svn commit: r238116 - head/sys/geom/eli

Wed Jul 4 17:54:18 UTC 2012

Author: pjd
Date: Wed Jul  4 17:54:17 2012
New Revision: 238116
URL: http://svn.freebsd.org/changeset/base/238116

Log:
  Use correct part of the Master-Key for generating encryption keys.
  Before this change the IV-Key was used to generate encryption keys,
  which was incorrect, but safe - for the XTS mode this key was unused
  anyway and for CBC mode it was used differently to generate IV
  vectors, so there is no risk that IV vector collides with encryption
  key somehow.
  
  Bump version number and keep compatibility for older versions.
  
  MFC after:	2 weeks

Modified:
  head/sys/geom/eli/g_eli.c
  head/sys/geom/eli/g_eli.h
  head/sys/geom/eli/g_eli_ctl.c
  head/sys/geom/eli/g_eli_key_cache.c

Modified: head/sys/geom/eli/g_eli.c
==============================================================================

--- head/sys/geom/eli/g_eli.c	Wed Jul  4 17:44:39 2012	(r238115)
+++ head/sys/geom/eli/g_eli.c	Wed Jul  4 17:54:17 2012	(r238116)
@@ -726,6 +726,8 @@ g_eli_create(struct gctl_req *req, struc
 	    (sc->sc_flags & G_ELI_FLAG_AUTH) != 0) {
 		sc->sc_flags |= G_ELI_FLAG_FIRST_KEY;
 	}
+	if (md->md_version < G_ELI_VERSION_07)
+		sc->sc_flags |= G_ELI_FLAG_ENC_IVKEY;
 	sc->sc_ealgo = md->md_ealgo;
 	sc->sc_nkey = nkey;
 

Modified: head/sys/geom/eli/g_eli.h
==============================================================================
--- head/sys/geom/eli/g_eli.h	Wed Jul  4 17:44:39 2012	(r238115)
+++ head/sys/geom/eli/g_eli.h	Wed Jul  4 17:54:17 2012	(r238116)
@@ -68,6 +68,8 @@
  * 5 - Added multiple encrypton keys and AES-XTS support.
  * 6 - Fixed usage of multiple keys for authenticated providers (the
  *     G_ELI_FLAG_FIRST_KEY flag will be set for older versions).
+ * 7 - Encryption keys are now generated from the Data Key and not from the
+ *     IV Key (the G_ELI_FLAG_ENC_IVKEY flag will be set for older versions).
  */
 #define	G_ELI_VERSION_00	0
 #define	G_ELI_VERSION_01	1
@@ -76,7 +78,8 @@
 #define	G_ELI_VERSION_04	4
 #define	G_ELI_VERSION_05	5
 #define	G_ELI_VERSION_06	6
-#define	G_ELI_VERSION		G_ELI_VERSION_06
+#define	G_ELI_VERSION_07	7
+#define	G_ELI_VERSION		G_ELI_VERSION_07
 
 /* ON DISK FLAGS. */
 /* Use random, onetime keys. */
@@ -104,6 +107,8 @@
 #define	G_ELI_FLAG_SUSPEND		0x00100000
 /* Provider uses first encryption key. */
 #define	G_ELI_FLAG_FIRST_KEY		0x00200000
+/* Provider uses IV-Key for encryption key generation. */
+#define	G_ELI_FLAG_ENC_IVKEY		0x00400000
 
 #define	G_ELI_NEW_BIO	255
 
@@ -237,7 +242,7 @@ eli_metadata_encode_v0(struct g_eli_meta
 	*datap = p;
 }
 static __inline void
-eli_metadata_encode_v1v2v3v4v5v6(struct g_eli_metadata *md, u_char **datap)
+eli_metadata_encode_v1v2v3v4v5v6v7(struct g_eli_metadata *md, u_char **datap)
 {
 	u_char *p;
 
@@ -275,7 +280,8 @@ eli_metadata_encode(struct g_eli_metadat
 	case G_ELI_VERSION_04:
 	case G_ELI_VERSION_05:
 	case G_ELI_VERSION_06:
-		eli_metadata_encode_v1v2v3v4v5v6(md, &p);
+	case G_ELI_VERSION_07:
+		eli_metadata_encode_v1v2v3v4v5v6v7(md, &p);
 		break;
 	default:
 #ifdef _KERNEL
@@ -315,7 +321,7 @@ eli_metadata_decode_v0(const u_char *dat
 }
 
 static __inline int
-eli_metadata_decode_v1v2v3v4v5v6(const u_char *data, struct g_eli_metadata *md)
+eli_metadata_decode_v1v2v3v4v5v6v7(const u_char *data, struct g_eli_metadata *md)
 {
 	MD5_CTX ctx;
 	const u_char *p;
@@ -357,7 +363,8 @@ eli_metadata_decode(const u_char *data, 
 	case G_ELI_VERSION_04:
 	case G_ELI_VERSION_05:
 	case G_ELI_VERSION_06:
-		error = eli_metadata_decode_v1v2v3v4v5v6(data, md);
+	case G_ELI_VERSION_07:
+		error = eli_metadata_decode_v1v2v3v4v5v6v7(data, md);
 		break;
 	default:
 		error = EOPNOTSUPP;

Modified: head/sys/geom/eli/g_eli_ctl.c
==============================================================================
--- head/sys/geom/eli/g_eli_ctl.c	Wed Jul  4 17:44:39 2012	(r238115)
+++ head/sys/geom/eli/g_eli_ctl.c	Wed Jul  4 17:54:17 2012	(r238116)
@@ -1020,6 +1020,12 @@ g_eli_config(struct gctl_req *req, struc
 			/* Compatible. */
 			break;
 		}
+		if (G_ELI_VERSION == G_ELI_VERSION_07 &&
+		    (*version == G_ELI_VERSION_05 ||
+		     *version == G_ELI_VERSION_06)) {
+			/* Compatible. */
+			break;
+		}
 		gctl_error(req, "Userland and kernel parts are out of sync.");
 		return;
 	}

Modified: head/sys/geom/eli/g_eli_key_cache.c
==============================================================================
--- head/sys/geom/eli/g_eli_key_cache.c	Wed Jul  4 17:44:39 2012	(r238115)
+++ head/sys/geom/eli/g_eli_key_cache.c	Wed Jul  4 17:54:17 2012	(r238116)
@@ -91,14 +91,20 @@ RB_GENERATE(g_eli_key_tree, g_eli_key, g
 static void
 g_eli_key_fill(struct g_eli_softc *sc, struct g_eli_key *key, uint64_t keyno)
 {
+	const uint8_t *ekey;
 	struct {
 		char magic[4];
 		uint8_t keyno[8];
 	} __packed hmacdata;
 
+	if ((sc->sc_flags & G_ELI_FLAG_ENC_IVKEY) != 0)
+		ekey = sc->sc_mkey;
+	else
+		ekey = sc->sc_ekey;
+
 	bcopy("ekey", hmacdata.magic, 4);
 	le64enc(hmacdata.keyno, keyno);
-	g_eli_crypto_hmac(sc->sc_mkey, G_ELI_MAXKEYLEN, (uint8_t *)&hmacdata,
+	g_eli_crypto_hmac(ekey, G_ELI_MAXKEYLEN, (uint8_t *)&hmacdata,
 	    sizeof(hmacdata), key->gek_key, 0);
 	key->gek_keyno = keyno;
 	key->gek_count = 0;
