ich777/linux_media
1
0
Fork 0
mirror of https://github.com/tbsdtv/linux_media.git synced 2025-07-23 04:33:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

crypto: Kconfig - simplify hash entries

Browse Source 
Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
  "hardware acceleration", or "optimized"

Simplify help text descriptions, update references, and ensure that
https references are still valid.

Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Robert Elliott
2022-08-20 13:41:48 -05:00
committed by Herbert Xu
parent e3d2eadd06
commit 3f342a2325
8 changed files with 366 additions and 216 deletions
Download Patch File Download Diff File Expand all files Collapse all files

176
crypto/Kconfig
View File

@@ -890,215 +890,233 @@ endmenu
menu "Hashes, digests, and MACs"
config CRYPTO_BLAKE2B
tristate "BLAKE2b digest algorithm"
tristate "BLAKE2b"
select CRYPTO_HASH
help
Implementation of cryptographic hash function BLAKE2b (or just BLAKE2),
optimized for 64bit platforms and can produce digests of any size
between 1 to 64. The keyed hash is also implemented.
BLAKE2b cryptographic hash function (RFC 7693)
BLAKE2b is optimized for 64-bit platforms and can produce digests
of any size between 1 and 64 bytes. The keyed hash is also implemented.
This module provides the following algorithms:
- blake2b-160
- blake2b-256
- blake2b-384
- blake2b-512
Used by the btrfs filesystem.
See https://blake2.net for further information.
config CRYPTO_BLAKE2S
tristate "BLAKE2s"
select CRYPTO_LIB_BLAKE2S_GENERIC
select CRYPTO_HASH
help
BLAKE2s cryptographic hash function (RFC 7693)
BLAKE2s is optimized for 8 to 32-bit platforms and can produce
digests of any size between 1 and 32 bytes. The keyed hash is
also implemented.
This module provides the following algorithms:
- blake2s-128
- blake2s-160
- blake2s-224
- blake2s-256
Used by Wireguard.
See https://blake2.net for further information.
config CRYPTO_CMAC
tristate "CMAC support"
tristate "CMAC (Cipher-based MAC)"
select CRYPTO_HASH
select CRYPTO_MANAGER
help
Cipher-based Message Authentication Code (CMAC) specified by
The National Institute of Standards and Technology (NIST).
https://tools.ietf.org/html/rfc4493
http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
CMAC (Cipher-based Message Authentication Code) authentication
mode (NIST SP800-38B and IETF RFC4493)
config CRYPTO_GHASH
tristate "GHASH hash function"
tristate "GHASH"
select CRYPTO_GF128MUL
select CRYPTO_HASH
help
GHASH is the hash function used in GCM (Galois/Counter Mode).
It is not a general-purpose cryptographic hash function.
GCM GHASH function (NIST SP800-38D)
config CRYPTO_HMAC
tristate "HMAC support"
tristate "HMAC (Keyed-Hash MAC)"
select CRYPTO_HASH
select CRYPTO_MANAGER
help
HMAC: Keyed-Hashing for Message Authentication (RFC2104).
This is required for IPSec.
HMAC (Keyed-Hash Message Authentication Code) (FIPS 198 and
RFC2104)
This is required for IPsec AH (XFRM_AH) and IPsec ESP (XFRM_ESP).
config CRYPTO_MD4
tristate "MD4 digest algorithm"
tristate "MD4"
select CRYPTO_HASH
help
MD4 message digest algorithm (RFC1320).
MD4 message digest algorithm (RFC1320)
config CRYPTO_MD5
tristate "MD5 digest algorithm"
tristate "MD5"
select CRYPTO_HASH
help
MD5 message digest algorithm (RFC1321).
MD5 message digest algorithm (RFC1321)
config CRYPTO_MICHAEL_MIC
tristate "Michael MIC keyed digest algorithm"
tristate "Michael MIC"
select CRYPTO_HASH
help
Michael MIC is used for message integrity protection in TKIP
(IEEE 802.11i). This algorithm is required for TKIP, but it
should not be used for other purposes because of the weakness
of the algorithm.
Michael MIC (Message Integrity Code) (IEEE 802.11i)
Defined by the IEEE 802.11i TKIP (Temporal Key Integrity Protocol),
known as WPA (Wif-Fi Protected Access).
This algorithm is required for TKIP, but it should not be used for
other purposes because of the weakness of the algorithm.
config CRYPTO_POLYVAL
tristate
select CRYPTO_GF128MUL
select CRYPTO_HASH
help
POLYVAL is the hash function used in HCTR2. It is not a general-purpose
POLYVAL hash function for HCTR2
This is used in HCTR2. It is not a general-purpose
cryptographic hash function.
config CRYPTO_POLY1305
tristate "Poly1305 authenticator algorithm"
tristate "Poly1305"
select CRYPTO_HASH
select CRYPTO_LIB_POLY1305_GENERIC
help
Poly1305 authenticator algorithm, RFC7539.
Poly1305 authenticator algorithm (RFC7539)
Poly1305 is an authenticator algorithm designed by Daniel J. Bernstein.
It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
in IETF protocols. This is the portable C implementation of Poly1305.
config CRYPTO_RMD160
tristate "RIPEMD-160 digest algorithm"
tristate "RIPEMD-160"
select CRYPTO_HASH
help
RIPEMD-160 (ISO/IEC 10118-3:2004).
RIPEMD-160 hash function (ISO/IEC 10118-3)
RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
to be used as a secure replacement for the 128-bit hash functions
MD4, MD5 and its predecessor RIPEMD
(not to be confused with RIPEMD-128).
It's speed is comparable to SHA1 and there are no known attacks
Its speed is comparable to SHA-1 and there are no known attacks
against RIPEMD-160.
Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
See <https://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
See https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
for further information.
config CRYPTO_SHA1
tristate "SHA1 digest algorithm"
tristate "SHA-1"
select CRYPTO_HASH
select CRYPTO_LIB_SHA1
help
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
SHA-1 secure hash algorithm (FIPS 180, ISO/IEC 10118-3)
config CRYPTO_SHA256
tristate "SHA224 and SHA256 digest algorithm"
tristate "SHA-224 and SHA-256"
select CRYPTO_HASH
select CRYPTO_LIB_SHA256
help
SHA256 secure hash standard (DFIPS 180-2).
SHA-224 and SHA-256 secure hash algorithms (FIPS 180, ISO/IEC 10118-3)
This version of SHA implements a 256 bit hash with 128 bits of
security against collision attacks.
This code also includes SHA-224, a 224 bit hash with 112 bits
of security against collision attacks.
This is required for IPsec AH (XFRM_AH) and IPsec ESP (XFRM_ESP).
Used by the btrfs filesystem, Ceph, NFS, and SMB.
config CRYPTO_SHA512
tristate "SHA384 and SHA512 digest algorithms"
tristate "SHA-384 and SHA-512"
select CRYPTO_HASH
help
SHA512 secure hash standard (DFIPS 180-2).
This version of SHA implements a 512 bit hash with 256 bits of
security against collision attacks.
This code also includes SHA-384, a 384 bit hash with 192 bits
of security against collision attacks.
SHA-384 and SHA-512 secure hash algorithms (FIPS 180, ISO/IEC 10118-3)
config CRYPTO_SHA3
tristate "SHA3 digest algorithm"
tristate "SHA-3"
select CRYPTO_HASH
help
SHA-3 secure hash standard (DFIPS 202). It's based on
cryptographic sponge function family called Keccak.
References:
http://keccak.noekeon.org/
SHA-3 secure hash algorithms (FIPS 202, ISO/IEC 10118-3)
config CRYPTO_SM3
tristate
config CRYPTO_SM3_GENERIC
tristate "SM3 digest algorithm"
tristate "SM3 (ShangMi 3)"
select CRYPTO_HASH
select CRYPTO_SM3
help
SM3 secure hash function as defined by OSCCA GM/T 0004-2012 SM3).
It is part of the Chinese Commercial Cryptography suite.
SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012, ISO/IEC 10118-3)
This is part of the Chinese Commercial Cryptography suite.
References:
http://www.oscca.gov.cn/UpFile/20101222141857786.pdf
https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
config CRYPTO_STREEBOG
tristate "Streebog Hash Function"
tristate "Streebog"
select CRYPTO_HASH
help
Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the Russian
cryptographic standard algorithms (called GOST algorithms).
This setting enables two hash algorithms with 256 and 512 bits output.
Streebog Hash Function (GOST R 34.11-2012, RFC 6986, ISO/IEC 10118-3)
This is one of the Russian cryptographic standard algorithms (called
GOST algorithms). This setting enables two hash algorithms with
256 and 512 bits output.
References:
https://tc26.ru/upload/iblock/fed/feddbb4d26b685903faa2ba11aea43f6.pdf
https://tools.ietf.org/html/rfc6986
config CRYPTO_VMAC
tristate "VMAC support"
tristate "VMAC"
select CRYPTO_HASH
select CRYPTO_MANAGER
help
VMAC is a message authentication algorithm designed for
very high speed on 64-bit architectures.
See also:
<https://fastcrypto.org/vmac>
See https://fastcrypto.org/vmac for further information.
config CRYPTO_WP512
tristate "Whirlpool digest algorithms"
tristate "Whirlpool"
select CRYPTO_HASH
help
Whirlpool hash algorithm 512, 384 and 256-bit hashes
Whirlpool hash function (ISO/IEC 10118-3)
512, 384 and 256-bit hashes.
Whirlpool-512 is part of the NESSIE cryptographic primitives.
Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
See also:
<http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
See https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html
for further information.
config CRYPTO_XCBC
tristate "XCBC support"
tristate "XCBC-MAC (Extended Cipher Block Chaining MAC)"
select CRYPTO_HASH
select CRYPTO_MANAGER
help
XCBC: Keyed-Hashing with encryption algorithm
https://www.ietf.org/rfc/rfc3566.txt
http://csrc.nist.gov/encryption/modes/proposedmodes/
xcbc-mac/xcbc-mac-spec.pdf
XCBC-MAC (Extended Cipher Block Chaining Message Authentication
Code) (RFC3566)
config CRYPTO_XXHASH
tristate "xxHash hash algorithm"
tristate "xxHash"
select CRYPTO_HASH
select XXHASH
help
xxHash non-cryptographic hash algorithm. Extremely fast, working at
speeds close to RAM limits.
xxHash non-cryptographic hash algorithm
Extremely fast, working at speeds close to RAM limits.
Used by the btrfs filesystem.
endmenu