projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'firewire-updates' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee139...
[linux-2.6-block.git] / crypto / Kconfig
CommitLineData
b2441318 1# SPDX-License-Identifier: GPL-2.0
685784aa
DW		 2#
3# Generic algorithms support
4#
5config XOR_BLOCKS
6 tristate
7
1da177e4 8#
9bc89cd8 9# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 10#
9bc89cd8 11source "crypto/async_tx/Kconfig"
1da177e4 12
9bc89cd8
DW		 13#
14# Cryptographic API Configuration
15#
2e290f43 16menuconfig CRYPTO
c3715cb9 17 tristate "Cryptographic API"
1da177e4
LT		 18 help
19 This option provides the core Cryptographic API.
20
cce9e06d
HX		 21if CRYPTO
22
584fffc8
SS		 23comment "Crypto core or helper"
24
ccb778e1
NH		 25config CRYPTO_FIPS
26 bool "FIPS 200 compliance"
f2c89a10 27 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
1f696097 28 depends on (MODULE_SIG || !MODULES)
ccb778e1
NH		 29 help
30 This options enables the fips boot option which is
31 required if you want to system to operate in a FIPS 200
32 certification. You should say no unless you know what
e84c5480 33 this is.
ccb778e1 34
cce9e06d
HX		 35config CRYPTO_ALGAPI
36 tristate
6a0fcbb4 37 select CRYPTO_ALGAPI2
cce9e06d
HX		 38 help
39 This option provides the API for cryptographic algorithms.
40
6a0fcbb4
HX		 41config CRYPTO_ALGAPI2
42 tristate
43
1ae97820
HX		 44config CRYPTO_AEAD
45 tristate
6a0fcbb4 46 select CRYPTO_AEAD2
1ae97820
HX		 47 select CRYPTO_ALGAPI
48
6a0fcbb4
HX		 49config CRYPTO_AEAD2
50 tristate
51 select CRYPTO_ALGAPI2
149a3971
HX		 52 select CRYPTO_NULL2
53 select CRYPTO_RNG2
6a0fcbb4 54
5cde0af2
HX		 55config CRYPTO_BLKCIPHER
56 tristate
6a0fcbb4 57 select CRYPTO_BLKCIPHER2
5cde0af2 58 select CRYPTO_ALGAPI
6a0fcbb4
HX		 59
60config CRYPTO_BLKCIPHER2
61 tristate
62 select CRYPTO_ALGAPI2
63 select CRYPTO_RNG2
0a2e821d 64 select CRYPTO_WORKQUEUE
5cde0af2 65
055bcee3
HX		 66config CRYPTO_HASH
67 tristate
6a0fcbb4 68 select CRYPTO_HASH2
055bcee3
HX		 69 select CRYPTO_ALGAPI
70
6a0fcbb4
HX		 71config CRYPTO_HASH2
72 tristate
73 select CRYPTO_ALGAPI2
74
17f0f4a4
NH		 75config CRYPTO_RNG
76 tristate
6a0fcbb4 77 select CRYPTO_RNG2
17f0f4a4
NH		 78 select CRYPTO_ALGAPI
79
6a0fcbb4
HX		 80config CRYPTO_RNG2
81 tristate
82 select CRYPTO_ALGAPI2
83
401e4238
HX		 84config CRYPTO_RNG_DEFAULT
85 tristate
86 select CRYPTO_DRBG_MENU
87
3c339ab8
TS		 88config CRYPTO_AKCIPHER2
89 tristate
90 select CRYPTO_ALGAPI2
91
92config CRYPTO_AKCIPHER
93 tristate
94 select CRYPTO_AKCIPHER2
95 select CRYPTO_ALGAPI
96
4e5f2c40
SB		 97config CRYPTO_KPP2
98 tristate
99 select CRYPTO_ALGAPI2
100
101config CRYPTO_KPP
102 tristate
103 select CRYPTO_ALGAPI
104 select CRYPTO_KPP2
105
2ebda74f
GC		 106config CRYPTO_ACOMP2
107 tristate
108 select CRYPTO_ALGAPI2
8cd579d2 109 select SGL_ALLOC
2ebda74f
GC		 110
111config CRYPTO_ACOMP
112 tristate
113 select CRYPTO_ALGAPI
114 select CRYPTO_ACOMP2
115
cfc2bb32
TS		 116config CRYPTO_RSA
117 tristate "RSA algorithm"
425e0172 118 select CRYPTO_AKCIPHER
58446fef 119 select CRYPTO_MANAGER
cfc2bb32
TS		 120 select MPILIB
121 select ASN1
122 help
123 Generic implementation of the RSA public key algorithm.
124
802c7f1c
SB		 125config CRYPTO_DH
126 tristate "Diffie-Hellman algorithm"
127 select CRYPTO_KPP
128 select MPILIB
129 help
130 Generic implementation of the Diffie-Hellman algorithm.
131
3c4b2390
SB		 132config CRYPTO_ECDH
133 tristate "ECDH algorithm"
b5b90077 134 select CRYPTO_KPP
6755fd26 135 select CRYPTO_RNG_DEFAULT
3c4b2390
SB		 136 help
137 Generic implementation of the ECDH algorithm
802c7f1c 138
2b8c19db
HX		 139config CRYPTO_MANAGER
140 tristate "Cryptographic algorithm manager"
6a0fcbb4 141 select CRYPTO_MANAGER2
2b8c19db
HX		 142 help
143 Create default cryptographic template instantiations such as
144 cbc(aes).
145
6a0fcbb4
HX		 146config CRYPTO_MANAGER2
147 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
148 select CRYPTO_AEAD2
149 select CRYPTO_HASH2
150 select CRYPTO_BLKCIPHER2
946cc463 151 select CRYPTO_AKCIPHER2
4e5f2c40 152 select CRYPTO_KPP2
2ebda74f 153 select CRYPTO_ACOMP2
6a0fcbb4 154
a38f7907
SK		 155config CRYPTO_USER
156 tristate "Userspace cryptographic algorithm configuration"
5db017aa 157 depends on NET
a38f7907
SK		 158 select CRYPTO_MANAGER
159 help
d19978f5 160 Userspace configuration for cryptographic instantiations such as
a38f7907
SK		 161 cbc(aes).
162
326a6346
HX		 163config CRYPTO_MANAGER_DISABLE_TESTS
164 bool "Disable run-time self tests"
00ca28a5
HX		 165 default y
166 depends on CRYPTO_MANAGER2
0b767f96 167 help
326a6346
HX		 168 Disable run-time self tests that normally take place at
169 algorithm registration.
0b767f96 170
584fffc8 171config CRYPTO_GF128MUL
08c70fc3 172 tristate "GF(2^128) multiplication functions"
333b0d7e 173 help
584fffc8
SS		 174 Efficient table driven implementation of multiplications in the
175 field GF(2^128). This is needed by some cypher modes. This
176 option will be selected automatically if you select such a
177 cipher mode. Only select this option by hand if you expect to load
178 an external module that requires these functions.
333b0d7e 179
1da177e4
LT		 180config CRYPTO_NULL
181 tristate "Null algorithms"
149a3971 182 select CRYPTO_NULL2
1da177e4
LT		 183 help
184 These are 'Null' algorithms, used by IPsec, which do nothing.
185
149a3971 186config CRYPTO_NULL2
dd43c4e9 187 tristate
149a3971
HX		 188 select CRYPTO_ALGAPI2
189 select CRYPTO_BLKCIPHER2
190 select CRYPTO_HASH2
191
5068c7a8 192config CRYPTO_PCRYPT
3b4afaf2
KC		 193 tristate "Parallel crypto engine"
194 depends on SMP
5068c7a8
SK		 195 select PADATA
196 select CRYPTO_MANAGER
197 select CRYPTO_AEAD
198 help
199 This converts an arbitrary crypto algorithm into a parallel
200 algorithm that executes in kernel threads.
201
25c38d3f
HY		 202config CRYPTO_WORKQUEUE
203 tristate
204
584fffc8
SS		 205config CRYPTO_CRYPTD
206 tristate "Software async crypto daemon"
207 select CRYPTO_BLKCIPHER
b8a28251 208 select CRYPTO_HASH
584fffc8 209 select CRYPTO_MANAGER
254eff77 210 select CRYPTO_WORKQUEUE
1da177e4 211 help
584fffc8
SS		 212 This is a generic software asynchronous crypto daemon that
213 converts an arbitrary synchronous software crypto algorithm
214 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 215
1e65b81a
TC		 216config CRYPTO_MCRYPTD
217 tristate "Software async multi-buffer crypto daemon"
218 select CRYPTO_BLKCIPHER
219 select CRYPTO_HASH
220 select CRYPTO_MANAGER
221 select CRYPTO_WORKQUEUE
222 help
223 This is a generic software asynchronous crypto daemon that
224 provides the kernel thread to assist multi-buffer crypto
225 algorithms for submitting jobs and flushing jobs in multi-buffer
226 crypto algorithms. Multi-buffer crypto algorithms are executed
227 in the context of this kernel thread and drivers can post
0e56673b 228 their crypto request asynchronously to be processed by this daemon.
1e65b81a 229
584fffc8
SS		 230config CRYPTO_AUTHENC
231 tristate "Authenc support"
232 select CRYPTO_AEAD
233 select CRYPTO_BLKCIPHER
234 select CRYPTO_MANAGER
235 select CRYPTO_HASH
e94c6a7a 236 select CRYPTO_NULL
1da177e4 237 help
584fffc8
SS		 238 Authenc: Combined mode wrapper for IPsec.
239 This is required for IPSec.
1da177e4 240
584fffc8
SS		 241config CRYPTO_TEST
242 tristate "Testing module"
243 depends on m
da7f033d 244 select CRYPTO_MANAGER
1da177e4 245 help
584fffc8 246 Quick & dirty crypto test module.
1da177e4 247
a62b01cd 248config CRYPTO_ABLK_HELPER
ffaf9156 249 tristate
266d0516
HX		 250 select CRYPTO_CRYPTD
251
252config CRYPTO_SIMD
253 tristate
ffaf9156
JK		 254 select CRYPTO_CRYPTD
255
596d8750
JK		 256config CRYPTO_GLUE_HELPER_X86
257 tristate
258 depends on X86
065ce327 259 select CRYPTO_BLKCIPHER
596d8750 260
735d37b5
BW		 261config CRYPTO_ENGINE
262 tristate
263
584fffc8 264comment "Authenticated Encryption with Associated Data"
cd12fb90 265
584fffc8
SS		 266config CRYPTO_CCM
267 tristate "CCM support"
268 select CRYPTO_CTR
f15f05b0 269 select CRYPTO_HASH
584fffc8 270 select CRYPTO_AEAD
1da177e4 271 help
584fffc8 272 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 273
584fffc8
SS		 274config CRYPTO_GCM
275 tristate "GCM/GMAC support"
276 select CRYPTO_CTR
277 select CRYPTO_AEAD
9382d97a 278 select CRYPTO_GHASH
9489667d 279 select CRYPTO_NULL
1da177e4 280 help
584fffc8
SS		 281 Support for Galois/Counter Mode (GCM) and Galois Message
282 Authentication Code (GMAC). Required for IPSec.
1da177e4 283
71ebc4d1
MW		 284config CRYPTO_CHACHA20POLY1305
285 tristate "ChaCha20-Poly1305 AEAD support"
286 select CRYPTO_CHACHA20
287 select CRYPTO_POLY1305
288 select CRYPTO_AEAD
289 help
290 ChaCha20-Poly1305 AEAD support, RFC7539.
291
292 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
293 with the Poly1305 authenticator. It is defined in RFC7539 for use in
294 IETF protocols.
295
584fffc8
SS		 296config CRYPTO_SEQIV
297 tristate "Sequence Number IV Generator"
298 select CRYPTO_AEAD
299 select CRYPTO_BLKCIPHER
856e3f40 300 select CRYPTO_NULL
401e4238 301 select CRYPTO_RNG_DEFAULT
1da177e4 302 help
584fffc8
SS		 303 This IV generator generates an IV based on a sequence number by
304 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 305
a10f554f
HX		 306config CRYPTO_ECHAINIV
307 tristate "Encrypted Chain IV Generator"
308 select CRYPTO_AEAD
309 select CRYPTO_NULL
401e4238 310 select CRYPTO_RNG_DEFAULT
3491244c 311 default m
a10f554f
HX		 312 help
313 This IV generator generates an IV based on the encryption of
314 a sequence number xored with a salt. This is the default
315 algorithm for CBC.
316
584fffc8 317comment "Block modes"
c494e070 318
584fffc8
SS		 319config CRYPTO_CBC
320 tristate "CBC support"
db131ef9 321 select CRYPTO_BLKCIPHER
43518407 322 select CRYPTO_MANAGER
db131ef9 323 help
584fffc8
SS		 324 CBC: Cipher Block Chaining mode
325 This block cipher algorithm is required for IPSec.
db131ef9 326
584fffc8
SS		 327config CRYPTO_CTR
328 tristate "CTR support"
db131ef9 329 select CRYPTO_BLKCIPHER
584fffc8 330 select CRYPTO_SEQIV
43518407 331 select CRYPTO_MANAGER
db131ef9 332 help
584fffc8 333 CTR: Counter mode
db131ef9
HX		 334 This block cipher algorithm is required for IPSec.
335
584fffc8
SS		 336config CRYPTO_CTS
337 tristate "CTS support"
338 select CRYPTO_BLKCIPHER
339 help
340 CTS: Cipher Text Stealing
341 This is the Cipher Text Stealing mode as described by
342 Section 8 of rfc2040 and referenced by rfc3962.
343 (rfc3962 includes errata information in its Appendix A)
344 This mode is required for Kerberos gss mechanism support
345 for AES encryption.
346
347config CRYPTO_ECB
348 tristate "ECB support"
91652be5
DH		 349 select CRYPTO_BLKCIPHER
350 select CRYPTO_MANAGER
91652be5 351 help
584fffc8
SS		 352 ECB: Electronic CodeBook mode
353 This is the simplest block cipher algorithm. It simply encrypts
354 the input block by block.
91652be5 355
64470f1b 356config CRYPTO_LRW
2470a2b2 357 tristate "LRW support"
64470f1b
RS		 358 select CRYPTO_BLKCIPHER
359 select CRYPTO_MANAGER
360 select CRYPTO_GF128MUL
361 help
362 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
363 narrow block cipher mode for dm-crypt. Use it with cipher
364 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
365 The first 128, 192 or 256 bits in the key are used for AES and the
366 rest is used to tie each cipher block to its logical position.
367
584fffc8
SS		 368config CRYPTO_PCBC
369 tristate "PCBC support"
370 select CRYPTO_BLKCIPHER
371 select CRYPTO_MANAGER
372 help
373 PCBC: Propagating Cipher Block Chaining mode
374 This block cipher algorithm is required for RxRPC.
375
f19f5111 376config CRYPTO_XTS
5bcf8e6d 377 tristate "XTS support"
f19f5111
RS		 378 select CRYPTO_BLKCIPHER
379 select CRYPTO_MANAGER
12cb3a1c 380 select CRYPTO_ECB
f19f5111
RS		 381 help
382 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
383 key size 256, 384 or 512 bits. This implementation currently
384 can't handle a sectorsize which is not a multiple of 16 bytes.
385
1c49678e
SM		 386config CRYPTO_KEYWRAP
387 tristate "Key wrapping support"
388 select CRYPTO_BLKCIPHER
389 help
390 Support for key wrapping (NIST SP800-38F / RFC3394) without
391 padding.
392
584fffc8
SS		 393comment "Hash modes"
394
93b5e86a
JK		 395config CRYPTO_CMAC
396 tristate "CMAC support"
397 select CRYPTO_HASH
398 select CRYPTO_MANAGER
399 help
400 Cipher-based Message Authentication Code (CMAC) specified by
401 The National Institute of Standards and Technology (NIST).
402
403 https://tools.ietf.org/html/rfc4493
404 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
405
584fffc8
SS		 406config CRYPTO_HMAC
407 tristate "HMAC support"
408 select CRYPTO_HASH
23e353c8 409 select CRYPTO_MANAGER
23e353c8 410 help
584fffc8
SS		 411 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
412 This is required for IPSec.
23e353c8 413
584fffc8
SS		 414config CRYPTO_XCBC
415 tristate "XCBC support"
584fffc8
SS		 416 select CRYPTO_HASH
417 select CRYPTO_MANAGER
76cb9521 418 help
584fffc8
SS		 419 XCBC: Keyed-Hashing with encryption algorithm
420 http://www.ietf.org/rfc/rfc3566.txt
421 http://csrc.nist.gov/encryption/modes/proposedmodes/
422 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 423
f1939f7c
SW		 424config CRYPTO_VMAC
425 tristate "VMAC support"
f1939f7c
SW		 426 select CRYPTO_HASH
427 select CRYPTO_MANAGER
428 help
429 VMAC is a message authentication algorithm designed for
430 very high speed on 64-bit architectures.
431
432 See also:
433 <http://fastcrypto.org/vmac>
434
584fffc8 435comment "Digest"
28db8e3e 436
584fffc8
SS		 437config CRYPTO_CRC32C
438 tristate "CRC32c CRC algorithm"
5773a3e6 439 select CRYPTO_HASH
6a0962b2 440 select CRC32
4a49b499 441 help
584fffc8
SS		 442 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
443 by iSCSI for header and data digests and by others.
69c35efc 444 See Castagnoli93. Module will be crc32c.
4a49b499 445
8cb51ba8
AZ		 446config CRYPTO_CRC32C_INTEL
447 tristate "CRC32c INTEL hardware acceleration"
448 depends on X86
449 select CRYPTO_HASH
450 help
451 In Intel processor with SSE4.2 supported, the processor will
452 support CRC32C implementation using hardware accelerated CRC32
453 instruction. This option will create 'crc32c-intel' module,
454 which will enable any routine to use the CRC32 instruction to
455 gain performance compared with software implementation.
456 Module will be crc32c-intel.
457
7cf31864 458config CRYPTO_CRC32C_VPMSUM
6dd7a82c 459 tristate "CRC32c CRC algorithm (powerpc64)"
c12abf34 460 depends on PPC64 && ALTIVEC
6dd7a82c
AB		 461 select CRYPTO_HASH
462 select CRC32
463 help
464 CRC32c algorithm implemented using vector polynomial multiply-sum
465 (vpmsum) instructions, introduced in POWER8. Enable on POWER8
466 and newer processors for improved performance.
467
468
442a7c40
DM		 469config CRYPTO_CRC32C_SPARC64
470 tristate "CRC32c CRC algorithm (SPARC64)"
471 depends on SPARC64
472 select CRYPTO_HASH
473 select CRC32
474 help
475 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
476 when available.
477
78c37d19
AB		 478config CRYPTO_CRC32
479 tristate "CRC32 CRC algorithm"
480 select CRYPTO_HASH
481 select CRC32
482 help
483 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
484 Shash crypto api wrappers to crc32_le function.
485
486config CRYPTO_CRC32_PCLMUL
487 tristate "CRC32 PCLMULQDQ hardware acceleration"
488 depends on X86
489 select CRYPTO_HASH
490 select CRC32
491 help
492 From Intel Westmere and AMD Bulldozer processor with SSE4.2
493 and PCLMULQDQ supported, the processor will support
494 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
495 instruction. This option will create 'crc32-plcmul' module,
496 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
497 and gain better performance as compared with the table implementation.
498
68411521
HX		 499config CRYPTO_CRCT10DIF
500 tristate "CRCT10DIF algorithm"
501 select CRYPTO_HASH
502 help
503 CRC T10 Data Integrity Field computation is being cast as
504 a crypto transform. This allows for faster crc t10 diff
505 transforms to be used if they are available.
506
507config CRYPTO_CRCT10DIF_PCLMUL
508 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
509 depends on X86 && 64BIT && CRC_T10DIF
510 select CRYPTO_HASH
511 help
512 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
513 CRC T10 DIF PCLMULQDQ computation can be hardware
514 accelerated PCLMULQDQ instruction. This option will create
515 'crct10dif-plcmul' module, which is faster when computing the
516 crct10dif checksum as compared with the generic table implementation.
517
b01df1c1
DA		 518config CRYPTO_CRCT10DIF_VPMSUM
519 tristate "CRC32T10DIF powerpc64 hardware acceleration"
520 depends on PPC64 && ALTIVEC && CRC_T10DIF
521 select CRYPTO_HASH
522 help
523 CRC10T10DIF algorithm implemented using vector polynomial
524 multiply-sum (vpmsum) instructions, introduced in POWER8. Enable on
525 POWER8 and newer processors for improved performance.
526
146c8688
DA		 527config CRYPTO_VPMSUM_TESTER
528 tristate "Powerpc64 vpmsum hardware acceleration tester"
529 depends on CRYPTO_CRCT10DIF_VPMSUM && CRYPTO_CRC32C_VPMSUM
530 help
531 Stress test for CRC32c and CRC-T10DIF algorithms implemented with
532 POWER8 vpmsum instructions.
533 Unless you are testing these algorithms, you don't need this.
534
2cdc6899
HY		 535config CRYPTO_GHASH
536 tristate "GHASH digest algorithm"
2cdc6899 537 select CRYPTO_GF128MUL
578c60fb 538 select CRYPTO_HASH
2cdc6899
HY		 539 help
540 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
541
f979e014
MW		 542config CRYPTO_POLY1305
543 tristate "Poly1305 authenticator algorithm"
578c60fb 544 select CRYPTO_HASH
f979e014
MW		 545 help
546 Poly1305 authenticator algorithm, RFC7539.
547
548 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
549 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
550 in IETF protocols. This is the portable C implementation of Poly1305.
551
c70f4abe 552config CRYPTO_POLY1305_X86_64
b1ccc8f4 553 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
c70f4abe
MW		 554 depends on X86 && 64BIT
555 select CRYPTO_POLY1305
556 help
557 Poly1305 authenticator algorithm, RFC7539.
558
559 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
560 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
561 in IETF protocols. This is the x86_64 assembler implementation using SIMD
562 instructions.
563
584fffc8
SS		 564config CRYPTO_MD4
565 tristate "MD4 digest algorithm"
808a1763 566 select CRYPTO_HASH
124b53d0 567 help
584fffc8 568 MD4 message digest algorithm (RFC1320).
124b53d0 569
584fffc8
SS		 570config CRYPTO_MD5
571 tristate "MD5 digest algorithm"
14b75ba7 572 select CRYPTO_HASH
1da177e4 573 help
584fffc8 574 MD5 message digest algorithm (RFC1321).
1da177e4 575
d69e75de
AK		 576config CRYPTO_MD5_OCTEON
577 tristate "MD5 digest algorithm (OCTEON)"
578 depends on CPU_CAVIUM_OCTEON
579 select CRYPTO_MD5
580 select CRYPTO_HASH
581 help
582 MD5 message digest algorithm (RFC1321) implemented
583 using OCTEON crypto instructions, when available.
584
e8e59953
MS		 585config CRYPTO_MD5_PPC
586 tristate "MD5 digest algorithm (PPC)"
587 depends on PPC
588 select CRYPTO_HASH
589 help
590 MD5 message digest algorithm (RFC1321) implemented
591 in PPC assembler.
592
fa4dfedc
DM		 593config CRYPTO_MD5_SPARC64
594 tristate "MD5 digest algorithm (SPARC64)"
595 depends on SPARC64
596 select CRYPTO_MD5
597 select CRYPTO_HASH
598 help
599 MD5 message digest algorithm (RFC1321) implemented
600 using sparc64 crypto instructions, when available.
601
584fffc8
SS		 602config CRYPTO_MICHAEL_MIC
603 tristate "Michael MIC keyed digest algorithm"
19e2bf14 604 select CRYPTO_HASH
90831639 605 help
584fffc8
SS		 606 Michael MIC is used for message integrity protection in TKIP
607 (IEEE 802.11i). This algorithm is required for TKIP, but it
608 should not be used for other purposes because of the weakness
609 of the algorithm.
90831639 610
82798f90 611config CRYPTO_RMD128
b6d44341 612 tristate "RIPEMD-128 digest algorithm"
7c4468bc 613 select CRYPTO_HASH
b6d44341
AB		 614 help
615 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 616
b6d44341 617 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
35ed4b35 618 be used as a secure replacement for RIPEMD. For other use cases,
b6d44341 619 RIPEMD-160 should be used.
82798f90 620
b6d44341 621 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 622 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 623
624config CRYPTO_RMD160
b6d44341 625 tristate "RIPEMD-160 digest algorithm"
e5835fba 626 select CRYPTO_HASH
b6d44341
AB		 627 help
628 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 629
b6d44341
AB		 630 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
631 to be used as a secure replacement for the 128-bit hash functions
632 MD4, MD5 and it's predecessor RIPEMD
633 (not to be confused with RIPEMD-128).
82798f90 634
b6d44341
AB		 635 It's speed is comparable to SHA1 and there are no known attacks
636 against RIPEMD-160.
534fe2c1 637
b6d44341 638 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 639 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 640
641config CRYPTO_RMD256
b6d44341 642 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 643 select CRYPTO_HASH
b6d44341
AB		 644 help
645 RIPEMD-256 is an optional extension of RIPEMD-128 with a
646 256 bit hash. It is intended for applications that require
647 longer hash-results, without needing a larger security level
648 (than RIPEMD-128).
534fe2c1 649
b6d44341 650 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 651 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 652
653config CRYPTO_RMD320
b6d44341 654 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 655 select CRYPTO_HASH
b6d44341
AB		 656 help
657 RIPEMD-320 is an optional extension of RIPEMD-160 with a
658 320 bit hash. It is intended for applications that require
659 longer hash-results, without needing a larger security level
660 (than RIPEMD-160).
534fe2c1 661
b6d44341 662 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
6d8de74c 663 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 664
584fffc8
SS		 665config CRYPTO_SHA1
666 tristate "SHA1 digest algorithm"
54ccb367 667 select CRYPTO_HASH
1da177e4 668 help
584fffc8 669 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 670
66be8951 671config CRYPTO_SHA1_SSSE3
e38b6b7f 672 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
66be8951
MK		 673 depends on X86 && 64BIT
674 select CRYPTO_SHA1
675 select CRYPTO_HASH
676 help
677 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
678 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
e38b6b7f 679 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
680 when available.
66be8951 681
8275d1aa 682config CRYPTO_SHA256_SSSE3
e38b6b7f 683 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
8275d1aa
TC		 684 depends on X86 && 64BIT
685 select CRYPTO_SHA256
686 select CRYPTO_HASH
687 help
688 SHA-256 secure hash standard (DFIPS 180-2) implemented
689 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
690 Extensions version 1 (AVX1), or Advanced Vector Extensions
e38b6b7f 691 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
692 Instructions) when available.
87de4579
TC		 693
694config CRYPTO_SHA512_SSSE3
695 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
696 depends on X86 && 64BIT
697 select CRYPTO_SHA512
698 select CRYPTO_HASH
699 help
700 SHA-512 secure hash standard (DFIPS 180-2) implemented
701 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
702 Extensions version 1 (AVX1), or Advanced Vector Extensions
8275d1aa
TC		 703 version 2 (AVX2) instructions, when available.
704
efdb6f6e
AK		 705config CRYPTO_SHA1_OCTEON
706 tristate "SHA1 digest algorithm (OCTEON)"
707 depends on CPU_CAVIUM_OCTEON
708 select CRYPTO_SHA1
709 select CRYPTO_HASH
710 help
711 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
712 using OCTEON crypto instructions, when available.
713
4ff28d4c
DM		 714config CRYPTO_SHA1_SPARC64
715 tristate "SHA1 digest algorithm (SPARC64)"
716 depends on SPARC64
717 select CRYPTO_SHA1
718 select CRYPTO_HASH
719 help
720 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
721 using sparc64 crypto instructions, when available.
722
323a6bf1
ME		 723config CRYPTO_SHA1_PPC
724 tristate "SHA1 digest algorithm (powerpc)"
725 depends on PPC
726 help
727 This is the powerpc hardware accelerated implementation of the
728 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
729
d9850fc5
MS		 730config CRYPTO_SHA1_PPC_SPE
731 tristate "SHA1 digest algorithm (PPC SPE)"
732 depends on PPC && SPE
733 help
734 SHA-1 secure hash standard (DFIPS 180-4) implemented
735 using powerpc SPE SIMD instruction set.
736
1e65b81a
TC		 737config CRYPTO_SHA1_MB
738 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
739 depends on X86 && 64BIT
740 select CRYPTO_SHA1
741 select CRYPTO_HASH
742 select CRYPTO_MCRYPTD
743 help
744 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
745 using multi-buffer technique. This algorithm computes on
746 multiple data lanes concurrently with SIMD instructions for
747 better throughput. It should not be enabled by default but
748 used when there is significant amount of work to keep the keep
749 the data lanes filled to get performance benefit. If the data
750 lanes remain unfilled, a flush operation will be initiated to
751 process the crypto jobs, adding a slight latency.
752
9be7e244
MD		 753config CRYPTO_SHA256_MB
754 tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
755 depends on X86 && 64BIT
756 select CRYPTO_SHA256
757 select CRYPTO_HASH
758 select CRYPTO_MCRYPTD
759 help
760 SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
761 using multi-buffer technique. This algorithm computes on
762 multiple data lanes concurrently with SIMD instructions for
763 better throughput. It should not be enabled by default but
764 used when there is significant amount of work to keep the keep
765 the data lanes filled to get performance benefit. If the data
766 lanes remain unfilled, a flush operation will be initiated to
767 process the crypto jobs, adding a slight latency.
768
026bb8aa
MD		 769config CRYPTO_SHA512_MB
770 tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
771 depends on X86 && 64BIT
772 select CRYPTO_SHA512
773 select CRYPTO_HASH
774 select CRYPTO_MCRYPTD
775 help
776 SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
777 using multi-buffer technique. This algorithm computes on
778 multiple data lanes concurrently with SIMD instructions for
779 better throughput. It should not be enabled by default but
780 used when there is significant amount of work to keep the keep
781 the data lanes filled to get performance benefit. If the data
782 lanes remain unfilled, a flush operation will be initiated to
783 process the crypto jobs, adding a slight latency.
784
584fffc8
SS		 785config CRYPTO_SHA256
786 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 787 select CRYPTO_HASH
1da177e4 788 help
584fffc8 789 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 790
584fffc8
SS		 791 This version of SHA implements a 256 bit hash with 128 bits of
792 security against collision attacks.
2729bb42 793
b6d44341
AB		 794 This code also includes SHA-224, a 224 bit hash with 112 bits
795 of security against collision attacks.
584fffc8 796
2ecc1e95
MS		 797config CRYPTO_SHA256_PPC_SPE
798 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
799 depends on PPC && SPE
800 select CRYPTO_SHA256
801 select CRYPTO_HASH
802 help
803 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
804 implemented using powerpc SPE SIMD instruction set.
805
efdb6f6e
AK		 806config CRYPTO_SHA256_OCTEON
807 tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
808 depends on CPU_CAVIUM_OCTEON
809 select CRYPTO_SHA256
810 select CRYPTO_HASH
811 help
812 SHA-256 secure hash standard (DFIPS 180-2) implemented
813 using OCTEON crypto instructions, when available.
814
86c93b24
DM		 815config CRYPTO_SHA256_SPARC64
816 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
817 depends on SPARC64
818 select CRYPTO_SHA256
819 select CRYPTO_HASH
820 help
821 SHA-256 secure hash standard (DFIPS 180-2) implemented
822 using sparc64 crypto instructions, when available.
823
584fffc8
SS		 824config CRYPTO_SHA512
825 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 826 select CRYPTO_HASH
b9f535ff 827 help
584fffc8 828 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 829
584fffc8
SS		 830 This version of SHA implements a 512 bit hash with 256 bits of
831 security against collision attacks.
b9f535ff 832
584fffc8
SS		 833 This code also includes SHA-384, a 384 bit hash with 192 bits
834 of security against collision attacks.
b9f535ff 835
efdb6f6e
AK		 836config CRYPTO_SHA512_OCTEON
837 tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
838 depends on CPU_CAVIUM_OCTEON
839 select CRYPTO_SHA512
840 select CRYPTO_HASH
841 help
842 SHA-512 secure hash standard (DFIPS 180-2) implemented
843 using OCTEON crypto instructions, when available.
844
775e0c69
DM		 845config CRYPTO_SHA512_SPARC64
846 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
847 depends on SPARC64
848 select CRYPTO_SHA512
849 select CRYPTO_HASH
850 help
851 SHA-512 secure hash standard (DFIPS 180-2) implemented
852 using sparc64 crypto instructions, when available.
853
53964b9e
JG		 854config CRYPTO_SHA3
855 tristate "SHA3 digest algorithm"
856 select CRYPTO_HASH
857 help
858 SHA-3 secure hash standard (DFIPS 202). It's based on
859 cryptographic sponge function family called Keccak.
860
861 References:
862 http://keccak.noekeon.org/
863
4f0fc160
GBY		 864config CRYPTO_SM3
865 tristate "SM3 digest algorithm"
866 select CRYPTO_HASH
867 help
868 SM3 secure hash function as defined by OSCCA GM/T 0004-2012 SM3).
869 It is part of the Chinese Commercial Cryptography suite.
870
871 References:
872 http://www.oscca.gov.cn/UpFile/20101222141857786.pdf
873 https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
874
584fffc8
SS		 875config CRYPTO_TGR192
876 tristate "Tiger digest algorithms"
f63fbd3d 877 select CRYPTO_HASH
eaf44088 878 help
584fffc8 879 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 880
584fffc8
SS		 881 Tiger is a hash function optimized for 64-bit processors while
882 still having decent performance on 32-bit processors.
883 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 884
885 See also:
584fffc8 886 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 887
584fffc8
SS		 888config CRYPTO_WP512
889 tristate "Whirlpool digest algorithms"
4946510b 890 select CRYPTO_HASH
1da177e4 891 help
584fffc8 892 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 893
584fffc8
SS		 894 Whirlpool-512 is part of the NESSIE cryptographic primitives.
895 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 896
897 See also:
6d8de74c 898 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
584fffc8 899
0e1227d3
HY		 900config CRYPTO_GHASH_CLMUL_NI_INTEL
901 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
8af00860 902 depends on X86 && 64BIT
0e1227d3
HY		 903 select CRYPTO_CRYPTD
904 help
905 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
906 The implementation is accelerated by CLMUL-NI of Intel.
907
584fffc8 908comment "Ciphers"
1da177e4
LT		 909
910config CRYPTO_AES
911 tristate "AES cipher algorithms"
cce9e06d 912 select CRYPTO_ALGAPI
1da177e4 913 help
584fffc8 914 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 915 algorithm.
916
917 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 918 both hardware and software across a wide range of computing
919 environments regardless of its use in feedback or non-feedback
920 modes. Its key setup time is excellent, and its key agility is
921 good. Rijndael's very low memory requirements make it very well
922 suited for restricted-space environments, in which it also
923 demonstrates excellent performance. Rijndael's operations are
924 among the easiest to defend against power and timing attacks.
1da177e4 925
584fffc8 926 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 927
928 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
929
b5e0b032
AB		 930config CRYPTO_AES_TI
931 tristate "Fixed time AES cipher"
932 select CRYPTO_ALGAPI
933 help
934 This is a generic implementation of AES that attempts to eliminate
935 data dependent latencies as much as possible without affecting
936 performance too much. It is intended for use by the generic CCM
937 and GCM drivers, and other CTR or CMAC/XCBC based modes that rely
938 solely on encryption (although decryption is supported as well, but
939 with a more dramatic performance hit)
940
941 Instead of using 16 lookup tables of 1 KB each, (8 for encryption and
942 8 for decryption), this implementation only uses just two S-boxes of
943 256 bytes each, and attempts to eliminate data dependent latencies by
944 prefetching the entire table into the cache at the start of each
945 block.
946
1da177e4
LT		 947config CRYPTO_AES_586
948 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 949 depends on (X86 || UML_X86) && !64BIT
950 select CRYPTO_ALGAPI
5157dea8 951 select CRYPTO_AES
1da177e4 952 help
584fffc8 953 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 954 algorithm.
955
956 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 957 both hardware and software across a wide range of computing
958 environments regardless of its use in feedback or non-feedback
959 modes. Its key setup time is excellent, and its key agility is
960 good. Rijndael's very low memory requirements make it very well
961 suited for restricted-space environments, in which it also
962 demonstrates excellent performance. Rijndael's operations are
963 among the easiest to defend against power and timing attacks.
1da177e4 964
584fffc8 965 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 966
967 See <http://csrc.nist.gov/encryption/aes/> for more information.
968
969config CRYPTO_AES_X86_64
970 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 971 depends on (X86 || UML_X86) && 64BIT
972 select CRYPTO_ALGAPI
81190b32 973 select CRYPTO_AES
a2a892a2 974 help
584fffc8 975 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 976 algorithm.
977
978 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 979 both hardware and software across a wide range of computing
980 environments regardless of its use in feedback or non-feedback
981 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 982 good. Rijndael's very low memory requirements make it very well
983 suited for restricted-space environments, in which it also
984 demonstrates excellent performance. Rijndael's operations are
985 among the easiest to defend against power and timing attacks.
986
987 The AES specifies three key sizes: 128, 192 and 256 bits
988
989 See <http://csrc.nist.gov/encryption/aes/> for more information.
990
991config CRYPTO_AES_NI_INTEL
992 tristate "AES cipher algorithms (AES-NI)"
8af00860 993 depends on X86
85671860 994 select CRYPTO_AEAD
0d258efb
MK		 995 select CRYPTO_AES_X86_64 if 64BIT
996 select CRYPTO_AES_586 if !64BIT
54b6a1bd 997 select CRYPTO_ALGAPI
85671860 998 select CRYPTO_BLKCIPHER
7643a11a 999 select CRYPTO_GLUE_HELPER_X86 if 64BIT
85671860 1000 select CRYPTO_SIMD
54b6a1bd
HY		 1001 help
1002 Use Intel AES-NI instructions for AES algorithm.
1003
1004 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1005 algorithm.
1006
1007 Rijndael appears to be consistently a very good performer in
1008 both hardware and software across a wide range of computing
1009 environments regardless of its use in feedback or non-feedback
1010 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 1011 good. Rijndael's very low memory requirements make it very well
1012 suited for restricted-space environments, in which it also
1013 demonstrates excellent performance. Rijndael's operations are
1014 among the easiest to defend against power and timing attacks.
a2a892a2 1015
584fffc8 1016 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 1017
1018 See <http://csrc.nist.gov/encryption/aes/> for more information.
1019
0d258efb
MK		 1020 In addition to AES cipher algorithm support, the acceleration
1021 for some popular block cipher mode is supported too, including
1022 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
1023 acceleration for CTR.
2cf4ac8b 1024
9bf4852d
DM		 1025config CRYPTO_AES_SPARC64
1026 tristate "AES cipher algorithms (SPARC64)"
1027 depends on SPARC64
1028 select CRYPTO_CRYPTD
1029 select CRYPTO_ALGAPI
1030 help
1031 Use SPARC64 crypto opcodes for AES algorithm.
1032
1033 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1034 algorithm.
1035
1036 Rijndael appears to be consistently a very good performer in
1037 both hardware and software across a wide range of computing
1038 environments regardless of its use in feedback or non-feedback
1039 modes. Its key setup time is excellent, and its key agility is
1040 good. Rijndael's very low memory requirements make it very well
1041 suited for restricted-space environments, in which it also
1042 demonstrates excellent performance. Rijndael's operations are
1043 among the easiest to defend against power and timing attacks.
1044
1045 The AES specifies three key sizes: 128, 192 and 256 bits
1046
1047 See <http://csrc.nist.gov/encryption/aes/> for more information.
1048
1049 In addition to AES cipher algorithm support, the acceleration
1050 for some popular block cipher mode is supported too, including
1051 ECB and CBC.
1052
504c6143
MS		 1053config CRYPTO_AES_PPC_SPE
1054 tristate "AES cipher algorithms (PPC SPE)"
1055 depends on PPC && SPE
1056 help
1057 AES cipher algorithms (FIPS-197). Additionally the acceleration
1058 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1059 This module should only be used for low power (router) devices
1060 without hardware AES acceleration (e.g. caam crypto). It reduces the
1061 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1062 timining attacks. Nevertheless it might be not as secure as other
1063 architecture specific assembler implementations that work on 1KB
1064 tables or 256 bytes S-boxes.
1065
584fffc8
SS		 1066config CRYPTO_ANUBIS
1067 tristate "Anubis cipher algorithm"
1068 select CRYPTO_ALGAPI
1069 help
1070 Anubis cipher algorithm.
1071
1072 Anubis is a variable key length cipher which can use keys from
1073 128 bits to 320 bits in length. It was evaluated as a entrant
1074 in the NESSIE competition.
1075
1076 See also:
6d8de74c
JM		 1077 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1078 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
584fffc8
SS		 1079
1080config CRYPTO_ARC4
1081 tristate "ARC4 cipher algorithm"
b9b0f080 1082 select CRYPTO_BLKCIPHER
584fffc8
SS		 1083 help
1084 ARC4 cipher algorithm.
1085
1086 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1087 bits in length. This algorithm is required for driver-based
1088 WEP, but it should not be for other purposes because of the
1089 weakness of the algorithm.
1090
1091config CRYPTO_BLOWFISH
1092 tristate "Blowfish cipher algorithm"
1093 select CRYPTO_ALGAPI
52ba867c 1094 select CRYPTO_BLOWFISH_COMMON
584fffc8
SS		 1095 help
1096 Blowfish cipher algorithm, by Bruce Schneier.
1097
1098 This is a variable key length cipher which can use keys from 32
1099 bits to 448 bits in length. It's fast, simple and specifically
1100 designed for use on "large microprocessors".
1101
1102 See also:
1103 <http://www.schneier.com/blowfish.html>
1104
52ba867c
JK		 1105config CRYPTO_BLOWFISH_COMMON
1106 tristate
1107 help
1108 Common parts of the Blowfish cipher algorithm shared by the
1109 generic c and the assembler implementations.
1110
1111 See also:
1112 <http://www.schneier.com/blowfish.html>
1113
64b94cea
JK		 1114config CRYPTO_BLOWFISH_X86_64
1115 tristate "Blowfish cipher algorithm (x86_64)"
f21a7c19 1116 depends on X86 && 64BIT
64b94cea
JK		 1117 select CRYPTO_ALGAPI
1118 select CRYPTO_BLOWFISH_COMMON
1119 help
1120 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1121
1122 This is a variable key length cipher which can use keys from 32
1123 bits to 448 bits in length. It's fast, simple and specifically
1124 designed for use on "large microprocessors".
1125
1126 See also:
1127 <http://www.schneier.com/blowfish.html>
1128
584fffc8
SS		 1129config CRYPTO_CAMELLIA
1130 tristate "Camellia cipher algorithms"
1131 depends on CRYPTO
1132 select CRYPTO_ALGAPI
1133 help
1134 Camellia cipher algorithms module.
1135
1136 Camellia is a symmetric key block cipher developed jointly
1137 at NTT and Mitsubishi Electric Corporation.
1138
1139 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1140
1141 See also:
1142 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1143
0b95ec56
JK		 1144config CRYPTO_CAMELLIA_X86_64
1145 tristate "Camellia cipher algorithm (x86_64)"
f21a7c19 1146 depends on X86 && 64BIT
0b95ec56
JK		 1147 depends on CRYPTO
1148 select CRYPTO_ALGAPI
964263af 1149 select CRYPTO_GLUE_HELPER_X86
0b95ec56
JK		 1150 select CRYPTO_LRW
1151 select CRYPTO_XTS
1152 help
1153 Camellia cipher algorithm module (x86_64).
1154
1155 Camellia is a symmetric key block cipher developed jointly
1156 at NTT and Mitsubishi Electric Corporation.
1157
1158 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1159
1160 See also:
d9b1d2e7
JK		 1161 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1162
1163config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1164 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1165 depends on X86 && 64BIT
1166 depends on CRYPTO
1167 select CRYPTO_ALGAPI
1168 select CRYPTO_CRYPTD
801201aa 1169 select CRYPTO_ABLK_HELPER
d9b1d2e7
JK		 1170 select CRYPTO_GLUE_HELPER_X86
1171 select CRYPTO_CAMELLIA_X86_64
1172 select CRYPTO_LRW
1173 select CRYPTO_XTS
1174 help
1175 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1176
1177 Camellia is a symmetric key block cipher developed jointly
1178 at NTT and Mitsubishi Electric Corporation.
1179
1180 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1181
1182 See also:
0b95ec56
JK		 1183 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1184
f3f935a7
JK		 1185config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1186 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1187 depends on X86 && 64BIT
1188 depends on CRYPTO
1189 select CRYPTO_ALGAPI
1190 select CRYPTO_CRYPTD
801201aa 1191 select CRYPTO_ABLK_HELPER
f3f935a7
JK		 1192 select CRYPTO_GLUE_HELPER_X86
1193 select CRYPTO_CAMELLIA_X86_64
1194 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1195 select CRYPTO_LRW
1196 select CRYPTO_XTS
1197 help
1198 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1199
1200 Camellia is a symmetric key block cipher developed jointly
1201 at NTT and Mitsubishi Electric Corporation.
1202
1203 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1204
1205 See also:
1206 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1207
81658ad0
DM		 1208config CRYPTO_CAMELLIA_SPARC64
1209 tristate "Camellia cipher algorithm (SPARC64)"
1210 depends on SPARC64
1211 depends on CRYPTO
1212 select CRYPTO_ALGAPI
1213 help
1214 Camellia cipher algorithm module (SPARC64).
1215
1216 Camellia is a symmetric key block cipher developed jointly
1217 at NTT and Mitsubishi Electric Corporation.
1218
1219 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1220
1221 See also:
1222 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1223
044ab525
JK		 1224config CRYPTO_CAST_COMMON
1225 tristate
1226 help
1227 Common parts of the CAST cipher algorithms shared by the
1228 generic c and the assembler implementations.
1229
1da177e4
LT		 1230config CRYPTO_CAST5
1231 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 1232 select CRYPTO_ALGAPI
044ab525 1233 select CRYPTO_CAST_COMMON
1da177e4
LT		 1234 help
1235 The CAST5 encryption algorithm (synonymous with CAST-128) is
1236 described in RFC2144.
1237
4d6d6a2c
JG		 1238config CRYPTO_CAST5_AVX_X86_64
1239 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1240 depends on X86 && 64BIT
1241 select CRYPTO_ALGAPI
1242 select CRYPTO_CRYPTD
801201aa 1243 select CRYPTO_ABLK_HELPER
044ab525 1244 select CRYPTO_CAST_COMMON
4d6d6a2c
JG		 1245 select CRYPTO_CAST5
1246 help
1247 The CAST5 encryption algorithm (synonymous with CAST-128) is
1248 described in RFC2144.
1249
1250 This module provides the Cast5 cipher algorithm that processes
1251 sixteen blocks parallel using the AVX instruction set.
1252
1da177e4
LT		 1253config CRYPTO_CAST6
1254 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 1255 select CRYPTO_ALGAPI
044ab525 1256 select CRYPTO_CAST_COMMON
1da177e4
LT		 1257 help
1258 The CAST6 encryption algorithm (synonymous with CAST-256) is
1259 described in RFC2612.
1260
4ea1277d
JG		 1261config CRYPTO_CAST6_AVX_X86_64
1262 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1263 depends on X86 && 64BIT
1264 select CRYPTO_ALGAPI
1265 select CRYPTO_CRYPTD
801201aa 1266 select CRYPTO_ABLK_HELPER
4ea1277d 1267 select CRYPTO_GLUE_HELPER_X86
044ab525 1268 select CRYPTO_CAST_COMMON
4ea1277d
JG		 1269 select CRYPTO_CAST6
1270 select CRYPTO_LRW
1271 select CRYPTO_XTS
1272 help
1273 The CAST6 encryption algorithm (synonymous with CAST-256) is
1274 described in RFC2612.
1275
1276 This module provides the Cast6 cipher algorithm that processes
1277 eight blocks parallel using the AVX instruction set.
1278
584fffc8
SS		 1279config CRYPTO_DES
1280 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 1281 select CRYPTO_ALGAPI
1da177e4 1282 help
584fffc8 1283 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 1284
c5aac2df
DM		 1285config CRYPTO_DES_SPARC64
1286 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
97da37b3 1287 depends on SPARC64
c5aac2df
DM		 1288 select CRYPTO_ALGAPI
1289 select CRYPTO_DES
1290 help
1291 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1292 optimized using SPARC64 crypto opcodes.
1293
6574e6c6
JK		 1294config CRYPTO_DES3_EDE_X86_64
1295 tristate "Triple DES EDE cipher algorithm (x86-64)"
1296 depends on X86 && 64BIT
1297 select CRYPTO_ALGAPI
1298 select CRYPTO_DES
1299 help
1300 Triple DES EDE (FIPS 46-3) algorithm.
1301
1302 This module provides implementation of the Triple DES EDE cipher
1303 algorithm that is optimized for x86-64 processors. Two versions of
1304 algorithm are provided; regular processing one input block and
1305 one that processes three blocks parallel.
1306
584fffc8
SS		 1307config CRYPTO_FCRYPT
1308 tristate "FCrypt cipher algorithm"
cce9e06d 1309 select CRYPTO_ALGAPI
584fffc8 1310 select CRYPTO_BLKCIPHER
1da177e4 1311 help
584fffc8 1312 FCrypt algorithm used by RxRPC.
1da177e4
LT		 1313
1314config CRYPTO_KHAZAD
1315 tristate "Khazad cipher algorithm"
cce9e06d 1316 select CRYPTO_ALGAPI
1da177e4
LT		 1317 help
1318 Khazad cipher algorithm.
1319
1320 Khazad was a finalist in the initial NESSIE competition. It is
1321 an algorithm optimized for 64-bit processors with good performance
1322 on 32-bit processors. Khazad uses an 128 bit key size.
1323
1324 See also:
6d8de74c 1325 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1da177e4 1326
2407d608 1327config CRYPTO_SALSA20
3b4afaf2 1328 tristate "Salsa20 stream cipher algorithm"
2407d608
TSH		 1329 select CRYPTO_BLKCIPHER
1330 help
1331 Salsa20 stream cipher algorithm.
1332
1333 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1334 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 1335
1336 The Salsa20 stream cipher algorithm is designed by Daniel J.
1337 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1338
1339config CRYPTO_SALSA20_586
3b4afaf2 1340 tristate "Salsa20 stream cipher algorithm (i586)"
974e4b75 1341 depends on (X86 || UML_X86) && !64BIT
974e4b75 1342 select CRYPTO_BLKCIPHER
c9a3ff8f 1343 select CRYPTO_SALSA20
974e4b75
TSH		 1344 help
1345 Salsa20 stream cipher algorithm.
1346
1347 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1348 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 1349
1350 The Salsa20 stream cipher algorithm is designed by Daniel J.
1351 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1352
1353config CRYPTO_SALSA20_X86_64
3b4afaf2 1354 tristate "Salsa20 stream cipher algorithm (x86_64)"
9a7dafbb 1355 depends on (X86 || UML_X86) && 64BIT
9a7dafbb 1356 select CRYPTO_BLKCIPHER
c9a3ff8f 1357 select CRYPTO_SALSA20
9a7dafbb
TSH		 1358 help
1359 Salsa20 stream cipher algorithm.
1360
1361 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1362 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 1363
1364 The Salsa20 stream cipher algorithm is designed by Daniel J.
1365 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 1366
c08d0e64
MW		 1367config CRYPTO_CHACHA20
1368 tristate "ChaCha20 cipher algorithm"
1369 select CRYPTO_BLKCIPHER
1370 help
1371 ChaCha20 cipher algorithm, RFC7539.
1372
1373 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1374 Bernstein and further specified in RFC7539 for use in IETF protocols.
1375 This is the portable C implementation of ChaCha20.
1376
1377 See also:
1378 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1379
c9320b6d 1380config CRYPTO_CHACHA20_X86_64
3d1e93cd 1381 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
c9320b6d
MW		 1382 depends on X86 && 64BIT
1383 select CRYPTO_BLKCIPHER
1384 select CRYPTO_CHACHA20
1385 help
1386 ChaCha20 cipher algorithm, RFC7539.
1387
1388 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1389 Bernstein and further specified in RFC7539 for use in IETF protocols.
1390 This is the x86_64 assembler implementation using SIMD instructions.
1391
1392 See also:
1393 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1394
584fffc8
SS		 1395config CRYPTO_SEED
1396 tristate "SEED cipher algorithm"
cce9e06d 1397 select CRYPTO_ALGAPI
1da177e4 1398 help
584fffc8 1399 SEED cipher algorithm (RFC4269).
1da177e4 1400
584fffc8
SS		 1401 SEED is a 128-bit symmetric key block cipher that has been
1402 developed by KISA (Korea Information Security Agency) as a
1403 national standard encryption algorithm of the Republic of Korea.
1404 It is a 16 round block cipher with the key size of 128 bit.
1405
1406 See also:
1407 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1408
1409config CRYPTO_SERPENT
1410 tristate "Serpent cipher algorithm"
cce9e06d 1411 select CRYPTO_ALGAPI
1da177e4 1412 help
584fffc8 1413 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 1414
584fffc8
SS		 1415 Keys are allowed to be from 0 to 256 bits in length, in steps
1416 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1417 variant of Serpent for compatibility with old kerneli.org code.
1418
1419 See also:
1420 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1421
937c30d7
JK		 1422config CRYPTO_SERPENT_SSE2_X86_64
1423 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1424 depends on X86 && 64BIT
1425 select CRYPTO_ALGAPI
341975bf 1426 select CRYPTO_CRYPTD
801201aa 1427 select CRYPTO_ABLK_HELPER
596d8750 1428 select CRYPTO_GLUE_HELPER_X86
937c30d7 1429 select CRYPTO_SERPENT
feaf0cfc
JK		 1430 select CRYPTO_LRW
1431 select CRYPTO_XTS
937c30d7
JK		 1432 help
1433 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1434
1435 Keys are allowed to be from 0 to 256 bits in length, in steps
1436 of 8 bits.
1437
1e6232f8 1438 This module provides Serpent cipher algorithm that processes eight
937c30d7
JK		 1439 blocks parallel using SSE2 instruction set.
1440
1441 See also:
1442 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1443
251496db
JK		 1444config CRYPTO_SERPENT_SSE2_586
1445 tristate "Serpent cipher algorithm (i586/SSE2)"
1446 depends on X86 && !64BIT
1447 select CRYPTO_ALGAPI
341975bf 1448 select CRYPTO_CRYPTD
801201aa 1449 select CRYPTO_ABLK_HELPER
596d8750 1450 select CRYPTO_GLUE_HELPER_X86
251496db 1451 select CRYPTO_SERPENT
feaf0cfc
JK		 1452 select CRYPTO_LRW
1453 select CRYPTO_XTS
251496db
JK		 1454 help
1455 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1456
1457 Keys are allowed to be from 0 to 256 bits in length, in steps
1458 of 8 bits.
1459
1460 This module provides Serpent cipher algorithm that processes four
1461 blocks parallel using SSE2 instruction set.
1462
1463 See also:
1464 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
7efe4076
JG		 1465
1466config CRYPTO_SERPENT_AVX_X86_64
1467 tristate "Serpent cipher algorithm (x86_64/AVX)"
1468 depends on X86 && 64BIT
1469 select CRYPTO_ALGAPI
1470 select CRYPTO_CRYPTD
801201aa 1471 select CRYPTO_ABLK_HELPER
1d0debbd 1472 select CRYPTO_GLUE_HELPER_X86
7efe4076
JG		 1473 select CRYPTO_SERPENT
1474 select CRYPTO_LRW
1475 select CRYPTO_XTS
1476 help
1477 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1478
1479 Keys are allowed to be from 0 to 256 bits in length, in steps
1480 of 8 bits.
1481
1482 This module provides the Serpent cipher algorithm that processes
1483 eight blocks parallel using the AVX instruction set.
1484
1485 See also:
1486 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
251496db 1487
56d76c96
JK		 1488config CRYPTO_SERPENT_AVX2_X86_64
1489 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1490 depends on X86 && 64BIT
1491 select CRYPTO_ALGAPI
1492 select CRYPTO_CRYPTD
801201aa 1493 select CRYPTO_ABLK_HELPER
56d76c96
JK		 1494 select CRYPTO_GLUE_HELPER_X86
1495 select CRYPTO_SERPENT
1496 select CRYPTO_SERPENT_AVX_X86_64
1497 select CRYPTO_LRW
1498 select CRYPTO_XTS
1499 help
1500 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1501
1502 Keys are allowed to be from 0 to 256 bits in length, in steps
1503 of 8 bits.
1504
1505 This module provides Serpent cipher algorithm that processes 16
1506 blocks parallel using AVX2 instruction set.
1507
1508 See also:
1509 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1510
584fffc8
SS		 1511config CRYPTO_TEA
1512 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 1513 select CRYPTO_ALGAPI
1da177e4 1514 help
584fffc8 1515 TEA cipher algorithm.
1da177e4 1516
584fffc8
SS		 1517 Tiny Encryption Algorithm is a simple cipher that uses
1518 many rounds for security. It is very fast and uses
1519 little memory.
1520
1521 Xtendend Tiny Encryption Algorithm is a modification to
1522 the TEA algorithm to address a potential key weakness
1523 in the TEA algorithm.
1524
1525 Xtendend Encryption Tiny Algorithm is a mis-implementation
1526 of the XTEA algorithm for compatibility purposes.
1527
1528config CRYPTO_TWOFISH
1529 tristate "Twofish cipher algorithm"
04ac7db3 1530 select CRYPTO_ALGAPI
584fffc8 1531 select CRYPTO_TWOFISH_COMMON
04ac7db3 1532 help
584fffc8 1533 Twofish cipher algorithm.
04ac7db3 1534
584fffc8
SS		 1535 Twofish was submitted as an AES (Advanced Encryption Standard)
1536 candidate cipher by researchers at CounterPane Systems. It is a
1537 16 round block cipher supporting key sizes of 128, 192, and 256
1538 bits.
04ac7db3 1539
584fffc8
SS		 1540 See also:
1541 <http://www.schneier.com/twofish.html>
1542
1543config CRYPTO_TWOFISH_COMMON
1544 tristate
1545 help
1546 Common parts of the Twofish cipher algorithm shared by the
1547 generic c and the assembler implementations.
1548
1549config CRYPTO_TWOFISH_586
1550 tristate "Twofish cipher algorithms (i586)"
1551 depends on (X86 || UML_X86) && !64BIT
1552 select CRYPTO_ALGAPI
1553 select CRYPTO_TWOFISH_COMMON
1554 help
1555 Twofish cipher algorithm.
1556
1557 Twofish was submitted as an AES (Advanced Encryption Standard)
1558 candidate cipher by researchers at CounterPane Systems. It is a
1559 16 round block cipher supporting key sizes of 128, 192, and 256
1560 bits.
04ac7db3
NT		 1561
1562 See also:
584fffc8 1563 <http://www.schneier.com/twofish.html>
04ac7db3 1564
584fffc8
SS		 1565config CRYPTO_TWOFISH_X86_64
1566 tristate "Twofish cipher algorithm (x86_64)"
1567 depends on (X86 || UML_X86) && 64BIT
cce9e06d 1568 select CRYPTO_ALGAPI
584fffc8 1569 select CRYPTO_TWOFISH_COMMON
1da177e4 1570 help
584fffc8 1571 Twofish cipher algorithm (x86_64).
1da177e4 1572
584fffc8
SS		 1573 Twofish was submitted as an AES (Advanced Encryption Standard)
1574 candidate cipher by researchers at CounterPane Systems. It is a
1575 16 round block cipher supporting key sizes of 128, 192, and 256
1576 bits.
1577
1578 See also:
1579 <http://www.schneier.com/twofish.html>
1580
8280daad
JK		 1581config CRYPTO_TWOFISH_X86_64_3WAY
1582 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
f21a7c19 1583 depends on X86 && 64BIT
8280daad
JK		 1584 select CRYPTO_ALGAPI
1585 select CRYPTO_TWOFISH_COMMON
1586 select CRYPTO_TWOFISH_X86_64
414cb5e7 1587 select CRYPTO_GLUE_HELPER_X86
e7cda5d2
JK		 1588 select CRYPTO_LRW
1589 select CRYPTO_XTS
8280daad
JK		 1590 help
1591 Twofish cipher algorithm (x86_64, 3-way parallel).
1592
1593 Twofish was submitted as an AES (Advanced Encryption Standard)
1594 candidate cipher by researchers at CounterPane Systems. It is a
1595 16 round block cipher supporting key sizes of 128, 192, and 256
1596 bits.
1597
1598 This module provides Twofish cipher algorithm that processes three
1599 blocks parallel, utilizing resources of out-of-order CPUs better.
1600
1601 See also:
1602 <http://www.schneier.com/twofish.html>
1603
107778b5
JG		 1604config CRYPTO_TWOFISH_AVX_X86_64
1605 tristate "Twofish cipher algorithm (x86_64/AVX)"
1606 depends on X86 && 64BIT
1607 select CRYPTO_ALGAPI
1608 select CRYPTO_CRYPTD
801201aa 1609 select CRYPTO_ABLK_HELPER
a7378d4e 1610 select CRYPTO_GLUE_HELPER_X86
107778b5
JG		 1611 select CRYPTO_TWOFISH_COMMON
1612 select CRYPTO_TWOFISH_X86_64
1613 select CRYPTO_TWOFISH_X86_64_3WAY
1614 select CRYPTO_LRW
1615 select CRYPTO_XTS
1616 help
1617 Twofish cipher algorithm (x86_64/AVX).
1618
1619 Twofish was submitted as an AES (Advanced Encryption Standard)
1620 candidate cipher by researchers at CounterPane Systems. It is a
1621 16 round block cipher supporting key sizes of 128, 192, and 256
1622 bits.
1623
1624 This module provides the Twofish cipher algorithm that processes
1625 eight blocks parallel using the AVX Instruction Set.
1626
1627 See also:
1628 <http://www.schneier.com/twofish.html>
1629
584fffc8
SS		 1630comment "Compression"
1631
1632config CRYPTO_DEFLATE
1633 tristate "Deflate compression algorithm"
1634 select CRYPTO_ALGAPI
f6ded09d 1635 select CRYPTO_ACOMP2
584fffc8
SS		 1636 select ZLIB_INFLATE
1637 select ZLIB_DEFLATE
3c09f17c 1638 help
584fffc8
SS		 1639 This is the Deflate algorithm (RFC1951), specified for use in
1640 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1641
1642 You will most probably want this if using IPSec.
3c09f17c 1643
0b77abb3
ZS		 1644config CRYPTO_LZO
1645 tristate "LZO compression algorithm"
1646 select CRYPTO_ALGAPI
ac9d2c4b 1647 select CRYPTO_ACOMP2
0b77abb3
ZS		 1648 select LZO_COMPRESS
1649 select LZO_DECOMPRESS
1650 help
1651 This is the LZO algorithm.
1652
35a1fc18
SJ		 1653config CRYPTO_842
1654 tristate "842 compression algorithm"
2062c5b6 1655 select CRYPTO_ALGAPI
6a8de3ae 1656 select CRYPTO_ACOMP2
2062c5b6
DS		 1657 select 842_COMPRESS
1658 select 842_DECOMPRESS
35a1fc18
SJ		 1659 help
1660 This is the 842 algorithm.
0ea8530d
CM		 1661
1662config CRYPTO_LZ4
1663 tristate "LZ4 compression algorithm"
1664 select CRYPTO_ALGAPI
8cd9330e 1665 select CRYPTO_ACOMP2
0ea8530d
CM		 1666 select LZ4_COMPRESS
1667 select LZ4_DECOMPRESS
1668 help
1669 This is the LZ4 algorithm.
1670
1671config CRYPTO_LZ4HC
1672 tristate "LZ4HC compression algorithm"
1673 select CRYPTO_ALGAPI
91d53d96 1674 select CRYPTO_ACOMP2
0ea8530d
CM		 1675 select LZ4HC_COMPRESS
1676 select LZ4_DECOMPRESS
1677 help
1678 This is the LZ4 high compression mode algorithm.
35a1fc18 1679
17f0f4a4
NH		 1680comment "Random Number Generation"
1681
1682config CRYPTO_ANSI_CPRNG
1683 tristate "Pseudo Random Number Generation for Cryptographic modules"
1684 select CRYPTO_AES
1685 select CRYPTO_RNG
17f0f4a4
NH		 1686 help
1687 This option enables the generic pseudo random number generator
1688 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 1689 ANSI X9.31 A.2.4. Note that this option must be enabled if
1690 CRYPTO_FIPS is selected
17f0f4a4 1691
f2c89a10 1692menuconfig CRYPTO_DRBG_MENU
419090c6 1693 tristate "NIST SP800-90A DRBG"
419090c6
SM		 1694 help
1695 NIST SP800-90A compliant DRBG. In the following submenu, one or
1696 more of the DRBG types must be selected.
1697
f2c89a10 1698if CRYPTO_DRBG_MENU
419090c6
SM		 1699
1700config CRYPTO_DRBG_HMAC
401e4238 1701 bool
419090c6 1702 default y
419090c6 1703 select CRYPTO_HMAC
826775bb 1704 select CRYPTO_SHA256
419090c6
SM		 1705
1706config CRYPTO_DRBG_HASH
1707 bool "Enable Hash DRBG"
826775bb 1708 select CRYPTO_SHA256
419090c6
SM		 1709 help
1710 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1711
1712config CRYPTO_DRBG_CTR
1713 bool "Enable CTR DRBG"
419090c6 1714 select CRYPTO_AES
35591285 1715 depends on CRYPTO_CTR
419090c6
SM		 1716 help
1717 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1718
f2c89a10
HX		 1719config CRYPTO_DRBG
1720 tristate
401e4238 1721 default CRYPTO_DRBG_MENU
f2c89a10 1722 select CRYPTO_RNG
bb5530e4 1723 select CRYPTO_JITTERENTROPY
f2c89a10
HX		 1724
1725endif # if CRYPTO_DRBG_MENU
419090c6 1726
bb5530e4
SM		 1727config CRYPTO_JITTERENTROPY
1728 tristate "Jitterentropy Non-Deterministic Random Number Generator"
2f313e02 1729 select CRYPTO_RNG
bb5530e4
SM		 1730 help
1731 The Jitterentropy RNG is a noise that is intended
1732 to provide seed to another RNG. The RNG does not
1733 perform any cryptographic whitening of the generated
1734 random numbers. This Jitterentropy RNG registers with
1735 the kernel crypto API and can be used by any caller.
1736
03c8efc1
HX		 1737config CRYPTO_USER_API
1738 tristate
1739
fe869cdb
HX		 1740config CRYPTO_USER_API_HASH
1741 tristate "User-space interface for hash algorithms"
7451708f 1742 depends on NET
fe869cdb
HX		 1743 select CRYPTO_HASH
1744 select CRYPTO_USER_API
1745 help
1746 This option enables the user-spaces interface for hash
1747 algorithms.
1748
8ff59090
HX		 1749config CRYPTO_USER_API_SKCIPHER
1750 tristate "User-space interface for symmetric key cipher algorithms"
7451708f 1751 depends on NET
8ff59090
HX		 1752 select CRYPTO_BLKCIPHER
1753 select CRYPTO_USER_API
1754 help
1755 This option enables the user-spaces interface for symmetric
1756 key cipher algorithms.
1757
2f375538
SM		 1758config CRYPTO_USER_API_RNG
1759 tristate "User-space interface for random number generator algorithms"
1760 depends on NET
1761 select CRYPTO_RNG
1762 select CRYPTO_USER_API
1763 help
1764 This option enables the user-spaces interface for random
1765 number generator algorithms.
1766
b64a2d95
HX		 1767config CRYPTO_USER_API_AEAD
1768 tristate "User-space interface for AEAD cipher algorithms"
1769 depends on NET
1770 select CRYPTO_AEAD
72548b09
SM		 1771 select CRYPTO_BLKCIPHER
1772 select CRYPTO_NULL
b64a2d95
HX		 1773 select CRYPTO_USER_API
1774 help
1775 This option enables the user-spaces interface for AEAD
1776 cipher algorithms.
1777
ee08997f
DK		 1778config CRYPTO_HASH_INFO
1779 bool
1780
1da177e4 1781source "drivers/crypto/Kconfig"
964f3b3b 1782source crypto/asymmetric_keys/Kconfig
cfc411e7 1783source certs/Kconfig
1da177e4 1784
cce9e06d 1785endif # if CRYPTO
Linux 6.x block layer and io_uring tree(s)