Commit 8548a525 authored by Aaron Grothe's avatar Aaron Grothe Committed by Hideaki Yoshifuji

[CRYPTO]: Add Whirlpool digest algorithm.

Given the recent potential weaknesses in the SHA and MD families,
I thought it might not be a bad idea to include another hash/digest
algorithm in the kernel.

So here is Whirlpool.  I chose it for a couple of reasons.

o - It is by the same people who did Khazad. I feel pretty good about their work.
o - It has been evaluated by NESSIE
  https://www.cosic.esat.kuleuven.ac.be/nessie/reports/phase1/sagwp3-037_1.pdf
o - NESSIE has accepted it as one of the cryptographic primitives
o - It will be part of an ISO standard in the revised ISO/IEC 10118-3:2003(E) standard, thanks to
NESSIE
o - It is patent free and has an implementation in the public domain.
Signed-off-by: default avatarAaron Grothe <ajgrothe@yahoo.com>
Signed-off-by: default avatarJames Morris <jmorris@redhat.com>
Signed-off-by: default avatarDavid S. Miller <davem@redhat.com>
parent d763ffb9
...@@ -227,6 +227,9 @@ TEA/XTEA algorithm contributors: ...@@ -227,6 +227,9 @@ TEA/XTEA algorithm contributors:
Khazad algorithm contributors: Khazad algorithm contributors:
Aaron Grothe Aaron Grothe
Whirlpool algorithm contributors:
Aaron Grothe
Generic scatterwalk code by Adam J. Richter <adam@yggdrasil.com> Generic scatterwalk code by Adam J. Richter <adam@yggdrasil.com>
Please send any credits updates or corrections to: Please send any credits updates or corrections to:
......
...@@ -67,6 +67,21 @@ config CRYPTO_SHA512 ...@@ -67,6 +67,21 @@ config CRYPTO_SHA512
This code also includes SHA-384, a 384 bit hash with 192 bits This code also includes SHA-384, a 384 bit hash with 192 bits
of security against collision attacks. of security against collision attacks.
config CRYPTO_WHIRLPOOL
tristate "Whirlpool digest algorithm"
depends on CRYPTO
help
Whirlpool hash algorithm.
Whirlpool is part of the NESSIE cryptographic primtives.
Whirlpool works on messages shorter than 2^256 bits and
produces a 512 bit hash.
Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
See also:
http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html
config CRYPTO_DES config CRYPTO_DES
tristate "DES and Triple DES EDE cipher algorithms" tristate "DES and Triple DES EDE cipher algorithms"
depends on CRYPTO depends on CRYPTO
......
...@@ -14,6 +14,7 @@ obj-$(CONFIG_CRYPTO_MD5) += md5.o ...@@ -14,6 +14,7 @@ obj-$(CONFIG_CRYPTO_MD5) += md5.o
obj-$(CONFIG_CRYPTO_SHA1) += sha1.o obj-$(CONFIG_CRYPTO_SHA1) += sha1.o
obj-$(CONFIG_CRYPTO_SHA256) += sha256.o obj-$(CONFIG_CRYPTO_SHA256) += sha256.o
obj-$(CONFIG_CRYPTO_SHA512) += sha512.o obj-$(CONFIG_CRYPTO_SHA512) += sha512.o
obj-$(CONFIG_CRYPTO_WHIRLPOOL) += whirlpool.o
obj-$(CONFIG_CRYPTO_DES) += des.o obj-$(CONFIG_CRYPTO_DES) += des.o
obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish.o obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish.o
obj-$(CONFIG_CRYPTO_TWOFISH) += twofish.o obj-$(CONFIG_CRYPTO_TWOFISH) += twofish.o
......
...@@ -61,7 +61,8 @@ static char *tvmem; ...@@ -61,7 +61,8 @@ static char *tvmem;
static char *check[] = { static char *check[] = {
"des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish", "des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish",
"twofish", "serpent", "sha384", "sha512", "md4", "aes", "cast6", "twofish", "serpent", "sha384", "sha512", "md4", "aes", "cast6",
"arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", NULL "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea",
"whirlpool", NULL
}; };
static void static void
...@@ -680,6 +681,7 @@ do_test(void) ...@@ -680,6 +681,7 @@ do_test(void)
test_hash("sha384", sha384_tv_template, SHA384_TEST_VECTORS); test_hash("sha384", sha384_tv_template, SHA384_TEST_VECTORS);
test_hash("sha512", sha512_tv_template, SHA512_TEST_VECTORS); test_hash("sha512", sha512_tv_template, SHA512_TEST_VECTORS);
test_hash("whirlpool", whirlpool_tv_template, WHIRLPOOL_TEST_VECTORS);
test_deflate(); test_deflate();
test_crc32c(); test_crc32c();
#ifdef CONFIG_CRYPTO_HMAC #ifdef CONFIG_CRYPTO_HMAC
...@@ -791,6 +793,11 @@ do_test(void) ...@@ -791,6 +793,11 @@ do_test(void)
test_cipher ("khazad", MODE_ECB, DECRYPT, khazad_dec_tv_template, KHAZAD_DEC_TEST_VECTORS); test_cipher ("khazad", MODE_ECB, DECRYPT, khazad_dec_tv_template, KHAZAD_DEC_TEST_VECTORS);
break; break;
case 22:
test_hash("whirlpool", whirlpool_tv_template, WHIRLPOOL_TEST_VECTORS);
break;
#ifdef CONFIG_CRYPTO_HMAC #ifdef CONFIG_CRYPTO_HMAC
case 100: case 100:
test_hmac("md5", hmac_md5_tv_template, HMAC_MD5_TEST_VECTORS); test_hmac("md5", hmac_md5_tv_template, HMAC_MD5_TEST_VECTORS);
......
...@@ -301,6 +301,110 @@ struct hash_testvec sha512_tv_template[] = { ...@@ -301,6 +301,110 @@ struct hash_testvec sha512_tv_template[] = {
}, },
}; };
/*
* WHIRLPOOL test vectors from Whirlpool package
* by Vincent Rijmen and Paulo S. L. M. Barreto as part of the NESSIE
* submission
*/
#define WHIRLPOOL_TEST_VECTORS 8
struct hash_testvec whirlpool_tv_template[] = {
{
.plaintext = "",
.psize = 0,
.digest = { 0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66,
0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26,
0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8,
0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7,
0x3E, 0x83, 0xBE, 0x69, 0x8B, 0x28, 0x8F, 0xEB,
0xCF, 0x88, 0xE3, 0xE0, 0x3C, 0x4F, 0x07, 0x57,
0xEA, 0x89, 0x64, 0xE5, 0x9B, 0x63, 0xD9, 0x37,
0x08, 0xB1, 0x38, 0xCC, 0x42, 0xA6, 0x6E, 0xB3 },
}, {
.plaintext = "a",
.psize = 1,
.digest = { 0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F,
0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7,
0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69,
0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42,
0xD1, 0x1B, 0xC6, 0x45, 0x41, 0x3A, 0xEF, 0xF6,
0x3A, 0x42, 0x39, 0x1A, 0x39, 0x14, 0x5A, 0x59,
0x1A, 0x92, 0x20, 0x0D, 0x56, 0x01, 0x95, 0xE5,
0x3B, 0x47, 0x85, 0x84, 0xFD, 0xAE, 0x23, 0x1A },
}, {
.plaintext = "abc",
.psize = 3,
.digest = { 0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB,
0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B,
0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72,
0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C,
0x71, 0x81, 0xEE, 0xBD, 0xB6, 0xC5, 0x7E, 0x27,
0x7D, 0x0E, 0x34, 0x95, 0x71, 0x14, 0xCB, 0xD6,
0xC7, 0x97, 0xFC, 0x9D, 0x95, 0xD8, 0xB5, 0x82,
0xD2, 0x25, 0x29, 0x20, 0x76, 0xD4, 0xEE, 0xF5 },
}, {
.plaintext = "message digest",
.psize = 14,
.digest = { 0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6,
0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC,
0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C,
0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B,
0x84, 0x21, 0x55, 0x76, 0x59, 0xEF, 0x55, 0xC1,
0x06, 0xB4, 0xB5, 0x2A, 0xC5, 0xA4, 0xAA, 0xA6,
0x92, 0xED, 0x92, 0x00, 0x52, 0x83, 0x8F, 0x33,
0x62, 0xE8, 0x6D, 0xBD, 0x37, 0xA8, 0x90, 0x3E },
}, {
.plaintext = "abcdefghijklmnopqrstuvwxyz",
.psize = 26,
.digest = { 0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9,
0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A,
0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5,
0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B,
0x08, 0xBF, 0x2A, 0x92, 0x51, 0xC3, 0x0B, 0x6A,
0x0B, 0x8A, 0xAE, 0x86, 0x17, 0x7A, 0xB4, 0xA6,
0xF6, 0x8F, 0x67, 0x3E, 0x72, 0x07, 0x86, 0x5D,
0x5D, 0x98, 0x19, 0xA3, 0xDB, 0xA4, 0xEB, 0x3B },
}, {
.plaintext = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz0123456789",
.psize = 62,
.digest = { 0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B,
0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90,
0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC,
0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E,
0x08, 0xEB, 0xA2, 0x66, 0x29, 0x12, 0x9D, 0x8F,
0xB7, 0xCB, 0x57, 0x21, 0x1B, 0x92, 0x81, 0xA6,
0x55, 0x17, 0xCC, 0x87, 0x9D, 0x7B, 0x96, 0x21,
0x42, 0xC6, 0x5F, 0x5A, 0x7A, 0xF0, 0x14, 0x67 },
}, {
.plaintext = "1234567890123456789012345678901234567890"
"1234567890123456789012345678901234567890",
.psize = 80,
.digest = { 0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D,
0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0,
0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6,
0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29,
0x4D, 0x5B, 0xD8, 0xDF, 0x2A, 0x6C, 0x44, 0xE5,
0x38, 0xCD, 0x04, 0x7B, 0x26, 0x81, 0xA5, 0x1A,
0x2C, 0x60, 0x48, 0x1E, 0x88, 0xC5, 0xA2, 0x0B,
0x2C, 0x2A, 0x80, 0xCF, 0x3A, 0x9A, 0x08, 0x3B },
}, {
.plaintext = "abcdbcdecdefdefgefghfghighijhijk",
.psize = 32,
.digest = { 0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61,
0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48,
0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62,
0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69,
0x16, 0xBD, 0xC8, 0x03, 0x1B, 0xC5, 0xBE, 0x1B,
0x7B, 0x94, 0x76, 0x39, 0xFE, 0x05, 0x0B, 0x56,
0x93, 0x9B, 0xAA, 0xA0, 0xAD, 0xFF, 0x9A, 0xE6,
0x74, 0x5B, 0x7B, 0x18, 0x1C, 0x3B, 0xE3, 0xFD },
},
};
#ifdef CONFIG_CRYPTO_HMAC #ifdef CONFIG_CRYPTO_HMAC
/* /*
* HMAC-MD5 test vectors from RFC2202 * HMAC-MD5 test vectors from RFC2202
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment