| blob | df332c140f95fc6864cffbb166b233d4581073e1 |
1 #
2 # Generic algorithms support
3 #
4 config XOR_BLOCKS
5 tristate
7 #
8 # async_tx api: hardware offloaded memory transfer/transform support
9 #
10 source "crypto/async_tx/Kconfig"
12 #
13 # Cryptographic API Configuration
14 #
15 menuconfig CRYPTO
16 tristate "Cryptographic API"
17 help
18 This option provides the core Cryptographic API.
20 if CRYPTO
22 comment "Crypto core or helper"
24 config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 depends on CRYPTO_ANSI_CPRNG
27 help
28 This options enables the fips boot option which is
29 required if you want to system to operate in a FIPS 200
30 certification. You should say no unless you know what
31 this is. Note that CRYPTO_ANSI_CPRNG is required if this
32 option is selected
34 config CRYPTO_ALGAPI
35 tristate
36 select CRYPTO_ALGAPI2
37 help
38 This option provides the API for cryptographic algorithms.
40 config CRYPTO_ALGAPI2
41 tristate
43 config CRYPTO_AEAD
44 tristate
45 select CRYPTO_AEAD2
46 select CRYPTO_ALGAPI
48 config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
52 config CRYPTO_BLKCIPHER
53 tristate
54 select CRYPTO_BLKCIPHER2
55 select CRYPTO_ALGAPI
57 config CRYPTO_BLKCIPHER2
58 tristate
59 select CRYPTO_ALGAPI2
60 select CRYPTO_RNG2
61 select CRYPTO_WORKQUEUE
63 config CRYPTO_HASH
64 tristate
65 select CRYPTO_HASH2
66 select CRYPTO_ALGAPI
68 config CRYPTO_HASH2
69 tristate
70 select CRYPTO_ALGAPI2
72 config CRYPTO_RNG
73 tristate
74 select CRYPTO_RNG2
75 select CRYPTO_ALGAPI
77 config CRYPTO_RNG2
78 tristate
79 select CRYPTO_ALGAPI2
81 config CRYPTO_PCOMP
82 tristate
83 select CRYPTO_ALGAPI2
85 config CRYPTO_MANAGER
86 tristate "Cryptographic algorithm manager"
87 select CRYPTO_MANAGER2
88 help
89 Create default cryptographic template instantiations such as
90 cbc(aes).
92 config CRYPTO_MANAGER2
93 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
94 select CRYPTO_AEAD2
95 select CRYPTO_HASH2
96 select CRYPTO_BLKCIPHER2
97 select CRYPTO_PCOMP
99 config CRYPTO_MANAGER_TESTS
100 bool "Run algolithms' self-tests"
101 default y
102 depends on CRYPTO_MANAGER2
103 help
104 Run cryptomanager's tests for the new crypto algorithms being
105 registered.
107 config CRYPTO_GF128MUL
108 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
109 depends on EXPERIMENTAL
110 help
111 Efficient table driven implementation of multiplications in the
112 field GF(2^128). This is needed by some cypher modes. This
113 option will be selected automatically if you select such a
114 cipher mode. Only select this option by hand if you expect to load
115 an external module that requires these functions.
117 config CRYPTO_NULL
118 tristate "Null algorithms"
119 select CRYPTO_ALGAPI
120 select CRYPTO_BLKCIPHER
121 select CRYPTO_HASH
122 help
123 These are 'Null' algorithms, used by IPsec, which do nothing.
125 config CRYPTO_PCRYPT
126 tristate "Parallel crypto engine (EXPERIMENTAL)"
127 depends on SMP && EXPERIMENTAL
128 select PADATA
129 select CRYPTO_MANAGER
130 select CRYPTO_AEAD
131 help
132 This converts an arbitrary crypto algorithm into a parallel
133 algorithm that executes in kernel threads.
135 config CRYPTO_WORKQUEUE
136 tristate
138 config CRYPTO_CRYPTD
139 tristate "Software async crypto daemon"
140 select CRYPTO_BLKCIPHER
141 select CRYPTO_HASH
142 select CRYPTO_MANAGER
143 select CRYPTO_WORKQUEUE
144 help
145 This is a generic software asynchronous crypto daemon that
146 converts an arbitrary synchronous software crypto algorithm
147 into an asynchronous algorithm that executes in a kernel thread.
149 config CRYPTO_AUTHENC
150 tristate "Authenc support"
151 select CRYPTO_AEAD
152 select CRYPTO_BLKCIPHER
153 select CRYPTO_MANAGER
154 select CRYPTO_HASH
155 help
156 Authenc: Combined mode wrapper for IPsec.
157 This is required for IPSec.
159 config CRYPTO_TEST
160 tristate "Testing module"
161 depends on m
162 select CRYPTO_MANAGER
163 help
164 Quick & dirty crypto test module.
166 comment "Authenticated Encryption with Associated Data"
168 config CRYPTO_CCM
169 tristate "CCM support"
170 select CRYPTO_CTR
171 select CRYPTO_AEAD
172 help
173 Support for Counter with CBC MAC. Required for IPsec.
175 config CRYPTO_GCM
176 tristate "GCM/GMAC support"
177 select CRYPTO_CTR
178 select CRYPTO_AEAD
179 select CRYPTO_GHASH
180 help
181 Support for Galois/Counter Mode (GCM) and Galois Message
182 Authentication Code (GMAC). Required for IPSec.
184 config CRYPTO_SEQIV
185 tristate "Sequence Number IV Generator"
186 select CRYPTO_AEAD
187 select CRYPTO_BLKCIPHER
188 select CRYPTO_RNG
189 help
190 This IV generator generates an IV based on a sequence number by
191 xoring it with a salt. This algorithm is mainly useful for CTR
193 comment "Block modes"
195 config CRYPTO_CBC
196 tristate "CBC support"
197 select CRYPTO_BLKCIPHER
198 select CRYPTO_MANAGER
199 help
200 CBC: Cipher Block Chaining mode
201 This block cipher algorithm is required for IPSec.
203 config CRYPTO_CTR
204 tristate "CTR support"
205 select CRYPTO_BLKCIPHER
206 select CRYPTO_SEQIV
207 select CRYPTO_MANAGER
208 help
209 CTR: Counter mode
210 This block cipher algorithm is required for IPSec.
212 config CRYPTO_CTS
213 tristate "CTS support"
214 select CRYPTO_BLKCIPHER
215 help
216 CTS: Cipher Text Stealing
217 This is the Cipher Text Stealing mode as described by
218 Section 8 of rfc2040 and referenced by rfc3962.
219 (rfc3962 includes errata information in its Appendix A)
220 This mode is required for Kerberos gss mechanism support
221 for AES encryption.
223 config CRYPTO_ECB
224 tristate "ECB support"
225 select CRYPTO_BLKCIPHER
226 select CRYPTO_MANAGER
227 help
228 ECB: Electronic CodeBook mode
229 This is the simplest block cipher algorithm. It simply encrypts
230 the input block by block.
232 config CRYPTO_LRW
233 tristate "LRW support (EXPERIMENTAL)"
234 depends on EXPERIMENTAL
235 select CRYPTO_BLKCIPHER
236 select CRYPTO_MANAGER
237 select CRYPTO_GF128MUL
238 help
239 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
240 narrow block cipher mode for dm-crypt. Use it with cipher
241 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
242 The first 128, 192 or 256 bits in the key are used for AES and the
243 rest is used to tie each cipher block to its logical position.
245 config CRYPTO_PCBC
246 tristate "PCBC support"
247 select CRYPTO_BLKCIPHER
248 select CRYPTO_MANAGER
249 help
250 PCBC: Propagating Cipher Block Chaining mode
251 This block cipher algorithm is required for RxRPC.
253 config CRYPTO_XTS
254 tristate "XTS support (EXPERIMENTAL)"
255 depends on EXPERIMENTAL
256 select CRYPTO_BLKCIPHER
257 select CRYPTO_MANAGER
258 select CRYPTO_GF128MUL
259 help
260 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
261 key size 256, 384 or 512 bits. This implementation currently
262 can't handle a sectorsize which is not a multiple of 16 bytes.
264 config CRYPTO_FPU
265 tristate
266 select CRYPTO_BLKCIPHER
267 select CRYPTO_MANAGER
269 comment "Hash modes"
271 config CRYPTO_HMAC
272 tristate "HMAC support"
273 select CRYPTO_HASH
274 select CRYPTO_MANAGER
275 help
276 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
277 This is required for IPSec.
279 config CRYPTO_XCBC
280 tristate "XCBC support"
281 depends on EXPERIMENTAL
282 select CRYPTO_HASH
283 select CRYPTO_MANAGER
284 help
285 XCBC: Keyed-Hashing with encryption algorithm
286 http://www.ietf.org/rfc/rfc3566.txt
287 http://csrc.nist.gov/encryption/modes/proposedmodes/
288 xcbc-mac/xcbc-mac-spec.pdf
290 config CRYPTO_VMAC
291 tristate "VMAC support"
292 depends on EXPERIMENTAL
293 select CRYPTO_HASH
294 select CRYPTO_MANAGER
295 help
296 VMAC is a message authentication algorithm designed for
297 very high speed on 64-bit architectures.
299 See also:
300 <http://fastcrypto.org/vmac>
302 comment "Digest"
304 config CRYPTO_CRC32C
305 tristate "CRC32c CRC algorithm"
306 select CRYPTO_HASH
307 help
308 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
309 by iSCSI for header and data digests and by others.
310 See Castagnoli93. Module will be crc32c.
312 config CRYPTO_CRC32C_INTEL
313 tristate "CRC32c INTEL hardware acceleration"
314 depends on X86
315 select CRYPTO_HASH
316 help
317 In Intel processor with SSE4.2 supported, the processor will
318 support CRC32C implementation using hardware accelerated CRC32
319 instruction. This option will create 'crc32c-intel' module,
320 which will enable any routine to use the CRC32 instruction to
321 gain performance compared with software implementation.
322 Module will be crc32c-intel.
324 config CRYPTO_GHASH
325 tristate "GHASH digest algorithm"
326 select CRYPTO_SHASH
327 select CRYPTO_GF128MUL
328 help
329 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
331 config CRYPTO_MD4
332 tristate "MD4 digest algorithm"
333 select CRYPTO_HASH
334 help
335 MD4 message digest algorithm (RFC1320).
337 config CRYPTO_MD5
338 tristate "MD5 digest algorithm"
339 select CRYPTO_HASH
340 help
341 MD5 message digest algorithm (RFC1321).
343 config CRYPTO_MICHAEL_MIC
344 tristate "Michael MIC keyed digest algorithm"
345 select CRYPTO_HASH
346 help
347 Michael MIC is used for message integrity protection in TKIP
348 (IEEE 802.11i). This algorithm is required for TKIP, but it
349 should not be used for other purposes because of the weakness
350 of the algorithm.
352 config CRYPTO_RMD128
353 tristate "RIPEMD-128 digest algorithm"
354 select CRYPTO_HASH
355 help
356 RIPEMD-128 (ISO/IEC 10118-3:2004).
358 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
359 to be used as a secure replacement for RIPEMD. For other use cases
360 RIPEMD-160 should be used.
362 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
363 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
365 config CRYPTO_RMD160
366 tristate "RIPEMD-160 digest algorithm"
367 select CRYPTO_HASH
368 help
369 RIPEMD-160 (ISO/IEC 10118-3:2004).
371 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
372 to be used as a secure replacement for the 128-bit hash functions
373 MD4, MD5 and it's predecessor RIPEMD
374 (not to be confused with RIPEMD-128).
376 It's speed is comparable to SHA1 and there are no known attacks
377 against RIPEMD-160.
379 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
380 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
382 config CRYPTO_RMD256
383 tristate "RIPEMD-256 digest algorithm"
384 select CRYPTO_HASH
385 help
386 RIPEMD-256 is an optional extension of RIPEMD-128 with a
387 256 bit hash. It is intended for applications that require
388 longer hash-results, without needing a larger security level
389 (than RIPEMD-128).
391 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
392 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
394 config CRYPTO_RMD320
395 tristate "RIPEMD-320 digest algorithm"
396 select CRYPTO_HASH
397 help
398 RIPEMD-320 is an optional extension of RIPEMD-160 with a
399 320 bit hash. It is intended for applications that require
400 longer hash-results, without needing a larger security level
401 (than RIPEMD-160).
403 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
404 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
406 config CRYPTO_SHA1
407 tristate "SHA1 digest algorithm"
408 select CRYPTO_HASH
409 help
410 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
412 config CRYPTO_SHA256
413 tristate "SHA224 and SHA256 digest algorithm"
414 select CRYPTO_HASH
415 help
416 SHA256 secure hash standard (DFIPS 180-2).
418 This version of SHA implements a 256 bit hash with 128 bits of
419 security against collision attacks.
421 This code also includes SHA-224, a 224 bit hash with 112 bits
422 of security against collision attacks.
424 config CRYPTO_SHA512
425 tristate "SHA384 and SHA512 digest algorithms"
426 select CRYPTO_HASH
427 help
428 SHA512 secure hash standard (DFIPS 180-2).
430 This version of SHA implements a 512 bit hash with 256 bits of
431 security against collision attacks.
433 This code also includes SHA-384, a 384 bit hash with 192 bits
434 of security against collision attacks.
436 config CRYPTO_TGR192
437 tristate "Tiger digest algorithms"
438 select CRYPTO_HASH
439 help
440 Tiger hash algorithm 192, 160 and 128-bit hashes
442 Tiger is a hash function optimized for 64-bit processors while
443 still having decent performance on 32-bit processors.
444 Tiger was developed by Ross Anderson and Eli Biham.
446 See also:
447 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
449 config CRYPTO_WP512
450 tristate "Whirlpool digest algorithms"
451 select CRYPTO_HASH
452 help
453 Whirlpool hash algorithm 512, 384 and 256-bit hashes
455 Whirlpool-512 is part of the NESSIE cryptographic primitives.
456 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
458 See also:
459 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
461 config CRYPTO_GHASH_CLMUL_NI_INTEL
462 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
463 depends on (X86 || UML_X86) && 64BIT
464 select CRYPTO_SHASH
465 select CRYPTO_CRYPTD
466 help
467 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
468 The implementation is accelerated by CLMUL-NI of Intel.
470 comment "Ciphers"
472 config CRYPTO_AES
473 tristate "AES cipher algorithms"
474 select CRYPTO_ALGAPI
475 help
476 AES cipher algorithms (FIPS-197). AES uses the Rijndael
477 algorithm.
479 Rijndael appears to be consistently a very good performer in
480 both hardware and software across a wide range of computing
481 environments regardless of its use in feedback or non-feedback
482 modes. Its key setup time is excellent, and its key agility is
483 good. Rijndael's very low memory requirements make it very well
484 suited for restricted-space environments, in which it also
485 demonstrates excellent performance. Rijndael's operations are
486 among the easiest to defend against power and timing attacks.
488 The AES specifies three key sizes: 128, 192 and 256 bits
490 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
492 config CRYPTO_AES_586
493 tristate "AES cipher algorithms (i586)"
494 depends on (X86 || UML_X86) && !64BIT
495 select CRYPTO_ALGAPI
496 select CRYPTO_AES
497 help
498 AES cipher algorithms (FIPS-197). AES uses the Rijndael
499 algorithm.
501 Rijndael appears to be consistently a very good performer in
502 both hardware and software across a wide range of computing
503 environments regardless of its use in feedback or non-feedback
504 modes. Its key setup time is excellent, and its key agility is
505 good. Rijndael's very low memory requirements make it very well
506 suited for restricted-space environments, in which it also
507 demonstrates excellent performance. Rijndael's operations are
508 among the easiest to defend against power and timing attacks.
510 The AES specifies three key sizes: 128, 192 and 256 bits
512 See <http://csrc.nist.gov/encryption/aes/> for more information.
514 config CRYPTO_AES_X86_64
515 tristate "AES cipher algorithms (x86_64)"
516 depends on (X86 || UML_X86) && 64BIT
517 select CRYPTO_ALGAPI
518 select CRYPTO_AES
519 help
520 AES cipher algorithms (FIPS-197). AES uses the Rijndael
521 algorithm.
523 Rijndael appears to be consistently a very good performer in
524 both hardware and software across a wide range of computing
525 environments regardless of its use in feedback or non-feedback
526 modes. Its key setup time is excellent, and its key agility is
527 good. Rijndael's very low memory requirements make it very well
528 suited for restricted-space environments, in which it also
529 demonstrates excellent performance. Rijndael's operations are
530 among the easiest to defend against power and timing attacks.
532 The AES specifies three key sizes: 128, 192 and 256 bits
534 See <http://csrc.nist.gov/encryption/aes/> for more information.
536 config CRYPTO_AES_NI_INTEL
537 tristate "AES cipher algorithms (AES-NI)"
538 depends on (X86 || UML_X86) && 64BIT
539 select CRYPTO_AES_X86_64
540 select CRYPTO_CRYPTD
541 select CRYPTO_ALGAPI
542 select CRYPTO_FPU
543 help
544 Use Intel AES-NI instructions for AES algorithm.
546 AES cipher algorithms (FIPS-197). AES uses the Rijndael
547 algorithm.
549 Rijndael appears to be consistently a very good performer in
550 both hardware and software across a wide range of computing
551 environments regardless of its use in feedback or non-feedback
552 modes. Its key setup time is excellent, and its key agility is
553 good. Rijndael's very low memory requirements make it very well
554 suited for restricted-space environments, in which it also
555 demonstrates excellent performance. Rijndael's operations are
556 among the easiest to defend against power and timing attacks.
558 The AES specifies three key sizes: 128, 192 and 256 bits
560 See <http://csrc.nist.gov/encryption/aes/> for more information.
562 In addition to AES cipher algorithm support, the
563 acceleration for some popular block cipher mode is supported
564 too, including ECB, CBC, CTR, LRW, PCBC, XTS.
566 config CRYPTO_ANUBIS
567 tristate "Anubis cipher algorithm"
568 select CRYPTO_ALGAPI
569 help
570 Anubis cipher algorithm.
572 Anubis is a variable key length cipher which can use keys from
573 128 bits to 320 bits in length. It was evaluated as a entrant
574 in the NESSIE competition.
576 See also:
577 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
578 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
580 config CRYPTO_ARC4
581 tristate "ARC4 cipher algorithm"
582 select CRYPTO_ALGAPI
583 help
584 ARC4 cipher algorithm.
586 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
587 bits in length. This algorithm is required for driver-based
588 WEP, but it should not be for other purposes because of the
589 weakness of the algorithm.
591 config CRYPTO_BLOWFISH
592 tristate "Blowfish cipher algorithm"
593 select CRYPTO_ALGAPI
594 help
595 Blowfish cipher algorithm, by Bruce Schneier.
597 This is a variable key length cipher which can use keys from 32
598 bits to 448 bits in length. It's fast, simple and specifically
599 designed for use on "large microprocessors".
601 See also:
602 <http://www.schneier.com/blowfish.html>
604 config CRYPTO_CAMELLIA
605 tristate "Camellia cipher algorithms"
606 depends on CRYPTO
607 select CRYPTO_ALGAPI
608 help
609 Camellia cipher algorithms module.
611 Camellia is a symmetric key block cipher developed jointly
612 at NTT and Mitsubishi Electric Corporation.
614 The Camellia specifies three key sizes: 128, 192 and 256 bits.
616 See also:
617 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
619 config CRYPTO_CAST5
620 tristate "CAST5 (CAST-128) cipher algorithm"
621 select CRYPTO_ALGAPI
622 help
623 The CAST5 encryption algorithm (synonymous with CAST-128) is
624 described in RFC2144.
626 config CRYPTO_CAST6
627 tristate "CAST6 (CAST-256) cipher algorithm"
628 select CRYPTO_ALGAPI
629 help
630 The CAST6 encryption algorithm (synonymous with CAST-256) is
631 described in RFC2612.
633 config CRYPTO_DES
634 tristate "DES and Triple DES EDE cipher algorithms"
635 select CRYPTO_ALGAPI
636 help
637 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
639 config CRYPTO_FCRYPT
640 tristate "FCrypt cipher algorithm"
641 select CRYPTO_ALGAPI
642 select CRYPTO_BLKCIPHER
643 help
644 FCrypt algorithm used by RxRPC.
646 config CRYPTO_KHAZAD
647 tristate "Khazad cipher algorithm"
648 select CRYPTO_ALGAPI
649 help
650 Khazad cipher algorithm.
652 Khazad was a finalist in the initial NESSIE competition. It is
653 an algorithm optimized for 64-bit processors with good performance
654 on 32-bit processors. Khazad uses an 128 bit key size.
656 See also:
657 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
659 config CRYPTO_SALSA20
660 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
661 depends on EXPERIMENTAL
662 select CRYPTO_BLKCIPHER
663 help
664 Salsa20 stream cipher algorithm.
666 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
667 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
669 The Salsa20 stream cipher algorithm is designed by Daniel J.
670 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
672 config CRYPTO_SALSA20_586
673 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
674 depends on (X86 || UML_X86) && !64BIT
675 depends on EXPERIMENTAL
676 select CRYPTO_BLKCIPHER
677 help
678 Salsa20 stream cipher algorithm.
680 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
681 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
683 The Salsa20 stream cipher algorithm is designed by Daniel J.
684 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
686 config CRYPTO_SALSA20_X86_64
687 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
688 depends on (X86 || UML_X86) && 64BIT
689 depends on EXPERIMENTAL
690 select CRYPTO_BLKCIPHER
691 help
692 Salsa20 stream cipher algorithm.
694 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
695 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
697 The Salsa20 stream cipher algorithm is designed by Daniel J.
698 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
700 config CRYPTO_SEED
701 tristate "SEED cipher algorithm"
702 select CRYPTO_ALGAPI
703 help
704 SEED cipher algorithm (RFC4269).
706 SEED is a 128-bit symmetric key block cipher that has been
707 developed by KISA (Korea Information Security Agency) as a
708 national standard encryption algorithm of the Republic of Korea.
709 It is a 16 round block cipher with the key size of 128 bit.
711 See also:
712 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
714 config CRYPTO_SERPENT
715 tristate "Serpent cipher algorithm"
716 select CRYPTO_ALGAPI
717 help
718 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
720 Keys are allowed to be from 0 to 256 bits in length, in steps
721 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
722 variant of Serpent for compatibility with old kerneli.org code.
724 See also:
725 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
727 config CRYPTO_TEA
728 tristate "TEA, XTEA and XETA cipher algorithms"
729 select CRYPTO_ALGAPI
730 help
731 TEA cipher algorithm.
733 Tiny Encryption Algorithm is a simple cipher that uses
734 many rounds for security. It is very fast and uses
735 little memory.
737 Xtendend Tiny Encryption Algorithm is a modification to
738 the TEA algorithm to address a potential key weakness
739 in the TEA algorithm.
741 Xtendend Encryption Tiny Algorithm is a mis-implementation
742 of the XTEA algorithm for compatibility purposes.
744 config CRYPTO_TWOFISH
745 tristate "Twofish cipher algorithm"
746 select CRYPTO_ALGAPI
747 select CRYPTO_TWOFISH_COMMON
748 help
749 Twofish cipher algorithm.
751 Twofish was submitted as an AES (Advanced Encryption Standard)
752 candidate cipher by researchers at CounterPane Systems. It is a
753 16 round block cipher supporting key sizes of 128, 192, and 256
754 bits.
756 See also:
757 <http://www.schneier.com/twofish.html>
759 config CRYPTO_TWOFISH_COMMON
760 tristate
761 help
762 Common parts of the Twofish cipher algorithm shared by the
763 generic c and the assembler implementations.
765 config CRYPTO_TWOFISH_586
766 tristate "Twofish cipher algorithms (i586)"
767 depends on (X86 || UML_X86) && !64BIT
768 select CRYPTO_ALGAPI
769 select CRYPTO_TWOFISH_COMMON
770 help
771 Twofish cipher algorithm.
773 Twofish was submitted as an AES (Advanced Encryption Standard)
774 candidate cipher by researchers at CounterPane Systems. It is a
775 16 round block cipher supporting key sizes of 128, 192, and 256
776 bits.
778 See also:
779 <http://www.schneier.com/twofish.html>
781 config CRYPTO_TWOFISH_X86_64
782 tristate "Twofish cipher algorithm (x86_64)"
783 depends on (X86 || UML_X86) && 64BIT
784 select CRYPTO_ALGAPI
785 select CRYPTO_TWOFISH_COMMON
786 help
787 Twofish cipher algorithm (x86_64).
789 Twofish was submitted as an AES (Advanced Encryption Standard)
790 candidate cipher by researchers at CounterPane Systems. It is a
791 16 round block cipher supporting key sizes of 128, 192, and 256
792 bits.
794 See also:
795 <http://www.schneier.com/twofish.html>
797 comment "Compression"
799 config CRYPTO_DEFLATE
800 tristate "Deflate compression algorithm"
801 select CRYPTO_ALGAPI
802 select ZLIB_INFLATE
803 select ZLIB_DEFLATE
804 help
805 This is the Deflate algorithm (RFC1951), specified for use in
806 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
808 You will most probably want this if using IPSec.
810 config CRYPTO_ZLIB
811 tristate "Zlib compression algorithm"
812 select CRYPTO_PCOMP
813 select ZLIB_INFLATE
814 select ZLIB_DEFLATE
815 select NLATTR
816 help
817 This is the zlib algorithm.
819 config CRYPTO_LZO
820 tristate "LZO compression algorithm"
821 select CRYPTO_ALGAPI
822 select LZO_COMPRESS
823 select LZO_DECOMPRESS
824 help
825 This is the LZO algorithm.
827 comment "Random Number Generation"
829 config CRYPTO_ANSI_CPRNG
830 tristate "Pseudo Random Number Generation for Cryptographic modules"
831 default m
832 select CRYPTO_AES
833 select CRYPTO_RNG
834 help
835 This option enables the generic pseudo random number generator
836 for cryptographic modules. Uses the Algorithm specified in
837 ANSI X9.31 A.2.4. Note that this option must be enabled if
838 CRYPTO_FIPS is selected
840 source "drivers/crypto/Kconfig"
842 endif # if CRYPTO