blob: 160f08e721cc05ee4e8b1b4d4ecb556c599d6c36 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001#
Dan Williams685784a2007-07-09 11:56:42 -07002# Generic algorithms support
3#
4config XOR_BLOCKS
5 tristate
6
7#
Dan Williams9bc89cd2007-01-02 11:10:44 -07008# async_tx api: hardware offloaded memory transfer/transform support
9#
10source "crypto/async_tx/Kconfig"
11
12#
Linus Torvalds1da177e2005-04-16 15:20:36 -070013# Cryptographic API Configuration
14#
Jan Engelhardt2e290f42007-05-18 15:11:01 +100015menuconfig CRYPTO
Sebastian Siewiorc3715cb92008-03-30 16:36:09 +080016 tristate "Cryptographic API"
Linus Torvalds1da177e2005-04-16 15:20:36 -070017 help
18 This option provides the core Cryptographic API.
19
Herbert Xucce9e062006-08-21 21:08:13 +100020if CRYPTO
21
Sebastian Siewior584fffc2008-04-05 21:04:48 +080022comment "Crypto core or helper"
23
Neil Hormanccb778e2008-08-05 14:13:08 +080024config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
Herbert Xuf2c89a12014-07-04 22:15:08 +080026 depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
Alec Ari1f696092016-10-04 19:34:30 -030027 depends on (MODULE_SIG || !MODULES)
Neil Hormanccb778e2008-08-05 14:13:08 +080028 help
29 This options enables the fips boot option which is
30 required if you want to system to operate in a FIPS 200
31 certification. You should say no unless you know what
Chuck Ebberte84c5482010-09-03 19:17:49 +080032 this is.
Neil Hormanccb778e2008-08-05 14:13:08 +080033
Herbert Xucce9e062006-08-21 21:08:13 +100034config CRYPTO_ALGAPI
35 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110036 select CRYPTO_ALGAPI2
Herbert Xucce9e062006-08-21 21:08:13 +100037 help
38 This option provides the API for cryptographic algorithms.
39
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110040config CRYPTO_ALGAPI2
41 tristate
42
Herbert Xu1ae97822007-08-30 15:36:14 +080043config CRYPTO_AEAD
44 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110045 select CRYPTO_AEAD2
Herbert Xu1ae97822007-08-30 15:36:14 +080046 select CRYPTO_ALGAPI
47
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110048config CRYPTO_AEAD2
49 tristate
50 select CRYPTO_ALGAPI2
Herbert Xu149a3972015-08-13 17:28:58 +080051 select CRYPTO_NULL2
52 select CRYPTO_RNG2
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110053
Herbert Xu5cde0af2006-08-22 00:07:53 +100054config CRYPTO_BLKCIPHER
55 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110056 select CRYPTO_BLKCIPHER2
Herbert Xu5cde0af2006-08-22 00:07:53 +100057 select CRYPTO_ALGAPI
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110058
59config CRYPTO_BLKCIPHER2
60 tristate
61 select CRYPTO_ALGAPI2
62 select CRYPTO_RNG2
Huang Ying0a2e8212009-02-19 14:44:02 +080063 select CRYPTO_WORKQUEUE
Herbert Xu5cde0af2006-08-22 00:07:53 +100064
Herbert Xu055bcee2006-08-19 22:24:23 +100065config CRYPTO_HASH
66 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110067 select CRYPTO_HASH2
Herbert Xu055bcee2006-08-19 22:24:23 +100068 select CRYPTO_ALGAPI
69
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110070config CRYPTO_HASH2
71 tristate
72 select CRYPTO_ALGAPI2
73
Neil Horman17f0f4a2008-08-14 22:15:52 +100074config CRYPTO_RNG
75 tristate
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110076 select CRYPTO_RNG2
Neil Horman17f0f4a2008-08-14 22:15:52 +100077 select CRYPTO_ALGAPI
78
Herbert Xu6a0fcbb2008-12-10 23:29:44 +110079config CRYPTO_RNG2
80 tristate
81 select CRYPTO_ALGAPI2
82
Herbert Xu401e4232015-06-03 14:49:31 +080083config CRYPTO_RNG_DEFAULT
84 tristate
85 select CRYPTO_DRBG_MENU
86
Tadeusz Struk3c339ab2015-06-16 10:30:55 -070087config CRYPTO_AKCIPHER2
88 tristate
89 select CRYPTO_ALGAPI2
90
91config CRYPTO_AKCIPHER
92 tristate
93 select CRYPTO_AKCIPHER2
94 select CRYPTO_ALGAPI
95
Salvatore Benedetto4e5f2c42016-06-22 17:49:13 +010096config CRYPTO_KPP2
97 tristate
98 select CRYPTO_ALGAPI2
99
100config CRYPTO_KPP
101 tristate
102 select CRYPTO_ALGAPI
103 select CRYPTO_KPP2
104
Giovanni Cabiddu2ebda742016-10-21 13:19:47 +0100105config CRYPTO_ACOMP2
106 tristate
107 select CRYPTO_ALGAPI2
108
109config CRYPTO_ACOMP
110 tristate
111 select CRYPTO_ALGAPI
112 select CRYPTO_ACOMP2
113
Tadeusz Strukcfc2bb32015-06-16 10:31:01 -0700114config CRYPTO_RSA
115 tristate "RSA algorithm"
Tadeusz Struk425e0172015-06-19 10:27:39 -0700116 select CRYPTO_AKCIPHER
Tadeusz Struk58446fe2016-05-04 06:38:46 -0700117 select CRYPTO_MANAGER
Tadeusz Strukcfc2bb32015-06-16 10:31:01 -0700118 select MPILIB
119 select ASN1
120 help
121 Generic implementation of the RSA public key algorithm.
122
Salvatore Benedetto802c7f12016-06-22 17:49:14 +0100123config CRYPTO_DH
124 tristate "Diffie-Hellman algorithm"
125 select CRYPTO_KPP
126 select MPILIB
127 help
128 Generic implementation of the Diffie-Hellman algorithm.
129
Salvatore Benedetto3c4b2392016-06-22 17:49:15 +0100130config CRYPTO_ECDH
131 tristate "ECDH algorithm"
132 select CRYTPO_KPP
133 help
134 Generic implementation of the ECDH algorithm
Salvatore Benedetto802c7f12016-06-22 17:49:14 +0100135
Herbert Xu2b8c19d2006-09-21 11:31:44 +1000136config CRYPTO_MANAGER
137 tristate "Cryptographic algorithm manager"
Herbert Xu6a0fcbb2008-12-10 23:29:44 +1100138 select CRYPTO_MANAGER2
Herbert Xu2b8c19d2006-09-21 11:31:44 +1000139 help
140 Create default cryptographic template instantiations such as
141 cbc(aes).
142
Herbert Xu6a0fcbb2008-12-10 23:29:44 +1100143config CRYPTO_MANAGER2
144 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
145 select CRYPTO_AEAD2
146 select CRYPTO_HASH2
147 select CRYPTO_BLKCIPHER2
Tadeusz Struk946cc462015-06-16 10:31:06 -0700148 select CRYPTO_AKCIPHER2
Salvatore Benedetto4e5f2c42016-06-22 17:49:13 +0100149 select CRYPTO_KPP2
Giovanni Cabiddu2ebda742016-10-21 13:19:47 +0100150 select CRYPTO_ACOMP2
Herbert Xu6a0fcbb2008-12-10 23:29:44 +1100151
Steffen Klasserta38f7902011-09-27 07:23:50 +0200152config CRYPTO_USER
153 tristate "Userspace cryptographic algorithm configuration"
Herbert Xu5db017a2011-11-01 12:12:43 +1100154 depends on NET
Steffen Klasserta38f7902011-09-27 07:23:50 +0200155 select CRYPTO_MANAGER
156 help
Valdis.Kletnieks@vt.edud19978f2011-11-09 01:29:20 -0500157 Userspace configuration for cryptographic instantiations such as
Steffen Klasserta38f7902011-09-27 07:23:50 +0200158 cbc(aes).
159
Herbert Xu326a6342010-08-06 09:40:28 +0800160config CRYPTO_MANAGER_DISABLE_TESTS
161 bool "Disable run-time self tests"
Herbert Xu00ca28a2010-08-06 10:34:00 +0800162 default y
163 depends on CRYPTO_MANAGER2
Alexander Shishkin0b767f92010-06-03 20:53:43 +1000164 help
Herbert Xu326a6342010-08-06 09:40:28 +0800165 Disable run-time self tests that normally take place at
166 algorithm registration.
Alexander Shishkin0b767f92010-06-03 20:53:43 +1000167
Rik Snelc494e072006-11-29 18:59:44 +1100168config CRYPTO_GF128MUL
Jussi Kivilinna08c70fc2011-12-13 12:53:22 +0200169 tristate "GF(2^128) multiplication functions"
Rik Snelc494e072006-11-29 18:59:44 +1100170 help
171 Efficient table driven implementation of multiplications in the
172 field GF(2^128). This is needed by some cypher modes. This
173 option will be selected automatically if you select such a
174 cipher mode. Only select this option by hand if you expect to load
175 an external module that requires these functions.
176
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800177config CRYPTO_NULL
178 tristate "Null algorithms"
Herbert Xu149a3972015-08-13 17:28:58 +0800179 select CRYPTO_NULL2
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800180 help
181 These are 'Null' algorithms, used by IPsec, which do nothing.
182
Herbert Xu149a3972015-08-13 17:28:58 +0800183config CRYPTO_NULL2
Herbert Xudd43c4e2015-08-17 20:39:40 +0800184 tristate
Herbert Xu149a3972015-08-13 17:28:58 +0800185 select CRYPTO_ALGAPI2
186 select CRYPTO_BLKCIPHER2
187 select CRYPTO_HASH2
188
Steffen Klassert5068c7a2010-01-07 15:57:19 +1100189config CRYPTO_PCRYPT
Kees Cook3b4afaf2012-10-02 11:16:49 -0700190 tristate "Parallel crypto engine"
191 depends on SMP
Steffen Klassert5068c7a2010-01-07 15:57:19 +1100192 select PADATA
193 select CRYPTO_MANAGER
194 select CRYPTO_AEAD
195 help
196 This converts an arbitrary crypto algorithm into a parallel
197 algorithm that executes in kernel threads.
198
Huang Ying25c38d32009-02-19 14:33:40 +0800199config CRYPTO_WORKQUEUE
200 tristate
201
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800202config CRYPTO_CRYPTD
203 tristate "Software async crypto daemon"
Herbert Xudb131ef2006-09-21 11:44:08 +1000204 select CRYPTO_BLKCIPHER
Loc Hob8a28252008-05-14 21:23:00 +0800205 select CRYPTO_HASH
Herbert Xu43518402006-10-16 21:28:58 +1000206 select CRYPTO_MANAGER
Huang Ying254eff72009-02-19 14:42:19 +0800207 select CRYPTO_WORKQUEUE
Herbert Xudb131ef2006-09-21 11:44:08 +1000208 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800209 This is a generic software asynchronous crypto daemon that
210 converts an arbitrary synchronous software crypto algorithm
211 into an asynchronous algorithm that executes in a kernel thread.
212
Tim Chen1e65b812014-07-31 10:29:51 -0700213config CRYPTO_MCRYPTD
214 tristate "Software async multi-buffer crypto daemon"
215 select CRYPTO_BLKCIPHER
216 select CRYPTO_HASH
217 select CRYPTO_MANAGER
218 select CRYPTO_WORKQUEUE
219 help
220 This is a generic software asynchronous crypto daemon that
221 provides the kernel thread to assist multi-buffer crypto
222 algorithms for submitting jobs and flushing jobs in multi-buffer
223 crypto algorithms. Multi-buffer crypto algorithms are executed
224 in the context of this kernel thread and drivers can post
Ted Percival0e566732014-09-04 15:18:21 +0800225 their crypto request asynchronously to be processed by this daemon.
Tim Chen1e65b812014-07-31 10:29:51 -0700226
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800227config CRYPTO_AUTHENC
228 tristate "Authenc support"
229 select CRYPTO_AEAD
230 select CRYPTO_BLKCIPHER
231 select CRYPTO_MANAGER
232 select CRYPTO_HASH
Herbert Xue94c6a72015-08-04 21:23:14 +0800233 select CRYPTO_NULL
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800234 help
235 Authenc: Combined mode wrapper for IPsec.
236 This is required for IPSec.
237
238config CRYPTO_TEST
239 tristate "Testing module"
240 depends on m
Herbert Xuda7f0332008-07-31 17:08:25 +0800241 select CRYPTO_MANAGER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800242 help
243 Quick & dirty crypto test module.
244
Ard Biesheuvela62b01c2013-09-20 09:55:40 +0200245config CRYPTO_ABLK_HELPER
Jussi Kivilinnaffaf9152012-06-18 14:06:58 +0300246 tristate
Jussi Kivilinnaffaf9152012-06-18 14:06:58 +0300247 select CRYPTO_CRYPTD
248
Herbert Xu266d0512016-11-22 20:08:25 +0800249config CRYPTO_SIMD
250 tristate
251 select CRYPTO_CRYPTD
252
Jussi Kivilinna596d8752012-06-18 14:07:19 +0300253config CRYPTO_GLUE_HELPER_X86
254 tristate
255 depends on X86
Herbert Xu065ce322016-11-22 20:08:29 +0800256 select CRYPTO_BLKCIPHER
Jussi Kivilinna596d8752012-06-18 14:07:19 +0300257
Baolin Wang735d37b2016-01-26 20:25:39 +0800258config CRYPTO_ENGINE
259 tristate
260
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800261comment "Authenticated Encryption with Associated Data"
262
263config CRYPTO_CCM
264 tristate "CCM support"
265 select CRYPTO_CTR
266 select CRYPTO_AEAD
267 help
268 Support for Counter with CBC MAC. Required for IPsec.
269
270config CRYPTO_GCM
271 tristate "GCM/GMAC support"
272 select CRYPTO_CTR
273 select CRYPTO_AEAD
Huang Ying9382d972009-08-06 15:34:26 +1000274 select CRYPTO_GHASH
Jussi Kivilinna9489667d2013-04-07 16:43:41 +0300275 select CRYPTO_NULL
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800276 help
277 Support for Galois/Counter Mode (GCM) and Galois Message
278 Authentication Code (GMAC). Required for IPSec.
279
Martin Willi71ebc4d2015-06-01 13:44:00 +0200280config CRYPTO_CHACHA20POLY1305
281 tristate "ChaCha20-Poly1305 AEAD support"
282 select CRYPTO_CHACHA20
283 select CRYPTO_POLY1305
284 select CRYPTO_AEAD
285 help
286 ChaCha20-Poly1305 AEAD support, RFC7539.
287
288 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
289 with the Poly1305 authenticator. It is defined in RFC7539 for use in
290 IETF protocols.
291
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800292config CRYPTO_SEQIV
293 tristate "Sequence Number IV Generator"
294 select CRYPTO_AEAD
295 select CRYPTO_BLKCIPHER
Herbert Xu856e3f402015-05-21 15:11:13 +0800296 select CRYPTO_NULL
Herbert Xu401e4232015-06-03 14:49:31 +0800297 select CRYPTO_RNG_DEFAULT
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800298 help
299 This IV generator generates an IV based on a sequence number by
300 xoring it with a salt. This algorithm is mainly useful for CTR
301
Herbert Xua10f5542015-05-21 15:11:15 +0800302config CRYPTO_ECHAINIV
303 tristate "Encrypted Chain IV Generator"
304 select CRYPTO_AEAD
305 select CRYPTO_NULL
Herbert Xu401e4232015-06-03 14:49:31 +0800306 select CRYPTO_RNG_DEFAULT
Herbert Xu34912442015-06-03 14:49:29 +0800307 default m
Herbert Xua10f5542015-05-21 15:11:15 +0800308 help
309 This IV generator generates an IV based on the encryption of
310 a sequence number xored with a salt. This is the default
311 algorithm for CBC.
312
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800313comment "Block modes"
Herbert Xudb131ef2006-09-21 11:44:08 +1000314
315config CRYPTO_CBC
316 tristate "CBC support"
317 select CRYPTO_BLKCIPHER
Herbert Xu43518402006-10-16 21:28:58 +1000318 select CRYPTO_MANAGER
Herbert Xudb131ef2006-09-21 11:44:08 +1000319 help
320 CBC: Cipher Block Chaining mode
321 This block cipher algorithm is required for IPSec.
322
Joy Latten23e353c2007-10-23 08:50:32 +0800323config CRYPTO_CTR
324 tristate "CTR support"
325 select CRYPTO_BLKCIPHER
Herbert Xu0a270322007-11-30 21:38:37 +1100326 select CRYPTO_SEQIV
Joy Latten23e353c2007-10-23 08:50:32 +0800327 select CRYPTO_MANAGER
Joy Latten23e353c2007-10-23 08:50:32 +0800328 help
329 CTR: Counter mode
330 This block cipher algorithm is required for IPSec.
331
Kevin Coffman76cb9522008-03-24 21:26:16 +0800332config CRYPTO_CTS
333 tristate "CTS support"
334 select CRYPTO_BLKCIPHER
335 help
336 CTS: Cipher Text Stealing
337 This is the Cipher Text Stealing mode as described by
338 Section 8 of rfc2040 and referenced by rfc3962.
339 (rfc3962 includes errata information in its Appendix A)
340 This mode is required for Kerberos gss mechanism support
341 for AES encryption.
342
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800343config CRYPTO_ECB
344 tristate "ECB support"
Herbert Xu653ebd9c2007-11-27 19:48:27 +0800345 select CRYPTO_BLKCIPHER
Herbert Xu124b53d2007-04-16 20:49:20 +1000346 select CRYPTO_MANAGER
347 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800348 ECB: Electronic CodeBook mode
349 This is the simplest block cipher algorithm. It simply encrypts
350 the input block by block.
Herbert Xu124b53d2007-04-16 20:49:20 +1000351
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800352config CRYPTO_LRW
Jussi Kivilinna2470a2b2011-12-13 12:52:51 +0200353 tristate "LRW support"
David Howells90831632006-12-16 12:13:14 +1100354 select CRYPTO_BLKCIPHER
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800355 select CRYPTO_MANAGER
356 select CRYPTO_GF128MUL
David Howells90831632006-12-16 12:13:14 +1100357 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800358 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
359 narrow block cipher mode for dm-crypt. Use it with cipher
360 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
361 The first 128, 192 or 256 bits in the key are used for AES and the
362 rest is used to tie each cipher block to its logical position.
David Howells90831632006-12-16 12:13:14 +1100363
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800364config CRYPTO_PCBC
365 tristate "PCBC support"
366 select CRYPTO_BLKCIPHER
367 select CRYPTO_MANAGER
368 help
369 PCBC: Propagating Cipher Block Chaining mode
370 This block cipher algorithm is required for RxRPC.
371
372config CRYPTO_XTS
Jussi Kivilinna5bcf8e62011-12-13 12:52:56 +0200373 tristate "XTS support"
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800374 select CRYPTO_BLKCIPHER
375 select CRYPTO_MANAGER
376 select CRYPTO_GF128MUL
377 help
378 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
379 key size 256, 384 or 512 bits. This implementation currently
380 can't handle a sectorsize which is not a multiple of 16 bytes.
381
Stephan Mueller1c49678e2015-09-21 20:58:56 +0200382config CRYPTO_KEYWRAP
383 tristate "Key wrapping support"
384 select CRYPTO_BLKCIPHER
385 help
386 Support for key wrapping (NIST SP800-38F / RFC3394) without
387 padding.
388
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800389comment "Hash modes"
390
Jussi Kivilinna93b5e862013-04-08 10:48:44 +0300391config CRYPTO_CMAC
392 tristate "CMAC support"
393 select CRYPTO_HASH
394 select CRYPTO_MANAGER
395 help
396 Cipher-based Message Authentication Code (CMAC) specified by
397 The National Institute of Standards and Technology (NIST).
398
399 https://tools.ietf.org/html/rfc4493
400 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
401
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800402config CRYPTO_HMAC
403 tristate "HMAC support"
404 select CRYPTO_HASH
405 select CRYPTO_MANAGER
406 help
407 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
408 This is required for IPSec.
409
410config CRYPTO_XCBC
411 tristate "XCBC support"
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800412 select CRYPTO_HASH
413 select CRYPTO_MANAGER
414 help
415 XCBC: Keyed-Hashing with encryption algorithm
416 http://www.ietf.org/rfc/rfc3566.txt
417 http://csrc.nist.gov/encryption/modes/proposedmodes/
418 xcbc-mac/xcbc-mac-spec.pdf
419
Shane Wangf1939f72009-09-02 20:05:22 +1000420config CRYPTO_VMAC
421 tristate "VMAC support"
Shane Wangf1939f72009-09-02 20:05:22 +1000422 select CRYPTO_HASH
423 select CRYPTO_MANAGER
424 help
425 VMAC is a message authentication algorithm designed for
426 very high speed on 64-bit architectures.
427
428 See also:
429 <http://fastcrypto.org/vmac>
430
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800431comment "Digest"
432
433config CRYPTO_CRC32C
434 tristate "CRC32c CRC algorithm"
Herbert Xu5773a3e2008-07-08 20:54:28 +0800435 select CRYPTO_HASH
Darrick J. Wong6a0962b2012-03-23 15:02:25 -0700436 select CRC32
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800437 help
438 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
439 by iSCSI for header and data digests and by others.
Herbert Xu69c35ef2008-11-07 15:11:47 +0800440 See Castagnoli93. Module will be crc32c.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800441
Austin Zhang8cb51ba2008-08-07 09:57:03 +0800442config CRYPTO_CRC32C_INTEL
443 tristate "CRC32c INTEL hardware acceleration"
444 depends on X86
445 select CRYPTO_HASH
446 help
447 In Intel processor with SSE4.2 supported, the processor will
448 support CRC32C implementation using hardware accelerated CRC32
449 instruction. This option will create 'crc32c-intel' module,
450 which will enable any routine to use the CRC32 instruction to
451 gain performance compared with software implementation.
452 Module will be crc32c-intel.
453
Jean Delvare7cf31862016-11-22 10:32:44 +0100454config CRYPTO_CRC32C_VPMSUM
Anton Blanchard6dd7a822016-07-01 08:19:45 +1000455 tristate "CRC32c CRC algorithm (powerpc64)"
Michael Ellermanc12abf32016-08-09 08:46:15 +1000456 depends on PPC64 && ALTIVEC
Anton Blanchard6dd7a822016-07-01 08:19:45 +1000457 select CRYPTO_HASH
458 select CRC32
459 help
460 CRC32c algorithm implemented using vector polynomial multiply-sum
461 (vpmsum) instructions, introduced in POWER8. Enable on POWER8
462 and newer processors for improved performance.
463
464
David S. Miller442a7c42012-08-22 20:47:36 -0700465config CRYPTO_CRC32C_SPARC64
466 tristate "CRC32c CRC algorithm (SPARC64)"
467 depends on SPARC64
468 select CRYPTO_HASH
469 select CRC32
470 help
471 CRC32c CRC algorithm implemented using sparc64 crypto instructions,
472 when available.
473
Alexander Boyko78c37d12013-01-10 18:54:59 +0400474config CRYPTO_CRC32
475 tristate "CRC32 CRC algorithm"
476 select CRYPTO_HASH
477 select CRC32
478 help
479 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
480 Shash crypto api wrappers to crc32_le function.
481
482config CRYPTO_CRC32_PCLMUL
483 tristate "CRC32 PCLMULQDQ hardware acceleration"
484 depends on X86
485 select CRYPTO_HASH
486 select CRC32
487 help
488 From Intel Westmere and AMD Bulldozer processor with SSE4.2
489 and PCLMULQDQ supported, the processor will support
490 CRC32 PCLMULQDQ implementation using hardware accelerated PCLMULQDQ
491 instruction. This option will create 'crc32-plcmul' module,
492 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
493 and gain better performance as compared with the table implementation.
494
Herbert Xu684115212013-09-07 12:56:26 +1000495config CRYPTO_CRCT10DIF
496 tristate "CRCT10DIF algorithm"
497 select CRYPTO_HASH
498 help
499 CRC T10 Data Integrity Field computation is being cast as
500 a crypto transform. This allows for faster crc t10 diff
501 transforms to be used if they are available.
502
503config CRYPTO_CRCT10DIF_PCLMUL
504 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
505 depends on X86 && 64BIT && CRC_T10DIF
506 select CRYPTO_HASH
507 help
508 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
509 CRC T10 DIF PCLMULQDQ computation can be hardware
510 accelerated PCLMULQDQ instruction. This option will create
511 'crct10dif-plcmul' module, which is faster when computing the
512 crct10dif checksum as compared with the generic table implementation.
513
Huang Ying2cdc6892009-08-06 15:32:38 +1000514config CRYPTO_GHASH
515 tristate "GHASH digest algorithm"
Huang Ying2cdc6892009-08-06 15:32:38 +1000516 select CRYPTO_GF128MUL
Arnd Bergmann578c60f2016-01-25 17:51:21 +0100517 select CRYPTO_HASH
Huang Ying2cdc6892009-08-06 15:32:38 +1000518 help
519 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
520
Martin Willif979e012015-06-01 13:43:58 +0200521config CRYPTO_POLY1305
522 tristate "Poly1305 authenticator algorithm"
Arnd Bergmann578c60f2016-01-25 17:51:21 +0100523 select CRYPTO_HASH
Martin Willif979e012015-06-01 13:43:58 +0200524 help
525 Poly1305 authenticator algorithm, RFC7539.
526
527 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
528 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
529 in IETF protocols. This is the portable C implementation of Poly1305.
530
Martin Willic70f4ab2015-07-16 19:14:06 +0200531config CRYPTO_POLY1305_X86_64
Martin Willib1ccc8f2015-07-16 19:14:08 +0200532 tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
Martin Willic70f4ab2015-07-16 19:14:06 +0200533 depends on X86 && 64BIT
534 select CRYPTO_POLY1305
535 help
536 Poly1305 authenticator algorithm, RFC7539.
537
538 Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
539 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
540 in IETF protocols. This is the x86_64 assembler implementation using SIMD
541 instructions.
542
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800543config CRYPTO_MD4
544 tristate "MD4 digest algorithm"
Adrian-Ken Rueegsegger808a1762008-12-03 19:55:27 +0800545 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700546 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800547 MD4 message digest algorithm (RFC1320).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700548
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800549config CRYPTO_MD5
550 tristate "MD5 digest algorithm"
Adrian-Ken Rueegsegger14b75ba2008-12-03 19:57:12 +0800551 select CRYPTO_HASH
Linus Torvalds1da177e2005-04-16 15:20:36 -0700552 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800553 MD5 message digest algorithm (RFC1321).
Linus Torvalds1da177e2005-04-16 15:20:36 -0700554
Aaro Koskinend69e75d2014-12-21 22:54:02 +0200555config CRYPTO_MD5_OCTEON
556 tristate "MD5 digest algorithm (OCTEON)"
557 depends on CPU_CAVIUM_OCTEON
558 select CRYPTO_MD5
559 select CRYPTO_HASH
560 help
561 MD5 message digest algorithm (RFC1321) implemented
562 using OCTEON crypto instructions, when available.
563
Markus Stockhausene8e59952015-03-01 19:30:46 +0100564config CRYPTO_MD5_PPC
565 tristate "MD5 digest algorithm (PPC)"
566 depends on PPC
567 select CRYPTO_HASH
568 help
569 MD5 message digest algorithm (RFC1321) implemented
570 in PPC assembler.
571
David S. Millerfa4dfed2012-08-19 21:51:26 -0700572config CRYPTO_MD5_SPARC64
573 tristate "MD5 digest algorithm (SPARC64)"
574 depends on SPARC64
575 select CRYPTO_MD5
576 select CRYPTO_HASH
577 help
578 MD5 message digest algorithm (RFC1321) implemented
579 using sparc64 crypto instructions, when available.
580
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800581config CRYPTO_MICHAEL_MIC
582 tristate "Michael MIC keyed digest algorithm"
Adrian-Ken Rueegsegger19e2bf12008-12-07 19:35:38 +0800583 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800584 help
585 Michael MIC is used for message integrity protection in TKIP
586 (IEEE 802.11i). This algorithm is required for TKIP, but it
587 should not be used for other purposes because of the weakness
588 of the algorithm.
589
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800590config CRYPTO_RMD128
Adrian Bunkb6d44342008-07-16 19:28:00 +0800591 tristate "RIPEMD-128 digest algorithm"
Herbert Xu7c4468b2008-11-08 09:10:40 +0800592 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800593 help
594 RIPEMD-128 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800595
Adrian Bunkb6d44342008-07-16 19:28:00 +0800596 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
Michael Witten35ed4b32011-07-09 04:02:31 +0000597 be used as a secure replacement for RIPEMD. For other use cases,
Adrian Bunkb6d44342008-07-16 19:28:00 +0800598 RIPEMD-160 should be used.
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800599
Adrian Bunkb6d44342008-07-16 19:28:00 +0800600 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800601 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800602
603config CRYPTO_RMD160
Adrian Bunkb6d44342008-07-16 19:28:00 +0800604 tristate "RIPEMD-160 digest algorithm"
Herbert Xue5835fb2008-11-08 09:18:51 +0800605 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800606 help
607 RIPEMD-160 (ISO/IEC 10118-3:2004).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800608
Adrian Bunkb6d44342008-07-16 19:28:00 +0800609 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
610 to be used as a secure replacement for the 128-bit hash functions
611 MD4, MD5 and it's predecessor RIPEMD
612 (not to be confused with RIPEMD-128).
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800613
Adrian Bunkb6d44342008-07-16 19:28:00 +0800614 It's speed is comparable to SHA1 and there are no known attacks
615 against RIPEMD-160.
Adrian-Ken Rueegsegger534fe2c12008-05-09 21:30:27 +0800616
Adrian Bunkb6d44342008-07-16 19:28:00 +0800617 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800618 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c12008-05-09 21:30:27 +0800619
620config CRYPTO_RMD256
Adrian Bunkb6d44342008-07-16 19:28:00 +0800621 tristate "RIPEMD-256 digest algorithm"
Herbert Xud8a5e2e2008-11-08 09:58:10 +0800622 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800623 help
624 RIPEMD-256 is an optional extension of RIPEMD-128 with a
625 256 bit hash. It is intended for applications that require
626 longer hash-results, without needing a larger security level
627 (than RIPEMD-128).
Adrian-Ken Rueegsegger534fe2c12008-05-09 21:30:27 +0800628
Adrian Bunkb6d44342008-07-16 19:28:00 +0800629 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800630 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger534fe2c12008-05-09 21:30:27 +0800631
632config CRYPTO_RMD320
Adrian Bunkb6d44342008-07-16 19:28:00 +0800633 tristate "RIPEMD-320 digest algorithm"
Herbert Xu3b8efb42008-11-08 10:11:09 +0800634 select CRYPTO_HASH
Adrian Bunkb6d44342008-07-16 19:28:00 +0800635 help
636 RIPEMD-320 is an optional extension of RIPEMD-160 with a
637 320 bit hash. It is intended for applications that require
638 longer hash-results, without needing a larger security level
639 (than RIPEMD-160).
Adrian-Ken Rueegsegger534fe2c12008-05-09 21:30:27 +0800640
Adrian Bunkb6d44342008-07-16 19:28:00 +0800641 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800642 See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
Adrian-Ken Rueegsegger82798f92008-05-07 22:17:37 +0800643
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800644config CRYPTO_SHA1
645 tristate "SHA1 digest algorithm"
Adrian-Ken Rueegsegger54ccb362008-12-02 21:08:20 +0800646 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800647 help
648 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
649
Mathias Krause66be8952011-08-04 20:19:25 +0200650config CRYPTO_SHA1_SSSE3
time38b6b7f2015-09-10 15:27:26 -0700651 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
Mathias Krause66be8952011-08-04 20:19:25 +0200652 depends on X86 && 64BIT
653 select CRYPTO_SHA1
654 select CRYPTO_HASH
655 help
656 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
657 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
time38b6b7f2015-09-10 15:27:26 -0700658 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
659 when available.
Mathias Krause66be8952011-08-04 20:19:25 +0200660
Tim Chen8275d1a2013-03-26 13:59:17 -0700661config CRYPTO_SHA256_SSSE3
time38b6b7f2015-09-10 15:27:26 -0700662 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
Tim Chen8275d1a2013-03-26 13:59:17 -0700663 depends on X86 && 64BIT
664 select CRYPTO_SHA256
665 select CRYPTO_HASH
666 help
667 SHA-256 secure hash standard (DFIPS 180-2) implemented
668 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
669 Extensions version 1 (AVX1), or Advanced Vector Extensions
time38b6b7f2015-09-10 15:27:26 -0700670 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
671 Instructions) when available.
Tim Chen8275d1a2013-03-26 13:59:17 -0700672
Tim Chen87de4572013-03-26 14:00:02 -0700673config CRYPTO_SHA512_SSSE3
674 tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
675 depends on X86 && 64BIT
676 select CRYPTO_SHA512
677 select CRYPTO_HASH
678 help
679 SHA-512 secure hash standard (DFIPS 180-2) implemented
680 using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
681 Extensions version 1 (AVX1), or Advanced Vector Extensions
682 version 2 (AVX2) instructions, when available.
683
Aaro Koskinenefdb6f62015-03-08 22:07:47 +0200684config CRYPTO_SHA1_OCTEON
685 tristate "SHA1 digest algorithm (OCTEON)"
686 depends on CPU_CAVIUM_OCTEON
687 select CRYPTO_SHA1
688 select CRYPTO_HASH
689 help
690 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
691 using OCTEON crypto instructions, when available.
692
David S. Miller4ff28d42012-08-19 15:41:53 -0700693config CRYPTO_SHA1_SPARC64
694 tristate "SHA1 digest algorithm (SPARC64)"
695 depends on SPARC64
696 select CRYPTO_SHA1
697 select CRYPTO_HASH
698 help
699 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
700 using sparc64 crypto instructions, when available.
701
Michael Ellerman323a6bf2012-09-13 23:00:49 +0000702config CRYPTO_SHA1_PPC
703 tristate "SHA1 digest algorithm (powerpc)"
704 depends on PPC
705 help
706 This is the powerpc hardware accelerated implementation of the
707 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
708
Markus Stockhausend9850fc2015-02-24 20:36:50 +0100709config CRYPTO_SHA1_PPC_SPE
710 tristate "SHA1 digest algorithm (PPC SPE)"
711 depends on PPC && SPE
712 help
713 SHA-1 secure hash standard (DFIPS 180-4) implemented
714 using powerpc SPE SIMD instruction set.
715
Tim Chen1e65b812014-07-31 10:29:51 -0700716config CRYPTO_SHA1_MB
717 tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
718 depends on X86 && 64BIT
719 select CRYPTO_SHA1
720 select CRYPTO_HASH
721 select CRYPTO_MCRYPTD
722 help
723 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
724 using multi-buffer technique. This algorithm computes on
725 multiple data lanes concurrently with SIMD instructions for
726 better throughput. It should not be enabled by default but
727 used when there is significant amount of work to keep the keep
728 the data lanes filled to get performance benefit. If the data
729 lanes remain unfilled, a flush operation will be initiated to
730 process the crypto jobs, adding a slight latency.
731
Megha Dey9be7e242016-06-23 18:40:43 -0700732config CRYPTO_SHA256_MB
733 tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
734 depends on X86 && 64BIT
735 select CRYPTO_SHA256
736 select CRYPTO_HASH
737 select CRYPTO_MCRYPTD
738 help
739 SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
740 using multi-buffer technique. This algorithm computes on
741 multiple data lanes concurrently with SIMD instructions for
742 better throughput. It should not be enabled by default but
743 used when there is significant amount of work to keep the keep
744 the data lanes filled to get performance benefit. If the data
745 lanes remain unfilled, a flush operation will be initiated to
746 process the crypto jobs, adding a slight latency.
747
Megha Dey026bb8a2016-06-27 10:20:05 -0700748config CRYPTO_SHA512_MB
749 tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
750 depends on X86 && 64BIT
751 select CRYPTO_SHA512
752 select CRYPTO_HASH
753 select CRYPTO_MCRYPTD
754 help
755 SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
756 using multi-buffer technique. This algorithm computes on
757 multiple data lanes concurrently with SIMD instructions for
758 better throughput. It should not be enabled by default but
759 used when there is significant amount of work to keep the keep
760 the data lanes filled to get performance benefit. If the data
761 lanes remain unfilled, a flush operation will be initiated to
762 process the crypto jobs, adding a slight latency.
763
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800764config CRYPTO_SHA256
765 tristate "SHA224 and SHA256 digest algorithm"
Adrian-Ken Rueegsegger50e109b52008-12-03 19:57:49 +0800766 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800767 help
768 SHA256 secure hash standard (DFIPS 180-2).
769
770 This version of SHA implements a 256 bit hash with 128 bits of
771 security against collision attacks.
772
Adrian Bunkb6d44342008-07-16 19:28:00 +0800773 This code also includes SHA-224, a 224 bit hash with 112 bits
774 of security against collision attacks.
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800775
Markus Stockhausen2ecc1e92015-01-30 15:39:34 +0100776config CRYPTO_SHA256_PPC_SPE
777 tristate "SHA224 and SHA256 digest algorithm (PPC SPE)"
778 depends on PPC && SPE
779 select CRYPTO_SHA256
780 select CRYPTO_HASH
781 help
782 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
783 implemented using powerpc SPE SIMD instruction set.
784
Aaro Koskinenefdb6f62015-03-08 22:07:47 +0200785config CRYPTO_SHA256_OCTEON
786 tristate "SHA224 and SHA256 digest algorithm (OCTEON)"
787 depends on CPU_CAVIUM_OCTEON
788 select CRYPTO_SHA256
789 select CRYPTO_HASH
790 help
791 SHA-256 secure hash standard (DFIPS 180-2) implemented
792 using OCTEON crypto instructions, when available.
793
David S. Miller86c93b22012-08-19 17:11:37 -0700794config CRYPTO_SHA256_SPARC64
795 tristate "SHA224 and SHA256 digest algorithm (SPARC64)"
796 depends on SPARC64
797 select CRYPTO_SHA256
798 select CRYPTO_HASH
799 help
800 SHA-256 secure hash standard (DFIPS 180-2) implemented
801 using sparc64 crypto instructions, when available.
802
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800803config CRYPTO_SHA512
804 tristate "SHA384 and SHA512 digest algorithms"
Adrian-Ken Rueegseggerbd9d20d2008-12-17 16:49:02 +1100805 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800806 help
807 SHA512 secure hash standard (DFIPS 180-2).
808
809 This version of SHA implements a 512 bit hash with 256 bits of
810 security against collision attacks.
811
812 This code also includes SHA-384, a 384 bit hash with 192 bits
813 of security against collision attacks.
814
Aaro Koskinenefdb6f62015-03-08 22:07:47 +0200815config CRYPTO_SHA512_OCTEON
816 tristate "SHA384 and SHA512 digest algorithms (OCTEON)"
817 depends on CPU_CAVIUM_OCTEON
818 select CRYPTO_SHA512
819 select CRYPTO_HASH
820 help
821 SHA-512 secure hash standard (DFIPS 180-2) implemented
822 using OCTEON crypto instructions, when available.
823
David S. Miller775e0c62012-08-19 17:37:56 -0700824config CRYPTO_SHA512_SPARC64
825 tristate "SHA384 and SHA512 digest algorithm (SPARC64)"
826 depends on SPARC64
827 select CRYPTO_SHA512
828 select CRYPTO_HASH
829 help
830 SHA-512 secure hash standard (DFIPS 180-2) implemented
831 using sparc64 crypto instructions, when available.
832
Jeff Garzik53964b92016-06-17 10:30:35 +0530833config CRYPTO_SHA3
834 tristate "SHA3 digest algorithm"
835 select CRYPTO_HASH
836 help
837 SHA-3 secure hash standard (DFIPS 202). It's based on
838 cryptographic sponge function family called Keccak.
839
840 References:
841 http://keccak.noekeon.org/
842
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800843config CRYPTO_TGR192
844 tristate "Tiger digest algorithms"
Adrian-Ken Rueegseggerf63fbd32008-12-03 19:58:32 +0800845 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800846 help
847 Tiger hash algorithm 192, 160 and 128-bit hashes
848
849 Tiger is a hash function optimized for 64-bit processors while
850 still having decent performance on 32-bit processors.
851 Tiger was developed by Ross Anderson and Eli Biham.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700852
853 See also:
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800854 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
855
856config CRYPTO_WP512
857 tristate "Whirlpool digest algorithms"
Adrian-Ken Rueegsegger49465102008-12-07 19:34:37 +0800858 select CRYPTO_HASH
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800859 help
860 Whirlpool hash algorithm 512, 384 and 256-bit hashes
861
862 Whirlpool-512 is part of the NESSIE cryptographic primitives.
863 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
864
865 See also:
Justin P. Mattock6d8de742010-09-12 10:42:47 +0800866 <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800867
Huang Ying0e1227d2009-10-19 11:53:06 +0900868config CRYPTO_GHASH_CLMUL_NI_INTEL
869 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
Richard Weinberger8af00862011-06-08 20:56:29 +0800870 depends on X86 && 64BIT
Huang Ying0e1227d2009-10-19 11:53:06 +0900871 select CRYPTO_CRYPTD
872 help
873 GHASH is message digest algorithm for GCM (Galois/Counter Mode).
874 The implementation is accelerated by CLMUL-NI of Intel.
875
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800876comment "Ciphers"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700877
878config CRYPTO_AES
879 tristate "AES cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +1000880 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -0700881 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800882 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700883 algorithm.
884
885 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800886 both hardware and software across a wide range of computing
887 environments regardless of its use in feedback or non-feedback
888 modes. Its key setup time is excellent, and its key agility is
889 good. Rijndael's very low memory requirements make it very well
890 suited for restricted-space environments, in which it also
891 demonstrates excellent performance. Rijndael's operations are
892 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700893
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800894 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700895
896 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
897
898config CRYPTO_AES_586
899 tristate "AES cipher algorithms (i586)"
Herbert Xucce9e062006-08-21 21:08:13 +1000900 depends on (X86 || UML_X86) && !64BIT
901 select CRYPTO_ALGAPI
Sebastian Siewior5157dea2007-11-10 19:07:16 +0800902 select CRYPTO_AES
Linus Torvalds1da177e2005-04-16 15:20:36 -0700903 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800904 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Linus Torvalds1da177e2005-04-16 15:20:36 -0700905 algorithm.
906
907 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800908 both hardware and software across a wide range of computing
909 environments regardless of its use in feedback or non-feedback
910 modes. Its key setup time is excellent, and its key agility is
911 good. Rijndael's very low memory requirements make it very well
912 suited for restricted-space environments, in which it also
913 demonstrates excellent performance. Rijndael's operations are
914 among the easiest to defend against power and timing attacks.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700915
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800916 The AES specifies three key sizes: 128, 192 and 256 bits
Linus Torvalds1da177e2005-04-16 15:20:36 -0700917
918 See <http://csrc.nist.gov/encryption/aes/> for more information.
919
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700920config CRYPTO_AES_X86_64
921 tristate "AES cipher algorithms (x86_64)"
Herbert Xucce9e062006-08-21 21:08:13 +1000922 depends on (X86 || UML_X86) && 64BIT
923 select CRYPTO_ALGAPI
Sebastian Siewior81190b32007-11-08 21:25:04 +0800924 select CRYPTO_AES
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700925 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800926 AES cipher algorithms (FIPS-197). AES uses the Rijndael
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700927 algorithm.
928
929 Rijndael appears to be consistently a very good performer in
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800930 both hardware and software across a wide range of computing
931 environments regardless of its use in feedback or non-feedback
932 modes. Its key setup time is excellent, and its key agility is
933 good. Rijndael's very low memory requirements make it very well
934 suited for restricted-space environments, in which it also
935 demonstrates excellent performance. Rijndael's operations are
936 among the easiest to defend against power and timing attacks.
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700937
Sebastian Siewior584fffc2008-04-05 21:04:48 +0800938 The AES specifies three key sizes: 128, 192 and 256 bits
Andreas Steinmetza2a892a2005-07-06 13:55:00 -0700939
940 See <http://csrc.nist.gov/encryption/aes/> for more information.
941
Huang Ying54b6a1b2009-01-18 16:28:34 +1100942config CRYPTO_AES_NI_INTEL
943 tristate "AES cipher algorithms (AES-NI)"
Richard Weinberger8af00862011-06-08 20:56:29 +0800944 depends on X86
Herbert Xu85671862016-11-22 20:08:33 +0800945 select CRYPTO_AEAD
Mathias Krause0d258ef2010-11-27 16:34:46 +0800946 select CRYPTO_AES_X86_64 if 64BIT
947 select CRYPTO_AES_586 if !64BIT
Huang Ying54b6a1b2009-01-18 16:28:34 +1100948 select CRYPTO_ALGAPI
Herbert Xu85671862016-11-22 20:08:33 +0800949 select CRYPTO_BLKCIPHER
Jussi Kivilinna7643a112013-04-10 18:39:20 +0300950 select CRYPTO_GLUE_HELPER_X86 if 64BIT
Herbert Xu85671862016-11-22 20:08:33 +0800951 select CRYPTO_SIMD
Huang Ying54b6a1b2009-01-18 16:28:34 +1100952 help
953 Use Intel AES-NI instructions for AES algorithm.
954
955 AES cipher algorithms (FIPS-197). AES uses the Rijndael
956 algorithm.
957
958 Rijndael appears to be consistently a very good performer in
959 both hardware and software across a wide range of computing
960 environments regardless of its use in feedback or non-feedback
961 modes. Its key setup time is excellent, and its key agility is
962 good. Rijndael's very low memory requirements make it very well
963 suited for restricted-space environments, in which it also
964 demonstrates excellent performance. Rijndael's operations are
965 among the easiest to defend against power and timing attacks.
966
967 The AES specifies three key sizes: 128, 192 and 256 bits
968
969 See <http://csrc.nist.gov/encryption/aes/> for more information.
970
Mathias Krause0d258ef2010-11-27 16:34:46 +0800971 In addition to AES cipher algorithm support, the acceleration
972 for some popular block cipher mode is supported too, including
973 ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional
974 acceleration for CTR.
Huang Ying2cf4ac82009-03-29 15:41:20 +0800975
David S. Miller9bf48522012-08-21 03:58:13 -0700976config CRYPTO_AES_SPARC64
977 tristate "AES cipher algorithms (SPARC64)"
978 depends on SPARC64
979 select CRYPTO_CRYPTD
980 select CRYPTO_ALGAPI
981 help
982 Use SPARC64 crypto opcodes for AES algorithm.
983
984 AES cipher algorithms (FIPS-197). AES uses the Rijndael
985 algorithm.
986
987 Rijndael appears to be consistently a very good performer in
988 both hardware and software across a wide range of computing
989 environments regardless of its use in feedback or non-feedback
990 modes. Its key setup time is excellent, and its key agility is
991 good. Rijndael's very low memory requirements make it very well
992 suited for restricted-space environments, in which it also
993 demonstrates excellent performance. Rijndael's operations are
994 among the easiest to defend against power and timing attacks.
995
996 The AES specifies three key sizes: 128, 192 and 256 bits
997
998 See <http://csrc.nist.gov/encryption/aes/> for more information.
999
1000 In addition to AES cipher algorithm support, the acceleration
1001 for some popular block cipher mode is supported too, including
1002 ECB and CBC.
1003
Markus Stockhausen504c6142015-02-22 10:00:10 +01001004config CRYPTO_AES_PPC_SPE
1005 tristate "AES cipher algorithms (PPC SPE)"
1006 depends on PPC && SPE
1007 help
1008 AES cipher algorithms (FIPS-197). Additionally the acceleration
1009 for popular block cipher modes ECB, CBC, CTR and XTS is supported.
1010 This module should only be used for low power (router) devices
1011 without hardware AES acceleration (e.g. caam crypto). It reduces the
1012 size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
1013 timining attacks. Nevertheless it might be not as secure as other
1014 architecture specific assembler implementations that work on 1KB
1015 tables or 256 bytes S-boxes.
1016
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001017config CRYPTO_ANUBIS
1018 tristate "Anubis cipher algorithm"
1019 select CRYPTO_ALGAPI
1020 help
1021 Anubis cipher algorithm.
1022
1023 Anubis is a variable key length cipher which can use keys from
1024 128 bits to 320 bits in length. It was evaluated as a entrant
1025 in the NESSIE competition.
1026
1027 See also:
Justin P. Mattock6d8de742010-09-12 10:42:47 +08001028 <https://www.cosic.esat.kuleuven.be/nessie/reports/>
1029 <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001030
1031config CRYPTO_ARC4
1032 tristate "ARC4 cipher algorithm"
Sebastian Andrzej Siewiorb9b0f082012-06-26 18:13:46 +02001033 select CRYPTO_BLKCIPHER
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001034 help
1035 ARC4 cipher algorithm.
1036
1037 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1038 bits in length. This algorithm is required for driver-based
1039 WEP, but it should not be for other purposes because of the
1040 weakness of the algorithm.
1041
1042config CRYPTO_BLOWFISH
1043 tristate "Blowfish cipher algorithm"
1044 select CRYPTO_ALGAPI
Jussi Kivilinna52ba8672011-09-02 01:45:07 +03001045 select CRYPTO_BLOWFISH_COMMON
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001046 help
1047 Blowfish cipher algorithm, by Bruce Schneier.
1048
1049 This is a variable key length cipher which can use keys from 32
1050 bits to 448 bits in length. It's fast, simple and specifically
1051 designed for use on "large microprocessors".
1052
1053 See also:
1054 <http://www.schneier.com/blowfish.html>
1055
Jussi Kivilinna52ba8672011-09-02 01:45:07 +03001056config CRYPTO_BLOWFISH_COMMON
1057 tristate
1058 help
1059 Common parts of the Blowfish cipher algorithm shared by the
1060 generic c and the assembler implementations.
1061
1062 See also:
1063 <http://www.schneier.com/blowfish.html>
1064
Jussi Kivilinna64b94ce2011-09-02 01:45:22 +03001065config CRYPTO_BLOWFISH_X86_64
1066 tristate "Blowfish cipher algorithm (x86_64)"
Al Virof21a7c12012-04-08 20:31:22 -04001067 depends on X86 && 64BIT
Jussi Kivilinna64b94ce2011-09-02 01:45:22 +03001068 select CRYPTO_ALGAPI
1069 select CRYPTO_BLOWFISH_COMMON
1070 help
1071 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
1072
1073 This is a variable key length cipher which can use keys from 32
1074 bits to 448 bits in length. It's fast, simple and specifically
1075 designed for use on "large microprocessors".
1076
1077 See also:
1078 <http://www.schneier.com/blowfish.html>
1079
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001080config CRYPTO_CAMELLIA
1081 tristate "Camellia cipher algorithms"
1082 depends on CRYPTO
1083 select CRYPTO_ALGAPI
1084 help
1085 Camellia cipher algorithms module.
1086
1087 Camellia is a symmetric key block cipher developed jointly
1088 at NTT and Mitsubishi Electric Corporation.
1089
1090 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1091
1092 See also:
1093 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1094
Jussi Kivilinna0b95ec52012-03-05 20:26:47 +02001095config CRYPTO_CAMELLIA_X86_64
1096 tristate "Camellia cipher algorithm (x86_64)"
Al Virof21a7c12012-04-08 20:31:22 -04001097 depends on X86 && 64BIT
Jussi Kivilinna0b95ec52012-03-05 20:26:47 +02001098 depends on CRYPTO
1099 select CRYPTO_ALGAPI
Jussi Kivilinna964263a2012-06-18 14:07:29 +03001100 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna0b95ec52012-03-05 20:26:47 +02001101 select CRYPTO_LRW
1102 select CRYPTO_XTS
1103 help
1104 Camellia cipher algorithm module (x86_64).
1105
1106 Camellia is a symmetric key block cipher developed jointly
1107 at NTT and Mitsubishi Electric Corporation.
1108
1109 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1110
1111 See also:
1112 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1113
Jussi Kivilinnad9b1d2e2012-10-26 14:49:01 +03001114config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1115 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1116 depends on X86 && 64BIT
1117 depends on CRYPTO
1118 select CRYPTO_ALGAPI
1119 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001120 select CRYPTO_ABLK_HELPER
Jussi Kivilinnad9b1d2e2012-10-26 14:49:01 +03001121 select CRYPTO_GLUE_HELPER_X86
1122 select CRYPTO_CAMELLIA_X86_64
1123 select CRYPTO_LRW
1124 select CRYPTO_XTS
1125 help
1126 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1127
1128 Camellia is a symmetric key block cipher developed jointly
1129 at NTT and Mitsubishi Electric Corporation.
1130
1131 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1132
1133 See also:
1134 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1135
Jussi Kivilinnaf3f935a2013-04-13 13:47:00 +03001136config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
1137 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1138 depends on X86 && 64BIT
1139 depends on CRYPTO
1140 select CRYPTO_ALGAPI
1141 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001142 select CRYPTO_ABLK_HELPER
Jussi Kivilinnaf3f935a2013-04-13 13:47:00 +03001143 select CRYPTO_GLUE_HELPER_X86
1144 select CRYPTO_CAMELLIA_X86_64
1145 select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
1146 select CRYPTO_LRW
1147 select CRYPTO_XTS
1148 help
1149 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1150
1151 Camellia is a symmetric key block cipher developed jointly
1152 at NTT and Mitsubishi Electric Corporation.
1153
1154 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1155
1156 See also:
1157 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1158
David S. Miller81658ad2012-08-28 12:05:54 -07001159config CRYPTO_CAMELLIA_SPARC64
1160 tristate "Camellia cipher algorithm (SPARC64)"
1161 depends on SPARC64
1162 depends on CRYPTO
1163 select CRYPTO_ALGAPI
1164 help
1165 Camellia cipher algorithm module (SPARC64).
1166
1167 Camellia is a symmetric key block cipher developed jointly
1168 at NTT and Mitsubishi Electric Corporation.
1169
1170 The Camellia specifies three key sizes: 128, 192 and 256 bits.
1171
1172 See also:
1173 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
1174
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001175config CRYPTO_CAST_COMMON
1176 tristate
1177 help
1178 Common parts of the CAST cipher algorithms shared by the
1179 generic c and the assembler implementations.
1180
Linus Torvalds1da177e2005-04-16 15:20:36 -07001181config CRYPTO_CAST5
1182 tristate "CAST5 (CAST-128) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001183 select CRYPTO_ALGAPI
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001184 select CRYPTO_CAST_COMMON
Linus Torvalds1da177e2005-04-16 15:20:36 -07001185 help
1186 The CAST5 encryption algorithm (synonymous with CAST-128) is
1187 described in RFC2144.
1188
Johannes Goetzfried4d6d6a22012-07-11 19:37:37 +02001189config CRYPTO_CAST5_AVX_X86_64
1190 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1191 depends on X86 && 64BIT
1192 select CRYPTO_ALGAPI
1193 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001194 select CRYPTO_ABLK_HELPER
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001195 select CRYPTO_CAST_COMMON
Johannes Goetzfried4d6d6a22012-07-11 19:37:37 +02001196 select CRYPTO_CAST5
1197 help
1198 The CAST5 encryption algorithm (synonymous with CAST-128) is
1199 described in RFC2144.
1200
1201 This module provides the Cast5 cipher algorithm that processes
1202 sixteen blocks parallel using the AVX instruction set.
1203
Linus Torvalds1da177e2005-04-16 15:20:36 -07001204config CRYPTO_CAST6
1205 tristate "CAST6 (CAST-256) cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001206 select CRYPTO_ALGAPI
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001207 select CRYPTO_CAST_COMMON
Linus Torvalds1da177e2005-04-16 15:20:36 -07001208 help
1209 The CAST6 encryption algorithm (synonymous with CAST-256) is
1210 described in RFC2612.
1211
Johannes Goetzfried4ea12772012-07-11 19:38:57 +02001212config CRYPTO_CAST6_AVX_X86_64
1213 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1214 depends on X86 && 64BIT
1215 select CRYPTO_ALGAPI
1216 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001217 select CRYPTO_ABLK_HELPER
Johannes Goetzfried4ea12772012-07-11 19:38:57 +02001218 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna044ab522012-11-13 11:43:14 +02001219 select CRYPTO_CAST_COMMON
Johannes Goetzfried4ea12772012-07-11 19:38:57 +02001220 select CRYPTO_CAST6
1221 select CRYPTO_LRW
1222 select CRYPTO_XTS
1223 help
1224 The CAST6 encryption algorithm (synonymous with CAST-256) is
1225 described in RFC2612.
1226
1227 This module provides the Cast6 cipher algorithm that processes
1228 eight blocks parallel using the AVX instruction set.
1229
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001230config CRYPTO_DES
1231 tristate "DES and Triple DES EDE cipher algorithms"
Herbert Xucce9e062006-08-21 21:08:13 +10001232 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -07001233 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001234 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
Linus Torvalds1da177e2005-04-16 15:20:36 -07001235
David S. Millerc5aac2d2012-08-25 22:37:23 -07001236config CRYPTO_DES_SPARC64
1237 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
Dave Jones97da37b2012-10-02 17:13:20 -04001238 depends on SPARC64
David S. Millerc5aac2d2012-08-25 22:37:23 -07001239 select CRYPTO_ALGAPI
1240 select CRYPTO_DES
1241 help
1242 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1243 optimized using SPARC64 crypto opcodes.
1244
Jussi Kivilinna6574e6c2014-06-09 20:59:54 +03001245config CRYPTO_DES3_EDE_X86_64
1246 tristate "Triple DES EDE cipher algorithm (x86-64)"
1247 depends on X86 && 64BIT
1248 select CRYPTO_ALGAPI
1249 select CRYPTO_DES
1250 help
1251 Triple DES EDE (FIPS 46-3) algorithm.
1252
1253 This module provides implementation of the Triple DES EDE cipher
1254 algorithm that is optimized for x86-64 processors. Two versions of
1255 algorithm are provided; regular processing one input block and
1256 one that processes three blocks parallel.
1257
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001258config CRYPTO_FCRYPT
1259 tristate "FCrypt cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001260 select CRYPTO_ALGAPI
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001261 select CRYPTO_BLKCIPHER
Linus Torvalds1da177e2005-04-16 15:20:36 -07001262 help
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001263 FCrypt algorithm used by RxRPC.
Linus Torvalds1da177e2005-04-16 15:20:36 -07001264
1265config CRYPTO_KHAZAD
1266 tristate "Khazad cipher algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001267 select CRYPTO_ALGAPI
Linus Torvalds1da177e2005-04-16 15:20:36 -07001268 help
1269 Khazad cipher algorithm.
1270
1271 Khazad was a finalist in the initial NESSIE competition. It is
1272 an algorithm optimized for 64-bit processors with good performance
1273 on 32-bit processors. Khazad uses an 128 bit key size.
1274
1275 See also:
Justin P. Mattock6d8de742010-09-12 10:42:47 +08001276 <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
Linus Torvalds1da177e2005-04-16 15:20:36 -07001277
Tan Swee Heng2407d602007-11-23 19:45:00 +08001278config CRYPTO_SALSA20
Kees Cook3b4afaf2012-10-02 11:16:49 -07001279 tristate "Salsa20 stream cipher algorithm"
Tan Swee Heng2407d602007-11-23 19:45:00 +08001280 select CRYPTO_BLKCIPHER
1281 help
1282 Salsa20 stream cipher algorithm.
1283
1284 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1285 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1286
1287 The Salsa20 stream cipher algorithm is designed by Daniel J.
1288 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
Linus Torvalds1da177e2005-04-16 15:20:36 -07001289
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001290config CRYPTO_SALSA20_586
Kees Cook3b4afaf2012-10-02 11:16:49 -07001291 tristate "Salsa20 stream cipher algorithm (i586)"
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001292 depends on (X86 || UML_X86) && !64BIT
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001293 select CRYPTO_BLKCIPHER
Tan Swee Heng974e4b72007-12-10 15:52:56 +08001294 help
1295 Salsa20 stream cipher algorithm.
1296
1297 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1298 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1299
1300 The Salsa20 stream cipher algorithm is designed by Daniel J.
1301 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1302
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001303config CRYPTO_SALSA20_X86_64
Kees Cook3b4afaf2012-10-02 11:16:49 -07001304 tristate "Salsa20 stream cipher algorithm (x86_64)"
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001305 depends on (X86 || UML_X86) && 64BIT
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001306 select CRYPTO_BLKCIPHER
Tan Swee Heng9a7dafb2007-12-18 00:04:40 +08001307 help
1308 Salsa20 stream cipher algorithm.
1309
1310 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1311 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
1312
1313 The Salsa20 stream cipher algorithm is designed by Daniel J.
1314 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
1315
Martin Willic08d0e62015-06-01 13:43:56 +02001316config CRYPTO_CHACHA20
1317 tristate "ChaCha20 cipher algorithm"
1318 select CRYPTO_BLKCIPHER
1319 help
1320 ChaCha20 cipher algorithm, RFC7539.
1321
1322 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1323 Bernstein and further specified in RFC7539 for use in IETF protocols.
1324 This is the portable C implementation of ChaCha20.
1325
1326 See also:
1327 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1328
Martin Willic9320b62015-07-16 19:14:01 +02001329config CRYPTO_CHACHA20_X86_64
Martin Willi3d1e93c2015-07-16 19:14:03 +02001330 tristate "ChaCha20 cipher algorithm (x86_64/SSSE3/AVX2)"
Martin Willic9320b62015-07-16 19:14:01 +02001331 depends on X86 && 64BIT
1332 select CRYPTO_BLKCIPHER
1333 select CRYPTO_CHACHA20
1334 help
1335 ChaCha20 cipher algorithm, RFC7539.
1336
1337 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1338 Bernstein and further specified in RFC7539 for use in IETF protocols.
1339 This is the x86_64 assembler implementation using SIMD instructions.
1340
1341 See also:
1342 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1343
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001344config CRYPTO_SEED
1345 tristate "SEED cipher algorithm"
1346 select CRYPTO_ALGAPI
1347 help
1348 SEED cipher algorithm (RFC4269).
1349
1350 SEED is a 128-bit symmetric key block cipher that has been
1351 developed by KISA (Korea Information Security Agency) as a
1352 national standard encryption algorithm of the Republic of Korea.
1353 It is a 16 round block cipher with the key size of 128 bit.
1354
1355 See also:
1356 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
1357
1358config CRYPTO_SERPENT
1359 tristate "Serpent cipher algorithm"
1360 select CRYPTO_ALGAPI
1361 help
1362 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1363
1364 Keys are allowed to be from 0 to 256 bits in length, in steps
1365 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
1366 variant of Serpent for compatibility with old kerneli.org code.
1367
1368 See also:
1369 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1370
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001371config CRYPTO_SERPENT_SSE2_X86_64
1372 tristate "Serpent cipher algorithm (x86_64/SSE2)"
1373 depends on X86 && 64BIT
1374 select CRYPTO_ALGAPI
Jussi Kivilinna341975b2011-11-24 08:37:41 +02001375 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001376 select CRYPTO_ABLK_HELPER
Jussi Kivilinna596d8752012-06-18 14:07:19 +03001377 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001378 select CRYPTO_SERPENT
Jussi Kivilinnafeaf0cf2011-12-13 12:53:12 +02001379 select CRYPTO_LRW
1380 select CRYPTO_XTS
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001381 help
1382 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1383
1384 Keys are allowed to be from 0 to 256 bits in length, in steps
1385 of 8 bits.
1386
Masanari Iida1e6232f2015-04-04 00:20:30 +09001387 This module provides Serpent cipher algorithm that processes eight
Jussi Kivilinna937c30d2011-11-09 16:26:25 +02001388 blocks parallel using SSE2 instruction set.
1389
1390 See also:
1391 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1392
Jussi Kivilinna251496d2011-11-09 16:26:31 +02001393config CRYPTO_SERPENT_SSE2_586
1394 tristate "Serpent cipher algorithm (i586/SSE2)"
1395 depends on X86 && !64BIT
1396 select CRYPTO_ALGAPI
Jussi Kivilinna341975b2011-11-24 08:37:41 +02001397 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001398 select CRYPTO_ABLK_HELPER
Jussi Kivilinna596d8752012-06-18 14:07:19 +03001399 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinna251496d2011-11-09 16:26:31 +02001400 select CRYPTO_SERPENT
Jussi Kivilinnafeaf0cf2011-12-13 12:53:12 +02001401 select CRYPTO_LRW
1402 select CRYPTO_XTS
Jussi Kivilinna251496d2011-11-09 16:26:31 +02001403 help
1404 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1405
1406 Keys are allowed to be from 0 to 256 bits in length, in steps
1407 of 8 bits.
1408
1409 This module provides Serpent cipher algorithm that processes four
1410 blocks parallel using SSE2 instruction set.
1411
1412 See also:
1413 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1414
Johannes Goetzfried7efe4072012-06-12 16:47:43 +08001415config CRYPTO_SERPENT_AVX_X86_64
1416 tristate "Serpent cipher algorithm (x86_64/AVX)"
1417 depends on X86 && 64BIT
1418 select CRYPTO_ALGAPI
1419 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001420 select CRYPTO_ABLK_HELPER
Jussi Kivilinna1d0debb2012-06-18 14:07:24 +03001421 select CRYPTO_GLUE_HELPER_X86
Johannes Goetzfried7efe4072012-06-12 16:47:43 +08001422 select CRYPTO_SERPENT
1423 select CRYPTO_LRW
1424 select CRYPTO_XTS
1425 help
1426 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1427
1428 Keys are allowed to be from 0 to 256 bits in length, in steps
1429 of 8 bits.
1430
1431 This module provides the Serpent cipher algorithm that processes
1432 eight blocks parallel using the AVX instruction set.
1433
1434 See also:
1435 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1436
Jussi Kivilinna56d76c92013-04-13 13:46:55 +03001437config CRYPTO_SERPENT_AVX2_X86_64
1438 tristate "Serpent cipher algorithm (x86_64/AVX2)"
1439 depends on X86 && 64BIT
1440 select CRYPTO_ALGAPI
1441 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001442 select CRYPTO_ABLK_HELPER
Jussi Kivilinna56d76c92013-04-13 13:46:55 +03001443 select CRYPTO_GLUE_HELPER_X86
1444 select CRYPTO_SERPENT
1445 select CRYPTO_SERPENT_AVX_X86_64
1446 select CRYPTO_LRW
1447 select CRYPTO_XTS
1448 help
1449 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
1450
1451 Keys are allowed to be from 0 to 256 bits in length, in steps
1452 of 8 bits.
1453
1454 This module provides Serpent cipher algorithm that processes 16
1455 blocks parallel using AVX2 instruction set.
1456
1457 See also:
1458 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
1459
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001460config CRYPTO_TEA
1461 tristate "TEA, XTEA and XETA cipher algorithms"
1462 select CRYPTO_ALGAPI
1463 help
1464 TEA cipher algorithm.
1465
1466 Tiny Encryption Algorithm is a simple cipher that uses
1467 many rounds for security. It is very fast and uses
1468 little memory.
1469
1470 Xtendend Tiny Encryption Algorithm is a modification to
1471 the TEA algorithm to address a potential key weakness
1472 in the TEA algorithm.
1473
1474 Xtendend Encryption Tiny Algorithm is a mis-implementation
1475 of the XTEA algorithm for compatibility purposes.
1476
1477config CRYPTO_TWOFISH
1478 tristate "Twofish cipher algorithm"
1479 select CRYPTO_ALGAPI
1480 select CRYPTO_TWOFISH_COMMON
1481 help
1482 Twofish cipher algorithm.
1483
1484 Twofish was submitted as an AES (Advanced Encryption Standard)
1485 candidate cipher by researchers at CounterPane Systems. It is a
1486 16 round block cipher supporting key sizes of 128, 192, and 256
1487 bits.
1488
1489 See also:
1490 <http://www.schneier.com/twofish.html>
1491
1492config CRYPTO_TWOFISH_COMMON
1493 tristate
1494 help
1495 Common parts of the Twofish cipher algorithm shared by the
1496 generic c and the assembler implementations.
1497
1498config CRYPTO_TWOFISH_586
1499 tristate "Twofish cipher algorithms (i586)"
1500 depends on (X86 || UML_X86) && !64BIT
1501 select CRYPTO_ALGAPI
1502 select CRYPTO_TWOFISH_COMMON
1503 help
1504 Twofish cipher algorithm.
1505
1506 Twofish was submitted as an AES (Advanced Encryption Standard)
1507 candidate cipher by researchers at CounterPane Systems. It is a
1508 16 round block cipher supporting key sizes of 128, 192, and 256
1509 bits.
1510
1511 See also:
1512 <http://www.schneier.com/twofish.html>
1513
1514config CRYPTO_TWOFISH_X86_64
1515 tristate "Twofish cipher algorithm (x86_64)"
1516 depends on (X86 || UML_X86) && 64BIT
1517 select CRYPTO_ALGAPI
1518 select CRYPTO_TWOFISH_COMMON
1519 help
1520 Twofish cipher algorithm (x86_64).
1521
1522 Twofish was submitted as an AES (Advanced Encryption Standard)
1523 candidate cipher by researchers at CounterPane Systems. It is a
1524 16 round block cipher supporting key sizes of 128, 192, and 256
1525 bits.
1526
1527 See also:
1528 <http://www.schneier.com/twofish.html>
1529
Jussi Kivilinna8280daa2011-09-26 16:47:25 +03001530config CRYPTO_TWOFISH_X86_64_3WAY
1531 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
Al Virof21a7c12012-04-08 20:31:22 -04001532 depends on X86 && 64BIT
Jussi Kivilinna8280daa2011-09-26 16:47:25 +03001533 select CRYPTO_ALGAPI
1534 select CRYPTO_TWOFISH_COMMON
1535 select CRYPTO_TWOFISH_X86_64
Jussi Kivilinna414cb5e2012-06-18 14:07:34 +03001536 select CRYPTO_GLUE_HELPER_X86
Jussi Kivilinnae7cda5d2011-12-13 12:53:01 +02001537 select CRYPTO_LRW
1538 select CRYPTO_XTS
Jussi Kivilinna8280daa2011-09-26 16:47:25 +03001539 help
1540 Twofish cipher algorithm (x86_64, 3-way parallel).
1541
1542 Twofish was submitted as an AES (Advanced Encryption Standard)
1543 candidate cipher by researchers at CounterPane Systems. It is a
1544 16 round block cipher supporting key sizes of 128, 192, and 256
1545 bits.
1546
1547 This module provides Twofish cipher algorithm that processes three
1548 blocks parallel, utilizing resources of out-of-order CPUs better.
1549
1550 See also:
1551 <http://www.schneier.com/twofish.html>
1552
Johannes Goetzfried107778b52012-05-28 15:54:24 +02001553config CRYPTO_TWOFISH_AVX_X86_64
1554 tristate "Twofish cipher algorithm (x86_64/AVX)"
1555 depends on X86 && 64BIT
1556 select CRYPTO_ALGAPI
1557 select CRYPTO_CRYPTD
Ard Biesheuvel801201a2013-09-20 09:55:41 +02001558 select CRYPTO_ABLK_HELPER
Jussi Kivilinnaa7378d42012-06-18 14:07:39 +03001559 select CRYPTO_GLUE_HELPER_X86
Johannes Goetzfried107778b52012-05-28 15:54:24 +02001560 select CRYPTO_TWOFISH_COMMON
1561 select CRYPTO_TWOFISH_X86_64
1562 select CRYPTO_TWOFISH_X86_64_3WAY
1563 select CRYPTO_LRW
1564 select CRYPTO_XTS
1565 help
1566 Twofish cipher algorithm (x86_64/AVX).
1567
1568 Twofish was submitted as an AES (Advanced Encryption Standard)
1569 candidate cipher by researchers at CounterPane Systems. It is a
1570 16 round block cipher supporting key sizes of 128, 192, and 256
1571 bits.
1572
1573 This module provides the Twofish cipher algorithm that processes
1574 eight blocks parallel using the AVX Instruction Set.
1575
1576 See also:
1577 <http://www.schneier.com/twofish.html>
1578
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001579comment "Compression"
1580
Linus Torvalds1da177e2005-04-16 15:20:36 -07001581config CRYPTO_DEFLATE
1582 tristate "Deflate compression algorithm"
Herbert Xucce9e062006-08-21 21:08:13 +10001583 select CRYPTO_ALGAPI
Giovanni Cabidduf6ded092016-10-21 13:19:53 +01001584 select CRYPTO_ACOMP2
Linus Torvalds1da177e2005-04-16 15:20:36 -07001585 select ZLIB_INFLATE
1586 select ZLIB_DEFLATE
1587 help
1588 This is the Deflate algorithm (RFC1951), specified for use in
1589 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
Sebastian Siewior584fffc2008-04-05 21:04:48 +08001590
Linus Torvalds1da177e2005-04-16 15:20:36 -07001591 You will most probably want this if using IPSec.
1592
Zoltan Sogor0b77abb2007-12-07 16:53:23 +08001593config CRYPTO_LZO
1594 tristate "LZO compression algorithm"
1595 select CRYPTO_ALGAPI
Giovanni Cabidduac9d2c42016-10-21 13:19:49 +01001596 select CRYPTO_ACOMP2
Zoltan Sogor0b77abb2007-12-07 16:53:23 +08001597 select LZO_COMPRESS
1598 select LZO_DECOMPRESS
1599 help
1600 This is the LZO algorithm.
1601
Seth Jennings35a1fc12012-07-19 09:42:41 -05001602config CRYPTO_842
1603 tristate "842 compression algorithm"
Dan Streetman2062c5b2015-05-07 13:49:15 -04001604 select CRYPTO_ALGAPI
Giovanni Cabiddu6a8de3a2016-10-21 13:19:52 +01001605 select CRYPTO_ACOMP2
Dan Streetman2062c5b2015-05-07 13:49:15 -04001606 select 842_COMPRESS
1607 select 842_DECOMPRESS
Seth Jennings35a1fc12012-07-19 09:42:41 -05001608 help
1609 This is the 842 algorithm.
1610
Chanho Min0ea85302013-07-08 16:01:51 -07001611config CRYPTO_LZ4
1612 tristate "LZ4 compression algorithm"
1613 select CRYPTO_ALGAPI
Giovanni Cabiddu8cd93302016-10-21 13:19:50 +01001614 select CRYPTO_ACOMP2
Chanho Min0ea85302013-07-08 16:01:51 -07001615 select LZ4_COMPRESS
1616 select LZ4_DECOMPRESS
1617 help
1618 This is the LZ4 algorithm.
1619
1620config CRYPTO_LZ4HC
1621 tristate "LZ4HC compression algorithm"
1622 select CRYPTO_ALGAPI
Giovanni Cabiddu91d53d92016-10-21 13:19:51 +01001623 select CRYPTO_ACOMP2
Chanho Min0ea85302013-07-08 16:01:51 -07001624 select LZ4HC_COMPRESS
1625 select LZ4_DECOMPRESS
1626 help
1627 This is the LZ4 high compression mode algorithm.
1628
Neil Horman17f0f4a2008-08-14 22:15:52 +10001629comment "Random Number Generation"
1630
1631config CRYPTO_ANSI_CPRNG
1632 tristate "Pseudo Random Number Generation for Cryptographic modules"
1633 select CRYPTO_AES
1634 select CRYPTO_RNG
Neil Horman17f0f4a2008-08-14 22:15:52 +10001635 help
1636 This option enables the generic pseudo random number generator
1637 for cryptographic modules. Uses the Algorithm specified in
Jiri Kosina7dd607e2010-01-27 01:00:10 +01001638 ANSI X9.31 A.2.4. Note that this option must be enabled if
1639 CRYPTO_FIPS is selected
Neil Horman17f0f4a2008-08-14 22:15:52 +10001640
Herbert Xuf2c89a12014-07-04 22:15:08 +08001641menuconfig CRYPTO_DRBG_MENU
Stephan Mueller419090c2014-05-31 17:22:31 +02001642 tristate "NIST SP800-90A DRBG"
Stephan Mueller419090c2014-05-31 17:22:31 +02001643 help
1644 NIST SP800-90A compliant DRBG. In the following submenu, one or
1645 more of the DRBG types must be selected.
1646
Herbert Xuf2c89a12014-07-04 22:15:08 +08001647if CRYPTO_DRBG_MENU
Stephan Mueller419090c2014-05-31 17:22:31 +02001648
1649config CRYPTO_DRBG_HMAC
Herbert Xu401e4232015-06-03 14:49:31 +08001650 bool
Stephan Mueller419090c2014-05-31 17:22:31 +02001651 default y
Stephan Mueller419090c2014-05-31 17:22:31 +02001652 select CRYPTO_HMAC
Herbert Xu826775b2015-06-11 08:55:10 +08001653 select CRYPTO_SHA256
Stephan Mueller419090c2014-05-31 17:22:31 +02001654
1655config CRYPTO_DRBG_HASH
1656 bool "Enable Hash DRBG"
Herbert Xu826775b2015-06-11 08:55:10 +08001657 select CRYPTO_SHA256
Stephan Mueller419090c2014-05-31 17:22:31 +02001658 help
1659 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1660
1661config CRYPTO_DRBG_CTR
1662 bool "Enable CTR DRBG"
Stephan Mueller419090c2014-05-31 17:22:31 +02001663 select CRYPTO_AES
Stephan Mueller35591282016-06-14 07:34:13 +02001664 depends on CRYPTO_CTR
Stephan Mueller419090c2014-05-31 17:22:31 +02001665 help
1666 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1667
Herbert Xuf2c89a12014-07-04 22:15:08 +08001668config CRYPTO_DRBG
1669 tristate
Herbert Xu401e4232015-06-03 14:49:31 +08001670 default CRYPTO_DRBG_MENU
Herbert Xuf2c89a12014-07-04 22:15:08 +08001671 select CRYPTO_RNG
Stephan Muellerbb5530e2015-05-25 15:10:20 +02001672 select CRYPTO_JITTERENTROPY
Herbert Xuf2c89a12014-07-04 22:15:08 +08001673
1674endif # if CRYPTO_DRBG_MENU
Stephan Mueller419090c2014-05-31 17:22:31 +02001675
Stephan Muellerbb5530e2015-05-25 15:10:20 +02001676config CRYPTO_JITTERENTROPY
1677 tristate "Jitterentropy Non-Deterministic Random Number Generator"
Arnd Bergmann2f313e02016-01-26 14:47:10 +01001678 select CRYPTO_RNG
Stephan Muellerbb5530e2015-05-25 15:10:20 +02001679 help
1680 The Jitterentropy RNG is a noise that is intended
1681 to provide seed to another RNG. The RNG does not
1682 perform any cryptographic whitening of the generated
1683 random numbers. This Jitterentropy RNG registers with
1684 the kernel crypto API and can be used by any caller.
1685
Herbert Xu03c8efc2010-10-19 21:12:39 +08001686config CRYPTO_USER_API
1687 tristate
1688
Herbert Xufe869cd2010-10-19 21:23:00 +08001689config CRYPTO_USER_API_HASH
1690 tristate "User-space interface for hash algorithms"
Herbert Xu74517082010-11-29 22:56:03 +08001691 depends on NET
Herbert Xufe869cd2010-10-19 21:23:00 +08001692 select CRYPTO_HASH
1693 select CRYPTO_USER_API
1694 help
1695 This option enables the user-spaces interface for hash
1696 algorithms.
1697
Herbert Xu8ff59092010-10-19 21:31:55 +08001698config CRYPTO_USER_API_SKCIPHER
1699 tristate "User-space interface for symmetric key cipher algorithms"
Herbert Xu74517082010-11-29 22:56:03 +08001700 depends on NET
Herbert Xu8ff59092010-10-19 21:31:55 +08001701 select CRYPTO_BLKCIPHER
1702 select CRYPTO_USER_API
1703 help
1704 This option enables the user-spaces interface for symmetric
1705 key cipher algorithms.
1706
Stephan Mueller2f3755382014-12-25 23:00:39 +01001707config CRYPTO_USER_API_RNG
1708 tristate "User-space interface for random number generator algorithms"
1709 depends on NET
1710 select CRYPTO_RNG
1711 select CRYPTO_USER_API
1712 help
1713 This option enables the user-spaces interface for random
1714 number generator algorithms.
1715
Herbert Xub64a2d92015-05-28 11:30:35 +08001716config CRYPTO_USER_API_AEAD
1717 tristate "User-space interface for AEAD cipher algorithms"
1718 depends on NET
1719 select CRYPTO_AEAD
1720 select CRYPTO_USER_API
1721 help
1722 This option enables the user-spaces interface for AEAD
1723 cipher algorithms.
1724
Dmitry Kasatkinee089972013-05-06 15:40:01 +03001725config CRYPTO_HASH_INFO
1726 bool
1727
Linus Torvalds1da177e2005-04-16 15:20:36 -07001728source "drivers/crypto/Kconfig"
David Howells964f3b32012-09-13 15:17:21 +01001729source crypto/asymmetric_keys/Kconfig
David Howellscfc411e2015-08-14 15:20:41 +01001730source certs/Kconfig
Linus Torvalds1da177e2005-04-16 15:20:36 -07001731
Herbert Xucce9e062006-08-21 21:08:13 +10001732endif # if CRYPTO