socsvn commit: r293097 - soc2013/def/crashdump-head/sbin/decryptcore
def at FreeBSD.org
def at FreeBSD.org
Mon Oct 26 20:36:42 UTC 2015
Author: def
Date: Mon Oct 26 20:36:41 2015
New Revision: 293097
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=293097
Log:
Decode kernel dump key.
Modified:
soc2013/def/crashdump-head/sbin/decryptcore/decryptcore.c
Modified: soc2013/def/crashdump-head/sbin/decryptcore/decryptcore.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/decryptcore/decryptcore.c Mon Oct 26 20:36:08 2015 (r293096)
+++ soc2013/def/crashdump-head/sbin/decryptcore/decryptcore.c Mon Oct 26 20:36:41 2015 (r293097)
@@ -1,4 +1,5 @@
#include <sys/capsicum.h>
+#include <sys/endian.h>
#include <sys/types.h>
#include <sys/event.h>
#include <sys/kerneldump.h>
@@ -41,6 +42,67 @@
return (1);
}
+static struct kerneldumpkey *
+read_key(int kfd)
+{
+ uint8_t *buf, *p;
+ struct kerneldumpkey *kdk;
+ ssize_t size;
+ size_t kdksize, bytes;
+
+ PJDLOG_ASSERT(kfd >= 0);
+
+ buf = NULL;
+ kdk = NULL;
+
+ kdksize = sizeof(*kdk);
+ kdk = calloc(1, kdksize);
+ if (kdk == NULL) {
+ pjdlog_errno(LOG_ERR, "Unable to allocate kernel dump key");
+ goto failed;
+ }
+
+ bytes = sizeof(kdk->kdk_algorithm) + sizeof(kdk->kdk_iv) +
+ sizeof(kdk->kdk_encryptedkeysize);
+ buf = calloc(1, bytes);
+ if (buf == NULL) {
+ pjdlog_errno(LOG_ERR, "Unable to allocate buffer");
+ goto failed;
+ }
+
+ size = read(kfd, buf, bytes);
+ if (size == (ssize_t)bytes) {
+ p = buf;
+ kdk->kdk_algorithm = *p;
+ p += sizeof(kdk->kdk_algorithm);
+ bcopy(p, kdk->kdk_iv, sizeof(kdk->kdk_iv));
+ p += sizeof(kdk->kdk_iv);
+ kdk->kdk_encryptedkeysize = le32dec(p);
+ p += sizeof(kdk->kdk_encryptedkeysize);
+
+ kdksize += (size_t)kdk->kdk_encryptedkeysize;
+ kdk = realloc(kdk, kdksize);
+ if (kdk == NULL) {
+ pjdlog_errno(LOG_ERR, "Unable to reallocate kernel dump key");
+ goto failed;
+ }
+ bytes += (size_t)kdk->kdk_encryptedkeysize;
+ size += read(kfd, &kdk->kdk_encryptedkey,
+ kdk->kdk_encryptedkeysize);
+ }
+ if (size != (ssize_t)bytes) {
+ pjdlog_errno(LOG_ERR, "Unable to read key");
+ goto failed;
+ }
+
+ free(buf);
+ return (kdk);
+failed:
+ free(buf);
+ free(kdk);
+ return (NULL);
+}
+
static bool
decrypt(const char *privkeyfile, const char *keyfile, const char *input,
const char *output)
@@ -50,9 +112,9 @@
FILE *fp;
struct kerneldumpkey *kdk;
RSA *privkey;
- int error, ifd, kfd, ofd, olen, privkeysize;
- ssize_t bytes, size;
- size_t bufused, kdksize;
+ int ifd, kfd, ofd, olen, privkeysize;
+ ssize_t bytes;
+ size_t bufused;
pid_t pid;
PJDLOG_ASSERT(privkeyfile != NULL);
@@ -110,32 +172,11 @@
}
EVP_CIPHER_CTX_init(&ctx);
- kdksize = sizeof(*kdk);
- kdk = calloc(1, kdksize);
- if (kdk == NULL) {
- pjdlog_errno(LOG_ERR, "Unable to allocate kernel dump key");
- goto failed;
- }
-
- size = read(kfd, kdk, kdksize);
- if (size == (ssize_t)kdksize) {
- kdksize += (size_t)kdk->kdk_encryptedkeysize;
- kdk = realloc(kdk, kdksize);
- if (kdk == NULL) {
- pjdlog_errno(LOG_ERR, "Unable to reallocate kernel dump key");
- goto failed;
- }
- size += read(kfd, &kdk->kdk_encryptedkey,
- kdk->kdk_encryptedkeysize);
- }
- error = errno;
+ kdk = read_key(kfd);
close(kfd);
kfd = -1;
- if (size != (ssize_t)kdksize) {
- errno = error;
- pjdlog_errno(LOG_ERR, "Unable to read data from %s", keyfile);
+ if (kdk == NULL)
goto failed;
- }
privkey = PEM_read_RSAPrivateKey(fp, &privkey, NULL, NULL);
fclose(fp);
@@ -151,8 +192,9 @@
8 * privkeysize, 8 * kdk->kdk_encryptedkeysize);
goto failed;
}
- if (RSA_private_decrypt(kdk->kdk_encryptedkeysize, kdk->kdk_encryptedkey,
- key, privkey, RSA_PKCS1_PADDING) != sizeof(key)) {
+ if (RSA_private_decrypt(kdk->kdk_encryptedkeysize,
+ kdk->kdk_encryptedkey, key, privkey,
+ RSA_PKCS1_PADDING) != sizeof(key)) {
pjdlog_error("Unable to decrypt key. %s",
ERR_error_string(ERR_get_error(), NULL));
goto failed;
More information about the svn-soc-all
mailing list