Commit cf514b2a authored by Robert Elliott's avatar Robert Elliott Committed by Herbert Xu

crypto: Kconfig - simplify cipher entries

Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
  "hardware acceleration", or "optimized"

Simplify help text descriptions, update references, and ensure that
https references are still valid.
Signed-off-by: default avatarRobert Elliott <elliott@hpe.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 9bc51715
...@@ -144,11 +144,13 @@ config CRYPTO_SHA512_ARM ...@@ -144,11 +144,13 @@ config CRYPTO_SHA512_ARM
- NEON (Advanced SIMD) extensions - NEON (Advanced SIMD) extensions
config CRYPTO_AES_ARM config CRYPTO_AES_ARM
tristate "Scalar AES cipher for ARM" tristate "Ciphers: AES"
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_AES select CRYPTO_AES
help help
Use optimized AES assembler routines for ARM platforms. Block ciphers: AES cipher algorithms (FIPS-197)
Architecture: arm
On ARM processors without the Crypto Extensions, this is the On ARM processors without the Crypto Extensions, this is the
fastest AES implementation for single blocks. For multiple fastest AES implementation for single blocks. For multiple
...@@ -160,7 +162,7 @@ config CRYPTO_AES_ARM ...@@ -160,7 +162,7 @@ config CRYPTO_AES_ARM
such attacks very difficult. such attacks very difficult.
config CRYPTO_AES_ARM_BS config CRYPTO_AES_ARM_BS
tristate "Bit sliced AES using NEON instructions" tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (bit-sliced NEON)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_LIB_AES select CRYPTO_LIB_AES
...@@ -168,8 +170,13 @@ config CRYPTO_AES_ARM_BS ...@@ -168,8 +170,13 @@ config CRYPTO_AES_ARM_BS
select CRYPTO_CBC select CRYPTO_CBC
select CRYPTO_SIMD select CRYPTO_SIMD
help help
Use a faster and more secure NEON based implementation of AES in CBC, Length-preserving ciphers: AES cipher algorithms (FIPS-197)
CTR and XTS modes with block cipher modes:
- ECB (Electronic Codebook) mode (NIST SP800-38A)
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
- CTR (Counter) mode (NIST SP800-38A)
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
and IEEE 1619)
Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
and for XTS mode encryption, CBC and XTS mode decryption speedup is and for XTS mode encryption, CBC and XTS mode decryption speedup is
...@@ -178,19 +185,34 @@ config CRYPTO_AES_ARM_BS ...@@ -178,19 +185,34 @@ config CRYPTO_AES_ARM_BS
believed to be invulnerable to cache timing attacks. believed to be invulnerable to cache timing attacks.
config CRYPTO_AES_ARM_CE config CRYPTO_AES_ARM_CE
tristate "Accelerated AES using ARMv8 Crypto Extensions" tristate "Ciphers: AES, modes: ECB/CBC/CTS/CTR/XTS (ARMv8 Crypto Extensions)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_LIB_AES select CRYPTO_LIB_AES
select CRYPTO_SIMD select CRYPTO_SIMD
help help
Use an implementation of AES in CBC, CTR and XTS modes that uses Length-preserving ciphers: AES cipher algorithms (FIPS-197)
ARMv8 Crypto Extensions with block cipher modes:
- ECB (Electronic Codebook) mode (NIST SP800-38A)
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
- CTR (Counter) mode (NIST SP800-38A)
- CTS (Cipher Text Stealing) mode (NIST SP800-38A)
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
and IEEE 1619)
Architecture: arm using:
- ARMv8 Crypto Extensions
config CRYPTO_CHACHA20_NEON config CRYPTO_CHACHA20_NEON
tristate "NEON and scalar accelerated ChaCha stream cipher algorithms" tristate "Ciphers: ChaCha20, XChaCha20, XChaCha12 (NEON)"
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_ARCH_HAVE_LIB_CHACHA select CRYPTO_ARCH_HAVE_LIB_CHACHA
help
Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12
stream cipher algorithms
Architecture: arm using:
- NEON (Advanced SIMD) extensions
config CRYPTO_CRC32_ARM_CE config CRYPTO_CRC32_ARM_CE
tristate "CRC32C and CRC32" tristate "CRC32C and CRC32"
......
...@@ -118,66 +118,155 @@ config CRYPTO_POLYVAL_ARM64_CE ...@@ -118,66 +118,155 @@ config CRYPTO_POLYVAL_ARM64_CE
- ARMv8 Crypto Extensions - ARMv8 Crypto Extensions
config CRYPTO_AES_ARM64 config CRYPTO_AES_ARM64
tristate "AES core cipher using scalar instructions" tristate "Ciphers: AES, modes: ECB, CBC, CTR, CTS, XCTR, XTS"
select CRYPTO_AES select CRYPTO_AES
help
Block ciphers: AES cipher algorithms (FIPS-197)
Length-preserving ciphers: AES with ECB, CBC, CTR, CTS,
XCTR, and XTS modes
AEAD cipher: AES with CBC, ESSIV, and SHA-256
for fscrypt and dm-crypt
Architecture: arm64
config CRYPTO_AES_ARM64_CE config CRYPTO_AES_ARM64_CE
tristate "AES core cipher using ARMv8 Crypto Extensions" tristate "Ciphers: AES (ARMv8 Crypto Extensions)"
depends on ARM64 && KERNEL_MODE_NEON depends on ARM64 && KERNEL_MODE_NEON
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_LIB_AES select CRYPTO_LIB_AES
help
Block ciphers: AES cipher algorithms (FIPS-197)
Architecture: arm64 using:
- ARMv8 Crypto Extensions
config CRYPTO_AES_ARM64_CE_BLK config CRYPTO_AES_ARM64_CE_BLK
tristate "AES in ECB/CBC/CTR/XTS/XCTR modes using ARMv8 Crypto Extensions" tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (ARMv8 Crypto Extensions)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_AES_ARM64_CE select CRYPTO_AES_ARM64_CE
help
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
with block cipher modes:
- ECB (Electronic Codebook) mode (NIST SP800-38A)
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
- CTR (Counter) mode (NIST SP800-38A)
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
and IEEE 1619)
Architecture: arm64 using:
- ARMv8 Crypto Extensions
config CRYPTO_AES_ARM64_NEON_BLK config CRYPTO_AES_ARM64_NEON_BLK
tristate "AES in ECB/CBC/CTR/XTS/XCTR modes using NEON instructions" tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (NEON)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_LIB_AES select CRYPTO_LIB_AES
help
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
with block cipher modes:
- ECB (Electronic Codebook) mode (NIST SP800-38A)
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
- CTR (Counter) mode (NIST SP800-38A)
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
and IEEE 1619)
Architecture: arm64 using:
- NEON (Advanced SIMD) extensions
config CRYPTO_CHACHA20_NEON config CRYPTO_CHACHA20_NEON
tristate "ChaCha20, XChaCha20, and XChaCha12 stream ciphers using NEON instructions" tristate "Ciphers: ChaCha (NEON)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_LIB_CHACHA_GENERIC select CRYPTO_LIB_CHACHA_GENERIC
select CRYPTO_ARCH_HAVE_LIB_CHACHA select CRYPTO_ARCH_HAVE_LIB_CHACHA
help
Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12
stream cipher algorithms
Architecture: arm64 using:
- NEON (Advanced SIMD) extensions
config CRYPTO_AES_ARM64_BS config CRYPTO_AES_ARM64_BS
tristate "AES in ECB/CBC/CTR/XTS modes using bit-sliced NEON algorithm" tristate "Ciphers: AES, modes: ECB/CBC/CTR/XCTR/XTS modes (bit-sliced NEON)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_AES_ARM64_NEON_BLK select CRYPTO_AES_ARM64_NEON_BLK
select CRYPTO_LIB_AES select CRYPTO_LIB_AES
help
Length-preserving ciphers: AES cipher algorithms (FIPS-197)
with block cipher modes:
- ECB (Electronic Codebook) mode (NIST SP800-38A)
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
- CTR (Counter) mode (NIST SP800-38A)
- XCTR mode for HCTR2
- XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
and IEEE 1619)
Architecture: arm64 using:
- bit-sliced algorithm
- NEON (Advanced SIMD) extensions
config CRYPTO_SM4_ARM64_CE config CRYPTO_SM4_ARM64_CE
tristate "SM4 symmetric cipher (ARMv8.2 Crypto Extensions)" tristate "Ciphers: SM4 (ARMv8.2 Crypto Extensions)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_SM4 select CRYPTO_SM4
help
Block ciphers: SM4 cipher algorithms (OSCCA GB/T 32907-2016)
Architecture: arm64 using:
- ARMv8.2 Crypto Extensions
- NEON (Advanced SIMD) extensions
config CRYPTO_SM4_ARM64_CE_BLK config CRYPTO_SM4_ARM64_CE_BLK
tristate "SM4 in ECB/CBC/CFB/CTR modes using ARMv8 Crypto Extensions" tristate "Ciphers: SM4, modes: ECB/CBC/CFB/CTR (ARMv8 Crypto Extensions)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_SM4 select CRYPTO_SM4
help
Length-preserving ciphers: SM4 cipher algorithms (OSCCA GB/T 32907-2016)
with block cipher modes:
- ECB (Electronic Codebook) mode (NIST SP800-38A)
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
- CFB (Cipher Feedback) mode (NIST SP800-38A)
- CTR (Counter) mode (NIST SP800-38A)
Architecture: arm64 using:
- ARMv8 Crypto Extensions
- NEON (Advanced SIMD) extensions
config CRYPTO_SM4_ARM64_NEON_BLK config CRYPTO_SM4_ARM64_NEON_BLK
tristate "SM4 in ECB/CBC/CFB/CTR modes using NEON instructions" tristate "Ciphers: SM4, modes: ECB/CBC/CFB/CTR (NEON)"
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_SM4 select CRYPTO_SM4
help
Length-preserving ciphers: SM4 cipher algorithms (OSCCA GB/T 32907-2016)
with block cipher modes:
- ECB (Electronic Codebook) mode (NIST SP800-38A)
- CBC (Cipher Block Chaining) mode (NIST SP800-38A)
- CFB (Cipher Feedback) mode (NIST SP800-38A)
- CTR (Counter) mode (NIST SP800-38A)
Architecture: arm64 using:
- NEON (Advanced SIMD) extensions
config CRYPTO_AES_ARM64_CE_CCM config CRYPTO_AES_ARM64_CE_CCM
tristate "AES in CCM mode using ARMv8 Crypto Extensions" tristate "AEAD cipher: AES in CCM mode (ARMv8 Crypto Extensions)"
depends on ARM64 && KERNEL_MODE_NEON depends on ARM64 && KERNEL_MODE_NEON
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_AES_ARM64_CE select CRYPTO_AES_ARM64_CE
select CRYPTO_AEAD select CRYPTO_AEAD
select CRYPTO_LIB_AES select CRYPTO_LIB_AES
help
AEAD cipher: AES cipher algorithms (FIPS-197) with
CCM (Counter with Cipher Block Chaining-Message Authentication Code)
authenticated encryption mode (NIST SP800-38C)
Architecture: arm64 using:
- ARMv8 Crypto Extensions
- NEON (Advanced SIMD) extensions
config CRYPTO_CRCT10DIF_ARM64_CE config CRYPTO_CRCT10DIF_ARM64_CE
tristate "CRCT10DIF (PMULL)" tristate "CRCT10DIF (PMULL)"
......
...@@ -61,9 +61,14 @@ config CRYPTO_SHA512_OCTEON ...@@ -61,9 +61,14 @@ config CRYPTO_SHA512_OCTEON
Architecture: mips OCTEON using crypto instructions, when available Architecture: mips OCTEON using crypto instructions, when available
config CRYPTO_CHACHA_MIPS config CRYPTO_CHACHA_MIPS
tristate "ChaCha stream cipher algorithms (MIPS 32r2 optimized)" tristate "Ciphers: ChaCha20, XChaCha20, XChaCha12 (MIPS32r2)"
depends on CPU_MIPS32_R2 depends on CPU_MIPS32_R2
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_ARCH_HAVE_LIB_CHACHA select CRYPTO_ARCH_HAVE_LIB_CHACHA
help
Length-preserving ciphers: ChaCha20, XChaCha20, and XChaCha12
stream cipher algorithms
Architecture: MIPS32r2
endmenu endmenu
...@@ -73,12 +73,20 @@ config CRYPTO_SHA256_PPC_SPE ...@@ -73,12 +73,20 @@ config CRYPTO_SHA256_PPC_SPE
- SPE (Signal Processing Engine) extensions - SPE (Signal Processing Engine) extensions
config CRYPTO_AES_PPC_SPE config CRYPTO_AES_PPC_SPE
tristate "AES cipher algorithms (PPC SPE)" tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (SPE)"
depends on PPC && SPE depends on PPC && SPE
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
help help
AES cipher algorithms (FIPS-197). Additionally the acceleration Block ciphers: AES cipher algorithms (FIPS-197)
for popular block cipher modes ECB, CBC, CTR and XTS is supported. Length-preserving ciphers: AES with ECB, CBC, CTR, and XTS modes
Architecture: powerpc using:
- SPE (Signal Processing Engine) extensions
SPE is available for:
- Processor Type: Freescale 8500
- CPU selection: e500 (8540)
This module should only be used for low power (router) devices This module should only be used for low power (router) devices
without hardware AES acceleration (e.g. caam crypto). It reduces the without hardware AES acceleration (e.g. caam crypto). It reduces the
size of the AES tables from 16KB to 8KB + 256 bytes and mitigates size of the AES tables from 16KB to 8KB + 256 bytes and mitigates
......
...@@ -81,44 +81,54 @@ config CRYPTO_GHASH_S390 ...@@ -81,44 +81,54 @@ config CRYPTO_GHASH_S390
It is available as of z196. It is available as of z196.
config CRYPTO_AES_S390 config CRYPTO_AES_S390
tristate "AES cipher algorithms" tristate "Ciphers: AES, modes: ECB, CBC, CTR, XTS, GCM"
depends on S390 depends on S390
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
help help
This is the s390 hardware accelerated implementation of the Block cipher: AES cipher algorithms (FIPS 197)
AES cipher algorithms (FIPS-197). AEAD cipher: AES with GCM
Length-preserving ciphers: AES with ECB, CBC, XTS, and CTR modes
Architecture: s390
As of z9 the ECB and CBC modes are hardware accelerated As of z9 the ECB and CBC modes are hardware accelerated
for 128 bit keys. for 128 bit keys.
As of z10 the ECB and CBC modes are hardware accelerated As of z10 the ECB and CBC modes are hardware accelerated
for all AES key sizes. for all AES key sizes.
As of z196 the CTR mode is hardware accelerated for all AES As of z196 the CTR mode is hardware accelerated for all AES
key sizes and XTS mode is hardware accelerated for 256 and key sizes and XTS mode is hardware accelerated for 256 and
512 bit keys. 512 bit keys.
config CRYPTO_DES_S390 config CRYPTO_DES_S390
tristate "DES and Triple DES cipher algorithms" tristate "Ciphers: DES and Triple DES EDE, modes: ECB, CBC, CTR"
depends on S390 depends on S390
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_LIB_DES select CRYPTO_LIB_DES
help help
This is the s390 hardware accelerated implementation of the Block ciphers: DES (FIPS 46-2) cipher algorithm
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). Block ciphers: Triple DES EDE (FIPS 46-3) cipher algorithm
Length-preserving ciphers: DES with ECB, CBC, and CTR modes
Length-preserving ciphers: Triple DES EDED with ECB, CBC, and CTR modes
Architecture: s390
As of z990 the ECB and CBC mode are hardware accelerated. As of z990 the ECB and CBC mode are hardware accelerated.
As of z196 the CTR mode is hardware accelerated. As of z196 the CTR mode is hardware accelerated.
config CRYPTO_CHACHA_S390 config CRYPTO_CHACHA_S390
tristate "ChaCha20 stream cipher" tristate "Ciphers: ChaCha20"
depends on S390 depends on S390
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
select CRYPTO_LIB_CHACHA_GENERIC select CRYPTO_LIB_CHACHA_GENERIC
select CRYPTO_ARCH_HAVE_LIB_CHACHA select CRYPTO_ARCH_HAVE_LIB_CHACHA
help help
This is the s390 SIMD implementation of the ChaCha20 stream Length-preserving cipher: ChaCha20 stream cipher (RFC 7539)
cipher (RFC 7539).
Architecture: s390
It is available as of z13. It is available as of z13.
......
...@@ -3,14 +3,18 @@ ...@@ -3,14 +3,18 @@
menu "Accelerated Cryptographic Algorithms for CPU (sparc64)" menu "Accelerated Cryptographic Algorithms for CPU (sparc64)"
config CRYPTO_DES_SPARC64 config CRYPTO_DES_SPARC64
tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" tristate "Ciphers: DES and Triple DES EDE, modes: ECB/CBC"
depends on SPARC64 depends on SPARC64
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_LIB_DES select CRYPTO_LIB_DES
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
help help
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), Block cipher: DES (FIPS 46-2) cipher algorithm
optimized using SPARC64 crypto opcodes. Block cipher: Triple DES EDE (FIPS 46-3) cipher algorithm
Length-preserving ciphers: DES with ECB and CBC modes
Length-preserving ciphers: Tripe DES EDE with ECB and CBC modes
Architecture: sparc64
config CRYPTO_CRC32C_SPARC64 config CRYPTO_CRC32C_SPARC64
tristate "CRC32c" tristate "CRC32c"
...@@ -63,46 +67,24 @@ config CRYPTO_SHA512_SPARC64 ...@@ -63,46 +67,24 @@ config CRYPTO_SHA512_SPARC64
Architecture: sparc64 using crypto instructions, when available Architecture: sparc64 using crypto instructions, when available
config CRYPTO_AES_SPARC64 config CRYPTO_AES_SPARC64
tristate "AES cipher algorithms (SPARC64)" tristate "Ciphers: AES, modes: ECB, CBC, CTR"
depends on SPARC64 depends on SPARC64
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
help help
Use SPARC64 crypto opcodes for AES algorithm. Block ciphers: AES cipher algorithms (FIPS-197)
Length-preseving ciphers: AES with ECB, CBC, and CTR modes
AES cipher algorithms (FIPS-197). AES uses the Rijndael
algorithm.
Rijndael appears to be consistently a very good performer in
both hardware and software across a wide range of computing
environments regardless of its use in feedback or non-feedback
modes. Its key setup time is excellent, and its key agility is
good. Rijndael's very low memory requirements make it very well
suited for restricted-space environments, in which it also
demonstrates excellent performance. Rijndael's operations are
among the easiest to defend against power and timing attacks.
The AES specifies three key sizes: 128, 192 and 256 bits
See <http://csrc.nist.gov/encryption/aes/> for more information. Architecture: sparc64 using crypto instructions
In addition to AES cipher algorithm support, the acceleration
for some popular block cipher mode is supported too, including
ECB and CBC.
config CRYPTO_CAMELLIA_SPARC64 config CRYPTO_CAMELLIA_SPARC64
tristate "Camellia cipher algorithm (SPARC64)" tristate "Ciphers: Camellia, modes: ECB, CBC"
depends on SPARC64 depends on SPARC64
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
select CRYPTO_SKCIPHER select CRYPTO_SKCIPHER
help help
Camellia cipher algorithm module (SPARC64). Block ciphers: Camellia cipher algorithms
Length-preserving ciphers: Camellia with ECB and CBC modes
Camellia is a symmetric key block cipher developed jointly
at NTT and Mitsubishi Electric Corporation.
The Camellia specifies three key sizes: 128, 192 and 256 bits. Architecture: sparc64
See also:
<https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
endmenu endmenu
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment