crypto: Kconfig - simplify aead entries

Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
  "hardware acceleration", or "optimized"

Simplify help text descriptions, update references, and ensure that
https references are still valid.

Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Robert Elliott 2022-08-20 13:41:47 -05:00 committed by Herbert Xu
parent ec84348da4
commit e3d2eadd06
2 changed files with 36 additions and 20 deletions

View File

@ -360,12 +360,16 @@ config CRYPTO_CHACHA20_X86_64
XChaCha20, and XChaCha12 stream ciphers. XChaCha20, and XChaCha12 stream ciphers.
config CRYPTO_AEGIS128_AESNI_SSE2 config CRYPTO_AEGIS128_AESNI_SSE2
tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)" tristate "AEAD ciphers: AEGIS-128 (AES-NI/SSE2)"
depends on X86 && 64BIT depends on X86 && 64BIT
select CRYPTO_AEAD select CRYPTO_AEAD
select CRYPTO_SIMD select CRYPTO_SIMD
help help
AESNI+SSE2 implementation of the AEGIS-128 dedicated AEAD algorithm. AEGIS-128 AEAD algorithm
Architecture: x86_64 using:
- AES-NI (AES New Instructions)
- SSE2 (Streaming SIMD Extensions 2)
config CRYPTO_NHPOLY1305_SSE2 config CRYPTO_NHPOLY1305_SSE2
tristate "NHPoly1305 hash function (x86_64 SSE2 implementation)" tristate "NHPoly1305 hash function (x86_64 SSE2 implementation)"

View File

@ -779,49 +779,54 @@ endmenu
menu "AEAD (authenticated encryption with associated data) ciphers" menu "AEAD (authenticated encryption with associated data) ciphers"
config CRYPTO_AEGIS128 config CRYPTO_AEGIS128
tristate "AEGIS-128 AEAD algorithm" tristate "AEGIS-128"
select CRYPTO_AEAD select CRYPTO_AEAD
select CRYPTO_AES # for AES S-box tables select CRYPTO_AES # for AES S-box tables
help help
Support for the AEGIS-128 dedicated AEAD algorithm. AEGIS-128 AEAD algorithm
config CRYPTO_AEGIS128_SIMD config CRYPTO_AEGIS128_SIMD
bool "Support SIMD acceleration for AEGIS-128" bool "AEGIS-128 (arm NEON, arm64 NEON)"
depends on CRYPTO_AEGIS128 && ((ARM || ARM64) && KERNEL_MODE_NEON) depends on CRYPTO_AEGIS128 && ((ARM || ARM64) && KERNEL_MODE_NEON)
default y default y
help
AEGIS-128 AEAD algorithm
Architecture: arm or arm64 using:
- NEON (Advanced SIMD) extension
config CRYPTO_CHACHA20POLY1305 config CRYPTO_CHACHA20POLY1305
tristate "ChaCha20-Poly1305 AEAD support" tristate "ChaCha20-Poly1305"
select CRYPTO_CHACHA20 select CRYPTO_CHACHA20
select CRYPTO_POLY1305 select CRYPTO_POLY1305
select CRYPTO_AEAD select CRYPTO_AEAD
select CRYPTO_MANAGER select CRYPTO_MANAGER
help help
ChaCha20-Poly1305 AEAD support, RFC7539. ChaCha20 stream cipher and Poly1305 authenticator combined
mode (RFC8439)
Support for the AEAD wrapper using the ChaCha20 stream cipher combined
with the Poly1305 authenticator. It is defined in RFC7539 for use in
IETF protocols.
config CRYPTO_CCM config CRYPTO_CCM
tristate "CCM support" tristate "CCM (Counter with Cipher Block Chaining-Message Authentication Code)"
select CRYPTO_CTR select CRYPTO_CTR
select CRYPTO_HASH select CRYPTO_HASH
select CRYPTO_AEAD select CRYPTO_AEAD
select CRYPTO_MANAGER select CRYPTO_MANAGER
help help
Support for Counter with CBC MAC. Required for IPsec. CCM (Counter with Cipher Block Chaining-Message Authentication Code)
authenticated encryption mode (NIST SP800-38C)
config CRYPTO_GCM config CRYPTO_GCM
tristate "GCM/GMAC support" tristate "GCM (Galois/Counter Mode) and GMAC (GCM Message Authentication Code)"
select CRYPTO_CTR select CRYPTO_CTR
select CRYPTO_AEAD select CRYPTO_AEAD
select CRYPTO_GHASH select CRYPTO_GHASH
select CRYPTO_NULL select CRYPTO_NULL
select CRYPTO_MANAGER select CRYPTO_MANAGER
help help
Support for Galois/Counter Mode (GCM) and Galois Message GCM (Galois/Counter Mode) authenticated encryption mode and GMAC
Authentication Code (GMAC). Required for IPSec. (GCM Message Authentication Code) (NIST SP800-38D)
This is required for IPSec ESP (XFRM_ESP).
config CRYPTO_SEQIV config CRYPTO_SEQIV
tristate "Sequence Number IV Generator" tristate "Sequence Number IV Generator"
@ -831,8 +836,12 @@ config CRYPTO_SEQIV
select CRYPTO_RNG_DEFAULT select CRYPTO_RNG_DEFAULT
select CRYPTO_MANAGER select CRYPTO_MANAGER
help help
Sequence Number IV generator
This IV generator generates an IV based on a sequence number by This IV generator generates an IV based on a sequence number by
xoring it with a salt. This algorithm is mainly useful for CTR xoring it with a salt. This algorithm is mainly useful for CTR.
This is required for IPsec ESP (XFRM_ESP).
config CRYPTO_ECHAINIV config CRYPTO_ECHAINIV
tristate "Encrypted Chain IV Generator" tristate "Encrypted Chain IV Generator"
@ -841,16 +850,19 @@ config CRYPTO_ECHAINIV
select CRYPTO_RNG_DEFAULT select CRYPTO_RNG_DEFAULT
select CRYPTO_MANAGER select CRYPTO_MANAGER
help help
Encrypted Chain IV generator
This IV generator generates an IV based on the encryption of This IV generator generates an IV based on the encryption of
a sequence number xored with a salt. This is the default a sequence number xored with a salt. This is the default
algorithm for CBC. algorithm for CBC.
config CRYPTO_ESSIV config CRYPTO_ESSIV
tristate "ESSIV support for block encryption" tristate "Encrypted Salt-Sector IV Generator"
select CRYPTO_AUTHENC select CRYPTO_AUTHENC
help help
Encrypted salt-sector initialization vector (ESSIV) is an IV Encrypted Salt-Sector IV generator
generation method that is used in some cases by fscrypt and/or
This IV generator is used in some cases by fscrypt and/or
dm-crypt. It uses the hash of the block encryption key as the dm-crypt. It uses the hash of the block encryption key as the
symmetric key for a block encryption pass applied to the input symmetric key for a block encryption pass applied to the input
IV, making low entropy IV sources more suitable for block IV, making low entropy IV sources more suitable for block