH
623 tristate "Twofish cipher algorithm"
04ac7db3 624 select CRYPTO_ALGAPI
584fffc8 625 select CRYPTO_TWOFISH_COMMON
04ac7db3 626 help
584fffc8 627 Twofish cipher algorithm.
04ac7db3 628
584fffc8
SS		 629 Twofish was submitted as an AES (Advanced Encryption Standard)
630 candidate cipher by researchers at CounterPane Systems. It is a
631 16 round block cipher supporting key sizes of 128, 192, and 256
632 bits.
04ac7db3 633
584fffc8
SS		 634 See also:
635 <http://www.schneier.com/twofish.html>
636
637config CRYPTO_TWOFISH_COMMON
638 tristate
639 help
640 Common parts of the Twofish cipher algorithm shared by the
641 generic c and the assembler implementations.
642
643config CRYPTO_TWOFISH_586
644 tristate "Twofish cipher algorithms (i586)"
645 depends on (X86 || UML_X86) && !64BIT
646 select CRYPTO_ALGAPI
647 select CRYPTO_TWOFISH_COMMON
648 help
649 Twofish cipher algorithm.
650
651 Twofish was submitted as an AES (Advanced Encryption Standard)
652 candidate cipher by researchers at CounterPane Systems. It is a
653 16 round block cipher supporting key sizes of 128, 192, and 256
654 bits.
04ac7db3
NT		 655
656 See also:
584fffc8 657 <http://www.schneier.com/twofish.html>
04ac7db3 658
584fffc8
SS		 659config CRYPTO_TWOFISH_X86_64
660 tristate "Twofish cipher algorithm (x86_64)"
661 depends on (X86 || UML_X86) && 64BIT
cce9e06d 662 select CRYPTO_ALGAPI
584fffc8 663 select CRYPTO_TWOFISH_COMMON
1da177e4 664 help
584fffc8 665 Twofish cipher algorithm (x86_64).
1da177e4 666
584fffc8
SS		 667 Twofish was submitted as an AES (Advanced Encryption Standard)
668 candidate cipher by researchers at CounterPane Systems. It is a
669 16 round block cipher supporting key sizes of 128, 192, and 256
670 bits.
671
672 See also:
673 <http://www.schneier.com/twofish.html>
674
675comment "Compression"
676
677config CRYPTO_DEFLATE
678 tristate "Deflate compression algorithm"
679 select CRYPTO_ALGAPI
680 select ZLIB_INFLATE
681 select ZLIB_DEFLATE
3c09f17c 682 help
584fffc8
SS		 683 This is the Deflate algorithm (RFC1951), specified for use in
684 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
685
686 You will most probably want this if using IPSec.
3c09f17c 687
0b77abb3
ZS		 688config CRYPTO_LZO
689 tristate "LZO compression algorithm"
690 select CRYPTO_ALGAPI
691 select LZO_COMPRESS
692 select LZO_DECOMPRESS
693 help
694 This is the LZO algorithm.
695
17f0f4a4
NH		 696comment "Random Number Generation"
697
698config CRYPTO_ANSI_CPRNG
699 tristate "Pseudo Random Number Generation for Cryptographic modules"
700 select CRYPTO_AES
701 select CRYPTO_RNG
702 select CRYPTO_FIPS
703 help
704 This option enables the generic pseudo random number generator
705 for cryptographic modules. Uses the Algorithm specified in
706 ANSI X9.31 A.2.4
707
1da177e4 708source "drivers/crypto/Kconfig"
1da177e4 709
cce9e06d 710endif # if CRYPTO
Linux 6.x block layer and io_uring tree(s)