1# 2# Generic algorithms support 3# 4config XOR_BLOCKS 5 tristate 6 7# 8# async_tx api: hardware offloaded memory transfer/transform support 9# 10source "crypto/async_tx/Kconfig" 11 12# 13# Cryptographic API Configuration 14# 15menuconfig CRYPTO 16 tristate "Cryptographic API" 17 help 18 This option provides the core Cryptographic API. 19 20if CRYPTO 21 22comment "Crypto core or helper" 23 24config CRYPTO_FIPS 25 bool "FIPS 200 compliance" 26 help 27 This options enables the fips boot option which is 28 required if you want to system to operate in a FIPS 200 29 certification. You should say no unless you know what 30 this is. 31 32config CRYPTO_ALGAPI 33 tristate 34 select CRYPTO_ALGAPI2 35 help 36 This option provides the API for cryptographic algorithms. 37 38config CRYPTO_ALGAPI2 39 tristate 40 41config CRYPTO_AEAD 42 tristate 43 select CRYPTO_AEAD2 44 select CRYPTO_ALGAPI 45 46config CRYPTO_AEAD2 47 tristate 48 select CRYPTO_ALGAPI2 49 50config CRYPTO_BLKCIPHER 51 tristate 52 select CRYPTO_BLKCIPHER2 53 select CRYPTO_ALGAPI 54 55config CRYPTO_BLKCIPHER2 56 tristate 57 select CRYPTO_ALGAPI2 58 select CRYPTO_RNG2 59 60config CRYPTO_HASH 61 tristate 62 select CRYPTO_HASH2 63 select CRYPTO_ALGAPI 64 65config CRYPTO_HASH2 66 tristate 67 select CRYPTO_ALGAPI2 68 69config CRYPTO_RNG 70 tristate 71 select CRYPTO_RNG2 72 select CRYPTO_ALGAPI 73 74config CRYPTO_RNG2 75 tristate 76 select CRYPTO_ALGAPI2 77 78config CRYPTO_MANAGER 79 tristate "Cryptographic algorithm manager" 80 select CRYPTO_MANAGER2 81 help 82 Create default cryptographic template instantiations such as 83 cbc(aes). 84 85config CRYPTO_MANAGER2 86 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 87 select CRYPTO_AEAD2 88 select CRYPTO_HASH2 89 select CRYPTO_BLKCIPHER2 90 91config CRYPTO_GF128MUL 92 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)" 93 depends on EXPERIMENTAL 94 help 95 Efficient table driven implementation of multiplications in the 96 field GF(2^128). This is needed by some cypher modes. This 97 option will be selected automatically if you select such a 98 cipher mode. Only select this option by hand if you expect to load 99 an external module that requires these functions. 100 101config CRYPTO_NULL 102 tristate "Null algorithms" 103 select CRYPTO_ALGAPI 104 select CRYPTO_BLKCIPHER 105 select CRYPTO_HASH 106 help 107 These are 'Null' algorithms, used by IPsec, which do nothing. 108 109config CRYPTO_CRYPTD 110 tristate "Software async crypto daemon" 111 select CRYPTO_BLKCIPHER 112 select CRYPTO_HASH 113 select CRYPTO_MANAGER 114 help 115 This is a generic software asynchronous crypto daemon that 116 converts an arbitrary synchronous software crypto algorithm 117 into an asynchronous algorithm that executes in a kernel thread. 118 119config CRYPTO_AUTHENC 120 tristate "Authenc support" 121 select CRYPTO_AEAD 122 select CRYPTO_BLKCIPHER 123 select CRYPTO_MANAGER 124 select CRYPTO_HASH 125 help 126 Authenc: Combined mode wrapper for IPsec. 127 This is required for IPSec. 128 129config CRYPTO_TEST 130 tristate "Testing module" 131 depends on m 132 select CRYPTO_MANAGER 133 help 134 Quick & dirty crypto test module. 135 136comment "Authenticated Encryption with Associated Data" 137 138config CRYPTO_CCM 139 tristate "CCM support" 140 select CRYPTO_CTR 141 select CRYPTO_AEAD 142 help 143 Support for Counter with CBC MAC. Required for IPsec. 144 145config CRYPTO_GCM 146 tristate "GCM/GMAC support" 147 select CRYPTO_CTR 148 select CRYPTO_AEAD 149 select CRYPTO_GF128MUL 150 help 151 Support for Galois/Counter Mode (GCM) and Galois Message 152 Authentication Code (GMAC). Required for IPSec. 153 154config CRYPTO_SEQIV 155 tristate "Sequence Number IV Generator" 156 select CRYPTO_AEAD 157 select CRYPTO_BLKCIPHER 158 select CRYPTO_RNG 159 help 160 This IV generator generates an IV based on a sequence number by 161 xoring it with a salt. This algorithm is mainly useful for CTR 162 163comment "Block modes" 164 165config CRYPTO_CBC 166 tristate "CBC support" 167 select CRYPTO_BLKCIPHER 168 select CRYPTO_MANAGER 169 help 170 CBC: Cipher Block Chaining mode 171 This block cipher algorithm is required for IPSec. 172 173config CRYPTO_CTR 174 tristate "CTR support" 175 select CRYPTO_BLKCIPHER 176 select CRYPTO_SEQIV 177 select CRYPTO_MANAGER 178 help 179 CTR: Counter mode 180 This block cipher algorithm is required for IPSec. 181 182config CRYPTO_CTS 183 tristate "CTS support" 184 select CRYPTO_BLKCIPHER 185 help 186 CTS: Cipher Text Stealing 187 This is the Cipher Text Stealing mode as described by 188 Section 8 of rfc2040 and referenced by rfc3962. 189 (rfc3962 includes errata information in its Appendix A) 190 This mode is required for Kerberos gss mechanism support 191 for AES encryption. 192 193config CRYPTO_ECB 194 tristate "ECB support" 195 select CRYPTO_BLKCIPHER 196 select CRYPTO_MANAGER 197 help 198 ECB: Electronic CodeBook mode 199 This is the simplest block cipher algorithm. It simply encrypts 200 the input block by block. 201 202config CRYPTO_LRW 203 tristate "LRW support (EXPERIMENTAL)" 204 depends on EXPERIMENTAL 205 select CRYPTO_BLKCIPHER 206 select CRYPTO_MANAGER 207 select CRYPTO_GF128MUL 208 help 209 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 210 narrow block cipher mode for dm-crypt. Use it with cipher 211 specification string aes-lrw-benbi, the key must be 256, 320 or 384. 212 The first 128, 192 or 256 bits in the key are used for AES and the 213 rest is used to tie each cipher block to its logical position. 214 215config CRYPTO_PCBC 216 tristate "PCBC support" 217 select CRYPTO_BLKCIPHER 218 select CRYPTO_MANAGER 219 help 220 PCBC: Propagating Cipher Block Chaining mode 221 This block cipher algorithm is required for RxRPC. 222 223config CRYPTO_XTS 224 tristate "XTS support (EXPERIMENTAL)" 225 depends on EXPERIMENTAL 226 select CRYPTO_BLKCIPHER 227 select CRYPTO_MANAGER 228 select CRYPTO_GF128MUL 229 help 230 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 231 key size 256, 384 or 512 bits. This implementation currently 232 can't handle a sectorsize which is not a multiple of 16 bytes. 233 234comment "Hash modes" 235 236config CRYPTO_HMAC 237 tristate "HMAC support" 238 select CRYPTO_HASH 239 select CRYPTO_MANAGER 240 help 241 HMAC: Keyed-Hashing for Message Authentication (RFC2104). 242 This is required for IPSec. 243 244config CRYPTO_XCBC 245 tristate "XCBC support" 246 depends on EXPERIMENTAL 247 select CRYPTO_HASH 248 select CRYPTO_MANAGER 249 help 250 XCBC: Keyed-Hashing with encryption algorithm 251 http://www.ietf.org/rfc/rfc3566.txt 252 http://csrc.nist.gov/encryption/modes/proposedmodes/ 253 xcbc-mac/xcbc-mac-spec.pdf 254 255comment "Digest" 256 257config CRYPTO_CRC32C 258 tristate "CRC32c CRC algorithm" 259 select CRYPTO_HASH 260 help 261 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 262 by iSCSI for header and data digests and by others. 263 See Castagnoli93. Module will be crc32c. 264 265config CRYPTO_CRC32C_INTEL 266 tristate "CRC32c INTEL hardware acceleration" 267 depends on X86 268 select CRYPTO_HASH 269 help 270 In Intel processor with SSE4.2 supported, the processor will 271 support CRC32C implementation using hardware accelerated CRC32 272 instruction. This option will create 'crc32c-intel' module, 273 which will enable any routine to use the CRC32 instruction to 274 gain performance compared with software implementation. 275 Module will be crc32c-intel. 276 277config CRYPTO_MD4 278 tristate "MD4 digest algorithm" 279 select CRYPTO_HASH 280 help 281 MD4 message digest algorithm (RFC1320). 282 283config CRYPTO_MD5 284 tristate "MD5 digest algorithm" 285 select CRYPTO_HASH 286 help 287 MD5 message digest algorithm (RFC1321). 288 289config CRYPTO_MICHAEL_MIC 290 tristate "Michael MIC keyed digest algorithm" 291 select CRYPTO_HASH 292 help 293 Michael MIC is used for message integrity protection in TKIP 294 (IEEE 802.11i). This algorithm is required for TKIP, but it 295 should not be used for other purposes because of the weakness 296 of the algorithm. 297 298config CRYPTO_RMD128 299 tristate "RIPEMD-128 digest algorithm" 300 select CRYPTO_HASH 301 help 302 RIPEMD-128 (ISO/IEC 10118-3:2004). 303 304 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 305 to be used as a secure replacement for RIPEMD. For other use cases 306 RIPEMD-160 should be used. 307 308 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 309 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 310 311config CRYPTO_RMD160 312 tristate "RIPEMD-160 digest algorithm" 313 select CRYPTO_HASH 314 help 315 RIPEMD-160 (ISO/IEC 10118-3:2004). 316 317 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 318 to be used as a secure replacement for the 128-bit hash functions 319 MD4, MD5 and it's predecessor RIPEMD 320 (not to be confused with RIPEMD-128). 321 322 It's speed is comparable to SHA1 and there are no known attacks 323 against RIPEMD-160. 324 325 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 326 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 327 328config CRYPTO_RMD256 329 tristate "RIPEMD-256 digest algorithm" 330 select CRYPTO_HASH 331 help 332 RIPEMD-256 is an optional extension of RIPEMD-128 with a 333 256 bit hash. It is intended for applications that require 334 longer hash-results, without needing a larger security level 335 (than RIPEMD-128). 336 337 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 338 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 339 340config CRYPTO_RMD320 341 tristate "RIPEMD-320 digest algorithm" 342 select CRYPTO_HASH 343 help 344 RIPEMD-320 is an optional extension of RIPEMD-160 with a 345 320 bit hash. It is intended for applications that require 346 longer hash-results, without needing a larger security level 347 (than RIPEMD-160). 348 349 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 350 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html> 351 352config CRYPTO_SHA1 353 tristate "SHA1 digest algorithm" 354 select CRYPTO_HASH 355 help 356 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 357 358config CRYPTO_SHA256 359 tristate "SHA224 and SHA256 digest algorithm" 360 select CRYPTO_HASH 361 help 362 SHA256 secure hash standard (DFIPS 180-2). 363 364 This version of SHA implements a 256 bit hash with 128 bits of 365 security against collision attacks. 366 367 This code also includes SHA-224, a 224 bit hash with 112 bits 368 of security against collision attacks. 369 370config CRYPTO_SHA512 371 tristate "SHA384 and SHA512 digest algorithms" 372 select CRYPTO_HASH 373 help 374 SHA512 secure hash standard (DFIPS 180-2). 375 376 This version of SHA implements a 512 bit hash with 256 bits of 377 security against collision attacks. 378 379 This code also includes SHA-384, a 384 bit hash with 192 bits 380 of security against collision attacks. 381 382config CRYPTO_TGR192 383 tristate "Tiger digest algorithms" 384 select CRYPTO_HASH 385 help 386 Tiger hash algorithm 192, 160 and 128-bit hashes 387 388 Tiger is a hash function optimized for 64-bit processors while 389 still having decent performance on 32-bit processors. 390 Tiger was developed by Ross Anderson and Eli Biham. 391 392 See also: 393 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 394 395config CRYPTO_WP512 396 tristate "Whirlpool digest algorithms" 397 select CRYPTO_HASH 398 help 399 Whirlpool hash algorithm 512, 384 and 256-bit hashes 400 401 Whirlpool-512 is part of the NESSIE cryptographic primitives. 402 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 403 404 See also: 405 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> 406 407comment "Ciphers" 408 409config CRYPTO_AES 410 tristate "AES cipher algorithms" 411 select CRYPTO_ALGAPI 412 help 413 AES cipher algorithms (FIPS-197). AES uses the Rijndael 414 algorithm. 415 416 Rijndael appears to be consistently a very good performer in 417 both hardware and software across a wide range of computing 418 environments regardless of its use in feedback or non-feedback 419 modes. Its key setup time is excellent, and its key agility is 420 good. Rijndael's very low memory requirements make it very well 421 suited for restricted-space environments, in which it also 422 demonstrates excellent performance. Rijndael's operations are 423 among the easiest to defend against power and timing attacks. 424 425 The AES specifies three key sizes: 128, 192 and 256 bits 426 427 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 428 429config CRYPTO_AES_586 430 tristate "AES cipher algorithms (i586)" 431 depends on (X86 || UML_X86) && !64BIT 432 select CRYPTO_ALGAPI 433 select CRYPTO_AES 434 help 435 AES cipher algorithms (FIPS-197). AES uses the Rijndael 436 algorithm. 437 438 Rijndael appears to be consistently a very good performer in 439 both hardware and software across a wide range of computing 440 environments regardless of its use in feedback or non-feedback 441 modes. Its key setup time is excellent, and its key agility is 442 good. Rijndael's very low memory requirements make it very well 443 suited for restricted-space environments, in which it also 444 demonstrates excellent performance. Rijndael's operations are 445 among the easiest to defend against power and timing attacks. 446 447 The AES specifies three key sizes: 128, 192 and 256 bits 448 449 See <http://csrc.nist.gov/encryption/aes/> for more information. 450 451config CRYPTO_AES_X86_64 452 tristate "AES cipher algorithms (x86_64)" 453 depends on (X86 || UML_X86) && 64BIT 454 select CRYPTO_ALGAPI 455 select CRYPTO_AES 456 help 457 AES cipher algorithms (FIPS-197). AES uses the Rijndael 458 algorithm. 459 460 Rijndael appears to be consistently a very good performer in 461 both hardware and software across a wide range of computing 462 environments regardless of its use in feedback or non-feedback 463 modes. Its key setup time is excellent, and its key agility is 464 good. Rijndael's very low memory requirements make it very well 465 suited for restricted-space environments, in which it also 466 demonstrates excellent performance. Rijndael's operations are 467 among the easiest to defend against power and timing attacks. 468 469 The AES specifies three key sizes: 128, 192 and 256 bits 470 471 See <http://csrc.nist.gov/encryption/aes/> for more information. 472 473config CRYPTO_ANUBIS 474 tristate "Anubis cipher algorithm" 475 select CRYPTO_ALGAPI 476 help 477 Anubis cipher algorithm. 478 479 Anubis is a variable key length cipher which can use keys from 480 128 bits to 320 bits in length. It was evaluated as a entrant 481 in the NESSIE competition. 482 483 See also: 484 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> 485 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> 486 487config CRYPTO_ARC4 488 tristate "ARC4 cipher algorithm" 489 select CRYPTO_ALGAPI 490 help 491 ARC4 cipher algorithm. 492 493 ARC4 is a stream cipher using keys ranging from 8 bits to 2048 494 bits in length. This algorithm is required for driver-based 495 WEP, but it should not be for other purposes because of the 496 weakness of the algorithm. 497 498config CRYPTO_BLOWFISH 499 tristate "Blowfish cipher algorithm" 500 select CRYPTO_ALGAPI 501 help 502 Blowfish cipher algorithm, by Bruce Schneier. 503 504 This is a variable key length cipher which can use keys from 32 505 bits to 448 bits in length. It's fast, simple and specifically 506 designed for use on "large microprocessors". 507 508 See also: 509 <http://www.schneier.com/blowfish.html> 510 511config CRYPTO_CAMELLIA 512 tristate "Camellia cipher algorithms" 513 depends on CRYPTO 514 select CRYPTO_ALGAPI 515 help 516 Camellia cipher algorithms module. 517 518 Camellia is a symmetric key block cipher developed jointly 519 at NTT and Mitsubishi Electric Corporation. 520 521 The Camellia specifies three key sizes: 128, 192 and 256 bits. 522 523 See also: 524 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 525 526config CRYPTO_CAST5 527 tristate "CAST5 (CAST-128) cipher algorithm" 528 select CRYPTO_ALGAPI 529 help 530 The CAST5 encryption algorithm (synonymous with CAST-128) is 531 described in RFC2144. 532 533config CRYPTO_CAST6 534 tristate "CAST6 (CAST-256) cipher algorithm" 535 select CRYPTO_ALGAPI 536 help 537 The CAST6 encryption algorithm (synonymous with CAST-256) is 538 described in RFC2612. 539 540config CRYPTO_DES 541 tristate "DES and Triple DES EDE cipher algorithms" 542 select CRYPTO_ALGAPI 543 help 544 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 545 546config CRYPTO_FCRYPT 547 tristate "FCrypt cipher algorithm" 548 select CRYPTO_ALGAPI 549 select CRYPTO_BLKCIPHER 550 help 551 FCrypt algorithm used by RxRPC. 552 553config CRYPTO_KHAZAD 554 tristate "Khazad cipher algorithm" 555 select CRYPTO_ALGAPI 556 help 557 Khazad cipher algorithm. 558 559 Khazad was a finalist in the initial NESSIE competition. It is 560 an algorithm optimized for 64-bit processors with good performance 561 on 32-bit processors. Khazad uses an 128 bit key size. 562 563 See also: 564 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> 565 566config CRYPTO_SALSA20 567 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" 568 depends on EXPERIMENTAL 569 select CRYPTO_BLKCIPHER 570 help 571 Salsa20 stream cipher algorithm. 572 573 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 574 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 575 576 The Salsa20 stream cipher algorithm is designed by Daniel J. 577 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 578 579config CRYPTO_SALSA20_586 580 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" 581 depends on (X86 || UML_X86) && !64BIT 582 depends on EXPERIMENTAL 583 select CRYPTO_BLKCIPHER 584 help 585 Salsa20 stream cipher algorithm. 586 587 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 588 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 589 590 The Salsa20 stream cipher algorithm is designed by Daniel J. 591 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 592 593config CRYPTO_SALSA20_X86_64 594 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" 595 depends on (X86 || UML_X86) && 64BIT 596 depends on EXPERIMENTAL 597 select CRYPTO_BLKCIPHER 598 help 599 Salsa20 stream cipher algorithm. 600 601 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 602 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 603 604 The Salsa20 stream cipher algorithm is designed by Daniel J. 605 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 606 607config CRYPTO_SEED 608 tristate "SEED cipher algorithm" 609 select CRYPTO_ALGAPI 610 help 611 SEED cipher algorithm (RFC4269). 612 613 SEED is a 128-bit symmetric key block cipher that has been 614 developed by KISA (Korea Information Security Agency) as a 615 national standard encryption algorithm of the Republic of Korea. 616 It is a 16 round block cipher with the key size of 128 bit. 617 618 See also: 619 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 620 621config CRYPTO_SERPENT 622 tristate "Serpent cipher algorithm" 623 select CRYPTO_ALGAPI 624 help 625 Serpent cipher algorithm, by Anderson, Biham & Knudsen. 626 627 Keys are allowed to be from 0 to 256 bits in length, in steps 628 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 629 variant of Serpent for compatibility with old kerneli.org code. 630 631 See also: 632 <http://www.cl.cam.ac.uk/~rja14/serpent.html> 633 634config CRYPTO_TEA 635 tristate "TEA, XTEA and XETA cipher algorithms" 636 select CRYPTO_ALGAPI 637 help 638 TEA cipher algorithm. 639 640 Tiny Encryption Algorithm is a simple cipher that uses 641 many rounds for security. It is very fast and uses 642 little memory. 643 644 Xtendend Tiny Encryption Algorithm is a modification to 645 the TEA algorithm to address a potential key weakness 646 in the TEA algorithm. 647 648 Xtendend Encryption Tiny Algorithm is a mis-implementation 649 of the XTEA algorithm for compatibility purposes. 650 651config CRYPTO_TWOFISH 652 tristate "Twofish cipher algorithm" 653 select CRYPTO_ALGAPI 654 select CRYPTO_TWOFISH_COMMON 655 help 656 Twofish cipher algorithm. 657 658 Twofish was submitted as an AES (Advanced Encryption Standard) 659 candidate cipher by researchers at CounterPane Systems. It is a 660 16 round block cipher supporting key sizes of 128, 192, and 256 661 bits. 662 663 See also: 664 <http://www.schneier.com/twofish.html> 665 666config CRYPTO_TWOFISH_COMMON 667 tristate 668 help 669 Common parts of the Twofish cipher algorithm shared by the 670 generic c and the assembler implementations. 671 672config CRYPTO_TWOFISH_586 673 tristate "Twofish cipher algorithms (i586)" 674 depends on (X86 || UML_X86) && !64BIT 675 select CRYPTO_ALGAPI 676 select CRYPTO_TWOFISH_COMMON 677 help 678 Twofish cipher algorithm. 679 680 Twofish was submitted as an AES (Advanced Encryption Standard) 681 candidate cipher by researchers at CounterPane Systems. It is a 682 16 round block cipher supporting key sizes of 128, 192, and 256 683 bits. 684 685 See also: 686 <http://www.schneier.com/twofish.html> 687 688config CRYPTO_TWOFISH_X86_64 689 tristate "Twofish cipher algorithm (x86_64)" 690 depends on (X86 || UML_X86) && 64BIT 691 select CRYPTO_ALGAPI 692 select CRYPTO_TWOFISH_COMMON 693 help 694 Twofish cipher algorithm (x86_64). 695 696 Twofish was submitted as an AES (Advanced Encryption Standard) 697 candidate cipher by researchers at CounterPane Systems. It is a 698 16 round block cipher supporting key sizes of 128, 192, and 256 699 bits. 700 701 See also: 702 <http://www.schneier.com/twofish.html> 703 704comment "Compression" 705 706config CRYPTO_DEFLATE 707 tristate "Deflate compression algorithm" 708 select CRYPTO_ALGAPI 709 select ZLIB_INFLATE 710 select ZLIB_DEFLATE 711 help 712 This is the Deflate algorithm (RFC1951), specified for use in 713 IPSec with the IPCOMP protocol (RFC3173, RFC2394). 714 715 You will most probably want this if using IPSec. 716 717config CRYPTO_LZO 718 tristate "LZO compression algorithm" 719 select CRYPTO_ALGAPI 720 select LZO_COMPRESS 721 select LZO_DECOMPRESS 722 help 723 This is the LZO algorithm. 724 725comment "Random Number Generation" 726 727config CRYPTO_ANSI_CPRNG 728 tristate "Pseudo Random Number Generation for Cryptographic modules" 729 select CRYPTO_AES 730 select CRYPTO_RNG 731 select CRYPTO_FIPS 732 help 733 This option enables the generic pseudo random number generator 734 for cryptographic modules. Uses the Algorithm specified in 735 ANSI X9.31 A.2.4 736 737source "drivers/crypto/Kconfig" 738 739endif # if CRYPTO 740