diff options
-rw-r--r-- | sbin/geom/class/eli/geli.8 | 14 | ||||
-rw-r--r-- | sys/geom/eli/g_eli.h | 7 | ||||
-rw-r--r-- | sys/geom/eli/g_eli_crypto.c | 15 | ||||
-rw-r--r-- | tools/regression/geom_eli/init-a.t | 5 | ||||
-rw-r--r-- | tools/regression/geom_eli/init.t | 5 | ||||
-rw-r--r-- | tools/regression/geom_eli/integrity-copy.t | 5 | ||||
-rw-r--r-- | tools/regression/geom_eli/integrity-data.t | 5 | ||||
-rw-r--r-- | tools/regression/geom_eli/integrity-hmac.t | 5 | ||||
-rw-r--r-- | tools/regression/geom_eli/onetime-a.t | 5 | ||||
-rw-r--r-- | tools/regression/geom_eli/onetime.t | 5 |
10 files changed, 53 insertions, 18 deletions
diff --git a/sbin/geom/class/eli/geli.8 b/sbin/geom/class/eli/geli.8 index 3f1da7286893..d087e640eaea 100644 --- a/sbin/geom/class/eli/geli.8 +++ b/sbin/geom/class/eli/geli.8 @@ -146,7 +146,8 @@ will make use of it automatically. .It Supports many cryptographic algorithms (currently .Nm AES , -.Nm Blowfish +.Nm Blowfish , +.Nm Camellia and .Nm 3DES ) . .It @@ -227,7 +228,8 @@ If the option is not given, there will be no authentication, only encryption. Encryption algorithm to use. Currently supported algorithms are: .Nm AES , -.Nm Blowfish +.Nm Blowfish , +.Nm Camellia and .Nm 3DES . The default is @@ -260,7 +262,9 @@ If not given, the default key length for the given algorithm is used, which is: 128 for .Nm AES , 128 for -.Nm Blowfish +.Nm Blowfish , +128 for +.Nm Camellia and 192 for .Nm 3DES . .It Fl s Ar sectorsize @@ -652,5 +656,9 @@ The .Nm utility appeared in .Fx 6.0 . +Support for +.Nm Camellia +block cipher is implemented by Yoshisato Yanagisawa in +.Fx 7.0 . .Sh AUTHORS .An Pawel Jakub Dawidek Aq pjd@FreeBSD.org diff --git a/sys/geom/eli/g_eli.h b/sys/geom/eli/g_eli.h index 5460eea0ef80..8079c9dd4a18 100644 --- a/sys/geom/eli/g_eli.h +++ b/sys/geom/eli/g_eli.h @@ -286,6 +286,8 @@ g_eli_str2ealgo(const char *name) return (CRYPTO_AES_CBC); else if (strcasecmp("blowfish", name) == 0) return (CRYPTO_BLF_CBC); + else if (strcasecmp("camellia", name) == 0) + return (CRYPTO_CAMELLIA_CBC); else if (strcasecmp("3des", name) == 0) return (CRYPTO_3DES_CBC); return (CRYPTO_ALGORITHM_MIN - 1); @@ -321,6 +323,8 @@ g_eli_algo2str(u_int algo) return ("AES-CBC"); case CRYPTO_BLF_CBC: return ("Blowfish-CBC"); + case CRYPTO_CAMELLIA_CBC: + return ("CAMELLIA-CBC"); case CRYPTO_3DES_CBC: return ("3DES-CBC"); case CRYPTO_MD5_HMAC: @@ -390,7 +394,8 @@ g_eli_keylen(u_int algo, u_int keylen) keylen = 0; } return (keylen); - case CRYPTO_AES_CBC: + case CRYPTO_AES_CBC: /* FALLTHROUGH */ + case CRYPTO_CAMELLIA_CBC: switch (keylen) { case 0: return (128); diff --git a/sys/geom/eli/g_eli_crypto.c b/sys/geom/eli/g_eli_crypto.c index b484f9061f24..c26b3673441b 100644 --- a/sys/geom/eli/g_eli_crypto.c +++ b/sys/geom/eli/g_eli_crypto.c @@ -158,6 +158,21 @@ g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize, case CRYPTO_BLF_CBC: type = EVP_bf_cbc(); break; + case CRYPTO_CAMELLIA_CBC: + switch (keysize) { + case 128: + type = EVP_camellia_128_cbc(); + break; + case 192: + type = EVP_camellia_192_cbc(); + break; + case 256: + type = EVP_camellia_256_cbc(); + break; + default: + return (EINVAL); + } + break; case CRYPTO_3DES_CBC: type = EVP_des_ede3_cbc(); break; diff --git a/tools/regression/geom_eli/init-a.t b/tools/regression/geom_eli/init-a.t index fb0a1c40def2..e06881efc2e1 100644 --- a/tools/regression/geom_eli/init-a.t +++ b/tools/regression/geom_eli/init-a.t @@ -6,14 +6,15 @@ no=45 sectors=100 keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1 -echo "1..540" +echo "1..660" i=1 for cipher in aes:0 aes:128 aes:192 aes:256 \ 3des:0 3des:192 \ blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ - blowfish:416 blowfish:448; do + blowfish:416 blowfish:448 \ + camellia:0 camellia:128 camellia:192 camellia:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do diff --git a/tools/regression/geom_eli/init.t b/tools/regression/geom_eli/init.t index 10fd7f741513..13a5e2d7e1c6 100644 --- a/tools/regression/geom_eli/init.t +++ b/tools/regression/geom_eli/init.t @@ -6,14 +6,15 @@ no=45 sectors=100 keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1 -echo "1..180" +echo "1..220" i=1 for cipher in aes:0 aes:128 aes:192 aes:256 \ 3des:0 3des:192 \ blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ - blowfish:416 blowfish:448; do + blowfish:416 blowfish:448 \ + camellia:0 camellia:128 camellia:192 camellia:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} for secsize in 512 1024 2048 4096 8192; do diff --git a/tools/regression/geom_eli/integrity-copy.t b/tools/regression/geom_eli/integrity-copy.t index eb4ce6c0eefc..97014e05c97b 100644 --- a/tools/regression/geom_eli/integrity-copy.t +++ b/tools/regression/geom_eli/integrity-copy.t @@ -7,14 +7,15 @@ sectors=100 keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1 sector=`mktemp /tmp/$base.XXXXXX` || exit 1 -echo "1..2160" +echo "1..2640" i=1 for cipher in aes:0 aes:128 aes:192 aes:256 \ 3des:0 3des:192 \ blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ - blowfish:416 blowfish:448; do + blowfish:416 blowfish:448 \ + camellia:0 camellia:128 camellia:192 camellia:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do diff --git a/tools/regression/geom_eli/integrity-data.t b/tools/regression/geom_eli/integrity-data.t index 3b11084ee868..ea86039effe7 100644 --- a/tools/regression/geom_eli/integrity-data.t +++ b/tools/regression/geom_eli/integrity-data.t @@ -7,14 +7,15 @@ sectors=100 keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1 sector=`mktemp /tmp/$base.XXXXXX` || exit 1 -echo "1..1080" +echo "1..1320" i=1 for cipher in aes:0 aes:128 aes:192 aes:256 \ 3des:0 3des:192 \ blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ - blowfish:416 blowfish:448; do + blowfish:416 blowfish:448 \ + camellia:0 camellia:128 camellia:192 camellia:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do diff --git a/tools/regression/geom_eli/integrity-hmac.t b/tools/regression/geom_eli/integrity-hmac.t index 50dcb8a75ad4..bc8e3c1b40d4 100644 --- a/tools/regression/geom_eli/integrity-hmac.t +++ b/tools/regression/geom_eli/integrity-hmac.t @@ -7,14 +7,15 @@ sectors=100 keyfile=`mktemp /tmp/$base.XXXXXX` || exit 1 sector=`mktemp /tmp/$base.XXXXXX` || exit 1 -echo "1..1080" +echo "1..1320" i=1 for cipher in aes:0 aes:128 aes:192 aes:256 \ 3des:0 3des:192 \ blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ - blowfish:416 blowfish:448; do + blowfish:416 blowfish:448 \ + camellia:0 camellia:128 camellia:192 camellia:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do diff --git a/tools/regression/geom_eli/onetime-a.t b/tools/regression/geom_eli/onetime-a.t index 13681cf37ffd..bb69f7b31787 100644 --- a/tools/regression/geom_eli/onetime-a.t +++ b/tools/regression/geom_eli/onetime-a.t @@ -5,14 +5,15 @@ base=`basename $0` no=45 sectors=100 -echo "1..540" +echo "1..660" i=1 for cipher in aes:0 aes:128 aes:192 aes:256 \ 3des:0 3des:192 \ blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ - blowfish:416 blowfish:448; do + blowfish:416 blowfish:448 \ + camellia:0 camellia:128 camellia:192 camellia:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 hmac/sha384 hmac/sha512; do diff --git a/tools/regression/geom_eli/onetime.t b/tools/regression/geom_eli/onetime.t index 70b547966912..b0ecbf346556 100644 --- a/tools/regression/geom_eli/onetime.t +++ b/tools/regression/geom_eli/onetime.t @@ -5,14 +5,15 @@ base=`basename $0` no=45 sectors=100 -echo "1..180" +echo "1..220" i=1 for cipher in aes:0 aes:128 aes:192 aes:256 \ 3des:0 3des:192 \ blowfish:0 blowfish:128 blowfish:160 blowfish:192 blowfish:224 \ blowfish:256 blowfish:288 blowfish:320 blowfish:352 blowfish:384 \ - blowfish:416 blowfish:448; do + blowfish:416 blowfish:448 \ + camellia:0 camellia:128 camellia:192 camellia:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} for secsize in 512 1024 2048 4096 8192; do |