From c6908cd5785f41c11eeb730acb94b7f43e63ed50 Mon Sep 17 00:00:00 2001
From: Taylor R Campbell <riastradh@NetBSD.org>
Date: Sat, 6 Aug 2022 13:36:13 +0000
Subject: [PATCH 2/4] cgdconfig(8): New -T operation prints all generated keys
 in cgd.conf.

For testing purposes.
---
 sbin/cgdconfig/cgdconfig.c   | 56 ++++++++++++++++++++++++++++++++----
 tests/dev/cgd/t_cgdconfig.sh | 35 ++++++++++++++++++++++
 2 files changed, 85 insertions(+), 6 deletions(-)

diff --git a/sbin/cgdconfig/cgdconfig.c b/sbin/cgdconfig/cgdconfig.c
index e2f28625b94a..0629cd9c20d4 100644
--- a/sbin/cgdconfig/cgdconfig.c
+++ b/sbin/cgdconfig/cgdconfig.c
@@ -90,6 +90,7 @@ enum action {
 	 ACTION_CONFIGSTDIN,		/* configure, key from stdin */
 	 ACTION_LIST,			/* list configured devices */
 	 ACTION_PRINTKEY,		/* print key to stdout */
+	 ACTION_PRINTALLKEYS,		/* print all keys to stdout */
 };
 
 /* if nflag is set, do not configure/unconfigure the cgd's */
@@ -112,6 +113,8 @@ static int	unconfigure(int, char **, struct params *, int);
 static int	do_all(const char *, int, char **,
 		       int (*)(int, char **, struct params *, int));
 static int	do_list(int, char **);
+static int	printkey(const char *);
+static int	printkey1(int, char **, struct params *, int);
 static int	do_printkey(int, char **);
 
 #define CONFIG_FLAGS_FROMALL	1	/* called from configure_all() */
@@ -163,6 +166,7 @@ usage(void)
 	(void)fprintf(stderr, "       %s -s [-nv] [-i ivmeth] cgd dev alg "
 	    "[keylen]\n", getprogname());
 	(void)fprintf(stderr, "       %s -t paramsfile\n", getprogname());
+	(void)fprintf(stderr, "       %s -T [-f configfile]\n", getprogname());
 	(void)fprintf(stderr, "       %s -U [-nv] [-f configfile]\n",
 	    getprogname());
 	(void)fprintf(stderr, "       %s -u [-nv] cgd\n", getprogname());
@@ -217,7 +221,7 @@ main(int argc, char **argv)
 	p = params_new();
 	kg = NULL;
 
-	while ((ch = getopt(argc, argv, "CGUV:b:ef:gi:k:lno:sptuv")) != -1)
+	while ((ch = getopt(argc, argv, "CGTUV:b:ef:gi:k:lno:sptuv")) != -1)
 		switch (ch) {
 		case 'C':
 			set_action(&action, ACTION_CONFIGALL);
@@ -225,6 +229,9 @@ main(int argc, char **argv)
 		case 'G':
 			set_action(&action, ACTION_GENERATE_CONVERT);
 			break;
+		case 'T':
+			set_action(&action, ACTION_PRINTALLKEYS);
+			break;
 		case 'U':
 			set_action(&action, ACTION_UNCONFIGALL);
 			break;
@@ -331,6 +338,8 @@ main(int argc, char **argv)
 		return do_list(argc, argv);
 	case ACTION_PRINTKEY:
 		return do_printkey(argc, argv);
+	case ACTION_PRINTALLKEYS:
+		return do_all(cfile, argc, argv, printkey1);
 	default:
 		errx(EXIT_FAILURE, "undefined action");
 		/* NOTREACHED */
@@ -1352,7 +1361,7 @@ do_list(int argc, char **argv)
 }
 
 static int
-do_printkey(int argc, char **argv)
+printkey(const char *paramsfile)
 {
 	struct params *p;
 	const uint8_t *raw;
@@ -1361,13 +1370,11 @@ do_printkey(int argc, char **argv)
 	char *b64;
 	int ret;
 
-	if (argc != 1)
-		usage();
-	p = params_cget(argv[0]);
+	p = params_cget(paramsfile);
 	if (p == NULL)
 		return -1;
 	if (!params_verify(p)) {
-		warnx("invalid parameters file \"%s\"", argv[0]);
+		warnx("invalid parameters file \"%s\"", paramsfile);
 		return -1;
 	}
 	p->key = getkey("key", p->keygen, p->keylen);
@@ -1390,6 +1397,43 @@ do_printkey(int argc, char **argv)
 	return ferror(stdout);
 }
 
+static int
+printkey1(int argc, char **argv, struct params *inparams, int flags)
+{
+	char devicename[PATH_MAX], paramsfilebuf[PATH_MAX];
+	const char *dev, *paramsfile;
+
+	assert(flags == CONFIG_FLAGS_FROMALL);
+
+	if (argc < 2 || argc > 3)
+		return -1;
+
+	dev = getfsspecname(devicename, sizeof(devicename), argv[1]);
+	if (dev == NULL) {
+		warnx("getfsspecname failed: %s", devicename);
+		return -1;
+	}
+
+	if (argc == 2) {
+		strlcpy(paramsfilebuf, dev, sizeof(paramsfilebuf));
+		paramsfile = basename(paramsfilebuf);
+	} else {
+		paramsfile = argv[2];
+	}
+
+	printf("%s: ", dev);
+	return printkey(paramsfile);
+}
+
+static int
+do_printkey(int argc, char **argv)
+{
+
+	if (argc != 1)
+		usage();
+	return printkey(argv[0]);
+}
+
 static void
 eliminate_cores(void)
 {
diff --git a/tests/dev/cgd/t_cgdconfig.sh b/tests/dev/cgd/t_cgdconfig.sh
index 7a4edc21ce1a..d7cccb2db08d 100644
--- a/tests/dev/cgd/t_cgdconfig.sh
+++ b/tests/dev/cgd/t_cgdconfig.sh
@@ -44,6 +44,40 @@ EOF
 	    cgdconfig -t params
 }
 
+atf_test_case storedkeys
+storedkeys_head()
+{
+	atf_set descr "Test multiple stored keys with cgd.conf"
+}
+storedkeys_body()
+{
+	cat <<EOF >wd0e
+algorithm adiantum;
+iv-method encblkno1;
+keylength 256;
+verify_method none;
+keygen storedkey key AAABAJtnmp3XZspMBAFpCYnB8Hekn0 \
+                     gj5cDVngslfGLSqwcy;
+EOF
+	cat <<EOF >ld1e
+algorithm adiantum;
+iv-method encblkno1;
+keylength 256;
+verify_method none;
+keygen storedkey key AAABAK1pbgIayXftX0RQ3AaMK4YEd/ \
+                     fowKwQbENxpu3o1k9m;
+EOF
+	cat <<EOF >cgd.conf
+cgd0	/dev/wd0e	wd0e
+cgd1	/dev/ld1e	ld1e
+EOF
+	cat <<EOF >expected
+/dev/wd0e: m2eanddmykwEAWkJicHwd6SfSCPlwNWeCyV8YtKrBzI=
+/dev/ld1e: rWluAhrJd+1fRFDcBowrhgR39+jArBBsQ3Gm7ejWT2Y=
+EOF
+	atf_check -o file:expected cgdconfig -T -f cgd.conf
+}
+
 atf_test_case storedkey2a
 storedkey2a_head()
 {
@@ -91,4 +125,5 @@ atf_init_test_cases()
 	atf_add_test_case storedkey
 	atf_add_test_case storedkey2a
 	atf_add_test_case storedkey2b
+	atf_add_test_case storedkeys
 }