mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git
synced 2026-04-21 04:53:46 -04:00
e164461349
Add library functions for MD5, including HMAC support. The MD5 implementation is derived from crypto/md5.c. This closely mirrors the corresponding SHA-1 and SHA-2 changes. Like SHA-1 and SHA-2, support for architecture-optimized MD5 implementations is included. I originally proposed dropping those, but unfortunately there is an AF_ALG user of the PowerPC MD5 code (https://lore.kernel.org/r/c4191597-341d-4fd7-bc3d-13daf7666c41@csgroup.eu/), and dropping that code would be viewed as a performance regression. We don't add new software algorithm implementations purely for AF_ALG, as escalating to kernel mode merely to do calculations that could be done in userspace is inefficient and is completely the wrong design. But since this one already existed, it gets grandfathered in for now. An objection was also raised to dropping the SPARC64 MD5 code because it utilizes the CPU's direct support for MD5, although it remains unclear that anyone is using that. Regardless, we'll keep these around for now. Note that while MD5 is a legacy algorithm that is vulnerable to practical collision attacks, it still has various in-kernel users that implement legacy protocols. Switching to a simple library API, which is the way the code should have been organized originally, will greatly simplify their code. For example: MD5: drivers/md/dm-crypt.c (for lmk IV generation) fs/nfsd/nfs4recover.c fs/ecryptfs/ fs/smb/client/ net/{ipv4,ipv6}/ (for TCP-MD5 signatures) HMAC-MD5: fs/smb/client/ fs/smb/server/ (Also net/sctp/ if it continues using HMAC-MD5 for cookie generation. However, that use case has the flexibility to upgrade to a more modern algorithm, which I'll be proposing instead.) As usual, the "md5" and "hmac(md5)" crypto_shash algorithms will also be reimplemented on top of these library functions. For "hmac(md5)" this will provide a faster, more streamlined implementation. Link: https://lore.kernel.org/r/20250805222855.10362-2-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@kernel.org>
234 lines
5.9 KiB
Plaintext
234 lines
5.9 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
|
|
menu "Crypto library routines"
|
|
|
|
config CRYPTO_HASH_INFO
|
|
bool
|
|
|
|
config CRYPTO_LIB_UTILS
|
|
tristate
|
|
|
|
config CRYPTO_LIB_AES
|
|
tristate
|
|
|
|
config CRYPTO_LIB_AESCFB
|
|
tristate
|
|
select CRYPTO_LIB_AES
|
|
select CRYPTO_LIB_UTILS
|
|
|
|
config CRYPTO_LIB_AESGCM
|
|
tristate
|
|
select CRYPTO_LIB_AES
|
|
select CRYPTO_LIB_GF128MUL
|
|
select CRYPTO_LIB_UTILS
|
|
|
|
config CRYPTO_LIB_ARC4
|
|
tristate
|
|
|
|
config CRYPTO_LIB_GF128MUL
|
|
tristate
|
|
|
|
config CRYPTO_ARCH_HAVE_LIB_BLAKE2S
|
|
bool
|
|
help
|
|
Declares whether the architecture provides an arch-specific
|
|
accelerated implementation of the Blake2s library interface,
|
|
either builtin or as a module.
|
|
|
|
config CRYPTO_LIB_BLAKE2S_GENERIC
|
|
def_bool !CRYPTO_ARCH_HAVE_LIB_BLAKE2S
|
|
help
|
|
This symbol can be depended upon by arch implementations of the
|
|
Blake2s library interface that require the generic code as a
|
|
fallback, e.g., for SIMD implementations. If no arch specific
|
|
implementation is enabled, this implementation serves the users
|
|
of CRYPTO_LIB_BLAKE2S.
|
|
|
|
config CRYPTO_ARCH_HAVE_LIB_CHACHA
|
|
bool
|
|
help
|
|
Declares whether the architecture provides an arch-specific
|
|
accelerated implementation of the ChaCha library interface,
|
|
either builtin or as a module.
|
|
|
|
config CRYPTO_LIB_CHACHA_GENERIC
|
|
tristate
|
|
default CRYPTO_LIB_CHACHA if !CRYPTO_ARCH_HAVE_LIB_CHACHA
|
|
select CRYPTO_LIB_UTILS
|
|
help
|
|
This symbol can be selected by arch implementations of the ChaCha
|
|
library interface that require the generic code as a fallback, e.g.,
|
|
for SIMD implementations. If no arch specific implementation is
|
|
enabled, this implementation serves the users of CRYPTO_LIB_CHACHA.
|
|
|
|
config CRYPTO_LIB_CHACHA
|
|
tristate
|
|
help
|
|
Enable the ChaCha library interface. This interface may be fulfilled
|
|
by either the generic implementation or an arch-specific one, if one
|
|
is available and enabled.
|
|
|
|
config CRYPTO_ARCH_HAVE_LIB_CURVE25519
|
|
bool
|
|
help
|
|
Declares whether the architecture provides an arch-specific
|
|
accelerated implementation of the Curve25519 library interface,
|
|
either builtin or as a module.
|
|
|
|
config CRYPTO_LIB_CURVE25519_GENERIC
|
|
tristate
|
|
select CRYPTO_LIB_UTILS
|
|
help
|
|
This symbol can be depended upon by arch implementations of the
|
|
Curve25519 library interface that require the generic code as a
|
|
fallback, e.g., for SIMD implementations. If no arch specific
|
|
implementation is enabled, this implementation serves the users
|
|
of CRYPTO_LIB_CURVE25519.
|
|
|
|
config CRYPTO_LIB_CURVE25519_INTERNAL
|
|
tristate
|
|
select CRYPTO_LIB_CURVE25519_GENERIC if CRYPTO_ARCH_HAVE_LIB_CURVE25519=n
|
|
|
|
config CRYPTO_LIB_CURVE25519
|
|
tristate
|
|
select CRYPTO
|
|
select CRYPTO_LIB_CURVE25519_INTERNAL
|
|
help
|
|
Enable the Curve25519 library interface. This interface may be
|
|
fulfilled by either the generic implementation or an arch-specific
|
|
one, if one is available and enabled.
|
|
|
|
config CRYPTO_LIB_DES
|
|
tristate
|
|
|
|
config CRYPTO_LIB_MD5
|
|
tristate
|
|
help
|
|
The MD5 and HMAC-MD5 library functions. Select this if your module
|
|
uses any of the functions from <crypto/md5.h>.
|
|
|
|
config CRYPTO_LIB_MD5_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_MD5 && !UML
|
|
|
|
config CRYPTO_LIB_POLY1305_RSIZE
|
|
int
|
|
default 2 if MIPS
|
|
default 11 if X86_64
|
|
default 9 if ARM || ARM64
|
|
default 1
|
|
|
|
config CRYPTO_ARCH_HAVE_LIB_POLY1305
|
|
bool
|
|
help
|
|
Declares whether the architecture provides an arch-specific
|
|
accelerated implementation of the Poly1305 library interface,
|
|
either builtin or as a module.
|
|
|
|
config CRYPTO_LIB_POLY1305_GENERIC
|
|
tristate
|
|
default CRYPTO_LIB_POLY1305 if !CRYPTO_ARCH_HAVE_LIB_POLY1305
|
|
help
|
|
This symbol can be selected by arch implementations of the Poly1305
|
|
library interface that require the generic code as a fallback, e.g.,
|
|
for SIMD implementations. If no arch specific implementation is
|
|
enabled, this implementation serves the users of CRYPTO_LIB_POLY1305.
|
|
|
|
config CRYPTO_LIB_POLY1305
|
|
tristate
|
|
help
|
|
Enable the Poly1305 library interface. This interface may be fulfilled
|
|
by either the generic implementation or an arch-specific one, if one
|
|
is available and enabled.
|
|
|
|
config CRYPTO_LIB_CHACHA20POLY1305
|
|
tristate
|
|
select CRYPTO_LIB_CHACHA
|
|
select CRYPTO_LIB_POLY1305
|
|
select CRYPTO_LIB_UTILS
|
|
|
|
config CRYPTO_LIB_SHA1
|
|
tristate
|
|
help
|
|
The SHA-1 and HMAC-SHA1 library functions. Select this if your module
|
|
uses any of the functions from <crypto/sha1.h>.
|
|
|
|
config CRYPTO_LIB_SHA1_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_SHA1 && !UML
|
|
default y if ARM
|
|
default y if ARM64 && KERNEL_MODE_NEON
|
|
default y if MIPS && CPU_CAVIUM_OCTEON
|
|
default y if PPC
|
|
default y if S390
|
|
default y if SPARC64
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_SHA256
|
|
tristate
|
|
help
|
|
The SHA-224, SHA-256, HMAC-SHA224, and HMAC-SHA256 library functions.
|
|
Select this if your module uses any of these functions from
|
|
<crypto/sha2.h>.
|
|
|
|
config CRYPTO_LIB_SHA256_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_SHA256 && !UML
|
|
default y if ARM && !CPU_V7M
|
|
default y if ARM64
|
|
default y if MIPS && CPU_CAVIUM_OCTEON
|
|
default y if PPC && SPE
|
|
default y if RISCV && 64BIT && RISCV_ISA_V && TOOLCHAIN_HAS_VECTOR_CRYPTO
|
|
default y if S390
|
|
default y if SPARC64
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_SHA512
|
|
tristate
|
|
help
|
|
The SHA-384, SHA-512, HMAC-SHA384, and HMAC-SHA512 library functions.
|
|
Select this if your module uses any of these functions from
|
|
<crypto/sha2.h>.
|
|
|
|
config CRYPTO_LIB_SHA512_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_SHA512 && !UML
|
|
default y if ARM && !CPU_V7M
|
|
default y if ARM64
|
|
default y if MIPS && CPU_CAVIUM_OCTEON
|
|
default y if RISCV && 64BIT && RISCV_ISA_V && TOOLCHAIN_HAS_VECTOR_CRYPTO
|
|
default y if S390
|
|
default y if SPARC64
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_SM3
|
|
tristate
|
|
|
|
source "lib/crypto/tests/Kconfig"
|
|
|
|
if !KMSAN # avoid false positives from assembly
|
|
if ARM
|
|
source "lib/crypto/arm/Kconfig"
|
|
endif
|
|
if ARM64
|
|
source "lib/crypto/arm64/Kconfig"
|
|
endif
|
|
if MIPS
|
|
source "lib/crypto/mips/Kconfig"
|
|
endif
|
|
if PPC
|
|
source "lib/crypto/powerpc/Kconfig"
|
|
endif
|
|
if RISCV
|
|
source "lib/crypto/riscv/Kconfig"
|
|
endif
|
|
if S390
|
|
source "lib/crypto/s390/Kconfig"
|
|
endif
|
|
if X86
|
|
source "lib/crypto/x86/Kconfig"
|
|
endif
|
|
endif
|
|
|
|
endmenu
|