]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - Documentation/crypto/api-samples.rst
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
KVM: arm64: vgic-v3: Log which GICv3 system registers are trapped
[mirror_ubuntu-zesty-kernel.git] / Documentation / crypto / api-samples.rst
1 Code Examples
2 =============
3
4 Code Example For Symmetric Key Cipher Operation
5 -----------------------------------------------
6
7 ::
8
9
10 struct tcrypt_result {
11 struct completion completion;
12 int err;
13 };
14
15 /* tie all data structures together */
16 struct skcipher_def {
17 struct scatterlist sg;
18 struct crypto_skcipher *tfm;
19 struct skcipher_request *req;
20 struct tcrypt_result result;
21 };
22
23 /* Callback function */
24 static void test_skcipher_cb(struct crypto_async_request *req, int error)
25 {
26 struct tcrypt_result *result = req->data;
27
28 if (error == -EINPROGRESS)
29 return;
30 result->err = error;
31 complete(&result->completion);
32 pr_info("Encryption finished successfully\n");
33 }
34
35 /* Perform cipher operation */
36 static unsigned int test_skcipher_encdec(struct skcipher_def *sk,
37 int enc)
38 {
39 int rc = 0;
40
41 if (enc)
42 rc = crypto_skcipher_encrypt(sk->req);
43 else
44 rc = crypto_skcipher_decrypt(sk->req);
45
46 switch (rc) {
47 case 0:
48 break;
49 case -EINPROGRESS:
50 case -EBUSY:
51 rc = wait_for_completion_interruptible(
52 &sk->result.completion);
53 if (!rc && !sk->result.err) {
54 reinit_completion(&sk->result.completion);
55 break;
56 }
57 default:
58 pr_info("skcipher encrypt returned with %d result %d\n",
59 rc, sk->result.err);
60 break;
61 }
62 init_completion(&sk->result.completion);
63
64 return rc;
65 }
66
67 /* Initialize and trigger cipher operation */
68 static int test_skcipher(void)
69 {
70 struct skcipher_def sk;
71 struct crypto_skcipher *skcipher = NULL;
72 struct skcipher_request *req = NULL;
73 char *scratchpad = NULL;
74 char *ivdata = NULL;
75 unsigned char key[32];
76 int ret = -EFAULT;
77
78 skcipher = crypto_alloc_skcipher("cbc-aes-aesni", 0, 0);
79 if (IS_ERR(skcipher)) {
80 pr_info("could not allocate skcipher handle\n");
81 return PTR_ERR(skcipher);
82 }
83
84 req = skcipher_request_alloc(skcipher, GFP_KERNEL);
85 if (!req) {
86 pr_info("could not allocate skcipher request\n");
87 ret = -ENOMEM;
88 goto out;
89 }
90
91 skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
92 test_skcipher_cb,
93 &sk.result);
94
95 /* AES 256 with random key */
96 get_random_bytes(&key, 32);
97 if (crypto_skcipher_setkey(skcipher, key, 32)) {
98 pr_info("key could not be set\n");
99 ret = -EAGAIN;
100 goto out;
101 }
102
103 /* IV will be random */
104 ivdata = kmalloc(16, GFP_KERNEL);
105 if (!ivdata) {
106 pr_info("could not allocate ivdata\n");
107 goto out;
108 }
109 get_random_bytes(ivdata, 16);
110
111 /* Input data will be random */
112 scratchpad = kmalloc(16, GFP_KERNEL);
113 if (!scratchpad) {
114 pr_info("could not allocate scratchpad\n");
115 goto out;
116 }
117 get_random_bytes(scratchpad, 16);
118
119 sk.tfm = skcipher;
120 sk.req = req;
121
122 /* We encrypt one block */
123 sg_init_one(&sk.sg, scratchpad, 16);
124 skcipher_request_set_crypt(req, &sk.sg, &sk.sg, 16, ivdata);
125 init_completion(&sk.result.completion);
126
127 /* encrypt data */
128 ret = test_skcipher_encdec(&sk, 1);
129 if (ret)
130 goto out;
131
132 pr_info("Encryption triggered successfully\n");
133
134 out:
135 if (skcipher)
136 crypto_free_skcipher(skcipher);
137 if (req)
138 skcipher_request_free(req);
139 if (ivdata)
140 kfree(ivdata);
141 if (scratchpad)
142 kfree(scratchpad);
143 return ret;
144 }
145
146
147 Code Example For Use of Operational State Memory With SHASH
148 -----------------------------------------------------------
149
150 ::
151
152
153 struct sdesc {
154 struct shash_desc shash;
155 char ctx[];
156 };
157
158 static struct sdescinit_sdesc(struct crypto_shash *alg)
159 {
160 struct sdescsdesc;
161 int size;
162
163 size = sizeof(struct shash_desc) + crypto_shash_descsize(alg);
164 sdesc = kmalloc(size, GFP_KERNEL);
165 if (!sdesc)
166 return ERR_PTR(-ENOMEM);
167 sdesc->shash.tfm = alg;
168 sdesc->shash.flags = 0x0;
169 return sdesc;
170 }
171
172 static int calc_hash(struct crypto_shashalg,
173 const unsigned chardata, unsigned int datalen,
174 unsigned chardigest) {
175 struct sdescsdesc;
176 int ret;
177
178 sdesc = init_sdesc(alg);
179 if (IS_ERR(sdesc)) {
180 pr_info("trusted_key: can't alloc %s\n", hash_alg);
181 return PTR_ERR(sdesc);
182 }
183
184 ret = crypto_shash_digest(&sdesc->shash, data, datalen, digest);
185 kfree(sdesc);
186 return ret;
187 }
188
189
190 Code Example For Random Number Generator Usage
191 ----------------------------------------------
192
193 ::
194
195
196 static int get_random_numbers(u8 *buf, unsigned int len)
197 {
198 struct crypto_rngrng = NULL;
199 chardrbg = "drbg_nopr_sha256"; /* Hash DRBG with SHA-256, no PR */
200 int ret;
201
202 if (!buf || !len) {
203 pr_debug("No output buffer provided\n");
204 return -EINVAL;
205 }
206
207 rng = crypto_alloc_rng(drbg, 0, 0);
208 if (IS_ERR(rng)) {
209 pr_debug("could not allocate RNG handle for %s\n", drbg);
210 return -PTR_ERR(rng);
211 }
212
213 ret = crypto_rng_get_bytes(rng, buf, len);
214 if (ret < 0)
215 pr_debug("generation of random numbers failed\n");
216 else if (ret == 0)
217 pr_debug("RNG returned no data");
218 else
219 pr_debug("RNG returned %d bytes of data\n", ret);
220
221 out:
222 crypto_free_rng(rng);
223 return ret;
224 }
ubuntu-zesty-kernel mirror