Changeset View
Changeset View
Standalone View
Standalone View
tools/tools/crypto/cryptocheck.c
Show First 20 Lines • Show All 105 Lines • ▼ Show 20 Lines | |||||
* aes-gcm192 192-bit aes gcm | * aes-gcm192 192-bit aes gcm | ||||
* aes-gcm256 256-bit aes gcm | * aes-gcm256 256-bit aes gcm | ||||
* aes-ccm 128-bit aes ccm | * aes-ccm 128-bit aes ccm | ||||
* aes-ccm192 192-bit aes ccm | * aes-ccm192 192-bit aes ccm | ||||
* aes-ccm256 256-bit aes ccm | * aes-ccm256 256-bit aes ccm | ||||
*/ | */ | ||||
#include <sys/param.h> | #include <sys/param.h> | ||||
#include <assert.h> | #include <assert.h> | ||||
#include <err.h> | #include <err.h> | ||||
#include <fcntl.h> | #include <fcntl.h> | ||||
#include <libutil.h> | #include <libutil.h> | ||||
#include <stdbool.h> | #include <stdbool.h> | ||||
#include <stdio.h> | #include <stdio.h> | ||||
#include <string.h> | #include <string.h> | ||||
#include <unistd.h> | #include <unistd.h> | ||||
#include <openssl/err.h> | #include <openssl/err.h> | ||||
#include <openssl/hmac.h> | #include <openssl/hmac.h> | ||||
#include <crypto/cryptodev.h> | #include <crypto/cryptodev.h> | ||||
#include <sys/types.h> | |||||
jhb: Extra blank line is a minor nit. | |||||
Done Inline ActionsAh, caused by when I move the <sys/> line around. Fixed :). sef: Ah, caused by when I move the <sys/> line around. Fixed :). | |||||
#include <sys/sysctl.h> | |||||
cemUnsubmitted Not Done Inline Actionssys/ includes sort to the top; sys/types.h is redundant due to sys/param.h, per style(9). cem: sys/ includes sort to the top; sys/types.h is redundant due to sys/param.h, per style(9). | |||||
sefAuthorUnsubmitted Done Inline ActionsOk, but that's straight out of the man page for sysctlbyname(3). sef: Ok, but that's straight out of the man page for sysctlbyname(3). | |||||
/* XXX: Temporary hack */ | /* XXX: Temporary hack */ | ||||
#ifndef COP_F_CIPHER_FIRST | #ifndef COP_F_CIPHER_FIRST | ||||
#define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */ | #define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */ | ||||
#endif | #endif | ||||
struct alg { | struct alg { | ||||
const char *name; | const char *name; | ||||
int cipher; | int cipher; | ||||
▲ Show 20 Lines • Show All 134 Lines • ▼ Show 20 Lines | devcrypto(void) | ||||
if (fd < 0) { | if (fd < 0) { | ||||
fd = open("/dev/crypto", O_RDWR | O_CLOEXEC, 0); | fd = open("/dev/crypto", O_RDWR | O_CLOEXEC, 0); | ||||
if (fd < 0) | if (fd < 0) | ||||
err(1, "/dev/crypto"); | err(1, "/dev/crypto"); | ||||
} | } | ||||
return (fd); | return (fd); | ||||
} | } | ||||
/* | |||||
* Called on exit to change kern.cryptodevallowsoft back to 0 | |||||
*/ | |||||
#define CRYPT_SOFT_ALLOW "kern.cryptodevallowsoft" | |||||
static void | |||||
reset_user_soft(void) | |||||
{ | |||||
int off = 0; | |||||
sysctlbyname(CRYPT_SOFT_ALLOW, NULL, NULL, &off, sizeof(off)); | |||||
} | |||||
static void | |||||
check_user_soft(void) | |||||
Done Inline ActionsMaybe call this 'enable_user_soft' instead of 'check'. jhb: Maybe call this 'enable_user_soft' instead of 'check'. | |||||
{ | |||||
int curstate; | |||||
int on = 1; | |||||
size_t cursize = sizeof(curstate); | |||||
if (sysctlbyname(CRYPT_SOFT_ALLOW, &curstate, &cursize, | |||||
&on, sizeof(on)) == 0) { | |||||
if (curstate == 0) | |||||
atexit(reset_user_soft); | |||||
} | |||||
} | |||||
static int | static int | ||||
crlookup(const char *devname) | crlookup(const char *devname) | ||||
{ | { | ||||
struct crypt_find_op find; | struct crypt_find_op find; | ||||
if (strncmp(devname, "soft", 4) == 0) | if (strncmp(devname, "soft", 4) == 0) { | ||||
check_user_soft(); | |||||
return CRYPTO_FLAG_SOFTWARE; | return CRYPTO_FLAG_SOFTWARE; | ||||
} | |||||
find.crid = -1; | find.crid = -1; | ||||
strlcpy(find.name, devname, sizeof(find.name)); | strlcpy(find.name, devname, sizeof(find.name)); | ||||
if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1) | if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1) | ||||
err(1, "ioctl(CIOCFINDDEV)"); | err(1, "ioctl(CIOCFINDDEV)"); | ||||
return (find.crid); | return (find.crid); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 1,287 Lines • Show Last 20 Lines |
Extra blank line is a minor nit.