Commit fb4f10ed50f01b0f953068456bfb6e2885921b01
Committed by
David S. Miller
1 parent
75c80c382f
Exists in
master
and in
4 other branches
[CRYPTO]: Fix XTEA implementation
The XTEA implementation was incorrect due to a misinterpretation of operator precedence. Because of the wide-spread nature of this error, the erroneous implementation will be kept, albeit under the new name of XETA. Signed-off-by: Aaron Grothe <ajgrothe@yahoo.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Showing 5 changed files with 207 additions and 29 deletions Side-by-side Diff
Documentation/crypto/api-intro.txt
crypto/Kconfig
... | ... | @@ -219,7 +219,7 @@ |
219 | 219 | described in RFC2612. |
220 | 220 | |
221 | 221 | config CRYPTO_TEA |
222 | - tristate "TEA and XTEA cipher algorithms" | |
222 | + tristate "TEA, XTEA and XETA cipher algorithms" | |
223 | 223 | depends on CRYPTO |
224 | 224 | help |
225 | 225 | TEA cipher algorithm. |
... | ... | @@ -231,6 +231,9 @@ |
231 | 231 | Xtendend Tiny Encryption Algorithm is a modification to |
232 | 232 | the TEA algorithm to address a potential key weakness |
233 | 233 | in the TEA algorithm. |
234 | + | |
235 | + Xtendend Encryption Tiny Algorithm is a mis-implementation | |
236 | + of the XTEA algorithm for compatibility purposes. | |
234 | 237 | |
235 | 238 | config CRYPTO_ARC4 |
236 | 239 | tristate "ARC4 cipher algorithm" |
crypto/tcrypt.c
... | ... | @@ -72,7 +72,7 @@ |
72 | 72 | "des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish", |
73 | 73 | "twofish", "serpent", "sha384", "sha512", "md4", "aes", "cast6", |
74 | 74 | "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", |
75 | - "khazad", "wp512", "wp384", "wp256", "tnepres", NULL | |
75 | + "khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", NULL | |
76 | 76 | }; |
77 | 77 | |
78 | 78 | static void hexdump(unsigned char *buf, unsigned int len) |
... | ... | @@ -859,6 +859,10 @@ |
859 | 859 | test_cipher ("anubis", MODE_CBC, ENCRYPT, anubis_cbc_enc_tv_template, ANUBIS_CBC_ENC_TEST_VECTORS); |
860 | 860 | test_cipher ("anubis", MODE_CBC, DECRYPT, anubis_cbc_dec_tv_template, ANUBIS_CBC_ENC_TEST_VECTORS); |
861 | 861 | |
862 | + //XETA | |
863 | + test_cipher ("xeta", MODE_ECB, ENCRYPT, xeta_enc_tv_template, XETA_ENC_TEST_VECTORS); | |
864 | + test_cipher ("xeta", MODE_ECB, DECRYPT, xeta_dec_tv_template, XETA_DEC_TEST_VECTORS); | |
865 | + | |
862 | 866 | test_hash("sha384", sha384_tv_template, SHA384_TEST_VECTORS); |
863 | 867 | test_hash("sha512", sha512_tv_template, SHA512_TEST_VECTORS); |
864 | 868 | test_hash("wp512", wp512_tv_template, WP512_TEST_VECTORS); |
... | ... | @@ -1015,6 +1019,11 @@ |
1015 | 1019 | |
1016 | 1020 | case 29: |
1017 | 1021 | test_hash("tgr128", tgr128_tv_template, TGR128_TEST_VECTORS); |
1022 | + break; | |
1023 | + | |
1024 | + case 30: | |
1025 | + test_cipher ("xeta", MODE_ECB, ENCRYPT, xeta_enc_tv_template, XETA_ENC_TEST_VECTORS); | |
1026 | + test_cipher ("xeta", MODE_ECB, DECRYPT, xeta_dec_tv_template, XETA_DEC_TEST_VECTORS); | |
1018 | 1027 | break; |
1019 | 1028 | |
1020 | 1029 | #ifdef CONFIG_CRYPTO_HMAC |
crypto/tcrypt.h
... | ... | @@ -2211,7 +2211,7 @@ |
2211 | 2211 | .klen = 16, |
2212 | 2212 | .input = { [0 ... 8] = 0x00 }, |
2213 | 2213 | .ilen = 8, |
2214 | - .result = { 0xaa, 0x22, 0x96, 0xe5, 0x6c, 0x61, 0xf3, 0x45 }, | |
2214 | + .result = { 0xd8, 0xd4, 0xe9, 0xde, 0xd9, 0x1e, 0x13, 0xf7 }, | |
2215 | 2215 | .rlen = 8, |
2216 | 2216 | }, { |
2217 | 2217 | .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, |
2218 | 2218 | |
2219 | 2219 | |
2220 | 2220 | |
2221 | 2221 | |
... | ... | @@ -2219,31 +2219,31 @@ |
2219 | 2219 | .klen = 16, |
2220 | 2220 | .input = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, |
2221 | 2221 | .ilen = 8, |
2222 | - .result = { 0x82, 0x3e, 0xeb, 0x35, 0xdc, 0xdd, 0xd9, 0xc3 }, | |
2222 | + .result = { 0x94, 0xeb, 0xc8, 0x96, 0x84, 0x6a, 0x49, 0xa8 }, | |
2223 | 2223 | .rlen = 8, |
2224 | 2224 | }, { |
2225 | 2225 | .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, |
2226 | 2226 | 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, |
2227 | 2227 | .klen = 16, |
2228 | - .input = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | |
2228 | + .input = { 0x3e, 0xce, 0xae, 0x22, 0x60, 0x56, 0xa8, 0x9d, | |
2229 | 2229 | 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, |
2230 | 2230 | .ilen = 16, |
2231 | - .result = { 0xe2, 0x04, 0xdb, 0xf2, 0x89, 0x85, 0x9e, 0xea, | |
2231 | + .result = { 0xe2, 0x04, 0xdb, 0xf2, 0x89, 0x85, 0x9e, 0xea, | |
2232 | 2232 | 0x61, 0x35, 0xaa, 0xed, 0xb5, 0xcb, 0x71, 0x2c }, |
2233 | 2233 | .rlen = 16, |
2234 | 2234 | }, { |
2235 | 2235 | .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, |
2236 | 2236 | 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, |
2237 | 2237 | .klen = 16, |
2238 | - .input = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | |
2239 | - 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | |
2240 | - 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | |
2238 | + .input = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | |
2239 | + 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | |
2240 | + 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | |
2241 | 2241 | 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, |
2242 | 2242 | .ilen = 32, |
2243 | - .result = { 0x0b, 0x03, 0xcd, 0x8a, 0xbe, 0x95, 0xfd, 0xb1, | |
2244 | - 0xc1, 0x44, 0x91, 0x0b, 0xa5, 0xc9, 0x1b, 0xb4, | |
2245 | - 0xa9, 0xda, 0x1e, 0x9e, 0xb1, 0x3e, 0x2a, 0x8f, | |
2246 | - 0xea, 0xa5, 0x6a, 0x85, 0xd1, 0xf4, 0xa8, 0xa5 }, | |
2243 | + .result = { 0x99, 0x81, 0x9f, 0x5d, 0x6f, 0x4b, 0x31, 0x3a, | |
2244 | + 0x86, 0xff, 0x6f, 0xd0, 0xe3, 0x87, 0x70, 0x07, | |
2245 | + 0x4d, 0xb8, 0xcf, 0xf3, 0x99, 0x50, 0xb3, 0xd4, | |
2246 | + 0x73, 0xa2, 0xfa, 0xc9, 0x16, 0x59, 0x5d, 0x81 }, | |
2247 | 2247 | .rlen = 32, |
2248 | 2248 | } |
2249 | 2249 | }; |
... | ... | @@ -2252,7 +2252,7 @@ |
2252 | 2252 | { |
2253 | 2253 | .key = { [0 ... 15] = 0x00 }, |
2254 | 2254 | .klen = 16, |
2255 | - .input = { 0xaa, 0x22, 0x96, 0xe5, 0x6c, 0x61, 0xf3, 0x45 }, | |
2255 | + .input = { 0xd8, 0xd4, 0xe9, 0xde, 0xd9, 0x1e, 0x13, 0xf7 }, | |
2256 | 2256 | .ilen = 8, |
2257 | 2257 | .result = { [0 ... 8] = 0x00 }, |
2258 | 2258 | .rlen = 8, |
... | ... | @@ -2260,7 +2260,7 @@ |
2260 | 2260 | .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, |
2261 | 2261 | 0x77, 0x5d, 0x0e, 0x26, 0x6c, 0x28, 0x78, 0x43 }, |
2262 | 2262 | .klen = 16, |
2263 | - .input = { 0x82, 0x3e, 0xeb, 0x35, 0xdc, 0xdd, 0xd9, 0xc3 }, | |
2263 | + .input = { 0x94, 0xeb, 0xc8, 0x96, 0x84, 0x6a, 0x49, 0xa8 }, | |
2264 | 2264 | .ilen = 8, |
2265 | 2265 | .result = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, |
2266 | 2266 | .rlen = 8, |
2267 | 2267 | |
2268 | 2268 | |
2269 | 2269 | |
... | ... | @@ -2268,24 +2268,24 @@ |
2268 | 2268 | .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, |
2269 | 2269 | 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, |
2270 | 2270 | .klen = 16, |
2271 | - .input = { 0xe2, 0x04, 0xdb, 0xf2, 0x89, 0x85, 0x9e, 0xea, | |
2272 | - 0x61, 0x35, 0xaa, 0xed, 0xb5, 0xcb, 0x71, 0x2c }, | |
2271 | + .input = { 0x3e, 0xce, 0xae, 0x22, 0x60, 0x56, 0xa8, 0x9d, | |
2272 | + 0x77, 0x4d, 0xd4, 0xb4, 0x87, 0x24, 0xe3, 0x9a }, | |
2273 | 2273 | .ilen = 16, |
2274 | - .result = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | |
2274 | + .result = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | |
2275 | 2275 | 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, |
2276 | 2276 | .rlen = 16, |
2277 | 2277 | }, { |
2278 | 2278 | .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, |
2279 | 2279 | 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, |
2280 | 2280 | .klen = 16, |
2281 | - .input = { 0x0b, 0x03, 0xcd, 0x8a, 0xbe, 0x95, 0xfd, 0xb1, | |
2282 | - 0xc1, 0x44, 0x91, 0x0b, 0xa5, 0xc9, 0x1b, 0xb4, | |
2283 | - 0xa9, 0xda, 0x1e, 0x9e, 0xb1, 0x3e, 0x2a, 0x8f, | |
2284 | - 0xea, 0xa5, 0x6a, 0x85, 0xd1, 0xf4, 0xa8, 0xa5 }, | |
2281 | + .input = { 0x99, 0x81, 0x9f, 0x5d, 0x6f, 0x4b, 0x31, 0x3a, | |
2282 | + 0x86, 0xff, 0x6f, 0xd0, 0xe3, 0x87, 0x70, 0x07, | |
2283 | + 0x4d, 0xb8, 0xcf, 0xf3, 0x99, 0x50, 0xb3, 0xd4, | |
2284 | + 0x73, 0xa2, 0xfa, 0xc9, 0x16, 0x59, 0x5d, 0x81 }, | |
2285 | 2285 | .ilen = 32, |
2286 | - .result = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | |
2287 | - 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | |
2288 | - 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | |
2286 | + .result = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | |
2287 | + 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | |
2288 | + 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | |
2289 | 2289 | 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, |
2290 | 2290 | .rlen = 32, |
2291 | 2291 | } |
... | ... | @@ -2592,6 +2592,98 @@ |
2592 | 2592 | 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35 }, |
2593 | 2593 | .rlen = 32, |
2594 | 2594 | }, |
2595 | +}; | |
2596 | + | |
2597 | +/* | |
2598 | + * XETA test vectors | |
2599 | + */ | |
2600 | +#define XETA_ENC_TEST_VECTORS 4 | |
2601 | +#define XETA_DEC_TEST_VECTORS 4 | |
2602 | + | |
2603 | +static struct cipher_testvec xeta_enc_tv_template[] = { | |
2604 | + { | |
2605 | + .key = { [0 ... 15] = 0x00 }, | |
2606 | + .klen = 16, | |
2607 | + .input = { [0 ... 8] = 0x00 }, | |
2608 | + .ilen = 8, | |
2609 | + .result = { 0xaa, 0x22, 0x96, 0xe5, 0x6c, 0x61, 0xf3, 0x45 }, | |
2610 | + .rlen = 8, | |
2611 | + }, { | |
2612 | + .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, | |
2613 | + 0x77, 0x5d, 0x0e, 0x26, 0x6c, 0x28, 0x78, 0x43 }, | |
2614 | + .klen = 16, | |
2615 | + .input = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, | |
2616 | + .ilen = 8, | |
2617 | + .result = { 0x82, 0x3e, 0xeb, 0x35, 0xdc, 0xdd, 0xd9, 0xc3 }, | |
2618 | + .rlen = 8, | |
2619 | + }, { | |
2620 | + .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, | |
2621 | + 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, | |
2622 | + .klen = 16, | |
2623 | + .input = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | |
2624 | + 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, | |
2625 | + .ilen = 16, | |
2626 | + .result = { 0xe2, 0x04, 0xdb, 0xf2, 0x89, 0x85, 0x9e, 0xea, | |
2627 | + 0x61, 0x35, 0xaa, 0xed, 0xb5, 0xcb, 0x71, 0x2c }, | |
2628 | + .rlen = 16, | |
2629 | + }, { | |
2630 | + .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, | |
2631 | + 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, | |
2632 | + .klen = 16, | |
2633 | + .input = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | |
2634 | + 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | |
2635 | + 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | |
2636 | + 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, | |
2637 | + .ilen = 32, | |
2638 | + .result = { 0x0b, 0x03, 0xcd, 0x8a, 0xbe, 0x95, 0xfd, 0xb1, | |
2639 | + 0xc1, 0x44, 0x91, 0x0b, 0xa5, 0xc9, 0x1b, 0xb4, | |
2640 | + 0xa9, 0xda, 0x1e, 0x9e, 0xb1, 0x3e, 0x2a, 0x8f, | |
2641 | + 0xea, 0xa5, 0x6a, 0x85, 0xd1, 0xf4, 0xa8, 0xa5 }, | |
2642 | + .rlen = 32, | |
2643 | + } | |
2644 | +}; | |
2645 | + | |
2646 | +static struct cipher_testvec xeta_dec_tv_template[] = { | |
2647 | + { | |
2648 | + .key = { [0 ... 15] = 0x00 }, | |
2649 | + .klen = 16, | |
2650 | + .input = { 0xaa, 0x22, 0x96, 0xe5, 0x6c, 0x61, 0xf3, 0x45 }, | |
2651 | + .ilen = 8, | |
2652 | + .result = { [0 ... 8] = 0x00 }, | |
2653 | + .rlen = 8, | |
2654 | + }, { | |
2655 | + .key = { 0x2b, 0x02, 0x05, 0x68, 0x06, 0x14, 0x49, 0x76, | |
2656 | + 0x77, 0x5d, 0x0e, 0x26, 0x6c, 0x28, 0x78, 0x43 }, | |
2657 | + .klen = 16, | |
2658 | + .input = { 0x82, 0x3e, 0xeb, 0x35, 0xdc, 0xdd, 0xd9, 0xc3 }, | |
2659 | + .ilen = 8, | |
2660 | + .result = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x2e }, | |
2661 | + .rlen = 8, | |
2662 | + }, { | |
2663 | + .key = { 0x09, 0x65, 0x43, 0x11, 0x66, 0x44, 0x39, 0x25, | |
2664 | + 0x51, 0x3a, 0x16, 0x10, 0x0a, 0x08, 0x12, 0x6e }, | |
2665 | + .klen = 16, | |
2666 | + .input = { 0xe2, 0x04, 0xdb, 0xf2, 0x89, 0x85, 0x9e, 0xea, | |
2667 | + 0x61, 0x35, 0xaa, 0xed, 0xb5, 0xcb, 0x71, 0x2c }, | |
2668 | + .ilen = 16, | |
2669 | + .result = { 0x6c, 0x6f, 0x6e, 0x67, 0x65, 0x72, 0x5f, 0x74, | |
2670 | + 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x63, 0x74 }, | |
2671 | + .rlen = 16, | |
2672 | + }, { | |
2673 | + .key = { 0x4d, 0x76, 0x32, 0x17, 0x05, 0x3f, 0x75, 0x2c, | |
2674 | + 0x5d, 0x04, 0x16, 0x36, 0x15, 0x72, 0x63, 0x2f }, | |
2675 | + .klen = 16, | |
2676 | + .input = { 0x0b, 0x03, 0xcd, 0x8a, 0xbe, 0x95, 0xfd, 0xb1, | |
2677 | + 0xc1, 0x44, 0x91, 0x0b, 0xa5, 0xc9, 0x1b, 0xb4, | |
2678 | + 0xa9, 0xda, 0x1e, 0x9e, 0xb1, 0x3e, 0x2a, 0x8f, | |
2679 | + 0xea, 0xa5, 0x6a, 0x85, 0xd1, 0xf4, 0xa8, 0xa5 }, | |
2680 | + .ilen = 32, | |
2681 | + .result = { 0x54, 0x65, 0x61, 0x20, 0x69, 0x73, 0x20, 0x67, | |
2682 | + 0x6f, 0x6f, 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, | |
2683 | + 0x79, 0x6f, 0x75, 0x21, 0x21, 0x21, 0x20, 0x72, | |
2684 | + 0x65, 0x61, 0x6c, 0x6c, 0x79, 0x21, 0x21, 0x21 }, | |
2685 | + .rlen = 32, | |
2686 | + } | |
2595 | 2687 | }; |
2596 | 2688 | |
2597 | 2689 | /* |
crypto/tea.c
1 | 1 | /* |
2 | 2 | * Cryptographic API. |
3 | 3 | * |
4 | - * TEA and Xtended TEA Algorithms | |
4 | + * TEA, XTEA, and XETA crypto alogrithms | |
5 | 5 | * |
6 | 6 | * The TEA and Xtended TEA algorithms were developed by David Wheeler |
7 | 7 | * and Roger Needham at the Computer Laboratory of Cambridge University. |
8 | 8 | * |
9 | + * Due to the order of evaluation in XTEA many people have incorrectly | |
10 | + * implemented it. XETA (XTEA in the wrong order), exists for | |
11 | + * compatibility with these implementations. | |
12 | + * | |
9 | 13 | * Copyright (c) 2004 Aaron Grothe ajgrothe@yahoo.com |
10 | 14 | * |
11 | 15 | * This program is free software; you can redistribute it and/or modify |
12 | 16 | |
... | ... | @@ -153,9 +157,9 @@ |
153 | 157 | z = u32_in (src + 4); |
154 | 158 | |
155 | 159 | while (sum != limit) { |
156 | - y += (z << 4 ^ z >> 5) + (z ^ sum) + ctx->KEY[sum&3]; | |
160 | + y += ((z << 4 ^ z >> 5) + z) ^ (sum + ctx->KEY[sum&3]); | |
157 | 161 | sum += XTEA_DELTA; |
158 | - z += (y << 4 ^ y >> 5) + (y ^ sum) + ctx->KEY[sum>>11 &3]; | |
162 | + z += ((y << 4 ^ y >> 5) + y) ^ (sum + ctx->KEY[sum>>11 &3]); | |
159 | 163 | } |
160 | 164 | |
161 | 165 | u32_out (dst, y); |
... | ... | @@ -175,6 +179,51 @@ |
175 | 179 | sum = XTEA_DELTA * XTEA_ROUNDS; |
176 | 180 | |
177 | 181 | while (sum) { |
182 | + z -= ((y << 4 ^ y >> 5) + y) ^ (sum + ctx->KEY[sum>>11 & 3]); | |
183 | + sum -= XTEA_DELTA; | |
184 | + y -= ((z << 4 ^ z >> 5) + z) ^ (sum + ctx->KEY[sum & 3]); | |
185 | + } | |
186 | + | |
187 | + u32_out (dst, y); | |
188 | + u32_out (dst + 4, z); | |
189 | + | |
190 | +} | |
191 | + | |
192 | + | |
193 | +static void xeta_encrypt(void *ctx_arg, u8 *dst, const u8 *src) | |
194 | +{ | |
195 | + | |
196 | + u32 y, z, sum = 0; | |
197 | + u32 limit = XTEA_DELTA * XTEA_ROUNDS; | |
198 | + | |
199 | + struct xtea_ctx *ctx = ctx_arg; | |
200 | + | |
201 | + y = u32_in (src); | |
202 | + z = u32_in (src + 4); | |
203 | + | |
204 | + while (sum != limit) { | |
205 | + y += (z << 4 ^ z >> 5) + (z ^ sum) + ctx->KEY[sum&3]; | |
206 | + sum += XTEA_DELTA; | |
207 | + z += (y << 4 ^ y >> 5) + (y ^ sum) + ctx->KEY[sum>>11 &3]; | |
208 | + } | |
209 | + | |
210 | + u32_out (dst, y); | |
211 | + u32_out (dst + 4, z); | |
212 | + | |
213 | +} | |
214 | + | |
215 | +static void xeta_decrypt(void *ctx_arg, u8 *dst, const u8 *src) | |
216 | +{ | |
217 | + | |
218 | + u32 y, z, sum; | |
219 | + struct tea_ctx *ctx = ctx_arg; | |
220 | + | |
221 | + y = u32_in (src); | |
222 | + z = u32_in (src + 4); | |
223 | + | |
224 | + sum = XTEA_DELTA * XTEA_ROUNDS; | |
225 | + | |
226 | + while (sum) { | |
178 | 227 | z -= (y << 4 ^ y >> 5) + (y ^ sum) + ctx->KEY[sum>>11 & 3]; |
179 | 228 | sum -= XTEA_DELTA; |
180 | 229 | y -= (z << 4 ^ z >> 5) + (z ^ sum) + ctx->KEY[sum & 3]; |
... | ... | @@ -215,6 +264,21 @@ |
215 | 264 | .cia_decrypt = xtea_decrypt } } |
216 | 265 | }; |
217 | 266 | |
267 | +static struct crypto_alg xeta_alg = { | |
268 | + .cra_name = "xeta", | |
269 | + .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | |
270 | + .cra_blocksize = XTEA_BLOCK_SIZE, | |
271 | + .cra_ctxsize = sizeof (struct xtea_ctx), | |
272 | + .cra_module = THIS_MODULE, | |
273 | + .cra_list = LIST_HEAD_INIT(xtea_alg.cra_list), | |
274 | + .cra_u = { .cipher = { | |
275 | + .cia_min_keysize = XTEA_KEY_SIZE, | |
276 | + .cia_max_keysize = XTEA_KEY_SIZE, | |
277 | + .cia_setkey = xtea_setkey, | |
278 | + .cia_encrypt = xeta_encrypt, | |
279 | + .cia_decrypt = xeta_decrypt } } | |
280 | +}; | |
281 | + | |
218 | 282 | static int __init init(void) |
219 | 283 | { |
220 | 284 | int ret = 0; |
... | ... | @@ -229,6 +293,13 @@ |
229 | 293 | goto out; |
230 | 294 | } |
231 | 295 | |
296 | + ret = crypto_register_alg(&xeta_alg); | |
297 | + if (ret < 0) { | |
298 | + crypto_unregister_alg(&tea_alg); | |
299 | + crypto_unregister_alg(&xtea_alg); | |
300 | + goto out; | |
301 | + } | |
302 | + | |
232 | 303 | out: |
233 | 304 | return ret; |
234 | 305 | } |
235 | 306 | |
236 | 307 | |
... | ... | @@ -237,13 +308,15 @@ |
237 | 308 | { |
238 | 309 | crypto_unregister_alg(&tea_alg); |
239 | 310 | crypto_unregister_alg(&xtea_alg); |
311 | + crypto_unregister_alg(&xeta_alg); | |
240 | 312 | } |
241 | 313 | |
242 | 314 | MODULE_ALIAS("xtea"); |
315 | +MODULE_ALIAS("xeta"); | |
243 | 316 | |
244 | 317 | module_init(init); |
245 | 318 | module_exit(fini); |
246 | 319 | |
247 | 320 | MODULE_LICENSE("GPL"); |
248 | -MODULE_DESCRIPTION("TEA & XTEA Cryptographic Algorithms"); | |
321 | +MODULE_DESCRIPTION("TEA, XTEA & XETA Cryptographic Algorithms"); |