h_ioctl.c revision 1.1
1 1.1 knakahar /* $NetBSD: h_ioctl.c,v 1.1 2017/06/09 06:09:02 knakahara Exp $ */ 2 1.1 knakahar 3 1.1 knakahar /*- 4 1.1 knakahar * Copyright (c) 2017 Internet Initiative Japan Inc. 5 1.1 knakahar * All rights reserved. 6 1.1 knakahar * 7 1.1 knakahar * Redistribution and use in source and binary forms, with or without 8 1.1 knakahar * modification, are permitted provided that the following conditions 9 1.1 knakahar * are met: 10 1.1 knakahar * 1. Redistributions of source code must retain the above copyright 11 1.1 knakahar * notice, this list of conditions and the following disclaimer. 12 1.1 knakahar * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 knakahar * notice, this list of conditions and the following disclaimer in the 14 1.1 knakahar * documentation and/or other materials provided with the distribution. 15 1.1 knakahar * 16 1.1 knakahar * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 1.1 knakahar * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 1.1 knakahar * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 1.1 knakahar * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 1.1 knakahar * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 1.1 knakahar * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 1.1 knakahar * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 1.1 knakahar * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 1.1 knakahar * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 1.1 knakahar * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 1.1 knakahar * POSSIBILITY OF SUCH DAMAGE. 27 1.1 knakahar */ 28 1.1 knakahar 29 1.1 knakahar #include <err.h> 30 1.1 knakahar #include <errno.h> 31 1.1 knakahar #include <fcntl.h> 32 1.1 knakahar #include <stdio.h> 33 1.1 knakahar #include <string.h> 34 1.1 knakahar 35 1.1 knakahar #include <sys/errno.h> 36 1.1 knakahar #include <sys/ioctl.h> 37 1.1 knakahar #include <sys/sysctl.h> 38 1.1 knakahar 39 1.1 knakahar #include <crypto/cryptodev.h> 40 1.1 knakahar 41 1.1 knakahar /* copy from h_aescbc.c */ 42 1.1 knakahar #define AES_KEY_LEN 16 43 1.1 knakahar unsigned char aes_key[AES_KEY_LEN] = 44 1.1 knakahar { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, 45 1.1 knakahar 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06, }; 46 1.1 knakahar 47 1.1 knakahar #define AES_IV_LEN 16 48 1.1 knakahar unsigned char aes_iv[AES_IV_LEN] = 49 1.1 knakahar { 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30, 50 1.1 knakahar 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41, }; 51 1.1 knakahar 52 1.1 knakahar #define AES_PLAINTX_LEN 64 53 1.1 knakahar unsigned char aes_plaintx[AES_PLAINTX_LEN] = "Single block msg"; 54 1.1 knakahar 55 1.1 knakahar #define AES_CIPHER_LEN 64 56 1.1 knakahar unsigned char aes_cipher[AES_CIPHER_LEN] = 57 1.1 knakahar { 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8, 58 1.1 knakahar 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a, }; 59 1.1 knakahar 60 1.1 knakahar /* 61 1.1 knakahar * CRIOGET is deprecated. 62 1.1 knakahar */ 63 1.1 knakahar 64 1.1 knakahar /* 65 1.1 knakahar * CIOCNGSESSION 66 1.1 knakahar * Hmm, who uses? (1) 67 1.1 knakahar */ 68 1.1 knakahar static int 69 1.1 knakahar test_ngsession(int fd) 70 1.1 knakahar { 71 1.1 knakahar int ret; 72 1.1 knakahar int cs_count = 2; 73 1.1 knakahar struct crypt_sgop sg; 74 1.1 knakahar struct session_n_op css[cs_count]; 75 1.1 knakahar 76 1.1 knakahar for (int i = 0; i < cs_count; i++) { 77 1.1 knakahar struct session_n_op *cs = &css[i]; 78 1.1 knakahar 79 1.1 knakahar memset(cs, 0, sizeof(*cs)); 80 1.1 knakahar cs->cipher = CRYPTO_AES_CBC; 81 1.1 knakahar cs->keylen = AES_KEY_LEN; 82 1.1 knakahar cs->key = __UNCONST(&aes_key); 83 1.1 knakahar } 84 1.1 knakahar memset(&sg, 0, sizeof(sg)); 85 1.1 knakahar sg.count = cs_count; 86 1.1 knakahar sg.sessions = css; 87 1.1 knakahar 88 1.1 knakahar ret = ioctl(fd, CIOCNGSESSION, &sg); 89 1.1 knakahar if (ret < 0) 90 1.1 knakahar fprintf(stderr, "failed: CIOCNGSESSION\n"); 91 1.1 knakahar 92 1.1 knakahar return ret; 93 1.1 knakahar } 94 1.1 knakahar 95 1.1 knakahar /* 96 1.1 knakahar * CIOCNFSESSION 97 1.1 knakahar * Hmm, who uses? (2) 98 1.1 knakahar */ 99 1.1 knakahar static int 100 1.1 knakahar test_nfsession(int fd) 101 1.1 knakahar { 102 1.1 knakahar int ret; 103 1.1 knakahar int sid_count = 2; 104 1.1 knakahar struct crypt_sfop sf; 105 1.1 knakahar u_int32_t sids[sid_count]; 106 1.1 knakahar 107 1.1 knakahar memset(sids, 0, sizeof(sids)); 108 1.1 knakahar memset(&sf, 0, sizeof(sf)); 109 1.1 knakahar sf.count = sid_count; 110 1.1 knakahar sf.sesid = sids; 111 1.1 knakahar 112 1.1 knakahar ret = ioctl(fd, CIOCNFSESSION, &sf); 113 1.1 knakahar if (ret < 0) 114 1.1 knakahar fprintf(stderr, "failed: CIOCNFSESSION\n"); 115 1.1 knakahar 116 1.1 knakahar return ret; 117 1.1 knakahar } 118 1.1 knakahar 119 1.1 knakahar /* 120 1.1 knakahar * CIOCNCRYPTM 121 1.1 knakahar * Hmm, who uses? (3) 122 1.1 knakahar */ 123 1.1 knakahar static int 124 1.1 knakahar test_ncryptm(int fd) 125 1.1 knakahar { 126 1.1 knakahar int ret; 127 1.1 knakahar int cs_count = 2; 128 1.1 knakahar struct crypt_mop mop; 129 1.1 knakahar struct crypt_n_op css[cs_count]; 130 1.1 knakahar 131 1.1 knakahar for (int i = 0; i < cs_count; i++) { 132 1.1 knakahar struct crypt_n_op *cs; 133 1.1 knakahar cs = &css[i]; 134 1.1 knakahar 135 1.1 knakahar memset(cs, 0, sizeof(*cs)); 136 1.1 knakahar cs->ses = 0; /* session id */ 137 1.1 knakahar cs->op = COP_ENCRYPT; 138 1.1 knakahar /* XXX */ 139 1.1 knakahar } 140 1.1 knakahar 141 1.1 knakahar memset(&mop, 0, sizeof(mop)); 142 1.1 knakahar mop.count = cs_count; 143 1.1 knakahar mop.reqs = css; 144 1.1 knakahar 145 1.1 knakahar ret = ioctl(fd, CIOCNCRYPTM, &mop); 146 1.1 knakahar if (ret < 0) 147 1.1 knakahar fprintf(stderr, "failed: CIOCNCRYPTM\n"); 148 1.1 knakahar 149 1.1 knakahar return ret; 150 1.1 knakahar } 151 1.1 knakahar 152 1.1 knakahar /* 153 1.1 knakahar * CIOCNCRYPTRETM 154 1.1 knakahar * Hmm, who uses? (4) 155 1.1 knakahar */ 156 1.1 knakahar static int 157 1.1 knakahar test_ncryptretm(int fd) 158 1.1 knakahar { 159 1.1 knakahar int ret; 160 1.1 knakahar int req_count = 2; 161 1.1 knakahar struct session_op cs; 162 1.1 knakahar 163 1.1 knakahar struct crypt_mop mop; 164 1.1 knakahar struct crypt_n_op cnos[req_count]; 165 1.1 knakahar unsigned char cno_dst[req_count][AES_CIPHER_LEN]; 166 1.1 knakahar 167 1.1 knakahar struct cryptret cret; 168 1.1 knakahar struct crypt_result crs[req_count]; 169 1.1 knakahar 170 1.1 knakahar memset(&cs, 0, sizeof(cs)); 171 1.1 knakahar cs.cipher = CRYPTO_AES_CBC; 172 1.1 knakahar cs.keylen = AES_KEY_LEN; 173 1.1 knakahar cs.key = __UNCONST(&aes_key); 174 1.1 knakahar ret = ioctl(fd, CIOCGSESSION, &cs); 175 1.1 knakahar if (ret < 0) { 176 1.1 knakahar fprintf(stderr, "failed: CIOCGSESSION\n"); 177 1.1 knakahar return ret; 178 1.1 knakahar } 179 1.1 knakahar 180 1.1 knakahar for (int i = 0; i < req_count; i++) { 181 1.1 knakahar struct crypt_n_op *cno = &cnos[i]; 182 1.1 knakahar 183 1.1 knakahar memset(cno, 0, sizeof(*cno)); 184 1.1 knakahar cno->ses = cs.ses; 185 1.1 knakahar cno->op = COP_ENCRYPT; 186 1.1 knakahar cno->len = AES_PLAINTX_LEN; 187 1.1 knakahar cno->src = aes_plaintx; 188 1.1 knakahar cno->dst_len = AES_CIPHER_LEN; 189 1.1 knakahar cno->dst = cno_dst[i]; 190 1.1 knakahar } 191 1.1 knakahar 192 1.1 knakahar memset(&mop, 0, sizeof(mop)); 193 1.1 knakahar mop.count = req_count; 194 1.1 knakahar mop.reqs = cnos; 195 1.1 knakahar ret = ioctl(fd, CIOCNCRYPTM, &mop); 196 1.1 knakahar if (ret < 0) 197 1.1 knakahar fprintf(stderr, "failed: CIOCNCRYPTM\n"); 198 1.1 knakahar 199 1.1 knakahar for (int i = 0; i < req_count; i++) { 200 1.1 knakahar struct crypt_result *cr = &crs[i]; 201 1.1 knakahar 202 1.1 knakahar memset(cr, 0, sizeof(*cr)); 203 1.1 knakahar cr->reqid = cnos[i].reqid; 204 1.1 knakahar } 205 1.1 knakahar 206 1.1 knakahar memset(&cret, 0, sizeof(cret)); 207 1.1 knakahar cret.count = req_count; 208 1.1 knakahar cret.results = crs; 209 1.1 knakahar ret = ioctl(fd, CIOCNCRYPTRETM, &cret); 210 1.1 knakahar if (ret < 0) 211 1.1 knakahar fprintf(stderr, "failed: CIOCNCRYPTRETM\n"); 212 1.1 knakahar 213 1.1 knakahar return ret; 214 1.1 knakahar } 215 1.1 knakahar 216 1.1 knakahar /* 217 1.1 knakahar * CIOCNCRYPTRET 218 1.1 knakahar * Hmm, who uses? (5) 219 1.1 knakahar */ 220 1.1 knakahar /* test when it does not request yet. */ 221 1.1 knakahar static int 222 1.1 knakahar test_ncryptret_noent(int fd) 223 1.1 knakahar { 224 1.1 knakahar int ret; 225 1.1 knakahar struct crypt_result cr; 226 1.1 knakahar 227 1.1 knakahar memset(&cr, 0, sizeof(cr)); 228 1.1 knakahar 229 1.1 knakahar ret = ioctl(fd, CIOCNCRYPTRET, &cr); 230 1.1 knakahar if (ret == 0) { 231 1.1 knakahar fprintf(stderr, 232 1.1 knakahar "failed: CIOCNCRYPTRET unexpected success when no entry\n"); 233 1.1 knakahar ret = -1; 234 1.1 knakahar } else if (errno == EINPROGRESS) { 235 1.1 knakahar /* expected fail */ 236 1.1 knakahar ret = 0; 237 1.1 knakahar } 238 1.1 knakahar 239 1.1 knakahar return ret; 240 1.1 knakahar } 241 1.1 knakahar 242 1.1 knakahar static int 243 1.1 knakahar test_ncryptret_ent(int fd) 244 1.1 knakahar { 245 1.1 knakahar int ret; 246 1.1 knakahar struct session_op cs; 247 1.1 knakahar 248 1.1 knakahar struct crypt_mop mop; 249 1.1 knakahar struct crypt_n_op cno; 250 1.1 knakahar unsigned char cno_dst[AES_CIPHER_LEN]; 251 1.1 knakahar 252 1.1 knakahar struct crypt_result cr; 253 1.1 knakahar 254 1.1 knakahar memset(&cs, 0, sizeof(cs)); 255 1.1 knakahar cs.cipher = CRYPTO_AES_CBC; 256 1.1 knakahar cs.keylen = AES_KEY_LEN; 257 1.1 knakahar cs.key = __UNCONST(&aes_key); 258 1.1 knakahar ret = ioctl(fd, CIOCGSESSION, &cs); 259 1.1 knakahar if (ret < 0) { 260 1.1 knakahar fprintf(stderr, "failed: CIOCGSESSION\n"); 261 1.1 knakahar return ret; 262 1.1 knakahar } 263 1.1 knakahar 264 1.1 knakahar memset(&cno, 0, sizeof(cno)); 265 1.1 knakahar cno.ses = cs.ses; 266 1.1 knakahar cno.op = COP_ENCRYPT; 267 1.1 knakahar cno.len = AES_PLAINTX_LEN; 268 1.1 knakahar cno.src = aes_plaintx; 269 1.1 knakahar cno.dst_len = AES_CIPHER_LEN; 270 1.1 knakahar cno.dst = cno_dst; 271 1.1 knakahar 272 1.1 knakahar memset(&mop, 0, sizeof(mop)); 273 1.1 knakahar mop.count = 1; 274 1.1 knakahar mop.reqs = &cno; 275 1.1 knakahar ret = ioctl(fd, CIOCNCRYPTM, &mop); 276 1.1 knakahar if (ret < 0) 277 1.1 knakahar fprintf(stderr, "failed: CIOCNCRYPTM\n"); 278 1.1 knakahar 279 1.1 knakahar memset(&cr, 0, sizeof(cr)); 280 1.1 knakahar cr.reqid = cno.reqid; 281 1.1 knakahar 282 1.1 knakahar ret = ioctl(fd, CIOCNCRYPTRET, &cr); 283 1.1 knakahar if (ret < 0) 284 1.1 knakahar fprintf(stderr, "failed: CIOCNCRYPTRET\n"); 285 1.1 knakahar 286 1.1 knakahar return ret; 287 1.1 knakahar } 288 1.1 knakahar 289 1.1 knakahar static int 290 1.1 knakahar test_ncryptret(int fd) 291 1.1 knakahar { 292 1.1 knakahar int ret; 293 1.1 knakahar 294 1.1 knakahar ret = test_ncryptret_noent(fd); 295 1.1 knakahar if (ret < 0) 296 1.1 knakahar return ret; 297 1.1 knakahar 298 1.1 knakahar ret = test_ncryptret_ent(fd); 299 1.1 knakahar if (ret < 0) 300 1.1 knakahar return ret; 301 1.1 knakahar 302 1.1 knakahar return ret; 303 1.1 knakahar } 304 1.1 knakahar 305 1.1 knakahar /* 306 1.1 knakahar * CIOCASYMFEAT 307 1.1 knakahar */ 308 1.1 knakahar static int 309 1.1 knakahar set_userasymcrypto(int new, int *old) 310 1.1 knakahar { 311 1.1 knakahar int ret; 312 1.1 knakahar 313 1.1 knakahar ret = sysctlbyname("kern.userasymcrypto", NULL, NULL, &new, sizeof(new)); 314 1.1 knakahar if (ret < 0) { 315 1.1 knakahar fprintf(stderr, "failed: kern.userasymcrypto=%d", new); 316 1.1 knakahar return ret; 317 1.1 knakahar } 318 1.1 knakahar 319 1.1 knakahar if (old != NULL) 320 1.1 knakahar *old = new; 321 1.1 knakahar 322 1.1 knakahar return ret; 323 1.1 knakahar } 324 1.1 knakahar 325 1.1 knakahar static int 326 1.1 knakahar test_asymfeat_each(int fd, u_int32_t *asymfeat, int userasym) 327 1.1 knakahar { 328 1.1 knakahar int ret; 329 1.1 knakahar 330 1.1 knakahar ret = ioctl(fd, CIOCASYMFEAT, asymfeat); 331 1.1 knakahar if (ret < 0) 332 1.1 knakahar fprintf(stderr, "failed: CIOCASYMFEAT when userasym=%d\n", userasym); 333 1.1 knakahar 334 1.1 knakahar return ret; 335 1.1 knakahar } 336 1.1 knakahar 337 1.1 knakahar static int 338 1.1 knakahar test_asymfeat(int fd) 339 1.1 knakahar { 340 1.1 knakahar int ret, new, orig; 341 1.1 knakahar u_int32_t asymfeat = 0; 342 1.1 knakahar 343 1.1 knakahar /* test for kern.userasymcrypto=1 */ 344 1.1 knakahar new = 1; 345 1.1 knakahar ret = set_userasymcrypto(new, &orig); 346 1.1 knakahar if (ret < 0) 347 1.1 knakahar return ret; 348 1.1 knakahar ret = test_asymfeat_each(fd, &asymfeat, new); 349 1.1 knakahar if (ret < 0) 350 1.1 knakahar return ret; 351 1.1 knakahar 352 1.1 knakahar /* test for kern.userasymcrypto=0 */ 353 1.1 knakahar new = 0; 354 1.1 knakahar ret = set_userasymcrypto(new, NULL); 355 1.1 knakahar if (ret < 0) 356 1.1 knakahar return ret; 357 1.1 knakahar ret = test_asymfeat_each(fd, &asymfeat, new); 358 1.1 knakahar if (ret < 0) 359 1.1 knakahar return ret; 360 1.1 knakahar 361 1.1 knakahar /* cleanup */ 362 1.1 knakahar ret = set_userasymcrypto(orig, NULL); 363 1.1 knakahar if (ret < 0) 364 1.1 knakahar fprintf(stderr, "failed: cleanup kern.userasymcrypto\n"); 365 1.1 knakahar 366 1.1 knakahar return ret; 367 1.1 knakahar } 368 1.1 knakahar 369 1.1 knakahar int 370 1.1 knakahar main(void) 371 1.1 knakahar { 372 1.1 knakahar int fd, ret; 373 1.1 knakahar 374 1.1 knakahar fd = open("/dev/crypto", O_RDWR, 0); 375 1.1 knakahar if (fd < 0) 376 1.1 knakahar err(1, "open"); 377 1.1 knakahar 378 1.1 knakahar ret = test_ngsession(fd); 379 1.1 knakahar if (ret < 0) 380 1.1 knakahar err(1, "test_ngsession"); 381 1.1 knakahar 382 1.1 knakahar ret = test_nfsession(fd); 383 1.1 knakahar if (ret < 0) 384 1.1 knakahar err(1, "test_ngsession"); 385 1.1 knakahar 386 1.1 knakahar ret = test_ncryptm(fd); 387 1.1 knakahar if (ret < 0) 388 1.1 knakahar err(1, "test_ncryptm"); 389 1.1 knakahar 390 1.1 knakahar test_ncryptretm(fd); 391 1.1 knakahar if (ret < 0) 392 1.1 knakahar err(1, "test_ncryptretm"); 393 1.1 knakahar 394 1.1 knakahar ret = test_ncryptret(fd); 395 1.1 knakahar if (ret < 0) 396 1.1 knakahar err(1, "test_ncryptret"); 397 1.1 knakahar 398 1.1 knakahar ret = test_asymfeat(fd); 399 1.1 knakahar if (ret < 0) 400 1.1 knakahar err(1, "test_asymfeat"); 401 1.1 knakahar 402 1.1 knakahar return 0; 403 1.1 knakahar } 404
Indexes created Wed Oct 01 18:09:54 GMT 2025