loop_fish2.c

CROSSCRYPT是FILEDISK的拓展

    z|=Mul_5B[b[1]];
    z<<=8;
    z|=Mul_EF[b[1]];
    z<<=8;
    z|=Mul_EF[b[1]];

    sbox[i+256]=z;

    z=Mul_EF[b[2]];
    z<<=8;
    z|=b[2];
    z<<=8;
    z|=Mul_EF[b[2]];
    z<<=8;
    z|=Mul_5B[b[2]];

    sbox[i+512]=z;

    z=Mul_5B[b[3]];
    z<<=8;
    z|=Mul_EF[b[3]];
    z<<=8;
    z|=b[3];
    z<<=8;
    z|=Mul_5B[b[3]];

    sbox[i+768]=z;
  }
}


/* Reed-Solomon code parameters: (12,8) reversible code
   g(x) = x**4 + (a + 1/a) x**3 + a x**2 + (a + 1/a) x + 1
   where a = primitive root of field generator 0x14D */
#define RS_GF_FDBK      0x14D   /* field generator */
#define RS_rem(x) \
    { UCHAR  b  =   x >> 24; \
      DWORD32 g2 = ((b << 1) ^ ((b & 0x80) ? RS_GF_FDBK : 0 )) & 0xFF; \
      DWORD32 g3 = ((b >> 1) & 0x7F) ^ ((b & 1) ? RS_GF_FDBK >> 1 : 0 ) ^ g2 ; \
      x = (x << 8) ^ (g3 << 24) ^ (g2 << 16) ^ (g3 << 8) ^ b; \
    }

static DWORD32 rs_mds(DWORD32 k0, DWORD32 k1)
{
  int i, j;
  DWORD32 r;

  for (i = r = 0; i < 2; i++)
  {
    r ^= (i) ? k0 : k1;     /* merge in 32 more key bits */
    for (j = 0; j < 4; j++) /* shift one UCHAR at a time */
      RS_rem(r);
  }
  return r;
}


#define		INPUT_WHITEN		0	/* subkey array indices */
#define		OUTPUT_WHITEN		4
#define		ROUND_SUBKEYS		8	/* use 2 * (# rounds) */
#define		TOTAL_SUBKEYS		40

void init_key(fish2_key * key)
{
  int i, k64Cnt;
  int keyLen = key->keyLen;
  int subkeyCnt = TOTAL_SUBKEYS;
  DWORD32 A, B;
  DWORD32 k32e[4], k32o[4];	/* even/odd key dwords */

  k64Cnt = (keyLen + 63) / 64;	/* round up to next multiple of 64 bits */
  for (i = 0; i < k64Cnt; i++)
  {				/* split into even/odd key dwords */
    k32e[i] = ((DWORD32 *)key->key)[2 * i];
    k32o[i] = ((DWORD32 *)key->key)[2 * i + 1];
    /* compute S-box keys using (12,8) Reed-Solomon code over GF(256) */
    /* store in reverse order */
    key->sboxKeys[k64Cnt - 1 - i] =
      Bswap(rs_mds(Bswap(k32e[i]), Bswap(k32o[i])));

  }

  for (i = 0; i < subkeyCnt / 2; i++)	/* compute round subkeys for PHT */
  {
    A = f32(i * 0x02020202, k32e, keyLen);		/* A uses even key dwords */
    B = f32(i * 0x02020202 + 0x01010101, k32o, keyLen);	/* B uses odd  key
							   dwords */
    B = ROL(B, 8);
    key->subKeys[2 * i] = A + B;	/* combine with a PHT */
    key->subKeys[2 * i + 1] = ROL(A + 2 * B, 9);
  }

  init_sbox(key);
}


static DWORD32 f32_sbox(DWORD32 x,DWORD32 *sbox)	//inline
{
  /* Run each UCHAR thru 8x8 S-boxes, xoring with key UCHAR at each stage. */
  /* Note that each UCHAR goes through a different combination of S-boxes. */

  return (sbox[        (x)     &0xff]^
          sbox[256 + (((x)>> 8)&0xff)]^
          sbox[512 + (((x)>>16)&0xff)]^
          sbox[768 + (((x)>>24)&0xff)]);
}

#define roundE_m(x0,x1,x2,x3,rnd) \
      t0 = f32_sbox( x0, key->sbox_full ) ; \
      t1 = f32_sbox( ROL(x1,8), key->sbox_full ); \
      x2 ^= t0 + t1 + key->subKeys[2*rnd+8]; \
      x3 = ROL(x3,1); \
      x3 ^= t0 + 2*t1 + key->subKeys[2*rnd+9]; \
      x2 = ROR(x2,1);


int blockEncrypt_CBC(fish2_key *key,UCHAR *src,UCHAR *dst,int len)
{ DWORD32 xx0,xx1,xx2,xx3,t0,t1,iv0,iv1,iv2,iv3;

  if (len & 0xF) return -1;

  iv0=0;
  iv1=0;
  iv2=0;
  iv3=0;
  for (;len>=16;len-=16)

  {
    if ( ( len & 0x1FF) == 0)
    { iv0=0;
      iv1=0;
      iv2=0;
      iv3=0;
    }

    xx0=Bswap(((DWORD32 *)src)[0]) ^ key->subKeys[0] ^ iv0;
    xx1=Bswap(((DWORD32 *)src)[1]) ^ key->subKeys[1] ^ iv1;
    xx2=Bswap(((DWORD32 *)src)[2]) ^ key->subKeys[2] ^ iv2;
    xx3=Bswap(((DWORD32 *)src)[3]) ^ key->subKeys[3] ^ iv3;

    src+=16;

    roundE_m(xx0,xx1,xx2,xx3,0);
    roundE_m(xx2,xx3,xx0,xx1,1);
    roundE_m(xx0,xx1,xx2,xx3,2);
    roundE_m(xx2,xx3,xx0,xx1,3);
    roundE_m(xx0,xx1,xx2,xx3,4);
    roundE_m(xx2,xx3,xx0,xx1,5);
    roundE_m(xx0,xx1,xx2,xx3,6);
    roundE_m(xx2,xx3,xx0,xx1,7);
    roundE_m(xx0,xx1,xx2,xx3,8);
    roundE_m(xx2,xx3,xx0,xx1,9);
    roundE_m(xx0,xx1,xx2,xx3,10);
    roundE_m(xx2,xx3,xx0,xx1,11);
    roundE_m(xx0,xx1,xx2,xx3,12);
    roundE_m(xx2,xx3,xx0,xx1,13);
    roundE_m(xx0,xx1,xx2,xx3,14);
    roundE_m(xx2,xx3,xx0,xx1,15);

    iv0=xx2 ^ key->subKeys[4];
    iv1=xx3 ^ key->subKeys[5];
    iv2=xx0 ^ key->subKeys[6];
    iv3=xx1 ^ key->subKeys[7];

    ((DWORD32 *)dst)[0] = Bswap(iv0);
    ((DWORD32 *)dst)[1] = Bswap(iv1);
    ((DWORD32 *)dst)[2] = Bswap(iv2);
    ((DWORD32 *)dst)[3] = Bswap(iv3);
    dst+=16;
  }
  return len;
}

#define roundD_m(x0,x1,x2,x3,rnd) \
      t0 = f32_sbox( x0, key->sbox_full); \
      t1 = f32_sbox( ROL(x1,8),key->sbox_full); \
      x2 = ROL(x2,1); \
      x3 ^= t0 + 2*t1 + key->subKeys[rnd*2+9]; \
      x3 = ROR(x3,1); \
      x2 ^= t0 + t1 + key->subKeys[rnd*2+8];


int blockDecrypt_CBC(fish2_key *key,UCHAR *src,UCHAR *dst,int len)
{ DWORD32 xx0,xx1,xx2,xx3,t0,t1,lx0,lx1,lx2,lx3,iv0,iv1,iv2,iv3;

  if (len & 0xF) return -1;

  iv0=0;
  iv1=0;
  iv2=0;
  iv3=0;

  for (;len>=16;len-=16)
  {
    if ( ( len & 0x1FF) == 0)
    { iv0=0;
      iv1=0;
      iv2=0;
      iv3=0;
    }

    lx0=iv0;iv0=Bswap(((DWORD32 *)src)[0]);xx0=iv0 ^ key->subKeys[4];
    lx1=iv1;iv1=Bswap(((DWORD32 *)src)[1]);xx1=iv1 ^ key->subKeys[5];
    lx2=iv2;iv2=Bswap(((DWORD32 *)src)[2]);xx2=iv2 ^ key->subKeys[6];
    lx3=iv3;iv3=Bswap(((DWORD32 *)src)[3]);xx3=iv3 ^ key->subKeys[7];
    src+=16;

    roundD_m(xx0,xx1,xx2,xx3,15);
    roundD_m(xx2,xx3,xx0,xx1,14);
    roundD_m(xx0,xx1,xx2,xx3,13);
    roundD_m(xx2,xx3,xx0,xx1,12);
    roundD_m(xx0,xx1,xx2,xx3,11);
    roundD_m(xx2,xx3,xx0,xx1,10);
    roundD_m(xx0,xx1,xx2,xx3,9);
    roundD_m(xx2,xx3,xx0,xx1,8);
    roundD_m(xx0,xx1,xx2,xx3,7);
    roundD_m(xx2,xx3,xx0,xx1,6);
    roundD_m(xx0,xx1,xx2,xx3,5);
    roundD_m(xx2,xx3,xx0,xx1,4);
    roundD_m(xx0,xx1,xx2,xx3,3);
    roundD_m(xx2,xx3,xx0,xx1,2);
    roundD_m(xx0,xx1,xx2,xx3,1);
    roundD_m(xx2,xx3,xx0,xx1,0);

    ((DWORD32 *)dst)[0] = Bswap(xx2 ^ key->subKeys[0] ^ lx0);
    ((DWORD32 *)dst)[1] = Bswap(xx3 ^ key->subKeys[1] ^ lx1);
    ((DWORD32 *)dst)[2] = Bswap(xx0 ^ key->subKeys[2] ^ lx2);
    ((DWORD32 *)dst)[3] = Bswap(xx1 ^ key->subKeys[3] ^ lx3);
    dst+=16;
  }
  return len;
}


/*int transfer_fish2(struct loop_device *lo, int cmd, char *raw_buf,
                  char *loop_buf, int size, int real_block)
{ if (cmd == READ)
    blockDecrypt_CBC((fish2_key *)lo->key_data,raw_buf,loop_buf,size);
  else
    blockEncrypt_CBC((fish2_key *)lo->key_data,loop_buf,raw_buf,size);
  return 0;
}

int fish2_init(struct loop_device *lo,struct loop_info *info)
{ fish2_key *key;

  if (info->lo_encrypt_key_size<16 || info->lo_encrypt_key_size>32)
    return -EINVAL;

  key=(fish2_key *)kmalloc(sizeof(fish2_key),GFP_KERNEL);

  if (key==NULL)
    return -ENOMEM;

  lo->key_data=key;

  memset(key->key,0,32);

  key->keyLen=info->lo_encrypt_key_size << 3;
  memcpy(key->key,info->lo_encrypt_key,info->lo_encrypt_key_size);

  init_key(key);

  return 0;
}

static int fish2_release(struct loop_device *lo)
{ if (lo->key_data!=NULL)
  {
    kfree(lo->key_data);
    lo->key_data=NULL;
  }
  return(0);
}

static void fish2_lock(struct loop_device *lo)
{
	MOD_INC_USE_COUNT;
}

static void fish2_unlock(struct loop_device *lo)
{
	MOD_DEC_USE_COUNT;
}



static struct loop_func_table fish2_funcs =
{ number: LO_CRYPT_FISH2,
  transfer: transfer_fish2,
  init: fish2_init,
  release: fish2_release,
  lock: fish2_lock,
  unlock: fish2_unlock
};

#ifdef MODULE
int __init init_module(void)
#else
int __init loop_fish2_init(void)
#endif
{
  int err;

  if ((err=loop_register_transfer(&fish2_funcs)))
  {
    printk(KERN_WARNING "Couldn't register Twofish encryption\n");
    return err;
  }
  printk(KERN_INFO "loop: registered Twofish encryption \n");
  return 0;
}

#ifdef MODULE
void cleanup_module(void)
{
  if (loop_unregister_transfer(LO_CRYPT_FISH2))
    printk(KERN_WARNING "Couldn't unregister Twofish encryption\n");
  printk(KERN_INFO "loop: unregistered Twofish encryption \n");
}
#endif

MODULE_LICENSE("GPL");
*/