Re: [PATCH v2 10/10] crypto: Kconfig - add submenus

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 17, 2022 at 06:20:57PM -0500, Robert Elliott wrote:
> Convert each comment section into a submenu:
> Cryptographic API
>     Crypto core or helper
>     Public-key cryptography
>     AEAD (Authenticated Encryption with Associated Data) ciphers
>     Block modes
>     Hash modes
>     Digests
>     Ciphers
>     Compression
>     Random Number Generation
>     User-space interface

Thanks for doing this!

Some of these proposed categories are confusing.  By "hash mode" you mean a mode
that operates as a hash, not that uses a hash, right?  (CMAC is included.)  So
what is "block mode", then?  And what's the difference between that and
"ciphers"?  What about modes that use both a hash and a block cipher, like
Adiantum and HCTR2?  And there is a category for "Ciphers", but then a category
at the same level for "AEAD ciphers"?

Some of the naming used in the code is poor, which is unfortunate and is not
your fault, e.g. crypto_cipher really should be crypto_blockcipher.  But this
doesn't need to be carried through in these new menus.

Just brainstorming, how about the following:

	* Block ciphers
		=> i.e. crypto_cipher algorithms
	* AEAD (Authenticated Encryption with Associated Data) ciphers
		=> i.e. crypto_aead algorithms (and templates)
	* Length-preserving symmetric ciphers
		=> i.e. crypto_skcipher algorithms (and templates)
	* Digests and MACs
		=> i.e. crypto_shash and crypto_ahash algorithms (and templates)

Those 4 categories would replace your 5 categories "AEAD ciphers",
"Block modes", "Hash modes", "Digests", and "Ciphers".

CRYPTO_AUTHENC would go in the AEAD ciphers category, while CRYPTO_ESSIV would
go in length-preserving symmetric ciphers.  (CRYPTO_ESSIV registers a
crypto_aead too, for a weird reason, but that is an obscure case not worth
worrying about.) CRYPTO_CHACHA would go in length-preserving symmetric ciphers
since it's a stream cipher.

- Eric



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux