Kconfig 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793
  1. #
  2. # Generic algorithms support
  3. #
  4. config XOR_BLOCKS
  5. tristate
  6. #
  7. # async_tx api: hardware offloaded memory transfer/transform support
  8. #
  9. source "crypto/async_tx/Kconfig"
  10. #
  11. # Cryptographic API Configuration
  12. #
  13. menuconfig CRYPTO
  14. tristate "Cryptographic API"
  15. help
  16. This option provides the core Cryptographic API.
  17. if CRYPTO
  18. comment "Crypto core or helper"
  19. config CRYPTO_FIPS
  20. bool "FIPS 200 compliance"
  21. select CRYPTO_ANSI_CPRNG
  22. help
  23. This options enables the fips boot option which is
  24. required if you want to system to operate in a FIPS 200
  25. certification. You should say no unless you know what
  26. this is.
  27. config CRYPTO_ALGAPI
  28. tristate
  29. select CRYPTO_ALGAPI2
  30. help
  31. This option provides the API for cryptographic algorithms.
  32. config CRYPTO_ALGAPI2
  33. tristate
  34. config CRYPTO_AEAD
  35. tristate
  36. select CRYPTO_AEAD2
  37. select CRYPTO_ALGAPI
  38. config CRYPTO_AEAD2
  39. tristate
  40. select CRYPTO_ALGAPI2
  41. config CRYPTO_BLKCIPHER
  42. tristate
  43. select CRYPTO_BLKCIPHER2
  44. select CRYPTO_ALGAPI
  45. config CRYPTO_BLKCIPHER2
  46. tristate
  47. select CRYPTO_ALGAPI2
  48. select CRYPTO_RNG2
  49. select CRYPTO_WORKQUEUE
  50. config CRYPTO_HASH
  51. tristate
  52. select CRYPTO_HASH2
  53. select CRYPTO_ALGAPI
  54. config CRYPTO_HASH2
  55. tristate
  56. select CRYPTO_ALGAPI2
  57. config CRYPTO_RNG
  58. tristate
  59. select CRYPTO_RNG2
  60. select CRYPTO_ALGAPI
  61. config CRYPTO_RNG2
  62. tristate
  63. select CRYPTO_ALGAPI2
  64. config CRYPTO_PCOMP
  65. tristate
  66. select CRYPTO_ALGAPI2
  67. config CRYPTO_MANAGER
  68. tristate "Cryptographic algorithm manager"
  69. select CRYPTO_MANAGER2
  70. help
  71. Create default cryptographic template instantiations such as
  72. cbc(aes).
  73. config CRYPTO_MANAGER2
  74. def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
  75. select CRYPTO_AEAD2
  76. select CRYPTO_HASH2
  77. select CRYPTO_BLKCIPHER2
  78. select CRYPTO_PCOMP
  79. config CRYPTO_GF128MUL
  80. tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
  81. depends on EXPERIMENTAL
  82. help
  83. Efficient table driven implementation of multiplications in the
  84. field GF(2^128). This is needed by some cypher modes. This
  85. option will be selected automatically if you select such a
  86. cipher mode. Only select this option by hand if you expect to load
  87. an external module that requires these functions.
  88. config CRYPTO_NULL
  89. tristate "Null algorithms"
  90. select CRYPTO_ALGAPI
  91. select CRYPTO_BLKCIPHER
  92. select CRYPTO_HASH
  93. help
  94. These are 'Null' algorithms, used by IPsec, which do nothing.
  95. config CRYPTO_WORKQUEUE
  96. tristate
  97. config CRYPTO_CRYPTD
  98. tristate "Software async crypto daemon"
  99. select CRYPTO_BLKCIPHER
  100. select CRYPTO_HASH
  101. select CRYPTO_MANAGER
  102. select CRYPTO_WORKQUEUE
  103. help
  104. This is a generic software asynchronous crypto daemon that
  105. converts an arbitrary synchronous software crypto algorithm
  106. into an asynchronous algorithm that executes in a kernel thread.
  107. config CRYPTO_AUTHENC
  108. tristate "Authenc support"
  109. select CRYPTO_AEAD
  110. select CRYPTO_BLKCIPHER
  111. select CRYPTO_MANAGER
  112. select CRYPTO_HASH
  113. help
  114. Authenc: Combined mode wrapper for IPsec.
  115. This is required for IPSec.
  116. config CRYPTO_TEST
  117. tristate "Testing module"
  118. depends on m
  119. select CRYPTO_MANAGER
  120. help
  121. Quick & dirty crypto test module.
  122. comment "Authenticated Encryption with Associated Data"
  123. config CRYPTO_CCM
  124. tristate "CCM support"
  125. select CRYPTO_CTR
  126. select CRYPTO_AEAD
  127. help
  128. Support for Counter with CBC MAC. Required for IPsec.
  129. config CRYPTO_GCM
  130. tristate "GCM/GMAC support"
  131. select CRYPTO_CTR
  132. select CRYPTO_AEAD
  133. select CRYPTO_GF128MUL
  134. help
  135. Support for Galois/Counter Mode (GCM) and Galois Message
  136. Authentication Code (GMAC). Required for IPSec.
  137. config CRYPTO_SEQIV
  138. tristate "Sequence Number IV Generator"
  139. select CRYPTO_AEAD
  140. select CRYPTO_BLKCIPHER
  141. select CRYPTO_RNG
  142. help
  143. This IV generator generates an IV based on a sequence number by
  144. xoring it with a salt. This algorithm is mainly useful for CTR
  145. comment "Block modes"
  146. config CRYPTO_CBC
  147. tristate "CBC support"
  148. select CRYPTO_BLKCIPHER
  149. select CRYPTO_MANAGER
  150. help
  151. CBC: Cipher Block Chaining mode
  152. This block cipher algorithm is required for IPSec.
  153. config CRYPTO_CTR
  154. tristate "CTR support"
  155. select CRYPTO_BLKCIPHER
  156. select CRYPTO_SEQIV
  157. select CRYPTO_MANAGER
  158. help
  159. CTR: Counter mode
  160. This block cipher algorithm is required for IPSec.
  161. config CRYPTO_CTS
  162. tristate "CTS support"
  163. select CRYPTO_BLKCIPHER
  164. help
  165. CTS: Cipher Text Stealing
  166. This is the Cipher Text Stealing mode as described by
  167. Section 8 of rfc2040 and referenced by rfc3962.
  168. (rfc3962 includes errata information in its Appendix A)
  169. This mode is required for Kerberos gss mechanism support
  170. for AES encryption.
  171. config CRYPTO_ECB
  172. tristate "ECB support"
  173. select CRYPTO_BLKCIPHER
  174. select CRYPTO_MANAGER
  175. help
  176. ECB: Electronic CodeBook mode
  177. This is the simplest block cipher algorithm. It simply encrypts
  178. the input block by block.
  179. config CRYPTO_LRW
  180. tristate "LRW support (EXPERIMENTAL)"
  181. depends on EXPERIMENTAL
  182. select CRYPTO_BLKCIPHER
  183. select CRYPTO_MANAGER
  184. select CRYPTO_GF128MUL
  185. help
  186. LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
  187. narrow block cipher mode for dm-crypt. Use it with cipher
  188. specification string aes-lrw-benbi, the key must be 256, 320 or 384.
  189. The first 128, 192 or 256 bits in the key are used for AES and the
  190. rest is used to tie each cipher block to its logical position.
  191. config CRYPTO_PCBC
  192. tristate "PCBC support"
  193. select CRYPTO_BLKCIPHER
  194. select CRYPTO_MANAGER
  195. help
  196. PCBC: Propagating Cipher Block Chaining mode
  197. This block cipher algorithm is required for RxRPC.
  198. config CRYPTO_XTS
  199. tristate "XTS support (EXPERIMENTAL)"
  200. depends on EXPERIMENTAL
  201. select CRYPTO_BLKCIPHER
  202. select CRYPTO_MANAGER
  203. select CRYPTO_GF128MUL
  204. help
  205. XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
  206. key size 256, 384 or 512 bits. This implementation currently
  207. can't handle a sectorsize which is not a multiple of 16 bytes.
  208. config CRYPTO_FPU
  209. tristate
  210. select CRYPTO_BLKCIPHER
  211. select CRYPTO_MANAGER
  212. comment "Hash modes"
  213. config CRYPTO_HMAC
  214. tristate "HMAC support"
  215. select CRYPTO_HASH
  216. select CRYPTO_MANAGER
  217. help
  218. HMAC: Keyed-Hashing for Message Authentication (RFC2104).
  219. This is required for IPSec.
  220. config CRYPTO_XCBC
  221. tristate "XCBC support"
  222. depends on EXPERIMENTAL
  223. select CRYPTO_HASH
  224. select CRYPTO_MANAGER
  225. help
  226. XCBC: Keyed-Hashing with encryption algorithm
  227. http://www.ietf.org/rfc/rfc3566.txt
  228. http://csrc.nist.gov/encryption/modes/proposedmodes/
  229. xcbc-mac/xcbc-mac-spec.pdf
  230. comment "Digest"
  231. config CRYPTO_CRC32C
  232. tristate "CRC32c CRC algorithm"
  233. select CRYPTO_HASH
  234. help
  235. Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
  236. by iSCSI for header and data digests and by others.
  237. See Castagnoli93. Module will be crc32c.
  238. config CRYPTO_CRC32C_INTEL
  239. tristate "CRC32c INTEL hardware acceleration"
  240. depends on X86
  241. select CRYPTO_HASH
  242. help
  243. In Intel processor with SSE4.2 supported, the processor will
  244. support CRC32C implementation using hardware accelerated CRC32
  245. instruction. This option will create 'crc32c-intel' module,
  246. which will enable any routine to use the CRC32 instruction to
  247. gain performance compared with software implementation.
  248. Module will be crc32c-intel.
  249. config CRYPTO_MD4
  250. tristate "MD4 digest algorithm"
  251. select CRYPTO_HASH
  252. help
  253. MD4 message digest algorithm (RFC1320).
  254. config CRYPTO_MD5
  255. tristate "MD5 digest algorithm"
  256. select CRYPTO_HASH
  257. help
  258. MD5 message digest algorithm (RFC1321).
  259. config CRYPTO_MICHAEL_MIC
  260. tristate "Michael MIC keyed digest algorithm"
  261. select CRYPTO_HASH
  262. help
  263. Michael MIC is used for message integrity protection in TKIP
  264. (IEEE 802.11i). This algorithm is required for TKIP, but it
  265. should not be used for other purposes because of the weakness
  266. of the algorithm.
  267. config CRYPTO_RMD128
  268. tristate "RIPEMD-128 digest algorithm"
  269. select CRYPTO_HASH
  270. help
  271. RIPEMD-128 (ISO/IEC 10118-3:2004).
  272. RIPEMD-128 is a 128-bit cryptographic hash function. It should only
  273. to be used as a secure replacement for RIPEMD. For other use cases
  274. RIPEMD-160 should be used.
  275. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
  276. See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
  277. config CRYPTO_RMD160
  278. tristate "RIPEMD-160 digest algorithm"
  279. select CRYPTO_HASH
  280. help
  281. RIPEMD-160 (ISO/IEC 10118-3:2004).
  282. RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
  283. to be used as a secure replacement for the 128-bit hash functions
  284. MD4, MD5 and it's predecessor RIPEMD
  285. (not to be confused with RIPEMD-128).
  286. It's speed is comparable to SHA1 and there are no known attacks
  287. against RIPEMD-160.
  288. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
  289. See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
  290. config CRYPTO_RMD256
  291. tristate "RIPEMD-256 digest algorithm"
  292. select CRYPTO_HASH
  293. help
  294. RIPEMD-256 is an optional extension of RIPEMD-128 with a
  295. 256 bit hash. It is intended for applications that require
  296. longer hash-results, without needing a larger security level
  297. (than RIPEMD-128).
  298. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
  299. See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
  300. config CRYPTO_RMD320
  301. tristate "RIPEMD-320 digest algorithm"
  302. select CRYPTO_HASH
  303. help
  304. RIPEMD-320 is an optional extension of RIPEMD-160 with a
  305. 320 bit hash. It is intended for applications that require
  306. longer hash-results, without needing a larger security level
  307. (than RIPEMD-160).
  308. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
  309. See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
  310. config CRYPTO_SHA1
  311. tristate "SHA1 digest algorithm"
  312. select CRYPTO_HASH
  313. help
  314. SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
  315. config CRYPTO_SHA256
  316. tristate "SHA224 and SHA256 digest algorithm"
  317. select CRYPTO_HASH
  318. help
  319. SHA256 secure hash standard (DFIPS 180-2).
  320. This version of SHA implements a 256 bit hash with 128 bits of
  321. security against collision attacks.
  322. This code also includes SHA-224, a 224 bit hash with 112 bits
  323. of security against collision attacks.
  324. config CRYPTO_SHA512
  325. tristate "SHA384 and SHA512 digest algorithms"
  326. select CRYPTO_HASH
  327. help
  328. SHA512 secure hash standard (DFIPS 180-2).
  329. This version of SHA implements a 512 bit hash with 256 bits of
  330. security against collision attacks.
  331. This code also includes SHA-384, a 384 bit hash with 192 bits
  332. of security against collision attacks.
  333. config CRYPTO_TGR192
  334. tristate "Tiger digest algorithms"
  335. select CRYPTO_HASH
  336. help
  337. Tiger hash algorithm 192, 160 and 128-bit hashes
  338. Tiger is a hash function optimized for 64-bit processors while
  339. still having decent performance on 32-bit processors.
  340. Tiger was developed by Ross Anderson and Eli Biham.
  341. See also:
  342. <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
  343. config CRYPTO_WP512
  344. tristate "Whirlpool digest algorithms"
  345. select CRYPTO_HASH
  346. help
  347. Whirlpool hash algorithm 512, 384 and 256-bit hashes
  348. Whirlpool-512 is part of the NESSIE cryptographic primitives.
  349. Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
  350. See also:
  351. <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
  352. comment "Ciphers"
  353. config CRYPTO_AES
  354. tristate "AES cipher algorithms"
  355. select CRYPTO_ALGAPI
  356. help
  357. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  358. algorithm.
  359. Rijndael appears to be consistently a very good performer in
  360. both hardware and software across a wide range of computing
  361. environments regardless of its use in feedback or non-feedback
  362. modes. Its key setup time is excellent, and its key agility is
  363. good. Rijndael's very low memory requirements make it very well
  364. suited for restricted-space environments, in which it also
  365. demonstrates excellent performance. Rijndael's operations are
  366. among the easiest to defend against power and timing attacks.
  367. The AES specifies three key sizes: 128, 192 and 256 bits
  368. See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
  369. config CRYPTO_AES_586
  370. tristate "AES cipher algorithms (i586)"
  371. depends on (X86 || UML_X86) && !64BIT
  372. select CRYPTO_ALGAPI
  373. select CRYPTO_AES
  374. help
  375. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  376. algorithm.
  377. Rijndael appears to be consistently a very good performer in
  378. both hardware and software across a wide range of computing
  379. environments regardless of its use in feedback or non-feedback
  380. modes. Its key setup time is excellent, and its key agility is
  381. good. Rijndael's very low memory requirements make it very well
  382. suited for restricted-space environments, in which it also
  383. demonstrates excellent performance. Rijndael's operations are
  384. among the easiest to defend against power and timing attacks.
  385. The AES specifies three key sizes: 128, 192 and 256 bits
  386. See <http://csrc.nist.gov/encryption/aes/> for more information.
  387. config CRYPTO_AES_X86_64
  388. tristate "AES cipher algorithms (x86_64)"
  389. depends on (X86 || UML_X86) && 64BIT
  390. select CRYPTO_ALGAPI
  391. select CRYPTO_AES
  392. help
  393. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  394. algorithm.
  395. Rijndael appears to be consistently a very good performer in
  396. both hardware and software across a wide range of computing
  397. environments regardless of its use in feedback or non-feedback
  398. modes. Its key setup time is excellent, and its key agility is
  399. good. Rijndael's very low memory requirements make it very well
  400. suited for restricted-space environments, in which it also
  401. demonstrates excellent performance. Rijndael's operations are
  402. among the easiest to defend against power and timing attacks.
  403. The AES specifies three key sizes: 128, 192 and 256 bits
  404. See <http://csrc.nist.gov/encryption/aes/> for more information.
  405. config CRYPTO_AES_NI_INTEL
  406. tristate "AES cipher algorithms (AES-NI)"
  407. depends on (X86 || UML_X86) && 64BIT
  408. select CRYPTO_AES_X86_64
  409. select CRYPTO_CRYPTD
  410. select CRYPTO_ALGAPI
  411. select CRYPTO_FPU
  412. help
  413. Use Intel AES-NI instructions for AES algorithm.
  414. AES cipher algorithms (FIPS-197). AES uses the Rijndael
  415. algorithm.
  416. Rijndael appears to be consistently a very good performer in
  417. both hardware and software across a wide range of computing
  418. environments regardless of its use in feedback or non-feedback
  419. modes. Its key setup time is excellent, and its key agility is
  420. good. Rijndael's very low memory requirements make it very well
  421. suited for restricted-space environments, in which it also
  422. demonstrates excellent performance. Rijndael's operations are
  423. among the easiest to defend against power and timing attacks.
  424. The AES specifies three key sizes: 128, 192 and 256 bits
  425. See <http://csrc.nist.gov/encryption/aes/> for more information.
  426. In addition to AES cipher algorithm support, the
  427. acceleration for some popular block cipher mode is supported
  428. too, including ECB, CBC, CTR, LRW, PCBC, XTS.
  429. config CRYPTO_ANUBIS
  430. tristate "Anubis cipher algorithm"
  431. select CRYPTO_ALGAPI
  432. help
  433. Anubis cipher algorithm.
  434. Anubis is a variable key length cipher which can use keys from
  435. 128 bits to 320 bits in length. It was evaluated as a entrant
  436. in the NESSIE competition.
  437. See also:
  438. <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
  439. <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
  440. config CRYPTO_ARC4
  441. tristate "ARC4 cipher algorithm"
  442. select CRYPTO_ALGAPI
  443. help
  444. ARC4 cipher algorithm.
  445. ARC4 is a stream cipher using keys ranging from 8 bits to 2048
  446. bits in length. This algorithm is required for driver-based
  447. WEP, but it should not be for other purposes because of the
  448. weakness of the algorithm.
  449. config CRYPTO_BLOWFISH
  450. tristate "Blowfish cipher algorithm"
  451. select CRYPTO_ALGAPI
  452. help
  453. Blowfish cipher algorithm, by Bruce Schneier.
  454. This is a variable key length cipher which can use keys from 32
  455. bits to 448 bits in length. It's fast, simple and specifically
  456. designed for use on "large microprocessors".
  457. See also:
  458. <http://www.schneier.com/blowfish.html>
  459. config CRYPTO_CAMELLIA
  460. tristate "Camellia cipher algorithms"
  461. depends on CRYPTO
  462. select CRYPTO_ALGAPI
  463. help
  464. Camellia cipher algorithms module.
  465. Camellia is a symmetric key block cipher developed jointly
  466. at NTT and Mitsubishi Electric Corporation.
  467. The Camellia specifies three key sizes: 128, 192 and 256 bits.
  468. See also:
  469. <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
  470. config CRYPTO_CAST5
  471. tristate "CAST5 (CAST-128) cipher algorithm"
  472. select CRYPTO_ALGAPI
  473. help
  474. The CAST5 encryption algorithm (synonymous with CAST-128) is
  475. described in RFC2144.
  476. config CRYPTO_CAST6
  477. tristate "CAST6 (CAST-256) cipher algorithm"
  478. select CRYPTO_ALGAPI
  479. help
  480. The CAST6 encryption algorithm (synonymous with CAST-256) is
  481. described in RFC2612.
  482. config CRYPTO_DES
  483. tristate "DES and Triple DES EDE cipher algorithms"
  484. select CRYPTO_ALGAPI
  485. help
  486. DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
  487. config CRYPTO_FCRYPT
  488. tristate "FCrypt cipher algorithm"
  489. select CRYPTO_ALGAPI
  490. select CRYPTO_BLKCIPHER
  491. help
  492. FCrypt algorithm used by RxRPC.
  493. config CRYPTO_KHAZAD
  494. tristate "Khazad cipher algorithm"
  495. select CRYPTO_ALGAPI
  496. help
  497. Khazad cipher algorithm.
  498. Khazad was a finalist in the initial NESSIE competition. It is
  499. an algorithm optimized for 64-bit processors with good performance
  500. on 32-bit processors. Khazad uses an 128 bit key size.
  501. See also:
  502. <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
  503. config CRYPTO_SALSA20
  504. tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
  505. depends on EXPERIMENTAL
  506. select CRYPTO_BLKCIPHER
  507. help
  508. Salsa20 stream cipher algorithm.
  509. Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
  510. Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
  511. The Salsa20 stream cipher algorithm is designed by Daniel J.
  512. Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
  513. config CRYPTO_SALSA20_586
  514. tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
  515. depends on (X86 || UML_X86) && !64BIT
  516. depends on EXPERIMENTAL
  517. select CRYPTO_BLKCIPHER
  518. help
  519. Salsa20 stream cipher algorithm.
  520. Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
  521. Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
  522. The Salsa20 stream cipher algorithm is designed by Daniel J.
  523. Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
  524. config CRYPTO_SALSA20_X86_64
  525. tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
  526. depends on (X86 || UML_X86) && 64BIT
  527. depends on EXPERIMENTAL
  528. select CRYPTO_BLKCIPHER
  529. help
  530. Salsa20 stream cipher algorithm.
  531. Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
  532. Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
  533. The Salsa20 stream cipher algorithm is designed by Daniel J.
  534. Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
  535. config CRYPTO_SEED
  536. tristate "SEED cipher algorithm"
  537. select CRYPTO_ALGAPI
  538. help
  539. SEED cipher algorithm (RFC4269).
  540. SEED is a 128-bit symmetric key block cipher that has been
  541. developed by KISA (Korea Information Security Agency) as a
  542. national standard encryption algorithm of the Republic of Korea.
  543. It is a 16 round block cipher with the key size of 128 bit.
  544. See also:
  545. <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
  546. config CRYPTO_SERPENT
  547. tristate "Serpent cipher algorithm"
  548. select CRYPTO_ALGAPI
  549. help
  550. Serpent cipher algorithm, by Anderson, Biham & Knudsen.
  551. Keys are allowed to be from 0 to 256 bits in length, in steps
  552. of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
  553. variant of Serpent for compatibility with old kerneli.org code.
  554. See also:
  555. <http://www.cl.cam.ac.uk/~rja14/serpent.html>
  556. config CRYPTO_TEA
  557. tristate "TEA, XTEA and XETA cipher algorithms"
  558. select CRYPTO_ALGAPI
  559. help
  560. TEA cipher algorithm.
  561. Tiny Encryption Algorithm is a simple cipher that uses
  562. many rounds for security. It is very fast and uses
  563. little memory.
  564. Xtendend Tiny Encryption Algorithm is a modification to
  565. the TEA algorithm to address a potential key weakness
  566. in the TEA algorithm.
  567. Xtendend Encryption Tiny Algorithm is a mis-implementation
  568. of the XTEA algorithm for compatibility purposes.
  569. config CRYPTO_TWOFISH
  570. tristate "Twofish cipher algorithm"
  571. select CRYPTO_ALGAPI
  572. select CRYPTO_TWOFISH_COMMON
  573. help
  574. Twofish cipher algorithm.
  575. Twofish was submitted as an AES (Advanced Encryption Standard)
  576. candidate cipher by researchers at CounterPane Systems. It is a
  577. 16 round block cipher supporting key sizes of 128, 192, and 256
  578. bits.
  579. See also:
  580. <http://www.schneier.com/twofish.html>
  581. config CRYPTO_TWOFISH_COMMON
  582. tristate
  583. help
  584. Common parts of the Twofish cipher algorithm shared by the
  585. generic c and the assembler implementations.
  586. config CRYPTO_TWOFISH_586
  587. tristate "Twofish cipher algorithms (i586)"
  588. depends on (X86 || UML_X86) && !64BIT
  589. select CRYPTO_ALGAPI
  590. select CRYPTO_TWOFISH_COMMON
  591. help
  592. Twofish cipher algorithm.
  593. Twofish was submitted as an AES (Advanced Encryption Standard)
  594. candidate cipher by researchers at CounterPane Systems. It is a
  595. 16 round block cipher supporting key sizes of 128, 192, and 256
  596. bits.
  597. See also:
  598. <http://www.schneier.com/twofish.html>
  599. config CRYPTO_TWOFISH_X86_64
  600. tristate "Twofish cipher algorithm (x86_64)"
  601. depends on (X86 || UML_X86) && 64BIT
  602. select CRYPTO_ALGAPI
  603. select CRYPTO_TWOFISH_COMMON
  604. help
  605. Twofish cipher algorithm (x86_64).
  606. Twofish was submitted as an AES (Advanced Encryption Standard)
  607. candidate cipher by researchers at CounterPane Systems. It is a
  608. 16 round block cipher supporting key sizes of 128, 192, and 256
  609. bits.
  610. See also:
  611. <http://www.schneier.com/twofish.html>
  612. comment "Compression"
  613. config CRYPTO_DEFLATE
  614. tristate "Deflate compression algorithm"
  615. select CRYPTO_ALGAPI
  616. select ZLIB_INFLATE
  617. select ZLIB_DEFLATE
  618. help
  619. This is the Deflate algorithm (RFC1951), specified for use in
  620. IPSec with the IPCOMP protocol (RFC3173, RFC2394).
  621. You will most probably want this if using IPSec.
  622. config CRYPTO_ZLIB
  623. tristate "Zlib compression algorithm"
  624. select CRYPTO_PCOMP
  625. select ZLIB_INFLATE
  626. select ZLIB_DEFLATE
  627. select NLATTR
  628. help
  629. This is the zlib algorithm.
  630. config CRYPTO_LZO
  631. tristate "LZO compression algorithm"
  632. select CRYPTO_ALGAPI
  633. select LZO_COMPRESS
  634. select LZO_DECOMPRESS
  635. help
  636. This is the LZO algorithm.
  637. comment "Random Number Generation"
  638. config CRYPTO_ANSI_CPRNG
  639. tristate "Pseudo Random Number Generation for Cryptographic modules"
  640. select CRYPTO_AES
  641. select CRYPTO_RNG
  642. help
  643. This option enables the generic pseudo random number generator
  644. for cryptographic modules. Uses the Algorithm specified in
  645. ANSI X9.31 A.2.4
  646. source "drivers/crypto/Kconfig"
  647. endif # if CRYPTO