From b50895c1a203b4feb16c9681534d71af322001c5 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 4 Dec 2009 01:39:01 +0200 Subject: Better name for example1. --- example-cipher.c | 133 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ example1.c | 133 ------------------------------------------------------- 2 files changed, 133 insertions(+), 133 deletions(-) create mode 100644 example-cipher.c delete mode 100644 example1.c diff --git a/example-cipher.c b/example-cipher.c new file mode 100644 index 0000000..3bd2610 --- /dev/null +++ b/example-cipher.c @@ -0,0 +1,133 @@ +/* + * Demo on how to use OpenBSD /dev/crypto device. + * + * Author: Michal Ludvig + * http://www.logix.cz/michal + * + * Note: by default OpenBSD doesn't allow using + * /dev/crypto if there is no hardware accelerator + * for a given algorithm. To change this you'll have to + * set cryptodevallowsoft=1 in + * /usr/src/sys/crypto/cryptodev.c and rebuild your kernel. + */ +#include +#include +#include +#include + +#include +//#include +#include "cryptodev.h" + +#define DATA_SIZE 4096 +#define BLOCK_SIZE 16 +#define KEY_SIZE 16 + +static int +test_crypto(int cfd) +{ + struct { + char in[DATA_SIZE], + encrypted[DATA_SIZE], + decrypted[DATA_SIZE], + iv[BLOCK_SIZE], + key[KEY_SIZE]; + } data; + struct session_op sess; + struct crypt_op cryp; + + memset(&sess, 0, sizeof(sess)); + memset(&cryp, 0, sizeof(cryp)); + + /* Use the garbage that is on the stack :-) */ + /* memset(&data, 0, sizeof(data)); */ + + /* Get crypto session for AES128 */ + sess.cipher = CRYPTO_AES_CBC; + sess.keylen = KEY_SIZE; + sess.key = data.key; + if (ioctl(cfd, CIOCGSESSION, &sess)) { + perror("ioctl(CIOCGSESSION)"); + return 1; + } + + /* Encrypt data.in to data.encrypted */ + cryp.ses = sess.ses; + cryp.len = sizeof(data.in); + cryp.src = data.in; + cryp.dst = data.encrypted; + cryp.iv = data.iv; + cryp.op = COP_ENCRYPT; + if (ioctl(cfd, CIOCCRYPT, &cryp)) { + perror("ioctl(CIOCCRYPT)"); + return 1; + } + + /* Decrypt data.encrypted to data.decrypted */ + cryp.src = data.encrypted; + cryp.dst = data.decrypted; + cryp.op = COP_DECRYPT; + if (ioctl(cfd, CIOCCRYPT, &cryp)) { + perror("ioctl(CIOCCRYPT)"); + return 1; + } + + /* Verify the result */ + if (memcmp(data.in, data.decrypted, sizeof(data.in)) != 0) { + fprintf(stderr, + "FAIL: Decrypted data are different from the input data.\n"); + return 1; + } else + printf("Test passed\n"); + + /* Finish crypto session */ + if (ioctl(cfd, CIOCFSESSION, &sess.ses)) { + perror("ioctl(CIOCFSESSION)"); + return 1; + } + + return 0; +} + +int +main() +{ + int fd = -1, cfd = -1; + + /* Open the crypto device */ + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) { + perror("open(/dev/crypto)"); + return 1; + } + + /* Clone file descriptor */ + if (ioctl(fd, CRIOGET, &cfd)) { + perror("ioctl(CRIOGET)"); + return 1; + } + + /* Set close-on-exec (not really neede here) */ + if (fcntl(cfd, F_SETFD, 1) == -1) { + perror("fcntl(F_SETFD)"); + return 1; + } + + /* Run the test itself */ + if (test_crypto(cfd)) + return 1; + + /* Close cloned descriptor */ + if (close(cfd)) { + perror("close(cfd)"); + return 1; + } + + /* Close the original descriptor */ + if (close(fd)) { + perror("close(fd)"); + return 1; + } + + return 0; +} diff --git a/example1.c b/example1.c deleted file mode 100644 index 3bd2610..0000000 --- a/example1.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Demo on how to use OpenBSD /dev/crypto device. - * - * Author: Michal Ludvig - * http://www.logix.cz/michal - * - * Note: by default OpenBSD doesn't allow using - * /dev/crypto if there is no hardware accelerator - * for a given algorithm. To change this you'll have to - * set cryptodevallowsoft=1 in - * /usr/src/sys/crypto/cryptodev.c and rebuild your kernel. - */ -#include -#include -#include -#include - -#include -//#include -#include "cryptodev.h" - -#define DATA_SIZE 4096 -#define BLOCK_SIZE 16 -#define KEY_SIZE 16 - -static int -test_crypto(int cfd) -{ - struct { - char in[DATA_SIZE], - encrypted[DATA_SIZE], - decrypted[DATA_SIZE], - iv[BLOCK_SIZE], - key[KEY_SIZE]; - } data; - struct session_op sess; - struct crypt_op cryp; - - memset(&sess, 0, sizeof(sess)); - memset(&cryp, 0, sizeof(cryp)); - - /* Use the garbage that is on the stack :-) */ - /* memset(&data, 0, sizeof(data)); */ - - /* Get crypto session for AES128 */ - sess.cipher = CRYPTO_AES_CBC; - sess.keylen = KEY_SIZE; - sess.key = data.key; - if (ioctl(cfd, CIOCGSESSION, &sess)) { - perror("ioctl(CIOCGSESSION)"); - return 1; - } - - /* Encrypt data.in to data.encrypted */ - cryp.ses = sess.ses; - cryp.len = sizeof(data.in); - cryp.src = data.in; - cryp.dst = data.encrypted; - cryp.iv = data.iv; - cryp.op = COP_ENCRYPT; - if (ioctl(cfd, CIOCCRYPT, &cryp)) { - perror("ioctl(CIOCCRYPT)"); - return 1; - } - - /* Decrypt data.encrypted to data.decrypted */ - cryp.src = data.encrypted; - cryp.dst = data.decrypted; - cryp.op = COP_DECRYPT; - if (ioctl(cfd, CIOCCRYPT, &cryp)) { - perror("ioctl(CIOCCRYPT)"); - return 1; - } - - /* Verify the result */ - if (memcmp(data.in, data.decrypted, sizeof(data.in)) != 0) { - fprintf(stderr, - "FAIL: Decrypted data are different from the input data.\n"); - return 1; - } else - printf("Test passed\n"); - - /* Finish crypto session */ - if (ioctl(cfd, CIOCFSESSION, &sess.ses)) { - perror("ioctl(CIOCFSESSION)"); - return 1; - } - - return 0; -} - -int -main() -{ - int fd = -1, cfd = -1; - - /* Open the crypto device */ - fd = open("/dev/crypto", O_RDWR, 0); - if (fd < 0) { - perror("open(/dev/crypto)"); - return 1; - } - - /* Clone file descriptor */ - if (ioctl(fd, CRIOGET, &cfd)) { - perror("ioctl(CRIOGET)"); - return 1; - } - - /* Set close-on-exec (not really neede here) */ - if (fcntl(cfd, F_SETFD, 1) == -1) { - perror("fcntl(F_SETFD)"); - return 1; - } - - /* Run the test itself */ - if (test_crypto(cfd)) - return 1; - - /* Close cloned descriptor */ - if (close(cfd)) { - perror("close(cfd)"); - return 1; - } - - /* Close the original descriptor */ - if (close(fd)) { - perror("close(fd)"); - return 1; - } - - return 0; -} -- cgit