Deleted Added
sdiff udiff text old ( 292782 ) new ( 293306 )
full compact
g_eli.h (292782) g_eli.h (293306)
1/*-
2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright

--- 9 unchanged lines hidden (view full) ---

18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
1/*-
2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright

--- 9 unchanged lines hidden (view full) ---

18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/geom/eli/g_eli.h 292782 2015-12-27 17:33:59Z allanjude $
26 * $FreeBSD: head/sys/geom/eli/g_eli.h 293306 2016-01-07 05:47:34Z allanjude $
27 */
28
29#ifndef _G_ELI_H_
30#define _G_ELI_H_
31
32#include <sys/endian.h>
33#include <sys/errno.h>
34#include <sys/malloc.h>
35#include <crypto/sha2/sha256.h>
36#include <crypto/sha2/sha512.h>
37#include <opencrypto/cryptodev.h>
38#ifdef _KERNEL
39#include <sys/bio.h>
40#include <sys/libkern.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
27 */
28
29#ifndef _G_ELI_H_
30#define _G_ELI_H_
31
32#include <sys/endian.h>
33#include <sys/errno.h>
34#include <sys/malloc.h>
35#include <crypto/sha2/sha256.h>
36#include <crypto/sha2/sha512.h>
37#include <opencrypto/cryptodev.h>
38#ifdef _KERNEL
39#include <sys/bio.h>
40#include <sys/libkern.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/queue.h>
44#include <sys/tree.h>
45#include <geom/geom.h>
46#else
47#include <assert.h>
48#include <stdio.h>
49#include <string.h>
50#include <strings.h>
51#endif
43#include <geom/geom.h>
44#else
45#include <assert.h>
46#include <stdio.h>
47#include <string.h>
48#include <strings.h>
49#endif
50#include <sys/queue.h>
51#include <sys/tree.h>
52#ifndef _OpenSSL_
53#include <sys/md5.h>
54#endif
55
56#define G_ELI_CLASS_NAME "ELI"
57#define G_ELI_MAGIC "GEOM::ELI"
58#define G_ELI_SUFFIX ".eli"
59

--- 67 unchanged lines hidden (view full) ---

127#define G_ELI_SALTLEN 64
128#define G_ELI_DATAIVKEYLEN (G_ELI_DATAKEYLEN + G_ELI_IVKEYLEN)
129/* Data-Key, IV-Key, HMAC_SHA512(Derived-Key, Data-Key+IV-Key) */
130#define G_ELI_MKEYLEN (G_ELI_DATAIVKEYLEN + SHA512_MDLEN)
131#define G_ELI_OVERWRITES 5
132/* Switch data encryption key every 2^20 blocks. */
133#define G_ELI_KEY_SHIFT 20
134
52#ifndef _OpenSSL_
53#include <sys/md5.h>
54#endif
55
56#define G_ELI_CLASS_NAME "ELI"
57#define G_ELI_MAGIC "GEOM::ELI"
58#define G_ELI_SUFFIX ".eli"
59

--- 67 unchanged lines hidden (view full) ---

127#define G_ELI_SALTLEN 64
128#define G_ELI_DATAIVKEYLEN (G_ELI_DATAKEYLEN + G_ELI_IVKEYLEN)
129/* Data-Key, IV-Key, HMAC_SHA512(Derived-Key, Data-Key+IV-Key) */
130#define G_ELI_MKEYLEN (G_ELI_DATAIVKEYLEN + SHA512_MDLEN)
131#define G_ELI_OVERWRITES 5
132/* Switch data encryption key every 2^20 blocks. */
133#define G_ELI_KEY_SHIFT 20
134
135#define G_ELI_CRYPTO_UNKNOWN 0
136#define G_ELI_CRYPTO_HW 1
137#define G_ELI_CRYPTO_SW 2
138
135#ifdef _KERNEL
136extern int g_eli_debug;
137extern u_int g_eli_overwrites;
138extern u_int g_eli_batch;
139
139#ifdef _KERNEL
140extern int g_eli_debug;
141extern u_int g_eli_overwrites;
142extern u_int g_eli_batch;
143
140#define G_ELI_CRYPTO_UNKNOWN 0
141#define G_ELI_CRYPTO_HW 1
142#define G_ELI_CRYPTO_SW 2
143
144#define G_ELI_DEBUG(lvl, ...) do { \
145 if (g_eli_debug >= (lvl)) { \
146 printf("GEOM_ELI"); \
147 if (g_eli_debug > 0) \
148 printf("[%u]", lvl); \
149 printf(": "); \
150 printf(__VA_ARGS__); \
151 printf("\n"); \

--- 16 unchanged lines hidden (view full) ---

168 struct g_eli_softc *w_softc;
169 struct proc *w_proc;
170 u_int w_number;
171 uint64_t w_sid;
172 boolean_t w_active;
173 LIST_ENTRY(g_eli_worker) w_next;
174};
175
144#define G_ELI_DEBUG(lvl, ...) do { \
145 if (g_eli_debug >= (lvl)) { \
146 printf("GEOM_ELI"); \
147 if (g_eli_debug > 0) \
148 printf("[%u]", lvl); \
149 printf(": "); \
150 printf(__VA_ARGS__); \
151 printf("\n"); \

--- 16 unchanged lines hidden (view full) ---

168 struct g_eli_softc *w_softc;
169 struct proc *w_proc;
170 u_int w_number;
171 uint64_t w_sid;
172 boolean_t w_active;
173 LIST_ENTRY(g_eli_worker) w_next;
174};
175
176#endif /* _KERNEL */
177
176struct g_eli_softc {
177 struct g_geom *sc_geom;
178 u_int sc_version;
179 u_int sc_crypto;
180 uint8_t sc_mkey[G_ELI_DATAIVKEYLEN];
181 uint8_t sc_ekey[G_ELI_DATAKEYLEN];
182 TAILQ_HEAD(, g_eli_key) sc_ekeys_queue;
183 RB_HEAD(g_eli_key_tree, g_eli_key) sc_ekeys_tree;

--- 11 unchanged lines hidden (view full) ---

195 SHA256_CTX sc_ivctx;
196 int sc_nkey;
197 uint32_t sc_flags;
198 int sc_inflight;
199 off_t sc_mediasize;
200 size_t sc_sectorsize;
201 u_int sc_bytes_per_sector;
202 u_int sc_data_per_sector;
178struct g_eli_softc {
179 struct g_geom *sc_geom;
180 u_int sc_version;
181 u_int sc_crypto;
182 uint8_t sc_mkey[G_ELI_DATAIVKEYLEN];
183 uint8_t sc_ekey[G_ELI_DATAKEYLEN];
184 TAILQ_HEAD(, g_eli_key) sc_ekeys_queue;
185 RB_HEAD(g_eli_key_tree, g_eli_key) sc_ekeys_tree;

--- 11 unchanged lines hidden (view full) ---

197 SHA256_CTX sc_ivctx;
198 int sc_nkey;
199 uint32_t sc_flags;
200 int sc_inflight;
201 off_t sc_mediasize;
202 size_t sc_sectorsize;
203 u_int sc_bytes_per_sector;
204 u_int sc_data_per_sector;
205#ifndef _KERNEL
206 int sc_cpubind;
207#else /* _KERNEL */
203 boolean_t sc_cpubind;
204
205 /* Only for software cryptography. */
206 struct bio_queue_head sc_queue;
207 struct mtx sc_queue_mtx;
208 LIST_HEAD(, g_eli_worker) sc_workers;
208 boolean_t sc_cpubind;
209
210 /* Only for software cryptography. */
211 struct bio_queue_head sc_queue;
212 struct mtx sc_queue_mtx;
213 LIST_HEAD(, g_eli_worker) sc_workers;
214#endif /* _KERNEL */
209};
210#define sc_name sc_geom->name
215};
216#define sc_name sc_geom->name
211#endif /* _KERNEL */
212
217
218#define G_ELI_KEY_MAGIC 0xe11341c
219
220struct g_eli_key {
221 /* Key value, must be first in the structure. */
222 uint8_t gek_key[G_ELI_DATAKEYLEN];
223 /* Magic. */
224 int gek_magic;
225 /* Key number. */
226 uint64_t gek_keyno;
227 /* Reference counter. */
228 int gek_count;
229 /* Keeps keys sorted by most recent use. */
230 TAILQ_ENTRY(g_eli_key) gek_next;
231 /* Keeps keys sorted by number. */
232 RB_ENTRY(g_eli_key) gek_link;
233};
234
213struct g_eli_metadata {
214 char md_magic[16]; /* Magic value. */
215 uint32_t md_version; /* Version number. */
216 uint32_t md_flags; /* Additional flags. */
217 uint16_t md_ealgo; /* Encryption algorithm. */
218 uint16_t md_keylen; /* Key length. */
219 uint16_t md_aalgo; /* Authentication algorithm. */
220 uint64_t md_provsize; /* Provider's size. */

--- 343 unchanged lines hidden (view full) ---

564 case CRYPTO_SHA2_384_HMAC:
565 return (48);
566 case CRYPTO_SHA2_512_HMAC:
567 return (64);
568 }
569 return (0);
570}
571
235struct g_eli_metadata {
236 char md_magic[16]; /* Magic value. */
237 uint32_t md_version; /* Version number. */
238 uint32_t md_flags; /* Additional flags. */
239 uint16_t md_ealgo; /* Encryption algorithm. */
240 uint16_t md_keylen; /* Key length. */
241 uint16_t md_aalgo; /* Authentication algorithm. */
242 uint64_t md_provsize; /* Provider's size. */

--- 343 unchanged lines hidden (view full) ---

586 case CRYPTO_SHA2_384_HMAC:
587 return (48);
588 case CRYPTO_SHA2_512_HMAC:
589 return (64);
590 }
591 return (0);
592}
593
594static __inline void
595eli_metadata_softc(struct g_eli_softc *sc, const struct g_eli_metadata *md,
596 u_int sectorsize, off_t mediasize)
597{
598
599 sc->sc_version = md->md_version;
600 sc->sc_inflight = 0;
601 sc->sc_crypto = G_ELI_CRYPTO_UNKNOWN;
602 sc->sc_flags = md->md_flags;
603 /* Backward compatibility. */
604 if (md->md_version < G_ELI_VERSION_04)
605 sc->sc_flags |= G_ELI_FLAG_NATIVE_BYTE_ORDER;
606 if (md->md_version < G_ELI_VERSION_05)
607 sc->sc_flags |= G_ELI_FLAG_SINGLE_KEY;
608 if (md->md_version < G_ELI_VERSION_06 &&
609 (sc->sc_flags & G_ELI_FLAG_AUTH) != 0) {
610 sc->sc_flags |= G_ELI_FLAG_FIRST_KEY;
611 }
612 if (md->md_version < G_ELI_VERSION_07)
613 sc->sc_flags |= G_ELI_FLAG_ENC_IVKEY;
614 sc->sc_ealgo = md->md_ealgo;
615
616 if (sc->sc_flags & G_ELI_FLAG_AUTH) {
617 sc->sc_akeylen = sizeof(sc->sc_akey) * 8;
618 sc->sc_aalgo = md->md_aalgo;
619 sc->sc_alen = g_eli_hashlen(sc->sc_aalgo);
620
621 sc->sc_data_per_sector = sectorsize - sc->sc_alen;
622 /*
623 * Some hash functions (like SHA1 and RIPEMD160) generates hash
624 * which length is not multiple of 128 bits, but we want data
625 * length to be multiple of 128, so we can encrypt without
626 * padding. The line below rounds down data length to multiple
627 * of 128 bits.
628 */
629 sc->sc_data_per_sector -= sc->sc_data_per_sector % 16;
630
631 sc->sc_bytes_per_sector =
632 (md->md_sectorsize - 1) / sc->sc_data_per_sector + 1;
633 sc->sc_bytes_per_sector *= sectorsize;
634 }
635 sc->sc_sectorsize = md->md_sectorsize;
636 sc->sc_mediasize = mediasize;
637 if (!(sc->sc_flags & G_ELI_FLAG_ONETIME))
638 sc->sc_mediasize -= sectorsize;
639 if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
640 sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize);
641 else {
642 sc->sc_mediasize /= sc->sc_bytes_per_sector;
643 sc->sc_mediasize *= sc->sc_sectorsize;
644 }
645 sc->sc_ekeylen = md->md_keylen;
646}
647
572#ifdef _KERNEL
573int g_eli_read_metadata(struct g_class *mp, struct g_provider *pp,
574 struct g_eli_metadata *md);
575struct g_geom *g_eli_create(struct gctl_req *req, struct g_class *mp,
576 struct g_provider *bpp, const struct g_eli_metadata *md,
577 const u_char *mkey, int nkey);
578int g_eli_destroy(struct g_eli_softc *sc, boolean_t force);
579
580int g_eli_access(struct g_provider *pp, int dr, int dw, int de);
581void g_eli_config(struct gctl_req *req, struct g_class *mp, const char *verb);
582
583void g_eli_read_done(struct bio *bp);
584void g_eli_write_done(struct bio *bp);
585int g_eli_crypto_rerun(struct cryptop *crp);
648#ifdef _KERNEL
649int g_eli_read_metadata(struct g_class *mp, struct g_provider *pp,
650 struct g_eli_metadata *md);
651struct g_geom *g_eli_create(struct gctl_req *req, struct g_class *mp,
652 struct g_provider *bpp, const struct g_eli_metadata *md,
653 const u_char *mkey, int nkey);
654int g_eli_destroy(struct g_eli_softc *sc, boolean_t force);
655
656int g_eli_access(struct g_provider *pp, int dr, int dw, int de);
657void g_eli_config(struct gctl_req *req, struct g_class *mp, const char *verb);
658
659void g_eli_read_done(struct bio *bp);
660void g_eli_write_done(struct bio *bp);
661int g_eli_crypto_rerun(struct cryptop *crp);
586void g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv,
587 size_t size);
588
589void g_eli_crypto_read(struct g_eli_softc *sc, struct bio *bp, boolean_t fromworker);
590void g_eli_crypto_run(struct g_eli_worker *wr, struct bio *bp);
591
592void g_eli_auth_read(struct g_eli_softc *sc, struct bio *bp);
593void g_eli_auth_run(struct g_eli_worker *wr, struct bio *bp);
594#endif
662
663void g_eli_crypto_read(struct g_eli_softc *sc, struct bio *bp, boolean_t fromworker);
664void g_eli_crypto_run(struct g_eli_worker *wr, struct bio *bp);
665
666void g_eli_auth_read(struct g_eli_softc *sc, struct bio *bp);
667void g_eli_auth_run(struct g_eli_worker *wr, struct bio *bp);
668#endif
669void g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv,
670 size_t size);
595
596void g_eli_mkey_hmac(unsigned char *mkey, const unsigned char *key);
597int g_eli_mkey_decrypt(const struct g_eli_metadata *md,
598 const unsigned char *key, unsigned char *mkey, unsigned *nkeyp);
599int g_eli_mkey_encrypt(unsigned algo, const unsigned char *key, unsigned keylen,
600 unsigned char *mkey);
601#ifdef _KERNEL
602void g_eli_mkey_propagate(struct g_eli_softc *sc, const unsigned char *mkey);

--- 12 unchanged lines hidden (view full) ---

615void g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey,
616 size_t hkeylen);
617void g_eli_crypto_hmac_update(struct hmac_ctx *ctx, const uint8_t *data,
618 size_t datasize);
619void g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize);
620void g_eli_crypto_hmac(const uint8_t *hkey, size_t hkeysize,
621 const uint8_t *data, size_t datasize, uint8_t *md, size_t mdsize);
622
671
672void g_eli_mkey_hmac(unsigned char *mkey, const unsigned char *key);
673int g_eli_mkey_decrypt(const struct g_eli_metadata *md,
674 const unsigned char *key, unsigned char *mkey, unsigned *nkeyp);
675int g_eli_mkey_encrypt(unsigned algo, const unsigned char *key, unsigned keylen,
676 unsigned char *mkey);
677#ifdef _KERNEL
678void g_eli_mkey_propagate(struct g_eli_softc *sc, const unsigned char *mkey);

--- 12 unchanged lines hidden (view full) ---

691void g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey,
692 size_t hkeylen);
693void g_eli_crypto_hmac_update(struct hmac_ctx *ctx, const uint8_t *data,
694 size_t datasize);
695void g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize);
696void g_eli_crypto_hmac(const uint8_t *hkey, size_t hkeysize,
697 const uint8_t *data, size_t datasize, uint8_t *md, size_t mdsize);
698
699void g_eli_key_fill(struct g_eli_softc *sc, struct g_eli_key *key,
700 uint64_t keyno);
623#ifdef _KERNEL
624void g_eli_key_init(struct g_eli_softc *sc);
625void g_eli_key_destroy(struct g_eli_softc *sc);
626uint8_t *g_eli_key_hold(struct g_eli_softc *sc, off_t offset, size_t blocksize);
627void g_eli_key_drop(struct g_eli_softc *sc, uint8_t *rawkey);
628#endif
629#endif /* !_G_ELI_H_ */
701#ifdef _KERNEL
702void g_eli_key_init(struct g_eli_softc *sc);
703void g_eli_key_destroy(struct g_eli_softc *sc);
704uint8_t *g_eli_key_hold(struct g_eli_softc *sc, off_t offset, size_t blocksize);
705void g_eli_key_drop(struct g_eli_softc *sc, uint8_t *rawkey);
706#endif
707#endif /* !_G_ELI_H_ */