aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sbin/geom/class/eli/geli.814
-rw-r--r--sys/geom/eli/g_eli.h7
-rw-r--r--sys/geom/eli/g_eli_crypto.c15
-rw-r--r--tools/regression/geom_eli/init-a.t5
-rw-r--r--tools/regression/geom_eli/init.t5
-rw-r--r--tools/regression/geom_eli/integrity-copy.t5
-rw-r--r--tools/regression/geom_eli/integrity-data.t5
-rw-r--r--tools/regression/geom_eli/integrity-hmac.t5
-rw-r--r--tools/regression/geom_eli/onetime-a.t5
-rw-r--r--tools/regression/geom_eli/onetime.t5
10 files changed, 53 insertions, 18 deletions
diff --git a/sbin/geom/class/eli/geli.8 b/sbin/geom/class/eli/geli.8
index 3f1da7286893..d087e640eaea 100644
--- a/sbin/geom/class/eli/geli.8
+++ b/sbin/geom/class/eli/geli.8
@@ -146,7 +146,8 @@ will make use of it automatically.
.It
Supports many cryptographic algorithms (currently
.Nm AES ,
-.Nm Blowfish
+.Nm Blowfish ,
+.Nm Camellia
and
.Nm 3DES ) .
.It
@@ -227,7 +228,8 @@ If the option is not given, there will be no authentication, only encryption.
Encryption algorithm to use.
Currently supported algorithms are:
.Nm AES ,
-.Nm Blowfish
+.Nm Blowfish ,
+.Nm Camellia
and
.Nm 3DES .
The default is
@@ -260,7 +262,9 @@ If not given, the default key length for the given algorithm is used, which is:
128 for
.Nm AES ,
128 for
-.Nm Blowfish
+.Nm Blowfish ,
+128 for
+.Nm Camellia
and 192 for
.Nm 3DES .
.It Fl s Ar sectorsize
@@ -652,5 +656,9 @@ The
.Nm
utility appeared in
.Fx 6.0 .
+Support for
+.Nm Camellia
+block cipher is implemented by Yoshisato Yanagisawa in
+.Fx 7.0 .
.Sh AUTHORS
.An Pawel Jakub Dawidek Aq pjd@FreeBSD.org
diff --git a/sys/geom/eli/g_eli.h b/sys/geom/eli/g_eli.h
index 5460eea0ef80..8079c9dd4a18 100644
--- a/sys/geom/eli/g_eli.h
+++ b/sys/geom/eli/g_eli.h
@@ -286,6 +286,8 @@ g_eli_str2ealgo(const char *name)
return (CRYPTO_AES_CBC);
else if (strcasecmp("blowfish", name) == 0)
return (CRYPTO_BLF_CBC);
+ else if (strcasecmp("camellia", name) == 0)
+ return (CRYPTO_CAMELLIA_CBC);
else if (strcasecmp("3des", name) == 0)
return (CRYPTO_3DES_CBC);
return (CRYPTO_ALGORITHM_MIN - 1);
@@ -321,6 +323,8 @@ g_eli_algo2str(u_int algo)
return ("AES-CBC");
case CRYPTO_BLF_CBC:
return ("Blowfish-CBC");
+ case CRYPTO_CAMELLIA_CBC:
+ return ("CAMELLIA-CBC");
case CRYPTO_3DES_CBC:
return ("3DES-CBC");
case CRYPTO_MD5_HMAC:
@@ -390,7 +394,8 @@ g_eli_keylen(u_int algo, u_int keylen)
keylen = 0;
}
return (keylen);
- case CRYPTO_AES_CBC:
+ case CRYPTO_AES_CBC: /* FALLTHROUGH */
+ case CRYPTO_CAMELLIA_CBC:
switch (keylen) {
case 0:
return (128);
diff --git a/sys/geom/eli/g_eli_crypto.c b/sys/geom/eli/g_eli_crypto.c
index b484f9061f24..c26b3673441b 100644
--- a/sys/geom/eli/g_eli_crypto.c
+++ b/sys/geom/eli/g_eli_crypto.c
@@ -158,6 +158,21 @@ g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize,
case CRYPTO_BLF_CBC:
type = EVP_bf_cbc();
break;
+ case CRYPTO_CAMELLIA_CBC:
+ switch (keysize) {
+ case 128:
+ type = EVP_camellia_128_cbc();
+ break;
+ case 192:
+ type = EVP_camellia_192_cbc();
+ break;
+ case 256:
+ type = EVP_camellia_256_cbc();
+ break;
+ default:
+ return (EINVAL);
+ }
+ break;
case CRYPTO_3DES_CBC:
type = EVP_des_ede3_cbc();
break;
diff --git a/tools/regression/geom_eli/init-a.t b/tools/regression/geom_eli/init-a.t
index fb0a1c40def2..e06881efc2e1 100644
--- a/tools/regression/geom_eli/init-a.t
+++ b/tools/regression/geom_eli/init-a.t
@@ -6,14 +6,15 @@ no=45
sectors=100
keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1
-echo "1..540"
+echo "1..660"
i=1
for cipher in aes:0 aes:128 aes:192 aes:256 \
3des:0 3des:192 \
blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \
blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \
- blowfish:416 blowfish:448; do
+ blowfish:416 blowfish:448 \
+ camellia:0 camellia:128 camellia:192 camellia:256; do
ealgo=${cipher%%:*}
keylen=${cipher##*:}
for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do
diff --git a/tools/regression/geom_eli/init.t b/tools/regression/geom_eli/init.t
index 10fd7f741513..13a5e2d7e1c6 100644
--- a/tools/regression/geom_eli/init.t
+++ b/tools/regression/geom_eli/init.t
@@ -6,14 +6,15 @@ no=45
sectors=100
keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1
-echo "1..180"
+echo "1..220"
i=1
for cipher in aes:0 aes:128 aes:192 aes:256 \
3des:0 3des:192 \
blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \
blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \
- blowfish:416 blowfish:448; do
+ blowfish:416 blowfish:448 \
+ camellia:0 camellia:128 camellia:192 camellia:256; do
ealgo=${cipher%%:*}
keylen=${cipher##*:}
for secsize in 512 1024 2048 4096 8192; do
diff --git a/tools/regression/geom_eli/integrity-copy.t b/tools/regression/geom_eli/integrity-copy.t
index eb4ce6c0eefc..97014e05c97b 100644
--- a/tools/regression/geom_eli/integrity-copy.t
+++ b/tools/regression/geom_eli/integrity-copy.t
@@ -7,14 +7,15 @@ sectors=100
keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1
sector=`mktemp /tmp/$base.XXXXXX` || exit 1
-echo "1..2160"
+echo "1..2640"
i=1
for cipher in aes:0 aes:128 aes:192 aes:256 \
3des:0 3des:192 \
blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \
blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \
- blowfish:416 blowfish:448; do
+ blowfish:416 blowfish:448 \
+ camellia:0 camellia:128 camellia:192 camellia:256; do
ealgo=${cipher%%:*}
keylen=${cipher##*:}
for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do
diff --git a/tools/regression/geom_eli/integrity-data.t b/tools/regression/geom_eli/integrity-data.t
index 3b11084ee868..ea86039effe7 100644
--- a/tools/regression/geom_eli/integrity-data.t
+++ b/tools/regression/geom_eli/integrity-data.t
@@ -7,14 +7,15 @@ sectors=100
keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1
sector=`mktemp /tmp/$base.XXXXXX` || exit 1
-echo "1..1080"
+echo "1..1320"
i=1
for cipher in aes:0 aes:128 aes:192 aes:256 \
3des:0 3des:192 \
blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \
blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \
- blowfish:416 blowfish:448; do
+ blowfish:416 blowfish:448 \
+ camellia:0 camellia:128 camellia:192 camellia:256; do
ealgo=${cipher%%:*}
keylen=${cipher##*:}
for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do
diff --git a/tools/regression/geom_eli/integrity-hmac.t b/tools/regression/geom_eli/integrity-hmac.t
index 50dcb8a75ad4..bc8e3c1b40d4 100644
--- a/tools/regression/geom_eli/integrity-hmac.t
+++ b/tools/regression/geom_eli/integrity-hmac.t
@@ -7,14 +7,15 @@ sectors=100
keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1
sector=`mktemp /tmp/$base.XXXXXX` || exit 1
-echo "1..1080"
+echo "1..1320"
i=1
for cipher in aes:0 aes:128 aes:192 aes:256 \
3des:0 3des:192 \
blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \
blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \
- blowfish:416 blowfish:448; do
+ blowfish:416 blowfish:448 \
+ camellia:0 camellia:128 camellia:192 camellia:256; do
ealgo=${cipher%%:*}
keylen=${cipher##*:}
for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do
diff --git a/tools/regression/geom_eli/onetime-a.t b/tools/regression/geom_eli/onetime-a.t
index 13681cf37ffd..bb69f7b31787 100644
--- a/tools/regression/geom_eli/onetime-a.t
+++ b/tools/regression/geom_eli/onetime-a.t
@@ -5,14 +5,15 @@ base=`basename $0`
no=45
sectors=100
-echo "1..540"
+echo "1..660"
i=1
for cipher in aes:0 aes:128 aes:192 aes:256 \
3des:0 3des:192 \
blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \
blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \
- blowfish:416 blowfish:448; do
+ blowfish:416 blowfish:448 \
+ camellia:0 camellia:128 camellia:192 camellia:256; do
ealgo=${cipher%%:*}
keylen=${cipher##*:}
for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do
diff --git a/tools/regression/geom_eli/onetime.t b/tools/regression/geom_eli/onetime.t
index 70b547966912..b0ecbf346556 100644
--- a/tools/regression/geom_eli/onetime.t
+++ b/tools/regression/geom_eli/onetime.t
@@ -5,14 +5,15 @@ base=`basename $0`
no=45
sectors=100
-echo "1..180"
+echo "1..220"
i=1
for cipher in aes:0 aes:128 aes:192 aes:256 \
3des:0 3des:192 \
blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \
blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \
- blowfish:416 blowfish:448; do
+ blowfish:416 blowfish:448 \
+ camellia:0 camellia:128 camellia:192 camellia:256; do
ealgo=${cipher%%:*}
keylen=${cipher##*:}
for secsize in 512 1024 2048 4096 8192; do