examples/cipher.c

   1 /*
   2  * Demo on how to use /dev/crypto device for ciphering.
   3  *
   4  * Placed under public domain.
   5  *
   6  */
   7 #include <stdio.h>
   8 #include <string.h>
   9 #include <unistd.h>
  10 #include <fcntl.h>
  11
  12 #include <sys/ioctl.h>
  13 #include <crypto/cryptodev.h>
  14
  15 #define DATA_SIZE       8*1024
  16 #define BLOCK_SIZE      16
  17 #define KEY_SIZE        16
  18
  19 static int
  20 test_crypto(int cfd)
  21 {
  22         char plaintext_raw[DATA_SIZE + 63], *plaintext;
  23         char ciphertext_raw[DATA_SIZE + 63], *ciphertext;
  24         char iv[BLOCK_SIZE];
  25         char key[KEY_SIZE];
  26
  27         struct session_op sess;
  28         struct crypt_op cryp;
  29
  30         memset(&sess, 0, sizeof(sess));
  31         memset(&cryp, 0, sizeof(cryp));
  32
  33         memset(key, 0x33,  sizeof(key));
  34         memset(iv, 0x03,  sizeof(iv));
  35
  36         /* Get crypto session for AES128 */
  37         sess.cipher = CRYPTO_AES_CBC;
  38         sess.keylen = KEY_SIZE;
  39         sess.key = key;
  40         if (ioctl(cfd, CIOCGSESSION, &sess)) {
  41                 perror("ioctl(CIOCGSESSION)");
  42                 return 1;
  43         }
  44
  45         plaintext = (char *)(((unsigned long)plaintext_raw + sess.alignmask) & ~sess.alignmask);
  46         ciphertext = (char *)(((unsigned long)ciphertext_raw + sess.alignmask) & ~sess.alignmask);
  47         memset(plaintext, 0x15, DATA_SIZE);
  48
  49         /* Encrypt data.in to data.encrypted */
  50         cryp.ses = sess.ses;
  51         cryp.len = DATA_SIZE;
  52         cryp.src = plaintext;
  53         cryp.dst = ciphertext;
  54         cryp.iv = iv;
  55         cryp.op = COP_ENCRYPT;
  56         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
  57                 perror("ioctl(CIOCCRYPT)");
  58                 return 1;
  59         }
  60
  61         if (ioctl(cfd, CIOCFSESSION, &sess.ses)) {
  62                 perror("ioctl(CIOCFSESSION)");
  63                 return 1;
  64         }
  65
  66         if (ioctl(cfd, CIOCGSESSION, &sess)) {
  67                 perror("ioctl(CIOCGSESSION)");
  68                 return 1;
  69         }
  70
  71         /* Decrypt data.encrypted to data.decrypted */
  72         cryp.ses = sess.ses;
  73         cryp.len = DATA_SIZE;
  74         cryp.src = ciphertext;
  75         cryp.dst = ciphertext;
  76         cryp.iv = iv;
  77         cryp.op = COP_DECRYPT;
  78         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
  79                 perror("ioctl(CIOCCRYPT)");
  80                 return 1;
  81         }
  82
  83         /* Verify the result */
  84         if (memcmp(plaintext, ciphertext, DATA_SIZE) != 0) {
  85                 int i;
  86                 fprintf(stderr,
  87                         "FAIL: Decrypted data are different from the input data.\n");
  88                 printf("plaintext:");
  89                 for (i = 0; i < DATA_SIZE; i++) {
  90                         if ((i % 30) == 0)
  91                                 printf("\n");
  92                         printf("%02x ", plaintext[i]);
  93                 }
  94                 printf("ciphertext:");
  95                 for (i = 0; i < DATA_SIZE; i++) {
  96                         if ((i % 30) == 0)
  97                                 printf("\n");
  98                         printf("%02x ", ciphertext[i]);
  99                 }
 100                 printf("\n");
 101                 return 1;
 102         } else
 103                 printf("Test passed\n");
 104
 105         /* Finish crypto session */
 106         if (ioctl(cfd, CIOCFSESSION, &sess.ses)) {
 107                 perror("ioctl(CIOCFSESSION)");
 108                 return 1;
 109         }
 110
 111         return 0;
 112 }
 113
 114 static int test_aes(int cfd)
 115 {
 116         char plaintext1_raw[BLOCK_SIZE + 63], *plaintext1;
 117         char ciphertext1[BLOCK_SIZE] = { 0xdf, 0x55, 0x6a, 0x33, 0x43, 0x8d, 0xb8, 0x7b, 0xc4, 0x1b, 0x17, 0x52, 0xc5, 0x5e, 0x5e, 0x49 };
 118         char iv1[BLOCK_SIZE];
 119         char key1[KEY_SIZE] = { 0xff, 0xff, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
 120         char plaintext2_data[BLOCK_SIZE] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc0, 0x00 };
 121         char plaintext2_raw[BLOCK_SIZE + 63], *plaintext2;
 122         char ciphertext2[BLOCK_SIZE] = { 0xb7, 0x97, 0x2b, 0x39, 0x41, 0xc4, 0x4b, 0x90, 0xaf, 0xa7, 0xb2, 0x64, 0xbf, 0xba, 0x73, 0x87 };
 123         char iv2[BLOCK_SIZE];
 124         char key2[KEY_SIZE];
 125
 126         struct session_op sess;
 127         struct crypt_op cryp;
 128
 129         memset(&sess, 0, sizeof(sess));
 130         memset(&cryp, 0, sizeof(cryp));
 131
 132         /* Get crypto session for AES128 */
 133         sess.cipher = CRYPTO_AES_CBC;
 134         sess.keylen = KEY_SIZE;
 135         sess.key = key1;
 136         if (ioctl(cfd, CIOCGSESSION, &sess)) {
 137                 perror("ioctl(CIOCGSESSION)");
 138                 return 1;
 139         }
 140
 141         plaintext1 = (char *)(((unsigned long)plaintext1_raw + sess.alignmask) & ~sess.alignmask);
 142
 143         memset(plaintext1, 0x0, BLOCK_SIZE);
 144         memset(iv1, 0x0, sizeof(iv1));
 145
 146         /* Encrypt data.in to data.encrypted */
 147         cryp.ses = sess.ses;
 148         cryp.len = BLOCK_SIZE;
 149         cryp.src = plaintext1;
 150         cryp.dst = plaintext1;
 151         cryp.iv = iv1;
 152         cryp.op = COP_ENCRYPT;
 153         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
 154                 perror("ioctl(CIOCCRYPT)");
 155                 return 1;
 156         }
 157
 158         /* Verify the result */
 159         if (memcmp(plaintext1, ciphertext1, BLOCK_SIZE) != 0) {
 160                 fprintf(stderr,
 161                         "FAIL: Decrypted data are different from the input data.\n");
 162                 return 1;
 163         }
 164
 165         /* Test 2 */
 166
 167         memset(key2, 0x0, sizeof(key2));
 168         memset(iv2, 0x0, sizeof(iv2));
 169
 170         /* Get crypto session for AES128 */
 171         sess.cipher = CRYPTO_AES_CBC;
 172         sess.keylen = KEY_SIZE;
 173         sess.key = key2;
 174         if (ioctl(cfd, CIOCGSESSION, &sess)) {
 175                 perror("ioctl(CIOCGSESSION)");
 176                 return 1;
 177         }
 178
 179         plaintext2 = (char *)(((unsigned long)plaintext2_raw + sess.alignmask) & ~sess.alignmask);
 180         memcpy(plaintext2, plaintext2_data, BLOCK_SIZE);
 181
 182         /* Encrypt data.in to data.encrypted */
 183         cryp.ses = sess.ses;
 184         cryp.len = BLOCK_SIZE;
 185         cryp.src = plaintext2;
 186         cryp.dst = plaintext2;
 187         cryp.iv = iv2;
 188         cryp.op = COP_ENCRYPT;
 189         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
 190                 perror("ioctl(CIOCCRYPT)");
 191                 return 1;
 192         }
 193
 194         /* Verify the result */
 195         if (memcmp(plaintext2, ciphertext2, BLOCK_SIZE) != 0) {
 196                 int i;
 197                 fprintf(stderr,
 198                         "FAIL: Decrypted data are different from the input data.\n");
 199                 printf("plaintext:");
 200                 for (i = 0; i < BLOCK_SIZE; i++) {
 201                         if ((i % 30) == 0)
 202                                 printf("\n");
 203                         printf("%02x ", plaintext2[i]);
 204                 }
 205                 printf("ciphertext:");
 206                 for (i = 0; i < BLOCK_SIZE; i++) {
 207                         if ((i % 30) == 0)
 208                                 printf("\n");
 209                         printf("%02x ", ciphertext2[i]);
 210                 }
 211                 printf("\n");
 212                 return 1;
 213         }
 214
 215         printf("AES Test passed\n");
 216
 217         /* Finish crypto session */
 218         if (ioctl(cfd, CIOCFSESSION, &sess.ses)) {
 219                 perror("ioctl(CIOCFSESSION)");
 220                 return 1;
 221         }
 222
 223         return 0;
 224 }
 225
 226 int
 227 main()
 228 {
 229         int fd = -1, cfd = -1;
 230
 231         /* Open the crypto device */
 232         fd = open("/dev/crypto", O_RDWR, 0);
 233         if (fd < 0) {
 234                 perror("open(/dev/crypto)");
 235                 return 1;
 236         }
 237
 238         /* Clone file descriptor */
 239         if (ioctl(fd, CRIOGET, &cfd)) {
 240                 perror("ioctl(CRIOGET)");
 241                 return 1;
 242         }
 243
 244         /* Set close-on-exec (not really neede here) */
 245         if (fcntl(cfd, F_SETFD, 1) == -1) {
 246                 perror("fcntl(F_SETFD)");
 247                 return 1;
 248         }
 249
 250         /* Run the test itself */
 251         if (test_aes(cfd))
 252                 return 1;
 253
 254         if (test_crypto(cfd))
 255                 return 1;
 256
 257         /* Close cloned descriptor */
 258         if (close(cfd)) {
 259                 perror("close(cfd)");
 260                 return 1;
 261         }
 262
 263         /* Close the original descriptor */
 264         if (close(fd)) {
 265                 perror("close(fd)");
 266                 return 1;
 267         }
 268
 269         return 0;
 270 }
 271