Blame - src/kernel/linux/v4.19/Documentation/crypto/api-samples.rst - T800

blob: 0f6ca8b7261e9300a0da4542c03846c8e868841e [file] [log] [blame]

xj	b04a402	2021-11-25 15:01:52 +0800	[diff] [blame]	1	Code Examples
				2	=============
				3
				4	Code Example For Symmetric Key Cipher Operation
				5	-----------------------------------------------
				6
				7	::
				8
				9
				10	/* tie all data structures together */
				11	struct skcipher_def {
				12	struct scatterlist sg;
				13	struct crypto_skcipher *tfm;
				14	struct skcipher_request *req;
				15	struct crypto_wait wait;
				16	};
				17
				18	/* Perform cipher operation */
				19	static unsigned int test_skcipher_encdec(struct skcipher_def *sk,
				20	int enc)
				21	{
				22	int rc;
				23
				24	if (enc)
				25	rc = crypto_wait_req(crypto_skcipher_encrypt(sk->req), &sk->wait);
				26	else
				27	rc = crypto_wait_req(crypto_skcipher_decrypt(sk->req), &sk->wait);
				28
				29	if (rc)
				30	pr_info("skcipher encrypt returned with result %d\n", rc);
				31
				32	return rc;
				33	}
				34
				35	/* Initialize and trigger cipher operation */
				36	static int test_skcipher(void)
				37	{
				38	struct skcipher_def sk;
				39	struct crypto_skcipher *skcipher = NULL;
				40	struct skcipher_request *req = NULL;
				41	char *scratchpad = NULL;
				42	char *ivdata = NULL;
				43	unsigned char key[32];
				44	int ret = -EFAULT;
				45
				46	skcipher = crypto_alloc_skcipher("cbc-aes-aesni", 0, 0);
				47	if (IS_ERR(skcipher)) {
				48	pr_info("could not allocate skcipher handle\n");
				49	return PTR_ERR(skcipher);
				50	}
				51
				52	req = skcipher_request_alloc(skcipher, GFP_KERNEL);
				53	if (!req) {
				54	pr_info("could not allocate skcipher request\n");
				55	ret = -ENOMEM;
				56	goto out;
				57	}
				58
				59	skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
				60	crypto_req_done,
				61	&sk.wait);
				62
				63	/* AES 256 with random key */
				64	get_random_bytes(&key, 32);
				65	if (crypto_skcipher_setkey(skcipher, key, 32)) {
				66	pr_info("key could not be set\n");
				67	ret = -EAGAIN;
				68	goto out;
				69	}
				70
				71	/* IV will be random */
				72	ivdata = kmalloc(16, GFP_KERNEL);
				73	if (!ivdata) {
				74	pr_info("could not allocate ivdata\n");
				75	goto out;
				76	}
				77	get_random_bytes(ivdata, 16);
				78
				79	/* Input data will be random */
				80	scratchpad = kmalloc(16, GFP_KERNEL);
				81	if (!scratchpad) {
				82	pr_info("could not allocate scratchpad\n");
				83	goto out;
				84	}
				85	get_random_bytes(scratchpad, 16);
				86
				87	sk.tfm = skcipher;
				88	sk.req = req;
				89
				90	/* We encrypt one block */
				91	sg_init_one(&sk.sg, scratchpad, 16);
				92	skcipher_request_set_crypt(req, &sk.sg, &sk.sg, 16, ivdata);
				93	crypto_init_wait(&sk.wait);
				94
				95	/* encrypt data */
				96	ret = test_skcipher_encdec(&sk, 1);
				97	if (ret)
				98	goto out;
				99
				100	pr_info("Encryption triggered successfully\n");
				101
				102	out:
				103	if (skcipher)
				104	crypto_free_skcipher(skcipher);
				105	if (req)
				106	skcipher_request_free(req);
				107	if (ivdata)
				108	kfree(ivdata);
				109	if (scratchpad)
				110	kfree(scratchpad);
				111	return ret;
				112	}
				113
				114
				115	Code Example For Use of Operational State Memory With SHASH
				116	-----------------------------------------------------------
				117
				118	::
				119
				120
				121	struct sdesc {
				122	struct shash_desc shash;
				123	char ctx[];
				124	};
				125
				126	static struct sdesc init_sdesc(struct crypto_shash alg)
				127	{
				128	struct sdesc *sdesc;
				129	int size;
				130
				131	size = sizeof(struct shash_desc) + crypto_shash_descsize(alg);
				132	sdesc = kmalloc(size, GFP_KERNEL);
				133	if (!sdesc)
				134	return ERR_PTR(-ENOMEM);
				135	sdesc->shash.tfm = alg;
				136	sdesc->shash.flags = 0x0;
				137	return sdesc;
				138	}
				139
				140	static int calc_hash(struct crypto_shash *alg,
				141	const unsigned char *data, unsigned int datalen,
				142	unsigned char *digest)
				143	{
				144	struct sdesc *sdesc;
				145	int ret;
				146
				147	sdesc = init_sdesc(alg);
				148	if (IS_ERR(sdesc)) {
				149	pr_info("can't alloc sdesc\n");
				150	return PTR_ERR(sdesc);
				151	}
				152
				153	ret = crypto_shash_digest(&sdesc->shash, data, datalen, digest);
				154	kfree(sdesc);
				155	return ret;
				156	}
				157
				158	static int test_hash(const unsigned char *data, unsigned int datalen,
				159	unsigned char *digest)
				160	{
				161	struct crypto_shash *alg;
				162	char *hash_alg_name = "sha1-padlock-nano";
				163	int ret;
				164
				165	alg = crypto_alloc_shash(hash_alg_name, 0, 0);
				166	if (IS_ERR(alg)) {
				167	pr_info("can't alloc alg %s\n", hash_alg_name);
				168	return PTR_ERR(alg);
				169	}
				170	ret = calc_hash(alg, data, datalen, digest);
				171	crypto_free_shash(alg);
				172	return ret;
				173	}
				174
				175
				176	Code Example For Random Number Generator Usage
				177	----------------------------------------------
				178
				179	::
				180
				181
				182	static int get_random_numbers(u8 *buf, unsigned int len)
				183	{
				184	struct crypto_rng *rng = NULL;
				185	char drbg = "drbg_nopr_sha256"; / Hash DRBG with SHA-256, no PR */
				186	int ret;
				187
				188	if (!buf \|\| !len) {
				189	pr_debug("No output buffer provided\n");
				190	return -EINVAL;
				191	}
				192
				193	rng = crypto_alloc_rng(drbg, 0, 0);
				194	if (IS_ERR(rng)) {
				195	pr_debug("could not allocate RNG handle for %s\n", drbg);
				196	return PTR_ERR(rng);
				197	}
				198
				199	ret = crypto_rng_get_bytes(rng, buf, len);
				200	if (ret < 0)
				201	pr_debug("generation of random numbers failed\n");
				202	else if (ret == 0)
				203	pr_debug("RNG returned no data");
				204	else
				205	pr_debug("RNG returned %d bytes of data\n", ret);
				206
				207	out:
				208	crypto_free_rng(rng);
				209	return ret;
				210	}