1Code Examples 2============= 3 4Code Example For Symmetric Key Cipher Operation 5----------------------------------------------- 6 7:: 8 9 10 /* tie all data structures together */ 11 struct skcipher_def { 12 struct scatterlist sg; 13 struct crypto_skcipher *tfm; 14 struct skcipher_request *req; 15 struct crypto_wait wait; 16 }; 17 18 /* Perform cipher operation */ 19 static unsigned int test_skcipher_encdec(struct skcipher_def *sk, 20 int enc) 21 { 22 int rc; 23 24 if (enc) 25 rc = crypto_wait_req(crypto_skcipher_encrypt(sk->req), &sk->wait); 26 else 27 rc = crypto_wait_req(crypto_skcipher_decrypt(sk->req), &sk->wait); 28 29 if (rc) 30 pr_info("skcipher encrypt returned with result %d\n", rc); 31 32 return rc; 33 } 34 35 /* Initialize and trigger cipher operation */ 36 static int test_skcipher(void) 37 { 38 struct skcipher_def sk; 39 struct crypto_skcipher *skcipher = NULL; 40 struct skcipher_request *req = NULL; 41 char *scratchpad = NULL; 42 char *ivdata = NULL; 43 unsigned char key[32]; 44 int ret = -EFAULT; 45 46 skcipher = crypto_alloc_skcipher("cbc-aes-aesni", 0, 0); 47 if (IS_ERR(skcipher)) { 48 pr_info("could not allocate skcipher handle\n"); 49 return PTR_ERR(skcipher); 50 } 51 52 req = skcipher_request_alloc(skcipher, GFP_KERNEL); 53 if (!req) { 54 pr_info("could not allocate skcipher request\n"); 55 ret = -ENOMEM; 56 goto out; 57 } 58 59 skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 60 crypto_req_done, 61 &sk.wait); 62 63 /* AES 256 with random key */ 64 get_random_bytes(&key, 32); 65 if (crypto_skcipher_setkey(skcipher, key, 32)) { 66 pr_info("key could not be set\n"); 67 ret = -EAGAIN; 68 goto out; 69 } 70 71 /* IV will be random */ 72 ivdata = kmalloc(16, GFP_KERNEL); 73 if (!ivdata) { 74 pr_info("could not allocate ivdata\n"); 75 goto out; 76 } 77 get_random_bytes(ivdata, 16); 78 79 /* Input data will be random */ 80 scratchpad = kmalloc(16, GFP_KERNEL); 81 if (!scratchpad) { 82 pr_info("could not allocate scratchpad\n"); 83 goto out; 84 } 85 get_random_bytes(scratchpad, 16); 86 87 sk.tfm = skcipher; 88 sk.req = req; 89 90 /* We encrypt one block */ 91 sg_init_one(&sk.sg, scratchpad, 16); 92 skcipher_request_set_crypt(req, &sk.sg, &sk.sg, 16, ivdata); 93 crypto_init_wait(&sk.wait); 94 95 /* encrypt data */ 96 ret = test_skcipher_encdec(&sk, 1); 97 if (ret) 98 goto out; 99 100 pr_info("Encryption triggered successfully\n"); 101 102 out: 103 if (skcipher) 104 crypto_free_skcipher(skcipher); 105 if (req) 106 skcipher_request_free(req); 107 if (ivdata) 108 kfree(ivdata); 109 if (scratchpad) 110 kfree(scratchpad); 111 return ret; 112 } 113 114 115Code Example For Use of Operational State Memory With SHASH 116----------------------------------------------------------- 117 118:: 119 120 121 struct sdesc { 122 struct shash_desc shash; 123 char ctx[]; 124 }; 125 126 static struct sdesc *init_sdesc(struct crypto_shash *alg) 127 { 128 struct sdesc *sdesc; 129 int size; 130 131 size = sizeof(struct shash_desc) + crypto_shash_descsize(alg); 132 sdesc = kmalloc(size, GFP_KERNEL); 133 if (!sdesc) 134 return ERR_PTR(-ENOMEM); 135 sdesc->shash.tfm = alg; 136 sdesc->shash.flags = 0x0; 137 return sdesc; 138 } 139 140 static int calc_hash(struct crypto_shash *alg, 141 const unsigned char *data, unsigned int datalen, 142 unsigned char *digest) 143 { 144 struct sdesc *sdesc; 145 int ret; 146 147 sdesc = init_sdesc(alg); 148 if (IS_ERR(sdesc)) { 149 pr_info("can't alloc sdesc\n"); 150 return PTR_ERR(sdesc); 151 } 152 153 ret = crypto_shash_digest(&sdesc->shash, data, datalen, digest); 154 kfree(sdesc); 155 return ret; 156 } 157 158 static int test_hash(const unsigned char *data, unsigned int datalen, 159 unsigned char *digest) 160 { 161 struct crypto_shash *alg; 162 char *hash_alg_name = "sha1-padlock-nano"; 163 int ret; 164 165 alg = crypto_alloc_shash(hash_alg_name, 0, 0); 166 if (IS_ERR(alg)) { 167 pr_info("can't alloc alg %s\n", hash_alg_name); 168 return PTR_ERR(alg); 169 } 170 ret = calc_hash(alg, data, datalen, digest); 171 crypto_free_shash(alg); 172 return ret; 173 } 174 175 176Code Example For Random Number Generator Usage 177---------------------------------------------- 178 179:: 180 181 182 static int get_random_numbers(u8 *buf, unsigned int len) 183 { 184 struct crypto_rng *rng = NULL; 185 char *drbg = "drbg_nopr_sha256"; /* Hash DRBG with SHA-256, no PR */ 186 int ret; 187 188 if (!buf || !len) { 189 pr_debug("No output buffer provided\n"); 190 return -EINVAL; 191 } 192 193 rng = crypto_alloc_rng(drbg, 0, 0); 194 if (IS_ERR(rng)) { 195 pr_debug("could not allocate RNG handle for %s\n", drbg); 196 return PTR_ERR(rng); 197 } 198 199 ret = crypto_rng_get_bytes(rng, buf, len); 200 if (ret < 0) 201 pr_debug("generation of random numbers failed\n"); 202 else if (ret == 0) 203 pr_debug("RNG returned no data"); 204 else 205 pr_debug("RNG returned %d bytes of data\n", ret); 206 207 out: 208 crypto_free_rng(rng); 209 return ret; 210 } 211