On Mon, Aug 26, 2019 at 04:51:00PM +0300, Maxim Levitsky wrote: > This function will be used later to store > new keys to the luks metadata > > Signed-off-by: Maxim Levitsky <mlevi...@redhat.com> > --- > crypto/block-luks.c | 310 ++++++++++++++++++++++++++------------------ > 1 file changed, 184 insertions(+), 126 deletions(-) > > diff --git a/crypto/block-luks.c b/crypto/block-luks.c > index cc9a52c9af..d713125925 100644 > --- a/crypto/block-luks.c > +++ b/crypto/block-luks.c > @@ -650,6 +650,176 @@ out: > > } > > +/* > + * Given a key slot, user password, and the master key, > + * will store the encrypted master key there, and update the > + * in-memory header. User must then write the in-memory header > + * > + * Returns: > + * 0 if the keyslot was written successfully > + * with the provided password > + * -1 if a fatal error occurred while storing the key > + */ > +static int > +qcrypto_block_luks_store_key(QCryptoBlock *block, > + unsigned int slot_idx, > + const char *password, > + uint8_t *masterkey, > + uint64_t iter_time, > + QCryptoBlockWriteFunc writefunc, > + void *opaque, > + Error **errp) > +{ > + QCryptoBlockLUKS *luks = block->opaque; > + QCryptoBlockLUKSKeySlot *slot = &luks->header.key_slots[slot_idx]; > + g_autofree uint8_t *splitkey = NULL; > + size_t splitkeylen; > + g_autofree uint8_t *slotkey = NULL; > + g_autoptr(QCryptoCipher) cipher = NULL; > + g_autoptr(QCryptoIVGen) ivgen = NULL; > + Error *local_err = NULL; > + uint64_t iters; > + int ret = -1; > + > + if (qcrypto_random_bytes(slot->salt, > + QCRYPTO_BLOCK_LUKS_SALT_LEN, > + errp) < 0) { > + goto cleanup; > + } > + > + splitkeylen = luks->header.master_key_len * slot->stripes; > + > + /* > + * Determine how many iterations are required to > + * hash the user password while consuming 1 second of compute > + * time > + */ > + iters = qcrypto_pbkdf2_count_iters(luks->hash_alg, > + (uint8_t *)password, strlen(password), > + slot->salt, > + QCRYPTO_BLOCK_LUKS_SALT_LEN, > + luks->header.master_key_len, > + &local_err); > + if (local_err) { > + error_propagate(errp, local_err); > + goto cleanup; > + } > + > + if (iters > (ULLONG_MAX / iter_time)) { > + error_setg_errno(errp, ERANGE, > + "PBKDF iterations %llu too large to scale", > + (unsigned long long)iters); > + goto cleanup; > + } > + > + /* iter_time was in millis, but count_iters reported for secs */ > + iters = iters * iter_time / 1000; > + > + if (iters > UINT32_MAX) { > + error_setg_errno(errp, ERANGE, > + "PBKDF iterations %llu larger than %u", > + (unsigned long long)iters, UINT32_MAX); > + goto cleanup; > + } > + > + slot->iterations = > + MAX(iters, QCRYPTO_BLOCK_LUKS_MIN_SLOT_KEY_ITERS); > + > + > + /* > + * Generate a key that we'll use to encrypt the master > + * key, from the user's password > + */ > + slotkey = g_new0(uint8_t, luks->header.master_key_len); > + if (qcrypto_pbkdf2(luks->hash_alg, > + (uint8_t *)password, strlen(password), > + slot->salt, > + QCRYPTO_BLOCK_LUKS_SALT_LEN, > + slot->iterations, > + slotkey, luks->header.master_key_len, > + errp) < 0) { > + goto cleanup; > + } > + > + > + /* > + * Setup the encryption objects needed to encrypt the > + * master key material > + */ > + cipher = qcrypto_cipher_new(luks->cipher_alg, > + luks->cipher_mode, > + slotkey, luks->header.master_key_len, > + errp); > + if (!cipher) { > + goto cleanup; > + } > + > + ivgen = qcrypto_ivgen_new(luks->ivgen_alg, > + luks->ivgen_cipher_alg, > + luks->ivgen_hash_alg, > + slotkey, luks->header.master_key_len, > + errp); > + if (!ivgen) { > + goto cleanup; > + } > + > + /* > + * Before storing the master key, we need to vastly > + * increase its size, as protection against forensic > + * disk data recovery > + */ > + splitkey = g_new0(uint8_t, splitkeylen); > + > + if (qcrypto_afsplit_encode(luks->hash_alg, > + luks->header.master_key_len, > + slot->stripes, > + masterkey, > + splitkey, > + errp) < 0) { > + goto cleanup; > + } > + > + /* > + * Now we encrypt the split master key with the key generated > + * from the user's password, before storing it > + */ > + if (qcrypto_block_cipher_encrypt_helper(cipher, block->niv, ivgen, > + QCRYPTO_BLOCK_LUKS_SECTOR_SIZE, > + 0, > + splitkey, > + splitkeylen, > + errp) < 0) { > + goto cleanup; > + } > + > + /* Write out the slot's master key material. */ > + if (writefunc(block, > + slot->key_offset_sector * > + QCRYPTO_BLOCK_LUKS_SECTOR_SIZE, > + splitkey, splitkeylen, > + opaque, > + errp) != splitkeylen) { > + goto cleanup; > + } > + > + slot->active = QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED; > + > + if (qcrypto_block_luks_store_header(block, writefunc, opaque, errp)) {
Check < 0 > + goto cleanup; > + } > + > + ret = 0; > + > +cleanup: > + if (slotkey) { > + memset(slotkey, 0, luks->header.master_key_len); > + } > + if (splitkey) { > + memset(splitkey, 0, splitkeylen); > + } > + return ret; > +} > + > + /* populate the slot 0 with the password encrypted master key*/ > + /* This will also store the header */ > + if (qcrypto_block_luks_store_key(block, > + 0, > + password, > + masterkey, > + luks_opts.iter_time, > + writefunc, > + opaque, > + errp)) { > goto error; Check < 0 > - } > + } Indent off by one > > - memset(masterkey, 0, luks->header.master_key_len); > - memset(slotkey, 0, luks->header.master_key_len); > > + memset(masterkey, 0, luks->header.master_key_len); > return 0; The blank line was moved by accident. > > error: > if (masterkey) { > memset(masterkey, 0, luks->header.master_key_len); > } > - if (slotkey) { > - memset(slotkey, 0, luks->header.master_key_len); > - } > > Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|