1 /*- 2 * Copyright (c) 2000 Mark R V Murray 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer 10 * in this position and unchanged. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 #include <sys/param.h> 30 #include <sys/systm.h> 31 #include <sys/queue.h> 32 #include <sys/libkern.h> 33 #include <sys/random.h> 34 #include <sys/types.h> 35 36 #include <crypto/rijndael/rijndael.h> 37 38 #include <dev/random/hash.h> 39 40 /* initialise the hash by zeroing it */ 41 void 42 yarrow_hash_init(struct yarrowhash *context) 43 { 44 rijndael_cipherInit(&context->cipher, MODE_CBC, NULL); 45 bzero(context->hash, KEYSIZE); 46 context->partial = 0; 47 } 48 49 /* Do a Davies-Meyer hash using a block cipher. 50 * H_0 = I 51 * H_i = E_M_i(H_i-1) ^ H_i-1 52 */ 53 void 54 yarrow_hash_iterate(struct yarrowhash *context, void *data, size_t size) 55 { 56 u_char temp[KEYSIZE]; 57 u_int i, j; 58 59 for (i = 0; i < size; i++) { 60 context->accum[context->partial++] = ((u_char *)(data))[i]; 61 if (context->partial == (KEYSIZE - 1)) { 62 rijndael_makeKey(&context->hashkey, DIR_ENCRYPT, 63 KEYSIZE*8, context->accum); 64 rijndael_blockEncrypt(&context->cipher, 65 &context->hashkey, context->hash, 66 KEYSIZE*8, temp); 67 for (j = 0; j < KEYSIZE; j++) 68 context->hash[j] ^= temp[j]; 69 bzero(context->accum, KEYSIZE); 70 context->partial = 0; 71 } 72 } 73 } 74 75 /* Conclude by returning the hash in the supplied /buf/ which must be 76 * KEYSIZE bytes long. Trailing data (less than KEYSIZE bytes) are 77 * not forgotten. 78 */ 79 void 80 yarrow_hash_finish(struct yarrowhash *context, void *buf) 81 { 82 u_char temp[KEYSIZE]; 83 int i; 84 85 if (context->partial) { 86 rijndael_makeKey(&context->hashkey, DIR_ENCRYPT, 87 KEYSIZE*8, context->accum); 88 rijndael_blockEncrypt(&context->cipher, 89 &context->hashkey, context->hash, 90 KEYSIZE*8, temp); 91 for (i = 0; i < KEYSIZE; i++) 92 context->hash[i] ^= temp[i]; 93 } 94 memcpy(buf, context->hash, KEYSIZE); 95 bzero(context->hash, KEYSIZE); 96 } 97 98 /* Initialise the encryption routine by setting up the key schedule 99 * from the supplied /key/ which must be KEYSIZE bytes of binary 100 * data. 101 */ 102 void 103 yarrow_encrypt_init(struct yarrowkey *context, void *data) 104 { 105 rijndael_cipherInit(&context->cipher, MODE_CBC, NULL); 106 rijndael_makeKey(&context->key, DIR_ENCRYPT, KEYSIZE*8, data); 107 } 108 109 /* Encrypt the supplied data using the key schedule preset in the context. 110 * KEYSIZE bytes are encrypted from /d_in/ to /d_out/. 111 */ 112 void 113 yarrow_encrypt(struct yarrowkey *context, void *d_in, void *d_out) 114 { 115 rijndael_blockEncrypt(&context->cipher, &context->key, d_in, 116 KEYSIZE*8, d_out); 117 } 118