]> bbs.cooldavid.org Git - net-next-2.6.git/blame - crypto/Kconfig
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: pcomp - Fix illegal Kconfig configuration
[net-next-2.6.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
4e4ed83b 26 depends on CRYPTO_ANSI_CPRNG
ccb778e1
NH		 27 help
28 This options enables the fips boot option which is
29 required if you want to system to operate in a FIPS 200
30 certification. You should say no unless you know what
f77f13e2 31 this is. Note that CRYPTO_ANSI_CPRNG is required if this
4e4ed83b 32 option is selected
ccb778e1 33
cce9e06d
HX		 34config CRYPTO_ALGAPI
35 tristate
6a0fcbb4 36 select CRYPTO_ALGAPI2
cce9e06d
HX		 37 help
38 This option provides the API for cryptographic algorithms.
39
6a0fcbb4
HX		 40config CRYPTO_ALGAPI2
41 tristate
42
1ae97820
HX		 43config CRYPTO_AEAD
44 tristate
6a0fcbb4 45 select CRYPTO_AEAD2
1ae97820
HX		 46 select CRYPTO_ALGAPI
47
6a0fcbb4
HX		 48config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
51
5cde0af2
HX		 52config CRYPTO_BLKCIPHER
53 tristate
6a0fcbb4 54 select CRYPTO_BLKCIPHER2
5cde0af2 55 select CRYPTO_ALGAPI
6a0fcbb4
HX		 56
57config CRYPTO_BLKCIPHER2
58 tristate
59 select CRYPTO_ALGAPI2
60 select CRYPTO_RNG2
0a2e821d 61 select CRYPTO_WORKQUEUE
5cde0af2 62
055bcee3
HX		 63config CRYPTO_HASH
64 tristate
6a0fcbb4 65 select CRYPTO_HASH2
055bcee3
HX		 66 select CRYPTO_ALGAPI
67
6a0fcbb4
HX		 68config CRYPTO_HASH2
69 tristate
70 select CRYPTO_ALGAPI2
71
17f0f4a4
NH		 72config CRYPTO_RNG
73 tristate
6a0fcbb4 74 select CRYPTO_RNG2
17f0f4a4
NH		 75 select CRYPTO_ALGAPI
76
6a0fcbb4
HX		 77config CRYPTO_RNG2
78 tristate
79 select CRYPTO_ALGAPI2
80
a1d2f095 81config CRYPTO_PCOMP
bc94e596
HX		 82 tristate
83 select CRYPTO_PCOMP2
84 select CRYPTO_ALGAPI
85
86config CRYPTO_PCOMP2
a1d2f095
GU		 87 tristate
88 select CRYPTO_ALGAPI2
89
2b8c19db
HX		 90config CRYPTO_MANAGER
91 tristate "Cryptographic algorithm manager"
6a0fcbb4 92 select CRYPTO_MANAGER2
2b8c19db
HX		 93 help
94 Create default cryptographic template instantiations such as
95 cbc(aes).
96
6a0fcbb4
HX		 97config CRYPTO_MANAGER2
98 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
99 select CRYPTO_AEAD2
100 select CRYPTO_HASH2
101 select CRYPTO_BLKCIPHER2
bc94e596 102 select CRYPTO_PCOMP2
6a0fcbb4 103
584fffc8
SS		 104config CRYPTO_GF128MUL
105 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
333b0d7e 106 depends on EXPERIMENTAL
333b0d7e 107 help
584fffc8
SS		 108 Efficient table driven implementation of multiplications in the
109 field GF(2^128). This is needed by some cypher modes. This
110 option will be selected automatically if you select such a
111 cipher mode. Only select this option by hand if you expect to load
112 an external module that requires these functions.
333b0d7e 113
1da177e4
LT		 114config CRYPTO_NULL
115 tristate "Null algorithms"
cce9e06d 116 select CRYPTO_ALGAPI
c8620c25 117 select CRYPTO_BLKCIPHER
d35d2454 118 select CRYPTO_HASH
1da177e4
LT		 119 help
120 These are 'Null' algorithms, used by IPsec, which do nothing.
121
5068c7a8
SK		 122config CRYPTO_PCRYPT
123 tristate "Parallel crypto engine (EXPERIMENTAL)"
124 depends on SMP && EXPERIMENTAL
125 select PADATA
126 select CRYPTO_MANAGER
127 select CRYPTO_AEAD
128 help
129 This converts an arbitrary crypto algorithm into a parallel
130 algorithm that executes in kernel threads.
131
25c38d3f
HY		 132config CRYPTO_WORKQUEUE
133 tristate
134
584fffc8
SS		 135config CRYPTO_CRYPTD
136 tristate "Software async crypto daemon"
137 select CRYPTO_BLKCIPHER
b8a28251 138 select CRYPTO_HASH
584fffc8 139 select CRYPTO_MANAGER
254eff77 140 select CRYPTO_WORKQUEUE
1da177e4 141 help
584fffc8
SS		 142 This is a generic software asynchronous crypto daemon that
143 converts an arbitrary synchronous software crypto algorithm
144 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 145
584fffc8
SS		 146config CRYPTO_AUTHENC
147 tristate "Authenc support"
148 select CRYPTO_AEAD
149 select CRYPTO_BLKCIPHER
150 select CRYPTO_MANAGER
151 select CRYPTO_HASH
1da177e4 152 help
584fffc8
SS		 153 Authenc: Combined mode wrapper for IPsec.
154 This is required for IPSec.
1da177e4 155
584fffc8
SS		 156config CRYPTO_TEST
157 tristate "Testing module"
158 depends on m
da7f033d 159 select CRYPTO_MANAGER
1da177e4 160 help
584fffc8 161 Quick & dirty crypto test module.
1da177e4 162
584fffc8 163comment "Authenticated Encryption with Associated Data"
cd12fb90 164
584fffc8
SS		 165config CRYPTO_CCM
166 tristate "CCM support"
167 select CRYPTO_CTR
168 select CRYPTO_AEAD
1da177e4 169 help
584fffc8 170 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 171
584fffc8
SS		 172config CRYPTO_GCM
173 tristate "GCM/GMAC support"
174 select CRYPTO_CTR
175 select CRYPTO_AEAD
9382d97a 176 select CRYPTO_GHASH
1da177e4 177 help
584fffc8
SS		 178 Support for Galois/Counter Mode (GCM) and Galois Message
179 Authentication Code (GMAC). Required for IPSec.
1da177e4 180
584fffc8
SS		 181config CRYPTO_SEQIV
182 tristate "Sequence Number IV Generator"
183 select CRYPTO_AEAD
184 select CRYPTO_BLKCIPHER
a0f000ec 185 select CRYPTO_RNG
1da177e4 186 help
584fffc8
SS		 187 This IV generator generates an IV based on a sequence number by
188 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 189
584fffc8 190comment "Block modes"
c494e070 191
584fffc8
SS		 192config CRYPTO_CBC
193 tristate "CBC support"
db131ef9 194 select CRYPTO_BLKCIPHER
43518407 195 select CRYPTO_MANAGER
db131ef9 196 help
584fffc8
SS		 197 CBC: Cipher Block Chaining mode
198 This block cipher algorithm is required for IPSec.
db131ef9 199
584fffc8
SS		 200config CRYPTO_CTR
201 tristate "CTR support"
db131ef9 202 select CRYPTO_BLKCIPHER
584fffc8 203 select CRYPTO_SEQIV
43518407 204 select CRYPTO_MANAGER
db131ef9 205 help
584fffc8 206 CTR: Counter mode
db131ef9
HX		 207 This block cipher algorithm is required for IPSec.
208
584fffc8
SS		 209config CRYPTO_CTS
210 tristate "CTS support"
211 select CRYPTO_BLKCIPHER
212 help
213 CTS: Cipher Text Stealing
214 This is the Cipher Text Stealing mode as described by
215 Section 8 of rfc2040 and referenced by rfc3962.
216 (rfc3962 includes errata information in its Appendix A)
217 This mode is required for Kerberos gss mechanism support
218 for AES encryption.
219
220config CRYPTO_ECB
221 tristate "ECB support"
91652be5
DH		 222 select CRYPTO_BLKCIPHER
223 select CRYPTO_MANAGER
91652be5 224 help
584fffc8
SS		 225 ECB: Electronic CodeBook mode
226 This is the simplest block cipher algorithm. It simply encrypts
227 the input block by block.
91652be5 228
64470f1b
RS		 229config CRYPTO_LRW
230 tristate "LRW support (EXPERIMENTAL)"
231 depends on EXPERIMENTAL
232 select CRYPTO_BLKCIPHER
233 select CRYPTO_MANAGER
234 select CRYPTO_GF128MUL
235 help
236 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
237 narrow block cipher mode for dm-crypt. Use it with cipher
238 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
239 The first 128, 192 or 256 bits in the key are used for AES and the
240 rest is used to tie each cipher block to its logical position.
241
584fffc8
SS		 242config CRYPTO_PCBC
243 tristate "PCBC support"
244 select CRYPTO_BLKCIPHER
245 select CRYPTO_MANAGER
246 help
247 PCBC: Propagating Cipher Block Chaining mode
248 This block cipher algorithm is required for RxRPC.
249
f19f5111
RS		 250config CRYPTO_XTS
251 tristate "XTS support (EXPERIMENTAL)"
252 depends on EXPERIMENTAL
253 select CRYPTO_BLKCIPHER
254 select CRYPTO_MANAGER
255 select CRYPTO_GF128MUL
256 help
257 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
258 key size 256, 384 or 512 bits. This implementation currently
259 can't handle a sectorsize which is not a multiple of 16 bytes.
260
150c7e85
HY		 261config CRYPTO_FPU
262 tristate
263 select CRYPTO_BLKCIPHER
264 select CRYPTO_MANAGER
265
584fffc8
SS		 266comment "Hash modes"
267
268config CRYPTO_HMAC
269 tristate "HMAC support"
270 select CRYPTO_HASH
23e353c8 271 select CRYPTO_MANAGER
23e353c8 272 help
584fffc8
SS		 273 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
274 This is required for IPSec.
23e353c8 275
584fffc8
SS		 276config CRYPTO_XCBC
277 tristate "XCBC support"
278 depends on EXPERIMENTAL
279 select CRYPTO_HASH
280 select CRYPTO_MANAGER
76cb9521 281 help
584fffc8
SS		 282 XCBC: Keyed-Hashing with encryption algorithm
283 http://www.ietf.org/rfc/rfc3566.txt
284 http://csrc.nist.gov/encryption/modes/proposedmodes/
285 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 286
f1939f7c
SW		 287config CRYPTO_VMAC
288 tristate "VMAC support"
289 depends on EXPERIMENTAL
290 select CRYPTO_HASH
291 select CRYPTO_MANAGER
292 help
293 VMAC is a message authentication algorithm designed for
294 very high speed on 64-bit architectures.
295
296 See also:
297 <http://fastcrypto.org/vmac>
298
584fffc8 299comment "Digest"
28db8e3e 300
584fffc8
SS		 301config CRYPTO_CRC32C
302 tristate "CRC32c CRC algorithm"
5773a3e6 303 select CRYPTO_HASH
4a49b499 304 help
584fffc8
SS		 305 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
306 by iSCSI for header and data digests and by others.
69c35efc 307 See Castagnoli93. Module will be crc32c.
4a49b499 308
8cb51ba8
AZ		 309config CRYPTO_CRC32C_INTEL
310 tristate "CRC32c INTEL hardware acceleration"
311 depends on X86
312 select CRYPTO_HASH
313 help
314 In Intel processor with SSE4.2 supported, the processor will
315 support CRC32C implementation using hardware accelerated CRC32
316 instruction. This option will create 'crc32c-intel' module,
317 which will enable any routine to use the CRC32 instruction to
318 gain performance compared with software implementation.
319 Module will be crc32c-intel.
320
2cdc6899
HY		 321config CRYPTO_GHASH
322 tristate "GHASH digest algorithm"
323 select CRYPTO_SHASH
324 select CRYPTO_GF128MUL
325 help
326 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
327
584fffc8
SS		 328config CRYPTO_MD4
329 tristate "MD4 digest algorithm"
808a1763 330 select CRYPTO_HASH
124b53d0 331 help
584fffc8 332 MD4 message digest algorithm (RFC1320).
124b53d0 333
584fffc8
SS		 334config CRYPTO_MD5
335 tristate "MD5 digest algorithm"
14b75ba7 336 select CRYPTO_HASH
1da177e4 337 help
584fffc8 338 MD5 message digest algorithm (RFC1321).
1da177e4 339
584fffc8
SS		 340config CRYPTO_MICHAEL_MIC
341 tristate "Michael MIC keyed digest algorithm"
19e2bf14 342 select CRYPTO_HASH
90831639 343 help
584fffc8
SS		 344 Michael MIC is used for message integrity protection in TKIP
345 (IEEE 802.11i). This algorithm is required for TKIP, but it
346 should not be used for other purposes because of the weakness
347 of the algorithm.
90831639 348
82798f90 349config CRYPTO_RMD128
b6d44341 350 tristate "RIPEMD-128 digest algorithm"
7c4468bc 351 select CRYPTO_HASH
b6d44341
AB		 352 help
353 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 354
b6d44341
AB		 355 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
356 to be used as a secure replacement for RIPEMD. For other use cases
357 RIPEMD-160 should be used.
82798f90 358
b6d44341
AB		 359 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
360 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 361
362config CRYPTO_RMD160
b6d44341 363 tristate "RIPEMD-160 digest algorithm"
e5835fba 364 select CRYPTO_HASH
b6d44341
AB		 365 help
366 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 367
b6d44341
AB		 368 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
369 to be used as a secure replacement for the 128-bit hash functions
370 MD4, MD5 and it's predecessor RIPEMD
371 (not to be confused with RIPEMD-128).
82798f90 372
b6d44341
AB		 373 It's speed is comparable to SHA1 and there are no known attacks
374 against RIPEMD-160.
534fe2c1 375
b6d44341
AB		 376 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
377 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 378
379config CRYPTO_RMD256
b6d44341 380 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 381 select CRYPTO_HASH
b6d44341
AB		 382 help
383 RIPEMD-256 is an optional extension of RIPEMD-128 with a
384 256 bit hash. It is intended for applications that require
385 longer hash-results, without needing a larger security level
386 (than RIPEMD-128).
534fe2c1 387
b6d44341
AB		 388 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
389 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 390
391config CRYPTO_RMD320
b6d44341 392 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 393 select CRYPTO_HASH
b6d44341
AB		 394 help
395 RIPEMD-320 is an optional extension of RIPEMD-160 with a
396 320 bit hash. It is intended for applications that require
397 longer hash-results, without needing a larger security level
398 (than RIPEMD-160).
534fe2c1 399
b6d44341
AB		 400 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
401 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 402
584fffc8
SS		 403config CRYPTO_SHA1
404 tristate "SHA1 digest algorithm"
54ccb367 405 select CRYPTO_HASH
1da177e4 406 help
584fffc8 407 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 408
584fffc8
SS		 409config CRYPTO_SHA256
410 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 411 select CRYPTO_HASH
1da177e4 412 help
584fffc8 413 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 414
584fffc8
SS		 415 This version of SHA implements a 256 bit hash with 128 bits of
416 security against collision attacks.
2729bb42 417
b6d44341
AB		 418 This code also includes SHA-224, a 224 bit hash with 112 bits
419 of security against collision attacks.
584fffc8
SS		 420
421config CRYPTO_SHA512
422 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 423 select CRYPTO_HASH
b9f535ff 424 help
584fffc8 425 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 426
584fffc8
SS		 427 This version of SHA implements a 512 bit hash with 256 bits of
428 security against collision attacks.
b9f535ff 429
584fffc8
SS		 430 This code also includes SHA-384, a 384 bit hash with 192 bits
431 of security against collision attacks.
b9f535ff 432
584fffc8
SS		 433config CRYPTO_TGR192
434 tristate "Tiger digest algorithms"
f63fbd3d 435 select CRYPTO_HASH
eaf44088 436 help
584fffc8 437 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 438
584fffc8
SS		 439 Tiger is a hash function optimized for 64-bit processors while
440 still having decent performance on 32-bit processors.
441 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 442
443 See also:
584fffc8 444 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 445
584fffc8
SS		 446config CRYPTO_WP512
447 tristate "Whirlpool digest algorithms"
4946510b 448 select CRYPTO_HASH
1da177e4 449 help
584fffc8 450 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 451
584fffc8
SS		 452 Whirlpool-512 is part of the NESSIE cryptographic primitives.
453 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 454
455 See also:
584fffc8
SS		 456 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
457
0e1227d3
HY		 458config CRYPTO_GHASH_CLMUL_NI_INTEL
459 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
3e02e5cb 460 depends on (X86 || UML_X86) && 64BIT
0e1227d3
HY		 461 select CRYPTO_SHASH
462 select CRYPTO_CRYPTD
463 help
464 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
465 The implementation is accelerated by CLMUL-NI of Intel.
466
584fffc8 467comment "Ciphers"
1da177e4
LT		 468
469config CRYPTO_AES
470 tristate "AES cipher algorithms"
cce9e06d 471 select CRYPTO_ALGAPI
1da177e4 472 help
584fffc8 473 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 474 algorithm.
475
476 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 477 both hardware and software across a wide range of computing
478 environments regardless of its use in feedback or non-feedback
479 modes. Its key setup time is excellent, and its key agility is
480 good. Rijndael's very low memory requirements make it very well
481 suited for restricted-space environments, in which it also
482 demonstrates excellent performance. Rijndael's operations are
483 among the easiest to defend against power and timing attacks.
1da177e4 484
584fffc8 485 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 486
487 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
488
489config CRYPTO_AES_586
490 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 491 depends on (X86 || UML_X86) && !64BIT
492 select CRYPTO_ALGAPI
5157dea8 493 select CRYPTO_AES
1da177e4 494 help
584fffc8 495 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 496 algorithm.
497
498 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 499 both hardware and software across a wide range of computing
500 environments regardless of its use in feedback or non-feedback
501 modes. Its key setup time is excellent, and its key agility is
502 good. Rijndael's very low memory requirements make it very well
503 suited for restricted-space environments, in which it also
504 demonstrates excellent performance. Rijndael's operations are
505 among the easiest to defend against power and timing attacks.
1da177e4 506
584fffc8 507 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 508
509 See <http://csrc.nist.gov/encryption/aes/> for more information.
510
511config CRYPTO_AES_X86_64
512 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 513 depends on (X86 || UML_X86) && 64BIT
514 select CRYPTO_ALGAPI
81190b32 515 select CRYPTO_AES
a2a892a2 516 help
584fffc8 517 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 518 algorithm.
519
520 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 521 both hardware and software across a wide range of computing
522 environments regardless of its use in feedback or non-feedback
523 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 524 good. Rijndael's very low memory requirements make it very well
525 suited for restricted-space environments, in which it also
526 demonstrates excellent performance. Rijndael's operations are
527 among the easiest to defend against power and timing attacks.
528
529 The AES specifies three key sizes: 128, 192 and 256 bits
530
531 See <http://csrc.nist.gov/encryption/aes/> for more information.
532
533config CRYPTO_AES_NI_INTEL
534 tristate "AES cipher algorithms (AES-NI)"
535 depends on (X86 || UML_X86) && 64BIT
536 select CRYPTO_AES_X86_64
537 select CRYPTO_CRYPTD
538 select CRYPTO_ALGAPI
2cf4ac8b 539 select CRYPTO_FPU
54b6a1bd
HY		 540 help
541 Use Intel AES-NI instructions for AES algorithm.
542
543 AES cipher algorithms (FIPS-197). AES uses the Rijndael
544 algorithm.
545
546 Rijndael appears to be consistently a very good performer in
547 both hardware and software across a wide range of computing
548 environments regardless of its use in feedback or non-feedback
549 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 550 good. Rijndael's very low memory requirements make it very well
551 suited for restricted-space environments, in which it also
552 demonstrates excellent performance. Rijndael's operations are
553 among the easiest to defend against power and timing attacks.
a2a892a2 554
584fffc8 555 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 556
557 See <http://csrc.nist.gov/encryption/aes/> for more information.
558
2cf4ac8b
HY		 559 In addition to AES cipher algorithm support, the
560 acceleration for some popular block cipher mode is supported
561 too, including ECB, CBC, CTR, LRW, PCBC, XTS.
562
584fffc8
SS		 563config CRYPTO_ANUBIS
564 tristate "Anubis cipher algorithm"
565 select CRYPTO_ALGAPI
566 help
567 Anubis cipher algorithm.
568
569 Anubis is a variable key length cipher which can use keys from
570 128 bits to 320 bits in length. It was evaluated as a entrant
571 in the NESSIE competition.
572
573 See also:
574 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
575 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
576
577config CRYPTO_ARC4
578 tristate "ARC4 cipher algorithm"
579 select CRYPTO_ALGAPI
580 help
581 ARC4 cipher algorithm.
582
583 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
584 bits in length. This algorithm is required for driver-based
585 WEP, but it should not be for other purposes because of the
586 weakness of the algorithm.
587
588config CRYPTO_BLOWFISH
589 tristate "Blowfish cipher algorithm"
590 select CRYPTO_ALGAPI
591 help
592 Blowfish cipher algorithm, by Bruce Schneier.
593
594 This is a variable key length cipher which can use keys from 32
595 bits to 448 bits in length. It's fast, simple and specifically
596 designed for use on "large microprocessors".
597
598 See also:
599 <http://www.schneier.com/blowfish.html>
600
601config CRYPTO_CAMELLIA
602 tristate "Camellia cipher algorithms"
603 depends on CRYPTO
604 select CRYPTO_ALGAPI
605 help
606 Camellia cipher algorithms module.
607
608 Camellia is a symmetric key block cipher developed jointly
609 at NTT and Mitsubishi Electric Corporation.
610
611 The Camellia specifies three key sizes: 128, 192 and 256 bits.
612
613 See also:
614 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
615
1da177e4
LT		 616config CRYPTO_CAST5
617 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 618 select CRYPTO_ALGAPI
1da177e4
LT		 619 help
620 The CAST5 encryption algorithm (synonymous with CAST-128) is
621 described in RFC2144.
622
623config CRYPTO_CAST6
624 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 625 select CRYPTO_ALGAPI
1da177e4
LT		 626 help
627 The CAST6 encryption algorithm (synonymous with CAST-256) is
628 described in RFC2612.
629
584fffc8
SS		 630config CRYPTO_DES
631 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 632 select CRYPTO_ALGAPI
1da177e4 633 help
584fffc8 634 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 635
584fffc8
SS		 636config CRYPTO_FCRYPT
637 tristate "FCrypt cipher algorithm"
cce9e06d 638 select CRYPTO_ALGAPI
584fffc8 639 select CRYPTO_BLKCIPHER
1da177e4 640 help
584fffc8 641 FCrypt algorithm used by RxRPC.
1da177e4
LT		 642
643config CRYPTO_KHAZAD
644 tristate "Khazad cipher algorithm"
cce9e06d 645 select CRYPTO_ALGAPI
1da177e4
LT		 646 help
647 Khazad cipher algorithm.
648
649 Khazad was a finalist in the initial NESSIE competition. It is
650 an algorithm optimized for 64-bit processors with good performance
651 on 32-bit processors. Khazad uses an 128 bit key size.
652
653 See also:
654 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
655
2407d608
TSH		 656config CRYPTO_SALSA20
657 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
658 depends on EXPERIMENTAL
659 select CRYPTO_BLKCIPHER
660 help
661 Salsa20 stream cipher algorithm.
662
663 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
664 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 665
666 The Salsa20 stream cipher algorithm is designed by Daniel J.
667 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
668
669config CRYPTO_SALSA20_586
670 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
671 depends on (X86 || UML_X86) && !64BIT
672 depends on EXPERIMENTAL
673 select CRYPTO_BLKCIPHER
974e4b75
TSH		 674 help
675 Salsa20 stream cipher algorithm.
676
677 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
678 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 679
680 The Salsa20 stream cipher algorithm is designed by Daniel J.
681 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
682
683config CRYPTO_SALSA20_X86_64
684 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
685 depends on (X86 || UML_X86) && 64BIT
686 depends on EXPERIMENTAL
687 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 688 help
689 Salsa20 stream cipher algorithm.
690
691 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
692 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 693
694 The Salsa20 stream cipher algorithm is designed by Daniel J.
695 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 696
584fffc8
SS		 697config CRYPTO_SEED
698 tristate "SEED cipher algorithm"
cce9e06d 699 select CRYPTO_ALGAPI
1da177e4 700 help
584fffc8 701 SEED cipher algorithm (RFC4269).
1da177e4 702
584fffc8
SS		 703 SEED is a 128-bit symmetric key block cipher that has been
704 developed by KISA (Korea Information Security Agency) as a
705 national standard encryption algorithm of the Republic of Korea.
706 It is a 16 round block cipher with the key size of 128 bit.
707
708 See also:
709 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
710
711config CRYPTO_SERPENT
712 tristate "Serpent cipher algorithm"
cce9e06d 713 select CRYPTO_ALGAPI
1da177e4 714 help
584fffc8 715 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 716
584fffc8
SS		 717 Keys are allowed to be from 0 to 256 bits in length, in steps
718 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
719 variant of Serpent for compatibility with old kerneli.org code.
720
721 See also:
722 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
723
724config CRYPTO_TEA
725 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 726 select CRYPTO_ALGAPI
1da177e4 727 help
584fffc8 728 TEA cipher algorithm.
1da177e4 729
584fffc8
SS		 730 Tiny Encryption Algorithm is a simple cipher that uses
731 many rounds for security. It is very fast and uses
732 little memory.
733
734 Xtendend Tiny Encryption Algorithm is a modification to
735 the TEA algorithm to address a potential key weakness
736 in the TEA algorithm.
737
738 Xtendend Encryption Tiny Algorithm is a mis-implementation
739 of the XTEA algorithm for compatibility purposes.
740
741config CRYPTO_TWOFISH
742 tristate "Twofish cipher algorithm"
04ac7db3 743 select CRYPTO_ALGAPI
584fffc8 744 select CRYPTO_TWOFISH_COMMON
04ac7db3 745 help
584fffc8 746 Twofish cipher algorithm.
04ac7db3 747
584fffc8
SS		 748 Twofish was submitted as an AES (Advanced Encryption Standard)
749 candidate cipher by researchers at CounterPane Systems. It is a
750 16 round block cipher supporting key sizes of 128, 192, and 256
751 bits.
04ac7db3 752
584fffc8
SS		 753 See also:
754 <http://www.schneier.com/twofish.html>
755
756config CRYPTO_TWOFISH_COMMON
757 tristate
758 help
759 Common parts of the Twofish cipher algorithm shared by the
760 generic c and the assembler implementations.
761
762config CRYPTO_TWOFISH_586
763 tristate "Twofish cipher algorithms (i586)"
764 depends on (X86 || UML_X86) && !64BIT
765 select CRYPTO_ALGAPI
766 select CRYPTO_TWOFISH_COMMON
767 help
768 Twofish cipher algorithm.
769
770 Twofish was submitted as an AES (Advanced Encryption Standard)
771 candidate cipher by researchers at CounterPane Systems. It is a
772 16 round block cipher supporting key sizes of 128, 192, and 256
773 bits.
04ac7db3
NT		 774
775 See also:
584fffc8 776 <http://www.schneier.com/twofish.html>
04ac7db3 777
584fffc8
SS		 778config CRYPTO_TWOFISH_X86_64
779 tristate "Twofish cipher algorithm (x86_64)"
780 depends on (X86 || UML_X86) && 64BIT
cce9e06d 781 select CRYPTO_ALGAPI
584fffc8 782 select CRYPTO_TWOFISH_COMMON
1da177e4 783 help
584fffc8 784 Twofish cipher algorithm (x86_64).
1da177e4 785
584fffc8
SS		 786 Twofish was submitted as an AES (Advanced Encryption Standard)
787 candidate cipher by researchers at CounterPane Systems. It is a
788 16 round block cipher supporting key sizes of 128, 192, and 256
789 bits.
790
791 See also:
792 <http://www.schneier.com/twofish.html>
793
794comment "Compression"
795
796config CRYPTO_DEFLATE
797 tristate "Deflate compression algorithm"
798 select CRYPTO_ALGAPI
799 select ZLIB_INFLATE
800 select ZLIB_DEFLATE
3c09f17c 801 help
584fffc8
SS		 802 This is the Deflate algorithm (RFC1951), specified for use in
803 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
804
805 You will most probably want this if using IPSec.
3c09f17c 806
bf68e65e
GU		 807config CRYPTO_ZLIB
808 tristate "Zlib compression algorithm"
809 select CRYPTO_PCOMP
810 select ZLIB_INFLATE
811 select ZLIB_DEFLATE
812 select NLATTR
813 help
814 This is the zlib algorithm.
815
0b77abb3
ZS		 816config CRYPTO_LZO
817 tristate "LZO compression algorithm"
818 select CRYPTO_ALGAPI
819 select LZO_COMPRESS
820 select LZO_DECOMPRESS
821 help
822 This is the LZO algorithm.
823
17f0f4a4
NH		 824comment "Random Number Generation"
825
826config CRYPTO_ANSI_CPRNG
827 tristate "Pseudo Random Number Generation for Cryptographic modules"
4e4ed83b 828 default m
17f0f4a4
NH		 829 select CRYPTO_AES
830 select CRYPTO_RNG
17f0f4a4
NH		 831 help
832 This option enables the generic pseudo random number generator
833 for cryptographic modules. Uses the Algorithm specified in
7dd607e8
JK		 834 ANSI X9.31 A.2.4. Note that this option must be enabled if
835 CRYPTO_FIPS is selected
17f0f4a4 836
1da177e4 837source "drivers/crypto/Kconfig"
1da177e4 838
cce9e06d 839endif # if CRYPTO
Clone of davem's net-next-2.6 tree