projects / people / ms / strongswan.git / blame
| Commit | Line | Data |
|---|---|---|
| 997358a6 MW |
1 | /* |
| 2 | * ipsec_alg SERPENT cipher stubs | |
| 3 | * | |
| 4 | * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> | |
| 5 | * | |
| 6 | * $Id: ipsec_alg_serpent.c,v 1.2 2004/03/22 21:53:19 as Exp $ | |
| 7 | * | |
| 8 | * This program is free software; you can redistribute it and/or modify it | |
| 9 | * under the terms of the GNU General Public License as published by the | |
| 10 | * Free Software Foundation; either version 2 of the License, or (at your | |
| 11 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
| 12 | * | |
| 13 | * This program is distributed in the hope that it will be useful, but | |
| 14 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
| 15 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
| 16 | * for more details. | |
| 17 | * | |
| 18 | */ | |
| 19 | #include <linux/config.h> | |
| 20 | #include <linux/version.h> | |
| 21 | ||
| 22 | /* | |
| 23 | * special case: ipsec core modular with this static algo inside: | |
| 24 | * must avoid MODULE magic for this file | |
| 25 | */ | |
| 26 | #if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_SERPENT | |
| 27 | #undef MODULE | |
| 28 | #endif | |
| 29 | ||
| 30 | #include <linux/module.h> | |
| 31 | #include <linux/init.h> | |
| 32 | ||
| 33 | #include <linux/kernel.h> /* printk() */ | |
| 34 | #include <linux/errno.h> /* error codes */ | |
| 35 | #include <linux/types.h> /* size_t */ | |
| 36 | #include <linux/string.h> | |
| 37 | ||
| 38 | /* Check if __exit is defined, if not null it */ | |
| 39 | #ifndef __exit | |
| 40 | #define __exit | |
| 41 | #endif | |
| 42 | ||
| 43 | /* Low freeswan header coupling */ | |
| 44 | #include "freeswan/ipsec_alg.h" | |
| 45 | #include "libserpent/serpent.h" | |
| 46 | #include "libserpent/serpent_cbc.h" | |
| 47 | ||
| 48 | #define ESP_SERPENT 252 /* from ipsec drafts */ | |
| 49 | ||
| 50 | /* 128, 192 or 256 */ | |
| 51 | #define ESP_SERPENT_KEY_SZ_MIN 16 /* 128 bit secret key */ | |
| 52 | #define ESP_SERPENT_KEY_SZ_MAX 32 /* 256 bit secret key */ | |
| 53 | #define ESP_SERPENT_CBC_BLK_LEN 16 /* SERPENT-CBC block size */ | |
| 54 | ||
| 55 | MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>"); | |
| 56 | static int debug=0; | |
| 57 | MODULE_PARM(debug, "i"); | |
| 58 | static int test=0; | |
| 59 | MODULE_PARM(test, "i"); | |
| 60 | static int excl=0; | |
| 61 | MODULE_PARM(excl, "i"); | |
| 62 | static int keyminbits=0; | |
| 63 | MODULE_PARM(keyminbits, "i"); | |
| 64 | static int keymaxbits=0; | |
| 65 | MODULE_PARM(keymaxbits, "i"); | |
| 66 | ||
| 67 | static int _serpent_set_key(struct ipsec_alg_enc *alg, __u8 * key_e, const __u8 * key, size_t keysize) { | |
| 68 | serpent_context *ctx=(serpent_context *)key_e; | |
| 69 | if (debug > 0) | |
| 70 | printk(KERN_DEBUG "klips_debug:_serpent_set_key:" | |
| 71 | "key_e=%p key=%p keysize=%d\n", | |
| 72 | key_e, key, keysize); | |
| 73 | serpent_set_key(ctx, key, keysize); | |
| 74 | return 0; | |
| 75 | } | |
| 76 | static int _serpent_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) { | |
| 77 | serpent_context *ctx=(serpent_context *)key_e; | |
| 78 | if (debug > 0) | |
| 79 | printk(KERN_DEBUG "klips_debug:_serpent_cbc_encrypt:" | |
| 80 | "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n", | |
| 81 | key_e, in, ilen, iv, encrypt); | |
| 82 | serpent_cbc_encrypt(ctx, in, in, ilen, iv, encrypt); | |
| 83 | return ilen; | |
| 84 | } | |
| 85 | static struct ipsec_alg_enc ipsec_alg_SERPENT = { | |
| 86 | ixt_version: IPSEC_ALG_VERSION, | |
| 87 | ixt_module: THIS_MODULE, | |
| 88 | ixt_refcnt: ATOMIC_INIT(0), | |
| 89 | ixt_alg_type: IPSEC_ALG_TYPE_ENCRYPT, | |
| 90 | ixt_alg_id: ESP_SERPENT, | |
| 91 | ixt_name: "serpent", | |
| 92 | ixt_blocksize: ESP_SERPENT_CBC_BLK_LEN, | |
| 93 | ixt_keyminbits: ESP_SERPENT_KEY_SZ_MIN * 8, | |
| 94 | ixt_keymaxbits: ESP_SERPENT_KEY_SZ_MAX * 8, | |
| 95 | ixt_e_keylen: ESP_SERPENT_KEY_SZ_MAX, | |
| 96 | ixt_e_ctx_size: sizeof(serpent_context), | |
| 97 | ixt_e_set_key: _serpent_set_key, | |
| 98 | ixt_e_cbc_encrypt:_serpent_cbc_encrypt, | |
| 99 | }; | |
| 100 | ||
| 101 | IPSEC_ALG_MODULE_INIT(ipsec_serpent_init) | |
| 102 | { | |
| 103 | int ret, test_ret; | |
| 104 | if (keyminbits) | |
| 105 | ipsec_alg_SERPENT.ixt_keyminbits=keyminbits; | |
| 106 | if (keymaxbits) { | |
| 107 | ipsec_alg_SERPENT.ixt_keymaxbits=keymaxbits; | |
| 108 | if (keymaxbits*8>ipsec_alg_SERPENT.ixt_keymaxbits) | |
| 109 | ipsec_alg_SERPENT.ixt_e_keylen=keymaxbits*8; | |
| 110 | } | |
| 111 | if (excl) ipsec_alg_SERPENT.ixt_state |= IPSEC_ALG_ST_EXCL; | |
| 112 | ret=register_ipsec_alg_enc(&ipsec_alg_SERPENT); | |
| 113 | printk("ipsec_serpent_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", | |
| 114 | ipsec_alg_SERPENT.ixt_alg_type, | |
| 115 | ipsec_alg_SERPENT.ixt_alg_id, | |
| 116 | ipsec_alg_SERPENT.ixt_name, | |
| 117 | ret); | |
| 118 | if (ret==0 && test) { | |
| 119 | test_ret=ipsec_alg_test( | |
| 120 | ipsec_alg_SERPENT.ixt_alg_type, | |
| 121 | ipsec_alg_SERPENT.ixt_alg_id, | |
| 122 | test); | |
| 123 | printk("ipsec_serpent_init(alg_type=%d alg_id=%d): test_ret=%d\n", | |
| 124 | ipsec_alg_SERPENT.ixt_alg_type, | |
| 125 | ipsec_alg_SERPENT.ixt_alg_id, | |
| 126 | test_ret); | |
| 127 | } | |
| 128 | return ret; | |
| 129 | } | |
| 130 | IPSEC_ALG_MODULE_EXIT(ipsec_serpent_fini) | |
| 131 | { | |
| 132 | unregister_ipsec_alg_enc(&ipsec_alg_SERPENT); | |
| 133 | return; | |
| 134 | } | |
| 135 | #ifdef MODULE_LICENSE | |
| 136 | MODULE_LICENSE("GPL"); | |
| 137 | #endif | |
| 138 | ||
| 139 | EXPORT_NO_SYMBOLS; |