Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/tests/dev/cgd cgdconfig(8): New -t operation just prints the...



details:   https://anonhg.NetBSD.org/src/rev/cfb3540f8e70
branches:  trunk
changeset: 368889:cfb3540f8e70
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Fri Aug 12 10:48:27 2022 +0000

description:
cgdconfig(8): New -t operation just prints the derived key in base64.

For testing purposes.

diffstat:

 distrib/sets/lists/tests/mi  |   3 +-
 sbin/cgdconfig/cgdconfig.8   |   7 ++-
 sbin/cgdconfig/cgdconfig.c   |  61 ++++++++++++++++++++++++++--
 tests/dev/cgd/Makefile       |   5 +-
 tests/dev/cgd/t_cgdconfig.sh |  94 ++++++++++++++++++++++++++++++++++++++++++++
 5 files changed, 161 insertions(+), 9 deletions(-)

diffs (293 lines):

diff -r 68de0b6cc537 -r cfb3540f8e70 distrib/sets/lists/tests/mi
--- a/distrib/sets/lists/tests/mi       Fri Aug 12 07:35:55 2022 +0000
+++ b/distrib/sets/lists/tests/mi       Fri Aug 12 10:48:27 2022 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.1217 2022/07/21 09:52:48 kre Exp $
+# $NetBSD: mi,v 1.1218 2022/08/12 10:48:27 riastradh Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -1426,6 +1426,7 @@
 ./usr/tests/dev/cgd/t_cgd_adiantum                     tests-fs-tests          atf,compattestfile,rump
 ./usr/tests/dev/cgd/t_cgd_aes                          tests-fs-tests          atf,compattestfile,rump
 ./usr/tests/dev/cgd/t_cgd_blowfish                     tests-fs-tests          atf,compattestfile,rump
+./usr/tests/dev/cgd/t_cgdconfig                                tests-fs-tests          compattestfile,atf
 ./usr/tests/dev/clock_subr                             tests-fs-tests          compattestfile,atf
 ./usr/tests/dev/clock_subr/Atffile                     tests-fs-tests          compattestfile,atf
 ./usr/tests/dev/clock_subr/Kyuafile                    tests-fs-tests          compattestfile,atf,kyua
diff -r 68de0b6cc537 -r cfb3540f8e70 sbin/cgdconfig/cgdconfig.8
--- a/sbin/cgdconfig/cgdconfig.8        Fri Aug 12 07:35:55 2022 +0000
+++ b/sbin/cgdconfig/cgdconfig.8        Fri Aug 12 10:48:27 2022 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: cgdconfig.8,v 1.52 2021/12/04 15:03:58 nia Exp $
+.\" $NetBSD: cgdconfig.8,v 1.53 2022/08/12 10:48:27 riastradh Exp $
 .\"
 .\" Copyright (c) 2002, The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -60,6 +60,9 @@
 .Ar alg
 .Op Ar keylen
 .Nm
+.Fl t
+.Ar paramsfile
+.Nm
 .Fl l
 .Op Fl v Ns Op Cm v
 .Op Ar cgd
@@ -143,6 +146,8 @@
 again.
 .It Fl s
 Read the key (nb: not the passphrase) from stdin.
+.It Fl t
+Generate the key and print it to standard output encoded in base64.
 .It Fl U
 Unconfigure all the devices listed in the cgd configuration file.
 .It Fl u
diff -r 68de0b6cc537 -r cfb3540f8e70 sbin/cgdconfig/cgdconfig.c
--- a/sbin/cgdconfig/cgdconfig.c        Fri Aug 12 07:35:55 2022 +0000
+++ b/sbin/cgdconfig/cgdconfig.c        Fri Aug 12 10:48:27 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cgdconfig.c,v 1.53 2021/11/22 14:34:35 nia Exp $ */
+/* $NetBSD: cgdconfig.c,v 1.54 2022/08/12 10:48:27 riastradh Exp $ */
 
 /*-
  * Copyright (c) 2002, 2003 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #ifndef lint
 __COPYRIGHT("@(#) Copyright (c) 2002, 2003\
  The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: cgdconfig.c,v 1.53 2021/11/22 14:34:35 nia Exp $");
+__RCSID("$NetBSD: cgdconfig.c,v 1.54 2022/08/12 10:48:27 riastradh Exp $");
 #endif
 
 #ifdef HAVE_ARGON2
@@ -51,6 +51,11 @@
 #include <paths.h>
 #include <dirent.h>
 
+/* base64 gunk */
+#include <netinet/in.h>
+#include <arpa/nameser.h>
+#include <resolv.h>
+
 #include <sys/ioctl.h>
 #include <sys/stat.h>
 #include <sys/bootblock.h>
@@ -83,7 +88,8 @@
         ACTION_CONFIGALL,              /* configure all from config file */
         ACTION_UNCONFIGALL,            /* unconfigure all from config file */
         ACTION_CONFIGSTDIN,            /* configure, key from stdin */
-        ACTION_LIST                    /* list configured devices */
+        ACTION_LIST,                   /* list configured devices */
+        ACTION_PRINTKEY,               /* print key to stdout */
 };
 
 /* if nflag is set, do not configure/unconfigure the cgd's */
@@ -106,6 +112,7 @@
 static int     do_all(const char *, int, char **,
                       int (*)(int, char **, struct params *, int));
 static int     do_list(int, char **);
+static int     do_printkey(int, char **);
 
 #define CONFIG_FLAGS_FROMALL   1       /* called from configure_all() */
 #define CONFIG_FLAGS_FROMMAIN  2       /* called from main() */
@@ -155,6 +162,7 @@
        (void)fprintf(stderr, "       %s -l [-v[v]] [cgd]\n", getprogname());
        (void)fprintf(stderr, "       %s -s [-nv] [-i ivmeth] cgd dev alg "
            "[keylen]\n", getprogname());
+       (void)fprintf(stderr, "       %s -t paramsfile\n", getprogname());
        (void)fprintf(stderr, "       %s -U [-nv] [-f configfile]\n",
            getprogname());
        (void)fprintf(stderr, "       %s -u [-nv] cgd\n", getprogname());
@@ -209,7 +217,7 @@
        p = params_new();
        kg = NULL;
 
-       while ((ch = getopt(argc, argv, "CGUV:b:ef:gi:k:lno:spuv")) != -1)
+       while ((ch = getopt(argc, argv, "CGUV:b:ef:gi:k:lno:sptuv")) != -1)
                switch (ch) {
                case 'C':
                        set_action(&action, ACTION_CONFIGALL);
@@ -276,7 +284,9 @@
                case 's':
                        set_action(&action, ACTION_CONFIGSTDIN);
                        break;
-
+               case 't':
+                       set_action(&action, ACTION_PRINTKEY);
+                       break;
                case 'u':
                        set_action(&action, ACTION_UNCONFIGURE);
                        break;
@@ -319,6 +329,8 @@
                return configure_stdin(p, argc, argv);
        case ACTION_LIST:
                return do_list(argc, argv);
+       case ACTION_PRINTKEY:
+               return do_printkey(argc, argv);
        default:
                errx(EXIT_FAILURE, "undefined action");
                /* NOTREACHED */
@@ -1339,6 +1351,45 @@
        return 0;
 }
 
+static int
+do_printkey(int argc, char **argv)
+{
+       struct params *p;
+       const uint8_t *raw;
+       size_t nbits, nbytes;
+       size_t nb64;
+       char *b64;
+       int ret;
+
+       if (argc != 1)
+               usage();
+       p = params_cget(argv[0]);
+       if (p == NULL)
+               return -1;
+       if (!params_verify(p)) {
+               warnx("invalid parameters file \"%s\"", argv[0]);
+               return -1;
+       }
+       p->key = getkey("key", p->keygen, p->keylen);
+       raw = bits_getbuf(p->key);
+       nbits = bits_len(p->key);
+       assert(nbits <= INT_MAX - 7);
+       nbytes = BITS2BYTES(nbits);
+       assert(nbytes <= 3*(INT_MAX/4) - 2);
+
+       nb64 = 4*((nbytes + 2)/3);
+       b64 = emalloc(nb64 + 2);
+       ret = __b64_ntop(raw, nbytes, b64, nb64 + 1);
+       assert(ret == (int)nb64);
+       b64[nb64] = '\n';
+       b64[nb64 + 1] = '\0';
+
+       if (fwrite(b64, nb64 + 1, 1, stdout) != 1)
+               err(1, "fwrite");
+       fflush(stdout);
+       return ferror(stdout);
+}
+
 static void
 eliminate_cores(void)
 {
diff -r 68de0b6cc537 -r cfb3540f8e70 tests/dev/cgd/Makefile
--- a/tests/dev/cgd/Makefile    Fri Aug 12 07:35:55 2022 +0000
+++ b/tests/dev/cgd/Makefile    Fri Aug 12 10:48:27 2022 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.11 2020/06/29 23:44:01 riastradh Exp $
+#      $NetBSD: Makefile,v 1.12 2022/08/12 10:48:28 riastradh Exp $
 #
 
 .include <bsd.own.mk>
@@ -7,7 +7,8 @@
 FILES=         paramsfile
 FILESDIR=      ${TESTSDIR}
 
-TESTS_SH=      t_cgd
+TESTS_SH+=     t_cgd
+TESTS_SH+=     t_cgdconfig
 
 .if ${MKRUMP} != "no"
 TESTS_C+=      t_cgd_3des
diff -r 68de0b6cc537 -r cfb3540f8e70 tests/dev/cgd/t_cgdconfig.sh
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/dev/cgd/t_cgdconfig.sh      Fri Aug 12 10:48:27 2022 +0000
@@ -0,0 +1,94 @@
+#      $NetBSD: t_cgdconfig.sh,v 1.1 2022/08/12 10:48:28 riastradh Exp $
+#
+# Copyright (c) 2022 The NetBSD Foundation, Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+
+atf_test_case storedkey
+storedkey_head()
+{
+       atf_set descr "Test key generation with storedkey"
+}
+storedkey_body()
+{
+       cat <<EOF >params
+algorithm adiantum;
+iv-method encblkno1;
+keylength 256;
+verify_method none;
+keygen storedkey key AAABAJtnmp3XZspMBAFpCYnB8Hekn0 \
+                     gj5cDVngslfGLSqwcy;
+EOF
+       atf_check -o inline:'m2eanddmykwEAWkJicHwd6SfSCPlwNWeCyV8YtKrBzI=\n' \
+           cgdconfig -t params
+}
+
+atf_test_case storedkey2a
+storedkey2a_head()
+{
+       atf_set descr "Test key generation with combined storedkeys"
+}
+storedkey2a_body()
+{
+       cat <<EOF >params
+algorithm adiantum;
+iv-method encblkno1;
+keylength 256;
+verify_method none;
+keygen storedkey key AAABAJtnmp3XZspMBAFpCYnB8Hekn0 \
+                     gj5cDVngslfGLSqwcy;
+keygen storedkey key AAABAK1pbgIayXftX0RQ3AaMK4YEd/ \
+                     fowKwQbENxpu3o1k9m;
+EOF
+       atf_check -o inline:'Ng70n82vvaFbRTnVj03b8aDov8slbMXySFTajzp9SFQ=\n' \
+           cgdconfig -t params
+}
+
+atf_test_case storedkey2b
+storedkey2b_head()
+{
+       atf_set descr "Test key generation with combined storedkeys, reversed"
+}
+storedkey2b_body()
+{
+       cat <<EOF >params
+algorithm adiantum;
+iv-method encblkno1;
+keylength 256;
+verify_method none;
+keygen storedkey key AAABAK1pbgIayXftX0RQ3AaMK4YEd/ \
+                     fowKwQbENxpu3o1k9m;
+keygen storedkey key AAABAJtnmp3XZspMBAFpCYnB8Hekn0 \
+                     gj5cDVngslfGLSqwcy;
+EOF
+       atf_check -o inline:'Ng70n82vvaFbRTnVj03b8aDov8slbMXySFTajzp9SFQ=\n' \
+           cgdconfig -t params
+}
+
+atf_init_test_cases()
+{
+       atf_add_test_case storedkey
+       atf_add_test_case storedkey2a
+       atf_add_test_case storedkey2b
+}



Home | Main Index | Thread Index | Old Index