xref: /dragonfly/lib/libtcplay/crypto-dev.c (revision 86d7f5d305c6adaa56ff4582ece9859d73106103)
1 /*
2  * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>.
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in
13  *    the documentation and/or other materials provided with the
14  *    distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
19  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
20  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
21  * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
22  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
26  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 #include <sys/types.h>
30 #include <sys/param.h>
31 #include <sys/ioctl.h>
32 #include <sys/sysctl.h>
33 #include <crypto/cryptodev.h>
34 
35 #include <fcntl.h>
36 #include <unistd.h>
37 #include <errno.h>
38 #include <string.h>
39 #include <stdio.h>
40 
41 #include "tcplay.h"
42 
43 static
44 int
getallowsoft(void)45 getallowsoft(void)
46 {
47           int old;
48           size_t olen;
49 
50           olen = sizeof(old);
51 
52           if (sysctlbyname("kern.cryptodevallowsoft", &old, &olen, NULL, 0) < 0) {
53                     perror("accessing sysctl kern.cryptodevallowsoft failed");
54           }
55 
56           return old;
57 }
58 
59 static
60 void
setallowsoft(int new)61 setallowsoft(int new)
62 {
63           int old;
64           size_t olen, nlen;
65 
66           olen = nlen = sizeof(new);
67 
68           if (sysctlbyname("kern.cryptodevallowsoft", &old, &olen, &new, nlen) < 0) {
69                     perror("accessing sysctl kern.cryptodevallowsoft failed");
70           }
71 }
72 
73 static
74 int
get_cryptodev_cipher_id(struct tc_crypto_algo * cipher)75 get_cryptodev_cipher_id(struct tc_crypto_algo *cipher)
76 {
77           if        (strcmp(cipher->name, "AES-128-XTS") == 0)
78                     return CRYPTO_AES_XTS;
79           else if (strcmp(cipher->name, "AES-256-XTS") == 0)
80                     return CRYPTO_AES_XTS;
81           else if (strcmp(cipher->name, "TWOFISH-128-XTS") == 0)
82                     return CRYPTO_TWOFISH_XTS;
83           else if (strcmp(cipher->name, "TWOFISH-256-XTS") == 0)
84                     return CRYPTO_TWOFISH_XTS;
85           else if (strcmp(cipher->name, "SERPENT-128-XTS") == 0)
86                     return CRYPTO_SERPENT_XTS;
87           else if (strcmp(cipher->name, "SERPENT-256-XTS") == 0)
88                     return CRYPTO_SERPENT_XTS;
89           else
90                     return -1;
91 }
92 
93 int
syscrypt(struct tc_crypto_algo * cipher,unsigned char * key,size_t klen,unsigned char * iv,unsigned char * in,unsigned char * out,size_t len,int do_encrypt)94 syscrypt(struct tc_crypto_algo *cipher, unsigned char *key, size_t klen, unsigned char *iv,
95     unsigned char *in, unsigned char *out, size_t len, int do_encrypt)
96 {
97           struct session_op session;
98           struct crypt_op cryp;
99           int cipher_id;
100           int cryptodev_fd = -1, fd = -1;
101 
102           cipher_id = get_cryptodev_cipher_id(cipher);
103           if (cipher_id < 0) {
104                     tc_log(1, "Cipher %s not found\n",
105                         cipher->name);
106                     return ENOENT;
107           }
108 
109           if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
110                     perror("Could not open /dev/crypto");
111                     goto err;
112           }
113           if (ioctl(cryptodev_fd, CRIOGET, &fd) == -1) {
114                     perror("CRIOGET failed");
115                     goto err;
116           }
117           memset(&session, 0, sizeof(session));
118           session.cipher = cipher_id;
119           session.key = (caddr_t) key;
120           session.keylen = klen;
121           if (ioctl(fd, CIOCGSESSION, &session) == -1) {
122                     perror("CIOCGSESSION failed");
123                     goto err;
124           }
125           memset(&cryp, 0, sizeof(cryp));
126           cryp.ses = session.ses;
127           cryp.op = do_encrypt ? COP_ENCRYPT : COP_DECRYPT;
128           cryp.flags = 0;
129           cryp.len = len;
130           cryp.src = (caddr_t) in;
131           cryp.dst = (caddr_t) out;
132           cryp.iv = (caddr_t) iv;
133           cryp.mac = 0;
134           if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
135                     perror("CIOCCRYPT failed");
136                     goto err;
137           }
138           if (ioctl(fd, CIOCFSESSION, &session.ses) == -1) {
139                     perror("CIOCFSESSION failed");
140                     goto err;
141           }
142           close(fd);
143           close(cryptodev_fd);
144           return (0);
145 
146 err:
147           if (fd != -1)
148                     close(fd);
149           if (cryptodev_fd != -1)
150                     close(cryptodev_fd);
151           return (-1);
152 }
153 
154 int
tc_crypto_init(void)155 tc_crypto_init(void)
156 {
157           int allowed;
158 
159           allowed = getallowsoft();
160           if (allowed == 0)
161                     setallowsoft(1);
162 
163           return 0;
164 }
165 
166