17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 57c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 67c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 77c478bd9Sstevel@tonic-gate * with the License. 87c478bd9Sstevel@tonic-gate * 97c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 107c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 117c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 127c478bd9Sstevel@tonic-gate * and limitations under the License. 137c478bd9Sstevel@tonic-gate * 147c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 157c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 167c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 177c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 187c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 197c478bd9Sstevel@tonic-gate * 207c478bd9Sstevel@tonic-gate * CDDL HEADER END 217c478bd9Sstevel@tonic-gate */ 227c478bd9Sstevel@tonic-gate /* 23*50c83d09Scarlsonj * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 247c478bd9Sstevel@tonic-gate * Use is subject to license terms. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate #include <sys/types.h> 307c478bd9Sstevel@tonic-gate #include <sys/wanboot_impl.h> 317c478bd9Sstevel@tonic-gate #include <libinetutil.h> 327c478bd9Sstevel@tonic-gate #include <wanbootutil.h> 337c478bd9Sstevel@tonic-gate #include <libintl.h> 347c478bd9Sstevel@tonic-gate #include <locale.h> 357c478bd9Sstevel@tonic-gate #include <unistd.h> 367c478bd9Sstevel@tonic-gate #include <stdlib.h> 377c478bd9Sstevel@tonic-gate #include <strings.h> 387c478bd9Sstevel@tonic-gate #include <stdio.h> 397c478bd9Sstevel@tonic-gate #include <fcntl.h> 407c478bd9Sstevel@tonic-gate #include <ctype.h> 417c478bd9Sstevel@tonic-gate #include <assert.h> 427c478bd9Sstevel@tonic-gate #include <sys/openpromio.h> 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate #define TYPE 0 457c478bd9Sstevel@tonic-gate static char *progopts[] = { 467c478bd9Sstevel@tonic-gate "type", 477c478bd9Sstevel@tonic-gate NULL 487c478bd9Sstevel@tonic-gate }; 497c478bd9Sstevel@tonic-gate 507c478bd9Sstevel@tonic-gate /* 517c478bd9Sstevel@tonic-gate * The key's handle is the name by which a user knows the key (i.e. the 527c478bd9Sstevel@tonic-gate * name specified on the command line. The keyname is the name this 537c478bd9Sstevel@tonic-gate * utility uses to store the keys and the name OBP and wanboot use to 547c478bd9Sstevel@tonic-gate * retrieve them. 557c478bd9Sstevel@tonic-gate */ 567c478bd9Sstevel@tonic-gate static struct keylist { 577c478bd9Sstevel@tonic-gate const char *handle; 587c478bd9Sstevel@tonic-gate const char *keyname; 597c478bd9Sstevel@tonic-gate const int keysize; /* size of hex string representation */ 607c478bd9Sstevel@tonic-gate } keylist[] = { 617c478bd9Sstevel@tonic-gate WBKU_KW_3DES, WANBOOT_DES3_KEY_NAME, 627c478bd9Sstevel@tonic-gate (DES3_KEY_SIZE * 2), 637c478bd9Sstevel@tonic-gate WBKU_KW_AES_128, WANBOOT_AES_128_KEY_NAME, 647c478bd9Sstevel@tonic-gate (AES_128_KEY_SIZE * 2), 657c478bd9Sstevel@tonic-gate WBKU_KW_HMAC_SHA1, WANBOOT_HMAC_SHA1_KEY_NAME, 667c478bd9Sstevel@tonic-gate (WANBOOT_HMAC_KEY_SIZE * 2) 677c478bd9Sstevel@tonic-gate }; 687c478bd9Sstevel@tonic-gate 697c478bd9Sstevel@tonic-gate static const struct keylist *knownkeytype(char *); 707c478bd9Sstevel@tonic-gate static char *getkey(const struct keylist *); 717c478bd9Sstevel@tonic-gate static void deletekey(const struct keylist *); 727c478bd9Sstevel@tonic-gate static void installkey(const struct keylist *); 73*50c83d09Scarlsonj static void usage(const char *) __NORETURN; 747c478bd9Sstevel@tonic-gate 757c478bd9Sstevel@tonic-gate static boolean_t delete = B_FALSE; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate int 787c478bd9Sstevel@tonic-gate main(int ac, char **av) 797c478bd9Sstevel@tonic-gate { 807c478bd9Sstevel@tonic-gate int i; 817c478bd9Sstevel@tonic-gate const struct keylist *k; 827c478bd9Sstevel@tonic-gate char *typestring = NULL; 837c478bd9Sstevel@tonic-gate char *options; 847c478bd9Sstevel@tonic-gate char *value; 857c478bd9Sstevel@tonic-gate 867c478bd9Sstevel@tonic-gate /* 877c478bd9Sstevel@tonic-gate * Do the necessary magic for localization support. 887c478bd9Sstevel@tonic-gate */ 897c478bd9Sstevel@tonic-gate (void) setlocale(LC_ALL, ""); 907c478bd9Sstevel@tonic-gate #if !defined(TEXT_DOMAIN) 917c478bd9Sstevel@tonic-gate #define TEXT_DOMAIN "SYS_TEST" 927c478bd9Sstevel@tonic-gate #endif 937c478bd9Sstevel@tonic-gate (void) textdomain(TEXT_DOMAIN); 947c478bd9Sstevel@tonic-gate 957c478bd9Sstevel@tonic-gate /* 967c478bd9Sstevel@tonic-gate * Initialize program name for use by wbku_printerr(). 977c478bd9Sstevel@tonic-gate */ 987c478bd9Sstevel@tonic-gate wbku_errinit(av[0]); 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate while ((i = getopt(ac, av, "do:")) != -1) 1017c478bd9Sstevel@tonic-gate switch (i) { 1027c478bd9Sstevel@tonic-gate case 'd': 1037c478bd9Sstevel@tonic-gate delete = B_TRUE; 1047c478bd9Sstevel@tonic-gate break; 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate case 'o': 1077c478bd9Sstevel@tonic-gate options = optarg; 1087c478bd9Sstevel@tonic-gate while (*options != '\0') { 1097c478bd9Sstevel@tonic-gate switch (getsubopt(&options, progopts, 1107c478bd9Sstevel@tonic-gate &value)) { 1117c478bd9Sstevel@tonic-gate case TYPE: 1127c478bd9Sstevel@tonic-gate typestring = value; 1137c478bd9Sstevel@tonic-gate break; 1147c478bd9Sstevel@tonic-gate 1157c478bd9Sstevel@tonic-gate default: 1167c478bd9Sstevel@tonic-gate /* unknown token */ 1177c478bd9Sstevel@tonic-gate usage(*av); 1187c478bd9Sstevel@tonic-gate /* NOTREACHED */ 1197c478bd9Sstevel@tonic-gate } 1207c478bd9Sstevel@tonic-gate } 1217c478bd9Sstevel@tonic-gate break; 1227c478bd9Sstevel@tonic-gate 1237c478bd9Sstevel@tonic-gate case '?': 1247c478bd9Sstevel@tonic-gate usage(*av); 1257c478bd9Sstevel@tonic-gate /* NOTREACHED */ 1267c478bd9Sstevel@tonic-gate } 1277c478bd9Sstevel@tonic-gate 1287c478bd9Sstevel@tonic-gate if ((optind >= ac) && (typestring != NULL) && 1297c478bd9Sstevel@tonic-gate ((k = knownkeytype(typestring)) != NULL)) { 1307c478bd9Sstevel@tonic-gate if (delete == B_TRUE) 1317c478bd9Sstevel@tonic-gate deletekey(k); 1327c478bd9Sstevel@tonic-gate else 1337c478bd9Sstevel@tonic-gate installkey(k); 1347c478bd9Sstevel@tonic-gate return (0); 1357c478bd9Sstevel@tonic-gate } else { 1367c478bd9Sstevel@tonic-gate usage(*av); 1377c478bd9Sstevel@tonic-gate /* NOTREACHED */ 1387c478bd9Sstevel@tonic-gate } 1397c478bd9Sstevel@tonic-gate } 1407c478bd9Sstevel@tonic-gate 1417c478bd9Sstevel@tonic-gate static const struct keylist * 1427c478bd9Sstevel@tonic-gate knownkeytype(char *type) 1437c478bd9Sstevel@tonic-gate { 1447c478bd9Sstevel@tonic-gate int i; 1457c478bd9Sstevel@tonic-gate 1467c478bd9Sstevel@tonic-gate for (i = 0; i < sizeof (keylist)/sizeof (keylist[0]); i++) { 1477c478bd9Sstevel@tonic-gate if (strcmp(keylist[i].handle, type) == 0) 1487c478bd9Sstevel@tonic-gate return (&keylist[i]); 1497c478bd9Sstevel@tonic-gate } 1507c478bd9Sstevel@tonic-gate 1517c478bd9Sstevel@tonic-gate return (NULL); 1527c478bd9Sstevel@tonic-gate } 1537c478bd9Sstevel@tonic-gate 1547c478bd9Sstevel@tonic-gate static void 1557c478bd9Sstevel@tonic-gate deletekey(const struct keylist *k) 1567c478bd9Sstevel@tonic-gate { 1577c478bd9Sstevel@tonic-gate int fd; 1587c478bd9Sstevel@tonic-gate struct wankeyio wkio; 1597c478bd9Sstevel@tonic-gate struct openpromio *oio; 1607c478bd9Sstevel@tonic-gate 1617c478bd9Sstevel@tonic-gate (void) strlcpy(wkio.wk_keyname, k->keyname, WANBOOT_MAXKEYNAMELEN); 1627c478bd9Sstevel@tonic-gate wkio.wk_keysize = 0; /* zero key size indicates a deletion */ 1637c478bd9Sstevel@tonic-gate 1647c478bd9Sstevel@tonic-gate oio = malloc(sizeof (struct openpromio) + sizeof (struct wankeyio)); 1657c478bd9Sstevel@tonic-gate if (oio == NULL) { 1667c478bd9Sstevel@tonic-gate wbku_printerr("openpromio malloc (%d) failed\n", 1677c478bd9Sstevel@tonic-gate sizeof (struct openpromio) + 1687c478bd9Sstevel@tonic-gate sizeof (struct wankeyio)); 1697c478bd9Sstevel@tonic-gate exit(1); 1707c478bd9Sstevel@tonic-gate } 1717c478bd9Sstevel@tonic-gate oio->oprom_size = sizeof (struct wankeyio); 1727c478bd9Sstevel@tonic-gate bcopy(&wkio, oio->oprom_array, sizeof (struct wankeyio)); 1737c478bd9Sstevel@tonic-gate fd = open("/dev/openprom", O_RDWR); 1747c478bd9Sstevel@tonic-gate if (fd == -1) { 1757c478bd9Sstevel@tonic-gate wbku_printerr("open: /dev/openprom"); 1767c478bd9Sstevel@tonic-gate exit(1); 1777c478bd9Sstevel@tonic-gate } 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate if (ioctl(fd, WANBOOT_SETKEY, oio) == -1) { 1807c478bd9Sstevel@tonic-gate wbku_printerr("setkey: ioctl"); 1817c478bd9Sstevel@tonic-gate exit(1); 1827c478bd9Sstevel@tonic-gate } 1837c478bd9Sstevel@tonic-gate 1847c478bd9Sstevel@tonic-gate (void) close(fd); 1857c478bd9Sstevel@tonic-gate } 1867c478bd9Sstevel@tonic-gate 1877c478bd9Sstevel@tonic-gate static void 1887c478bd9Sstevel@tonic-gate installkey(const struct keylist *k) 1897c478bd9Sstevel@tonic-gate { 1907c478bd9Sstevel@tonic-gate char *keyptr; 1917c478bd9Sstevel@tonic-gate int fd; 1927c478bd9Sstevel@tonic-gate struct wankeyio wkio; 1937c478bd9Sstevel@tonic-gate struct openpromio *oio; 1947c478bd9Sstevel@tonic-gate uint_t rawkeysize; 1957c478bd9Sstevel@tonic-gate int err; 1967c478bd9Sstevel@tonic-gate 1977c478bd9Sstevel@tonic-gate (void) strlcpy(wkio.wk_keyname, k->keyname, WANBOOT_MAXKEYNAMELEN); 1987c478bd9Sstevel@tonic-gate assert((k->keysize % 2) == 0); 1997c478bd9Sstevel@tonic-gate wkio.wk_keysize = k->keysize / 2; 2007c478bd9Sstevel@tonic-gate 2017c478bd9Sstevel@tonic-gate if ((keyptr = getkey(k)) != NULL) { 2027c478bd9Sstevel@tonic-gate rawkeysize = sizeof (wkio.wk_u); 2037c478bd9Sstevel@tonic-gate if ((err = hexascii_to_octet(keyptr, strlen(keyptr), 2047c478bd9Sstevel@tonic-gate wkio.wk_u.key, &rawkeysize)) != 0) { 2057c478bd9Sstevel@tonic-gate wbku_printerr( 2067c478bd9Sstevel@tonic-gate "internal error: hexascii_to_octet returned %d\n", 2077c478bd9Sstevel@tonic-gate err); 2087c478bd9Sstevel@tonic-gate exit(1); 2097c478bd9Sstevel@tonic-gate } else if (rawkeysize != wkio.wk_keysize) { 2107c478bd9Sstevel@tonic-gate wbku_printerr("internal error: key size mismatch\n"); 2117c478bd9Sstevel@tonic-gate exit(1); 2127c478bd9Sstevel@tonic-gate } 2137c478bd9Sstevel@tonic-gate 2147c478bd9Sstevel@tonic-gate oio = malloc(sizeof (struct openpromio) + 2157c478bd9Sstevel@tonic-gate sizeof (struct wankeyio)); 2167c478bd9Sstevel@tonic-gate if (oio == NULL) { 2177c478bd9Sstevel@tonic-gate wbku_printerr("openpromio malloc (%d) failed\n", 2187c478bd9Sstevel@tonic-gate sizeof (struct openpromio) + 2197c478bd9Sstevel@tonic-gate sizeof (struct wankeyio)); 2207c478bd9Sstevel@tonic-gate exit(1); 2217c478bd9Sstevel@tonic-gate } 2227c478bd9Sstevel@tonic-gate oio->oprom_size = sizeof (struct wankeyio); 2237c478bd9Sstevel@tonic-gate bcopy(&wkio, oio->oprom_array, sizeof (struct wankeyio)); 2247c478bd9Sstevel@tonic-gate fd = open("/dev/openprom", O_RDWR); 2257c478bd9Sstevel@tonic-gate if (fd == -1) { 2267c478bd9Sstevel@tonic-gate wbku_printerr("open: /dev/openprom"); 2277c478bd9Sstevel@tonic-gate exit(1); 2287c478bd9Sstevel@tonic-gate } 2297c478bd9Sstevel@tonic-gate 2307c478bd9Sstevel@tonic-gate if (ioctl(fd, WANBOOT_SETKEY, oio) == -1) { 2317c478bd9Sstevel@tonic-gate wbku_printerr("setkey: ioctl"); 2327c478bd9Sstevel@tonic-gate exit(1); 2337c478bd9Sstevel@tonic-gate } 2347c478bd9Sstevel@tonic-gate 2357c478bd9Sstevel@tonic-gate (void) close(fd); 2367c478bd9Sstevel@tonic-gate } else { 2377c478bd9Sstevel@tonic-gate wbku_printerr("getpassphrase"); /* getpassphrase() failed */ 2387c478bd9Sstevel@tonic-gate exit(1); 2397c478bd9Sstevel@tonic-gate } 2407c478bd9Sstevel@tonic-gate } 2417c478bd9Sstevel@tonic-gate 2427c478bd9Sstevel@tonic-gate static char * 2437c478bd9Sstevel@tonic-gate getkey(const struct keylist *k) 2447c478bd9Sstevel@tonic-gate { 2457c478bd9Sstevel@tonic-gate char prompt[BUFSIZ]; 2467c478bd9Sstevel@tonic-gate char *p; 2477c478bd9Sstevel@tonic-gate char *q; 2487c478bd9Sstevel@tonic-gate int len; 2497c478bd9Sstevel@tonic-gate 2507c478bd9Sstevel@tonic-gate (void) snprintf(prompt, sizeof (prompt), 2517c478bd9Sstevel@tonic-gate gettext("Enter %s key: "), k->handle); 2527c478bd9Sstevel@tonic-gate p = getpassphrase(prompt); 2537c478bd9Sstevel@tonic-gate if (p) { 2547c478bd9Sstevel@tonic-gate /* skip over initial "0[xX]" */ 2557c478bd9Sstevel@tonic-gate if ((p[0] == '0') && (p[1] == 'x' || p[1] == 'X')) 2567c478bd9Sstevel@tonic-gate p += 2; 2577c478bd9Sstevel@tonic-gate len = strlen(p); 2587c478bd9Sstevel@tonic-gate if (len != k->keysize) { 2597c478bd9Sstevel@tonic-gate wbku_printerr( 2607c478bd9Sstevel@tonic-gate "key length mismatch (expected %d, got %d)\n", 2617c478bd9Sstevel@tonic-gate k->keysize, len); 2627c478bd9Sstevel@tonic-gate exit(1); 2637c478bd9Sstevel@tonic-gate } 2647c478bd9Sstevel@tonic-gate for (q = p; q < p + len; q++) 2657c478bd9Sstevel@tonic-gate if (!isxdigit(*q)) { 2667c478bd9Sstevel@tonic-gate wbku_printerr( 2677c478bd9Sstevel@tonic-gate "non-hexadecimal characters in key\n"); 2687c478bd9Sstevel@tonic-gate exit(1); 2697c478bd9Sstevel@tonic-gate } 2707c478bd9Sstevel@tonic-gate } 2717c478bd9Sstevel@tonic-gate 2727c478bd9Sstevel@tonic-gate return (p); 2737c478bd9Sstevel@tonic-gate } 2747c478bd9Sstevel@tonic-gate 2757c478bd9Sstevel@tonic-gate static void 2767c478bd9Sstevel@tonic-gate usage(const char *progname) 2777c478bd9Sstevel@tonic-gate { 2787c478bd9Sstevel@tonic-gate int i; 2797c478bd9Sstevel@tonic-gate 2807c478bd9Sstevel@tonic-gate (void) fprintf(stderr, gettext( 2817c478bd9Sstevel@tonic-gate "usage: %s [ -d ] -o type=keytype\nwhere keytype is one of "), 2827c478bd9Sstevel@tonic-gate progname); 2837c478bd9Sstevel@tonic-gate for (i = 0; i < sizeof (keylist)/sizeof (keylist[0]); i++) 2847c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s ", keylist[i].handle); 2857c478bd9Sstevel@tonic-gate (void) fputc('\n', stderr); 2867c478bd9Sstevel@tonic-gate exit(1); 2877c478bd9Sstevel@tonic-gate } 288