1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2005-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <sys/cdefs.h>
30 __FBSDID("$FreeBSD$");
31
32 #include <sys/param.h>
33 #ifdef _KERNEL
34 #include <sys/systm.h>
35 #include <sys/kernel.h>
36 #include <sys/malloc.h>
37 #else
38 #include <stdint.h>
39 #include <string.h>
40 #include <strings.h>
41 #include <errno.h>
42 #include <assert.h>
43 #include <openssl/evp.h>
44 #define _OpenSSL_
45 #endif
46 #include <geom/eli/g_eli.h>
47
48 #ifdef _KERNEL
49 MALLOC_DECLARE(M_ELI);
50
51 static int
52 g_eli_crypto_done(struct cryptop *crp)
53 {
54
55 crp->crp_opaque = (void *)crp;
56 wakeup(crp);
57 return (0);
58 }
59
60 static int
61 g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize,
62 const u_char *key, size_t keysize)
63 {
64 struct crypto_session_params csp;
65 struct cryptop *crp;
66 crypto_session_t sid;
67 int error;
68
69 KASSERT(algo != CRYPTO_AES_XTS,
70 ("%s: CRYPTO_AES_XTS unexpected here", __func__));
71
72 memset(&csp, 0, sizeof(csp));
73 csp.csp_mode = CSP_MODE_CIPHER;
74 csp.csp_cipher_alg = algo;
75 csp.csp_ivlen = g_eli_ivlen(algo);
76 csp.csp_cipher_key = key;
77 csp.csp_cipher_klen = keysize / 8;
78 error = crypto_newsession(&sid, &csp, CRYPTOCAP_F_SOFTWARE);
79 if (error != 0)
80 return (error);
81 crp = crypto_getreq(sid, M_NOWAIT);
82 if (crp == NULL) {
83 crypto_freesession(sid);
84 return (ENOMEM);
85 }
86
87 crp->crp_payload_start = 0;
88 crp->crp_payload_length = datasize;
89 crp->crp_flags = CRYPTO_F_CBIFSYNC | CRYPTO_F_IV_SEPARATE;
90 crp->crp_op = enc ? CRYPTO_OP_ENCRYPT : CRYPTO_OP_DECRYPT;
91 memset(crp->crp_iv, 0, sizeof(crp->crp_iv));
92
93 crp->crp_opaque = NULL;
94 crp->crp_callback = g_eli_crypto_done;
95 crypto_use_buf(crp, data, datasize);
96
97 error = crypto_dispatch(crp);
98 if (error == 0) {
99 while (crp->crp_opaque == NULL)
100 tsleep(crp, PRIBIO, "geli", hz / 5);
101 error = crp->crp_etype;
102 }
103
104 crypto_freereq(crp);
105 crypto_freesession(sid);
106 return (error);
107 }
108 #else /* !_KERNEL */
109 static int
110 g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize,
111 const u_char *key, size_t keysize)
112 {
113 EVP_CIPHER_CTX *ctx;
114 const EVP_CIPHER *type;
115 u_char iv[G_ELI_IVKEYLEN];
116 int outsize;
117
118 assert(algo != CRYPTO_AES_XTS);
119
120 switch (algo) {
121 case CRYPTO_NULL_CBC:
122 type = EVP_enc_null();
123 break;
124 case CRYPTO_AES_CBC:
125 switch (keysize) {
126 case 128:
127 type = EVP_aes_128_cbc();
128 break;
129 case 192:
130 type = EVP_aes_192_cbc();
131 break;
132 case 256:
133 type = EVP_aes_256_cbc();
134 break;
135 default:
136 return (EINVAL);
137 }
138 break;
139 #ifndef OPENSSL_NO_CAMELLIA
140 case CRYPTO_CAMELLIA_CBC:
141 switch (keysize) {
142 case 128:
143 type = EVP_camellia_128_cbc();
144 break;
145 case 192:
146 type = EVP_camellia_192_cbc();
147 break;
148 case 256:
149 type = EVP_camellia_256_cbc();
150 break;
151 default:
152 return (EINVAL);
153 }
154 break;
155 #endif
156 default:
157 return (EINVAL);
158 }
159
160 ctx = EVP_CIPHER_CTX_new();
161 if (ctx == NULL)
162 return (ENOMEM);
163
164 EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, enc);
165 EVP_CIPHER_CTX_set_key_length(ctx, keysize / 8);
166 EVP_CIPHER_CTX_set_padding(ctx, 0);
167 bzero(iv, sizeof(iv));
168 EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc);
169
170 if (EVP_CipherUpdate(ctx, data, &outsize, data, datasize) == 0) {
171 EVP_CIPHER_CTX_free(ctx);
172 return (EINVAL);
173 }
174 assert(outsize == (int)datasize);
175
176 if (EVP_CipherFinal_ex(ctx, data + outsize, &outsize) == 0) {
177 EVP_CIPHER_CTX_free(ctx);
178 return (EINVAL);
179 }
180 assert(outsize == 0);
181
182 EVP_CIPHER_CTX_free(ctx);
183 return (0);
184 }
185 #endif /* !_KERNEL */
186
187 int
188 g_eli_crypto_encrypt(u_int algo, u_char *data, size_t datasize,
189 const u_char *key, size_t keysize)
190 {
191
192 /* We prefer AES-CBC for metadata protection. */
193 if (algo == CRYPTO_AES_XTS)
194 algo = CRYPTO_AES_CBC;
195
196 return (g_eli_crypto_cipher(algo, 1, data, datasize, key, keysize));
197 }
198
199 int
200 g_eli_crypto_decrypt(u_int algo, u_char *data, size_t datasize,
201 const u_char *key, size_t keysize)
202 {
203
204 /* We prefer AES-CBC for metadata protection. */
205 if (algo == CRYPTO_AES_XTS)
206 algo = CRYPTO_AES_CBC;
207
208 return (g_eli_crypto_cipher(algo, 0, data, datasize, key, keysize));
209 }
Cache object: ac6afd24eb89572bc8ec6ed6dc1a12a2
|