Lines Matching +full:custom +full:- +full:output +full:- +full:range +full:- +full:config
1 # SPDX-License-Identifier: GPL-2.0
5 config XOR_BLOCKS
26 config CRYPTO_FIPS
36 config CRYPTO_FIPS_NAME
44 config CRYPTO_FIPS_CUSTOM_VERSION
45 bool "Use Custom FIPS Module Version"
49 config CRYPTO_FIPS_VERSION
57 config CRYPTO_ALGAPI
63 config CRYPTO_ALGAPI2
66 config CRYPTO_AEAD
71 config CRYPTO_AEAD2
75 config CRYPTO_SIG
80 config CRYPTO_SIG2
84 config CRYPTO_SKCIPHER
90 config CRYPTO_SKCIPHER2
94 config CRYPTO_HASH
99 config CRYPTO_HASH2
103 config CRYPTO_RNG
108 config CRYPTO_RNG2
112 config CRYPTO_RNG_DEFAULT
116 config CRYPTO_AKCIPHER2
120 config CRYPTO_AKCIPHER
125 config CRYPTO_KPP2
129 config CRYPTO_KPP
134 config CRYPTO_ACOMP2
139 config CRYPTO_ACOMP
144 config CRYPTO_MANAGER
151 config CRYPTO_MANAGER2
162 config CRYPTO_USER
170 config CRYPTO_MANAGER_DISABLE_TESTS
171 bool "Disable run-time self tests"
174 Disable run-time self tests that normally take place at
177 config CRYPTO_MANAGER_EXTRA_TESTS
178 bool "Enable extra run-time crypto self tests"
181 Enable extra run-time self tests of registered crypto algorithms,
187 config CRYPTO_NULL
193 config CRYPTO_NULL2
199 config CRYPTO_PCRYPT
209 config CRYPTO_CRYPTD
219 config CRYPTO_AUTHENC
231 config CRYPTO_TEST
238 config CRYPTO_SIMD
242 config CRYPTO_ENGINE
247 menu "Public-key cryptography"
249 config CRYPTO_RSA
250 tristate "RSA (Rivest-Shamir-Adleman)"
256 RSA (Rivest-Shamir-Adleman) public key algorithm (RFC8017)
258 config CRYPTO_DH
259 tristate "DH (Diffie-Hellman)"
263 DH (Diffie-Hellman) key exchange algorithm
265 config CRYPTO_DH_RFC7919_GROUPS
270 FFDHE (Finite-Field-based Diffie-Hellman Ephemeral) groups
273 Support these finite-field groups in DH key exchanges:
274 - ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192
278 config CRYPTO_ECC
282 config CRYPTO_ECDH
283 tristate "ECDH (Elliptic Curve Diffie-Hellman)"
287 ECDH (Elliptic Curve Diffie-Hellman) key exchange algorithm
288 using curves P-192, P-256, and P-384 (FIPS 186)
290 config CRYPTO_ECDSA
297 ISO/IEC 14888-3)
298 using curves P-192, P-256, and P-384
302 config CRYPTO_ECRDSA
303 tristate "EC-RDSA (Elliptic Curve Russian Digital Signature Algorithm)"
310 Elliptic Curve Russian Digital Signature Algorithm (GOST R 34.10-2012,
311 RFC 7091, ISO/IEC 14888-3)
316 config CRYPTO_CURVE25519
327 config CRYPTO_AES
332 AES cipher algorithms (Rijndael)(FIPS-197, ISO/IEC 18033-3)
335 both hardware and software across a wide range of computing
336 environments regardless of its use in feedback or non-feedback
339 suited for restricted-space environments, in which it also
345 config CRYPTO_AES_TI
350 AES cipher algorithms (Rijndael)(FIPS-197, ISO/IEC 18033-3)
360 8 for decryption), this implementation only uses just two S-boxes of
366 config CRYPTO_ANUBIS
380 config CRYPTO_ARIA
388 128-bit: 12 rounds.
389 192-bit: 14 rounds.
390 256-bit: 16 rounds.
395 config CRYPTO_BLOWFISH
408 config CRYPTO_BLOWFISH_COMMON
414 config CRYPTO_CAMELLIA
418 Camellia cipher algorithms (ISO/IEC 18033-3)
427 config CRYPTO_CAST_COMMON
433 config CRYPTO_CAST5
434 tristate "CAST5 (CAST-128)"
438 CAST5 (CAST-128) cipher algorithm (RFC2144, ISO/IEC 18033-3)
440 config CRYPTO_CAST6
441 tristate "CAST6 (CAST-256)"
445 CAST6 (CAST-256) encryption algorithm (RFC2612)
447 config CRYPTO_DES
452 DES (Data Encryption Standard)(FIPS 46-2, ISO/IEC 18033-3) and
453 Triple DES EDE (Encrypt/Decrypt/Encrypt) (FIPS 46-3, ISO/IEC 18033-3)
456 config CRYPTO_FCRYPT
463 See https://ota.polyonymo.us/fcrypt-paper.txt
465 config CRYPTO_KHAZAD
473 an algorithm optimized for 64-bit processors with good performance
474 on 32-bit processors. Khazad uses an 128 bit key size.
479 config CRYPTO_SEED
484 SEED cipher algorithm (RFC4269, ISO/IEC 18033-3)
486 SEED is a 128-bit symmetric key block cipher that has been
494 config CRYPTO_SERPENT
505 config CRYPTO_SM4
508 config CRYPTO_SM4_GENERIC
513 SM4 cipher algorithms (OSCCA GB/T 32907-2016,
514 ISO/IEC 18033-3:2010/Amd 1:2021)
516 SM4 (GBT.32907-2016) is a cryptographic standard issued by the
523 (GB.15629.11-2003).
525 The latest SM4 standard (GBT.32907-2016) was proposed by OSCCA and
529 The input, output, and key of SMS4 are each 128 bits.
535 config CRYPTO_TEA
550 Xtendend Encryption Tiny Algorithm is a mis-implementation
553 config CRYPTO_TWOFISH
567 config CRYPTO_TWOFISH_COMMON
575 menu "Length-preserving ciphers and modes"
577 config CRYPTO_ADIANTUM
584 Adiantum tweakable, length-preserving encryption mode
589 an ε-almost-∆-universal hash function, and an invocation of
590 the AES-256 block cipher on a single 16-byte block. On CPUs
592 AES-XTS.
596 bound. Unlike XTS, Adiantum is a true wide-block encryption
602 config CRYPTO_ARC4
611 bits in length. This algorithm is required for driver-based
615 config CRYPTO_CHACHA20
622 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
625 https://cr.yp.to/chacha/chacha-20080128.pdf for further information.
631 https://cr.yp.to/snuffle/xsalsa-20081128.pdf for further information.
635 in some performance-sensitive scenarios.
637 config CRYPTO_CBC
642 CBC (Cipher Block Chaining) mode (NIST SP800-38A)
646 config CRYPTO_CTR
651 CTR (Counter) mode (NIST SP800-38A)
653 config CRYPTO_CTS
658 CBC-CS3 variant of CTS (Cipher Text Stealing) (NIST
659 Addendum to SP800-38A (October 2010))
664 config CRYPTO_ECB
669 ECB (Electronic Codebook) mode (NIST SP800-38A)
671 config CRYPTO_HCTR2
677 HCTR2 length-preserving encryption mode
681 x86 processors with AES-NI and CLMUL, and ARM processors with the
686 config CRYPTO_KEYWRAP
691 KW (AES Key Wrap) authenticated encryption mode (NIST SP800-38F
694 config CRYPTO_LRW
704 narrow block cipher mode for dm-crypt. Use it with cipher
705 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
711 config CRYPTO_PCBC
720 config CRYPTO_XCTR
727 This blockcipher mode is a variant of CTR mode using XORs and little-endian
728 addition rather than big-endian arithmetic.
732 config CRYPTO_XTS
738 XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
741 Use with aes-xts-plain, key size 256, 384 or 512 bits. This
745 config CRYPTO_NHPOLY1305
754 config CRYPTO_AEGIS128
755 tristate "AEGIS-128"
757 select CRYPTO_AES # for AES S-box tables
759 AEGIS-128 AEAD algorithm
761 config CRYPTO_AEGIS128_SIMD
762 bool "AEGIS-128 (arm NEON, arm64 NEON)"
766 AEGIS-128 AEAD algorithm
769 - NEON (Advanced SIMD) extension
771 config CRYPTO_CHACHA20POLY1305
772 tristate "ChaCha20-Poly1305"
781 config CRYPTO_CCM
782 tristate "CCM (Counter with Cipher Block Chaining-MAC)"
788 CCM (Counter with Cipher Block Chaining-Message Authentication Code)
789 authenticated encryption mode (NIST SP800-38C)
791 config CRYPTO_GCM
800 (GCM Message Authentication Code) (NIST SP800-38D)
804 config CRYPTO_GENIV
811 config CRYPTO_SEQIV
822 config CRYPTO_ECHAINIV
832 config CRYPTO_ESSIV
833 tristate "Encrypted Salt-Sector IV Generator"
836 Encrypted Salt-Sector IV generator
839 dm-crypt. It uses the hash of the block encryption key as the
851 associated data (AAD) region (which is how dm-crypt uses it.)
865 config CRYPTO_BLAKE2B
871 BLAKE2b is optimized for 64-bit platforms and can produce digests
875 - blake2b-160
876 - blake2b-256
877 - blake2b-384
878 - blake2b-512
884 config CRYPTO_CMAC
885 tristate "CMAC (Cipher-based MAC)"
889 CMAC (Cipher-based Message Authentication Code) authentication
890 mode (NIST SP800-38B and IETF RFC4493)
892 config CRYPTO_GHASH
897 GCM GHASH function (NIST SP800-38D)
899 config CRYPTO_HMAC
900 tristate "HMAC (Keyed-Hash MAC)"
904 HMAC (Keyed-Hash Message Authentication Code) (FIPS 198 and
909 config CRYPTO_MD4
915 config CRYPTO_MD5
921 config CRYPTO_MICHAEL_MIC
928 known as WPA (Wif-Fi Protected Access).
933 config CRYPTO_POLYVAL
940 This is used in HCTR2. It is not a general-purpose
943 config CRYPTO_POLY1305
951 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
954 config CRYPTO_RMD160
955 tristate "RIPEMD-160"
958 RIPEMD-160 hash function (ISO/IEC 10118-3)
960 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
961 to be used as a secure replacement for the 128-bit hash functions
963 (not to be confused with RIPEMD-128).
965 Its speed is comparable to SHA-1 and there are no known attacks
966 against RIPEMD-160.
972 config CRYPTO_SHA1
973 tristate "SHA-1"
977 SHA-1 secure hash algorithm (FIPS 180, ISO/IEC 10118-3)
979 config CRYPTO_SHA256
980 tristate "SHA-224 and SHA-256"
984 SHA-224 and SHA-256 secure hash algorithms (FIPS 180, ISO/IEC 10118-3)
989 config CRYPTO_SHA512
990 tristate "SHA-384 and SHA-512"
993 SHA-384 and SHA-512 secure hash algorithms (FIPS 180, ISO/IEC 10118-3)
995 config CRYPTO_SHA3
996 tristate "SHA-3"
999 SHA-3 secure hash algorithms (FIPS 202, ISO/IEC 10118-3)
1001 config CRYPTO_SM3
1004 config CRYPTO_SM3_GENERIC
1009 SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012, ISO/IEC 10118-3)
1015 https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
1017 config CRYPTO_STREEBOG
1021 Streebog Hash Function (GOST R 34.11-2012, RFC 6986, ISO/IEC 10118-3)
1025 256 and 512 bits output.
1031 config CRYPTO_VMAC
1037 very high speed on 64-bit architectures.
1041 config CRYPTO_WP512
1045 Whirlpool hash function (ISO/IEC 10118-3)
1047 512, 384 and 256-bit hashes.
1049 Whirlpool-512 is part of the NESSIE cryptographic primitives.
1054 config CRYPTO_XCBC
1055 tristate "XCBC-MAC (Extended Cipher Block Chaining MAC)"
1059 XCBC-MAC (Extended Cipher Block Chaining Message Authentication
1062 config CRYPTO_XXHASH
1067 xxHash non-cryptographic hash algorithm
1077 config CRYPTO_CRC32C
1084 A 32-bit CRC (cyclic redundancy check) with a polynomial defined
1086 Redundancy-Check Codes with 24 and 32 Parity Bits", IEEE Transactions
1092 config CRYPTO_CRC32
1101 config CRYPTO_CRCT10DIF
1109 config CRYPTO_CRC64_ROCKSOFT
1124 config CRYPTO_DEFLATE
1135 config CRYPTO_LZO
1146 config CRYPTO_842
1157 config CRYPTO_LZ4
1168 config CRYPTO_LZ4HC
1179 config CRYPTO_ZSTD
1194 config CRYPTO_ANSI_CPRNG
1206 tristate "NIST SP800-90A DRBG (Deterministic Random Bit Generator)"
1208 DRBG (Deterministic Random Bit Generator) (NIST SP800-90A)
1214 config CRYPTO_DRBG_HMAC
1220 config CRYPTO_DRBG_HASH
1224 Hash_DRBG variant as defined in NIST SP800-90A.
1226 This uses the SHA-1, SHA-256, SHA-384, or SHA-512 hash algorithms.
1228 config CRYPTO_DRBG_CTR
1233 CTR_DRBG variant as defined in NIST SP800-90A.
1237 config CRYPTO_DRBG
1245 config CRYPTO_JITTERENTROPY
1246 tristate "CPU Jitter Non-Deterministic RNG (Random Number Generator)"
1252 A non-physical non-deterministic ("true") RNG (e.g., an entropy source
1253 compliant with NIST SP800-90B) intended to provide a seed to a
1254 deterministic RNG (e.g., per NIST SP800-90C).
1278 config CRYPTO_JITTERENTROPY_MEMSIZE_2
1281 config CRYPTO_JITTERENTROPY_MEMSIZE_128
1284 config CRYPTO_JITTERENTROPY_MEMSIZE_1024
1287 config CRYPTO_JITTERENTROPY_MEMSIZE_8192
1291 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS
1298 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE
1305 config CRYPTO_JITTERENTROPY_OSR
1307 range 1 15
1312 measurements to produce one output block of random numbers. The
1314 generate one output block. Thus, the timing measurement is oversampled
1318 trade-off, however, is that the Jitter RNG now requires more time
1321 config CRYPTO_JITTERENTROPY_TESTINTERFACE
1344 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS
1348 config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE
1352 config CRYPTO_JITTERENTROPY_OSR
1356 config CRYPTO_JITTERENTROPY_TESTINTERFACE
1362 config CRYPTO_KDF800108_CTR
1370 config CRYPTO_USER_API
1373 config CRYPTO_USER_API_HASH
1381 See Documentation/crypto/userspace-if.rst and
1384 config CRYPTO_USER_API_SKCIPHER
1392 See Documentation/crypto/userspace-if.rst and
1395 config CRYPTO_USER_API_RNG
1404 See Documentation/crypto/userspace-if.rst and
1407 config CRYPTO_USER_API_RNG_CAVP
1413 - resetting DRBG entropy
1414 - providing Additional Data
1419 config CRYPTO_USER_API_AEAD
1429 See Documentation/crypto/userspace-if.rst and
1432 config CRYPTO_USER_API_ENABLE_OBSOLETE
1443 config CRYPTO_HASH_INFO