Integrate the Camellia Block Cipher. For more information see RFC 4132

and its bibliography.

Submitted by:   Tomoyuki Okazaki <okazaki at kick dot gr dot jp>
MFC after:      1 month

lib/libipsec/pfkey_dump.c

@@ -187,6 +187,9 @@ static struct val2str str_alg_enc[] = {
 #endif
 #ifdef SADB_X_EALG_AESCTR
 	{ SADB_X_EALG_AESCTR, "aes-ctr", },
+#endif
+#ifdef SADB_X_EALG_CAMELLIACBC
+	{ SADB_X_EALG_CAMELLIACBC, "camellia-cbc", },
 #endif
 	{ -1, NULL, },
 };

sbin/setkey/setkey.8

@@ -628,6 +628,7 @@ des-deriv	64		ipsec-ciph-des-derived-01
 3des-deriv	192		no document
 rijndael-cbc	128/192/256	rfc3602
 aes-ctr		160/224/288	draft-ietf-ipsec-ciph-aes-ctr-03
+camllia-cbc	128/192/256	rfc4312
 .Ed
 .Pp
 Note that the first 128/192/256 bits of a key for

sbin/setkey/token.l

@@ -167,6 +167,7 @@ tcp		{ yylval.num = 0; return(PR_TCP); }
 <S_ENCALG>des-32iv	{ yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); }
 <S_ENCALG>rijndael-cbc	{ yylval.num = SADB_X_EALG_RIJNDAELCBC; BEGIN INITIAL; return(ALG_ENC); }
 <S_ENCALG>aes-ctr	{ yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); }
+<S_ENCALG>camellia-cbc	{ yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); }
 
 	/* compression algorithms */
 {hyphen}C	{ return(F_COMP); }

secure/lib/libcrypto/Makefile

@@ -95,6 +95,13 @@ SRCS+=	c_enc.c
 .endif
 INCS+=	cast.h
 
+# camellia
+.if ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "amd64"
+SRCS+=	camellia.c cmll_cbc.c cmll_cfb.c cmll_ctr.c cmll_ecb.c \
+	cmll_misc.c cmll_ofb.c
+INCS+=	camellia.h
+.endif
+
 # comp
 SRCS+=	c_rle.c c_zlib.c comp_err.c comp_lib.c
 INCS+=	comp.h
@@ -164,6 +171,9 @@ SRCS+=	bio_b64.c bio_enc.c bio_md.c bio_ok.c c_all.c c_allc.c c_alld.c \
 	m_mdc2.c m_null.c m_ripemd.c m_sha.c m_sha1.c names.c \
 	openbsd_hw.c p5_crpt.c p5_crpt2.c p_dec.c p_enc.c p_lib.c \
 	p_open.c p_seal.c p_sign.c p_verify.c
+.if ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "amd64"
+SRCS+=	e_camellia.c
+.endif
 INCS+=	evp.h
 
 # fips
@@ -381,6 +391,7 @@ _ideapath=	${LCRYPTO_SRC}/crypto/idea
 	${LCRYPTO_SRC}/crypto/bn \
 	${LCRYPTO_SRC}/crypto/buffer \
 	${LCRYPTO_SRC}/crypto/cast \
+	${LCRYPTO_SRC}/crypto/camellia \
 	${LCRYPTO_SRC}/crypto/comp \
 	${LCRYPTO_SRC}/crypto/conf \
 	${LCRYPTO_SRC}/crypto/des \

secure/lib/libcrypto/Makefile.inc

@@ -13,7 +13,7 @@ CFLAGS+=	-DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H
 CFLAGS+=	-DOPENSSL_NO_IDEA
 .endif
 
-.if ${MACHINE_ARCH} == "i386"
+.if ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "amd64"
 CFLAGS+= -DL_ENDIAN
 .endif
 

secure/lib/libcrypto/opensslconf-amd64.h

@@ -5,10 +5,6 @@
 /* OpenSSL was configured with the following options: */
 #ifndef OPENSSL_DOING_MAKEDEPEND
 
-/* Disabled by default in OpenSSL 0.9.8. */
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
 /* libgmp is not in the FreeBSD base system. */
 #ifndef OPENSSL_NO_GMP
 # define OPENSSL_NO_GMP

secure/lib/libcrypto/opensslconf-i386.h

@@ -5,10 +5,6 @@
 /* OpenSSL was configured with the following options: */
 #ifndef OPENSSL_DOING_MAKEDEPEND
 
-/* Disabled by default in OpenSSL 0.9.8. */
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
 /* libgmp is not in the FreeBSD base system. */
 #ifndef OPENSSL_NO_GMP
 # define OPENSSL_NO_GMP

sys/conf/files

@@ -340,6 +340,8 @@ contrib/pf/net/pf_osfp.c	optional pf \
 contrib/pf/netinet/in4_cksum.c	optional pf inet
 crypto/blowfish/bf_ecb.c	optional ipsec ipsec_esp
 crypto/blowfish/bf_skey.c	optional crypto | ipsec ipsec_esp
+crypto/camellia/camellia.c	optional crypto | ipsec ipsec_esp
+crypto/camellia/camellia-api.c	optional crypto | ipsec ipsec_esp
 crypto/des/des_ecb.c		optional crypto | ipsec ipsec_esp | netsmb
 crypto/des/des_setkey.c		optional crypto | ipsec ipsec_esp | netsmb
 crypto/rc4/rc4.c		optional netgraph_mppc_encryption
@@ -1842,6 +1844,7 @@ netinet6/esp_core.c		optional ipsec ipsec_esp
 netinet6/esp_input.c		optional ipsec ipsec_esp
 netinet6/esp_output.c		optional ipsec ipsec_esp
 netinet6/esp_rijndael.c		optional ipsec ipsec_esp
+netinet6/esp_camellia.c		optional ipsec ipsec_esp
 netinet6/frag6.c		optional inet6
 netinet6/icmp6.c		optional inet6
 netinet6/in6.c			optional inet6

sys/crypto/camellia/camellia-api.c

@@ -0,0 +1,58 @@
+/*
+ *
+ * Copyright (c) 2006
+ * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer as
+ *   the first lines of this file unmodified.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#include <sys/cdefs.h>
+
+#include <sys/types.h>
+#ifdef _KERNEL
+#include <sys/systm.h>
+#endif
+#include <crypto/camellia/camellia.h>
+
+void
+camellia_set_key(camellia_ctx *ctx, const u_char *key, int bits)
+{
+
+    Camellia_Ekeygen(bits, key, ctx->subkey);
+    ctx->bits = bits;
+}
+
+void
+camellia_decrypt(const camellia_ctx *ctx, const u_char *src, u_char *dst)
+{
+
+    Camellia_DecryptBlock(ctx->bits, src, ctx->subkey, dst);
+}
+
+void
+camellia_encrypt(const camellia_ctx *ctx, const u_char *src, u_char *dst)
+{
+
+    Camellia_EncryptBlock(ctx->bits, src, ctx->subkey, dst);
+}

sys/crypto/camellia/camellia.h

@@ -0,0 +1,69 @@
+/* camellia.h ver 1.1.0
+ *
+ * Copyright (c) 2006
+ * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer as
+ *   the first lines of this file unmodified.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _CAMELLIA_H
+#define _CAMELLIA_H
+
+#define CAMELLIA_BLOCK_SIZE 16
+#define CAMELLIA_SUBKEYWORD 68 /* (34*8/4) */
+
+typedef struct {
+    int	bits;				      /* key-length */
+    uint32_t subkey[CAMELLIA_SUBKEYWORD]; /* encrypt/decrypt key schedule */
+} camellia_ctx;
+
+void camellia_set_key(camellia_ctx *, const u_char *, int);
+void camellia_decrypt(const camellia_ctx *, const u_char *, u_char *);
+void camellia_encrypt(const camellia_ctx *, const u_char *, u_char *);
+
+
+void Camellia_Ekeygen(const int keyBitLength,
+		      const unsigned char *rawKey, 
+		      uint32_t *subkey);
+
+void Camellia_EncryptBlock(const int keyBitLength,
+			   const unsigned char *plaintext, 
+			   const uint32_t *subkey,
+			   unsigned char *cipherText);
+
+void Camellia_DecryptBlock(const int keyBitLength, 
+			   const unsigned char *cipherText, 
+			   const uint32_t *subkey,
+			   unsigned char *plaintext);
+
+void camellia_setup128(const unsigned char *key, uint32_t *subkey);
+void camellia_setup192(const unsigned char *key, uint32_t *subkey);
+void camellia_setup256(const unsigned char *key, uint32_t *subkey);
+void camellia_encrypt128(const uint32_t *subkey, uint32_t *io);
+void camellia_encrypt256(const uint32_t *subkey, uint32_t *io);
+void camellia_decrypt128(const uint32_t *subkey, uint32_t *io);
+void camellia_decrypt256(const uint32_t *subkey, uint32_t *io);
+
+
+#endif /* _CAMELLIA_H */

sys/modules/crypto/Makefile

@@ -6,6 +6,7 @@
 .PATH:	${.CURDIR}/../../crypto/des
 .PATH:	${.CURDIR}/../../crypto/rijndael
 .PATH:	${.CURDIR}/../../crypto/sha2
+.PATH:	${.CURDIR}/../../crypto/camellia
 
 KMOD	= crypto
 SRCS	= crypto.c cryptodev_if.c
@@ -16,5 +17,5 @@ SRCS	+= des_ecb.c des_enc.c des_setkey.c
 SRCS	+= sha1.c sha2.c
 SRCS	+= opt_param.h cryptodev_if.h bus_if.h device_if.h
 SRCS	+= opt_ddb.h
-
+SRCS	+= camellia.c camellia-api.c
 .include <bsd.kmod.mk>

sys/net/pfkeyv2.h

@@ -325,6 +325,8 @@ struct sadb_x_ipsecrequest {
 #define SADB_X_EALG_BLOWFISHCBC	7
 #define SADB_X_EALG_RIJNDAELCBC	12
 #define SADB_X_EALG_AES		12
+/* private allocations - based on RFC4312/IANA assignment */
+#define SADB_X_EALG_CAMELLIACBC		22
 /* private allocations should use 249-255 (RFC2407) */
 #define SADB_X_EALG_SKIPJACK	249	/*250*/ /* for FAST_IPSEC */
 #define SADB_X_EALG_AESCTR	250	/*249*/ /* draft-ietf-ipsec-ciph-aes-ctr-03 */

sys/netinet6/esp_camellia.c

@@ -0,0 +1,92 @@
+/*
+ *
+ * Copyright (c) 2006
+ * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer as
+ *   the first lines of this file unmodified.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/socket.h>
+#include <sys/queue.h>
+
+#include <net/if.h>
+#include <net/route.h>
+#include <netinet/in.h>
+
+#include <netinet6/ipsec.h>
+#include <netinet6/esp.h>
+#include <netinet6/esp_camellia.h>
+
+#include <crypto/camellia/camellia.h>
+
+size_t
+esp_camellia_schedlen(algo)
+	const struct esp_algorithm *algo;
+{
+
+	return sizeof(camellia_ctx);
+}
+
+int
+esp_camellia_schedule(algo, sav)
+	const struct esp_algorithm *algo;
+	struct secasvar *sav;
+{
+	camellia_ctx *ctx;
+
+	ctx = (camellia_ctx *)sav->sched;
+	camellia_set_key(ctx,
+	    (u_char *)_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc) * 8);
+	return 0;
+}
+
+int
+esp_camellia_blockdecrypt(algo, sav, s, d)
+	const struct esp_algorithm *algo;
+	struct secasvar *sav;
+	u_int8_t *s;
+	u_int8_t *d;
+{
+	camellia_ctx *ctx;
+
+	ctx = (camellia_ctx *)sav->sched;
+	camellia_decrypt(ctx, s, d);
+	return 0;
+}
+
+int
+esp_camellia_blockencrypt(algo, sav, s, d)
+	const struct esp_algorithm *algo;
+	struct secasvar *sav;
+	u_int8_t *s;
+	u_int8_t *d;
+{
+	camellia_ctx *ctx;
+
+	ctx = (camellia_ctx *)sav->sched;
+	camellia_encrypt(ctx, s, d);
+	return 0;
+}

sys/netinet6/esp_camellia.h

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2006
+ * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer as
+ *   the first lines of this file unmodified.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ * $FreeBSD$
+ */
+
+size_t esp_camellia_schedlen __P((const struct esp_algorithm *));
+int esp_camellia_schedule __P((const struct esp_algorithm *,
+	struct secasvar *));
+int esp_camellia_blockdecrypt __P((const struct esp_algorithm *,
+	struct secasvar *, u_int8_t *, u_int8_t *));
+int esp_camellia_blockencrypt __P((const struct esp_algorithm *,
+	struct secasvar *, u_int8_t *, u_int8_t *));

sys/netinet6/esp_core.c

@@ -68,6 +68,7 @@
 #include <netinet6/esp6.h>
 #endif
 #include <netinet6/esp_rijndael.h>
+#include <netinet6/esp_camellia.h>
 #include <netinet6/esp_aesctr.h>
 #include <net/pfkeyv2.h>
 #include <netkey/keydb.h>
@@ -162,6 +163,11 @@ static const struct esp_algorithm esp_algorithms[] = {
 	{ 16, 8, esp_aesctr_mature, 160, 288, esp_aesctr_schedlen, "aes-ctr",
 		esp_common_ivlen, esp_aesctr_decrypt,
 		esp_aesctr_encrypt, esp_aesctr_schedule },
+	{ 16, 16, esp_cbc_mature, 128, 256, esp_camellia_schedlen,
+		"camellia-cbc",
+		esp_common_ivlen, esp_cbc_decrypt,
+		esp_cbc_encrypt, esp_camellia_schedule,
+		esp_camellia_blockdecrypt, esp_camellia_blockencrypt },
 };
 
 const struct esp_algorithm *
@@ -184,6 +190,8 @@ esp_algorithm_lookup(idx)
 		return &esp_algorithms[5];
 	case SADB_X_EALG_AESCTR:
 		return &esp_algorithms[6];
+	case SADB_X_EALG_CAMELLIACBC:
+		return &esp_algorithms[7];
 	default:
 		return NULL;
 	}
@@ -442,6 +450,7 @@ esp_cbc_mature(sav)
 	case SADB_X_EALG_CAST128CBC:
 		break;
 	case SADB_X_EALG_RIJNDAELCBC:
+	case SADB_X_EALG_CAMELLIACBC:
 		/* allows specific key sizes only */
 		if (!(keylen == 128 || keylen == 192 || keylen == 256)) {
 			ipseclog((LOG_ERR,

sys/netipsec/xform_esp.c

@@ -113,6 +113,8 @@ esp_algorithm_lookup(int alg)
 		return &enc_xform_skipjack;
 	case SADB_EALG_NULL:
 		return &enc_xform_null;
+	case SADB_X_EALG_CAMELLIACBC:
+		return &enc_xform_camellia;
 	}
 	return NULL;
 }
@@ -1006,6 +1008,7 @@ esp_attach(void)
 	MAXIV(enc_xform_cast5);		/* SADB_X_EALG_CAST128CBC */
 	MAXIV(enc_xform_skipjack);	/* SADB_X_EALG_SKIPJACK */
 	MAXIV(enc_xform_null);		/* SADB_EALG_NULL */
+	MAXIV(enc_xform_camellia);	/* SADB_X_EALG_CAMELLIACBC */
 
 	xform_register(&esp_xformsw);
 #undef MAXIV

sys/opencrypto/cryptodev.c

@@ -198,6 +198,9 @@ cryptof_ioctl(
 		case CRYPTO_ARC4:
 			txform = &enc_xform_arc4;
 			break;
+ 		case CRYPTO_CAMELLIA_CBC:
+ 			txform = &enc_xform_camellia;
+ 			break;
 		default:
 			return (EINVAL);
 		}

sys/opencrypto/cryptodev.h

@@ -97,6 +97,7 @@
 #define CAST128_BLOCK_LEN	8
 #define RIJNDAEL128_BLOCK_LEN	16
 #define AES_BLOCK_LEN		RIJNDAEL128_BLOCK_LEN
+#define CAMELLIA_BLOCK_LEN	16
 #define EALG_MAX_BLOCK_LEN	AES_BLOCK_LEN /* Keep this updated */
 
 #define	CRYPTO_ALGORITHM_MIN	1
@@ -121,7 +122,8 @@
 #define	CRYPTO_SHA2_256_HMAC	18
 #define	CRYPTO_SHA2_384_HMAC	19
 #define	CRYPTO_SHA2_512_HMAC	20
-#define	CRYPTO_ALGORITHM_MAX	20 /* Keep updated - see below */
+#define CRYPTO_CAMELLIA_CBC	21
+#define	CRYPTO_ALGORITHM_MAX	21 /* Keep updated - see below */
 
 /* Algorithm flags */
 #define	CRYPTO_ALG_FLAG_SUPPORTED	0x01 /* Algorithm is supported */

sys/opencrypto/cryptosoft.c

@@ -661,6 +661,9 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
 		case CRYPTO_RIJNDAEL128_CBC:
 			txf = &enc_xform_rijndael128;
 			goto enccommon;
+		case CRYPTO_CAMELLIA_CBC:
+			txf = &enc_xform_camellia;
+			goto enccommon;
 		case CRYPTO_NULL_CBC:
 			txf = &enc_xform_null;
 			goto enccommon;
@@ -816,6 +819,7 @@ swcr_freesession(device_t dev, u_int64_t tid)
 		case CRYPTO_CAST_CBC:
 		case CRYPTO_SKIPJACK_CBC:
 		case CRYPTO_RIJNDAEL128_CBC:
+		case CRYPTO_CAMELLIA_CBC:
 		case CRYPTO_NULL_CBC:
 			txf = swd->sw_exf;
 
@@ -928,6 +932,7 @@ swcr_process(device_t dev, struct cryptop *crp, int hint)
 		case CRYPTO_CAST_CBC:
 		case CRYPTO_SKIPJACK_CBC:
 		case CRYPTO_RIJNDAEL128_CBC:
+		case CRYPTO_CAMELLIA_CBC:
 			if ((crp->crp_etype = swcr_encdec(crd, sw,
 			    crp->crp_buf, crp->crp_flags)) != 0)
 				goto done;
@@ -1019,6 +1024,7 @@ swcr_attach(device_t dev)
 	REGISTER(CRYPTO_MD5);
 	REGISTER(CRYPTO_SHA1);
 	REGISTER(CRYPTO_RIJNDAEL128_CBC);
+ 	REGISTER(CRYPTO_CAMELLIA_CBC);
 	REGISTER(CRYPTO_DEFLATE_COMP);
 #undef REGISTER
 

sys/opencrypto/xform.c

@@ -51,6 +51,7 @@ __FBSDID("$FreeBSD$");
 #include <crypto/blowfish/blowfish.h>
 #include <crypto/des/des.h>
 #include <crypto/rijndael/rijndael.h>
+#include <crypto/camellia/camellia.h>
 #include <crypto/sha1.h>
 
 #include <opencrypto/cast.h>
@@ -74,24 +75,28 @@ static	int blf_setkey(u_int8_t **, u_int8_t *, int);
 static	int cast5_setkey(u_int8_t **, u_int8_t *, int);
 static	int skipjack_setkey(u_int8_t **, u_int8_t *, int);
 static	int rijndael128_setkey(u_int8_t **, u_int8_t *, int);
+static	int cml_setkey(u_int8_t **, u_int8_t *, int);
 static	void des1_encrypt(caddr_t, u_int8_t *);
 static	void des3_encrypt(caddr_t, u_int8_t *);
 static	void blf_encrypt(caddr_t, u_int8_t *);
 static	void cast5_encrypt(caddr_t, u_int8_t *);
 static	void skipjack_encrypt(caddr_t, u_int8_t *);
 static	void rijndael128_encrypt(caddr_t, u_int8_t *);
+static	void cml_encrypt(caddr_t, u_int8_t *);
 static	void des1_decrypt(caddr_t, u_int8_t *);
 static	void des3_decrypt(caddr_t, u_int8_t *);
 static	void blf_decrypt(caddr_t, u_int8_t *);
 static	void cast5_decrypt(caddr_t, u_int8_t *);
 static	void skipjack_decrypt(caddr_t, u_int8_t *);
 static	void rijndael128_decrypt(caddr_t, u_int8_t *);
+static	void cml_decrypt(caddr_t, u_int8_t *);
 static	void des1_zerokey(u_int8_t **);
 static	void des3_zerokey(u_int8_t **);
 static	void blf_zerokey(u_int8_t **);
 static	void cast5_zerokey(u_int8_t **);
 static	void skipjack_zerokey(u_int8_t **);
 static	void rijndael128_zerokey(u_int8_t **);
+static	void cml_zerokey(u_int8_t **);
 
 static	void null_init(void *);
 static	int null_update(void *, u_int8_t *, u_int16_t);
@@ -184,6 +189,15 @@ struct enc_xform enc_xform_arc4 = {
 	NULL,
 };
 
+struct enc_xform enc_xform_camellia = {
+	CRYPTO_CAMELLIA_CBC, "Camellia",
+	CAMELLIA_BLOCK_LEN, 8, 32,
+	cml_encrypt,
+	cml_decrypt,
+	cml_setkey,
+	cml_zerokey,
+};
+
 /* Authentication instances */
 struct auth_hash auth_hash_null = {
 	CRYPTO_NULL_HMAC, "NULL-HMAC",
@@ -533,6 +547,45 @@ rijndael128_zerokey(u_int8_t **sched)
 	*sched = NULL;
 }
 
+static void
+cml_encrypt(caddr_t key, u_int8_t *blk)
+{
+	camellia_encrypt((camellia_ctx *) key, (u_char *) blk, (u_char *) blk);
+}
+
+static void
+cml_decrypt(caddr_t key, u_int8_t *blk)
+{
+	camellia_decrypt(((camellia_ctx *) key), (u_char *) blk,
+	    (u_char *) blk);
+}
+
+static int
+cml_setkey(u_int8_t **sched, u_int8_t *key, int len)
+{
+	int err;
+
+	if (len != 16 && len != 24 && len != 32)
+		return (EINVAL);
+	MALLOC(*sched, u_int8_t *, sizeof(camellia_ctx), M_CRYPTO_DATA,
+	    M_NOWAIT|M_ZERO);
+	if (*sched != NULL) {
+		camellia_set_key((camellia_ctx *) *sched, (u_char *) key,
+		    len * 8);
+		err = 0;
+	} else
+		err = ENOMEM;
+	return err;
+}
+
+static void
+cml_zerokey(u_int8_t **sched)
+{
+	bzero(*sched, sizeof(camellia_ctx));
+	FREE(*sched, M_CRYPTO_DATA);
+	*sched = NULL;
+}
+
 /*
  * And now for auth.
  */

sys/opencrypto/xform.h

@@ -81,6 +81,7 @@ extern struct enc_xform enc_xform_cast5;
 extern struct enc_xform enc_xform_skipjack;
 extern struct enc_xform enc_xform_rijndael128;
 extern struct enc_xform enc_xform_arc4;
+extern struct enc_xform enc_xform_camellia;
 
 extern struct auth_hash auth_hash_null;
 extern struct auth_hash auth_hash_key_md5;