search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added SIOP_FLAG_KERNEL_DRIVER_ONLY to correspond to CRYPTO_ALG_KERN_DRIVER_ONLY if...
[cryptodev-linux.git] / examples / aes-sha1.c
blobe93e3c4461b230888415d9874d4e74955cde639d
1 /*
2 * Demo on how to use /dev/crypto device for ciphering.
3 *
4 * Placed under public domain.
5 *
6 */
7 #include <stdio.h>
8 #include <string.h>
9 #include <unistd.h>
10 #include <fcntl.h>
11 #include <sys/ioctl.h>
12 #include <crypto/cryptodev.h>
13 #include "aes-sha1.h"
14
15 /* This is the TLS version of AES-CBC with HMAC-SHA1.
16 */
17
18 int aes_sha1_ctx_init(struct cryptodev_ctx* ctx, int cfd,
19 const uint8_t *key, unsigned int key_size,
20 const uint8_t *mac_key, unsigned int mac_key_size)
21 {
22 #ifdef CIOCGSESSINFO
23 struct session_info_op siop;
24 #endif
25
26 memset(ctx, 0, sizeof(*ctx));
27 ctx->cfd = cfd;
28
29 ctx->sess.cipher = CRYPTO_AES_CBC;
30 ctx->sess.keylen = key_size;
31 ctx->sess.key = (void*)key;
32
33 ctx->sess.mac = CRYPTO_SHA1_HMAC;
34 ctx->sess.mackeylen = mac_key_size;
35 ctx->sess.mackey = (void*)mac_key;
36
37 if (ioctl(ctx->cfd, CIOCGSESSION, &ctx->sess)) {
38 perror("ioctl(CIOCGSESSION)");
39 return -1;
40 }
41
42 #ifdef CIOCGSESSINFO
43 siop.ses = ctx->sess.ses;
44 if (ioctl(ctx->cfd, CIOCGSESSINFO, &siop)) {
45 perror("ioctl(CIOCGSESSINFO)");
46 return -1;
47 }
48 printf("Got %s with driver %s\n",
49 siop.cipher_info.cra_name, siop.cipher_info.cra_driver_name);
50 if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
51 printf("Note: This is not an accelerated cipher\n");
52 }
53 /*printf("Alignmask is %x\n", (unsigned int)siop.alignmask); */
54 ctx->alignmask = siop.alignmask;
55 #endif
56 return 0;
57 }
58
59 void aes_sha1_ctx_deinit(struct cryptodev_ctx* ctx)
60 {
61 if (ioctl(ctx->cfd, CIOCFSESSION, &ctx->sess.ses)) {
62 perror("ioctl(CIOCFSESSION)");
63 }
64 }
65
66 int
67 aes_sha1_encrypt(struct cryptodev_ctx* ctx, const void* iv,
68 const void* auth, size_t auth_size,
69 void* plaintext, size_t size)
70 {
71 struct crypt_auth_op cryp;
72 void* p;
73
74 /* check plaintext and ciphertext alignment */
75 if (ctx->alignmask) {
76 p = (void*)(((unsigned long)plaintext + ctx->alignmask) & ~ctx->alignmask);
77 if (plaintext != p) {
78 fprintf(stderr, "plaintext is not aligned\n");
79 return -1;
80 }
81 }
82
83 memset(&cryp, 0, sizeof(cryp));
84
85 /* Encrypt data.in to data.encrypted */
86 cryp.ses = ctx->sess.ses;
87 cryp.iv = (void*)iv;
88 cryp.op = COP_ENCRYPT;
89 cryp.auth_len = auth_size;
90 cryp.auth_src = (void*)auth;
91 cryp.len = size;
92 cryp.src = (void*)plaintext;
93 cryp.dst = plaintext;
94 cryp.flags = COP_FLAG_AEAD_TLS_TYPE;
95 if (ioctl(ctx->cfd, CIOCAUTHCRYPT, &cryp)) {
96 perror("ioctl(CIOCAUTHCRYPT)");
97 return -1;
98 }
99
100 return 0;
101 }
102
103 int
104 aes_sha1_decrypt(struct cryptodev_ctx* ctx, const void* iv,
105 const void* auth, size_t auth_size,
106 void* ciphertext, size_t size)
107 {
108 struct crypt_auth_op cryp;
109 void* p;
110
111 /* check plaintext and ciphertext alignment */
112 if (ctx->alignmask) {
113 p = (void*)(((unsigned long)ciphertext + ctx->alignmask) & ~ctx->alignmask);
114 if (ciphertext != p) {
115 fprintf(stderr, "ciphertext is not aligned\n");
116 return -1;
117 }
118 }
119
120 memset(&cryp, 0, sizeof(cryp));
121
122 /* Encrypt data.in to data.encrypted */
123 cryp.ses = ctx->sess.ses;
124 cryp.iv = (void*)iv;
125 cryp.op = COP_DECRYPT;
126 cryp.auth_len = auth_size;
127 cryp.auth_src = (void*)auth;
128 cryp.len = size;
129 cryp.src = (void*)ciphertext;
130 cryp.dst = ciphertext;
131 cryp.flags = COP_FLAG_AEAD_TLS_TYPE;
132 if (ioctl(ctx->cfd, CIOCAUTHCRYPT, &cryp)) {
133 perror("ioctl(CIOCAUTHCRYPT)");
134 return -1;
135 }
136
137 return 0;
138 }
139
Cryptodev for linux