dm_target_crypt - Enable support for AES-XTS
authorAlex Hornung <ahornung@gmail.com>
Sat, 21 Aug 2010 12:48:24 +0000 (13:48 +0100)
committerAlex Hornung <ahornung@gmail.com>
Sat, 21 Aug 2010 13:14:37 +0000 (14:14 +0100)
sys/dev/disk/dm/dm_target_crypt.c

index 5beccf1..0d906e4 100644 (file)
@@ -536,23 +536,34 @@ dm_target_crypt_init(dm_dev_t * dmv, void **target_config, char *params)
                return ENOENT;
        }
 
-       if (strcmp(crypto_mode, "cbc") != 0) {
-               kprintf("dm_target_crypt: only support 'cbc' chaining mode, "
-                       "invalid mode '%s'\n", crypto_mode);
+       if ((strcmp(crypto_mode, "cbc") != 0) ||
+           ((strcmp(crypto_mode, "xts") == 0) && (strcmp(crypto_alg, "aes") != 0)))
+       
+       {
+               kprintf("dm_target_crypt: only support 'cbc' chaining mode"
+                   " and aes-xts, invalid mode '%s-%s'\n",
+                   crypto_alg, crypto_mode);
                goto notsup;
        }
 
        if (!strcmp(crypto_alg, "aes")) {
-               priv->crypto_alg = CRYPTO_AES_CBC;
-               if (klen != 128 && klen != 192 && klen != 256)
+               if (!strcmp(crypto_mode, "xts")) {
+                       priv->crypto_alg = CRYPTO_AES_XTS;
+                       if (klen != 256 && klen != 512)
+                               goto notsup;
+               } else if (!strcmp(crypto_mode, "cbc")) {
+                       priv->crypto_alg = CRYPTO_AES_CBC;
+                       if (klen != 128 && klen != 192 && klen != 256)
+                               goto notsup;
+               } else {
                        goto notsup;
+               }
                priv->crypto_klen = klen;
        } else if (!strcmp(crypto_alg, "blowfish")) {
                priv->crypto_alg = CRYPTO_BLF_CBC;
                if (klen < 128 || klen > 448 || (klen % 8) != 0)
                        goto notsup;
                priv->crypto_klen = klen;
-
        } else if (!strcmp(crypto_alg, "3des") ||
                   !strncmp(crypto_alg, "des3", 4)) {
                priv->crypto_alg = CRYPTO_3DES_CBC;