socsvn commit: r257632 - in soc2013/def/crashdump-head: sbin/dumpkey sbin/savecore sys/kern sys/sys

def at FreeBSD.org def at FreeBSD.org
Mon Sep 23 01:01:30 UTC 2013


Author: def
Date: Mon Sep 23 01:01:29 2013
New Revision: 257632
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257632

Log:
  Include a tweak in an encrypted key.

Modified:
  soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c
  soc2013/def/crashdump-head/sbin/savecore/decryptfile.c
  soc2013/def/crashdump-head/sbin/savecore/decryptfile.h
  soc2013/def/crashdump-head/sys/kern/kern_shutdown.c
  soc2013/def/crashdump-head/sys/sys/kerneldump.h

Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c	Mon Sep 23 00:16:19 2013	(r257631)
+++ soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c	Mon Sep 23 01:01:29 2013	(r257632)
@@ -71,7 +71,10 @@
 	if (public_key == NULL)
 		return (-1);
 
-	if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE, plainkey, key->encrypted_key, public_key, RSA_PKCS1_PADDING) == -1)
+	memcpy(plainkey + KERNELDUMP_KEY_SIZE, key->tweak, KERNELDUMP_TWEAK_SIZE);
+
+	if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE, plainkey,
+		key->encrypted_key, public_key, RSA_PKCS1_PADDING) == -1)
 		return (-1);
 
 	key->keysize = RSA_size(public_key);
@@ -112,7 +115,7 @@
 main(int argc, char **argv)
 {
 	struct kerneldumpkey key;
-	char *public_key_file, buf[KERNELDUMP_KEY_SIZE];
+	char *public_key_file, buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE];
 	int ch, error;
 	RSA *public_key;
 
@@ -147,20 +150,20 @@
 		goto out;
 	}
 
-	if (expand_key(buf, &key.data_ctx, &key.tweak_ctx)) {
-		printf("Error: cannot expand a symmetric key.");
+	if (random_data(key.tweak, KERNELDUMP_TWEAK_SIZE)) {
+		printf("Error: cannot generate a tweak.\n");
 		error = 1;
 		goto out;
 	}
 
-	if (encrypt_key(buf, &key, public_key, public_key_file)) {
-		printf("Error: cannot encrypt a symmetric key.\n");
+	if (expand_key(buf, &key.data_ctx, &key.tweak_ctx)) {
+		printf("Error: cannot expand a symmetric key.");
 		error = 1;
 		goto out;
 	}
 
-	if (random_data(key.tweak, KERNELDUMP_TWEAK_SIZE)) {
-		printf("Error: cannot generate a tweak.\n");
+	if (encrypt_key(buf, &key, public_key, public_key_file)) {
+		printf("Error: cannot encrypt a symmetric key.\n");
 		error = 1;
 		goto out;
 	}

Modified: soc2013/def/crashdump-head/sbin/savecore/decryptfile.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/decryptfile.c	Mon Sep 23 00:16:19 2013	(r257631)
+++ soc2013/def/crashdump-head/sbin/savecore/decryptfile.c	Mon Sep 23 01:01:29 2013	(r257632)
@@ -148,7 +148,6 @@
 
 	fd->keysize = h->keysize;
 	memcpy(fd->encrypted_key, h->encrypted_key, KERNELDUMP_ENCRYPTED_KEY_SIZE);
-	memcpy(fd->tweak, h->tweak, KERNELDUMP_TWEAK_SIZE);
 	bzero(&fd->tweak_ctx, sizeof(fd->tweak_ctx));
 	bzero(&fd->data_ctx, sizeof(fd->data_ctx));
 	bzero(key, KERNELDUMP_KEY_SIZE);

Modified: soc2013/def/crashdump-head/sbin/savecore/decryptfile.h
==============================================================================
--- soc2013/def/crashdump-head/sbin/savecore/decryptfile.h	Mon Sep 23 00:16:19 2013	(r257631)
+++ soc2013/def/crashdump-head/sbin/savecore/decryptfile.h	Mon Sep 23 01:01:29 2013	(r257632)
@@ -8,8 +8,8 @@
 	FILE		*fp;
 	int		keysize;
 	char		key[KERNELDUMP_KEY_SIZE];
-	char		encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE];
 	char		tweak[KERNELDUMP_TWEAK_SIZE];
+	char		encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE];
 	struct xts_ctx	tweak_ctx;
 	struct xts_ctx	data_ctx;
 	off_t		offset;

Modified: soc2013/def/crashdump-head/sys/kern/kern_shutdown.c
==============================================================================
--- soc2013/def/crashdump-head/sys/kern/kern_shutdown.c	Mon Sep 23 00:16:19 2013	(r257631)
+++ soc2013/def/crashdump-head/sys/kern/kern_shutdown.c	Mon Sep 23 01:01:29 2013	(r257632)
@@ -972,6 +972,5 @@
 		strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring));
 	kdh->keysize = dumper.kdk->keysize;
 	memcpy(kdh->encrypted_key, dumper.kdk->encrypted_key, KERNELDUMP_ENCRYPTED_KEY_SIZE);
-	memcpy(kdh->tweak, dumper.kdk->tweak, KERNELDUMP_TWEAK_SIZE);
 	kdh->parity = kerneldump_parity(kdh);
 }

Modified: soc2013/def/crashdump-head/sys/sys/kerneldump.h
==============================================================================
--- soc2013/def/crashdump-head/sys/sys/kerneldump.h	Mon Sep 23 00:16:19 2013	(r257631)
+++ soc2013/def/crashdump-head/sys/sys/kerneldump.h	Mon Sep 23 01:01:29 2013	(r257632)
@@ -83,11 +83,10 @@
 	uint64_t	dumptime;
 	uint32_t	blocksize;
 	char		hostname[64];
-	char		versionstring[58];
-	char		panicstring[58];
+	char		versionstring[62];
+	char		panicstring[62];
 	int		keysize;
 	char		encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE];
-	char		tweak[KERNELDUMP_TWEAK_SIZE];
 	uint32_t	parity;
 };
 


More information about the svn-soc-all mailing list