diff options
author | Robert Elliott <elliott@hpe.com> | 2022-08-20 21:41:47 +0300 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2022-08-26 13:50:42 +0300 |
commit | e3d2eadd06b39b69fbbc27de8e3ac2db022e8616 (patch) | |
tree | c86337768c68195b27b0132546bb1aa6e5bfcc1e | |
parent | ec84348da449d96ce5be47f7d00221cb8374f462 (diff) | |
download | linux-e3d2eadd06b39b69fbbc27de8e3ac2db022e8616.tar.xz |
crypto: Kconfig - simplify aead entries
Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
"hardware acceleration", or "optimized"
Simplify help text descriptions, update references, and ensure that
https references are still valid.
Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r-- | arch/x86/crypto/Kconfig | 8 | ||||
-rw-r--r-- | crypto/Kconfig | 48 |
2 files changed, 36 insertions, 20 deletions
diff --git a/arch/x86/crypto/Kconfig b/arch/x86/crypto/Kconfig index 03f9a3a35e42..93de2684b3dc 100644 --- a/arch/x86/crypto/Kconfig +++ b/arch/x86/crypto/Kconfig @@ -360,12 +360,16 @@ config CRYPTO_CHACHA20_X86_64 XChaCha20, and XChaCha12 stream ciphers. config CRYPTO_AEGIS128_AESNI_SSE2 - tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)" + tristate "AEAD ciphers: AEGIS-128 (AES-NI/SSE2)" depends on X86 && 64BIT select CRYPTO_AEAD select CRYPTO_SIMD help - AESNI+SSE2 implementation of the AEGIS-128 dedicated AEAD algorithm. + AEGIS-128 AEAD algorithm + + Architecture: x86_64 using: + - AES-NI (AES New Instructions) + - SSE2 (Streaming SIMD Extensions 2) config CRYPTO_NHPOLY1305_SSE2 tristate "NHPoly1305 hash function (x86_64 SSE2 implementation)" diff --git a/crypto/Kconfig b/crypto/Kconfig index 6dea21229376..5159a0efec84 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -779,49 +779,54 @@ endmenu menu "AEAD (authenticated encryption with associated data) ciphers" config CRYPTO_AEGIS128 - tristate "AEGIS-128 AEAD algorithm" + tristate "AEGIS-128" select CRYPTO_AEAD select CRYPTO_AES # for AES S-box tables help - Support for the AEGIS-128 dedicated AEAD algorithm. + AEGIS-128 AEAD algorithm config CRYPTO_AEGIS128_SIMD - bool "Support SIMD acceleration for AEGIS-128" + bool "AEGIS-128 (arm NEON, arm64 NEON)" depends on CRYPTO_AEGIS128 && ((ARM || ARM64) && KERNEL_MODE_NEON) default y + help + AEGIS-128 AEAD algorithm + + Architecture: arm or arm64 using: + - NEON (Advanced SIMD) extension config CRYPTO_CHACHA20POLY1305 - tristate "ChaCha20-Poly1305 AEAD support" + tristate "ChaCha20-Poly1305" select CRYPTO_CHACHA20 select CRYPTO_POLY1305 select CRYPTO_AEAD select CRYPTO_MANAGER help - ChaCha20-Poly1305 AEAD support, RFC7539. - - Support for the AEAD wrapper using the ChaCha20 stream cipher combined - with the Poly1305 authenticator. It is defined in RFC7539 for use in - IETF protocols. + ChaCha20 stream cipher and Poly1305 authenticator combined + mode (RFC8439) config CRYPTO_CCM - tristate "CCM support" + tristate "CCM (Counter with Cipher Block Chaining-Message Authentication Code)" select CRYPTO_CTR select CRYPTO_HASH select CRYPTO_AEAD select CRYPTO_MANAGER help - Support for Counter with CBC MAC. Required for IPsec. + CCM (Counter with Cipher Block Chaining-Message Authentication Code) + authenticated encryption mode (NIST SP800-38C) config CRYPTO_GCM - tristate "GCM/GMAC support" + tristate "GCM (Galois/Counter Mode) and GMAC (GCM Message Authentication Code)" select CRYPTO_CTR select CRYPTO_AEAD select CRYPTO_GHASH select CRYPTO_NULL select CRYPTO_MANAGER help - Support for Galois/Counter Mode (GCM) and Galois Message - Authentication Code (GMAC). Required for IPSec. + GCM (Galois/Counter Mode) authenticated encryption mode and GMAC + (GCM Message Authentication Code) (NIST SP800-38D) + + This is required for IPSec ESP (XFRM_ESP). config CRYPTO_SEQIV tristate "Sequence Number IV Generator" @@ -831,8 +836,12 @@ config CRYPTO_SEQIV select CRYPTO_RNG_DEFAULT select CRYPTO_MANAGER help + Sequence Number IV generator + This IV generator generates an IV based on a sequence number by - xoring it with a salt. This algorithm is mainly useful for CTR + xoring it with a salt. This algorithm is mainly useful for CTR. + + This is required for IPsec ESP (XFRM_ESP). config CRYPTO_ECHAINIV tristate "Encrypted Chain IV Generator" @@ -841,16 +850,19 @@ config CRYPTO_ECHAINIV select CRYPTO_RNG_DEFAULT select CRYPTO_MANAGER help + Encrypted Chain IV generator + This IV generator generates an IV based on the encryption of a sequence number xored with a salt. This is the default algorithm for CBC. config CRYPTO_ESSIV - tristate "ESSIV support for block encryption" + tristate "Encrypted Salt-Sector IV Generator" select CRYPTO_AUTHENC help - Encrypted salt-sector initialization vector (ESSIV) is an IV - generation method that is used in some cases by fscrypt and/or + Encrypted Salt-Sector IV generator + + This IV generator is used in some cases by fscrypt and/or dm-crypt. It uses the hash of the block encryption key as the symmetric key for a block encryption pass applied to the input IV, making low entropy IV sources more suitable for block |