2 * Demo on how to use /dev/crypto device for ciphering.
4 * Placed under public domain.
11 #include <sys/ioctl.h>
12 #include <crypto/cryptodev.h>
18 int aes_ctx_init(struct cryptodev_ctx
* ctx
, int cfd
, const uint8_t *key
, unsigned int key_size
)
21 struct session_info_op siop
;
24 memset(ctx
, 0, sizeof(*ctx
));
27 ctx
->sess
.cipher
= CRYPTO_AES_CBC
;
28 ctx
->sess
.keylen
= key_size
;
29 ctx
->sess
.key
= (void*)key
;
30 if (ioctl(ctx
->cfd
, CIOCGSESSION
, &ctx
->sess
)) {
31 perror("ioctl(CIOCGSESSION)");
36 siop
.ses
= ctx
->sess
.ses
;
37 if (ioctl(ctx
->cfd
, CIOCGSESSINFO
, &siop
)) {
38 perror("ioctl(CIOCGSESSINFO)");
41 printf("requested cipher CRYPTO_AES_CBC, got %s with driver %s\n",
42 siop
.cipher_info
.cra_name
, siop
.cipher_info
.cra_driver_name
);
43 /*printf("Alignmask is %x\n", (unsigned int)siop.alignmask); */
44 ctx
->alignmask
= siop
.alignmask
;
49 void aes_ctx_deinit(struct cryptodev_ctx
* ctx
)
51 if (ioctl(ctx
->cfd
, CIOCFSESSION
, &ctx
->sess
.ses
)) {
52 perror("ioctl(CIOCFSESSION)");
57 aes_encrypt(struct cryptodev_ctx
* ctx
, const void* iv
, const void* plaintext
, void* ciphertext
, size_t size
)
62 /* check plaintext and ciphertext alignment */
64 p
= (void*)(((unsigned long)plaintext
+ ctx
->alignmask
) & ~ctx
->alignmask
);
66 fprintf(stderr
, "plaintext is not aligned\n");
70 p
= (void*)(((unsigned long)ciphertext
+ ctx
->alignmask
) & ~ctx
->alignmask
);
71 if (ciphertext
!= p
) {
72 fprintf(stderr
, "ciphertext is not aligned\n");
77 memset(&cryp
, 0, sizeof(cryp
));
79 /* Encrypt data.in to data.encrypted */
80 cryp
.ses
= ctx
->sess
.ses
;
82 cryp
.src
= (void*)plaintext
;
83 cryp
.dst
= ciphertext
;
85 cryp
.op
= COP_ENCRYPT
;
86 if (ioctl(ctx
->cfd
, CIOCCRYPT
, &cryp
)) {
87 perror("ioctl(CIOCCRYPT)");
95 aes_decrypt(struct cryptodev_ctx
* ctx
, const void* iv
, const void* ciphertext
, void* plaintext
, size_t size
)
100 /* check plaintext and ciphertext alignment */
101 if (ctx
->alignmask
) {
102 p
= (void*)(((unsigned long)plaintext
+ ctx
->alignmask
) & ~ctx
->alignmask
);
103 if (plaintext
!= p
) {
104 fprintf(stderr
, "plaintext is not aligned\n");
108 p
= (void*)(((unsigned long)ciphertext
+ ctx
->alignmask
) & ~ctx
->alignmask
);
109 if (ciphertext
!= p
) {
110 fprintf(stderr
, "ciphertext is not aligned\n");
115 memset(&cryp
, 0, sizeof(cryp
));
117 /* Encrypt data.in to data.encrypted */
118 cryp
.ses
= ctx
->sess
.ses
;
120 cryp
.src
= (void*)ciphertext
;
121 cryp
.dst
= plaintext
;
123 cryp
.op
= COP_DECRYPT
;
124 if (ioctl(ctx
->cfd
, CIOCCRYPT
, &cryp
)) {
125 perror("ioctl(CIOCCRYPT)");
132 static int test_aes(int cfd
)
134 char plaintext1_raw
[AES_BLOCK_SIZE
+ 63], *plaintext1
;
135 char ciphertext1
[AES_BLOCK_SIZE
] = { 0xdf, 0x55, 0x6a, 0x33, 0x43, 0x8d, 0xb8, 0x7b, 0xc4, 0x1b, 0x17, 0x52, 0xc5, 0x5e, 0x5e, 0x49 };
136 char iv1
[AES_BLOCK_SIZE
];
137 uint8_t key1
[KEY_SIZE
] = { 0xff, 0xff, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
138 char plaintext2_data
[AES_BLOCK_SIZE
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc0, 0x00 };
139 char plaintext2_raw
[AES_BLOCK_SIZE
+ 63], *plaintext2
;
140 char ciphertext2
[AES_BLOCK_SIZE
] = { 0xb7, 0x97, 0x2b, 0x39, 0x41, 0xc4, 0x4b, 0x90, 0xaf, 0xa7, 0xb2, 0x64, 0xbf, 0xba, 0x73, 0x87 };
141 char iv2
[AES_BLOCK_SIZE
];
142 uint8_t key2
[KEY_SIZE
];
143 struct cryptodev_ctx ctx
;
145 aes_ctx_init(&ctx
, cfd
, key1
, sizeof(key1
));
148 plaintext1
= (char *)(((unsigned long)plaintext1_raw
+ ctx
.alignmask
) & ~ctx
.alignmask
);
150 plaintext1
= plaintext1_raw
;
152 memset(plaintext1
, 0x0, AES_BLOCK_SIZE
);
153 memset(iv1
, 0x0, sizeof(iv1
));
155 aes_encrypt(&ctx
, iv1
, plaintext1
, plaintext1
, AES_BLOCK_SIZE
);
157 /* Verify the result */
158 if (memcmp(plaintext1
, ciphertext1
, AES_BLOCK_SIZE
) != 0) {
160 "FAIL: Decrypted data are different from the input data.\n");
164 aes_ctx_deinit(&ctx
);
168 memset(key2
, 0x0, sizeof(key2
));
169 memset(iv2
, 0x0, sizeof(iv2
));
171 aes_ctx_init(&ctx
, cfd
, key2
, sizeof(key2
));
174 plaintext2
= (char *)(((unsigned long)plaintext2_raw
+ ctx
.alignmask
) & ~ctx
.alignmask
);
176 plaintext2
= plaintext2_raw
;
178 memcpy(plaintext2
, plaintext2_data
, AES_BLOCK_SIZE
);
180 /* Encrypt data.in to data.encrypted */
181 aes_encrypt(&ctx
, iv2
, plaintext2
, plaintext2
, AES_BLOCK_SIZE
);
183 /* Verify the result */
184 if (memcmp(plaintext2
, ciphertext2
, AES_BLOCK_SIZE
) != 0) {
187 "FAIL: Decrypted data are different from the input data.\n");
188 printf("plaintext:");
189 for (i
= 0; i
< AES_BLOCK_SIZE
; i
++) {
190 printf("%02x ", plaintext2
[i
]);
192 printf("ciphertext:");
193 for (i
= 0; i
< AES_BLOCK_SIZE
; i
++) {
194 printf("%02x ", ciphertext2
[i
]);
200 aes_ctx_deinit(&ctx
);
202 printf("AES Test passed\n");
212 /* Open the crypto device */
213 cfd
= open("/dev/crypto", O_RDWR
, 0);
215 perror("open(/dev/crypto)");
219 /* Set close-on-exec (not really neede here) */
220 if (fcntl(cfd
, F_SETFD
, 1) == -1) {
221 perror("fcntl(F_SETFD)");
225 /* Run the test itself */
229 /* Close the original descriptor */
231 perror("close(cfd)");