2 * Demo on how to use /dev/crypto device for ciphering.
4 * Placed under public domain.
12 #include <sys/ioctl.h>
13 #include <crypto/cryptodev.h>
15 #define DATA_SIZE 8*1024
22 char plaintext
[DATA_SIZE
];
23 char ciphertext
[DATA_SIZE
];
27 struct session_op sess
;
30 memset(&sess
, 0, sizeof(sess
));
31 memset(&cryp
, 0, sizeof(cryp
));
33 memset(plaintext
, 0x15, sizeof(plaintext
));
34 memset(key
, 0x33, sizeof(key
));
35 memset(iv
, 0x03, sizeof(iv
));
37 /* Get crypto session for AES128 */
38 sess
.cipher
= CRYPTO_AES_CBC
;
39 sess
.keylen
= KEY_SIZE
;
41 if (ioctl(cfd
, CIOCGSESSION
, &sess
)) {
42 perror("ioctl(CIOCGSESSION)");
47 /* Encrypt data.in to data.encrypted */
49 cryp
.len
= sizeof(plaintext
);
51 cryp
.dst
= ciphertext
;
53 cryp
.op
= COP_ENCRYPT
;
54 if (ioctl(cfd
, CIOCCRYPT
, &cryp
)) {
55 perror("ioctl(CIOCCRYPT)");
59 if (ioctl(cfd
, CIOCFSESSION
, &sess
.ses
)) {
60 perror("ioctl(CIOCFSESSION)");
64 if (ioctl(cfd
, CIOCGSESSION
, &sess
)) {
65 perror("ioctl(CIOCGSESSION)");
69 /* Decrypt data.encrypted to data.decrypted */
71 cryp
.len
= sizeof(plaintext
);
72 cryp
.src
= ciphertext
;
73 cryp
.dst
= ciphertext
;
75 cryp
.op
= COP_DECRYPT
;
76 if (ioctl(cfd
, CIOCCRYPT
, &cryp
)) {
77 perror("ioctl(CIOCCRYPT)");
81 /* Verify the result */
82 if (memcmp(plaintext
, ciphertext
, sizeof(plaintext
)) != 0) {
84 "FAIL: Decrypted data are different from the input data.\n");
87 printf("Test passed\n");
89 /* Finish crypto session */
90 if (ioctl(cfd
, CIOCFSESSION
, &sess
.ses
)) {
91 perror("ioctl(CIOCFSESSION)");
98 static int test_aes(int cfd
)
100 char plaintext1
[BLOCK_SIZE
];
101 char ciphertext1
[BLOCK_SIZE
] = { 0xdf, 0x55, 0x6a, 0x33, 0x43, 0x8d, 0xb8, 0x7b, 0xc4, 0x1b, 0x17, 0x52, 0xc5, 0x5e, 0x5e, 0x49 };
102 char iv1
[BLOCK_SIZE
];
103 char key1
[KEY_SIZE
] = { 0xff, 0xff, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
104 char plaintext2
[BLOCK_SIZE
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc0, 0x00 };
105 char ciphertext2
[BLOCK_SIZE
] = { 0xb7, 0x97, 0x2b, 0x39, 0x41, 0xc4, 0x4b, 0x90, 0xaf, 0xa7, 0xb2, 0x64, 0xbf, 0xba, 0x73, 0x87 };
106 char iv2
[BLOCK_SIZE
];
109 struct session_op sess
;
110 struct crypt_op cryp
;
112 memset(&sess
, 0, sizeof(sess
));
113 memset(&cryp
, 0, sizeof(cryp
));
115 memset(plaintext1
, 0x0, sizeof(plaintext1
));
116 memset(iv1
, 0x0, sizeof(iv1
));
118 /* Get crypto session for AES128 */
119 sess
.cipher
= CRYPTO_AES_CBC
;
120 sess
.keylen
= KEY_SIZE
;
122 if (ioctl(cfd
, CIOCGSESSION
, &sess
)) {
123 perror("ioctl(CIOCGSESSION)");
127 /* Encrypt data.in to data.encrypted */
129 cryp
.len
= sizeof(plaintext1
);
130 cryp
.src
= plaintext1
;
131 cryp
.dst
= plaintext1
;
133 cryp
.op
= COP_ENCRYPT
;
134 if (ioctl(cfd
, CIOCCRYPT
, &cryp
)) {
135 perror("ioctl(CIOCCRYPT)");
139 /* Verify the result */
140 if (memcmp(plaintext1
, ciphertext1
, sizeof(plaintext1
)) != 0) {
142 "FAIL: Decrypted data are different from the input data.\n");
148 memset(key2
, 0x0, sizeof(key2
));
149 memset(iv2
, 0x0, sizeof(iv2
));
151 /* Get crypto session for AES128 */
152 sess
.cipher
= CRYPTO_AES_CBC
;
153 sess
.keylen
= KEY_SIZE
;
155 if (ioctl(cfd
, CIOCGSESSION
, &sess
)) {
156 perror("ioctl(CIOCGSESSION)");
160 /* Encrypt data.in to data.encrypted */
162 cryp
.len
= sizeof(plaintext2
);
163 cryp
.src
= plaintext2
;
164 cryp
.dst
= plaintext2
;
166 cryp
.op
= COP_ENCRYPT
;
167 if (ioctl(cfd
, CIOCCRYPT
, &cryp
)) {
168 perror("ioctl(CIOCCRYPT)");
172 /* Verify the result */
173 if (memcmp(plaintext2
, ciphertext2
, sizeof(plaintext2
)) != 0) {
175 "FAIL: Decrypted data are different from the input data.\n");
179 printf("AES Test passed\n");
181 /* Finish crypto session */
182 if (ioctl(cfd
, CIOCFSESSION
, &sess
.ses
)) {
183 perror("ioctl(CIOCFSESSION)");
193 int fd
= -1, cfd
= -1;
195 /* Open the crypto device */
196 fd
= open("/dev/crypto", O_RDWR
, 0);
198 perror("open(/dev/crypto)");
202 /* Clone file descriptor */
203 if (ioctl(fd
, CRIOGET
, &cfd
)) {
204 perror("ioctl(CRIOGET)");
208 /* Set close-on-exec (not really neede here) */
209 if (fcntl(cfd
, F_SETFD
, 1) == -1) {
210 perror("fcntl(F_SETFD)");
214 /* Run the test itself */
218 if (test_crypto(cfd
))
221 /* Close cloned descriptor */
223 perror("close(cfd)");
227 /* Close the original descriptor */