This function will be used later to store
new keys to the luks metadata
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
---
crypto/block-luks.c | 310 ++++++++++++++++++++++++++------------------
1 file changed, 184 insertions(+), 126 deletions(-)
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index cc9a52c9af..d713125925 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -650,6 +650,176 @@ out:
}
+/*
+ * Given a key slot, user password, and the master key,
+ * will store the encrypted master key there, and update the
+ * in-memory header. User must then write the in-memory header
+ *
+ * Returns:
+ * 0 if the keyslot was written successfully
+ * with the provided password
+ * -1 if a fatal error occurred while storing the key
+ */
+static int
+qcrypto_block_luks_store_key(QCryptoBlock *block,
+ unsigned int slot_idx,
+ const char *password,
+ uint8_t *masterkey,
+ uint64_t iter_time,
+ QCryptoBlockWriteFunc writefunc,
+ void *opaque,
+ Error **errp)
+{
+ QCryptoBlockLUKS *luks = block->opaque;
+ QCryptoBlockLUKSKeySlot *slot = &luks->header.key_slots[slot_idx];
+ g_autofree uint8_t *splitkey = NULL;
+ size_t splitkeylen;
+ g_autofree uint8_t *slotkey = NULL;
+ g_autoptr(QCryptoCipher) cipher = NULL;
+ g_autoptr(QCryptoIVGen) ivgen = NULL;
+ Error *local_err = NULL;
+ uint64_t iters;
+ int ret = -1;
+
+ if (qcrypto_random_bytes(slot->salt,
+ QCRYPTO_BLOCK_LUKS_SALT_LEN,
+ errp) < 0) {
+ goto cleanup;
+ }
+
+ splitkeylen = luks->header.master_key_len * slot->stripes;
+
+ /*
+ * Determine how many iterations are required to
+ * hash the user password while consuming 1 second of compute
+ * time
+ */
+ iters = qcrypto_pbkdf2_count_iters(luks->hash_alg,
+ (uint8_t *)password, strlen(password),
+ slot->salt,
+ QCRYPTO_BLOCK_LUKS_SALT_LEN,
+ luks->header.master_key_len,
+ &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ goto cleanup;
+ }
+
+ if (iters > (ULLONG_MAX / iter_time)) {
+ error_setg_errno(errp, ERANGE,
+ "PBKDF iterations %llu too large to scale",
+ (unsigned long long)iters);
+ goto cleanup;
+ }
+
+ /* iter_time was in millis, but count_iters reported for secs */
+ iters = iters * iter_time / 1000;
+
+ if (iters > UINT32_MAX) {
+ error_setg_errno(errp, ERANGE,
+ "PBKDF iterations %llu larger than %u",
+ (unsigned long long)iters, UINT32_MAX);
+ goto cleanup;
+ }
+
+ slot->iterations =
+ MAX(iters, QCRYPTO_BLOCK_LUKS_MIN_SLOT_KEY_ITERS);
+
+
+ /*
+ * Generate a key that we'll use to encrypt the master
+ * key, from the user's password
+ */
+ slotkey = g_new0(uint8_t, luks->header.master_key_len);
+ if (qcrypto_pbkdf2(luks->hash_alg,
+ (uint8_t *)password, strlen(password),
+ slot->salt,
+ QCRYPTO_BLOCK_LUKS_SALT_LEN,
+ slot->iterations,
+ slotkey, luks->header.master_key_len,
+ errp) < 0) {
+ goto cleanup;
+ }
+
+
+ /*
+ * Setup the encryption objects needed to encrypt the
+ * master key material
+ */
+ cipher = qcrypto_cipher_new(luks->cipher_alg,
+ luks->cipher_mode,
+ slotkey, luks->header.master_key_len,
+ errp);
+ if (!cipher) {
+ goto cleanup;
+ }
+
+ ivgen = qcrypto_ivgen_new(luks->ivgen_alg,
+ luks->ivgen_cipher_alg,
+ luks->ivgen_hash_alg,
+ slotkey, luks->header.master_key_len,
+ errp);
+ if (!ivgen) {
+ goto cleanup;
+ }
+
+ /*
+ * Before storing the master key, we need to vastly
+ * increase its size, as protection against forensic
+ * disk data recovery
+ */
+ splitkey = g_new0(uint8_t, splitkeylen);
+
+ if (qcrypto_afsplit_encode(luks->hash_alg,
+ luks->header.master_key_len,
+ slot->stripes,
+ masterkey,
+ splitkey,
+ errp) < 0) {
+ goto cleanup;
+ }
+
+ /*
+ * Now we encrypt the split master key with the key generated
+ * from the user's password, before storing it
+ */
+ if (qcrypto_block_cipher_encrypt_helper(cipher, block->niv, ivgen,
+ QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
+ 0,
+ splitkey,
+ splitkeylen,
+ errp) < 0) {
+ goto cleanup;
+ }
+
+ /* Write out the slot's master key material. */
+ if (writefunc(block,
+ slot->key_offset_sector *
+ QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
+ splitkey, splitkeylen,
+ opaque,
+ errp) != splitkeylen) {
+ goto cleanup;
+ }
+
+ slot->active = QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED;
+
+ if (qcrypto_block_luks_store_header(block, writefunc, opaque, errp)) {
+ goto cleanup;
+ }
+
+ ret = 0;
+
+cleanup:
+ if (slotkey) {
+ memset(slotkey, 0, luks->header.master_key_len);
+ }
+ if (splitkey) {
+ memset(splitkey, 0, splitkeylen);
+ }
+ return ret;
+}
+
/*
* Given a key slot, and user password, this will attempt to unlock
* the master encryption key from the key slot.
@@ -981,13 +1151,9 @@ qcrypto_block_luks_create(QCryptoBlock *block,
QCryptoBlockCreateOptionsLUKS luks_opts;
Error *local_err = NULL;
g_autofree uint8_t *masterkey = NULL;
- g_autofree uint8_t *slotkey = NULL;
- g_autofree uint8_t *splitkey = NULL;
size_t splitkeylen = 0;
size_t i;
- g_autoptr(QCryptoCipher) cipher = NULL;
- g_autoptr(QCryptoIVGen) ivgen = NULL;
- g_autofree char *password = NULL;
+ g_autofree char *password;
const char *cipher_alg;
const char *cipher_mode;
const char *ivgen_alg;
@@ -1209,9 +1375,7 @@ qcrypto_block_luks_create(QCryptoBlock *block,
* to use the first key slot */
splitkeylen = luks->header.master_key_len * QCRYPTO_BLOCK_LUKS_STRIPES;
for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
- luks->header.key_slots[i].active = i == 0 ?
- QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED :
- QCRYPTO_BLOCK_LUKS_KEY_SLOT_DISABLED;
+ luks->header.key_slots[i].active = QCRYPTO_BLOCK_LUKS_KEY_SLOT_DISABLED;
luks->header.key_slots[i].stripes = QCRYPTO_BLOCK_LUKS_STRIPES;
/* This calculation doesn't match that shown in the spec,
@@ -1225,107 +1389,6 @@ qcrypto_block_luks_create(QCryptoBlock *block,
QCRYPTO_BLOCK_LUKS_SECTOR_SIZE)) * i);
}
- if (qcrypto_random_bytes(luks->header.key_slots[0].salt,
- QCRYPTO_BLOCK_LUKS_SALT_LEN,
- errp) < 0) {
- goto error;
- }
-
- /* Again we determine how many iterations are required to
- * hash the user password while consuming 1 second of compute
- * time */
- iters = qcrypto_pbkdf2_count_iters(luks_opts.hash_alg,
- (uint8_t *)password, strlen(password),
- luks->header.key_slots[0].salt,
- QCRYPTO_BLOCK_LUKS_SALT_LEN,
- luks->header.master_key_len,
- &local_err);
- if (local_err) {
- error_propagate(errp, local_err);
- goto error;
- }
-
- if (iters > (ULLONG_MAX / luks_opts.iter_time)) {
- error_setg_errno(errp, ERANGE,
- "PBKDF iterations %llu too large to scale",
- (unsigned long long)iters);
- goto error;
- }
-
- /* iter_time was in millis, but count_iters reported for secs */
- iters = iters * luks_opts.iter_time / 1000;
-
- if (iters > UINT32_MAX) {
- error_setg_errno(errp, ERANGE,
- "PBKDF iterations %llu larger than %u",
- (unsigned long long)iters, UINT32_MAX);
- goto error;
- }
-
- luks->header.key_slots[0].iterations =
- MAX(iters, QCRYPTO_BLOCK_LUKS_MIN_SLOT_KEY_ITERS);
-
-
- /* Generate a key that we'll use to encrypt the master
- * key, from the user's password
- */
- slotkey = g_new0(uint8_t, luks->header.master_key_len);
- if (qcrypto_pbkdf2(luks_opts.hash_alg,
- (uint8_t *)password, strlen(password),
- luks->header.key_slots[0].salt,
- QCRYPTO_BLOCK_LUKS_SALT_LEN,
- luks->header.key_slots[0].iterations,
- slotkey, luks->header.master_key_len,
- errp) < 0) {
- goto error;
- }
-
-
- /* Setup the encryption objects needed to encrypt the
- * master key material
- */
- cipher = qcrypto_cipher_new(luks_opts.cipher_alg,
- luks_opts.cipher_mode,
- slotkey, luks->header.master_key_len,
- errp);
- if (!cipher) {
- goto error;
- }
-
- ivgen = qcrypto_ivgen_new(luks_opts.ivgen_alg,
- luks->ivgen_cipher_alg,
- luks_opts.ivgen_hash_alg,
- slotkey, luks->header.master_key_len,
- errp);
- if (!ivgen) {
- goto error;
- }
-
- /* Before storing the master key, we need to vastly
- * increase its size, as protection against forensic
- * disk data recovery */
- splitkey = g_new0(uint8_t, splitkeylen);
-
- if (qcrypto_afsplit_encode(luks_opts.hash_alg,
- luks->header.master_key_len,
- luks->header.key_slots[0].stripes,
- masterkey,
- splitkey,
- errp) < 0) {
- goto error;
- }
-
- /* Now we encrypt the split master key with the key generated
- * from the user's password, before storing it */
- if (qcrypto_block_cipher_encrypt_helper(cipher, block->niv, ivgen,
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
- 0,
- splitkey,
- splitkeylen,
- errp) < 0) {
- goto error;
- }
-
/* The total size of the LUKS headers is the partition header + key
* slot headers, rounded up to the nearest sector, combined with
@@ -1350,33 +1413,28 @@ qcrypto_block_luks_create(QCryptoBlock *block,
goto error;
}
- if (qcrypto_block_luks_store_header(block, writefunc, opaque, errp)) {
- goto error;
- }
- /* Write out the master key material, starting at the
- * sector immediately following the partition header. */
- if (writefunc(block,
- luks->header.key_slots[0].key_offset_sector *
- QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
- splitkey, splitkeylen,
- opaque,
- errp) != splitkeylen) {
+ /* populate the slot 0 with the password encrypted master key*/
+ /* This will also store the header */
+ if (qcrypto_block_luks_store_key(block,
+ 0,
+ password,
+ masterkey,
+ luks_opts.iter_time,
+ writefunc,
+ opaque,
+ errp)) {
goto error;
- }
+ }
- memset(masterkey, 0, luks->header.master_key_len);
- memset(slotkey, 0, luks->header.master_key_len);
+ memset(masterkey, 0, luks->header.master_key_len);
return 0;
error:
if (masterkey) {
memset(masterkey, 0, luks->header.master_key_len);
}
- if (slotkey) {
- memset(slotkey, 0, luks->header.master_key_len);
- }
qcrypto_block_free_cipher(block);
qcrypto_ivgen_free(block->ivgen);
--
2.17.2
On Mon, Aug 26, 2019 at 04:51:00PM +0300, Maxim Levitsky wrote:
> This function will be used later to store
> new keys to the luks metadata
>
> Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
> ---
> crypto/block-luks.c | 310 ++++++++++++++++++++++++++------------------
> 1 file changed, 184 insertions(+), 126 deletions(-)
>
> diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> index cc9a52c9af..d713125925 100644
> --- a/crypto/block-luks.c
> +++ b/crypto/block-luks.c
> @@ -650,6 +650,176 @@ out:
>
> }
>
> +/*
> + * Given a key slot, user password, and the master key,
> + * will store the encrypted master key there, and update the
> + * in-memory header. User must then write the in-memory header
> + *
> + * Returns:
> + * 0 if the keyslot was written successfully
> + * with the provided password
> + * -1 if a fatal error occurred while storing the key
> + */
> +static int
> +qcrypto_block_luks_store_key(QCryptoBlock *block,
> + unsigned int slot_idx,
> + const char *password,
> + uint8_t *masterkey,
> + uint64_t iter_time,
> + QCryptoBlockWriteFunc writefunc,
> + void *opaque,
> + Error **errp)
> +{
> + QCryptoBlockLUKS *luks = block->opaque;
> + QCryptoBlockLUKSKeySlot *slot = &luks->header.key_slots[slot_idx];
> + g_autofree uint8_t *splitkey = NULL;
> + size_t splitkeylen;
> + g_autofree uint8_t *slotkey = NULL;
> + g_autoptr(QCryptoCipher) cipher = NULL;
> + g_autoptr(QCryptoIVGen) ivgen = NULL;
> + Error *local_err = NULL;
> + uint64_t iters;
> + int ret = -1;
> +
> + if (qcrypto_random_bytes(slot->salt,
> + QCRYPTO_BLOCK_LUKS_SALT_LEN,
> + errp) < 0) {
> + goto cleanup;
> + }
> +
> + splitkeylen = luks->header.master_key_len * slot->stripes;
> +
> + /*
> + * Determine how many iterations are required to
> + * hash the user password while consuming 1 second of compute
> + * time
> + */
> + iters = qcrypto_pbkdf2_count_iters(luks->hash_alg,
> + (uint8_t *)password, strlen(password),
> + slot->salt,
> + QCRYPTO_BLOCK_LUKS_SALT_LEN,
> + luks->header.master_key_len,
> + &local_err);
> + if (local_err) {
> + error_propagate(errp, local_err);
> + goto cleanup;
> + }
> +
> + if (iters > (ULLONG_MAX / iter_time)) {
> + error_setg_errno(errp, ERANGE,
> + "PBKDF iterations %llu too large to scale",
> + (unsigned long long)iters);
> + goto cleanup;
> + }
> +
> + /* iter_time was in millis, but count_iters reported for secs */
> + iters = iters * iter_time / 1000;
> +
> + if (iters > UINT32_MAX) {
> + error_setg_errno(errp, ERANGE,
> + "PBKDF iterations %llu larger than %u",
> + (unsigned long long)iters, UINT32_MAX);
> + goto cleanup;
> + }
> +
> + slot->iterations =
> + MAX(iters, QCRYPTO_BLOCK_LUKS_MIN_SLOT_KEY_ITERS);
> +
> +
> + /*
> + * Generate a key that we'll use to encrypt the master
> + * key, from the user's password
> + */
> + slotkey = g_new0(uint8_t, luks->header.master_key_len);
> + if (qcrypto_pbkdf2(luks->hash_alg,
> + (uint8_t *)password, strlen(password),
> + slot->salt,
> + QCRYPTO_BLOCK_LUKS_SALT_LEN,
> + slot->iterations,
> + slotkey, luks->header.master_key_len,
> + errp) < 0) {
> + goto cleanup;
> + }
> +
> +
> + /*
> + * Setup the encryption objects needed to encrypt the
> + * master key material
> + */
> + cipher = qcrypto_cipher_new(luks->cipher_alg,
> + luks->cipher_mode,
> + slotkey, luks->header.master_key_len,
> + errp);
> + if (!cipher) {
> + goto cleanup;
> + }
> +
> + ivgen = qcrypto_ivgen_new(luks->ivgen_alg,
> + luks->ivgen_cipher_alg,
> + luks->ivgen_hash_alg,
> + slotkey, luks->header.master_key_len,
> + errp);
> + if (!ivgen) {
> + goto cleanup;
> + }
> +
> + /*
> + * Before storing the master key, we need to vastly
> + * increase its size, as protection against forensic
> + * disk data recovery
> + */
> + splitkey = g_new0(uint8_t, splitkeylen);
> +
> + if (qcrypto_afsplit_encode(luks->hash_alg,
> + luks->header.master_key_len,
> + slot->stripes,
> + masterkey,
> + splitkey,
> + errp) < 0) {
> + goto cleanup;
> + }
> +
> + /*
> + * Now we encrypt the split master key with the key generated
> + * from the user's password, before storing it
> + */
> + if (qcrypto_block_cipher_encrypt_helper(cipher, block->niv, ivgen,
> + QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
> + 0,
> + splitkey,
> + splitkeylen,
> + errp) < 0) {
> + goto cleanup;
> + }
> +
> + /* Write out the slot's master key material. */
> + if (writefunc(block,
> + slot->key_offset_sector *
> + QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
> + splitkey, splitkeylen,
> + opaque,
> + errp) != splitkeylen) {
> + goto cleanup;
> + }
> +
> + slot->active = QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED;
> +
> + if (qcrypto_block_luks_store_header(block, writefunc, opaque, errp)) {
Check < 0
> + goto cleanup;
> + }
> +
> + ret = 0;
> +
> +cleanup:
> + if (slotkey) {
> + memset(slotkey, 0, luks->header.master_key_len);
> + }
> + if (splitkey) {
> + memset(splitkey, 0, splitkeylen);
> + }
> + return ret;
> +}
> +
> + /* populate the slot 0 with the password encrypted master key*/
> + /* This will also store the header */
> + if (qcrypto_block_luks_store_key(block,
> + 0,
> + password,
> + masterkey,
> + luks_opts.iter_time,
> + writefunc,
> + opaque,
> + errp)) {
> goto error;
Check < 0
> - }
> + }
Indent off by one
>
> - memset(masterkey, 0, luks->header.master_key_len);
> - memset(slotkey, 0, luks->header.master_key_len);
>
> + memset(masterkey, 0, luks->header.master_key_len);
> return 0;
The blank line was moved by accident.
>
> error:
> if (masterkey) {
> memset(masterkey, 0, luks->header.master_key_len);
> }
> - if (slotkey) {
> - memset(slotkey, 0, luks->header.master_key_len);
> - }
>
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
© 2016 - 2025 Red Hat, Inc.