examples/aes.c

   1 /*
   2  * Demo on how to use /dev/crypto device for ciphering.
   3  *
   4  * Placed under public domain.
   5  *
   6  */
   7 #include <stdio.h>
   8 #include <string.h>
   9 #include <unistd.h>
  10 #include <fcntl.h>
  11 #include <sys/ioctl.h>
  12 #include <crypto/cryptodev.h>
  13 #include "aes.h"
  14
  15 #define KEY_SIZE        16
  16
  17
  18 int aes_ctx_init(struct cryptodev_ctx* ctx, int cfd, const uint8_t *key, unsigned int key_size)
  19 {
  20 #ifdef CIOCGSESSINFO
  21         struct session_info_op siop;
  22 #endif
  23
  24         memset(ctx, 0, sizeof(*ctx));
  25         ctx->cfd = cfd;
  26
  27         ctx->sess.cipher = CRYPTO_AES_CBC;
  28         ctx->sess.keylen = key_size;
  29         ctx->sess.key = (void*)key;
  30         if (ioctl(ctx->cfd, CIOCGSESSION, &ctx->sess)) {
  31                 perror("ioctl(CIOCGSESSION)");
  32                 return -1;
  33         }
  34
  35 #ifdef CIOCGSESSINFO
  36         memset(&siop, 0, sizeof(siop));
  37
  38         siop.ses = ctx->sess.ses;
  39         if (ioctl(ctx->cfd, CIOCGSESSINFO, &siop)) {
  40                 perror("ioctl(CIOCGSESSINFO)");
  41                 return -1;
  42         }
  43         printf("Got %s with driver %s\n",
  44                         siop.cipher_info.cra_name, siop.cipher_info.cra_driver_name);
  45         if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
  46                 printf("Note: This is not an accelerated cipher\n");
  47         }
  48         /*printf("Alignmask is %x\n", (unsigned int)siop.alignmask); */
  49         ctx->alignmask = siop.alignmask;
  50 #endif
  51         return 0;
  52 }
  53
  54 void aes_ctx_deinit(struct cryptodev_ctx* ctx)
  55 {
  56         if (ioctl(ctx->cfd, CIOCFSESSION, &ctx->sess.ses)) {
  57                 perror("ioctl(CIOCFSESSION)");
  58         }
  59 }
  60
  61 int
  62 aes_encrypt(struct cryptodev_ctx* ctx, const void* iv, const void* plaintext, void* ciphertext, size_t size)
  63 {
  64         struct crypt_op cryp;
  65         void* p;
  66
  67         /* check plaintext and ciphertext alignment */
  68         if (ctx->alignmask) {
  69                 p = (void*)(((unsigned long)plaintext + ctx->alignmask) & ~ctx->alignmask);
  70                 if (plaintext != p) {
  71                         fprintf(stderr, "plaintext is not aligned\n");
  72                         return -1;
  73                 }
  74
  75                 p = (void*)(((unsigned long)ciphertext + ctx->alignmask) & ~ctx->alignmask);
  76                 if (ciphertext != p) {
  77                         fprintf(stderr, "ciphertext is not aligned\n");
  78                         return -1;
  79                 }
  80         }
  81
  82         memset(&cryp, 0, sizeof(cryp));
  83
  84         /* Encrypt data.in to data.encrypted */
  85         cryp.ses = ctx->sess.ses;
  86         cryp.len = size;
  87         cryp.src = (void*)plaintext;
  88         cryp.dst = ciphertext;
  89         cryp.iv = (void*)iv;
  90         cryp.op = COP_ENCRYPT;
  91         if (ioctl(ctx->cfd, CIOCCRYPT, &cryp)) {
  92                 perror("ioctl(CIOCCRYPT)");
  93                 return -1;
  94         }
  95
  96         return 0;
  97 }
  98
  99 int
 100 aes_decrypt(struct cryptodev_ctx* ctx, const void* iv, const void* ciphertext, void* plaintext, size_t size)
 101 {
 102         struct crypt_op cryp;
 103         void* p;
 104
 105         /* check plaintext and ciphertext alignment */
 106         if (ctx->alignmask) {
 107                 p = (void*)(((unsigned long)plaintext + ctx->alignmask) & ~ctx->alignmask);
 108                 if (plaintext != p) {
 109                         fprintf(stderr, "plaintext is not aligned\n");
 110                         return -1;
 111                 }
 112
 113                 p = (void*)(((unsigned long)ciphertext + ctx->alignmask) & ~ctx->alignmask);
 114                 if (ciphertext != p) {
 115                         fprintf(stderr, "ciphertext is not aligned\n");
 116                         return -1;
 117                 }
 118         }
 119
 120         memset(&cryp, 0, sizeof(cryp));
 121
 122         /* Encrypt data.in to data.encrypted */
 123         cryp.ses = ctx->sess.ses;
 124         cryp.len = size;
 125         cryp.src = (void*)ciphertext;
 126         cryp.dst = plaintext;
 127         cryp.iv = (void*)iv;
 128         cryp.op = COP_DECRYPT;
 129         if (ioctl(ctx->cfd, CIOCCRYPT, &cryp)) {
 130                 perror("ioctl(CIOCCRYPT)");
 131                 return -1;
 132         }
 133
 134         return 0;
 135 }
 136
 137 static int test_aes(int cfd)
 138 {
 139         char plaintext1_raw[AES_BLOCK_SIZE + 63], *plaintext1;
 140         char ciphertext1[AES_BLOCK_SIZE] = { 0xdf, 0x55, 0x6a, 0x33, 0x43, 0x8d, 0xb8, 0x7b, 0xc4, 0x1b, 0x17, 0x52, 0xc5, 0x5e, 0x5e, 0x49 };
 141         char iv1[AES_BLOCK_SIZE];
 142         uint8_t key1[KEY_SIZE] = { 0xff, 0xff, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
 143         char plaintext2_data[AES_BLOCK_SIZE] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc0, 0x00 };
 144         char plaintext2_raw[AES_BLOCK_SIZE + 63], *plaintext2;
 145         char ciphertext2[AES_BLOCK_SIZE] = { 0xb7, 0x97, 0x2b, 0x39, 0x41, 0xc4, 0x4b, 0x90, 0xaf, 0xa7, 0xb2, 0x64, 0xbf, 0xba, 0x73, 0x87 };
 146         char iv2[AES_BLOCK_SIZE];
 147         uint8_t key2[KEY_SIZE];
 148         struct cryptodev_ctx ctx;
 149
 150         aes_ctx_init(&ctx, cfd, key1, sizeof(key1));
 151
 152         if (ctx.alignmask)
 153                 plaintext1 = (char *)(((unsigned long)plaintext1_raw + ctx.alignmask) & ~ctx.alignmask);
 154         else
 155                 plaintext1 = plaintext1_raw;
 156
 157         memset(plaintext1, 0x0, AES_BLOCK_SIZE);
 158         memset(iv1, 0x0, sizeof(iv1));
 159
 160         aes_encrypt(&ctx, iv1, plaintext1, plaintext1, AES_BLOCK_SIZE);
 161
 162         /* Verify the result */
 163         if (memcmp(plaintext1, ciphertext1, AES_BLOCK_SIZE) != 0) {
 164                 fprintf(stderr,
 165                         "FAIL: Decrypted data are different from the input data.\n");
 166                 return -1;
 167         }
 168
 169         aes_ctx_deinit(&ctx);
 170
 171         /* Test 2 */
 172
 173         memset(key2, 0x0, sizeof(key2));
 174         memset(iv2, 0x0, sizeof(iv2));
 175
 176         aes_ctx_init(&ctx, cfd, key2, sizeof(key2));
 177
 178         if (ctx.alignmask) {
 179                 plaintext2 = (char *)(((unsigned long)plaintext2_raw + ctx.alignmask) & ~ctx.alignmask);
 180         } else {
 181                 plaintext2 = plaintext2_raw;
 182         }
 183         memcpy(plaintext2, plaintext2_data, AES_BLOCK_SIZE);
 184
 185         /* Encrypt data.in to data.encrypted */
 186         aes_encrypt(&ctx, iv2, plaintext2, plaintext2, AES_BLOCK_SIZE);
 187
 188         /* Verify the result */
 189         if (memcmp(plaintext2, ciphertext2, AES_BLOCK_SIZE) != 0) {
 190                 int i;
 191                 fprintf(stderr,
 192                         "FAIL: Decrypted data are different from the input data.\n");
 193                 printf("plaintext:");
 194                 for (i = 0; i < AES_BLOCK_SIZE; i++) {
 195                         printf("%02x ", plaintext2[i]);
 196                 }
 197                 printf("ciphertext:");
 198                 for (i = 0; i < AES_BLOCK_SIZE; i++) {
 199                         printf("%02x ", ciphertext2[i]);
 200                 }
 201                 printf("\n");
 202                 return 1;
 203         }
 204
 205         aes_ctx_deinit(&ctx);
 206
 207         printf("AES Test passed\n");
 208
 209         return 0;
 210 }
 211
 212 int
 213 main()
 214 {
 215         int cfd = -1;
 216
 217         /* Open the crypto device */
 218         cfd = open("/dev/crypto", O_RDWR, 0);
 219         if (cfd < 0) {
 220                 perror("open(/dev/crypto)");
 221                 return 1;
 222         }
 223
 224         /* Set close-on-exec (not really neede here) */
 225         if (fcntl(cfd, F_SETFD, 1) == -1) {
 226                 perror("fcntl(F_SETFD)");
 227                 return 1;
 228         }
 229
 230         /* Run the test itself */
 231         if (test_aes(cfd))
 232                 return 1;
 233
 234         /* Close the original descriptor */
 235         if (close(cfd)) {
 236                 perror("close(cfd)");
 237                 return 1;
 238         }
 239
 240         return 0;
 241 }
 242