1 # SPDX-License-Identifier: GPL-2.0 2 3 menu "Accelerated Cryptographic Algorithms for CPU (arm)" 4 5 config CRYPTO_CURVE25519_NEON 6 tristate "Public key crypto: Curve25519 (NEON)" 7 depends on KERNEL_MODE_NEON 8 select CRYPTO_LIB_CURVE25519_GENERIC 9 select CRYPTO_ARCH_HAVE_LIB_CURVE25519 10 help 11 Curve25519 algorithm 12 13 Architecture: arm with 14 - NEON (Advanced SIMD) extensions 15 16 config CRYPTO_GHASH_ARM_CE 17 tristate "Hash functions: GHASH (PMULL/NEON/ARMv8 Crypto Extensions)" 18 depends on KERNEL_MODE_NEON 19 select CRYPTO_AEAD 20 select CRYPTO_HASH 21 select CRYPTO_CRYPTD 22 select CRYPTO_LIB_AES 23 select CRYPTO_LIB_GF128MUL 24 help 25 GCM GHASH function (NIST SP800-38D) 26 27 Architecture: arm using 28 - PMULL (Polynomial Multiply Long) instructions 29 - NEON (Advanced SIMD) extensions 30 - ARMv8 Crypto Extensions 31 32 Use an implementation of GHASH (used by the GCM AEAD chaining mode) 33 that uses the 64x64 to 128 bit polynomial multiplication (vmull.p64) 34 that is part of the ARMv8 Crypto Extensions, or a slower variant that 35 uses the vmull.p8 instruction that is part of the basic NEON ISA. 36 37 config CRYPTO_NHPOLY1305_NEON 38 tristate "Hash functions: NHPoly1305 (NEON)" 39 depends on KERNEL_MODE_NEON 40 select CRYPTO_NHPOLY1305 41 help 42 NHPoly1305 hash function (Adiantum) 43 44 Architecture: arm using: 45 - NEON (Advanced SIMD) extensions 46 47 config CRYPTO_POLY1305_ARM 48 tristate "Hash functions: Poly1305 (NEON)" 49 select CRYPTO_HASH 50 select CRYPTO_ARCH_HAVE_LIB_POLY1305 51 help 52 Poly1305 authenticator algorithm (RFC7539) 53 54 Architecture: arm optionally using 55 - NEON (Advanced SIMD) extensions 56 57 config CRYPTO_BLAKE2S_ARM 58 bool "Hash functions: BLAKE2s" 59 select CRYPTO_ARCH_HAVE_LIB_BLAKE2S 60 help 61 BLAKE2s cryptographic hash function (RFC 7693) 62 63 Architecture: arm 64 65 This is faster than the generic implementations of BLAKE2s and 66 BLAKE2b, but slower than the NEON implementation of BLAKE2b. 67 There is no NEON implementation of BLAKE2s, since NEON doesn't 68 really help with it. 69 70 config CRYPTO_BLAKE2B_NEON 71 tristate "Hash functions: BLAKE2b (NEON)" 72 depends on KERNEL_MODE_NEON 73 select CRYPTO_BLAKE2B 74 help 75 BLAKE2b cryptographic hash function (RFC 7693) 76 77 Architecture: arm using 78 - NEON (Advanced SIMD) extensions 79 80 BLAKE2b digest algorithm optimized with ARM NEON instructions. 81 On ARM processors that have NEON support but not the ARMv8 82 Crypto Extensions, typically this BLAKE2b implementation is 83 much faster than the SHA-2 family and slightly faster than 84 SHA-1. 85 86 config CRYPTO_SHA1_ARM 87 tristate "Hash functions: SHA-1" 88 select CRYPTO_SHA1 89 select CRYPTO_HASH 90 help 91 SHA-1 secure hash algorithm (FIPS 180) 92 93 Architecture: arm 94 95 config CRYPTO_SHA1_ARM_NEON 96 tristate "Hash functions: SHA-1 (NEON)" 97 depends on KERNEL_MODE_NEON 98 select CRYPTO_SHA1_ARM 99 select CRYPTO_SHA1 100 select CRYPTO_HASH 101 help 102 SHA-1 secure hash algorithm (FIPS 180) 103 104 Architecture: arm using 105 - NEON (Advanced SIMD) extensions 106 107 config CRYPTO_SHA1_ARM_CE 108 tristate "Hash functions: SHA-1 (ARMv8 Crypto Extensions)" 109 depends on KERNEL_MODE_NEON 110 select CRYPTO_SHA1_ARM 111 select CRYPTO_HASH 112 help 113 SHA-1 secure hash algorithm (FIPS 180) 114 115 Architecture: arm using ARMv8 Crypto Extensions 116 117 config CRYPTO_SHA2_ARM_CE 118 tristate "Hash functions: SHA-224 and SHA-256 (ARMv8 Crypto Extensions)" 119 depends on KERNEL_MODE_NEON 120 select CRYPTO_SHA256_ARM 121 select CRYPTO_HASH 122 help 123 SHA-224 and SHA-256 secure hash algorithms (FIPS 180) 124 125 Architecture: arm using 126 - ARMv8 Crypto Extensions 127 128 config CRYPTO_SHA256_ARM 129 tristate "Hash functions: SHA-224 and SHA-256 (NEON)" 130 select CRYPTO_HASH 131 depends on !CPU_V7M 132 help 133 SHA-224 and SHA-256 secure hash algorithms (FIPS 180) 134 135 Architecture: arm using 136 - NEON (Advanced SIMD) extensions 137 138 config CRYPTO_SHA512_ARM 139 tristate "Hash functions: SHA-384 and SHA-512 (NEON)" 140 select CRYPTO_HASH 141 depends on !CPU_V7M 142 help 143 SHA-384 and SHA-512 secure hash algorithms (FIPS 180) 144 145 Architecture: arm using 146 - NEON (Advanced SIMD) extensions 147 148 config CRYPTO_AES_ARM 149 tristate "Ciphers: AES" 150 select CRYPTO_ALGAPI 151 select CRYPTO_AES 152 help 153 Block ciphers: AES cipher algorithms (FIPS-197) 154 155 Architecture: arm 156 157 On ARM processors without the Crypto Extensions, this is the 158 fastest AES implementation for single blocks. For multiple 159 blocks, the NEON bit-sliced implementation is usually faster. 160 161 This implementation may be vulnerable to cache timing attacks, 162 since it uses lookup tables. However, as countermeasures it 163 disables IRQs and preloads the tables; it is hoped this makes 164 such attacks very difficult. 165 166 config CRYPTO_AES_ARM_BS 167 tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (bit-sliced NEON)" 168 depends on KERNEL_MODE_NEON 169 select CRYPTO_SKCIPHER 170 select CRYPTO_LIB_AES 171 select CRYPTO_AES 172 select CRYPTO_CBC 173 select CRYPTO_SIMD 174 help 175 Length-preserving ciphers: AES cipher algorithms (FIPS-197) 176 with block cipher modes: 177 - ECB (Electronic Codebook) mode (NIST SP800-38A) 178 - CBC (Cipher Block Chaining) mode (NIST SP800-38A) 179 - CTR (Counter) mode (NIST SP800-38A) 180 - XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E 181 and IEEE 1619) 182 183 Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode 184 and for XTS mode encryption, CBC and XTS mode decryption speedup is 185 around 25%. (CBC encryption speed is not affected by this driver.) 186 This implementation does not rely on any lookup tables so it is 187 believed to be invulnerable to cache timing attacks. 188 189 config CRYPTO_AES_ARM_CE 190 tristate "Ciphers: AES, modes: ECB/CBC/CTS/CTR/XTS (ARMv8 Crypto Extensions)" 191 depends on KERNEL_MODE_NEON 192 select CRYPTO_SKCIPHER 193 select CRYPTO_LIB_AES 194 select CRYPTO_SIMD 195 help 196 Length-preserving ciphers: AES cipher algorithms (FIPS-197) 197 with block cipher modes: 198 - ECB (Electronic Codebook) mode (NIST SP800-38A) 199 - CBC (Cipher Block Chaining) mode (NIST SP800-38A) 200 - CTR (Counter) mode (NIST SP800-38A) 201 - CTS (Cipher Text Stealing) mode (NIST SP800-38A) 202 - XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E 203 and IEEE 1619) 204 205 Architecture: arm using: 206 - ARMv8 Crypto Extensions 207 208 config CRYPTO_CHACHA20_NEON 209 tristate "Ciphers: ChaCha20, XChaCha20, XChaCha12 (NEON)" 210 select CRYPTO_SKCIPHER 211 select CRYPTO_ARCH_HAVE_LIB_CHACHA 212 help 213 Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12 214 stream cipher algorithms 215 216 Architecture: arm using: 217 - NEON (Advanced SIMD) extensions 218 219 config CRYPTO_CRC32_ARM_CE 220 tristate "CRC32C and CRC32" 221 depends on KERNEL_MODE_NEON 222 depends on CRC32 223 select CRYPTO_HASH 224 help 225 CRC32c CRC algorithm with the iSCSI polynomial (RFC 3385 and RFC 3720) 226 and CRC32 CRC algorithm (IEEE 802.3) 227 228 Architecture: arm using: 229 - CRC and/or PMULL instructions 230 231 Drivers: crc32-arm-ce and crc32c-arm-ce 232 233 config CRYPTO_CRCT10DIF_ARM_CE 234 tristate "CRCT10DIF" 235 depends on KERNEL_MODE_NEON 236 depends on CRC_T10DIF 237 select CRYPTO_HASH 238 help 239 CRC16 CRC algorithm used for the T10 (SCSI) Data Integrity Field (DIF) 240 241 Architecture: arm using: 242 - PMULL (Polynomial Multiply Long) instructions 243 244 endmenu 245
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.