Back to home page

LXR

 
 

    


0001 #
0002 # Generic algorithms support
0003 #
0004 config XOR_BLOCKS
0005         tristate
0006 
0007 #
0008 # async_tx api: hardware offloaded memory transfer/transform support
0009 #
0010 source "crypto/async_tx/Kconfig"
0011 
0012 #
0013 # Cryptographic API Configuration
0014 #
0015 menuconfig CRYPTO
0016         tristate "Cryptographic API"
0017         help
0018           This option provides the core Cryptographic API.
0019 
0020 if CRYPTO
0021 
0022 comment "Crypto core or helper"
0023 
0024 config CRYPTO_FIPS
0025         bool "FIPS 200 compliance"
0026         depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
0027         depends on (MODULE_SIG || !MODULES)
0028         help
0029           This options enables the fips boot option which is
0030           required if you want to system to operate in a FIPS 200
0031           certification.  You should say no unless you know what
0032           this is.
0033 
0034 config CRYPTO_ALGAPI
0035         tristate
0036         select CRYPTO_ALGAPI2
0037         help
0038           This option provides the API for cryptographic algorithms.
0039 
0040 config CRYPTO_ALGAPI2
0041         tristate
0042 
0043 config CRYPTO_AEAD
0044         tristate
0045         select CRYPTO_AEAD2
0046         select CRYPTO_ALGAPI
0047 
0048 config CRYPTO_AEAD2
0049         tristate
0050         select CRYPTO_ALGAPI2
0051         select CRYPTO_NULL2
0052         select CRYPTO_RNG2
0053 
0054 config CRYPTO_BLKCIPHER
0055         tristate
0056         select CRYPTO_BLKCIPHER2
0057         select CRYPTO_ALGAPI
0058 
0059 config CRYPTO_BLKCIPHER2
0060         tristate
0061         select CRYPTO_ALGAPI2
0062         select CRYPTO_RNG2
0063         select CRYPTO_WORKQUEUE
0064 
0065 config CRYPTO_HASH
0066         tristate
0067         select CRYPTO_HASH2
0068         select CRYPTO_ALGAPI
0069 
0070 config CRYPTO_HASH2
0071         tristate
0072         select CRYPTO_ALGAPI2
0073 
0074 config CRYPTO_RNG
0075         tristate
0076         select CRYPTO_RNG2
0077         select CRYPTO_ALGAPI
0078 
0079 config CRYPTO_RNG2
0080         tristate
0081         select CRYPTO_ALGAPI2
0082 
0083 config CRYPTO_RNG_DEFAULT
0084         tristate
0085         select CRYPTO_DRBG_MENU
0086 
0087 config CRYPTO_AKCIPHER2
0088         tristate
0089         select CRYPTO_ALGAPI2
0090 
0091 config CRYPTO_AKCIPHER
0092         tristate
0093         select CRYPTO_AKCIPHER2
0094         select CRYPTO_ALGAPI
0095 
0096 config CRYPTO_KPP2
0097         tristate
0098         select CRYPTO_ALGAPI2
0099 
0100 config CRYPTO_KPP
0101         tristate
0102         select CRYPTO_ALGAPI
0103         select CRYPTO_KPP2
0104 
0105 config CRYPTO_ACOMP2
0106         tristate
0107         select CRYPTO_ALGAPI2
0108 
0109 config CRYPTO_ACOMP
0110         tristate
0111         select CRYPTO_ALGAPI
0112         select CRYPTO_ACOMP2
0113 
0114 config CRYPTO_RSA
0115         tristate "RSA algorithm"
0116         select CRYPTO_AKCIPHER
0117         select CRYPTO_MANAGER
0118         select MPILIB
0119         select ASN1
0120         help
0121           Generic implementation of the RSA public key algorithm.
0122 
0123 config CRYPTO_DH
0124         tristate "Diffie-Hellman algorithm"
0125         select CRYPTO_KPP
0126         select MPILIB
0127         help
0128           Generic implementation of the Diffie-Hellman algorithm.
0129 
0130 config CRYPTO_ECDH
0131         tristate "ECDH algorithm"
0132         select CRYTPO_KPP
0133         help
0134           Generic implementation of the ECDH algorithm
0135 
0136 config CRYPTO_MANAGER
0137         tristate "Cryptographic algorithm manager"
0138         select CRYPTO_MANAGER2
0139         help
0140           Create default cryptographic template instantiations such as
0141           cbc(aes).
0142 
0143 config CRYPTO_MANAGER2
0144         def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
0145         select CRYPTO_AEAD2
0146         select CRYPTO_HASH2
0147         select CRYPTO_BLKCIPHER2
0148         select CRYPTO_AKCIPHER2
0149         select CRYPTO_KPP2
0150         select CRYPTO_ACOMP2
0151 
0152 config CRYPTO_USER
0153         tristate "Userspace cryptographic algorithm configuration"
0154         depends on NET
0155         select CRYPTO_MANAGER
0156         help
0157           Userspace configuration for cryptographic instantiations such as
0158           cbc(aes).
0159 
0160 config CRYPTO_MANAGER_DISABLE_TESTS
0161         bool "Disable run-time self tests"
0162         default y
0163         depends on CRYPTO_MANAGER2
0164         help
0165           Disable run-time self tests that normally take place at
0166           algorithm registration.
0167 
0168 config CRYPTO_GF128MUL
0169         tristate "GF(2^128) multiplication functions"
0170         help
0171           Efficient table driven implementation of multiplications in the
0172           field GF(2^128).  This is needed by some cypher modes. This
0173           option will be selected automatically if you select such a
0174           cipher mode.  Only select this option by hand if you expect to load
0175           an external module that requires these functions.
0176 
0177 config CRYPTO_NULL
0178         tristate "Null algorithms"
0179         select CRYPTO_NULL2
0180         help
0181           These are 'Null' algorithms, used by IPsec, which do nothing.
0182 
0183 config CRYPTO_NULL2
0184         tristate
0185         select CRYPTO_ALGAPI2
0186         select CRYPTO_BLKCIPHER2
0187         select CRYPTO_HASH2
0188 
0189 config CRYPTO_PCRYPT
0190         tristate "Parallel crypto engine"
0191         depends on SMP
0192         select PADATA
0193         select CRYPTO_MANAGER
0194         select CRYPTO_AEAD
0195         help
0196           This converts an arbitrary crypto algorithm into a parallel
0197           algorithm that executes in kernel threads.
0198 
0199 config CRYPTO_WORKQUEUE
0200        tristate
0201 
0202 config CRYPTO_CRYPTD
0203         tristate "Software async crypto daemon"
0204         select CRYPTO_BLKCIPHER
0205         select CRYPTO_HASH
0206         select CRYPTO_MANAGER
0207         select CRYPTO_WORKQUEUE
0208         help
0209           This is a generic software asynchronous crypto daemon that
0210           converts an arbitrary synchronous software crypto algorithm
0211           into an asynchronous algorithm that executes in a kernel thread.
0212 
0213 config CRYPTO_MCRYPTD
0214         tristate "Software async multi-buffer crypto daemon"
0215         select CRYPTO_BLKCIPHER
0216         select CRYPTO_HASH
0217         select CRYPTO_MANAGER
0218         select CRYPTO_WORKQUEUE
0219         help
0220           This is a generic software asynchronous crypto daemon that
0221           provides the kernel thread to assist multi-buffer crypto
0222           algorithms for submitting jobs and flushing jobs in multi-buffer
0223           crypto algorithms.  Multi-buffer crypto algorithms are executed
0224           in the context of this kernel thread and drivers can post
0225           their crypto request asynchronously to be processed by this daemon.
0226 
0227 config CRYPTO_AUTHENC
0228         tristate "Authenc support"
0229         select CRYPTO_AEAD
0230         select CRYPTO_BLKCIPHER
0231         select CRYPTO_MANAGER
0232         select CRYPTO_HASH
0233         select CRYPTO_NULL
0234         help
0235           Authenc: Combined mode wrapper for IPsec.
0236           This is required for IPSec.
0237 
0238 config CRYPTO_TEST
0239         tristate "Testing module"
0240         depends on m
0241         select CRYPTO_MANAGER
0242         help
0243           Quick & dirty crypto test module.
0244 
0245 config CRYPTO_ABLK_HELPER
0246         tristate
0247         select CRYPTO_CRYPTD
0248 
0249 config CRYPTO_SIMD
0250         tristate
0251         select CRYPTO_CRYPTD
0252 
0253 config CRYPTO_GLUE_HELPER_X86
0254         tristate
0255         depends on X86
0256         select CRYPTO_BLKCIPHER
0257 
0258 config CRYPTO_ENGINE
0259         tristate
0260 
0261 comment "Authenticated Encryption with Associated Data"
0262 
0263 config CRYPTO_CCM
0264         tristate "CCM support"
0265         select CRYPTO_CTR
0266         select CRYPTO_AEAD
0267         help
0268           Support for Counter with CBC MAC. Required for IPsec.
0269 
0270 config CRYPTO_GCM
0271         tristate "GCM/GMAC support"
0272         select CRYPTO_CTR
0273         select CRYPTO_AEAD
0274         select CRYPTO_GHASH
0275         select CRYPTO_NULL
0276         help
0277           Support for Galois/Counter Mode (GCM) and Galois Message
0278           Authentication Code (GMAC). Required for IPSec.
0279 
0280 config CRYPTO_CHACHA20POLY1305
0281         tristate "ChaCha20-Poly1305 AEAD support"
0282         select CRYPTO_CHACHA20
0283         select CRYPTO_POLY1305
0284         select CRYPTO_AEAD
0285         help
0286           ChaCha20-Poly1305 AEAD support, RFC7539.
0287 
0288           Support for the AEAD wrapper using the ChaCha20 stream cipher combined
0289           with the Poly1305 authenticator. It is defined in RFC7539 for use in
0290           IETF protocols.
0291 
0292 config CRYPTO_SEQIV
0293         tristate "Sequence Number IV Generator"
0294         select CRYPTO_AEAD
0295         select CRYPTO_BLKCIPHER
0296         select CRYPTO_NULL
0297         select CRYPTO_RNG_DEFAULT
0298         help
0299           This IV generator generates an IV based on a sequence number by
0300           xoring it with a salt.  This algorithm is mainly useful for CTR
0301 
0302 config CRYPTO_ECHAINIV
0303         tristate "Encrypted Chain IV Generator"
0304         select CRYPTO_AEAD
0305         select CRYPTO_NULL
0306         select CRYPTO_RNG_DEFAULT
0307         default m
0308         help
0309           This IV generator generates an IV based on the encryption of
0310           a sequence number xored with a salt.  This is the default
0311           algorithm for CBC.
0312 
0313 comment "Block modes"
0314 
0315 config CRYPTO_CBC
0316         tristate "CBC support"
0317         select CRYPTO_BLKCIPHER
0318         select CRYPTO_MANAGER
0319         help
0320           CBC: Cipher Block Chaining mode
0321           This block cipher algorithm is required for IPSec.
0322 
0323 config CRYPTO_CTR
0324         tristate "CTR support"
0325         select CRYPTO_BLKCIPHER
0326         select CRYPTO_SEQIV
0327         select CRYPTO_MANAGER
0328         help
0329           CTR: Counter mode
0330           This block cipher algorithm is required for IPSec.
0331 
0332 config CRYPTO_CTS
0333         tristate "CTS support"
0334         select CRYPTO_BLKCIPHER
0335         help
0336           CTS: Cipher Text Stealing
0337           This is the Cipher Text Stealing mode as described by
0338           Section 8 of rfc2040 and referenced by rfc3962.
0339           (rfc3962 includes errata information in its Appendix A)
0340           This mode is required for Kerberos gss mechanism support
0341           for AES encryption.
0342 
0343 config CRYPTO_ECB
0344         tristate "ECB support"
0345         select CRYPTO_BLKCIPHER
0346         select CRYPTO_MANAGER
0347         help
0348           ECB: Electronic CodeBook mode
0349           This is the simplest block cipher algorithm.  It simply encrypts
0350           the input block by block.
0351 
0352 config CRYPTO_LRW
0353         tristate "LRW support"
0354         select CRYPTO_BLKCIPHER
0355         select CRYPTO_MANAGER
0356         select CRYPTO_GF128MUL
0357         help
0358           LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
0359           narrow block cipher mode for dm-crypt.  Use it with cipher
0360           specification string aes-lrw-benbi, the key must be 256, 320 or 384.
0361           The first 128, 192 or 256 bits in the key are used for AES and the
0362           rest is used to tie each cipher block to its logical position.
0363 
0364 config CRYPTO_PCBC
0365         tristate "PCBC support"
0366         select CRYPTO_BLKCIPHER
0367         select CRYPTO_MANAGER
0368         help
0369           PCBC: Propagating Cipher Block Chaining mode
0370           This block cipher algorithm is required for RxRPC.
0371 
0372 config CRYPTO_XTS
0373         tristate "XTS support"
0374         select CRYPTO_BLKCIPHER
0375         select CRYPTO_MANAGER
0376         select CRYPTO_GF128MUL
0377         help
0378           XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
0379           key size 256, 384 or 512 bits. This implementation currently
0380           can't handle a sectorsize which is not a multiple of 16 bytes.
0381 
0382 config CRYPTO_KEYWRAP
0383         tristate "Key wrapping support"
0384         select CRYPTO_BLKCIPHER
0385         help
0386           Support for key wrapping (NIST SP800-38F / RFC3394) without
0387           padding.
0388 
0389 comment "Hash modes"
0390 
0391 config CRYPTO_CMAC
0392         tristate "CMAC support"
0393         select CRYPTO_HASH
0394         select CRYPTO_MANAGER
0395         help
0396           Cipher-based Message Authentication Code (CMAC) specified by
0397           The National Institute of Standards and Technology (NIST).
0398 
0399           https://tools.ietf.org/html/rfc4493
0400           http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
0401 
0402 config CRYPTO_HMAC
0403         tristate "HMAC support"
0404         select CRYPTO_HASH
0405         select CRYPTO_MANAGER
0406         help
0407           HMAC: Keyed-Hashing for Message Authentication (RFC2104).
0408           This is required for IPSec.
0409 
0410 config CRYPTO_XCBC
0411         tristate "XCBC support"
0412         select CRYPTO_HASH
0413         select CRYPTO_MANAGER
0414         help
0415           XCBC: Keyed-Hashing with encryption algorithm
0416                 http://www.ietf.org/rfc/rfc3566.txt
0417                 http://csrc.nist.gov/encryption/modes/proposedmodes/
0418                  xcbc-mac/xcbc-mac-spec.pdf
0419 
0420 config CRYPTO_VMAC
0421         tristate "VMAC support"
0422         select CRYPTO_HASH
0423         select CRYPTO_MANAGER
0424         help
0425           VMAC is a message authentication algorithm designed for
0426           very high speed on 64-bit architectures.
0427 
0428           See also:
0429           <http://fastcrypto.org/vmac>
0430 
0431 comment "Digest"
0432 
0433 config CRYPTO_CRC32C
0434         tristate "CRC32c CRC algorithm"
0435         select CRYPTO_HASH
0436         select CRC32
0437         help
0438           Castagnoli, et al Cyclic Redundancy-Check Algorithm.  Used
0439           by iSCSI for header and data digests and by others.
0440           See Castagnoli93.  Module will be crc32c.
0441 
0442 config CRYPTO_CRC32C_INTEL
0443         tristate "CRC32c INTEL hardware acceleration"
0444         depends on X86
0445         select CRYPTO_HASH
0446         help
0447           In Intel processor with SSE4.2 supported, the processor will
0448           support CRC32C implementation using hardware accelerated CRC32
0449           instruction. This option will create 'crc32c-intel' module,
0450           which will enable any routine to use the CRC32 instruction to
0451           gain performance compared with software implementation.
0452           Module will be crc32c-intel.
0453 
0454 config CRYPTO_CRC32C_VPMSUM
0455         tristate "CRC32c CRC algorithm (powerpc64)"
0456         depends on PPC64 && ALTIVEC
0457         select CRYPTO_HASH
0458         select CRC32
0459         help
0460           CRC32c algorithm implemented using vector polynomial multiply-sum
0461           (vpmsum) instructions, introduced in POWER8. Enable on POWER8
0462           and newer processors for improved performance.
0463 
0464 
0465 config CRYPTO_CRC32C_SPARC64
0466         tristate "CRC32c CRC algorithm (SPARC64)"
0467         depends on SPARC64
0468         select CRYPTO_HASH
0469         select CRC32
0470         help
0471           CRC32c CRC algorithm implemented using sparc64 crypto instructions,
0472           when available.
0473 
0474 config CRYPTO_CRC32
0475         tristate "CRC32 CRC algorithm"
0476         select CRYPTO_HASH
0477         select CRC32
0478         help
0479           CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
0480           Shash crypto api wrappers to crc32_le function.
0481 
0482 config CRYPTO_CRC32_PCLMUL
0483         tristate "CRC32 PCLMULQDQ hardware acceleration"
0484         depends on X86
0485         select CRYPTO_HASH
0486         select CRC32
0487         help
0488           From Intel Westmere and AMD Bulldozer processor with SSE4.2
0489           and PCLMULQDQ supported, the processor will support
0490           CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
0491           instruction. This option will create 'crc32-plcmul' module,
0492           which will enable any routine to use the CRC-32-IEEE 802.3 checksum
0493           and gain better performance as compared with the table implementation.
0494 
0495 config CRYPTO_CRCT10DIF
0496         tristate "CRCT10DIF algorithm"
0497         select CRYPTO_HASH
0498         help
0499           CRC T10 Data Integrity Field computation is being cast as
0500           a crypto transform.  This allows for faster crc t10 diff
0501           transforms to be used if they are available.
0502 
0503 config CRYPTO_CRCT10DIF_PCLMUL
0504         tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
0505         depends on X86 && 64BIT && CRC_T10DIF
0506         select CRYPTO_HASH
0507         help
0508           For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
0509           CRC T10 DIF PCLMULQDQ computation can be hardware
0510           accelerated PCLMULQDQ instruction. This option will create
0511           'crct10dif-plcmul' module, which is faster when computing the
0512           crct10dif checksum as compared with the generic table implementation.
0513 
0514 config CRYPTO_GHASH
0515         tristate "GHASH digest algorithm"
0516         select CRYPTO_GF128MUL
0517         select CRYPTO_HASH
0518         help
0519           GHASH is message digest algorithm for GCM (Galois/Counter Mode).
0520 
0521 config CRYPTO_POLY1305
0522         tristate "Poly1305 authenticator algorithm"
0523         select CRYPTO_HASH
0524         help
0525           Poly1305 authenticator algorithm, RFC7539.
0526 
0527           Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
0528           It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
0529           in IETF protocols. This is the portable C implementation of Poly1305.
0530 
0531 config CRYPTO_POLY1305_X86_64
0532         tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
0533         depends on X86 && 64BIT
0534         select CRYPTO_POLY1305
0535         help
0536           Poly1305 authenticator algorithm, RFC7539.
0537 
0538           Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
0539           It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
0540           in IETF protocols. This is the x86_64 assembler implementation using SIMD
0541           instructions.
0542 
0543 config CRYPTO_MD4
0544         tristate "MD4 digest algorithm"
0545         select CRYPTO_HASH
0546         help
0547           MD4 message digest algorithm (RFC1320).
0548 
0549 config CRYPTO_MD5
0550         tristate "MD5 digest algorithm"
0551         select CRYPTO_HASH
0552         help
0553           MD5 message digest algorithm (RFC1321).
0554 
0555 config CRYPTO_MD5_OCTEON
0556         tristate "MD5 digest algorithm (OCTEON)"
0557         depends on CPU_CAVIUM_OCTEON
0558         select CRYPTO_MD5
0559         select CRYPTO_HASH
0560         help
0561           MD5 message digest algorithm (RFC1321) implemented
0562           using OCTEON crypto instructions, when available.
0563 
0564 config CRYPTO_MD5_PPC
0565         tristate "MD5 digest algorithm (PPC)"
0566         depends on PPC
0567         select CRYPTO_HASH
0568         help
0569           MD5 message digest algorithm (RFC1321) implemented
0570           in PPC assembler.
0571 
0572 config CRYPTO_MD5_SPARC64
0573         tristate "MD5 digest algorithm (SPARC64)"
0574         depends on SPARC64
0575         select CRYPTO_MD5
0576         select CRYPTO_HASH
0577         help
0578           MD5 message digest algorithm (RFC1321) implemented
0579           using sparc64 crypto instructions, when available.
0580 
0581 config CRYPTO_MICHAEL_MIC
0582         tristate "Michael MIC keyed digest algorithm"
0583         select CRYPTO_HASH
0584         help
0585           Michael MIC is used for message integrity protection in TKIP
0586           (IEEE 802.11i). This algorithm is required for TKIP, but it
0587           should not be used for other purposes because of the weakness
0588           of the algorithm.
0589 
0590 config CRYPTO_RMD128
0591         tristate "RIPEMD-128 digest algorithm"
0592         select CRYPTO_HASH
0593         help
0594           RIPEMD-128 (ISO/IEC 10118-3:2004).
0595 
0596           RIPEMD-128 is a 128-bit cryptographic hash function. It should only
0597           be used as a secure replacement for RIPEMD. For other use cases,
0598           RIPEMD-160 should be used.
0599 
0600           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
0601           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
0602 
0603 config CRYPTO_RMD160
0604         tristate "RIPEMD-160 digest algorithm"
0605         select CRYPTO_HASH
0606         help
0607           RIPEMD-160 (ISO/IEC 10118-3:2004).
0608 
0609           RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
0610           to be used as a secure replacement for the 128-bit hash functions
0611           MD4, MD5 and it's predecessor RIPEMD
0612           (not to be confused with RIPEMD-128).
0613 
0614           It's speed is comparable to SHA1 and there are no known attacks
0615           against RIPEMD-160.
0616 
0617           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
0618           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
0619 
0620 config CRYPTO_RMD256
0621         tristate "RIPEMD-256 digest algorithm"
0622         select CRYPTO_HASH
0623         help
0624           RIPEMD-256 is an optional extension of RIPEMD-128 with a
0625           256 bit hash. It is intended for applications that require
0626           longer hash-results, without needing a larger security level
0627           (than RIPEMD-128).
0628 
0629           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
0630           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
0631 
0632 config CRYPTO_RMD320
0633         tristate "RIPEMD-320 digest algorithm"
0634         select CRYPTO_HASH
0635         help
0636           RIPEMD-320 is an optional extension of RIPEMD-160 with a
0637           320 bit hash. It is intended for applications that require
0638           longer hash-results, without needing a larger security level
0639           (than RIPEMD-160).
0640 
0641           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
0642           See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
0643 
0644 config CRYPTO_SHA1
0645         tristate "SHA1 digest algorithm"
0646         select CRYPTO_HASH
0647         help
0648           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
0649 
0650 config CRYPTO_SHA1_SSSE3
0651         tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
0652         depends on X86 && 64BIT
0653         select CRYPTO_SHA1
0654         select CRYPTO_HASH
0655         help
0656           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
0657           using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
0658           Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
0659           when available.
0660 
0661 config CRYPTO_SHA256_SSSE3
0662         tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
0663         depends on X86 && 64BIT
0664         select CRYPTO_SHA256
0665         select CRYPTO_HASH
0666         help
0667           SHA-256 secure hash standard (DFIPS 180-2) implemented
0668           using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
0669           Extensions version 1 (AVX1), or Advanced Vector Extensions
0670           version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
0671           Instructions) when available.
0672 
0673 config CRYPTO_SHA512_SSSE3
0674         tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
0675         depends on X86 && 64BIT
0676         select CRYPTO_SHA512
0677         select CRYPTO_HASH
0678         help
0679           SHA-512 secure hash standard (DFIPS 180-2) implemented
0680           using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
0681           Extensions version 1 (AVX1), or Advanced Vector Extensions
0682           version 2 (AVX2) instructions, when available.
0683 
0684 config CRYPTO_SHA1_OCTEON
0685         tristate "SHA1 digest algorithm (OCTEON)"
0686         depends on CPU_CAVIUM_OCTEON
0687         select CRYPTO_SHA1
0688         select CRYPTO_HASH
0689         help
0690           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
0691           using OCTEON crypto instructions, when available.
0692 
0693 config CRYPTO_SHA1_SPARC64
0694         tristate "SHA1 digest algorithm (SPARC64)"
0695         depends on SPARC64
0696         select CRYPTO_SHA1
0697         select CRYPTO_HASH
0698         help
0699           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
0700           using sparc64 crypto instructions, when available.
0701 
0702 config CRYPTO_SHA1_PPC
0703         tristate "SHA1 digest algorithm (powerpc)"
0704         depends on PPC
0705         help
0706           This is the powerpc hardware accelerated implementation of the
0707           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
0708 
0709 config CRYPTO_SHA1_PPC_SPE
0710         tristate "SHA1 digest algorithm (PPC SPE)"
0711         depends on PPC && SPE
0712         help
0713           SHA-1 secure hash standard (DFIPS 180-4) implemented
0714           using powerpc SPE SIMD instruction set.
0715 
0716 config CRYPTO_SHA1_MB
0717         tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
0718         depends on X86 && 64BIT
0719         select CRYPTO_SHA1
0720         select CRYPTO_HASH
0721         select CRYPTO_MCRYPTD
0722         help
0723           SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
0724           using multi-buffer technique.  This algorithm computes on
0725           multiple data lanes concurrently with SIMD instructions for
0726           better throughput.  It should not be enabled by default but
0727           used when there is significant amount of work to keep the keep
0728           the data lanes filled to get performance benefit.  If the data
0729           lanes remain unfilled, a flush operation will be initiated to
0730           process the crypto jobs, adding a slight latency.
0731 
0732 config CRYPTO_SHA256_MB
0733         tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
0734         depends on X86 && 64BIT
0735         select CRYPTO_SHA256
0736         select CRYPTO_HASH
0737         select CRYPTO_MCRYPTD
0738         help
0739           SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
0740           using multi-buffer technique.  This algorithm computes on
0741           multiple data lanes concurrently with SIMD instructions for
0742           better throughput.  It should not be enabled by default but
0743           used when there is significant amount of work to keep the keep
0744           the data lanes filled to get performance benefit.  If the data
0745           lanes remain unfilled, a flush operation will be initiated to
0746           process the crypto jobs, adding a slight latency.
0747 
0748 config CRYPTO_SHA512_MB
0749         tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
0750         depends on X86 && 64BIT
0751         select CRYPTO_SHA512
0752         select CRYPTO_HASH
0753         select CRYPTO_MCRYPTD
0754         help
0755           SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
0756           using multi-buffer technique.  This algorithm computes on
0757           multiple data lanes concurrently with SIMD instructions for
0758           better throughput.  It should not be enabled by default but
0759           used when there is significant amount of work to keep the keep
0760           the data lanes filled to get performance benefit.  If the data
0761           lanes remain unfilled, a flush operation will be initiated to
0762           process the crypto jobs, adding a slight latency.
0763 
0764 config CRYPTO_SHA256
0765         tristate "SHA224 and SHA256 digest algorithm"
0766         select CRYPTO_HASH
0767         help
0768           SHA256 secure hash standard (DFIPS 180-2).
0769 
0770           This version of SHA implements a 256 bit hash with 128 bits of
0771           security against collision attacks.
0772 
0773           This code also includes SHA-224, a 224 bit hash with 112 bits
0774           of security against collision attacks.
0775 
0776 config CRYPTO_SHA256_PPC_SPE
0777         tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
0778         depends on PPC && SPE
0779         select CRYPTO_SHA256
0780         select CRYPTO_HASH
0781         help
0782           SHA224 and SHA256 secure hash standard (DFIPS 180-2)
0783           implemented using powerpc SPE SIMD instruction set.
0784 
0785 config CRYPTO_SHA256_OCTEON
0786         tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
0787         depends on CPU_CAVIUM_OCTEON
0788         select CRYPTO_SHA256
0789         select CRYPTO_HASH
0790         help
0791           SHA-256 secure hash standard (DFIPS 180-2) implemented
0792           using OCTEON crypto instructions, when available.
0793 
0794 config CRYPTO_SHA256_SPARC64
0795         tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
0796         depends on SPARC64
0797         select CRYPTO_SHA256
0798         select CRYPTO_HASH
0799         help
0800           SHA-256 secure hash standard (DFIPS 180-2) implemented
0801           using sparc64 crypto instructions, when available.
0802 
0803 config CRYPTO_SHA512
0804         tristate "SHA384 and SHA512 digest algorithms"
0805         select CRYPTO_HASH
0806         help
0807           SHA512 secure hash standard (DFIPS 180-2).
0808 
0809           This version of SHA implements a 512 bit hash with 256 bits of
0810           security against collision attacks.
0811 
0812           This code also includes SHA-384, a 384 bit hash with 192 bits
0813           of security against collision attacks.
0814 
0815 config CRYPTO_SHA512_OCTEON
0816         tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
0817         depends on CPU_CAVIUM_OCTEON
0818         select CRYPTO_SHA512
0819         select CRYPTO_HASH
0820         help
0821           SHA-512 secure hash standard (DFIPS 180-2) implemented
0822           using OCTEON crypto instructions, when available.
0823 
0824 config CRYPTO_SHA512_SPARC64
0825         tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
0826         depends on SPARC64
0827         select CRYPTO_SHA512
0828         select CRYPTO_HASH
0829         help
0830           SHA-512 secure hash standard (DFIPS 180-2) implemented
0831           using sparc64 crypto instructions, when available.
0832 
0833 config CRYPTO_SHA3
0834         tristate "SHA3 digest algorithm"
0835         select CRYPTO_HASH
0836         help
0837           SHA-3 secure hash standard (DFIPS 202). It's based on
0838           cryptographic sponge function family called Keccak.
0839 
0840           References:
0841           http://keccak.noekeon.org/
0842 
0843 config CRYPTO_TGR192
0844         tristate "Tiger digest algorithms"
0845         select CRYPTO_HASH
0846         help
0847           Tiger hash algorithm 192, 160 and 128-bit hashes
0848 
0849           Tiger is a hash function optimized for 64-bit processors while
0850           still having decent performance on 32-bit processors.
0851           Tiger was developed by Ross Anderson and Eli Biham.
0852 
0853           See also:
0854           <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
0855 
0856 config CRYPTO_WP512
0857         tristate "Whirlpool digest algorithms"
0858         select CRYPTO_HASH
0859         help
0860           Whirlpool hash algorithm 512, 384 and 256-bit hashes
0861 
0862           Whirlpool-512 is part of the NESSIE cryptographic primitives.
0863           Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
0864 
0865           See also:
0866           <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
0867 
0868 config CRYPTO_GHASH_CLMUL_NI_INTEL
0869         tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
0870         depends on X86 && 64BIT
0871         select CRYPTO_CRYPTD
0872         help
0873           GHASH is message digest algorithm for GCM (Galois/Counter Mode).
0874           The implementation is accelerated by CLMUL-NI of Intel.
0875 
0876 comment "Ciphers"
0877 
0878 config CRYPTO_AES
0879         tristate "AES cipher algorithms"
0880         select CRYPTO_ALGAPI
0881         help
0882           AES cipher algorithms (FIPS-197). AES uses the Rijndael
0883           algorithm.
0884 
0885           Rijndael appears to be consistently a very good performer in
0886           both hardware and software across a wide range of computing
0887           environments regardless of its use in feedback or non-feedback
0888           modes. Its key setup time is excellent, and its key agility is
0889           good. Rijndael's very low memory requirements make it very well
0890           suited for restricted-space environments, in which it also
0891           demonstrates excellent performance. Rijndael's operations are
0892           among the easiest to defend against power and timing attacks.
0893 
0894           The AES specifies three key sizes: 128, 192 and 256 bits
0895 
0896           See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
0897 
0898 config CRYPTO_AES_586
0899         tristate "AES cipher algorithms (i586)"
0900         depends on (X86 || UML_X86) && !64BIT
0901         select CRYPTO_ALGAPI
0902         select CRYPTO_AES
0903         help
0904           AES cipher algorithms (FIPS-197). AES uses the Rijndael
0905           algorithm.
0906 
0907           Rijndael appears to be consistently a very good performer in
0908           both hardware and software across a wide range of computing
0909           environments regardless of its use in feedback or non-feedback
0910           modes. Its key setup time is excellent, and its key agility is
0911           good. Rijndael's very low memory requirements make it very well
0912           suited for restricted-space environments, in which it also
0913           demonstrates excellent performance. Rijndael's operations are
0914           among the easiest to defend against power and timing attacks.
0915 
0916           The AES specifies three key sizes: 128, 192 and 256 bits
0917 
0918           See <http://csrc.nist.gov/encryption/aes/> for more information.
0919 
0920 config CRYPTO_AES_X86_64
0921         tristate "AES cipher algorithms (x86_64)"
0922         depends on (X86 || UML_X86) && 64BIT
0923         select CRYPTO_ALGAPI
0924         select CRYPTO_AES
0925         help
0926           AES cipher algorithms (FIPS-197). AES uses the Rijndael
0927           algorithm.
0928 
0929           Rijndael appears to be consistently a very good performer in
0930           both hardware and software across a wide range of computing
0931           environments regardless of its use in feedback or non-feedback
0932           modes. Its key setup time is excellent, and its key agility is
0933           good. Rijndael's very low memory requirements make it very well
0934           suited for restricted-space environments, in which it also
0935           demonstrates excellent performance. Rijndael's operations are
0936           among the easiest to defend against power and timing attacks.
0937 
0938           The AES specifies three key sizes: 128, 192 and 256 bits
0939 
0940           See <http://csrc.nist.gov/encryption/aes/> for more information.
0941 
0942 config CRYPTO_AES_NI_INTEL
0943         tristate "AES cipher algorithms (AES-NI)"
0944         depends on X86
0945         select CRYPTO_AEAD
0946         select CRYPTO_AES_X86_64 if 64BIT
0947         select CRYPTO_AES_586 if !64BIT
0948         select CRYPTO_ALGAPI
0949         select CRYPTO_BLKCIPHER
0950         select CRYPTO_GLUE_HELPER_X86 if 64BIT
0951         select CRYPTO_SIMD
0952         help
0953           Use Intel AES-NI instructions for AES algorithm.
0954 
0955           AES cipher algorithms (FIPS-197). AES uses the Rijndael
0956           algorithm.
0957 
0958           Rijndael appears to be consistently a very good performer in
0959           both hardware and software across a wide range of computing
0960           environments regardless of its use in feedback or non-feedback
0961           modes. Its key setup time is excellent, and its key agility is
0962           good. Rijndael's very low memory requirements make it very well
0963           suited for restricted-space environments, in which it also
0964           demonstrates excellent performance. Rijndael's operations are
0965           among the easiest to defend against power and timing attacks.
0966 
0967           The AES specifies three key sizes: 128, 192 and 256 bits
0968 
0969           See <http://csrc.nist.gov/encryption/aes/> for more information.
0970 
0971           In addition to AES cipher algorithm support, the acceleration
0972           for some popular block cipher mode is supported too, including
0973           ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
0974           acceleration for CTR.
0975 
0976 config CRYPTO_AES_SPARC64
0977         tristate "AES cipher algorithms (SPARC64)"
0978         depends on SPARC64
0979         select CRYPTO_CRYPTD
0980         select CRYPTO_ALGAPI
0981         help
0982           Use SPARC64 crypto opcodes for AES algorithm.
0983 
0984           AES cipher algorithms (FIPS-197). AES uses the Rijndael
0985           algorithm.
0986 
0987           Rijndael appears to be consistently a very good performer in
0988           both hardware and software across a wide range of computing
0989           environments regardless of its use in feedback or non-feedback
0990           modes. Its key setup time is excellent, and its key agility is
0991           good. Rijndael's very low memory requirements make it very well
0992           suited for restricted-space environments, in which it also
0993           demonstrates excellent performance. Rijndael's operations are
0994           among the easiest to defend against power and timing attacks.
0995 
0996           The AES specifies three key sizes: 128, 192 and 256 bits
0997 
0998           See <http://csrc.nist.gov/encryption/aes/> for more information.
0999 
1000           In addition to AES cipher algorithm support, the acceleration
1001           for some popular block cipher mode is supported too, including
1002           ECB and CBC.
1003 
1004 config CRYPTO_AES_PPC_SPE
1005         tristate "AES cipher algorithms (PPC SPE)"
1006         depends on PPC && SPE
1007         help
1008           AES cipher algorithms (FIPS-197). Additionally the acceleration
1009           for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1010           This module should only be used for low power (router) devices
1011           without hardware AES acceleration (e.g. caam crypto). It reduces the
1012           size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1013           timining attacks. Nevertheless it might be not as secure as other
1014           architecture specific assembler implementations that work on 1KB
1015           tables or 256 bytes S-boxes.
1016 
1017 config CRYPTO_ANUBIS
1018         tristate "Anubis cipher algorithm"
1019         select CRYPTO_ALGAPI
1020         help
1021           Anubis cipher algorithm.
1022 
1023           Anubis is a variable key length cipher which can use keys from
1024           128 bits to 320 bits in length.  It was evaluated as a entrant
1025           in the NESSIE competition.
1026 
1027           See also:
1028           <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1029           <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
1030 
1031 config CRYPTO_ARC4
1032         tristate "ARC4 cipher algorithm"
1033         select CRYPTO_BLKCIPHER
1034         help
1035           ARC4 cipher algorithm.
1036 
1037           ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1038           bits in length.  This algorithm is required for driver-based
1039           WEP, but it should not be for other purposes because of the
1040           weakness of the algorithm.
1041 
1042 config CRYPTO_BLOWFISH
1043         tristate "Blowfish cipher algorithm"
1044         select CRYPTO_ALGAPI
1045         select CRYPTO_BLOWFISH_COMMON
1046         help
1047           Blowfish cipher algorithm, by Bruce Schneier.
1048 
1049           This is a variable key length cipher which can use keys from 32
1050           bits to 448 bits in length.  It's fast, simple and specifically
1051           designed for use on "large microprocessors".
1052 
1053           See also:
1054           <http://www.schneier.com/blowfish.html>
1055 
1056 config CRYPTO_BLOWFISH_COMMON
1057         tristate
1058         help
1059           Common parts of the Blowfish cipher algorithm shared by the
1060           generic c and the assembler implementations.
1061 
1062           See also:
1063           <http://www.schneier.com/blowfish.html>
1064 
1065 config CRYPTO_BLOWFISH_X86_64
1066         tristate "Blowfish cipher algorithm (x86_64)"
1067         depends on X86 && 64BIT
1068         select CRYPTO_ALGAPI
1069         select CRYPTO_BLOWFISH_COMMON
1070         help
1071           Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1072 
1073           This is a variable key length cipher which can use keys from 32
1074           bits to 448 bits in length.  It's fast, simple and specifically
1075           designed for use on "large microprocessors".
1076 
1077           See also:
1078           <http://www.schneier.com/blowfish.html>
1079 
1080 config CRYPTO_CAMELLIA
1081         tristate "Camellia cipher algorithms"
1082         depends on CRYPTO
1083         select CRYPTO_ALGAPI
1084         help
1085           Camellia cipher algorithms module.
1086 
1087           Camellia is a symmetric key block cipher developed jointly
1088           at NTT and Mitsubishi Electric Corporation.
1089 
1090           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1091 
1092           See also:
1093           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1094 
1095 config CRYPTO_CAMELLIA_X86_64
1096         tristate "Camellia cipher algorithm (x86_64)"
1097         depends on X86 && 64BIT
1098         depends on CRYPTO
1099         select CRYPTO_ALGAPI
1100         select CRYPTO_GLUE_HELPER_X86
1101         select CRYPTO_LRW
1102         select CRYPTO_XTS
1103         help
1104           Camellia cipher algorithm module (x86_64).
1105 
1106           Camellia is a symmetric key block cipher developed jointly
1107           at NTT and Mitsubishi Electric Corporation.
1108 
1109           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1110 
1111           See also:
1112           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1113 
1114 config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1115         tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1116         depends on X86 && 64BIT
1117         depends on CRYPTO
1118         select CRYPTO_ALGAPI
1119         select CRYPTO_CRYPTD
1120         select CRYPTO_ABLK_HELPER
1121         select CRYPTO_GLUE_HELPER_X86
1122         select CRYPTO_CAMELLIA_X86_64
1123         select CRYPTO_LRW
1124         select CRYPTO_XTS
1125         help
1126           Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1127 
1128           Camellia is a symmetric key block cipher developed jointly
1129           at NTT and Mitsubishi Electric Corporation.
1130 
1131           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1132 
1133           See also:
1134           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1135 
1136 config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1137         tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1138         depends on X86 && 64BIT
1139         depends on CRYPTO
1140         select CRYPTO_ALGAPI
1141         select CRYPTO_CRYPTD
1142         select CRYPTO_ABLK_HELPER
1143         select CRYPTO_GLUE_HELPER_X86
1144         select CRYPTO_CAMELLIA_X86_64
1145         select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1146         select CRYPTO_LRW
1147         select CRYPTO_XTS
1148         help
1149           Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1150 
1151           Camellia is a symmetric key block cipher developed jointly
1152           at NTT and Mitsubishi Electric Corporation.
1153 
1154           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1155 
1156           See also:
1157           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1158 
1159 config CRYPTO_CAMELLIA_SPARC64
1160         tristate "Camellia cipher algorithm (SPARC64)"
1161         depends on SPARC64
1162         depends on CRYPTO
1163         select CRYPTO_ALGAPI
1164         help
1165           Camellia cipher algorithm module (SPARC64).
1166 
1167           Camellia is a symmetric key block cipher developed jointly
1168           at NTT and Mitsubishi Electric Corporation.
1169 
1170           The Camellia specifies three key sizes: 128, 192 and 256 bits.
1171 
1172           See also:
1173           <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1174 
1175 config CRYPTO_CAST_COMMON
1176         tristate
1177         help
1178           Common parts of the CAST cipher algorithms shared by the
1179           generic c and the assembler implementations.
1180 
1181 config CRYPTO_CAST5
1182         tristate "CAST5 (CAST-128) cipher algorithm"
1183         select CRYPTO_ALGAPI
1184         select CRYPTO_CAST_COMMON
1185         help
1186           The CAST5 encryption algorithm (synonymous with CAST-128) is
1187           described in RFC2144.
1188 
1189 config CRYPTO_CAST5_AVX_X86_64
1190         tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1191         depends on X86 && 64BIT
1192         select CRYPTO_ALGAPI
1193         select CRYPTO_CRYPTD
1194         select CRYPTO_ABLK_HELPER
1195         select CRYPTO_CAST_COMMON
1196         select CRYPTO_CAST5
1197         help
1198           The CAST5 encryption algorithm (synonymous with CAST-128) is
1199           described in RFC2144.
1200 
1201           This module provides the Cast5 cipher algorithm that processes
1202           sixteen blocks parallel using the AVX instruction set.
1203 
1204 config CRYPTO_CAST6
1205         tristate "CAST6 (CAST-256) cipher algorithm"
1206         select CRYPTO_ALGAPI
1207         select CRYPTO_CAST_COMMON
1208         help
1209           The CAST6 encryption algorithm (synonymous with CAST-256) is
1210           described in RFC2612.
1211 
1212 config CRYPTO_CAST6_AVX_X86_64
1213         tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1214         depends on X86 && 64BIT
1215         select CRYPTO_ALGAPI
1216         select CRYPTO_CRYPTD
1217         select CRYPTO_ABLK_HELPER
1218         select CRYPTO_GLUE_HELPER_X86
1219         select CRYPTO_CAST_COMMON
1220         select CRYPTO_CAST6
1221         select CRYPTO_LRW
1222         select CRYPTO_XTS
1223         help
1224           The CAST6 encryption algorithm (synonymous with CAST-256) is
1225           described in RFC2612.
1226 
1227           This module provides the Cast6 cipher algorithm that processes
1228           eight blocks parallel using the AVX instruction set.
1229 
1230 config CRYPTO_DES
1231         tristate "DES and Triple DES EDE cipher algorithms"
1232         select CRYPTO_ALGAPI
1233         help
1234           DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1235 
1236 config CRYPTO_DES_SPARC64
1237         tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
1238         depends on SPARC64
1239         select CRYPTO_ALGAPI
1240         select CRYPTO_DES
1241         help
1242           DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1243           optimized using SPARC64 crypto opcodes.
1244 
1245 config CRYPTO_DES3_EDE_X86_64
1246         tristate "Triple DES EDE cipher algorithm (x86-64)"
1247         depends on X86 && 64BIT
1248         select CRYPTO_ALGAPI
1249         select CRYPTO_DES
1250         help
1251           Triple DES EDE (FIPS 46-3) algorithm.
1252 
1253           This module provides implementation of the Triple DES EDE cipher
1254           algorithm that is optimized for x86-64 processors. Two versions of
1255           algorithm are provided; regular processing one input block and
1256           one that processes three blocks parallel.
1257 
1258 config CRYPTO_FCRYPT
1259         tristate "FCrypt cipher algorithm"
1260         select CRYPTO_ALGAPI
1261         select CRYPTO_BLKCIPHER
1262         help
1263           FCrypt algorithm used by RxRPC.
1264 
1265 config CRYPTO_KHAZAD
1266         tristate "Khazad cipher algorithm"
1267         select CRYPTO_ALGAPI
1268         help
1269           Khazad cipher algorithm.
1270 
1271           Khazad was a finalist in the initial NESSIE competition.  It is
1272           an algorithm optimized for 64-bit processors with good performance
1273           on 32-bit processors.  Khazad uses an 128 bit key size.
1274 
1275           See also:
1276           <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
1277 
1278 config CRYPTO_SALSA20
1279         tristate "Salsa20 stream cipher algorithm"
1280         select CRYPTO_BLKCIPHER
1281         help
1282           Salsa20 stream cipher algorithm.
1283 
1284           Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1285           Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1286 
1287           The Salsa20 stream cipher algorithm is designed by Daniel J.
1288           Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1289 
1290 config CRYPTO_SALSA20_586
1291         tristate "Salsa20 stream cipher algorithm (i586)"
1292         depends on (X86 || UML_X86) && !64BIT
1293         select CRYPTO_BLKCIPHER
1294         help
1295           Salsa20 stream cipher algorithm.
1296 
1297           Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1298           Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1299 
1300           The Salsa20 stream cipher algorithm is designed by Daniel J.
1301           Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1302 
1303 config CRYPTO_SALSA20_X86_64
1304         tristate "Salsa20 stream cipher algorithm (x86_64)"
1305         depends on (X86 || UML_X86) && 64BIT
1306         select CRYPTO_BLKCIPHER
1307         help
1308           Salsa20 stream cipher algorithm.
1309 
1310           Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1311           Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1312 
1313           The Salsa20 stream cipher algorithm is designed by Daniel J.
1314           Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1315 
1316 config CRYPTO_CHACHA20
1317         tristate "ChaCha20 cipher algorithm"
1318         select CRYPTO_BLKCIPHER
1319         help
1320           ChaCha20 cipher algorithm, RFC7539.
1321 
1322           ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1323           Bernstein and further specified in RFC7539 for use in IETF protocols.
1324           This is the portable C implementation of ChaCha20.
1325 
1326           See also:
1327           <http://cr.yp.to/chacha/chacha-20080128.pdf>
1328 
1329 config CRYPTO_CHACHA20_X86_64
1330         tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
1331         depends on X86 && 64BIT
1332         select CRYPTO_BLKCIPHER
1333         select CRYPTO_CHACHA20
1334         help
1335           ChaCha20 cipher algorithm, RFC7539.
1336 
1337           ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1338           Bernstein and further specified in RFC7539 for use in IETF protocols.
1339           This is the x86_64 assembler implementation using SIMD instructions.
1340 
1341           See also:
1342           <http://cr.yp.to/chacha/chacha-20080128.pdf>
1343 
1344 config CRYPTO_SEED
1345         tristate "SEED cipher algorithm"
1346         select CRYPTO_ALGAPI
1347         help
1348           SEED cipher algorithm (RFC4269).
1349 
1350           SEED is a 128-bit symmetric key block cipher that has been
1351           developed by KISA (Korea Information Security Agency) as a
1352           national standard encryption algorithm of the Republic of Korea.
1353           It is a 16 round block cipher with the key size of 128 bit.
1354 
1355           See also:
1356           <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1357 
1358 config CRYPTO_SERPENT
1359         tristate "Serpent cipher algorithm"
1360         select CRYPTO_ALGAPI
1361         help
1362           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1363 
1364           Keys are allowed to be from 0 to 256 bits in length, in steps
1365           of 8 bits.  Also includes the 'Tnepres' algorithm, a reversed
1366           variant of Serpent for compatibility with old kerneli.org code.
1367 
1368           See also:
1369           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1370 
1371 config CRYPTO_SERPENT_SSE2_X86_64
1372         tristate "Serpent cipher algorithm (x86_64/SSE2)"
1373         depends on X86 && 64BIT
1374         select CRYPTO_ALGAPI
1375         select CRYPTO_CRYPTD
1376         select CRYPTO_ABLK_HELPER
1377         select CRYPTO_GLUE_HELPER_X86
1378         select CRYPTO_SERPENT
1379         select CRYPTO_LRW
1380         select CRYPTO_XTS
1381         help
1382           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1383 
1384           Keys are allowed to be from 0 to 256 bits in length, in steps
1385           of 8 bits.
1386 
1387           This module provides Serpent cipher algorithm that processes eight
1388           blocks parallel using SSE2 instruction set.
1389 
1390           See also:
1391           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1392 
1393 config CRYPTO_SERPENT_SSE2_586
1394         tristate "Serpent cipher algorithm (i586/SSE2)"
1395         depends on X86 && !64BIT
1396         select CRYPTO_ALGAPI
1397         select CRYPTO_CRYPTD
1398         select CRYPTO_ABLK_HELPER
1399         select CRYPTO_GLUE_HELPER_X86
1400         select CRYPTO_SERPENT
1401         select CRYPTO_LRW
1402         select CRYPTO_XTS
1403         help
1404           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1405 
1406           Keys are allowed to be from 0 to 256 bits in length, in steps
1407           of 8 bits.
1408 
1409           This module provides Serpent cipher algorithm that processes four
1410           blocks parallel using SSE2 instruction set.
1411 
1412           See also:
1413           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1414 
1415 config CRYPTO_SERPENT_AVX_X86_64
1416         tristate "Serpent cipher algorithm (x86_64/AVX)"
1417         depends on X86 && 64BIT
1418         select CRYPTO_ALGAPI
1419         select CRYPTO_CRYPTD
1420         select CRYPTO_ABLK_HELPER
1421         select CRYPTO_GLUE_HELPER_X86
1422         select CRYPTO_SERPENT
1423         select CRYPTO_LRW
1424         select CRYPTO_XTS
1425         help
1426           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1427 
1428           Keys are allowed to be from 0 to 256 bits in length, in steps
1429           of 8 bits.
1430 
1431           This module provides the Serpent cipher algorithm that processes
1432           eight blocks parallel using the AVX instruction set.
1433 
1434           See also:
1435           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1436 
1437 config CRYPTO_SERPENT_AVX2_X86_64
1438         tristate "Serpent cipher algorithm (x86_64/AVX2)"
1439         depends on X86 && 64BIT
1440         select CRYPTO_ALGAPI
1441         select CRYPTO_CRYPTD
1442         select CRYPTO_ABLK_HELPER
1443         select CRYPTO_GLUE_HELPER_X86
1444         select CRYPTO_SERPENT
1445         select CRYPTO_SERPENT_AVX_X86_64
1446         select CRYPTO_LRW
1447         select CRYPTO_XTS
1448         help
1449           Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1450 
1451           Keys are allowed to be from 0 to 256 bits in length, in steps
1452           of 8 bits.
1453 
1454           This module provides Serpent cipher algorithm that processes 16
1455           blocks parallel using AVX2 instruction set.
1456 
1457           See also:
1458           <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1459 
1460 config CRYPTO_TEA
1461         tristate "TEA, XTEA and XETA cipher algorithms"
1462         select CRYPTO_ALGAPI
1463         help
1464           TEA cipher algorithm.
1465 
1466           Tiny Encryption Algorithm is a simple cipher that uses
1467           many rounds for security.  It is very fast and uses
1468           little memory.
1469 
1470           Xtendend Tiny Encryption Algorithm is a modification to
1471           the TEA algorithm to address a potential key weakness
1472           in the TEA algorithm.
1473 
1474           Xtendend Encryption Tiny Algorithm is a mis-implementation
1475           of the XTEA algorithm for compatibility purposes.
1476 
1477 config CRYPTO_TWOFISH
1478         tristate "Twofish cipher algorithm"
1479         select CRYPTO_ALGAPI
1480         select CRYPTO_TWOFISH_COMMON
1481         help
1482           Twofish cipher algorithm.
1483 
1484           Twofish was submitted as an AES (Advanced Encryption Standard)
1485           candidate cipher by researchers at CounterPane Systems.  It is a
1486           16 round block cipher supporting key sizes of 128, 192, and 256
1487           bits.
1488 
1489           See also:
1490           <http://www.schneier.com/twofish.html>
1491 
1492 config CRYPTO_TWOFISH_COMMON
1493         tristate
1494         help
1495           Common parts of the Twofish cipher algorithm shared by the
1496           generic c and the assembler implementations.
1497 
1498 config CRYPTO_TWOFISH_586
1499         tristate "Twofish cipher algorithms (i586)"
1500         depends on (X86 || UML_X86) && !64BIT
1501         select CRYPTO_ALGAPI
1502         select CRYPTO_TWOFISH_COMMON
1503         help
1504           Twofish cipher algorithm.
1505 
1506           Twofish was submitted as an AES (Advanced Encryption Standard)
1507           candidate cipher by researchers at CounterPane Systems.  It is a
1508           16 round block cipher supporting key sizes of 128, 192, and 256
1509           bits.
1510 
1511           See also:
1512           <http://www.schneier.com/twofish.html>
1513 
1514 config CRYPTO_TWOFISH_X86_64
1515         tristate "Twofish cipher algorithm (x86_64)"
1516         depends on (X86 || UML_X86) && 64BIT
1517         select CRYPTO_ALGAPI
1518         select CRYPTO_TWOFISH_COMMON
1519         help
1520           Twofish cipher algorithm (x86_64).
1521 
1522           Twofish was submitted as an AES (Advanced Encryption Standard)
1523           candidate cipher by researchers at CounterPane Systems.  It is a
1524           16 round block cipher supporting key sizes of 128, 192, and 256
1525           bits.
1526 
1527           See also:
1528           <http://www.schneier.com/twofish.html>
1529 
1530 config CRYPTO_TWOFISH_X86_64_3WAY
1531         tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1532         depends on X86 && 64BIT
1533         select CRYPTO_ALGAPI
1534         select CRYPTO_TWOFISH_COMMON
1535         select CRYPTO_TWOFISH_X86_64
1536         select CRYPTO_GLUE_HELPER_X86
1537         select CRYPTO_LRW
1538         select CRYPTO_XTS
1539         help
1540           Twofish cipher algorithm (x86_64, 3-way parallel).
1541 
1542           Twofish was submitted as an AES (Advanced Encryption Standard)
1543           candidate cipher by researchers at CounterPane Systems.  It is a
1544           16 round block cipher supporting key sizes of 128, 192, and 256
1545           bits.
1546 
1547           This module provides Twofish cipher algorithm that processes three
1548           blocks parallel, utilizing resources of out-of-order CPUs better.
1549 
1550           See also:
1551           <http://www.schneier.com/twofish.html>
1552 
1553 config CRYPTO_TWOFISH_AVX_X86_64
1554         tristate "Twofish cipher algorithm (x86_64/AVX)"
1555         depends on X86 && 64BIT
1556         select CRYPTO_ALGAPI
1557         select CRYPTO_CRYPTD
1558         select CRYPTO_ABLK_HELPER
1559         select CRYPTO_GLUE_HELPER_X86
1560         select CRYPTO_TWOFISH_COMMON
1561         select CRYPTO_TWOFISH_X86_64
1562         select CRYPTO_TWOFISH_X86_64_3WAY
1563         select CRYPTO_LRW
1564         select CRYPTO_XTS
1565         help
1566           Twofish cipher algorithm (x86_64/AVX).
1567 
1568           Twofish was submitted as an AES (Advanced Encryption Standard)
1569           candidate cipher by researchers at CounterPane Systems.  It is a
1570           16 round block cipher supporting key sizes of 128, 192, and 256
1571           bits.
1572 
1573           This module provides the Twofish cipher algorithm that processes
1574           eight blocks parallel using the AVX Instruction Set.
1575 
1576           See also:
1577           <http://www.schneier.com/twofish.html>
1578 
1579 comment "Compression"
1580 
1581 config CRYPTO_DEFLATE
1582         tristate "Deflate compression algorithm"
1583         select CRYPTO_ALGAPI
1584         select CRYPTO_ACOMP2
1585         select ZLIB_INFLATE
1586         select ZLIB_DEFLATE
1587         help
1588           This is the Deflate algorithm (RFC1951), specified for use in
1589           IPSec with the IPCOMP protocol (RFC3173, RFC2394).
1590 
1591           You will most probably want this if using IPSec.
1592 
1593 config CRYPTO_LZO
1594         tristate "LZO compression algorithm"
1595         select CRYPTO_ALGAPI
1596         select CRYPTO_ACOMP2
1597         select LZO_COMPRESS
1598         select LZO_DECOMPRESS
1599         help
1600           This is the LZO algorithm.
1601 
1602 config CRYPTO_842
1603         tristate "842 compression algorithm"
1604         select CRYPTO_ALGAPI
1605         select CRYPTO_ACOMP2
1606         select 842_COMPRESS
1607         select 842_DECOMPRESS
1608         help
1609           This is the 842 algorithm.
1610 
1611 config CRYPTO_LZ4
1612         tristate "LZ4 compression algorithm"
1613         select CRYPTO_ALGAPI
1614         select CRYPTO_ACOMP2
1615         select LZ4_COMPRESS
1616         select LZ4_DECOMPRESS
1617         help
1618           This is the LZ4 algorithm.
1619 
1620 config CRYPTO_LZ4HC
1621         tristate "LZ4HC compression algorithm"
1622         select CRYPTO_ALGAPI
1623         select CRYPTO_ACOMP2
1624         select LZ4HC_COMPRESS
1625         select LZ4_DECOMPRESS
1626         help
1627           This is the LZ4 high compression mode algorithm.
1628 
1629 comment "Random Number Generation"
1630 
1631 config CRYPTO_ANSI_CPRNG
1632         tristate "Pseudo Random Number Generation for Cryptographic modules"
1633         select CRYPTO_AES
1634         select CRYPTO_RNG
1635         help
1636           This option enables the generic pseudo random number generator
1637           for cryptographic modules.  Uses the Algorithm specified in
1638           ANSI X9.31 A.2.4. Note that this option must be enabled if
1639           CRYPTO_FIPS is selected
1640 
1641 menuconfig CRYPTO_DRBG_MENU
1642         tristate "NIST SP800-90A DRBG"
1643         help
1644           NIST SP800-90A compliant DRBG. In the following submenu, one or
1645           more of the DRBG types must be selected.
1646 
1647 if CRYPTO_DRBG_MENU
1648 
1649 config CRYPTO_DRBG_HMAC
1650         bool
1651         default y
1652         select CRYPTO_HMAC
1653         select CRYPTO_SHA256
1654 
1655 config CRYPTO_DRBG_HASH
1656         bool "Enable Hash DRBG"
1657         select CRYPTO_SHA256
1658         help
1659           Enable the Hash DRBG variant as defined in NIST SP800-90A.
1660 
1661 config CRYPTO_DRBG_CTR
1662         bool "Enable CTR DRBG"
1663         select CRYPTO_AES
1664         depends on CRYPTO_CTR
1665         help
1666           Enable the CTR DRBG variant as defined in NIST SP800-90A.
1667 
1668 config CRYPTO_DRBG
1669         tristate
1670         default CRYPTO_DRBG_MENU
1671         select CRYPTO_RNG
1672         select CRYPTO_JITTERENTROPY
1673 
1674 endif   # if CRYPTO_DRBG_MENU
1675 
1676 config CRYPTO_JITTERENTROPY
1677         tristate "Jitterentropy Non-Deterministic Random Number Generator"
1678         select CRYPTO_RNG
1679         help
1680           The Jitterentropy RNG is a noise that is intended
1681           to provide seed to another RNG. The RNG does not
1682           perform any cryptographic whitening of the generated
1683           random numbers. This Jitterentropy RNG registers with
1684           the kernel crypto API and can be used by any caller.
1685 
1686 config CRYPTO_USER_API
1687         tristate
1688 
1689 config CRYPTO_USER_API_HASH
1690         tristate "User-space interface for hash algorithms"
1691         depends on NET
1692         select CRYPTO_HASH
1693         select CRYPTO_USER_API
1694         help
1695           This option enables the user-spaces interface for hash
1696           algorithms.
1697 
1698 config CRYPTO_USER_API_SKCIPHER
1699         tristate "User-space interface for symmetric key cipher algorithms"
1700         depends on NET
1701         select CRYPTO_BLKCIPHER
1702         select CRYPTO_USER_API
1703         help
1704           This option enables the user-spaces interface for symmetric
1705           key cipher algorithms.
1706 
1707 config CRYPTO_USER_API_RNG
1708         tristate "User-space interface for random number generator algorithms"
1709         depends on NET
1710         select CRYPTO_RNG
1711         select CRYPTO_USER_API
1712         help
1713           This option enables the user-spaces interface for random
1714           number generator algorithms.
1715 
1716 config CRYPTO_USER_API_AEAD
1717         tristate "User-space interface for AEAD cipher algorithms"
1718         depends on NET
1719         select CRYPTO_AEAD
1720         select CRYPTO_USER_API
1721         help
1722           This option enables the user-spaces interface for AEAD
1723           cipher algorithms.
1724 
1725 config CRYPTO_HASH_INFO
1726         bool
1727 
1728 source "drivers/crypto/Kconfig"
1729 source crypto/asymmetric_keys/Kconfig
1730 source certs/Kconfig
1731 
1732 endif   # if CRYPTO