Linux 2.6.38.4： User-space interface for Crypto API

作者佚名技术来源 Linux系统浏览发布时间 2012-04-03

linux2.6.38提供了一些应用层掉内核层加解密模块的接口,据说还支持硬件加密卡（未试）. 下面是用openssl 和内核分别进行aes加密的比较： #include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include <openssl/aes.h>
#include <sys/socket.h>
#include <linux/if_alg.h> #ifndef AF_ALG
#define AF_ALG 38
#define SOL_ALG 279
#endif #define BUF_SIZE 16 static void crypt_ssl(char *in, int inlen, char *out,const char *key, char *iv)
{
AES_KEY akey;
AES_set_encrypt_key(key, 128, &akey); AES_cbc_encrypt(in, out, inlen, &akey, iv, 1);
} static void crypt_kernel(char *in, int inlen, char *out, const char *key, char *oiv)
{
int opfd;
int tfmfd;
struct sockaddr_alg sa = {
.salg_family = AF_ALG,
.salg_type = "skcipher",
.salg_name = "cbc(aes)"
};
struct msghdr msg = {};
struct cmsghdr *cmsg;
char cbuf[CMSG_SPACE(4) CMSG_SPACE(20)] = {};
struct af_alg_iv *iv;
struct iovec iov; tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa));
setsockopt(tfmfd, SOL_ALG, ALG_SET_KEY, key, 16);
opfd = accept(tfmfd, NULL, 0); msg.msg_control = cbuf;
msg.msg_controllen = sizeof(cbuf); cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_level = SOL_ALG;
cmsg->cmsg_type = ALG_SET_OP;
cmsg->cmsg_len = CMSG_LEN(4);
*(__u32 *)CMSG_DATA(cmsg) = ALG_OP_ENCRYPT;

cmsg = CMSG_NXTHDR(&msg, cmsg);
cmsg->cmsg_level = SOL_ALG;
cmsg->cmsg_type = ALG_SET_IV;
cmsg->cmsg_len = CMSG_LEN(20); iv = (void *)CMSG_DATA(cmsg);
memcpy(iv->iv, oiv, 16);
iv->ivlen = 16; iov.iov_base = in;
iov.iov_len = inlen; msg.msg_iov = &iov;
msg.msg_iovlen = 1; sendmsg(opfd, &msg, 0);
read(opfd, out, inlen); close(opfd);
close(tfmfd);
}
int main(int argc, char **argv)
{
int i;
char out[BUF_SIZE] = {0};
char in[BUF_SIZE] = "Single block msg";
const char key[16] =
"x06xa9x21x40x36xb8xa1x5b"
"x51x2ex03xd5x34x12x00x06";
char iv[16] =
"x3dxafxbax42x9dx9exb4x30"
"xb4x22xdax80x2cx9fxacx41"; if(argc != 2)
{
printf("usage:ntcompare openssl / compare kerneln");
} if(strncmp(argv[1], "openssl", 7) == 0)
{
printf("encrypt by openssl...n");
crypt_ssl(in, BUF_SIZE, out, key, iv);
} if(strncmp(argv[1], "kernel", 6) == 0)
{
printf("encrypt by kernel...n");
crypt_kernel(in, BUF_SIZE, out, key, iv);
} for (i = 0; i < BUF_SIZE; i )
printf("x", (unsigned char)out[i]);
printf("n");
return 0;
} Makefile的内容如下: development:/westone/af_alg/compare # cat Makefile INCLUDES=-I/westone/linux-2.6.38.4/include
-I/westone/openssl/include/openssl
LIBS=-L/westone/openssl/lib -lcrypto -lssl CROSS_COMPILE=586-
CC=$(CROSS_COMPILE)gcc
FLAGS =-Wall #-Werror C_SOURCES=$(wildcard *.c)
C_OBJS=$(patsubst %.c, %.o, $(C_SOURCES))
APP=compare all:clean $(APP)
compare:$(C_OBJS)
$(CC) $(FLAGS) -o compare $^ $(LIBS)
.c.o:
$(CC) -c -o $*.o $(FLAGS) $(INCLUDES) $*.c
compile:$(C_OBJS)
$(CC) $(LINKFLAGS) -o $(TARGET) $^ $(LIBS)
clean:
rm -f $(

凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务，公司网站：http://www.lingzhong.cn 为了给广大客户了解更多的技术信息，本技术文章收集来源于网络,凌众科技尊重文章作者的版权，如果有涉及你的版权有必要删除你的文章，请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息，谢谢!

1 2 下一页

分享到：更多

你可能对下面的文章感兴趣

上一篇: ubuntu装linuxqq下一篇: linux运维初级课前实战随机****题含****（笔试上机）

关于Linux 2.6.38.4： User-space interface for Crypto API的所有评论

随机推荐