[PATCH] crypto: bewbi IV, big endian wide block count for ABL-32-AES

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Rik Snel <rsnel@xxxxxxxxxxxxxxx>

ABL-32-AES needs a certain IV. This IV should be provided dm-crypt.
The block cipher mode could, in principle, generate the correct IV from
the plain IV, but I think that it is cleaner to supply the right IV
directly.

The sector -> wide block calculation is currently just a conversion
to bigendian and an increment, but if dm-crypt will support cypher
blocksizes larger than 512 bytes (which would be interesting for
wide blocks) the conversion will include a shift also.

Signed-off-by: Rik Snel <rsnel@xxxxxxxxxxxxxxx>
---
 drivers/md/dm-crypt.c |   20 +++++++++++++++++++-
 1 files changed, 19 insertions(+), 1 deletions(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 2c7aaac..a88dc95 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -117,6 +117,9 @@ static kmem_cache_t *_crypt_io_pool;
  * benbi: the 64-bit "big-endian 'narrow block'-count", starting at 1
  *        (needed for LRW-32-AES and possible other narrow block modes)
  *
+ * bewbi: the 64-bit "big-endian 'wide block'-count", starting at 1
+ *        (needed for ABL-32-AES and possible other wide block modes)
+ *
  * plumb: unimplemented, see:
  * http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/454
  */
@@ -251,6 +254,14 @@ static int crypt_iv_benbi_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
 	return 0;
 }
 
+static int crypt_iv_bewbi_gen(struct crypt_config *cc, u8 *iv, sector_t sector)
+{
+	memset(iv, 0, cc->iv_size - sizeof(u32));
+	*((u32*)iv + 3) = cpu_to_be32((sector & 0xffffffff) + 1);
+
+	return 0;
+}
+
 static struct crypt_iv_operations crypt_iv_plain_ops = {
 	.generator = crypt_iv_plain_gen
 };
@@ -267,6 +278,10 @@ static struct crypt_iv_operations crypt_iv_benbi_ops = {
 	.generator = crypt_iv_benbi_gen
 };
 
+static struct crypt_iv_operations crypt_iv_bewbi_ops = {
+	.generator = crypt_iv_bewbi_gen
+};
+
 static int
 crypt_convert_scatterlist(struct crypt_config *cc, struct scatterlist *out,
                           struct scatterlist *in, unsigned int length,
@@ -815,7 +830,8 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
 	cc->tfm = tfm;
 
 	/*
-	 * Choose ivmode. Valid modes: "plain", "essiv:<esshash>", "benbi".
+	 * Choose ivmode. Valid modes: "plain", "essiv:<esshash>", "benbi",
+	 *	"bewbi".
 	 * See comments at iv code
 	 */
 
@@ -827,6 +843,8 @@ static int crypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
 		cc->iv_gen_ops = &crypt_iv_essiv_ops;
 	else if (strcmp(ivmode, "benbi") == 0)
 		cc->iv_gen_ops = &crypt_iv_benbi_ops;
+	else if (strcmp(ivmode, "bewbi") == 0)
+		cc->iv_gen_ops = &crypt_iv_bewbi_ops;
 	else {
 		ti->error = "Invalid IV mode";
 		goto bad2;
-- 
1.4.4.1

--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel

[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux