opencrypto - add serpent support to cryptosoft/dev
authorAlex Hornung <ahornung@gmail.com>
Sat, 2 Jul 2011 12:14:38 +0000 (13:14 +0100)
committerAlex Hornung <ahornung@gmail.com>
Sat, 2 Jul 2011 12:24:54 +0000 (13:24 +0100)
sys/opencrypto/cryptodev.c
sys/opencrypto/cryptodev.h
sys/opencrypto/cryptosoft.c
sys/opencrypto/xform.c
sys/opencrypto/xform.h

index 8136662..be247a7 100644 (file)
@@ -203,6 +203,9 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data,
                case CRYPTO_TWOFISH_CBC:
                        txform = &enc_xform_twofish;
                        break;
+               case CRYPTO_SERPENT_CBC:
+                       txform = &enc_xform_serpent;
+                       break;
                default:
                        return (EINVAL);
                }
index 03f2482..a8ac8d3 100644 (file)
 #define AESGMAC_BLOCK_LEN      1
 #define CAMELLIA_BLOCK_LEN     16
 #define TWOFISH_BLOCK_LEN      16
+#define SERPENT_BLOCK_LEN      16
 #define EALG_MAX_BLOCK_LEN     AES_BLOCK_LEN /* Keep this updated */
 
 #define        CRYPTO_ALGORITHM_MIN    1
 #define CRYPTO_AES_256_GMAC    27
 #define CRYPTO_AES_GMAC                28
 #define CRYPTO_TWOFISH_CBC     29
-#define        CRYPTO_ALGORITHM_MAX    29 /* Keep updated - see below */
+#define CRYPTO_SERPENT_CBC     30
+#define        CRYPTO_ALGORITHM_MAX    30 /* Keep updated - see below */
 
 /* Algorithm flags */
 #define        CRYPTO_ALG_FLAG_SUPPORTED       0x01 /* Algorithm is supported */
index db6d3ee..e2fbc04 100644 (file)
@@ -888,6 +888,9 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
                case CRYPTO_TWOFISH_CBC:
                        txf = &enc_xform_twofish;
                        goto enccommon;
+               case CRYPTO_SERPENT_CBC:
+                       txf = &enc_xform_serpent;
+                       goto enccommon;
                case CRYPTO_NULL_CBC:
                        txf = &enc_xform_null;
                        goto enccommon;
@@ -1149,6 +1152,7 @@ swcr_freesession_slot(struct swcr_data **swdp, u_int32_t sid)
                case CRYPTO_AES_GMAC:
                case CRYPTO_CAMELLIA_CBC:
                case CRYPTO_TWOFISH_CBC:
+               case CRYPTO_SERPENT_CBC:
                case CRYPTO_NULL_CBC:
                        txf = swd->sw_exf;
 
@@ -1271,6 +1275,7 @@ swcr_process(device_t dev, struct cryptop *crp, int hint)
                case CRYPTO_AES_CTR:
                case CRYPTO_CAMELLIA_CBC:
                case CRYPTO_TWOFISH_CBC:
+               case CRYPTO_SERPENT_CBC:
                        if ((crp->crp_etype = swcr_encdec(crd, sw,
                            crp->crp_buf, crp->crp_flags)) != 0)
                                goto done;
@@ -1382,6 +1387,7 @@ swcr_attach(device_t dev)
        REGISTER(CRYPTO_AES_256_GMAC);
        REGISTER(CRYPTO_CAMELLIA_CBC);
        REGISTER(CRYPTO_TWOFISH_CBC);
+       REGISTER(CRYPTO_SERPENT_CBC);
        REGISTER(CRYPTO_DEFLATE_COMP);
 #undef REGISTER
 
index 40a880d..8e22256 100644 (file)
@@ -51,6 +51,7 @@
 #include <crypto/rijndael/rijndael.h>
 #include <crypto/camellia/camellia.h>
 #include <crypto/twofish/twofish.h>
+#include <crypto/serpent/serpent.h>
 #include <crypto/sha1.h>
 
 #include <opencrypto/cast.h>
@@ -79,6 +80,7 @@ static        int aes_xts_setkey(u_int8_t **, u_int8_t *, int);
 static int aes_ctr_setkey(u_int8_t **, u_int8_t *, int);
 static int cml_setkey(u_int8_t **, u_int8_t *, int);
 static int twofish128_setkey(u_int8_t **, u_int8_t *, int);
+static int serpent128_setkey(u_int8_t **, u_int8_t *, int);
 static void des1_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des3_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void blf_encrypt(caddr_t, u_int8_t *, u_int8_t *);
@@ -88,6 +90,7 @@ static        void rijndael128_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void aes_xts_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void cml_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void twofish128_encrypt(caddr_t, u_int8_t *, u_int8_t *);
+static void serpent128_encrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des1_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des3_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void blf_decrypt(caddr_t, u_int8_t *, u_int8_t *);
@@ -97,6 +100,7 @@ static       void rijndael128_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void aes_xts_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void cml_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void twofish128_decrypt(caddr_t, u_int8_t *, u_int8_t *);
+static void serpent128_decrypt(caddr_t, u_int8_t *, u_int8_t *);
 static void des1_zerokey(u_int8_t **);
 static void des3_zerokey(u_int8_t **);
 static void blf_zerokey(u_int8_t **);
@@ -107,6 +111,7 @@ static      void aes_xts_zerokey(u_int8_t **);
 static void aes_ctr_zerokey(u_int8_t **);
 static void cml_zerokey(u_int8_t **);
 static void twofish128_zerokey(u_int8_t **);
+static void serpent128_zerokey(u_int8_t **);
 
 static void aes_ctr_crypt(caddr_t, u_int8_t *, u_int8_t *);
 
@@ -277,6 +282,17 @@ struct enc_xform enc_xform_twofish = {
        NULL
 };
 
+struct enc_xform enc_xform_serpent = {
+       CRYPTO_SERPENT_CBC, "Serpent",
+       SERPENT_BLOCK_LEN, SERPENT_BLOCK_LEN, 8, 32,
+       serpent128_encrypt,
+       serpent128_decrypt,
+       serpent128_setkey,
+       serpent128_zerokey,
+       NULL
+};
+
+
 /* Authentication instances */
 struct auth_hash auth_hash_null = {
        CRYPTO_NULL_HMAC, "NULL-HMAC",
@@ -928,6 +944,46 @@ twofish128_zerokey(u_int8_t **sched)
        *sched = NULL;
 }
 
+static void
+serpent128_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv)
+{
+       serpent_encrypt((serpent_ctx *) key, (u_int8_t *) blk,
+           (u_int8_t *) blk);
+}
+
+static void
+serpent128_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv)
+{
+       serpent_decrypt(((serpent_ctx *) key), (u_int8_t *) blk,
+           (u_int8_t *) blk);
+}
+
+static int
+serpent128_setkey(u_int8_t **sched, u_int8_t *key, int len)
+{
+       int err;
+
+       if (len != 16 && len != 24 && len != 32)
+               return (EINVAL);
+       *sched = kmalloc(sizeof(serpent_ctx), M_CRYPTO_DATA,
+                        M_INTWAIT | M_ZERO);
+       if (*sched != NULL) {
+               serpent_set_key((serpent_ctx *) *sched, (u_int8_t *) key,
+                   len * 8);
+               err = 0;
+       } else
+               err = ENOMEM;
+       return err;
+}
+
+static void
+serpent128_zerokey(u_int8_t **sched)
+{
+       bzero(*sched, sizeof(serpent_ctx));
+       kfree(*sched, M_CRYPTO_DATA);
+       *sched = NULL;
+}
+
 
 /*
  * And now for auth.
index 2459058..f1c2bf1 100644 (file)
@@ -93,6 +93,7 @@ extern struct enc_xform enc_xform_aes_gmac;
 extern struct enc_xform enc_xform_arc4;
 extern struct enc_xform enc_xform_camellia;
 extern struct enc_xform enc_xform_twofish;
+extern struct enc_xform enc_xform_serpent;
 
 extern struct auth_hash auth_hash_null;
 extern struct auth_hash auth_hash_key_md5;