Linux 2.6.38.4: User-space interface for Crypto API
作者 佚名技术
来源 Linux系统
浏览
发布时间 2012-04-03
linux2.6.38提供了一些应用层掉内核层加解密模块的接口,据说还支持硬件加密卡(未试).
下面是用openssl 和 内核分别进行aes加密的比较:
#include <stdio.h> #include <string.h> #include <unistd.h> #include <fcntl.h> #include <openssl/aes.h> #include <sys/socket.h> #include <linux/if_alg.h> #ifndef AF_ALG #define AF_ALG 38 #define SOL_ALG 279 #endif #define BUF_SIZE 16 static void crypt_ssl(char *in, int inlen, char *out,const char *key, char *iv) { AES_KEY akey; AES_set_encrypt_key(key, 128, &akey); AES_cbc_encrypt(in, out, inlen, &akey, iv, 1); } static void crypt_kernel(char *in, int inlen, char *out, const char *key, char *oiv) { int opfd; int tfmfd; struct sockaddr_alg sa = { .salg_family = AF_ALG, .salg_type = "skcipher", .salg_name = "cbc(aes)" }; struct msghdr msg = {}; struct cmsghdr *cmsg; char cbuf[CMSG_SPACE(4) CMSG_SPACE(20)] = {}; struct af_alg_iv *iv; struct iovec iov; tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0); bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa)); setsockopt(tfmfd, SOL_ALG, ALG_SET_KEY, key, 16); opfd = accept(tfmfd, NULL, 0); msg.msg_control = cbuf; msg.msg_controllen = sizeof(cbuf); cmsg = CMSG_FIRSTHDR(&msg); cmsg->cmsg_level = SOL_ALG; cmsg->cmsg_type = ALG_SET_OP; cmsg->cmsg_len = CMSG_LEN(4); *(__u32 *)CMSG_DATA(cmsg) = ALG_OP_ENCRYPT; cmsg = CMSG_NXTHDR(&msg, cmsg); cmsg->cmsg_level = SOL_ALG; cmsg->cmsg_type = ALG_SET_IV; cmsg->cmsg_len = CMSG_LEN(20); iv = (void *)CMSG_DATA(cmsg); memcpy(iv->iv, oiv, 16); iv->ivlen = 16; iov.iov_base = in; iov.iov_len = inlen; msg.msg_iov = &iov; msg.msg_iovlen = 1; sendmsg(opfd, &msg, 0); read(opfd, out, inlen); close(opfd); close(tfmfd); } int main(int argc, char **argv) { int i; char out[BUF_SIZE] = {0}; char in[BUF_SIZE] = "Single block msg"; const char key[16] = "x06xa9x21x40x36xb8xa1x5b" "x51x2ex03xd5x34x12x00x06"; char iv[16] = "x3dxafxbax42x9dx9exb4x30" "xb4x22xdax80x2cx9fxacx41"; if(argc != 2) { printf("usage:ntcompare openssl / compare kerneln"); } if(strncmp(argv[1], "openssl", 7) == 0) { printf("encrypt by openssl...n"); crypt_ssl(in, BUF_SIZE, out, key, iv); } if(strncmp(argv[1], "kernel", 6) == 0) { printf("encrypt by kernel...n"); crypt_kernel(in, BUF_SIZE, out, key, iv); } for (i = 0; i < BUF_SIZE; i ) printf("x", (unsigned char)out[i]); printf("n"); return 0; } Makefile的内容如下: development:/westone/af_alg/compare # cat Makefile INCLUDES=-I/westone/linux-2.6.38.4/include -I/westone/openssl/include/openssl LIBS=-L/westone/openssl/lib -lcrypto -lssl CROSS_COMPILE=586- CC=$(CROSS_COMPILE)gcc FLAGS =-Wall #-Werror C_SOURCES=$(wildcard *.c) C_OBJS=$(patsubst %.c, %.o, $(C_SOURCES)) APP=compare all:clean $(APP) compare:$(C_OBJS) $(CC) $(FLAGS) -o compare $^ $(LIBS) .c.o: $(CC) -c -o $*.o $(FLAGS) $(INCLUDES) $*.c compile:$(C_OBJS) $(CC) $(LINKFLAGS) -o $(TARGET) $^ $(LIBS) clean: rm -f $( |
凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn 为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢! |
你可能对下面的文章感兴趣
关于Linux 2.6.38.4: User-space interface for Crypto API的所有评论