Re: [PATCH v2 10/10] crypto: Kconfig - add submenus
From: Eric Biggers
Date: Thu Aug 18 2022 - 00:43:58 EST
On Wed, Aug 17, 2022 at 06:20:57PM -0500, Robert Elliott wrote:
> Convert each comment section into a submenu:
> Cryptographic API
> Crypto core or helper
> Public-key cryptography
> AEAD (Authenticated Encryption with Associated Data) ciphers
> Block modes
> Hash modes
> Digests
> Ciphers
> Compression
> Random Number Generation
> User-space interface
Thanks for doing this!
Some of these proposed categories are confusing. By "hash mode" you mean a mode
that operates as a hash, not that uses a hash, right? (CMAC is included.) So
what is "block mode", then? And what's the difference between that and
"ciphers"? What about modes that use both a hash and a block cipher, like
Adiantum and HCTR2? And there is a category for "Ciphers", but then a category
at the same level for "AEAD ciphers"?
Some of the naming used in the code is poor, which is unfortunate and is not
your fault, e.g. crypto_cipher really should be crypto_blockcipher. But this
doesn't need to be carried through in these new menus.
Just brainstorming, how about the following:
* Block ciphers
=> i.e. crypto_cipher algorithms
* AEAD (Authenticated Encryption with Associated Data) ciphers
=> i.e. crypto_aead algorithms (and templates)
* Length-preserving symmetric ciphers
=> i.e. crypto_skcipher algorithms (and templates)
* Digests and MACs
=> i.e. crypto_shash and crypto_ahash algorithms (and templates)
Those 4 categories would replace your 5 categories "AEAD ciphers",
"Block modes", "Hash modes", "Digests", and "Ciphers".
CRYPTO_AUTHENC would go in the AEAD ciphers category, while CRYPTO_ESSIV would
go in length-preserving symmetric ciphers. (CRYPTO_ESSIV registers a
crypto_aead too, for a weird reason, but that is an obscure case not worth
worrying about.) CRYPTO_CHACHA would go in length-preserving symmetric ciphers
since it's a stream cipher.
- Eric