1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * lofiadm - administer lofi(7d). Very simple, add and remove file<->device 28 * associations, and display status. All the ioctls are private between 29 * lofi and lofiadm, and so are very simple - device information is 30 * communicated via a minor number. 31 */ 32 33 #include <sys/types.h> 34 #include <sys/param.h> 35 #include <sys/lofi.h> 36 #include <sys/stat.h> 37 #include <netinet/in.h> 38 #include <stdio.h> 39 #include <fcntl.h> 40 #include <locale.h> 41 #include <string.h> 42 #include <strings.h> 43 #include <errno.h> 44 #include <stdlib.h> 45 #include <unistd.h> 46 #include <stropts.h> 47 #include <libdevinfo.h> 48 #include <libgen.h> 49 #include <ctype.h> 50 #include <dlfcn.h> 51 #include <limits.h> 52 #include <security/cryptoki.h> 53 #include <cryptoutil.h> 54 #include <sys/crypto/ioctl.h> 55 #include <sys/crypto/ioctladmin.h> 56 #include "utils.h" 57 #include <LzmaEnc.h> 58 59 /* Only need the IV len #defines out of these files, nothing else. */ 60 #include <aes/aes_impl.h> 61 #include <des/des_impl.h> 62 #include <blowfish/blowfish_impl.h> 63 64 static const char USAGE[] = 65 "Usage: %s -a file [ device ] " 66 " [-c aes-128-cbc|aes-192-cbc|aes-256-cbc|des3-cbc|blowfish-cbc]" 67 " [-e] [-k keyfile] [-T [token]:[manuf]:[serial]:key]\n" 68 " %s -d file | device\n" 69 " %s -C [gzip|gzip-6|gzip-9|lzma] [-s segment_size] file\n" 70 " %s -U file\n" 71 " %s [ file | device ]\n"; 72 73 typedef struct token_spec { 74 char *name; 75 char *mfr; 76 char *serno; 77 char *key; 78 } token_spec_t; 79 80 typedef struct mech_alias { 81 char *alias; 82 CK_MECHANISM_TYPE type; 83 char *name; /* for ioctl */ 84 char *iv_name; /* for ioctl */ 85 size_t iv_len; /* for ioctl */ 86 iv_method_t iv_type; /* for ioctl */ 87 size_t min_keysize; /* in bytes */ 88 size_t max_keysize; /* in bytes */ 89 token_spec_t *token; 90 CK_SLOT_ID slot; 91 } mech_alias_t; 92 93 static mech_alias_t mech_aliases[] = { 94 /* Preferred one should always be listed first. */ 95 { "aes-256-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN, 96 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 }, 97 { "aes-192-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN, 98 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 }, 99 { "aes-128-cbc", CKM_AES_CBC, "CKM_AES_CBC", "CKM_AES_ECB", AES_IV_LEN, 100 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID) -1 }, 101 { "des3-cbc", CKM_DES3_CBC, "CKM_DES3_CBC", "CKM_DES3_ECB", DES_IV_LEN, 102 IVM_ENC_BLKNO, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 }, 103 { "blowfish-cbc", CKM_BLOWFISH_CBC, "CKM_BLOWFISH_CBC", 104 "CKM_BLOWFISH_ECB", BLOWFISH_IV_LEN, IVM_ENC_BLKNO, ULONG_MAX, 105 0L, NULL, (CK_SLOT_ID)-1 } 106 /* 107 * A cipher without an iv requirement would look like this: 108 * { "aes-xex", CKM_AES_XEX, "CKM_AES_XEX", NULL, 0, 109 * IVM_NONE, ULONG_MAX, 0L, NULL, (CK_SLOT_ID)-1 } 110 */ 111 }; 112 113 int mech_aliases_count = (sizeof (mech_aliases) / sizeof (mech_alias_t)); 114 115 /* Preferred cipher, if one isn't specified on command line. */ 116 #define DEFAULT_CIPHER (&mech_aliases[0]) 117 118 #define DEFAULT_CIPHER_NUM 64 /* guess # kernel ciphers available */ 119 #define DEFAULT_MECHINFO_NUM 16 /* guess # kernel mechs available */ 120 #define MIN_PASSLEN 8 /* min acceptable passphrase size */ 121 122 static int gzip_compress(void *src, size_t srclen, void *dst, 123 size_t *destlen, int level); 124 static int lzma_compress(void *src, size_t srclen, void *dst, 125 size_t *destlen, int level); 126 127 lofi_compress_info_t lofi_compress_table[LOFI_COMPRESS_FUNCTIONS] = { 128 {NULL, gzip_compress, 6, "gzip"}, /* default */ 129 {NULL, gzip_compress, 6, "gzip-6"}, 130 {NULL, gzip_compress, 9, "gzip-9"}, 131 {NULL, lzma_compress, 0, "lzma"} 132 }; 133 134 /* For displaying lofi mappings */ 135 #define FORMAT "%-20s %-30s %s\n" 136 137 #define COMPRESS_ALGORITHM "gzip" 138 #define COMPRESS_THRESHOLD 2048 139 #define SEGSIZE 131072 140 #define BLOCK_SIZE 512 141 #define KILOBYTE 1024 142 #define MEGABYTE (KILOBYTE * KILOBYTE) 143 #define GIGABYTE (KILOBYTE * MEGABYTE) 144 #define LIBZ "libz.so" 145 146 static void 147 usage(const char *pname) 148 { 149 (void) fprintf(stderr, gettext(USAGE), pname, pname, pname, 150 pname, pname); 151 exit(E_USAGE); 152 } 153 154 static int 155 gzip_compress(void *src, size_t srclen, void *dst, size_t *dstlen, int level) 156 { 157 static int (*compress2p)(void *, ulong_t *, void *, size_t, int) = NULL; 158 void *libz_hdl = NULL; 159 160 /* 161 * The first time we are called, attempt to dlopen() 162 * libz.so and get a pointer to the compress2() function 163 */ 164 if (compress2p == NULL) { 165 if ((libz_hdl = openlib(LIBZ)) == NULL) 166 die(gettext("could not find %s. " 167 "gzip compression unavailable\n"), LIBZ); 168 169 if ((compress2p = 170 (int (*)(void *, ulong_t *, void *, size_t, int)) 171 dlsym(libz_hdl, "compress2")) == NULL) { 172 closelib(); 173 die(gettext("could not find the correct %s. " 174 "gzip compression unavailable\n"), LIBZ); 175 } 176 } 177 178 if ((*compress2p)(dst, (ulong_t *)dstlen, src, srclen, level) != 0) 179 return (-1); 180 return (0); 181 } 182 183 /*ARGSUSED*/ 184 static void 185 *SzAlloc(void *p, size_t size) 186 { 187 return (malloc(size)); 188 } 189 190 /*ARGSUSED*/ 191 static void 192 SzFree(void *p, void *address, size_t size) 193 { 194 free(address); 195 } 196 197 static ISzAlloc g_Alloc = { 198 SzAlloc, 199 SzFree 200 }; 201 202 #define LZMA_UNCOMPRESSED_SIZE 8 203 #define LZMA_HEADER_SIZE (LZMA_PROPS_SIZE + LZMA_UNCOMPRESSED_SIZE) 204 205 /*ARGSUSED*/ 206 static int 207 lzma_compress(void *src, size_t srclen, void *dst, 208 size_t *dstlen, int level) 209 { 210 CLzmaEncProps props; 211 size_t outsize2; 212 size_t outsizeprocessed; 213 size_t outpropssize = LZMA_PROPS_SIZE; 214 uint64_t t = 0; 215 SRes res; 216 Byte *dstp; 217 int i; 218 219 outsize2 = *dstlen; 220 221 LzmaEncProps_Init(&props); 222 223 /* 224 * The LZMA compressed file format is as follows - 225 * 226 * Offset Size(bytes) Description 227 * 0 1 LZMA properties (lc, lp, lp (encoded)) 228 * 1 4 Dictionary size (little endian) 229 * 5 8 Uncompressed size (little endian) 230 * 13 Compressed data 231 */ 232 233 /* set the dictionary size to be 8MB */ 234 props.dictSize = 1 << 23; 235 236 if (*dstlen < LZMA_HEADER_SIZE) 237 return (SZ_ERROR_OUTPUT_EOF); 238 239 dstp = (Byte *)dst; 240 t = srclen; 241 /* 242 * Set the uncompressed size in the LZMA header 243 * The LZMA properties (specified in 'props') 244 * will be set by the call to LzmaEncode() 245 */ 246 for (i = 0; i < LZMA_UNCOMPRESSED_SIZE; i++, t >>= 8) { 247 dstp[LZMA_PROPS_SIZE + i] = (Byte)t; 248 } 249 250 outsizeprocessed = outsize2 - LZMA_HEADER_SIZE; 251 res = LzmaEncode(dstp + LZMA_HEADER_SIZE, &outsizeprocessed, 252 src, srclen, &props, dstp, &outpropssize, 0, NULL, 253 &g_Alloc, &g_Alloc); 254 255 if (res != 0) 256 return (-1); 257 258 *dstlen = outsizeprocessed + LZMA_HEADER_SIZE; 259 return (0); 260 } 261 262 /* 263 * Translate a lofi device name to a minor number. We might be asked 264 * to do this when there is no association (such as when the user specifies 265 * a particular device), so we can only look at the string. 266 */ 267 static int 268 name_to_minor(const char *devicename) 269 { 270 int minor; 271 272 if (sscanf(devicename, "/dev/" LOFI_BLOCK_NAME "/%d", &minor) == 1) { 273 return (minor); 274 } 275 if (sscanf(devicename, "/dev/" LOFI_CHAR_NAME "/%d", &minor) == 1) { 276 return (minor); 277 } 278 return (0); 279 } 280 281 /* 282 * This might be the first time we've used this minor number. If so, 283 * it might also be that the /dev links are in the process of being created 284 * by devfsadmd (or that they'll be created "soon"). We cannot return 285 * until they're there or the invoker of lofiadm might try to use them 286 * and not find them. This can happen if a shell script is running on 287 * an MP. 288 */ 289 static int sleeptime = 2; /* number of seconds to sleep between stat's */ 290 static int maxsleep = 120; /* maximum number of seconds to sleep */ 291 292 static void 293 wait_until_dev_complete(int minor) 294 { 295 struct stat64 buf; 296 int cursleep; 297 char blkpath[MAXPATHLEN]; 298 char charpath[MAXPATHLEN]; 299 di_devlink_handle_t hdl; 300 301 (void) snprintf(blkpath, sizeof (blkpath), "/dev/%s/%d", 302 LOFI_BLOCK_NAME, minor); 303 (void) snprintf(charpath, sizeof (charpath), "/dev/%s/%d", 304 LOFI_CHAR_NAME, minor); 305 306 /* Check if links already present */ 307 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0) 308 return; 309 310 /* First use di_devlink_init() */ 311 if (hdl = di_devlink_init("lofi", DI_MAKE_LINK)) { 312 (void) di_devlink_fini(&hdl); 313 goto out; 314 } 315 316 /* 317 * Under normal conditions, di_devlink_init(DI_MAKE_LINK) above will 318 * only fail if the caller is non-root. In that case, wait for 319 * link creation via sysevents. 320 */ 321 for (cursleep = 0; cursleep < maxsleep; cursleep += sleeptime) { 322 if (stat64(blkpath, &buf) == 0 && stat64(charpath, &buf) == 0) 323 return; 324 (void) sleep(sleeptime); 325 } 326 327 /* one last try */ 328 out: 329 if (stat64(blkpath, &buf) == -1) { 330 die(gettext("%s was not created"), blkpath); 331 } 332 if (stat64(charpath, &buf) == -1) { 333 die(gettext("%s was not created"), charpath); 334 } 335 } 336 337 /* 338 * Map the file and return the minor number the driver picked for the file 339 * DO NOT use this function if the filename is actually the device name. 340 */ 341 static int 342 lofi_map_file(int lfd, struct lofi_ioctl li, const char *filename) 343 { 344 int minor; 345 346 li.li_minor = 0; 347 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename)); 348 minor = ioctl(lfd, LOFI_MAP_FILE, &li); 349 if (minor == -1) { 350 if (errno == ENOTSUP) 351 warn(gettext("encrypting compressed files is " 352 "unsupported")); 353 die(gettext("could not map file %s"), filename); 354 } 355 wait_until_dev_complete(minor); 356 return (minor); 357 } 358 359 /* 360 * Add a device association. If devicename is NULL, let the driver 361 * pick a device. 362 */ 363 static void 364 add_mapping(int lfd, const char *devicename, const char *filename, 365 mech_alias_t *cipher, const char *rkey, size_t rksz) 366 { 367 struct lofi_ioctl li; 368 369 li.li_crypto_enabled = B_FALSE; 370 if (cipher != NULL) { 371 /* set up encryption for mapped file */ 372 li.li_crypto_enabled = B_TRUE; 373 (void) strlcpy(li.li_cipher, cipher->name, 374 sizeof (li.li_cipher)); 375 if (rksz > sizeof (li.li_key)) { 376 die(gettext("key too large")); 377 } 378 bcopy(rkey, li.li_key, rksz); 379 li.li_key_len = rksz << 3; /* convert to bits */ 380 381 li.li_iv_type = cipher->iv_type; 382 li.li_iv_len = cipher->iv_len; /* 0 when no iv needed */ 383 switch (cipher->iv_type) { 384 case IVM_ENC_BLKNO: 385 (void) strlcpy(li.li_iv_cipher, cipher->iv_name, 386 sizeof (li.li_iv_cipher)); 387 break; 388 case IVM_NONE: 389 /* FALLTHROUGH */ 390 default: 391 break; 392 } 393 } 394 395 if (devicename == NULL) { 396 int minor; 397 398 /* pick one via the driver */ 399 minor = lofi_map_file(lfd, li, filename); 400 /* if mapping succeeds, print the one picked */ 401 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, minor); 402 return; 403 } 404 405 /* use device we were given */ 406 li.li_minor = name_to_minor(devicename); 407 if (li.li_minor == 0) { 408 die(gettext("malformed device name %s\n"), devicename); 409 } 410 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename)); 411 412 /* if device is already in use li.li_minor won't change */ 413 if (ioctl(lfd, LOFI_MAP_FILE_MINOR, &li) == -1) { 414 if (errno == ENOTSUP) 415 warn(gettext("encrypting compressed files is " 416 "unsupported")); 417 die(gettext("could not map file %s to %s"), filename, 418 devicename); 419 } 420 wait_until_dev_complete(li.li_minor); 421 } 422 423 /* 424 * Remove an association. Delete by device name if non-NULL, or by 425 * filename otherwise. 426 */ 427 static void 428 delete_mapping(int lfd, const char *devicename, const char *filename, 429 boolean_t force) 430 { 431 struct lofi_ioctl li; 432 433 li.li_force = force; 434 li.li_cleanup = B_FALSE; 435 436 if (devicename == NULL) { 437 /* delete by filename */ 438 (void) strlcpy(li.li_filename, filename, 439 sizeof (li.li_filename)); 440 li.li_minor = 0; 441 if (ioctl(lfd, LOFI_UNMAP_FILE, &li) == -1) { 442 die(gettext("could not unmap file %s"), filename); 443 } 444 return; 445 } 446 447 /* delete by device */ 448 li.li_minor = name_to_minor(devicename); 449 if (li.li_minor == 0) { 450 die(gettext("malformed device name %s\n"), devicename); 451 } 452 if (ioctl(lfd, LOFI_UNMAP_FILE_MINOR, &li) == -1) { 453 die(gettext("could not unmap device %s"), devicename); 454 } 455 } 456 457 /* 458 * Show filename given devicename, or devicename given filename. 459 */ 460 static void 461 print_one_mapping(int lfd, const char *devicename, const char *filename) 462 { 463 struct lofi_ioctl li; 464 465 if (devicename == NULL) { 466 /* given filename, print devicename */ 467 li.li_minor = 0; 468 (void) strlcpy(li.li_filename, filename, 469 sizeof (li.li_filename)); 470 if (ioctl(lfd, LOFI_GET_MINOR, &li) == -1) { 471 die(gettext("could not find device for %s"), filename); 472 } 473 (void) printf("/dev/%s/%d\n", LOFI_BLOCK_NAME, li.li_minor); 474 return; 475 } 476 477 /* given devicename, print filename */ 478 li.li_minor = name_to_minor(devicename); 479 if (li.li_minor == 0) { 480 die(gettext("malformed device name %s\n"), devicename); 481 } 482 if (ioctl(lfd, LOFI_GET_FILENAME, &li) == -1) { 483 die(gettext("could not find filename for %s"), devicename); 484 } 485 (void) printf("%s\n", li.li_filename); 486 } 487 488 /* 489 * Print the list of all the mappings, including a header. 490 */ 491 static void 492 print_mappings(int fd) 493 { 494 struct lofi_ioctl li; 495 int minor; 496 int maxminor; 497 char path[MAXPATHLEN]; 498 char options[MAXPATHLEN]; 499 500 li.li_minor = 0; 501 if (ioctl(fd, LOFI_GET_MAXMINOR, &li) == -1) { 502 die("ioctl"); 503 } 504 maxminor = li.li_minor; 505 506 (void) printf(FORMAT, gettext("Block Device"), gettext("File"), 507 gettext("Options")); 508 for (minor = 1; minor <= maxminor; minor++) { 509 li.li_minor = minor; 510 if (ioctl(fd, LOFI_GET_FILENAME, &li) == -1) { 511 if (errno == ENXIO) 512 continue; 513 warn("ioctl"); 514 break; 515 } 516 (void) snprintf(path, sizeof (path), "/dev/%s/%d", 517 LOFI_BLOCK_NAME, minor); 518 /* 519 * Encrypted lofi and compressed lofi are mutually exclusive. 520 */ 521 if (li.li_crypto_enabled) 522 (void) snprintf(options, sizeof (options), 523 gettext("Encrypted")); 524 else if (li.li_algorithm[0] != '\0') 525 (void) snprintf(options, sizeof (options), 526 gettext("Compressed(%s)"), li.li_algorithm); 527 else 528 (void) snprintf(options, sizeof (options), "-"); 529 530 (void) printf(FORMAT, path, li.li_filename, options); 531 } 532 } 533 534 /* 535 * Verify the cipher selected by user. 536 */ 537 static mech_alias_t * 538 ciph2mech(const char *alias) 539 { 540 int i; 541 542 for (i = 0; i < mech_aliases_count; i++) { 543 if (strcasecmp(alias, mech_aliases[i].alias) == 0) 544 return (&mech_aliases[i]); 545 } 546 return (NULL); 547 } 548 549 /* 550 * Verify user selected cipher is also available in kernel. 551 * 552 * While traversing kernel list of mechs, if the cipher is supported in the 553 * kernel for both encryption and decryption, it also picks up the min/max 554 * key size. 555 */ 556 static boolean_t 557 kernel_cipher_check(mech_alias_t *cipher) 558 { 559 boolean_t ciph_ok = B_FALSE; 560 boolean_t iv_ok = B_FALSE; 561 int i; 562 int count; 563 crypto_get_mechanism_list_t *kciphers = NULL; 564 crypto_get_all_mechanism_info_t *kinfo = NULL; 565 int fd = -1; 566 size_t keymin; 567 size_t keymax; 568 569 /* if cipher doesn't need iv generating mech, bypass that check now */ 570 if (cipher->iv_name == NULL) 571 iv_ok = B_TRUE; 572 573 /* allocate some space for the list of kernel ciphers */ 574 count = DEFAULT_CIPHER_NUM; 575 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) + 576 sizeof (crypto_mech_name_t) * (count - 1)); 577 if (kciphers == NULL) 578 die(gettext("failed to allocate memory for list of " 579 "kernel mechanisms")); 580 kciphers->ml_count = count; 581 582 /* query crypto device to get list of kernel ciphers */ 583 if ((fd = open("/dev/crypto", O_RDWR)) == -1) { 584 warn(gettext("failed to open %s"), "/dev/crypto"); 585 goto kcc_out; 586 } 587 588 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) { 589 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed")); 590 goto kcc_out; 591 } 592 593 if (kciphers->ml_return_value == CRYPTO_BUFFER_TOO_SMALL) { 594 count = kciphers->ml_count; 595 free(kciphers); 596 kciphers = malloc(sizeof (crypto_get_mechanism_list_t) + 597 sizeof (crypto_mech_name_t) * (count - 1)); 598 if (kciphers == NULL) { 599 warn(gettext("failed to allocate memory for list of " 600 "kernel mechanisms")); 601 goto kcc_out; 602 } 603 kciphers->ml_count = count; 604 605 if (ioctl(fd, CRYPTO_GET_MECHANISM_LIST, kciphers) == -1) { 606 warn(gettext("CRYPTO_GET_MECHANISM_LIST ioctl failed")); 607 goto kcc_out; 608 } 609 } 610 611 if (kciphers->ml_return_value != CRYPTO_SUCCESS) { 612 warn(gettext( 613 "CRYPTO_GET_MECHANISM_LIST ioctl return value = %d\n"), 614 kciphers->ml_return_value); 615 goto kcc_out; 616 } 617 618 /* 619 * scan list of kernel ciphers looking for the selected one and if 620 * it needs an iv generated using another cipher, also look for that 621 * additional cipher to be used for generating the iv 622 */ 623 count = kciphers->ml_count; 624 for (i = 0; i < count && !(ciph_ok && iv_ok); i++) { 625 if (!ciph_ok && 626 strcasecmp(cipher->name, kciphers->ml_list[i]) == 0) 627 ciph_ok = B_TRUE; 628 if (!iv_ok && 629 strcasecmp(cipher->iv_name, kciphers->ml_list[i]) == 0) 630 iv_ok = B_TRUE; 631 } 632 free(kciphers); 633 kciphers = NULL; 634 635 if (!ciph_ok) 636 warn(gettext("%s mechanism not supported in kernel\n"), 637 cipher->name); 638 if (!iv_ok) 639 warn(gettext("%s mechanism not supported in kernel\n"), 640 cipher->iv_name); 641 642 if (ciph_ok) { 643 /* Get the details about the user selected cipher */ 644 count = DEFAULT_MECHINFO_NUM; 645 kinfo = malloc(sizeof (crypto_get_all_mechanism_info_t) + 646 sizeof (crypto_mechanism_info_t) * (count - 1)); 647 if (kinfo == NULL) { 648 warn(gettext("failed to allocate memory for " 649 "kernel mechanism info")); 650 goto kcc_out; 651 } 652 kinfo->mi_count = count; 653 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name, 654 CRYPTO_MAX_MECH_NAME); 655 656 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) == -1) { 657 warn(gettext( 658 "CRYPTO_GET_ALL_MECHANISM_INFO ioctl failed")); 659 goto kcc_out; 660 } 661 662 if (kinfo->mi_return_value == CRYPTO_BUFFER_TOO_SMALL) { 663 count = kinfo->mi_count; 664 free(kinfo); 665 kinfo = malloc( 666 sizeof (crypto_get_all_mechanism_info_t) + 667 sizeof (crypto_mechanism_info_t) * (count - 1)); 668 if (kinfo == NULL) { 669 warn(gettext("failed to allocate memory for " 670 "kernel mechanism info")); 671 goto kcc_out; 672 } 673 kinfo->mi_count = count; 674 (void) strlcpy(kinfo->mi_mechanism_name, cipher->name, 675 CRYPTO_MAX_MECH_NAME); 676 677 if (ioctl(fd, CRYPTO_GET_ALL_MECHANISM_INFO, kinfo) == 678 -1) { 679 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO " 680 "ioctl failed")); 681 goto kcc_out; 682 } 683 } 684 685 if (kinfo->mi_return_value != CRYPTO_SUCCESS) { 686 warn(gettext("CRYPTO_GET_ALL_MECHANISM_INFO ioctl " 687 "return value = %d\n"), kinfo->mi_return_value); 688 goto kcc_out; 689 } 690 691 /* Set key min and max size */ 692 count = kinfo->mi_count; 693 i = 0; 694 if (i < count) { 695 keymin = kinfo->mi_list[i].mi_min_key_size; 696 keymax = kinfo->mi_list[i].mi_max_key_size; 697 if (kinfo->mi_list[i].mi_keysize_unit & 698 CRYPTO_KEYSIZE_UNIT_IN_BITS) { 699 keymin = CRYPTO_BITS2BYTES(keymin); 700 keymax = CRYPTO_BITS2BYTES(keymax); 701 702 } 703 cipher->min_keysize = keymin; 704 cipher->max_keysize = keymax; 705 } 706 free(kinfo); 707 kinfo = NULL; 708 709 if (i == count) { 710 (void) close(fd); 711 die(gettext( 712 "failed to find usable %s kernel mechanism, " 713 "use \"cryptoadm list -m\" to find available " 714 "mechanisms\n"), 715 cipher->name); 716 } 717 } 718 719 /* Note: key min/max, unit size, usage for iv cipher are not checked. */ 720 721 return (ciph_ok && iv_ok); 722 723 kcc_out: 724 if (kinfo != NULL) 725 free(kinfo); 726 if (kciphers != NULL) 727 free(kciphers); 728 if (fd != -1) 729 (void) close(fd); 730 return (B_FALSE); 731 } 732 733 /* 734 * Break up token spec into its components (non-destructive) 735 */ 736 static token_spec_t * 737 parsetoken(char *spec) 738 { 739 #define FLD_NAME 0 740 #define FLD_MANUF 1 741 #define FLD_SERIAL 2 742 #define FLD_LABEL 3 743 #define NFIELDS 4 744 #define nullfield(i) ((field[(i)+1] - field[(i)]) <= 1) 745 #define copyfield(fld, i) \ 746 { \ 747 int n; \ 748 (fld) = NULL; \ 749 if ((n = (field[(i)+1] - field[(i)])) > 1) { \ 750 if (((fld) = malloc(n)) != NULL) { \ 751 (void) strncpy((fld), field[(i)], n); \ 752 ((fld))[n - 1] = '\0'; \ 753 } \ 754 } \ 755 } 756 757 int i; 758 char *field[NFIELDS + 1]; /* +1 to catch extra delimiters */ 759 token_spec_t *ti = NULL; 760 761 if (spec == NULL) 762 return (NULL); 763 764 /* 765 * Correct format is "[name]:[manuf]:[serial]:key". Can't use 766 * strtok because it treats ":::key" and "key:::" and "key" all 767 * as the same thing, and we can't have the :s compressed away. 768 */ 769 field[0] = spec; 770 for (i = 1; i < NFIELDS + 1; i++) { 771 field[i] = strchr(field[i-1], ':'); 772 if (field[i] == NULL) 773 break; 774 field[i]++; 775 } 776 if (i < NFIELDS) /* not enough fields */ 777 return (NULL); 778 if (field[NFIELDS] != NULL) /* too many fields */ 779 return (NULL); 780 field[NFIELDS] = strchr(field[NFIELDS-1], '\0') + 1; 781 782 /* key label can't be empty */ 783 if (nullfield(FLD_LABEL)) 784 return (NULL); 785 786 ti = malloc(sizeof (token_spec_t)); 787 if (ti == NULL) 788 return (NULL); 789 790 copyfield(ti->name, FLD_NAME); 791 copyfield(ti->mfr, FLD_MANUF); 792 copyfield(ti->serno, FLD_SERIAL); 793 copyfield(ti->key, FLD_LABEL); 794 795 /* 796 * If token specified and it only contains a key label, then 797 * search all tokens for the key, otherwise only those with 798 * matching name, mfr, and serno are used. 799 */ 800 /* 801 * That's how we'd like it to be, however, if only the key label 802 * is specified, default to using softtoken. It's easier. 803 */ 804 if (ti->name == NULL && ti->mfr == NULL && ti->serno == NULL) 805 ti->name = strdup(pkcs11_default_token()); 806 return (ti); 807 } 808 809 /* 810 * PBE the passphrase into a raw key 811 */ 812 static void 813 getkeyfromuser(mech_alias_t *cipher, char **raw_key, size_t *raw_key_sz) 814 { 815 CK_SESSION_HANDLE sess; 816 CK_RV rv; 817 char *pass = NULL; 818 size_t passlen = 0; 819 void *salt = NULL; /* don't use NULL, see note on salt below */ 820 size_t saltlen = 0; 821 CK_KEY_TYPE ktype; 822 void *kvalue; 823 size_t klen; 824 825 /* did init_crypto find a slot that supports this cipher? */ 826 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) { 827 rv = CKR_MECHANISM_INVALID; 828 goto cleanup; 829 } 830 831 rv = pkcs11_mech2keytype(cipher->type, &ktype); 832 if (rv != CKR_OK) 833 goto cleanup; 834 835 /* 836 * use the passphrase to generate a PBE PKCS#5 secret key and 837 * retrieve the raw key data to eventually pass it to the kernel; 838 */ 839 rv = C_OpenSession(cipher->slot, CKF_SERIAL_SESSION, NULL, NULL, &sess); 840 if (rv != CKR_OK) 841 goto cleanup; 842 843 /* get user passphrase with 8 byte minimum */ 844 if (pkcs11_get_pass(NULL, &pass, &passlen, MIN_PASSLEN, B_TRUE) < 0) { 845 die(gettext("passphrases do not match\n")); 846 } 847 848 /* 849 * salt should not be NULL, or else pkcs11_PasswdToKey() will 850 * complain about CKR_MECHANISM_PARAM_INVALID; the following is 851 * to make up for not having a salt until a proper one is used 852 */ 853 salt = pass; 854 saltlen = passlen; 855 856 klen = cipher->max_keysize; 857 rv = pkcs11_PasswdToKey(sess, pass, passlen, salt, saltlen, ktype, 858 cipher->max_keysize, &kvalue, &klen); 859 860 (void) C_CloseSession(sess); 861 862 if (rv != CKR_OK) { 863 goto cleanup; 864 } 865 866 /* assert(klen == cipher->max_keysize); */ 867 *raw_key_sz = klen; 868 *raw_key = (char *)kvalue; 869 return; 870 871 cleanup: 872 die(gettext("failed to generate %s key from passphrase: %s"), 873 cipher->alias, pkcs11_strerror(rv)); 874 } 875 876 /* 877 * Read raw key from file; also handles ephemeral keys. 878 */ 879 void 880 getkeyfromfile(const char *pathname, mech_alias_t *cipher, char **key, 881 size_t *ksz) 882 { 883 int fd; 884 struct stat sbuf; 885 boolean_t notplain = B_FALSE; 886 ssize_t cursz; 887 ssize_t nread; 888 889 /* ephemeral keys are just random data */ 890 if (pathname == NULL) { 891 *ksz = cipher->max_keysize; 892 *key = malloc(*ksz); 893 if (*key == NULL) 894 die(gettext("failed to allocate memory for" 895 " ephemeral key")); 896 if (pkcs11_random_data(*key, *ksz) < 0) { 897 free(*key); 898 die(gettext("failed to get enough random data")); 899 } 900 return; 901 } 902 903 /* 904 * If the remaining section of code didn't also check for secure keyfile 905 * permissions and whether the key is within cipher min and max lengths, 906 * (or, if those things moved out of this block), we could have had: 907 * if (pkcs11_read_data(pathname, key, ksz) < 0) 908 * handle_error(); 909 */ 910 911 if ((fd = open(pathname, O_RDONLY, 0)) == -1) 912 die(gettext("open of keyfile (%s) failed"), pathname); 913 914 if (fstat(fd, &sbuf) == -1) 915 die(gettext("fstat of keyfile (%s) failed"), pathname); 916 917 if (S_ISREG(sbuf.st_mode)) { 918 if ((sbuf.st_mode & (S_IWGRP | S_IWOTH)) != 0) 919 die(gettext("insecure permissions on keyfile %s\n"), 920 pathname); 921 922 *ksz = sbuf.st_size; 923 if (*ksz < cipher->min_keysize || cipher->max_keysize < *ksz) { 924 warn(gettext("%s: invalid keysize: %d\n"), 925 pathname, (int)*ksz); 926 die(gettext("\t%d <= keysize <= %d\n"), 927 cipher->min_keysize, cipher->max_keysize); 928 } 929 } else { 930 *ksz = cipher->max_keysize; 931 notplain = B_TRUE; 932 } 933 934 *key = malloc(*ksz); 935 if (*key == NULL) 936 die(gettext("failed to allocate memory for key from file")); 937 938 for (cursz = 0, nread = 0; cursz < *ksz; cursz += nread) { 939 nread = read(fd, *key, *ksz); 940 if (nread > 0) 941 continue; 942 /* 943 * nread == 0. If it's not a regular file we were trying to 944 * get the maximum keysize of data possible for this cipher. 945 * But if we've got at least the minimum keysize of data, 946 * round down to the nearest keysize unit and call it good. 947 * If we haven't met the minimum keysize, that's an error. 948 * If it's a regular file, nread = 0 is also an error. 949 */ 950 if (nread == 0 && notplain && cursz >= cipher->min_keysize) { 951 *ksz = (cursz / cipher->min_keysize) * 952 cipher->min_keysize; 953 break; 954 } 955 die(gettext("%s: can't read all keybytes"), pathname); 956 } 957 (void) close(fd); 958 } 959 960 /* 961 * Read the raw key from token, or from a file that was wrapped with a 962 * key from token 963 */ 964 void 965 getkeyfromtoken(CK_SESSION_HANDLE sess, 966 token_spec_t *token, const char *keyfile, mech_alias_t *cipher, 967 char **raw_key, size_t *raw_key_sz) 968 { 969 CK_RV rv = CKR_OK; 970 CK_BBOOL trueval = B_TRUE; 971 CK_OBJECT_CLASS kclass; /* secret key or RSA private key */ 972 CK_KEY_TYPE ktype; /* from selected cipher or CKK_RSA */ 973 CK_KEY_TYPE raw_ktype; /* from selected cipher */ 974 CK_ATTRIBUTE key_tmpl[] = { 975 { CKA_CLASS, NULL, 0 }, /* re-used for token key and unwrap */ 976 { CKA_KEY_TYPE, NULL, 0 }, /* ditto */ 977 { CKA_LABEL, NULL, 0 }, 978 { CKA_TOKEN, NULL, 0 }, 979 { CKA_PRIVATE, NULL, 0 } 980 }; 981 CK_ULONG attrs = sizeof (key_tmpl) / sizeof (CK_ATTRIBUTE); 982 int i; 983 char *pass = NULL; 984 size_t passlen = 0; 985 CK_OBJECT_HANDLE obj, rawobj; 986 CK_ULONG num_objs = 1; /* just want to find 1 token key */ 987 CK_MECHANISM unwrap = { CKM_RSA_PKCS, NULL, 0 }; 988 char *rkey; 989 size_t rksz; 990 991 if (token == NULL || token->key == NULL) 992 return; 993 994 /* did init_crypto find a slot that supports this cipher? */ 995 if (cipher->slot == (CK_SLOT_ID)-1 || cipher->max_keysize == 0) { 996 die(gettext("failed to find any cryptographic provider, " 997 "use \"cryptoadm list -p\" to find providers: %s\n"), 998 pkcs11_strerror(CKR_MECHANISM_INVALID)); 999 } 1000 1001 if (pkcs11_get_pass(token->name, &pass, &passlen, 0, B_FALSE) < 0) 1002 die(gettext("unable to get passphrase")); 1003 1004 /* use passphrase to login to token */ 1005 if (pass != NULL && passlen > 0) { 1006 rv = C_Login(sess, CKU_USER, (CK_UTF8CHAR_PTR)pass, passlen); 1007 if (rv != CKR_OK) { 1008 die(gettext("cannot login to the token %s: %s\n"), 1009 token->name, pkcs11_strerror(rv)); 1010 } 1011 } 1012 1013 rv = pkcs11_mech2keytype(cipher->type, &raw_ktype); 1014 if (rv != CKR_OK) { 1015 die(gettext("failed to get key type for cipher %s: %s\n"), 1016 cipher->name, pkcs11_strerror(rv)); 1017 } 1018 1019 /* 1020 * If no keyfile was given, then the token key is secret key to 1021 * be used for encryption/decryption. Otherwise, the keyfile 1022 * contains a wrapped secret key, and the token is actually the 1023 * unwrapping RSA private key. 1024 */ 1025 if (keyfile == NULL) { 1026 kclass = CKO_SECRET_KEY; 1027 ktype = raw_ktype; 1028 } else { 1029 kclass = CKO_PRIVATE_KEY; 1030 ktype = CKK_RSA; 1031 } 1032 1033 /* Find the key in the token first */ 1034 for (i = 0; i < attrs; i++) { 1035 switch (key_tmpl[i].type) { 1036 case CKA_CLASS: 1037 key_tmpl[i].pValue = &kclass; 1038 key_tmpl[i].ulValueLen = sizeof (kclass); 1039 break; 1040 case CKA_KEY_TYPE: 1041 key_tmpl[i].pValue = &ktype; 1042 key_tmpl[i].ulValueLen = sizeof (ktype); 1043 break; 1044 case CKA_LABEL: 1045 key_tmpl[i].pValue = token->key; 1046 key_tmpl[i].ulValueLen = strlen(token->key); 1047 break; 1048 case CKA_TOKEN: 1049 key_tmpl[i].pValue = &trueval; 1050 key_tmpl[i].ulValueLen = sizeof (trueval); 1051 break; 1052 case CKA_PRIVATE: 1053 key_tmpl[i].pValue = &trueval; 1054 key_tmpl[i].ulValueLen = sizeof (trueval); 1055 break; 1056 default: 1057 break; 1058 } 1059 } 1060 rv = C_FindObjectsInit(sess, key_tmpl, attrs); 1061 if (rv != CKR_OK) 1062 die(gettext("cannot find key %s: %s\n"), token->key, 1063 pkcs11_strerror(rv)); 1064 rv = C_FindObjects(sess, &obj, 1, &num_objs); 1065 (void) C_FindObjectsFinal(sess); 1066 1067 if (num_objs == 0) { 1068 die(gettext("cannot find key %s\n"), token->key); 1069 } else if (rv != CKR_OK) { 1070 die(gettext("cannot find key %s: %s\n"), token->key, 1071 pkcs11_strerror(rv)); 1072 } 1073 1074 /* 1075 * No keyfile means when token key is found, convert it to raw key, 1076 * and done. Otherwise still need do an unwrap to create yet another 1077 * obj and that needs to be converted to raw key before we're done. 1078 */ 1079 if (keyfile == NULL) { 1080 /* obj contains raw key, extract it */ 1081 rv = pkcs11_ObjectToKey(sess, obj, (void **)&rkey, &rksz, 1082 B_FALSE); 1083 if (rv != CKR_OK) { 1084 die(gettext("failed to get key value for %s" 1085 " from token %s, %s\n"), token->key, 1086 token->name, pkcs11_strerror(rv)); 1087 } 1088 } else { 1089 getkeyfromfile(keyfile, cipher, &rkey, &rksz); 1090 1091 /* 1092 * Got the wrapping RSA obj and the wrapped key from file. 1093 * Unwrap the key from file with RSA obj to get rawkey obj. 1094 */ 1095 1096 /* re-use the first two attributes of key_tmpl */ 1097 kclass = CKO_SECRET_KEY; 1098 ktype = raw_ktype; 1099 1100 rv = C_UnwrapKey(sess, &unwrap, obj, (CK_BYTE_PTR)rkey, 1101 rksz, key_tmpl, 2, &rawobj); 1102 if (rv != CKR_OK) { 1103 die(gettext("failed to unwrap key in keyfile %s," 1104 " %s\n"), keyfile, pkcs11_strerror(rv)); 1105 } 1106 /* rawobj contains raw key, extract it */ 1107 rv = pkcs11_ObjectToKey(sess, rawobj, (void **)&rkey, &rksz, 1108 B_TRUE); 1109 if (rv != CKR_OK) { 1110 die(gettext("failed to get unwrapped key value for" 1111 " key in keyfile %s, %s\n"), keyfile, 1112 pkcs11_strerror(rv)); 1113 } 1114 } 1115 1116 /* validate raw key size */ 1117 if (rksz < cipher->min_keysize || cipher->max_keysize < rksz) { 1118 warn(gettext("%s: invalid keysize: %d\n"), keyfile, (int)rksz); 1119 die(gettext("\t%d <= keysize <= %d\n"), cipher->min_keysize, 1120 cipher->max_keysize); 1121 } 1122 1123 *raw_key_sz = rksz; 1124 *raw_key = (char *)rkey; 1125 } 1126 1127 /* 1128 * Set up cipher key limits and verify PKCS#11 can be done 1129 * match_token_cipher is the function pointer used by 1130 * pkcs11_GetCriteriaSession() init_crypto. 1131 */ 1132 boolean_t 1133 match_token_cipher(CK_SLOT_ID slot_id, void *args, CK_RV *rv) 1134 { 1135 token_spec_t *token; 1136 mech_alias_t *cipher; 1137 CK_TOKEN_INFO tokinfo; 1138 CK_MECHANISM_INFO mechinfo; 1139 boolean_t token_match; 1140 1141 /* 1142 * While traversing slot list, pick up the following info per slot: 1143 * - if token specified, whether it matches this slot's token info 1144 * - if the slot supports the PKCS#5 PBKD2 cipher 1145 * 1146 * If the user said on the command line 1147 * -T tok:mfr:ser:lab -k keyfile 1148 * -c cipher -T tok:mfr:ser:lab -k keyfile 1149 * the given cipher or the default cipher apply to keyfile, 1150 * If the user said instead 1151 * -T tok:mfr:ser:lab 1152 * -c cipher -T tok:mfr:ser:lab 1153 * the key named "lab" may or may not agree with the given 1154 * cipher or the default cipher. In those cases, cipher will 1155 * be overridden with the actual cipher type of the key "lab". 1156 */ 1157 *rv = CKR_FUNCTION_FAILED; 1158 1159 if (args == NULL) { 1160 return (B_FALSE); 1161 } 1162 1163 cipher = (mech_alias_t *)args; 1164 token = cipher->token; 1165 1166 if (C_GetMechanismInfo(slot_id, cipher->type, &mechinfo) != CKR_OK) { 1167 return (B_FALSE); 1168 } 1169 1170 if (token == NULL) { 1171 if (C_GetMechanismInfo(slot_id, CKM_PKCS5_PBKD2, &mechinfo) != 1172 CKR_OK) { 1173 return (B_FALSE); 1174 } 1175 goto foundit; 1176 } 1177 1178 /* does the token match the token spec? */ 1179 if (token->key == NULL || (C_GetTokenInfo(slot_id, &tokinfo) != CKR_OK)) 1180 return (B_FALSE); 1181 1182 token_match = B_TRUE; 1183 1184 if (token->name != NULL && (token->name)[0] != '\0' && 1185 strncmp((char *)token->name, (char *)tokinfo.label, 1186 TOKEN_LABEL_SIZE) != 0) 1187 token_match = B_FALSE; 1188 if (token->mfr != NULL && (token->mfr)[0] != '\0' && 1189 strncmp((char *)token->mfr, (char *)tokinfo.manufacturerID, 1190 TOKEN_MANUFACTURER_SIZE) != 0) 1191 token_match = B_FALSE; 1192 if (token->serno != NULL && (token->serno)[0] != '\0' && 1193 strncmp((char *)token->serno, (char *)tokinfo.serialNumber, 1194 TOKEN_SERIAL_SIZE) != 0) 1195 token_match = B_FALSE; 1196 1197 if (!token_match) 1198 return (B_FALSE); 1199 1200 foundit: 1201 cipher->slot = slot_id; 1202 return (B_TRUE); 1203 } 1204 1205 /* 1206 * Clean up crypto loose ends 1207 */ 1208 static void 1209 end_crypto(CK_SESSION_HANDLE sess) 1210 { 1211 (void) C_CloseSession(sess); 1212 (void) C_Finalize(NULL); 1213 } 1214 1215 /* 1216 * Set up crypto, opening session on slot that matches token and cipher 1217 */ 1218 static void 1219 init_crypto(token_spec_t *token, mech_alias_t *cipher, 1220 CK_SESSION_HANDLE_PTR sess) 1221 { 1222 CK_RV rv; 1223 1224 cipher->token = token; 1225 1226 /* Turn off Metaslot so that we can see actual tokens */ 1227 if (setenv("METASLOT_ENABLED", "false", 1) < 0) { 1228 die(gettext("could not disable Metaslot")); 1229 } 1230 1231 rv = pkcs11_GetCriteriaSession(match_token_cipher, (void *)cipher, 1232 sess); 1233 if (rv != CKR_OK) { 1234 end_crypto(*sess); 1235 if (rv == CKR_HOST_MEMORY) { 1236 die("malloc"); 1237 } 1238 die(gettext("failed to find any cryptographic provider, " 1239 "use \"cryptoadm list -p\" to find providers: %s\n"), 1240 pkcs11_strerror(rv)); 1241 } 1242 } 1243 1244 /* 1245 * Uncompress a file. 1246 * 1247 * First map the file in to establish a device 1248 * association, then read from it. On-the-fly 1249 * decompression will automatically uncompress 1250 * the file if it's compressed 1251 * 1252 * If the file is mapped and a device association 1253 * has been established, disallow uncompressing 1254 * the file until it is unmapped. 1255 */ 1256 static void 1257 lofi_uncompress(int lfd, const char *filename) 1258 { 1259 struct lofi_ioctl li; 1260 char buf[MAXBSIZE]; 1261 char devicename[32]; 1262 char tmpfilename[MAXPATHLEN]; 1263 char *x; 1264 char *dir = NULL; 1265 char *file = NULL; 1266 int minor = 0; 1267 struct stat64 statbuf; 1268 int compfd = -1; 1269 int uncompfd = -1; 1270 ssize_t rbytes; 1271 1272 /* 1273 * Disallow uncompressing the file if it is 1274 * already mapped. 1275 */ 1276 li.li_minor = 0; 1277 (void) strlcpy(li.li_filename, filename, sizeof (li.li_filename)); 1278 if (ioctl(lfd, LOFI_GET_MINOR, &li) != -1) 1279 die(gettext("%s must be unmapped before uncompressing"), 1280 filename); 1281 1282 /* Zero length files don't need to be uncompressed */ 1283 if (stat64(filename, &statbuf) == -1) 1284 die(gettext("stat: %s"), filename); 1285 if (statbuf.st_size == 0) 1286 return; 1287 1288 minor = lofi_map_file(lfd, li, filename); 1289 (void) snprintf(devicename, sizeof (devicename), "/dev/%s/%d", 1290 LOFI_BLOCK_NAME, minor); 1291 1292 /* If the file isn't compressed, we just return */ 1293 if ((ioctl(lfd, LOFI_CHECK_COMPRESSED, &li) == -1) || 1294 (li.li_algorithm[0] == '\0')) { 1295 delete_mapping(lfd, devicename, filename, B_TRUE); 1296 die("%s is not compressed\n", filename); 1297 } 1298 1299 if ((compfd = open64(devicename, O_RDONLY | O_NONBLOCK)) == -1) { 1300 delete_mapping(lfd, devicename, filename, B_TRUE); 1301 die(gettext("open: %s"), filename); 1302 } 1303 /* Create a temp file in the same directory */ 1304 x = strdup(filename); 1305 dir = strdup(dirname(x)); 1306 free(x); 1307 x = strdup(filename); 1308 file = strdup(basename(x)); 1309 free(x); 1310 (void) snprintf(tmpfilename, sizeof (tmpfilename), 1311 "%s/.%sXXXXXX", dir, file); 1312 free(dir); 1313 free(file); 1314 1315 if ((uncompfd = mkstemp64(tmpfilename)) == -1) { 1316 (void) close(compfd); 1317 delete_mapping(lfd, devicename, filename, B_TRUE); 1318 die("%s could not be uncompressed\n", filename); 1319 } 1320 1321 /* 1322 * Set the mode bits and the owner of this temporary 1323 * file to be that of the original uncompressed file 1324 */ 1325 (void) fchmod(uncompfd, statbuf.st_mode); 1326 1327 if (fchown(uncompfd, statbuf.st_uid, statbuf.st_gid) == -1) { 1328 (void) close(compfd); 1329 (void) close(uncompfd); 1330 delete_mapping(lfd, devicename, filename, B_TRUE); 1331 die("%s could not be uncompressed\n", filename); 1332 } 1333 1334 /* Now read from the device in MAXBSIZE-sized chunks */ 1335 for (;;) { 1336 rbytes = read(compfd, buf, sizeof (buf)); 1337 1338 if (rbytes <= 0) 1339 break; 1340 1341 if (write(uncompfd, buf, rbytes) != rbytes) { 1342 rbytes = -1; 1343 break; 1344 } 1345 } 1346 1347 (void) close(compfd); 1348 (void) close(uncompfd); 1349 1350 /* Delete the mapping */ 1351 delete_mapping(lfd, devicename, filename, B_TRUE); 1352 1353 /* 1354 * If an error occured while reading or writing, rbytes will 1355 * be negative 1356 */ 1357 if (rbytes < 0) { 1358 (void) unlink(tmpfilename); 1359 die(gettext("could not read from %s"), filename); 1360 } 1361 1362 /* Rename the temp file to the actual file */ 1363 if (rename(tmpfilename, filename) == -1) 1364 (void) unlink(tmpfilename); 1365 } 1366 1367 /* 1368 * Compress a file 1369 */ 1370 static void 1371 lofi_compress(int *lfd, const char *filename, int compress_index, 1372 uint32_t segsize) 1373 { 1374 struct lofi_ioctl lic; 1375 lofi_compress_info_t *li; 1376 struct flock lock; 1377 char tmpfilename[MAXPATHLEN]; 1378 char comp_filename[MAXPATHLEN]; 1379 char algorithm[MAXALGLEN]; 1380 char *x; 1381 char *dir = NULL, *file = NULL; 1382 uchar_t *uncompressed_seg = NULL; 1383 uchar_t *compressed_seg = NULL; 1384 uint32_t compressed_segsize; 1385 uint32_t len_compressed, count; 1386 uint32_t index_entries, index_sz; 1387 uint64_t *index = NULL; 1388 uint64_t offset; 1389 size_t real_segsize; 1390 struct stat64 statbuf; 1391 int compfd = -1, uncompfd = -1; 1392 int tfd = -1; 1393 ssize_t rbytes, wbytes, lastread; 1394 int i, type; 1395 1396 /* 1397 * Disallow compressing the file if it is 1398 * already mapped 1399 */ 1400 lic.li_minor = 0; 1401 (void) strlcpy(lic.li_filename, filename, sizeof (lic.li_filename)); 1402 if (ioctl(*lfd, LOFI_GET_MINOR, &lic) != -1) 1403 die(gettext("%s must be unmapped before compressing"), 1404 filename); 1405 1406 /* 1407 * Close the control device so other operations 1408 * can use it 1409 */ 1410 (void) close(*lfd); 1411 *lfd = -1; 1412 1413 li = &lofi_compress_table[compress_index]; 1414 1415 /* 1416 * The size of the buffer to hold compressed data must 1417 * be slightly larger than the compressed segment size. 1418 * 1419 * The compress functions use part of the buffer as 1420 * scratch space to do calculations. 1421 * Ref: http://www.zlib.net/manual.html#compress2 1422 */ 1423 compressed_segsize = segsize + (segsize >> 6); 1424 compressed_seg = (uchar_t *)malloc(compressed_segsize + SEGHDR); 1425 uncompressed_seg = (uchar_t *)malloc(segsize); 1426 1427 if (compressed_seg == NULL || uncompressed_seg == NULL) 1428 die(gettext("No memory")); 1429 1430 if ((uncompfd = open64(filename, O_RDWR|O_LARGEFILE, 0)) == -1) 1431 die(gettext("open: %s"), filename); 1432 1433 lock.l_type = F_WRLCK; 1434 lock.l_whence = SEEK_SET; 1435 lock.l_start = 0; 1436 lock.l_len = 0; 1437 1438 /* 1439 * Use an advisory lock to ensure that only a 1440 * single lofiadm process compresses a given 1441 * file at any given time 1442 * 1443 * A close on the file descriptor automatically 1444 * closes all lock state on the file 1445 */ 1446 if (fcntl(uncompfd, F_SETLKW, &lock) == -1) 1447 die(gettext("fcntl: %s"), filename); 1448 1449 if (fstat64(uncompfd, &statbuf) == -1) { 1450 (void) close(uncompfd); 1451 die(gettext("fstat: %s"), filename); 1452 } 1453 1454 /* Zero length files don't need to be compressed */ 1455 if (statbuf.st_size == 0) { 1456 (void) close(uncompfd); 1457 return; 1458 } 1459 1460 /* 1461 * Create temporary files in the same directory that 1462 * will hold the intermediate data 1463 */ 1464 x = strdup(filename); 1465 dir = strdup(dirname(x)); 1466 free(x); 1467 x = strdup(filename); 1468 file = strdup(basename(x)); 1469 free(x); 1470 (void) snprintf(tmpfilename, sizeof (tmpfilename), 1471 "%s/.%sXXXXXX", dir, file); 1472 (void) snprintf(comp_filename, sizeof (comp_filename), 1473 "%s/.%sXXXXXX", dir, file); 1474 free(dir); 1475 free(file); 1476 1477 if ((tfd = mkstemp64(tmpfilename)) == -1) 1478 goto cleanup; 1479 1480 if ((compfd = mkstemp64(comp_filename)) == -1) 1481 goto cleanup; 1482 1483 /* 1484 * Set the mode bits and owner of the compressed 1485 * file to be that of the original uncompressed file 1486 */ 1487 (void) fchmod(compfd, statbuf.st_mode); 1488 1489 if (fchown(compfd, statbuf.st_uid, statbuf.st_gid) == -1) 1490 goto cleanup; 1491 1492 /* 1493 * Calculate the number of index entries required. 1494 * index entries are stored as an array. adding 1495 * a '2' here accounts for the fact that the last 1496 * segment may not be a multiple of the segment size 1497 */ 1498 index_sz = (statbuf.st_size / segsize) + 2; 1499 index = malloc(sizeof (*index) * index_sz); 1500 1501 if (index == NULL) 1502 goto cleanup; 1503 1504 offset = 0; 1505 lastread = segsize; 1506 count = 0; 1507 1508 /* 1509 * Now read from the uncompressed file in 'segsize' 1510 * sized chunks, compress what was read in and 1511 * write it out to a temporary file 1512 */ 1513 for (;;) { 1514 rbytes = read(uncompfd, uncompressed_seg, segsize); 1515 1516 if (rbytes <= 0) 1517 break; 1518 1519 if (lastread < segsize) 1520 goto cleanup; 1521 1522 /* 1523 * Account for the first byte that 1524 * indicates whether a segment is 1525 * compressed or not 1526 */ 1527 real_segsize = segsize - 1; 1528 (void) li->l_compress(uncompressed_seg, rbytes, 1529 compressed_seg + SEGHDR, &real_segsize, li->l_level); 1530 1531 /* 1532 * If the length of the compressed data is more 1533 * than a threshold then there isn't any benefit 1534 * to be had from compressing this segment - leave 1535 * it uncompressed. 1536 * 1537 * NB. In case an error occurs during compression (above) 1538 * the 'real_segsize' isn't changed. The logic below 1539 * ensures that that segment is left uncompressed. 1540 */ 1541 len_compressed = real_segsize; 1542 if (real_segsize > segsize - COMPRESS_THRESHOLD) { 1543 (void) memcpy(compressed_seg + SEGHDR, uncompressed_seg, 1544 rbytes); 1545 type = UNCOMPRESSED; 1546 len_compressed = rbytes; 1547 } else { 1548 type = COMPRESSED; 1549 } 1550 1551 /* 1552 * Set the first byte or the SEGHDR to 1553 * indicate if it's compressed or not 1554 */ 1555 *compressed_seg = type; 1556 wbytes = write(tfd, compressed_seg, len_compressed + SEGHDR); 1557 if (wbytes != (len_compressed + SEGHDR)) { 1558 rbytes = -1; 1559 break; 1560 } 1561 1562 index[count] = BE_64(offset); 1563 offset += wbytes; 1564 lastread = rbytes; 1565 count++; 1566 } 1567 1568 (void) close(uncompfd); 1569 1570 if (rbytes < 0) 1571 goto cleanup; 1572 /* 1573 * The last index entry is a sentinel entry. It does not point to 1574 * an actual compressed segment but helps in computing the size of 1575 * the compressed segment. The size of each compressed segment is 1576 * computed by subtracting the current index value from the next 1577 * one (the compressed blocks are stored sequentially) 1578 */ 1579 index[count++] = BE_64(offset); 1580 1581 /* 1582 * Now write the compressed data along with the 1583 * header information to this file which will 1584 * later be renamed to the original uncompressed 1585 * file name 1586 * 1587 * The header is as follows - 1588 * 1589 * Signature (name of the compression algorithm) 1590 * Compression segment size (a multiple of 512) 1591 * Number of index entries 1592 * Size of the last block 1593 * The array containing the index entries 1594 * 1595 * the header is always stored in network byte 1596 * order 1597 */ 1598 (void) bzero(algorithm, sizeof (algorithm)); 1599 (void) strlcpy(algorithm, li->l_name, sizeof (algorithm)); 1600 if (write(compfd, algorithm, sizeof (algorithm)) 1601 != sizeof (algorithm)) 1602 goto cleanup; 1603 1604 segsize = htonl(segsize); 1605 if (write(compfd, &segsize, sizeof (segsize)) != sizeof (segsize)) 1606 goto cleanup; 1607 1608 index_entries = htonl(count); 1609 if (write(compfd, &index_entries, sizeof (index_entries)) != 1610 sizeof (index_entries)) 1611 goto cleanup; 1612 1613 lastread = htonl(lastread); 1614 if (write(compfd, &lastread, sizeof (lastread)) != sizeof (lastread)) 1615 goto cleanup; 1616 1617 for (i = 0; i < count; i++) { 1618 if (write(compfd, index + i, sizeof (*index)) != 1619 sizeof (*index)) 1620 goto cleanup; 1621 } 1622 1623 /* Header is written, now write the compressed data */ 1624 if (lseek(tfd, 0, SEEK_SET) != 0) 1625 goto cleanup; 1626 1627 rbytes = wbytes = 0; 1628 1629 for (;;) { 1630 rbytes = read(tfd, compressed_seg, compressed_segsize + SEGHDR); 1631 1632 if (rbytes <= 0) 1633 break; 1634 1635 if (write(compfd, compressed_seg, rbytes) != rbytes) 1636 goto cleanup; 1637 } 1638 1639 if (fstat64(compfd, &statbuf) == -1) 1640 goto cleanup; 1641 1642 /* 1643 * Round up the compressed file size to be a multiple of 1644 * DEV_BSIZE. lofi(7D) likes it that way. 1645 */ 1646 if ((offset = statbuf.st_size % DEV_BSIZE) > 0) { 1647 1648 offset = DEV_BSIZE - offset; 1649 1650 for (i = 0; i < offset; i++) 1651 uncompressed_seg[i] = '\0'; 1652 if (write(compfd, uncompressed_seg, offset) != offset) 1653 goto cleanup; 1654 } 1655 (void) close(compfd); 1656 (void) close(tfd); 1657 (void) unlink(tmpfilename); 1658 cleanup: 1659 if (rbytes < 0) { 1660 if (tfd != -1) 1661 (void) unlink(tmpfilename); 1662 if (compfd != -1) 1663 (void) unlink(comp_filename); 1664 die(gettext("error compressing file %s"), filename); 1665 } else { 1666 /* Rename the compressed file to the actual file */ 1667 if (rename(comp_filename, filename) == -1) { 1668 (void) unlink(comp_filename); 1669 die(gettext("error compressing file %s"), filename); 1670 } 1671 } 1672 if (compressed_seg != NULL) 1673 free(compressed_seg); 1674 if (uncompressed_seg != NULL) 1675 free(uncompressed_seg); 1676 if (index != NULL) 1677 free(index); 1678 if (compfd != -1) 1679 (void) close(compfd); 1680 if (uncompfd != -1) 1681 (void) close(uncompfd); 1682 if (tfd != -1) 1683 (void) close(tfd); 1684 } 1685 1686 static int 1687 lofi_compress_select(const char *algname) 1688 { 1689 int i; 1690 1691 for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) { 1692 if (strcmp(lofi_compress_table[i].l_name, algname) == 0) 1693 return (i); 1694 } 1695 return (-1); 1696 } 1697 1698 static void 1699 check_algorithm_validity(const char *algname, int *compress_index) 1700 { 1701 *compress_index = lofi_compress_select(algname); 1702 if (*compress_index < 0) 1703 die(gettext("invalid algorithm name: %s\n"), algname); 1704 } 1705 1706 static void 1707 check_file_validity(const char *filename) 1708 { 1709 struct stat64 buf; 1710 int error; 1711 int fd; 1712 1713 fd = open64(filename, O_RDONLY); 1714 if (fd == -1) { 1715 die(gettext("open: %s"), filename); 1716 } 1717 error = fstat64(fd, &buf); 1718 if (error == -1) { 1719 die(gettext("fstat: %s"), filename); 1720 } else if (!S_ISLOFIABLE(buf.st_mode)) { 1721 die(gettext("%s is not a regular file, " 1722 "block, or character device\n"), 1723 filename); 1724 } else if ((buf.st_size % DEV_BSIZE) != 0) { 1725 die(gettext("size of %s is not a multiple of %d\n"), 1726 filename, DEV_BSIZE); 1727 } 1728 (void) close(fd); 1729 1730 if (name_to_minor(filename) != 0) { 1731 die(gettext("cannot use %s on itself\n"), LOFI_DRIVER_NAME); 1732 } 1733 } 1734 1735 static uint32_t 1736 convert_to_num(const char *str) 1737 { 1738 int len; 1739 uint32_t segsize, mult = 1; 1740 1741 len = strlen(str); 1742 if (len && isalpha(str[len - 1])) { 1743 switch (str[len - 1]) { 1744 case 'k': 1745 case 'K': 1746 mult = KILOBYTE; 1747 break; 1748 case 'b': 1749 case 'B': 1750 mult = BLOCK_SIZE; 1751 break; 1752 case 'm': 1753 case 'M': 1754 mult = MEGABYTE; 1755 break; 1756 case 'g': 1757 case 'G': 1758 mult = GIGABYTE; 1759 break; 1760 default: 1761 die(gettext("invalid segment size %s\n"), str); 1762 } 1763 } 1764 1765 segsize = atol(str); 1766 segsize *= mult; 1767 1768 return (segsize); 1769 } 1770 1771 int 1772 main(int argc, char *argv[]) 1773 { 1774 int lfd; 1775 int c; 1776 const char *devicename = NULL; 1777 const char *filename = NULL; 1778 const char *algname = COMPRESS_ALGORITHM; 1779 int openflag; 1780 int minor; 1781 int compress_index; 1782 uint32_t segsize = SEGSIZE; 1783 static char *lofictl = "/dev/" LOFI_CTL_NAME; 1784 boolean_t force = B_FALSE; 1785 const char *pname; 1786 boolean_t errflag = B_FALSE; 1787 boolean_t addflag = B_FALSE; 1788 boolean_t deleteflag = B_FALSE; 1789 boolean_t ephflag = B_FALSE; 1790 boolean_t compressflag = B_FALSE; 1791 boolean_t uncompressflag = B_FALSE; 1792 /* the next two work together for -c, -k, -T, -e options only */ 1793 boolean_t need_crypto = B_FALSE; /* if any -c, -k, -T, -e */ 1794 boolean_t cipher_only = B_TRUE; /* if -c only */ 1795 const char *keyfile = NULL; 1796 mech_alias_t *cipher = NULL; 1797 token_spec_t *token = NULL; 1798 char *rkey = NULL; 1799 size_t rksz = 0; 1800 char realfilename[MAXPATHLEN]; 1801 1802 pname = getpname(argv[0]); 1803 1804 (void) setlocale(LC_ALL, ""); 1805 (void) textdomain(TEXT_DOMAIN); 1806 1807 while ((c = getopt(argc, argv, "a:c:Cd:efk:o:s:T:U")) != EOF) { 1808 switch (c) { 1809 case 'a': 1810 addflag = B_TRUE; 1811 if ((filename = realpath(optarg, realfilename)) == NULL) 1812 die("%s", optarg); 1813 if (((argc - optind) > 0) && (*argv[optind] != '-')) { 1814 /* optional device */ 1815 devicename = argv[optind]; 1816 optind++; 1817 } 1818 break; 1819 case 'C': 1820 compressflag = B_TRUE; 1821 if (((argc - optind) > 1) && (*argv[optind] != '-')) { 1822 /* optional algorithm */ 1823 algname = argv[optind]; 1824 optind++; 1825 } 1826 check_algorithm_validity(algname, &compress_index); 1827 break; 1828 case 'c': 1829 /* is the chosen cipher allowed? */ 1830 if ((cipher = ciph2mech(optarg)) == NULL) { 1831 errflag = B_TRUE; 1832 warn(gettext("cipher %s not allowed\n"), 1833 optarg); 1834 } 1835 need_crypto = B_TRUE; 1836 /* cipher_only is already set */ 1837 break; 1838 case 'd': 1839 deleteflag = B_TRUE; 1840 minor = name_to_minor(optarg); 1841 if (minor != 0) 1842 devicename = optarg; 1843 else { 1844 if ((filename = realpath(optarg, 1845 realfilename)) == NULL) 1846 die("%s", optarg); 1847 } 1848 break; 1849 case 'e': 1850 ephflag = B_TRUE; 1851 need_crypto = B_TRUE; 1852 cipher_only = B_FALSE; /* need to unset cipher_only */ 1853 break; 1854 case 'f': 1855 force = B_TRUE; 1856 break; 1857 case 'k': 1858 keyfile = optarg; 1859 need_crypto = B_TRUE; 1860 cipher_only = B_FALSE; /* need to unset cipher_only */ 1861 break; 1862 case 's': 1863 segsize = convert_to_num(optarg); 1864 if (segsize == 0 || segsize % DEV_BSIZE) 1865 die(gettext("segment size %s is invalid " 1866 "or not a multiple of minimum block " 1867 "size %ld\n"), optarg, DEV_BSIZE); 1868 break; 1869 case 'T': 1870 if ((token = parsetoken(optarg)) == NULL) { 1871 errflag = B_TRUE; 1872 warn( 1873 gettext("invalid token key specifier %s\n"), 1874 optarg); 1875 } 1876 need_crypto = B_TRUE; 1877 cipher_only = B_FALSE; /* need to unset cipher_only */ 1878 break; 1879 case 'U': 1880 uncompressflag = B_TRUE; 1881 break; 1882 case '?': 1883 default: 1884 errflag = B_TRUE; 1885 break; 1886 } 1887 } 1888 1889 /* Check for mutually exclusive combinations of options */ 1890 if (errflag || 1891 (addflag && deleteflag) || 1892 (!addflag && need_crypto) || 1893 ((compressflag || uncompressflag) && (addflag || deleteflag))) 1894 usage(pname); 1895 1896 /* ephemeral key, and key from either file or token are incompatible */ 1897 if (ephflag && (keyfile != NULL || token != NULL)) { 1898 die(gettext("ephemeral key cannot be used with keyfile" 1899 " or token key\n")); 1900 } 1901 1902 /* 1903 * "-c" but no "-k", "-T", "-e", or "-T -k" means derive key from 1904 * command line passphrase 1905 */ 1906 1907 switch (argc - optind) { 1908 case 0: /* no more args */ 1909 if (compressflag || uncompressflag) /* needs filename */ 1910 usage(pname); 1911 break; 1912 case 1: 1913 if (addflag || deleteflag) 1914 usage(pname); 1915 /* one arg means compress/uncompress the file ... */ 1916 if (compressflag || uncompressflag) { 1917 if ((filename = realpath(argv[optind], 1918 realfilename)) == NULL) 1919 die("%s", argv[optind]); 1920 /* ... or without options means print the association */ 1921 } else { 1922 minor = name_to_minor(argv[optind]); 1923 if (minor != 0) 1924 devicename = argv[optind]; 1925 else { 1926 if ((filename = realpath(argv[optind], 1927 realfilename)) == NULL) 1928 die("%s", argv[optind]); 1929 } 1930 } 1931 break; 1932 default: 1933 usage(pname); 1934 break; 1935 } 1936 1937 if (addflag || compressflag || uncompressflag) 1938 check_file_validity(filename); 1939 1940 if (filename && !valid_abspath(filename)) 1941 exit(E_ERROR); 1942 1943 /* 1944 * Here, we know the arguments are correct, the filename is an 1945 * absolute path, it exists and is a regular file. We don't yet 1946 * know that the device name is ok or not. 1947 */ 1948 1949 openflag = O_EXCL; 1950 if (addflag || deleteflag || compressflag || uncompressflag) 1951 openflag |= O_RDWR; 1952 else 1953 openflag |= O_RDONLY; 1954 lfd = open(lofictl, openflag); 1955 if (lfd == -1) { 1956 if ((errno == EPERM) || (errno == EACCES)) { 1957 die(gettext("you do not have permission to perform " 1958 "that operation.\n")); 1959 } else { 1960 die(gettext("open: %s"), lofictl); 1961 } 1962 /*NOTREACHED*/ 1963 } 1964 1965 /* 1966 * No passphrase is needed for ephemeral key, or when key is 1967 * in a file and not wrapped by another key from a token. 1968 * However, a passphrase is needed in these cases: 1969 * 1. cipher with no ephemeral key, key file, or token, 1970 * in which case the passphrase is used to build the key 1971 * 2. token with an optional cipher or optional key file, 1972 * in which case the passphrase unlocks the token 1973 * If only the cipher is specified, reconfirm the passphrase 1974 * to ensure the user hasn't mis-entered it. Otherwise, the 1975 * token will enforce the token passphrase. 1976 */ 1977 if (need_crypto) { 1978 CK_SESSION_HANDLE sess; 1979 1980 /* pick a cipher if none specified */ 1981 if (cipher == NULL) 1982 cipher = DEFAULT_CIPHER; 1983 1984 if (!kernel_cipher_check(cipher)) 1985 die(gettext( 1986 "use \"cryptoadm list -m\" to find available " 1987 "mechanisms\n")); 1988 1989 init_crypto(token, cipher, &sess); 1990 1991 if (cipher_only) { 1992 getkeyfromuser(cipher, &rkey, &rksz); 1993 } else if (token != NULL) { 1994 getkeyfromtoken(sess, token, keyfile, cipher, 1995 &rkey, &rksz); 1996 } else { 1997 /* this also handles ephemeral keys */ 1998 getkeyfromfile(keyfile, cipher, &rkey, &rksz); 1999 } 2000 2001 end_crypto(sess); 2002 } 2003 2004 /* 2005 * Now to the real work. 2006 */ 2007 if (addflag) 2008 add_mapping(lfd, devicename, filename, cipher, rkey, rksz); 2009 else if (compressflag) 2010 lofi_compress(&lfd, filename, compress_index, segsize); 2011 else if (uncompressflag) 2012 lofi_uncompress(lfd, filename); 2013 else if (deleteflag) 2014 delete_mapping(lfd, devicename, filename, force); 2015 else if (filename || devicename) 2016 print_one_mapping(lfd, devicename, filename); 2017 else 2018 print_mappings(lfd); 2019 2020 if (lfd != -1) 2021 (void) close(lfd); 2022 closelib(); 2023 return (E_SUCCESS); 2024 } 2025