opencrypto - add twofish support to cryptosoft/dev
authorAlex Hornung <ahornung@gmail.com>
Sat, 2 Jul 2011 09:53:33 +0000 (10:53 +0100)
committerAlex Hornung <ahornung@gmail.com>
Sat, 2 Jul 2011 11:07:04 +0000 (12:07 +0100)
sys/opencrypto/cryptodev.c
sys/opencrypto/cryptodev.h
sys/opencrypto/cryptosoft.c
sys/opencrypto/xform.c
sys/opencrypto/xform.h

index 91d3a5b..8136662 100644 (file)
@@ -200,6 +200,9 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data,
                case CRYPTO_CAMELLIA_CBC:
                        txform = &enc_xform_camellia;
                        break;
+               case CRYPTO_TWOFISH_CBC:
+                       txform = &enc_xform_twofish;
+                       break;
                default:
                        return (EINVAL);
                }
index 37a8c39..03f2482 100644 (file)
 #define AESGMAC_IV_LEN         8
 #define AESGMAC_BLOCK_LEN      1
 #define CAMELLIA_BLOCK_LEN     16
+#define TWOFISH_BLOCK_LEN      16
 #define EALG_MAX_BLOCK_LEN     AES_BLOCK_LEN /* Keep this updated */
 
 #define        CRYPTO_ALGORITHM_MIN    1
 #define CRYPTO_AES_192_GMAC    26
 #define CRYPTO_AES_256_GMAC    27
 #define CRYPTO_AES_GMAC                28
-#define        CRYPTO_ALGORITHM_MAX    28 /* Keep updated - see below */
+#define CRYPTO_TWOFISH_CBC     29
+#define        CRYPTO_ALGORITHM_MAX    29 /* Keep updated - see below */
 
 /* Algorithm flags */
 #define        CRYPTO_ALG_FLAG_SUPPORTED       0x01 /* Algorithm is supported */
index 4106f49..db6d3ee 100644 (file)
@@ -885,6 +885,9 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
                case CRYPTO_CAMELLIA_CBC:
                        txf = &enc_xform_camellia;
                        goto enccommon;
+               case CRYPTO_TWOFISH_CBC:
+                       txf = &enc_xform_twofish;
+                       goto enccommon;
                case CRYPTO_NULL_CBC:
                        txf = &enc_xform_null;
                        goto enccommon;
@@ -1145,6 +1148,7 @@ swcr_freesession_slot(struct swcr_data **swdp, u_int32_t sid)
                case CRYPTO_AES_GCM_16:
                case CRYPTO_AES_GMAC:
                case CRYPTO_CAMELLIA_CBC:
+               case CRYPTO_TWOFISH_CBC:
                case CRYPTO_NULL_CBC:
                        txf = swd->sw_exf;
 
@@ -1266,6 +1270,7 @@ swcr_process(device_t dev, struct cryptop *crp, int hint)
                case CRYPTO_AES_XTS:
                case CRYPTO_AES_CTR:
                case CRYPTO_CAMELLIA_CBC:
+               case CRYPTO_TWOFISH_CBC:
                        if ((crp->crp_etype = swcr_encdec(crd, sw,
                            crp->crp_buf, crp->crp_flags)) != 0)
                                goto done;
@@ -1376,6 +1381,7 @@ swcr_attach(device_t dev)
        REGISTER(CRYPTO_AES_192_GMAC);
        REGISTER(CRYPTO_AES_256_GMAC);
        REGISTER(CRYPTO_CAMELLIA_CBC);
+       REGISTER(CRYPTO_TWOFISH_CBC);
        REGISTER(CRYPTO_DEFLATE_COMP);
 #undef REGISTER
 
index 1c75b5b..40a880d 100644 (file)
@@ -50,6 +50,7 @@
 #include <crypto/des/des.h>
 #include <crypto/rijndael/rijndael.h>
 #include <crypto/camellia/camellia.h>
+#include <crypto/twofish/twofish.h>
 #include <crypto/sha1.h>
 
 #include <opencrypto/cast.h>
@@ -77,6 +78,7 @@ static        int rijndael128_setkey(u_int8_t **, u_int8_t *, int);
 static int aes_xts_setkey(u_int8_t **, u_int8_t *, int);
 static int aes_ctr_setkey(u_int8_t **, u_int8_t *, int);
 static int cml_setkey(u_int8_t **, u_int8_t *, int);
+static int twofish128_setkey(u_int8_t **, u_int8_t *, int);
 static void des1_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des3_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void blf_encrypt(caddr_t, u_int8_t *, u_int8_t *);
@@ -85,6 +87,7 @@ static        void skipjack_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void rijndael128_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void aes_xts_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void cml_encrypt(caddr_t, u_int8_t *, u_int8_t *);
+static void twofish128_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des1_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des3_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void blf_decrypt(caddr_t, u_int8_t *, u_int8_t *);
@@ -93,6 +96,7 @@ static        void skipjack_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void rijndael128_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void aes_xts_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void cml_decrypt(caddr_t, u_int8_t *, u_int8_t *);
+static void twofish128_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des1_zerokey(u_int8_t **);
 static void des3_zerokey(u_int8_t **);
 static void blf_zerokey(u_int8_t **);
@@ -102,6 +106,7 @@ static      void rijndael128_zerokey(u_int8_t **);
 static void aes_xts_zerokey(u_int8_t **);
 static void aes_ctr_zerokey(u_int8_t **);
 static void cml_zerokey(u_int8_t **);
+static void twofish128_zerokey(u_int8_t **);
 
 static void aes_ctr_crypt(caddr_t, u_int8_t *, u_int8_t *);
 
@@ -262,6 +267,16 @@ struct enc_xform enc_xform_camellia = {
        NULL
 };
 
+struct enc_xform enc_xform_twofish = {
+       CRYPTO_TWOFISH_CBC, "Twofish",
+       TWOFISH_BLOCK_LEN, TWOFISH_BLOCK_LEN, 8, 32,
+       twofish128_encrypt,
+       twofish128_decrypt,
+       twofish128_setkey,
+       twofish128_zerokey,
+       NULL
+};
+
 /* Authentication instances */
 struct auth_hash auth_hash_null = {
        CRYPTO_NULL_HMAC, "NULL-HMAC",
@@ -873,6 +888,47 @@ cml_zerokey(u_int8_t **sched)
        *sched = NULL;
 }
 
+static void
+twofish128_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv)
+{
+       twofish_encrypt((twofish_ctx *) key, (u_int8_t *) blk,
+           (u_int8_t *) blk);
+}
+
+static void
+twofish128_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv)
+{
+       twofish_decrypt(((twofish_ctx *) key), (u_int8_t *) blk,
+           (u_int8_t *) blk);
+}
+
+static int
+twofish128_setkey(u_int8_t **sched, u_int8_t *key, int len)
+{
+       int err;
+
+       if (len != 16 && len != 24 && len != 32)
+               return (EINVAL);
+       *sched = kmalloc(sizeof(twofish_ctx), M_CRYPTO_DATA,
+                        M_INTWAIT | M_ZERO);
+       if (*sched != NULL) {
+               twofish_set_key((twofish_ctx *) *sched, (u_int8_t *) key,
+                   len * 8);
+               err = 0;
+       } else
+               err = ENOMEM;
+       return err;
+}
+
+static void
+twofish128_zerokey(u_int8_t **sched)
+{
+       bzero(*sched, sizeof(twofish_ctx));
+       kfree(*sched, M_CRYPTO_DATA);
+       *sched = NULL;
+}
+
+
 /*
  * And now for auth.
  */
index b584b85..2459058 100644 (file)
@@ -92,6 +92,7 @@ extern struct enc_xform enc_xform_aes_gcm;
 extern struct enc_xform enc_xform_aes_gmac;
 extern struct enc_xform enc_xform_arc4;
 extern struct enc_xform enc_xform_camellia;
+extern struct enc_xform enc_xform_twofish;
 
 extern struct auth_hash auth_hash_null;
 extern struct auth_hash auth_hash_key_md5;