diff options
| author | Tianjia Zhang <tianjia.zhang@linux.alibaba.com> | 2022-12-01 20:58:19 +0800 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2022-12-01 11:23:58 -0800 |
| commit | e0cefada1383c5ceb5a35f08369d0d40a6629c18 (patch) | |
| tree | 8f62b3504808567dfd86068872319457a42d226f /Documentation/filesystems | |
| parent | d209ce353a324601f9d3c1eee43b1f0df53021b3 (diff) | |
| download | linux-e0cefada1383c5ceb5a35f08369d0d40a6629c18.tar.bz2 | |
fscrypt: Add SM4 XTS/CTS symmetric algorithm support
Add support for XTS and CTS mode variant of SM4 algorithm. The former is
used to encrypt file contents, while the latter (SM4-CTS-CBC) is used to
encrypt filenames.
SM4 is a symmetric algorithm widely used in China, and is even mandatory
algorithm in some special scenarios. We need to provide these users with
the ability to encrypt files or disks using SM4-XTS.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20221201125819.36932-3-tianjia.zhang@linux.alibaba.com
Diffstat (limited to 'Documentation/filesystems')
| -rw-r--r-- | Documentation/filesystems/fscrypt.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst index 5ba5817c17c2..c0784ec05553 100644 --- a/Documentation/filesystems/fscrypt.rst +++ b/Documentation/filesystems/fscrypt.rst @@ -338,6 +338,7 @@ Currently, the following pairs of encryption modes are supported: - AES-128-CBC for contents and AES-128-CTS-CBC for filenames - Adiantum for both contents and filenames - AES-256-XTS for contents and AES-256-HCTR2 for filenames (v2 policies only) +- SM4-XTS for contents and SM4-CTS-CBC for filenames (v2 policies only) If unsure, you should use the (AES-256-XTS, AES-256-CTS-CBC) pair. |