| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Aug 2022 14:36:26 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Robert Elliott <elliott@....com>
Cc: herbert@...dor.apana.org.au, davem@...emloft.net,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
toshi.kani@....com
Subject: Re: [PATCH 8/8] crypto: Kconfig - sort the ciphers
On Mon, Aug 15, 2022 at 02:06:08PM -0500, Robert Elliott wrote:
> Sort the entries in Ciphers by their displayed names.
> In particular, keep the optimized CPU implementations next to the
> generic implementations.
>
> Signed-off-by: Robert Elliott <elliott@....com>
> ---
> crypto/Kconfig | 118 ++++++++++++++++++++++++-------------------------
> 1 file changed, 59 insertions(+), 59 deletions(-)
>
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index f5cfb73e2423..03f4e2d97ef9 100644
> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
> @@ -1500,6 +1500,65 @@ menu "Ciphers"
>
> Processes eight blocks in parallel.
>
> +config CRYPTO_CHACHA20
> + tristate "ChaCha"
> + select CRYPTO_LIB_CHACHA_GENERIC
> + select CRYPTO_SKCIPHER
> + help
> + The ChaCha20, XChaCha20, and XChaCha12 stream cipher algorithms
> +
> + ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
> + Bernstein and further specified in RFC7539 for use in IETF protocols.
> + This is the portable C implementation of ChaCha20. See
> + https://cr.yp.to/chacha/chacha-20080128.pdf for further information.
> +
> + XChaCha20 is the application of the XSalsa20 construction to ChaCha20
> + rather than to Salsa20. XChaCha20 extends ChaCha20's nonce length
> + from 64 bits (or 96 bits using the RFC7539 convention) to 192 bits,
> + while provably retaining ChaCha20's security. See
> + https://cr.yp.to/snuffle/xsalsa-20081128.pdf for further information.
> +
> + XChaCha12 is XChaCha20 reduced to 12 rounds, with correspondingly
> + reduced security margin but increased performance. It can be needed
> + in some performance-sensitive scenarios.
> +
> +config CRYPTO_CHACHA20_X86_64
> + tristate "ChaCha (x86_64 with SSSE3/AVX2/AVX-512VL)"
> + depends on X86 && 64BIT
> + select CRYPTO_SKCIPHER
> + select CRYPTO_LIB_CHACHA_GENERIC
> + select CRYPTO_ARCH_HAVE_LIB_CHACHA
> + help
> + ChaCha stream cipher algorithms
> +
> + Architecture: x86_64 using:
> + * SSSE3 (Supplemental SSE3)
> + * AVX2 (Advanced Vector Extensions 2)
> + * AVX-512VL (Advanced Vector Extensions-512VL)
> +
> +config CRYPTO_CHACHA_MIPS
> + tristate "ChaCha (MIPS32r2)"
> + depends on CPU_MIPS32_R2
> + select CRYPTO_SKCIPHER
> + select CRYPTO_ARCH_HAVE_LIB_CHACHA
> + help
> + ChaCha stream cipher algorithms
> +
> + Architecture: MIPS32r2
> +
> +config CRYPTO_CHACHA_S390
> + tristate "ChaCha20 (s390)"
> + depends on S390
> + select CRYPTO_SKCIPHER
> + select CRYPTO_LIB_CHACHA_GENERIC
> + select CRYPTO_ARCH_HAVE_LIB_CHACHA
> + help
> + ChaCha20 stream cipher (RFC 7539)
> +
> + Architecture: s390
> +
> + It is available as of z13.
Do we want to keep the architecture-specific options in crypto/Kconfig? arm and
arm64 split them out into a separate file arch/$arch/crypto/Kconfig. Perhaps
the other architectures should adopt that?
- Eric
Powered by blists - more mailing lists