socsvn commit: r269949 - in soc2013/def/crashdump-head: sbin/dumpkey sys/kern sys/sys
def at FreeBSD.org
def at FreeBSD.org
Mon Jun 23 22:16:02 UTC 2014
Author: def
Date: Mon Jun 23 22:16:00 2014
New Revision: 269949
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=269949
Log:
Use CBC mode instead of XTS.
Modified:
soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c
soc2013/def/crashdump-head/sys/kern/kern_shutdown.c
soc2013/def/crashdump-head/sys/sys/kerneldump.h
Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Mon Jun 23 19:47:25 2014 (r269948)
+++ soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Mon Jun 23 22:16:00 2014 (r269949)
@@ -3,7 +3,7 @@
#include <string.h>
#include <sys/sysctl.h>
#include <sys/kerneldump.h>
-#include <crypto/xts.h>
+#include <crypto/rijndael/rijndael-api-fst.h>
#include <opencrypto/cryptodev.h>
#define OPENSSL_NO_SHA
@@ -13,23 +13,7 @@
#include <openssl/pem.h>
#define PATH_DEVRANDOM "/dev/random"
-#define PEFS_SECTOR_SIZE 4096
-
-static const char kerneldump_magic[] = "PEFSKEY-V1";
-
-static void
-hkdf_expand(struct xts_ctx *ctx, const uint8_t *masterkey, uint8_t *key,
- int idx, const uint8_t *magic, size_t magicsize)
-{
- uint8_t byte_idx = idx;
-
- hmac_init(&ctx->o.pctx_hmac, CRYPTO_SHA2_512_HMAC,
- masterkey, KERNELDUMP_KEY_SIZE);
- hmac_update(&ctx->o.pctx_hmac, key, KERNELDUMP_KEY_SIZE);
- hmac_update(&ctx->o.pctx_hmac, magic, magicsize);
- hmac_update(&ctx->o.pctx_hmac, &byte_idx, sizeof(byte_idx));
- hmac_final(&ctx->o.pctx_hmac, key, KERNELDUMP_KEY_SIZE);
-}
+#define DEVBLK_SIZE 512
static void
usage(void)
@@ -67,7 +51,8 @@
}
static int
-encrypt_key(char *plainkey, struct kerneldumpkey *key, RSA *public_key, char *public_key_file)
+encrypt_key(char *plain_dumpkey, struct kerneldumpkey *dumpkey, RSA *public_key,
+ char *public_key_file)
{
FILE *fp;
@@ -82,20 +67,20 @@
if (public_key == NULL)
return (-1);
- memcpy(plainkey + KERNELDUMP_KEY_SIZE, key->tweak, KERNELDUMP_TWEAK_SIZE);
-
- if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE, plainkey,
- key->encrypted_key, public_key, RSA_PKCS1_PADDING) == -1)
+ if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE,
+ plain_dumpkey, dumpkey->ciphertext, public_key,
+ RSA_PKCS1_PADDING) == -1) {
return (-1);
+ }
return (0);
}
static int
-decrypt_key(char *cipherkey, char *key, char *tweak, RSA *private_key, char *private_key_file)
+decrypt_key(char *cipherkey, char *key, char *iv, RSA *private_key, char *private_key_file)
{
FILE *fp;
- char buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE];
+ char buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE];
fp = fopen(private_key_file, "r");
@@ -108,35 +93,13 @@
if (private_key == NULL)
return (-1);
- if (RSA_private_decrypt(KERNELDUMP_ENCRYPTED_KEY_SIZE, cipherkey, buf,
- private_key, RSA_PKCS1_PADDING) == -1)
+ if (RSA_private_decrypt(KERNELDUMP_CIPHERTEXT_SIZE, cipherkey, buf,
+ private_key, RSA_PKCS1_PADDING) == -1) {
return (-1);
+ }
memcpy(key, buf, KERNELDUMP_KEY_SIZE);
- memcpy(tweak, buf + KERNELDUMP_KEY_SIZE, KERNELDUMP_TWEAK_SIZE);
-
- return (0);
-}
-
-static int
-expand_key(char *masterkey, struct xts_ctx *data_ctx, struct xts_ctx *tweak_ctx)
-{
- struct xts_ctx ctx;
- char key[KERNELDUMP_KEY_SIZE];
-
- bzero(key, KERNELDUMP_KEY_SIZE);
- bzero(&ctx, sizeof(struct xts_ctx));
- bzero(data_ctx, sizeof(struct xts_ctx));
- bzero(tweak_ctx, sizeof(struct xts_ctx));
-
- hkdf_expand(&ctx, masterkey, key, 1, kerneldump_magic, sizeof(kerneldump_magic));
- xts_alg_aes.pa_keysetup(data_ctx, key, KERNELDUMP_KEY_SIZE << 2);
-
- hkdf_expand(&ctx, masterkey, key, 2, kerneldump_magic, sizeof(kerneldump_magic));
- xts_alg_aes.pa_keysetup(tweak_ctx, key, KERNELDUMP_KEY_SIZE << 2);
-
- bzero(&ctx, sizeof(struct xts_ctx));
- bzero(key, KERNELDUMP_KEY_SIZE);
+ memcpy(iv, buf + KERNELDUMP_KEY_SIZE, KERNELDUMP_IV_SIZE);
return (0);
}
@@ -150,51 +113,47 @@
static void
generate_key(char *public_key_file)
{
- char buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE];
- struct kerneldumpkey key;
+ char buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE];
+ struct kerneldumpkey dumpkey;
RSA *public_key;
+ int error;
public_key = RSA_new();
- if (random_data(buf, KERNELDUMP_KEY_SIZE)) {
+ if (random_data(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE)) {
printf("Error: cannot generate a symmetric key.\n");
goto out;
}
- if (random_data(key.tweak, KERNELDUMP_TWEAK_SIZE)) {
- printf("Error: cannot generate a tweak.\n");
- goto out;
- }
+ error = rijndael_makeKey(&dumpkey.ki, DIR_ENCRYPT,
+ 8 * KERNELDUMP_KEY_SIZE, buf);
+ error = rijndael_cipherInit(&dumpkey.ci, MODE_CBC,
+ buf + KERNELDUMP_KEY_SIZE);
- if (expand_key(buf, &key.data_ctx, &key.tweak_ctx)) {
- printf("Error: cannot expand a symmetric key.\n");
- goto out;
- }
-
- if (encrypt_key(buf, &key, public_key, public_key_file)) {
+ if (encrypt_key(buf, &dumpkey, public_key, public_key_file)) {
printf("Error: cannot encrypt a key.\n");
goto out;
}
- if (sysctl_dumpkey(&key)) {
+ if (sysctl_dumpkey(&dumpkey)) {
printf("Error: cannot set a kernel crash dump key.\n");
goto out;
}
out:
- bzero(&key, sizeof(struct kerneldumpkey));
- bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE);
+ bzero(&dumpkey, sizeof(struct kerneldumpkey));
+ bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE);
RSA_free(public_key);
}
static void
decrypt_core(char *encrypted_core, char *private_key_file, char *encrypted_key_file)
{
- char key[KERNELDUMP_KEY_SIZE], tweak[KERNELDUMP_TWEAK_SIZE];
- char buf[PEFS_SECTOR_SIZE];
- struct xts_ctx data_ctx, tweak_ctx;
+ char buf[DEVBLK_SIZE];
+ char key[KERNELDUMP_KEY_SIZE], iv[KERNELDUMP_IV_SIZE];
+ struct kerneldumpkey dumpkey;
RSA *private_key;
- int offset;
+ int error, offset;
size_t buf_used, bytes;
FILE *fp, *fp_w;
@@ -209,28 +168,43 @@
if (fp == NULL || fp_w == NULL)
goto out;
- if (read_data(buf, KERNELDUMP_ENCRYPTED_KEY_SIZE, encrypted_key_file)) {
+ if (read_data(buf, KERNELDUMP_CIPHERTEXT_SIZE, encrypted_key_file)) {
printf("Error: cannot read an encrypted key.\n");
goto out;
}
- if (decrypt_key(buf, key, tweak, private_key, private_key_file)) {
+ if (decrypt_key(buf, key, iv, private_key, private_key_file)) {
printf("Error: cannot decrypt a key.\n");
goto out;
}
- if (expand_key(key, &data_ctx, &tweak_ctx)) {
- printf("Error: cannot expand a symmetric key.\n");
+ error = rijndael_makeKey(&dumpkey.ki, DIR_DECRYPT,
+ 8 * KERNELDUMP_KEY_SIZE, key);
+ if (error <= 0) {
+ printf("Error: cannot initialize a key.\n");
goto out;
}
offset = buf_used = 0;
do {
- bytes = fread(buf + buf_used, 1, PEFS_SECTOR_SIZE - buf_used, fp);
+ bytes = fread(buf + buf_used, 1, DEVBLK_SIZE - buf_used, fp);
buf_used += bytes;
- if (buf_used == PEFS_SECTOR_SIZE || (buf_used > 0 && bytes == 0)) {
- xts_block_decrypt(&xts_alg_aes, &tweak_ctx, &data_ctx, offset, tweak, 0, buf_used, buf, buf);
+ if (buf_used == DEVBLK_SIZE) {
+ error = rijndael_cipherInit(&dumpkey.ci, MODE_CBC, iv);
+ if (error <= 0) {
+ printf("Error: cannot initialize a cipher.\n");
+ goto out;
+ }
+ if (buf_used >= KERNELDUMP_IV_SIZE)
+ memcpy(iv, buf + buf_used - KERNELDUMP_IV_SIZE,
+ KERNELDUMP_IV_SIZE);
+ error = rijndael_blockDecrypt(&dumpkey.ci, &dumpkey.ki,
+ buf, 8 * buf_used, buf);
+ if (error <= 0) {
+ printf("Error: cannot decrypt data.\n");
+ goto out;
+ }
if (fwrite(buf, 1, buf_used, fp_w) != buf_used) {
printf("Error: cannot write a decrypted core.\n");
@@ -245,11 +219,10 @@
out:
fclose(fp_w);
fclose(fp);
- bzero(&buf, sizeof(buf));
+ bzero(&iv, sizeof(iv));
bzero(&key, sizeof(key));
- bzero(&tweak, sizeof(tweak));
- bzero(&data_ctx, sizeof(struct xts_ctx));
- bzero(&tweak_ctx, sizeof(struct xts_ctx));
+ bzero(&buf, sizeof(buf));
+ bzero(&dumpkey, sizeof(struct kerneldumpkey));
RSA_free(private_key);
}
Modified: soc2013/def/crashdump-head/sys/kern/kern_shutdown.c
==============================================================================
--- soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon Jun 23 19:47:25 2014 (r269948)
+++ soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon Jun 23 22:16:00 2014 (r269949)
@@ -879,8 +879,7 @@
{
struct kerneldumpkey *kdk;
struct kerneldumpbuffer *kdb;
- int error, sector_index, devblk_index;
- off_t sector_offset;
+ int error;
kdk = di->kdk;
kdb = di->kdb;
@@ -892,17 +891,17 @@
return (di->dumper(di->priv, virtual, physical, offset, length));
}
- sector_index = (offset - kdb->kdhoffset)/KERNELDUMP_SECTOR_SIZE;
- sector_offset = kdb->kdhoffset + sector_index*KERNELDUMP_SECTOR_SIZE;
- devblk_index = (offset - sector_offset)/KERNELDUMP_DEVBLK_SIZE;
- sector_offset -= kdb->kdhoffset;
-
while (length > 0) {
memcpy(kdb->buf, virtual, KERNELDUMP_DEVBLK_SIZE);
- xts_block_encrypt(&xts_alg_aes, &kdk->tweak_ctx, &kdk->data_ctx,
- sector_offset, kdk->tweak, devblk_index*KERNELDUMP_DEVBLK_BLKS,
- KERNELDUMP_DEVBLK_SIZE, kdb->buf, kdb->buf);
+ error = rijndael_blockEncrypt(&kdk->ci, &kdk->ki, kdb->buf,
+ KERNELDUMP_DEVBLK_SIZE * 8, kdb->buf);
+ if (error <= 0)
+ return (-1);
+ error = rijndael_cipherInit(&kdk->ci, MODE_CBC, kdb->buf +
+ KERNELDUMP_DEVBLK_SIZE - KERNELDUMP_IV_SIZE);
+ if (error <= 0)
+ return (-1);
error = (di->dumper(di->priv, kdb->buf, physical, offset, KERNELDUMP_DEVBLK_SIZE));
@@ -912,10 +911,6 @@
virtual = (void *)((char *)virtual + KERNELDUMP_DEVBLK_SIZE);
length -= KERNELDUMP_DEVBLK_SIZE;
offset += KERNELDUMP_DEVBLK_SIZE;
- devblk_index = (devblk_index+1)%KERNELDUMP_SECTOR_BLKS;
-
- if (devblk_index == 0)
- sector_offset = offset - kdb->kdhoffset;
}
return (0);
@@ -975,6 +970,7 @@
strncpy(kdh->versionstring, version, sizeof(kdh->versionstring));
if (panicstr != NULL)
strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring));
- memcpy(kdh->encrypted_key, dumper.kdk->encrypted_key, KERNELDUMP_ENCRYPTED_KEY_SIZE);
+ memcpy(kdh->ciphertext, dumper.kdk->ciphertext,
+ KERNELDUMP_CIPHERTEXT_SIZE);
kdh->parity = kerneldump_parity(kdh);
}
Modified: soc2013/def/crashdump-head/sys/sys/kerneldump.h
==============================================================================
--- soc2013/def/crashdump-head/sys/sys/kerneldump.h Mon Jun 23 19:47:25 2014 (r269948)
+++ soc2013/def/crashdump-head/sys/sys/kerneldump.h Mon Jun 23 22:16:00 2014 (r269949)
@@ -38,8 +38,8 @@
#ifndef _SYS_KERNELDUMP_H
#define _SYS_KERNELDUMP_H
+#include <crypto/rijndael/rijndael-api-fst.h>
#include <machine/endian.h>
-#include <crypto/xts.h>
#if BYTE_ORDER == LITTLE_ENDIAN
#define dtoh32(x) __bswap32(x)
@@ -76,16 +76,16 @@
#define KERNELDUMP_POWERPC_VERSION 1
#define KERNELDUMP_SPARC64_VERSION 1
#define KERNELDUMP_TEXT_VERSION 1
-#define KERNELDUMP_KEY_SIZE 64
-#define KERNELDUMP_ENCRYPTED_KEY_SIZE 256
-#define KERNELDUMP_TWEAK_SIZE 8
+#define KERNELDUMP_KEY_SIZE 32
+#define KERNELDUMP_IV_SIZE 16
+#define KERNELDUMP_CIPHERTEXT_SIZE 256
uint64_t dumplength; /* excl headers */
uint64_t dumptime;
uint32_t blocksize;
char hostname[64];
char versionstring[64];
char panicstring[64];
- char encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE];
+ char ciphertext[KERNELDUMP_CIPHERTEXT_SIZE];
uint32_t parity;
};
@@ -106,18 +106,14 @@
}
struct kerneldumpkey {
- char encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE];
- char tweak[KERNELDUMP_TWEAK_SIZE];
- struct xts_ctx data_ctx;
- struct xts_ctx tweak_ctx;
+ char ciphertext[KERNELDUMP_CIPHERTEXT_SIZE];
+ keyInstance ki;
+ cipherInstance ci;
};
#ifdef _KERNEL
struct kerneldumpbuffer {
#define KERNELDUMP_DEVBLK_SIZE 512
-#define KERNELDUMP_SECTOR_SIZE 4096
-#define KERNELDUMP_DEVBLK_BLKS (KERNELDUMP_DEVBLK_SIZE/XTS_BLK_BYTES)
-#define KERNELDUMP_SECTOR_BLKS (KERNELDUMP_SECTOR_SIZE/KERNELDUMP_DEVBLK_SIZE)
uint8_t buf[KERNELDUMP_DEVBLK_SIZE]; /* Raw data buffer. */
off_t kdhoffset; /* Offset value of the first kdh. */
};
More information about the svn-soc-all
mailing list