]> bbs.cooldavid.org Git - net-next-2.6.git/blame - crypto/Kconfig
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: testmgr - Add support for the pcomp interface
[net-next-2.6.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 help
27 This options enables the fips boot option which is
28 required if you want to system to operate in a FIPS 200
29 certification. You should say no unless you know what
30 this is.
31
cce9e06d
HX		 32config CRYPTO_ALGAPI
33 tristate
6a0fcbb4 34 select CRYPTO_ALGAPI2
cce9e06d
HX		 35 help
36 This option provides the API for cryptographic algorithms.
37
6a0fcbb4
HX		 38config CRYPTO_ALGAPI2
39 tristate
40
1ae97820
HX		 41config CRYPTO_AEAD
42 tristate
6a0fcbb4 43 select CRYPTO_AEAD2
1ae97820
HX		 44 select CRYPTO_ALGAPI
45
6a0fcbb4
HX		 46config CRYPTO_AEAD2
47 tristate
48 select CRYPTO_ALGAPI2
49
5cde0af2
HX		 50config CRYPTO_BLKCIPHER
51 tristate
6a0fcbb4 52 select CRYPTO_BLKCIPHER2
5cde0af2 53 select CRYPTO_ALGAPI
6a0fcbb4
HX		 54
55config CRYPTO_BLKCIPHER2
56 tristate
57 select CRYPTO_ALGAPI2
58 select CRYPTO_RNG2
0a2e821d 59 select CRYPTO_WORKQUEUE
5cde0af2 60
055bcee3
HX		 61config CRYPTO_HASH
62 tristate
6a0fcbb4 63 select CRYPTO_HASH2
055bcee3
HX		 64 select CRYPTO_ALGAPI
65
6a0fcbb4
HX		 66config CRYPTO_HASH2
67 tristate
68 select CRYPTO_ALGAPI2
69
17f0f4a4
NH		 70config CRYPTO_RNG
71 tristate
6a0fcbb4 72 select CRYPTO_RNG2
17f0f4a4
NH		 73 select CRYPTO_ALGAPI
74
6a0fcbb4
HX		 75config CRYPTO_RNG2
76 tristate
77 select CRYPTO_ALGAPI2
78
a1d2f095
GU		 79config CRYPTO_PCOMP
80 tristate
81 select CRYPTO_ALGAPI2
82
2b8c19db
HX		 83config CRYPTO_MANAGER
84 tristate "Cryptographic algorithm manager"
6a0fcbb4 85 select CRYPTO_MANAGER2
2b8c19db
HX		 86 help
87 Create default cryptographic template instantiations such as
88 cbc(aes).
89
6a0fcbb4
HX		 90config CRYPTO_MANAGER2
91 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
92 select CRYPTO_AEAD2
93 select CRYPTO_HASH2
94 select CRYPTO_BLKCIPHER2
95
584fffc8
SS		 96config CRYPTO_GF128MUL
97 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
333b0d7e 98 depends on EXPERIMENTAL
333b0d7e 99 help
584fffc8
SS		 100 Efficient table driven implementation of multiplications in the
101 field GF(2^128). This is needed by some cypher modes. This
102 option will be selected automatically if you select such a
103 cipher mode. Only select this option by hand if you expect to load
104 an external module that requires these functions.
333b0d7e 105
1da177e4
LT		 106config CRYPTO_NULL
107 tristate "Null algorithms"
cce9e06d 108 select CRYPTO_ALGAPI
c8620c25 109 select CRYPTO_BLKCIPHER
d35d2454 110 select CRYPTO_HASH
1da177e4
LT		 111 help
112 These are 'Null' algorithms, used by IPsec, which do nothing.
113
25c38d3f
HY		 114config CRYPTO_WORKQUEUE
115 tristate
116
584fffc8
SS		 117config CRYPTO_CRYPTD
118 tristate "Software async crypto daemon"
119 select CRYPTO_BLKCIPHER
b8a28251 120 select CRYPTO_HASH
584fffc8 121 select CRYPTO_MANAGER
254eff77 122 select CRYPTO_WORKQUEUE
1da177e4 123 help
584fffc8
SS		 124 This is a generic software asynchronous crypto daemon that
125 converts an arbitrary synchronous software crypto algorithm
126 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 127
584fffc8
SS		 128config CRYPTO_AUTHENC
129 tristate "Authenc support"
130 select CRYPTO_AEAD
131 select CRYPTO_BLKCIPHER
132 select CRYPTO_MANAGER
133 select CRYPTO_HASH
1da177e4 134 help
584fffc8
SS		 135 Authenc: Combined mode wrapper for IPsec.
136 This is required for IPSec.
1da177e4 137
584fffc8
SS		 138config CRYPTO_TEST
139 tristate "Testing module"
140 depends on m
da7f033d 141 select CRYPTO_MANAGER
1da177e4 142 help
584fffc8 143 Quick & dirty crypto test module.
1da177e4 144
584fffc8 145comment "Authenticated Encryption with Associated Data"
cd12fb90 146
584fffc8
SS		 147config CRYPTO_CCM
148 tristate "CCM support"
149 select CRYPTO_CTR
150 select CRYPTO_AEAD
1da177e4 151 help
584fffc8 152 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 153
584fffc8
SS		 154config CRYPTO_GCM
155 tristate "GCM/GMAC support"
156 select CRYPTO_CTR
157 select CRYPTO_AEAD
158 select CRYPTO_GF128MUL
1da177e4 159 help
584fffc8
SS		 160 Support for Galois/Counter Mode (GCM) and Galois Message
161 Authentication Code (GMAC). Required for IPSec.
1da177e4 162
584fffc8
SS		 163config CRYPTO_SEQIV
164 tristate "Sequence Number IV Generator"
165 select CRYPTO_AEAD
166 select CRYPTO_BLKCIPHER
a0f000ec 167 select CRYPTO_RNG
1da177e4 168 help
584fffc8
SS		 169 This IV generator generates an IV based on a sequence number by
170 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 171
584fffc8 172comment "Block modes"
c494e070 173
584fffc8
SS		 174config CRYPTO_CBC
175 tristate "CBC support"
db131ef9 176 select CRYPTO_BLKCIPHER
43518407 177 select CRYPTO_MANAGER
db131ef9 178 help
584fffc8
SS		 179 CBC: Cipher Block Chaining mode
180 This block cipher algorithm is required for IPSec.
db131ef9 181
584fffc8
SS		 182config CRYPTO_CTR
183 tristate "CTR support"
db131ef9 184 select CRYPTO_BLKCIPHER
584fffc8 185 select CRYPTO_SEQIV
43518407 186 select CRYPTO_MANAGER
db131ef9 187 help
584fffc8 188 CTR: Counter mode
db131ef9
HX		 189 This block cipher algorithm is required for IPSec.
190
584fffc8
SS		 191config CRYPTO_CTS
192 tristate "CTS support"
193 select CRYPTO_BLKCIPHER
194 help
195 CTS: Cipher Text Stealing
196 This is the Cipher Text Stealing mode as described by
197 Section 8 of rfc2040 and referenced by rfc3962.
198 (rfc3962 includes errata information in its Appendix A)
199 This mode is required for Kerberos gss mechanism support
200 for AES encryption.
201
202config CRYPTO_ECB
203 tristate "ECB support"
91652be5
DH		 204 select CRYPTO_BLKCIPHER
205 select CRYPTO_MANAGER
91652be5 206 help
584fffc8
SS		 207 ECB: Electronic CodeBook mode
208 This is the simplest block cipher algorithm. It simply encrypts
209 the input block by block.
91652be5 210
64470f1b
RS		 211config CRYPTO_LRW
212 tristate "LRW support (EXPERIMENTAL)"
213 depends on EXPERIMENTAL
214 select CRYPTO_BLKCIPHER
215 select CRYPTO_MANAGER
216 select CRYPTO_GF128MUL
217 help
218 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
219 narrow block cipher mode for dm-crypt. Use it with cipher
220 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
221 The first 128, 192 or 256 bits in the key are used for AES and the
222 rest is used to tie each cipher block to its logical position.
223
584fffc8
SS		 224config CRYPTO_PCBC
225 tristate "PCBC support"
226 select CRYPTO_BLKCIPHER
227 select CRYPTO_MANAGER
228 help
229 PCBC: Propagating Cipher Block Chaining mode
230 This block cipher algorithm is required for RxRPC.
231
f19f5111
RS		 232config CRYPTO_XTS
233 tristate "XTS support (EXPERIMENTAL)"
234 depends on EXPERIMENTAL
235 select CRYPTO_BLKCIPHER
236 select CRYPTO_MANAGER
237 select CRYPTO_GF128MUL
238 help
239 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
240 key size 256, 384 or 512 bits. This implementation currently
241 can't handle a sectorsize which is not a multiple of 16 bytes.
242
584fffc8
SS		 243comment "Hash modes"
244
245config CRYPTO_HMAC
246 tristate "HMAC support"
247 select CRYPTO_HASH
23e353c8 248 select CRYPTO_MANAGER
23e353c8 249 help
584fffc8
SS		 250 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
251 This is required for IPSec.
23e353c8 252
584fffc8
SS		 253config CRYPTO_XCBC
254 tristate "XCBC support"
255 depends on EXPERIMENTAL
256 select CRYPTO_HASH
257 select CRYPTO_MANAGER
76cb9521 258 help
584fffc8
SS		 259 XCBC: Keyed-Hashing with encryption algorithm
260 http://www.ietf.org/rfc/rfc3566.txt
261 http://csrc.nist.gov/encryption/modes/proposedmodes/
262 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 263
584fffc8 264comment "Digest"
28db8e3e 265
584fffc8
SS		 266config CRYPTO_CRC32C
267 tristate "CRC32c CRC algorithm"
5773a3e6 268 select CRYPTO_HASH
4a49b499 269 help
584fffc8
SS		 270 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
271 by iSCSI for header and data digests and by others.
69c35efc 272 See Castagnoli93. Module will be crc32c.
4a49b499 273
8cb51ba8
AZ		 274config CRYPTO_CRC32C_INTEL
275 tristate "CRC32c INTEL hardware acceleration"
276 depends on X86
277 select CRYPTO_HASH
278 help
279 In Intel processor with SSE4.2 supported, the processor will
280 support CRC32C implementation using hardware accelerated CRC32
281 instruction. This option will create 'crc32c-intel' module,
282 which will enable any routine to use the CRC32 instruction to
283 gain performance compared with software implementation.
284 Module will be crc32c-intel.
285
584fffc8
SS		 286config CRYPTO_MD4
287 tristate "MD4 digest algorithm"
808a1763 288 select CRYPTO_HASH
124b53d0 289 help
584fffc8 290 MD4 message digest algorithm (RFC1320).
124b53d0 291
584fffc8
SS		 292config CRYPTO_MD5
293 tristate "MD5 digest algorithm"
14b75ba7 294 select CRYPTO_HASH
1da177e4 295 help
584fffc8 296 MD5 message digest algorithm (RFC1321).
1da177e4 297
584fffc8
SS		 298config CRYPTO_MICHAEL_MIC
299 tristate "Michael MIC keyed digest algorithm"
19e2bf14 300 select CRYPTO_HASH
90831639 301 help
584fffc8
SS		 302 Michael MIC is used for message integrity protection in TKIP
303 (IEEE 802.11i). This algorithm is required for TKIP, but it
304 should not be used for other purposes because of the weakness
305 of the algorithm.
90831639 306
82798f90 307config CRYPTO_RMD128
b6d44341 308 tristate "RIPEMD-128 digest algorithm"
7c4468bc 309 select CRYPTO_HASH
b6d44341
AB		 310 help
311 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 312
b6d44341
AB		 313 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
314 to be used as a secure replacement for RIPEMD. For other use cases
315 RIPEMD-160 should be used.
82798f90 316
b6d44341
AB		 317 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
318 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 319
320config CRYPTO_RMD160
b6d44341 321 tristate "RIPEMD-160 digest algorithm"
e5835fba 322 select CRYPTO_HASH
b6d44341
AB		 323 help
324 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 325
b6d44341
AB		 326 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
327 to be used as a secure replacement for the 128-bit hash functions
328 MD4, MD5 and it's predecessor RIPEMD
329 (not to be confused with RIPEMD-128).
82798f90 330
b6d44341
AB		 331 It's speed is comparable to SHA1 and there are no known attacks
332 against RIPEMD-160.
534fe2c1 333
b6d44341
AB		 334 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
335 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 336
337config CRYPTO_RMD256
b6d44341 338 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 339 select CRYPTO_HASH
b6d44341
AB		 340 help
341 RIPEMD-256 is an optional extension of RIPEMD-128 with a
342 256 bit hash. It is intended for applications that require
343 longer hash-results, without needing a larger security level
344 (than RIPEMD-128).
534fe2c1 345
b6d44341
AB		 346 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
347 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 348
349config CRYPTO_RMD320
b6d44341 350 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 351 select CRYPTO_HASH
b6d44341
AB		 352 help
353 RIPEMD-320 is an optional extension of RIPEMD-160 with a
354 320 bit hash. It is intended for applications that require
355 longer hash-results, without needing a larger security level
356 (than RIPEMD-160).
534fe2c1 357
b6d44341
AB		 358 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
359 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 360
584fffc8
SS		 361config CRYPTO_SHA1
362 tristate "SHA1 digest algorithm"
54ccb367 363 select CRYPTO_HASH
1da177e4 364 help
584fffc8 365 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 366
584fffc8
SS		 367config CRYPTO_SHA256
368 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 369 select CRYPTO_HASH
1da177e4 370 help
584fffc8 371 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 372
584fffc8
SS		 373 This version of SHA implements a 256 bit hash with 128 bits of
374 security against collision attacks.
2729bb42 375
b6d44341
AB		 376 This code also includes SHA-224, a 224 bit hash with 112 bits
377 of security against collision attacks.
584fffc8
SS		 378
379config CRYPTO_SHA512
380 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 381 select CRYPTO_HASH
b9f535ff 382 help
584fffc8 383 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 384
584fffc8
SS		 385 This version of SHA implements a 512 bit hash with 256 bits of
386 security against collision attacks.
b9f535ff 387
584fffc8
SS		 388 This code also includes SHA-384, a 384 bit hash with 192 bits
389 of security against collision attacks.
b9f535ff 390
584fffc8
SS		 391config CRYPTO_TGR192
392 tristate "Tiger digest algorithms"
f63fbd3d 393 select CRYPTO_HASH
eaf44088 394 help
584fffc8 395 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 396
584fffc8
SS		 397 Tiger is a hash function optimized for 64-bit processors while
398 still having decent performance on 32-bit processors.
399 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 400
401 See also:
584fffc8 402 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 403
584fffc8
SS		 404config CRYPTO_WP512
405 tristate "Whirlpool digest algorithms"
4946510b 406 select CRYPTO_HASH
1da177e4 407 help
584fffc8 408 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 409
584fffc8
SS		 410 Whirlpool-512 is part of the NESSIE cryptographic primitives.
411 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 412
413 See also:
584fffc8
SS		 414 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
415
416comment "Ciphers"
1da177e4
LT		 417
418config CRYPTO_AES
419 tristate "AES cipher algorithms"
cce9e06d 420 select CRYPTO_ALGAPI
1da177e4 421 help
584fffc8 422 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 423 algorithm.
424
425 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 426 both hardware and software across a wide range of computing
427 environments regardless of its use in feedback or non-feedback
428 modes. Its key setup time is excellent, and its key agility is
429 good. Rijndael's very low memory requirements make it very well
430 suited for restricted-space environments, in which it also
431 demonstrates excellent performance. Rijndael's operations are
432 among the easiest to defend against power and timing attacks.
1da177e4 433
584fffc8 434 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 435
436 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
437
438config CRYPTO_AES_586
439 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 440 depends on (X86 || UML_X86) && !64BIT
441 select CRYPTO_ALGAPI
5157dea8 442 select CRYPTO_AES
1da177e4 443 help
584fffc8 444 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 445 algorithm.
446
447 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 448 both hardware and software across a wide range of computing
449 environments regardless of its use in feedback or non-feedback
450 modes. Its key setup time is excellent, and its key agility is
451 good. Rijndael's very low memory requirements make it very well
452 suited for restricted-space environments, in which it also
453 demonstrates excellent performance. Rijndael's operations are
454 among the easiest to defend against power and timing attacks.
1da177e4 455
584fffc8 456 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 457
458 See <http://csrc.nist.gov/encryption/aes/> for more information.
459
460config CRYPTO_AES_X86_64
461 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 462 depends on (X86 || UML_X86) && 64BIT
463 select CRYPTO_ALGAPI
81190b32 464 select CRYPTO_AES
a2a892a2 465 help
584fffc8 466 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 467 algorithm.
468
469 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 470 both hardware and software across a wide range of computing
471 environments regardless of its use in feedback or non-feedback
472 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 473 good. Rijndael's very low memory requirements make it very well
474 suited for restricted-space environments, in which it also
475 demonstrates excellent performance. Rijndael's operations are
476 among the easiest to defend against power and timing attacks.
477
478 The AES specifies three key sizes: 128, 192 and 256 bits
479
480 See <http://csrc.nist.gov/encryption/aes/> for more information.
481
482config CRYPTO_AES_NI_INTEL
483 tristate "AES cipher algorithms (AES-NI)"
484 depends on (X86 || UML_X86) && 64BIT
485 select CRYPTO_AES_X86_64
486 select CRYPTO_CRYPTD
487 select CRYPTO_ALGAPI
488 help
489 Use Intel AES-NI instructions for AES algorithm.
490
491 AES cipher algorithms (FIPS-197). AES uses the Rijndael
492 algorithm.
493
494 Rijndael appears to be consistently a very good performer in
495 both hardware and software across a wide range of computing
496 environments regardless of its use in feedback or non-feedback
497 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 498 good. Rijndael's very low memory requirements make it very well
499 suited for restricted-space environments, in which it also
500 demonstrates excellent performance. Rijndael's operations are
501 among the easiest to defend against power and timing attacks.
a2a892a2 502
584fffc8 503 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 504
505 See <http://csrc.nist.gov/encryption/aes/> for more information.
506
584fffc8
SS		 507config CRYPTO_ANUBIS
508 tristate "Anubis cipher algorithm"
509 select CRYPTO_ALGAPI
510 help
511 Anubis cipher algorithm.
512
513 Anubis is a variable key length cipher which can use keys from
514 128 bits to 320 bits in length. It was evaluated as a entrant
515 in the NESSIE competition.
516
517 See also:
518 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
519 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
520
521config CRYPTO_ARC4
522 tristate "ARC4 cipher algorithm"
523 select CRYPTO_ALGAPI
524 help
525 ARC4 cipher algorithm.
526
527 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
528 bits in length. This algorithm is required for driver-based
529 WEP, but it should not be for other purposes because of the
530 weakness of the algorithm.
531
532config CRYPTO_BLOWFISH
533 tristate "Blowfish cipher algorithm"
534 select CRYPTO_ALGAPI
535 help
536 Blowfish cipher algorithm, by Bruce Schneier.
537
538 This is a variable key length cipher which can use keys from 32
539 bits to 448 bits in length. It's fast, simple and specifically
540 designed for use on "large microprocessors".
541
542 See also:
543 <http://www.schneier.com/blowfish.html>
544
545config CRYPTO_CAMELLIA
546 tristate "Camellia cipher algorithms"
547 depends on CRYPTO
548 select CRYPTO_ALGAPI
549 help
550 Camellia cipher algorithms module.
551
552 Camellia is a symmetric key block cipher developed jointly
553 at NTT and Mitsubishi Electric Corporation.
554
555 The Camellia specifies three key sizes: 128, 192 and 256 bits.
556
557 See also:
558 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
559
1da177e4
LT		 560config CRYPTO_CAST5
561 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 562 select CRYPTO_ALGAPI
1da177e4
LT		 563 help
564 The CAST5 encryption algorithm (synonymous with CAST-128) is
565 described in RFC2144.
566
567config CRYPTO_CAST6
568 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 569 select CRYPTO_ALGAPI
1da177e4
LT		 570 help
571 The CAST6 encryption algorithm (synonymous with CAST-256) is
572 described in RFC2612.
573
584fffc8
SS		 574config CRYPTO_DES
575 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 576 select CRYPTO_ALGAPI
1da177e4 577 help
584fffc8 578 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 579
584fffc8
SS		 580config CRYPTO_FCRYPT
581 tristate "FCrypt cipher algorithm"
cce9e06d 582 select CRYPTO_ALGAPI
584fffc8 583 select CRYPTO_BLKCIPHER
1da177e4 584 help
584fffc8 585 FCrypt algorithm used by RxRPC.
1da177e4
LT		 586
587config CRYPTO_KHAZAD
588 tristate "Khazad cipher algorithm"
cce9e06d 589 select CRYPTO_ALGAPI
1da177e4
LT		 590 help
591 Khazad cipher algorithm.
592
593 Khazad was a finalist in the initial NESSIE competition. It is
594 an algorithm optimized for 64-bit processors with good performance
595 on 32-bit processors. Khazad uses an 128 bit key size.
596
597 See also:
598 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
599
2407d608
TSH		 600config CRYPTO_SALSA20
601 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
602 depends on EXPERIMENTAL
603 select CRYPTO_BLKCIPHER
604 help
605 Salsa20 stream cipher algorithm.
606
607 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
608 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 609
610 The Salsa20 stream cipher algorithm is designed by Daniel J.
611 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
612
613config CRYPTO_SALSA20_586
614 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
615 depends on (X86 || UML_X86) && !64BIT
616 depends on EXPERIMENTAL
617 select CRYPTO_BLKCIPHER
974e4b75
TSH		 618 help
619 Salsa20 stream cipher algorithm.
620
621 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
622 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 623
624 The Salsa20 stream cipher algorithm is designed by Daniel J.
625 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
626
627config CRYPTO_SALSA20_X86_64
628 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
629 depends on (X86 || UML_X86) && 64BIT
630 depends on EXPERIMENTAL
631 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 632 help
633 Salsa20 stream cipher algorithm.
634
635 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
636 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 637
638 The Salsa20 stream cipher algorithm is designed by Daniel J.
639 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 640
584fffc8
SS		 641config CRYPTO_SEED
642 tristate "SEED cipher algorithm"
cce9e06d 643 select CRYPTO_ALGAPI
1da177e4 644 help
584fffc8 645 SEED cipher algorithm (RFC4269).
1da177e4 646
584fffc8
SS		 647 SEED is a 128-bit symmetric key block cipher that has been
648 developed by KISA (Korea Information Security Agency) as a
649 national standard encryption algorithm of the Republic of Korea.
650 It is a 16 round block cipher with the key size of 128 bit.
651
652 See also:
653 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
654
655config CRYPTO_SERPENT
656 tristate "Serpent cipher algorithm"
cce9e06d 657 select CRYPTO_ALGAPI
1da177e4 658 help
584fffc8 659 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 660
584fffc8
SS		 661 Keys are allowed to be from 0 to 256 bits in length, in steps
662 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
663 variant of Serpent for compatibility with old kerneli.org code.
664
665 See also:
666 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
667
668config CRYPTO_TEA
669 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 670 select CRYPTO_ALGAPI
1da177e4 671 help
584fffc8 672 TEA cipher algorithm.
1da177e4 673
584fffc8
SS		 674 Tiny Encryption Algorithm is a simple cipher that uses
675 many rounds for security. It is very fast and uses
676 little memory.
677
678 Xtendend Tiny Encryption Algorithm is a modification to
679 the TEA algorithm to address a potential key weakness
680 in the TEA algorithm.
681
682 Xtendend Encryption Tiny Algorithm is a mis-implementation
683 of the XTEA algorithm for compatibility purposes.
684
685config CRYPTO_TWOFISH
686 tristate "Twofish cipher algorithm"
04ac7db3 687 select CRYPTO_ALGAPI
584fffc8 688 select CRYPTO_TWOFISH_COMMON
04ac7db3 689 help
584fffc8 690 Twofish cipher algorithm.
04ac7db3 691
584fffc8
SS		 692 Twofish was submitted as an AES (Advanced Encryption Standard)
693 candidate cipher by researchers at CounterPane Systems. It is a
694 16 round block cipher supporting key sizes of 128, 192, and 256
695 bits.
04ac7db3 696
584fffc8
SS		 697 See also:
698 <http://www.schneier.com/twofish.html>
699
700config CRYPTO_TWOFISH_COMMON
701 tristate
702 help
703 Common parts of the Twofish cipher algorithm shared by the
704 generic c and the assembler implementations.
705
706config CRYPTO_TWOFISH_586
707 tristate "Twofish cipher algorithms (i586)"
708 depends on (X86 || UML_X86) && !64BIT
709 select CRYPTO_ALGAPI
710 select CRYPTO_TWOFISH_COMMON
711 help
712 Twofish cipher algorithm.
713
714 Twofish was submitted as an AES (Advanced Encryption Standard)
715 candidate cipher by researchers at CounterPane Systems. It is a
716 16 round block cipher supporting key sizes of 128, 192, and 256
717 bits.
04ac7db3
NT		 718
719 See also:
584fffc8 720 <http://www.schneier.com/twofish.html>
04ac7db3 721
584fffc8
SS		 722config CRYPTO_TWOFISH_X86_64
723 tristate "Twofish cipher algorithm (x86_64)"
724 depends on (X86 || UML_X86) && 64BIT
cce9e06d 725 select CRYPTO_ALGAPI
584fffc8 726 select CRYPTO_TWOFISH_COMMON
1da177e4 727 help
584fffc8 728 Twofish cipher algorithm (x86_64).
1da177e4 729
584fffc8
SS		 730 Twofish was submitted as an AES (Advanced Encryption Standard)
731 candidate cipher by researchers at CounterPane Systems. It is a
732 16 round block cipher supporting key sizes of 128, 192, and 256
733 bits.
734
735 See also:
736 <http://www.schneier.com/twofish.html>
737
738comment "Compression"
739
740config CRYPTO_DEFLATE
741 tristate "Deflate compression algorithm"
742 select CRYPTO_ALGAPI
743 select ZLIB_INFLATE
744 select ZLIB_DEFLATE
3c09f17c 745 help
584fffc8
SS		 746 This is the Deflate algorithm (RFC1951), specified for use in
747 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
748
749 You will most probably want this if using IPSec.
3c09f17c 750
0b77abb3
ZS		 751config CRYPTO_LZO
752 tristate "LZO compression algorithm"
753 select CRYPTO_ALGAPI
754 select LZO_COMPRESS
755 select LZO_DECOMPRESS
756 help
757 This is the LZO algorithm.
758
17f0f4a4
NH		 759comment "Random Number Generation"
760
761config CRYPTO_ANSI_CPRNG
762 tristate "Pseudo Random Number Generation for Cryptographic modules"
763 select CRYPTO_AES
764 select CRYPTO_RNG
765 select CRYPTO_FIPS
766 help
767 This option enables the generic pseudo random number generator
768 for cryptographic modules. Uses the Algorithm specified in
769 ANSI X9.31 A.2.4
770
1da177e4 771source "drivers/crypto/Kconfig"
1da177e4 772
cce9e06d 773endif # if CRYPTO
Clone of davem's net-next-2.6 tree