forked from cryptodev-linux/cryptodev-linux
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaes-gcm.c
139 lines (121 loc) · 3.21 KB
/
aes-gcm.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
/*
* Demo on how to use /dev/crypto device for ciphering.
*
* Placed under public domain.
*
*/
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/ioctl.h>
#include <crypto/cryptodev.h>
#include "aes-gcm.h"
int aes_gcm_ctx_init(struct cryptodev_ctx* ctx, int cfd, const uint8_t *key, unsigned int key_size)
{
#ifdef CIOCGSESSINFO
struct session_info_op siop;
#endif
memset(ctx, 0, sizeof(*ctx));
ctx->cfd = cfd;
ctx->sess.cipher = CRYPTO_AES_GCM;
ctx->sess.keylen = key_size;
ctx->sess.key = (void*)key;
if (ioctl(ctx->cfd, CIOCGSESSION, &ctx->sess)) {
perror("ioctl(CIOCGSESSION)");
return -1;
}
#ifdef CIOCGSESSINFO
siop.ses = ctx->sess.ses;
if (ioctl(ctx->cfd, CIOCGSESSINFO, &siop)) {
perror("ioctl(CIOCGSESSINFO)");
return -1;
}
printf("Got %s with driver %s\n",
siop.cipher_info.cra_name, siop.cipher_info.cra_driver_name);
if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
printf("Note: This is not an accelerated cipher\n");
}
/*printf("Alignmask is %x\n", (unsigned int)siop.alignmask); */
ctx->alignmask = siop.alignmask;
#endif
return 0;
}
void aes_gcm_ctx_deinit(struct cryptodev_ctx* ctx)
{
if (ioctl(ctx->cfd, CIOCFSESSION, &ctx->sess.ses)) {
perror("ioctl(CIOCFSESSION)");
}
}
int
aes_gcm_encrypt(struct cryptodev_ctx* ctx, const void* iv,
const void* auth, size_t auth_size,
const void* plaintext, void* ciphertext, size_t size)
{
struct crypt_auth_op cryp;
void* p;
/* check plaintext and ciphertext alignment */
if (ctx->alignmask) {
p = (void*)(((unsigned long)plaintext + ctx->alignmask) & ~ctx->alignmask);
if (plaintext != p) {
fprintf(stderr, "plaintext is not aligned\n");
return -1;
}
p = (void*)(((unsigned long)ciphertext + ctx->alignmask) & ~ctx->alignmask);
if (ciphertext != p) {
fprintf(stderr, "ciphertext is not aligned\n");
return -1;
}
}
memset(&cryp, 0, sizeof(cryp));
/* Encrypt data.in to data.encrypted */
cryp.ses = ctx->sess.ses;
cryp.iv = (void*)iv;
cryp.op = COP_ENCRYPT;
cryp.auth_len = auth_size;
cryp.auth_src = (void*)auth;
cryp.len = size;
cryp.src = (void*)plaintext;
cryp.dst = ciphertext;
if (ioctl(ctx->cfd, CIOCAUTHCRYPT, &cryp)) {
perror("ioctl(CIOCAUTHCRYPT)");
return -1;
}
return 0;
}
int
aes_gcm_decrypt(struct cryptodev_ctx* ctx, const void* iv,
const void* auth, size_t auth_size,
const void* ciphertext, void* plaintext, size_t size)
{
struct crypt_auth_op cryp;
void* p;
/* check plaintext and ciphertext alignment */
if (ctx->alignmask) {
p = (void*)(((unsigned long)plaintext + ctx->alignmask) & ~ctx->alignmask);
if (plaintext != p) {
fprintf(stderr, "plaintext is not aligned\n");
return -1;
}
p = (void*)(((unsigned long)ciphertext + ctx->alignmask) & ~ctx->alignmask);
if (ciphertext != p) {
fprintf(stderr, "ciphertext is not aligned\n");
return -1;
}
}
memset(&cryp, 0, sizeof(cryp));
/* Encrypt data.in to data.encrypted */
cryp.ses = ctx->sess.ses;
cryp.iv = (void*)iv;
cryp.op = COP_DECRYPT;
cryp.auth_len = auth_size;
cryp.auth_src = (void*)auth;
cryp.len = size;
cryp.src = (void*)ciphertext;
cryp.dst = plaintext;
if (ioctl(ctx->cfd, CIOCAUTHCRYPT, &cryp)) {
perror("ioctl(CIOCAUTHCRYPT)");
return -1;
}
return 0;
}