]> bbs.cooldavid.org Git - net-next-2.6.git/blame - crypto/Kconfig
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
netlink: Move netlink attribute parsing support to lib
[net-next-2.6.git] / crypto / Kconfig
CommitLineData
685784aa
DW		 1#
2# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
1da177e4 7#
9bc89cd8 8# async_tx api: hardware offloaded memory transfer/transform support
1da177e4 9#
9bc89cd8 10source "crypto/async_tx/Kconfig"
1da177e4 11
9bc89cd8
DW		 12#
13# Cryptographic API Configuration
14#
2e290f43 15menuconfig CRYPTO
c3715cb9 16 tristate "Cryptographic API"
1da177e4
LT		 17 help
18 This option provides the core Cryptographic API.
19
cce9e06d
HX		 20if CRYPTO
21
584fffc8
SS		 22comment "Crypto core or helper"
23
ccb778e1
NH		 24config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 help
27 This options enables the fips boot option which is
28 required if you want to system to operate in a FIPS 200
29 certification. You should say no unless you know what
30 this is.
31
cce9e06d
HX		 32config CRYPTO_ALGAPI
33 tristate
6a0fcbb4 34 select CRYPTO_ALGAPI2
cce9e06d
HX		 35 help
36 This option provides the API for cryptographic algorithms.
37
6a0fcbb4
HX		 38config CRYPTO_ALGAPI2
39 tristate
40
1ae97820
HX		 41config CRYPTO_AEAD
42 tristate
6a0fcbb4 43 select CRYPTO_AEAD2
1ae97820
HX		 44 select CRYPTO_ALGAPI
45
6a0fcbb4
HX		 46config CRYPTO_AEAD2
47 tristate
48 select CRYPTO_ALGAPI2
49
5cde0af2
HX		 50config CRYPTO_BLKCIPHER
51 tristate
6a0fcbb4 52 select CRYPTO_BLKCIPHER2
5cde0af2 53 select CRYPTO_ALGAPI
6a0fcbb4
HX		 54
55config CRYPTO_BLKCIPHER2
56 tristate
57 select CRYPTO_ALGAPI2
58 select CRYPTO_RNG2
0a2e821d 59 select CRYPTO_WORKQUEUE
5cde0af2 60
055bcee3
HX		 61config CRYPTO_HASH
62 tristate
6a0fcbb4 63 select CRYPTO_HASH2
055bcee3
HX		 64 select CRYPTO_ALGAPI
65
6a0fcbb4
HX		 66config CRYPTO_HASH2
67 tristate
68 select CRYPTO_ALGAPI2
69
17f0f4a4
NH		 70config CRYPTO_RNG
71 tristate
6a0fcbb4 72 select CRYPTO_RNG2
17f0f4a4
NH		 73 select CRYPTO_ALGAPI
74
6a0fcbb4
HX		 75config CRYPTO_RNG2
76 tristate
77 select CRYPTO_ALGAPI2
78
2b8c19db
HX		 79config CRYPTO_MANAGER
80 tristate "Cryptographic algorithm manager"
6a0fcbb4 81 select CRYPTO_MANAGER2
2b8c19db
HX		 82 help
83 Create default cryptographic template instantiations such as
84 cbc(aes).
85
6a0fcbb4
HX		 86config CRYPTO_MANAGER2
87 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
88 select CRYPTO_AEAD2
89 select CRYPTO_HASH2
90 select CRYPTO_BLKCIPHER2
91
584fffc8
SS		 92config CRYPTO_GF128MUL
93 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
333b0d7e 94 depends on EXPERIMENTAL
333b0d7e 95 help
584fffc8
SS		 96 Efficient table driven implementation of multiplications in the
97 field GF(2^128). This is needed by some cypher modes. This
98 option will be selected automatically if you select such a
99 cipher mode. Only select this option by hand if you expect to load
100 an external module that requires these functions.
333b0d7e 101
1da177e4
LT		 102config CRYPTO_NULL
103 tristate "Null algorithms"
cce9e06d 104 select CRYPTO_ALGAPI
c8620c25 105 select CRYPTO_BLKCIPHER
d35d2454 106 select CRYPTO_HASH
1da177e4
LT		 107 help
108 These are 'Null' algorithms, used by IPsec, which do nothing.
109
25c38d3f
HY		 110config CRYPTO_WORKQUEUE
111 tristate
112
584fffc8
SS		 113config CRYPTO_CRYPTD
114 tristate "Software async crypto daemon"
115 select CRYPTO_BLKCIPHER
b8a28251 116 select CRYPTO_HASH
584fffc8 117 select CRYPTO_MANAGER
254eff77 118 select CRYPTO_WORKQUEUE
1da177e4 119 help
584fffc8
SS		 120 This is a generic software asynchronous crypto daemon that
121 converts an arbitrary synchronous software crypto algorithm
122 into an asynchronous algorithm that executes in a kernel thread.
1da177e4 123
584fffc8
SS		 124config CRYPTO_AUTHENC
125 tristate "Authenc support"
126 select CRYPTO_AEAD
127 select CRYPTO_BLKCIPHER
128 select CRYPTO_MANAGER
129 select CRYPTO_HASH
1da177e4 130 help
584fffc8
SS		 131 Authenc: Combined mode wrapper for IPsec.
132 This is required for IPSec.
1da177e4 133
584fffc8
SS		 134config CRYPTO_TEST
135 tristate "Testing module"
136 depends on m
da7f033d 137 select CRYPTO_MANAGER
1da177e4 138 help
584fffc8 139 Quick & dirty crypto test module.
1da177e4 140
584fffc8 141comment "Authenticated Encryption with Associated Data"
cd12fb90 142
584fffc8
SS		 143config CRYPTO_CCM
144 tristate "CCM support"
145 select CRYPTO_CTR
146 select CRYPTO_AEAD
1da177e4 147 help
584fffc8 148 Support for Counter with CBC MAC. Required for IPsec.
1da177e4 149
584fffc8
SS		 150config CRYPTO_GCM
151 tristate "GCM/GMAC support"
152 select CRYPTO_CTR
153 select CRYPTO_AEAD
154 select CRYPTO_GF128MUL
1da177e4 155 help
584fffc8
SS		 156 Support for Galois/Counter Mode (GCM) and Galois Message
157 Authentication Code (GMAC). Required for IPSec.
1da177e4 158
584fffc8
SS		 159config CRYPTO_SEQIV
160 tristate "Sequence Number IV Generator"
161 select CRYPTO_AEAD
162 select CRYPTO_BLKCIPHER
a0f000ec 163 select CRYPTO_RNG
1da177e4 164 help
584fffc8
SS		 165 This IV generator generates an IV based on a sequence number by
166 xoring it with a salt. This algorithm is mainly useful for CTR
1da177e4 167
584fffc8 168comment "Block modes"
c494e070 169
584fffc8
SS		 170config CRYPTO_CBC
171 tristate "CBC support"
db131ef9 172 select CRYPTO_BLKCIPHER
43518407 173 select CRYPTO_MANAGER
db131ef9 174 help
584fffc8
SS		 175 CBC: Cipher Block Chaining mode
176 This block cipher algorithm is required for IPSec.
db131ef9 177
584fffc8
SS		 178config CRYPTO_CTR
179 tristate "CTR support"
db131ef9 180 select CRYPTO_BLKCIPHER
584fffc8 181 select CRYPTO_SEQIV
43518407 182 select CRYPTO_MANAGER
db131ef9 183 help
584fffc8 184 CTR: Counter mode
db131ef9
HX		 185 This block cipher algorithm is required for IPSec.
186
584fffc8
SS		 187config CRYPTO_CTS
188 tristate "CTS support"
189 select CRYPTO_BLKCIPHER
190 help
191 CTS: Cipher Text Stealing
192 This is the Cipher Text Stealing mode as described by
193 Section 8 of rfc2040 and referenced by rfc3962.
194 (rfc3962 includes errata information in its Appendix A)
195 This mode is required for Kerberos gss mechanism support
196 for AES encryption.
197
198config CRYPTO_ECB
199 tristate "ECB support"
91652be5
DH		 200 select CRYPTO_BLKCIPHER
201 select CRYPTO_MANAGER
91652be5 202 help
584fffc8
SS		 203 ECB: Electronic CodeBook mode
204 This is the simplest block cipher algorithm. It simply encrypts
205 the input block by block.
91652be5 206
64470f1b
RS		 207config CRYPTO_LRW
208 tristate "LRW support (EXPERIMENTAL)"
209 depends on EXPERIMENTAL
210 select CRYPTO_BLKCIPHER
211 select CRYPTO_MANAGER
212 select CRYPTO_GF128MUL
213 help
214 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
215 narrow block cipher mode for dm-crypt. Use it with cipher
216 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
217 The first 128, 192 or 256 bits in the key are used for AES and the
218 rest is used to tie each cipher block to its logical position.
219
584fffc8
SS		 220config CRYPTO_PCBC
221 tristate "PCBC support"
222 select CRYPTO_BLKCIPHER
223 select CRYPTO_MANAGER
224 help
225 PCBC: Propagating Cipher Block Chaining mode
226 This block cipher algorithm is required for RxRPC.
227
f19f5111
RS		 228config CRYPTO_XTS
229 tristate "XTS support (EXPERIMENTAL)"
230 depends on EXPERIMENTAL
231 select CRYPTO_BLKCIPHER
232 select CRYPTO_MANAGER
233 select CRYPTO_GF128MUL
234 help
235 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
236 key size 256, 384 or 512 bits. This implementation currently
237 can't handle a sectorsize which is not a multiple of 16 bytes.
238
584fffc8
SS		 239comment "Hash modes"
240
241config CRYPTO_HMAC
242 tristate "HMAC support"
243 select CRYPTO_HASH
23e353c8 244 select CRYPTO_MANAGER
23e353c8 245 help
584fffc8
SS		 246 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
247 This is required for IPSec.
23e353c8 248
584fffc8
SS		 249config CRYPTO_XCBC
250 tristate "XCBC support"
251 depends on EXPERIMENTAL
252 select CRYPTO_HASH
253 select CRYPTO_MANAGER
76cb9521 254 help
584fffc8
SS		 255 XCBC: Keyed-Hashing with encryption algorithm
256 http://www.ietf.org/rfc/rfc3566.txt
257 http://csrc.nist.gov/encryption/modes/proposedmodes/
258 xcbc-mac/xcbc-mac-spec.pdf
76cb9521 259
584fffc8 260comment "Digest"
28db8e3e 261
584fffc8
SS		 262config CRYPTO_CRC32C
263 tristate "CRC32c CRC algorithm"
5773a3e6 264 select CRYPTO_HASH
4a49b499 265 help
584fffc8
SS		 266 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
267 by iSCSI for header and data digests and by others.
69c35efc 268 See Castagnoli93. Module will be crc32c.
4a49b499 269
8cb51ba8
AZ		 270config CRYPTO_CRC32C_INTEL
271 tristate "CRC32c INTEL hardware acceleration"
272 depends on X86
273 select CRYPTO_HASH
274 help
275 In Intel processor with SSE4.2 supported, the processor will
276 support CRC32C implementation using hardware accelerated CRC32
277 instruction. This option will create 'crc32c-intel' module,
278 which will enable any routine to use the CRC32 instruction to
279 gain performance compared with software implementation.
280 Module will be crc32c-intel.
281
584fffc8
SS		 282config CRYPTO_MD4
283 tristate "MD4 digest algorithm"
808a1763 284 select CRYPTO_HASH
124b53d0 285 help
584fffc8 286 MD4 message digest algorithm (RFC1320).
124b53d0 287
584fffc8
SS		 288config CRYPTO_MD5
289 tristate "MD5 digest algorithm"
14b75ba7 290 select CRYPTO_HASH
1da177e4 291 help
584fffc8 292 MD5 message digest algorithm (RFC1321).
1da177e4 293
584fffc8
SS		 294config CRYPTO_MICHAEL_MIC
295 tristate "Michael MIC keyed digest algorithm"
19e2bf14 296 select CRYPTO_HASH
90831639 297 help
584fffc8
SS		 298 Michael MIC is used for message integrity protection in TKIP
299 (IEEE 802.11i). This algorithm is required for TKIP, but it
300 should not be used for other purposes because of the weakness
301 of the algorithm.
90831639 302
82798f90 303config CRYPTO_RMD128
b6d44341 304 tristate "RIPEMD-128 digest algorithm"
7c4468bc 305 select CRYPTO_HASH
b6d44341
AB		 306 help
307 RIPEMD-128 (ISO/IEC 10118-3:2004).
82798f90 308
b6d44341
AB		 309 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
310 to be used as a secure replacement for RIPEMD. For other use cases
311 RIPEMD-160 should be used.
82798f90 312
b6d44341
AB		 313 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
314 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90
AKR		 315
316config CRYPTO_RMD160
b6d44341 317 tristate "RIPEMD-160 digest algorithm"
e5835fba 318 select CRYPTO_HASH
b6d44341
AB		 319 help
320 RIPEMD-160 (ISO/IEC 10118-3:2004).
82798f90 321
b6d44341
AB		 322 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
323 to be used as a secure replacement for the 128-bit hash functions
324 MD4, MD5 and it's predecessor RIPEMD
325 (not to be confused with RIPEMD-128).
82798f90 326
b6d44341
AB		 327 It's speed is comparable to SHA1 and there are no known attacks
328 against RIPEMD-160.
534fe2c1 329
b6d44341
AB		 330 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
331 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 332
333config CRYPTO_RMD256
b6d44341 334 tristate "RIPEMD-256 digest algorithm"
d8a5e2e9 335 select CRYPTO_HASH
b6d44341
AB		 336 help
337 RIPEMD-256 is an optional extension of RIPEMD-128 with a
338 256 bit hash. It is intended for applications that require
339 longer hash-results, without needing a larger security level
340 (than RIPEMD-128).
534fe2c1 341
b6d44341
AB		 342 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
343 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
534fe2c1
AKR		 344
345config CRYPTO_RMD320
b6d44341 346 tristate "RIPEMD-320 digest algorithm"
3b8efb4c 347 select CRYPTO_HASH
b6d44341
AB		 348 help
349 RIPEMD-320 is an optional extension of RIPEMD-160 with a
350 320 bit hash. It is intended for applications that require
351 longer hash-results, without needing a larger security level
352 (than RIPEMD-160).
534fe2c1 353
b6d44341
AB		 354 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
355 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
82798f90 356
584fffc8
SS		 357config CRYPTO_SHA1
358 tristate "SHA1 digest algorithm"
54ccb367 359 select CRYPTO_HASH
1da177e4 360 help
584fffc8 361 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
1da177e4 362
584fffc8
SS		 363config CRYPTO_SHA256
364 tristate "SHA224 and SHA256 digest algorithm"
50e109b5 365 select CRYPTO_HASH
1da177e4 366 help
584fffc8 367 SHA256 secure hash standard (DFIPS 180-2).
1da177e4 368
584fffc8
SS		 369 This version of SHA implements a 256 bit hash with 128 bits of
370 security against collision attacks.
2729bb42 371
b6d44341
AB		 372 This code also includes SHA-224, a 224 bit hash with 112 bits
373 of security against collision attacks.
584fffc8
SS		 374
375config CRYPTO_SHA512
376 tristate "SHA384 and SHA512 digest algorithms"
bd9d20db 377 select CRYPTO_HASH
b9f535ff 378 help
584fffc8 379 SHA512 secure hash standard (DFIPS 180-2).
b9f535ff 380
584fffc8
SS		 381 This version of SHA implements a 512 bit hash with 256 bits of
382 security against collision attacks.
b9f535ff 383
584fffc8
SS		 384 This code also includes SHA-384, a 384 bit hash with 192 bits
385 of security against collision attacks.
b9f535ff 386
584fffc8
SS		 387config CRYPTO_TGR192
388 tristate "Tiger digest algorithms"
f63fbd3d 389 select CRYPTO_HASH
eaf44088 390 help
584fffc8 391 Tiger hash algorithm 192, 160 and 128-bit hashes
eaf44088 392
584fffc8
SS		 393 Tiger is a hash function optimized for 64-bit processors while
394 still having decent performance on 32-bit processors.
395 Tiger was developed by Ross Anderson and Eli Biham.
eaf44088
JF		 396
397 See also:
584fffc8 398 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
eaf44088 399
584fffc8
SS		 400config CRYPTO_WP512
401 tristate "Whirlpool digest algorithms"
4946510b 402 select CRYPTO_HASH
1da177e4 403 help
584fffc8 404 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1da177e4 405
584fffc8
SS		 406 Whirlpool-512 is part of the NESSIE cryptographic primitives.
407 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1da177e4
LT		 408
409 See also:
584fffc8
SS		 410 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
411
412comment "Ciphers"
1da177e4
LT		 413
414config CRYPTO_AES
415 tristate "AES cipher algorithms"
cce9e06d 416 select CRYPTO_ALGAPI
1da177e4 417 help
584fffc8 418 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 419 algorithm.
420
421 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 422 both hardware and software across a wide range of computing
423 environments regardless of its use in feedback or non-feedback
424 modes. Its key setup time is excellent, and its key agility is
425 good. Rijndael's very low memory requirements make it very well
426 suited for restricted-space environments, in which it also
427 demonstrates excellent performance. Rijndael's operations are
428 among the easiest to defend against power and timing attacks.
1da177e4 429
584fffc8 430 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 431
432 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
433
434config CRYPTO_AES_586
435 tristate "AES cipher algorithms (i586)"
cce9e06d
HX		 436 depends on (X86 || UML_X86) && !64BIT
437 select CRYPTO_ALGAPI
5157dea8 438 select CRYPTO_AES
1da177e4 439 help
584fffc8 440 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1da177e4
LT		 441 algorithm.
442
443 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 444 both hardware and software across a wide range of computing
445 environments regardless of its use in feedback or non-feedback
446 modes. Its key setup time is excellent, and its key agility is
447 good. Rijndael's very low memory requirements make it very well
448 suited for restricted-space environments, in which it also
449 demonstrates excellent performance. Rijndael's operations are
450 among the easiest to defend against power and timing attacks.
1da177e4 451
584fffc8 452 The AES specifies three key sizes: 128, 192 and 256 bits
a2a892a2
AS		 453
454 See <http://csrc.nist.gov/encryption/aes/> for more information.
455
456config CRYPTO_AES_X86_64
457 tristate "AES cipher algorithms (x86_64)"
cce9e06d
HX		 458 depends on (X86 || UML_X86) && 64BIT
459 select CRYPTO_ALGAPI
81190b32 460 select CRYPTO_AES
a2a892a2 461 help
584fffc8 462 AES cipher algorithms (FIPS-197). AES uses the Rijndael
a2a892a2
AS		 463 algorithm.
464
465 Rijndael appears to be consistently a very good performer in
584fffc8
SS		 466 both hardware and software across a wide range of computing
467 environments regardless of its use in feedback or non-feedback
468 modes. Its key setup time is excellent, and its key agility is
54b6a1bd
HY		 469 good. Rijndael's very low memory requirements make it very well
470 suited for restricted-space environments, in which it also
471 demonstrates excellent performance. Rijndael's operations are
472 among the easiest to defend against power and timing attacks.
473
474 The AES specifies three key sizes: 128, 192 and 256 bits
475
476 See <http://csrc.nist.gov/encryption/aes/> for more information.
477
478config CRYPTO_AES_NI_INTEL
479 tristate "AES cipher algorithms (AES-NI)"
480 depends on (X86 || UML_X86) && 64BIT
481 select CRYPTO_AES_X86_64
482 select CRYPTO_CRYPTD
483 select CRYPTO_ALGAPI
484 help
485 Use Intel AES-NI instructions for AES algorithm.
486
487 AES cipher algorithms (FIPS-197). AES uses the Rijndael
488 algorithm.
489
490 Rijndael appears to be consistently a very good performer in
491 both hardware and software across a wide range of computing
492 environments regardless of its use in feedback or non-feedback
493 modes. Its key setup time is excellent, and its key agility is
584fffc8
SS		 494 good. Rijndael's very low memory requirements make it very well
495 suited for restricted-space environments, in which it also
496 demonstrates excellent performance. Rijndael's operations are
497 among the easiest to defend against power and timing attacks.
a2a892a2 498
584fffc8 499 The AES specifies three key sizes: 128, 192 and 256 bits
1da177e4
LT		 500
501 See <http://csrc.nist.gov/encryption/aes/> for more information.
502
584fffc8
SS		 503config CRYPTO_ANUBIS
504 tristate "Anubis cipher algorithm"
505 select CRYPTO_ALGAPI
506 help
507 Anubis cipher algorithm.
508
509 Anubis is a variable key length cipher which can use keys from
510 128 bits to 320 bits in length. It was evaluated as a entrant
511 in the NESSIE competition.
512
513 See also:
514 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
515 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
516
517config CRYPTO_ARC4
518 tristate "ARC4 cipher algorithm"
519 select CRYPTO_ALGAPI
520 help
521 ARC4 cipher algorithm.
522
523 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
524 bits in length. This algorithm is required for driver-based
525 WEP, but it should not be for other purposes because of the
526 weakness of the algorithm.
527
528config CRYPTO_BLOWFISH
529 tristate "Blowfish cipher algorithm"
530 select CRYPTO_ALGAPI
531 help
532 Blowfish cipher algorithm, by Bruce Schneier.
533
534 This is a variable key length cipher which can use keys from 32
535 bits to 448 bits in length. It's fast, simple and specifically
536 designed for use on "large microprocessors".
537
538 See also:
539 <http://www.schneier.com/blowfish.html>
540
541config CRYPTO_CAMELLIA
542 tristate "Camellia cipher algorithms"
543 depends on CRYPTO
544 select CRYPTO_ALGAPI
545 help
546 Camellia cipher algorithms module.
547
548 Camellia is a symmetric key block cipher developed jointly
549 at NTT and Mitsubishi Electric Corporation.
550
551 The Camellia specifies three key sizes: 128, 192 and 256 bits.
552
553 See also:
554 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
555
1da177e4
LT		 556config CRYPTO_CAST5
557 tristate "CAST5 (CAST-128) cipher algorithm"
cce9e06d 558 select CRYPTO_ALGAPI
1da177e4
LT		 559 help
560 The CAST5 encryption algorithm (synonymous with CAST-128) is
561 described in RFC2144.
562
563config CRYPTO_CAST6
564 tristate "CAST6 (CAST-256) cipher algorithm"
cce9e06d 565 select CRYPTO_ALGAPI
1da177e4
LT		 566 help
567 The CAST6 encryption algorithm (synonymous with CAST-256) is
568 described in RFC2612.
569
584fffc8
SS		 570config CRYPTO_DES
571 tristate "DES and Triple DES EDE cipher algorithms"
cce9e06d 572 select CRYPTO_ALGAPI
1da177e4 573 help
584fffc8 574 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
fb4f10ed 575
584fffc8
SS		 576config CRYPTO_FCRYPT
577 tristate "FCrypt cipher algorithm"
cce9e06d 578 select CRYPTO_ALGAPI
584fffc8 579 select CRYPTO_BLKCIPHER
1da177e4 580 help
584fffc8 581 FCrypt algorithm used by RxRPC.
1da177e4
LT		 582
583config CRYPTO_KHAZAD
584 tristate "Khazad cipher algorithm"
cce9e06d 585 select CRYPTO_ALGAPI
1da177e4
LT		 586 help
587 Khazad cipher algorithm.
588
589 Khazad was a finalist in the initial NESSIE competition. It is
590 an algorithm optimized for 64-bit processors with good performance
591 on 32-bit processors. Khazad uses an 128 bit key size.
592
593 See also:
594 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
595
2407d608
TSH		 596config CRYPTO_SALSA20
597 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
598 depends on EXPERIMENTAL
599 select CRYPTO_BLKCIPHER
600 help
601 Salsa20 stream cipher algorithm.
602
603 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
604 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
974e4b75
TSH		 605
606 The Salsa20 stream cipher algorithm is designed by Daniel J.
607 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
608
609config CRYPTO_SALSA20_586
610 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
611 depends on (X86 || UML_X86) && !64BIT
612 depends on EXPERIMENTAL
613 select CRYPTO_BLKCIPHER
974e4b75
TSH		 614 help
615 Salsa20 stream cipher algorithm.
616
617 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
618 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
9a7dafbb
TSH		 619
620 The Salsa20 stream cipher algorithm is designed by Daniel J.
621 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
622
623config CRYPTO_SALSA20_X86_64
624 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
625 depends on (X86 || UML_X86) && 64BIT
626 depends on EXPERIMENTAL
627 select CRYPTO_BLKCIPHER
9a7dafbb
TSH		 628 help
629 Salsa20 stream cipher algorithm.
630
631 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
632 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
2407d608
TSH		 633
634 The Salsa20 stream cipher algorithm is designed by Daniel J.
635 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1da177e4 636
584fffc8
SS		 637config CRYPTO_SEED
638 tristate "SEED cipher algorithm"
cce9e06d 639 select CRYPTO_ALGAPI
1da177e4 640 help
584fffc8 641 SEED cipher algorithm (RFC4269).
1da177e4 642
584fffc8
SS		 643 SEED is a 128-bit symmetric key block cipher that has been
644 developed by KISA (Korea Information Security Agency) as a
645 national standard encryption algorithm of the Republic of Korea.
646 It is a 16 round block cipher with the key size of 128 bit.
647
648 See also:
649 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
650
651config CRYPTO_SERPENT
652 tristate "Serpent cipher algorithm"
cce9e06d 653 select CRYPTO_ALGAPI
1da177e4 654 help
584fffc8 655 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1da177e4 656
584fffc8
SS		 657 Keys are allowed to be from 0 to 256 bits in length, in steps
658 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
659 variant of Serpent for compatibility with old kerneli.org code.
660
661 See also:
662 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
663
664config CRYPTO_TEA
665 tristate "TEA, XTEA and XETA cipher algorithms"
cce9e06d 666 select CRYPTO_ALGAPI
1da177e4 667 help
584fffc8 668 TEA cipher algorithm.
1da177e4 669
584fffc8
SS		 670 Tiny Encryption Algorithm is a simple cipher that uses
671 many rounds for security. It is very fast and uses
672 little memory.
673
674 Xtendend Tiny Encryption Algorithm is a modification to
675 the TEA algorithm to address a potential key weakness
676 in the TEA algorithm.
677
678 Xtendend Encryption Tiny Algorithm is a mis-implementation
679 of the XTEA algorithm for compatibility purposes.
680
681config CRYPTO_TWOFISH
682 tristate "Twofish cipher algorithm"
04ac7db3 683 select CRYPTO_ALGAPI
584fffc8 684 select CRYPTO_TWOFISH_COMMON
04ac7db3 685 help
584fffc8 686 Twofish cipher algorithm.
04ac7db3 687
584fffc8
SS		 688 Twofish was submitted as an AES (Advanced Encryption Standard)
689 candidate cipher by researchers at CounterPane Systems. It is a
690 16 round block cipher supporting key sizes of 128, 192, and 256
691 bits.
04ac7db3 692
584fffc8
SS		 693 See also:
694 <http://www.schneier.com/twofish.html>
695
696config CRYPTO_TWOFISH_COMMON
697 tristate
698 help
699 Common parts of the Twofish cipher algorithm shared by the
700 generic c and the assembler implementations.
701
702config CRYPTO_TWOFISH_586
703 tristate "Twofish cipher algorithms (i586)"
704 depends on (X86 || UML_X86) && !64BIT
705 select CRYPTO_ALGAPI
706 select CRYPTO_TWOFISH_COMMON
707 help
708 Twofish cipher algorithm.
709
710 Twofish was submitted as an AES (Advanced Encryption Standard)
711 candidate cipher by researchers at CounterPane Systems. It is a
712 16 round block cipher supporting key sizes of 128, 192, and 256
713 bits.
04ac7db3
NT		 714
715 See also:
584fffc8 716 <http://www.schneier.com/twofish.html>
04ac7db3 717
584fffc8
SS		 718config CRYPTO_TWOFISH_X86_64
719 tristate "Twofish cipher algorithm (x86_64)"
720 depends on (X86 || UML_X86) && 64BIT
cce9e06d 721 select CRYPTO_ALGAPI
584fffc8 722 select CRYPTO_TWOFISH_COMMON
1da177e4 723 help
584fffc8 724 Twofish cipher algorithm (x86_64).
1da177e4 725
584fffc8
SS		 726 Twofish was submitted as an AES (Advanced Encryption Standard)
727 candidate cipher by researchers at CounterPane Systems. It is a
728 16 round block cipher supporting key sizes of 128, 192, and 256
729 bits.
730
731 See also:
732 <http://www.schneier.com/twofish.html>
733
734comment "Compression"
735
736config CRYPTO_DEFLATE
737 tristate "Deflate compression algorithm"
738 select CRYPTO_ALGAPI
739 select ZLIB_INFLATE
740 select ZLIB_DEFLATE
3c09f17c 741 help
584fffc8
SS		 742 This is the Deflate algorithm (RFC1951), specified for use in
743 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
744
745 You will most probably want this if using IPSec.
3c09f17c 746
0b77abb3
ZS		 747config CRYPTO_LZO
748 tristate "LZO compression algorithm"
749 select CRYPTO_ALGAPI
750 select LZO_COMPRESS
751 select LZO_DECOMPRESS
752 help
753 This is the LZO algorithm.
754
17f0f4a4
NH		 755comment "Random Number Generation"
756
757config CRYPTO_ANSI_CPRNG
758 tristate "Pseudo Random Number Generation for Cryptographic modules"
759 select CRYPTO_AES
760 select CRYPTO_RNG
761 select CRYPTO_FIPS
762 help
763 This option enables the generic pseudo random number generator
764 for cryptographic modules. Uses the Algorithm specified in
765 ANSI X9.31 A.2.4
766
1da177e4 767source "drivers/crypto/Kconfig"
1da177e4 768
cce9e06d 769endif # if CRYPTO
Clone of davem's net-next-2.6 tree