summaryrefslogtreecommitdiffstats
path: root/arch/x86/crypto/Kconfig
blob: 03f9a3a35e4232b548a266b47a66b7740822b2bb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
# SPDX-License-Identifier: GPL-2.0

menu "Accelerated Cryptographic Algorithms for CPU (x86)"

config CRYPTO_CURVE25519_X86
	tristate "Public key crypto: Curve25519 (ADX)"
	depends on X86 && 64BIT
	select CRYPTO_LIB_CURVE25519_GENERIC
	select CRYPTO_ARCH_HAVE_LIB_CURVE25519
	help
	  Curve25519 algorithm

	  Architecture: x86_64 using:
	  - ADX (large integer arithmetic)

config CRYPTO_AES_NI_INTEL
	tristate "AES cipher algorithms (AES-NI)"
	depends on X86
	select CRYPTO_AEAD
	select CRYPTO_LIB_AES
	select CRYPTO_ALGAPI
	select CRYPTO_SKCIPHER
	select CRYPTO_SIMD
	help
	  Use Intel AES-NI instructions for AES algorithm.

	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
	  algorithm.

	  Rijndael appears to be consistently a very good performer in
	  both hardware and software across a wide range of computing
	  environments regardless of its use in feedback or non-feedback
	  modes. Its key setup time is excellent, and its key agility is
	  good. Rijndael's very low memory requirements make it very well
	  suited for restricted-space environments, in which it also
	  demonstrates excellent performance. Rijndael's operations are
	  among the easiest to defend against power and timing attacks.

	  The AES specifies three key sizes: 128, 192 and 256 bits

	  See <http://csrc.nist.gov/encryption/aes/> for more information.

	  In addition to AES cipher algorithm support, the acceleration
	  for some popular block cipher mode is supported too, including
	  ECB, CBC, LRW, XTS. The 64 bit version has additional
	  acceleration for CTR and XCTR.

config CRYPTO_BLOWFISH_X86_64
	tristate "Blowfish cipher algorithm (x86_64)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_BLOWFISH_COMMON
	imply CRYPTO_CTR
	help
	  Blowfish cipher algorithm (x86_64), by Bruce Schneier.

	  This is a variable key length cipher which can use keys from 32
	  bits to 448 bits in length.  It's fast, simple and specifically
	  designed for use on "large microprocessors".

	  See also:
	  <https://www.schneier.com/blowfish.html>

config CRYPTO_CAMELLIA_X86_64
	tristate "Camellia cipher algorithm (x86_64)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	imply CRYPTO_CTR
	help
	  Camellia cipher algorithm module (x86_64).

	  Camellia is a symmetric key block cipher developed jointly
	  at NTT and Mitsubishi Electric Corporation.

	  The Camellia specifies three key sizes: 128, 192 and 256 bits.

	  See also:
	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>

config CRYPTO_CAMELLIA_AESNI_AVX_X86_64
	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_CAMELLIA_X86_64
	select CRYPTO_SIMD
	imply CRYPTO_XTS
	help
	  Camellia cipher algorithm module (x86_64/AES-NI/AVX).

	  Camellia is a symmetric key block cipher developed jointly
	  at NTT and Mitsubishi Electric Corporation.

	  The Camellia specifies three key sizes: 128, 192 and 256 bits.

	  See also:
	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>

config CRYPTO_CAMELLIA_AESNI_AVX2_X86_64
	tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
	depends on X86 && 64BIT
	select CRYPTO_CAMELLIA_AESNI_AVX_X86_64
	help
	  Camellia cipher algorithm module (x86_64/AES-NI/AVX2).

	  Camellia is a symmetric key block cipher developed jointly
	  at NTT and Mitsubishi Electric Corporation.

	  The Camellia specifies three key sizes: 128, 192 and 256 bits.

	  See also:
	  <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>

config CRYPTO_CAST5_AVX_X86_64
	tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_CAST5
	select CRYPTO_CAST_COMMON
	select CRYPTO_SIMD
	imply CRYPTO_CTR
	help
	  The CAST5 encryption algorithm (synonymous with CAST-128) is
	  described in RFC2144.

	  This module provides the Cast5 cipher algorithm that processes
	  sixteen blocks parallel using the AVX instruction set.

config CRYPTO_CAST6_AVX_X86_64
	tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_CAST6
	select CRYPTO_CAST_COMMON
	select CRYPTO_SIMD
	imply CRYPTO_XTS
	imply CRYPTO_CTR
	help
	  The CAST6 encryption algorithm (synonymous with CAST-256) is
	  described in RFC2612.

	  This module provides the Cast6 cipher algorithm that processes
	  eight blocks parallel using the AVX instruction set.

config CRYPTO_DES3_EDE_X86_64
	tristate "Triple DES EDE cipher algorithm (x86-64)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_LIB_DES
	imply CRYPTO_CTR
	help
	  Triple DES EDE (FIPS 46-3) algorithm.

	  This module provides implementation of the Triple DES EDE cipher
	  algorithm that is optimized for x86-64 processors. Two versions of
	  algorithm are provided; regular processing one input block and
	  one that processes three blocks parallel.

config CRYPTO_SERPENT_SSE2_X86_64
	tristate "Serpent cipher algorithm (x86_64/SSE2)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_SERPENT
	select CRYPTO_SIMD
	imply CRYPTO_CTR
	help
	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.

	  Keys are allowed to be from 0 to 256 bits in length, in steps
	  of 8 bits.

	  This module provides Serpent cipher algorithm that processes eight
	  blocks parallel using SSE2 instruction set.

	  See also:
	  <https://www.cl.cam.ac.uk/~rja14/serpent.html>

config CRYPTO_SERPENT_SSE2_586
	tristate "Serpent cipher algorithm (i586/SSE2)"
	depends on X86 && !64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_SERPENT
	select CRYPTO_SIMD
	imply CRYPTO_CTR
	help
	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.

	  Keys are allowed to be from 0 to 256 bits in length, in steps
	  of 8 bits.

	  This module provides Serpent cipher algorithm that processes four
	  blocks parallel using SSE2 instruction set.

	  See also:
	  <https://www.cl.cam.ac.uk/~rja14/serpent.html>

config CRYPTO_SERPENT_AVX_X86_64
	tristate "Serpent cipher algorithm (x86_64/AVX)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_SERPENT
	select CRYPTO_SIMD
	imply CRYPTO_XTS
	imply CRYPTO_CTR
	help
	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.

	  Keys are allowed to be from 0 to 256 bits in length, in steps
	  of 8 bits.

	  This module provides the Serpent cipher algorithm that processes
	  eight blocks parallel using the AVX instruction set.

	  See also:
	  <https://www.cl.cam.ac.uk/~rja14/serpent.html>

config CRYPTO_SERPENT_AVX2_X86_64
	tristate "Serpent cipher algorithm (x86_64/AVX2)"
	depends on X86 && 64BIT
	select CRYPTO_SERPENT_AVX_X86_64
	help
	  Serpent cipher algorithm, by Anderson, Biham & Knudsen.

	  Keys are allowed to be from 0 to 256 bits in length, in steps
	  of 8 bits.

	  This module provides Serpent cipher algorithm that processes 16
	  blocks parallel using AVX2 instruction set.

	  See also:
	  <https://www.cl.cam.ac.uk/~rja14/serpent.html>

config CRYPTO_SM4_AESNI_AVX_X86_64
	tristate "SM4 cipher algorithm (x86_64/AES-NI/AVX)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_SIMD
	select CRYPTO_ALGAPI
	select CRYPTO_SM4
	help
	  SM4 cipher algorithms (OSCCA GB/T 32907-2016) (x86_64/AES-NI/AVX).

	  SM4 (GBT.32907-2016) is a cryptographic standard issued by the
	  Organization of State Commercial Administration of China (OSCCA)
	  as an authorized cryptographic algorithms for the use within China.

	  This is SM4 optimized implementation using AES-NI/AVX/x86_64
	  instruction set for block cipher. Through two affine transforms,
	  we can use the AES S-Box to simulate the SM4 S-Box to achieve the
	  effect of instruction acceleration.

	  If unsure, say N.

config CRYPTO_SM4_AESNI_AVX2_X86_64
	tristate "SM4 cipher algorithm (x86_64/AES-NI/AVX2)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_SIMD
	select CRYPTO_ALGAPI
	select CRYPTO_SM4
	select CRYPTO_SM4_AESNI_AVX_X86_64
	help
	  SM4 cipher algorithms (OSCCA GB/T 32907-2016) (x86_64/AES-NI/AVX2).

	  SM4 (GBT.32907-2016) is a cryptographic standard issued by the
	  Organization of State Commercial Administration of China (OSCCA)
	  as an authorized cryptographic algorithms for the use within China.

	  This is SM4 optimized implementation using AES-NI/AVX2/x86_64
	  instruction set for block cipher. Through two affine transforms,
	  we can use the AES S-Box to simulate the SM4 S-Box to achieve the
	  effect of instruction acceleration.

	  If unsure, say N.

config CRYPTO_TWOFISH_586
	tristate "Twofish cipher algorithms (i586)"
	depends on (X86 || UML_X86) && !64BIT
	select CRYPTO_ALGAPI
	select CRYPTO_TWOFISH_COMMON
	imply CRYPTO_CTR
	help
	  Twofish cipher algorithm.

	  Twofish was submitted as an AES (Advanced Encryption Standard)
	  candidate cipher by researchers at CounterPane Systems.  It is a
	  16 round block cipher supporting key sizes of 128, 192, and 256
	  bits.

	  See also:
	  <https://www.schneier.com/twofish.html>

config CRYPTO_TWOFISH_X86_64
	tristate "Twofish cipher algorithm (x86_64)"
	depends on (X86 || UML_X86) && 64BIT
	select CRYPTO_ALGAPI
	select CRYPTO_TWOFISH_COMMON
	imply CRYPTO_CTR
	help
	  Twofish cipher algorithm (x86_64).

	  Twofish was submitted as an AES (Advanced Encryption Standard)
	  candidate cipher by researchers at CounterPane Systems.  It is a
	  16 round block cipher supporting key sizes of 128, 192, and 256
	  bits.

	  See also:
	  <https://www.schneier.com/twofish.html>

config CRYPTO_TWOFISH_X86_64_3WAY
	tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_TWOFISH_COMMON
	select CRYPTO_TWOFISH_X86_64
	help
	  Twofish cipher algorithm (x86_64, 3-way parallel).

	  Twofish was submitted as an AES (Advanced Encryption Standard)
	  candidate cipher by researchers at CounterPane Systems.  It is a
	  16 round block cipher supporting key sizes of 128, 192, and 256
	  bits.

	  This module provides Twofish cipher algorithm that processes three
	  blocks parallel, utilizing resources of out-of-order CPUs better.

	  See also:
	  <https://www.schneier.com/twofish.html>

config CRYPTO_TWOFISH_AVX_X86_64
	tristate "Twofish cipher algorithm (x86_64/AVX)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_SIMD
	select CRYPTO_TWOFISH_COMMON
	select CRYPTO_TWOFISH_X86_64
	select CRYPTO_TWOFISH_X86_64_3WAY
	imply CRYPTO_XTS
	help
	  Twofish cipher algorithm (x86_64/AVX).

	  Twofish was submitted as an AES (Advanced Encryption Standard)
	  candidate cipher by researchers at CounterPane Systems.  It is a
	  16 round block cipher supporting key sizes of 128, 192, and 256
	  bits.

	  This module provides the Twofish cipher algorithm that processes
	  eight blocks parallel using the AVX Instruction Set.

	  See also:
	  <https://www.schneier.com/twofish.html>

config CRYPTO_CHACHA20_X86_64
	tristate "ChaCha stream cipher algorithms (x86_64/SSSE3/AVX2/AVX-512VL)"
	depends on X86 && 64BIT
	select CRYPTO_SKCIPHER
	select CRYPTO_LIB_CHACHA_GENERIC
	select CRYPTO_ARCH_HAVE_LIB_CHACHA
	help
	  SSSE3, AVX2, and AVX-512VL optimized implementations of the ChaCha20,
	  XChaCha20, and XChaCha12 stream ciphers.

config CRYPTO_AEGIS128_AESNI_SSE2
	tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
	depends on X86 && 64BIT
	select CRYPTO_AEAD
	select CRYPTO_SIMD
	help
	 AESNI+SSE2 implementation of the AEGIS-128 dedicated AEAD algorithm.

config CRYPTO_NHPOLY1305_SSE2
	tristate "NHPoly1305 hash function (x86_64 SSE2 implementation)"
	depends on X86 && 64BIT
	select CRYPTO_NHPOLY1305
	help
	  SSE2 optimized implementation of the hash function used by the
	  Adiantum encryption mode.

config CRYPTO_NHPOLY1305_AVX2
	tristate "NHPoly1305 hash function (x86_64 AVX2 implementation)"
	depends on X86 && 64BIT
	select CRYPTO_NHPOLY1305
	help
	  AVX2 optimized implementation of the hash function used by the
	  Adiantum encryption mode.

config CRYPTO_BLAKE2S_X86
	bool "BLAKE2s digest algorithm (x86 accelerated version)"
	depends on X86 && 64BIT
	select CRYPTO_LIB_BLAKE2S_GENERIC
	select CRYPTO_ARCH_HAVE_LIB_BLAKE2S

config CRYPTO_POLYVAL_CLMUL_NI
	tristate "POLYVAL hash function (CLMUL-NI accelerated)"
	depends on X86 && 64BIT
	select CRYPTO_POLYVAL
	help
	  This is the x86_64 CLMUL-NI accelerated implementation of POLYVAL. It is
	  used to efficiently implement HCTR2 on x86-64 processors that support
	  carry-less multiplication instructions.

config CRYPTO_POLY1305_X86_64
	tristate "Poly1305 authenticator algorithm (x86_64/SSE2/AVX2)"
	depends on X86 && 64BIT
	select CRYPTO_LIB_POLY1305_GENERIC
	select CRYPTO_ARCH_HAVE_LIB_POLY1305
	help
	  Poly1305 authenticator algorithm, RFC7539.

	  Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
	  It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
	  in IETF protocols. This is the x86_64 assembler implementation using SIMD
	  instructions.

config CRYPTO_SHA1_SSSE3
	tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
	depends on X86 && 64BIT
	select CRYPTO_SHA1
	select CRYPTO_HASH
	help
	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
	  using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
	  Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
	  when available.

config CRYPTO_SHA256_SSSE3
	tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
	depends on X86 && 64BIT
	select CRYPTO_SHA256
	select CRYPTO_HASH
	help
	  SHA-256 secure hash standard (DFIPS 180-2) implemented
	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
	  Extensions version 1 (AVX1), or Advanced Vector Extensions
	  version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
	  Instructions) when available.

config CRYPTO_SHA512_SSSE3
	tristate "SHA512 digest algorithm (SSSE3/AVX/AVX2)"
	depends on X86 && 64BIT
	select CRYPTO_SHA512
	select CRYPTO_HASH
	help
	  SHA-512 secure hash standard (DFIPS 180-2) implemented
	  using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
	  Extensions version 1 (AVX1), or Advanced Vector Extensions
	  version 2 (AVX2) instructions, when available.

config CRYPTO_SM3_AVX_X86_64
	tristate "SM3 digest algorithm (x86_64/AVX)"
	depends on X86 && 64BIT
	select CRYPTO_HASH
	select CRYPTO_SM3
	help
	  SM3 secure hash function as defined by OSCCA GM/T 0004-2012 SM3).
	  It is part of the Chinese Commercial Cryptography suite. This is
	  SM3 optimized implementation using Advanced Vector Extensions (AVX)
	  when available.

	  If unsure, say N.

config CRYPTO_GHASH_CLMUL_NI_INTEL
	tristate "GHASH hash function (CLMUL-NI accelerated)"
	depends on X86 && 64BIT
	select CRYPTO_CRYPTD
	help
	  This is the x86_64 CLMUL-NI accelerated implementation of
	  GHASH, the hash function used in GCM (Galois/Counter mode).

config CRYPTO_CRC32C_INTEL
	tristate "CRC32c (SSE4.2/PCLMULQDQ)"
	depends on X86
	select CRYPTO_HASH
	help
	  CRC32c CRC algorithm with the iSCSI polynomial (RFC 3385 and RFC 3720)

	  Architecture: x86 (32-bit and 64-bit) using:
	  - SSE4.2 (Streaming SIMD Extensions 4.2) CRC32 instruction
	  - PCLMULQDQ (carry-less multiplication)

config CRYPTO_CRC32_PCLMUL
	tristate "CRC32 (PCLMULQDQ)"
	depends on X86
	select CRYPTO_HASH
	select CRC32
	help
	  CRC32 CRC algorithm (IEEE 802.3)

	  Architecture: x86 (32-bit and 64-bit) using:
	  - PCLMULQDQ (carry-less multiplication)

config CRYPTO_CRCT10DIF_PCLMUL
	tristate "CRCT10DIF (PCLMULQDQ)"
	depends on X86 && 64BIT && CRC_T10DIF
	select CRYPTO_HASH
	help
	  CRC16 CRC algorithm used for the T10 (SCSI) Data Integrity Field (DIF)

	  Architecture: x86_64 using:
	  - PCLMULQDQ (carry-less multiplication)

endmenu