1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright 2012 Joyent, Inc. All rights reserved.
25 *
26 * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
27 */
28
29 /*
30 * lofiadm - administer lofi(7d). Very simple, add and remove file<->device
31 * associations, and display status. All the ioctls are private between
32 * lofi and lofiadm, and so are very simple - device information is
33 * communicated via a minor number.
34 */
35
36 #include <sys/types.h>
37 #include <sys/param.h>
38 #include <sys/lofi.h>
39 #include <sys/stat.h>
40 #include <sys/sysmacros.h>
41 #include <netinet/in.h>
42 #include <stdio.h>
43 #include <fcntl.h>
44 #include <locale.h>
45 #include <string.h>
46 #include <strings.h>
47 #include <errno.h>
48 #include <stdlib.h>
49 #include <unistd.h>
50 #include <stropts.h>
51 #include <libdevinfo.h>
52 #include <libgen.h>
53 #include <ctype.h>
54 #include <dlfcn.h>
55 #include <limits.h>
56 #include <security/cryptoki.h>
57 #include <cryptoutil.h>
58 #include <sys/crypto/ioctl.h>
59 #include <sys/crypto/ioctladmin.h>
60 #include "utils.h"
61 #include <LzmaEnc.h>
62
63 /* Only need the IV len #defines out of these files, nothing else. */
64 #include <aes/aes_impl.h>
65 #include <des/des_impl.h>
66 #include <blowfish/blowfish_impl.h>
67
68 static const char USAGE[] =
69 "Usage: %s [-r] -a file [ device ]\n"
70 " %s [-r] -c crypto_algorithm -a file [device]\n"
71 " %s [-r] -c crypto_algorithm -k raw_key_file -a file [device]\n"
72 " %s [-r] -c crypto_algorithm -T [token]:[manuf]:[serial]:key "
73 "-a file [device]\n"
74 " %s [-r] -c crypto_algorithm -T [token]:[manuf]:[serial]:key "
75 "-k wrapped_key_file -a file [device]\n"
76 " %s [-r] -c crypto_algorithm -e -a file [device]\n"
77 " %s -d file | device\n"
78 " %s -C [gzip|gzip-6|gzip-9|lzma] [-s segment_size] file\n"
79 " %s -U file\n"
80 " %s [ file | device ]\n";
81
82 typedef struct token_spec {
83 char *name;
84 char *mfr;
85 char *serno;
86 char *key;
87 } token_spec_t;
88
89 typedef struct mech_alias {
90 char *alias;
91 CK_MECHANISM_TYPE type;
92 char *name; /* for ioctl */
93 char *iv_name; /* for ioctl */
94 size_t iv_len; /* for ioctl */
95 iv_method_t iv_type; /* for ioctl */
96 size_t min_keysize; /* in bytes */
97 size_t max_keysize; /* in bytes */
98 token_spec_t *token;
99 CK_SLOT_ID slot;
100 } mech_alias_t;
101
102 static mech_alias_t mech_aliases[] = {
103 /* Preferred one should always be listed first. */
104 { "aes-256-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
105 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
106 { "aes-192-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
107 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
108 { "aes-128-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN,
109 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 },
110 { "des3-cbc", CKM_DES3_CBC, "CKM_DES3_CBC", "CKM_DES3_ECB", DES_IV_LEN,
111 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 },
112 { "blowfish-cbc", CKM_BLOWFISH_CBC, "CKM_BLOWFISH_CBC",
113 "CKM_BLOWFISH_ECB", BLOWFISH_IV_LEN, IVM_ENC_BLKNO, ULONG_MAX,
114 0L, NULL, (CK_SLOT_ID)-1 }
115 /*
116 * A cipher without an iv requirement would look like this:
117 * { "aes-xex", CKM_AES_XEX, "CKM_AES_XEX", NULL, 0,
118 * IVM_NONE, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 }
119 */
120 };
121
122 int mech_aliases_count = (sizeof (mech_aliases) / sizeof (mech_alias_t));
123
124 /* Preferred cipher, if one isn't specified on command line. */
125 #define DEFAULT_CIPHER (&mech_aliases[0])
126
127 #define DEFAULT_CIPHER_NUM 64 /* guess # kernel ciphers available */
128 #define DEFAULT_MECHINFO_NUM 16 /* guess # kernel mechs available */
129 #define MIN_PASSLEN 8 /* min acceptable passphrase size */
130
131 static int gzip_compress(void *src, size_t srclen, void *dst,
132 size_t *destlen, int level);
133 static int lzma_compress(void *src, size_t srclen, void *dst,
134 size_t *destlen, int level);
135
136 lofi_compress_info_t lofi_compress_table[LOFI_COMPRESS_FUNCTIONS] = {
137 {NULL, gzip_compress, 6, "gzip"}, /* default */
138 {NULL, gzip_compress, 6, "gzip-6"},
139 {NULL, gzip_compress, 9, "gzip-9"},
140 {NULL, lzma_compress, 0, "lzma"}
141 };
142
143 /* For displaying lofi mappings */
144 #define FORMAT "%-20s %-30s %s\n"
145
146 #define COMPRESS_ALGORITHM "gzip"
147 #define COMPRESS_THRESHOLD 2048
148 #define SEGSIZE 131072
149 #define BLOCK_SIZE 512
150 #define KILOBYTE 1024
151 #define MEGABYTE (KILOBYTE * KILOBYTE)
152 #define GIGABYTE (KILOBYTE * MEGABYTE)
153 #define LIBZ "libz.so"
154
155 static void
156 usage(const char *pname)
157 {
158 (void) fprintf(stderr, gettext(USAGE), pname, pname, pname,
159 pname, pname, pname, pname, pname, pname, pname);
160 exit(E_USAGE);
161 }
162
163 static int
164 gzip_compress(void *src, size_t srclen, void *dst, size_t *dstlen, int level)
165 {
166 static int (*compress2p)(void *, ulong_t *, void *, size_t, int) = NULL;
167 void *libz_hdl = NULL;
168
169 /*
170 * The first time we are called, attempt to dlopen()
171 * libz.so and get a pointer to the compress2() function
172 */
173 if (compress2p == NULL) {
174 if ((libz_hdl = openlib(LIBZ)) == NULL)
175 die(gettext("could not find %s. "
176 "gzip compression unavailable\n"), LIBZ);
177
178 if ((compress2p =
179 (int (*)(void *, ulong_t *, void *, size_t, int))
180 dlsym(libz_hdl, "compress2")) == NULL) {
181 closelib();
182 die(gettext("could not find the correct %s. "
183 "gzip compression unavailable\n"), LIBZ);
184 }
185 }
186
187 if ((*compress2p)(dst, (ulong_t *)dstlen, src, srclen, level) != 0)
188 return (-1);
189 return (0);
190 }
191
192 /*ARGSUSED*/
193 static void
194 *SzAlloc(void *p, size_t size)
195 {
196 return (malloc(size));
197 }
198
199 /*ARGSUSED*/
200 static void
201 SzFree(void *p, void *address, size_t size)
202 {
203 free(address);
204 }
205
206 static ISzAlloc g_Alloc = {
207 SzAlloc,
208 SzFree
209 };
210
211 #define LZMA_UNCOMPRESSED_SIZE 8
212 #define LZMA_HEADER_SIZE (LZMA_PROPS_SIZE + LZMA_UNCOMPRESSED_SIZE)
213
214 /*ARGSUSED*/
215 static int
216 lzma_compress(void *src, size_t srclen, void *dst,
217 size_t *dstlen, int level)
218 {
219 CLzmaEncProps props;
220 size_t outsize2;
221 size_t outsizeprocessed;
222 size_t outpropssize = LZMA_PROPS_SIZE;
223 uint64_t t = 0;
224 SRes res;
225 Byte *dstp;
226 int i;
227
228 outsize2 = *dstlen;
229
230 LzmaEncProps_Init(&props);
231
232 /*
233 * The LZMA compressed file format is as follows -
234 *
235 * Offset Size(bytes) Description
236 * 0 1 LZMA properties (lc, lp, lp (encoded))
237 * 1 4 Dictionary size (little endian)
238 * 5 8 Uncompressed size (little endian)
239 * 13 Compressed data
240 */
241
242 /* set the dictionary size to be 8MB */
243 props.dictSize = 1 << 23;
244
245 if (*dstlen < LZMA_HEADER_SIZE)
246 return (SZ_ERROR_OUTPUT_EOF);
247
248 dstp = (Byte *)dst;
249 t = srclen;
250 /*
251 * Set the uncompressed size in the LZMA header
252 * The LZMA properties (specified in 'props')
253 * will be set by the call to LzmaEncode()
254 */
255 for (i = 0; i < LZMA_UNCOMPRESSED_SIZE; i++, t >>= 8) {
256 dstp[LZMA_PROPS_SIZE + i] = (Byte)t;
257 }
258
259 outsizeprocessed = outsize2 - LZMA_HEADER_SIZE;
260 res = LzmaEncode(dstp + LZMA_HEADER_SIZE, &outsizeprocessed,
261 src, srclen, &props, dstp, &outpropssize, 0, NULL,
262 &g_Alloc, &g_Alloc);
263
264 if (res != 0)
265 return (-1);
266
267 *dstlen = outsizeprocessed + LZMA_HEADER_SIZE;
268 return (0);
269 }
270
271 /*
272 * Translate a lofi device name to a minor number. We might be asked
273 * to do this when there is no association (such as when the user specifies
274 * a particular device), so we can only look at the string.
275 */
276 static int
277 name_to_minor(const char *devicename)
278 {
279 int minor;
280
281 if (sscanf(devicename, "/dev/" LOFI_BLOCK_NAME "/%d", &minor) == 1) {
282 return (minor);
283 }
284 if (sscanf(devicename, "/dev/" LOFI_CHAR_NAME "/%d", &minor) == 1) {
285 return (minor);
286 }
287 return (0);
288 }
289
290 /*
291 * This might be the first time we've used this minor number. If so,
292 * it might also be that the /dev links are in the process of being created
293 * by devfsadmd (or that they'll be created "soon"). We cannot return
294 * until they're there or the invoker of lofiadm might try to use them
295 * and not find them. This can happen if a shell script is running on
296 * an MP.
297 */
298 static int sleeptime = 2; /* number of seconds to sleep between stat's */
299 static int maxsleep = 120; /* maximum number of seconds to sleep */
300
301 static void
302 wait_until_dev_complete(int minor)
303 {
304 struct stat64 buf;
305 int cursleep;
306 char blkpath[MAXPATHLEN];
307 char charpath[MAXPATHLEN];
308 di_devlink_handle_t hdl;
309
310 (void) snprintf(blkpath, sizeof (blkpath), "/dev/%s/%d",
311 LOFI_BLOCK_NAME, minor);
312 (void) snprintf(charpath, sizeof (charpath), "/dev/%s/%d",
313 LOFI_CHAR_NAME, minor);
314
315 /* Check if links already present */
316 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0)
317 return;
318
319 /* First use di_devlink_init() */
320 if (hdl = di_devlink_init("lofi", DI_MAKE_LINK)) {
321 (void) di_devlink_fini(&hdl);
322 goto out;
323 }
324
325 /*
326 * Under normal conditions, di_devlink_init(DI_MAKE_LINK) above will
327 * only fail if the caller is non-root. In that case, wait for
328 * link creation via sysevents.
329 */
330 for (cursleep = 0; cursleep < maxsleep; cursleep += sleeptime) {
331 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0)
332 return;
333 (void) sleep(sleeptime);
334 }
335
336 /* one last try */
337 out:
338 if (stat64(blkpath, &buf) == -1) {
339 die(gettext("%s was not created"), blkpath);
340 }
341 if (stat64(charpath, &buf) == -1) {
342 die(gettext("%s was not created"), charpath);
343 }
344 }
345
346 /*
347 * Map the file and return the minor number the driver picked for the file
348 * DO NOT use this function if the filename is actually the device name.
349 */
350 static int
351 lofi_map_file(int lfd, struct lofi_ioctl li, const char *filename)
352 {
353 int minor;
354
355 li.li_minor = 0;
356 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
357 minor = ioctl(lfd, LOFI_MAP_FILE, &li);
358 if (minor == -1) {
359 if (errno == ENOTSUP)
360 warn(gettext("encrypting compressed files is "
361 "unsupported"));
362 die(gettext("could not map file %s"), filename);
363 }
364 wait_until_dev_complete(minor);
365 return (minor);
366 }
367
368 /*
369 * Add a device association. If devicename is NULL, let the driver
370 * pick a device.
371 */
372 static void
373 add_mapping(int lfd, const char *devicename, const char *filename,
374 mech_alias_t *cipher, const char *rkey, size_t rksz, boolean_t rdonly)
375 {
376 struct lofi_ioctl li;
377
378 li.li_readonly = rdonly;
379
380 li.li_crypto_enabled = B_FALSE;
381 if (cipher != NULL) {
382 /* set up encryption for mapped file */
383 li.li_crypto_enabled = B_TRUE;
384 (void) strlcpy(li.li_cipher, cipher->name,
385 sizeof (li.li_cipher));
386 if (rksz > sizeof (li.li_key)) {
387 die(gettext("key too large"));
388 }
389 bcopy(rkey, li.li_key, rksz);
390 li.li_key_len = rksz << 3; /* convert to bits */
391
392 li.li_iv_type = cipher->iv_type;
393 li.li_iv_len = cipher->iv_len; /* 0 when no iv needed */
394 switch (cipher->iv_type) {
395 case IVM_ENC_BLKNO:
396 (void) strlcpy(li.li_iv_cipher, cipher->iv_name,
397 sizeof (li.li_iv_cipher));
398 break;
399 case IVM_NONE:
400 /* FALLTHROUGH */
401 default:
402 break;
403 }
404 }
405
406 if (devicename == NULL) {
407 int minor;
408
409 /* pick one via the driver */
410 minor = lofi_map_file(lfd, li, filename);
411 /* if mapping succeeds, print the one picked */
412 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, minor);
413 return;
414 }
415
416 /* use device we were given */
417 li.li_minor = name_to_minor(devicename);
418 if (li.li_minor == 0) {
419 die(gettext("malformed device name %s\n"), devicename);
420 }
421 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
422
423 /* if device is already in use li.li_minor won't change */
424 if (ioctl(lfd, LOFI_MAP_FILE_MINOR, &li) == -1) {
425 if (errno == ENOTSUP)
426 warn(gettext("encrypting compressed files is "
427 "unsupported"));
428 die(gettext("could not map file %s to %s"), filename,
429 devicename);
430 }
431 wait_until_dev_complete(li.li_minor);
432 }
433
434 /*
435 * Remove an association. Delete by device name if non-NULL, or by
436 * filename otherwise.
437 */
438 static void
439 delete_mapping(int lfd, const char *devicename, const char *filename,
440 boolean_t force)
441 {
442 struct lofi_ioctl li;
443
444 li.li_force = force;
445 li.li_cleanup = B_FALSE;
446
447 if (devicename == NULL) {
448 /* delete by filename */
449 (void) strlcpy(li.li_filename, filename,
450 sizeof (li.li_filename));
451 li.li_minor = 0;
452 if (ioctl(lfd, LOFI_UNMAP_FILE, &li) == -1) {
453 die(gettext("could not unmap file %s"), filename);
454 }
455 return;
456 }
457
458 /* delete by device */
459 li.li_minor = name_to_minor(devicename);
460 if (li.li_minor == 0) {
461 die(gettext("malformed device name %s\n"), devicename);
462 }
463 if (ioctl(lfd, LOFI_UNMAP_FILE_MINOR, &li) == -1) {
464 die(gettext("could not unmap device %s"), devicename);
465 }
466 }
467
468 /*
469 * Show filename given devicename, or devicename given filename.
470 */
471 static void
472 print_one_mapping(int lfd, const char *devicename, const char *filename)
473 {
474 struct lofi_ioctl li;
475
476 if (devicename == NULL) {
477 /* given filename, print devicename */
478 li.li_minor = 0;
479 (void) strlcpy(li.li_filename, filename,
480 sizeof (li.li_filename));
481 if (ioctl(lfd, LOFI_GET_MINOR, &li) == -1) {
482 die(gettext("could not find device for %s"), filename);
483 }
484 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, li.li_minor);
485 return;
486 }
487
488 /* given devicename, print filename */
489 li.li_minor = name_to_minor(devicename);
490 if (li.li_minor == 0) {
491 die(gettext("malformed device name %s\n"), devicename);
492 }
493 if (ioctl(lfd, LOFI_GET_FILENAME, &li) == -1) {
494 die(gettext("could not find filename for %s"), devicename);
495 }
496 (void) printf("%s\n", li.li_filename);
497 }
498
499 /*
500 * Print the list of all the mappings, including a header.
501 */
502 static void
503 print_mappings(int fd)
504 {
505 struct lofi_ioctl li;
506 int minor;
507 int maxminor;
508 char path[MAXPATHLEN];
509 char options[MAXPATHLEN] = { 0 };
510
511 li.li_minor = 0;
512 if (ioctl(fd, LOFI_GET_MAXMINOR, &li) == -1) {
513 die("ioctl");
514 }
515 maxminor = li.li_minor;
516
517 (void) printf(FORMAT, gettext("Block Device"), gettext("File"),
518 gettext("Options"));
519 for (minor = 1; minor <= maxminor; minor++) {
520 li.li_minor = minor;
521 if (ioctl(fd, LOFI_GET_FILENAME, &li) == -1) {
522 if (errno == ENXIO)
523 continue;
524 warn("ioctl");
525 break;
526 }
527 (void) snprintf(path, sizeof (path), "/dev/%s/%d",
528 LOFI_BLOCK_NAME, minor);
529
530 options[0] = '\0';
531
532 /*
533 * Encrypted lofi and compressed lofi are mutually exclusive.
534 */
535 if (li.li_crypto_enabled)
536 (void) snprintf(options, sizeof (options),
537 gettext("Encrypted"));
538 else if (li.li_algorithm[0] != '\0')
539 (void) snprintf(options, sizeof (options),
540 gettext("Compressed(%s)"), li.li_algorithm);
541 if (li.li_readonly) {
542 if (strlen(options) != 0) {
543 (void) strlcat(options, ",", sizeof (options));
544 (void) strlcat(options, "Readonly",
545 sizeof (options));
546 } else {
547 (void) snprintf(options, sizeof (options),
548 gettext("Readonly"));
549 }
550 }
551 if (strlen(options) == 0)
552 (void) snprintf(options, sizeof (options), "-");
553
554 (void) printf(FORMAT, path, li.li_filename, options);
555 }
556 }
557
558 /*
559 * Verify the cipher selected by user.
560 */
561 static mech_alias_t *
562 ciph2mech(const char *alias)
563 {
564 int i;
565
566 for (i = 0; i < mech_aliases_count; i++) {
567 if (strcasecmp(alias, mech_aliases[i].alias) == 0)
568 return (&mech_aliases[i]);
569 }
570 return (NULL);
571 }
572
573 /*
574 * Verify user selected cipher is also available in kernel.
575 *
576 * While traversing kernel list of mechs, if the cipher is supported in the
577 * kernel for both encryption and decryption, it also picks up the min/max
578 * key size.
579 */
580 static boolean_t
581 kernel_cipher_check(mech_alias_t *cipher)
582 {
583 boolean_t ciph_ok = B_FALSE;
584 boolean_t iv_ok = B_FALSE;
585 int i;
586 int count;
587 crypto_get_mechanism_list_t *kciphers = NULL;
588 crypto_get_all_mechanism_info_t *kinfo = NULL;
589 int fd = -1;
590 size_t keymin;
591 size_t keymax;
592
593 /* if cipher doesn't need iv generating mech, bypass that check now */
594 if (cipher->iv_name == NULL)
595 iv_ok = B_TRUE;
596
597 /* allocate some space for the list of kernel ciphers */
598 count = DEFAULT_CIPHER_NUM;
599 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) +
600 sizeof (crypto_mech_name_t) * (count - 1));
601 if (kciphers == NULL)
602 die(gettext("failed to allocate memory for list of "
603 "kernel mechanisms"));
604 kciphers->ml_count = count;
605
606 /* query crypto device to get list of kernel ciphers */
607 if ((fd = open("/dev/crypto", O_RDWR)) == -1) {
608 warn(gettext("failed to open %s"), "/dev/crypto");
609 goto kcc_out;
610 }
611
612 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) {
613 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed"));
614 goto kcc_out;
615 }
616
617 if (kciphers->ml_return_value == CRYPTO_BUFFER_TOO_SMALL) {
618 count = kciphers->ml_count;
619 free(kciphers);
620 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) +
621 sizeof (crypto_mech_name_t) * (count - 1));
622 if (kciphers == NULL) {
623 warn(gettext("failed to allocate memory for list of "
624 "kernel mechanisms"));
625 goto kcc_out;
626 }
627 kciphers->ml_count = count;
628
629 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) {
630 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed"));
631 goto kcc_out;
632 }
633 }
634
635 if (kciphers->ml_return_value != CRYPTO_SUCCESS) {
636 warn(gettext(
637 "CRYPTO_GET_MECHANISM_LIST ioctl return value = %d\n"),
638 kciphers->ml_return_value);
639 goto kcc_out;
640 }
641
642 /*
643 * scan list of kernel ciphers looking for the selected one and if
644 * it needs an iv generated using another cipher, also look for that
645 * additional cipher to be used for generating the iv
646 */
647 count = kciphers->ml_count;
648 for (i = 0; i < count && !(ciph_ok && iv_ok); i++) {
649 if (!ciph_ok &&
650 strcasecmp(cipher->name, kciphers->ml_list[i]) == 0)
651 ciph_ok = B_TRUE;
652 if (!iv_ok &&
653 strcasecmp(cipher->iv_name, kciphers->ml_list[i]) == 0)
654 iv_ok = B_TRUE;
655 }
656 free(kciphers);
657 kciphers = NULL;
658
659 if (!ciph_ok)
660 warn(gettext("%s mechanism not supported in kernel\n"),
661 cipher->name);
662 if (!iv_ok)
663 warn(gettext("%s mechanism not supported in kernel\n"),
664 cipher->iv_name);
665
666 if (ciph_ok) {
667 /* Get the details about the user selected cipher */
668 count = DEFAULT_MECHINFO_NUM;
669 kinfo = malloc(sizeof (crypto_get_all_mechanism_info_t) +
670 sizeof (crypto_mechanism_info_t) * (count - 1));
671 if (kinfo == NULL) {
672 warn(gettext("failed to allocate memory for "
673 "kernel mechanism info"));
674 goto kcc_out;
675 }
676 kinfo->mi_count = count;
677 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name,
678 CRYPTO_MAX_MECH_NAME);
679
680 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) == -1) {
681 warn(gettext(
682 "CRYPTO_GET_ALL_MECHANISM_INFO ioctl failed"));
683 goto kcc_out;
684 }
685
686 if (kinfo->mi_return_value == CRYPTO_BUFFER_TOO_SMALL) {
687 count = kinfo->mi_count;
688 free(kinfo);
689 kinfo = malloc(
690 sizeof (crypto_get_all_mechanism_info_t) +
691 sizeof (crypto_mechanism_info_t) * (count - 1));
692 if (kinfo == NULL) {
693 warn(gettext("failed to allocate memory for "
694 "kernel mechanism info"));
695 goto kcc_out;
696 }
697 kinfo->mi_count = count;
698 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name,
699 CRYPTO_MAX_MECH_NAME);
700
701 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) ==
702 -1) {
703 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO "
704 "ioctl failed"));
705 goto kcc_out;
706 }
707 }
708
709 if (kinfo->mi_return_value != CRYPTO_SUCCESS) {
710 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO ioctl "
711 "return value = %d\n"), kinfo->mi_return_value);
712 goto kcc_out;
713 }
714
715 /* Set key min and max size */
716 count = kinfo->mi_count;
717 i = 0;
718 if (i < count) {
719 keymin = kinfo->mi_list[i].mi_min_key_size;
720 keymax = kinfo->mi_list[i].mi_max_key_size;
721 if (kinfo->mi_list[i].mi_keysize_unit &
722 CRYPTO_KEYSIZE_UNIT_IN_BITS) {
723 keymin = CRYPTO_BITS2BYTES(keymin);
724 keymax = CRYPTO_BITS2BYTES(keymax);
725
726 }
727 cipher->min_keysize = keymin;
728 cipher->max_keysize = keymax;
729 }
730 free(kinfo);
731 kinfo = NULL;
732
733 if (i == count) {
734 (void) close(fd);
735 die(gettext(
736 "failed to find usable %s kernel mechanism, "
737 "use \"cryptoadm list -m\" to find available "
738 "mechanisms\n"),
739 cipher->name);
740 }
741 }
742
743 /* Note: key min/max, unit size, usage for iv cipher are not checked. */
744
745 return (ciph_ok && iv_ok);
746
747 kcc_out:
748 if (kinfo != NULL)
749 free(kinfo);
750 if (kciphers != NULL)
751 free(kciphers);
752 if (fd != -1)
753 (void) close(fd);
754 return (B_FALSE);
755 }
756
757 /*
758 * Break up token spec into its components (non-destructive)
759 */
760 static token_spec_t *
761 parsetoken(char *spec)
762 {
763 #define FLD_NAME 0
764 #define FLD_MANUF 1
765 #define FLD_SERIAL 2
766 #define FLD_LABEL 3
767 #define NFIELDS 4
768 #define nullfield(i) ((field[(i)+1] - field[(i)]) <= 1)
769 #define copyfield(fld, i) \
770 { \
771 int n; \
772 (fld) = NULL; \
773 if ((n = (field[(i)+1] - field[(i)])) > 1) { \
774 if (((fld) = malloc(n)) != NULL) { \
775 (void) strncpy((fld), field[(i)], n); \
776 ((fld))[n - 1] = '\0'; \
777 } \
778 } \
779 }
780
781 int i;
782 char *field[NFIELDS + 1]; /* +1 to catch extra delimiters */
783 token_spec_t *ti = NULL;
784
785 if (spec == NULL)
786 return (NULL);
787
788 /*
789 * Correct format is "[name]:[manuf]:[serial]:key". Can't use
790 * strtok because it treats ":::key" and "key:::" and "key" all
791 * as the same thing, and we can't have the :s compressed away.
792 */
793 field[0] = spec;
794 for (i = 1; i < NFIELDS + 1; i++) {
795 field[i] = strchr(field[i-1], ':');
796 if (field[i] == NULL)
797 break;
798 field[i]++;
799 }
800 if (i < NFIELDS) /* not enough fields */
801 return (NULL);
802 if (field[NFIELDS] != NULL) /* too many fields */
803 return (NULL);
804 field[NFIELDS] = strchr(field[NFIELDS-1], '\0') + 1;
805
806 /* key label can't be empty */
807 if (nullfield(FLD_LABEL))
808 return (NULL);
809
810 ti = malloc(sizeof (token_spec_t));
811 if (ti == NULL)
812 return (NULL);
813
814 copyfield(ti->name, FLD_NAME);
815 copyfield(ti->mfr, FLD_MANUF);
816 copyfield(ti->serno, FLD_SERIAL);
817 copyfield(ti->key, FLD_LABEL);
818
819 /*
820 * If token specified and it only contains a key label, then
821 * search all tokens for the key, otherwise only those with
822 * matching name, mfr, and serno are used.
823 */
824 /*
825 * That's how we'd like it to be, however, if only the key label
826 * is specified, default to using softtoken. It's easier.
827 */
828 if (ti->name == NULL && ti->mfr == NULL && ti->serno == NULL)
829 ti->name = strdup(pkcs11_default_token());
830 return (ti);
831 }
832
833 /*
834 * PBE the passphrase into a raw key
835 */
836 static void
837 getkeyfromuser(mech_alias_t *cipher, char **raw_key, size_t *raw_key_sz)
838 {
839 CK_SESSION_HANDLE sess;
840 CK_RV rv;
841 char *pass = NULL;
842 size_t passlen = 0;
843 void *salt = NULL; /* don't use NULL, see note on salt below */
844 size_t saltlen = 0;
845 CK_KEY_TYPE ktype;
846 void *kvalue;
847 size_t klen;
848
849 /* did init_crypto find a slot that supports this cipher? */
850 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) {
851 rv = CKR_MECHANISM_INVALID;
852 goto cleanup;
853 }
854
855 rv = pkcs11_mech2keytype(cipher->type, &ktype);
856 if (rv != CKR_OK)
857 goto cleanup;
858
859 /*
860 * use the passphrase to generate a PBE PKCS#5 secret key and
861 * retrieve the raw key data to eventually pass it to the kernel;
862 */
863 rv = C_OpenSession(cipher->slot, CKF_SERIAL_SESSION, NULL, NULL, &sess);
864 if (rv != CKR_OK)
865 goto cleanup;
866
867 /* get user passphrase with 8 byte minimum */
868 if (pkcs11_get_pass(NULL, &pass, &passlen, MIN_PASSLEN, B_TRUE) < 0) {
869 die(gettext("passphrases do not match\n"));
870 }
871
872 /*
873 * salt should not be NULL, or else pkcs11_PasswdToKey() will
874 * complain about CKR_MECHANISM_PARAM_INVALID; the following is
875 * to make up for not having a salt until a proper one is used
876 */
877 salt = pass;
878 saltlen = passlen;
879
880 klen = cipher->max_keysize;
881 rv = pkcs11_PasswdToKey(sess, pass, passlen, salt, saltlen, ktype,
882 cipher->max_keysize, &kvalue, &klen);
883
884 (void) C_CloseSession(sess);
885
886 if (rv != CKR_OK) {
887 goto cleanup;
888 }
889
890 /* assert(klen == cipher->max_keysize); */
891 *raw_key_sz = klen;
892 *raw_key = (char *)kvalue;
893 return;
894
895 cleanup:
896 die(gettext("failed to generate %s key from passphrase: %s"),
897 cipher->alias, pkcs11_strerror(rv));
898 }
899
900 /*
901 * Read raw key from file; also handles ephemeral keys.
902 */
903 void
904 getkeyfromfile(const char *pathname, mech_alias_t *cipher, char **key,
905 size_t *ksz)
906 {
907 int fd;
908 struct stat sbuf;
909 boolean_t notplain = B_FALSE;
910 ssize_t cursz;
911 ssize_t nread;
912
913 /* ephemeral keys are just random data */
914 if (pathname == NULL) {
915 *ksz = cipher->max_keysize;
916 *key = malloc(*ksz);
917 if (*key == NULL)
918 die(gettext("failed to allocate memory for"
919 " ephemeral key"));
920 if (pkcs11_get_urandom(*key, *ksz) < 0) {
921 free(*key);
922 die(gettext("failed to get enough random data"));
923 }
924 return;
925 }
926
927 /*
928 * If the remaining section of code didn't also check for secure keyfile
929 * permissions and whether the key is within cipher min and max lengths,
930 * (or, if those things moved out of this block), we could have had:
931 * if (pkcs11_read_data(pathname, key, ksz) < 0)
932 * handle_error();
933 */
934
935 if ((fd = open(pathname, O_RDONLY, 0)) == -1)
936 die(gettext("open of keyfile (%s) failed"), pathname);
937
938 if (fstat(fd, &sbuf) == -1)
939 die(gettext("fstat of keyfile (%s) failed"), pathname);
940
941 if (S_ISREG(sbuf.st_mode)) {
942 if ((sbuf.st_mode & (S_IWGRP | S_IWOTH)) != 0)
943 die(gettext("insecure permissions on keyfile %s\n"),
944 pathname);
945
946 *ksz = sbuf.st_size;
947 if (*ksz < cipher->min_keysize || cipher->max_keysize < *ksz) {
948 warn(gettext("%s: invalid keysize: %d\n"),
949 pathname, (int)*ksz);
950 die(gettext("\t%d <= keysize <= %d\n"),
951 cipher->min_keysize, cipher->max_keysize);
952 }
953 } else {
954 *ksz = cipher->max_keysize;
955 notplain = B_TRUE;
956 }
957
958 *key = malloc(*ksz);
959 if (*key == NULL)
960 die(gettext("failed to allocate memory for key from file"));
961
962 for (cursz = 0, nread = 0; cursz < *ksz; cursz += nread) {
963 nread = read(fd, *key, *ksz);
964 if (nread > 0)
965 continue;
966 /*
967 * nread == 0. If it's not a regular file we were trying to
968 * get the maximum keysize of data possible for this cipher.
969 * But if we've got at least the minimum keysize of data,
970 * round down to the nearest keysize unit and call it good.
971 * If we haven't met the minimum keysize, that's an error.
972 * If it's a regular file, nread = 0 is also an error.
973 */
974 if (nread == 0 && notplain && cursz >= cipher->min_keysize) {
975 *ksz = (cursz / cipher->min_keysize) *
976 cipher->min_keysize;
977 break;
978 }
979 die(gettext("%s: can't read all keybytes"), pathname);
980 }
981 (void) close(fd);
982 }
983
984 /*
985 * Read the raw key from token, or from a file that was wrapped with a
986 * key from token
987 */
988 void
989 getkeyfromtoken(CK_SESSION_HANDLE sess,
990 token_spec_t *token, const char *keyfile, mech_alias_t *cipher,
991 char **raw_key, size_t *raw_key_sz)
992 {
993 CK_RV rv = CKR_OK;
994 CK_BBOOL trueval = B_TRUE;
995 CK_OBJECT_CLASS kclass; /* secret key or RSA private key */
996 CK_KEY_TYPE ktype; /* from selected cipher or CKK_RSA */
997 CK_KEY_TYPE raw_ktype; /* from selected cipher */
998 CK_ATTRIBUTE key_tmpl[] = {
999 { CKA_CLASS, NULL, 0 }, /* re-used for token key and unwrap */
1000 { CKA_KEY_TYPE, NULL, 0 }, /* ditto */
1001 { CKA_LABEL, NULL, 0 },
1002 { CKA_TOKEN, NULL, 0 },
1003 { CKA_PRIVATE, NULL, 0 }
1004 };
1005 CK_ULONG attrs = sizeof (key_tmpl) / sizeof (CK_ATTRIBUTE);
1006 int i;
1007 char *pass = NULL;
1008 size_t passlen = 0;
1009 CK_OBJECT_HANDLE obj, rawobj;
1010 CK_ULONG num_objs = 1; /* just want to find 1 token key */
1011 CK_MECHANISM unwrap = { CKM_RSA_PKCS, NULL, 0 };
1012 char *rkey;
1013 size_t rksz;
1014
1015 if (token == NULL || token->key == NULL)
1016 return;
1017
1018 /* did init_crypto find a slot that supports this cipher? */
1019 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) {
1020 die(gettext("failed to find any cryptographic provider, "
1021 "use \"cryptoadm list -p\" to find providers: %s\n"),
1022 pkcs11_strerror(CKR_MECHANISM_INVALID));
1023 }
1024
1025 if (pkcs11_get_pass(token->name, &pass, &passlen, 0, B_FALSE) < 0)
1026 die(gettext("unable to get passphrase"));
1027
1028 /* use passphrase to login to token */
1029 if (pass != NULL && passlen > 0) {
1030 rv = C_Login(sess, CKU_USER, (CK_UTF8CHAR_PTR)pass, passlen);
1031 if (rv != CKR_OK) {
1032 die(gettext("cannot login to the token %s: %s\n"),
1033 token->name, pkcs11_strerror(rv));
1034 }
1035 }
1036
1037 rv = pkcs11_mech2keytype(cipher->type, &raw_ktype);
1038 if (rv != CKR_OK) {
1039 die(gettext("failed to get key type for cipher %s: %s\n"),
1040 cipher->name, pkcs11_strerror(rv));
1041 }
1042
1043 /*
1044 * If no keyfile was given, then the token key is secret key to
1045 * be used for encryption/decryption. Otherwise, the keyfile
1046 * contains a wrapped secret key, and the token is actually the
1047 * unwrapping RSA private key.
1048 */
1049 if (keyfile == NULL) {
1050 kclass = CKO_SECRET_KEY;
1051 ktype = raw_ktype;
1052 } else {
1053 kclass = CKO_PRIVATE_KEY;
1054 ktype = CKK_RSA;
1055 }
1056
1057 /* Find the key in the token first */
1058 for (i = 0; i < attrs; i++) {
1059 switch (key_tmpl[i].type) {
1060 case CKA_CLASS:
1061 key_tmpl[i].pValue = &kclass;
1062 key_tmpl[i].ulValueLen = sizeof (kclass);
1063 break;
1064 case CKA_KEY_TYPE:
1065 key_tmpl[i].pValue = &ktype;
1066 key_tmpl[i].ulValueLen = sizeof (ktype);
1067 break;
1068 case CKA_LABEL:
1069 key_tmpl[i].pValue = token->key;
1070 key_tmpl[i].ulValueLen = strlen(token->key);
1071 break;
1072 case CKA_TOKEN:
1073 key_tmpl[i].pValue = &trueval;
1074 key_tmpl[i].ulValueLen = sizeof (trueval);
1075 break;
1076 case CKA_PRIVATE:
1077 key_tmpl[i].pValue = &trueval;
1078 key_tmpl[i].ulValueLen = sizeof (trueval);
1079 break;
1080 default:
1081 break;
1082 }
1083 }
1084 rv = C_FindObjectsInit(sess, key_tmpl, attrs);
1085 if (rv != CKR_OK)
1086 die(gettext("cannot find key %s: %s\n"), token->key,
1087 pkcs11_strerror(rv));
1088 rv = C_FindObjects(sess, &obj, 1, &num_objs);
1089 (void) C_FindObjectsFinal(sess);
1090
1091 if (num_objs == 0) {
1092 die(gettext("cannot find key %s\n"), token->key);
1093 } else if (rv != CKR_OK) {
1094 die(gettext("cannot find key %s: %s\n"), token->key,
1095 pkcs11_strerror(rv));
1096 }
1097
1098 /*
1099 * No keyfile means when token key is found, convert it to raw key,
1100 * and done. Otherwise still need do an unwrap to create yet another
1101 * obj and that needs to be converted to raw key before we're done.
1102 */
1103 if (keyfile == NULL) {
1104 /* obj contains raw key, extract it */
1105 rv = pkcs11_ObjectToKey(sess, obj, (void **)&rkey, &rksz,
1106 B_FALSE);
1107 if (rv != CKR_OK) {
1108 die(gettext("failed to get key value for %s"
1109 " from token %s, %s\n"), token->key,
1110 token->name, pkcs11_strerror(rv));
1111 }
1112 } else {
1113 getkeyfromfile(keyfile, cipher, &rkey, &rksz);
1114
1115 /*
1116 * Got the wrapping RSA obj and the wrapped key from file.
1117 * Unwrap the key from file with RSA obj to get rawkey obj.
1118 */
1119
1120 /* re-use the first two attributes of key_tmpl */
1121 kclass = CKO_SECRET_KEY;
1122 ktype = raw_ktype;
1123
1124 rv = C_UnwrapKey(sess, &unwrap, obj, (CK_BYTE_PTR)rkey,
1125 rksz, key_tmpl, 2, &rawobj);
1126 if (rv != CKR_OK) {
1127 die(gettext("failed to unwrap key in keyfile %s,"
1128 " %s\n"), keyfile, pkcs11_strerror(rv));
1129 }
1130 /* rawobj contains raw key, extract it */
1131 rv = pkcs11_ObjectToKey(sess, rawobj, (void **)&rkey, &rksz,
1132 B_TRUE);
1133 if (rv != CKR_OK) {
1134 die(gettext("failed to get unwrapped key value for"
1135 " key in keyfile %s, %s\n"), keyfile,
1136 pkcs11_strerror(rv));
1137 }
1138 }
1139
1140 /* validate raw key size */
1141 if (rksz < cipher->min_keysize || cipher->max_keysize < rksz) {
1142 warn(gettext("%s: invalid keysize: %d\n"), keyfile, (int)rksz);
1143 die(gettext("\t%d <= keysize <= %d\n"), cipher->min_keysize,
1144 cipher->max_keysize);
1145 }
1146
1147 *raw_key_sz = rksz;
1148 *raw_key = (char *)rkey;
1149 }
1150
1151 /*
1152 * Set up cipher key limits and verify PKCS#11 can be done
1153 * match_token_cipher is the function pointer used by
1154 * pkcs11_GetCriteriaSession() init_crypto.
1155 */
1156 boolean_t
1157 match_token_cipher(CK_SLOT_ID slot_id, void *args, CK_RV *rv)
1158 {
1159 token_spec_t *token;
1160 mech_alias_t *cipher;
1161 CK_TOKEN_INFO tokinfo;
1162 CK_MECHANISM_INFO mechinfo;
1163 boolean_t token_match;
1164
1165 /*
1166 * While traversing slot list, pick up the following info per slot:
1167 * - if token specified, whether it matches this slot's token info
1168 * - if the slot supports the PKCS#5 PBKD2 cipher
1169 *
1170 * If the user said on the command line
1171 * -T tok:mfr:ser:lab -k keyfile
1172 * -c cipher -T tok:mfr:ser:lab -k keyfile
1173 * the given cipher or the default cipher apply to keyfile,
1174 * If the user said instead
1175 * -T tok:mfr:ser:lab
1176 * -c cipher -T tok:mfr:ser:lab
1177 * the key named "lab" may or may not agree with the given
1178 * cipher or the default cipher. In those cases, cipher will
1179 * be overridden with the actual cipher type of the key "lab".
1180 */
1181 *rv = CKR_FUNCTION_FAILED;
1182
1183 if (args == NULL) {
1184 return (B_FALSE);
1185 }
1186
1187 cipher = (mech_alias_t *)args;
1188 token = cipher->token;
1189
1190 if (C_GetMechanismInfo(slot_id, cipher->type, &mechinfo) != CKR_OK) {
1191 return (B_FALSE);
1192 }
1193
1194 if (token == NULL) {
1195 if (C_GetMechanismInfo(slot_id, CKM_PKCS5_PBKD2, &mechinfo) !=
1196 CKR_OK) {
1197 return (B_FALSE);
1198 }
1199 goto foundit;
1200 }
1201
1202 /* does the token match the token spec? */
1203 if (token->key == NULL || (C_GetTokenInfo(slot_id, &tokinfo) != CKR_OK))
1204 return (B_FALSE);
1205
1206 token_match = B_TRUE;
1207
1208 if (token->name != NULL && (token->name)[0] != '\0' &&
1209 strncmp((char *)token->name, (char *)tokinfo.label,
1210 TOKEN_LABEL_SIZE) != 0)
1211 token_match = B_FALSE;
1212 if (token->mfr != NULL && (token->mfr)[0] != '\0' &&
1213 strncmp((char *)token->mfr, (char *)tokinfo.manufacturerID,
1214 TOKEN_MANUFACTURER_SIZE) != 0)
1215 token_match = B_FALSE;
1216 if (token->serno != NULL && (token->serno)[0] != '\0' &&
1217 strncmp((char *)token->serno, (char *)tokinfo.serialNumber,
1218 TOKEN_SERIAL_SIZE) != 0)
1219 token_match = B_FALSE;
1220
1221 if (!token_match)
1222 return (B_FALSE);
1223
1224 foundit:
1225 cipher->slot = slot_id;
1226 return (B_TRUE);
1227 }
1228
1229 /*
1230 * Clean up crypto loose ends
1231 */
1232 static void
1233 end_crypto(CK_SESSION_HANDLE sess)
1234 {
1235 (void) C_CloseSession(sess);
1236 (void) C_Finalize(NULL);
1237 }
1238
1239 /*
1240 * Set up crypto, opening session on slot that matches token and cipher
1241 */
1242 static void
1243 init_crypto(token_spec_t *token, mech_alias_t *cipher,
1244 CK_SESSION_HANDLE_PTR sess)
1245 {
1246 CK_RV rv;
1247
1248 cipher->token = token;
1249
1250 /* Turn off Metaslot so that we can see actual tokens */
1251 if (setenv("METASLOT_ENABLED", "false", 1) < 0) {
1252 die(gettext("could not disable Metaslot"));
1253 }
1254
1255 rv = pkcs11_GetCriteriaSession(match_token_cipher, (void *)cipher,
1256 sess);
1257 if (rv != CKR_OK) {
1258 end_crypto(*sess);
1259 if (rv == CKR_HOST_MEMORY) {
1260 die("malloc");
1261 }
1262 die(gettext("failed to find any cryptographic provider, "
1263 "use \"cryptoadm list -p\" to find providers: %s\n"),
1264 pkcs11_strerror(rv));
1265 }
1266 }
1267
1268 /*
1269 * Uncompress a file.
1270 *
1271 * First map the file in to establish a device
1272 * association, then read from it. On-the-fly
1273 * decompression will automatically uncompress
1274 * the file if it's compressed
1275 *
1276 * If the file is mapped and a device association
1277 * has been established, disallow uncompressing
1278 * the file until it is unmapped.
1279 */
1280 static void
1281 lofi_uncompress(int lfd, const char *filename)
1282 {
1283 struct lofi_ioctl li;
1284 char buf[MAXBSIZE];
1285 char devicename[32];
1286 char tmpfilename[MAXPATHLEN];
1287 char *x;
1288 char *dir = NULL;
1289 char *file = NULL;
1290 int minor = 0;
1291 struct stat64 statbuf;
1292 int compfd = -1;
1293 int uncompfd = -1;
1294 ssize_t rbytes;
1295
1296 /*
1297 * Disallow uncompressing the file if it is
1298 * already mapped.
1299 */
1300 li.li_crypto_enabled = B_FALSE;
1301 li.li_minor = 0;
1302 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename));
1303 if (ioctl(lfd, LOFI_GET_MINOR, &li) != -1)
1304 die(gettext("%s must be unmapped before uncompressing"),
1305 filename);
1306
1307 /* Zero length files don't need to be uncompressed */
1308 if (stat64(filename, &statbuf) == -1)
1309 die(gettext("stat: %s"), filename);
1310 if (statbuf.st_size == 0)
1311 return;
1312
1313 minor = lofi_map_file(lfd, li, filename);
1314 (void) snprintf(devicename, sizeof (devicename), "/dev/%s/%d",
1315 LOFI_BLOCK_NAME, minor);
1316
1317 /* If the file isn't compressed, we just return */
1318 if ((ioctl(lfd, LOFI_CHECK_COMPRESSED, &li) == -1) ||
1319 (li.li_algorithm[0] == '\0')) {
1320 delete_mapping(lfd, devicename, filename, B_TRUE);
1321 die("%s is not compressed\n", filename);
1322 }
1323
1324 if ((compfd = open64(devicename, O_RDONLY | O_NONBLOCK)) == -1) {
1325 delete_mapping(lfd, devicename, filename, B_TRUE);
1326 die(gettext("open: %s"), filename);
1327 }
1328 /* Create a temp file in the same directory */
1329 x = strdup(filename);
1330 dir = strdup(dirname(x));
1331 free(x);
1332 x = strdup(filename);
1333 file = strdup(basename(x));
1334 free(x);
1335 (void) snprintf(tmpfilename, sizeof (tmpfilename),
1336 "%s/.%sXXXXXX", dir, file);
1337 free(dir);
1338 free(file);
1339
1340 if ((uncompfd = mkstemp64(tmpfilename)) == -1) {
1341 (void) close(compfd);
1342 delete_mapping(lfd, devicename, filename, B_TRUE);
1343 die("%s could not be uncompressed\n", filename);
1344 }
1345
1346 /*
1347 * Set the mode bits and the owner of this temporary
1348 * file to be that of the original uncompressed file
1349 */
1350 (void) fchmod(uncompfd, statbuf.st_mode);
1351
1352 if (fchown(uncompfd, statbuf.st_uid, statbuf.st_gid) == -1) {
1353 (void) close(compfd);
1354 (void) close(uncompfd);
1355 delete_mapping(lfd, devicename, filename, B_TRUE);
1356 die("%s could not be uncompressed\n", filename);
1357 }
1358
1359 /* Now read from the device in MAXBSIZE-sized chunks */
1360 for (;;) {
1361 rbytes = read(compfd, buf, sizeof (buf));
1362
1363 if (rbytes <= 0)
1364 break;
1365
1366 if (write(uncompfd, buf, rbytes) != rbytes) {
1367 rbytes = -1;
1368 break;
1369 }
1370 }
1371
1372 (void) close(compfd);
1373 (void) close(uncompfd);
1374
1375 /* Delete the mapping */
1376 delete_mapping(lfd, devicename, filename, B_TRUE);
1377
1378 /*
1379 * If an error occured while reading or writing, rbytes will
1380 * be negative
1381 */
1382 if (rbytes < 0) {
1383 (void) unlink(tmpfilename);
1384 die(gettext("could not read from %s"), filename);
1385 }
1386
1387 /* Rename the temp file to the actual file */
1388 if (rename(tmpfilename, filename) == -1)
1389 (void) unlink(tmpfilename);
1390 }
1391
1392 /*
1393 * Compress a file
1394 */
1395 static void
1396 lofi_compress(int *lfd, const char *filename, int compress_index,
1397 uint32_t segsize)
1398 {
1399 struct lofi_ioctl lic;
1400 lofi_compress_info_t *li;
1401 struct flock lock;
1402 char tmpfilename[MAXPATHLEN];
1403 char comp_filename[MAXPATHLEN];
1404 char algorithm[MAXALGLEN];
1405 char *x;
1406 char *dir = NULL, *file = NULL;
1407 uchar_t *uncompressed_seg = NULL;
1408 uchar_t *compressed_seg = NULL;
1409 uint32_t compressed_segsize;
1410 uint32_t len_compressed, count;
1411 uint32_t index_entries, index_sz;
1412 uint64_t *index = NULL;
1413 uint64_t offset;
1414 size_t real_segsize;
1415 struct stat64 statbuf;
1416 int compfd = -1, uncompfd = -1;
1417 int tfd = -1;
1418 ssize_t rbytes, wbytes, lastread;
1419 int i, type;
1420
1421 /*
1422 * Disallow compressing the file if it is
1423 * already mapped
1424 */
1425 lic.li_minor = 0;
1426 (void) strlcpy(lic.li_filename, filename, sizeof (lic.li_filename));
1427 if (ioctl(*lfd, LOFI_GET_MINOR, &lic) != -1)
1428 die(gettext("%s must be unmapped before compressing"),
1429 filename);
1430
1431 /*
1432 * Close the control device so other operations
1433 * can use it
1434 */
1435 (void) close(*lfd);
1436 *lfd = -1;
1437
1438 li = &lofi_compress_table[compress_index];
1439
1440 /*
1441 * The size of the buffer to hold compressed data must
1442 * be slightly larger than the compressed segment size.
1443 *
1444 * The compress functions use part of the buffer as
1445 * scratch space to do calculations.
1446 * Ref: http://www.zlib.net/manual.html#compress2
1447 */
1448 compressed_segsize = segsize + (segsize >> 6);
1449 compressed_seg = (uchar_t *)malloc(compressed_segsize + SEGHDR);
1450 uncompressed_seg = (uchar_t *)malloc(segsize);
1451
1452 if (compressed_seg == NULL || uncompressed_seg == NULL)
1453 die(gettext("No memory"));
1454
1455 if ((uncompfd = open64(filename, O_RDWR|O_LARGEFILE, 0)) == -1)
1456 die(gettext("open: %s"), filename);
1457
1458 lock.l_type = F_WRLCK;
1459 lock.l_whence = SEEK_SET;
1460 lock.l_start = 0;
1461 lock.l_len = 0;
1462
1463 /*
1464 * Use an advisory lock to ensure that only a
1465 * single lofiadm process compresses a given
1466 * file at any given time
1467 *
1468 * A close on the file descriptor automatically
1469 * closes all lock state on the file
1470 */
1471 if (fcntl(uncompfd, F_SETLKW, &lock) == -1)
1472 die(gettext("fcntl: %s"), filename);
1473
1474 if (fstat64(uncompfd, &statbuf) == -1) {
1475 (void) close(uncompfd);
1476 die(gettext("fstat: %s"), filename);
1477 }
1478
1479 /* Zero length files don't need to be compressed */
1480 if (statbuf.st_size == 0) {
1481 (void) close(uncompfd);
1482 return;
1483 }
1484
1485 /*
1486 * Create temporary files in the same directory that
1487 * will hold the intermediate data
1488 */
1489 x = strdup(filename);
1490 dir = strdup(dirname(x));
1491 free(x);
1492 x = strdup(filename);
1493 file = strdup(basename(x));
1494 free(x);
1495 (void) snprintf(tmpfilename, sizeof (tmpfilename),
1496 "%s/.%sXXXXXX", dir, file);
1497 (void) snprintf(comp_filename, sizeof (comp_filename),
1498 "%s/.%sXXXXXX", dir, file);
1499 free(dir);
1500 free(file);
1501
1502 if ((tfd = mkstemp64(tmpfilename)) == -1)
1503 goto cleanup;
1504
1505 if ((compfd = mkstemp64(comp_filename)) == -1)
1506 goto cleanup;
1507
1508 /*
1509 * Set the mode bits and owner of the compressed
1510 * file to be that of the original uncompressed file
1511 */
1512 (void) fchmod(compfd, statbuf.st_mode);
1513
1514 if (fchown(compfd, statbuf.st_uid, statbuf.st_gid) == -1)
1515 goto cleanup;
1516
1517 /*
1518 * Calculate the number of index entries required.
1519 * index entries are stored as an array. adding
1520 * a '2' here accounts for the fact that the last
1521 * segment may not be a multiple of the segment size
1522 */
1523 index_sz = (statbuf.st_size / segsize) + 2;
1524 index = malloc(sizeof (*index) * index_sz);
1525
1526 if (index == NULL)
1527 goto cleanup;
1528
1529 offset = 0;
1530 lastread = segsize;
1531 count = 0;
1532
1533 /*
1534 * Now read from the uncompressed file in 'segsize'
1535 * sized chunks, compress what was read in and
1536 * write it out to a temporary file
1537 */
1538 for (;;) {
1539 rbytes = read(uncompfd, uncompressed_seg, segsize);
1540
1541 if (rbytes <= 0)
1542 break;
1543
1544 if (lastread < segsize)
1545 goto cleanup;
1546
1547 /*
1548 * Account for the first byte that
1549 * indicates whether a segment is
1550 * compressed or not
1551 */
1552 real_segsize = segsize - 1;
1553 (void) li->l_compress(uncompressed_seg, rbytes,
1554 compressed_seg + SEGHDR, &real_segsize, li->l_level);
1555
1556 /*
1557 * If the length of the compressed data is more
1558 * than a threshold then there isn't any benefit
1559 * to be had from compressing this segment - leave
1560 * it uncompressed.
1561 *
1562 * NB. In case an error occurs during compression (above)
1563 * the 'real_segsize' isn't changed. The logic below
1564 * ensures that that segment is left uncompressed.
1565 */
1566 len_compressed = real_segsize;
1567 if (segsize <= COMPRESS_THRESHOLD ||
1568 real_segsize > (segsize - COMPRESS_THRESHOLD)) {
1569 (void) memcpy(compressed_seg + SEGHDR, uncompressed_seg,
1570 rbytes);
1571 type = UNCOMPRESSED;
1572 len_compressed = rbytes;
1573 } else {
1574 type = COMPRESSED;
1575 }
1576
1577 /*
1578 * Set the first byte or the SEGHDR to
1579 * indicate if it's compressed or not
1580 */
1581 *compressed_seg = type;
1582 wbytes = write(tfd, compressed_seg, len_compressed + SEGHDR);
1583 if (wbytes != (len_compressed + SEGHDR)) {
1584 rbytes = -1;
1585 break;
1586 }
1587
1588 index[count] = BE_64(offset);
1589 offset += wbytes;
1590 lastread = rbytes;
1591 count++;
1592 }
1593
1594 (void) close(uncompfd);
1595
1596 if (rbytes < 0)
1597 goto cleanup;
1598 /*
1599 * The last index entry is a sentinel entry. It does not point to
1600 * an actual compressed segment but helps in computing the size of
1601 * the compressed segment. The size of each compressed segment is
1602 * computed by subtracting the current index value from the next
1603 * one (the compressed blocks are stored sequentially)
1604 */
1605 index[count++] = BE_64(offset);
1606
1607 /*
1608 * Now write the compressed data along with the
1609 * header information to this file which will
1610 * later be renamed to the original uncompressed
1611 * file name
1612 *
1613 * The header is as follows -
1614 *
1615 * Signature (name of the compression algorithm)
1616 * Compression segment size (a multiple of 512)
1617 * Number of index entries
1618 * Size of the last block
1619 * The array containing the index entries
1620 *
1621 * the header is always stored in network byte
1622 * order
1623 */
1624 (void) bzero(algorithm, sizeof (algorithm));
1625 (void) strlcpy(algorithm, li->l_name, sizeof (algorithm));
1626 if (write(compfd, algorithm, sizeof (algorithm))
1627 != sizeof (algorithm))
1628 goto cleanup;
1629
1630 segsize = htonl(segsize);
1631 if (write(compfd, &segsize, sizeof (segsize)) != sizeof (segsize))
1632 goto cleanup;
1633
1634 index_entries = htonl(count);
1635 if (write(compfd, &index_entries, sizeof (index_entries)) !=
1636 sizeof (index_entries))
1637 goto cleanup;
1638
1639 lastread = htonl(lastread);
1640 if (write(compfd, &lastread, sizeof (lastread)) != sizeof (lastread))
1641 goto cleanup;
1642
1643 for (i = 0; i < count; i++) {
1644 if (write(compfd, index + i, sizeof (*index)) !=
1645 sizeof (*index))
1646 goto cleanup;
1647 }
1648
1649 /* Header is written, now write the compressed data */
1650 if (lseek(tfd, 0, SEEK_SET) != 0)
1651 goto cleanup;
1652
1653 rbytes = wbytes = 0;
1654
1655 for (;;) {
1656 rbytes = read(tfd, compressed_seg, compressed_segsize + SEGHDR);
1657
1658 if (rbytes <= 0)
1659 break;
1660
1661 if (write(compfd, compressed_seg, rbytes) != rbytes)
1662 goto cleanup;
1663 }
1664
1665 if (fstat64(compfd, &statbuf) == -1)
1666 goto cleanup;
1667
1668 /*
1669 * Round up the compressed file size to be a multiple of
1670 * DEV_BSIZE. lofi(7D) likes it that way.
1671 */
1672 if ((offset = statbuf.st_size % DEV_BSIZE) > 0) {
1673
1674 offset = DEV_BSIZE - offset;
1675
1676 for (i = 0; i < offset; i++)
1677 uncompressed_seg[i] = '\0';
1678 if (write(compfd, uncompressed_seg, offset) != offset)
1679 goto cleanup;
1680 }
1681 (void) close(compfd);
1682 (void) close(tfd);
1683 (void) unlink(tmpfilename);
1684 cleanup:
1685 if (rbytes < 0) {
1686 if (tfd != -1)
1687 (void) unlink(tmpfilename);
1688 if (compfd != -1)
1689 (void) unlink(comp_filename);
1690 die(gettext("error compressing file %s"), filename);
1691 } else {
1692 /* Rename the compressed file to the actual file */
1693 if (rename(comp_filename, filename) == -1) {
1694 (void) unlink(comp_filename);
1695 die(gettext("error compressing file %s"), filename);
1696 }
1697 }
1698 if (compressed_seg != NULL)
1699 free(compressed_seg);
1700 if (uncompressed_seg != NULL)
1701 free(uncompressed_seg);
1702 if (index != NULL)
1703 free(index);
1704 if (compfd != -1)
1705 (void) close(compfd);
1706 if (uncompfd != -1)
1707 (void) close(uncompfd);
1708 if (tfd != -1)
1709 (void) close(tfd);
1710 }
1711
1712 static int
1713 lofi_compress_select(const char *algname)
1714 {
1715 int i;
1716
1717 for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) {
1718 if (strcmp(lofi_compress_table[i].l_name, algname) == 0)
1719 return (i);
1720 }
1721 return (-1);
1722 }
1723
1724 static void
1725 check_algorithm_validity(const char *algname, int *compress_index)
1726 {
1727 *compress_index = lofi_compress_select(algname);
1728 if (*compress_index < 0)
1729 die(gettext("invalid algorithm name: %s\n"), algname);
1730 }
1731
1732 static void
1733 check_file_validity(const char *filename)
1734 {
1735 struct stat64 buf;
1736 int error;
1737 int fd;
1738
1739 fd = open64(filename, O_RDONLY);
1740 if (fd == -1) {
1741 die(gettext("open: %s"), filename);
1742 }
1743 error = fstat64(fd, &buf);
1744 if (error == -1) {
1745 die(gettext("fstat: %s"), filename);
1746 } else if (!S_ISLOFIABLE(buf.st_mode)) {
1747 die(gettext("%s is not a regular file, "
1748 "block, or character device\n"),
1749 filename);
1750 } else if ((buf.st_size % DEV_BSIZE) != 0) {
1751 die(gettext("size of %s is not a multiple of %d\n"),
1752 filename, DEV_BSIZE);
1753 }
1754 (void) close(fd);
1755
1756 if (name_to_minor(filename) != 0) {
1757 die(gettext("cannot use %s on itself\n"), LOFI_DRIVER_NAME);
1758 }
1759 }
1760
1761 static uint32_t
1762 convert_to_num(const char *str)
1763 {
1764 int len;
1765 uint32_t segsize, mult = 1;
1766
1767 len = strlen(str);
1768 if (len && isalpha(str[len - 1])) {
1769 switch (str[len - 1]) {
1770 case 'k':
1771 case 'K':
1772 mult = KILOBYTE;
1773 break;
1774 case 'b':
1775 case 'B':
1776 mult = BLOCK_SIZE;
1777 break;
1778 case 'm':
1779 case 'M':
1780 mult = MEGABYTE;
1781 break;
1782 case 'g':
1783 case 'G':
1784 mult = GIGABYTE;
1785 break;
1786 default:
1787 die(gettext("invalid segment size %s\n"), str);
1788 }
1789 }
1790
1791 segsize = atol(str);
1792 segsize *= mult;
1793
1794 return (segsize);
1795 }
1796
1797 int
1798 main(int argc, char *argv[])
1799 {
1800 int lfd;
1801 int c;
1802 const char *devicename = NULL;
1803 const char *filename = NULL;
1804 const char *algname = COMPRESS_ALGORITHM;
1805 int openflag;
1806 int minor;
1807 int compress_index;
1808 uint32_t segsize = SEGSIZE;
1809 static char *lofictl = "/dev/" LOFI_CTL_NAME;
1810 boolean_t force = B_FALSE;
1811 const char *pname;
1812 boolean_t errflag = B_FALSE;
1813 boolean_t addflag = B_FALSE;
1814 boolean_t rdflag = B_FALSE;
1815 boolean_t deleteflag = B_FALSE;
1816 boolean_t ephflag = B_FALSE;
1817 boolean_t compressflag = B_FALSE;
1818 boolean_t uncompressflag = B_FALSE;
1819 /* the next two work together for -c, -k, -T, -e options only */
1820 boolean_t need_crypto = B_FALSE; /* if any -c, -k, -T, -e */
1821 boolean_t cipher_only = B_TRUE; /* if -c only */
1822 const char *keyfile = NULL;
1823 mech_alias_t *cipher = NULL;
1824 token_spec_t *token = NULL;
1825 char *rkey = NULL;
1826 size_t rksz = 0;
1827 char realfilename[MAXPATHLEN];
1828
1829 pname = getpname(argv[0]);
1830
1831 (void) setlocale(LC_ALL, "");
1832 (void) textdomain(TEXT_DOMAIN);
1833
1834 while ((c = getopt(argc, argv, "a:c:Cd:efk:o:rs:T:U")) != EOF) {
1835 switch (c) {
1836 case 'a':
1837 addflag = B_TRUE;
1838 if ((filename = realpath(optarg, realfilename)) == NULL)
1839 die("%s", optarg);
1840 if (((argc - optind) > 0) && (*argv[optind] != '-')) {
1841 /* optional device */
1842 devicename = argv[optind];
1843 optind++;
1844 }
1845 break;
1846 case 'C':
1847 compressflag = B_TRUE;
1848 if (((argc - optind) > 1) && (*argv[optind] != '-')) {
1849 /* optional algorithm */
1850 algname = argv[optind];
1851 optind++;
1852 }
1853 check_algorithm_validity(algname, &compress_index);
1854 break;
1855 case 'c':
1856 /* is the chosen cipher allowed? */
1857 if ((cipher = ciph2mech(optarg)) == NULL) {
1858 errflag = B_TRUE;
1859 warn(gettext("cipher %s not allowed\n"),
1860 optarg);
1861 }
1862 need_crypto = B_TRUE;
1863 /* cipher_only is already set */
1864 break;
1865 case 'd':
1866 deleteflag = B_TRUE;
1867 minor = name_to_minor(optarg);
1868 if (minor != 0)
1869 devicename = optarg;
1870 else {
1871 if ((filename = realpath(optarg,
1872 realfilename)) == NULL)
1873 die("%s", optarg);
1874 }
1875 break;
1876 case 'e':
1877 ephflag = B_TRUE;
1878 need_crypto = B_TRUE;
1879 cipher_only = B_FALSE; /* need to unset cipher_only */
1880 break;
1881 case 'f':
1882 force = B_TRUE;
1883 break;
1884 case 'k':
1885 keyfile = optarg;
1886 need_crypto = B_TRUE;
1887 cipher_only = B_FALSE; /* need to unset cipher_only */
1888 break;
1889 case 'r':
1890 rdflag = B_TRUE;
1891 break;
1892 case 's':
1893 segsize = convert_to_num(optarg);
1894 if (segsize < DEV_BSIZE || !ISP2(segsize))
1895 die(gettext("segment size %s is invalid "
1896 "or not a multiple of minimum block "
1897 "size %ld\n"), optarg, DEV_BSIZE);
1898 break;
1899 case 'T':
1900 if ((token = parsetoken(optarg)) == NULL) {
1901 errflag = B_TRUE;
1902 warn(
1903 gettext("invalid token key specifier %s\n"),
1904 optarg);
1905 }
1906 need_crypto = B_TRUE;
1907 cipher_only = B_FALSE; /* need to unset cipher_only */
1908 break;
1909 case 'U':
1910 uncompressflag = B_TRUE;
1911 break;
1912 case '?':
1913 default:
1914 errflag = B_TRUE;
1915 break;
1916 }
1917 }
1918
1919 /* Check for mutually exclusive combinations of options */
1920 if (errflag ||
1921 (addflag && deleteflag) ||
1922 (rdflag && !addflag) ||
1923 (!addflag && need_crypto) ||
1924 ((compressflag || uncompressflag) && (addflag || deleteflag)))
1925 usage(pname);
1926
1927 /* ephemeral key, and key from either file or token are incompatible */
1928 if (ephflag && (keyfile != NULL || token != NULL)) {
1929 die(gettext("ephemeral key cannot be used with keyfile"
1930 " or token key\n"));
1931 }
1932
1933 /*
1934 * "-c" but no "-k", "-T", "-e", or "-T -k" means derive key from
1935 * command line passphrase
1936 */
1937
1938 switch (argc - optind) {
1939 case 0: /* no more args */
1940 if (compressflag || uncompressflag) /* needs filename */
1941 usage(pname);
1942 break;
1943 case 1:
1944 if (addflag || deleteflag)
1945 usage(pname);
1946 /* one arg means compress/uncompress the file ... */
1947 if (compressflag || uncompressflag) {
1948 if ((filename = realpath(argv[optind],
1949 realfilename)) == NULL)
1950 die("%s", argv[optind]);
1951 /* ... or without options means print the association */
1952 } else {
1953 minor = name_to_minor(argv[optind]);
1954 if (minor != 0)
1955 devicename = argv[optind];
1956 else {
1957 if ((filename = realpath(argv[optind],
1958 realfilename)) == NULL)
1959 die("%s", argv[optind]);
1960 }
1961 }
1962 break;
1963 default:
1964 usage(pname);
1965 break;
1966 }
1967
1968 if (addflag || compressflag || uncompressflag)
1969 check_file_validity(filename);
1970
1971 if (filename && !valid_abspath(filename))
1972 exit(E_ERROR);
1973
1974 /*
1975 * Here, we know the arguments are correct, the filename is an
1976 * absolute path, it exists and is a regular file. We don't yet
1977 * know that the device name is ok or not.
1978 */
1979
1980 openflag = O_EXCL;
1981 if (addflag || deleteflag || compressflag || uncompressflag)
1982 openflag |= O_RDWR;
1983 else
1984 openflag |= O_RDONLY;
1985 lfd = open(lofictl, openflag);
1986 if (lfd == -1) {
1987 if ((errno == EPERM) || (errno == EACCES)) {
1988 die(gettext("you do not have permission to perform "
1989 "that operation.\n"));
1990 } else {
1991 die(gettext("open: %s"), lofictl);
1992 }
1993 /*NOTREACHED*/
1994 }
1995
1996 /*
1997 * No passphrase is needed for ephemeral key, or when key is
1998 * in a file and not wrapped by another key from a token.
1999 * However, a passphrase is needed in these cases:
2000 * 1. cipher with no ephemeral key, key file, or token,
2001 * in which case the passphrase is used to build the key
2002 * 2. token with an optional cipher or optional key file,
2003 * in which case the passphrase unlocks the token
2004 * If only the cipher is specified, reconfirm the passphrase
2005 * to ensure the user hasn't mis-entered it. Otherwise, the
2006 * token will enforce the token passphrase.
2007 */
2008 if (need_crypto) {
2009 CK_SESSION_HANDLE sess;
2010
2011 /* pick a cipher if none specified */
2012 if (cipher == NULL)
2013 cipher = DEFAULT_CIPHER;
2014
2015 if (!kernel_cipher_check(cipher))
2016 die(gettext(
2017 "use \"cryptoadm list -m\" to find available "
2018 "mechanisms\n"));
2019
2020 init_crypto(token, cipher, &sess);
2021
2022 if (cipher_only) {
2023 getkeyfromuser(cipher, &rkey, &rksz);
2024 } else if (token != NULL) {
2025 getkeyfromtoken(sess, token, keyfile, cipher,
2026 &rkey, &rksz);
2027 } else {
2028 /* this also handles ephemeral keys */
2029 getkeyfromfile(keyfile, cipher, &rkey, &rksz);
2030 }
2031
2032 end_crypto(sess);
2033 }
2034
2035 /*
2036 * Now to the real work.
2037 */
2038 if (addflag)
2039 add_mapping(lfd, devicename, filename, cipher, rkey, rksz,
2040 rdflag);
2041 else if (compressflag)
2042 lofi_compress(&lfd, filename, compress_index, segsize);
2043 else if (uncompressflag)
2044 lofi_uncompress(lfd, filename);
2045 else if (deleteflag)
2046 delete_mapping(lfd, devicename, filename, force);
2047 else if (filename || devicename)
2048 print_one_mapping(lfd, devicename, filename);
2049 else
2050 print_mappings(lfd);
2051
2052 if (lfd != -1)
2053 (void) close(lfd);
2054 closelib();
2055 return (E_SUCCESS);
2056 }