summaryrefslogtreecommitdiff
path: root/drivers/crypto/Kconfig
blob: b08403d7d1ca011b8608baecb8fde7585bd5a2d2 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225

menuconfig CRYPTO_HW
	bool "Hardware crypto devices"
	default y
	---help---
	  Say Y here to get to see options for hardware crypto devices and
	  processors. This option alone does not add any kernel code.

	  If you say N, all options in this submenu will be skipped and disabled.

if CRYPTO_HW

config CRYPTO_DEV_PADLOCK
	tristate "Support for VIA PadLock ACE"
	depends on X86 && !UML
	help
	  Some VIA processors come with an integrated crypto engine
	  (so called VIA PadLock ACE, Advanced Cryptography Engine)
	  that provides instructions for very fast cryptographic
	  operations with supported algorithms.
	  
	  The instructions are used only when the CPU supports them.
	  Otherwise software encryption is used.

config CRYPTO_DEV_PADLOCK_AES
	tristate "PadLock driver for AES algorithm"
	depends on CRYPTO_DEV_PADLOCK
	select CRYPTO_BLKCIPHER
	select CRYPTO_AES
	help
	  Use VIA PadLock for AES algorithm.

	  Available in VIA C3 and newer CPUs.

	  If unsure say M. The compiled module will be
	  called padlock-aes.

config CRYPTO_DEV_PADLOCK_SHA
	tristate "PadLock driver for SHA1 and SHA256 algorithms"
	depends on CRYPTO_DEV_PADLOCK
	select CRYPTO_HASH
	select CRYPTO_SHA1
	select CRYPTO_SHA256
	help
	  Use VIA PadLock for SHA1/SHA256 algorithms.

	  Available in VIA C7 and newer processors.

	  If unsure say M. The compiled module will be
	  called padlock-sha.

config CRYPTO_DEV_GEODE
	tristate "Support for the Geode LX AES engine"
	depends on X86_32 && PCI
	select CRYPTO_ALGAPI
	select CRYPTO_BLKCIPHER
	help
	  Say 'Y' here to use the AMD Geode LX processor on-board AES
	  engine for the CryptoAPI AES algorithm.

	  To compile this driver as a module, choose M here: the module
	  will be called geode-aes.

config ZCRYPT
	tristate "Support for PCI-attached cryptographic adapters"
	depends on S390
	select ZCRYPT_MONOLITHIC if ZCRYPT="y"
	select HW_RANDOM
	help
	  Select this option if you want to use a PCI-attached cryptographic
	  adapter like:
	  + PCI Cryptographic Accelerator (PCICA)
	  + PCI Cryptographic Coprocessor (PCICC)
	  + PCI-X Cryptographic Coprocessor (PCIXCC)
	  + Crypto Express2 Coprocessor (CEX2C)
	  + Crypto Express2 Accelerator (CEX2A)

config ZCRYPT_MONOLITHIC
	bool "Monolithic zcrypt module"
	depends on ZCRYPT="m"
	help
	  Select this option if you want to have a single module z90crypt,
	  that contains all parts of the crypto device driver (ap bus,
	  request router and all the card drivers).

config CRYPTO_SHA1_S390
	tristate "SHA1 digest algorithm"
	depends on S390
	select CRYPTO_HASH
	help
	  This is the s390 hardware accelerated implementation of the
	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).

config CRYPTO_SHA256_S390
	tristate "SHA256 digest algorithm"
	depends on S390
	select CRYPTO_HASH
	help
	  This is the s390 hardware accelerated implementation of the
	  SHA256 secure hash standard (DFIPS 180-2).

	  This version of SHA implements a 256 bit hash with 128 bits of
	  security against collision attacks.

config CRYPTO_SHA512_S390
	tristate "SHA384 and SHA512 digest algorithm"
	depends on S390
	select CRYPTO_HASH
	help
	  This is the s390 hardware accelerated implementation of the
	  SHA512 secure hash standard.

	  This version of SHA implements a 512 bit hash with 256 bits of
	  security against collision attacks. The code also includes SHA-384,
	  a 384 bit hash with 192 bits of security against collision attacks.


config CRYPTO_DES_S390
	tristate "DES and Triple DES cipher algorithms"
	depends on S390
	select CRYPTO_ALGAPI
	select CRYPTO_BLKCIPHER
	help
	  This us the s390 hardware accelerated implementation of the
	  DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).

config CRYPTO_AES_S390
	tristate "AES cipher algorithms"
	depends on S390
	select CRYPTO_ALGAPI
	select CRYPTO_BLKCIPHER
	help
	  This is the s390 hardware accelerated implementation of the
	  AES cipher algorithms (FIPS-197). AES uses the Rijndael
	  algorithm.

	  Rijndael appears to be consistently a very good performer in
	  both hardware and software across a wide range of computing
	  environments regardless of its use in feedback or non-feedback
	  modes. Its key setup time is excellent, and its key agility is
	  good. Rijndael's very low memory requirements make it very well
	  suited for restricted-space environments, in which it also
	  demonstrates excellent performance. Rijndael's operations are
	  among the easiest to defend against power and timing attacks.

	  On s390 the System z9-109 currently only supports the key size
	  of 128 bit.

config S390_PRNG
	tristate "Pseudo random number generator device driver"
	depends on S390
	default "m"
	help
	  Select this option if you want to use the s390 pseudo random number
	  generator. The PRNG is part of the cryptographic processor functions
	  and uses triple-DES to generate secure random numbers like the
	  ANSI X9.17 standard. The PRNG is usable via the char device
	  /dev/prandom.

config CRYPTO_DEV_MV_CESA
	tristate "Marvell's Cryptographic Engine"
	depends on PLAT_ORION
	select CRYPTO_ALGAPI
	select CRYPTO_AES
	select CRYPTO_BLKCIPHER2
	help
	  This driver allows you to utilize the Cryptographic Engines and
	  Security Accelerator (CESA) which can be found on the Marvell Orion
	  and Kirkwood SoCs, such as QNAP's TS-209.

	  Currently the driver supports AES in ECB and CBC mode without DMA.

config CRYPTO_DEV_HIFN_795X
	tristate "Driver HIFN 795x crypto accelerator chips"
	select CRYPTO_DES
	select CRYPTO_ALGAPI
	select CRYPTO_BLKCIPHER
	select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG
	depends on PCI
	help
	  This option allows you to have support for HIFN 795x crypto adapters.

config CRYPTO_DEV_HIFN_795X_RNG
	bool "HIFN 795x random number generator"
	depends on CRYPTO_DEV_HIFN_795X
	help
	  Select this option if you want to enable the random number generator
	  on the HIFN 795x crypto adapters.

config CRYPTO_DEV_TALITOS
	tristate "Talitos Freescale Security Engine (SEC)"
	select CRYPTO_ALGAPI
	select CRYPTO_AUTHENC
	select HW_RANDOM
	depends on FSL_SOC
	help
	  Say 'Y' here to use the Freescale Security Engine (SEC)
	  to offload cryptographic algorithm computation.

	  The Freescale SEC is present on PowerQUICC 'E' processors, such
	  as the MPC8349E and MPC8548E.

	  To compile this driver as a module, choose M here: the module
	  will be called talitos.

config CRYPTO_DEV_IXP4XX
	tristate "Driver for IXP4xx crypto hardware acceleration"
	depends on ARCH_IXP4XX
	select CRYPTO_DES
	select CRYPTO_ALGAPI
	select CRYPTO_AUTHENC
	select CRYPTO_BLKCIPHER
	help
	  Driver for the IXP4xx NPE crypto engine.

config CRYPTO_DEV_PPC4XX
	tristate "Driver AMCC PPC4xx crypto accelerator"
	depends on PPC && 4xx
	select CRYPTO_HASH
	select CRYPTO_ALGAPI
	select CRYPTO_BLKCIPHER
	help
	  This option allows you to have support for AMCC crypto acceleration.

endif # CRYPTO_HW