Commit e3d2eadd authored by Robert Elliott's avatar Robert Elliott Committed by Herbert Xu

crypto: Kconfig - simplify aead entries

Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
  "hardware acceleration", or "optimized"

Simplify help text descriptions, update references, and ensure that
https references are still valid.
Signed-off-by: default avatarRobert Elliott <elliott@hpe.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent ec84348d
......@@ -360,12 +360,16 @@ config CRYPTO_CHACHA20_X86_64
XChaCha20, and XChaCha12 stream ciphers.
config CRYPTO_AEGIS128_AESNI_SSE2
tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
tristate "AEAD ciphers: AEGIS-128 (AES-NI/SSE2)"
depends on X86 && 64BIT
select CRYPTO_AEAD
select CRYPTO_SIMD
help
AESNI+SSE2 implementation of the AEGIS-128 dedicated AEAD algorithm.
AEGIS-128 AEAD algorithm
Architecture: x86_64 using:
- AES-NI (AES New Instructions)
- SSE2 (Streaming SIMD Extensions 2)
config CRYPTO_NHPOLY1305_SSE2
tristate "NHPoly1305 hash function (x86_64 SSE2 implementation)"
......
......@@ -779,49 +779,54 @@ endmenu
menu "AEAD (authenticated encryption with associated data) ciphers"
config CRYPTO_AEGIS128
tristate "AEGIS-128 AEAD algorithm"
tristate "AEGIS-128"
select CRYPTO_AEAD
select CRYPTO_AES # for AES S-box tables
help
Support for the AEGIS-128 dedicated AEAD algorithm.
AEGIS-128 AEAD algorithm
config CRYPTO_AEGIS128_SIMD
bool "Support SIMD acceleration for AEGIS-128"
bool "AEGIS-128 (arm NEON, arm64 NEON)"
depends on CRYPTO_AEGIS128 && ((ARM || ARM64) && KERNEL_MODE_NEON)
default y
help
AEGIS-128 AEAD algorithm
Architecture: arm or arm64 using:
- NEON (Advanced SIMD) extension
config CRYPTO_CHACHA20POLY1305
tristate "ChaCha20-Poly1305 AEAD support"
tristate "ChaCha20-Poly1305"
select CRYPTO_CHACHA20
select CRYPTO_POLY1305
select CRYPTO_AEAD
select CRYPTO_MANAGER
help
ChaCha20-Poly1305 AEAD support, RFC7539.
Support for the AEAD wrapper using the ChaCha20 stream cipher combined
with the Poly1305 authenticator. It is defined in RFC7539 for use in
IETF protocols.
ChaCha20 stream cipher and Poly1305 authenticator combined
mode (RFC8439)
config CRYPTO_CCM
tristate "CCM support"
tristate "CCM (Counter with Cipher Block Chaining-Message Authentication Code)"
select CRYPTO_CTR
select CRYPTO_HASH
select CRYPTO_AEAD
select CRYPTO_MANAGER
help
Support for Counter with CBC MAC. Required for IPsec.
CCM (Counter with Cipher Block Chaining-Message Authentication Code)
authenticated encryption mode (NIST SP800-38C)
config CRYPTO_GCM
tristate "GCM/GMAC support"
tristate "GCM (Galois/Counter Mode) and GMAC (GCM Message Authentication Code)"
select CRYPTO_CTR
select CRYPTO_AEAD
select CRYPTO_GHASH
select CRYPTO_NULL
select CRYPTO_MANAGER
help
Support for Galois/Counter Mode (GCM) and Galois Message
Authentication Code (GMAC). Required for IPSec.
GCM (Galois/Counter Mode) authenticated encryption mode and GMAC
(GCM Message Authentication Code) (NIST SP800-38D)
This is required for IPSec ESP (XFRM_ESP).
config CRYPTO_SEQIV
tristate "Sequence Number IV Generator"
......@@ -831,8 +836,12 @@ config CRYPTO_SEQIV
select CRYPTO_RNG_DEFAULT
select CRYPTO_MANAGER
help
Sequence Number IV generator
This IV generator generates an IV based on a sequence number by
xoring it with a salt. This algorithm is mainly useful for CTR
xoring it with a salt. This algorithm is mainly useful for CTR.
This is required for IPsec ESP (XFRM_ESP).
config CRYPTO_ECHAINIV
tristate "Encrypted Chain IV Generator"
......@@ -841,16 +850,19 @@ config CRYPTO_ECHAINIV
select CRYPTO_RNG_DEFAULT
select CRYPTO_MANAGER
help
Encrypted Chain IV generator
This IV generator generates an IV based on the encryption of
a sequence number xored with a salt. This is the default
algorithm for CBC.
config CRYPTO_ESSIV
tristate "ESSIV support for block encryption"
tristate "Encrypted Salt-Sector IV Generator"
select CRYPTO_AUTHENC
help
Encrypted salt-sector initialization vector (ESSIV) is an IV
generation method that is used in some cases by fscrypt and/or
Encrypted Salt-Sector IV generator
This IV generator is used in some cases by fscrypt and/or
dm-crypt. It uses the hash of the block encryption key as the
symmetric key for a block encryption pass applied to the input
IV, making low entropy IV sources more suitable for block
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment