mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-12-06 02:24:14 +08:00
9d2c0b485c
Add hardware accelerated version of POLYVAL for ARM64 CPUs with Crypto Extensions support. This implementation is accelerated using PMULL instructions to perform the finite field computations. For added efficiency, 8 blocks of the message are processed simultaneously by precomputing the first 8 powers of the key. Karatsuba multiplication is used instead of Schoolbook multiplication because it was found to be slightly faster on ARM64 CPUs. Montgomery reduction must be used instead of Barrett reduction due to the difference in modulus between POLYVAL's field and other finite fields. More information on POLYVAL can be found in the HCTR2 paper: "Length-preserving encryption with HCTR2": https://eprint.iacr.org/2021/1441.pdf Signed-off-by: Nathan Huckleberry <nhuck@google.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
141 lines
3.9 KiB
Plaintext
141 lines
3.9 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
|
|
menuconfig ARM64_CRYPTO
|
|
bool "ARM64 Accelerated Cryptographic Algorithms"
|
|
depends on ARM64
|
|
help
|
|
Say Y here to choose from a selection of cryptographic algorithms
|
|
implemented using ARM64 specific CPU features or instructions.
|
|
|
|
if ARM64_CRYPTO
|
|
|
|
config CRYPTO_SHA256_ARM64
|
|
tristate "SHA-224/SHA-256 digest algorithm for arm64"
|
|
select CRYPTO_HASH
|
|
|
|
config CRYPTO_SHA512_ARM64
|
|
tristate "SHA-384/SHA-512 digest algorithm for arm64"
|
|
select CRYPTO_HASH
|
|
|
|
config CRYPTO_SHA1_ARM64_CE
|
|
tristate "SHA-1 digest algorithm (ARMv8 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA1
|
|
|
|
config CRYPTO_SHA2_ARM64_CE
|
|
tristate "SHA-224/SHA-256 digest algorithm (ARMv8 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA256_ARM64
|
|
|
|
config CRYPTO_SHA512_ARM64_CE
|
|
tristate "SHA-384/SHA-512 digest algorithm (ARMv8 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA512_ARM64
|
|
|
|
config CRYPTO_SHA3_ARM64
|
|
tristate "SHA3 digest algorithm (ARMv8.2 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA3
|
|
|
|
config CRYPTO_SM3_ARM64_CE
|
|
tristate "SM3 digest algorithm (ARMv8.2 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SM3
|
|
|
|
config CRYPTO_SM4_ARM64_CE
|
|
tristate "SM4 symmetric cipher (ARMv8.2 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_SM4
|
|
|
|
config CRYPTO_SM4_ARM64_CE_BLK
|
|
tristate "SM4 in ECB/CBC/CFB/CTR modes using ARMv8 Crypto Extensions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_SM4
|
|
|
|
config CRYPTO_SM4_ARM64_NEON_BLK
|
|
tristate "SM4 in ECB/CBC/CFB/CTR modes using NEON instructions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_SM4
|
|
|
|
config CRYPTO_GHASH_ARM64_CE
|
|
tristate "GHASH/AES-GCM using ARMv8 Crypto Extensions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_GF128MUL
|
|
select CRYPTO_LIB_AES
|
|
|
|
config CRYPTO_POLYVAL_ARM64_CE
|
|
tristate "POLYVAL using ARMv8 Crypto Extensions (for HCTR2)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_POLYVAL
|
|
|
|
config CRYPTO_CRCT10DIF_ARM64_CE
|
|
tristate "CRCT10DIF digest algorithm using PMULL instructions"
|
|
depends on KERNEL_MODE_NEON && CRC_T10DIF
|
|
select CRYPTO_HASH
|
|
|
|
config CRYPTO_AES_ARM64
|
|
tristate "AES core cipher using scalar instructions"
|
|
select CRYPTO_AES
|
|
|
|
config CRYPTO_AES_ARM64_CE
|
|
tristate "AES core cipher using ARMv8 Crypto Extensions"
|
|
depends on ARM64 && KERNEL_MODE_NEON
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_LIB_AES
|
|
|
|
config CRYPTO_AES_ARM64_CE_CCM
|
|
tristate "AES in CCM mode using ARMv8 Crypto Extensions"
|
|
depends on ARM64 && KERNEL_MODE_NEON
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_AES_ARM64_CE
|
|
select CRYPTO_AEAD
|
|
select CRYPTO_LIB_AES
|
|
|
|
config CRYPTO_AES_ARM64_CE_BLK
|
|
tristate "AES in ECB/CBC/CTR/XTS/XCTR modes using ARMv8 Crypto Extensions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_AES_ARM64_CE
|
|
|
|
config CRYPTO_AES_ARM64_NEON_BLK
|
|
tristate "AES in ECB/CBC/CTR/XTS/XCTR modes using NEON instructions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_LIB_AES
|
|
|
|
config CRYPTO_CHACHA20_NEON
|
|
tristate "ChaCha20, XChaCha20, and XChaCha12 stream ciphers using NEON instructions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_LIB_CHACHA_GENERIC
|
|
select CRYPTO_ARCH_HAVE_LIB_CHACHA
|
|
|
|
config CRYPTO_POLY1305_NEON
|
|
tristate "Poly1305 hash function using scalar or NEON instructions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_ARCH_HAVE_LIB_POLY1305
|
|
|
|
config CRYPTO_NHPOLY1305_NEON
|
|
tristate "NHPoly1305 hash function using NEON instructions (for Adiantum)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_NHPOLY1305
|
|
|
|
config CRYPTO_AES_ARM64_BS
|
|
tristate "AES in ECB/CBC/CTR/XTS modes using bit-sliced NEON algorithm"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_SKCIPHER
|
|
select CRYPTO_AES_ARM64_NEON_BLK
|
|
select CRYPTO_LIB_AES
|
|
|
|
endif
|