[CRYPTO]: Add CAST6 (CAST-256) algorithm.

Documentation/crypto/api-intro.txt

@@ -213,7 +213,7 @@ AES algorithm contributors:
   Kyle McMartin
   Adam J. Richter
 
-CAST5 algorithm contributors:
+CAST5/CAST6 algorithm contributors:
   Kartikey Mahendra Bhatt (original developers unknown, FSF copyright).
 
 Generic scatterwalk code by Adam J. Richter <adam@yggdrasil.com>

crypto/Kconfig

@@ -133,6 +133,13 @@ config CRYPTO_CAST5
 	  The CAST5 encryption algorithm (synonymous with CAST-128) is
 	  described in RFC2144.
 
+config CRYPTO_CAST6
+	tristate "CAST6 (CAST-256) cipher algorithm"
+	depends on CRYPTO
+	help
+	  The CAST6 encryption algorithm (synonymous with CAST-256) is
+	  described in RFC2612.
+
 config CRYPTO_DEFLATE
 	tristate "Deflate compression algorithm"
 	depends on CRYPTO

crypto/Makefile

@@ -21,6 +21,7 @@ obj-$(CONFIG_CRYPTO_TWOFISH) += twofish.o
 obj-$(CONFIG_CRYPTO_SERPENT) += serpent.o
 obj-$(CONFIG_CRYPTO_AES) += aes.o
 obj-$(CONFIG_CRYPTO_CAST5) += cast5.o
+obj-$(CONFIG_CRYPTO_CAST6) += cast6.o
 obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o
 
 obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o

crypto/tcrypt.c

@@ -48,8 +48,8 @@ static char *tvmem;
 
 static char *check[] = {
 	"des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish",
-	"twofish", "serpent", "sha384", "sha512", "md4", "aes", "deflate",
-	 NULL
+	"twofish", "serpent", "sha384", "sha512", "md4", "aes", "cast6", 
+	"deflate", NULL
 };
 
 static void
@@ -2087,6 +2087,105 @@ test_serpent(void)
 	crypto_free_tfm(tfm);
 }
 
+static void
+test_cast6(void)
+{
+	unsigned int ret, i, tsize;
+	u8 *p, *q, *key;
+	struct crypto_tfm *tfm;
+	struct cast6_tv *cast_tv;
+	struct scatterlist sg[1];
+
+	printk("\ntesting cast6 encryption\n");
+
+	tfm = crypto_alloc_tfm("cast6", 0);
+	if (tfm == NULL) {
+		printk("failed to load transform for cast6 (default ecb)\n");
+		return;
+	}
+
+	tsize = sizeof (cast6_enc_tv_template);
+	if (tsize > TVMEMSIZE) {
+		printk("template (%u) too big for tvmem (%u)\n", tsize,
+		       TVMEMSIZE);
+		return;
+	}
+
+	memcpy(tvmem, cast6_enc_tv_template, tsize);
+	cast_tv = (void *) tvmem;
+	for (i = 0; i < CAST6_ENC_TEST_VECTORS; i++) {
+		printk("test %u (%d bit key):\n", i + 1, cast_tv[i].keylen * 8);
+		key = cast_tv[i].key;
+
+		ret = crypto_cipher_setkey(tfm, key, cast_tv[i].keylen);
+		if (ret) {
+			printk("setkey() failed flags=%x\n", tfm->crt_flags);
+
+			if (!cast_tv[i].fail)
+				goto out;
+		}
+
+		p = cast_tv[i].plaintext;
+		sg[0].page = virt_to_page(p);
+		sg[0].offset = ((long) p & ~PAGE_MASK);
+		sg[0].length = sizeof(cast_tv[i].plaintext);
+		ret = crypto_cipher_encrypt(tfm, sg, sg, sg[0].length);
+		if (ret) {
+			printk("encrypt() failed flags=%x\n", tfm->crt_flags);
+			goto out;
+		}
+
+		q = kmap(sg[0].page) + sg[0].offset;
+		hexdump(q, sizeof(cast_tv[i].result));
+
+		printk("%s\n", memcmp(q, cast_tv[i].result,
+			sizeof(cast_tv[i].result)) ? "fail" : "pass");
+	}
+
+	printk("\ntesting cast6 decryption\n");
+
+	tsize = sizeof (cast6_dec_tv_template);
+	if (tsize > TVMEMSIZE) {
+		printk("template (%u) too big for tvmem (%u)\n", tsize,
+		       TVMEMSIZE);
+		return;
+	}
+
+	memcpy(tvmem, cast6_dec_tv_template, tsize);
+	cast_tv = (void *) tvmem;
+	for (i = 0; i < CAST6_DEC_TEST_VECTORS; i++) {
+		printk("test %u (%d bit key):\n", i + 1, cast_tv[i].keylen * 8);
+		key = cast_tv[i].key;
+
+		ret = crypto_cipher_setkey(tfm, key, cast_tv[i].keylen);
+		if (ret) {
+			printk("setkey() failed flags=%x\n", tfm->crt_flags);
+
+			if (!cast_tv[i].fail)
+				goto out;
+		}
+
+		p = cast_tv[i].plaintext;
+		sg[0].page = virt_to_page(p);
+		sg[0].offset = ((long) p & ~PAGE_MASK);
+		sg[0].length = sizeof(cast_tv[i].plaintext);
+		ret = crypto_cipher_decrypt(tfm, sg, sg, sg[0].length);
+		if (ret) {
+			printk("decrypt() failed flags=%x\n", tfm->crt_flags);
+			goto out;
+		}
+
+		q = kmap(sg[0].page) + sg[0].offset;
+		hexdump(q, sizeof(cast_tv[i].result));
+
+		printk("%s\n", memcmp(q, cast_tv[i].result,
+			sizeof(cast_tv[i].result)) ? "fail" : "pass");
+	}
+
+out:
+	crypto_free_tfm(tfm);
+}
+
 void
 test_aes(void)
 {
@@ -2396,11 +2495,13 @@ do_test(void)
 		test_blowfish();
 		test_twofish();
 		test_serpent();
+		test_cast6();
 		test_aes();
 		test_sha384();
 		test_sha512();
 		test_deflate();
 		test_cast5();
+		test_cast6();
 #ifdef CONFIG_CRYPTO_HMAC
 		test_hmac_md5();
 		test_hmac_sha1();
@@ -2464,6 +2565,10 @@ do_test(void)
 		test_cast5();
 		break;
 
+	case 15:
+		test_cast6();
+		break;
+
 #ifdef CONFIG_CRYPTO_HMAC
 	case 100:
 		test_hmac_md5();

crypto/tcrypt.h

@@ -1589,6 +1589,93 @@ struct serpent_tv serpent_dec_tv_template[] =
 	}
 };
 
+/* Cast6 test vectors from RFC 2612 */
+#define CAST6_ENC_TEST_VECTORS	3
+#define CAST6_DEC_TEST_VECTORS  3
+
+struct cast6_tv {
+	unsigned keylen;
+	unsigned fail;
+	u8 key[32];
+	u8 plaintext[16];
+	u8 result[16];
+};
+
+struct cast6_tv cast6_enc_tv_template[] = 
+{
+	{
+		16, 
+		0,
+		{ 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, 
+		  0x0a, 0xf7, 0x56, 0x47, 0xf2, 0x9f, 0x61, 0x5d },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0xc8, 0x42, 0xa0, 0x89, 0x72, 0xb4, 0x3d, 0x20, 
+		  0x83, 0x6c, 0x91, 0xd1, 0xb7, 0x53, 0x0f, 0x6b },
+	},
+	{
+		24, 
+		0,
+		{ 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, 
+		  0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98, 
+		  0xba, 0xc7, 0x7a, 0x77, 0x17, 0x94, 0x28, 0x63 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x1b, 0x38, 0x6c, 0x02, 0x10, 0xdc, 0xad, 0xcb, 
+		  0xdd, 0x0e, 0x41, 0xaa, 0x08, 0xa7, 0xa7, 0xe8 },
+	},
+	{
+		32, 
+		0,
+		{ 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c,
+                  0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98,
+		  0x8d, 0x7c, 0x47, 0xce, 0x26, 0x49, 0x08, 0x46,
+		  0x1c, 0xc1, 0xb5, 0x13, 0x7a, 0xe6, 0xb6, 0x04 },				  
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x4f, 0x6a, 0x20, 0x38, 0x28, 0x68, 0x97, 0xb9, 
+		  0xc9, 0x87, 0x01, 0x36, 0x55, 0x33, 0x17, 0xfa },
+	}
+};
+
+struct cast6_tv cast6_dec_tv_template[] = 
+{
+	{
+		16, 
+		0,
+		{ 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, 
+		  0x0a, 0xf7, 0x56, 0x47, 0xf2, 0x9f, 0x61, 0x5d },
+		{ 0xc8, 0x42, 0xa0, 0x89, 0x72, 0xb4, 0x3d, 0x20, 
+		  0x83, 0x6c, 0x91, 0xd1, 0xb7, 0x53, 0x0f, 0x6b },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+	},
+	{
+		24, 
+		0,
+		{ 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c, 
+		  0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98, 
+		  0xba, 0xc7, 0x7a, 0x77, 0x17, 0x94, 0x28, 0x63 },
+		{ 0x1b, 0x38, 0x6c, 0x02, 0x10, 0xdc, 0xad, 0xcb, 
+		  0xdd, 0x0e, 0x41, 0xaa, 0x08, 0xa7, 0xa7, 0xe8 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+	},
+	{
+		32, 
+		0,
+		{ 0x23, 0x42, 0xbb, 0x9e, 0xfa, 0x38, 0x54, 0x2c,
+                  0xbe, 0xd0, 0xac, 0x83, 0x94, 0x0a, 0xc2, 0x98,
+		  0x8d, 0x7c, 0x47, 0xce, 0x26, 0x49, 0x08, 0x46,
+		  0x1c, 0xc1, 0xb5, 0x13, 0x7a, 0xe6, 0xb6, 0x04 },				  
+		{ 0x4f, 0x6a, 0x20, 0x38, 0x28, 0x68, 0x97, 0xb9, 
+		  0xc9, 0x87, 0x01, 0x36, 0x55, 0x33, 0x17, 0xfa },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+	}
+};
+
+
 /*
  * AES test vectors.
  */