Print this page
5857 add -o option to lofiadm
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/lofiadm/main.c
+++ new/usr/src/cmd/lofiadm/main.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
|
↓ open down ↓ |
17 lines elided |
↑ open up ↑ |
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 24 * Copyright 2012 Joyent, Inc. All rights reserved.
25 25 *
26 26 * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
27 27 * Copyright (c) 2014 Gary Mills
28 + * Copyright (c) 2016 Andrey Sokolov
28 29 */
29 30
30 31 /*
31 32 * lofiadm - administer lofi(7d). Very simple, add and remove file<->device
32 33 * associations, and display status. All the ioctls are private between
33 34 * lofi and lofiadm, and so are very simple - device information is
34 35 * communicated via a minor number.
35 36 */
36 37
37 38 #include <sys/types.h>
38 39 #include <sys/param.h>
39 40 #include <sys/lofi.h>
40 41 #include <sys/stat.h>
41 42 #include <sys/sysmacros.h>
42 43 #include <netinet/in.h>
43 44 #include <stdio.h>
44 45 #include <fcntl.h>
45 46 #include <locale.h>
46 47 #include <string.h>
47 48 #include <strings.h>
48 49 #include <errno.h>
49 50 #include <stdlib.h>
50 51 #include <unistd.h>
51 52 #include <stropts.h>
52 53 #include <libdevinfo.h>
53 54 #include <libgen.h>
54 55 #include <ctype.h>
55 56 #include <dlfcn.h>
56 57 #include <limits.h>
57 58 #include <security/cryptoki.h>
58 59 #include <cryptoutil.h>
59 60 #include <sys/crypto/ioctl.h>
60 61 #include <sys/crypto/ioctladmin.h>
|
↓ open down ↓ |
23 lines elided |
↑ open up ↑ |
61 62 #include "utils.h"
62 63 #include <LzmaEnc.h>
63 64
64 65 /* Only need the IV len #defines out of these files, nothing else. */
65 66 #include <aes/aes_impl.h>
66 67 #include <des/des_impl.h>
67 68 #include <blowfish/blowfish_impl.h>
68 69
69 70 static const char USAGE[] =
70 71 "Usage: %s [-r] -a file [ device ]\n"
71 - " %s [-r] -c crypto_algorithm -a file [device]\n"
72 + " %s [-r] [-o] -c crypto_algorithm -a file [device]\n"
72 73 " %s [-r] -c crypto_algorithm -k raw_key_file -a file [device]\n"
73 74 " %s [-r] -c crypto_algorithm -T [token]:[manuf]:[serial]:key "
74 75 "-a file [device]\n"
75 76 " %s [-r] -c crypto_algorithm -T [token]:[manuf]:[serial]:key "
76 77 "-k wrapped_key_file -a file [device]\n"
77 78 " %s [-r] -c crypto_algorithm -e -a file [device]\n"
78 79 " %s -d file | device\n"
79 80 " %s -C [gzip|gzip-6|gzip-9|lzma] [-s segment_size] file\n"
80 81 " %s -U file\n"
81 82 " %s [ file | device ]\n";
82 83
83 84 typedef struct token_spec {
84 85 char *name;
85 86 char *mfr;
86 87 char *serno;
87 88 char *key;
88 89 } token_spec_t;
89 90
90 91 typedef struct mech_alias {
91 92 char *alias;
92 93 CK_MECHANISM_TYPE type;
93 94 char *name; /* for ioctl */
94 95 char *iv_name; /* for ioctl */
95 96 size_t iv_len; /* for ioctl */
96 97 iv_method_t iv_type; /* for ioctl */
97 98 size_t min_keysize; /* in bytes */
98 99 size_t max_keysize; /* in bytes */
99 100 token_spec_t *token;
100 101 CK_SLOT_ID slot;
101 102 } mech_alias_t;
102 103
103 104 static mech_alias_t mech_aliases[] = {
104 105 /* Preferred one should always be listed first. */
105 106 { "aes-256-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
106 107 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
107 108 { "aes-192-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
108 109 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
109 110 { "aes-128-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
110 111 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
111 112 { "des3-cbc", CKM_DES3_CBC, "CKM_DES3_CBC", "CKM_DES3_ECB", DES_IV_LEN,
112 113 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 },
113 114 { "blowfish-cbc", CKM_BLOWFISH_CBC, "CKM_BLOWFISH_CBC",
114 115 "CKM_BLOWFISH_ECB", BLOWFISH_IV_LEN, IVM_ENC_BLKNO, ULONG_MAX,
115 116 0L, NULL, (CK_SLOT_ID)-1 }
116 117 /*
117 118 * A cipher without an iv requirement would look like this:
118 119 * { "aes-xex", CKM_AES_XEX, "CKM_AES_XEX", NULL, 0,
119 120 * IVM_NONE, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 }
120 121 */
121 122 };
122 123
123 124 int mech_aliases_count = (sizeof (mech_aliases) / sizeof (mech_alias_t));
124 125
125 126 /* Preferred cipher, if one isn't specified on command line. */
126 127 #define DEFAULT_CIPHER (&mech_aliases[0])
127 128
128 129 #define DEFAULT_CIPHER_NUM 64 /* guess # kernel ciphers available */
129 130 #define DEFAULT_MECHINFO_NUM 16 /* guess # kernel mechs available */
130 131 #define MIN_PASSLEN 8 /* min acceptable passphrase size */
131 132
132 133 static int gzip_compress(void *src, size_t srclen, void *dst,
133 134 size_t *destlen, int level);
134 135 static int lzma_compress(void *src, size_t srclen, void *dst,
135 136 size_t *destlen, int level);
136 137
137 138 lofi_compress_info_t lofi_compress_table[LOFI_COMPRESS_FUNCTIONS] = {
138 139 {NULL, gzip_compress, 6, "gzip"}, /* default */
139 140 {NULL, gzip_compress, 6, "gzip-6"},
140 141 {NULL, gzip_compress, 9, "gzip-9"},
141 142 {NULL, lzma_compress, 0, "lzma"}
142 143 };
143 144
144 145 /* For displaying lofi mappings */
145 146 #define FORMAT "%-20s %-30s %s\n"
146 147
147 148 #define COMPRESS_ALGORITHM "gzip"
148 149 #define COMPRESS_THRESHOLD 2048
149 150 #define SEGSIZE 131072
150 151 #define BLOCK_SIZE 512
151 152 #define KILOBYTE 1024
152 153 #define MEGABYTE (KILOBYTE * KILOBYTE)
153 154 #define GIGABYTE (KILOBYTE * MEGABYTE)
154 155 #define LIBZ "libz.so.1"
155 156
156 157 static void
157 158 usage(const char *pname)
158 159 {
159 160 (void) fprintf(stderr, gettext(USAGE), pname, pname, pname,
160 161 pname, pname, pname, pname, pname, pname, pname);
161 162 exit(E_USAGE);
162 163 }
163 164
164 165 static int
165 166 gzip_compress(void *src, size_t srclen, void *dst, size_t *dstlen, int level)
166 167 {
167 168 static int (*compress2p)(void *, ulong_t *, void *, size_t, int) = NULL;
168 169 void *libz_hdl = NULL;
169 170
170 171 /*
171 172 * The first time we are called, attempt to dlopen()
172 173 * libz.so.1 and get a pointer to the compress2() function
173 174 */
174 175 if (compress2p == NULL) {
175 176 if ((libz_hdl = openlib(LIBZ)) == NULL)
176 177 die(gettext("could not find %s. "
177 178 "gzip compression unavailable\n"), LIBZ);
178 179
179 180 if ((compress2p =
180 181 (int (*)(void *, ulong_t *, void *, size_t, int))
181 182 dlsym(libz_hdl, "compress2")) == NULL) {
182 183 closelib();
183 184 die(gettext("could not find the correct %s. "
184 185 "gzip compression unavailable\n"), LIBZ);
185 186 }
186 187 }
187 188
188 189 if ((*compress2p)(dst, (ulong_t *)dstlen, src, srclen, level) != 0)
189 190 return (-1);
190 191 return (0);
191 192 }
192 193
193 194 /*ARGSUSED*/
194 195 static void
195 196 *SzAlloc(void *p, size_t size)
196 197 {
197 198 return (malloc(size));
198 199 }
199 200
200 201 /*ARGSUSED*/
201 202 static void
202 203 SzFree(void *p, void *address, size_t size)
203 204 {
204 205 free(address);
205 206 }
206 207
207 208 static ISzAlloc g_Alloc = {
|
↓ open down ↓ |
126 lines elided |
↑ open up ↑ |
208 209 SzAlloc,
209 210 SzFree
210 211 };
211 212
212 213 #define LZMA_UNCOMPRESSED_SIZE 8
213 214 #define LZMA_HEADER_SIZE (LZMA_PROPS_SIZE + LZMA_UNCOMPRESSED_SIZE)
214 215
215 216 /*ARGSUSED*/
216 217 static int
217 218 lzma_compress(void *src, size_t srclen, void *dst,
218 - size_t *dstlen, int level)
219 + size_t *dstlen, int level)
219 220 {
220 221 CLzmaEncProps props;
221 222 size_t outsize2;
222 223 size_t outsizeprocessed;
223 224 size_t outpropssize = LZMA_PROPS_SIZE;
224 225 uint64_t t = 0;
225 226 SRes res;
226 227 Byte *dstp;
227 228 int i;
228 229
229 230 outsize2 = *dstlen;
230 231
231 232 LzmaEncProps_Init(&props);
232 233
233 234 /*
234 235 * The LZMA compressed file format is as follows -
235 236 *
236 237 * Offset Size(bytes) Description
237 238 * 0 1 LZMA properties (lc, lp, lp (encoded))
238 239 * 1 4 Dictionary size (little endian)
239 240 * 5 8 Uncompressed size (little endian)
240 241 * 13 Compressed data
241 242 */
242 243
243 244 /* set the dictionary size to be 8MB */
244 245 props.dictSize = 1 << 23;
245 246
246 247 if (*dstlen < LZMA_HEADER_SIZE)
247 248 return (SZ_ERROR_OUTPUT_EOF);
248 249
249 250 dstp = (Byte *)dst;
250 251 t = srclen;
251 252 /*
252 253 * Set the uncompressed size in the LZMA header
253 254 * The LZMA properties (specified in 'props')
254 255 * will be set by the call to LzmaEncode()
255 256 */
256 257 for (i = 0; i < LZMA_UNCOMPRESSED_SIZE; i++, t >>= 8) {
257 258 dstp[LZMA_PROPS_SIZE + i] = (Byte)t;
258 259 }
259 260
260 261 outsizeprocessed = outsize2 - LZMA_HEADER_SIZE;
261 262 res = LzmaEncode(dstp + LZMA_HEADER_SIZE, &outsizeprocessed,
262 263 src, srclen, &props, dstp, &outpropssize, 0, NULL,
263 264 &g_Alloc, &g_Alloc);
264 265
265 266 if (res != 0)
266 267 return (-1);
267 268
268 269 *dstlen = outsizeprocessed + LZMA_HEADER_SIZE;
269 270 return (0);
270 271 }
271 272
272 273 /*
273 274 * Translate a lofi device name to a minor number. We might be asked
274 275 * to do this when there is no association (such as when the user specifies
275 276 * a particular device), so we can only look at the string.
276 277 */
277 278 static int
278 279 name_to_minor(const char *devicename)
279 280 {
280 281 int minor;
281 282
282 283 if (sscanf(devicename, "/dev/" LOFI_BLOCK_NAME "/%d", &minor) == 1) {
283 284 return (minor);
284 285 }
285 286 if (sscanf(devicename, "/dev/" LOFI_CHAR_NAME "/%d", &minor) == 1) {
286 287 return (minor);
287 288 }
288 289 return (0);
289 290 }
290 291
291 292 /*
292 293 * This might be the first time we've used this minor number. If so,
293 294 * it might also be that the /dev links are in the process of being created
294 295 * by devfsadmd (or that they'll be created "soon"). We cannot return
295 296 * until they're there or the invoker of lofiadm might try to use them
296 297 * and not find them. This can happen if a shell script is running on
297 298 * an MP.
298 299 */
299 300 static int sleeptime = 2; /* number of seconds to sleep between stat's */
300 301 static int maxsleep = 120; /* maximum number of seconds to sleep */
301 302
302 303 static void
303 304 wait_until_dev_complete(int minor)
304 305 {
305 306 struct stat64 buf;
306 307 int cursleep;
307 308 char blkpath[MAXPATHLEN];
308 309 char charpath[MAXPATHLEN];
309 310 di_devlink_handle_t hdl;
310 311
311 312 (void) snprintf(blkpath, sizeof (blkpath), "/dev/%s/%d",
312 313 LOFI_BLOCK_NAME, minor);
313 314 (void) snprintf(charpath, sizeof (charpath), "/dev/%s/%d",
314 315 LOFI_CHAR_NAME, minor);
315 316
316 317 /* Check if links already present */
317 318 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0)
318 319 return;
319 320
320 321 /* First use di_devlink_init() */
321 322 if (hdl = di_devlink_init("lofi", DI_MAKE_LINK)) {
322 323 (void) di_devlink_fini(&hdl);
323 324 goto out;
324 325 }
325 326
326 327 /*
327 328 * Under normal conditions, di_devlink_init(DI_MAKE_LINK) above will
328 329 * only fail if the caller is non-root. In that case, wait for
329 330 * link creation via sysevents.
330 331 */
331 332 for (cursleep = 0; cursleep < maxsleep; cursleep += sleeptime) {
332 333 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0)
333 334 return;
334 335 (void) sleep(sleeptime);
335 336 }
336 337
337 338 /* one last try */
338 339 out:
339 340 if (stat64(blkpath, &buf) == -1) {
340 341 die(gettext("%s was not created"), blkpath);
341 342 }
342 343 if (stat64(charpath, &buf) == -1) {
343 344 die(gettext("%s was not created"), charpath);
344 345 }
345 346 }
346 347
347 348 /*
348 349 * Map the file and return the minor number the driver picked for the file
349 350 * DO NOT use this function if the filename is actually the device name.
350 351 */
351 352 static int
352 353 lofi_map_file(int lfd, struct lofi_ioctl li, const char *filename)
353 354 {
354 355 int minor;
355 356
356 357 li.li_minor = 0;
357 358 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
358 359 minor = ioctl(lfd, LOFI_MAP_FILE, &li);
359 360 if (minor == -1) {
360 361 if (errno == ENOTSUP)
361 362 warn(gettext("encrypting compressed files is "
362 363 "unsupported"));
363 364 die(gettext("could not map file %s"), filename);
364 365 }
365 366 wait_until_dev_complete(minor);
366 367 return (minor);
367 368 }
368 369
369 370 /*
370 371 * Add a device association. If devicename is NULL, let the driver
371 372 * pick a device.
372 373 */
373 374 static void
374 375 add_mapping(int lfd, const char *devicename, const char *filename,
375 376 mech_alias_t *cipher, const char *rkey, size_t rksz, boolean_t rdonly)
376 377 {
377 378 struct lofi_ioctl li;
378 379
379 380 li.li_readonly = rdonly;
380 381
381 382 li.li_crypto_enabled = B_FALSE;
382 383 if (cipher != NULL) {
383 384 /* set up encryption for mapped file */
384 385 li.li_crypto_enabled = B_TRUE;
385 386 (void) strlcpy(li.li_cipher, cipher->name,
386 387 sizeof (li.li_cipher));
387 388 if (rksz > sizeof (li.li_key)) {
388 389 die(gettext("key too large"));
389 390 }
390 391 bcopy(rkey, li.li_key, rksz);
391 392 li.li_key_len = rksz << 3; /* convert to bits */
392 393
393 394 li.li_iv_type = cipher->iv_type;
394 395 li.li_iv_len = cipher->iv_len; /* 0 when no iv needed */
395 396 switch (cipher->iv_type) {
396 397 case IVM_ENC_BLKNO:
397 398 (void) strlcpy(li.li_iv_cipher, cipher->iv_name,
398 399 sizeof (li.li_iv_cipher));
399 400 break;
400 401 case IVM_NONE:
401 402 /* FALLTHROUGH */
402 403 default:
403 404 break;
404 405 }
405 406 }
406 407
407 408 if (devicename == NULL) {
408 409 int minor;
409 410
410 411 /* pick one via the driver */
411 412 minor = lofi_map_file(lfd, li, filename);
412 413 /* if mapping succeeds, print the one picked */
413 414 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, minor);
414 415 return;
415 416 }
416 417
417 418 /* use device we were given */
418 419 li.li_minor = name_to_minor(devicename);
419 420 if (li.li_minor == 0) {
420 421 die(gettext("malformed device name %s\n"), devicename);
421 422 }
422 423 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
423 424
424 425 /* if device is already in use li.li_minor won't change */
425 426 if (ioctl(lfd, LOFI_MAP_FILE_MINOR, &li) == -1) {
426 427 if (errno == ENOTSUP)
427 428 warn(gettext("encrypting compressed files is "
428 429 "unsupported"));
429 430 die(gettext("could not map file %s to %s"), filename,
430 431 devicename);
431 432 }
432 433 wait_until_dev_complete(li.li_minor);
433 434 }
434 435
435 436 /*
436 437 * Remove an association. Delete by device name if non-NULL, or by
437 438 * filename otherwise.
438 439 */
439 440 static void
440 441 delete_mapping(int lfd, const char *devicename, const char *filename,
441 442 boolean_t force)
442 443 {
443 444 struct lofi_ioctl li;
444 445
445 446 li.li_force = force;
446 447 li.li_cleanup = B_FALSE;
447 448
448 449 if (devicename == NULL) {
449 450 /* delete by filename */
450 451 (void) strlcpy(li.li_filename, filename,
451 452 sizeof (li.li_filename));
452 453 li.li_minor = 0;
453 454 if (ioctl(lfd, LOFI_UNMAP_FILE, &li) == -1) {
454 455 die(gettext("could not unmap file %s"), filename);
455 456 }
456 457 return;
457 458 }
458 459
459 460 /* delete by device */
460 461 li.li_minor = name_to_minor(devicename);
461 462 if (li.li_minor == 0) {
462 463 die(gettext("malformed device name %s\n"), devicename);
463 464 }
464 465 if (ioctl(lfd, LOFI_UNMAP_FILE_MINOR, &li) == -1) {
465 466 die(gettext("could not unmap device %s"), devicename);
466 467 }
467 468 }
468 469
469 470 /*
470 471 * Show filename given devicename, or devicename given filename.
471 472 */
472 473 static void
473 474 print_one_mapping(int lfd, const char *devicename, const char *filename)
474 475 {
475 476 struct lofi_ioctl li;
476 477
477 478 if (devicename == NULL) {
478 479 /* given filename, print devicename */
479 480 li.li_minor = 0;
480 481 (void) strlcpy(li.li_filename, filename,
481 482 sizeof (li.li_filename));
482 483 if (ioctl(lfd, LOFI_GET_MINOR, &li) == -1) {
483 484 die(gettext("could not find device for %s"), filename);
484 485 }
485 486 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, li.li_minor);
486 487 return;
487 488 }
488 489
489 490 /* given devicename, print filename */
490 491 li.li_minor = name_to_minor(devicename);
491 492 if (li.li_minor == 0) {
492 493 die(gettext("malformed device name %s\n"), devicename);
493 494 }
494 495 if (ioctl(lfd, LOFI_GET_FILENAME, &li) == -1) {
495 496 die(gettext("could not find filename for %s"), devicename);
496 497 }
497 498 (void) printf("%s\n", li.li_filename);
498 499 }
499 500
500 501 /*
501 502 * Print the list of all the mappings, including a header.
502 503 */
503 504 static void
504 505 print_mappings(int fd)
505 506 {
506 507 struct lofi_ioctl li;
507 508 int minor;
508 509 int maxminor;
509 510 char path[MAXPATHLEN];
510 511 char options[MAXPATHLEN] = { 0 };
511 512
512 513 li.li_minor = 0;
513 514 if (ioctl(fd, LOFI_GET_MAXMINOR, &li) == -1) {
514 515 die("ioctl");
515 516 }
516 517 maxminor = li.li_minor;
517 518
518 519 (void) printf(FORMAT, gettext("Block Device"), gettext("File"),
519 520 gettext("Options"));
520 521 for (minor = 1; minor <= maxminor; minor++) {
521 522 li.li_minor = minor;
522 523 if (ioctl(fd, LOFI_GET_FILENAME, &li) == -1) {
523 524 if (errno == ENXIO)
524 525 continue;
525 526 warn("ioctl");
526 527 break;
527 528 }
528 529 (void) snprintf(path, sizeof (path), "/dev/%s/%d",
529 530 LOFI_BLOCK_NAME, minor);
530 531
531 532 options[0] = '\0';
532 533
533 534 /*
534 535 * Encrypted lofi and compressed lofi are mutually exclusive.
535 536 */
536 537 if (li.li_crypto_enabled)
537 538 (void) snprintf(options, sizeof (options),
538 539 gettext("Encrypted"));
539 540 else if (li.li_algorithm[0] != '\0')
540 541 (void) snprintf(options, sizeof (options),
541 542 gettext("Compressed(%s)"), li.li_algorithm);
542 543 if (li.li_readonly) {
543 544 if (strlen(options) != 0) {
544 545 (void) strlcat(options, ",", sizeof (options));
545 546 (void) strlcat(options, "Readonly",
546 547 sizeof (options));
547 548 } else {
548 549 (void) snprintf(options, sizeof (options),
549 550 gettext("Readonly"));
550 551 }
551 552 }
552 553 if (strlen(options) == 0)
553 554 (void) snprintf(options, sizeof (options), "-");
554 555
555 556 (void) printf(FORMAT, path, li.li_filename, options);
556 557 }
557 558 }
558 559
559 560 /*
560 561 * Verify the cipher selected by user.
561 562 */
562 563 static mech_alias_t *
563 564 ciph2mech(const char *alias)
564 565 {
565 566 int i;
566 567
567 568 for (i = 0; i < mech_aliases_count; i++) {
568 569 if (strcasecmp(alias, mech_aliases[i].alias) == 0)
569 570 return (&mech_aliases[i]);
570 571 }
571 572 return (NULL);
572 573 }
573 574
574 575 /*
575 576 * Verify user selected cipher is also available in kernel.
576 577 *
577 578 * While traversing kernel list of mechs, if the cipher is supported in the
578 579 * kernel for both encryption and decryption, it also picks up the min/max
579 580 * key size.
580 581 */
581 582 static boolean_t
582 583 kernel_cipher_check(mech_alias_t *cipher)
583 584 {
584 585 boolean_t ciph_ok = B_FALSE;
585 586 boolean_t iv_ok = B_FALSE;
586 587 int i;
587 588 int count;
588 589 crypto_get_mechanism_list_t *kciphers = NULL;
589 590 crypto_get_all_mechanism_info_t *kinfo = NULL;
590 591 int fd = -1;
591 592 size_t keymin;
592 593 size_t keymax;
593 594
594 595 /* if cipher doesn't need iv generating mech, bypass that check now */
595 596 if (cipher->iv_name == NULL)
596 597 iv_ok = B_TRUE;
597 598
598 599 /* allocate some space for the list of kernel ciphers */
599 600 count = DEFAULT_CIPHER_NUM;
600 601 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) +
601 602 sizeof (crypto_mech_name_t) * (count - 1));
602 603 if (kciphers == NULL)
603 604 die(gettext("failed to allocate memory for list of "
604 605 "kernel mechanisms"));
605 606 kciphers->ml_count = count;
606 607
607 608 /* query crypto device to get list of kernel ciphers */
608 609 if ((fd = open("/dev/crypto", O_RDWR)) == -1) {
609 610 warn(gettext("failed to open %s"), "/dev/crypto");
610 611 goto kcc_out;
611 612 }
612 613
613 614 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) {
614 615 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed"));
615 616 goto kcc_out;
616 617 }
617 618
618 619 if (kciphers->ml_return_value == CRYPTO_BUFFER_TOO_SMALL) {
619 620 count = kciphers->ml_count;
620 621 free(kciphers);
621 622 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) +
622 623 sizeof (crypto_mech_name_t) * (count - 1));
623 624 if (kciphers == NULL) {
624 625 warn(gettext("failed to allocate memory for list of "
625 626 "kernel mechanisms"));
626 627 goto kcc_out;
627 628 }
628 629 kciphers->ml_count = count;
629 630
630 631 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) {
631 632 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed"));
632 633 goto kcc_out;
633 634 }
634 635 }
635 636
636 637 if (kciphers->ml_return_value != CRYPTO_SUCCESS) {
637 638 warn(gettext(
638 639 "CRYPTO_GET_MECHANISM_LIST ioctl return value = %d\n"),
639 640 kciphers->ml_return_value);
640 641 goto kcc_out;
641 642 }
642 643
643 644 /*
644 645 * scan list of kernel ciphers looking for the selected one and if
645 646 * it needs an iv generated using another cipher, also look for that
646 647 * additional cipher to be used for generating the iv
647 648 */
648 649 count = kciphers->ml_count;
649 650 for (i = 0; i < count && !(ciph_ok && iv_ok); i++) {
650 651 if (!ciph_ok &&
651 652 strcasecmp(cipher->name, kciphers->ml_list[i]) == 0)
652 653 ciph_ok = B_TRUE;
653 654 if (!iv_ok &&
654 655 strcasecmp(cipher->iv_name, kciphers->ml_list[i]) == 0)
655 656 iv_ok = B_TRUE;
656 657 }
657 658 free(kciphers);
658 659 kciphers = NULL;
659 660
660 661 if (!ciph_ok)
661 662 warn(gettext("%s mechanism not supported in kernel\n"),
662 663 cipher->name);
663 664 if (!iv_ok)
664 665 warn(gettext("%s mechanism not supported in kernel\n"),
665 666 cipher->iv_name);
666 667
667 668 if (ciph_ok) {
668 669 /* Get the details about the user selected cipher */
669 670 count = DEFAULT_MECHINFO_NUM;
670 671 kinfo = malloc(sizeof (crypto_get_all_mechanism_info_t) +
671 672 sizeof (crypto_mechanism_info_t) * (count - 1));
672 673 if (kinfo == NULL) {
673 674 warn(gettext("failed to allocate memory for "
674 675 "kernel mechanism info"));
675 676 goto kcc_out;
676 677 }
677 678 kinfo->mi_count = count;
678 679 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name,
679 680 CRYPTO_MAX_MECH_NAME);
680 681
681 682 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) == -1) {
682 683 warn(gettext(
683 684 "CRYPTO_GET_ALL_MECHANISM_INFO ioctl failed"));
684 685 goto kcc_out;
685 686 }
686 687
687 688 if (kinfo->mi_return_value == CRYPTO_BUFFER_TOO_SMALL) {
688 689 count = kinfo->mi_count;
689 690 free(kinfo);
690 691 kinfo = malloc(
691 692 sizeof (crypto_get_all_mechanism_info_t) +
692 693 sizeof (crypto_mechanism_info_t) * (count - 1));
693 694 if (kinfo == NULL) {
694 695 warn(gettext("failed to allocate memory for "
695 696 "kernel mechanism info"));
696 697 goto kcc_out;
697 698 }
698 699 kinfo->mi_count = count;
699 700 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name,
700 701 CRYPTO_MAX_MECH_NAME);
701 702
702 703 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) ==
703 704 -1) {
704 705 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO "
705 706 "ioctl failed"));
706 707 goto kcc_out;
707 708 }
708 709 }
709 710
710 711 if (kinfo->mi_return_value != CRYPTO_SUCCESS) {
711 712 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO ioctl "
712 713 "return value = %d\n"), kinfo->mi_return_value);
713 714 goto kcc_out;
714 715 }
715 716
716 717 /* Set key min and max size */
717 718 count = kinfo->mi_count;
718 719 i = 0;
719 720 if (i < count) {
720 721 keymin = kinfo->mi_list[i].mi_min_key_size;
721 722 keymax = kinfo->mi_list[i].mi_max_key_size;
722 723 if (kinfo->mi_list[i].mi_keysize_unit &
723 724 CRYPTO_KEYSIZE_UNIT_IN_BITS) {
724 725 keymin = CRYPTO_BITS2BYTES(keymin);
725 726 keymax = CRYPTO_BITS2BYTES(keymax);
726 727
727 728 }
728 729 cipher->min_keysize = keymin;
729 730 cipher->max_keysize = keymax;
730 731 }
731 732 free(kinfo);
732 733 kinfo = NULL;
733 734
734 735 if (i == count) {
735 736 (void) close(fd);
736 737 die(gettext(
737 738 "failed to find usable %s kernel mechanism, "
738 739 "use \"cryptoadm list -m\" to find available "
739 740 "mechanisms\n"),
740 741 cipher->name);
741 742 }
742 743 }
743 744
744 745 /* Note: key min/max, unit size, usage for iv cipher are not checked. */
745 746
746 747 return (ciph_ok && iv_ok);
747 748
748 749 kcc_out:
749 750 if (kinfo != NULL)
750 751 free(kinfo);
751 752 if (kciphers != NULL)
752 753 free(kciphers);
753 754 if (fd != -1)
754 755 (void) close(fd);
755 756 return (B_FALSE);
756 757 }
757 758
758 759 /*
759 760 * Break up token spec into its components (non-destructive)
760 761 */
761 762 static token_spec_t *
762 763 parsetoken(char *spec)
763 764 {
764 765 #define FLD_NAME 0
765 766 #define FLD_MANUF 1
766 767 #define FLD_SERIAL 2
767 768 #define FLD_LABEL 3
768 769 #define NFIELDS 4
769 770 #define nullfield(i) ((field[(i)+1] - field[(i)]) <= 1)
770 771 #define copyfield(fld, i) \
771 772 { \
772 773 int n; \
773 774 (fld) = NULL; \
774 775 if ((n = (field[(i)+1] - field[(i)])) > 1) { \
775 776 if (((fld) = malloc(n)) != NULL) { \
776 777 (void) strncpy((fld), field[(i)], n); \
777 778 ((fld))[n - 1] = '\0'; \
778 779 } \
779 780 } \
780 781 }
781 782
782 783 int i;
783 784 char *field[NFIELDS + 1]; /* +1 to catch extra delimiters */
784 785 token_spec_t *ti = NULL;
785 786
786 787 if (spec == NULL)
787 788 return (NULL);
788 789
789 790 /*
790 791 * Correct format is "[name]:[manuf]:[serial]:key". Can't use
791 792 * strtok because it treats ":::key" and "key:::" and "key" all
792 793 * as the same thing, and we can't have the :s compressed away.
793 794 */
794 795 field[0] = spec;
795 796 for (i = 1; i < NFIELDS + 1; i++) {
796 797 field[i] = strchr(field[i-1], ':');
797 798 if (field[i] == NULL)
798 799 break;
799 800 field[i]++;
800 801 }
801 802 if (i < NFIELDS) /* not enough fields */
802 803 return (NULL);
803 804 if (field[NFIELDS] != NULL) /* too many fields */
804 805 return (NULL);
805 806 field[NFIELDS] = strchr(field[NFIELDS-1], '\0') + 1;
806 807
807 808 /* key label can't be empty */
808 809 if (nullfield(FLD_LABEL))
809 810 return (NULL);
810 811
811 812 ti = malloc(sizeof (token_spec_t));
812 813 if (ti == NULL)
813 814 return (NULL);
814 815
815 816 copyfield(ti->name, FLD_NAME);
816 817 copyfield(ti->mfr, FLD_MANUF);
817 818 copyfield(ti->serno, FLD_SERIAL);
818 819 copyfield(ti->key, FLD_LABEL);
819 820
820 821 /*
821 822 * If token specified and it only contains a key label, then
822 823 * search all tokens for the key, otherwise only those with
823 824 * matching name, mfr, and serno are used.
824 825 */
825 826 /*
826 827 * That's how we'd like it to be, however, if only the key label
827 828 * is specified, default to using softtoken. It's easier.
|
↓ open down ↓ |
599 lines elided |
↑ open up ↑ |
828 829 */
829 830 if (ti->name == NULL && ti->mfr == NULL && ti->serno == NULL)
830 831 ti->name = strdup(pkcs11_default_token());
831 832 return (ti);
832 833 }
833 834
834 835 /*
835 836 * PBE the passphrase into a raw key
836 837 */
837 838 static void
838 -getkeyfromuser(mech_alias_t *cipher, char **raw_key, size_t *raw_key_sz)
839 +getkeyfromuser(mech_alias_t *cipher, char **raw_key, size_t *raw_key_sz,
840 + boolean_t with_confirmation)
839 841 {
840 842 CK_SESSION_HANDLE sess;
841 843 CK_RV rv;
842 844 char *pass = NULL;
843 845 size_t passlen = 0;
844 846 void *salt = NULL; /* don't use NULL, see note on salt below */
845 847 size_t saltlen = 0;
846 848 CK_KEY_TYPE ktype;
847 849 void *kvalue;
848 850 size_t klen;
849 851
850 852 /* did init_crypto find a slot that supports this cipher? */
851 853 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) {
852 854 rv = CKR_MECHANISM_INVALID;
853 855 goto cleanup;
854 856 }
855 857
856 858 rv = pkcs11_mech2keytype(cipher->type, &ktype);
857 859 if (rv != CKR_OK)
858 860 goto cleanup;
|
↓ open down ↓ |
10 lines elided |
↑ open up ↑ |
859 861
860 862 /*
861 863 * use the passphrase to generate a PBE PKCS#5 secret key and
862 864 * retrieve the raw key data to eventually pass it to the kernel;
863 865 */
864 866 rv = C_OpenSession(cipher->slot, CKF_SERIAL_SESSION, NULL, NULL, &sess);
865 867 if (rv != CKR_OK)
866 868 goto cleanup;
867 869
868 870 /* get user passphrase with 8 byte minimum */
869 - if (pkcs11_get_pass(NULL, &pass, &passlen, MIN_PASSLEN, B_TRUE) < 0) {
871 + if (pkcs11_get_pass(NULL, &pass, &passlen, MIN_PASSLEN,
872 + with_confirmation) < 0) {
870 873 die(gettext("passphrases do not match\n"));
871 874 }
872 875
873 876 /*
874 877 * salt should not be NULL, or else pkcs11_PasswdToKey() will
875 878 * complain about CKR_MECHANISM_PARAM_INVALID; the following is
876 879 * to make up for not having a salt until a proper one is used
877 880 */
878 881 salt = pass;
879 882 saltlen = passlen;
880 883
881 884 klen = cipher->max_keysize;
882 885 rv = pkcs11_PasswdToKey(sess, pass, passlen, salt, saltlen, ktype,
883 886 cipher->max_keysize, &kvalue, &klen);
884 887
885 888 (void) C_CloseSession(sess);
886 889
887 890 if (rv != CKR_OK) {
888 891 goto cleanup;
889 892 }
890 893
891 894 /* assert(klen == cipher->max_keysize); */
892 895 *raw_key_sz = klen;
893 896 *raw_key = (char *)kvalue;
894 897 return;
895 898
896 899 cleanup:
897 900 die(gettext("failed to generate %s key from passphrase: %s"),
898 901 cipher->alias, pkcs11_strerror(rv));
899 902 }
900 903
901 904 /*
902 905 * Read raw key from file; also handles ephemeral keys.
903 906 */
904 907 void
905 908 getkeyfromfile(const char *pathname, mech_alias_t *cipher, char **key,
906 909 size_t *ksz)
907 910 {
908 911 int fd;
909 912 struct stat sbuf;
910 913 boolean_t notplain = B_FALSE;
911 914 ssize_t cursz;
912 915 ssize_t nread;
913 916
914 917 /* ephemeral keys are just random data */
915 918 if (pathname == NULL) {
916 919 *ksz = cipher->max_keysize;
917 920 *key = malloc(*ksz);
918 921 if (*key == NULL)
919 922 die(gettext("failed to allocate memory for"
920 923 " ephemeral key"));
921 924 if (pkcs11_get_urandom(*key, *ksz) < 0) {
922 925 free(*key);
923 926 die(gettext("failed to get enough random data"));
924 927 }
925 928 return;
926 929 }
927 930
928 931 /*
929 932 * If the remaining section of code didn't also check for secure keyfile
930 933 * permissions and whether the key is within cipher min and max lengths,
931 934 * (or, if those things moved out of this block), we could have had:
932 935 * if (pkcs11_read_data(pathname, key, ksz) < 0)
933 936 * handle_error();
934 937 */
935 938
936 939 if ((fd = open(pathname, O_RDONLY, 0)) == -1)
937 940 die(gettext("open of keyfile (%s) failed"), pathname);
938 941
939 942 if (fstat(fd, &sbuf) == -1)
940 943 die(gettext("fstat of keyfile (%s) failed"), pathname);
941 944
942 945 if (S_ISREG(sbuf.st_mode)) {
943 946 if ((sbuf.st_mode & (S_IWGRP | S_IWOTH)) != 0)
944 947 die(gettext("insecure permissions on keyfile %s\n"),
945 948 pathname);
946 949
947 950 *ksz = sbuf.st_size;
948 951 if (*ksz < cipher->min_keysize || cipher->max_keysize < *ksz) {
949 952 warn(gettext("%s: invalid keysize: %d\n"),
950 953 pathname, (int)*ksz);
951 954 die(gettext("\t%d <= keysize <= %d\n"),
952 955 cipher->min_keysize, cipher->max_keysize);
953 956 }
954 957 } else {
955 958 *ksz = cipher->max_keysize;
956 959 notplain = B_TRUE;
957 960 }
958 961
959 962 *key = malloc(*ksz);
960 963 if (*key == NULL)
961 964 die(gettext("failed to allocate memory for key from file"));
962 965
963 966 for (cursz = 0, nread = 0; cursz < *ksz; cursz += nread) {
964 967 nread = read(fd, *key, *ksz);
965 968 if (nread > 0)
966 969 continue;
967 970 /*
968 971 * nread == 0. If it's not a regular file we were trying to
969 972 * get the maximum keysize of data possible for this cipher.
970 973 * But if we've got at least the minimum keysize of data,
971 974 * round down to the nearest keysize unit and call it good.
972 975 * If we haven't met the minimum keysize, that's an error.
973 976 * If it's a regular file, nread = 0 is also an error.
974 977 */
975 978 if (nread == 0 && notplain && cursz >= cipher->min_keysize) {
976 979 *ksz = (cursz / cipher->min_keysize) *
977 980 cipher->min_keysize;
978 981 break;
979 982 }
980 983 die(gettext("%s: can't read all keybytes"), pathname);
981 984 }
982 985 (void) close(fd);
983 986 }
984 987
985 988 /*
986 989 * Read the raw key from token, or from a file that was wrapped with a
987 990 * key from token
988 991 */
989 992 void
990 993 getkeyfromtoken(CK_SESSION_HANDLE sess,
991 994 token_spec_t *token, const char *keyfile, mech_alias_t *cipher,
992 995 char **raw_key, size_t *raw_key_sz)
993 996 {
994 997 CK_RV rv = CKR_OK;
995 998 CK_BBOOL trueval = B_TRUE;
996 999 CK_OBJECT_CLASS kclass; /* secret key or RSA private key */
997 1000 CK_KEY_TYPE ktype; /* from selected cipher or CKK_RSA */
998 1001 CK_KEY_TYPE raw_ktype; /* from selected cipher */
999 1002 CK_ATTRIBUTE key_tmpl[] = {
1000 1003 { CKA_CLASS, NULL, 0 }, /* re-used for token key and unwrap */
1001 1004 { CKA_KEY_TYPE, NULL, 0 }, /* ditto */
1002 1005 { CKA_LABEL, NULL, 0 },
1003 1006 { CKA_TOKEN, NULL, 0 },
1004 1007 { CKA_PRIVATE, NULL, 0 }
1005 1008 };
1006 1009 CK_ULONG attrs = sizeof (key_tmpl) / sizeof (CK_ATTRIBUTE);
1007 1010 int i;
1008 1011 char *pass = NULL;
1009 1012 size_t passlen = 0;
1010 1013 CK_OBJECT_HANDLE obj, rawobj;
1011 1014 CK_ULONG num_objs = 1; /* just want to find 1 token key */
1012 1015 CK_MECHANISM unwrap = { CKM_RSA_PKCS, NULL, 0 };
1013 1016 char *rkey;
1014 1017 size_t rksz;
1015 1018
1016 1019 if (token == NULL || token->key == NULL)
1017 1020 return;
1018 1021
1019 1022 /* did init_crypto find a slot that supports this cipher? */
1020 1023 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) {
1021 1024 die(gettext("failed to find any cryptographic provider, "
1022 1025 "use \"cryptoadm list -p\" to find providers: %s\n"),
1023 1026 pkcs11_strerror(CKR_MECHANISM_INVALID));
1024 1027 }
1025 1028
1026 1029 if (pkcs11_get_pass(token->name, &pass, &passlen, 0, B_FALSE) < 0)
1027 1030 die(gettext("unable to get passphrase"));
1028 1031
1029 1032 /* use passphrase to login to token */
1030 1033 if (pass != NULL && passlen > 0) {
1031 1034 rv = C_Login(sess, CKU_USER, (CK_UTF8CHAR_PTR)pass, passlen);
1032 1035 if (rv != CKR_OK) {
1033 1036 die(gettext("cannot login to the token %s: %s\n"),
1034 1037 token->name, pkcs11_strerror(rv));
1035 1038 }
1036 1039 }
1037 1040
1038 1041 rv = pkcs11_mech2keytype(cipher->type, &raw_ktype);
1039 1042 if (rv != CKR_OK) {
1040 1043 die(gettext("failed to get key type for cipher %s: %s\n"),
1041 1044 cipher->name, pkcs11_strerror(rv));
1042 1045 }
1043 1046
1044 1047 /*
1045 1048 * If no keyfile was given, then the token key is secret key to
1046 1049 * be used for encryption/decryption. Otherwise, the keyfile
1047 1050 * contains a wrapped secret key, and the token is actually the
1048 1051 * unwrapping RSA private key.
1049 1052 */
1050 1053 if (keyfile == NULL) {
1051 1054 kclass = CKO_SECRET_KEY;
1052 1055 ktype = raw_ktype;
1053 1056 } else {
1054 1057 kclass = CKO_PRIVATE_KEY;
1055 1058 ktype = CKK_RSA;
1056 1059 }
1057 1060
1058 1061 /* Find the key in the token first */
1059 1062 for (i = 0; i < attrs; i++) {
1060 1063 switch (key_tmpl[i].type) {
1061 1064 case CKA_CLASS:
1062 1065 key_tmpl[i].pValue = &kclass;
1063 1066 key_tmpl[i].ulValueLen = sizeof (kclass);
1064 1067 break;
1065 1068 case CKA_KEY_TYPE:
1066 1069 key_tmpl[i].pValue = &ktype;
1067 1070 key_tmpl[i].ulValueLen = sizeof (ktype);
1068 1071 break;
1069 1072 case CKA_LABEL:
1070 1073 key_tmpl[i].pValue = token->key;
1071 1074 key_tmpl[i].ulValueLen = strlen(token->key);
1072 1075 break;
1073 1076 case CKA_TOKEN:
1074 1077 key_tmpl[i].pValue = &trueval;
1075 1078 key_tmpl[i].ulValueLen = sizeof (trueval);
1076 1079 break;
1077 1080 case CKA_PRIVATE:
1078 1081 key_tmpl[i].pValue = &trueval;
1079 1082 key_tmpl[i].ulValueLen = sizeof (trueval);
1080 1083 break;
1081 1084 default:
1082 1085 break;
1083 1086 }
1084 1087 }
1085 1088 rv = C_FindObjectsInit(sess, key_tmpl, attrs);
1086 1089 if (rv != CKR_OK)
1087 1090 die(gettext("cannot find key %s: %s\n"), token->key,
1088 1091 pkcs11_strerror(rv));
1089 1092 rv = C_FindObjects(sess, &obj, 1, &num_objs);
1090 1093 (void) C_FindObjectsFinal(sess);
1091 1094
1092 1095 if (num_objs == 0) {
1093 1096 die(gettext("cannot find key %s\n"), token->key);
1094 1097 } else if (rv != CKR_OK) {
1095 1098 die(gettext("cannot find key %s: %s\n"), token->key,
1096 1099 pkcs11_strerror(rv));
1097 1100 }
1098 1101
1099 1102 /*
1100 1103 * No keyfile means when token key is found, convert it to raw key,
1101 1104 * and done. Otherwise still need do an unwrap to create yet another
1102 1105 * obj and that needs to be converted to raw key before we're done.
1103 1106 */
1104 1107 if (keyfile == NULL) {
1105 1108 /* obj contains raw key, extract it */
1106 1109 rv = pkcs11_ObjectToKey(sess, obj, (void **)&rkey, &rksz,
1107 1110 B_FALSE);
1108 1111 if (rv != CKR_OK) {
1109 1112 die(gettext("failed to get key value for %s"
1110 1113 " from token %s, %s\n"), token->key,
1111 1114 token->name, pkcs11_strerror(rv));
1112 1115 }
1113 1116 } else {
1114 1117 getkeyfromfile(keyfile, cipher, &rkey, &rksz);
1115 1118
1116 1119 /*
1117 1120 * Got the wrapping RSA obj and the wrapped key from file.
1118 1121 * Unwrap the key from file with RSA obj to get rawkey obj.
1119 1122 */
1120 1123
1121 1124 /* re-use the first two attributes of key_tmpl */
1122 1125 kclass = CKO_SECRET_KEY;
1123 1126 ktype = raw_ktype;
1124 1127
1125 1128 rv = C_UnwrapKey(sess, &unwrap, obj, (CK_BYTE_PTR)rkey,
1126 1129 rksz, key_tmpl, 2, &rawobj);
1127 1130 if (rv != CKR_OK) {
1128 1131 die(gettext("failed to unwrap key in keyfile %s,"
1129 1132 " %s\n"), keyfile, pkcs11_strerror(rv));
1130 1133 }
1131 1134 /* rawobj contains raw key, extract it */
1132 1135 rv = pkcs11_ObjectToKey(sess, rawobj, (void **)&rkey, &rksz,
1133 1136 B_TRUE);
1134 1137 if (rv != CKR_OK) {
1135 1138 die(gettext("failed to get unwrapped key value for"
1136 1139 " key in keyfile %s, %s\n"), keyfile,
1137 1140 pkcs11_strerror(rv));
1138 1141 }
1139 1142 }
1140 1143
1141 1144 /* validate raw key size */
1142 1145 if (rksz < cipher->min_keysize || cipher->max_keysize < rksz) {
1143 1146 warn(gettext("%s: invalid keysize: %d\n"), keyfile, (int)rksz);
1144 1147 die(gettext("\t%d <= keysize <= %d\n"), cipher->min_keysize,
1145 1148 cipher->max_keysize);
1146 1149 }
1147 1150
1148 1151 *raw_key_sz = rksz;
1149 1152 *raw_key = (char *)rkey;
1150 1153 }
1151 1154
1152 1155 /*
1153 1156 * Set up cipher key limits and verify PKCS#11 can be done
1154 1157 * match_token_cipher is the function pointer used by
1155 1158 * pkcs11_GetCriteriaSession() init_crypto.
1156 1159 */
1157 1160 boolean_t
1158 1161 match_token_cipher(CK_SLOT_ID slot_id, void *args, CK_RV *rv)
1159 1162 {
1160 1163 token_spec_t *token;
1161 1164 mech_alias_t *cipher;
1162 1165 CK_TOKEN_INFO tokinfo;
1163 1166 CK_MECHANISM_INFO mechinfo;
1164 1167 boolean_t token_match;
1165 1168
1166 1169 /*
1167 1170 * While traversing slot list, pick up the following info per slot:
1168 1171 * - if token specified, whether it matches this slot's token info
1169 1172 * - if the slot supports the PKCS#5 PBKD2 cipher
1170 1173 *
1171 1174 * If the user said on the command line
1172 1175 * -T tok:mfr:ser:lab -k keyfile
1173 1176 * -c cipher -T tok:mfr:ser:lab -k keyfile
1174 1177 * the given cipher or the default cipher apply to keyfile,
1175 1178 * If the user said instead
1176 1179 * -T tok:mfr:ser:lab
1177 1180 * -c cipher -T tok:mfr:ser:lab
1178 1181 * the key named "lab" may or may not agree with the given
1179 1182 * cipher or the default cipher. In those cases, cipher will
1180 1183 * be overridden with the actual cipher type of the key "lab".
1181 1184 */
1182 1185 *rv = CKR_FUNCTION_FAILED;
1183 1186
1184 1187 if (args == NULL) {
1185 1188 return (B_FALSE);
1186 1189 }
1187 1190
1188 1191 cipher = (mech_alias_t *)args;
1189 1192 token = cipher->token;
1190 1193
1191 1194 if (C_GetMechanismInfo(slot_id, cipher->type, &mechinfo) != CKR_OK) {
1192 1195 return (B_FALSE);
1193 1196 }
1194 1197
1195 1198 if (token == NULL) {
1196 1199 if (C_GetMechanismInfo(slot_id, CKM_PKCS5_PBKD2, &mechinfo) !=
1197 1200 CKR_OK) {
1198 1201 return (B_FALSE);
1199 1202 }
1200 1203 goto foundit;
1201 1204 }
1202 1205
1203 1206 /* does the token match the token spec? */
1204 1207 if (token->key == NULL || (C_GetTokenInfo(slot_id, &tokinfo) != CKR_OK))
1205 1208 return (B_FALSE);
1206 1209
1207 1210 token_match = B_TRUE;
1208 1211
1209 1212 if (token->name != NULL && (token->name)[0] != '\0' &&
1210 1213 strncmp((char *)token->name, (char *)tokinfo.label,
1211 1214 TOKEN_LABEL_SIZE) != 0)
1212 1215 token_match = B_FALSE;
1213 1216 if (token->mfr != NULL && (token->mfr)[0] != '\0' &&
1214 1217 strncmp((char *)token->mfr, (char *)tokinfo.manufacturerID,
1215 1218 TOKEN_MANUFACTURER_SIZE) != 0)
1216 1219 token_match = B_FALSE;
1217 1220 if (token->serno != NULL && (token->serno)[0] != '\0' &&
1218 1221 strncmp((char *)token->serno, (char *)tokinfo.serialNumber,
1219 1222 TOKEN_SERIAL_SIZE) != 0)
1220 1223 token_match = B_FALSE;
1221 1224
1222 1225 if (!token_match)
1223 1226 return (B_FALSE);
1224 1227
1225 1228 foundit:
1226 1229 cipher->slot = slot_id;
1227 1230 return (B_TRUE);
1228 1231 }
1229 1232
1230 1233 /*
1231 1234 * Clean up crypto loose ends
1232 1235 */
1233 1236 static void
1234 1237 end_crypto(CK_SESSION_HANDLE sess)
1235 1238 {
1236 1239 (void) C_CloseSession(sess);
1237 1240 (void) C_Finalize(NULL);
1238 1241 }
1239 1242
1240 1243 /*
1241 1244 * Set up crypto, opening session on slot that matches token and cipher
1242 1245 */
1243 1246 static void
1244 1247 init_crypto(token_spec_t *token, mech_alias_t *cipher,
1245 1248 CK_SESSION_HANDLE_PTR sess)
1246 1249 {
1247 1250 CK_RV rv;
1248 1251
1249 1252 cipher->token = token;
1250 1253
1251 1254 /* Turn off Metaslot so that we can see actual tokens */
1252 1255 if (setenv("METASLOT_ENABLED", "false", 1) < 0) {
1253 1256 die(gettext("could not disable Metaslot"));
1254 1257 }
1255 1258
1256 1259 rv = pkcs11_GetCriteriaSession(match_token_cipher, (void *)cipher,
1257 1260 sess);
1258 1261 if (rv != CKR_OK) {
1259 1262 end_crypto(*sess);
1260 1263 if (rv == CKR_HOST_MEMORY) {
1261 1264 die("malloc");
1262 1265 }
1263 1266 die(gettext("failed to find any cryptographic provider, "
1264 1267 "use \"cryptoadm list -p\" to find providers: %s\n"),
1265 1268 pkcs11_strerror(rv));
1266 1269 }
1267 1270 }
1268 1271
1269 1272 /*
1270 1273 * Uncompress a file.
1271 1274 *
1272 1275 * First map the file in to establish a device
1273 1276 * association, then read from it. On-the-fly
1274 1277 * decompression will automatically uncompress
1275 1278 * the file if it's compressed
1276 1279 *
1277 1280 * If the file is mapped and a device association
1278 1281 * has been established, disallow uncompressing
1279 1282 * the file until it is unmapped.
1280 1283 */
1281 1284 static void
1282 1285 lofi_uncompress(int lfd, const char *filename)
1283 1286 {
1284 1287 struct lofi_ioctl li;
1285 1288 char buf[MAXBSIZE];
1286 1289 char devicename[32];
1287 1290 char tmpfilename[MAXPATHLEN];
1288 1291 char *x;
1289 1292 char *dir = NULL;
1290 1293 char *file = NULL;
1291 1294 int minor = 0;
1292 1295 struct stat64 statbuf;
1293 1296 int compfd = -1;
1294 1297 int uncompfd = -1;
1295 1298 ssize_t rbytes;
1296 1299
1297 1300 /*
1298 1301 * Disallow uncompressing the file if it is
1299 1302 * already mapped.
1300 1303 */
1301 1304 li.li_crypto_enabled = B_FALSE;
1302 1305 li.li_minor = 0;
1303 1306 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
1304 1307 if (ioctl(lfd, LOFI_GET_MINOR, &li) != -1)
1305 1308 die(gettext("%s must be unmapped before uncompressing"),
1306 1309 filename);
1307 1310
1308 1311 /* Zero length files don't need to be uncompressed */
1309 1312 if (stat64(filename, &statbuf) == -1)
1310 1313 die(gettext("stat: %s"), filename);
1311 1314 if (statbuf.st_size == 0)
1312 1315 return;
1313 1316
1314 1317 minor = lofi_map_file(lfd, li, filename);
1315 1318 (void) snprintf(devicename, sizeof (devicename), "/dev/%s/%d",
1316 1319 LOFI_BLOCK_NAME, minor);
1317 1320
1318 1321 /* If the file isn't compressed, we just return */
1319 1322 if ((ioctl(lfd, LOFI_CHECK_COMPRESSED, &li) == -1) ||
1320 1323 (li.li_algorithm[0] == '\0')) {
1321 1324 delete_mapping(lfd, devicename, filename, B_TRUE);
1322 1325 die("%s is not compressed\n", filename);
1323 1326 }
1324 1327
1325 1328 if ((compfd = open64(devicename, O_RDONLY | O_NONBLOCK)) == -1) {
1326 1329 delete_mapping(lfd, devicename, filename, B_TRUE);
1327 1330 die(gettext("open: %s"), filename);
1328 1331 }
1329 1332 /* Create a temp file in the same directory */
1330 1333 x = strdup(filename);
1331 1334 dir = strdup(dirname(x));
1332 1335 free(x);
1333 1336 x = strdup(filename);
1334 1337 file = strdup(basename(x));
1335 1338 free(x);
1336 1339 (void) snprintf(tmpfilename, sizeof (tmpfilename),
1337 1340 "%s/.%sXXXXXX", dir, file);
1338 1341 free(dir);
1339 1342 free(file);
1340 1343
1341 1344 if ((uncompfd = mkstemp64(tmpfilename)) == -1) {
1342 1345 (void) close(compfd);
1343 1346 delete_mapping(lfd, devicename, filename, B_TRUE);
1344 1347 die("%s could not be uncompressed\n", filename);
1345 1348 }
1346 1349
1347 1350 /*
1348 1351 * Set the mode bits and the owner of this temporary
1349 1352 * file to be that of the original uncompressed file
1350 1353 */
1351 1354 (void) fchmod(uncompfd, statbuf.st_mode);
1352 1355
1353 1356 if (fchown(uncompfd, statbuf.st_uid, statbuf.st_gid) == -1) {
1354 1357 (void) close(compfd);
1355 1358 (void) close(uncompfd);
1356 1359 delete_mapping(lfd, devicename, filename, B_TRUE);
1357 1360 die("%s could not be uncompressed\n", filename);
1358 1361 }
1359 1362
1360 1363 /* Now read from the device in MAXBSIZE-sized chunks */
1361 1364 for (;;) {
1362 1365 rbytes = read(compfd, buf, sizeof (buf));
1363 1366
1364 1367 if (rbytes <= 0)
1365 1368 break;
1366 1369
1367 1370 if (write(uncompfd, buf, rbytes) != rbytes) {
1368 1371 rbytes = -1;
1369 1372 break;
1370 1373 }
1371 1374 }
1372 1375
1373 1376 (void) close(compfd);
1374 1377 (void) close(uncompfd);
1375 1378
1376 1379 /* Delete the mapping */
1377 1380 delete_mapping(lfd, devicename, filename, B_TRUE);
1378 1381
1379 1382 /*
1380 1383 * If an error occured while reading or writing, rbytes will
1381 1384 * be negative
1382 1385 */
1383 1386 if (rbytes < 0) {
1384 1387 (void) unlink(tmpfilename);
1385 1388 die(gettext("could not read from %s"), filename);
1386 1389 }
1387 1390
1388 1391 /* Rename the temp file to the actual file */
1389 1392 if (rename(tmpfilename, filename) == -1)
1390 1393 (void) unlink(tmpfilename);
1391 1394 }
1392 1395
1393 1396 /*
1394 1397 * Compress a file
1395 1398 */
1396 1399 static void
1397 1400 lofi_compress(int *lfd, const char *filename, int compress_index,
1398 1401 uint32_t segsize)
1399 1402 {
1400 1403 struct lofi_ioctl lic;
1401 1404 lofi_compress_info_t *li;
1402 1405 struct flock lock;
1403 1406 char tmpfilename[MAXPATHLEN];
1404 1407 char comp_filename[MAXPATHLEN];
1405 1408 char algorithm[MAXALGLEN];
1406 1409 char *x;
1407 1410 char *dir = NULL, *file = NULL;
1408 1411 uchar_t *uncompressed_seg = NULL;
1409 1412 uchar_t *compressed_seg = NULL;
1410 1413 uint32_t compressed_segsize;
1411 1414 uint32_t len_compressed, count;
1412 1415 uint32_t index_entries, index_sz;
1413 1416 uint64_t *index = NULL;
1414 1417 uint64_t offset;
1415 1418 size_t real_segsize;
1416 1419 struct stat64 statbuf;
1417 1420 int compfd = -1, uncompfd = -1;
1418 1421 int tfd = -1;
1419 1422 ssize_t rbytes, wbytes, lastread;
1420 1423 int i, type;
1421 1424
1422 1425 /*
1423 1426 * Disallow compressing the file if it is
1424 1427 * already mapped
1425 1428 */
1426 1429 lic.li_minor = 0;
1427 1430 (void) strlcpy(lic.li_filename, filename, sizeof (lic.li_filename));
1428 1431 if (ioctl(*lfd, LOFI_GET_MINOR, &lic) != -1)
1429 1432 die(gettext("%s must be unmapped before compressing"),
1430 1433 filename);
1431 1434
1432 1435 /*
1433 1436 * Close the control device so other operations
1434 1437 * can use it
1435 1438 */
1436 1439 (void) close(*lfd);
1437 1440 *lfd = -1;
1438 1441
1439 1442 li = &lofi_compress_table[compress_index];
1440 1443
1441 1444 /*
1442 1445 * The size of the buffer to hold compressed data must
1443 1446 * be slightly larger than the compressed segment size.
1444 1447 *
1445 1448 * The compress functions use part of the buffer as
1446 1449 * scratch space to do calculations.
1447 1450 * Ref: http://www.zlib.net/manual.html#compress2
1448 1451 */
1449 1452 compressed_segsize = segsize + (segsize >> 6);
1450 1453 compressed_seg = (uchar_t *)malloc(compressed_segsize + SEGHDR);
1451 1454 uncompressed_seg = (uchar_t *)malloc(segsize);
1452 1455
1453 1456 if (compressed_seg == NULL || uncompressed_seg == NULL)
1454 1457 die(gettext("No memory"));
1455 1458
1456 1459 if ((uncompfd = open64(filename, O_RDWR|O_LARGEFILE, 0)) == -1)
1457 1460 die(gettext("open: %s"), filename);
1458 1461
1459 1462 lock.l_type = F_WRLCK;
1460 1463 lock.l_whence = SEEK_SET;
1461 1464 lock.l_start = 0;
1462 1465 lock.l_len = 0;
1463 1466
1464 1467 /*
1465 1468 * Use an advisory lock to ensure that only a
1466 1469 * single lofiadm process compresses a given
1467 1470 * file at any given time
1468 1471 *
1469 1472 * A close on the file descriptor automatically
1470 1473 * closes all lock state on the file
1471 1474 */
1472 1475 if (fcntl(uncompfd, F_SETLKW, &lock) == -1)
1473 1476 die(gettext("fcntl: %s"), filename);
1474 1477
1475 1478 if (fstat64(uncompfd, &statbuf) == -1) {
1476 1479 (void) close(uncompfd);
1477 1480 die(gettext("fstat: %s"), filename);
1478 1481 }
1479 1482
1480 1483 /* Zero length files don't need to be compressed */
1481 1484 if (statbuf.st_size == 0) {
1482 1485 (void) close(uncompfd);
1483 1486 return;
1484 1487 }
1485 1488
1486 1489 /*
1487 1490 * Create temporary files in the same directory that
1488 1491 * will hold the intermediate data
1489 1492 */
1490 1493 x = strdup(filename);
1491 1494 dir = strdup(dirname(x));
1492 1495 free(x);
1493 1496 x = strdup(filename);
1494 1497 file = strdup(basename(x));
1495 1498 free(x);
1496 1499 (void) snprintf(tmpfilename, sizeof (tmpfilename),
1497 1500 "%s/.%sXXXXXX", dir, file);
1498 1501 (void) snprintf(comp_filename, sizeof (comp_filename),
1499 1502 "%s/.%sXXXXXX", dir, file);
1500 1503 free(dir);
1501 1504 free(file);
1502 1505
1503 1506 if ((tfd = mkstemp64(tmpfilename)) == -1)
1504 1507 goto cleanup;
1505 1508
1506 1509 if ((compfd = mkstemp64(comp_filename)) == -1)
1507 1510 goto cleanup;
1508 1511
1509 1512 /*
1510 1513 * Set the mode bits and owner of the compressed
1511 1514 * file to be that of the original uncompressed file
1512 1515 */
1513 1516 (void) fchmod(compfd, statbuf.st_mode);
1514 1517
1515 1518 if (fchown(compfd, statbuf.st_uid, statbuf.st_gid) == -1)
1516 1519 goto cleanup;
1517 1520
1518 1521 /*
1519 1522 * Calculate the number of index entries required.
1520 1523 * index entries are stored as an array. adding
1521 1524 * a '2' here accounts for the fact that the last
1522 1525 * segment may not be a multiple of the segment size
1523 1526 */
1524 1527 index_sz = (statbuf.st_size / segsize) + 2;
1525 1528 index = malloc(sizeof (*index) * index_sz);
1526 1529
1527 1530 if (index == NULL)
1528 1531 goto cleanup;
1529 1532
1530 1533 offset = 0;
1531 1534 lastread = segsize;
1532 1535 count = 0;
1533 1536
1534 1537 /*
1535 1538 * Now read from the uncompressed file in 'segsize'
1536 1539 * sized chunks, compress what was read in and
1537 1540 * write it out to a temporary file
1538 1541 */
1539 1542 for (;;) {
1540 1543 rbytes = read(uncompfd, uncompressed_seg, segsize);
1541 1544
1542 1545 if (rbytes <= 0)
1543 1546 break;
1544 1547
1545 1548 if (lastread < segsize)
1546 1549 goto cleanup;
1547 1550
1548 1551 /*
1549 1552 * Account for the first byte that
1550 1553 * indicates whether a segment is
1551 1554 * compressed or not
1552 1555 */
1553 1556 real_segsize = segsize - 1;
1554 1557 (void) li->l_compress(uncompressed_seg, rbytes,
1555 1558 compressed_seg + SEGHDR, &real_segsize, li->l_level);
1556 1559
1557 1560 /*
1558 1561 * If the length of the compressed data is more
1559 1562 * than a threshold then there isn't any benefit
1560 1563 * to be had from compressing this segment - leave
1561 1564 * it uncompressed.
1562 1565 *
1563 1566 * NB. In case an error occurs during compression (above)
1564 1567 * the 'real_segsize' isn't changed. The logic below
1565 1568 * ensures that that segment is left uncompressed.
1566 1569 */
1567 1570 len_compressed = real_segsize;
1568 1571 if (segsize <= COMPRESS_THRESHOLD ||
1569 1572 real_segsize > (segsize - COMPRESS_THRESHOLD)) {
1570 1573 (void) memcpy(compressed_seg + SEGHDR, uncompressed_seg,
1571 1574 rbytes);
1572 1575 type = UNCOMPRESSED;
1573 1576 len_compressed = rbytes;
1574 1577 } else {
1575 1578 type = COMPRESSED;
1576 1579 }
1577 1580
1578 1581 /*
1579 1582 * Set the first byte or the SEGHDR to
1580 1583 * indicate if it's compressed or not
1581 1584 */
1582 1585 *compressed_seg = type;
1583 1586 wbytes = write(tfd, compressed_seg, len_compressed + SEGHDR);
1584 1587 if (wbytes != (len_compressed + SEGHDR)) {
1585 1588 rbytes = -1;
1586 1589 break;
1587 1590 }
1588 1591
1589 1592 index[count] = BE_64(offset);
1590 1593 offset += wbytes;
1591 1594 lastread = rbytes;
1592 1595 count++;
1593 1596 }
1594 1597
1595 1598 (void) close(uncompfd);
1596 1599
1597 1600 if (rbytes < 0)
1598 1601 goto cleanup;
1599 1602 /*
1600 1603 * The last index entry is a sentinel entry. It does not point to
1601 1604 * an actual compressed segment but helps in computing the size of
1602 1605 * the compressed segment. The size of each compressed segment is
1603 1606 * computed by subtracting the current index value from the next
1604 1607 * one (the compressed blocks are stored sequentially)
1605 1608 */
1606 1609 index[count++] = BE_64(offset);
1607 1610
1608 1611 /*
1609 1612 * Now write the compressed data along with the
1610 1613 * header information to this file which will
1611 1614 * later be renamed to the original uncompressed
1612 1615 * file name
1613 1616 *
1614 1617 * The header is as follows -
1615 1618 *
1616 1619 * Signature (name of the compression algorithm)
1617 1620 * Compression segment size (a multiple of 512)
1618 1621 * Number of index entries
1619 1622 * Size of the last block
1620 1623 * The array containing the index entries
1621 1624 *
1622 1625 * the header is always stored in network byte
1623 1626 * order
1624 1627 */
1625 1628 (void) bzero(algorithm, sizeof (algorithm));
1626 1629 (void) strlcpy(algorithm, li->l_name, sizeof (algorithm));
1627 1630 if (write(compfd, algorithm, sizeof (algorithm))
1628 1631 != sizeof (algorithm))
1629 1632 goto cleanup;
1630 1633
1631 1634 segsize = htonl(segsize);
1632 1635 if (write(compfd, &segsize, sizeof (segsize)) != sizeof (segsize))
1633 1636 goto cleanup;
1634 1637
1635 1638 index_entries = htonl(count);
1636 1639 if (write(compfd, &index_entries, sizeof (index_entries)) !=
1637 1640 sizeof (index_entries))
1638 1641 goto cleanup;
1639 1642
1640 1643 lastread = htonl(lastread);
1641 1644 if (write(compfd, &lastread, sizeof (lastread)) != sizeof (lastread))
1642 1645 goto cleanup;
1643 1646
1644 1647 for (i = 0; i < count; i++) {
1645 1648 if (write(compfd, index + i, sizeof (*index)) !=
1646 1649 sizeof (*index))
1647 1650 goto cleanup;
1648 1651 }
1649 1652
1650 1653 /* Header is written, now write the compressed data */
1651 1654 if (lseek(tfd, 0, SEEK_SET) != 0)
1652 1655 goto cleanup;
1653 1656
1654 1657 rbytes = wbytes = 0;
1655 1658
1656 1659 for (;;) {
1657 1660 rbytes = read(tfd, compressed_seg, compressed_segsize + SEGHDR);
1658 1661
1659 1662 if (rbytes <= 0)
1660 1663 break;
1661 1664
1662 1665 if (write(compfd, compressed_seg, rbytes) != rbytes)
1663 1666 goto cleanup;
1664 1667 }
1665 1668
1666 1669 if (fstat64(compfd, &statbuf) == -1)
1667 1670 goto cleanup;
1668 1671
1669 1672 /*
1670 1673 * Round up the compressed file size to be a multiple of
1671 1674 * DEV_BSIZE. lofi(7D) likes it that way.
1672 1675 */
1673 1676 if ((offset = statbuf.st_size % DEV_BSIZE) > 0) {
1674 1677
1675 1678 offset = DEV_BSIZE - offset;
1676 1679
1677 1680 for (i = 0; i < offset; i++)
1678 1681 uncompressed_seg[i] = '\0';
1679 1682 if (write(compfd, uncompressed_seg, offset) != offset)
1680 1683 goto cleanup;
1681 1684 }
1682 1685 (void) close(compfd);
1683 1686 (void) close(tfd);
1684 1687 (void) unlink(tmpfilename);
1685 1688 cleanup:
1686 1689 if (rbytes < 0) {
1687 1690 if (tfd != -1)
1688 1691 (void) unlink(tmpfilename);
1689 1692 if (compfd != -1)
1690 1693 (void) unlink(comp_filename);
1691 1694 die(gettext("error compressing file %s"), filename);
1692 1695 } else {
1693 1696 /* Rename the compressed file to the actual file */
1694 1697 if (rename(comp_filename, filename) == -1) {
1695 1698 (void) unlink(comp_filename);
1696 1699 die(gettext("error compressing file %s"), filename);
1697 1700 }
1698 1701 }
1699 1702 if (compressed_seg != NULL)
1700 1703 free(compressed_seg);
1701 1704 if (uncompressed_seg != NULL)
1702 1705 free(uncompressed_seg);
1703 1706 if (index != NULL)
1704 1707 free(index);
1705 1708 if (compfd != -1)
1706 1709 (void) close(compfd);
1707 1710 if (uncompfd != -1)
1708 1711 (void) close(uncompfd);
1709 1712 if (tfd != -1)
1710 1713 (void) close(tfd);
1711 1714 }
1712 1715
1713 1716 static int
1714 1717 lofi_compress_select(const char *algname)
1715 1718 {
1716 1719 int i;
1717 1720
1718 1721 for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) {
1719 1722 if (strcmp(lofi_compress_table[i].l_name, algname) == 0)
1720 1723 return (i);
1721 1724 }
1722 1725 return (-1);
1723 1726 }
1724 1727
1725 1728 static void
1726 1729 check_algorithm_validity(const char *algname, int *compress_index)
1727 1730 {
1728 1731 *compress_index = lofi_compress_select(algname);
1729 1732 if (*compress_index < 0)
1730 1733 die(gettext("invalid algorithm name: %s\n"), algname);
1731 1734 }
1732 1735
1733 1736 static void
1734 1737 check_file_validity(const char *filename)
1735 1738 {
1736 1739 struct stat64 buf;
1737 1740 int error;
1738 1741 int fd;
1739 1742
1740 1743 fd = open64(filename, O_RDONLY);
1741 1744 if (fd == -1) {
1742 1745 die(gettext("open: %s"), filename);
1743 1746 }
1744 1747 error = fstat64(fd, &buf);
1745 1748 if (error == -1) {
1746 1749 die(gettext("fstat: %s"), filename);
1747 1750 } else if (!S_ISLOFIABLE(buf.st_mode)) {
1748 1751 die(gettext("%s is not a regular file, "
1749 1752 "block, or character device\n"),
1750 1753 filename);
1751 1754 } else if ((buf.st_size % DEV_BSIZE) != 0) {
1752 1755 die(gettext("size of %s is not a multiple of %d\n"),
1753 1756 filename, DEV_BSIZE);
1754 1757 }
1755 1758 (void) close(fd);
1756 1759
1757 1760 if (name_to_minor(filename) != 0) {
1758 1761 die(gettext("cannot use %s on itself\n"), LOFI_DRIVER_NAME);
1759 1762 }
1760 1763 }
1761 1764
1762 1765 static uint32_t
1763 1766 convert_to_num(const char *str)
1764 1767 {
1765 1768 int len;
1766 1769 uint32_t segsize, mult = 1;
1767 1770
1768 1771 len = strlen(str);
1769 1772 if (len && isalpha(str[len - 1])) {
1770 1773 switch (str[len - 1]) {
1771 1774 case 'k':
1772 1775 case 'K':
1773 1776 mult = KILOBYTE;
1774 1777 break;
1775 1778 case 'b':
1776 1779 case 'B':
1777 1780 mult = BLOCK_SIZE;
1778 1781 break;
1779 1782 case 'm':
1780 1783 case 'M':
1781 1784 mult = MEGABYTE;
1782 1785 break;
1783 1786 case 'g':
1784 1787 case 'G':
1785 1788 mult = GIGABYTE;
1786 1789 break;
1787 1790 default:
1788 1791 die(gettext("invalid segment size %s\n"), str);
1789 1792 }
1790 1793 }
1791 1794
1792 1795 segsize = atol(str);
1793 1796 segsize *= mult;
1794 1797
1795 1798 return (segsize);
1796 1799 }
1797 1800
1798 1801 int
1799 1802 main(int argc, char *argv[])
1800 1803 {
1801 1804 int lfd;
1802 1805 int c;
1803 1806 const char *devicename = NULL;
1804 1807 const char *filename = NULL;
1805 1808 const char *algname = COMPRESS_ALGORITHM;
1806 1809 int openflag;
1807 1810 int minor;
1808 1811 int compress_index;
1809 1812 uint32_t segsize = SEGSIZE;
1810 1813 static char *lofictl = "/dev/" LOFI_CTL_NAME;
1811 1814 boolean_t force = B_FALSE;
1812 1815 const char *pname;
|
↓ open down ↓ |
933 lines elided |
↑ open up ↑ |
1813 1816 boolean_t errflag = B_FALSE;
1814 1817 boolean_t addflag = B_FALSE;
1815 1818 boolean_t rdflag = B_FALSE;
1816 1819 boolean_t deleteflag = B_FALSE;
1817 1820 boolean_t ephflag = B_FALSE;
1818 1821 boolean_t compressflag = B_FALSE;
1819 1822 boolean_t uncompressflag = B_FALSE;
1820 1823 /* the next two work together for -c, -k, -T, -e options only */
1821 1824 boolean_t need_crypto = B_FALSE; /* if any -c, -k, -T, -e */
1822 1825 boolean_t cipher_only = B_TRUE; /* if -c only */
1826 + boolean_t with_confirmation = B_TRUE;
1823 1827 const char *keyfile = NULL;
1824 1828 mech_alias_t *cipher = NULL;
1825 1829 token_spec_t *token = NULL;
1826 1830 char *rkey = NULL;
1827 1831 size_t rksz = 0;
1828 1832 char realfilename[MAXPATHLEN];
1829 1833
1830 1834 pname = getpname(argv[0]);
1831 1835
1832 1836 (void) setlocale(LC_ALL, "");
1833 1837 (void) textdomain(TEXT_DOMAIN);
1834 1838
1835 - while ((c = getopt(argc, argv, "a:c:Cd:efk:o:rs:T:U")) != EOF) {
1839 + while ((c = getopt(argc, argv, "a:c:Cd:efk:ors:T:U")) != EOF) {
1836 1840 switch (c) {
1837 1841 case 'a':
1838 1842 addflag = B_TRUE;
1839 1843 if ((filename = realpath(optarg, realfilename)) == NULL)
1840 1844 die("%s", optarg);
1841 1845 if (((argc - optind) > 0) && (*argv[optind] != '-')) {
1842 1846 /* optional device */
1843 1847 devicename = argv[optind];
1844 1848 optind++;
1845 1849 }
1846 1850 break;
1847 1851 case 'C':
1848 1852 compressflag = B_TRUE;
1849 1853 if (((argc - optind) > 1) && (*argv[optind] != '-')) {
1850 1854 /* optional algorithm */
1851 1855 algname = argv[optind];
1852 1856 optind++;
1853 1857 }
1854 1858 check_algorithm_validity(algname, &compress_index);
1855 1859 break;
1856 1860 case 'c':
1857 1861 /* is the chosen cipher allowed? */
1858 1862 if ((cipher = ciph2mech(optarg)) == NULL) {
1859 1863 errflag = B_TRUE;
1860 1864 warn(gettext("cipher %s not allowed\n"),
1861 1865 optarg);
1862 1866 }
1863 1867 need_crypto = B_TRUE;
1864 1868 /* cipher_only is already set */
1865 1869 break;
1866 1870 case 'd':
1867 1871 deleteflag = B_TRUE;
1868 1872 minor = name_to_minor(optarg);
1869 1873 if (minor != 0)
1870 1874 devicename = optarg;
1871 1875 else {
1872 1876 if ((filename = realpath(optarg,
1873 1877 realfilename)) == NULL)
1874 1878 die("%s", optarg);
1875 1879 }
1876 1880 break;
1877 1881 case 'e':
1878 1882 ephflag = B_TRUE;
1879 1883 need_crypto = B_TRUE;
1880 1884 cipher_only = B_FALSE; /* need to unset cipher_only */
1881 1885 break;
1882 1886 case 'f':
1883 1887 force = B_TRUE;
1884 1888 break;
1885 1889 case 'k':
1886 1890 keyfile = optarg;
1887 1891 need_crypto = B_TRUE;
1888 1892 cipher_only = B_FALSE; /* need to unset cipher_only */
1889 1893 break;
1890 1894 case 'r':
1891 1895 rdflag = B_TRUE;
1892 1896 break;
1893 1897 case 's':
1894 1898 segsize = convert_to_num(optarg);
1895 1899 if (segsize < DEV_BSIZE || !ISP2(segsize))
1896 1900 die(gettext("segment size %s is invalid "
1897 1901 "or not a multiple of minimum block "
1898 1902 "size %ld\n"), optarg, DEV_BSIZE);
1899 1903 break;
1900 1904 case 'T':
1901 1905 if ((token = parsetoken(optarg)) == NULL) {
1902 1906 errflag = B_TRUE;
|
↓ open down ↓ |
57 lines elided |
↑ open up ↑ |
1903 1907 warn(
1904 1908 gettext("invalid token key specifier %s\n"),
1905 1909 optarg);
1906 1910 }
1907 1911 need_crypto = B_TRUE;
1908 1912 cipher_only = B_FALSE; /* need to unset cipher_only */
1909 1913 break;
1910 1914 case 'U':
1911 1915 uncompressflag = B_TRUE;
1912 1916 break;
1917 + case 'o':
1918 + with_confirmation = B_FALSE;
1919 + break;
1913 1920 case '?':
1914 1921 default:
1915 1922 errflag = B_TRUE;
1916 1923 break;
1917 1924 }
1918 1925 }
1919 1926
1920 1927 /* Check for mutually exclusive combinations of options */
1921 1928 if (errflag ||
1922 1929 (addflag && deleteflag) ||
1923 1930 (rdflag && !addflag) ||
1924 1931 (!addflag && need_crypto) ||
1932 + (!with_confirmation && (!cipher_only || !need_crypto)) ||
1925 1933 ((compressflag || uncompressflag) && (addflag || deleteflag)))
1926 1934 usage(pname);
1927 1935
1928 1936 /* ephemeral key, and key from either file or token are incompatible */
1929 1937 if (ephflag && (keyfile != NULL || token != NULL)) {
1930 1938 die(gettext("ephemeral key cannot be used with keyfile"
1931 1939 " or token key\n"));
1932 1940 }
1933 1941
1934 1942 /*
1935 1943 * "-c" but no "-k", "-T", "-e", or "-T -k" means derive key from
1936 1944 * command line passphrase
1937 1945 */
1938 1946
1939 1947 switch (argc - optind) {
1940 1948 case 0: /* no more args */
1941 1949 if (compressflag || uncompressflag) /* needs filename */
1942 1950 usage(pname);
1943 1951 break;
1944 1952 case 1:
1945 1953 if (addflag || deleteflag)
1946 1954 usage(pname);
1947 1955 /* one arg means compress/uncompress the file ... */
1948 1956 if (compressflag || uncompressflag) {
1949 1957 if ((filename = realpath(argv[optind],
1950 1958 realfilename)) == NULL)
1951 1959 die("%s", argv[optind]);
1952 1960 /* ... or without options means print the association */
1953 1961 } else {
1954 1962 minor = name_to_minor(argv[optind]);
1955 1963 if (minor != 0)
1956 1964 devicename = argv[optind];
1957 1965 else {
1958 1966 if ((filename = realpath(argv[optind],
1959 1967 realfilename)) == NULL)
1960 1968 die("%s", argv[optind]);
1961 1969 }
1962 1970 }
1963 1971 break;
1964 1972 default:
1965 1973 usage(pname);
1966 1974 break;
1967 1975 }
1968 1976
1969 1977 if (addflag || compressflag || uncompressflag)
1970 1978 check_file_validity(filename);
1971 1979
1972 1980 if (filename && !valid_abspath(filename))
1973 1981 exit(E_ERROR);
1974 1982
1975 1983 /*
1976 1984 * Here, we know the arguments are correct, the filename is an
1977 1985 * absolute path, it exists and is a regular file. We don't yet
1978 1986 * know that the device name is ok or not.
1979 1987 */
1980 1988
1981 1989 openflag = O_EXCL;
1982 1990 if (addflag || deleteflag || compressflag || uncompressflag)
1983 1991 openflag |= O_RDWR;
1984 1992 else
1985 1993 openflag |= O_RDONLY;
1986 1994 lfd = open(lofictl, openflag);
1987 1995 if (lfd == -1) {
1988 1996 if ((errno == EPERM) || (errno == EACCES)) {
1989 1997 die(gettext("you do not have permission to perform "
1990 1998 "that operation.\n"));
1991 1999 } else {
1992 2000 die(gettext("open: %s"), lofictl);
1993 2001 }
1994 2002 /*NOTREACHED*/
1995 2003 }
1996 2004
1997 2005 /*
1998 2006 * No passphrase is needed for ephemeral key, or when key is
1999 2007 * in a file and not wrapped by another key from a token.
2000 2008 * However, a passphrase is needed in these cases:
2001 2009 * 1. cipher with no ephemeral key, key file, or token,
2002 2010 * in which case the passphrase is used to build the key
2003 2011 * 2. token with an optional cipher or optional key file,
2004 2012 * in which case the passphrase unlocks the token
2005 2013 * If only the cipher is specified, reconfirm the passphrase
2006 2014 * to ensure the user hasn't mis-entered it. Otherwise, the
2007 2015 * token will enforce the token passphrase.
2008 2016 */
2009 2017 if (need_crypto) {
2010 2018 CK_SESSION_HANDLE sess;
2011 2019
2012 2020 /* pick a cipher if none specified */
2013 2021 if (cipher == NULL)
|
↓ open down ↓ |
79 lines elided |
↑ open up ↑ |
2014 2022 cipher = DEFAULT_CIPHER;
2015 2023
2016 2024 if (!kernel_cipher_check(cipher))
2017 2025 die(gettext(
2018 2026 "use \"cryptoadm list -m\" to find available "
2019 2027 "mechanisms\n"));
2020 2028
2021 2029 init_crypto(token, cipher, &sess);
2022 2030
2023 2031 if (cipher_only) {
2024 - getkeyfromuser(cipher, &rkey, &rksz);
2032 + getkeyfromuser(cipher, &rkey, &rksz, with_confirmation);
2025 2033 } else if (token != NULL) {
2026 2034 getkeyfromtoken(sess, token, keyfile, cipher,
2027 2035 &rkey, &rksz);
2028 2036 } else {
2029 2037 /* this also handles ephemeral keys */
2030 2038 getkeyfromfile(keyfile, cipher, &rkey, &rksz);
2031 2039 }
2032 2040
2033 2041 end_crypto(sess);
2034 2042 }
2035 2043
2036 2044 /*
2037 2045 * Now to the real work.
2038 2046 */
2039 2047 if (addflag)
2040 2048 add_mapping(lfd, devicename, filename, cipher, rkey, rksz,
2041 2049 rdflag);
2042 2050 else if (compressflag)
2043 2051 lofi_compress(&lfd, filename, compress_index, segsize);
2044 2052 else if (uncompressflag)
2045 2053 lofi_uncompress(lfd, filename);
2046 2054 else if (deleteflag)
2047 2055 delete_mapping(lfd, devicename, filename, force);
2048 2056 else if (filename || devicename)
2049 2057 print_one_mapping(lfd, devicename, filename);
2050 2058 else
2051 2059 print_mappings(lfd);
2052 2060
2053 2061 if (lfd != -1)
2054 2062 (void) close(lfd);
2055 2063 closelib();
2056 2064 return (E_SUCCESS);
2057 2065 }
|
↓ open down ↓ |
23 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX