I made a patch to enable Camellia-XTS on GEOM ELI (geli), which based on
AES-XTS. Since XTS is considered much stronger disk encryption mechanism,
I also would like to provide XTS mode for Camellia in addition to Camellia-CBC.
Will you import this patch to the base if you can?
The patch is available from:
this is consist of followings:
+ software cryptodev for camellia-xts mode,
+ geom eli for camellia-xts mode,
+ regression test for camellia-xts mode,
+ and small geli(9) manual fix.
Also, the regression test result is available from:
I saw some notes but the test result says success.
Maintainer is cc'd.
Thank you in advance,
Over to maintainer(s).
I tried to apply the same patch to the latest FreeBSD current, and
confirm it still works. I can apply the patch and all the test has passed.
Submitter notes this patch is still valid for -current.
For bugs that match the following
- Status Is In progress
- Untouched since 2018-01-01.
- Affects Base System OR Documentation
Reset to open status.
I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.
Sorry, collecting additional cryptographic algorithms doesn't improve user safety and there's no reason to use Camellia in preference to existing, well-studied AES modes.