[CRYPTO]: Add twofish algorithm.

177b4328 · James Morris · David S. Miller · 13860608 · 177b4328 · 177b4328
Commit 177b4328 authored Nov 25, 2002 by James Morris Committed by David S. Miller Nov 25, 2002
8 changed files
--- a/Documentation/crypto/api-intro.txt
+++ b/Documentation/crypto/api-intro.txt
@@ -176,7 +176,7 @@ and;
  Nettle (http://www.lysator.liu.se/~nisse/nettle/)
    Niels Möller

-Original developers of the initial set of crypto algorithms:
+Original developers of the crypto algorithms:

  Dana L. How (DES)
  Andrew Tridgell and Steve French (MD4)
@@ -184,17 +184,23 @@ Original developers of the initial set of crypto algorithms:
  Steve Reid (SHA1)
  Jean-Luc Cooke (SHA256)
  Kazunori Miyazawa / USAGI (HMAC)
-
-The DES code was subsequently redeveloped by:
-
+  Matthew Skala (Twofish)
+  
+DES algorithm contributors:
  Raimar Falke
  Gisle Sælensminde
  Niels Möller

-The Blowfish code was subsequently redeveloped by:
+Blowfish algorithm contributors:
  Herbert Valerio Riedel
  Kyle McMartin

+Twofish algorithm contributors:
+  Werner Koch
+  Marc Mutz
+
+SHA256 algorithm contributors:
+  Andrew McDonald

 Please send any credits updates or corrections to:
 James Morris <jmorris@intercode.com.au>

--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -68,6 +68,20 @@ config CRYPTO_BLOWFISH
 	  See also:
 	  http://www.counterpane.com/blowfish.html

+config CRYPTO_TWOFISH
+	tristate "Twofish cipher algorithm"
+	depends on CRYPTO
+	help
+	  Twofish cipher algorithm.
+	  
+	  Twofish was submitted as an AES (Advanced Encryption Standard)
+	  candidate cipher by researchers at CounterPane Systems.  It is a
+	  16 round block cipher supporting key sizes of 128, 192, and 256
+	  bits.
+	  
+	  See also:
+	  http://www.counterpane.com/twofish.html
+
 config CRYPTO_TEST
 	tristate "Testing module"
 	depends on CRYPTO

--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -16,6 +16,7 @@ obj-$(CONFIG_CRYPTO_SHA1) += sha1.o
 obj-$(CONFIG_CRYPTO_SHA256) += sha256.o
 obj-$(CONFIG_CRYPTO_DES) += des.o
 obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish.o
+obj-$(CONFIG_CRYPTO_TWOFISH) += twofish.o

 obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o


--- a/crypto/api.c
+++ b/crypto/api.c
@@ -187,13 +187,6 @@ void crypto_free_tfm(struct crypto_tfm *tfm)
 	kfree(tfm);
 }

-static inline int crypto_alg_blocksize_check(struct crypto_alg *alg)
-{
-	return ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK)
-			== CRYPTO_ALG_TYPE_CIPHER &&
-	         alg->cra_blocksize > CRYPTO_MAX_CIPHER_BLOCK_SIZE);
-}
-
 int crypto_register_alg(struct crypto_alg *alg)
 {
 	int ret = 0;
@@ -208,14 +201,7 @@ int crypto_register_alg(struct crypto_alg *alg)
 		}
 	}
 	
-	if (crypto_alg_blocksize_check(alg)) {
-		printk(KERN_WARNING "%s: blocksize %u exceeds max. "
-		       "size %u\n", __FUNCTION__, alg->cra_blocksize,
-		       CRYPTO_MAX_CIPHER_BLOCK_SIZE);
-		ret = -EINVAL;
-	}
-	else
-		list_add_tail(&alg->cra_list, &crypto_alg_list);
+	list_add_tail(&alg->cra_list, &crypto_alg_list);
 out:	
 	up_write(&crypto_alg_sem);
 	return ret;

--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -29,6 +29,14 @@ static inline void xor_64(u8 *a, const u8 *b)
 	((u32 *)a)[1] ^= ((u32 *)b)[1];
 }

+static inline void xor_128(u8 *a, const u8 *b)
+{
+	((u32 *)a)[0] ^= ((u32 *)b)[0];
+	((u32 *)a)[1] ^= ((u32 *)b)[1];
+	((u32 *)a)[2] ^= ((u32 *)b)[2];
+	((u32 *)a)[3] ^= ((u32 *)b)[3];
+}
+
 static inline unsigned int sglen(struct scatterlist *sg, unsigned int nsg)
 {
 	unsigned int i, n;
@@ -116,7 +124,7 @@ static int crypt(struct crypto_tfm *tfm, struct scatterlist *sg,
 {
 	unsigned int i, coff;
 	unsigned int bsize = crypto_tfm_alg_blocksize(tfm);
-	u8 tmp[CRYPTO_MAX_CIPHER_BLOCK_SIZE];
+	u8 tmp[bsize];

 	if (sglen(sg, nsg) % bsize) {
 		tfm->crt_flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN;
@@ -164,16 +172,20 @@ static int crypt(struct crypto_tfm *tfm, struct scatterlist *sg,
 static void cbc_process(struct crypto_tfm *tfm,
                        u8 *block, cryptfn_t fn, int enc)
 {
+	/* Null encryption */
+	if (!tfm->crt_cipher.cit_iv)
+		return;
+		
 	if (enc) {
-		xor_64(tfm->crt_cipher.cit_iv, block);
+		tfm->crt_u.cipher.cit_xor_block(tfm->crt_cipher.cit_iv, block);
 		fn(tfm->crt_ctx, block, tfm->crt_cipher.cit_iv);
 		memcpy(tfm->crt_cipher.cit_iv, block,
 		       crypto_tfm_alg_blocksize(tfm));
 	} else {
-		u8 buf[CRYPTO_MAX_CIPHER_BLOCK_SIZE];
+		u8 buf[crypto_tfm_alg_blocksize(tfm)];
 		
 		fn(tfm->crt_ctx, buf, block);
-		xor_64(buf, tfm->crt_cipher.cit_iv);
+		tfm->crt_u.cipher.cit_xor_block(buf, tfm->crt_cipher.cit_iv);
 		memcpy(tfm->crt_cipher.cit_iv, block,
 		       crypto_tfm_alg_blocksize(tfm));
 		memcpy(block, buf, crypto_tfm_alg_blocksize(tfm));
@@ -279,11 +291,29 @@ int crypto_init_cipher_ops(struct crypto_tfm *tfm)
 	if (alg->cra_cipher.cia_ivsize &&
 	    ops->cit_mode != CRYPTO_TFM_MODE_ECB) {
 	    	
+	    	switch (crypto_tfm_alg_blocksize(tfm)) {
+	    	case 8:
+	    		ops->cit_xor_block = xor_64;
+	    		break;
+	    		
+	    	case 16:
+	    		ops->cit_xor_block = xor_128;
+	    		break;
+	    		
+	    	default:
+	    		printk(KERN_WARNING "%s: block size %u not supported\n",
+	    		       crypto_tfm_alg_name(tfm),
+	    		       crypto_tfm_alg_blocksize(tfm));
+	    		ret = -EINVAL;
+	    		goto out;
+	    	}
+	    	
 	    	ops->cit_iv = kmalloc(alg->cra_cipher.cia_ivsize, GFP_KERNEL);
 		if (ops->cit_iv == NULL)
 			ret = -ENOMEM;
 	}
-	
+
+out:	
 	return ret;
 }


--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -48,6 +48,7 @@ static char *tvmem;

 static char *check[] = {
 	"des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish",
+	"twofish",
 	 NULL
 };

@@ -333,15 +334,8 @@ test_hmac_sha256(void)

 		klen = strlen(hmac_sha256_tv[i].key);
 	
-		//printk("DS=%u\n", crypto_tfm_alg_digestsize(tfm));
-		
-		//printk("K=");
 		hexdump(hmac_sha256_tv[i].key, strlen(hmac_sha256_tv[i].key));
-		//printk("P=%s\n", hmac_sha256_tv[i].plaintext);
-		
 		crypto_hmac(tfm, hmac_sha256_tv[i].key, &klen, sg, 1, result);
-
-		//printk("H=");
 		hexdump(result, crypto_tfm_alg_digestsize(tfm));
 		printk("%s\n",
 		       memcmp(result, hmac_sha256_tv[i].digest,
@@ -1616,7 +1610,7 @@ test_blowfish(void)

 		sg[0].page = virt_to_page(p);
 		sg[0].offset = ((long) p & ~PAGE_MASK);
-		sg[0].length =  bf_tv[i].plen;;
+		sg[0].length =  bf_tv[i].plen;

 		crypto_cipher_set_iv(tfm, bf_tv[i].iv,
 				     crypto_tfm_alg_ivsize(tfm));
@@ -1661,7 +1655,7 @@ test_blowfish(void)

 		sg[0].page = virt_to_page(p);
 		sg[0].offset = ((long) p & ~PAGE_MASK);
-		sg[0].length =  bf_tv[i].plen;;
+		sg[0].length =  bf_tv[i].plen;

 		crypto_cipher_set_iv(tfm, bf_tv[i].iv,
 				     crypto_tfm_alg_ivsize(tfm));
@@ -1684,6 +1678,212 @@ test_blowfish(void)
 	crypto_free_tfm(tfm);
 }

+
+void
+test_twofish(void)
+{
+	unsigned int ret, i;
+	unsigned int tsize;
+	char *p, *q;
+	struct crypto_tfm *tfm;
+	char *key;
+	struct tf_tv *tf_tv;
+	struct scatterlist sg[1];
+
+	printk("\ntesting twofish encryption\n");
+
+	tsize = sizeof (tf_enc_tv_template);
+	if (tsize > TVMEMSIZE) {
+		printk("template (%u) too big for tvmem (%u)\n", tsize,
+		       TVMEMSIZE);
+		return;
+	}
+
+	memcpy(tvmem, tf_enc_tv_template, tsize);
+	tf_tv = (void *) tvmem;
+
+	tfm = crypto_alloc_tfm("twofish", 0);
+	if (tfm == NULL) {
+		printk("failed to load transform for blowfish (default ecb)\n");
+		return;
+	}
+
+	for (i = 0; i < TF_ENC_TEST_VECTORS; i++) {
+		printk("test %u (%d bit key):\n",
+			i + 1, tf_tv[i].keylen * 8);
+		key = tf_tv[i].key;
+
+		ret = crypto_cipher_setkey(tfm, key, tf_tv[i].keylen);
+		if (ret) {
+			printk("setkey() failed flags=%x\n", tfm->crt_flags);
+
+			if (!tf_tv[i].fail)
+				goto out;
+		}
+
+		p = tf_tv[i].plaintext;
+		sg[0].page = virt_to_page(p);
+		sg[0].offset = ((long) p & ~PAGE_MASK);
+		sg[0].length = tf_tv[i].plen;
+		ret = crypto_cipher_encrypt(tfm, sg, 1);
+		if (ret) {
+			printk("encrypt() failed flags=%x\n", tfm->crt_flags);
+			goto out;
+		}
+
+		q = kmap(sg[0].page) + sg[0].offset;
+		hexdump(q, tf_tv[i].rlen);
+
+		printk("%s\n", memcmp(q, tf_tv[i].result, tf_tv[i].rlen) ?
+			"fail" : "pass");
+	}
+
+	printk("\ntesting twofish decryption\n");
+
+	tsize = sizeof (tf_dec_tv_template);
+	if (tsize > TVMEMSIZE) {
+		printk("template (%u) too big for tvmem (%u)\n", tsize,
+		       TVMEMSIZE);
+		return;
+	}
+
+	memcpy(tvmem, tf_dec_tv_template, tsize);
+	tf_tv = (void *) tvmem;
+
+	for (i = 0; i < TF_DEC_TEST_VECTORS; i++) {
+		printk("test %u (%d bit key):\n",
+			i + 1, tf_tv[i].keylen * 8);
+		key = tf_tv[i].key;
+
+		ret = crypto_cipher_setkey(tfm, key, tf_tv[i].keylen);
+		if (ret) {
+			printk("setkey() failed flags=%x\n", tfm->crt_flags);
+
+			if (!tf_tv[i].fail)
+				goto out;
+		}
+
+		p = tf_tv[i].plaintext;
+		sg[0].page = virt_to_page(p);
+		sg[0].offset = ((long) p & ~PAGE_MASK);
+		sg[0].length = tf_tv[i].plen;
+		ret = crypto_cipher_decrypt(tfm, sg, 1);
+		if (ret) {
+			printk("decrypt() failed flags=%x\n", tfm->crt_flags);
+			goto out;
+		}
+
+		q = kmap(sg[0].page) + sg[0].offset;
+		hexdump(q, tf_tv[i].rlen);
+
+		printk("%s\n", memcmp(q, tf_tv[i].result, tf_tv[i].rlen) ?
+			"fail" : "pass");
+	}
+
+	crypto_free_tfm(tfm);
+	
+	tfm = crypto_alloc_tfm("twofish", CRYPTO_TFM_MODE_CBC);
+	if (tfm == NULL) {
+		printk("failed to load transform for twofish cbc\n");
+		return;
+	}
+
+	printk("\ntesting twofish cbc encryption\n");
+
+	tsize = sizeof (tf_cbc_enc_tv_template);
+	if (tsize > TVMEMSIZE) {
+		printk("template (%u) too big for tvmem (%u)\n", tsize,
+		       TVMEMSIZE);
+		goto out;
+	}
+	memcpy(tvmem, tf_cbc_enc_tv_template, tsize);
+	tf_tv = (void *) tvmem;
+
+	for (i = 0; i < TF_CBC_ENC_TEST_VECTORS; i++) {
+		printk("test %u (%d bit key):\n",
+			i + 1, tf_tv[i].keylen * 8);
+
+		key = tf_tv[i].key;
+
+		ret = crypto_cipher_setkey(tfm, key, tf_tv[i].keylen);
+		if (ret) {
+			printk("setkey() failed flags=%x\n", tfm->crt_flags);
+			goto out;
+		}
+
+		p = tf_tv[i].plaintext;
+
+		sg[0].page = virt_to_page(p);
+		sg[0].offset = ((long) p & ~PAGE_MASK);
+		sg[0].length =  tf_tv[i].plen;
+
+		crypto_cipher_set_iv(tfm, tf_tv[i].iv,
+				     crypto_tfm_alg_ivsize(tfm));
+
+		ret = crypto_cipher_encrypt(tfm, sg, 1);
+		if (ret) {
+			printk("blowfish_cbc_encrypt() failed flags=%x\n",
+			       tfm->crt_flags);
+			goto out;
+		}
+
+		q = kmap(sg[0].page) + sg[0].offset;
+		hexdump(q, tf_tv[i].rlen);
+
+		printk("%s\n", memcmp(q, tf_tv[i].result, tf_tv[i].rlen)
+			? "fail" : "pass");
+	}
+
+	printk("\ntesting twofish cbc decryption\n");
+
+	tsize = sizeof (tf_cbc_dec_tv_template);
+	if (tsize > TVMEMSIZE) {
+		printk("template (%u) too big for tvmem (%u)\n", tsize,
+		       TVMEMSIZE);
+		goto out;
+	}
+	memcpy(tvmem, tf_cbc_dec_tv_template, tsize);
+	tf_tv = (void *) tvmem;
+
+	for (i = 0; i < TF_CBC_DEC_TEST_VECTORS; i++) {
+		printk("test %u (%d bit key):\n",
+			i + 1, tf_tv[i].keylen * 8);
+
+		key = tf_tv[i].key;
+
+		ret = crypto_cipher_setkey(tfm, key, tf_tv[i].keylen);
+		if (ret) {
+			printk("setkey() failed flags=%x\n", tfm->crt_flags);
+			goto out;
+		}
+
+		p = tf_tv[i].plaintext;
+
+		sg[0].page = virt_to_page(p);
+		sg[0].offset = ((long) p & ~PAGE_MASK);
+		sg[0].length =  tf_tv[i].plen;
+
+		crypto_cipher_set_iv(tfm, tf_tv[i].iv,
+				     crypto_tfm_alg_ivsize(tfm));
+
+		ret = crypto_cipher_decrypt(tfm, sg, 1);
+		if (ret) {
+			printk("blowfish_cbc_decrypt() failed flags=%x\n",
+			       tfm->crt_flags);
+			goto out;
+		}
+
+		q = kmap(sg[0].page) + sg[0].offset;
+		hexdump(q, tf_tv[i].rlen);
+
+		printk("%s\n", memcmp(q, tf_tv[i].result, tf_tv[i].rlen)
+			? "fail" : "pass");
+	}
+
+out:	
+	crypto_free_tfm(tfm);
+}
+
 static void
 test_available(void)
 {
@@ -1710,6 +1910,7 @@ do_test(void)
 		test_md4();
 		test_sha256();
 		test_blowfish();
+		test_twofish();
 #ifdef CONFIG_CRYPTO_HMAC
 		test_hmac_md5();
 		test_hmac_sha1();
@@ -1745,6 +1946,10 @@ do_test(void)
 		test_blowfish();
 		break;

+	case 8:
+		test_twofish();
+		break;
+
 #ifdef CONFIG_CRYPTO_HMAC
 	case 100:
 		test_hmac_md5();

--- a/crypto/tcrypt.h
+++ b/crypto/tcrypt.h
@@ -1167,4 +1167,221 @@ struct bf_tv bf_cbc_dec_tv_template[] = {
 	},
 };

+/*
+ * Twofish test vectors.
+ */
+#define TF_ENC_TEST_VECTORS		3
+#define TF_DEC_TEST_VECTORS		3
+#define TF_CBC_ENC_TEST_VECTORS		4
+#define TF_CBC_DEC_TEST_VECTORS		4
+
+struct tf_tv {
+	unsigned int keylen;
+	unsigned int plen;
+	unsigned int rlen;
+	int fail;
+	char key[32];
+	char iv[16];
+	char plaintext[48];
+	char result[48];
+};
+
+struct tf_tv tf_enc_tv_template[] = {
+	{
+		16, 16, 16, 0,
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x9F, 0x58, 0x9F, 0x5C, 0xF6, 0x12, 0x2C, 0x32,
+		  0xB6, 0xBF, 0xEC, 0x2F, 0x2A, 0xE8, 0xC3, 0x5A }
+	},
+	{
+		24, 16, 16, 0,
+		{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+		  0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10,
+		  0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 },
+		{ 0 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0xCF, 0xD1, 0xD2, 0xE5, 0xA9, 0xBE, 0x9C, 0xDF,
+		  0x50, 0x1F, 0x13, 0xB8, 0x92, 0xBD, 0x22, 0x48 }
+	},
+	{	
+		32, 16, 16, 0,
+		{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+		  0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10,
+		  0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+		  0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF },
+		{ 0 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x37, 0x52, 0x7B, 0xE0, 0x05, 0x23, 0x34, 0xB8,
+		  0x9F, 0x0C, 0xFC, 0xCA, 0xE8, 0x7C, 0xFA, 0x20 }
+	},
+};
+
+struct tf_tv tf_dec_tv_template[] = {
+	{
+		16, 16, 16, 0,
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0 },
+		{ 0x9F, 0x58, 0x9F, 0x5C, 0xF6, 0x12, 0x2C, 0x32,
+		  0xB6, 0xBF, 0xEC, 0x2F, 0x2A, 0xE8, 0xC3, 0x5A },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },  
+	},
+	{
+		24, 16, 16, 0,
+		{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+		  0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10,
+		  0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 },
+		{ 0 },
+		{ 0xCF, 0xD1, 0xD2, 0xE5, 0xA9, 0xBE, 0x9C, 0xDF,
+		  0x50, 0x1F, 0x13, 0xB8, 0x92, 0xBD, 0x22, 0x48 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+	},
+	{	
+		32, 16, 16, 0,
+		{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+		  0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10,
+		  0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+		  0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF },
+		{ 0 },
+		{ 0x37, 0x52, 0x7B, 0xE0, 0x05, 0x23, 0x34, 0xB8,
+		  0x9F, 0x0C, 0xFC, 0xCA, 0xE8, 0x7C, 0xFA, 0x20 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+	},
+};
+
+struct tf_tv tf_cbc_enc_tv_template[] = {
+	/* Generated with Nettle */
+	{
+		16, 16, 16, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32,
+		  0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a },
+	},
+	
+	{
+		16, 16, 16, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32,
+		  0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e,
+		  0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 },
+	},
+	
+	{
+		16, 16, 16, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e,
+		  0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26,
+		  0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 },
+	},
+	
+	{
+		16, 48, 48, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32,
+		  0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a,
+		  0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e,
+		  0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19,
+		  0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26,
+		  0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 },
+	},
+};
+
+struct tf_tv tf_cbc_dec_tv_template[] = {
+	/* Reverse of the first four above */
+	{
+		16, 16, 16, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32,
+		  0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a },		  
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+	},
+	
+	{
+		16, 16, 16, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32,
+		  0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a },
+		{ 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e,
+		  0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },  
+	},
+	
+	{
+		16, 16, 16, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e,
+		  0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19 },
+		{ 0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26,
+		  0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },  
+	},
+	
+	{
+		16, 48, 48, 0,
+		
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+		{ 0x9f, 0x58, 0x9f, 0x5c, 0xf6, 0x12, 0x2c, 0x32,
+		  0xb6, 0xbf, 0xec, 0x2f, 0x2a, 0xe8, 0xc3, 0x5a,
+		  0xd4, 0x91, 0xdb, 0x16, 0xe7, 0xb1, 0xc3, 0x9e,
+		  0x86, 0xcb, 0x08, 0x6b, 0x78, 0x9f, 0x54, 0x19,
+		  0x05, 0xef, 0x8c, 0x61, 0xa8, 0x11, 0x58, 0x26,
+		  0x34, 0xba, 0x5c, 0xb7, 0x10, 0x6a, 0xa6, 0x41 },
+		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+	},
+};
+
 #endif	/* _CRYPTO_TCRYPT_H */
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -58,7 +58,6 @@
 */
 #define CRYPTO_UNSPEC			0
 #define CRYPTO_MAX_ALG_NAME		64
-#define CRYPTO_MAX_CIPHER_BLOCK_SIZE	16

 struct scatterlist;

@@ -135,6 +134,7 @@ struct cipher_tfm {
 	                   struct scatterlist *sg, unsigned int nsg);
 	int (*cit_decrypt)(struct crypto_tfm *tfm,
 	                   struct scatterlist *sg, unsigned int nsg);
+	void (*cit_xor_block)(u8 *dst, const u8 *src);
 };

 struct digest_tfm {