1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 * Copyright 2012 Joyent, Inc. All rights reserved. 25 * 26 * Copyright 2013 Nexenta Systems, Inc. All rights reserved. 27 * Copyright (c) 2014 Gary Mills 28 * Copyright (c) 2016 Andrey Sokolov 29 */ 30 31 /* 32 * lofiadm - administer lofi(7d). Very simple, add and remove file<->device 33 * associations, and display status. All the ioctls are private between 34 * lofi and lofiadm, and so are very simple - device information is 35 * communicated via a minor number. 36 */ 37 38 #include <sys/types.h> 39 #include <sys/param.h> 40 #include <sys/lofi.h> 41 #include <sys/stat.h> 42 #include <sys/sysmacros.h> 43 #include <netinet/in.h> 44 #include <stdio.h> 45 #include <fcntl.h> 46 #include <locale.h> 47 #include <string.h> 48 #include <strings.h> 49 #include <errno.h> 50 #include <stdlib.h> 51 #include <unistd.h> 52 #include <stropts.h> 53 #include <libdevinfo.h> 54 #include <libgen.h> 55 #include <ctype.h> 56 #include <dlfcn.h> 57 #include <limits.h> 58 #include <security/cryptoki.h> 59 #include <cryptoutil.h> 60 #include <sys/crypto/ioctl.h> 61 #include <sys/crypto/ioctladmin.h> 62 #include <sys/cmlb.h> 63 #include <sys/mkdev.h> 64 #include "utils.h" 65 #include <LzmaEnc.h> 66 67 /* Only need the IV len #defines out of these files, nothing else. */ 68 #include <aes/aes_impl.h> 69 #include <des/des_impl.h> 70 #include <blowfish/blowfish_impl.h> 71 72 static const char USAGE[] = 73 "Usage: %s [-r] [-l] -a file [ device ]\n" 74 " %s [-r] -c crypto_algorithm -a file [device]\n" 75 " %s [-r] -c crypto_algorithm -k raw_key_file -a file [device]\n" 76 " %s [-r] -c crypto_algorithm -T [token]:[manuf]:[serial]:key " 77 "-a file [device]\n" 78 " %s [-r] -c crypto_algorithm -T [token]:[manuf]:[serial]:key " 79 "-k wrapped_key_file -a file [device]\n" 80 " %s [-r] -c crypto_algorithm -e -a file [device]\n" 81 " %s -d file | device\n" 82 " %s -C [gzip|gzip-6|gzip-9|lzma] [-s segment_size] file\n" 83 " %s -U file\n" 84 " %s [ file | device ]\n"; 85 86 typedef struct token_spec { 87 char *name; 88 char *mfr; 89 char *serno; 90 char *key; 91 } token_spec_t; 92 93 typedef struct mech_alias { 94 char *alias; 95 CK_MECHANISM_TYPE type; 96 char *name; /* for ioctl */ 97 char *iv_name; /* for ioctl */ 98 size_t iv_len; /* for ioctl */ 99 iv_method_t iv_type; /* for ioctl */ 100 size_t min_keysize; /* in bytes */ 101 size_t max_keysize; /* in bytes */ 102 token_spec_t *token; 103 CK_SLOT_ID slot; 104 } mech_alias_t; 105 106 static mech_alias_t mech_aliases[] = { 107 /* Preferred one should always be listed first. */ 108 { "aes-256-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN, 109 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 }, 110 { "aes-192-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN, 111 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 }, 112 { "aes-128-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN, 113 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 }, 114 { "des3-cbc", CKM_DES3_CBC, "CKM_DES3_CBC", "CKM_DES3_ECB", DES_IV_LEN, 115 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 }, 116 { "blowfish-cbc", CKM_BLOWFISH_CBC, "CKM_BLOWFISH_CBC", 117 "CKM_BLOWFISH_ECB", BLOWFISH_IV_LEN, IVM_ENC_BLKNO, ULONG_MAX, 118 0L, NULL, (CK_SLOT_ID)-1 } 119 /* 120 * A cipher without an iv requirement would look like this: 121 * { "aes-xex", CKM_AES_XEX, "CKM_AES_XEX", NULL, 0, 122 * IVM_NONE, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 } 123 */ 124 }; 125 126 int mech_aliases_count = (sizeof (mech_aliases) / sizeof (mech_alias_t)); 127 128 /* Preferred cipher, if one isn't specified on command line. */ 129 #define DEFAULT_CIPHER (&mech_aliases[0]) 130 131 #define DEFAULT_CIPHER_NUM 64 /* guess # kernel ciphers available */ 132 #define DEFAULT_MECHINFO_NUM 16 /* guess # kernel mechs available */ 133 #define MIN_PASSLEN 8 /* min acceptable passphrase size */ 134 135 static int gzip_compress(void *src, size_t srclen, void *dst, 136 size_t *destlen, int level); 137 static int lzma_compress(void *src, size_t srclen, void *dst, 138 size_t *destlen, int level); 139 140 lofi_compress_info_t lofi_compress_table[LOFI_COMPRESS_FUNCTIONS] = { 141 {NULL, gzip_compress, 6, "gzip"}, /* default */ 142 {NULL, gzip_compress, 6, "gzip-6"}, 143 {NULL, gzip_compress, 9, "gzip-9"}, 144 {NULL, lzma_compress, 0, "lzma"} 145 }; 146 147 /* For displaying lofi mappings */ 148 #define FORMAT "%-20s %-30s %s\n" 149 150 #define COMPRESS_ALGORITHM "gzip" 151 #define COMPRESS_THRESHOLD 2048 152 #define SEGSIZE 131072 153 #define BLOCK_SIZE 512 154 #define KILOBYTE 1024 155 #define MEGABYTE (KILOBYTE * KILOBYTE) 156 #define GIGABYTE (KILOBYTE * MEGABYTE) 157 #define LIBZ "libz.so.1" 158 159 static void 160 usage(const char *pname) 161 { 162 (void) fprintf(stderr, gettext(USAGE), pname, pname, pname, 163 pname, pname, pname, pname, pname, pname, pname); 164 exit(E_USAGE); 165 } 166 167 static int 168 gzip_compress(void *src, size_t srclen, void *dst, size_t *dstlen, int level) 169 { 170 static int (*compress2p)(void *, ulong_t *, void *, size_t, int) = NULL; 171 void *libz_hdl = NULL; 172 173 /* 174 * The first time we are called, attempt to dlopen() 175 * libz.so.1 and get a pointer to the compress2() function 176 */ 177 if (compress2p == NULL) { 178 if ((libz_hdl = openlib(LIBZ)) == NULL) 179 die(gettext("could not find %s. " 180 "gzip compression unavailable\n"), LIBZ); 181 182 if ((compress2p = 183 (int (*)(void *, ulong_t *, void *, size_t, int)) 184 dlsym(libz_hdl, "compress2")) == NULL) { 185 closelib(); 186 die(gettext("could not find the correct %s. " 187 "gzip compression unavailable\n"), LIBZ); 188 } 189 } 190 191 if ((*compress2p)(dst, (ulong_t *)dstlen, src, srclen, level) != 0) 192 return (-1); 193 return (0); 194 } 195 196 /*ARGSUSED*/ 197 static void 198 *SzAlloc(void *p, size_t size) 199 { 200 return (malloc(size)); 201 } 202 203 /*ARGSUSED*/ 204 static void 205 SzFree(void *p, void *address, size_t size) 206 { 207 free(address); 208 } 209 210 static ISzAlloc g_Alloc = { 211 SzAlloc, 212 SzFree 213 }; 214 215 #define LZMA_UNCOMPRESSED_SIZE 8 216 #define LZMA_HEADER_SIZE (LZMA_PROPS_SIZE + LZMA_UNCOMPRESSED_SIZE) 217 218 /*ARGSUSED*/ 219 static int 220 lzma_compress(void *src, size_t srclen, void *dst, 221 size_t *dstlen, int level) 222 { 223 CLzmaEncProps props; 224 size_t outsize2; 225 size_t outsizeprocessed; 226 size_t outpropssize = LZMA_PROPS_SIZE; 227 uint64_t t = 0; 228 SRes res; 229 Byte *dstp; 230 int i; 231 232 outsize2 = *dstlen; 233 234 LzmaEncProps_Init(&props); 235 236 /* 237 * The LZMA compressed file format is as follows - 238 * 239 * Offset Size(bytes) Description 240 * 0 1 LZMA properties (lc, lp, lp (encoded)) 241 * 1 4 Dictionary size (little endian) 242 * 5 8 Uncompressed size (little endian) 243 * 13 Compressed data 244 */ 245 246 /* set the dictionary size to be 8MB */ 247 props.dictSize = 1 << 23; 248 249 if (*dstlen < LZMA_HEADER_SIZE) 250 return (SZ_ERROR_OUTPUT_EOF); 251 252 dstp = (Byte *)dst; 253 t = srclen; 254 /* 255 * Set the uncompressed size in the LZMA header 256 * The LZMA properties (specified in 'props') 257 * will be set by the call to LzmaEncode() 258 */ 259 for (i = 0; i < LZMA_UNCOMPRESSED_SIZE; i++, t >>= 8) { 260 dstp[LZMA_PROPS_SIZE + i] = (Byte)t; 261 } 262 263 outsizeprocessed = outsize2 - LZMA_HEADER_SIZE; 264 res = LzmaEncode(dstp + LZMA_HEADER_SIZE, &outsizeprocessed, 265 src, srclen, &props, dstp, &outpropssize, 0, NULL, 266 &g_Alloc, &g_Alloc); 267 268 if (res != 0) 269 return (-1); 270 271 *dstlen = outsizeprocessed + LZMA_HEADER_SIZE; 272 return (0); 273 } 274 275 /* 276 * Translate a lofi device name to a minor number. We might be asked 277 * to do this when there is no association (such as when the user specifies 278 * a particular device), so we can only look at the string. 279 */ 280 static int 281 name_to_minor(const char *devicename) 282 { 283 struct stat st; 284 285 /* 286 * If devicename does not exist, then devicename contains 287 * the name of the device to be created. 288 * Note we only allow non-labeled devices here. 289 */ 290 if (stat(devicename, &st)) { 291 int minor, rv; 292 293 rv = sscanf(devicename, "/dev/" LOFI_BLOCK_NAME "/%d", &minor); 294 if (rv == 1) 295 return (minor); 296 rv = sscanf(devicename, "/dev/" LOFI_CHAR_NAME "/%d", &minor); 297 if (rv == 1) 298 return (minor); 299 300 return (0); 301 } 302 303 if (st.st_mode & S_IFCHR || st.st_mode & S_IFBLK) { 304 return (LOFI_MINOR2ID(minor(st.st_rdev))); 305 } 306 307 return (0); 308 } 309 310 /* 311 * This might be the first time we've used this minor number. If so, 312 * it might also be that the /dev links are in the process of being created 313 * by devfsadmd (or that they'll be created "soon"). We cannot return 314 * until they're there or the invoker of lofiadm might try to use them 315 * and not find them. This can happen if a shell script is running on 316 * an MP. 317 */ 318 static int sleeptime = 2; /* number of seconds to sleep between stat's */ 319 static int maxsleep = 120; /* maximum number of seconds to sleep */ 320 321 static void 322 make_blkdevname(struct lofi_ioctl *li, char *path, size_t len) 323 { 324 char *r1, *r2; 325 size_t l1; 326 327 if (li->li_devpath[0] == '\0') { 328 if (li->li_labeled) 329 (void) strlcpy(path, "unknown", len); 330 else 331 (void) snprintf(path, len, 332 "/dev/" LOFI_BLOCK_NAME "/%d", li->li_id); 333 return; 334 } 335 (void) strlcpy(path, li->li_devpath, len); 336 r1 = strchr(path, 'r'); 337 l1 = r1 - path; 338 r2 = strchr(li->li_devpath, 'r'); 339 (void) strlcpy(r1, r2+1, len - l1); 340 341 if (li->li_labeled) { 342 (void) strlcat(path, "p0", len); 343 } 344 } 345 346 static void 347 wait_until_dev_complete(struct lofi_ioctl *li) 348 { 349 struct stat64 buf; 350 int cursleep; 351 char blkpath[MAXPATHLEN]; 352 char charpath[MAXPATHLEN]; 353 di_devlink_handle_t hdl; 354 355 make_blkdevname(li, blkpath, sizeof (blkpath)); 356 (void) strlcpy(charpath, li->li_devpath, sizeof (charpath)); 357 358 if (li->li_labeled) { 359 (void) strlcat(charpath, "p0", sizeof (charpath)); 360 } 361 362 /* Check if links already present */ 363 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0) 364 return; 365 366 /* First use di_devlink_init() */ 367 if (hdl = di_devlink_init("lofi", DI_MAKE_LINK)) { 368 (void) di_devlink_fini(&hdl); 369 goto out; 370 } 371 372 /* 373 * Under normal conditions, di_devlink_init(DI_MAKE_LINK) above will 374 * only fail if the caller is non-root. In that case, wait for 375 * link creation via sysevents. 376 */ 377 for (cursleep = 0; cursleep < maxsleep; cursleep += sleeptime) { 378 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0) 379 return; 380 (void) sleep(sleeptime); 381 } 382 383 /* one last try */ 384 out: 385 if (stat64(blkpath, &buf) == -1) { 386 die(gettext("%s was not created"), blkpath); 387 } 388 if (stat64(charpath, &buf) == -1) { 389 die(gettext("%s was not created"), charpath); 390 } 391 } 392 393 /* 394 * Map the file and return the minor number the driver picked for the file 395 * DO NOT use this function if the filename is actually the device name. 396 */ 397 static int 398 lofi_map_file(int lfd, struct lofi_ioctl *li, const char *filename) 399 { 400 int minor; 401 402 li->li_id = 0; 403 (void) strlcpy(li->li_filename, filename, sizeof (li->li_filename)); 404 minor = ioctl(lfd, LOFI_MAP_FILE, li); 405 if (minor == -1) { 406 if (errno == ENOTSUP) 407 warn(gettext("encrypting compressed files is " 408 "unsupported")); 409 die(gettext("could not map file %s"), filename); 410 } 411 wait_until_dev_complete(li); 412 return (minor); 413 } 414 415 /* 416 * Add a device association. If devicename is NULL, let the driver 417 * pick a device. 418 */ 419 static void 420 add_mapping(int lfd, const char *devicename, const char *filename, 421 mech_alias_t *cipher, const char *rkey, size_t rksz, boolean_t rdonly, 422 boolean_t label) 423 { 424 struct lofi_ioctl li; 425 426 bzero(&li, sizeof (li)); 427 li.li_readonly = rdonly; 428 li.li_labeled = label; 429 430 li.li_crypto_enabled = B_FALSE; 431 if (cipher != NULL) { 432 /* set up encryption for mapped file */ 433 li.li_crypto_enabled = B_TRUE; 434 (void) strlcpy(li.li_cipher, cipher->name, 435 sizeof (li.li_cipher)); 436 if (rksz > sizeof (li.li_key)) { 437 die(gettext("key too large")); 438 } 439 bcopy(rkey, li.li_key, rksz); 440 li.li_key_len = rksz << 3; /* convert to bits */ 441 442 li.li_iv_type = cipher->iv_type; 443 li.li_iv_len = cipher->iv_len; /* 0 when no iv needed */ 444 switch (cipher->iv_type) { 445 case IVM_ENC_BLKNO: 446 (void) strlcpy(li.li_iv_cipher, cipher->iv_name, 447 sizeof (li.li_iv_cipher)); 448 break; 449 case IVM_NONE: 450 /* FALLTHROUGH */ 451 default: 452 break; 453 } 454 } 455 456 if (devicename == NULL) { 457 int minor; 458 char path[MAXPATHLEN]; 459 460 /* pick one via the driver */ 461 minor = lofi_map_file(lfd, &li, filename); 462 if (minor > 0) { 463 make_blkdevname(&li, path, sizeof (path)); 464 465 /* if mapping succeeds, print the one picked */ 466 (void) printf("%s\n", path); 467 } 468 return; 469 } 470 471 /* use device we were given */ 472 li.li_id = name_to_minor(devicename); 473 if (li.li_id == 0) { 474 die(gettext("malformed device name %s\n"), devicename); 475 } 476 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename)); 477 478 /* if device is already in use li.li_minor won't change */ 479 if (ioctl(lfd, LOFI_MAP_FILE_MINOR, &li) == -1) { 480 if (errno == ENOTSUP) 481 warn(gettext("encrypting compressed files is " 482 "unsupported")); 483 die(gettext("could not map file %s to %s"), filename, 484 devicename); 485 } 486 wait_until_dev_complete(&li); 487 } 488 489 /* 490 * Remove an association. Delete by device name if non-NULL, or by 491 * filename otherwise. 492 */ 493 static void 494 delete_mapping(int lfd, const char *devicename, const char *filename, 495 boolean_t force) 496 { 497 struct lofi_ioctl li; 498 499 li.li_force = force; 500 li.li_cleanup = B_FALSE; 501 502 if (devicename == NULL) { 503 /* delete by filename */ 504 (void) strlcpy(li.li_filename, filename, 505 sizeof (li.li_filename)); 506 li.li_id = 0; 507 if (ioctl(lfd, LOFI_UNMAP_FILE, &li) == -1) { 508 die(gettext("could not unmap file %s"), filename); 509 } 510 return; 511 } 512 513 /* delete by device */ 514 li.li_id = name_to_minor(devicename); 515 if (li.li_id == 0) { 516 die(gettext("malformed device name %s\n"), devicename); 517 } 518 if (ioctl(lfd, LOFI_UNMAP_FILE_MINOR, &li) == -1) { 519 die(gettext("could not unmap device %s"), devicename); 520 } 521 } 522 523 /* 524 * Show filename given devicename, or devicename given filename. 525 */ 526 static void 527 print_one_mapping(int lfd, const char *devicename, const char *filename) 528 { 529 struct lofi_ioctl li; 530 char blkpath[MAXPATHLEN]; 531 532 if (devicename == NULL) { 533 /* given filename, print devicename */ 534 li.li_id = 0; 535 (void) strlcpy(li.li_filename, filename, 536 sizeof (li.li_filename)); 537 if (ioctl(lfd, LOFI_GET_MINOR, &li) == -1) { 538 die(gettext("could not find device for %s"), filename); 539 } 540 make_blkdevname(&li, blkpath, sizeof (blkpath)); 541 (void) printf("%s\n", blkpath); 542 return; 543 } 544 545 /* given devicename, print filename */ 546 li.li_id = name_to_minor(devicename); 547 if (li.li_id == 0) { 548 die(gettext("malformed device name %s\n"), devicename); 549 } 550 if (ioctl(lfd, LOFI_GET_FILENAME, &li) == -1) { 551 die(gettext("could not find filename for %s"), devicename); 552 } 553 (void) printf("%s\n", li.li_filename); 554 } 555 556 /* 557 * Print the list of all the mappings, including a header. 558 */ 559 static void 560 print_mappings(int fd) 561 { 562 struct lofi_ioctl li; 563 int minor; 564 int maxminor; 565 char path[MAXPATHLEN]; 566 char options[MAXPATHLEN] = { 0 }; 567 568 li.li_id = 0; 569 if (ioctl(fd, LOFI_GET_MAXMINOR, &li) == -1) { 570 die("ioctl"); 571 } 572 maxminor = li.li_id; 573 574 (void) printf(FORMAT, gettext("Block Device"), gettext("File"), 575 gettext("Options")); 576 for (minor = 1; minor <= maxminor; minor++) { 577 li.li_id = minor; 578 if (ioctl(fd, LOFI_GET_FILENAME, &li) == -1) { 579 if (errno == ENXIO) 580 continue; 581 warn("ioctl"); 582 break; 583 } 584 make_blkdevname(&li, path, sizeof (path)); 585 586 options[0] = '\0'; 587 588 /* 589 * Encrypted lofi and compressed lofi are mutually exclusive. 590 */ 591 if (li.li_crypto_enabled) 592 (void) snprintf(options, sizeof (options), 593 gettext("Encrypted")); 594 else if (li.li_algorithm[0] != '\0') 595 (void) snprintf(options, sizeof (options), 596 gettext("Compressed(%s)"), li.li_algorithm); 597 if (li.li_readonly) { 598 if (strlen(options) != 0) { 599 (void) strlcat(options, ",Readonly", 600 sizeof (options)); 601 } else { 602 (void) snprintf(options, sizeof (options), 603 gettext("Readonly")); 604 } 605 } 606 if (li.li_labeled) { 607 if (strlen(options) != 0) { 608 (void) strlcat(options, ",Labeled", 609 sizeof (options)); 610 } else { 611 (void) snprintf(options, sizeof (options), 612 gettext("Labeled")); 613 } 614 } 615 if (strlen(options) == 0) 616 (void) snprintf(options, sizeof (options), "-"); 617 618 (void) printf(FORMAT, path, li.li_filename, options); 619 } 620 } 621 622 /* 623 * Verify the cipher selected by user. 624 */ 625 static mech_alias_t * 626 ciph2mech(const char *alias) 627 { 628 int i; 629 630 for (i = 0; i < mech_aliases_count; i++) { 631 if (strcasecmp(alias, mech_aliases[i].alias) == 0) 632 return (&mech_aliases[i]); 633 } 634 return (NULL); 635 } 636 637 /* 638 * Verify user selected cipher is also available in kernel. 639 * 640 * While traversing kernel list of mechs, if the cipher is supported in the 641 * kernel for both encryption and decryption, it also picks up the min/max 642 * key size. 643 */ 644 static boolean_t 645 kernel_cipher_check(mech_alias_t *cipher) 646 { 647 boolean_t ciph_ok = B_FALSE; 648 boolean_t iv_ok = B_FALSE; 649 int i; 650 int count; 651 crypto_get_mechanism_list_t *kciphers = NULL; 652 crypto_get_all_mechanism_info_t *kinfo = NULL; 653 int fd = -1; 654 size_t keymin; 655 size_t keymax; 656 657 /* if cipher doesn't need iv generating mech, bypass that check now */ 658 if (cipher->iv_name == NULL) 659 iv_ok = B_TRUE; 660 661 /* allocate some space for the list of kernel ciphers */ 662 count = DEFAULT_CIPHER_NUM; 663 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) + 664 sizeof (crypto_mech_name_t) * (count - 1)); 665 if (kciphers == NULL) 666 die(gettext("failed to allocate memory for list of " 667 "kernel mechanisms")); 668 kciphers->ml_count = count; 669 670 /* query crypto device to get list of kernel ciphers */ 671 if ((fd = open("/dev/crypto", O_RDWR)) == -1) { 672 warn(gettext("failed to open %s"), "/dev/crypto"); 673 goto kcc_out; 674 } 675 676 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) { 677 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed")); 678 goto kcc_out; 679 } 680 681 if (kciphers->ml_return_value == CRYPTO_BUFFER_TOO_SMALL) { 682 count = kciphers->ml_count; 683 free(kciphers); 684 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) + 685 sizeof (crypto_mech_name_t) * (count - 1)); 686 if (kciphers == NULL) { 687 warn(gettext("failed to allocate memory for list of " 688 "kernel mechanisms")); 689 goto kcc_out; 690 } 691 kciphers->ml_count = count; 692 693 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) { 694 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed")); 695 goto kcc_out; 696 } 697 } 698 699 if (kciphers->ml_return_value != CRYPTO_SUCCESS) { 700 warn(gettext( 701 "CRYPTO_GET_MECHANISM_LIST ioctl return value = %d\n"), 702 kciphers->ml_return_value); 703 goto kcc_out; 704 } 705 706 /* 707 * scan list of kernel ciphers looking for the selected one and if 708 * it needs an iv generated using another cipher, also look for that 709 * additional cipher to be used for generating the iv 710 */ 711 count = kciphers->ml_count; 712 for (i = 0; i < count && !(ciph_ok && iv_ok); i++) { 713 if (!ciph_ok && 714 strcasecmp(cipher->name, kciphers->ml_list[i]) == 0) 715 ciph_ok = B_TRUE; 716 if (!iv_ok && 717 strcasecmp(cipher->iv_name, kciphers->ml_list[i]) == 0) 718 iv_ok = B_TRUE; 719 } 720 free(kciphers); 721 kciphers = NULL; 722 723 if (!ciph_ok) 724 warn(gettext("%s mechanism not supported in kernel\n"), 725 cipher->name); 726 if (!iv_ok) 727 warn(gettext("%s mechanism not supported in kernel\n"), 728 cipher->iv_name); 729 730 if (ciph_ok) { 731 /* Get the details about the user selected cipher */ 732 count = DEFAULT_MECHINFO_NUM; 733 kinfo = malloc(sizeof (crypto_get_all_mechanism_info_t) + 734 sizeof (crypto_mechanism_info_t) * (count - 1)); 735 if (kinfo == NULL) { 736 warn(gettext("failed to allocate memory for " 737 "kernel mechanism info")); 738 goto kcc_out; 739 } 740 kinfo->mi_count = count; 741 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name, 742 CRYPTO_MAX_MECH_NAME); 743 744 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) == -1) { 745 warn(gettext( 746 "CRYPTO_GET_ALL_MECHANISM_INFO ioctl failed")); 747 goto kcc_out; 748 } 749 750 if (kinfo->mi_return_value == CRYPTO_BUFFER_TOO_SMALL) { 751 count = kinfo->mi_count; 752 free(kinfo); 753 kinfo = malloc( 754 sizeof (crypto_get_all_mechanism_info_t) + 755 sizeof (crypto_mechanism_info_t) * (count - 1)); 756 if (kinfo == NULL) { 757 warn(gettext("failed to allocate memory for " 758 "kernel mechanism info")); 759 goto kcc_out; 760 } 761 kinfo->mi_count = count; 762 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name, 763 CRYPTO_MAX_MECH_NAME); 764 765 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) == 766 -1) { 767 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO " 768 "ioctl failed")); 769 goto kcc_out; 770 } 771 } 772 773 if (kinfo->mi_return_value != CRYPTO_SUCCESS) { 774 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO ioctl " 775 "return value = %d\n"), kinfo->mi_return_value); 776 goto kcc_out; 777 } 778 779 /* Set key min and max size */ 780 count = kinfo->mi_count; 781 i = 0; 782 if (i < count) { 783 keymin = kinfo->mi_list[i].mi_min_key_size; 784 keymax = kinfo->mi_list[i].mi_max_key_size; 785 if (kinfo->mi_list[i].mi_keysize_unit & 786 CRYPTO_KEYSIZE_UNIT_IN_BITS) { 787 keymin = CRYPTO_BITS2BYTES(keymin); 788 keymax = CRYPTO_BITS2BYTES(keymax); 789 790 } 791 cipher->min_keysize = keymin; 792 cipher->max_keysize = keymax; 793 } 794 free(kinfo); 795 kinfo = NULL; 796 797 if (i == count) { 798 (void) close(fd); 799 die(gettext( 800 "failed to find usable %s kernel mechanism, " 801 "use \"cryptoadm list -m\" to find available " 802 "mechanisms\n"), 803 cipher->name); 804 } 805 } 806 807 /* Note: key min/max, unit size, usage for iv cipher are not checked. */ 808 809 return (ciph_ok && iv_ok); 810 811 kcc_out: 812 if (kinfo != NULL) 813 free(kinfo); 814 if (kciphers != NULL) 815 free(kciphers); 816 if (fd != -1) 817 (void) close(fd); 818 return (B_FALSE); 819 } 820 821 /* 822 * Break up token spec into its components (non-destructive) 823 */ 824 static token_spec_t * 825 parsetoken(char *spec) 826 { 827 #define FLD_NAME 0 828 #define FLD_MANUF 1 829 #define FLD_SERIAL 2 830 #define FLD_LABEL 3 831 #define NFIELDS 4 832 #define nullfield(i) ((field[(i)+1] - field[(i)]) <= 1) 833 #define copyfield(fld, i) \ 834 { \ 835 int n; \ 836 (fld) = NULL; \ 837 if ((n = (field[(i)+1] - field[(i)])) > 1) { \ 838 if (((fld) = malloc(n)) != NULL) { \ 839 (void) strncpy((fld), field[(i)], n); \ 840 ((fld))[n - 1] = '\0'; \ 841 } \ 842 } \ 843 } 844 845 int i; 846 char *field[NFIELDS + 1]; /* +1 to catch extra delimiters */ 847 token_spec_t *ti = NULL; 848 849 if (spec == NULL) 850 return (NULL); 851 852 /* 853 * Correct format is "[name]:[manuf]:[serial]:key". Can't use 854 * strtok because it treats ":::key" and "key:::" and "key" all 855 * as the same thing, and we can't have the :s compressed away. 856 */ 857 field[0] = spec; 858 for (i = 1; i < NFIELDS + 1; i++) { 859 field[i] = strchr(field[i-1], ':'); 860 if (field[i] == NULL) 861 break; 862 field[i]++; 863 } 864 if (i < NFIELDS) /* not enough fields */ 865 return (NULL); 866 if (field[NFIELDS] != NULL) /* too many fields */ 867 return (NULL); 868 field[NFIELDS] = strchr(field[NFIELDS-1], '\0') + 1; 869 870 /* key label can't be empty */ 871 if (nullfield(FLD_LABEL)) 872 return (NULL); 873 874 ti = malloc(sizeof (token_spec_t)); 875 if (ti == NULL) 876 return (NULL); 877 878 copyfield(ti->name, FLD_NAME); 879 copyfield(ti->mfr, FLD_MANUF); 880 copyfield(ti->serno, FLD_SERIAL); 881 copyfield(ti->key, FLD_LABEL); 882 883 /* 884 * If token specified and it only contains a key label, then 885 * search all tokens for the key, otherwise only those with 886 * matching name, mfr, and serno are used. 887 */ 888 /* 889 * That's how we'd like it to be, however, if only the key label 890 * is specified, default to using softtoken. It's easier. 891 */ 892 if (ti->name == NULL && ti->mfr == NULL && ti->serno == NULL) 893 ti->name = strdup(pkcs11_default_token()); 894 return (ti); 895 } 896 897 /* 898 * PBE the passphrase into a raw key 899 */ 900 static void 901 getkeyfromuser(mech_alias_t *cipher, char **raw_key, size_t *raw_key_sz) 902 { 903 CK_SESSION_HANDLE sess; 904 CK_RV rv; 905 char *pass = NULL; 906 size_t passlen = 0; 907 void *salt = NULL; /* don't use NULL, see note on salt below */ 908 size_t saltlen = 0; 909 CK_KEY_TYPE ktype; 910 void *kvalue; 911 size_t klen; 912 913 /* did init_crypto find a slot that supports this cipher? */ 914 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) { 915 rv = CKR_MECHANISM_INVALID; 916 goto cleanup; 917 } 918 919 rv = pkcs11_mech2keytype(cipher->type, &ktype); 920 if (rv != CKR_OK) 921 goto cleanup; 922 923 /* 924 * use the passphrase to generate a PBE PKCS#5 secret key and 925 * retrieve the raw key data to eventually pass it to the kernel; 926 */ 927 rv = C_OpenSession(cipher->slot, CKF_SERIAL_SESSION, NULL, NULL, &sess); 928 if (rv != CKR_OK) 929 goto cleanup; 930 931 /* get user passphrase with 8 byte minimum */ 932 if (pkcs11_get_pass(NULL, &pass, &passlen, MIN_PASSLEN, B_TRUE) < 0) { 933 die(gettext("passphrases do not match\n")); 934 } 935 936 /* 937 * salt should not be NULL, or else pkcs11_PasswdToKey() will 938 * complain about CKR_MECHANISM_PARAM_INVALID; the following is 939 * to make up for not having a salt until a proper one is used 940 */ 941 salt = pass; 942 saltlen = passlen; 943 944 klen = cipher->max_keysize; 945 rv = pkcs11_PasswdToKey(sess, pass, passlen, salt, saltlen, ktype, 946 cipher->max_keysize, &kvalue, &klen); 947 948 (void) C_CloseSession(sess); 949 950 if (rv != CKR_OK) { 951 goto cleanup; 952 } 953 954 /* assert(klen == cipher->max_keysize); */ 955 *raw_key_sz = klen; 956 *raw_key = (char *)kvalue; 957 return; 958 959 cleanup: 960 die(gettext("failed to generate %s key from passphrase: %s"), 961 cipher->alias, pkcs11_strerror(rv)); 962 } 963 964 /* 965 * Read raw key from file; also handles ephemeral keys. 966 */ 967 void 968 getkeyfromfile(const char *pathname, mech_alias_t *cipher, char **key, 969 size_t *ksz) 970 { 971 int fd; 972 struct stat sbuf; 973 boolean_t notplain = B_FALSE; 974 ssize_t cursz; 975 ssize_t nread; 976 977 /* ephemeral keys are just random data */ 978 if (pathname == NULL) { 979 *ksz = cipher->max_keysize; 980 *key = malloc(*ksz); 981 if (*key == NULL) 982 die(gettext("failed to allocate memory for" 983 " ephemeral key")); 984 if (pkcs11_get_urandom(*key, *ksz) < 0) { 985 free(*key); 986 die(gettext("failed to get enough random data")); 987 } 988 return; 989 } 990 991 /* 992 * If the remaining section of code didn't also check for secure keyfile 993 * permissions and whether the key is within cipher min and max lengths, 994 * (or, if those things moved out of this block), we could have had: 995 * if (pkcs11_read_data(pathname, key, ksz) < 0) 996 * handle_error(); 997 */ 998 999 if ((fd = open(pathname, O_RDONLY, 0)) == -1) 1000 die(gettext("open of keyfile (%s) failed"), pathname); 1001 1002 if (fstat(fd, &sbuf) == -1) 1003 die(gettext("fstat of keyfile (%s) failed"), pathname); 1004 1005 if (S_ISREG(sbuf.st_mode)) { 1006 if ((sbuf.st_mode & (S_IWGRP | S_IWOTH)) != 0) 1007 die(gettext("insecure permissions on keyfile %s\n"), 1008 pathname); 1009 1010 *ksz = sbuf.st_size; 1011 if (*ksz < cipher->min_keysize || cipher->max_keysize < *ksz) { 1012 warn(gettext("%s: invalid keysize: %d\n"), 1013 pathname, (int)*ksz); 1014 die(gettext("\t%d <= keysize <= %d\n"), 1015 cipher->min_keysize, cipher->max_keysize); 1016 } 1017 } else { 1018 *ksz = cipher->max_keysize; 1019 notplain = B_TRUE; 1020 } 1021 1022 *key = malloc(*ksz); 1023 if (*key == NULL) 1024 die(gettext("failed to allocate memory for key from file")); 1025 1026 for (cursz = 0, nread = 0; cursz < *ksz; cursz += nread) { 1027 nread = read(fd, *key, *ksz); 1028 if (nread > 0) 1029 continue; 1030 /* 1031 * nread == 0. If it's not a regular file we were trying to 1032 * get the maximum keysize of data possible for this cipher. 1033 * But if we've got at least the minimum keysize of data, 1034 * round down to the nearest keysize unit and call it good. 1035 * If we haven't met the minimum keysize, that's an error. 1036 * If it's a regular file, nread = 0 is also an error. 1037 */ 1038 if (nread == 0 && notplain && cursz >= cipher->min_keysize) { 1039 *ksz = (cursz / cipher->min_keysize) * 1040 cipher->min_keysize; 1041 break; 1042 } 1043 die(gettext("%s: can't read all keybytes"), pathname); 1044 } 1045 (void) close(fd); 1046 } 1047 1048 /* 1049 * Read the raw key from token, or from a file that was wrapped with a 1050 * key from token 1051 */ 1052 void 1053 getkeyfromtoken(CK_SESSION_HANDLE sess, 1054 token_spec_t *token, const char *keyfile, mech_alias_t *cipher, 1055 char **raw_key, size_t *raw_key_sz) 1056 { 1057 CK_RV rv = CKR_OK; 1058 CK_BBOOL trueval = B_TRUE; 1059 CK_OBJECT_CLASS kclass; /* secret key or RSA private key */ 1060 CK_KEY_TYPE ktype; /* from selected cipher or CKK_RSA */ 1061 CK_KEY_TYPE raw_ktype; /* from selected cipher */ 1062 CK_ATTRIBUTE key_tmpl[] = { 1063 { CKA_CLASS, NULL, 0 }, /* re-used for token key and unwrap */ 1064 { CKA_KEY_TYPE, NULL, 0 }, /* ditto */ 1065 { CKA_LABEL, NULL, 0 }, 1066 { CKA_TOKEN, NULL, 0 }, 1067 { CKA_PRIVATE, NULL, 0 } 1068 }; 1069 CK_ULONG attrs = sizeof (key_tmpl) / sizeof (CK_ATTRIBUTE); 1070 int i; 1071 char *pass = NULL; 1072 size_t passlen = 0; 1073 CK_OBJECT_HANDLE obj, rawobj; 1074 CK_ULONG num_objs = 1; /* just want to find 1 token key */ 1075 CK_MECHANISM unwrap = { CKM_RSA_PKCS, NULL, 0 }; 1076 char *rkey; 1077 size_t rksz; 1078 1079 if (token == NULL || token->key == NULL) 1080 return; 1081 1082 /* did init_crypto find a slot that supports this cipher? */ 1083 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) { 1084 die(gettext("failed to find any cryptographic provider, " 1085 "use \"cryptoadm list -p\" to find providers: %s\n"), 1086 pkcs11_strerror(CKR_MECHANISM_INVALID)); 1087 } 1088 1089 if (pkcs11_get_pass(token->name, &pass, &passlen, 0, B_FALSE) < 0) 1090 die(gettext("unable to get passphrase")); 1091 1092 /* use passphrase to login to token */ 1093 if (pass != NULL && passlen > 0) { 1094 rv = C_Login(sess, CKU_USER, (CK_UTF8CHAR_PTR)pass, passlen); 1095 if (rv != CKR_OK) { 1096 die(gettext("cannot login to the token %s: %s\n"), 1097 token->name, pkcs11_strerror(rv)); 1098 } 1099 } 1100 1101 rv = pkcs11_mech2keytype(cipher->type, &raw_ktype); 1102 if (rv != CKR_OK) { 1103 die(gettext("failed to get key type for cipher %s: %s\n"), 1104 cipher->name, pkcs11_strerror(rv)); 1105 } 1106 1107 /* 1108 * If no keyfile was given, then the token key is secret key to 1109 * be used for encryption/decryption. Otherwise, the keyfile 1110 * contains a wrapped secret key, and the token is actually the 1111 * unwrapping RSA private key. 1112 */ 1113 if (keyfile == NULL) { 1114 kclass = CKO_SECRET_KEY; 1115 ktype = raw_ktype; 1116 } else { 1117 kclass = CKO_PRIVATE_KEY; 1118 ktype = CKK_RSA; 1119 } 1120 1121 /* Find the key in the token first */ 1122 for (i = 0; i < attrs; i++) { 1123 switch (key_tmpl[i].type) { 1124 case CKA_CLASS: 1125 key_tmpl[i].pValue = &kclass; 1126 key_tmpl[i].ulValueLen = sizeof (kclass); 1127 break; 1128 case CKA_KEY_TYPE: 1129 key_tmpl[i].pValue = &ktype; 1130 key_tmpl[i].ulValueLen = sizeof (ktype); 1131 break; 1132 case CKA_LABEL: 1133 key_tmpl[i].pValue = token->key; 1134 key_tmpl[i].ulValueLen = strlen(token->key); 1135 break; 1136 case CKA_TOKEN: 1137 key_tmpl[i].pValue = &trueval; 1138 key_tmpl[i].ulValueLen = sizeof (trueval); 1139 break; 1140 case CKA_PRIVATE: 1141 key_tmpl[i].pValue = &trueval; 1142 key_tmpl[i].ulValueLen = sizeof (trueval); 1143 break; 1144 default: 1145 break; 1146 } 1147 } 1148 rv = C_FindObjectsInit(sess, key_tmpl, attrs); 1149 if (rv != CKR_OK) 1150 die(gettext("cannot find key %s: %s\n"), token->key, 1151 pkcs11_strerror(rv)); 1152 rv = C_FindObjects(sess, &obj, 1, &num_objs); 1153 (void) C_FindObjectsFinal(sess); 1154 1155 if (num_objs == 0) { 1156 die(gettext("cannot find key %s\n"), token->key); 1157 } else if (rv != CKR_OK) { 1158 die(gettext("cannot find key %s: %s\n"), token->key, 1159 pkcs11_strerror(rv)); 1160 } 1161 1162 /* 1163 * No keyfile means when token key is found, convert it to raw key, 1164 * and done. Otherwise still need do an unwrap to create yet another 1165 * obj and that needs to be converted to raw key before we're done. 1166 */ 1167 if (keyfile == NULL) { 1168 /* obj contains raw key, extract it */ 1169 rv = pkcs11_ObjectToKey(sess, obj, (void **)&rkey, &rksz, 1170 B_FALSE); 1171 if (rv != CKR_OK) { 1172 die(gettext("failed to get key value for %s" 1173 " from token %s, %s\n"), token->key, 1174 token->name, pkcs11_strerror(rv)); 1175 } 1176 } else { 1177 getkeyfromfile(keyfile, cipher, &rkey, &rksz); 1178 1179 /* 1180 * Got the wrapping RSA obj and the wrapped key from file. 1181 * Unwrap the key from file with RSA obj to get rawkey obj. 1182 */ 1183 1184 /* re-use the first two attributes of key_tmpl */ 1185 kclass = CKO_SECRET_KEY; 1186 ktype = raw_ktype; 1187 1188 rv = C_UnwrapKey(sess, &unwrap, obj, (CK_BYTE_PTR)rkey, 1189 rksz, key_tmpl, 2, &rawobj); 1190 if (rv != CKR_OK) { 1191 die(gettext("failed to unwrap key in keyfile %s," 1192 " %s\n"), keyfile, pkcs11_strerror(rv)); 1193 } 1194 /* rawobj contains raw key, extract it */ 1195 rv = pkcs11_ObjectToKey(sess, rawobj, (void **)&rkey, &rksz, 1196 B_TRUE); 1197 if (rv != CKR_OK) { 1198 die(gettext("failed to get unwrapped key value for" 1199 " key in keyfile %s, %s\n"), keyfile, 1200 pkcs11_strerror(rv)); 1201 } 1202 } 1203 1204 /* validate raw key size */ 1205 if (rksz < cipher->min_keysize || cipher->max_keysize < rksz) { 1206 warn(gettext("%s: invalid keysize: %d\n"), keyfile, (int)rksz); 1207 die(gettext("\t%d <= keysize <= %d\n"), cipher->min_keysize, 1208 cipher->max_keysize); 1209 } 1210 1211 *raw_key_sz = rksz; 1212 *raw_key = (char *)rkey; 1213 } 1214 1215 /* 1216 * Set up cipher key limits and verify PKCS#11 can be done 1217 * match_token_cipher is the function pointer used by 1218 * pkcs11_GetCriteriaSession() init_crypto. 1219 */ 1220 boolean_t 1221 match_token_cipher(CK_SLOT_ID slot_id, void *args, CK_RV *rv) 1222 { 1223 token_spec_t *token; 1224 mech_alias_t *cipher; 1225 CK_TOKEN_INFO tokinfo; 1226 CK_MECHANISM_INFO mechinfo; 1227 boolean_t token_match; 1228 1229 /* 1230 * While traversing slot list, pick up the following info per slot: 1231 * - if token specified, whether it matches this slot's token info 1232 * - if the slot supports the PKCS#5 PBKD2 cipher 1233 * 1234 * If the user said on the command line 1235 * -T tok:mfr:ser:lab -k keyfile 1236 * -c cipher -T tok:mfr:ser:lab -k keyfile 1237 * the given cipher or the default cipher apply to keyfile, 1238 * If the user said instead 1239 * -T tok:mfr:ser:lab 1240 * -c cipher -T tok:mfr:ser:lab 1241 * the key named "lab" may or may not agree with the given 1242 * cipher or the default cipher. In those cases, cipher will 1243 * be overridden with the actual cipher type of the key "lab". 1244 */ 1245 *rv = CKR_FUNCTION_FAILED; 1246 1247 if (args == NULL) { 1248 return (B_FALSE); 1249 } 1250 1251 cipher = (mech_alias_t *)args; 1252 token = cipher->token; 1253 1254 if (C_GetMechanismInfo(slot_id, cipher->type, &mechinfo) != CKR_OK) { 1255 return (B_FALSE); 1256 } 1257 1258 if (token == NULL) { 1259 if (C_GetMechanismInfo(slot_id, CKM_PKCS5_PBKD2, &mechinfo) != 1260 CKR_OK) { 1261 return (B_FALSE); 1262 } 1263 goto foundit; 1264 } 1265 1266 /* does the token match the token spec? */ 1267 if (token->key == NULL || (C_GetTokenInfo(slot_id, &tokinfo) != CKR_OK)) 1268 return (B_FALSE); 1269 1270 token_match = B_TRUE; 1271 1272 if (token->name != NULL && (token->name)[0] != '\0' && 1273 strncmp((char *)token->name, (char *)tokinfo.label, 1274 TOKEN_LABEL_SIZE) != 0) 1275 token_match = B_FALSE; 1276 if (token->mfr != NULL && (token->mfr)[0] != '\0' && 1277 strncmp((char *)token->mfr, (char *)tokinfo.manufacturerID, 1278 TOKEN_MANUFACTURER_SIZE) != 0) 1279 token_match = B_FALSE; 1280 if (token->serno != NULL && (token->serno)[0] != '\0' && 1281 strncmp((char *)token->serno, (char *)tokinfo.serialNumber, 1282 TOKEN_SERIAL_SIZE) != 0) 1283 token_match = B_FALSE; 1284 1285 if (!token_match) 1286 return (B_FALSE); 1287 1288 foundit: 1289 cipher->slot = slot_id; 1290 return (B_TRUE); 1291 } 1292 1293 /* 1294 * Clean up crypto loose ends 1295 */ 1296 static void 1297 end_crypto(CK_SESSION_HANDLE sess) 1298 { 1299 (void) C_CloseSession(sess); 1300 (void) C_Finalize(NULL); 1301 } 1302 1303 /* 1304 * Set up crypto, opening session on slot that matches token and cipher 1305 */ 1306 static void 1307 init_crypto(token_spec_t *token, mech_alias_t *cipher, 1308 CK_SESSION_HANDLE_PTR sess) 1309 { 1310 CK_RV rv; 1311 1312 cipher->token = token; 1313 1314 /* Turn off Metaslot so that we can see actual tokens */ 1315 if (setenv("METASLOT_ENABLED", "false", 1) < 0) { 1316 die(gettext("could not disable Metaslot")); 1317 } 1318 1319 rv = pkcs11_GetCriteriaSession(match_token_cipher, (void *)cipher, 1320 sess); 1321 if (rv != CKR_OK) { 1322 end_crypto(*sess); 1323 if (rv == CKR_HOST_MEMORY) { 1324 die("malloc"); 1325 } 1326 die(gettext("failed to find any cryptographic provider, " 1327 "use \"cryptoadm list -p\" to find providers: %s\n"), 1328 pkcs11_strerror(rv)); 1329 } 1330 } 1331 1332 /* 1333 * Uncompress a file. 1334 * 1335 * First map the file in to establish a device 1336 * association, then read from it. On-the-fly 1337 * decompression will automatically uncompress 1338 * the file if it's compressed 1339 * 1340 * If the file is mapped and a device association 1341 * has been established, disallow uncompressing 1342 * the file until it is unmapped. 1343 */ 1344 static void 1345 lofi_uncompress(int lfd, const char *filename) 1346 { 1347 struct lofi_ioctl li; 1348 char buf[MAXBSIZE]; 1349 char devicename[32]; 1350 char tmpfilename[MAXPATHLEN]; 1351 char *x; 1352 char *dir = NULL; 1353 char *file = NULL; 1354 int minor = 0; 1355 struct stat64 statbuf; 1356 int compfd = -1; 1357 int uncompfd = -1; 1358 ssize_t rbytes; 1359 1360 /* 1361 * Disallow uncompressing the file if it is 1362 * already mapped. 1363 */ 1364 li.li_crypto_enabled = B_FALSE; 1365 li.li_id = 0; 1366 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename)); 1367 if (ioctl(lfd, LOFI_GET_MINOR, &li) != -1) 1368 die(gettext("%s must be unmapped before uncompressing"), 1369 filename); 1370 1371 /* Zero length files don't need to be uncompressed */ 1372 if (stat64(filename, &statbuf) == -1) 1373 die(gettext("stat: %s"), filename); 1374 if (statbuf.st_size == 0) 1375 return; 1376 1377 minor = lofi_map_file(lfd, &li, filename); 1378 (void) snprintf(devicename, sizeof (devicename), "/dev/%s/%d", 1379 LOFI_BLOCK_NAME, minor); 1380 1381 /* If the file isn't compressed, we just return */ 1382 if ((ioctl(lfd, LOFI_CHECK_COMPRESSED, &li) == -1) || 1383 (li.li_algorithm[0] == '\0')) { 1384 delete_mapping(lfd, devicename, filename, B_TRUE); 1385 die("%s is not compressed\n", filename); 1386 } 1387 1388 if ((compfd = open64(devicename, O_RDONLY | O_NONBLOCK)) == -1) { 1389 delete_mapping(lfd, devicename, filename, B_TRUE); 1390 die(gettext("open: %s"), filename); 1391 } 1392 /* Create a temp file in the same directory */ 1393 x = strdup(filename); 1394 dir = strdup(dirname(x)); 1395 free(x); 1396 x = strdup(filename); 1397 file = strdup(basename(x)); 1398 free(x); 1399 (void) snprintf(tmpfilename, sizeof (tmpfilename), 1400 "%s/.%sXXXXXX", dir, file); 1401 free(dir); 1402 free(file); 1403 1404 if ((uncompfd = mkstemp64(tmpfilename)) == -1) { 1405 (void) close(compfd); 1406 delete_mapping(lfd, devicename, filename, B_TRUE); 1407 die("%s could not be uncompressed\n", filename); 1408 } 1409 1410 /* 1411 * Set the mode bits and the owner of this temporary 1412 * file to be that of the original uncompressed file 1413 */ 1414 (void) fchmod(uncompfd, statbuf.st_mode); 1415 1416 if (fchown(uncompfd, statbuf.st_uid, statbuf.st_gid) == -1) { 1417 (void) close(compfd); 1418 (void) close(uncompfd); 1419 delete_mapping(lfd, devicename, filename, B_TRUE); 1420 die("%s could not be uncompressed\n", filename); 1421 } 1422 1423 /* Now read from the device in MAXBSIZE-sized chunks */ 1424 for (;;) { 1425 rbytes = read(compfd, buf, sizeof (buf)); 1426 1427 if (rbytes <= 0) 1428 break; 1429 1430 if (write(uncompfd, buf, rbytes) != rbytes) { 1431 rbytes = -1; 1432 break; 1433 } 1434 } 1435 1436 (void) close(compfd); 1437 (void) close(uncompfd); 1438 1439 /* Delete the mapping */ 1440 delete_mapping(lfd, devicename, filename, B_TRUE); 1441 1442 /* 1443 * If an error occured while reading or writing, rbytes will 1444 * be negative 1445 */ 1446 if (rbytes < 0) { 1447 (void) unlink(tmpfilename); 1448 die(gettext("could not read from %s"), filename); 1449 } 1450 1451 /* Rename the temp file to the actual file */ 1452 if (rename(tmpfilename, filename) == -1) 1453 (void) unlink(tmpfilename); 1454 } 1455 1456 /* 1457 * Compress a file 1458 */ 1459 static void 1460 lofi_compress(int *lfd, const char *filename, int compress_index, 1461 uint32_t segsize) 1462 { 1463 struct lofi_ioctl lic; 1464 lofi_compress_info_t *li; 1465 struct flock lock; 1466 char tmpfilename[MAXPATHLEN]; 1467 char comp_filename[MAXPATHLEN]; 1468 char algorithm[MAXALGLEN]; 1469 char *x; 1470 char *dir = NULL, *file = NULL; 1471 uchar_t *uncompressed_seg = NULL; 1472 uchar_t *compressed_seg = NULL; 1473 uint32_t compressed_segsize; 1474 uint32_t len_compressed, count; 1475 uint32_t index_entries, index_sz; 1476 uint64_t *index = NULL; 1477 uint64_t offset; 1478 size_t real_segsize; 1479 struct stat64 statbuf; 1480 int compfd = -1, uncompfd = -1; 1481 int tfd = -1; 1482 ssize_t rbytes, wbytes, lastread; 1483 int i, type; 1484 1485 /* 1486 * Disallow compressing the file if it is 1487 * already mapped 1488 */ 1489 lic.li_id = 0; 1490 (void) strlcpy(lic.li_filename, filename, sizeof (lic.li_filename)); 1491 if (ioctl(*lfd, LOFI_GET_MINOR, &lic) != -1) 1492 die(gettext("%s must be unmapped before compressing"), 1493 filename); 1494 1495 /* 1496 * Close the control device so other operations 1497 * can use it 1498 */ 1499 (void) close(*lfd); 1500 *lfd = -1; 1501 1502 li = &lofi_compress_table[compress_index]; 1503 1504 /* 1505 * The size of the buffer to hold compressed data must 1506 * be slightly larger than the compressed segment size. 1507 * 1508 * The compress functions use part of the buffer as 1509 * scratch space to do calculations. 1510 * Ref: http://www.zlib.net/manual.html#compress2 1511 */ 1512 compressed_segsize = segsize + (segsize >> 6); 1513 compressed_seg = (uchar_t *)malloc(compressed_segsize + SEGHDR); 1514 uncompressed_seg = (uchar_t *)malloc(segsize); 1515 1516 if (compressed_seg == NULL || uncompressed_seg == NULL) 1517 die(gettext("No memory")); 1518 1519 if ((uncompfd = open64(filename, O_RDWR|O_LARGEFILE, 0)) == -1) 1520 die(gettext("open: %s"), filename); 1521 1522 lock.l_type = F_WRLCK; 1523 lock.l_whence = SEEK_SET; 1524 lock.l_start = 0; 1525 lock.l_len = 0; 1526 1527 /* 1528 * Use an advisory lock to ensure that only a 1529 * single lofiadm process compresses a given 1530 * file at any given time 1531 * 1532 * A close on the file descriptor automatically 1533 * closes all lock state on the file 1534 */ 1535 if (fcntl(uncompfd, F_SETLKW, &lock) == -1) 1536 die(gettext("fcntl: %s"), filename); 1537 1538 if (fstat64(uncompfd, &statbuf) == -1) { 1539 (void) close(uncompfd); 1540 die(gettext("fstat: %s"), filename); 1541 } 1542 1543 /* Zero length files don't need to be compressed */ 1544 if (statbuf.st_size == 0) { 1545 (void) close(uncompfd); 1546 return; 1547 } 1548 1549 /* 1550 * Create temporary files in the same directory that 1551 * will hold the intermediate data 1552 */ 1553 x = strdup(filename); 1554 dir = strdup(dirname(x)); 1555 free(x); 1556 x = strdup(filename); 1557 file = strdup(basename(x)); 1558 free(x); 1559 (void) snprintf(tmpfilename, sizeof (tmpfilename), 1560 "%s/.%sXXXXXX", dir, file); 1561 (void) snprintf(comp_filename, sizeof (comp_filename), 1562 "%s/.%sXXXXXX", dir, file); 1563 free(dir); 1564 free(file); 1565 1566 if ((tfd = mkstemp64(tmpfilename)) == -1) 1567 goto cleanup; 1568 1569 if ((compfd = mkstemp64(comp_filename)) == -1) 1570 goto cleanup; 1571 1572 /* 1573 * Set the mode bits and owner of the compressed 1574 * file to be that of the original uncompressed file 1575 */ 1576 (void) fchmod(compfd, statbuf.st_mode); 1577 1578 if (fchown(compfd, statbuf.st_uid, statbuf.st_gid) == -1) 1579 goto cleanup; 1580 1581 /* 1582 * Calculate the number of index entries required. 1583 * index entries are stored as an array. adding 1584 * a '2' here accounts for the fact that the last 1585 * segment may not be a multiple of the segment size 1586 */ 1587 index_sz = (statbuf.st_size / segsize) + 2; 1588 index = malloc(sizeof (*index) * index_sz); 1589 1590 if (index == NULL) 1591 goto cleanup; 1592 1593 offset = 0; 1594 lastread = segsize; 1595 count = 0; 1596 1597 /* 1598 * Now read from the uncompressed file in 'segsize' 1599 * sized chunks, compress what was read in and 1600 * write it out to a temporary file 1601 */ 1602 for (;;) { 1603 rbytes = read(uncompfd, uncompressed_seg, segsize); 1604 1605 if (rbytes <= 0) 1606 break; 1607 1608 if (lastread < segsize) 1609 goto cleanup; 1610 1611 /* 1612 * Account for the first byte that 1613 * indicates whether a segment is 1614 * compressed or not 1615 */ 1616 real_segsize = segsize - 1; 1617 (void) li->l_compress(uncompressed_seg, rbytes, 1618 compressed_seg + SEGHDR, &real_segsize, li->l_level); 1619 1620 /* 1621 * If the length of the compressed data is more 1622 * than a threshold then there isn't any benefit 1623 * to be had from compressing this segment - leave 1624 * it uncompressed. 1625 * 1626 * NB. In case an error occurs during compression (above) 1627 * the 'real_segsize' isn't changed. The logic below 1628 * ensures that that segment is left uncompressed. 1629 */ 1630 len_compressed = real_segsize; 1631 if (segsize <= COMPRESS_THRESHOLD || 1632 real_segsize > (segsize - COMPRESS_THRESHOLD)) { 1633 (void) memcpy(compressed_seg + SEGHDR, uncompressed_seg, 1634 rbytes); 1635 type = UNCOMPRESSED; 1636 len_compressed = rbytes; 1637 } else { 1638 type = COMPRESSED; 1639 } 1640 1641 /* 1642 * Set the first byte or the SEGHDR to 1643 * indicate if it's compressed or not 1644 */ 1645 *compressed_seg = type; 1646 wbytes = write(tfd, compressed_seg, len_compressed + SEGHDR); 1647 if (wbytes != (len_compressed + SEGHDR)) { 1648 rbytes = -1; 1649 break; 1650 } 1651 1652 index[count] = BE_64(offset); 1653 offset += wbytes; 1654 lastread = rbytes; 1655 count++; 1656 } 1657 1658 (void) close(uncompfd); 1659 1660 if (rbytes < 0) 1661 goto cleanup; 1662 /* 1663 * The last index entry is a sentinel entry. It does not point to 1664 * an actual compressed segment but helps in computing the size of 1665 * the compressed segment. The size of each compressed segment is 1666 * computed by subtracting the current index value from the next 1667 * one (the compressed blocks are stored sequentially) 1668 */ 1669 index[count++] = BE_64(offset); 1670 1671 /* 1672 * Now write the compressed data along with the 1673 * header information to this file which will 1674 * later be renamed to the original uncompressed 1675 * file name 1676 * 1677 * The header is as follows - 1678 * 1679 * Signature (name of the compression algorithm) 1680 * Compression segment size (a multiple of 512) 1681 * Number of index entries 1682 * Size of the last block 1683 * The array containing the index entries 1684 * 1685 * the header is always stored in network byte 1686 * order 1687 */ 1688 (void) bzero(algorithm, sizeof (algorithm)); 1689 (void) strlcpy(algorithm, li->l_name, sizeof (algorithm)); 1690 if (write(compfd, algorithm, sizeof (algorithm)) 1691 != sizeof (algorithm)) 1692 goto cleanup; 1693 1694 segsize = htonl(segsize); 1695 if (write(compfd, &segsize, sizeof (segsize)) != sizeof (segsize)) 1696 goto cleanup; 1697 1698 index_entries = htonl(count); 1699 if (write(compfd, &index_entries, sizeof (index_entries)) != 1700 sizeof (index_entries)) 1701 goto cleanup; 1702 1703 lastread = htonl(lastread); 1704 if (write(compfd, &lastread, sizeof (lastread)) != sizeof (lastread)) 1705 goto cleanup; 1706 1707 for (i = 0; i < count; i++) { 1708 if (write(compfd, index + i, sizeof (*index)) != 1709 sizeof (*index)) 1710 goto cleanup; 1711 } 1712 1713 /* Header is written, now write the compressed data */ 1714 if (lseek(tfd, 0, SEEK_SET) != 0) 1715 goto cleanup; 1716 1717 rbytes = wbytes = 0; 1718 1719 for (;;) { 1720 rbytes = read(tfd, compressed_seg, compressed_segsize + SEGHDR); 1721 1722 if (rbytes <= 0) 1723 break; 1724 1725 if (write(compfd, compressed_seg, rbytes) != rbytes) 1726 goto cleanup; 1727 } 1728 1729 if (fstat64(compfd, &statbuf) == -1) 1730 goto cleanup; 1731 1732 /* 1733 * Round up the compressed file size to be a multiple of 1734 * DEV_BSIZE. lofi(7D) likes it that way. 1735 */ 1736 if ((offset = statbuf.st_size % DEV_BSIZE) > 0) { 1737 1738 offset = DEV_BSIZE - offset; 1739 1740 for (i = 0; i < offset; i++) 1741 uncompressed_seg[i] = '\0'; 1742 if (write(compfd, uncompressed_seg, offset) != offset) 1743 goto cleanup; 1744 } 1745 (void) close(compfd); 1746 (void) close(tfd); 1747 (void) unlink(tmpfilename); 1748 cleanup: 1749 if (rbytes < 0) { 1750 if (tfd != -1) 1751 (void) unlink(tmpfilename); 1752 if (compfd != -1) 1753 (void) unlink(comp_filename); 1754 die(gettext("error compressing file %s"), filename); 1755 } else { 1756 /* Rename the compressed file to the actual file */ 1757 if (rename(comp_filename, filename) == -1) { 1758 (void) unlink(comp_filename); 1759 die(gettext("error compressing file %s"), filename); 1760 } 1761 } 1762 if (compressed_seg != NULL) 1763 free(compressed_seg); 1764 if (uncompressed_seg != NULL) 1765 free(uncompressed_seg); 1766 if (index != NULL) 1767 free(index); 1768 if (compfd != -1) 1769 (void) close(compfd); 1770 if (uncompfd != -1) 1771 (void) close(uncompfd); 1772 if (tfd != -1) 1773 (void) close(tfd); 1774 } 1775 1776 static int 1777 lofi_compress_select(const char *algname) 1778 { 1779 int i; 1780 1781 for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) { 1782 if (strcmp(lofi_compress_table[i].l_name, algname) == 0) 1783 return (i); 1784 } 1785 return (-1); 1786 } 1787 1788 static void 1789 check_algorithm_validity(const char *algname, int *compress_index) 1790 { 1791 *compress_index = lofi_compress_select(algname); 1792 if (*compress_index < 0) 1793 die(gettext("invalid algorithm name: %s\n"), algname); 1794 } 1795 1796 static void 1797 check_file_validity(const char *filename) 1798 { 1799 struct stat64 buf; 1800 int error; 1801 int fd; 1802 1803 fd = open64(filename, O_RDONLY); 1804 if (fd == -1) { 1805 die(gettext("open: %s"), filename); 1806 } 1807 error = fstat64(fd, &buf); 1808 if (error == -1) { 1809 die(gettext("fstat: %s"), filename); 1810 } else if (!S_ISLOFIABLE(buf.st_mode)) { 1811 die(gettext("%s is not a regular file, " 1812 "block, or character device\n"), 1813 filename); 1814 } else if ((buf.st_size % DEV_BSIZE) != 0) { 1815 die(gettext("size of %s is not a multiple of %d\n"), 1816 filename, DEV_BSIZE); 1817 } 1818 (void) close(fd); 1819 1820 if (name_to_minor(filename) != 0) { 1821 die(gettext("cannot use %s on itself\n"), LOFI_DRIVER_NAME); 1822 } 1823 } 1824 1825 static uint32_t 1826 convert_to_num(const char *str) 1827 { 1828 int len; 1829 uint32_t segsize, mult = 1; 1830 1831 len = strlen(str); 1832 if (len && isalpha(str[len - 1])) { 1833 switch (str[len - 1]) { 1834 case 'k': 1835 case 'K': 1836 mult = KILOBYTE; 1837 break; 1838 case 'b': 1839 case 'B': 1840 mult = BLOCK_SIZE; 1841 break; 1842 case 'm': 1843 case 'M': 1844 mult = MEGABYTE; 1845 break; 1846 case 'g': 1847 case 'G': 1848 mult = GIGABYTE; 1849 break; 1850 default: 1851 die(gettext("invalid segment size %s\n"), str); 1852 } 1853 } 1854 1855 segsize = atol(str); 1856 segsize *= mult; 1857 1858 return (segsize); 1859 } 1860 1861 int 1862 main(int argc, char *argv[]) 1863 { 1864 int lfd; 1865 int c; 1866 const char *devicename = NULL; 1867 const char *filename = NULL; 1868 const char *algname = COMPRESS_ALGORITHM; 1869 int openflag; 1870 int minor; 1871 int compress_index; 1872 uint32_t segsize = SEGSIZE; 1873 static char *lofictl = "/dev/" LOFI_CTL_NAME; 1874 boolean_t force = B_FALSE; 1875 const char *pname; 1876 boolean_t errflag = B_FALSE; 1877 boolean_t addflag = B_FALSE; 1878 boolean_t labelflag = B_FALSE; 1879 boolean_t rdflag = B_FALSE; 1880 boolean_t deleteflag = B_FALSE; 1881 boolean_t ephflag = B_FALSE; 1882 boolean_t compressflag = B_FALSE; 1883 boolean_t uncompressflag = B_FALSE; 1884 /* the next two work together for -c, -k, -T, -e options only */ 1885 boolean_t need_crypto = B_FALSE; /* if any -c, -k, -T, -e */ 1886 boolean_t cipher_only = B_TRUE; /* if -c only */ 1887 const char *keyfile = NULL; 1888 mech_alias_t *cipher = NULL; 1889 token_spec_t *token = NULL; 1890 char *rkey = NULL; 1891 size_t rksz = 0; 1892 char realfilename[MAXPATHLEN]; 1893 1894 pname = getpname(argv[0]); 1895 1896 (void) setlocale(LC_ALL, ""); 1897 (void) textdomain(TEXT_DOMAIN); 1898 1899 while ((c = getopt(argc, argv, "a:b:c:Cd:efk:lrRs:T:U")) != EOF) { 1900 switch (c) { 1901 case 'a': 1902 addflag = B_TRUE; 1903 if ((filename = realpath(optarg, realfilename)) == NULL) 1904 die("%s", optarg); 1905 if (((argc - optind) > 0) && (*argv[optind] != '-')) { 1906 /* optional device */ 1907 devicename = argv[optind]; 1908 optind++; 1909 } 1910 break; 1911 case 'C': 1912 compressflag = B_TRUE; 1913 if (((argc - optind) > 1) && (*argv[optind] != '-')) { 1914 /* optional algorithm */ 1915 algname = argv[optind]; 1916 optind++; 1917 } 1918 check_algorithm_validity(algname, &compress_index); 1919 break; 1920 case 'c': 1921 /* is the chosen cipher allowed? */ 1922 if ((cipher = ciph2mech(optarg)) == NULL) { 1923 errflag = B_TRUE; 1924 warn(gettext("cipher %s not allowed\n"), 1925 optarg); 1926 } 1927 need_crypto = B_TRUE; 1928 /* cipher_only is already set */ 1929 break; 1930 case 'd': 1931 deleteflag = B_TRUE; 1932 minor = name_to_minor(optarg); 1933 if (minor != 0) 1934 devicename = optarg; 1935 else { 1936 if ((filename = realpath(optarg, 1937 realfilename)) == NULL) 1938 die("%s", optarg); 1939 } 1940 break; 1941 case 'e': 1942 ephflag = B_TRUE; 1943 need_crypto = B_TRUE; 1944 cipher_only = B_FALSE; /* need to unset cipher_only */ 1945 break; 1946 case 'f': 1947 force = B_TRUE; 1948 break; 1949 case 'k': 1950 keyfile = optarg; 1951 need_crypto = B_TRUE; 1952 cipher_only = B_FALSE; /* need to unset cipher_only */ 1953 break; 1954 case 'l': 1955 labelflag = B_TRUE; 1956 break; 1957 case 'r': 1958 rdflag = B_TRUE; 1959 break; 1960 case 's': 1961 segsize = convert_to_num(optarg); 1962 if (segsize < DEV_BSIZE || !ISP2(segsize)) 1963 die(gettext("segment size %s is invalid " 1964 "or not a multiple of minimum block " 1965 "size %ld\n"), optarg, DEV_BSIZE); 1966 break; 1967 case 'T': 1968 if ((token = parsetoken(optarg)) == NULL) { 1969 errflag = B_TRUE; 1970 warn( 1971 gettext("invalid token key specifier %s\n"), 1972 optarg); 1973 } 1974 need_crypto = B_TRUE; 1975 cipher_only = B_FALSE; /* need to unset cipher_only */ 1976 break; 1977 case 'U': 1978 uncompressflag = B_TRUE; 1979 break; 1980 case '?': 1981 default: 1982 errflag = B_TRUE; 1983 break; 1984 } 1985 } 1986 1987 /* Check for mutually exclusive combinations of options */ 1988 if (errflag || 1989 (addflag && deleteflag) || 1990 (labelflag && !addflag) || 1991 (rdflag && !addflag) || 1992 (!addflag && need_crypto) || 1993 (need_crypto && labelflag) || 1994 ((compressflag || uncompressflag) && 1995 (labelflag || addflag || deleteflag))) 1996 usage(pname); 1997 1998 /* ephemeral key, and key from either file or token are incompatible */ 1999 if (ephflag && (keyfile != NULL || token != NULL)) { 2000 die(gettext("ephemeral key cannot be used with keyfile" 2001 " or token key\n")); 2002 } 2003 2004 /* 2005 * "-c" but no "-k", "-T", "-e", or "-T -k" means derive key from 2006 * command line passphrase 2007 */ 2008 2009 switch (argc - optind) { 2010 case 0: /* no more args */ 2011 if (compressflag || uncompressflag) /* needs filename */ 2012 usage(pname); 2013 break; 2014 case 1: 2015 if (addflag || deleteflag) 2016 usage(pname); 2017 /* one arg means compress/uncompress the file ... */ 2018 if (compressflag || uncompressflag) { 2019 if ((filename = realpath(argv[optind], 2020 realfilename)) == NULL) 2021 die("%s", argv[optind]); 2022 /* ... or without options means print the association */ 2023 } else { 2024 minor = name_to_minor(argv[optind]); 2025 if (minor != 0) 2026 devicename = argv[optind]; 2027 else { 2028 if ((filename = realpath(argv[optind], 2029 realfilename)) == NULL) 2030 die("%s", argv[optind]); 2031 } 2032 } 2033 break; 2034 default: 2035 usage(pname); 2036 break; 2037 } 2038 2039 if (addflag || compressflag || uncompressflag) 2040 check_file_validity(filename); 2041 2042 if (filename && !valid_abspath(filename)) 2043 exit(E_ERROR); 2044 2045 /* 2046 * Here, we know the arguments are correct, the filename is an 2047 * absolute path, it exists and is a regular file. We don't yet 2048 * know that the device name is ok or not. 2049 */ 2050 2051 openflag = O_EXCL; 2052 if (addflag || deleteflag || compressflag || uncompressflag) 2053 openflag |= O_RDWR; 2054 else 2055 openflag |= O_RDONLY; 2056 lfd = open(lofictl, openflag); 2057 if (lfd == -1) { 2058 if ((errno == EPERM) || (errno == EACCES)) { 2059 die(gettext("you do not have permission to perform " 2060 "that operation.\n")); 2061 } else { 2062 die(gettext("open: %s"), lofictl); 2063 } 2064 /*NOTREACHED*/ 2065 } 2066 2067 /* 2068 * No passphrase is needed for ephemeral key, or when key is 2069 * in a file and not wrapped by another key from a token. 2070 * However, a passphrase is needed in these cases: 2071 * 1. cipher with no ephemeral key, key file, or token, 2072 * in which case the passphrase is used to build the key 2073 * 2. token with an optional cipher or optional key file, 2074 * in which case the passphrase unlocks the token 2075 * If only the cipher is specified, reconfirm the passphrase 2076 * to ensure the user hasn't mis-entered it. Otherwise, the 2077 * token will enforce the token passphrase. 2078 */ 2079 if (need_crypto) { 2080 CK_SESSION_HANDLE sess; 2081 2082 /* pick a cipher if none specified */ 2083 if (cipher == NULL) 2084 cipher = DEFAULT_CIPHER; 2085 2086 if (!kernel_cipher_check(cipher)) 2087 die(gettext( 2088 "use \"cryptoadm list -m\" to find available " 2089 "mechanisms\n")); 2090 2091 init_crypto(token, cipher, &sess); 2092 2093 if (cipher_only) { 2094 getkeyfromuser(cipher, &rkey, &rksz); 2095 } else if (token != NULL) { 2096 getkeyfromtoken(sess, token, keyfile, cipher, 2097 &rkey, &rksz); 2098 } else { 2099 /* this also handles ephemeral keys */ 2100 getkeyfromfile(keyfile, cipher, &rkey, &rksz); 2101 } 2102 2103 end_crypto(sess); 2104 } 2105 2106 /* 2107 * Now to the real work. 2108 */ 2109 if (addflag) 2110 add_mapping(lfd, devicename, filename, cipher, rkey, rksz, 2111 rdflag, labelflag); 2112 else if (compressflag) 2113 lofi_compress(&lfd, filename, compress_index, segsize); 2114 else if (uncompressflag) 2115 lofi_uncompress(lfd, filename); 2116 else if (deleteflag) 2117 delete_mapping(lfd, devicename, filename, force); 2118 else if (filename || devicename) 2119 print_one_mapping(lfd, devicename, filename); 2120 else 2121 print_mappings(lfd); 2122 2123 if (lfd != -1) 2124 (void) close(lfd); 2125 closelib(); 2126 return (E_SUCCESS); 2127 } 2128