1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
14 * Copyright 2019 Joyent, Inc.
15 */
16
17 #include <fcntl.h>
18 #include <strings.h>
19 #include <unistd.h>
20 #include <errno.h>
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <sys/debug.h>
24
25 #include "cryptotest.h"
26
27 struct crypto_op {
28 char *in;
29 char *out;
30 char *key;
31 char *param;
32
33 size_t inlen;
34 size_t outlen;
35 size_t keylen;
36 size_t paramlen;
37 const size_t *updatelens;
38
39 char *mechname;
40
41 /* internal */
42 crypto_mech_type_t mech;
43 crypto_session_id_t hsession;
44 crypto_func_group_t fg;
45 };
46
47 static int fd = -1;
48 static const char CRYPTO_DEVICE[] = "/dev/crypto";
49
50 int
kcf_do_ioctl(int opcode,uint_t * arg,char * opstr)51 kcf_do_ioctl(int opcode, uint_t *arg, char *opstr)
52 {
53 int ret;
54
55 while ((ret = ioctl(fd, opcode, arg)) < 0) {
56 if (errno != EINTR)
57 break;
58 }
59
60 if (ret < 0 || *arg != CRYPTO_SUCCESS) {
61 (void) fprintf(stderr,
62 "%s: Error = %d errno=%d (%s) 0x%02x\n",
63 (opstr == NULL) ? "ioctl" : opstr,
64 ret, errno, strerror(errno), *arg);
65
66 }
67
68 /*
69 * The callers all expect CRYPTO_xx errors. We've displayed the
70 * errno value (see above), so just return a generic CRYPTO_xxx
71 * error to signal failure.
72 */
73 if (ret < 0)
74 return (CRYPTO_GENERAL_ERROR);
75
76 return (*arg);
77 }
78
79 crypto_op_t *
cryptotest_init(cryptotest_t * arg,crypto_func_group_t fg)80 cryptotest_init(cryptotest_t *arg, crypto_func_group_t fg)
81 {
82 crypto_op_t *op = malloc(sizeof (*op));
83
84 if (op == NULL) {
85 (void) fprintf(stderr, "malloc failed: %s\n", strerror(errno));
86 return (NULL);
87 }
88
89 while ((fd = open(CRYPTO_DEVICE, O_RDWR)) < 0) {
90 if (errno != EINTR) {
91 (void) fprintf(stderr, "open of %s failed: %s",
92 CRYPTO_DEVICE, strerror(errno));
93 free(op);
94 return (NULL);
95 }
96 }
97
98 op->in = (char *)arg->in;
99 op->out = (char *)arg->out;
100 op->key = (char *)arg->key;
101 op->param = (char *)arg->param;
102
103 op->inlen = arg->inlen;
104 op->outlen = arg->outlen;
105 op->keylen = arg->keylen * 8; /* kcf uses keylen in bits */
106 op->paramlen = arg->plen;
107 op->updatelens = arg->updatelens;
108
109 op->mechname = arg->mechname;
110
111 op->hsession = CRYPTO_INVALID_SESSION;
112 op->fg = fg;
113
114 if (op->out == NULL)
115 op->outlen = op->inlen;
116 return (op);
117 }
118
119 int
cryptotest_close_session(crypto_session_id_t session)120 cryptotest_close_session(crypto_session_id_t session)
121 {
122 crypto_close_session_t cs;
123
124 cs.cs_session = session;
125 return (kcf_do_ioctl(CRYPTO_CLOSE_SESSION, (uint_t *)&cs, "session"));
126 }
127
128 void
cryptotest_close(crypto_op_t * op)129 cryptotest_close(crypto_op_t *op)
130 {
131 if (op->hsession != CRYPTO_INVALID_SESSION)
132 (void) cryptotest_close_session(op->hsession);
133 free(op);
134 if (fd >= 0)
135 VERIFY0(close(fd));
136 fd = -1;
137 }
138
139 int
get_mech_info(crypto_op_t * op)140 get_mech_info(crypto_op_t *op)
141 {
142 crypto_get_mechanism_number_t get_number;
143
144 bzero(&get_number, sizeof (get_number));
145
146 get_number.pn_mechanism_string = op->mechname;
147 get_number.pn_mechanism_len = strlen(op->mechname) + 1;
148
149 if (kcf_do_ioctl(CRYPTO_GET_MECHANISM_NUMBER,
150 (uint_t *)&get_number, "get_mech_info") != CRYPTO_SUCCESS) {
151 (void) fprintf(stderr, "failed to resolve mechanism name %s\n",
152 op->mechname);
153 return (CTEST_NAME_RESOLVE_FAILED);
154 }
155 op->mech = get_number.pn_internal_number;
156 return (CRYPTO_SUCCESS);
157 }
158
159 int
get_hsession_by_mech(crypto_op_t * op)160 get_hsession_by_mech(crypto_op_t *op)
161 {
162 crypto_by_mech_t mech;
163 int rv;
164
165 mech.mech_keylen = op->keylen;
166 mech.mech_type = op->mech;
167 mech.mech_fg = op->fg;
168
169 rv = kcf_do_ioctl(CRYPTO_GET_PROVIDER_BY_MECH, (uint_t *)&mech,
170 "get_hsession_by_mech");
171
172 if (rv != 0 || mech.rv != CRYPTO_SUCCESS) {
173 (void) fprintf(stderr,
174 "could not find provider for mechanism %llu\n",
175 mech.mech_type);
176 return (CTEST_MECH_NO_PROVIDER);
177 }
178
179 op->hsession = mech.session_id;
180
181 return (CRYPTO_SUCCESS);
182 }
183
184 /*
185 * CRYPTO_MAC_* functions
186 */
187 int
mac_init(crypto_op_t * op)188 mac_init(crypto_op_t *op)
189 {
190 crypto_mac_init_t init;
191
192 bzero((void *)&init, sizeof (init));
193
194 init.mi_session = op->hsession;
195
196 init.mi_key.ck_data = op->key;
197 init.mi_key.ck_format = CRYPTO_KEY_RAW; /* must be this */
198 init.mi_key.ck_length = op->keylen;
199
200 init.mi_mech.cm_type = op->mech;
201 init.mi_mech.cm_param = NULL;
202 init.mi_mech.cm_param_len = 0;
203
204 return (kcf_do_ioctl(CRYPTO_MAC_INIT, (uint_t *)&init, "init"));
205 }
206
207 int
mac_single(crypto_op_t * op)208 mac_single(crypto_op_t *op)
209 {
210 crypto_mac_t mac;
211
212 bzero(&mac, sizeof (mac));
213 mac.cm_session = op->hsession;
214 mac.cm_datalen = op->inlen;
215 mac.cm_databuf = op->in;
216 mac.cm_maclen = op->outlen;
217 mac.cm_macbuf = op->out;
218
219 return (kcf_do_ioctl(CRYPTO_MAC, (uint_t *)&mac, "single"));
220 }
221
222 int
mac_update(crypto_op_t * op,size_t offset,size_t len,size_t * dummy __unused)223 mac_update(crypto_op_t *op, size_t offset, size_t len, size_t *dummy __unused)
224 {
225 crypto_mac_update_t update;
226
227 bzero((void *)&update, sizeof (update));
228
229 update.mu_session = op->hsession;
230 update.mu_databuf = op->in + offset;
231 update.mu_datalen = len;
232
233 return (kcf_do_ioctl(CRYPTO_MAC_UPDATE, (uint_t *)&update, "update"));
234 }
235
236 int
mac_final(crypto_op_t * op,size_t dummy __unused)237 mac_final(crypto_op_t *op, size_t dummy __unused)
238 {
239 crypto_mac_final_t final;
240
241 bzero((void *)&final, sizeof (final));
242
243 final.mf_session = op->hsession;
244 final.mf_maclen = op->outlen;
245 final.mf_macbuf = op->out;
246
247 return (kcf_do_ioctl(CRYPTO_MAC_FINAL, (uint_t *)&final, "final"));
248 }
249
250
251 /*
252 * CRYPTO_ENCRYPT_* functions
253 */
254
255 int
encrypt_init(crypto_op_t * op)256 encrypt_init(crypto_op_t *op)
257 {
258 crypto_encrypt_init_t init;
259
260 bzero((void *)&init, sizeof (init));
261
262 init.ei_session = op->hsession;
263
264 init.ei_key.ck_data = op->key;
265 init.ei_key.ck_format = CRYPTO_KEY_RAW; /* must be this */
266 init.ei_key.ck_length = op->keylen;
267
268 init.ei_mech.cm_type = op->mech;
269 init.ei_mech.cm_param = op->param;
270 init.ei_mech.cm_param_len = op->paramlen;
271
272 return (kcf_do_ioctl(CRYPTO_ENCRYPT_INIT, (uint_t *)&init, "init"));
273 }
274
275 int
encrypt_single(crypto_op_t * op)276 encrypt_single(crypto_op_t *op)
277 {
278 crypto_encrypt_t encrypt;
279
280 bzero(&encrypt, sizeof (encrypt));
281 encrypt.ce_session = op->hsession;
282 encrypt.ce_datalen = op->inlen;
283 encrypt.ce_databuf = op->in;
284 encrypt.ce_encrlen = op->outlen;
285 encrypt.ce_encrbuf = op->out;
286
287 return (kcf_do_ioctl(CRYPTO_ENCRYPT, (uint_t *)&encrypt, "single"));
288 }
289
290 int
encrypt_update(crypto_op_t * op,size_t offset,size_t plainlen,size_t * encrlen)291 encrypt_update(crypto_op_t *op, size_t offset, size_t plainlen, size_t *encrlen)
292 {
293 crypto_encrypt_update_t update;
294 int ret;
295 bzero((void *)&update, sizeof (update));
296
297 update.eu_session = op->hsession;
298 update.eu_databuf = op->in + offset;
299 update.eu_datalen = plainlen;
300 update.eu_encrlen = op->outlen - *encrlen;
301 update.eu_encrbuf = op->out + *encrlen;
302
303 ret = kcf_do_ioctl(CRYPTO_ENCRYPT_UPDATE, (uint_t *)&update, "update");
304 *encrlen += update.eu_encrlen;
305 return (ret);
306 }
307
308 int
encrypt_final(crypto_op_t * op,size_t encrlen)309 encrypt_final(crypto_op_t *op, size_t encrlen)
310 {
311 crypto_encrypt_final_t final;
312
313 bzero((void *)&final, sizeof (final));
314
315 final.ef_session = op->hsession;
316 final.ef_encrlen = op->outlen - encrlen;
317 final.ef_encrbuf = op->out + encrlen;
318
319 return (kcf_do_ioctl(CRYPTO_ENCRYPT_FINAL, (uint_t *)&final, "final"));
320 }
321
322 /*
323 * CRYPTO_DECRYPT_* functions
324 */
325
326 int
decrypt_init(crypto_op_t * op)327 decrypt_init(crypto_op_t *op)
328 {
329 crypto_decrypt_init_t init;
330
331 bzero((void *)&init, sizeof (init));
332
333 init.di_session = op->hsession;
334
335 init.di_key.ck_data = op->key;
336 init.di_key.ck_format = CRYPTO_KEY_RAW; /* must be this */
337 init.di_key.ck_length = op->keylen;
338
339 init.di_mech.cm_type = op->mech;
340 init.di_mech.cm_param = op->param;
341 init.di_mech.cm_param_len = op->paramlen;
342
343 return (kcf_do_ioctl(CRYPTO_DECRYPT_INIT, (uint_t *)&init, "init"));
344 }
345
346 int
decrypt_single(crypto_op_t * op)347 decrypt_single(crypto_op_t *op)
348 {
349 crypto_decrypt_t decrypt;
350
351 bzero(&decrypt, sizeof (decrypt));
352 decrypt.cd_session = op->hsession;
353 decrypt.cd_datalen = op->outlen;
354 decrypt.cd_databuf = op->out;
355 decrypt.cd_encrlen = op->inlen;
356 decrypt.cd_encrbuf = op->in;
357
358 return (kcf_do_ioctl(CRYPTO_DECRYPT, (uint_t *)&decrypt, "single"));
359 }
360
361 int
decrypt_update(crypto_op_t * op,size_t offset,size_t len,size_t * encrlen)362 decrypt_update(crypto_op_t *op, size_t offset, size_t len, size_t *encrlen)
363 {
364 crypto_decrypt_update_t update;
365 int ret;
366
367 bzero((void *)&update, sizeof (update));
368
369 update.du_session = op->hsession;
370 update.du_databuf = op->out + *encrlen;
371 update.du_datalen = op->outlen - *encrlen;
372 update.du_encrlen = len;
373 update.du_encrbuf = op->in + offset;
374
375 ret = kcf_do_ioctl(CRYPTO_DECRYPT_UPDATE, (uint_t *)&update, "update");
376 *encrlen += update.du_datalen;
377 return (ret);
378 }
379
380 int
decrypt_final(crypto_op_t * op,size_t encrlen)381 decrypt_final(crypto_op_t *op, size_t encrlen)
382 {
383 crypto_decrypt_final_t final;
384
385 bzero((void *)&final, sizeof (final));
386
387 final.df_session = op->hsession;
388 final.df_datalen = op->outlen - encrlen;
389 final.df_databuf = op->out + encrlen;
390
391 return (kcf_do_ioctl(CRYPTO_DECRYPT_FINAL, (uint_t *)&final, "final"));
392 }
393
394 int
digest_init(crypto_op_t * op)395 digest_init(crypto_op_t *op)
396 {
397 crypto_digest_init_t init;
398
399 bzero(&init, sizeof (init));
400
401 init.di_session = op->hsession;
402
403 init.di_mech.cm_type = op->mech;
404 init.di_mech.cm_param = NULL;
405 init.di_mech.cm_param_len = 0;
406
407 return (kcf_do_ioctl(CRYPTO_DIGEST_INIT, (uint_t *)&init, "init"));
408 }
409
410 int
digest_single(crypto_op_t * op)411 digest_single(crypto_op_t *op)
412 {
413 crypto_digest_t digest;
414
415 bzero(&digest, sizeof (digest));
416
417 digest.cd_session = op->hsession;
418
419 digest.cd_datalen = op->inlen;
420 digest.cd_databuf = op->in;
421 digest.cd_digestlen = op->outlen;
422 digest.cd_digestbuf = op->out;
423
424 return (kcf_do_ioctl(CRYPTO_DIGEST, (uint_t *)&digest, "digest"));
425 }
426
427 int
digest_update(crypto_op_t * op,size_t offset,size_t len,size_t * dummy __unused)428 digest_update(crypto_op_t *op, size_t offset, size_t len,
429 size_t *dummy __unused)
430 {
431 crypto_digest_update_t update;
432
433 bzero(&update, sizeof (update));
434
435 update.du_session = op->hsession;
436
437 update.du_datalen = len;
438 update.du_databuf = op->in + offset;
439
440 return (kcf_do_ioctl(CRYPTO_DIGEST_UPDATE, (uint_t *)&update,
441 "update"));
442 }
443
444 int
digest_final(crypto_op_t * op,size_t dummy __unused)445 digest_final(crypto_op_t *op, size_t dummy __unused)
446 {
447 crypto_digest_final_t final;
448
449 bzero(&final, sizeof (final));
450
451 final.df_session = op->hsession;
452
453 final.df_digestlen = op->outlen;
454 final.df_digestbuf = op->out;
455
456 return (kcf_do_ioctl(CRYPTO_DIGEST_FINAL, (uint_t *)&final, "final"));
457 }
458
459 void
ccm_init_params(void * buf,ulong_t ulDataLen,uchar_t * pNonce,ulong_t ulNonceLen,uchar_t * pAAD,ulong_t ulAADLen,ulong_t ulMACLen)460 ccm_init_params(void *buf, ulong_t ulDataLen, uchar_t *pNonce,
461 ulong_t ulNonceLen, uchar_t *pAAD, ulong_t ulAADLen, ulong_t ulMACLen)
462 {
463 CK_AES_CCM_PARAMS *pp = buf;
464
465 pp->ulDataSize = ulDataLen;
466 pp->nonce = pNonce;
467 pp->ulNonceSize = ulNonceLen;
468 pp->authData = pAAD;
469 pp->ulAuthDataSize = ulAADLen;
470 pp->ulMACSize = ulMACLen;
471 }
472
473 size_t
ccm_param_len(void)474 ccm_param_len(void)
475 {
476 return (sizeof (CK_AES_CCM_PARAMS));
477 }
478
479 const char *
cryptotest_errstr(int e,char * buf,size_t buflen)480 cryptotest_errstr(int e, char *buf, size_t buflen)
481 {
482 const char *valstr = NULL;
483
484 switch (e) {
485 case CRYPTO_SUCCESS:
486 valstr = "CRYPTO_SUCCESS";
487 break;
488 case CRYPTO_CANCEL:
489 valstr = "CRYPTO_CANCEL";
490 break;
491 case CRYPTO_HOST_MEMORY:
492 valstr = "CRYPTO_HOST_MEMORY";
493 break;
494 case CRYPTO_GENERAL_ERROR:
495 valstr = "CRYPTO_GENERAL_ERROR";
496 break;
497 case CRYPTO_FAILED:
498 valstr = "CRYPTO_FAILED";
499 break;
500 case CRYPTO_ARGUMENTS_BAD:
501 valstr = "CRYPTO_ARGUMENTS_BAD";
502 break;
503 case CRYPTO_ATTRIBUTE_READ_ONLY:
504 valstr = "CRYPTO_ATTRIBUTE_READ_ONLY";
505 break;
506 case CRYPTO_ATTRIBUTE_SENSITIVE:
507 valstr = "CRYPTO_ATTRIBUTE_SENSITIVE";
508 break;
509 case CRYPTO_ATTRIBUTE_TYPE_INVALID:
510 valstr = "CRYPTO_ATTRIBUTE_TYPE_INVALID";
511 break;
512 case CRYPTO_ATTRIBUTE_VALUE_INVALID:
513 valstr = "CRYPTO_ATTRIBUTE_VALUE_INVALID";
514 break;
515 case CRYPTO_CANCELED:
516 valstr = "CRYPTO_CANCELED";
517 break;
518 case CRYPTO_DATA_INVALID:
519 valstr = "CRYPTO_DATA_INVALID";
520 break;
521 case CRYPTO_DATA_LEN_RANGE:
522 valstr = "CRYPTO_DATA_LEN_RANGE";
523 break;
524 case CRYPTO_DEVICE_ERROR:
525 valstr = "CRYPTO_DEVICE_ERROR";
526 break;
527 case CRYPTO_DEVICE_MEMORY:
528 valstr = "CRYPTO_DEVICE_MEMORY";
529 break;
530 case CRYPTO_DEVICE_REMOVED:
531 valstr = "CRYPTO_DEVICE_REMOVED";
532 break;
533 case CRYPTO_ENCRYPTED_DATA_INVALID:
534 valstr = "CRYPTO_ENCRYPTED_DATA_INVALID";
535 break;
536 case CRYPTO_ENCRYPTED_DATA_LEN_RANGE:
537 valstr = "CRYPTO_ENCRYPTED_DATA_LEN_RANGE";
538 break;
539 case CRYPTO_KEY_HANDLE_INVALID:
540 valstr = "CRYPTO_KEY_HANDLE_INVALID";
541 break;
542 case CRYPTO_KEY_SIZE_RANGE:
543 valstr = "CRYPTO_KEY_SIZE_RANGE";
544 break;
545 case CRYPTO_KEY_TYPE_INCONSISTENT:
546 valstr = "CRYPTO_KEY_TYPE_INCONSISTENT";
547 break;
548 case CRYPTO_KEY_NOT_NEEDED:
549 valstr = "CRYPTO_KEY_NOT_NEEDED";
550 break;
551 case CRYPTO_KEY_CHANGED:
552 valstr = "CRYPTO_KEY_CHANGED";
553 break;
554 case CRYPTO_KEY_NEEDED:
555 valstr = "CRYPTO_KEY_NEEDED";
556 break;
557 case CRYPTO_KEY_INDIGESTIBLE:
558 valstr = "CRYPTO_KEY_INDIGESTIBLE";
559 break;
560 case CRYPTO_KEY_FUNCTION_NOT_PERMITTED:
561 valstr = "CRYPTO_KEY_FUNCTION_NOT_PERMITTED";
562 break;
563 case CRYPTO_KEY_NOT_WRAPPABLE:
564 valstr = "CRYPTO_KEY_NOT_WRAPPABLE";
565 break;
566 case CRYPTO_KEY_UNEXTRACTABLE:
567 valstr = "CRYPTO_KEY_UNEXTRACTABLE";
568 break;
569 case CRYPTO_MECHANISM_INVALID:
570 valstr = "CRYPTO_MECHANISM_INVALID";
571 break;
572 case CRYPTO_MECHANISM_PARAM_INVALID:
573 valstr = "CRYPTO_MECHANISM_PARAM_INVALID";
574 break;
575 case CRYPTO_OBJECT_HANDLE_INVALID:
576 valstr = "CRYPTO_OBJECT_HANDLE_INVALID";
577 break;
578 case CRYPTO_OPERATION_IS_ACTIVE:
579 valstr = "CRYPTO_OPERATION_IS_ACTIVE";
580 break;
581 case CRYPTO_OPERATION_NOT_INITIALIZED:
582 valstr = "CRYPTO_OPERATION_NOT_INITIALIZED";
583 break;
584 case CRYPTO_PIN_INCORRECT:
585 valstr = "CRYPTO_PIN_INCORRECT";
586 break;
587 case CRYPTO_PIN_INVALID:
588 valstr = "CRYPTO_PIN_INVALID";
589 break;
590 case CRYPTO_PIN_LEN_RANGE:
591 valstr = "CRYPTO_PIN_LEN_RANGE";
592 break;
593 case CRYPTO_PIN_EXPIRED:
594 valstr = "CRYPTO_PIN_EXPIRED";
595 break;
596 case CRYPTO_PIN_LOCKED:
597 valstr = "CRYPTO_PIN_LOCKED";
598 break;
599 case CRYPTO_SESSION_CLOSED:
600 valstr = "CRYPTO_SESSION_CLOSED";
601 break;
602 case CRYPTO_SESSION_COUNT:
603 valstr = "CRYPTO_SESSION_COUNT";
604 break;
605 case CRYPTO_SESSION_HANDLE_INVALID:
606 valstr = "CRYPTO_SESSION_HANDLE_INVALID";
607 break;
608 case CRYPTO_SESSION_READ_ONLY:
609 valstr = "CRYPTO_SESSION_READ_ONLY";
610 break;
611 case CRYPTO_SESSION_EXISTS:
612 valstr = "CRYPTO_SESSION_EXISTS";
613 break;
614 case CRYPTO_SESSION_READ_ONLY_EXISTS:
615 valstr = "CRYPTO_SESSION_READ_ONLY_EXISTS";
616 break;
617 case CRYPTO_SESSION_READ_WRITE_SO_EXISTS:
618 valstr = "CRYPTO_SESSION_READ_WRITE_SO_EXISTS";
619 break;
620 case CRYPTO_SIGNATURE_INVALID:
621 valstr = "CRYPTO_SIGNATURE_INVALID";
622 break;
623 case CRYPTO_SIGNATURE_LEN_RANGE:
624 valstr = "CRYPTO_SIGNATURE_LEN_RANGE";
625 break;
626 case CRYPTO_TEMPLATE_INCOMPLETE:
627 valstr = "CRYPTO_TEMPLATE_INCOMPLETE";
628 break;
629 case CRYPTO_TEMPLATE_INCONSISTENT:
630 valstr = "CRYPTO_TEMPLATE_INCONSISTENT";
631 break;
632 case CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID:
633 valstr = "CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID";
634 break;
635 case CRYPTO_UNWRAPPING_KEY_SIZE_RANGE:
636 valstr = "CRYPTO_UNWRAPPING_KEY_SIZE_RANGE";
637 break;
638 case CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT:
639 valstr = "CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT";
640 break;
641 case CRYPTO_USER_ALREADY_LOGGED_IN:
642 valstr = "CRYPTO_USER_ALREADY_LOGGED_IN";
643 break;
644 case CRYPTO_USER_NOT_LOGGED_IN:
645 valstr = "CRYPTO_USER_NOT_LOGGED_IN";
646 break;
647 case CRYPTO_USER_PIN_NOT_INITIALIZED:
648 valstr = "CRYPTO_USER_PIN_NOT_INITIALIZED";
649 break;
650 case CRYPTO_USER_TYPE_INVALID:
651 valstr = "CRYPTO_USER_TYPE_INVALID";
652 break;
653 case CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN:
654 valstr = "CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN";
655 break;
656 case CRYPTO_USER_TOO_MANY_TYPES:
657 valstr = "CRYPTO_USER_TOO_MANY_TYPES";
658 break;
659 case CRYPTO_WRAPPED_KEY_INVALID:
660 valstr = "CRYPTO_WRAPPED_KEY_INVALID";
661 break;
662 case CRYPTO_WRAPPED_KEY_LEN_RANGE:
663 valstr = "CRYPTO_WRAPPED_KEY_LEN_RANGE";
664 break;
665 case CRYPTO_WRAPPING_KEY_HANDLE_INVALID:
666 valstr = "CRYPTO_WRAPPING_KEY_HANDLE_INVALID";
667 break;
668 case CRYPTO_WRAPPING_KEY_SIZE_RANGE:
669 valstr = "CRYPTO_WRAPPING_KEY_SIZE_RANGE";
670 break;
671 case CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT:
672 valstr = "CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT";
673 break;
674 case CRYPTO_RANDOM_SEED_NOT_SUPPORTED:
675 valstr = "CRYPTO_RANDOM_SEED_NOT_SUPPORTED";
676 break;
677 case CRYPTO_RANDOM_NO_RNG:
678 valstr = "CRYPTO_RANDOM_NO_RNG";
679 break;
680 case CRYPTO_DOMAIN_PARAMS_INVALID:
681 valstr = "CRYPTO_DOMAIN_PARAMS_INVALID";
682 break;
683 case CRYPTO_BUFFER_TOO_SMALL:
684 valstr = "CRYPTO_BUFFER_TOO_SMALL";
685 break;
686 case CRYPTO_INFORMATION_SENSITIVE:
687 valstr = "CRYPTO_INFORMATION_SENSITIVE";
688 break;
689 case CRYPTO_NOT_SUPPORTED:
690 valstr = "CRYPTO_NOT_SUPPORTED";
691 break;
692 case CRYPTO_QUEUED:
693 valstr = "CRYPTO_QUEUED";
694 break;
695 case CRYPTO_BUFFER_TOO_BIG:
696 valstr = "CRYPTO_BUFFER_TOO_BIG";
697 break;
698 case CRYPTO_INVALID_CONTEXT:
699 valstr = "CRYPTO_INVALID_CONTEXT";
700 break;
701 case CRYPTO_INVALID_MAC:
702 valstr = "CRYPTO_INVALID_MAC";
703 break;
704 case CRYPTO_MECH_NOT_SUPPORTED:
705 valstr = "CRYPTO_MECH_NOT_SUPPORTED";
706 break;
707 case CRYPTO_INCONSISTENT_ATTRIBUTE:
708 valstr = "CRYPTO_INCONSISTENT_ATTRIBUTE";
709 break;
710 case CRYPTO_NO_PERMISSION:
711 valstr = "CRYPTO_NO_PERMISSION";
712 break;
713 case CRYPTO_INVALID_PROVIDER_ID:
714 valstr = "CRYPTO_INVALID_PROVIDER_ID";
715 break;
716 case CRYPTO_VERSION_MISMATCH:
717 valstr = "CRYPTO_VERSION_MISMATCH";
718 break;
719 case CRYPTO_BUSY:
720 valstr = "CRYPTO_BUSY";
721 break;
722 case CRYPTO_UNKNOWN_PROVIDER:
723 valstr = "CRYPTO_UNKNOWN_PROVIDER";
724 break;
725 case CRYPTO_MODVERIFICATION_FAILED:
726 valstr = "CRYPTO_MODVERIFICATION_FAILED";
727 break;
728 case CRYPTO_OLD_CTX_TEMPLATE:
729 valstr = "CRYPTO_OLD_CTX_TEMPLATE";
730 break;
731 case CRYPTO_WEAK_KEY:
732 valstr = "CRYPTO_WEAK_KEY";
733 break;
734 case CRYPTO_FIPS140_ERROR:
735 valstr = "CRYPTO_FIPS140_ERROR";
736 break;
737 default:
738 valstr = "Unknown KCF error";
739 break;
740 }
741
742 (void) snprintf(buf, buflen, "%s (0x%08x)", valstr, e);
743 return (buf);
744 }
745