1/*-
2 * Copyright (c) 2005 Pawel Jakub Dawidek <pjd@FreeBSD.org>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
--- 11 unchanged lines hidden (view full) ---
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 */
26
27#include <sys/cdefs.h>
28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli_key.c 202976 2010-01-25 16:58:58Z trasz $");
29
30#include <sys/param.h>
31#ifdef _KERNEL
32#include <sys/malloc.h>
33#include <sys/systm.h>
34#include <geom/geom.h>
35#else
36#include <stdio.h>
37#include <stdint.h>
38#include <stdlib.h>
39#include <string.h>
40#include <strings.h>
41#include <errno.h>
42#endif
43
44#include <geom/eli/g_eli.h>
45
46
47/*
48 * Verify if the given 'key' is correct.
49 * Return 1 if it is correct and 0 otherwise.
50 */
51static int
52g_eli_mkey_verify(const unsigned char *mkey, const unsigned char *key)
53{
--- 119 unchanged lines hidden (view full) ---
173 error = g_eli_crypto_encrypt(algo, mkey, G_ELI_MKEYLEN, enckey, keylen);
174
175 bzero(enckey, sizeof(enckey));
176
177 return (error);
178}
179
180#ifdef _KERNEL
181/*
182 * When doing encryption only, copy IV key and encryption key.
183 * When doing encryption and authentication, copy IV key, generate encryption
184 * key and generate authentication key.
185 */
186void
187g_eli_mkey_propagate(struct g_eli_softc *sc, const unsigned char *mkey)
188{
189
190 /* Remember the Master Key. */
191 bcopy(mkey, sc->sc_mkey, sizeof(sc->sc_mkey));
192
193 bcopy(mkey, sc->sc_ivkey, sizeof(sc->sc_ivkey));
194 mkey += sizeof(sc->sc_ivkey);
195
196 if (!(sc->sc_flags & G_ELI_FLAG_AUTH)) {
197 bcopy(mkey, sc->sc_ekey, sizeof(sc->sc_ekey));
198 } else {
199 /*
200 * The encryption key is: ekey = HMAC_SHA512(Master-Key, 0x10)
201 * The authentication key is: akey = HMAC_SHA512(Master-Key, 0x11)
202 */
203 g_eli_crypto_hmac(mkey, G_ELI_MAXKEYLEN, "\x10", 1, sc->sc_ekey, 0);
204 g_eli_crypto_hmac(mkey, G_ELI_MAXKEYLEN, "\x11", 1, sc->sc_akey, 0);
205 }
206
207}
208#endif
2 * Copyright (c) 2005 Pawel Jakub Dawidek <pjd@FreeBSD.org>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
--- 11 unchanged lines hidden (view full) ---
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 */
26
27#include <sys/cdefs.h>
28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli_key.c 202976 2010-01-25 16:58:58Z trasz $");
29
30#include <sys/param.h>
31#ifdef _KERNEL
32#include <sys/malloc.h>
33#include <sys/systm.h>
34#include <geom/geom.h>
35#else
36#include <stdio.h>
37#include <stdint.h>
38#include <stdlib.h>
39#include <string.h>
40#include <strings.h>
41#include <errno.h>
42#endif
43
44#include <geom/eli/g_eli.h>
45
46
47/*
48 * Verify if the given 'key' is correct.
49 * Return 1 if it is correct and 0 otherwise.
50 */
51static int
52g_eli_mkey_verify(const unsigned char *mkey, const unsigned char *key)
53{
--- 119 unchanged lines hidden (view full) ---
173 error = g_eli_crypto_encrypt(algo, mkey, G_ELI_MKEYLEN, enckey, keylen);
174
175 bzero(enckey, sizeof(enckey));
176
177 return (error);
178}
179
180#ifdef _KERNEL
181/*
182 * When doing encryption only, copy IV key and encryption key.
183 * When doing encryption and authentication, copy IV key, generate encryption
184 * key and generate authentication key.
185 */
186void
187g_eli_mkey_propagate(struct g_eli_softc *sc, const unsigned char *mkey)
188{
189
190 /* Remember the Master Key. */
191 bcopy(mkey, sc->sc_mkey, sizeof(sc->sc_mkey));
192
193 bcopy(mkey, sc->sc_ivkey, sizeof(sc->sc_ivkey));
194 mkey += sizeof(sc->sc_ivkey);
195
196 if (!(sc->sc_flags & G_ELI_FLAG_AUTH)) {
197 bcopy(mkey, sc->sc_ekey, sizeof(sc->sc_ekey));
198 } else {
199 /*
200 * The encryption key is: ekey = HMAC_SHA512(Master-Key, 0x10)
201 * The authentication key is: akey = HMAC_SHA512(Master-Key, 0x11)
202 */
203 g_eli_crypto_hmac(mkey, G_ELI_MAXKEYLEN, "\x10", 1, sc->sc_ekey, 0);
204 g_eli_crypto_hmac(mkey, G_ELI_MAXKEYLEN, "\x11", 1, sc->sc_akey, 0);
205 }
206
207}
208#endif