~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/crypto/Kconfig

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /crypto/Kconfig (Version linux-6.12-rc7) and /crypto/Kconfig (Version linux-6.4.16)


  1 # SPDX-License-Identifier: GPL-2.0                  1 # SPDX-License-Identifier: GPL-2.0
  2 #                                                   2 #
  3 # Generic algorithms support                        3 # Generic algorithms support
  4 #                                                   4 #
  5 config XOR_BLOCKS                                   5 config XOR_BLOCKS
  6         tristate                                    6         tristate
  7                                                     7 
  8 #                                                   8 #
  9 # async_tx api: hardware offloaded memory tran      9 # async_tx api: hardware offloaded memory transfer/transform support
 10 #                                                  10 #
 11 source "crypto/async_tx/Kconfig"                   11 source "crypto/async_tx/Kconfig"
 12                                                    12 
 13 #                                                  13 #
 14 # Cryptographic API Configuration                  14 # Cryptographic API Configuration
 15 #                                                  15 #
 16 menuconfig CRYPTO                                  16 menuconfig CRYPTO
 17         tristate "Cryptographic API"               17         tristate "Cryptographic API"
 18         select CRYPTO_LIB_UTILS                    18         select CRYPTO_LIB_UTILS
 19         help                                       19         help
 20           This option provides the core Crypto     20           This option provides the core Cryptographic API.
 21                                                    21 
 22 if CRYPTO                                          22 if CRYPTO
 23                                                    23 
 24 menu "Crypto core or helper"                       24 menu "Crypto core or helper"
 25                                                    25 
 26 config CRYPTO_FIPS                                 26 config CRYPTO_FIPS
 27         bool "FIPS 200 compliance"                 27         bool "FIPS 200 compliance"
 28         depends on (CRYPTO_ANSI_CPRNG || CRYPT     28         depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
 29         depends on (MODULE_SIG || !MODULES)        29         depends on (MODULE_SIG || !MODULES)
 30         help                                       30         help
 31           This option enables the fips boot op     31           This option enables the fips boot option which is
 32           required if you want the system to o     32           required if you want the system to operate in a FIPS 200
 33           certification.  You should say no un     33           certification.  You should say no unless you know what
 34           this is.                                 34           this is.
 35                                                    35 
 36 config CRYPTO_FIPS_NAME                            36 config CRYPTO_FIPS_NAME
 37         string "FIPS Module Name"                  37         string "FIPS Module Name"
 38         default "Linux Kernel Cryptographic AP     38         default "Linux Kernel Cryptographic API"
 39         depends on CRYPTO_FIPS                     39         depends on CRYPTO_FIPS
 40         help                                       40         help
 41           This option sets the FIPS Module nam     41           This option sets the FIPS Module name reported by the Crypto API via
 42           the /proc/sys/crypto/fips_name file.     42           the /proc/sys/crypto/fips_name file.
 43                                                    43 
 44 config CRYPTO_FIPS_CUSTOM_VERSION                  44 config CRYPTO_FIPS_CUSTOM_VERSION
 45         bool "Use Custom FIPS Module Version"      45         bool "Use Custom FIPS Module Version"
 46         depends on CRYPTO_FIPS                     46         depends on CRYPTO_FIPS
 47         default n                                  47         default n
 48                                                    48 
 49 config CRYPTO_FIPS_VERSION                         49 config CRYPTO_FIPS_VERSION
 50         string "FIPS Module Version"               50         string "FIPS Module Version"
 51         default "(none)"                           51         default "(none)"
 52         depends on CRYPTO_FIPS_CUSTOM_VERSION      52         depends on CRYPTO_FIPS_CUSTOM_VERSION
 53         help                                       53         help
 54           This option provides the ability to      54           This option provides the ability to override the FIPS Module Version.
 55           By default the KERNELRELEASE value i     55           By default the KERNELRELEASE value is used.
 56                                                    56 
 57 config CRYPTO_ALGAPI                               57 config CRYPTO_ALGAPI
 58         tristate                                   58         tristate
 59         select CRYPTO_ALGAPI2                      59         select CRYPTO_ALGAPI2
 60         help                                       60         help
 61           This option provides the API for cry     61           This option provides the API for cryptographic algorithms.
 62                                                    62 
 63 config CRYPTO_ALGAPI2                              63 config CRYPTO_ALGAPI2
 64         tristate                                   64         tristate
 65                                                    65 
 66 config CRYPTO_AEAD                                 66 config CRYPTO_AEAD
 67         tristate                                   67         tristate
 68         select CRYPTO_AEAD2                        68         select CRYPTO_AEAD2
 69         select CRYPTO_ALGAPI                       69         select CRYPTO_ALGAPI
 70                                                    70 
 71 config CRYPTO_AEAD2                                71 config CRYPTO_AEAD2
 72         tristate                                   72         tristate
 73         select CRYPTO_ALGAPI2                      73         select CRYPTO_ALGAPI2
 74                                                !!  74         select CRYPTO_NULL2
 75 config CRYPTO_SIG                              !!  75         select CRYPTO_RNG2
 76         tristate                               << 
 77         select CRYPTO_SIG2                     << 
 78         select CRYPTO_ALGAPI                   << 
 79                                                << 
 80 config CRYPTO_SIG2                             << 
 81         tristate                               << 
 82         select CRYPTO_ALGAPI2                  << 
 83                                                    76 
 84 config CRYPTO_SKCIPHER                             77 config CRYPTO_SKCIPHER
 85         tristate                                   78         tristate
 86         select CRYPTO_SKCIPHER2                    79         select CRYPTO_SKCIPHER2
 87         select CRYPTO_ALGAPI                       80         select CRYPTO_ALGAPI
 88         select CRYPTO_ECB                      << 
 89                                                    81 
 90 config CRYPTO_SKCIPHER2                            82 config CRYPTO_SKCIPHER2
 91         tristate                                   83         tristate
 92         select CRYPTO_ALGAPI2                      84         select CRYPTO_ALGAPI2
                                                   >>  85         select CRYPTO_RNG2
 93                                                    86 
 94 config CRYPTO_HASH                                 87 config CRYPTO_HASH
 95         tristate                                   88         tristate
 96         select CRYPTO_HASH2                        89         select CRYPTO_HASH2
 97         select CRYPTO_ALGAPI                       90         select CRYPTO_ALGAPI
 98                                                    91 
 99 config CRYPTO_HASH2                                92 config CRYPTO_HASH2
100         tristate                                   93         tristate
101         select CRYPTO_ALGAPI2                      94         select CRYPTO_ALGAPI2
102                                                    95 
103 config CRYPTO_RNG                                  96 config CRYPTO_RNG
104         tristate                                   97         tristate
105         select CRYPTO_RNG2                         98         select CRYPTO_RNG2
106         select CRYPTO_ALGAPI                       99         select CRYPTO_ALGAPI
107                                                   100 
108 config CRYPTO_RNG2                                101 config CRYPTO_RNG2
109         tristate                                  102         tristate
110         select CRYPTO_ALGAPI2                     103         select CRYPTO_ALGAPI2
111                                                   104 
112 config CRYPTO_RNG_DEFAULT                         105 config CRYPTO_RNG_DEFAULT
113         tristate                                  106         tristate
114         select CRYPTO_DRBG_MENU                   107         select CRYPTO_DRBG_MENU
115                                                   108 
116 config CRYPTO_AKCIPHER2                           109 config CRYPTO_AKCIPHER2
117         tristate                                  110         tristate
118         select CRYPTO_ALGAPI2                     111         select CRYPTO_ALGAPI2
119                                                   112 
120 config CRYPTO_AKCIPHER                            113 config CRYPTO_AKCIPHER
121         tristate                                  114         tristate
122         select CRYPTO_AKCIPHER2                   115         select CRYPTO_AKCIPHER2
123         select CRYPTO_ALGAPI                      116         select CRYPTO_ALGAPI
124                                                   117 
125 config CRYPTO_KPP2                                118 config CRYPTO_KPP2
126         tristate                                  119         tristate
127         select CRYPTO_ALGAPI2                     120         select CRYPTO_ALGAPI2
128                                                   121 
129 config CRYPTO_KPP                                 122 config CRYPTO_KPP
130         tristate                                  123         tristate
131         select CRYPTO_ALGAPI                      124         select CRYPTO_ALGAPI
132         select CRYPTO_KPP2                        125         select CRYPTO_KPP2
133                                                   126 
134 config CRYPTO_ACOMP2                              127 config CRYPTO_ACOMP2
135         tristate                                  128         tristate
136         select CRYPTO_ALGAPI2                     129         select CRYPTO_ALGAPI2
137         select SGL_ALLOC                          130         select SGL_ALLOC
138                                                   131 
139 config CRYPTO_ACOMP                               132 config CRYPTO_ACOMP
140         tristate                                  133         tristate
141         select CRYPTO_ALGAPI                      134         select CRYPTO_ALGAPI
142         select CRYPTO_ACOMP2                      135         select CRYPTO_ACOMP2
143                                                   136 
144 config CRYPTO_MANAGER                             137 config CRYPTO_MANAGER
145         tristate "Cryptographic algorithm mana    138         tristate "Cryptographic algorithm manager"
146         select CRYPTO_MANAGER2                    139         select CRYPTO_MANAGER2
147         help                                      140         help
148           Create default cryptographic templat    141           Create default cryptographic template instantiations such as
149           cbc(aes).                               142           cbc(aes).
150                                                   143 
151 config CRYPTO_MANAGER2                            144 config CRYPTO_MANAGER2
152         def_tristate CRYPTO_MANAGER || (CRYPTO    145         def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
153         select CRYPTO_ACOMP2                   << 
154         select CRYPTO_AEAD2                       146         select CRYPTO_AEAD2
155         select CRYPTO_AKCIPHER2                << 
156         select CRYPTO_SIG2                     << 
157         select CRYPTO_HASH2                       147         select CRYPTO_HASH2
158         select CRYPTO_KPP2                     << 
159         select CRYPTO_RNG2                     << 
160         select CRYPTO_SKCIPHER2                   148         select CRYPTO_SKCIPHER2
                                                   >> 149         select CRYPTO_AKCIPHER2
                                                   >> 150         select CRYPTO_KPP2
                                                   >> 151         select CRYPTO_ACOMP2
161                                                   152 
162 config CRYPTO_USER                                153 config CRYPTO_USER
163         tristate "Userspace cryptographic algo    154         tristate "Userspace cryptographic algorithm configuration"
164         depends on NET                            155         depends on NET
165         select CRYPTO_MANAGER                     156         select CRYPTO_MANAGER
166         help                                      157         help
167           Userspace configuration for cryptogr    158           Userspace configuration for cryptographic instantiations such as
168           cbc(aes).                               159           cbc(aes).
169                                                   160 
170 config CRYPTO_MANAGER_DISABLE_TESTS               161 config CRYPTO_MANAGER_DISABLE_TESTS
171         bool "Disable run-time self tests"        162         bool "Disable run-time self tests"
172         default y                                 163         default y
173         help                                      164         help
174           Disable run-time self tests that nor    165           Disable run-time self tests that normally take place at
175           algorithm registration.                 166           algorithm registration.
176                                                   167 
177 config CRYPTO_MANAGER_EXTRA_TESTS                 168 config CRYPTO_MANAGER_EXTRA_TESTS
178         bool "Enable extra run-time crypto sel    169         bool "Enable extra run-time crypto self tests"
179         depends on DEBUG_KERNEL && !CRYPTO_MAN    170         depends on DEBUG_KERNEL && !CRYPTO_MANAGER_DISABLE_TESTS && CRYPTO_MANAGER
180         help                                      171         help
181           Enable extra run-time self tests of     172           Enable extra run-time self tests of registered crypto algorithms,
182           including randomized fuzz tests.        173           including randomized fuzz tests.
183                                                   174 
184           This is intended for developer use o    175           This is intended for developer use only, as these tests take much
185           longer to run than the normal self t    176           longer to run than the normal self tests.
186                                                   177 
187 config CRYPTO_NULL                                178 config CRYPTO_NULL
188         tristate "Null algorithms"                179         tristate "Null algorithms"
189         select CRYPTO_NULL2                       180         select CRYPTO_NULL2
190         help                                      181         help
191           These are 'Null' algorithms, used by    182           These are 'Null' algorithms, used by IPsec, which do nothing.
192                                                   183 
193 config CRYPTO_NULL2                               184 config CRYPTO_NULL2
194         tristate                                  185         tristate
195         select CRYPTO_ALGAPI2                     186         select CRYPTO_ALGAPI2
196         select CRYPTO_SKCIPHER2                   187         select CRYPTO_SKCIPHER2
197         select CRYPTO_HASH2                       188         select CRYPTO_HASH2
198                                                   189 
199 config CRYPTO_PCRYPT                              190 config CRYPTO_PCRYPT
200         tristate "Parallel crypto engine"         191         tristate "Parallel crypto engine"
201         depends on SMP                            192         depends on SMP
202         select PADATA                             193         select PADATA
203         select CRYPTO_MANAGER                     194         select CRYPTO_MANAGER
204         select CRYPTO_AEAD                        195         select CRYPTO_AEAD
205         help                                      196         help
206           This converts an arbitrary crypto al    197           This converts an arbitrary crypto algorithm into a parallel
207           algorithm that executes in kernel th    198           algorithm that executes in kernel threads.
208                                                   199 
209 config CRYPTO_CRYPTD                              200 config CRYPTO_CRYPTD
210         tristate "Software async crypto daemon    201         tristate "Software async crypto daemon"
211         select CRYPTO_SKCIPHER                    202         select CRYPTO_SKCIPHER
212         select CRYPTO_HASH                        203         select CRYPTO_HASH
213         select CRYPTO_MANAGER                     204         select CRYPTO_MANAGER
214         help                                      205         help
215           This is a generic software asynchron    206           This is a generic software asynchronous crypto daemon that
216           converts an arbitrary synchronous so    207           converts an arbitrary synchronous software crypto algorithm
217           into an asynchronous algorithm that     208           into an asynchronous algorithm that executes in a kernel thread.
218                                                   209 
219 config CRYPTO_AUTHENC                             210 config CRYPTO_AUTHENC
220         tristate "Authenc support"                211         tristate "Authenc support"
221         select CRYPTO_AEAD                        212         select CRYPTO_AEAD
222         select CRYPTO_SKCIPHER                    213         select CRYPTO_SKCIPHER
223         select CRYPTO_MANAGER                     214         select CRYPTO_MANAGER
224         select CRYPTO_HASH                        215         select CRYPTO_HASH
225         select CRYPTO_NULL                        216         select CRYPTO_NULL
226         help                                      217         help
227           Authenc: Combined mode wrapper for I    218           Authenc: Combined mode wrapper for IPsec.
228                                                   219 
229           This is required for IPSec ESP (XFRM    220           This is required for IPSec ESP (XFRM_ESP).
230                                                   221 
231 config CRYPTO_TEST                                222 config CRYPTO_TEST
232         tristate "Testing module"                 223         tristate "Testing module"
233         depends on m || EXPERT                    224         depends on m || EXPERT
234         select CRYPTO_MANAGER                     225         select CRYPTO_MANAGER
235         help                                      226         help
236           Quick & dirty crypto test module.       227           Quick & dirty crypto test module.
237                                                   228 
238 config CRYPTO_SIMD                                229 config CRYPTO_SIMD
239         tristate                                  230         tristate
240         select CRYPTO_CRYPTD                      231         select CRYPTO_CRYPTD
241                                                   232 
242 config CRYPTO_ENGINE                              233 config CRYPTO_ENGINE
243         tristate                                  234         tristate
244                                                   235 
245 endmenu                                           236 endmenu
246                                                   237 
247 menu "Public-key cryptography"                    238 menu "Public-key cryptography"
248                                                   239 
249 config CRYPTO_RSA                                 240 config CRYPTO_RSA
250         tristate "RSA (Rivest-Shamir-Adleman)"    241         tristate "RSA (Rivest-Shamir-Adleman)"
251         select CRYPTO_AKCIPHER                    242         select CRYPTO_AKCIPHER
252         select CRYPTO_MANAGER                     243         select CRYPTO_MANAGER
253         select MPILIB                             244         select MPILIB
254         select ASN1                               245         select ASN1
255         help                                      246         help
256           RSA (Rivest-Shamir-Adleman) public k    247           RSA (Rivest-Shamir-Adleman) public key algorithm (RFC8017)
257                                                   248 
258 config CRYPTO_DH                                  249 config CRYPTO_DH
259         tristate "DH (Diffie-Hellman)"            250         tristate "DH (Diffie-Hellman)"
260         select CRYPTO_KPP                         251         select CRYPTO_KPP
261         select MPILIB                             252         select MPILIB
262         help                                      253         help
263           DH (Diffie-Hellman) key exchange alg    254           DH (Diffie-Hellman) key exchange algorithm
264                                                   255 
265 config CRYPTO_DH_RFC7919_GROUPS                   256 config CRYPTO_DH_RFC7919_GROUPS
266         bool "RFC 7919 FFDHE groups"              257         bool "RFC 7919 FFDHE groups"
267         depends on CRYPTO_DH                      258         depends on CRYPTO_DH
268         select CRYPTO_RNG_DEFAULT                 259         select CRYPTO_RNG_DEFAULT
269         help                                      260         help
270           FFDHE (Finite-Field-based Diffie-Hel    261           FFDHE (Finite-Field-based Diffie-Hellman Ephemeral) groups
271           defined in RFC7919.                     262           defined in RFC7919.
272                                                   263 
273           Support these finite-field groups in    264           Support these finite-field groups in DH key exchanges:
274           - ffdhe2048, ffdhe3072, ffdhe4096, f    265           - ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192
275                                                   266 
276           If unsure, say N.                       267           If unsure, say N.
277                                                   268 
278 config CRYPTO_ECC                                 269 config CRYPTO_ECC
279         tristate                                  270         tristate
280         select CRYPTO_RNG_DEFAULT                 271         select CRYPTO_RNG_DEFAULT
281                                                   272 
282 config CRYPTO_ECDH                                273 config CRYPTO_ECDH
283         tristate "ECDH (Elliptic Curve Diffie-    274         tristate "ECDH (Elliptic Curve Diffie-Hellman)"
284         select CRYPTO_ECC                         275         select CRYPTO_ECC
285         select CRYPTO_KPP                         276         select CRYPTO_KPP
286         help                                      277         help
287           ECDH (Elliptic Curve Diffie-Hellman)    278           ECDH (Elliptic Curve Diffie-Hellman) key exchange algorithm
288           using curves P-192, P-256, and P-384    279           using curves P-192, P-256, and P-384 (FIPS 186)
289                                                   280 
290 config CRYPTO_ECDSA                               281 config CRYPTO_ECDSA
291         tristate "ECDSA (Elliptic Curve Digita    282         tristate "ECDSA (Elliptic Curve Digital Signature Algorithm)"
292         select CRYPTO_ECC                         283         select CRYPTO_ECC
293         select CRYPTO_AKCIPHER                    284         select CRYPTO_AKCIPHER
294         select ASN1                               285         select ASN1
295         help                                      286         help
296           ECDSA (Elliptic Curve Digital Signat    287           ECDSA (Elliptic Curve Digital Signature Algorithm) (FIPS 186,
297           ISO/IEC 14888-3)                        288           ISO/IEC 14888-3)
298           using curves P-192, P-256, and P-384    289           using curves P-192, P-256, and P-384
299                                                   290 
300           Only signature verification is imple    291           Only signature verification is implemented.
301                                                   292 
302 config CRYPTO_ECRDSA                              293 config CRYPTO_ECRDSA
303         tristate "EC-RDSA (Elliptic Curve Russ    294         tristate "EC-RDSA (Elliptic Curve Russian Digital Signature Algorithm)"
304         select CRYPTO_ECC                         295         select CRYPTO_ECC
305         select CRYPTO_AKCIPHER                    296         select CRYPTO_AKCIPHER
306         select CRYPTO_STREEBOG                    297         select CRYPTO_STREEBOG
307         select OID_REGISTRY                       298         select OID_REGISTRY
308         select ASN1                               299         select ASN1
309         help                                      300         help
310           Elliptic Curve Russian Digital Signa    301           Elliptic Curve Russian Digital Signature Algorithm (GOST R 34.10-2012,
311           RFC 7091, ISO/IEC 14888-3)              302           RFC 7091, ISO/IEC 14888-3)
312                                                   303 
313           One of the Russian cryptographic sta    304           One of the Russian cryptographic standard algorithms (called GOST
314           algorithms). Only signature verifica    305           algorithms). Only signature verification is implemented.
315                                                   306 
                                                   >> 307 config CRYPTO_SM2
                                                   >> 308         tristate "SM2 (ShangMi 2)"
                                                   >> 309         select CRYPTO_SM3
                                                   >> 310         select CRYPTO_AKCIPHER
                                                   >> 311         select CRYPTO_MANAGER
                                                   >> 312         select MPILIB
                                                   >> 313         select ASN1
                                                   >> 314         help
                                                   >> 315           SM2 (ShangMi 2) public key algorithm
                                                   >> 316 
                                                   >> 317           Published by State Encryption Management Bureau, China,
                                                   >> 318           as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.
                                                   >> 319 
                                                   >> 320           References:
                                                   >> 321           https://datatracker.ietf.org/doc/draft-shen-sm2-ecdsa/
                                                   >> 322           http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml
                                                   >> 323           http://www.gmbz.org.cn/main/bzlb.html
                                                   >> 324 
316 config CRYPTO_CURVE25519                          325 config CRYPTO_CURVE25519
317         tristate "Curve25519"                     326         tristate "Curve25519"
318         select CRYPTO_KPP                         327         select CRYPTO_KPP
319         select CRYPTO_LIB_CURVE25519_GENERIC      328         select CRYPTO_LIB_CURVE25519_GENERIC
320         help                                      329         help
321           Curve25519 elliptic curve (RFC7748)     330           Curve25519 elliptic curve (RFC7748)
322                                                   331 
323 endmenu                                           332 endmenu
324                                                   333 
325 menu "Block ciphers"                              334 menu "Block ciphers"
326                                                   335 
327 config CRYPTO_AES                                 336 config CRYPTO_AES
328         tristate "AES (Advanced Encryption Sta    337         tristate "AES (Advanced Encryption Standard)"
329         select CRYPTO_ALGAPI                      338         select CRYPTO_ALGAPI
330         select CRYPTO_LIB_AES                     339         select CRYPTO_LIB_AES
331         help                                      340         help
332           AES cipher algorithms (Rijndael)(FIP    341           AES cipher algorithms (Rijndael)(FIPS-197, ISO/IEC 18033-3)
333                                                   342 
334           Rijndael appears to be consistently     343           Rijndael appears to be consistently a very good performer in
335           both hardware and software across a     344           both hardware and software across a wide range of computing
336           environments regardless of its use i    345           environments regardless of its use in feedback or non-feedback
337           modes. Its key setup time is excelle    346           modes. Its key setup time is excellent, and its key agility is
338           good. Rijndael's very low memory req    347           good. Rijndael's very low memory requirements make it very well
339           suited for restricted-space environm    348           suited for restricted-space environments, in which it also
340           demonstrates excellent performance.     349           demonstrates excellent performance. Rijndael's operations are
341           among the easiest to defend against     350           among the easiest to defend against power and timing attacks.
342                                                   351 
343           The AES specifies three key sizes: 1    352           The AES specifies three key sizes: 128, 192 and 256 bits
344                                                   353 
345 config CRYPTO_AES_TI                              354 config CRYPTO_AES_TI
346         tristate "AES (Advanced Encryption Sta    355         tristate "AES (Advanced Encryption Standard) (fixed time)"
347         select CRYPTO_ALGAPI                      356         select CRYPTO_ALGAPI
348         select CRYPTO_LIB_AES                     357         select CRYPTO_LIB_AES
349         help                                      358         help
350           AES cipher algorithms (Rijndael)(FIP    359           AES cipher algorithms (Rijndael)(FIPS-197, ISO/IEC 18033-3)
351                                                   360 
352           This is a generic implementation of     361           This is a generic implementation of AES that attempts to eliminate
353           data dependent latencies as much as     362           data dependent latencies as much as possible without affecting
354           performance too much. It is intended    363           performance too much. It is intended for use by the generic CCM
355           and GCM drivers, and other CTR or CM    364           and GCM drivers, and other CTR or CMAC/XCBC based modes that rely
356           solely on encryption (although decry    365           solely on encryption (although decryption is supported as well, but
357           with a more dramatic performance hit    366           with a more dramatic performance hit)
358                                                   367 
359           Instead of using 16 lookup tables of    368           Instead of using 16 lookup tables of 1 KB each, (8 for encryption and
360           8 for decryption), this implementati    369           8 for decryption), this implementation only uses just two S-boxes of
361           256 bytes each, and attempts to elim    370           256 bytes each, and attempts to eliminate data dependent latencies by
362           prefetching the entire table into th    371           prefetching the entire table into the cache at the start of each
363           block. Interrupts are also disabled     372           block. Interrupts are also disabled to avoid races where cachelines
364           are evicted when the CPU is interrup    373           are evicted when the CPU is interrupted to do something else.
365                                                   374 
366 config CRYPTO_ANUBIS                              375 config CRYPTO_ANUBIS
367         tristate "Anubis"                         376         tristate "Anubis"
368         depends on CRYPTO_USER_API_ENABLE_OBSO    377         depends on CRYPTO_USER_API_ENABLE_OBSOLETE
369         select CRYPTO_ALGAPI                      378         select CRYPTO_ALGAPI
370         help                                      379         help
371           Anubis cipher algorithm                 380           Anubis cipher algorithm
372                                                   381 
373           Anubis is a variable key length ciph    382           Anubis is a variable key length cipher which can use keys from
374           128 bits to 320 bits in length.  It     383           128 bits to 320 bits in length.  It was evaluated as a entrant
375           in the NESSIE competition.              384           in the NESSIE competition.
376                                                   385 
377           See https://web.archive.org/web/2016    386           See https://web.archive.org/web/20160606112246/http://www.larc.usp.br/~pbarreto/AnubisPage.html
378           for further information.                387           for further information.
379                                                   388 
380 config CRYPTO_ARIA                                389 config CRYPTO_ARIA
381         tristate "ARIA"                           390         tristate "ARIA"
382         select CRYPTO_ALGAPI                      391         select CRYPTO_ALGAPI
383         help                                      392         help
384           ARIA cipher algorithm (RFC5794)         393           ARIA cipher algorithm (RFC5794)
385                                                   394 
386           ARIA is a standard encryption algori    395           ARIA is a standard encryption algorithm of the Republic of Korea.
387           The ARIA specifies three key sizes a    396           The ARIA specifies three key sizes and rounds.
388           128-bit: 12 rounds.                     397           128-bit: 12 rounds.
389           192-bit: 14 rounds.                     398           192-bit: 14 rounds.
390           256-bit: 16 rounds.                     399           256-bit: 16 rounds.
391                                                   400 
392           See:                                    401           See:
393           https://seed.kisa.or.kr/kisa/algorit    402           https://seed.kisa.or.kr/kisa/algorithm/EgovAriaInfo.do
394                                                   403 
395 config CRYPTO_BLOWFISH                            404 config CRYPTO_BLOWFISH
396         tristate "Blowfish"                       405         tristate "Blowfish"
397         select CRYPTO_ALGAPI                      406         select CRYPTO_ALGAPI
398         select CRYPTO_BLOWFISH_COMMON             407         select CRYPTO_BLOWFISH_COMMON
399         help                                      408         help
400           Blowfish cipher algorithm, by Bruce     409           Blowfish cipher algorithm, by Bruce Schneier
401                                                   410 
402           This is a variable key length cipher    411           This is a variable key length cipher which can use keys from 32
403           bits to 448 bits in length.  It's fa    412           bits to 448 bits in length.  It's fast, simple and specifically
404           designed for use on "large microproc    413           designed for use on "large microprocessors".
405                                                   414 
406           See https://www.schneier.com/blowfis    415           See https://www.schneier.com/blowfish.html for further information.
407                                                   416 
408 config CRYPTO_BLOWFISH_COMMON                     417 config CRYPTO_BLOWFISH_COMMON
409         tristate                                  418         tristate
410         help                                      419         help
411           Common parts of the Blowfish cipher     420           Common parts of the Blowfish cipher algorithm shared by the
412           generic c and the assembler implemen    421           generic c and the assembler implementations.
413                                                   422 
414 config CRYPTO_CAMELLIA                            423 config CRYPTO_CAMELLIA
415         tristate "Camellia"                       424         tristate "Camellia"
416         select CRYPTO_ALGAPI                      425         select CRYPTO_ALGAPI
417         help                                      426         help
418           Camellia cipher algorithms (ISO/IEC     427           Camellia cipher algorithms (ISO/IEC 18033-3)
419                                                   428 
420           Camellia is a symmetric key block ci    429           Camellia is a symmetric key block cipher developed jointly
421           at NTT and Mitsubishi Electric Corpo    430           at NTT and Mitsubishi Electric Corporation.
422                                                   431 
423           The Camellia specifies three key siz    432           The Camellia specifies three key sizes: 128, 192 and 256 bits.
424                                                   433 
425           See https://info.isl.ntt.co.jp/crypt    434           See https://info.isl.ntt.co.jp/crypt/eng/camellia/ for further information.
426                                                   435 
427 config CRYPTO_CAST_COMMON                         436 config CRYPTO_CAST_COMMON
428         tristate                                  437         tristate
429         help                                      438         help
430           Common parts of the CAST cipher algo    439           Common parts of the CAST cipher algorithms shared by the
431           generic c and the assembler implemen    440           generic c and the assembler implementations.
432                                                   441 
433 config CRYPTO_CAST5                               442 config CRYPTO_CAST5
434         tristate "CAST5 (CAST-128)"               443         tristate "CAST5 (CAST-128)"
435         select CRYPTO_ALGAPI                      444         select CRYPTO_ALGAPI
436         select CRYPTO_CAST_COMMON                 445         select CRYPTO_CAST_COMMON
437         help                                      446         help
438           CAST5 (CAST-128) cipher algorithm (R    447           CAST5 (CAST-128) cipher algorithm (RFC2144, ISO/IEC 18033-3)
439                                                   448 
440 config CRYPTO_CAST6                               449 config CRYPTO_CAST6
441         tristate "CAST6 (CAST-256)"               450         tristate "CAST6 (CAST-256)"
442         select CRYPTO_ALGAPI                      451         select CRYPTO_ALGAPI
443         select CRYPTO_CAST_COMMON                 452         select CRYPTO_CAST_COMMON
444         help                                      453         help
445           CAST6 (CAST-256) encryption algorith    454           CAST6 (CAST-256) encryption algorithm (RFC2612)
446                                                   455 
447 config CRYPTO_DES                                 456 config CRYPTO_DES
448         tristate "DES and Triple DES EDE"         457         tristate "DES and Triple DES EDE"
449         select CRYPTO_ALGAPI                      458         select CRYPTO_ALGAPI
450         select CRYPTO_LIB_DES                     459         select CRYPTO_LIB_DES
451         help                                      460         help
452           DES (Data Encryption Standard)(FIPS     461           DES (Data Encryption Standard)(FIPS 46-2, ISO/IEC 18033-3) and
453           Triple DES EDE (Encrypt/Decrypt/Encr    462           Triple DES EDE (Encrypt/Decrypt/Encrypt) (FIPS 46-3, ISO/IEC 18033-3)
454           cipher algorithms                       463           cipher algorithms
455                                                   464 
456 config CRYPTO_FCRYPT                              465 config CRYPTO_FCRYPT
457         tristate "FCrypt"                         466         tristate "FCrypt"
458         select CRYPTO_ALGAPI                      467         select CRYPTO_ALGAPI
459         select CRYPTO_SKCIPHER                    468         select CRYPTO_SKCIPHER
460         help                                      469         help
461           FCrypt algorithm used by RxRPC          470           FCrypt algorithm used by RxRPC
462                                                   471 
463           See https://ota.polyonymo.us/fcrypt-    472           See https://ota.polyonymo.us/fcrypt-paper.txt
464                                                   473 
465 config CRYPTO_KHAZAD                              474 config CRYPTO_KHAZAD
466         tristate "Khazad"                         475         tristate "Khazad"
467         depends on CRYPTO_USER_API_ENABLE_OBSO    476         depends on CRYPTO_USER_API_ENABLE_OBSOLETE
468         select CRYPTO_ALGAPI                      477         select CRYPTO_ALGAPI
469         help                                      478         help
470           Khazad cipher algorithm                 479           Khazad cipher algorithm
471                                                   480 
472           Khazad was a finalist in the initial    481           Khazad was a finalist in the initial NESSIE competition.  It is
473           an algorithm optimized for 64-bit pr    482           an algorithm optimized for 64-bit processors with good performance
474           on 32-bit processors.  Khazad uses a    483           on 32-bit processors.  Khazad uses an 128 bit key size.
475                                                   484 
476           See https://web.archive.org/web/2017    485           See https://web.archive.org/web/20171011071731/http://www.larc.usp.br/~pbarreto/KhazadPage.html
477           for further information.                486           for further information.
478                                                   487 
479 config CRYPTO_SEED                                488 config CRYPTO_SEED
480         tristate "SEED"                           489         tristate "SEED"
481         depends on CRYPTO_USER_API_ENABLE_OBSO    490         depends on CRYPTO_USER_API_ENABLE_OBSOLETE
482         select CRYPTO_ALGAPI                      491         select CRYPTO_ALGAPI
483         help                                      492         help
484           SEED cipher algorithm (RFC4269, ISO/    493           SEED cipher algorithm (RFC4269, ISO/IEC 18033-3)
485                                                   494 
486           SEED is a 128-bit symmetric key bloc    495           SEED is a 128-bit symmetric key block cipher that has been
487           developed by KISA (Korea Information    496           developed by KISA (Korea Information Security Agency) as a
488           national standard encryption algorit    497           national standard encryption algorithm of the Republic of Korea.
489           It is a 16 round block cipher with t    498           It is a 16 round block cipher with the key size of 128 bit.
490                                                   499 
491           See https://seed.kisa.or.kr/kisa/alg    500           See https://seed.kisa.or.kr/kisa/algorithm/EgovSeedInfo.do
492           for further information.                501           for further information.
493                                                   502 
494 config CRYPTO_SERPENT                             503 config CRYPTO_SERPENT
495         tristate "Serpent"                        504         tristate "Serpent"
496         select CRYPTO_ALGAPI                      505         select CRYPTO_ALGAPI
497         help                                      506         help
498           Serpent cipher algorithm, by Anderso    507           Serpent cipher algorithm, by Anderson, Biham & Knudsen
499                                                   508 
500           Keys are allowed to be from 0 to 256    509           Keys are allowed to be from 0 to 256 bits in length, in steps
501           of 8 bits.                              510           of 8 bits.
502                                                   511 
503           See https://www.cl.cam.ac.uk/~rja14/    512           See https://www.cl.cam.ac.uk/~rja14/serpent.html for further information.
504                                                   513 
505 config CRYPTO_SM4                                 514 config CRYPTO_SM4
506         tristate                                  515         tristate
507                                                   516 
508 config CRYPTO_SM4_GENERIC                         517 config CRYPTO_SM4_GENERIC
509         tristate "SM4 (ShangMi 4)"                518         tristate "SM4 (ShangMi 4)"
510         select CRYPTO_ALGAPI                      519         select CRYPTO_ALGAPI
511         select CRYPTO_SM4                         520         select CRYPTO_SM4
512         help                                      521         help
513           SM4 cipher algorithms (OSCCA GB/T 32    522           SM4 cipher algorithms (OSCCA GB/T 32907-2016,
514           ISO/IEC 18033-3:2010/Amd 1:2021)        523           ISO/IEC 18033-3:2010/Amd 1:2021)
515                                                   524 
516           SM4 (GBT.32907-2016) is a cryptograp    525           SM4 (GBT.32907-2016) is a cryptographic standard issued by the
517           Organization of State Commercial Adm    526           Organization of State Commercial Administration of China (OSCCA)
518           as an authorized cryptographic algor    527           as an authorized cryptographic algorithms for the use within China.
519                                                   528 
520           SMS4 was originally created for use     529           SMS4 was originally created for use in protecting wireless
521           networks, and is mandated in the Chi    530           networks, and is mandated in the Chinese National Standard for
522           Wireless LAN WAPI (Wired Authenticat    531           Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure)
523           (GB.15629.11-2003).                     532           (GB.15629.11-2003).
524                                                   533 
525           The latest SM4 standard (GBT.32907-2    534           The latest SM4 standard (GBT.32907-2016) was proposed by OSCCA and
526           standardized through TC 260 of the S    535           standardized through TC 260 of the Standardization Administration
527           of the People's Republic of China (S    536           of the People's Republic of China (SAC).
528                                                   537 
529           The input, output, and key of SMS4 a    538           The input, output, and key of SMS4 are each 128 bits.
530                                                   539 
531           See https://eprint.iacr.org/2008/329    540           See https://eprint.iacr.org/2008/329.pdf for further information.
532                                                   541 
533           If unsure, say N.                       542           If unsure, say N.
534                                                   543 
535 config CRYPTO_TEA                                 544 config CRYPTO_TEA
536         tristate "TEA, XTEA and XETA"             545         tristate "TEA, XTEA and XETA"
537         depends on CRYPTO_USER_API_ENABLE_OBSO    546         depends on CRYPTO_USER_API_ENABLE_OBSOLETE
538         select CRYPTO_ALGAPI                      547         select CRYPTO_ALGAPI
539         help                                      548         help
540           TEA (Tiny Encryption Algorithm) ciph    549           TEA (Tiny Encryption Algorithm) cipher algorithms
541                                                   550 
542           Tiny Encryption Algorithm is a simpl    551           Tiny Encryption Algorithm is a simple cipher that uses
543           many rounds for security.  It is ver    552           many rounds for security.  It is very fast and uses
544           little memory.                          553           little memory.
545                                                   554 
546           Xtendend Tiny Encryption Algorithm i    555           Xtendend Tiny Encryption Algorithm is a modification to
547           the TEA algorithm to address a poten    556           the TEA algorithm to address a potential key weakness
548           in the TEA algorithm.                   557           in the TEA algorithm.
549                                                   558 
550           Xtendend Encryption Tiny Algorithm i    559           Xtendend Encryption Tiny Algorithm is a mis-implementation
551           of the XTEA algorithm for compatibil    560           of the XTEA algorithm for compatibility purposes.
552                                                   561 
553 config CRYPTO_TWOFISH                             562 config CRYPTO_TWOFISH
554         tristate "Twofish"                        563         tristate "Twofish"
555         select CRYPTO_ALGAPI                      564         select CRYPTO_ALGAPI
556         select CRYPTO_TWOFISH_COMMON              565         select CRYPTO_TWOFISH_COMMON
557         help                                      566         help
558           Twofish cipher algorithm                567           Twofish cipher algorithm
559                                                   568 
560           Twofish was submitted as an AES (Adv    569           Twofish was submitted as an AES (Advanced Encryption Standard)
561           candidate cipher by researchers at C    570           candidate cipher by researchers at CounterPane Systems.  It is a
562           16 round block cipher supporting key    571           16 round block cipher supporting key sizes of 128, 192, and 256
563           bits.                                   572           bits.
564                                                   573 
565           See https://www.schneier.com/twofish    574           See https://www.schneier.com/twofish.html for further information.
566                                                   575 
567 config CRYPTO_TWOFISH_COMMON                      576 config CRYPTO_TWOFISH_COMMON
568         tristate                                  577         tristate
569         help                                      578         help
570           Common parts of the Twofish cipher a    579           Common parts of the Twofish cipher algorithm shared by the
571           generic c and the assembler implemen    580           generic c and the assembler implementations.
572                                                   581 
573 endmenu                                           582 endmenu
574                                                   583 
575 menu "Length-preserving ciphers and modes"        584 menu "Length-preserving ciphers and modes"
576                                                   585 
577 config CRYPTO_ADIANTUM                            586 config CRYPTO_ADIANTUM
578         tristate "Adiantum"                       587         tristate "Adiantum"
579         select CRYPTO_CHACHA20                    588         select CRYPTO_CHACHA20
580         select CRYPTO_LIB_POLY1305_GENERIC        589         select CRYPTO_LIB_POLY1305_GENERIC
581         select CRYPTO_NHPOLY1305                  590         select CRYPTO_NHPOLY1305
582         select CRYPTO_MANAGER                     591         select CRYPTO_MANAGER
583         help                                      592         help
584           Adiantum tweakable, length-preservin    593           Adiantum tweakable, length-preserving encryption mode
585                                                   594 
586           Designed for fast and secure disk en    595           Designed for fast and secure disk encryption, especially on
587           CPUs without dedicated crypto instru    596           CPUs without dedicated crypto instructions.  It encrypts
588           each sector using the XChaCha12 stre    597           each sector using the XChaCha12 stream cipher, two passes of
589           an ε-almost-∆-universal hash func    598           an ε-almost-∆-universal hash function, and an invocation of
590           the AES-256 block cipher on a single    599           the AES-256 block cipher on a single 16-byte block.  On CPUs
591           without AES instructions, Adiantum i    600           without AES instructions, Adiantum is much faster than
592           AES-XTS.                                601           AES-XTS.
593                                                   602 
594           Adiantum's security is provably redu    603           Adiantum's security is provably reducible to that of its
595           underlying stream and block ciphers,    604           underlying stream and block ciphers, subject to a security
596           bound.  Unlike XTS, Adiantum is a tr    605           bound.  Unlike XTS, Adiantum is a true wide-block encryption
597           mode, so it actually provides an eve    606           mode, so it actually provides an even stronger notion of
598           security than XTS, subject to the se    607           security than XTS, subject to the security bound.
599                                                   608 
600           If unsure, say N.                       609           If unsure, say N.
601                                                   610 
602 config CRYPTO_ARC4                                611 config CRYPTO_ARC4
603         tristate "ARC4 (Alleged Rivest Cipher     612         tristate "ARC4 (Alleged Rivest Cipher 4)"
604         depends on CRYPTO_USER_API_ENABLE_OBSO    613         depends on CRYPTO_USER_API_ENABLE_OBSOLETE
605         select CRYPTO_SKCIPHER                    614         select CRYPTO_SKCIPHER
606         select CRYPTO_LIB_ARC4                    615         select CRYPTO_LIB_ARC4
607         help                                      616         help
608           ARC4 cipher algorithm                   617           ARC4 cipher algorithm
609                                                   618 
610           ARC4 is a stream cipher using keys r    619           ARC4 is a stream cipher using keys ranging from 8 bits to 2048
611           bits in length.  This algorithm is r    620           bits in length.  This algorithm is required for driver-based
612           WEP, but it should not be for other     621           WEP, but it should not be for other purposes because of the
613           weakness of the algorithm.              622           weakness of the algorithm.
614                                                   623 
615 config CRYPTO_CHACHA20                            624 config CRYPTO_CHACHA20
616         tristate "ChaCha"                         625         tristate "ChaCha"
617         select CRYPTO_LIB_CHACHA_GENERIC          626         select CRYPTO_LIB_CHACHA_GENERIC
618         select CRYPTO_SKCIPHER                    627         select CRYPTO_SKCIPHER
619         help                                      628         help
620           The ChaCha20, XChaCha20, and XChaCha    629           The ChaCha20, XChaCha20, and XChaCha12 stream cipher algorithms
621                                                   630 
622           ChaCha20 is a 256-bit high-speed str    631           ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
623           Bernstein and further specified in R    632           Bernstein and further specified in RFC7539 for use in IETF protocols.
624           This is the portable C implementatio    633           This is the portable C implementation of ChaCha20.  See
625           https://cr.yp.to/chacha/chacha-20080    634           https://cr.yp.to/chacha/chacha-20080128.pdf for further information.
626                                                   635 
627           XChaCha20 is the application of the     636           XChaCha20 is the application of the XSalsa20 construction to ChaCha20
628           rather than to Salsa20.  XChaCha20 e    637           rather than to Salsa20.  XChaCha20 extends ChaCha20's nonce length
629           from 64 bits (or 96 bits using the R    638           from 64 bits (or 96 bits using the RFC7539 convention) to 192 bits,
630           while provably retaining ChaCha20's     639           while provably retaining ChaCha20's security.  See
631           https://cr.yp.to/snuffle/xsalsa-2008    640           https://cr.yp.to/snuffle/xsalsa-20081128.pdf for further information.
632                                                   641 
633           XChaCha12 is XChaCha20 reduced to 12    642           XChaCha12 is XChaCha20 reduced to 12 rounds, with correspondingly
634           reduced security margin but increase    643           reduced security margin but increased performance.  It can be needed
635           in some performance-sensitive scenar    644           in some performance-sensitive scenarios.
636                                                   645 
637 config CRYPTO_CBC                                 646 config CRYPTO_CBC
638         tristate "CBC (Cipher Block Chaining)"    647         tristate "CBC (Cipher Block Chaining)"
639         select CRYPTO_SKCIPHER                    648         select CRYPTO_SKCIPHER
640         select CRYPTO_MANAGER                     649         select CRYPTO_MANAGER
641         help                                      650         help
642           CBC (Cipher Block Chaining) mode (NI    651           CBC (Cipher Block Chaining) mode (NIST SP800-38A)
643                                                   652 
644           This block cipher mode is required f    653           This block cipher mode is required for IPSec ESP (XFRM_ESP).
645                                                   654 
                                                   >> 655 config CRYPTO_CFB
                                                   >> 656         tristate "CFB (Cipher Feedback)"
                                                   >> 657         select CRYPTO_SKCIPHER
                                                   >> 658         select CRYPTO_MANAGER
                                                   >> 659         help
                                                   >> 660           CFB (Cipher Feedback) mode (NIST SP800-38A)
                                                   >> 661 
                                                   >> 662           This block cipher mode is required for TPM2 Cryptography.
                                                   >> 663 
646 config CRYPTO_CTR                                 664 config CRYPTO_CTR
647         tristate "CTR (Counter)"                  665         tristate "CTR (Counter)"
648         select CRYPTO_SKCIPHER                    666         select CRYPTO_SKCIPHER
649         select CRYPTO_MANAGER                     667         select CRYPTO_MANAGER
650         help                                      668         help
651           CTR (Counter) mode (NIST SP800-38A)     669           CTR (Counter) mode (NIST SP800-38A)
652                                                   670 
653 config CRYPTO_CTS                                 671 config CRYPTO_CTS
654         tristate "CTS (Cipher Text Stealing)"     672         tristate "CTS (Cipher Text Stealing)"
655         select CRYPTO_SKCIPHER                    673         select CRYPTO_SKCIPHER
656         select CRYPTO_MANAGER                     674         select CRYPTO_MANAGER
657         help                                      675         help
658           CBC-CS3 variant of CTS (Cipher Text     676           CBC-CS3 variant of CTS (Cipher Text Stealing) (NIST
659           Addendum to SP800-38A (October 2010)    677           Addendum to SP800-38A (October 2010))
660                                                   678 
661           This mode is required for Kerberos g    679           This mode is required for Kerberos gss mechanism support
662           for AES encryption.                     680           for AES encryption.
663                                                   681 
664 config CRYPTO_ECB                                 682 config CRYPTO_ECB
665         tristate "ECB (Electronic Codebook)"      683         tristate "ECB (Electronic Codebook)"
666         select CRYPTO_SKCIPHER2                !! 684         select CRYPTO_SKCIPHER
667         select CRYPTO_MANAGER                     685         select CRYPTO_MANAGER
668         help                                      686         help
669           ECB (Electronic Codebook) mode (NIST    687           ECB (Electronic Codebook) mode (NIST SP800-38A)
670                                                   688 
671 config CRYPTO_HCTR2                               689 config CRYPTO_HCTR2
672         tristate "HCTR2"                          690         tristate "HCTR2"
673         select CRYPTO_XCTR                        691         select CRYPTO_XCTR
674         select CRYPTO_POLYVAL                     692         select CRYPTO_POLYVAL
675         select CRYPTO_MANAGER                     693         select CRYPTO_MANAGER
676         help                                      694         help
677           HCTR2 length-preserving encryption m    695           HCTR2 length-preserving encryption mode
678                                                   696 
679           A mode for storage encryption that i    697           A mode for storage encryption that is efficient on processors with
680           instructions to accelerate AES and c    698           instructions to accelerate AES and carryless multiplication, e.g.
681           x86 processors with AES-NI and CLMUL    699           x86 processors with AES-NI and CLMUL, and ARM processors with the
682           ARMv8 crypto extensions.                700           ARMv8 crypto extensions.
683                                                   701 
684           See https://eprint.iacr.org/2021/144    702           See https://eprint.iacr.org/2021/1441
685                                                   703 
686 config CRYPTO_KEYWRAP                             704 config CRYPTO_KEYWRAP
687         tristate "KW (AES Key Wrap)"              705         tristate "KW (AES Key Wrap)"
688         select CRYPTO_SKCIPHER                    706         select CRYPTO_SKCIPHER
689         select CRYPTO_MANAGER                     707         select CRYPTO_MANAGER
690         help                                      708         help
691           KW (AES Key Wrap) authenticated encr    709           KW (AES Key Wrap) authenticated encryption mode (NIST SP800-38F
692           and RFC3394) without padding.           710           and RFC3394) without padding.
693                                                   711 
694 config CRYPTO_LRW                                 712 config CRYPTO_LRW
695         tristate "LRW (Liskov Rivest Wagner)"     713         tristate "LRW (Liskov Rivest Wagner)"
696         select CRYPTO_LIB_GF128MUL                714         select CRYPTO_LIB_GF128MUL
697         select CRYPTO_SKCIPHER                    715         select CRYPTO_SKCIPHER
698         select CRYPTO_MANAGER                     716         select CRYPTO_MANAGER
699         select CRYPTO_ECB                         717         select CRYPTO_ECB
700         help                                      718         help
701           LRW (Liskov Rivest Wagner) mode         719           LRW (Liskov Rivest Wagner) mode
702                                                   720 
703           A tweakable, non malleable, non mova    721           A tweakable, non malleable, non movable
704           narrow block cipher mode for dm-cryp    722           narrow block cipher mode for dm-crypt.  Use it with cipher
705           specification string aes-lrw-benbi,     723           specification string aes-lrw-benbi, the key must be 256, 320 or 384.
706           The first 128, 192 or 256 bits in th    724           The first 128, 192 or 256 bits in the key are used for AES and the
707           rest is used to tie each cipher bloc    725           rest is used to tie each cipher block to its logical position.
708                                                   726 
709           See https://people.csail.mit.edu/riv    727           See https://people.csail.mit.edu/rivest/pubs/LRW02.pdf
710                                                   728 
                                                   >> 729 config CRYPTO_OFB
                                                   >> 730         tristate "OFB (Output Feedback)"
                                                   >> 731         select CRYPTO_SKCIPHER
                                                   >> 732         select CRYPTO_MANAGER
                                                   >> 733         help
                                                   >> 734           OFB (Output Feedback) mode (NIST SP800-38A)
                                                   >> 735 
                                                   >> 736           This mode makes a block cipher into a synchronous
                                                   >> 737           stream cipher. It generates keystream blocks, which are then XORed
                                                   >> 738           with the plaintext blocks to get the ciphertext. Flipping a bit in the
                                                   >> 739           ciphertext produces a flipped bit in the plaintext at the same
                                                   >> 740           location. This property allows many error correcting codes to function
                                                   >> 741           normally even when applied before encryption.
                                                   >> 742 
711 config CRYPTO_PCBC                                743 config CRYPTO_PCBC
712         tristate "PCBC (Propagating Cipher Blo    744         tristate "PCBC (Propagating Cipher Block Chaining)"
713         select CRYPTO_SKCIPHER                    745         select CRYPTO_SKCIPHER
714         select CRYPTO_MANAGER                     746         select CRYPTO_MANAGER
715         help                                      747         help
716           PCBC (Propagating Cipher Block Chain    748           PCBC (Propagating Cipher Block Chaining) mode
717                                                   749 
718           This block cipher mode is required f    750           This block cipher mode is required for RxRPC.
719                                                   751 
720 config CRYPTO_XCTR                                752 config CRYPTO_XCTR
721         tristate                                  753         tristate
722         select CRYPTO_SKCIPHER                    754         select CRYPTO_SKCIPHER
723         select CRYPTO_MANAGER                     755         select CRYPTO_MANAGER
724         help                                      756         help
725           XCTR (XOR Counter) mode for HCTR2       757           XCTR (XOR Counter) mode for HCTR2
726                                                   758 
727           This blockcipher mode is a variant o    759           This blockcipher mode is a variant of CTR mode using XORs and little-endian
728           addition rather than big-endian arit    760           addition rather than big-endian arithmetic.
729                                                   761 
730           XCTR mode is used to implement HCTR2    762           XCTR mode is used to implement HCTR2.
731                                                   763 
732 config CRYPTO_XTS                                 764 config CRYPTO_XTS
733         tristate "XTS (XOR Encrypt XOR with ci    765         tristate "XTS (XOR Encrypt XOR with ciphertext stealing)"
734         select CRYPTO_SKCIPHER                    766         select CRYPTO_SKCIPHER
735         select CRYPTO_MANAGER                     767         select CRYPTO_MANAGER
736         select CRYPTO_ECB                         768         select CRYPTO_ECB
737         help                                      769         help
738           XTS (XOR Encrypt XOR with ciphertext    770           XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
739           and IEEE 1619)                          771           and IEEE 1619)
740                                                   772 
741           Use with aes-xts-plain, key size 256    773           Use with aes-xts-plain, key size 256, 384 or 512 bits. This
742           implementation currently can't handl    774           implementation currently can't handle a sectorsize which is not a
743           multiple of 16 bytes.                   775           multiple of 16 bytes.
744                                                   776 
745 config CRYPTO_NHPOLY1305                          777 config CRYPTO_NHPOLY1305
746         tristate                                  778         tristate
747         select CRYPTO_HASH                        779         select CRYPTO_HASH
748         select CRYPTO_LIB_POLY1305_GENERIC        780         select CRYPTO_LIB_POLY1305_GENERIC
749                                                   781 
750 endmenu                                           782 endmenu
751                                                   783 
752 menu "AEAD (authenticated encryption with asso    784 menu "AEAD (authenticated encryption with associated data) ciphers"
753                                                   785 
754 config CRYPTO_AEGIS128                            786 config CRYPTO_AEGIS128
755         tristate "AEGIS-128"                      787         tristate "AEGIS-128"
756         select CRYPTO_AEAD                        788         select CRYPTO_AEAD
757         select CRYPTO_AES  # for AES S-box tab    789         select CRYPTO_AES  # for AES S-box tables
758         help                                      790         help
759           AEGIS-128 AEAD algorithm                791           AEGIS-128 AEAD algorithm
760                                                   792 
761 config CRYPTO_AEGIS128_SIMD                       793 config CRYPTO_AEGIS128_SIMD
762         bool "AEGIS-128 (arm NEON, arm64 NEON)    794         bool "AEGIS-128 (arm NEON, arm64 NEON)"
763         depends on CRYPTO_AEGIS128 && ((ARM ||    795         depends on CRYPTO_AEGIS128 && ((ARM || ARM64) && KERNEL_MODE_NEON)
764         default y                                 796         default y
765         help                                      797         help
766           AEGIS-128 AEAD algorithm                798           AEGIS-128 AEAD algorithm
767                                                   799 
768           Architecture: arm or arm64 using:       800           Architecture: arm or arm64 using:
769           - NEON (Advanced SIMD) extension        801           - NEON (Advanced SIMD) extension
770                                                   802 
771 config CRYPTO_CHACHA20POLY1305                    803 config CRYPTO_CHACHA20POLY1305
772         tristate "ChaCha20-Poly1305"              804         tristate "ChaCha20-Poly1305"
773         select CRYPTO_CHACHA20                    805         select CRYPTO_CHACHA20
774         select CRYPTO_POLY1305                    806         select CRYPTO_POLY1305
775         select CRYPTO_AEAD                        807         select CRYPTO_AEAD
776         select CRYPTO_MANAGER                     808         select CRYPTO_MANAGER
777         help                                      809         help
778           ChaCha20 stream cipher and Poly1305     810           ChaCha20 stream cipher and Poly1305 authenticator combined
779           mode (RFC8439)                          811           mode (RFC8439)
780                                                   812 
781 config CRYPTO_CCM                                 813 config CRYPTO_CCM
782         tristate "CCM (Counter with Cipher Blo    814         tristate "CCM (Counter with Cipher Block Chaining-MAC)"
783         select CRYPTO_CTR                         815         select CRYPTO_CTR
784         select CRYPTO_HASH                        816         select CRYPTO_HASH
785         select CRYPTO_AEAD                        817         select CRYPTO_AEAD
786         select CRYPTO_MANAGER                     818         select CRYPTO_MANAGER
787         help                                      819         help
788           CCM (Counter with Cipher Block Chain    820           CCM (Counter with Cipher Block Chaining-Message Authentication Code)
789           authenticated encryption mode (NIST     821           authenticated encryption mode (NIST SP800-38C)
790                                                   822 
791 config CRYPTO_GCM                                 823 config CRYPTO_GCM
792         tristate "GCM (Galois/Counter Mode) an    824         tristate "GCM (Galois/Counter Mode) and GMAC (GCM MAC)"
793         select CRYPTO_CTR                         825         select CRYPTO_CTR
794         select CRYPTO_AEAD                        826         select CRYPTO_AEAD
795         select CRYPTO_GHASH                       827         select CRYPTO_GHASH
796         select CRYPTO_NULL                        828         select CRYPTO_NULL
797         select CRYPTO_MANAGER                     829         select CRYPTO_MANAGER
798         help                                      830         help
799           GCM (Galois/Counter Mode) authentica    831           GCM (Galois/Counter Mode) authenticated encryption mode and GMAC
800           (GCM Message Authentication Code) (N    832           (GCM Message Authentication Code) (NIST SP800-38D)
801                                                   833 
802           This is required for IPSec ESP (XFRM    834           This is required for IPSec ESP (XFRM_ESP).
803                                                   835 
804 config CRYPTO_GENIV                            !! 836 config CRYPTO_SEQIV
805         tristate                               !! 837         tristate "Sequence Number IV Generator"
806         select CRYPTO_AEAD                        838         select CRYPTO_AEAD
                                                   >> 839         select CRYPTO_SKCIPHER
807         select CRYPTO_NULL                        840         select CRYPTO_NULL
808         select CRYPTO_MANAGER                  << 
809         select CRYPTO_RNG_DEFAULT                 841         select CRYPTO_RNG_DEFAULT
810                                                !! 842         select CRYPTO_MANAGER
811 config CRYPTO_SEQIV                            << 
812         tristate "Sequence Number IV Generator << 
813         select CRYPTO_GENIV                    << 
814         help                                      843         help
815           Sequence Number IV generator            844           Sequence Number IV generator
816                                                   845 
817           This IV generator generates an IV ba    846           This IV generator generates an IV based on a sequence number by
818           xoring it with a salt.  This algorit    847           xoring it with a salt.  This algorithm is mainly useful for CTR.
819                                                   848 
820           This is required for IPsec ESP (XFRM    849           This is required for IPsec ESP (XFRM_ESP).
821                                                   850 
822 config CRYPTO_ECHAINIV                            851 config CRYPTO_ECHAINIV
823         tristate "Encrypted Chain IV Generator    852         tristate "Encrypted Chain IV Generator"
824         select CRYPTO_GENIV                    !! 853         select CRYPTO_AEAD
                                                   >> 854         select CRYPTO_NULL
                                                   >> 855         select CRYPTO_RNG_DEFAULT
                                                   >> 856         select CRYPTO_MANAGER
825         help                                      857         help
826           Encrypted Chain IV generator            858           Encrypted Chain IV generator
827                                                   859 
828           This IV generator generates an IV ba    860           This IV generator generates an IV based on the encryption of
829           a sequence number xored with a salt.    861           a sequence number xored with a salt.  This is the default
830           algorithm for CBC.                      862           algorithm for CBC.
831                                                   863 
832 config CRYPTO_ESSIV                               864 config CRYPTO_ESSIV
833         tristate "Encrypted Salt-Sector IV Gen    865         tristate "Encrypted Salt-Sector IV Generator"
834         select CRYPTO_AUTHENC                     866         select CRYPTO_AUTHENC
835         help                                      867         help
836           Encrypted Salt-Sector IV generator      868           Encrypted Salt-Sector IV generator
837                                                   869 
838           This IV generator is used in some ca    870           This IV generator is used in some cases by fscrypt and/or
839           dm-crypt. It uses the hash of the bl    871           dm-crypt. It uses the hash of the block encryption key as the
840           symmetric key for a block encryption    872           symmetric key for a block encryption pass applied to the input
841           IV, making low entropy IV sources mo    873           IV, making low entropy IV sources more suitable for block
842           encryption.                             874           encryption.
843                                                   875 
844           This driver implements a crypto API     876           This driver implements a crypto API template that can be
845           instantiated either as an skcipher o    877           instantiated either as an skcipher or as an AEAD (depending on the
846           type of the first template argument)    878           type of the first template argument), and which defers encryption
847           and decryption requests to the encap    879           and decryption requests to the encapsulated cipher after applying
848           ESSIV to the input IV. Note that in     880           ESSIV to the input IV. Note that in the AEAD case, it is assumed
849           that the keys are presented in the s    881           that the keys are presented in the same format used by the authenc
850           template, and that the IV appears at    882           template, and that the IV appears at the end of the authenticated
851           associated data (AAD) region (which     883           associated data (AAD) region (which is how dm-crypt uses it.)
852                                                   884 
853           Note that the use of ESSIV is not re    885           Note that the use of ESSIV is not recommended for new deployments,
854           and so this only needs to be enabled    886           and so this only needs to be enabled when interoperability with
855           existing encrypted volumes of filesy    887           existing encrypted volumes of filesystems is required, or when
856           building for a particular system tha    888           building for a particular system that requires it (e.g., when
857           the SoC in question has accelerated     889           the SoC in question has accelerated CBC but not XTS, making CBC
858           combined with ESSIV the only feasibl    890           combined with ESSIV the only feasible mode for h/w accelerated
859           block encryption)                       891           block encryption)
860                                                   892 
861 endmenu                                           893 endmenu
862                                                   894 
863 menu "Hashes, digests, and MACs"                  895 menu "Hashes, digests, and MACs"
864                                                   896 
865 config CRYPTO_BLAKE2B                             897 config CRYPTO_BLAKE2B
866         tristate "BLAKE2b"                        898         tristate "BLAKE2b"
867         select CRYPTO_HASH                        899         select CRYPTO_HASH
868         help                                      900         help
869           BLAKE2b cryptographic hash function     901           BLAKE2b cryptographic hash function (RFC 7693)
870                                                   902 
871           BLAKE2b is optimized for 64-bit plat    903           BLAKE2b is optimized for 64-bit platforms and can produce digests
872           of any size between 1 and 64 bytes.     904           of any size between 1 and 64 bytes. The keyed hash is also implemented.
873                                                   905 
874           This module provides the following a    906           This module provides the following algorithms:
875           - blake2b-160                           907           - blake2b-160
876           - blake2b-256                           908           - blake2b-256
877           - blake2b-384                           909           - blake2b-384
878           - blake2b-512                           910           - blake2b-512
879                                                   911 
880           Used by the btrfs filesystem.           912           Used by the btrfs filesystem.
881                                                   913 
882           See https://blake2.net for further i    914           See https://blake2.net for further information.
883                                                   915 
884 config CRYPTO_CMAC                                916 config CRYPTO_CMAC
885         tristate "CMAC (Cipher-based MAC)"        917         tristate "CMAC (Cipher-based MAC)"
886         select CRYPTO_HASH                        918         select CRYPTO_HASH
887         select CRYPTO_MANAGER                     919         select CRYPTO_MANAGER
888         help                                      920         help
889           CMAC (Cipher-based Message Authentic    921           CMAC (Cipher-based Message Authentication Code) authentication
890           mode (NIST SP800-38B and IETF RFC449    922           mode (NIST SP800-38B and IETF RFC4493)
891                                                   923 
892 config CRYPTO_GHASH                               924 config CRYPTO_GHASH
893         tristate "GHASH"                          925         tristate "GHASH"
894         select CRYPTO_HASH                        926         select CRYPTO_HASH
895         select CRYPTO_LIB_GF128MUL                927         select CRYPTO_LIB_GF128MUL
896         help                                      928         help
897           GCM GHASH function (NIST SP800-38D)     929           GCM GHASH function (NIST SP800-38D)
898                                                   930 
899 config CRYPTO_HMAC                                931 config CRYPTO_HMAC
900         tristate "HMAC (Keyed-Hash MAC)"          932         tristate "HMAC (Keyed-Hash MAC)"
901         select CRYPTO_HASH                        933         select CRYPTO_HASH
902         select CRYPTO_MANAGER                     934         select CRYPTO_MANAGER
903         help                                      935         help
904           HMAC (Keyed-Hash Message Authenticat    936           HMAC (Keyed-Hash Message Authentication Code) (FIPS 198 and
905           RFC2104)                                937           RFC2104)
906                                                   938 
907           This is required for IPsec AH (XFRM_    939           This is required for IPsec AH (XFRM_AH) and IPsec ESP (XFRM_ESP).
908                                                   940 
909 config CRYPTO_MD4                                 941 config CRYPTO_MD4
910         tristate "MD4"                            942         tristate "MD4"
911         select CRYPTO_HASH                        943         select CRYPTO_HASH
912         help                                      944         help
913           MD4 message digest algorithm (RFC132    945           MD4 message digest algorithm (RFC1320)
914                                                   946 
915 config CRYPTO_MD5                                 947 config CRYPTO_MD5
916         tristate "MD5"                            948         tristate "MD5"
917         select CRYPTO_HASH                        949         select CRYPTO_HASH
918         help                                      950         help
919           MD5 message digest algorithm (RFC132    951           MD5 message digest algorithm (RFC1321)
920                                                   952 
921 config CRYPTO_MICHAEL_MIC                         953 config CRYPTO_MICHAEL_MIC
922         tristate "Michael MIC"                    954         tristate "Michael MIC"
923         select CRYPTO_HASH                        955         select CRYPTO_HASH
924         help                                      956         help
925           Michael MIC (Message Integrity Code)    957           Michael MIC (Message Integrity Code) (IEEE 802.11i)
926                                                   958 
927           Defined by the IEEE 802.11i TKIP (Te    959           Defined by the IEEE 802.11i TKIP (Temporal Key Integrity Protocol),
928           known as WPA (Wif-Fi Protected Acces    960           known as WPA (Wif-Fi Protected Access).
929                                                   961 
930           This algorithm is required for TKIP,    962           This algorithm is required for TKIP, but it should not be used for
931           other purposes because of the weakne    963           other purposes because of the weakness of the algorithm.
932                                                   964 
933 config CRYPTO_POLYVAL                             965 config CRYPTO_POLYVAL
934         tristate                                  966         tristate
935         select CRYPTO_HASH                        967         select CRYPTO_HASH
936         select CRYPTO_LIB_GF128MUL                968         select CRYPTO_LIB_GF128MUL
937         help                                      969         help
938           POLYVAL hash function for HCTR2         970           POLYVAL hash function for HCTR2
939                                                   971 
940           This is used in HCTR2.  It is not a     972           This is used in HCTR2.  It is not a general-purpose
941           cryptographic hash function.            973           cryptographic hash function.
942                                                   974 
943 config CRYPTO_POLY1305                            975 config CRYPTO_POLY1305
944         tristate "Poly1305"                       976         tristate "Poly1305"
945         select CRYPTO_HASH                        977         select CRYPTO_HASH
946         select CRYPTO_LIB_POLY1305_GENERIC        978         select CRYPTO_LIB_POLY1305_GENERIC
947         help                                      979         help
948           Poly1305 authenticator algorithm (RF    980           Poly1305 authenticator algorithm (RFC7539)
949                                                   981 
950           Poly1305 is an authenticator algorit    982           Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
951           It is used for the ChaCha20-Poly1305    983           It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
952           in IETF protocols. This is the porta    984           in IETF protocols. This is the portable C implementation of Poly1305.
953                                                   985 
954 config CRYPTO_RMD160                              986 config CRYPTO_RMD160
955         tristate "RIPEMD-160"                     987         tristate "RIPEMD-160"
956         select CRYPTO_HASH                        988         select CRYPTO_HASH
957         help                                      989         help
958           RIPEMD-160 hash function (ISO/IEC 10    990           RIPEMD-160 hash function (ISO/IEC 10118-3)
959                                                   991 
960           RIPEMD-160 is a 160-bit cryptographi    992           RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
961           to be used as a secure replacement f    993           to be used as a secure replacement for the 128-bit hash functions
962           MD4, MD5 and its predecessor RIPEMD     994           MD4, MD5 and its predecessor RIPEMD
963           (not to be confused with RIPEMD-128)    995           (not to be confused with RIPEMD-128).
964                                                   996 
965           Its speed is comparable to SHA-1 and    997           Its speed is comparable to SHA-1 and there are no known attacks
966           against RIPEMD-160.                     998           against RIPEMD-160.
967                                                   999 
968           Developed by Hans Dobbertin, Antoon     1000           Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
969           See https://homes.esat.kuleuven.be/~    1001           See https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
970           for further information.                1002           for further information.
971                                                   1003 
972 config CRYPTO_SHA1                                1004 config CRYPTO_SHA1
973         tristate "SHA-1"                          1005         tristate "SHA-1"
974         select CRYPTO_HASH                        1006         select CRYPTO_HASH
975         select CRYPTO_LIB_SHA1                    1007         select CRYPTO_LIB_SHA1
976         help                                      1008         help
977           SHA-1 secure hash algorithm (FIPS 18    1009           SHA-1 secure hash algorithm (FIPS 180, ISO/IEC 10118-3)
978                                                   1010 
979 config CRYPTO_SHA256                              1011 config CRYPTO_SHA256
980         tristate "SHA-224 and SHA-256"            1012         tristate "SHA-224 and SHA-256"
981         select CRYPTO_HASH                        1013         select CRYPTO_HASH
982         select CRYPTO_LIB_SHA256                  1014         select CRYPTO_LIB_SHA256
983         help                                      1015         help
984           SHA-224 and SHA-256 secure hash algo    1016           SHA-224 and SHA-256 secure hash algorithms (FIPS 180, ISO/IEC 10118-3)
985                                                   1017 
986           This is required for IPsec AH (XFRM_    1018           This is required for IPsec AH (XFRM_AH) and IPsec ESP (XFRM_ESP).
987           Used by the btrfs filesystem, Ceph,     1019           Used by the btrfs filesystem, Ceph, NFS, and SMB.
988                                                   1020 
989 config CRYPTO_SHA512                              1021 config CRYPTO_SHA512
990         tristate "SHA-384 and SHA-512"            1022         tristate "SHA-384 and SHA-512"
991         select CRYPTO_HASH                        1023         select CRYPTO_HASH
992         help                                      1024         help
993           SHA-384 and SHA-512 secure hash algo    1025           SHA-384 and SHA-512 secure hash algorithms (FIPS 180, ISO/IEC 10118-3)
994                                                   1026 
995 config CRYPTO_SHA3                                1027 config CRYPTO_SHA3
996         tristate "SHA-3"                          1028         tristate "SHA-3"
997         select CRYPTO_HASH                        1029         select CRYPTO_HASH
998         help                                      1030         help
999           SHA-3 secure hash algorithms (FIPS 2    1031           SHA-3 secure hash algorithms (FIPS 202, ISO/IEC 10118-3)
1000                                                  1032 
1001 config CRYPTO_SM3                                1033 config CRYPTO_SM3
1002         tristate                                 1034         tristate
1003                                                  1035 
1004 config CRYPTO_SM3_GENERIC                        1036 config CRYPTO_SM3_GENERIC
1005         tristate "SM3 (ShangMi 3)"               1037         tristate "SM3 (ShangMi 3)"
1006         select CRYPTO_HASH                       1038         select CRYPTO_HASH
1007         select CRYPTO_SM3                        1039         select CRYPTO_SM3
1008         help                                     1040         help
1009           SM3 (ShangMi 3) secure hash functio    1041           SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012, ISO/IEC 10118-3)
1010                                                  1042 
1011           This is part of the Chinese Commerc    1043           This is part of the Chinese Commercial Cryptography suite.
1012                                                  1044 
1013           References:                            1045           References:
1014           http://www.oscca.gov.cn/UpFile/2010    1046           http://www.oscca.gov.cn/UpFile/20101222141857786.pdf
1015           https://datatracker.ietf.org/doc/ht    1047           https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
1016                                                  1048 
1017 config CRYPTO_STREEBOG                           1049 config CRYPTO_STREEBOG
1018         tristate "Streebog"                      1050         tristate "Streebog"
1019         select CRYPTO_HASH                       1051         select CRYPTO_HASH
1020         help                                     1052         help
1021           Streebog Hash Function (GOST R 34.1    1053           Streebog Hash Function (GOST R 34.11-2012, RFC 6986, ISO/IEC 10118-3)
1022                                                  1054 
1023           This is one of the Russian cryptogr    1055           This is one of the Russian cryptographic standard algorithms (called
1024           GOST algorithms). This setting enab    1056           GOST algorithms). This setting enables two hash algorithms with
1025           256 and 512 bits output.               1057           256 and 512 bits output.
1026                                                  1058 
1027           References:                            1059           References:
1028           https://tc26.ru/upload/iblock/fed/f    1060           https://tc26.ru/upload/iblock/fed/feddbb4d26b685903faa2ba11aea43f6.pdf
1029           https://tools.ietf.org/html/rfc6986    1061           https://tools.ietf.org/html/rfc6986
1030                                                  1062 
1031 config CRYPTO_VMAC                               1063 config CRYPTO_VMAC
1032         tristate "VMAC"                          1064         tristate "VMAC"
1033         select CRYPTO_HASH                       1065         select CRYPTO_HASH
1034         select CRYPTO_MANAGER                    1066         select CRYPTO_MANAGER
1035         help                                     1067         help
1036           VMAC is a message authentication al    1068           VMAC is a message authentication algorithm designed for
1037           very high speed on 64-bit architect    1069           very high speed on 64-bit architectures.
1038                                                  1070 
1039           See https://fastcrypto.org/vmac for    1071           See https://fastcrypto.org/vmac for further information.
1040                                                  1072 
1041 config CRYPTO_WP512                              1073 config CRYPTO_WP512
1042         tristate "Whirlpool"                     1074         tristate "Whirlpool"
1043         select CRYPTO_HASH                       1075         select CRYPTO_HASH
1044         help                                     1076         help
1045           Whirlpool hash function (ISO/IEC 10    1077           Whirlpool hash function (ISO/IEC 10118-3)
1046                                                  1078 
1047           512, 384 and 256-bit hashes.           1079           512, 384 and 256-bit hashes.
1048                                                  1080 
1049           Whirlpool-512 is part of the NESSIE    1081           Whirlpool-512 is part of the NESSIE cryptographic primitives.
1050                                                  1082 
1051           See https://web.archive.org/web/201    1083           See https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html
1052           for further information.               1084           for further information.
1053                                                  1085 
1054 config CRYPTO_XCBC                               1086 config CRYPTO_XCBC
1055         tristate "XCBC-MAC (Extended Cipher B    1087         tristate "XCBC-MAC (Extended Cipher Block Chaining MAC)"
1056         select CRYPTO_HASH                       1088         select CRYPTO_HASH
1057         select CRYPTO_MANAGER                    1089         select CRYPTO_MANAGER
1058         help                                     1090         help
1059           XCBC-MAC (Extended Cipher Block Cha    1091           XCBC-MAC (Extended Cipher Block Chaining Message Authentication
1060           Code) (RFC3566)                        1092           Code) (RFC3566)
1061                                                  1093 
1062 config CRYPTO_XXHASH                             1094 config CRYPTO_XXHASH
1063         tristate "xxHash"                        1095         tristate "xxHash"
1064         select CRYPTO_HASH                       1096         select CRYPTO_HASH
1065         select XXHASH                            1097         select XXHASH
1066         help                                     1098         help
1067           xxHash non-cryptographic hash algor    1099           xxHash non-cryptographic hash algorithm
1068                                                  1100 
1069           Extremely fast, working at speeds c    1101           Extremely fast, working at speeds close to RAM limits.
1070                                                  1102 
1071           Used by the btrfs filesystem.          1103           Used by the btrfs filesystem.
1072                                                  1104 
1073 endmenu                                          1105 endmenu
1074                                                  1106 
1075 menu "CRCs (cyclic redundancy checks)"           1107 menu "CRCs (cyclic redundancy checks)"
1076                                                  1108 
1077 config CRYPTO_CRC32C                             1109 config CRYPTO_CRC32C
1078         tristate "CRC32c"                        1110         tristate "CRC32c"
1079         select CRYPTO_HASH                       1111         select CRYPTO_HASH
1080         select CRC32                             1112         select CRC32
1081         help                                     1113         help
1082           CRC32c CRC algorithm with the iSCSI    1114           CRC32c CRC algorithm with the iSCSI polynomial (RFC 3385 and RFC 3720)
1083                                                  1115 
1084           A 32-bit CRC (cyclic redundancy che    1116           A 32-bit CRC (cyclic redundancy check) with a polynomial defined
1085           by G. Castagnoli, S. Braeuer and M.    1117           by G. Castagnoli, S. Braeuer and M. Herrman in "Optimization of Cyclic
1086           Redundancy-Check Codes with 24 and     1118           Redundancy-Check Codes with 24 and 32 Parity Bits", IEEE Transactions
1087           on Communications, Vol. 41, No. 6,     1119           on Communications, Vol. 41, No. 6, June 1993, selected for use with
1088           iSCSI.                                 1120           iSCSI.
1089                                                  1121 
1090           Used by btrfs, ext4, jbd2, NVMeoF/T    1122           Used by btrfs, ext4, jbd2, NVMeoF/TCP, and iSCSI.
1091                                                  1123 
1092 config CRYPTO_CRC32                              1124 config CRYPTO_CRC32
1093         tristate "CRC32"                         1125         tristate "CRC32"
1094         select CRYPTO_HASH                       1126         select CRYPTO_HASH
1095         select CRC32                             1127         select CRC32
1096         help                                     1128         help
1097           CRC32 CRC algorithm (IEEE 802.3)       1129           CRC32 CRC algorithm (IEEE 802.3)
1098                                                  1130 
1099           Used by RoCEv2 and f2fs.               1131           Used by RoCEv2 and f2fs.
1100                                                  1132 
1101 config CRYPTO_CRCT10DIF                          1133 config CRYPTO_CRCT10DIF
1102         tristate "CRCT10DIF"                     1134         tristate "CRCT10DIF"
1103         select CRYPTO_HASH                       1135         select CRYPTO_HASH
1104         help                                     1136         help
1105           CRC16 CRC algorithm used for the T1    1137           CRC16 CRC algorithm used for the T10 (SCSI) Data Integrity Field (DIF)
1106                                                  1138 
1107           CRC algorithm used by the SCSI Bloc    1139           CRC algorithm used by the SCSI Block Commands standard.
1108                                                  1140 
1109 config CRYPTO_CRC64_ROCKSOFT                     1141 config CRYPTO_CRC64_ROCKSOFT
1110         tristate "CRC64 based on Rocksoft Mod    1142         tristate "CRC64 based on Rocksoft Model algorithm"
1111         depends on CRC64                         1143         depends on CRC64
1112         select CRYPTO_HASH                       1144         select CRYPTO_HASH
1113         help                                     1145         help
1114           CRC64 CRC algorithm based on the Ro    1146           CRC64 CRC algorithm based on the Rocksoft Model CRC Algorithm
1115                                                  1147 
1116           Used by the NVMe implementation of     1148           Used by the NVMe implementation of T10 DIF (BLK_DEV_INTEGRITY)
1117                                                  1149 
1118           See https://zlib.net/crc_v3.txt        1150           See https://zlib.net/crc_v3.txt
1119                                                  1151 
1120 endmenu                                          1152 endmenu
1121                                                  1153 
1122 menu "Compression"                               1154 menu "Compression"
1123                                                  1155 
1124 config CRYPTO_DEFLATE                            1156 config CRYPTO_DEFLATE
1125         tristate "Deflate"                       1157         tristate "Deflate"
1126         select CRYPTO_ALGAPI                     1158         select CRYPTO_ALGAPI
1127         select CRYPTO_ACOMP2                     1159         select CRYPTO_ACOMP2
1128         select ZLIB_INFLATE                      1160         select ZLIB_INFLATE
1129         select ZLIB_DEFLATE                      1161         select ZLIB_DEFLATE
1130         help                                     1162         help
1131           Deflate compression algorithm (RFC1    1163           Deflate compression algorithm (RFC1951)
1132                                                  1164 
1133           Used by IPSec with the IPCOMP proto    1165           Used by IPSec with the IPCOMP protocol (RFC3173, RFC2394)
1134                                                  1166 
1135 config CRYPTO_LZO                                1167 config CRYPTO_LZO
1136         tristate "LZO"                           1168         tristate "LZO"
1137         select CRYPTO_ALGAPI                     1169         select CRYPTO_ALGAPI
1138         select CRYPTO_ACOMP2                     1170         select CRYPTO_ACOMP2
1139         select LZO_COMPRESS                      1171         select LZO_COMPRESS
1140         select LZO_DECOMPRESS                    1172         select LZO_DECOMPRESS
1141         help                                     1173         help
1142           LZO compression algorithm              1174           LZO compression algorithm
1143                                                  1175 
1144           See https://www.oberhumer.com/opens    1176           See https://www.oberhumer.com/opensource/lzo/ for further information.
1145                                                  1177 
1146 config CRYPTO_842                                1178 config CRYPTO_842
1147         tristate "842"                           1179         tristate "842"
1148         select CRYPTO_ALGAPI                     1180         select CRYPTO_ALGAPI
1149         select CRYPTO_ACOMP2                     1181         select CRYPTO_ACOMP2
1150         select 842_COMPRESS                      1182         select 842_COMPRESS
1151         select 842_DECOMPRESS                    1183         select 842_DECOMPRESS
1152         help                                     1184         help
1153           842 compression algorithm by IBM       1185           842 compression algorithm by IBM
1154                                                  1186 
1155           See https://github.com/plauth/lib84    1187           See https://github.com/plauth/lib842 for further information.
1156                                                  1188 
1157 config CRYPTO_LZ4                                1189 config CRYPTO_LZ4
1158         tristate "LZ4"                           1190         tristate "LZ4"
1159         select CRYPTO_ALGAPI                     1191         select CRYPTO_ALGAPI
1160         select CRYPTO_ACOMP2                     1192         select CRYPTO_ACOMP2
1161         select LZ4_COMPRESS                      1193         select LZ4_COMPRESS
1162         select LZ4_DECOMPRESS                    1194         select LZ4_DECOMPRESS
1163         help                                     1195         help
1164           LZ4 compression algorithm              1196           LZ4 compression algorithm
1165                                                  1197 
1166           See https://github.com/lz4/lz4 for     1198           See https://github.com/lz4/lz4 for further information.
1167                                                  1199 
1168 config CRYPTO_LZ4HC                              1200 config CRYPTO_LZ4HC
1169         tristate "LZ4HC"                         1201         tristate "LZ4HC"
1170         select CRYPTO_ALGAPI                     1202         select CRYPTO_ALGAPI
1171         select CRYPTO_ACOMP2                     1203         select CRYPTO_ACOMP2
1172         select LZ4HC_COMPRESS                    1204         select LZ4HC_COMPRESS
1173         select LZ4_DECOMPRESS                    1205         select LZ4_DECOMPRESS
1174         help                                     1206         help
1175           LZ4 high compression mode algorithm    1207           LZ4 high compression mode algorithm
1176                                                  1208 
1177           See https://github.com/lz4/lz4 for     1209           See https://github.com/lz4/lz4 for further information.
1178                                                  1210 
1179 config CRYPTO_ZSTD                               1211 config CRYPTO_ZSTD
1180         tristate "Zstd"                          1212         tristate "Zstd"
1181         select CRYPTO_ALGAPI                     1213         select CRYPTO_ALGAPI
1182         select CRYPTO_ACOMP2                     1214         select CRYPTO_ACOMP2
1183         select ZSTD_COMPRESS                     1215         select ZSTD_COMPRESS
1184         select ZSTD_DECOMPRESS                   1216         select ZSTD_DECOMPRESS
1185         help                                     1217         help
1186           zstd compression algorithm             1218           zstd compression algorithm
1187                                                  1219 
1188           See https://github.com/facebook/zst    1220           See https://github.com/facebook/zstd for further information.
1189                                                  1221 
1190 endmenu                                          1222 endmenu
1191                                                  1223 
1192 menu "Random number generation"                  1224 menu "Random number generation"
1193                                                  1225 
1194 config CRYPTO_ANSI_CPRNG                         1226 config CRYPTO_ANSI_CPRNG
1195         tristate "ANSI PRNG (Pseudo Random Nu    1227         tristate "ANSI PRNG (Pseudo Random Number Generator)"
1196         select CRYPTO_AES                        1228         select CRYPTO_AES
1197         select CRYPTO_RNG                        1229         select CRYPTO_RNG
1198         help                                     1230         help
1199           Pseudo RNG (random number generator    1231           Pseudo RNG (random number generator) (ANSI X9.31 Appendix A.2.4)
1200                                                  1232 
1201           This uses the AES cipher algorithm.    1233           This uses the AES cipher algorithm.
1202                                                  1234 
1203           Note that this option must be enabl    1235           Note that this option must be enabled if CRYPTO_FIPS is selected
1204                                                  1236 
1205 menuconfig CRYPTO_DRBG_MENU                      1237 menuconfig CRYPTO_DRBG_MENU
1206         tristate "NIST SP800-90A DRBG (Determ    1238         tristate "NIST SP800-90A DRBG (Deterministic Random Bit Generator)"
1207         help                                     1239         help
1208           DRBG (Deterministic Random Bit Gene    1240           DRBG (Deterministic Random Bit Generator) (NIST SP800-90A)
1209                                                  1241 
1210           In the following submenu, one or mo    1242           In the following submenu, one or more of the DRBG types must be selected.
1211                                                  1243 
1212 if CRYPTO_DRBG_MENU                              1244 if CRYPTO_DRBG_MENU
1213                                                  1245 
1214 config CRYPTO_DRBG_HMAC                          1246 config CRYPTO_DRBG_HMAC
1215         bool                                     1247         bool
1216         default y                                1248         default y
1217         select CRYPTO_HMAC                       1249         select CRYPTO_HMAC
1218         select CRYPTO_SHA512                     1250         select CRYPTO_SHA512
1219                                                  1251 
1220 config CRYPTO_DRBG_HASH                          1252 config CRYPTO_DRBG_HASH
1221         bool "Hash_DRBG"                         1253         bool "Hash_DRBG"
1222         select CRYPTO_SHA256                     1254         select CRYPTO_SHA256
1223         help                                     1255         help
1224           Hash_DRBG variant as defined in NIS    1256           Hash_DRBG variant as defined in NIST SP800-90A.
1225                                                  1257 
1226           This uses the SHA-1, SHA-256, SHA-3    1258           This uses the SHA-1, SHA-256, SHA-384, or SHA-512 hash algorithms.
1227                                                  1259 
1228 config CRYPTO_DRBG_CTR                           1260 config CRYPTO_DRBG_CTR
1229         bool "CTR_DRBG"                          1261         bool "CTR_DRBG"
1230         select CRYPTO_AES                        1262         select CRYPTO_AES
1231         select CRYPTO_CTR                        1263         select CRYPTO_CTR
1232         help                                     1264         help
1233           CTR_DRBG variant as defined in NIST    1265           CTR_DRBG variant as defined in NIST SP800-90A.
1234                                                  1266 
1235           This uses the AES cipher algorithm     1267           This uses the AES cipher algorithm with the counter block mode.
1236                                                  1268 
1237 config CRYPTO_DRBG                               1269 config CRYPTO_DRBG
1238         tristate                                 1270         tristate
1239         default CRYPTO_DRBG_MENU                 1271         default CRYPTO_DRBG_MENU
1240         select CRYPTO_RNG                        1272         select CRYPTO_RNG
1241         select CRYPTO_JITTERENTROPY              1273         select CRYPTO_JITTERENTROPY
1242                                                  1274 
1243 endif   # if CRYPTO_DRBG_MENU                    1275 endif   # if CRYPTO_DRBG_MENU
1244                                                  1276 
1245 config CRYPTO_JITTERENTROPY                      1277 config CRYPTO_JITTERENTROPY
1246         tristate "CPU Jitter Non-Deterministi    1278         tristate "CPU Jitter Non-Deterministic RNG (Random Number Generator)"
1247         select CRYPTO_RNG                        1279         select CRYPTO_RNG
1248         select CRYPTO_SHA3                    << 
1249         help                                     1280         help
1250           CPU Jitter RNG (Random Number Gener    1281           CPU Jitter RNG (Random Number Generator) from the Jitterentropy library
1251                                                  1282 
1252           A non-physical non-deterministic ("    1283           A non-physical non-deterministic ("true") RNG (e.g., an entropy source
1253           compliant with NIST SP800-90B) inte    1284           compliant with NIST SP800-90B) intended to provide a seed to a
1254           deterministic RNG (e.g., per NIST S !! 1285           deterministic RNG (e.g.  per NIST SP800-90C).
1255           This RNG does not perform any crypt    1286           This RNG does not perform any cryptographic whitening of the generated
1256           random numbers.                     << 
1257                                                  1287 
1258           See https://www.chronox.de/jent/    !! 1288           See https://www.chronox.de/jent.html
1259                                               << 
1260 if CRYPTO_JITTERENTROPY                       << 
1261 if CRYPTO_FIPS && EXPERT                      << 
1262                                               << 
1263 choice                                        << 
1264         prompt "CPU Jitter RNG Memory Size"   << 
1265         default CRYPTO_JITTERENTROPY_MEMSIZE_ << 
1266         help                                  << 
1267           The Jitter RNG measures the executi << 
1268           Multiple consecutive memory accesse << 
1269           size fits into a cache (e.g. L1), o << 
1270           to that cache is measured. The clos << 
1271           the less variations are measured an << 
1272           obtained. Thus, if the memory size  << 
1273           obtained entropy is less than if th << 
1274           L1 + L2, which in turn is less if t << 
1275           L1 + L2 + L3. Thus, by selecting a  << 
1276           the entropy rate produced by the Ji << 
1277                                               << 
1278         config CRYPTO_JITTERENTROPY_MEMSIZE_2 << 
1279                 bool "2048 Bytes (default)"   << 
1280                                               << 
1281         config CRYPTO_JITTERENTROPY_MEMSIZE_1 << 
1282                 bool "128 kBytes"             << 
1283                                               << 
1284         config CRYPTO_JITTERENTROPY_MEMSIZE_1 << 
1285                 bool "1024 kBytes"            << 
1286                                               << 
1287         config CRYPTO_JITTERENTROPY_MEMSIZE_8 << 
1288                 bool "8192 kBytes"            << 
1289 endchoice                                     << 
1290                                               << 
1291 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS     << 
1292         int                                   << 
1293         default 64 if CRYPTO_JITTERENTROPY_ME << 
1294         default 512 if CRYPTO_JITTERENTROPY_M << 
1295         default 1024 if CRYPTO_JITTERENTROPY_ << 
1296         default 4096 if CRYPTO_JITTERENTROPY_ << 
1297                                               << 
1298 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE  << 
1299         int                                   << 
1300         default 32 if CRYPTO_JITTERENTROPY_ME << 
1301         default 256 if CRYPTO_JITTERENTROPY_M << 
1302         default 1024 if CRYPTO_JITTERENTROPY_ << 
1303         default 2048 if CRYPTO_JITTERENTROPY_ << 
1304                                               << 
1305 config CRYPTO_JITTERENTROPY_OSR               << 
1306         int "CPU Jitter RNG Oversampling Rate << 
1307         range 1 15                            << 
1308         default 3                             << 
1309         help                                  << 
1310           The Jitter RNG allows the specifica << 
1311           The Jitter RNG operation requires a << 
1312           measurements to produce one output  << 
1313           OSR value is multiplied with the am << 
1314           generate one output block. Thus, th << 
1315           by the OSR factor. The oversampling << 
1316           on hardware whose timers deliver li << 
1317           the timer is coarse) by setting the << 
1318           trade-off, however, is that the Jit << 
1319           to generate random numbers.         << 
1320                                               << 
1321 config CRYPTO_JITTERENTROPY_TESTINTERFACE     << 
1322         bool "CPU Jitter RNG Test Interface"  << 
1323         help                                  << 
1324           The test interface allows a privile << 
1325           the raw unconditioned high resoluti << 
1326           is collected by the Jitter RNG for  << 
1327           this data is used at the same time  << 
1328           the Jitter RNG operates in an insec << 
1329           recording is enabled. This interfac << 
1330           intended for testing purposes and i << 
1331           production systems.                 << 
1332                                               << 
1333           The raw noise data can be obtained  << 
1334           debugfs file. Using the option      << 
1335           jitterentropy_testing.boot_raw_hire << 
1336           the first 1000 entropy events since << 
1337                                               << 
1338           If unsure, select N.                << 
1339                                               << 
1340 endif   # if CRYPTO_FIPS && EXPERT            << 
1341                                               << 
1342 if !(CRYPTO_FIPS && EXPERT)                   << 
1343                                               << 
1344 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS     << 
1345         int                                   << 
1346         default 64                            << 
1347                                               << 
1348 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE  << 
1349         int                                   << 
1350         default 32                            << 
1351                                               << 
1352 config CRYPTO_JITTERENTROPY_OSR               << 
1353         int                                   << 
1354         default 1                             << 
1355                                               << 
1356 config CRYPTO_JITTERENTROPY_TESTINTERFACE     << 
1357         bool                                  << 
1358                                               << 
1359 endif   # if !(CRYPTO_FIPS && EXPERT)         << 
1360 endif   # if CRYPTO_JITTERENTROPY             << 
1361                                                  1289 
1362 config CRYPTO_KDF800108_CTR                      1290 config CRYPTO_KDF800108_CTR
1363         tristate                                 1291         tristate
1364         select CRYPTO_HMAC                       1292         select CRYPTO_HMAC
1365         select CRYPTO_SHA256                     1293         select CRYPTO_SHA256
1366                                                  1294 
1367 endmenu                                          1295 endmenu
1368 menu "Userspace interface"                       1296 menu "Userspace interface"
1369                                                  1297 
1370 config CRYPTO_USER_API                           1298 config CRYPTO_USER_API
1371         tristate                                 1299         tristate
1372                                                  1300 
1373 config CRYPTO_USER_API_HASH                      1301 config CRYPTO_USER_API_HASH
1374         tristate "Hash algorithms"               1302         tristate "Hash algorithms"
1375         depends on NET                           1303         depends on NET
1376         select CRYPTO_HASH                       1304         select CRYPTO_HASH
1377         select CRYPTO_USER_API                   1305         select CRYPTO_USER_API
1378         help                                     1306         help
1379           Enable the userspace interface for     1307           Enable the userspace interface for hash algorithms.
1380                                                  1308 
1381           See Documentation/crypto/userspace-    1309           See Documentation/crypto/userspace-if.rst and
1382           https://www.chronox.de/libkcapi/htm    1310           https://www.chronox.de/libkcapi/html/index.html
1383                                                  1311 
1384 config CRYPTO_USER_API_SKCIPHER                  1312 config CRYPTO_USER_API_SKCIPHER
1385         tristate "Symmetric key cipher algori    1313         tristate "Symmetric key cipher algorithms"
1386         depends on NET                           1314         depends on NET
1387         select CRYPTO_SKCIPHER                   1315         select CRYPTO_SKCIPHER
1388         select CRYPTO_USER_API                   1316         select CRYPTO_USER_API
1389         help                                     1317         help
1390           Enable the userspace interface for     1318           Enable the userspace interface for symmetric key cipher algorithms.
1391                                                  1319 
1392           See Documentation/crypto/userspace-    1320           See Documentation/crypto/userspace-if.rst and
1393           https://www.chronox.de/libkcapi/htm    1321           https://www.chronox.de/libkcapi/html/index.html
1394                                                  1322 
1395 config CRYPTO_USER_API_RNG                       1323 config CRYPTO_USER_API_RNG
1396         tristate "RNG (random number generato    1324         tristate "RNG (random number generator) algorithms"
1397         depends on NET                           1325         depends on NET
1398         select CRYPTO_RNG                        1326         select CRYPTO_RNG
1399         select CRYPTO_USER_API                   1327         select CRYPTO_USER_API
1400         help                                     1328         help
1401           Enable the userspace interface for     1329           Enable the userspace interface for RNG (random number generator)
1402           algorithms.                            1330           algorithms.
1403                                                  1331 
1404           See Documentation/crypto/userspace-    1332           See Documentation/crypto/userspace-if.rst and
1405           https://www.chronox.de/libkcapi/htm    1333           https://www.chronox.de/libkcapi/html/index.html
1406                                                  1334 
1407 config CRYPTO_USER_API_RNG_CAVP                  1335 config CRYPTO_USER_API_RNG_CAVP
1408         bool "Enable CAVP testing of DRBG"       1336         bool "Enable CAVP testing of DRBG"
1409         depends on CRYPTO_USER_API_RNG && CRY    1337         depends on CRYPTO_USER_API_RNG && CRYPTO_DRBG
1410         help                                     1338         help
1411           Enable extra APIs in the userspace     1339           Enable extra APIs in the userspace interface for NIST CAVP
1412           (Cryptographic Algorithm Validation    1340           (Cryptographic Algorithm Validation Program) testing:
1413           - resetting DRBG entropy               1341           - resetting DRBG entropy
1414           - providing Additional Data            1342           - providing Additional Data
1415                                                  1343 
1416           This should only be enabled for CAV    1344           This should only be enabled for CAVP testing. You should say
1417           no unless you know what this is.       1345           no unless you know what this is.
1418                                                  1346 
1419 config CRYPTO_USER_API_AEAD                      1347 config CRYPTO_USER_API_AEAD
1420         tristate "AEAD cipher algorithms"        1348         tristate "AEAD cipher algorithms"
1421         depends on NET                           1349         depends on NET
1422         select CRYPTO_AEAD                       1350         select CRYPTO_AEAD
1423         select CRYPTO_SKCIPHER                   1351         select CRYPTO_SKCIPHER
1424         select CRYPTO_NULL                       1352         select CRYPTO_NULL
1425         select CRYPTO_USER_API                   1353         select CRYPTO_USER_API
1426         help                                     1354         help
1427           Enable the userspace interface for     1355           Enable the userspace interface for AEAD cipher algorithms.
1428                                                  1356 
1429           See Documentation/crypto/userspace-    1357           See Documentation/crypto/userspace-if.rst and
1430           https://www.chronox.de/libkcapi/htm    1358           https://www.chronox.de/libkcapi/html/index.html
1431                                                  1359 
1432 config CRYPTO_USER_API_ENABLE_OBSOLETE           1360 config CRYPTO_USER_API_ENABLE_OBSOLETE
1433         bool "Obsolete cryptographic algorith    1361         bool "Obsolete cryptographic algorithms"
1434         depends on CRYPTO_USER_API               1362         depends on CRYPTO_USER_API
1435         default y                                1363         default y
1436         help                                     1364         help
1437           Allow obsolete cryptographic algori    1365           Allow obsolete cryptographic algorithms to be selected that have
1438           already been phased out from intern    1366           already been phased out from internal use by the kernel, and are
1439           only useful for userspace clients t    1367           only useful for userspace clients that still rely on them.
1440                                                  1368 
                                                   >> 1369 config CRYPTO_STATS
                                                   >> 1370         bool "Crypto usage statistics"
                                                   >> 1371         depends on CRYPTO_USER
                                                   >> 1372         help
                                                   >> 1373           Enable the gathering of crypto stats.
                                                   >> 1374 
                                                   >> 1375           This collects data sizes, numbers of requests, and numbers
                                                   >> 1376           of errors processed by:
                                                   >> 1377           - AEAD ciphers (encrypt, decrypt)
                                                   >> 1378           - asymmetric key ciphers (encrypt, decrypt, verify, sign)
                                                   >> 1379           - symmetric key ciphers (encrypt, decrypt)
                                                   >> 1380           - compression algorithms (compress, decompress)
                                                   >> 1381           - hash algorithms (hash)
                                                   >> 1382           - key-agreement protocol primitives (setsecret, generate
                                                   >> 1383             public key, compute shared secret)
                                                   >> 1384           - RNG (generate, seed)
                                                   >> 1385 
1441 endmenu                                          1386 endmenu
1442                                                  1387 
1443 config CRYPTO_HASH_INFO                          1388 config CRYPTO_HASH_INFO
1444         bool                                     1389         bool
1445                                                  1390 
1446 if !KMSAN # avoid false positives from assemb    1391 if !KMSAN # avoid false positives from assembly
1447 if ARM                                           1392 if ARM
1448 source "arch/arm/crypto/Kconfig"                 1393 source "arch/arm/crypto/Kconfig"
1449 endif                                            1394 endif
1450 if ARM64                                         1395 if ARM64
1451 source "arch/arm64/crypto/Kconfig"               1396 source "arch/arm64/crypto/Kconfig"
1452 endif                                            1397 endif
1453 if LOONGARCH                                     1398 if LOONGARCH
1454 source "arch/loongarch/crypto/Kconfig"           1399 source "arch/loongarch/crypto/Kconfig"
1455 endif                                            1400 endif
1456 if MIPS                                          1401 if MIPS
1457 source "arch/mips/crypto/Kconfig"                1402 source "arch/mips/crypto/Kconfig"
1458 endif                                            1403 endif
1459 if PPC                                           1404 if PPC
1460 source "arch/powerpc/crypto/Kconfig"             1405 source "arch/powerpc/crypto/Kconfig"
1461 endif                                         << 
1462 if RISCV                                      << 
1463 source "arch/riscv/crypto/Kconfig"            << 
1464 endif                                            1406 endif
1465 if S390                                          1407 if S390
1466 source "arch/s390/crypto/Kconfig"                1408 source "arch/s390/crypto/Kconfig"
1467 endif                                            1409 endif
1468 if SPARC                                         1410 if SPARC
1469 source "arch/sparc/crypto/Kconfig"               1411 source "arch/sparc/crypto/Kconfig"
1470 endif                                            1412 endif
1471 if X86                                           1413 if X86
1472 source "arch/x86/crypto/Kconfig"                 1414 source "arch/x86/crypto/Kconfig"
1473 endif                                            1415 endif
1474 endif                                            1416 endif
1475                                                  1417 
1476 source "drivers/crypto/Kconfig"                  1418 source "drivers/crypto/Kconfig"
1477 source "crypto/asymmetric_keys/Kconfig"          1419 source "crypto/asymmetric_keys/Kconfig"
1478 source "certs/Kconfig"                           1420 source "certs/Kconfig"
1479                                                  1421 
1480 endif   # if CRYPTO                              1422 endif   # if CRYPTO
                                                      

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php