svn commit: r359945 - in head: lib/geom/eli sys/geom/eli

John Baldwin jhb at FreeBSD.org
Wed Apr 15 00:14:52 UTC 2020


Author: jhb
Date: Wed Apr 15 00:14:50 2020
New Revision: 359945
URL: https://svnweb.freebsd.org/changeset/base/359945

Log:
  Remove support for geli(4) algorithms deprecated in r348206.
  
  This removes support for reading and writing volumes using the
  following algorithms:
  
  - Triple DES
  - Blowfish
  - MD5 HMAC integrity
  
  In addition, this commit adds an explicit whitelist of supported
  algorithms to give a better error message when an invalid or
  unsupported algorithm is used by an existing volume.
  
  Reviewed by:	cem
  Sponsored by:	Chelsio Communications
  Differential Revision:	https://reviews.freebsd.org/D24343

Modified:
  head/lib/geom/eli/geli.8
  head/lib/geom/eli/geom_eli.c
  head/sys/geom/eli/g_eli.c
  head/sys/geom/eli/g_eli.h
  head/sys/geom/eli/g_eli_crypto.c
  head/sys/geom/eli/g_eli_ctl.c

Modified: head/lib/geom/eli/geli.8
==============================================================================
--- head/lib/geom/eli/geli.8	Tue Apr 14 23:36:03 2020	(r359944)
+++ head/lib/geom/eli/geli.8	Wed Apr 15 00:14:50 2020	(r359945)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 19, 2020
+.Dd April 14, 2020
 .Dt GELI 8
 .Os
 .Sh NAME
@@ -172,14 +172,11 @@ will make use of it automatically.
 Supports many cryptographic algorithms (currently
 .Nm AES-XTS ,
 .Nm AES-CBC ,
-.Nm Blowfish-CBC ,
-.Nm Camellia-CBC
 and
-.Nm 3DES-CBC ) .
+.Nm Camellia-CBC ) .
 .It
 Can optionally perform data authentication (integrity verification) utilizing
 one of the following algorithms:
-.Nm HMAC/MD5 ,
 .Nm HMAC/SHA1 ,
 .Nm HMAC/RIPEMD160 ,
 .Nm HMAC/SHA256 ,
@@ -259,7 +256,6 @@ For example, when using 4096 bytes sector and
 .Nm HMAC/SHA256
 algorithm, 89% of the original provider storage will be available for use.
 Currently supported algorithms are:
-.Nm HMAC/MD5 ,
 .Nm HMAC/SHA1 ,
 .Nm HMAC/RIPEMD160 ,
 .Nm HMAC/SHA256 ,
@@ -303,9 +299,7 @@ Encryption algorithm to use.
 Currently supported algorithms are:
 .Nm AES-XTS ,
 .Nm AES-CBC ,
-.Nm Blowfish-CBC ,
 .Nm Camellia-CBC ,
-.Nm 3DES-CBC ,
 and
 .Nm NULL .
 The default and recommended algorithm is
@@ -359,11 +353,6 @@ key length.
 .Em 128 ,
 192,
 256
-.It Nm Blowfish-CBC
-.Em 128
-+ n * 32, for n=[0..10]
-.It Nm 3DES-CBC
-.Em 192
 .El
 .It Fl P
 Do not use a passphrase as a component of the User Key.
@@ -901,18 +890,6 @@ specified in
 .El
 .Sh EXIT STATUS
 Exit status is 0 on success, and 1 if the command fails.
-.Sh DEPRECATION NOTICE
-Support for the
-.Nm Blowfish-CBC
-and
-.Nm 3DES-CBC
-cryptographic algorithms and
-.Nm HMAC/MD5
-authentication algorithm will be removed in
-.Fx 13.0 .
-New volumes cannot be created using these algorithms.
-Existing volumes should be migrated to a new volume that uses
-non-deprecated algorithms.
 .Sh EXAMPLES
 Initialize a provider which is going to be encrypted with a
 passphrase and random data from a file on the user's pen drive.
@@ -967,7 +944,7 @@ Reenter new passphrase:
 Encrypted swap partition setup:
 .Bd -literal -offset indent
 # dd if=/dev/random of=/dev/ada0s1b bs=1m
-# geli onetime -d -e 3des ada0s1b
+# geli onetime -d ada0s1b
 # swapon /dev/ada0s1b.eli
 .Ed
 .Pp

Modified: head/lib/geom/eli/geom_eli.c
==============================================================================
--- head/lib/geom/eli/geom_eli.c	Tue Apr 14 23:36:03 2020	(r359944)
+++ head/lib/geom/eli/geom_eli.c	Wed Apr 15 00:14:50 2020	(r359945)
@@ -805,22 +805,6 @@ eli_init(struct gctl_req *req)
 			return;
 		}
 	}
-	if (md.md_flags & G_ELI_FLAG_AUTH) {
-		switch (md.md_aalgo) {
-		case CRYPTO_MD5_HMAC:
-			gctl_error(req,
-			    "The %s authentication algorithm is deprecated.",
-			    g_eli_algo2str(md.md_aalgo));
-			return;
-		}
-	}
-	switch (md.md_ealgo) {
-	case CRYPTO_3DES_CBC:
-	case CRYPTO_BLF_CBC:
-		gctl_error(req, "The %s encryption algorithm is deprecated.",
-		    g_eli_algo2str(md.md_ealgo));
-		return;
-	}
 	val = gctl_get_intmax(req, "keylen");
 	md.md_keylen = val;
 	md.md_keylen = g_eli_keylen(md.md_ealgo, md.md_keylen);

Modified: head/sys/geom/eli/g_eli.c
==============================================================================
--- head/sys/geom/eli/g_eli.c	Tue Apr 14 23:36:03 2020	(r359944)
+++ head/sys/geom/eli/g_eli.c	Wed Apr 15 00:14:50 2020	(r359945)
@@ -847,6 +847,8 @@ g_eli_create(struct gctl_req *req, struct g_class *mp,
 	int dcw, error;
 
 	G_ELI_DEBUG(1, "Creating device %s%s.", bpp->name, G_ELI_SUFFIX);
+	KASSERT(eli_metadata_crypto_supported(md),
+	    ("%s: unsupported crypto for %s", __func__, bpp->name));
 
 	gp = g_new_geomf(mp, "%s%s", bpp->name, G_ELI_SUFFIX);
 	sc = malloc(sizeof(*sc), M_ELI, M_WAITOK | M_ZERO);
@@ -975,25 +977,8 @@ g_eli_create(struct gctl_req *req, struct g_class *mp,
 	G_ELI_DEBUG(0, "Device %s created.", pp->name);
 	G_ELI_DEBUG(0, "Encryption: %s %u", g_eli_algo2str(sc->sc_ealgo),
 	    sc->sc_ekeylen);
-	switch (sc->sc_ealgo) {
-	case CRYPTO_3DES_CBC:
-		gone_in(13,
-		    "support for GEOM_ELI volumes encrypted with 3des");
-		break;
-	case CRYPTO_BLF_CBC:
-		gone_in(13,
-		    "support for GEOM_ELI volumes encrypted with blowfish");
-		break;
-	}
-	if (sc->sc_flags & G_ELI_FLAG_AUTH) {
+	if (sc->sc_flags & G_ELI_FLAG_AUTH)
 		G_ELI_DEBUG(0, " Integrity: %s", g_eli_algo2str(sc->sc_aalgo));
-		switch (sc->sc_aalgo) {
-		case CRYPTO_MD5_HMAC:
-			gone_in(13,
-		    "support for GEOM_ELI volumes authenticated with hmac/md5");
-			break;
-		}
-	}
 	G_ELI_DEBUG(0, "    Crypto: %s",
 	    sc->sc_crypto == G_ELI_CRYPTO_SW ? "software" : "hardware");
 	return (gp);
@@ -1188,6 +1173,11 @@ g_eli_taste(struct g_class *mp, struct g_provider *pp,
 		return (NULL);
 	if (md.md_keys == 0x00) {
 		G_ELI_DEBUG(0, "No valid keys on %s.", pp->name);
+		return (NULL);
+	}
+	if (!eli_metadata_crypto_supported(&md)) {
+		G_ELI_DEBUG(0, "%s uses invalid or unsupported algorithms\n",
+		    pp->name);
 		return (NULL);
 	}
 	if (md.md_iterations == -1) {

Modified: head/sys/geom/eli/g_eli.h
==============================================================================
--- head/sys/geom/eli/g_eli.h	Tue Apr 14 23:36:03 2020	(r359944)
+++ head/sys/geom/eli/g_eli.h	Wed Apr 15 00:14:50 2020	(r359945)
@@ -417,18 +417,10 @@ g_eli_str2ealgo(const char *name)
 		return (CRYPTO_AES_CBC);
 	else if (strcasecmp("aes-xts", name) == 0)
 		return (CRYPTO_AES_XTS);
-	else if (strcasecmp("blowfish", name) == 0)
-		return (CRYPTO_BLF_CBC);
-	else if (strcasecmp("blowfish-cbc", name) == 0)
-		return (CRYPTO_BLF_CBC);
 	else if (strcasecmp("camellia", name) == 0)
 		return (CRYPTO_CAMELLIA_CBC);
 	else if (strcasecmp("camellia-cbc", name) == 0)
 		return (CRYPTO_CAMELLIA_CBC);
-	else if (strcasecmp("3des", name) == 0)
-		return (CRYPTO_3DES_CBC);
-	else if (strcasecmp("3des-cbc", name) == 0)
-		return (CRYPTO_3DES_CBC);
 	return (CRYPTO_ALGORITHM_MIN - 1);
 }
 
@@ -436,9 +428,7 @@ static __inline u_int
 g_eli_str2aalgo(const char *name)
 {
 
-	if (strcasecmp("hmac/md5", name) == 0)
-		return (CRYPTO_MD5_HMAC);
-	else if (strcasecmp("hmac/sha1", name) == 0)
+	if (strcasecmp("hmac/sha1", name) == 0)
 		return (CRYPTO_SHA1_HMAC);
 	else if (strcasecmp("hmac/ripemd160", name) == 0)
 		return (CRYPTO_RIPEMD160_HMAC);
@@ -462,14 +452,8 @@ g_eli_algo2str(u_int algo)
 		return ("AES-CBC");
 	case CRYPTO_AES_XTS:
 		return ("AES-XTS");
-	case CRYPTO_BLF_CBC:
-		return ("Blowfish-CBC");
 	case CRYPTO_CAMELLIA_CBC:
 		return ("CAMELLIA-CBC");
-	case CRYPTO_3DES_CBC:
-		return ("3DES-CBC");
-	case CRYPTO_MD5_HMAC:
-		return ("HMAC/MD5");
 	case CRYPTO_SHA1_HMAC:
 		return ("HMAC/SHA1");
 	case CRYPTO_RIPEMD160_HMAC:
@@ -522,6 +506,36 @@ eli_metadata_dump(const struct g_eli_metadata *md)
 	printf("  MD5 hash: %s\n", str);
 }
 
+#ifdef _KERNEL
+static bool
+eli_metadata_crypto_supported(const struct g_eli_metadata *md)
+{
+
+	switch (md->md_ealgo) {
+	case CRYPTO_NULL_CBC:
+	case CRYPTO_AES_CBC:
+	case CRYPTO_CAMELLIA_CBC:
+	case CRYPTO_AES_XTS:
+		break;
+	default:
+		return (false);
+	}
+	if (md->md_flags & G_ELI_FLAG_AUTH) {
+		switch (md->md_aalgo) {
+		case CRYPTO_SHA1_HMAC:
+		case CRYPTO_RIPEMD160_HMAC:
+		case CRYPTO_SHA2_256_HMAC:
+		case CRYPTO_SHA2_384_HMAC:
+		case CRYPTO_SHA2_512_HMAC:
+			break;
+		default:
+			return (false);
+		}
+	}
+	return (true);
+}
+#endif
+
 static __inline u_int
 g_eli_keylen(u_int algo, u_int keylen)
 {
@@ -557,18 +571,6 @@ g_eli_keylen(u_int algo, u_int keylen)
 		default:
 			return (0);
 		}
-	case CRYPTO_BLF_CBC:
-		if (keylen == 0)
-			return (128);
-		if (keylen < 128 || keylen > 448)
-			return (0);
-		if ((keylen % 32) != 0)
-			return (0);
-		return (keylen);
-	case CRYPTO_3DES_CBC:
-		if (keylen == 0 || keylen == 192)
-			return (192);
-		return (0);
 	default:
 		return (0);
 	}
@@ -583,12 +585,8 @@ g_eli_ivlen(u_int algo)
 		return (AES_XTS_IV_LEN);
 	case CRYPTO_AES_CBC:
 		return (AES_BLOCK_LEN);
-	case CRYPTO_BLF_CBC:
-		return (BLOWFISH_BLOCK_LEN);
 	case CRYPTO_CAMELLIA_CBC:
 		return (CAMELLIA_BLOCK_LEN);
-	case CRYPTO_3DES_CBC:
-		return (DES3_BLOCK_LEN);
 	}
 	return (0);
 }
@@ -598,8 +596,6 @@ g_eli_hashlen(u_int algo)
 {
 
 	switch (algo) {
-	case CRYPTO_MD5_HMAC:
-		return (16);
 	case CRYPTO_SHA1_HMAC:
 		return (20);
 	case CRYPTO_RIPEMD160_HMAC:

Modified: head/sys/geom/eli/g_eli_crypto.c
==============================================================================
--- head/sys/geom/eli/g_eli_crypto.c	Tue Apr 14 23:36:03 2020	(r359944)
+++ head/sys/geom/eli/g_eli_crypto.c	Wed Apr 15 00:14:50 2020	(r359945)
@@ -138,9 +138,6 @@ g_eli_crypto_cipher(u_int algo, int enc, u_char *data,
 			return (EINVAL);
 		}
 		break;
-	case CRYPTO_BLF_CBC:
-		type = EVP_bf_cbc();
-		break;
 #ifndef OPENSSL_NO_CAMELLIA
 	case CRYPTO_CAMELLIA_CBC:
 		switch (keysize) {
@@ -158,9 +155,6 @@ g_eli_crypto_cipher(u_int algo, int enc, u_char *data,
 		}
 		break;
 #endif
-	case CRYPTO_3DES_CBC:
-		type = EVP_des_ede3_cbc();
-		break;
 	default:
 		return (EINVAL);
 	}

Modified: head/sys/geom/eli/g_eli_ctl.c
==============================================================================
--- head/sys/geom/eli/g_eli_ctl.c	Tue Apr 14 23:36:03 2020	(r359944)
+++ head/sys/geom/eli/g_eli_ctl.c	Wed Apr 15 00:14:50 2020	(r359945)
@@ -138,6 +138,11 @@ g_eli_ctl_attach(struct gctl_req *req, struct g_class 
 		gctl_error(req, "No valid keys on %s.", pp->name);
 		return;
 	}
+	if (!eli_metadata_crypto_supported(&md)) {
+		explicit_bzero(&md, sizeof(md));
+		gctl_error(req, "Invalid or unsupported algorithms.");
+		return;
+	}
 
 	key = gctl_get_param(req, "key", &keysize);
 	if (key == NULL || keysize != G_ELI_USERKEYLEN) {


More information about the svn-src-all mailing list