Page MenuHomeFreeBSD
Differential D19372 Diff 54440 tools/tools/crypto/cryptocheck.c

Changeset View

Standalone View

View Options

tools/tools/crypto/cryptocheck.c

Show First 20 LinesShow All 105 Lines▼ Show 20 Lines
* aes-gcm192 192-bit aes gcm * aes-gcm192 192-bit aes gcm
* aes-gcm256 256-bit aes gcm * aes-gcm256 256-bit aes gcm
* aes-ccm 128-bit aes ccm * aes-ccm 128-bit aes ccm
* aes-ccm192 192-bit aes ccm * aes-ccm192 192-bit aes ccm
* aes-ccm256 256-bit aes ccm * aes-ccm256 256-bit aes ccm
*/ */
#include <sys/param.h> #include <sys/param.h>
#include <assert.h> #include <assert.h>
#include <err.h> #include <err.h>
#include <fcntl.h> #include <fcntl.h>
#include <libutil.h> #include <libutil.h>
#include <stdbool.h> #include <stdbool.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/hmac.h> #include <openssl/hmac.h>
#include <crypto/cryptodev.h> #include <crypto/cryptodev.h>
#include <sys/types.h>
jhbUnsubmitted
Not Done
Inline Actions

Extra blank line is a minor nit.

jhb: Extra blank line is a minor nit.
sefAuthorUnsubmitted
Done
Inline Actions

Ah, caused by when I move the <sys/> line around. Fixed :).

sef: Ah, caused by when I move the <sys/> line around. Fixed :).
#include <sys/sysctl.h>
cemUnsubmitted
Not Done
Inline Actions

sys/ includes sort to the top; sys/types.h is redundant due to sys/param.h, per style(9).

cem: sys/ includes sort to the top; sys/types.h is redundant due to sys/param.h, per style(9).
sefAuthorUnsubmitted
Done
Inline Actions

Ok, but that's straight out of the man page for sysctlbyname(3).

sef: Ok, but that's straight out of the man page for sysctlbyname(3).
/* XXX: Temporary hack */ /* XXX: Temporary hack */
#ifndef COP_F_CIPHER_FIRST #ifndef COP_F_CIPHER_FIRST
#define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */ #define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */
#endif #endif
struct alg { struct alg {
const char *name; const char *name;
int cipher; int cipher;
▲ Show 20 LinesShow All 134 Lines▼ Show 20 Linesdevcrypto(void)
if (fd < 0) { if (fd < 0) {
fd = open("/dev/crypto", O_RDWR | O_CLOEXEC, 0); fd = open("/dev/crypto", O_RDWR | O_CLOEXEC, 0);
if (fd < 0) if (fd < 0)
err(1, "/dev/crypto"); err(1, "/dev/crypto");
} }
return (fd); return (fd);
} }
/*
* Called on exit to change kern.cryptodevallowsoft back to 0
*/
#define CRYPT_SOFT_ALLOW "kern.cryptodevallowsoft"
static void
reset_user_soft(void)
{
int off = 0;
sysctlbyname(CRYPT_SOFT_ALLOW, NULL, NULL, &off, sizeof(off));
}
static void
check_user_soft(void)
jhbUnsubmitted
Done
Inline Actions

Maybe call this 'enable_user_soft' instead of 'check'.

jhb: Maybe call this 'enable_user_soft' instead of 'check'.
{
int curstate;
int on = 1;
size_t cursize = sizeof(curstate);
if (sysctlbyname(CRYPT_SOFT_ALLOW, &curstate, &cursize,
&on, sizeof(on)) == 0) {
if (curstate == 0)
atexit(reset_user_soft);
}
}
static int static int
crlookup(const char *devname) crlookup(const char *devname)
{ {
struct crypt_find_op find; struct crypt_find_op find;
if (strncmp(devname, "soft", 4) == 0) if (strncmp(devname, "soft", 4) == 0) {
check_user_soft();
return CRYPTO_FLAG_SOFTWARE; return CRYPTO_FLAG_SOFTWARE;
}
find.crid = -1; find.crid = -1;
strlcpy(find.name, devname, sizeof(find.name)); strlcpy(find.name, devname, sizeof(find.name));
if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1) if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1)
err(1, "ioctl(CIOCFINDDEV)"); err(1, "ioctl(CIOCFINDDEV)");
return (find.crid); return (find.crid);
} }
▲ Show 20 LinesShow All 1,287 LinesShow Last 20 Lines