svn commit: r348206 - in head: lib/geom/eli sys/geom/eli

John Baldwin jhb at FreeBSD.org
Thu May 23 22:31:57 UTC 2019


Author: jhb
Date: Thu May 23 22:31:55 2019
New Revision: 348206
URL: https://svnweb.freebsd.org/changeset/base/348206

Log:
  Add deprecation warnings for weaker algorithms to geli(4).
  
  - Triple DES has been formally deprecated in Kerberos (RFC 8429)
    and is soon to be deprecated in IPsec (RFC 8221).
  - Blowfish is deprecated.  FreeBSD doesn't support its successor
    (Twofish).
  - MD5 is generally considered a weak digest that has known attacks.
  
  geli refuses to create new volumes using these algorithms via 'geli
  init'.  It also warns when attaching to existing volumes or creating
  temporary volumes via 'geli onetime' .  The plan is to fully remove
  support for these algorithms in FreeBSD 13.
  
  Note that none of these algorithms have ever been the default
  algorithm used by geli(8).  Users would have had to explicitly select
  these algorithms when creating volumes in the past.
  
  Reviewed by:	cem, delphij
  MFC after:	3 days
  Relnotes:	yes
  Sponsored by:	Chelsio Communications
  Differential Revision:	https://reviews.freebsd.org/D20344

Modified:
  head/lib/geom/eli/geli.8
  head/lib/geom/eli/geom_eli.c
  head/sys/geom/eli/g_eli.c

Modified: head/lib/geom/eli/geli.8
==============================================================================
--- head/lib/geom/eli/geli.8	Thu May 23 22:06:57 2019	(r348205)
+++ head/lib/geom/eli/geli.8	Thu May 23 22:31:55 2019	(r348206)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd April 3, 2019
+.Dd May 23, 2019
 .Dt GELI 8
 .Os
 .Sh NAME
@@ -901,6 +901,18 @@ specified in
 .El
 .Sh EXIT STATUS
 Exit status is 0 on success, and 1 if the command fails.
+.Sh DEPRECATION NOTICE
+Support for the
+.Nm Blowfish-CBC
+and
+.Nm 3DES-CBC
+cryptographic algorithms and
+.Nm HMAC/MD5
+authentication algorithm will be removed in
+.Fx 13.0 .
+New volumes cannot be created using these algorithms.
+Existing volumes should be migrated to a new volume that uses
+non-deprecated algorithms.
 .Sh EXAMPLES
 Initialize a provider which is going to be encrypted with a
 passphrase and random data from a file on the user's pen drive.
@@ -1134,7 +1146,7 @@ utility appeared in
 .Fx 6.0 .
 Support for the
 .Nm Camellia
-block cipher is implemented by Yoshisato Yanagisawa in
+block cipher was implemented by Yoshisato Yanagisawa in
 .Fx 7.0 .
 .Pp
 Highest

Modified: head/lib/geom/eli/geom_eli.c
==============================================================================
--- head/lib/geom/eli/geom_eli.c	Thu May 23 22:06:57 2019	(r348205)
+++ head/lib/geom/eli/geom_eli.c	Thu May 23 22:31:55 2019	(r348206)
@@ -805,6 +805,22 @@ eli_init(struct gctl_req *req)
 			return;
 		}
 	}
+	if (md.md_flags & G_ELI_FLAG_AUTH) {
+		switch (md.md_aalgo) {
+		case CRYPTO_MD5_HMAC:
+			gctl_error(req,
+			    "The %s authentication algorithm is deprecated.",
+			    g_eli_algo2str(md.md_aalgo));
+			return;
+		}
+	}
+	switch (md.md_ealgo) {
+	case CRYPTO_3DES_CBC:
+	case CRYPTO_BLF_CBC:
+		gctl_error(req, "The %s encryption algorithm is deprecated.",
+		    g_eli_algo2str(md.md_aalgo));
+		return;
+	}
 	val = gctl_get_intmax(req, "keylen");
 	md.md_keylen = val;
 	md.md_keylen = g_eli_keylen(md.md_ealgo, md.md_keylen);

Modified: head/sys/geom/eli/g_eli.c
==============================================================================
--- head/sys/geom/eli/g_eli.c	Thu May 23 22:06:57 2019	(r348205)
+++ head/sys/geom/eli/g_eli.c	Thu May 23 22:31:55 2019	(r348206)
@@ -960,8 +960,25 @@ g_eli_create(struct gctl_req *req, struct g_class *mp,
 	G_ELI_DEBUG(0, "Device %s created.", pp->name);
 	G_ELI_DEBUG(0, "Encryption: %s %u", g_eli_algo2str(sc->sc_ealgo),
 	    sc->sc_ekeylen);
-	if (sc->sc_flags & G_ELI_FLAG_AUTH)
+	switch (sc->sc_ealgo) {
+	case CRYPTO_3DES_CBC:
+		gone_in(13,
+		    "support for GEOM_ELI volumes encrypted with 3des");
+		break;
+	case CRYPTO_BLF_CBC:
+		gone_in(13,
+		    "support for GEOM_ELI volumes encrypted with blowfish");
+		break;
+	}
+	if (sc->sc_flags & G_ELI_FLAG_AUTH) {
 		G_ELI_DEBUG(0, " Integrity: %s", g_eli_algo2str(sc->sc_aalgo));
+		switch (sc->sc_aalgo) {
+		case CRYPTO_MD5_HMAC:
+			gone_in(13,
+		    "support for GEOM_ELI volumes authenticated with hmac/md5");
+			break;
+		}
+	}
 	G_ELI_DEBUG(0, "    Crypto: %s",
 	    sc->sc_crypto == G_ELI_CRYPTO_SW ? "software" : "hardware");
 	return (gp);


More information about the svn-src-head mailing list