g_eli.h (292782) | g_eli.h (293306) |
---|---|
1/*- 2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * | 1/*- 2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * |
26 * $FreeBSD: head/sys/geom/eli/g_eli.h 292782 2015-12-27 17:33:59Z allanjude $ | 26 * $FreeBSD: head/sys/geom/eli/g_eli.h 293306 2016-01-07 05:47:34Z allanjude $ |
27 */ 28 29#ifndef _G_ELI_H_ 30#define _G_ELI_H_ 31 32#include <sys/endian.h> 33#include <sys/errno.h> 34#include <sys/malloc.h> 35#include <crypto/sha2/sha256.h> 36#include <crypto/sha2/sha512.h> 37#include <opencrypto/cryptodev.h> 38#ifdef _KERNEL 39#include <sys/bio.h> 40#include <sys/libkern.h> 41#include <sys/lock.h> 42#include <sys/mutex.h> | 27 */ 28 29#ifndef _G_ELI_H_ 30#define _G_ELI_H_ 31 32#include <sys/endian.h> 33#include <sys/errno.h> 34#include <sys/malloc.h> 35#include <crypto/sha2/sha256.h> 36#include <crypto/sha2/sha512.h> 37#include <opencrypto/cryptodev.h> 38#ifdef _KERNEL 39#include <sys/bio.h> 40#include <sys/libkern.h> 41#include <sys/lock.h> 42#include <sys/mutex.h> |
43#include <sys/queue.h> 44#include <sys/tree.h> | |
45#include <geom/geom.h> 46#else 47#include <assert.h> 48#include <stdio.h> 49#include <string.h> 50#include <strings.h> 51#endif | 43#include <geom/geom.h> 44#else 45#include <assert.h> 46#include <stdio.h> 47#include <string.h> 48#include <strings.h> 49#endif |
50#include <sys/queue.h> 51#include <sys/tree.h> |
|
52#ifndef _OpenSSL_ 53#include <sys/md5.h> 54#endif 55 56#define G_ELI_CLASS_NAME "ELI" 57#define G_ELI_MAGIC "GEOM::ELI" 58#define G_ELI_SUFFIX ".eli" 59 --- 67 unchanged lines hidden (view full) --- 127#define G_ELI_SALTLEN 64 128#define G_ELI_DATAIVKEYLEN (G_ELI_DATAKEYLEN + G_ELI_IVKEYLEN) 129/* Data-Key, IV-Key, HMAC_SHA512(Derived-Key, Data-Key+IV-Key) */ 130#define G_ELI_MKEYLEN (G_ELI_DATAIVKEYLEN + SHA512_MDLEN) 131#define G_ELI_OVERWRITES 5 132/* Switch data encryption key every 2^20 blocks. */ 133#define G_ELI_KEY_SHIFT 20 134 | 52#ifndef _OpenSSL_ 53#include <sys/md5.h> 54#endif 55 56#define G_ELI_CLASS_NAME "ELI" 57#define G_ELI_MAGIC "GEOM::ELI" 58#define G_ELI_SUFFIX ".eli" 59 --- 67 unchanged lines hidden (view full) --- 127#define G_ELI_SALTLEN 64 128#define G_ELI_DATAIVKEYLEN (G_ELI_DATAKEYLEN + G_ELI_IVKEYLEN) 129/* Data-Key, IV-Key, HMAC_SHA512(Derived-Key, Data-Key+IV-Key) */ 130#define G_ELI_MKEYLEN (G_ELI_DATAIVKEYLEN + SHA512_MDLEN) 131#define G_ELI_OVERWRITES 5 132/* Switch data encryption key every 2^20 blocks. */ 133#define G_ELI_KEY_SHIFT 20 134 |
135#define G_ELI_CRYPTO_UNKNOWN 0 136#define G_ELI_CRYPTO_HW 1 137#define G_ELI_CRYPTO_SW 2 138 |
|
135#ifdef _KERNEL 136extern int g_eli_debug; 137extern u_int g_eli_overwrites; 138extern u_int g_eli_batch; 139 | 139#ifdef _KERNEL 140extern int g_eli_debug; 141extern u_int g_eli_overwrites; 142extern u_int g_eli_batch; 143 |
140#define G_ELI_CRYPTO_UNKNOWN 0 141#define G_ELI_CRYPTO_HW 1 142#define G_ELI_CRYPTO_SW 2 143 | |
144#define G_ELI_DEBUG(lvl, ...) do { \ 145 if (g_eli_debug >= (lvl)) { \ 146 printf("GEOM_ELI"); \ 147 if (g_eli_debug > 0) \ 148 printf("[%u]", lvl); \ 149 printf(": "); \ 150 printf(__VA_ARGS__); \ 151 printf("\n"); \ --- 16 unchanged lines hidden (view full) --- 168 struct g_eli_softc *w_softc; 169 struct proc *w_proc; 170 u_int w_number; 171 uint64_t w_sid; 172 boolean_t w_active; 173 LIST_ENTRY(g_eli_worker) w_next; 174}; 175 | 144#define G_ELI_DEBUG(lvl, ...) do { \ 145 if (g_eli_debug >= (lvl)) { \ 146 printf("GEOM_ELI"); \ 147 if (g_eli_debug > 0) \ 148 printf("[%u]", lvl); \ 149 printf(": "); \ 150 printf(__VA_ARGS__); \ 151 printf("\n"); \ --- 16 unchanged lines hidden (view full) --- 168 struct g_eli_softc *w_softc; 169 struct proc *w_proc; 170 u_int w_number; 171 uint64_t w_sid; 172 boolean_t w_active; 173 LIST_ENTRY(g_eli_worker) w_next; 174}; 175 |
176#endif /* _KERNEL */ 177 |
|
176struct g_eli_softc { 177 struct g_geom *sc_geom; 178 u_int sc_version; 179 u_int sc_crypto; 180 uint8_t sc_mkey[G_ELI_DATAIVKEYLEN]; 181 uint8_t sc_ekey[G_ELI_DATAKEYLEN]; 182 TAILQ_HEAD(, g_eli_key) sc_ekeys_queue; 183 RB_HEAD(g_eli_key_tree, g_eli_key) sc_ekeys_tree; --- 11 unchanged lines hidden (view full) --- 195 SHA256_CTX sc_ivctx; 196 int sc_nkey; 197 uint32_t sc_flags; 198 int sc_inflight; 199 off_t sc_mediasize; 200 size_t sc_sectorsize; 201 u_int sc_bytes_per_sector; 202 u_int sc_data_per_sector; | 178struct g_eli_softc { 179 struct g_geom *sc_geom; 180 u_int sc_version; 181 u_int sc_crypto; 182 uint8_t sc_mkey[G_ELI_DATAIVKEYLEN]; 183 uint8_t sc_ekey[G_ELI_DATAKEYLEN]; 184 TAILQ_HEAD(, g_eli_key) sc_ekeys_queue; 185 RB_HEAD(g_eli_key_tree, g_eli_key) sc_ekeys_tree; --- 11 unchanged lines hidden (view full) --- 197 SHA256_CTX sc_ivctx; 198 int sc_nkey; 199 uint32_t sc_flags; 200 int sc_inflight; 201 off_t sc_mediasize; 202 size_t sc_sectorsize; 203 u_int sc_bytes_per_sector; 204 u_int sc_data_per_sector; |
205#ifndef _KERNEL 206 int sc_cpubind; 207#else /* _KERNEL */ |
|
203 boolean_t sc_cpubind; 204 205 /* Only for software cryptography. */ 206 struct bio_queue_head sc_queue; 207 struct mtx sc_queue_mtx; 208 LIST_HEAD(, g_eli_worker) sc_workers; | 208 boolean_t sc_cpubind; 209 210 /* Only for software cryptography. */ 211 struct bio_queue_head sc_queue; 212 struct mtx sc_queue_mtx; 213 LIST_HEAD(, g_eli_worker) sc_workers; |
214#endif /* _KERNEL */ |
|
209}; 210#define sc_name sc_geom->name | 215}; 216#define sc_name sc_geom->name |
211#endif /* _KERNEL */ | |
212 | 217 |
218#define G_ELI_KEY_MAGIC 0xe11341c 219 220struct g_eli_key { 221 /* Key value, must be first in the structure. */ 222 uint8_t gek_key[G_ELI_DATAKEYLEN]; 223 /* Magic. */ 224 int gek_magic; 225 /* Key number. */ 226 uint64_t gek_keyno; 227 /* Reference counter. */ 228 int gek_count; 229 /* Keeps keys sorted by most recent use. */ 230 TAILQ_ENTRY(g_eli_key) gek_next; 231 /* Keeps keys sorted by number. */ 232 RB_ENTRY(g_eli_key) gek_link; 233}; 234 |
|
213struct g_eli_metadata { 214 char md_magic[16]; /* Magic value. */ 215 uint32_t md_version; /* Version number. */ 216 uint32_t md_flags; /* Additional flags. */ 217 uint16_t md_ealgo; /* Encryption algorithm. */ 218 uint16_t md_keylen; /* Key length. */ 219 uint16_t md_aalgo; /* Authentication algorithm. */ 220 uint64_t md_provsize; /* Provider's size. */ --- 343 unchanged lines hidden (view full) --- 564 case CRYPTO_SHA2_384_HMAC: 565 return (48); 566 case CRYPTO_SHA2_512_HMAC: 567 return (64); 568 } 569 return (0); 570} 571 | 235struct g_eli_metadata { 236 char md_magic[16]; /* Magic value. */ 237 uint32_t md_version; /* Version number. */ 238 uint32_t md_flags; /* Additional flags. */ 239 uint16_t md_ealgo; /* Encryption algorithm. */ 240 uint16_t md_keylen; /* Key length. */ 241 uint16_t md_aalgo; /* Authentication algorithm. */ 242 uint64_t md_provsize; /* Provider's size. */ --- 343 unchanged lines hidden (view full) --- 586 case CRYPTO_SHA2_384_HMAC: 587 return (48); 588 case CRYPTO_SHA2_512_HMAC: 589 return (64); 590 } 591 return (0); 592} 593 |
594static __inline void 595eli_metadata_softc(struct g_eli_softc *sc, const struct g_eli_metadata *md, 596 u_int sectorsize, off_t mediasize) 597{ 598 599 sc->sc_version = md->md_version; 600 sc->sc_inflight = 0; 601 sc->sc_crypto = G_ELI_CRYPTO_UNKNOWN; 602 sc->sc_flags = md->md_flags; 603 /* Backward compatibility. */ 604 if (md->md_version < G_ELI_VERSION_04) 605 sc->sc_flags |= G_ELI_FLAG_NATIVE_BYTE_ORDER; 606 if (md->md_version < G_ELI_VERSION_05) 607 sc->sc_flags |= G_ELI_FLAG_SINGLE_KEY; 608 if (md->md_version < G_ELI_VERSION_06 && 609 (sc->sc_flags & G_ELI_FLAG_AUTH) != 0) { 610 sc->sc_flags |= G_ELI_FLAG_FIRST_KEY; 611 } 612 if (md->md_version < G_ELI_VERSION_07) 613 sc->sc_flags |= G_ELI_FLAG_ENC_IVKEY; 614 sc->sc_ealgo = md->md_ealgo; 615 616 if (sc->sc_flags & G_ELI_FLAG_AUTH) { 617 sc->sc_akeylen = sizeof(sc->sc_akey) * 8; 618 sc->sc_aalgo = md->md_aalgo; 619 sc->sc_alen = g_eli_hashlen(sc->sc_aalgo); 620 621 sc->sc_data_per_sector = sectorsize - sc->sc_alen; 622 /* 623 * Some hash functions (like SHA1 and RIPEMD160) generates hash 624 * which length is not multiple of 128 bits, but we want data 625 * length to be multiple of 128, so we can encrypt without 626 * padding. The line below rounds down data length to multiple 627 * of 128 bits. 628 */ 629 sc->sc_data_per_sector -= sc->sc_data_per_sector % 16; 630 631 sc->sc_bytes_per_sector = 632 (md->md_sectorsize - 1) / sc->sc_data_per_sector + 1; 633 sc->sc_bytes_per_sector *= sectorsize; 634 } 635 sc->sc_sectorsize = md->md_sectorsize; 636 sc->sc_mediasize = mediasize; 637 if (!(sc->sc_flags & G_ELI_FLAG_ONETIME)) 638 sc->sc_mediasize -= sectorsize; 639 if (!(sc->sc_flags & G_ELI_FLAG_AUTH)) 640 sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize); 641 else { 642 sc->sc_mediasize /= sc->sc_bytes_per_sector; 643 sc->sc_mediasize *= sc->sc_sectorsize; 644 } 645 sc->sc_ekeylen = md->md_keylen; 646} 647 |
|
572#ifdef _KERNEL 573int g_eli_read_metadata(struct g_class *mp, struct g_provider *pp, 574 struct g_eli_metadata *md); 575struct g_geom *g_eli_create(struct gctl_req *req, struct g_class *mp, 576 struct g_provider *bpp, const struct g_eli_metadata *md, 577 const u_char *mkey, int nkey); 578int g_eli_destroy(struct g_eli_softc *sc, boolean_t force); 579 580int g_eli_access(struct g_provider *pp, int dr, int dw, int de); 581void g_eli_config(struct gctl_req *req, struct g_class *mp, const char *verb); 582 583void g_eli_read_done(struct bio *bp); 584void g_eli_write_done(struct bio *bp); 585int g_eli_crypto_rerun(struct cryptop *crp); | 648#ifdef _KERNEL 649int g_eli_read_metadata(struct g_class *mp, struct g_provider *pp, 650 struct g_eli_metadata *md); 651struct g_geom *g_eli_create(struct gctl_req *req, struct g_class *mp, 652 struct g_provider *bpp, const struct g_eli_metadata *md, 653 const u_char *mkey, int nkey); 654int g_eli_destroy(struct g_eli_softc *sc, boolean_t force); 655 656int g_eli_access(struct g_provider *pp, int dr, int dw, int de); 657void g_eli_config(struct gctl_req *req, struct g_class *mp, const char *verb); 658 659void g_eli_read_done(struct bio *bp); 660void g_eli_write_done(struct bio *bp); 661int g_eli_crypto_rerun(struct cryptop *crp); |
586void g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv, 587 size_t size); | |
588 589void g_eli_crypto_read(struct g_eli_softc *sc, struct bio *bp, boolean_t fromworker); 590void g_eli_crypto_run(struct g_eli_worker *wr, struct bio *bp); 591 592void g_eli_auth_read(struct g_eli_softc *sc, struct bio *bp); 593void g_eli_auth_run(struct g_eli_worker *wr, struct bio *bp); 594#endif | 662 663void g_eli_crypto_read(struct g_eli_softc *sc, struct bio *bp, boolean_t fromworker); 664void g_eli_crypto_run(struct g_eli_worker *wr, struct bio *bp); 665 666void g_eli_auth_read(struct g_eli_softc *sc, struct bio *bp); 667void g_eli_auth_run(struct g_eli_worker *wr, struct bio *bp); 668#endif |
669void g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv, 670 size_t size); |
|
595 596void g_eli_mkey_hmac(unsigned char *mkey, const unsigned char *key); 597int g_eli_mkey_decrypt(const struct g_eli_metadata *md, 598 const unsigned char *key, unsigned char *mkey, unsigned *nkeyp); 599int g_eli_mkey_encrypt(unsigned algo, const unsigned char *key, unsigned keylen, 600 unsigned char *mkey); 601#ifdef _KERNEL 602void g_eli_mkey_propagate(struct g_eli_softc *sc, const unsigned char *mkey); --- 12 unchanged lines hidden (view full) --- 615void g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey, 616 size_t hkeylen); 617void g_eli_crypto_hmac_update(struct hmac_ctx *ctx, const uint8_t *data, 618 size_t datasize); 619void g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize); 620void g_eli_crypto_hmac(const uint8_t *hkey, size_t hkeysize, 621 const uint8_t *data, size_t datasize, uint8_t *md, size_t mdsize); 622 | 671 672void g_eli_mkey_hmac(unsigned char *mkey, const unsigned char *key); 673int g_eli_mkey_decrypt(const struct g_eli_metadata *md, 674 const unsigned char *key, unsigned char *mkey, unsigned *nkeyp); 675int g_eli_mkey_encrypt(unsigned algo, const unsigned char *key, unsigned keylen, 676 unsigned char *mkey); 677#ifdef _KERNEL 678void g_eli_mkey_propagate(struct g_eli_softc *sc, const unsigned char *mkey); --- 12 unchanged lines hidden (view full) --- 691void g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey, 692 size_t hkeylen); 693void g_eli_crypto_hmac_update(struct hmac_ctx *ctx, const uint8_t *data, 694 size_t datasize); 695void g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize); 696void g_eli_crypto_hmac(const uint8_t *hkey, size_t hkeysize, 697 const uint8_t *data, size_t datasize, uint8_t *md, size_t mdsize); 698 |
699void g_eli_key_fill(struct g_eli_softc *sc, struct g_eli_key *key, 700 uint64_t keyno); |
|
623#ifdef _KERNEL 624void g_eli_key_init(struct g_eli_softc *sc); 625void g_eli_key_destroy(struct g_eli_softc *sc); 626uint8_t *g_eli_key_hold(struct g_eli_softc *sc, off_t offset, size_t blocksize); 627void g_eli_key_drop(struct g_eli_softc *sc, uint8_t *rawkey); 628#endif 629#endif /* !_G_ELI_H_ */ | 701#ifdef _KERNEL 702void g_eli_key_init(struct g_eli_softc *sc); 703void g_eli_key_destroy(struct g_eli_softc *sc); 704uint8_t *g_eli_key_hold(struct g_eli_softc *sc, off_t offset, size_t blocksize); 705void g_eli_key_drop(struct g_eli_softc *sc, uint8_t *rawkey); 706#endif 707#endif /* !_G_ELI_H_ */ |