Hi out there!
This little patch allows /proc/cipher/* to show a bitmask of allowed
keysizes. Simple as it may ssem, it breaks the current jungle of
#define's quite thoroughly. Ciphers that want to take advantage of this
patch and actually _provide_ more than one keylength per cipher
implementation (and most ciphers could), will not be able to use the
DEFINE_CIPHER construct any more.
So what now? I'd like to remove the DEFINE_CIPHER construct althogether.
It makes defining "dumb" ciphers easy, but it obfuscates the definition
of a cipher for unexperienced (w.r.t. cipherapi) coders and interested
eyes that read the source, since the meaning of the numbers and strings
appearing in DEFINE_CIPHER is not obvious. Even when you have read over
a few cipher sources you catch yourself going back to
include/linux/crypto.h to look up what each entry means.
On the opposite, having the struct cipher_implementation populated
without the help of macros goes a long way towards transparency, because
the field identifiers show up alongside their values. Or not?
Now my inexprience with C comes up again: Is there a C construct that
shows the field identifiers even in static const definitions? Like in
perl:
%an_associative_array = {
field1 -> value1,
field2 -> value2,
: :
}
Is there a C reference online somewhere to install locally, e.g. in
html?
Marc
--
Marc Mutz <Marc@xxxxxxxx> http://marc.mutz.com/Encryption-HOWTO/
University of Bielefeld, Dep. of Mathematics / Dep. of Physics
PGP-keyID's: 0xd46ce9ab (RSA), 0x7ae55b9e (DSS/DH)
--- i6/crypto/cryptoapi.c Thu Sep 28 16:29:13 2000
+++ i6-raidA0-raid1rb15.B2-ext0.0.3a/crypto/cryptoapi.c Fri Sep 29 16:11:52 2000
@@ -218,10 +218,11 @@
len = sprintf(page, "cipher_id: %d\n"
"cipher_name: %s\n"
"blocksize: %d\n"
+ "keysize_mask: 0x%08x\n"
"ivsize: %d\n"
"key_schedule_size: %d\n",
ci->trans.t_id, ci->trans.t_name,
- ci->blocksize,
+ ci->blocksize, ci->key_size_mask,
ci->ivsize, ci->key_schedule_size);
*eof=1;
--- i6/include/linux/crypto.h Thu Sep 28 16:29:14 2000
+++ i6-raidA0-raid1rb15.B2-ext0.0.3a/include/linux/crypto.h Fri Sep 29 16:19:48 2000
@@ -51,6 +51,23 @@
#define CIPHER_cbc_DFC (CIPHER_DFC | CIPHER_CBC)
#define CIPHER_cbc_RIJNDAEL (CIPHER_RIJNDAEL | CIPHER_CBC)
+
+#define CIPHER_KEYSIZE_ANY 0xFFFFFFFF
+#define CIPHER_KEYSIZE_NONE 0x00000000
+
+#define CIPHER_KEYSIZE_40 0x00000010
+#define CIPHER_KEYSIZE_56 0x00000040
+#define CIPHER_KEYSIZE_64 0x00000080
+#define CIPHER_KEYSIZE_80 0x00000200
+#define CIPHER_KEYSIZE_96 0x00000800
+#define CIPHER_KEYSIZE_112 0x00002000
+#define CIPHER_KEYSIZE_128 0x00008000
+#define CIPHER_KEYSIZE_160 0x00080000
+#define CIPHER_KEYSIZE_168 0x00100000
+#define CIPHER_KEYSIZE_192 0x00800000
+#define CIPHER_KEYSIZE_256 0x80000000
+
+
#define DIGEST_NONE 0
#define DIGEST_SUM 1
#define DIGEST_CRC_CCITT16 2
@@ -94,7 +113,7 @@
int blocksize; /* in bytes */
int ivsize; /* in bytes */
int key_schedule_size; /* in bytes */
+ u32 key_length_list; /* bit 0 set = 8 bit, ... , bit 31 set = 256 bit */
int (*encrypt)(struct cipher_context *cx,
const u8 *in, u8 *out, int size);
int (*decrypt)(struct cipher_context *cx,
@@ -110,7 +130,7 @@
extern struct list_head ciphers;
-#define MAX_KEY_SIZE 8
+#define MAX_KEY_SIZE 8 /* 256 bit */
#define MAX_IV_SIZE MAX_KEY_SIZE
struct cipher_context {
@@ -331,6 +351,7 @@
blocksize, \
ivsize, \
uppername##_KEY_SCHEDULE_SIZE, \
+ 0x0, \
name##_##mode##encrypt, \
name##_##mode##decrypt, \
name##_set_key, \
