]> bbs.cooldavid.org Git - net-next-2.6.git/blame - crypto/Kconfig
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: api - Use dedicated workqueue for crypto subsystem
[net-next-2.6.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 help
27 This options enables the fips boot option which is
28 required if you want to system to operate in a FIPS 200
29 certification. You should say no unless you know what
30 this is.
31
cce9e06d
HX		 32config CRYPTO_ALGAPI
33 tristate
6a0fcbb4 34 select CRYPTO_ALGAPI2
cce9e06d
HX		 35 help
36 This option provides the API for cryptographic algorithms.
37
6a0fcbb4
HX		 38config CRYPTO_ALGAPI2
39 tristate
40
1ae97820
HX		 41config CRYPTO_AEAD
42 tristate
6a0fcbb4 43 select CRYPTO_AEAD2
1ae97820
HX		 44 select CRYPTO_ALGAPI
45
6a0fcbb4
HX		 46config CRYPTO_AEAD2
47 tristate
48 select CRYPTO_ALGAPI2
49
5cde0af2
HX		 50config CRYPTO_BLKCIPHER
51 tristate
6a0fcbb4 52 select CRYPTO_BLKCIPHER2
5cde0af2 53 select CRYPTO_ALGAPI
6a0fcbb4
HX		 54
55config CRYPTO_BLKCIPHER2
56 tristate
57 select CRYPTO_ALGAPI2
58 select CRYPTO_RNG2
5cde0af2 59
055bcee3
HX		 60config CRYPTO_HASH
61 tristate
6a0fcbb4 62 select CRYPTO_HASH2
055bcee3
HX		 63 select CRYPTO_ALGAPI
64
6a0fcbb4
HX		 65config CRYPTO_HASH2
66 tristate
67 select CRYPTO_ALGAPI2
68
17f0f4a4
NH		 69config CRYPTO_RNG
70 tristate
6a0fcbb4 71 select CRYPTO_RNG2
17f0f4a4
NH		 72 select CRYPTO_ALGAPI
73
6a0fcbb4
HX		 74config CRYPTO_RNG2
75 tristate
76 select CRYPTO_ALGAPI2
77
2b8c19db
HX		 78config CRYPTO_MANAGER
79 tristate "Cryptographic algorithm manager"
6a0fcbb4 80 select CRYPTO_MANAGER2
2b8c19db
HX		 81 help
82 Create default cryptographic template instantiations such as
83 cbc(aes).
84
6a0fcbb4
HX		 85config CRYPTO_MANAGER2
86 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
87 select CRYPTO_AEAD2
88 select CRYPTO_HASH2
89 select CRYPTO_BLKCIPHER2
90
584fffc8
SS		 91config CRYPTO_GF128MUL
92 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
333b0d7e 93 depends on EXPERIMENTAL
333b0d7e 94 help
584fffc8
SS		 95 Efficient table driven implementation of multiplications in the
96 field GF(2^128). This is needed by some cypher modes. This
97 option will be selected automatically if you select such a
98 cipher mode. Only select this option by hand if you expect to load
99 an external module that requires these functions.
333b0d7e 100
1da177e4
LT		 101config CRYPTO_NULL
102 tristate "Null algorithms"
cce9e06d 103 select CRYPTO_ALGAPI
c8620c25 104 select CRYPTO_BLKCIPHER
d35d2454 105 select CRYPTO_HASH
1da177e4
LT		 106 help
107 These are 'Null' algorithms, used by IPsec, which do nothing.
108
25c38d3f
HY		 109config CRYPTO_WORKQUEUE
110 tristate
111
584fffc8
SS		 112config CRYPTO_CRYPTD
113 tristate "Software async crypto daemon"
114 select CRYPTO_BLKCIPHER
b8a28251 115 select CRYPTO_HASH
584fffc8 116 select CRYPTO_MANAGER
1da177e4 117 help
584fffc8
SS		 118 This is a generic software asynchronous crypto daemon that
119 converts an arbitrary synchronous software crypto algorithm
120 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 121
584fffc8
SS		 122config CRYPTO_AUTHENC
123 tristate "Authenc support"
124 select CRYPTO_AEAD
125 select CRYPTO_BLKCIPHER
126 select CRYPTO_MANAGER
127 select CRYPTO_HASH
1da177e4 128 help
584fffc8
SS		 129 Authenc: Combined mode wrapper for IPsec.
130 This is required for IPSec.
1da177e4 131
584fffc8
SS		 132config CRYPTO_TEST
133 tristate "Testing module"
134 depends on m
da7f033d 135 select CRYPTO_MANAGER
1da177e4 136 help
584fffc8 137 Quick & dirty crypto test module.
1da177e4 138
584fffc8 139comment "Authenticated Encryption with Associated Data"
cd12fb90 140
584fffc8
SS		 141config CRYPTO_CCM
142 tristate "CCM support"
143 select CRYPTO_CTR
144 select CRYPTO_AEAD
1da177e4 145 help
584fffc8 146 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 147
584fffc8
SS		 148config CRYPTO_GCM
149 tristate "GCM/GMAC support"
150 select CRYPTO_CTR
151 select CRYPTO_AEAD
152 select CRYPTO_GF128MUL
1da177e4 153 help
584fffc8
SS		 154 Support for Galois/Counter Mode (GCM) and Galois Message
155 Authentication Code (GMAC). Required for IPSec.
1da177e4 156
584fffc8
SS		 157config CRYPTO_SEQIV
158 tristate "Sequence Number IV Generator"
159 select CRYPTO_AEAD
160 select CRYPTO_BLKCIPHER
a0f000ec 161 select CRYPTO_RNG
1da177e4 162 help
584fffc8
SS		 163 This IV generator generates an IV based on a sequence number by
164 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 165
584fffc8 166comment "Block modes"
c494e070 167
584fffc8
SS		 168config CRYPTO_CBC
169 tristate "CBC support"
db131ef9 170 select CRYPTO_BLKCIPHER
43518407 171 select CRYPTO_MANAGER
db131ef9 172 help
584fffc8
SS		 173 CBC: Cipher Block Chaining mode
174 This block cipher algorithm is required for IPSec.
db131ef9 175
584fffc8
SS		 176config CRYPTO_CTR
177 tristate "CTR support"
db131ef9 178 select CRYPTO_BLKCIPHER
584fffc8 179 select CRYPTO_SEQIV
43518407 180 select CRYPTO_MANAGER
db131ef9 181 help
584fffc8 182 CTR: Counter mode
db131ef9
HX		 183 This block cipher algorithm is required for IPSec.
184
584fffc8
SS		 185config CRYPTO_CTS
186 tristate "CTS support"
187 select CRYPTO_BLKCIPHER
188 help
189 CTS: Cipher Text Stealing
190 This is the Cipher Text Stealing mode as described by
191 Section 8 of rfc2040 and referenced by rfc3962.
192 (rfc3962 includes errata information in its Appendix A)
193 This mode is required for Kerberos gss mechanism support
194 for AES encryption.
195
196config CRYPTO_ECB
197 tristate "ECB support"
91652be5
DH		 198 select CRYPTO_BLKCIPHER
199 select CRYPTO_MANAGER
91652be5 200 help
584fffc8
SS		 201 ECB: Electronic CodeBook mode
202 This is the simplest block cipher algorithm. It simply encrypts
203 the input block by block.
91652be5 204
64470f1b
RS		 205config CRYPTO_LRW
206 tristate "LRW support (EXPERIMENTAL)"
207 depends on EXPERIMENTAL
208 select CRYPTO_BLKCIPHER
209 select CRYPTO_MANAGER
210 select CRYPTO_GF128MUL
211 help
212 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
213 narrow block cipher mode for dm-crypt. Use it with cipher
214 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
215 The first 128, 192 or 256 bits in the key are used for AES and the
216 rest is used to tie each cipher block to its logical position.
217
584fffc8
SS		 218config CRYPTO_PCBC
219 tristate "PCBC support"
220 select CRYPTO_BLKCIPHER
221 select CRYPTO_MANAGER
222 help
223 PCBC: Propagating Cipher Block Chaining mode
224 This block cipher algorithm is required for RxRPC.
225
f19f5111
RS		 226config CRYPTO_XTS
227 tristate "XTS support (EXPERIMENTAL)"
228 depends on EXPERIMENTAL
229 select CRYPTO_BLKCIPHER
230 select CRYPTO_MANAGER
231 select CRYPTO_GF128MUL
232 help
233 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
234 key size 256, 384 or 512 bits. This implementation currently
235 can't handle a sectorsize which is not a multiple of 16 bytes.
236
584fffc8
SS		 237comment "Hash modes"
238
239config CRYPTO_HMAC
240 tristate "HMAC support"
241 select CRYPTO_HASH
23e353c8 242 select CRYPTO_MANAGER
23e353c8 243 help
584fffc8
SS		 244 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
245 This is required for IPSec.
23e353c8 246
584fffc8
SS		 247config CRYPTO_XCBC
248 tristate "XCBC support"
249 depends on EXPERIMENTAL
250 select CRYPTO_HASH
251 select CRYPTO_MANAGER
76cb9521 252 help
584fffc8
SS		 253 XCBC: Keyed-Hashing with encryption algorithm
254 http://www.ietf.org/rfc/rfc3566.txt
255 http://csrc.nist.gov/encryption/modes/proposedmodes/
256 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 257
584fffc8 258comment "Digest"
28db8e3e 259
584fffc8
SS		 260config CRYPTO_CRC32C
261 tristate "CRC32c CRC algorithm"
5773a3e6 262 select CRYPTO_HASH
4a49b499 263 help
584fffc8
SS		 264 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
265 by iSCSI for header and data digests and by others.
69c35efc 266 See Castagnoli93. Module will be crc32c.
4a49b499 267
8cb51ba8
AZ		 268config CRYPTO_CRC32C_INTEL
269 tristate "CRC32c INTEL hardware acceleration"
270 depends on X86
271 select CRYPTO_HASH
272 help
273 In Intel processor with SSE4.2 supported, the processor will
274 support CRC32C implementation using hardware accelerated CRC32
275 instruction. This option will create 'crc32c-intel' module,
276 which will enable any routine to use the CRC32 instruction to
277 gain performance compared with software implementation.
278 Module will be crc32c-intel.
279
584fffc8
SS		 280config CRYPTO_MD4
281 tristate "MD4 digest algorithm"
808a1763 282 select CRYPTO_HASH
124b53d0 283 help
584fffc8 284 MD4 message digest algorithm (RFC1320).
124b53d0 285
584fffc8
SS		 286config CRYPTO_MD5
287 tristate "MD5 digest algorithm"
14b75ba7 288 select CRYPTO_HASH
1da177e4 289 help
584fffc8 290 MD5 message digest algorithm (RFC1321).
1da177e4 291
584fffc8
SS		 292config CRYPTO_MICHAEL_MIC
293 tristate "Michael MIC keyed digest algorithm"
19e2bf14 294 select CRYPTO_HASH
90831639 295 help
584fffc8
SS		 296 Michael MIC is used for message integrity protection in TKIP
297 (IEEE 802.11i). This algorithm is required for TKIP, but it
298 should not be used for other purposes because of the weakness
299 of the algorithm.
90831639 300
82798f90 301config CRYPTO_RMD128
b6d44341 302 tristate "RIPEMD-128 digest algorithm"
7c4468bc 303 select CRYPTO_HASH
b6d44341
AB		 304 help
305 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 306
b6d44341
AB		 307 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
308 to be used as a secure replacement for RIPEMD. For other use cases
309 RIPEMD-160 should be used.
82798f90 310
b6d44341
AB		 311 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
312 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 313
314config CRYPTO_RMD160
b6d44341 315 tristate "RIPEMD-160 digest algorithm"
e5835fba 316 select CRYPTO_HASH
b6d44341
AB		 317 help
318 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 319
b6d44341
AB		 320 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
321 to be used as a secure replacement for the 128-bit hash functions
322 MD4, MD5 and it's predecessor RIPEMD
323 (not to be confused with RIPEMD-128).
82798f90 324
b6d44341
AB		 325 It's speed is comparable to SHA1 and there are no known attacks
326 against RIPEMD-160.
534fe2c1 327
b6d44341
AB		 328 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
329 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 330
331config CRYPTO_RMD256
b6d44341 332 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 333 select CRYPTO_HASH
b6d44341
AB		 334 help
335 RIPEMD-256 is an optional extension of RIPEMD-128 with a
336 256 bit hash. It is intended for applications that require
337 longer hash-results, without needing a larger security level
338 (than RIPEMD-128).
534fe2c1 339
b6d44341
AB		 340 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
341 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 342
343config CRYPTO_RMD320
b6d44341 344 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 345 select CRYPTO_HASH
b6d44341
AB		 346 help
347 RIPEMD-320 is an optional extension of RIPEMD-160 with a
348 320 bit hash. It is intended for applications that require
349 longer hash-results, without needing a larger security level
350 (than RIPEMD-160).
534fe2c1 351
b6d44341
AB		 352 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
353 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 354
584fffc8
SS		 355config CRYPTO_SHA1
356 tristate "SHA1 digest algorithm"
54ccb367 357 select CRYPTO_HASH
1da177e4 358 help
584fffc8 359 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 360
584fffc8
SS		 361config CRYPTO_SHA256
362 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 363 select CRYPTO_HASH
1da177e4 364 help
584fffc8 365 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 366
584fffc8
SS		 367 This version of SHA implements a 256 bit hash with 128 bits of
368 security against collision attacks.
2729bb42 369
b6d44341
AB		 370 This code also includes SHA-224, a 224 bit hash with 112 bits
371 of security against collision attacks.
584fffc8
SS		 372
373config CRYPTO_SHA512
374 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 375 select CRYPTO_HASH
b9f535ff 376 help
584fffc8 377 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 378
584fffc8
SS		 379 This version of SHA implements a 512 bit hash with 256 bits of
380 security against collision attacks.
b9f535ff 381
584fffc8
SS		 382 This code also includes SHA-384, a 384 bit hash with 192 bits
383 of security against collision attacks.
b9f535ff 384
584fffc8
SS		 385config CRYPTO_TGR192
386 tristate "Tiger digest algorithms"
f63fbd3d 387 select CRYPTO_HASH
eaf44088 388 help
584fffc8 389 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 390
584fffc8
SS		 391 Tiger is a hash function optimized for 64-bit processors while
392 still having decent performance on 32-bit processors.
393 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 394
395 See also:
584fffc8 396 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 397
584fffc8
SS		 398config CRYPTO_WP512
399 tristate "Whirlpool digest algorithms"
4946510b 400 select CRYPTO_HASH
1da177e4 401 help
584fffc8 402 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 403
584fffc8
SS		 404 Whirlpool-512 is part of the NESSIE cryptographic primitives.
405 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 406
407 See also:
584fffc8
SS		 408 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
409
410comment "Ciphers"
1da177e4
LT		 411
412config CRYPTO_AES
413 tristate "AES cipher algorithms"
cce9e06d 414 select CRYPTO_ALGAPI
1da177e4 415 help
584fffc8 416 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 417 algorithm.
418
419 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 420 both hardware and software across a wide range of computing
421 environments regardless of its use in feedback or non-feedback
422 modes. Its key setup time is excellent, and its key agility is
423 good. Rijndael's very low memory requirements make it very well
424 suited for restricted-space environments, in which it also
425 demonstrates excellent performance. Rijndael's operations are
426 among the easiest to defend against power and timing attacks.
1da177e4 427
584fffc8 428 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 429
430 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
431
432config CRYPTO_AES_586
433 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 434 depends on (X86 || UML_X86) && !64BIT
435 select CRYPTO_ALGAPI
5157dea8 436 select CRYPTO_AES
1da177e4 437 help
584fffc8 438 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 439 algorithm.
440
441 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 442 both hardware and software across a wide range of computing
443 environments regardless of its use in feedback or non-feedback
444 modes. Its key setup time is excellent, and its key agility is
445 good. Rijndael's very low memory requirements make it very well
446 suited for restricted-space environments, in which it also
447 demonstrates excellent performance. Rijndael's operations are
448 among the easiest to defend against power and timing attacks.
1da177e4 449
584fffc8 450 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 451
452 See <http://csrc.nist.gov/encryption/aes/> for more information.
453
454config CRYPTO_AES_X86_64
455 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 456 depends on (X86 || UML_X86) && 64BIT
457 select CRYPTO_ALGAPI
81190b32 458 select CRYPTO_AES
a2a892a2 459 help
584fffc8 460 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 461 algorithm.
462
463 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 464 both hardware and software across a wide range of computing
465 environments regardless of its use in feedback or non-feedback
466 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 467 good. Rijndael's very low memory requirements make it very well
468 suited for restricted-space environments, in which it also
469 demonstrates excellent performance. Rijndael's operations are
470 among the easiest to defend against power and timing attacks.
471
472 The AES specifies three key sizes: 128, 192 and 256 bits
473
474 See <http://csrc.nist.gov/encryption/aes/> for more information.
475
476config CRYPTO_AES_NI_INTEL
477 tristate "AES cipher algorithms (AES-NI)"
478 depends on (X86 || UML_X86) && 64BIT
479 select CRYPTO_AES_X86_64
480 select CRYPTO_CRYPTD
481 select CRYPTO_ALGAPI
482 help
483 Use Intel AES-NI instructions for AES algorithm.
484
485 AES cipher algorithms (FIPS-197). AES uses the Rijndael
486 algorithm.
487
488 Rijndael appears to be consistently a very good performer in
489 both hardware and software across a wide range of computing
490 environments regardless of its use in feedback or non-feedback
491 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 492 good. Rijndael's very low memory requirements make it very well
493 suited for restricted-space environments, in which it also
494 demonstrates excellent performance. Rijndael's operations are
495 among the easiest to defend against power and timing attacks.
a2a892a2 496
584fffc8 497 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 498
499 See <http://csrc.nist.gov/encryption/aes/> for more information.
500
584fffc8
SS		 501config CRYPTO_ANUBIS
502 tristate "Anubis cipher algorithm"
503 select CRYPTO_ALGAPI
504 help
505 Anubis cipher algorithm.
506
507 Anubis is a variable key length cipher which can use keys from
508 128 bits to 320 bits in length. It was evaluated as a entrant
509 in the NESSIE competition.
510
511 See also:
512 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
513 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
514
515config CRYPTO_ARC4
516 tristate "ARC4 cipher algorithm"
517 select CRYPTO_ALGAPI
518 help
519 ARC4 cipher algorithm.
520
521 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
522 bits in length. This algorithm is required for driver-based
523 WEP, but it should not be for other purposes because of the
524 weakness of the algorithm.
525
526config CRYPTO_BLOWFISH
527 tristate "Blowfish cipher algorithm"
528 select CRYPTO_ALGAPI
529 help
530 Blowfish cipher algorithm, by Bruce Schneier.
531
532 This is a variable key length cipher which can use keys from 32
533 bits to 448 bits in length. It's fast, simple and specifically
534 designed for use on "large microprocessors".
535
536 See also:
537 <http://www.schneier.com/blowfish.html>
538
539config CRYPTO_CAMELLIA
540 tristate "Camellia cipher algorithms"
541 depends on CRYPTO
542 select CRYPTO_ALGAPI
543 help
544 Camellia cipher algorithms module.
545
546 Camellia is a symmetric key block cipher developed jointly
547 at NTT and Mitsubishi Electric Corporation.
548
549 The Camellia specifies three key sizes: 128, 192 and 256 bits.
550
551 See also:
552 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
553
1da177e4
LT		 554config CRYPTO_CAST5
555 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 556 select CRYPTO_ALGAPI
1da177e4
LT		 557 help
558 The CAST5 encryption algorithm (synonymous with CAST-128) is
559 described in RFC2144.
560
561config CRYPTO_CAST6
562 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 563 select CRYPTO_ALGAPI
1da177e4
LT		 564 help
565 The CAST6 encryption algorithm (synonymous with CAST-256) is
566 described in RFC2612.
567
584fffc8
SS		 568config CRYPTO_DES
569 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 570 select CRYPTO_ALGAPI
1da177e4 571 help
584fffc8 572 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 573
584fffc8
SS		 574config CRYPTO_FCRYPT
575 tristate "FCrypt cipher algorithm"
cce9e06d 576 select CRYPTO_ALGAPI
584fffc8 577 select CRYPTO_BLKCIPHER
1da177e4 578 help
584fffc8 579 FCrypt algorithm used by RxRPC.
1da177e4
LT		 580
581config CRYPTO_KHAZAD
582 tristate "Khazad cipher algorithm"
cce9e06d 583 select CRYPTO_ALGAPI
1da177e4
LT		 584 help
585 Khazad cipher algorithm.
586
587 Khazad was a finalist in the initial NESSIE competition. It is
588 an algorithm optimized for 64-bit processors with good performance
589 on 32-bit processors. Khazad uses an 128 bit key size.
590
591 See also:
592 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
593
2407d608
TSH		 594config CRYPTO_SALSA20
595 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
596 depends on EXPERIMENTAL
597 select CRYPTO_BLKCIPHER
598 help
599 Salsa20 stream cipher algorithm.
600
601 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
602 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 603
604 The Salsa20 stream cipher algorithm is designed by Daniel J.
605 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
606
607config CRYPTO_SALSA20_586
608 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
609 depends on (X86 || UML_X86) && !64BIT
610 depends on EXPERIMENTAL
611 select CRYPTO_BLKCIPHER
974e4b75
TSH		 612 help
613 Salsa20 stream cipher algorithm.
614
615 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
616 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 617
618 The Salsa20 stream cipher algorithm is designed by Daniel J.
619 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
620
621config CRYPTO_SALSA20_X86_64
622 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
623 depends on (X86 || UML_X86) && 64BIT
624 depends on EXPERIMENTAL
625 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 626 help
627 Salsa20 stream cipher algorithm.
628
629 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
630 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 631
632 The Salsa20 stream cipher algorithm is designed by Daniel J.
633 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 634
584fffc8
SS		 635config CRYPTO_SEED
636 tristate "SEED cipher algorithm"
cce9e06d 637 select CRYPTO_ALGAPI
1da177e4 638 help
584fffc8 639 SEED cipher algorithm (RFC4269).
1da177e4 640
584fffc8
SS		 641 SEED is a 128-bit symmetric key block cipher that has been
642 developed by KISA (Korea Information Security Agency) as a
643 national standard encryption algorithm of the Republic of Korea.
644 It is a 16 round block cipher with the key size of 128 bit.
645
646 See also:
647 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
648
649config CRYPTO_SERPENT
650 tristate "Serpent cipher algorithm"
cce9e06d 651 select CRYPTO_ALGAPI
1da177e4 652 help
584fffc8 653 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 654
584fffc8
SS		 655 Keys are allowed to be from 0 to 256 bits in length, in steps
656 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
657 variant of Serpent for compatibility with old kerneli.org code.
658
659 See also:
660 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
661
662config CRYPTO_TEA
663 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 664 select CRYPTO_ALGAPI
1da177e4 665 help
584fffc8 666 TEA cipher algorithm.
1da177e4 667
584fffc8
SS		 668 Tiny Encryption Algorithm is a simple cipher that uses
669 many rounds for security. It is very fast and uses
670 little memory.
671
672 Xtendend Tiny Encryption Algorithm is a modification to
673 the TEA algorithm to address a potential key weakness
674 in the TEA algorithm.
675
676 Xtendend Encryption Tiny Algorithm is a mis-implementation
677 of the XTEA algorithm for compatibility purposes.
678
679config CRYPTO_TWOFISH
680 tristate "Twofish cipher algorithm"
04ac7db3 681 select CRYPTO_ALGAPI
584fffc8 682 select CRYPTO_TWOFISH_COMMON
04ac7db3 683 help
584fffc8 684 Twofish cipher algorithm.
04ac7db3 685
584fffc8
SS		 686 Twofish was submitted as an AES (Advanced Encryption Standard)
687 candidate cipher by researchers at CounterPane Systems. It is a
688 16 round block cipher supporting key sizes of 128, 192, and 256
689 bits.
04ac7db3 690
584fffc8
SS		 691 See also:
692 <http://www.schneier.com/twofish.html>
693
694config CRYPTO_TWOFISH_COMMON
695 tristate
696 help
697 Common parts of the Twofish cipher algorithm shared by the
698 generic c and the assembler implementations.
699
700config CRYPTO_TWOFISH_586
701 tristate "Twofish cipher algorithms (i586)"
702 depends on (X86 || UML_X86) && !64BIT
703 select CRYPTO_ALGAPI
704 select CRYPTO_TWOFISH_COMMON
705 help
706 Twofish cipher algorithm.
707
708 Twofish was submitted as an AES (Advanced Encryption Standard)
709 candidate cipher by researchers at CounterPane Systems. It is a
710 16 round block cipher supporting key sizes of 128, 192, and 256
711 bits.
04ac7db3
NT		 712
713 See also:
584fffc8 714 <http://www.schneier.com/twofish.html>
04ac7db3 715
584fffc8
SS		 716config CRYPTO_TWOFISH_X86_64
717 tristate "Twofish cipher algorithm (x86_64)"
718 depends on (X86 || UML_X86) && 64BIT
cce9e06d 719 select CRYPTO_ALGAPI
584fffc8 720 select CRYPTO_TWOFISH_COMMON
1da177e4 721 help
584fffc8 722 Twofish cipher algorithm (x86_64).
1da177e4 723
584fffc8
SS		 724 Twofish was submitted as an AES (Advanced Encryption Standard)
725 candidate cipher by researchers at CounterPane Systems. It is a
726 16 round block cipher supporting key sizes of 128, 192, and 256
727 bits.
728
729 See also:
730 <http://www.schneier.com/twofish.html>
731
732comment "Compression"
733
734config CRYPTO_DEFLATE
735 tristate "Deflate compression algorithm"
736 select CRYPTO_ALGAPI
737 select ZLIB_INFLATE
738 select ZLIB_DEFLATE
3c09f17c 739 help
584fffc8
SS		 740 This is the Deflate algorithm (RFC1951), specified for use in
741 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
742
743 You will most probably want this if using IPSec.
3c09f17c 744
0b77abb3
ZS		 745config CRYPTO_LZO
746 tristate "LZO compression algorithm"
747 select CRYPTO_ALGAPI
748 select LZO_COMPRESS
749 select LZO_DECOMPRESS
750 help
751 This is the LZO algorithm.
752
17f0f4a4
NH		 753comment "Random Number Generation"
754
755config CRYPTO_ANSI_CPRNG
756 tristate "Pseudo Random Number Generation for Cryptographic modules"
757 select CRYPTO_AES
758 select CRYPTO_RNG
759 select CRYPTO_FIPS
760 help
761 This option enables the generic pseudo random number generator
762 for cryptographic modules. Uses the Algorithm specified in
763 ANSI X9.31 A.2.4
764
1da177e4 765source "drivers/crypto/Kconfig"
1da177e4 766
cce9e06d 767endif # if CRYPTO
Clone of davem's net-next-2.6 tree