xref: /onnv-gate/usr/src/cmd/cmd-inet/usr.lib/wanboot/ickey/ickey.c (revision 485:fcbad17dcd0d)
10Sstevel@tonic-gate /*
20Sstevel@tonic-gate  * CDDL HEADER START
30Sstevel@tonic-gate  *
40Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
50Sstevel@tonic-gate  * Common Development and Distribution License, Version 1.0 only
60Sstevel@tonic-gate  * (the "License").  You may not use this file except in compliance
70Sstevel@tonic-gate  * with the License.
80Sstevel@tonic-gate  *
90Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
100Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
110Sstevel@tonic-gate  * See the License for the specific language governing permissions
120Sstevel@tonic-gate  * and limitations under the License.
130Sstevel@tonic-gate  *
140Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
150Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
160Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
170Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
180Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
190Sstevel@tonic-gate  *
200Sstevel@tonic-gate  * CDDL HEADER END
210Sstevel@tonic-gate  */
220Sstevel@tonic-gate /*
23*485Scarlsonj  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
240Sstevel@tonic-gate  * Use is subject to license terms.
250Sstevel@tonic-gate  */
260Sstevel@tonic-gate 
270Sstevel@tonic-gate #pragma ident	"%Z%%M%	%I%	%E% SMI"
280Sstevel@tonic-gate 
290Sstevel@tonic-gate #include <sys/types.h>
300Sstevel@tonic-gate #include <sys/wanboot_impl.h>
310Sstevel@tonic-gate #include <libinetutil.h>
320Sstevel@tonic-gate #include <wanbootutil.h>
330Sstevel@tonic-gate #include <libintl.h>
340Sstevel@tonic-gate #include <locale.h>
350Sstevel@tonic-gate #include <unistd.h>
360Sstevel@tonic-gate #include <stdlib.h>
370Sstevel@tonic-gate #include <strings.h>
380Sstevel@tonic-gate #include <stdio.h>
390Sstevel@tonic-gate #include <fcntl.h>
400Sstevel@tonic-gate #include <ctype.h>
410Sstevel@tonic-gate #include <assert.h>
420Sstevel@tonic-gate #include <sys/openpromio.h>
430Sstevel@tonic-gate 
440Sstevel@tonic-gate #define	TYPE	0
450Sstevel@tonic-gate static char	*progopts[] = {
460Sstevel@tonic-gate 	"type",
470Sstevel@tonic-gate 	NULL
480Sstevel@tonic-gate };
490Sstevel@tonic-gate 
500Sstevel@tonic-gate /*
510Sstevel@tonic-gate  *	The key's handle is the name by which a user knows the key (i.e. the
520Sstevel@tonic-gate  *	name specified on the command line.  The keyname is the name this
530Sstevel@tonic-gate  *	utility uses to store the keys and the name OBP and wanboot use to
540Sstevel@tonic-gate  *	retrieve them.
550Sstevel@tonic-gate  */
560Sstevel@tonic-gate static struct keylist {
570Sstevel@tonic-gate 	const char	*handle;
580Sstevel@tonic-gate 	const char	*keyname;
590Sstevel@tonic-gate 	const int	keysize;	/* size of hex string representation */
600Sstevel@tonic-gate } keylist[] = {
610Sstevel@tonic-gate 	WBKU_KW_3DES, WANBOOT_DES3_KEY_NAME,
620Sstevel@tonic-gate 	    (DES3_KEY_SIZE * 2),
630Sstevel@tonic-gate 	WBKU_KW_AES_128, WANBOOT_AES_128_KEY_NAME,
640Sstevel@tonic-gate 	    (AES_128_KEY_SIZE * 2),
650Sstevel@tonic-gate 	WBKU_KW_HMAC_SHA1, WANBOOT_HMAC_SHA1_KEY_NAME,
660Sstevel@tonic-gate 	    (WANBOOT_HMAC_KEY_SIZE * 2)
670Sstevel@tonic-gate };
680Sstevel@tonic-gate 
690Sstevel@tonic-gate static const struct keylist	*knownkeytype(char *);
700Sstevel@tonic-gate static char			*getkey(const struct keylist *);
710Sstevel@tonic-gate static void			deletekey(const struct keylist *);
720Sstevel@tonic-gate static void			installkey(const struct keylist *);
73*485Scarlsonj static void			usage(const char *) __NORETURN;
740Sstevel@tonic-gate 
750Sstevel@tonic-gate static boolean_t	delete = B_FALSE;
760Sstevel@tonic-gate 
770Sstevel@tonic-gate int
main(int ac,char ** av)780Sstevel@tonic-gate main(int ac, char **av)
790Sstevel@tonic-gate {
800Sstevel@tonic-gate 	int			i;
810Sstevel@tonic-gate 	const struct keylist	*k;
820Sstevel@tonic-gate 	char			*typestring = NULL;
830Sstevel@tonic-gate 	char			*options;
840Sstevel@tonic-gate 	char			*value;
850Sstevel@tonic-gate 
860Sstevel@tonic-gate 	/*
870Sstevel@tonic-gate 	 * Do the necessary magic for localization support.
880Sstevel@tonic-gate 	 */
890Sstevel@tonic-gate 	(void) setlocale(LC_ALL, "");
900Sstevel@tonic-gate #if !defined(TEXT_DOMAIN)
910Sstevel@tonic-gate #define	TEXT_DOMAIN "SYS_TEST"
920Sstevel@tonic-gate #endif
930Sstevel@tonic-gate 	(void) textdomain(TEXT_DOMAIN);
940Sstevel@tonic-gate 
950Sstevel@tonic-gate 	/*
960Sstevel@tonic-gate 	 * Initialize program name for use by wbku_printerr().
970Sstevel@tonic-gate 	 */
980Sstevel@tonic-gate 	wbku_errinit(av[0]);
990Sstevel@tonic-gate 
1000Sstevel@tonic-gate 	while ((i = getopt(ac, av, "do:")) != -1)
1010Sstevel@tonic-gate 		switch (i) {
1020Sstevel@tonic-gate 			case 'd':
1030Sstevel@tonic-gate 				delete	= B_TRUE;
1040Sstevel@tonic-gate 				break;
1050Sstevel@tonic-gate 
1060Sstevel@tonic-gate 			case 'o':
1070Sstevel@tonic-gate 				options = optarg;
1080Sstevel@tonic-gate 				while (*options != '\0') {
1090Sstevel@tonic-gate 					switch (getsubopt(&options, progopts,
1100Sstevel@tonic-gate 					    &value)) {
1110Sstevel@tonic-gate 						case TYPE:
1120Sstevel@tonic-gate 							typestring = value;
1130Sstevel@tonic-gate 							break;
1140Sstevel@tonic-gate 
1150Sstevel@tonic-gate 						default:
1160Sstevel@tonic-gate 							/* unknown token */
1170Sstevel@tonic-gate 							usage(*av);
1180Sstevel@tonic-gate 							/* NOTREACHED */
1190Sstevel@tonic-gate 					}
1200Sstevel@tonic-gate 				}
1210Sstevel@tonic-gate 				break;
1220Sstevel@tonic-gate 
1230Sstevel@tonic-gate 			case '?':
1240Sstevel@tonic-gate 				usage(*av);
1250Sstevel@tonic-gate 				/* NOTREACHED */
1260Sstevel@tonic-gate 		}
1270Sstevel@tonic-gate 
1280Sstevel@tonic-gate 	if ((optind >= ac) && (typestring != NULL) &&
1290Sstevel@tonic-gate 	    ((k = knownkeytype(typestring)) != NULL)) {
1300Sstevel@tonic-gate 		if (delete == B_TRUE)
1310Sstevel@tonic-gate 			deletekey(k);
1320Sstevel@tonic-gate 		else
1330Sstevel@tonic-gate 			installkey(k);
1340Sstevel@tonic-gate 		return (0);
1350Sstevel@tonic-gate 	} else {
1360Sstevel@tonic-gate 		usage(*av);
1370Sstevel@tonic-gate 		/* NOTREACHED */
1380Sstevel@tonic-gate 	}
1390Sstevel@tonic-gate }
1400Sstevel@tonic-gate 
1410Sstevel@tonic-gate static const struct keylist *
knownkeytype(char * type)1420Sstevel@tonic-gate knownkeytype(char *type)
1430Sstevel@tonic-gate {
1440Sstevel@tonic-gate 	int	i;
1450Sstevel@tonic-gate 
1460Sstevel@tonic-gate 	for (i = 0; i < sizeof (keylist)/sizeof (keylist[0]); i++) {
1470Sstevel@tonic-gate 		if (strcmp(keylist[i].handle, type) == 0)
1480Sstevel@tonic-gate 			return (&keylist[i]);
1490Sstevel@tonic-gate 	}
1500Sstevel@tonic-gate 
1510Sstevel@tonic-gate 	return (NULL);
1520Sstevel@tonic-gate }
1530Sstevel@tonic-gate 
1540Sstevel@tonic-gate static void
deletekey(const struct keylist * k)1550Sstevel@tonic-gate deletekey(const struct keylist *k)
1560Sstevel@tonic-gate {
1570Sstevel@tonic-gate 	int			fd;
1580Sstevel@tonic-gate 	struct wankeyio		wkio;
1590Sstevel@tonic-gate 	struct openpromio	*oio;
1600Sstevel@tonic-gate 
1610Sstevel@tonic-gate 	(void) strlcpy(wkio.wk_keyname, k->keyname, WANBOOT_MAXKEYNAMELEN);
1620Sstevel@tonic-gate 	wkio.wk_keysize = 0;	/* zero key size indicates a deletion */
1630Sstevel@tonic-gate 
1640Sstevel@tonic-gate 	oio = malloc(sizeof (struct openpromio) + sizeof (struct wankeyio));
1650Sstevel@tonic-gate 	if (oio == NULL) {
1660Sstevel@tonic-gate 		wbku_printerr("openpromio malloc (%d) failed\n",
1670Sstevel@tonic-gate 		    sizeof (struct openpromio) +
1680Sstevel@tonic-gate 		    sizeof (struct wankeyio));
1690Sstevel@tonic-gate 		exit(1);
1700Sstevel@tonic-gate 	}
1710Sstevel@tonic-gate 	oio->oprom_size = sizeof (struct wankeyio);
1720Sstevel@tonic-gate 	bcopy(&wkio, oio->oprom_array, sizeof (struct wankeyio));
1730Sstevel@tonic-gate 	fd = open("/dev/openprom", O_RDWR);
1740Sstevel@tonic-gate 	if (fd == -1) {
1750Sstevel@tonic-gate 		wbku_printerr("open: /dev/openprom");
1760Sstevel@tonic-gate 		exit(1);
1770Sstevel@tonic-gate 	}
1780Sstevel@tonic-gate 
1790Sstevel@tonic-gate 	if (ioctl(fd, WANBOOT_SETKEY, oio) == -1) {
1800Sstevel@tonic-gate 		wbku_printerr("setkey: ioctl");
1810Sstevel@tonic-gate 		exit(1);
1820Sstevel@tonic-gate 	}
1830Sstevel@tonic-gate 
1840Sstevel@tonic-gate 	(void) close(fd);
1850Sstevel@tonic-gate }
1860Sstevel@tonic-gate 
1870Sstevel@tonic-gate static void
installkey(const struct keylist * k)1880Sstevel@tonic-gate installkey(const struct keylist *k)
1890Sstevel@tonic-gate {
1900Sstevel@tonic-gate 	char			*keyptr;
1910Sstevel@tonic-gate 	int			fd;
1920Sstevel@tonic-gate 	struct wankeyio		wkio;
1930Sstevel@tonic-gate 	struct openpromio	*oio;
1940Sstevel@tonic-gate 	uint_t			rawkeysize;
1950Sstevel@tonic-gate 	int			err;
1960Sstevel@tonic-gate 
1970Sstevel@tonic-gate 	(void) strlcpy(wkio.wk_keyname, k->keyname, WANBOOT_MAXKEYNAMELEN);
1980Sstevel@tonic-gate 	assert((k->keysize % 2) == 0);
1990Sstevel@tonic-gate 	wkio.wk_keysize = k->keysize / 2;
2000Sstevel@tonic-gate 
2010Sstevel@tonic-gate 	if ((keyptr = getkey(k)) != NULL) {
2020Sstevel@tonic-gate 		rawkeysize = sizeof (wkio.wk_u);
2030Sstevel@tonic-gate 		if ((err = hexascii_to_octet(keyptr, strlen(keyptr),
2040Sstevel@tonic-gate 		    wkio.wk_u.key, &rawkeysize)) != 0) {
2050Sstevel@tonic-gate 			wbku_printerr(
2060Sstevel@tonic-gate 			    "internal error: hexascii_to_octet returned %d\n",
2070Sstevel@tonic-gate 			    err);
2080Sstevel@tonic-gate 			exit(1);
2090Sstevel@tonic-gate 		} else if (rawkeysize != wkio.wk_keysize) {
2100Sstevel@tonic-gate 			wbku_printerr("internal error:  key size mismatch\n");
2110Sstevel@tonic-gate 			exit(1);
2120Sstevel@tonic-gate 		}
2130Sstevel@tonic-gate 
2140Sstevel@tonic-gate 		oio = malloc(sizeof (struct openpromio) +
2150Sstevel@tonic-gate 		    sizeof (struct wankeyio));
2160Sstevel@tonic-gate 		if (oio == NULL) {
2170Sstevel@tonic-gate 			wbku_printerr("openpromio malloc (%d) failed\n",
2180Sstevel@tonic-gate 			    sizeof (struct openpromio) +
2190Sstevel@tonic-gate 			    sizeof (struct wankeyio));
2200Sstevel@tonic-gate 			exit(1);
2210Sstevel@tonic-gate 		}
2220Sstevel@tonic-gate 		oio->oprom_size = sizeof (struct wankeyio);
2230Sstevel@tonic-gate 		bcopy(&wkio, oio->oprom_array, sizeof (struct wankeyio));
2240Sstevel@tonic-gate 		fd = open("/dev/openprom", O_RDWR);
2250Sstevel@tonic-gate 		if (fd == -1) {
2260Sstevel@tonic-gate 			wbku_printerr("open: /dev/openprom");
2270Sstevel@tonic-gate 			exit(1);
2280Sstevel@tonic-gate 		}
2290Sstevel@tonic-gate 
2300Sstevel@tonic-gate 		if (ioctl(fd, WANBOOT_SETKEY, oio) == -1) {
2310Sstevel@tonic-gate 			wbku_printerr("setkey: ioctl");
2320Sstevel@tonic-gate 			exit(1);
2330Sstevel@tonic-gate 		}
2340Sstevel@tonic-gate 
2350Sstevel@tonic-gate 		(void) close(fd);
2360Sstevel@tonic-gate 	} else {
2370Sstevel@tonic-gate 		wbku_printerr("getpassphrase");	/* getpassphrase() failed */
2380Sstevel@tonic-gate 		exit(1);
2390Sstevel@tonic-gate 	}
2400Sstevel@tonic-gate }
2410Sstevel@tonic-gate 
2420Sstevel@tonic-gate static char *
getkey(const struct keylist * k)2430Sstevel@tonic-gate getkey(const struct keylist *k)
2440Sstevel@tonic-gate {
2450Sstevel@tonic-gate 	char	prompt[BUFSIZ];
2460Sstevel@tonic-gate 	char	*p;
2470Sstevel@tonic-gate 	char	*q;
2480Sstevel@tonic-gate 	int	len;
2490Sstevel@tonic-gate 
2500Sstevel@tonic-gate 	(void) snprintf(prompt, sizeof (prompt),
2510Sstevel@tonic-gate 	    gettext("Enter %s key:  "), k->handle);
2520Sstevel@tonic-gate 	p = getpassphrase(prompt);
2530Sstevel@tonic-gate 	if (p) {
2540Sstevel@tonic-gate 		/* skip over initial "0[xX]" */
2550Sstevel@tonic-gate 		if ((p[0] == '0') && (p[1] == 'x' || p[1] == 'X'))
2560Sstevel@tonic-gate 			p += 2;
2570Sstevel@tonic-gate 		len = strlen(p);
2580Sstevel@tonic-gate 		if (len != k->keysize) {
2590Sstevel@tonic-gate 			wbku_printerr(
2600Sstevel@tonic-gate 			    "key length mismatch (expected %d, got %d)\n",
2610Sstevel@tonic-gate 			    k->keysize, len);
2620Sstevel@tonic-gate 			exit(1);
2630Sstevel@tonic-gate 		}
2640Sstevel@tonic-gate 		for (q = p; q < p + len; q++)
2650Sstevel@tonic-gate 			if (!isxdigit(*q)) {
2660Sstevel@tonic-gate 				wbku_printerr(
2670Sstevel@tonic-gate 				    "non-hexadecimal characters in key\n");
2680Sstevel@tonic-gate 				exit(1);
2690Sstevel@tonic-gate 			}
2700Sstevel@tonic-gate 	}
2710Sstevel@tonic-gate 
2720Sstevel@tonic-gate 	return (p);
2730Sstevel@tonic-gate }
2740Sstevel@tonic-gate 
2750Sstevel@tonic-gate static void
usage(const char * progname)2760Sstevel@tonic-gate usage(const char *progname)
2770Sstevel@tonic-gate {
2780Sstevel@tonic-gate 	int	i;
2790Sstevel@tonic-gate 
2800Sstevel@tonic-gate 	(void) fprintf(stderr, gettext(
2810Sstevel@tonic-gate 	    "usage:  %s [ -d ] -o type=keytype\nwhere keytype is one of "),
2820Sstevel@tonic-gate 	    progname);
2830Sstevel@tonic-gate 	for (i = 0; i < sizeof (keylist)/sizeof (keylist[0]); i++)
2840Sstevel@tonic-gate 		(void) fprintf(stderr, "%s ", keylist[i].handle);
2850Sstevel@tonic-gate 	(void) fputc('\n', stderr);
2860Sstevel@tonic-gate 	exit(1);
2870Sstevel@tonic-gate }
288