Print this page
*** NO COMMENTS ***
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/lofiadm/main.c
+++ new/usr/src/cmd/lofiadm/main.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 24 * Copyright 2012 Joyent, Inc. All rights reserved.
25 25 */
26 26
27 27 /*
28 28 * lofiadm - administer lofi(7d). Very simple, add and remove file<->device
29 29 * associations, and display status. All the ioctls are private between
30 30 * lofi and lofiadm, and so are very simple - device information is
31 31 * communicated via a minor number.
32 32 */
33 33
34 34 #include <sys/types.h>
35 35 #include <sys/param.h>
36 36 #include <sys/lofi.h>
37 37 #include <sys/stat.h>
38 38 #include <sys/sysmacros.h>
39 39 #include <netinet/in.h>
40 40 #include <stdio.h>
41 41 #include <fcntl.h>
42 42 #include <locale.h>
43 43 #include <string.h>
44 44 #include <strings.h>
45 45 #include <errno.h>
46 46 #include <stdlib.h>
47 47 #include <unistd.h>
48 48 #include <stropts.h>
49 49 #include <libdevinfo.h>
50 50 #include <libgen.h>
51 51 #include <ctype.h>
52 52 #include <dlfcn.h>
53 53 #include <limits.h>
54 54 #include <security/cryptoki.h>
55 55 #include <cryptoutil.h>
56 56 #include <sys/crypto/ioctl.h>
|
↓ open down ↓ |
56 lines elided |
↑ open up ↑ |
57 57 #include <sys/crypto/ioctladmin.h>
58 58 #include "utils.h"
59 59 #include <LzmaEnc.h>
60 60
61 61 /* Only need the IV len #defines out of these files, nothing else. */
62 62 #include <aes/aes_impl.h>
63 63 #include <des/des_impl.h>
64 64 #include <blowfish/blowfish_impl.h>
65 65
66 66 static const char USAGE[] =
67 - "Usage: %s -a file [ device ] "
67 + "Usage: %s [-r] -a file [ device ] "
68 68 " [-c aes-128-cbc|aes-192-cbc|aes-256-cbc|des3-cbc|blowfish-cbc]"
69 69 " [-e] [-k keyfile] [-T [token]:[manuf]:[serial]:key]\n"
70 70 " %s -d file | device\n"
71 71 " %s -C [gzip|gzip-6|gzip-9|lzma] [-s segment_size] file\n"
72 72 " %s -U file\n"
73 73 " %s [ file | device ]\n";
74 74
75 75 typedef struct token_spec {
76 76 char *name;
77 77 char *mfr;
78 78 char *serno;
79 79 char *key;
80 80 } token_spec_t;
81 81
82 82 typedef struct mech_alias {
83 83 char *alias;
84 84 CK_MECHANISM_TYPE type;
85 85 char *name; /* for ioctl */
86 86 char *iv_name; /* for ioctl */
87 87 size_t iv_len; /* for ioctl */
88 88 iv_method_t iv_type; /* for ioctl */
89 89 size_t min_keysize; /* in bytes */
90 90 size_t max_keysize; /* in bytes */
91 91 token_spec_t *token;
92 92 CK_SLOT_ID slot;
93 93 } mech_alias_t;
94 94
95 95 static mech_alias_t mech_aliases[] = {
96 96 /* Preferred one should always be listed first. */
97 97 { "aes-256-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
98 98 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
99 99 { "aes-192-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
100 100 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
101 101 { "aes-128-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
102 102 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
103 103 { "des3-cbc", CKM_DES3_CBC, "CKM_DES3_CBC", "CKM_DES3_ECB", DES_IV_LEN,
104 104 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 },
105 105 { "blowfish-cbc", CKM_BLOWFISH_CBC, "CKM_BLOWFISH_CBC",
106 106 "CKM_BLOWFISH_ECB", BLOWFISH_IV_LEN, IVM_ENC_BLKNO, ULONG_MAX,
107 107 0L, NULL, (CK_SLOT_ID)-1 }
108 108 /*
109 109 * A cipher without an iv requirement would look like this:
110 110 * { "aes-xex", CKM_AES_XEX, "CKM_AES_XEX", NULL, 0,
111 111 * IVM_NONE, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 }
112 112 */
113 113 };
114 114
115 115 int mech_aliases_count = (sizeof (mech_aliases) / sizeof (mech_alias_t));
116 116
117 117 /* Preferred cipher, if one isn't specified on command line. */
118 118 #define DEFAULT_CIPHER (&mech_aliases[0])
119 119
120 120 #define DEFAULT_CIPHER_NUM 64 /* guess # kernel ciphers available */
121 121 #define DEFAULT_MECHINFO_NUM 16 /* guess # kernel mechs available */
122 122 #define MIN_PASSLEN 8 /* min acceptable passphrase size */
123 123
124 124 static int gzip_compress(void *src, size_t srclen, void *dst,
125 125 size_t *destlen, int level);
126 126 static int lzma_compress(void *src, size_t srclen, void *dst,
127 127 size_t *destlen, int level);
128 128
129 129 lofi_compress_info_t lofi_compress_table[LOFI_COMPRESS_FUNCTIONS] = {
130 130 {NULL, gzip_compress, 6, "gzip"}, /* default */
131 131 {NULL, gzip_compress, 6, "gzip-6"},
132 132 {NULL, gzip_compress, 9, "gzip-9"},
133 133 {NULL, lzma_compress, 0, "lzma"}
134 134 };
135 135
136 136 /* For displaying lofi mappings */
137 137 #define FORMAT "%-20s %-30s %s\n"
138 138
139 139 #define COMPRESS_ALGORITHM "gzip"
140 140 #define COMPRESS_THRESHOLD 2048
141 141 #define SEGSIZE 131072
142 142 #define BLOCK_SIZE 512
143 143 #define KILOBYTE 1024
144 144 #define MEGABYTE (KILOBYTE * KILOBYTE)
145 145 #define GIGABYTE (KILOBYTE * MEGABYTE)
146 146 #define LIBZ "libz.so"
147 147
148 148 static void
149 149 usage(const char *pname)
150 150 {
151 151 (void) fprintf(stderr, gettext(USAGE), pname, pname, pname,
152 152 pname, pname);
153 153 exit(E_USAGE);
154 154 }
155 155
156 156 static int
157 157 gzip_compress(void *src, size_t srclen, void *dst, size_t *dstlen, int level)
158 158 {
159 159 static int (*compress2p)(void *, ulong_t *, void *, size_t, int) = NULL;
160 160 void *libz_hdl = NULL;
161 161
162 162 /*
163 163 * The first time we are called, attempt to dlopen()
164 164 * libz.so and get a pointer to the compress2() function
165 165 */
166 166 if (compress2p == NULL) {
167 167 if ((libz_hdl = openlib(LIBZ)) == NULL)
168 168 die(gettext("could not find %s. "
169 169 "gzip compression unavailable\n"), LIBZ);
170 170
171 171 if ((compress2p =
172 172 (int (*)(void *, ulong_t *, void *, size_t, int))
173 173 dlsym(libz_hdl, "compress2")) == NULL) {
174 174 closelib();
175 175 die(gettext("could not find the correct %s. "
176 176 "gzip compression unavailable\n"), LIBZ);
177 177 }
178 178 }
179 179
180 180 if ((*compress2p)(dst, (ulong_t *)dstlen, src, srclen, level) != 0)
181 181 return (-1);
182 182 return (0);
183 183 }
184 184
185 185 /*ARGSUSED*/
186 186 static void
187 187 *SzAlloc(void *p, size_t size)
188 188 {
189 189 return (malloc(size));
190 190 }
191 191
192 192 /*ARGSUSED*/
193 193 static void
194 194 SzFree(void *p, void *address, size_t size)
195 195 {
196 196 free(address);
197 197 }
198 198
199 199 static ISzAlloc g_Alloc = {
200 200 SzAlloc,
201 201 SzFree
202 202 };
203 203
204 204 #define LZMA_UNCOMPRESSED_SIZE 8
205 205 #define LZMA_HEADER_SIZE (LZMA_PROPS_SIZE + LZMA_UNCOMPRESSED_SIZE)
206 206
207 207 /*ARGSUSED*/
208 208 static int
209 209 lzma_compress(void *src, size_t srclen, void *dst,
210 210 size_t *dstlen, int level)
211 211 {
212 212 CLzmaEncProps props;
213 213 size_t outsize2;
214 214 size_t outsizeprocessed;
215 215 size_t outpropssize = LZMA_PROPS_SIZE;
216 216 uint64_t t = 0;
217 217 SRes res;
218 218 Byte *dstp;
219 219 int i;
220 220
221 221 outsize2 = *dstlen;
222 222
223 223 LzmaEncProps_Init(&props);
224 224
225 225 /*
226 226 * The LZMA compressed file format is as follows -
227 227 *
228 228 * Offset Size(bytes) Description
229 229 * 0 1 LZMA properties (lc, lp, lp (encoded))
230 230 * 1 4 Dictionary size (little endian)
231 231 * 5 8 Uncompressed size (little endian)
232 232 * 13 Compressed data
233 233 */
234 234
235 235 /* set the dictionary size to be 8MB */
236 236 props.dictSize = 1 << 23;
237 237
238 238 if (*dstlen < LZMA_HEADER_SIZE)
239 239 return (SZ_ERROR_OUTPUT_EOF);
240 240
241 241 dstp = (Byte *)dst;
242 242 t = srclen;
243 243 /*
244 244 * Set the uncompressed size in the LZMA header
245 245 * The LZMA properties (specified in 'props')
246 246 * will be set by the call to LzmaEncode()
247 247 */
248 248 for (i = 0; i < LZMA_UNCOMPRESSED_SIZE; i++, t >>= 8) {
249 249 dstp[LZMA_PROPS_SIZE + i] = (Byte)t;
250 250 }
251 251
252 252 outsizeprocessed = outsize2 - LZMA_HEADER_SIZE;
253 253 res = LzmaEncode(dstp + LZMA_HEADER_SIZE, &outsizeprocessed,
254 254 src, srclen, &props, dstp, &outpropssize, 0, NULL,
255 255 &g_Alloc, &g_Alloc);
256 256
257 257 if (res != 0)
258 258 return (-1);
259 259
260 260 *dstlen = outsizeprocessed + LZMA_HEADER_SIZE;
261 261 return (0);
262 262 }
263 263
264 264 /*
265 265 * Translate a lofi device name to a minor number. We might be asked
266 266 * to do this when there is no association (such as when the user specifies
267 267 * a particular device), so we can only look at the string.
268 268 */
269 269 static int
270 270 name_to_minor(const char *devicename)
271 271 {
272 272 int minor;
273 273
274 274 if (sscanf(devicename, "/dev/" LOFI_BLOCK_NAME "/%d", &minor) == 1) {
275 275 return (minor);
276 276 }
277 277 if (sscanf(devicename, "/dev/" LOFI_CHAR_NAME "/%d", &minor) == 1) {
278 278 return (minor);
279 279 }
280 280 return (0);
281 281 }
282 282
283 283 /*
284 284 * This might be the first time we've used this minor number. If so,
285 285 * it might also be that the /dev links are in the process of being created
286 286 * by devfsadmd (or that they'll be created "soon"). We cannot return
287 287 * until they're there or the invoker of lofiadm might try to use them
288 288 * and not find them. This can happen if a shell script is running on
289 289 * an MP.
290 290 */
291 291 static int sleeptime = 2; /* number of seconds to sleep between stat's */
292 292 static int maxsleep = 120; /* maximum number of seconds to sleep */
293 293
294 294 static void
295 295 wait_until_dev_complete(int minor)
296 296 {
297 297 struct stat64 buf;
298 298 int cursleep;
299 299 char blkpath[MAXPATHLEN];
300 300 char charpath[MAXPATHLEN];
301 301 di_devlink_handle_t hdl;
302 302
303 303 (void) snprintf(blkpath, sizeof (blkpath), "/dev/%s/%d",
304 304 LOFI_BLOCK_NAME, minor);
305 305 (void) snprintf(charpath, sizeof (charpath), "/dev/%s/%d",
306 306 LOFI_CHAR_NAME, minor);
307 307
308 308 /* Check if links already present */
309 309 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0)
310 310 return;
311 311
312 312 /* First use di_devlink_init() */
313 313 if (hdl = di_devlink_init("lofi", DI_MAKE_LINK)) {
314 314 (void) di_devlink_fini(&hdl);
315 315 goto out;
316 316 }
317 317
318 318 /*
319 319 * Under normal conditions, di_devlink_init(DI_MAKE_LINK) above will
320 320 * only fail if the caller is non-root. In that case, wait for
321 321 * link creation via sysevents.
322 322 */
323 323 for (cursleep = 0; cursleep < maxsleep; cursleep += sleeptime) {
324 324 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0)
325 325 return;
326 326 (void) sleep(sleeptime);
327 327 }
328 328
329 329 /* one last try */
330 330 out:
331 331 if (stat64(blkpath, &buf) == -1) {
332 332 die(gettext("%s was not created"), blkpath);
333 333 }
334 334 if (stat64(charpath, &buf) == -1) {
335 335 die(gettext("%s was not created"), charpath);
336 336 }
337 337 }
338 338
339 339 /*
340 340 * Map the file and return the minor number the driver picked for the file
341 341 * DO NOT use this function if the filename is actually the device name.
342 342 */
343 343 static int
344 344 lofi_map_file(int lfd, struct lofi_ioctl li, const char *filename)
345 345 {
346 346 int minor;
347 347
348 348 li.li_minor = 0;
349 349 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
350 350 minor = ioctl(lfd, LOFI_MAP_FILE, &li);
351 351 if (minor == -1) {
352 352 if (errno == ENOTSUP)
353 353 warn(gettext("encrypting compressed files is "
354 354 "unsupported"));
355 355 die(gettext("could not map file %s"), filename);
356 356 }
|
↓ open down ↓ |
279 lines elided |
↑ open up ↑ |
357 357 wait_until_dev_complete(minor);
358 358 return (minor);
359 359 }
360 360
361 361 /*
362 362 * Add a device association. If devicename is NULL, let the driver
363 363 * pick a device.
364 364 */
365 365 static void
366 366 add_mapping(int lfd, const char *devicename, const char *filename,
367 - mech_alias_t *cipher, const char *rkey, size_t rksz)
367 + mech_alias_t *cipher, const char *rkey, size_t rksz, boolean_t rdonly)
368 368 {
369 369 struct lofi_ioctl li;
370 370
371 + li.li_readonly = rdonly;
372 +
371 373 li.li_crypto_enabled = B_FALSE;
372 374 if (cipher != NULL) {
373 375 /* set up encryption for mapped file */
374 376 li.li_crypto_enabled = B_TRUE;
375 377 (void) strlcpy(li.li_cipher, cipher->name,
376 378 sizeof (li.li_cipher));
377 379 if (rksz > sizeof (li.li_key)) {
378 380 die(gettext("key too large"));
379 381 }
380 382 bcopy(rkey, li.li_key, rksz);
381 383 li.li_key_len = rksz << 3; /* convert to bits */
382 384
383 385 li.li_iv_type = cipher->iv_type;
384 386 li.li_iv_len = cipher->iv_len; /* 0 when no iv needed */
385 387 switch (cipher->iv_type) {
386 388 case IVM_ENC_BLKNO:
387 389 (void) strlcpy(li.li_iv_cipher, cipher->iv_name,
388 390 sizeof (li.li_iv_cipher));
389 391 break;
390 392 case IVM_NONE:
391 393 /* FALLTHROUGH */
392 394 default:
393 395 break;
394 396 }
395 397 }
396 398
397 399 if (devicename == NULL) {
398 400 int minor;
399 401
400 402 /* pick one via the driver */
401 403 minor = lofi_map_file(lfd, li, filename);
402 404 /* if mapping succeeds, print the one picked */
403 405 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, minor);
404 406 return;
405 407 }
406 408
407 409 /* use device we were given */
408 410 li.li_minor = name_to_minor(devicename);
409 411 if (li.li_minor == 0) {
410 412 die(gettext("malformed device name %s\n"), devicename);
411 413 }
412 414 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
413 415
414 416 /* if device is already in use li.li_minor won't change */
415 417 if (ioctl(lfd, LOFI_MAP_FILE_MINOR, &li) == -1) {
416 418 if (errno == ENOTSUP)
417 419 warn(gettext("encrypting compressed files is "
418 420 "unsupported"));
419 421 die(gettext("could not map file %s to %s"), filename,
420 422 devicename);
421 423 }
422 424 wait_until_dev_complete(li.li_minor);
423 425 }
424 426
425 427 /*
426 428 * Remove an association. Delete by device name if non-NULL, or by
427 429 * filename otherwise.
428 430 */
429 431 static void
430 432 delete_mapping(int lfd, const char *devicename, const char *filename,
431 433 boolean_t force)
432 434 {
433 435 struct lofi_ioctl li;
434 436
435 437 li.li_force = force;
436 438 li.li_cleanup = B_FALSE;
437 439
438 440 if (devicename == NULL) {
439 441 /* delete by filename */
440 442 (void) strlcpy(li.li_filename, filename,
441 443 sizeof (li.li_filename));
442 444 li.li_minor = 0;
443 445 if (ioctl(lfd, LOFI_UNMAP_FILE, &li) == -1) {
444 446 die(gettext("could not unmap file %s"), filename);
445 447 }
446 448 return;
447 449 }
448 450
449 451 /* delete by device */
450 452 li.li_minor = name_to_minor(devicename);
451 453 if (li.li_minor == 0) {
452 454 die(gettext("malformed device name %s\n"), devicename);
453 455 }
454 456 if (ioctl(lfd, LOFI_UNMAP_FILE_MINOR, &li) == -1) {
455 457 die(gettext("could not unmap device %s"), devicename);
456 458 }
457 459 }
458 460
459 461 /*
460 462 * Show filename given devicename, or devicename given filename.
461 463 */
462 464 static void
463 465 print_one_mapping(int lfd, const char *devicename, const char *filename)
464 466 {
465 467 struct lofi_ioctl li;
466 468
467 469 if (devicename == NULL) {
468 470 /* given filename, print devicename */
469 471 li.li_minor = 0;
470 472 (void) strlcpy(li.li_filename, filename,
471 473 sizeof (li.li_filename));
472 474 if (ioctl(lfd, LOFI_GET_MINOR, &li) == -1) {
473 475 die(gettext("could not find device for %s"), filename);
474 476 }
475 477 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, li.li_minor);
476 478 return;
477 479 }
478 480
479 481 /* given devicename, print filename */
480 482 li.li_minor = name_to_minor(devicename);
481 483 if (li.li_minor == 0) {
482 484 die(gettext("malformed device name %s\n"), devicename);
483 485 }
484 486 if (ioctl(lfd, LOFI_GET_FILENAME, &li) == -1) {
485 487 die(gettext("could not find filename for %s"), devicename);
486 488 }
487 489 (void) printf("%s\n", li.li_filename);
488 490 }
489 491
|
↓ open down ↓ |
109 lines elided |
↑ open up ↑ |
490 492 /*
491 493 * Print the list of all the mappings, including a header.
492 494 */
493 495 static void
494 496 print_mappings(int fd)
495 497 {
496 498 struct lofi_ioctl li;
497 499 int minor;
498 500 int maxminor;
499 501 char path[MAXPATHLEN];
500 - char options[MAXPATHLEN];
502 + char options[MAXPATHLEN] = { 0 };
501 503
502 504 li.li_minor = 0;
503 505 if (ioctl(fd, LOFI_GET_MAXMINOR, &li) == -1) {
504 506 die("ioctl");
505 507 }
506 508 maxminor = li.li_minor;
507 509
508 510 (void) printf(FORMAT, gettext("Block Device"), gettext("File"),
509 511 gettext("Options"));
510 512 for (minor = 1; minor <= maxminor; minor++) {
511 513 li.li_minor = minor;
512 514 if (ioctl(fd, LOFI_GET_FILENAME, &li) == -1) {
513 515 if (errno == ENXIO)
514 516 continue;
515 517 warn("ioctl");
516 518 break;
517 519 }
518 520 (void) snprintf(path, sizeof (path), "/dev/%s/%d",
519 521 LOFI_BLOCK_NAME, minor);
522 +
523 + options[0] = '\0';
524 +
520 525 /*
521 526 * Encrypted lofi and compressed lofi are mutually exclusive.
522 527 */
523 528 if (li.li_crypto_enabled)
524 529 (void) snprintf(options, sizeof (options),
525 530 gettext("Encrypted"));
526 531 else if (li.li_algorithm[0] != '\0')
527 532 (void) snprintf(options, sizeof (options),
528 533 gettext("Compressed(%s)"), li.li_algorithm);
529 - else
534 + if (li.li_readonly) {
535 + if (strlen(options) != 0) {
536 + (void) strlcat(options, ",", sizeof (options));
537 + (void) strlcat(options, "Readonly",
538 + sizeof (options));
539 + } else {
540 + (void) snprintf(options, sizeof (options),
541 + gettext("Readonly"));
542 + }
543 + }
544 + if (strlen(options) == 0)
530 545 (void) snprintf(options, sizeof (options), "-");
531 546
532 547 (void) printf(FORMAT, path, li.li_filename, options);
533 548 }
534 549 }
535 550
536 551 /*
537 552 * Verify the cipher selected by user.
538 553 */
539 554 static mech_alias_t *
540 555 ciph2mech(const char *alias)
541 556 {
542 557 int i;
543 558
544 559 for (i = 0; i < mech_aliases_count; i++) {
545 560 if (strcasecmp(alias, mech_aliases[i].alias) == 0)
546 561 return (&mech_aliases[i]);
547 562 }
548 563 return (NULL);
549 564 }
550 565
551 566 /*
552 567 * Verify user selected cipher is also available in kernel.
553 568 *
554 569 * While traversing kernel list of mechs, if the cipher is supported in the
555 570 * kernel for both encryption and decryption, it also picks up the min/max
556 571 * key size.
557 572 */
558 573 static boolean_t
559 574 kernel_cipher_check(mech_alias_t *cipher)
560 575 {
561 576 boolean_t ciph_ok = B_FALSE;
562 577 boolean_t iv_ok = B_FALSE;
563 578 int i;
564 579 int count;
565 580 crypto_get_mechanism_list_t *kciphers = NULL;
566 581 crypto_get_all_mechanism_info_t *kinfo = NULL;
567 582 int fd = -1;
568 583 size_t keymin;
569 584 size_t keymax;
570 585
571 586 /* if cipher doesn't need iv generating mech, bypass that check now */
572 587 if (cipher->iv_name == NULL)
573 588 iv_ok = B_TRUE;
574 589
575 590 /* allocate some space for the list of kernel ciphers */
576 591 count = DEFAULT_CIPHER_NUM;
577 592 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) +
578 593 sizeof (crypto_mech_name_t) * (count - 1));
579 594 if (kciphers == NULL)
580 595 die(gettext("failed to allocate memory for list of "
581 596 "kernel mechanisms"));
582 597 kciphers->ml_count = count;
583 598
584 599 /* query crypto device to get list of kernel ciphers */
585 600 if ((fd = open("/dev/crypto", O_RDWR)) == -1) {
586 601 warn(gettext("failed to open %s"), "/dev/crypto");
587 602 goto kcc_out;
588 603 }
589 604
590 605 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) {
591 606 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed"));
592 607 goto kcc_out;
593 608 }
594 609
595 610 if (kciphers->ml_return_value == CRYPTO_BUFFER_TOO_SMALL) {
596 611 count = kciphers->ml_count;
597 612 free(kciphers);
598 613 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) +
599 614 sizeof (crypto_mech_name_t) * (count - 1));
600 615 if (kciphers == NULL) {
601 616 warn(gettext("failed to allocate memory for list of "
602 617 "kernel mechanisms"));
603 618 goto kcc_out;
604 619 }
605 620 kciphers->ml_count = count;
606 621
607 622 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) {
608 623 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed"));
609 624 goto kcc_out;
610 625 }
611 626 }
612 627
613 628 if (kciphers->ml_return_value != CRYPTO_SUCCESS) {
614 629 warn(gettext(
615 630 "CRYPTO_GET_MECHANISM_LIST ioctl return value = %d\n"),
616 631 kciphers->ml_return_value);
617 632 goto kcc_out;
618 633 }
619 634
620 635 /*
621 636 * scan list of kernel ciphers looking for the selected one and if
622 637 * it needs an iv generated using another cipher, also look for that
623 638 * additional cipher to be used for generating the iv
624 639 */
625 640 count = kciphers->ml_count;
626 641 for (i = 0; i < count && !(ciph_ok && iv_ok); i++) {
627 642 if (!ciph_ok &&
628 643 strcasecmp(cipher->name, kciphers->ml_list[i]) == 0)
629 644 ciph_ok = B_TRUE;
630 645 if (!iv_ok &&
631 646 strcasecmp(cipher->iv_name, kciphers->ml_list[i]) == 0)
632 647 iv_ok = B_TRUE;
633 648 }
634 649 free(kciphers);
635 650 kciphers = NULL;
636 651
637 652 if (!ciph_ok)
638 653 warn(gettext("%s mechanism not supported in kernel\n"),
639 654 cipher->name);
640 655 if (!iv_ok)
641 656 warn(gettext("%s mechanism not supported in kernel\n"),
642 657 cipher->iv_name);
643 658
644 659 if (ciph_ok) {
645 660 /* Get the details about the user selected cipher */
646 661 count = DEFAULT_MECHINFO_NUM;
647 662 kinfo = malloc(sizeof (crypto_get_all_mechanism_info_t) +
648 663 sizeof (crypto_mechanism_info_t) * (count - 1));
649 664 if (kinfo == NULL) {
650 665 warn(gettext("failed to allocate memory for "
651 666 "kernel mechanism info"));
652 667 goto kcc_out;
653 668 }
654 669 kinfo->mi_count = count;
655 670 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name,
656 671 CRYPTO_MAX_MECH_NAME);
657 672
658 673 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) == -1) {
659 674 warn(gettext(
660 675 "CRYPTO_GET_ALL_MECHANISM_INFO ioctl failed"));
661 676 goto kcc_out;
662 677 }
663 678
664 679 if (kinfo->mi_return_value == CRYPTO_BUFFER_TOO_SMALL) {
665 680 count = kinfo->mi_count;
666 681 free(kinfo);
667 682 kinfo = malloc(
668 683 sizeof (crypto_get_all_mechanism_info_t) +
669 684 sizeof (crypto_mechanism_info_t) * (count - 1));
670 685 if (kinfo == NULL) {
671 686 warn(gettext("failed to allocate memory for "
672 687 "kernel mechanism info"));
673 688 goto kcc_out;
674 689 }
675 690 kinfo->mi_count = count;
676 691 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name,
677 692 CRYPTO_MAX_MECH_NAME);
678 693
679 694 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) ==
680 695 -1) {
681 696 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO "
682 697 "ioctl failed"));
683 698 goto kcc_out;
684 699 }
685 700 }
686 701
687 702 if (kinfo->mi_return_value != CRYPTO_SUCCESS) {
688 703 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO ioctl "
689 704 "return value = %d\n"), kinfo->mi_return_value);
690 705 goto kcc_out;
691 706 }
692 707
693 708 /* Set key min and max size */
694 709 count = kinfo->mi_count;
695 710 i = 0;
696 711 if (i < count) {
697 712 keymin = kinfo->mi_list[i].mi_min_key_size;
698 713 keymax = kinfo->mi_list[i].mi_max_key_size;
699 714 if (kinfo->mi_list[i].mi_keysize_unit &
700 715 CRYPTO_KEYSIZE_UNIT_IN_BITS) {
701 716 keymin = CRYPTO_BITS2BYTES(keymin);
702 717 keymax = CRYPTO_BITS2BYTES(keymax);
703 718
704 719 }
705 720 cipher->min_keysize = keymin;
706 721 cipher->max_keysize = keymax;
707 722 }
708 723 free(kinfo);
709 724 kinfo = NULL;
710 725
711 726 if (i == count) {
712 727 (void) close(fd);
713 728 die(gettext(
714 729 "failed to find usable %s kernel mechanism, "
715 730 "use \"cryptoadm list -m\" to find available "
716 731 "mechanisms\n"),
717 732 cipher->name);
718 733 }
719 734 }
720 735
721 736 /* Note: key min/max, unit size, usage for iv cipher are not checked. */
722 737
723 738 return (ciph_ok && iv_ok);
724 739
725 740 kcc_out:
726 741 if (kinfo != NULL)
727 742 free(kinfo);
728 743 if (kciphers != NULL)
729 744 free(kciphers);
730 745 if (fd != -1)
731 746 (void) close(fd);
732 747 return (B_FALSE);
733 748 }
734 749
735 750 /*
736 751 * Break up token spec into its components (non-destructive)
737 752 */
738 753 static token_spec_t *
739 754 parsetoken(char *spec)
740 755 {
741 756 #define FLD_NAME 0
742 757 #define FLD_MANUF 1
743 758 #define FLD_SERIAL 2
744 759 #define FLD_LABEL 3
745 760 #define NFIELDS 4
746 761 #define nullfield(i) ((field[(i)+1] - field[(i)]) <= 1)
747 762 #define copyfield(fld, i) \
748 763 { \
749 764 int n; \
750 765 (fld) = NULL; \
751 766 if ((n = (field[(i)+1] - field[(i)])) > 1) { \
752 767 if (((fld) = malloc(n)) != NULL) { \
753 768 (void) strncpy((fld), field[(i)], n); \
754 769 ((fld))[n - 1] = '\0'; \
755 770 } \
756 771 } \
757 772 }
758 773
759 774 int i;
760 775 char *field[NFIELDS + 1]; /* +1 to catch extra delimiters */
761 776 token_spec_t *ti = NULL;
762 777
763 778 if (spec == NULL)
764 779 return (NULL);
765 780
766 781 /*
767 782 * Correct format is "[name]:[manuf]:[serial]:key". Can't use
768 783 * strtok because it treats ":::key" and "key:::" and "key" all
769 784 * as the same thing, and we can't have the :s compressed away.
770 785 */
771 786 field[0] = spec;
772 787 for (i = 1; i < NFIELDS + 1; i++) {
773 788 field[i] = strchr(field[i-1], ':');
774 789 if (field[i] == NULL)
775 790 break;
776 791 field[i]++;
777 792 }
778 793 if (i < NFIELDS) /* not enough fields */
779 794 return (NULL);
780 795 if (field[NFIELDS] != NULL) /* too many fields */
781 796 return (NULL);
782 797 field[NFIELDS] = strchr(field[NFIELDS-1], '\0') + 1;
783 798
784 799 /* key label can't be empty */
785 800 if (nullfield(FLD_LABEL))
786 801 return (NULL);
787 802
788 803 ti = malloc(sizeof (token_spec_t));
789 804 if (ti == NULL)
790 805 return (NULL);
791 806
792 807 copyfield(ti->name, FLD_NAME);
793 808 copyfield(ti->mfr, FLD_MANUF);
794 809 copyfield(ti->serno, FLD_SERIAL);
795 810 copyfield(ti->key, FLD_LABEL);
796 811
797 812 /*
798 813 * If token specified and it only contains a key label, then
799 814 * search all tokens for the key, otherwise only those with
800 815 * matching name, mfr, and serno are used.
801 816 */
802 817 /*
803 818 * That's how we'd like it to be, however, if only the key label
804 819 * is specified, default to using softtoken. It's easier.
805 820 */
806 821 if (ti->name == NULL && ti->mfr == NULL && ti->serno == NULL)
807 822 ti->name = strdup(pkcs11_default_token());
808 823 return (ti);
809 824 }
810 825
811 826 /*
812 827 * PBE the passphrase into a raw key
813 828 */
814 829 static void
815 830 getkeyfromuser(mech_alias_t *cipher, char **raw_key, size_t *raw_key_sz)
816 831 {
817 832 CK_SESSION_HANDLE sess;
818 833 CK_RV rv;
819 834 char *pass = NULL;
820 835 size_t passlen = 0;
821 836 void *salt = NULL; /* don't use NULL, see note on salt below */
822 837 size_t saltlen = 0;
823 838 CK_KEY_TYPE ktype;
824 839 void *kvalue;
825 840 size_t klen;
826 841
827 842 /* did init_crypto find a slot that supports this cipher? */
828 843 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) {
829 844 rv = CKR_MECHANISM_INVALID;
830 845 goto cleanup;
831 846 }
832 847
833 848 rv = pkcs11_mech2keytype(cipher->type, &ktype);
834 849 if (rv != CKR_OK)
835 850 goto cleanup;
836 851
837 852 /*
838 853 * use the passphrase to generate a PBE PKCS#5 secret key and
839 854 * retrieve the raw key data to eventually pass it to the kernel;
840 855 */
841 856 rv = C_OpenSession(cipher->slot, CKF_SERIAL_SESSION, NULL, NULL, &sess);
842 857 if (rv != CKR_OK)
843 858 goto cleanup;
844 859
845 860 /* get user passphrase with 8 byte minimum */
846 861 if (pkcs11_get_pass(NULL, &pass, &passlen, MIN_PASSLEN, B_TRUE) < 0) {
847 862 die(gettext("passphrases do not match\n"));
848 863 }
849 864
850 865 /*
851 866 * salt should not be NULL, or else pkcs11_PasswdToKey() will
852 867 * complain about CKR_MECHANISM_PARAM_INVALID; the following is
853 868 * to make up for not having a salt until a proper one is used
854 869 */
855 870 salt = pass;
856 871 saltlen = passlen;
857 872
858 873 klen = cipher->max_keysize;
859 874 rv = pkcs11_PasswdToKey(sess, pass, passlen, salt, saltlen, ktype,
860 875 cipher->max_keysize, &kvalue, &klen);
861 876
862 877 (void) C_CloseSession(sess);
863 878
864 879 if (rv != CKR_OK) {
865 880 goto cleanup;
866 881 }
867 882
868 883 /* assert(klen == cipher->max_keysize); */
869 884 *raw_key_sz = klen;
870 885 *raw_key = (char *)kvalue;
871 886 return;
872 887
873 888 cleanup:
874 889 die(gettext("failed to generate %s key from passphrase: %s"),
875 890 cipher->alias, pkcs11_strerror(rv));
876 891 }
877 892
878 893 /*
879 894 * Read raw key from file; also handles ephemeral keys.
880 895 */
881 896 void
882 897 getkeyfromfile(const char *pathname, mech_alias_t *cipher, char **key,
883 898 size_t *ksz)
884 899 {
885 900 int fd;
886 901 struct stat sbuf;
887 902 boolean_t notplain = B_FALSE;
888 903 ssize_t cursz;
889 904 ssize_t nread;
890 905
891 906 /* ephemeral keys are just random data */
892 907 if (pathname == NULL) {
893 908 *ksz = cipher->max_keysize;
894 909 *key = malloc(*ksz);
895 910 if (*key == NULL)
896 911 die(gettext("failed to allocate memory for"
897 912 " ephemeral key"));
898 913 if (pkcs11_get_urandom(*key, *ksz) < 0) {
899 914 free(*key);
900 915 die(gettext("failed to get enough random data"));
901 916 }
902 917 return;
903 918 }
904 919
905 920 /*
906 921 * If the remaining section of code didn't also check for secure keyfile
907 922 * permissions and whether the key is within cipher min and max lengths,
908 923 * (or, if those things moved out of this block), we could have had:
909 924 * if (pkcs11_read_data(pathname, key, ksz) < 0)
910 925 * handle_error();
911 926 */
912 927
913 928 if ((fd = open(pathname, O_RDONLY, 0)) == -1)
914 929 die(gettext("open of keyfile (%s) failed"), pathname);
915 930
916 931 if (fstat(fd, &sbuf) == -1)
917 932 die(gettext("fstat of keyfile (%s) failed"), pathname);
918 933
919 934 if (S_ISREG(sbuf.st_mode)) {
920 935 if ((sbuf.st_mode & (S_IWGRP | S_IWOTH)) != 0)
921 936 die(gettext("insecure permissions on keyfile %s\n"),
922 937 pathname);
923 938
924 939 *ksz = sbuf.st_size;
925 940 if (*ksz < cipher->min_keysize || cipher->max_keysize < *ksz) {
926 941 warn(gettext("%s: invalid keysize: %d\n"),
927 942 pathname, (int)*ksz);
928 943 die(gettext("\t%d <= keysize <= %d\n"),
929 944 cipher->min_keysize, cipher->max_keysize);
930 945 }
931 946 } else {
932 947 *ksz = cipher->max_keysize;
933 948 notplain = B_TRUE;
934 949 }
935 950
936 951 *key = malloc(*ksz);
937 952 if (*key == NULL)
938 953 die(gettext("failed to allocate memory for key from file"));
939 954
940 955 for (cursz = 0, nread = 0; cursz < *ksz; cursz += nread) {
941 956 nread = read(fd, *key, *ksz);
942 957 if (nread > 0)
943 958 continue;
944 959 /*
945 960 * nread == 0. If it's not a regular file we were trying to
946 961 * get the maximum keysize of data possible for this cipher.
947 962 * But if we've got at least the minimum keysize of data,
948 963 * round down to the nearest keysize unit and call it good.
949 964 * If we haven't met the minimum keysize, that's an error.
950 965 * If it's a regular file, nread = 0 is also an error.
951 966 */
952 967 if (nread == 0 && notplain && cursz >= cipher->min_keysize) {
953 968 *ksz = (cursz / cipher->min_keysize) *
954 969 cipher->min_keysize;
955 970 break;
956 971 }
957 972 die(gettext("%s: can't read all keybytes"), pathname);
958 973 }
959 974 (void) close(fd);
960 975 }
961 976
962 977 /*
963 978 * Read the raw key from token, or from a file that was wrapped with a
964 979 * key from token
965 980 */
966 981 void
967 982 getkeyfromtoken(CK_SESSION_HANDLE sess,
968 983 token_spec_t *token, const char *keyfile, mech_alias_t *cipher,
969 984 char **raw_key, size_t *raw_key_sz)
970 985 {
971 986 CK_RV rv = CKR_OK;
972 987 CK_BBOOL trueval = B_TRUE;
973 988 CK_OBJECT_CLASS kclass; /* secret key or RSA private key */
974 989 CK_KEY_TYPE ktype; /* from selected cipher or CKK_RSA */
975 990 CK_KEY_TYPE raw_ktype; /* from selected cipher */
976 991 CK_ATTRIBUTE key_tmpl[] = {
977 992 { CKA_CLASS, NULL, 0 }, /* re-used for token key and unwrap */
978 993 { CKA_KEY_TYPE, NULL, 0 }, /* ditto */
979 994 { CKA_LABEL, NULL, 0 },
980 995 { CKA_TOKEN, NULL, 0 },
981 996 { CKA_PRIVATE, NULL, 0 }
982 997 };
983 998 CK_ULONG attrs = sizeof (key_tmpl) / sizeof (CK_ATTRIBUTE);
984 999 int i;
985 1000 char *pass = NULL;
986 1001 size_t passlen = 0;
987 1002 CK_OBJECT_HANDLE obj, rawobj;
988 1003 CK_ULONG num_objs = 1; /* just want to find 1 token key */
989 1004 CK_MECHANISM unwrap = { CKM_RSA_PKCS, NULL, 0 };
990 1005 char *rkey;
991 1006 size_t rksz;
992 1007
993 1008 if (token == NULL || token->key == NULL)
994 1009 return;
995 1010
996 1011 /* did init_crypto find a slot that supports this cipher? */
997 1012 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) {
998 1013 die(gettext("failed to find any cryptographic provider, "
999 1014 "use \"cryptoadm list -p\" to find providers: %s\n"),
1000 1015 pkcs11_strerror(CKR_MECHANISM_INVALID));
1001 1016 }
1002 1017
1003 1018 if (pkcs11_get_pass(token->name, &pass, &passlen, 0, B_FALSE) < 0)
1004 1019 die(gettext("unable to get passphrase"));
1005 1020
1006 1021 /* use passphrase to login to token */
1007 1022 if (pass != NULL && passlen > 0) {
1008 1023 rv = C_Login(sess, CKU_USER, (CK_UTF8CHAR_PTR)pass, passlen);
1009 1024 if (rv != CKR_OK) {
1010 1025 die(gettext("cannot login to the token %s: %s\n"),
1011 1026 token->name, pkcs11_strerror(rv));
1012 1027 }
1013 1028 }
1014 1029
1015 1030 rv = pkcs11_mech2keytype(cipher->type, &raw_ktype);
1016 1031 if (rv != CKR_OK) {
1017 1032 die(gettext("failed to get key type for cipher %s: %s\n"),
1018 1033 cipher->name, pkcs11_strerror(rv));
1019 1034 }
1020 1035
1021 1036 /*
1022 1037 * If no keyfile was given, then the token key is secret key to
1023 1038 * be used for encryption/decryption. Otherwise, the keyfile
1024 1039 * contains a wrapped secret key, and the token is actually the
1025 1040 * unwrapping RSA private key.
1026 1041 */
1027 1042 if (keyfile == NULL) {
1028 1043 kclass = CKO_SECRET_KEY;
1029 1044 ktype = raw_ktype;
1030 1045 } else {
1031 1046 kclass = CKO_PRIVATE_KEY;
1032 1047 ktype = CKK_RSA;
1033 1048 }
1034 1049
1035 1050 /* Find the key in the token first */
1036 1051 for (i = 0; i < attrs; i++) {
1037 1052 switch (key_tmpl[i].type) {
1038 1053 case CKA_CLASS:
1039 1054 key_tmpl[i].pValue = &kclass;
1040 1055 key_tmpl[i].ulValueLen = sizeof (kclass);
1041 1056 break;
1042 1057 case CKA_KEY_TYPE:
1043 1058 key_tmpl[i].pValue = &ktype;
1044 1059 key_tmpl[i].ulValueLen = sizeof (ktype);
1045 1060 break;
1046 1061 case CKA_LABEL:
1047 1062 key_tmpl[i].pValue = token->key;
1048 1063 key_tmpl[i].ulValueLen = strlen(token->key);
1049 1064 break;
1050 1065 case CKA_TOKEN:
1051 1066 key_tmpl[i].pValue = &trueval;
1052 1067 key_tmpl[i].ulValueLen = sizeof (trueval);
1053 1068 break;
1054 1069 case CKA_PRIVATE:
1055 1070 key_tmpl[i].pValue = &trueval;
1056 1071 key_tmpl[i].ulValueLen = sizeof (trueval);
1057 1072 break;
1058 1073 default:
1059 1074 break;
1060 1075 }
1061 1076 }
1062 1077 rv = C_FindObjectsInit(sess, key_tmpl, attrs);
1063 1078 if (rv != CKR_OK)
1064 1079 die(gettext("cannot find key %s: %s\n"), token->key,
1065 1080 pkcs11_strerror(rv));
1066 1081 rv = C_FindObjects(sess, &obj, 1, &num_objs);
1067 1082 (void) C_FindObjectsFinal(sess);
1068 1083
1069 1084 if (num_objs == 0) {
1070 1085 die(gettext("cannot find key %s\n"), token->key);
1071 1086 } else if (rv != CKR_OK) {
1072 1087 die(gettext("cannot find key %s: %s\n"), token->key,
1073 1088 pkcs11_strerror(rv));
1074 1089 }
1075 1090
1076 1091 /*
1077 1092 * No keyfile means when token key is found, convert it to raw key,
1078 1093 * and done. Otherwise still need do an unwrap to create yet another
1079 1094 * obj and that needs to be converted to raw key before we're done.
1080 1095 */
1081 1096 if (keyfile == NULL) {
1082 1097 /* obj contains raw key, extract it */
1083 1098 rv = pkcs11_ObjectToKey(sess, obj, (void **)&rkey, &rksz,
1084 1099 B_FALSE);
1085 1100 if (rv != CKR_OK) {
1086 1101 die(gettext("failed to get key value for %s"
1087 1102 " from token %s, %s\n"), token->key,
1088 1103 token->name, pkcs11_strerror(rv));
1089 1104 }
1090 1105 } else {
1091 1106 getkeyfromfile(keyfile, cipher, &rkey, &rksz);
1092 1107
1093 1108 /*
1094 1109 * Got the wrapping RSA obj and the wrapped key from file.
1095 1110 * Unwrap the key from file with RSA obj to get rawkey obj.
1096 1111 */
1097 1112
1098 1113 /* re-use the first two attributes of key_tmpl */
1099 1114 kclass = CKO_SECRET_KEY;
1100 1115 ktype = raw_ktype;
1101 1116
1102 1117 rv = C_UnwrapKey(sess, &unwrap, obj, (CK_BYTE_PTR)rkey,
1103 1118 rksz, key_tmpl, 2, &rawobj);
1104 1119 if (rv != CKR_OK) {
1105 1120 die(gettext("failed to unwrap key in keyfile %s,"
1106 1121 " %s\n"), keyfile, pkcs11_strerror(rv));
1107 1122 }
1108 1123 /* rawobj contains raw key, extract it */
1109 1124 rv = pkcs11_ObjectToKey(sess, rawobj, (void **)&rkey, &rksz,
1110 1125 B_TRUE);
1111 1126 if (rv != CKR_OK) {
1112 1127 die(gettext("failed to get unwrapped key value for"
1113 1128 " key in keyfile %s, %s\n"), keyfile,
1114 1129 pkcs11_strerror(rv));
1115 1130 }
1116 1131 }
1117 1132
1118 1133 /* validate raw key size */
1119 1134 if (rksz < cipher->min_keysize || cipher->max_keysize < rksz) {
1120 1135 warn(gettext("%s: invalid keysize: %d\n"), keyfile, (int)rksz);
1121 1136 die(gettext("\t%d <= keysize <= %d\n"), cipher->min_keysize,
1122 1137 cipher->max_keysize);
1123 1138 }
1124 1139
1125 1140 *raw_key_sz = rksz;
1126 1141 *raw_key = (char *)rkey;
1127 1142 }
1128 1143
1129 1144 /*
1130 1145 * Set up cipher key limits and verify PKCS#11 can be done
1131 1146 * match_token_cipher is the function pointer used by
1132 1147 * pkcs11_GetCriteriaSession() init_crypto.
1133 1148 */
1134 1149 boolean_t
1135 1150 match_token_cipher(CK_SLOT_ID slot_id, void *args, CK_RV *rv)
1136 1151 {
1137 1152 token_spec_t *token;
1138 1153 mech_alias_t *cipher;
1139 1154 CK_TOKEN_INFO tokinfo;
1140 1155 CK_MECHANISM_INFO mechinfo;
1141 1156 boolean_t token_match;
1142 1157
1143 1158 /*
1144 1159 * While traversing slot list, pick up the following info per slot:
1145 1160 * - if token specified, whether it matches this slot's token info
1146 1161 * - if the slot supports the PKCS#5 PBKD2 cipher
1147 1162 *
1148 1163 * If the user said on the command line
1149 1164 * -T tok:mfr:ser:lab -k keyfile
1150 1165 * -c cipher -T tok:mfr:ser:lab -k keyfile
1151 1166 * the given cipher or the default cipher apply to keyfile,
1152 1167 * If the user said instead
1153 1168 * -T tok:mfr:ser:lab
1154 1169 * -c cipher -T tok:mfr:ser:lab
1155 1170 * the key named "lab" may or may not agree with the given
1156 1171 * cipher or the default cipher. In those cases, cipher will
1157 1172 * be overridden with the actual cipher type of the key "lab".
1158 1173 */
1159 1174 *rv = CKR_FUNCTION_FAILED;
1160 1175
1161 1176 if (args == NULL) {
1162 1177 return (B_FALSE);
1163 1178 }
1164 1179
1165 1180 cipher = (mech_alias_t *)args;
1166 1181 token = cipher->token;
1167 1182
1168 1183 if (C_GetMechanismInfo(slot_id, cipher->type, &mechinfo) != CKR_OK) {
1169 1184 return (B_FALSE);
1170 1185 }
1171 1186
1172 1187 if (token == NULL) {
1173 1188 if (C_GetMechanismInfo(slot_id, CKM_PKCS5_PBKD2, &mechinfo) !=
1174 1189 CKR_OK) {
1175 1190 return (B_FALSE);
1176 1191 }
1177 1192 goto foundit;
1178 1193 }
1179 1194
1180 1195 /* does the token match the token spec? */
1181 1196 if (token->key == NULL || (C_GetTokenInfo(slot_id, &tokinfo) != CKR_OK))
1182 1197 return (B_FALSE);
1183 1198
1184 1199 token_match = B_TRUE;
1185 1200
1186 1201 if (token->name != NULL && (token->name)[0] != '\0' &&
1187 1202 strncmp((char *)token->name, (char *)tokinfo.label,
1188 1203 TOKEN_LABEL_SIZE) != 0)
1189 1204 token_match = B_FALSE;
1190 1205 if (token->mfr != NULL && (token->mfr)[0] != '\0' &&
1191 1206 strncmp((char *)token->mfr, (char *)tokinfo.manufacturerID,
1192 1207 TOKEN_MANUFACTURER_SIZE) != 0)
1193 1208 token_match = B_FALSE;
1194 1209 if (token->serno != NULL && (token->serno)[0] != '\0' &&
1195 1210 strncmp((char *)token->serno, (char *)tokinfo.serialNumber,
1196 1211 TOKEN_SERIAL_SIZE) != 0)
1197 1212 token_match = B_FALSE;
1198 1213
1199 1214 if (!token_match)
1200 1215 return (B_FALSE);
1201 1216
1202 1217 foundit:
1203 1218 cipher->slot = slot_id;
1204 1219 return (B_TRUE);
1205 1220 }
1206 1221
1207 1222 /*
1208 1223 * Clean up crypto loose ends
1209 1224 */
1210 1225 static void
1211 1226 end_crypto(CK_SESSION_HANDLE sess)
1212 1227 {
1213 1228 (void) C_CloseSession(sess);
1214 1229 (void) C_Finalize(NULL);
1215 1230 }
1216 1231
1217 1232 /*
1218 1233 * Set up crypto, opening session on slot that matches token and cipher
1219 1234 */
1220 1235 static void
1221 1236 init_crypto(token_spec_t *token, mech_alias_t *cipher,
1222 1237 CK_SESSION_HANDLE_PTR sess)
1223 1238 {
1224 1239 CK_RV rv;
1225 1240
1226 1241 cipher->token = token;
1227 1242
1228 1243 /* Turn off Metaslot so that we can see actual tokens */
1229 1244 if (setenv("METASLOT_ENABLED", "false", 1) < 0) {
1230 1245 die(gettext("could not disable Metaslot"));
1231 1246 }
1232 1247
1233 1248 rv = pkcs11_GetCriteriaSession(match_token_cipher, (void *)cipher,
1234 1249 sess);
1235 1250 if (rv != CKR_OK) {
1236 1251 end_crypto(*sess);
1237 1252 if (rv == CKR_HOST_MEMORY) {
1238 1253 die("malloc");
1239 1254 }
1240 1255 die(gettext("failed to find any cryptographic provider, "
1241 1256 "use \"cryptoadm list -p\" to find providers: %s\n"),
1242 1257 pkcs11_strerror(rv));
1243 1258 }
1244 1259 }
1245 1260
1246 1261 /*
1247 1262 * Uncompress a file.
1248 1263 *
1249 1264 * First map the file in to establish a device
1250 1265 * association, then read from it. On-the-fly
1251 1266 * decompression will automatically uncompress
1252 1267 * the file if it's compressed
1253 1268 *
1254 1269 * If the file is mapped and a device association
1255 1270 * has been established, disallow uncompressing
1256 1271 * the file until it is unmapped.
1257 1272 */
1258 1273 static void
1259 1274 lofi_uncompress(int lfd, const char *filename)
1260 1275 {
1261 1276 struct lofi_ioctl li;
1262 1277 char buf[MAXBSIZE];
1263 1278 char devicename[32];
1264 1279 char tmpfilename[MAXPATHLEN];
1265 1280 char *x;
1266 1281 char *dir = NULL;
1267 1282 char *file = NULL;
1268 1283 int minor = 0;
1269 1284 struct stat64 statbuf;
1270 1285 int compfd = -1;
1271 1286 int uncompfd = -1;
1272 1287 ssize_t rbytes;
1273 1288
1274 1289 /*
1275 1290 * Disallow uncompressing the file if it is
1276 1291 * already mapped.
1277 1292 */
1278 1293 li.li_crypto_enabled = B_FALSE;
1279 1294 li.li_minor = 0;
1280 1295 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
1281 1296 if (ioctl(lfd, LOFI_GET_MINOR, &li) != -1)
1282 1297 die(gettext("%s must be unmapped before uncompressing"),
1283 1298 filename);
1284 1299
1285 1300 /* Zero length files don't need to be uncompressed */
1286 1301 if (stat64(filename, &statbuf) == -1)
1287 1302 die(gettext("stat: %s"), filename);
1288 1303 if (statbuf.st_size == 0)
1289 1304 return;
1290 1305
1291 1306 minor = lofi_map_file(lfd, li, filename);
1292 1307 (void) snprintf(devicename, sizeof (devicename), "/dev/%s/%d",
1293 1308 LOFI_BLOCK_NAME, minor);
1294 1309
1295 1310 /* If the file isn't compressed, we just return */
1296 1311 if ((ioctl(lfd, LOFI_CHECK_COMPRESSED, &li) == -1) ||
1297 1312 (li.li_algorithm[0] == '\0')) {
1298 1313 delete_mapping(lfd, devicename, filename, B_TRUE);
1299 1314 die("%s is not compressed\n", filename);
1300 1315 }
1301 1316
1302 1317 if ((compfd = open64(devicename, O_RDONLY | O_NONBLOCK)) == -1) {
1303 1318 delete_mapping(lfd, devicename, filename, B_TRUE);
1304 1319 die(gettext("open: %s"), filename);
1305 1320 }
1306 1321 /* Create a temp file in the same directory */
1307 1322 x = strdup(filename);
1308 1323 dir = strdup(dirname(x));
1309 1324 free(x);
1310 1325 x = strdup(filename);
1311 1326 file = strdup(basename(x));
1312 1327 free(x);
1313 1328 (void) snprintf(tmpfilename, sizeof (tmpfilename),
1314 1329 "%s/.%sXXXXXX", dir, file);
1315 1330 free(dir);
1316 1331 free(file);
1317 1332
1318 1333 if ((uncompfd = mkstemp64(tmpfilename)) == -1) {
1319 1334 (void) close(compfd);
1320 1335 delete_mapping(lfd, devicename, filename, B_TRUE);
1321 1336 die("%s could not be uncompressed\n", filename);
1322 1337 }
1323 1338
1324 1339 /*
1325 1340 * Set the mode bits and the owner of this temporary
1326 1341 * file to be that of the original uncompressed file
1327 1342 */
1328 1343 (void) fchmod(uncompfd, statbuf.st_mode);
1329 1344
1330 1345 if (fchown(uncompfd, statbuf.st_uid, statbuf.st_gid) == -1) {
1331 1346 (void) close(compfd);
1332 1347 (void) close(uncompfd);
1333 1348 delete_mapping(lfd, devicename, filename, B_TRUE);
1334 1349 die("%s could not be uncompressed\n", filename);
1335 1350 }
1336 1351
1337 1352 /* Now read from the device in MAXBSIZE-sized chunks */
1338 1353 for (;;) {
1339 1354 rbytes = read(compfd, buf, sizeof (buf));
1340 1355
1341 1356 if (rbytes <= 0)
1342 1357 break;
1343 1358
1344 1359 if (write(uncompfd, buf, rbytes) != rbytes) {
1345 1360 rbytes = -1;
1346 1361 break;
1347 1362 }
1348 1363 }
1349 1364
1350 1365 (void) close(compfd);
1351 1366 (void) close(uncompfd);
1352 1367
1353 1368 /* Delete the mapping */
1354 1369 delete_mapping(lfd, devicename, filename, B_TRUE);
1355 1370
1356 1371 /*
1357 1372 * If an error occured while reading or writing, rbytes will
1358 1373 * be negative
1359 1374 */
1360 1375 if (rbytes < 0) {
1361 1376 (void) unlink(tmpfilename);
1362 1377 die(gettext("could not read from %s"), filename);
1363 1378 }
1364 1379
1365 1380 /* Rename the temp file to the actual file */
1366 1381 if (rename(tmpfilename, filename) == -1)
1367 1382 (void) unlink(tmpfilename);
1368 1383 }
1369 1384
1370 1385 /*
1371 1386 * Compress a file
1372 1387 */
1373 1388 static void
1374 1389 lofi_compress(int *lfd, const char *filename, int compress_index,
1375 1390 uint32_t segsize)
1376 1391 {
1377 1392 struct lofi_ioctl lic;
1378 1393 lofi_compress_info_t *li;
1379 1394 struct flock lock;
1380 1395 char tmpfilename[MAXPATHLEN];
1381 1396 char comp_filename[MAXPATHLEN];
1382 1397 char algorithm[MAXALGLEN];
1383 1398 char *x;
1384 1399 char *dir = NULL, *file = NULL;
1385 1400 uchar_t *uncompressed_seg = NULL;
1386 1401 uchar_t *compressed_seg = NULL;
1387 1402 uint32_t compressed_segsize;
1388 1403 uint32_t len_compressed, count;
1389 1404 uint32_t index_entries, index_sz;
1390 1405 uint64_t *index = NULL;
1391 1406 uint64_t offset;
1392 1407 size_t real_segsize;
1393 1408 struct stat64 statbuf;
1394 1409 int compfd = -1, uncompfd = -1;
1395 1410 int tfd = -1;
1396 1411 ssize_t rbytes, wbytes, lastread;
1397 1412 int i, type;
1398 1413
1399 1414 /*
1400 1415 * Disallow compressing the file if it is
1401 1416 * already mapped
1402 1417 */
1403 1418 lic.li_minor = 0;
1404 1419 (void) strlcpy(lic.li_filename, filename, sizeof (lic.li_filename));
1405 1420 if (ioctl(*lfd, LOFI_GET_MINOR, &lic) != -1)
1406 1421 die(gettext("%s must be unmapped before compressing"),
1407 1422 filename);
1408 1423
1409 1424 /*
1410 1425 * Close the control device so other operations
1411 1426 * can use it
1412 1427 */
1413 1428 (void) close(*lfd);
1414 1429 *lfd = -1;
1415 1430
1416 1431 li = &lofi_compress_table[compress_index];
1417 1432
1418 1433 /*
1419 1434 * The size of the buffer to hold compressed data must
1420 1435 * be slightly larger than the compressed segment size.
1421 1436 *
1422 1437 * The compress functions use part of the buffer as
1423 1438 * scratch space to do calculations.
1424 1439 * Ref: http://www.zlib.net/manual.html#compress2
1425 1440 */
1426 1441 compressed_segsize = segsize + (segsize >> 6);
1427 1442 compressed_seg = (uchar_t *)malloc(compressed_segsize + SEGHDR);
1428 1443 uncompressed_seg = (uchar_t *)malloc(segsize);
1429 1444
1430 1445 if (compressed_seg == NULL || uncompressed_seg == NULL)
1431 1446 die(gettext("No memory"));
1432 1447
1433 1448 if ((uncompfd = open64(filename, O_RDWR|O_LARGEFILE, 0)) == -1)
1434 1449 die(gettext("open: %s"), filename);
1435 1450
1436 1451 lock.l_type = F_WRLCK;
1437 1452 lock.l_whence = SEEK_SET;
1438 1453 lock.l_start = 0;
1439 1454 lock.l_len = 0;
1440 1455
1441 1456 /*
1442 1457 * Use an advisory lock to ensure that only a
1443 1458 * single lofiadm process compresses a given
1444 1459 * file at any given time
1445 1460 *
1446 1461 * A close on the file descriptor automatically
1447 1462 * closes all lock state on the file
1448 1463 */
1449 1464 if (fcntl(uncompfd, F_SETLKW, &lock) == -1)
1450 1465 die(gettext("fcntl: %s"), filename);
1451 1466
1452 1467 if (fstat64(uncompfd, &statbuf) == -1) {
1453 1468 (void) close(uncompfd);
1454 1469 die(gettext("fstat: %s"), filename);
1455 1470 }
1456 1471
1457 1472 /* Zero length files don't need to be compressed */
1458 1473 if (statbuf.st_size == 0) {
1459 1474 (void) close(uncompfd);
1460 1475 return;
1461 1476 }
1462 1477
1463 1478 /*
1464 1479 * Create temporary files in the same directory that
1465 1480 * will hold the intermediate data
1466 1481 */
1467 1482 x = strdup(filename);
1468 1483 dir = strdup(dirname(x));
1469 1484 free(x);
1470 1485 x = strdup(filename);
1471 1486 file = strdup(basename(x));
1472 1487 free(x);
1473 1488 (void) snprintf(tmpfilename, sizeof (tmpfilename),
1474 1489 "%s/.%sXXXXXX", dir, file);
1475 1490 (void) snprintf(comp_filename, sizeof (comp_filename),
1476 1491 "%s/.%sXXXXXX", dir, file);
1477 1492 free(dir);
1478 1493 free(file);
1479 1494
1480 1495 if ((tfd = mkstemp64(tmpfilename)) == -1)
1481 1496 goto cleanup;
1482 1497
1483 1498 if ((compfd = mkstemp64(comp_filename)) == -1)
1484 1499 goto cleanup;
1485 1500
1486 1501 /*
1487 1502 * Set the mode bits and owner of the compressed
1488 1503 * file to be that of the original uncompressed file
1489 1504 */
1490 1505 (void) fchmod(compfd, statbuf.st_mode);
1491 1506
1492 1507 if (fchown(compfd, statbuf.st_uid, statbuf.st_gid) == -1)
1493 1508 goto cleanup;
1494 1509
1495 1510 /*
1496 1511 * Calculate the number of index entries required.
1497 1512 * index entries are stored as an array. adding
1498 1513 * a '2' here accounts for the fact that the last
1499 1514 * segment may not be a multiple of the segment size
1500 1515 */
1501 1516 index_sz = (statbuf.st_size / segsize) + 2;
1502 1517 index = malloc(sizeof (*index) * index_sz);
1503 1518
1504 1519 if (index == NULL)
1505 1520 goto cleanup;
1506 1521
1507 1522 offset = 0;
1508 1523 lastread = segsize;
1509 1524 count = 0;
1510 1525
1511 1526 /*
1512 1527 * Now read from the uncompressed file in 'segsize'
1513 1528 * sized chunks, compress what was read in and
1514 1529 * write it out to a temporary file
1515 1530 */
1516 1531 for (;;) {
1517 1532 rbytes = read(uncompfd, uncompressed_seg, segsize);
1518 1533
1519 1534 if (rbytes <= 0)
1520 1535 break;
1521 1536
1522 1537 if (lastread < segsize)
1523 1538 goto cleanup;
1524 1539
1525 1540 /*
1526 1541 * Account for the first byte that
1527 1542 * indicates whether a segment is
1528 1543 * compressed or not
1529 1544 */
1530 1545 real_segsize = segsize - 1;
1531 1546 (void) li->l_compress(uncompressed_seg, rbytes,
1532 1547 compressed_seg + SEGHDR, &real_segsize, li->l_level);
1533 1548
1534 1549 /*
1535 1550 * If the length of the compressed data is more
1536 1551 * than a threshold then there isn't any benefit
1537 1552 * to be had from compressing this segment - leave
1538 1553 * it uncompressed.
1539 1554 *
1540 1555 * NB. In case an error occurs during compression (above)
1541 1556 * the 'real_segsize' isn't changed. The logic below
1542 1557 * ensures that that segment is left uncompressed.
1543 1558 */
1544 1559 len_compressed = real_segsize;
1545 1560 if (segsize <= COMPRESS_THRESHOLD ||
1546 1561 real_segsize > (segsize - COMPRESS_THRESHOLD)) {
1547 1562 (void) memcpy(compressed_seg + SEGHDR, uncompressed_seg,
1548 1563 rbytes);
1549 1564 type = UNCOMPRESSED;
1550 1565 len_compressed = rbytes;
1551 1566 } else {
1552 1567 type = COMPRESSED;
1553 1568 }
1554 1569
1555 1570 /*
1556 1571 * Set the first byte or the SEGHDR to
1557 1572 * indicate if it's compressed or not
1558 1573 */
1559 1574 *compressed_seg = type;
1560 1575 wbytes = write(tfd, compressed_seg, len_compressed + SEGHDR);
1561 1576 if (wbytes != (len_compressed + SEGHDR)) {
1562 1577 rbytes = -1;
1563 1578 break;
1564 1579 }
1565 1580
1566 1581 index[count] = BE_64(offset);
1567 1582 offset += wbytes;
1568 1583 lastread = rbytes;
1569 1584 count++;
1570 1585 }
1571 1586
1572 1587 (void) close(uncompfd);
1573 1588
1574 1589 if (rbytes < 0)
1575 1590 goto cleanup;
1576 1591 /*
1577 1592 * The last index entry is a sentinel entry. It does not point to
1578 1593 * an actual compressed segment but helps in computing the size of
1579 1594 * the compressed segment. The size of each compressed segment is
1580 1595 * computed by subtracting the current index value from the next
1581 1596 * one (the compressed blocks are stored sequentially)
1582 1597 */
1583 1598 index[count++] = BE_64(offset);
1584 1599
1585 1600 /*
1586 1601 * Now write the compressed data along with the
1587 1602 * header information to this file which will
1588 1603 * later be renamed to the original uncompressed
1589 1604 * file name
1590 1605 *
1591 1606 * The header is as follows -
1592 1607 *
1593 1608 * Signature (name of the compression algorithm)
1594 1609 * Compression segment size (a multiple of 512)
1595 1610 * Number of index entries
1596 1611 * Size of the last block
1597 1612 * The array containing the index entries
1598 1613 *
1599 1614 * the header is always stored in network byte
1600 1615 * order
1601 1616 */
1602 1617 (void) bzero(algorithm, sizeof (algorithm));
1603 1618 (void) strlcpy(algorithm, li->l_name, sizeof (algorithm));
1604 1619 if (write(compfd, algorithm, sizeof (algorithm))
1605 1620 != sizeof (algorithm))
1606 1621 goto cleanup;
1607 1622
1608 1623 segsize = htonl(segsize);
1609 1624 if (write(compfd, &segsize, sizeof (segsize)) != sizeof (segsize))
1610 1625 goto cleanup;
1611 1626
1612 1627 index_entries = htonl(count);
1613 1628 if (write(compfd, &index_entries, sizeof (index_entries)) !=
1614 1629 sizeof (index_entries))
1615 1630 goto cleanup;
1616 1631
1617 1632 lastread = htonl(lastread);
1618 1633 if (write(compfd, &lastread, sizeof (lastread)) != sizeof (lastread))
1619 1634 goto cleanup;
1620 1635
1621 1636 for (i = 0; i < count; i++) {
1622 1637 if (write(compfd, index + i, sizeof (*index)) !=
1623 1638 sizeof (*index))
1624 1639 goto cleanup;
1625 1640 }
1626 1641
1627 1642 /* Header is written, now write the compressed data */
1628 1643 if (lseek(tfd, 0, SEEK_SET) != 0)
1629 1644 goto cleanup;
1630 1645
1631 1646 rbytes = wbytes = 0;
1632 1647
1633 1648 for (;;) {
1634 1649 rbytes = read(tfd, compressed_seg, compressed_segsize + SEGHDR);
1635 1650
1636 1651 if (rbytes <= 0)
1637 1652 break;
1638 1653
1639 1654 if (write(compfd, compressed_seg, rbytes) != rbytes)
1640 1655 goto cleanup;
1641 1656 }
1642 1657
1643 1658 if (fstat64(compfd, &statbuf) == -1)
1644 1659 goto cleanup;
1645 1660
1646 1661 /*
1647 1662 * Round up the compressed file size to be a multiple of
1648 1663 * DEV_BSIZE. lofi(7D) likes it that way.
1649 1664 */
1650 1665 if ((offset = statbuf.st_size % DEV_BSIZE) > 0) {
1651 1666
1652 1667 offset = DEV_BSIZE - offset;
1653 1668
1654 1669 for (i = 0; i < offset; i++)
1655 1670 uncompressed_seg[i] = '\0';
1656 1671 if (write(compfd, uncompressed_seg, offset) != offset)
1657 1672 goto cleanup;
1658 1673 }
1659 1674 (void) close(compfd);
1660 1675 (void) close(tfd);
1661 1676 (void) unlink(tmpfilename);
1662 1677 cleanup:
1663 1678 if (rbytes < 0) {
1664 1679 if (tfd != -1)
1665 1680 (void) unlink(tmpfilename);
1666 1681 if (compfd != -1)
1667 1682 (void) unlink(comp_filename);
1668 1683 die(gettext("error compressing file %s"), filename);
1669 1684 } else {
1670 1685 /* Rename the compressed file to the actual file */
1671 1686 if (rename(comp_filename, filename) == -1) {
1672 1687 (void) unlink(comp_filename);
1673 1688 die(gettext("error compressing file %s"), filename);
1674 1689 }
1675 1690 }
1676 1691 if (compressed_seg != NULL)
1677 1692 free(compressed_seg);
1678 1693 if (uncompressed_seg != NULL)
1679 1694 free(uncompressed_seg);
1680 1695 if (index != NULL)
1681 1696 free(index);
1682 1697 if (compfd != -1)
1683 1698 (void) close(compfd);
1684 1699 if (uncompfd != -1)
1685 1700 (void) close(uncompfd);
1686 1701 if (tfd != -1)
1687 1702 (void) close(tfd);
1688 1703 }
1689 1704
1690 1705 static int
1691 1706 lofi_compress_select(const char *algname)
1692 1707 {
1693 1708 int i;
1694 1709
1695 1710 for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) {
1696 1711 if (strcmp(lofi_compress_table[i].l_name, algname) == 0)
1697 1712 return (i);
1698 1713 }
1699 1714 return (-1);
1700 1715 }
1701 1716
1702 1717 static void
1703 1718 check_algorithm_validity(const char *algname, int *compress_index)
1704 1719 {
1705 1720 *compress_index = lofi_compress_select(algname);
1706 1721 if (*compress_index < 0)
1707 1722 die(gettext("invalid algorithm name: %s\n"), algname);
1708 1723 }
1709 1724
1710 1725 static void
1711 1726 check_file_validity(const char *filename)
1712 1727 {
1713 1728 struct stat64 buf;
1714 1729 int error;
1715 1730 int fd;
1716 1731
1717 1732 fd = open64(filename, O_RDONLY);
1718 1733 if (fd == -1) {
1719 1734 die(gettext("open: %s"), filename);
1720 1735 }
1721 1736 error = fstat64(fd, &buf);
1722 1737 if (error == -1) {
1723 1738 die(gettext("fstat: %s"), filename);
1724 1739 } else if (!S_ISLOFIABLE(buf.st_mode)) {
1725 1740 die(gettext("%s is not a regular file, "
1726 1741 "block, or character device\n"),
1727 1742 filename);
1728 1743 } else if ((buf.st_size % DEV_BSIZE) != 0) {
1729 1744 die(gettext("size of %s is not a multiple of %d\n"),
1730 1745 filename, DEV_BSIZE);
1731 1746 }
1732 1747 (void) close(fd);
1733 1748
1734 1749 if (name_to_minor(filename) != 0) {
1735 1750 die(gettext("cannot use %s on itself\n"), LOFI_DRIVER_NAME);
1736 1751 }
1737 1752 }
1738 1753
1739 1754 static uint32_t
1740 1755 convert_to_num(const char *str)
1741 1756 {
1742 1757 int len;
1743 1758 uint32_t segsize, mult = 1;
1744 1759
1745 1760 len = strlen(str);
1746 1761 if (len && isalpha(str[len - 1])) {
1747 1762 switch (str[len - 1]) {
1748 1763 case 'k':
1749 1764 case 'K':
1750 1765 mult = KILOBYTE;
1751 1766 break;
1752 1767 case 'b':
1753 1768 case 'B':
1754 1769 mult = BLOCK_SIZE;
1755 1770 break;
1756 1771 case 'm':
1757 1772 case 'M':
1758 1773 mult = MEGABYTE;
1759 1774 break;
1760 1775 case 'g':
1761 1776 case 'G':
1762 1777 mult = GIGABYTE;
1763 1778 break;
1764 1779 default:
1765 1780 die(gettext("invalid segment size %s\n"), str);
1766 1781 }
1767 1782 }
1768 1783
1769 1784 segsize = atol(str);
1770 1785 segsize *= mult;
1771 1786
1772 1787 return (segsize);
1773 1788 }
1774 1789
1775 1790 int
1776 1791 main(int argc, char *argv[])
1777 1792 {
1778 1793 int lfd;
1779 1794 int c;
1780 1795 const char *devicename = NULL;
1781 1796 const char *filename = NULL;
|
↓ open down ↓ |
1242 lines elided |
↑ open up ↑ |
1782 1797 const char *algname = COMPRESS_ALGORITHM;
1783 1798 int openflag;
1784 1799 int minor;
1785 1800 int compress_index;
1786 1801 uint32_t segsize = SEGSIZE;
1787 1802 static char *lofictl = "/dev/" LOFI_CTL_NAME;
1788 1803 boolean_t force = B_FALSE;
1789 1804 const char *pname;
1790 1805 boolean_t errflag = B_FALSE;
1791 1806 boolean_t addflag = B_FALSE;
1807 + boolean_t rdflag = B_FALSE;
1792 1808 boolean_t deleteflag = B_FALSE;
1793 1809 boolean_t ephflag = B_FALSE;
1794 1810 boolean_t compressflag = B_FALSE;
1795 1811 boolean_t uncompressflag = B_FALSE;
1796 1812 /* the next two work together for -c, -k, -T, -e options only */
1797 1813 boolean_t need_crypto = B_FALSE; /* if any -c, -k, -T, -e */
1798 1814 boolean_t cipher_only = B_TRUE; /* if -c only */
1799 1815 const char *keyfile = NULL;
1800 1816 mech_alias_t *cipher = NULL;
1801 1817 token_spec_t *token = NULL;
1802 1818 char *rkey = NULL;
1803 1819 size_t rksz = 0;
1804 1820 char realfilename[MAXPATHLEN];
1805 1821
1806 1822 pname = getpname(argv[0]);
1807 1823
1808 1824 (void) setlocale(LC_ALL, "");
1809 1825 (void) textdomain(TEXT_DOMAIN);
1810 1826
1811 - while ((c = getopt(argc, argv, "a:c:Cd:efk:o:s:T:U")) != EOF) {
1827 + while ((c = getopt(argc, argv, "a:c:Cd:efk:o:rs:T:U")) != EOF) {
1812 1828 switch (c) {
1813 1829 case 'a':
1814 1830 addflag = B_TRUE;
1815 1831 if ((filename = realpath(optarg, realfilename)) == NULL)
1816 1832 die("%s", optarg);
1817 1833 if (((argc - optind) > 0) && (*argv[optind] != '-')) {
1818 1834 /* optional device */
1819 1835 devicename = argv[optind];
1820 1836 optind++;
1821 1837 }
1822 1838 break;
1823 1839 case 'C':
1824 1840 compressflag = B_TRUE;
1825 1841 if (((argc - optind) > 1) && (*argv[optind] != '-')) {
1826 1842 /* optional algorithm */
1827 1843 algname = argv[optind];
1828 1844 optind++;
1829 1845 }
1830 1846 check_algorithm_validity(algname, &compress_index);
1831 1847 break;
1832 1848 case 'c':
1833 1849 /* is the chosen cipher allowed? */
1834 1850 if ((cipher = ciph2mech(optarg)) == NULL) {
1835 1851 errflag = B_TRUE;
1836 1852 warn(gettext("cipher %s not allowed\n"),
1837 1853 optarg);
1838 1854 }
1839 1855 need_crypto = B_TRUE;
1840 1856 /* cipher_only is already set */
1841 1857 break;
1842 1858 case 'd':
1843 1859 deleteflag = B_TRUE;
1844 1860 minor = name_to_minor(optarg);
1845 1861 if (minor != 0)
1846 1862 devicename = optarg;
1847 1863 else {
1848 1864 if ((filename = realpath(optarg,
1849 1865 realfilename)) == NULL)
1850 1866 die("%s", optarg);
1851 1867 }
1852 1868 break;
1853 1869 case 'e':
1854 1870 ephflag = B_TRUE;
1855 1871 need_crypto = B_TRUE;
|
↓ open down ↓ |
34 lines elided |
↑ open up ↑ |
1856 1872 cipher_only = B_FALSE; /* need to unset cipher_only */
1857 1873 break;
1858 1874 case 'f':
1859 1875 force = B_TRUE;
1860 1876 break;
1861 1877 case 'k':
1862 1878 keyfile = optarg;
1863 1879 need_crypto = B_TRUE;
1864 1880 cipher_only = B_FALSE; /* need to unset cipher_only */
1865 1881 break;
1882 + case 'r':
1883 + rdflag = B_TRUE;
1884 + break;
1866 1885 case 's':
1867 1886 segsize = convert_to_num(optarg);
1868 1887 if (segsize < DEV_BSIZE || !ISP2(segsize))
1869 1888 die(gettext("segment size %s is invalid "
1870 1889 "or not a multiple of minimum block "
1871 1890 "size %ld\n"), optarg, DEV_BSIZE);
1872 1891 break;
1873 1892 case 'T':
1874 1893 if ((token = parsetoken(optarg)) == NULL) {
1875 1894 errflag = B_TRUE;
1876 1895 warn(
1877 1896 gettext("invalid token key specifier %s\n"),
1878 1897 optarg);
1879 1898 }
1880 1899 need_crypto = B_TRUE;
1881 1900 cipher_only = B_FALSE; /* need to unset cipher_only */
1882 1901 break;
1883 1902 case 'U':
1884 1903 uncompressflag = B_TRUE;
1885 1904 break;
|
↓ open down ↓ |
10 lines elided |
↑ open up ↑ |
1886 1905 case '?':
1887 1906 default:
1888 1907 errflag = B_TRUE;
1889 1908 break;
1890 1909 }
1891 1910 }
1892 1911
1893 1912 /* Check for mutually exclusive combinations of options */
1894 1913 if (errflag ||
1895 1914 (addflag && deleteflag) ||
1915 + (rdflag && !addflag) ||
1896 1916 (!addflag && need_crypto) ||
1897 1917 ((compressflag || uncompressflag) && (addflag || deleteflag)))
1898 1918 usage(pname);
1899 1919
1900 1920 /* ephemeral key, and key from either file or token are incompatible */
1901 1921 if (ephflag && (keyfile != NULL || token != NULL)) {
1902 1922 die(gettext("ephemeral key cannot be used with keyfile"
1903 1923 " or token key\n"));
1904 1924 }
1905 1925
1906 1926 /*
1907 1927 * "-c" but no "-k", "-T", "-e", or "-T -k" means derive key from
1908 1928 * command line passphrase
1909 1929 */
1910 1930
1911 1931 switch (argc - optind) {
1912 1932 case 0: /* no more args */
1913 1933 if (compressflag || uncompressflag) /* needs filename */
1914 1934 usage(pname);
1915 1935 break;
1916 1936 case 1:
1917 1937 if (addflag || deleteflag)
1918 1938 usage(pname);
1919 1939 /* one arg means compress/uncompress the file ... */
1920 1940 if (compressflag || uncompressflag) {
1921 1941 if ((filename = realpath(argv[optind],
1922 1942 realfilename)) == NULL)
1923 1943 die("%s", argv[optind]);
1924 1944 /* ... or without options means print the association */
1925 1945 } else {
1926 1946 minor = name_to_minor(argv[optind]);
1927 1947 if (minor != 0)
1928 1948 devicename = argv[optind];
1929 1949 else {
1930 1950 if ((filename = realpath(argv[optind],
1931 1951 realfilename)) == NULL)
1932 1952 die("%s", argv[optind]);
1933 1953 }
1934 1954 }
1935 1955 break;
1936 1956 default:
1937 1957 usage(pname);
1938 1958 break;
1939 1959 }
1940 1960
1941 1961 if (addflag || compressflag || uncompressflag)
1942 1962 check_file_validity(filename);
1943 1963
1944 1964 if (filename && !valid_abspath(filename))
1945 1965 exit(E_ERROR);
1946 1966
1947 1967 /*
1948 1968 * Here, we know the arguments are correct, the filename is an
1949 1969 * absolute path, it exists and is a regular file. We don't yet
1950 1970 * know that the device name is ok or not.
1951 1971 */
1952 1972
1953 1973 openflag = O_EXCL;
1954 1974 if (addflag || deleteflag || compressflag || uncompressflag)
1955 1975 openflag |= O_RDWR;
1956 1976 else
1957 1977 openflag |= O_RDONLY;
1958 1978 lfd = open(lofictl, openflag);
1959 1979 if (lfd == -1) {
1960 1980 if ((errno == EPERM) || (errno == EACCES)) {
1961 1981 die(gettext("you do not have permission to perform "
1962 1982 "that operation.\n"));
1963 1983 } else {
1964 1984 die(gettext("open: %s"), lofictl);
1965 1985 }
1966 1986 /*NOTREACHED*/
1967 1987 }
1968 1988
1969 1989 /*
1970 1990 * No passphrase is needed for ephemeral key, or when key is
1971 1991 * in a file and not wrapped by another key from a token.
1972 1992 * However, a passphrase is needed in these cases:
1973 1993 * 1. cipher with no ephemeral key, key file, or token,
1974 1994 * in which case the passphrase is used to build the key
1975 1995 * 2. token with an optional cipher or optional key file,
1976 1996 * in which case the passphrase unlocks the token
1977 1997 * If only the cipher is specified, reconfirm the passphrase
1978 1998 * to ensure the user hasn't mis-entered it. Otherwise, the
1979 1999 * token will enforce the token passphrase.
1980 2000 */
1981 2001 if (need_crypto) {
1982 2002 CK_SESSION_HANDLE sess;
1983 2003
1984 2004 /* pick a cipher if none specified */
1985 2005 if (cipher == NULL)
1986 2006 cipher = DEFAULT_CIPHER;
1987 2007
1988 2008 if (!kernel_cipher_check(cipher))
1989 2009 die(gettext(
1990 2010 "use \"cryptoadm list -m\" to find available "
1991 2011 "mechanisms\n"));
1992 2012
1993 2013 init_crypto(token, cipher, &sess);
1994 2014
1995 2015 if (cipher_only) {
1996 2016 getkeyfromuser(cipher, &rkey, &rksz);
1997 2017 } else if (token != NULL) {
1998 2018 getkeyfromtoken(sess, token, keyfile, cipher,
1999 2019 &rkey, &rksz);
2000 2020 } else {
2001 2021 /* this also handles ephemeral keys */
|
↓ open down ↓ |
96 lines elided |
↑ open up ↑ |
2002 2022 getkeyfromfile(keyfile, cipher, &rkey, &rksz);
2003 2023 }
2004 2024
2005 2025 end_crypto(sess);
2006 2026 }
2007 2027
2008 2028 /*
2009 2029 * Now to the real work.
2010 2030 */
2011 2031 if (addflag)
2012 - add_mapping(lfd, devicename, filename, cipher, rkey, rksz);
2032 + add_mapping(lfd, devicename, filename, cipher, rkey, rksz,
2033 + rdflag);
2013 2034 else if (compressflag)
2014 2035 lofi_compress(&lfd, filename, compress_index, segsize);
2015 2036 else if (uncompressflag)
2016 2037 lofi_uncompress(lfd, filename);
2017 2038 else if (deleteflag)
2018 2039 delete_mapping(lfd, devicename, filename, force);
2019 2040 else if (filename || devicename)
2020 2041 print_one_mapping(lfd, devicename, filename);
2021 2042 else
2022 2043 print_mappings(lfd);
2023 2044
2024 2045 if (lfd != -1)
2025 2046 (void) close(lfd);
2026 2047 closelib();
2027 2048 return (E_SUCCESS);
2028 2049 }
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX