examples/cipher.c

   1 /*
   2  * Demo on how to use /dev/crypto device for ciphering.
   3  *
   4  * Placed under public domain.
   5  *
   6  */
   7 #include <stdio.h>
   8 #include <string.h>
   9 #include <unistd.h>
  10 #include <fcntl.h>
  11
  12 #include <sys/ioctl.h>
  13 #include <crypto/cryptodev.h>
  14
  15 #define DATA_SIZE       8*1024
  16 #define BLOCK_SIZE      16
  17 #define KEY_SIZE        16
  18
  19 static int
  20 test_crypto(int cfd)
  21 {
  22         char plaintext[DATA_SIZE];
  23         char ciphertext[DATA_SIZE];
  24         char iv[BLOCK_SIZE];
  25         char key[KEY_SIZE];
  26
  27         struct session_op sess;
  28         struct crypt_op cryp;
  29
  30         memset(&sess, 0, sizeof(sess));
  31         memset(&cryp, 0, sizeof(cryp));
  32
  33         memset(plaintext, 0x15,  sizeof(plaintext));
  34         memset(key, 0x33,  sizeof(key));
  35         memset(iv, 0x03,  sizeof(iv));
  36
  37         /* Get crypto session for AES128 */
  38         sess.cipher = CRYPTO_AES_CBC;
  39         sess.keylen = KEY_SIZE;
  40         sess.key = key;
  41         if (ioctl(cfd, CIOCGSESSION, &sess)) {
  42                 perror("ioctl(CIOCGSESSION)");
  43                 return 1;
  44         }
  45
  46
  47         /* Encrypt data.in to data.encrypted */
  48         cryp.ses = sess.ses;
  49         cryp.len = sizeof(plaintext);
  50         cryp.src = plaintext;
  51         cryp.dst = ciphertext;
  52         cryp.iv = iv;
  53         cryp.op = COP_ENCRYPT;
  54         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
  55                 perror("ioctl(CIOCCRYPT)");
  56                 return 1;
  57         }
  58
  59         if (ioctl(cfd, CIOCFSESSION, &sess.ses)) {
  60                 perror("ioctl(CIOCFSESSION)");
  61                 return 1;
  62         }
  63
  64         if (ioctl(cfd, CIOCGSESSION, &sess)) {
  65                 perror("ioctl(CIOCGSESSION)");
  66                 return 1;
  67         }
  68
  69         /* Decrypt data.encrypted to data.decrypted */
  70         cryp.ses = sess.ses;
  71         cryp.len = sizeof(plaintext);
  72         cryp.src = ciphertext;
  73         cryp.dst = ciphertext;
  74         cryp.iv = iv;
  75         cryp.op = COP_DECRYPT;
  76         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
  77                 perror("ioctl(CIOCCRYPT)");
  78                 return 1;
  79         }
  80
  81         /* Verify the result */
  82         if (memcmp(plaintext, ciphertext, sizeof(plaintext)) != 0) {
  83                 fprintf(stderr,
  84                         "FAIL: Decrypted data are different from the input data.\n");
  85                 return 1;
  86         } else
  87                 printf("Test passed\n");
  88
  89         /* Finish crypto session */
  90         if (ioctl(cfd, CIOCFSESSION, &sess.ses)) {
  91                 perror("ioctl(CIOCFSESSION)");
  92                 return 1;
  93         }
  94
  95         return 0;
  96 }
  97
  98 static int test_aes(int cfd)
  99 {
 100         char plaintext1[BLOCK_SIZE];
 101         char ciphertext1[BLOCK_SIZE] = { 0xdf, 0x55, 0x6a, 0x33, 0x43, 0x8d, 0xb8, 0x7b, 0xc4, 0x1b, 0x17, 0x52, 0xc5, 0x5e, 0x5e, 0x49 };
 102         char iv1[BLOCK_SIZE];
 103         char key1[KEY_SIZE] = { 0xff, 0xff, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
 104         char plaintext2[BLOCK_SIZE] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc0, 0x00 };
 105         char ciphertext2[BLOCK_SIZE] = { 0xb7, 0x97, 0x2b, 0x39, 0x41, 0xc4, 0x4b, 0x90, 0xaf, 0xa7, 0xb2, 0x64, 0xbf, 0xba, 0x73, 0x87 };
 106         char iv2[BLOCK_SIZE];
 107         char key2[KEY_SIZE];
 108
 109         struct session_op sess;
 110         struct crypt_op cryp;
 111
 112         memset(&sess, 0, sizeof(sess));
 113         memset(&cryp, 0, sizeof(cryp));
 114
 115         memset(plaintext1, 0x0, sizeof(plaintext1));
 116         memset(iv1, 0x0, sizeof(iv1));
 117
 118         /* Get crypto session for AES128 */
 119         sess.cipher = CRYPTO_AES_CBC;
 120         sess.keylen = KEY_SIZE;
 121         sess.key = key1;
 122         if (ioctl(cfd, CIOCGSESSION, &sess)) {
 123                 perror("ioctl(CIOCGSESSION)");
 124                 return 1;
 125         }
 126
 127         /* Encrypt data.in to data.encrypted */
 128         cryp.ses = sess.ses;
 129         cryp.len = sizeof(plaintext1);
 130         cryp.src = plaintext1;
 131         cryp.dst = plaintext1;
 132         cryp.iv = iv1;
 133         cryp.op = COP_ENCRYPT;
 134         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
 135                 perror("ioctl(CIOCCRYPT)");
 136                 return 1;
 137         }
 138
 139         /* Verify the result */
 140         if (memcmp(plaintext1, ciphertext1, sizeof(plaintext1)) != 0) {
 141                 fprintf(stderr,
 142                         "FAIL: Decrypted data are different from the input data.\n");
 143                 return 1;
 144         }
 145
 146         /* Test 2 */
 147
 148         memset(key2, 0x0, sizeof(key2));
 149         memset(iv2, 0x0, sizeof(iv2));
 150
 151         /* Get crypto session for AES128 */
 152         sess.cipher = CRYPTO_AES_CBC;
 153         sess.keylen = KEY_SIZE;
 154         sess.key = key2;
 155         if (ioctl(cfd, CIOCGSESSION, &sess)) {
 156                 perror("ioctl(CIOCGSESSION)");
 157                 return 1;
 158         }
 159
 160         /* Encrypt data.in to data.encrypted */
 161         cryp.ses = sess.ses;
 162         cryp.len = sizeof(plaintext2);
 163         cryp.src = plaintext2;
 164         cryp.dst = plaintext2;
 165         cryp.iv = iv2;
 166         cryp.op = COP_ENCRYPT;
 167         if (ioctl(cfd, CIOCCRYPT, &cryp)) {
 168                 perror("ioctl(CIOCCRYPT)");
 169                 return 1;
 170         }
 171
 172         /* Verify the result */
 173         if (memcmp(plaintext2, ciphertext2, sizeof(plaintext2)) != 0) {
 174                 fprintf(stderr,
 175                         "FAIL: Decrypted data are different from the input data.\n");
 176                 return 1;
 177         }
 178
 179         printf("AES Test passed\n");
 180
 181         /* Finish crypto session */
 182         if (ioctl(cfd, CIOCFSESSION, &sess.ses)) {
 183                 perror("ioctl(CIOCFSESSION)");
 184                 return 1;
 185         }
 186
 187         return 0;
 188 }
 189
 190 int
 191 main()
 192 {
 193         int fd = -1, cfd = -1;
 194
 195         /* Open the crypto device */
 196         fd = open("/dev/crypto", O_RDWR, 0);
 197         if (fd < 0) {
 198                 perror("open(/dev/crypto)");
 199                 return 1;
 200         }
 201
 202         /* Clone file descriptor */
 203         if (ioctl(fd, CRIOGET, &cfd)) {
 204                 perror("ioctl(CRIOGET)");
 205                 return 1;
 206         }
 207
 208         /* Set close-on-exec (not really neede here) */
 209         if (fcntl(cfd, F_SETFD, 1) == -1) {
 210                 perror("fcntl(F_SETFD)");
 211                 return 1;
 212         }
 213
 214         /* Run the test itself */
 215         if (test_aes(cfd))
 216                 return 1;
 217
 218         if (test_crypto(cfd))
 219                 return 1;
 220
 221         /* Close cloned descriptor */
 222         if (close(cfd)) {
 223                 perror("close(cfd)");
 224                 return 1;
 225         }
 226
 227         /* Close the original descriptor */
 228         if (close(fd)) {
 229                 perror("close(fd)");
 230                 return 1;
 231         }
 232
 233         return 0;
 234 }
 235