2 * Copyright (c) 2004-2008 Pawel Jakub Dawidek <pjd@FreeBSD.org>
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
35 #include <readpassphrase.h>
43 #include <sys/param.h>
45 #include <sys/resource.h>
46 #include <opencrypto/cryptodev.h>
47 #include <geom/eli/g_eli.h>
48 #include <geom/eli/pkcs5v2.h>
50 #include "core/geom.h"
51 #include "misc/subr.h"
54 uint32_t lib_version = G_LIB_VERSION;
55 uint32_t version = G_ELI_VERSION;
57 #define GELI_BACKUP_DIR "/var/backups/"
59 static char aalgo[] = "none";
60 static char ealgo[] = "aes";
61 static intmax_t keylen = 0;
62 static intmax_t keyno = -1;
63 static intmax_t iterations = -1;
64 static intmax_t sectorsize = 0;
65 static char keyfile[] = "", newkeyfile[] = "";
66 static char backupfile[] = "";
68 static void eli_main(struct gctl_req *req, unsigned flags);
69 static void eli_init(struct gctl_req *req);
70 static void eli_attach(struct gctl_req *req);
71 static void eli_configure(struct gctl_req *req);
72 static void eli_setkey(struct gctl_req *req);
73 static void eli_delkey(struct gctl_req *req);
74 static void eli_kill(struct gctl_req *req);
75 static void eli_backup(struct gctl_req *req);
76 static void eli_restore(struct gctl_req *req);
77 static void eli_clear(struct gctl_req *req);
78 static void eli_dump(struct gctl_req *req);
80 static int eli_backup_create(struct gctl_req *req, const char *prov,
86 * init [-bhPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-K newkeyfile] prov
87 * label - alias for 'init'
88 * attach [-dprv] [-k keyfile] prov
89 * detach [-fl] prov ...
90 * stop - alias for 'detach'
91 * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov
92 * configure [-bB] prov ...
93 * setkey [-pPv] [-n keyno] [-k keyfile] [-K newkeyfile] prov
94 * delkey [-afv] [-n keyno] prov
95 * kill [-av] [prov ...]
96 * backup [-v] prov file
97 * restore [-v] file prov
101 struct g_command class_commands[] = {
102 { "init", G_FLAG_VERBOSE, eli_main,
104 { 'a', "aalgo", aalgo, G_TYPE_STRING },
105 { 'b', "boot", NULL, G_TYPE_BOOL },
106 { 'B', "backupfile", backupfile, G_TYPE_STRING },
107 { 'e', "ealgo", ealgo, G_TYPE_STRING },
108 { 'i', "iterations", &iterations, G_TYPE_NUMBER },
109 { 'K', "newkeyfile", newkeyfile, G_TYPE_STRING },
110 { 'l', "keylen", &keylen, G_TYPE_NUMBER },
111 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
112 { 's', "sectorsize", §orsize, G_TYPE_NUMBER },
115 NULL, "[-bPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-K newkeyfile] [-s sectorsize] prov"
117 { "label", G_FLAG_VERBOSE, eli_main,
119 { 'a', "aalgo", aalgo, G_TYPE_STRING },
120 { 'b', "boot", NULL, G_TYPE_BOOL },
121 { 'B', "backupfile", backupfile, G_TYPE_STRING },
122 { 'e', "ealgo", ealgo, G_TYPE_STRING },
123 { 'i', "iterations", &iterations, G_TYPE_NUMBER },
124 { 'K', "newkeyfile", newkeyfile, G_TYPE_STRING },
125 { 'l', "keylen", &keylen, G_TYPE_NUMBER },
126 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
127 { 's', "sectorsize", §orsize, G_TYPE_NUMBER },
130 NULL, "- an alias for 'init'"
132 { "attach", G_FLAG_VERBOSE | G_FLAG_LOADKLD, eli_main,
134 { 'd', "detach", NULL, G_TYPE_BOOL },
135 { 'k', "keyfile", keyfile, G_TYPE_STRING },
136 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
137 { 'r', "readonly", NULL, G_TYPE_BOOL },
140 NULL, "[-dprv] [-k keyfile] prov"
144 { 'f', "force", NULL, G_TYPE_BOOL },
145 { 'l', "last", NULL, G_TYPE_BOOL },
148 NULL, "[-fl] prov ..."
152 { 'f', "force", NULL, G_TYPE_BOOL },
153 { 'l', "last", NULL, G_TYPE_BOOL },
156 NULL, "- an alias for 'detach'"
158 { "onetime", G_FLAG_VERBOSE | G_FLAG_LOADKLD, NULL,
160 { 'a', "aalgo", aalgo, G_TYPE_STRING },
161 { 'd', "detach", NULL, G_TYPE_BOOL },
162 { 'e', "ealgo", ealgo, G_TYPE_STRING },
163 { 'l', "keylen", &keylen, G_TYPE_NUMBER },
164 { 's', "sectorsize", §orsize, G_TYPE_NUMBER },
167 NULL, "[-d] [-a aalgo] [-e ealgo] [-l keylen] [-s sectorsize] prov"
169 { "configure", G_FLAG_VERBOSE, eli_main,
171 { 'b', "boot", NULL, G_TYPE_BOOL },
172 { 'B', "noboot", NULL, G_TYPE_BOOL },
175 NULL, "[-bB] prov ..."
177 { "setkey", G_FLAG_VERBOSE, eli_main,
179 { 'i', "iterations", &iterations, G_TYPE_NUMBER },
180 { 'k', "keyfile", keyfile, G_TYPE_STRING },
181 { 'K', "newkeyfile", newkeyfile, G_TYPE_STRING },
182 { 'n', "keyno", &keyno, G_TYPE_NUMBER },
183 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
184 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
187 NULL, "[-pPv] [-n keyno] [-i iterations] [-k keyfile] [-K newkeyfile] prov"
189 { "delkey", G_FLAG_VERBOSE, eli_main,
191 { 'a', "all", NULL, G_TYPE_BOOL },
192 { 'f', "force", NULL, G_TYPE_BOOL },
193 { 'n', "keyno", &keyno, G_TYPE_NUMBER },
196 NULL, "[-afv] [-n keyno] prov"
198 { "kill", G_FLAG_VERBOSE, eli_main,
200 { 'a', "all", NULL, G_TYPE_BOOL },
203 NULL, "[-av] [prov ...]"
205 { "backup", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS, NULL,
208 { "restore", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS, NULL,
211 { "clear", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS, NULL,
214 { "dump", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS, NULL,
220 static int verbose = 0;
223 eli_protect(struct gctl_req *req)
227 /* Disable core dumps. */
230 if (setrlimit(RLIMIT_CORE, &rl) == -1) {
231 gctl_error(req, "Cannot disable core dumps: %s.",
235 /* Disable swapping. */
236 if (mlockall(MCL_FUTURE) == -1) {
237 gctl_error(req, "Cannot lock memory: %s.", strerror(errno));
244 eli_main(struct gctl_req *req, unsigned flags)
248 if (eli_protect(req) == -1)
251 if ((flags & G_FLAG_VERBOSE) != 0)
254 name = gctl_get_ascii(req, "verb");
256 gctl_error(req, "No '%s' argument.", "verb");
259 if (strcmp(name, "init") == 0 || strcmp(name, "label") == 0)
261 else if (strcmp(name, "attach") == 0)
263 else if (strcmp(name, "configure") == 0)
265 else if (strcmp(name, "setkey") == 0)
267 else if (strcmp(name, "delkey") == 0)
269 else if (strcmp(name, "kill") == 0)
271 else if (strcmp(name, "backup") == 0)
273 else if (strcmp(name, "restore") == 0)
275 else if (strcmp(name, "dump") == 0)
277 else if (strcmp(name, "clear") == 0)
280 gctl_error(req, "Unknown command: %s.", name);
284 arc4rand(unsigned char *buf, size_t size)
290 buf4 = (uint32_t *)buf;
293 for (i = 0; i < size4; i++)
294 buf4[i] = arc4random();
295 for (i *= 4; i < size; i++)
296 buf[i] = arc4random() % 0xff;
300 eli_is_attached(const char *prov)
302 char name[MAXPATHLEN];
306 * Not the best way to do it, but the easiest.
307 * We try to open provider and check if it is a GEOM provider
308 * by asking about its sectorsize.
310 snprintf(name, sizeof(name), "%s%s", prov, G_ELI_SUFFIX);
311 secsize = g_get_sectorsize(name);
317 static unsigned char *
318 eli_genkey(struct gctl_req *req, struct g_eli_metadata *md, unsigned char *key,
323 int error, nopassphrase;
326 gctl_get_int(req, new ? "nonewpassphrase" : "nopassphrase");
328 g_eli_crypto_hmac_init(&ctx, NULL, 0);
330 str = gctl_get_ascii(req, new ? "newkeyfile" : "keyfile");
331 if (str[0] == '\0' && nopassphrase) {
332 gctl_error(req, "No key components given.");
334 } else if (str[0] != '\0') {
339 if (strcmp(str, "-") == 0)
342 fd = open(str, O_RDONLY);
344 gctl_error(req, "Cannot open keyfile %s: %s.",
345 str, strerror(errno));
349 while ((done = read(fd, buf, sizeof(buf))) > 0)
350 g_eli_crypto_hmac_update(&ctx, buf, done);
352 if (strcmp(str, "-") != 0)
354 bzero(buf, sizeof(buf));
356 gctl_error(req, "Cannot read keyfile %s: %s.", str,
363 char buf1[BUFSIZ], buf2[BUFSIZ], *p;
365 if (!new && md->md_iterations == -1) {
366 gctl_error(req, "Missing -p flag.");
371 new ? "Enter new passphrase:" : "Enter passphrase:",
372 buf1, sizeof(buf1), RPP_ECHO_OFF | RPP_REQUIRE_TTY);
374 bzero(buf1, sizeof(buf1));
375 gctl_error(req, "Cannot read passphrase: %s.",
381 p = readpassphrase("Reenter new passphrase: ",
383 RPP_ECHO_OFF | RPP_REQUIRE_TTY);
385 bzero(buf1, sizeof(buf1));
387 "Cannot read passphrase: %s.",
392 if (strcmp(buf1, buf2) != 0) {
393 bzero(buf2, sizeof(buf2));
394 fprintf(stderr, "They didn't match.\n");
397 bzero(buf2, sizeof(buf2));
402 * Field md_iterations equal to -1 means "choose some sane
405 if (md->md_iterations == -1) {
408 printf("Calculating number of iterations...\n");
409 md->md_iterations = pkcs5v2_calculate(2000000);
410 assert(md->md_iterations > 0);
412 printf("Done, using %d iterations.\n",
417 * If md_iterations is equal to 0, user don't want PKCS#5v2.
419 if (md->md_iterations == 0) {
420 g_eli_crypto_hmac_update(&ctx, md->md_salt,
421 sizeof(md->md_salt));
422 g_eli_crypto_hmac_update(&ctx, buf1, strlen(buf1));
423 } else /* if (md->md_iterations > 0) */ {
424 unsigned char dkey[G_ELI_USERKEYLEN];
426 pkcs5v2_genkey(dkey, sizeof(dkey), md->md_salt,
427 sizeof(md->md_salt), buf1, md->md_iterations);
428 g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey));
429 bzero(dkey, sizeof(dkey));
431 bzero(buf1, sizeof(buf1));
433 g_eli_crypto_hmac_final(&ctx, key, 0);
438 eli_metadata_read(struct gctl_req *req, const char *prov,
439 struct g_eli_metadata *md)
441 unsigned char sector[sizeof(struct g_eli_metadata)];
444 if (g_get_sectorsize(prov) == 0) {
447 /* This is a file probably. */
448 fd = open(prov, O_RDONLY);
450 gctl_error(req, "Cannot open %s: %s.", prov,
454 if (read(fd, sector, sizeof(sector)) != sizeof(sector)) {
455 gctl_error(req, "Cannot read metadata from %s: %s.",
456 prov, strerror(errno));
462 /* This is a GEOM provider. */
463 error = g_metadata_read(prov, sector, sizeof(sector),
466 gctl_error(req, "Cannot read metadata from %s: %s.",
467 prov, strerror(error));
471 if (eli_metadata_decode(sector, md) != 0) {
472 gctl_error(req, "MD5 hash mismatch for %s.", prov);
479 eli_metadata_store(struct gctl_req *req, const char *prov,
480 struct g_eli_metadata *md)
482 unsigned char sector[sizeof(struct g_eli_metadata)];
485 eli_metadata_encode(md, sector);
486 if (g_get_sectorsize(prov) == 0) {
489 /* This is a file probably. */
490 fd = open(prov, O_WRONLY | O_TRUNC);
492 gctl_error(req, "Cannot open %s: %s.", prov,
494 bzero(sector, sizeof(sector));
497 if (write(fd, sector, sizeof(sector)) != sizeof(sector)) {
498 gctl_error(req, "Cannot write metadata to %s: %s.",
499 prov, strerror(errno));
500 bzero(sector, sizeof(sector));
506 /* This is a GEOM provider. */
507 error = g_metadata_store(prov, sector, sizeof(sector));
509 gctl_error(req, "Cannot write metadata to %s: %s.",
510 prov, strerror(errno));
511 bzero(sector, sizeof(sector));
515 bzero(sector, sizeof(sector));
520 eli_init(struct gctl_req *req)
522 struct g_eli_metadata md;
523 unsigned char sector[sizeof(struct g_eli_metadata)];
524 unsigned char key[G_ELI_USERKEYLEN];
525 char backfile[MAXPATHLEN];
526 const char *str, *prov;
532 nargs = gctl_get_int(req, "nargs");
534 gctl_error(req, "Invalid number of arguments.");
537 prov = gctl_get_ascii(req, "arg0");
538 mediasize = g_get_mediasize(prov);
539 secsize = g_get_sectorsize(prov);
540 if (mediasize == 0 || secsize == 0) {
541 gctl_error(req, "Cannot get informations about %s: %s.", prov,
546 bzero(&md, sizeof(md));
547 strlcpy(md.md_magic, G_ELI_MAGIC, sizeof(md.md_magic));
548 md.md_version = G_ELI_VERSION;
550 if (gctl_get_int(req, "boot"))
551 md.md_flags |= G_ELI_FLAG_BOOT;
552 md.md_ealgo = CRYPTO_ALGORITHM_MIN - 1;
553 str = gctl_get_ascii(req, "aalgo");
554 if (strcmp(str, "none") != 0) {
555 md.md_aalgo = g_eli_str2aalgo(str);
556 if (md.md_aalgo >= CRYPTO_ALGORITHM_MIN &&
557 md.md_aalgo <= CRYPTO_ALGORITHM_MAX) {
558 md.md_flags |= G_ELI_FLAG_AUTH;
561 * For backward compatibility, check if the -a option
562 * was used to provide encryption algorithm.
564 md.md_ealgo = g_eli_str2ealgo(str);
565 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
566 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
568 "Invalid authentication algorithm.");
571 fprintf(stderr, "warning: The -e option, not "
572 "the -a option is now used to specify "
573 "encryption algorithm to use.\n");
577 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
578 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
579 str = gctl_get_ascii(req, "ealgo");
580 md.md_ealgo = g_eli_str2ealgo(str);
581 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
582 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
583 gctl_error(req, "Invalid encryption algorithm.");
587 val = gctl_get_intmax(req, "keylen");
589 md.md_keylen = g_eli_keylen(md.md_ealgo, md.md_keylen);
590 if (md.md_keylen == 0) {
591 gctl_error(req, "Invalid key length.");
594 md.md_provsize = mediasize;
596 val = gctl_get_intmax(req, "iterations");
601 * Don't allow to set iterations when there will be no
604 nonewpassphrase = gctl_get_int(req, "nonewpassphrase");
605 if (nonewpassphrase) {
607 "Options -i and -P are mutually exclusive.");
611 md.md_iterations = val;
613 val = gctl_get_intmax(req, "sectorsize");
615 md.md_sectorsize = secsize;
617 if (val < 0 || (val % secsize) != 0) {
618 gctl_error(req, "Invalid sector size.");
621 if (val > sysconf(_SC_PAGE_SIZE)) {
622 gctl_error(req, "warning: Using sectorsize bigger than "
625 md.md_sectorsize = val;
629 arc4rand(md.md_salt, sizeof(md.md_salt));
630 arc4rand(md.md_mkeys, sizeof(md.md_mkeys));
632 /* Generate user key. */
633 if (eli_genkey(req, &md, key, 1) == NULL) {
634 bzero(key, sizeof(key));
635 bzero(&md, sizeof(md));
639 /* Encrypt the first and the only Master Key. */
640 error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, md.md_mkeys);
641 bzero(key, sizeof(key));
643 bzero(&md, sizeof(md));
644 gctl_error(req, "Cannot encrypt Master Key: %s.",
649 eli_metadata_encode(&md, sector);
650 bzero(&md, sizeof(md));
651 error = g_metadata_store(prov, sector, sizeof(sector));
652 bzero(sector, sizeof(sector));
654 gctl_error(req, "Cannot store metadata on %s: %s.", prov,
659 printf("Metadata value stored on %s.\n", prov);
660 /* Backup metadata to a file. */
661 str = gctl_get_ascii(req, "backupfile");
662 if (str[0] != '\0') {
663 /* Backupfile given be the user, just copy it. */
664 strlcpy(backfile, str, sizeof(backfile));
666 /* Generate file name automatically. */
667 const char *p = prov;
670 if (strncmp(p, _PATH_DEV, strlen(_PATH_DEV)) == 0)
671 p += strlen(_PATH_DEV);
672 snprintf(backfile, sizeof(backfile), "%s%s.eli",
674 /* Replace all / with _. */
675 for (i = strlen(GELI_BACKUP_DIR); backfile[i] != '\0'; i++) {
676 if (backfile[i] == '/')
680 if (strcmp(backfile, "none") != 0 &&
681 eli_backup_create(req, prov, backfile) == 0) {
682 printf("\nMetadata backup can be found in %s and\n", backfile);
683 printf("can be restored with the following command:\n");
684 printf("\n\t# geli restore %s %s\n\n", backfile, prov);
689 eli_attach(struct gctl_req *req)
691 struct g_eli_metadata md;
692 unsigned char key[G_ELI_USERKEYLEN];
696 nargs = gctl_get_int(req, "nargs");
698 gctl_error(req, "Invalid number of arguments.");
701 prov = gctl_get_ascii(req, "arg0");
703 if (eli_metadata_read(req, prov, &md) == -1)
706 if (eli_genkey(req, &md, key, 0) == NULL) {
707 bzero(key, sizeof(key));
711 gctl_ro_param(req, "key", sizeof(key), key);
712 if (gctl_issue(req) == NULL) {
714 printf("Attached to %s.\n", prov);
716 bzero(key, sizeof(key));
720 eli_configure_detached(struct gctl_req *req, const char *prov, int boot)
722 struct g_eli_metadata md;
724 if (eli_metadata_read(req, prov, &md) == -1)
727 if (boot && (md.md_flags & G_ELI_FLAG_BOOT)) {
729 printf("BOOT flag already configured for %s.\n", prov);
730 } else if (!boot && !(md.md_flags & G_ELI_FLAG_BOOT)) {
732 printf("BOOT flag not configured for %s.\n", prov);
735 md.md_flags |= G_ELI_FLAG_BOOT;
737 md.md_flags &= ~G_ELI_FLAG_BOOT;
738 eli_metadata_store(req, prov, &md);
740 bzero(&md, sizeof(md));
744 eli_configure(struct gctl_req *req)
747 int i, nargs, boot, noboot;
749 nargs = gctl_get_int(req, "nargs");
751 gctl_error(req, "Too few arguments.");
755 boot = gctl_get_int(req, "boot");
756 noboot = gctl_get_int(req, "noboot");
758 if (boot && noboot) {
759 gctl_error(req, "Options -b and -B are mutually exclusive.");
762 if (!boot && !noboot) {
763 gctl_error(req, "No option given.");
767 /* First attached providers. */
770 for (i = 0; i < nargs; i++) {
771 prov = gctl_get_ascii(req, "arg%d", i);
772 if (!eli_is_attached(prov))
773 eli_configure_detached(req, prov, boot);
778 eli_setkey_attached(struct gctl_req *req, struct g_eli_metadata *md)
780 unsigned char key[G_ELI_USERKEYLEN];
781 intmax_t val, old = 0;
784 val = gctl_get_intmax(req, "iterations");
785 /* Check if iterations number should be changed. */
787 md->md_iterations = val;
789 old = md->md_iterations;
791 /* Generate key for Master Key encryption. */
792 if (eli_genkey(req, md, key, 1) == NULL) {
793 bzero(key, sizeof(key));
797 * If number of iterations has changed, but wasn't given as a
798 * command-line argument, update the request.
800 if (val == -1 && md->md_iterations != old) {
801 error = gctl_change_param(req, "iterations", sizeof(intmax_t),
806 gctl_ro_param(req, "key", sizeof(key), key);
808 bzero(key, sizeof(key));
812 eli_setkey_detached(struct gctl_req *req, const char *prov,
813 struct g_eli_metadata *md)
815 unsigned char key[G_ELI_USERKEYLEN], mkey[G_ELI_DATAIVKEYLEN];
816 unsigned char *mkeydst;
821 if (md->md_keys == 0) {
822 gctl_error(req, "No valid keys on %s.", prov);
826 /* Generate key for Master Key decryption. */
827 if (eli_genkey(req, md, key, 0) == NULL) {
828 bzero(key, sizeof(key));
832 /* Decrypt Master Key. */
833 error = g_eli_mkey_decrypt(md, key, mkey, &nkey);
834 bzero(key, sizeof(key));
836 bzero(md, sizeof(*md));
838 gctl_error(req, "Wrong key for %s.", prov);
839 else /* if (error > 0) */ {
840 gctl_error(req, "Cannot decrypt Master Key: %s.",
846 printf("Decrypted Master Key %u.\n", nkey);
848 val = gctl_get_intmax(req, "keyno");
853 ; /* Use the key number which was found during decryption. */
855 if (nkey >= G_ELI_MAXMKEYS) {
856 gctl_error(req, "Invalid '%s' argument.", "keyno");
860 val = gctl_get_intmax(req, "iterations");
861 /* Check if iterations number should and can be changed. */
863 if (bitcount32(md->md_keys) != 1) {
864 gctl_error(req, "To be able to use '-i' option, only "
865 "one key can be defined.");
868 if (md->md_keys != (1 << nkey)) {
869 gctl_error(req, "Only already defined key can be "
870 "changed when '-i' option is used.");
873 md->md_iterations = val;
876 mkeydst = md->md_mkeys + nkey * G_ELI_MKEYLEN;
877 md->md_keys |= (1 << nkey);
879 bcopy(mkey, mkeydst, sizeof(mkey));
880 bzero(mkey, sizeof(mkey));
882 /* Generate key for Master Key encryption. */
883 if (eli_genkey(req, md, key, 1) == NULL) {
884 bzero(key, sizeof(key));
885 bzero(md, sizeof(*md));
889 /* Encrypt the Master-Key with the new key. */
890 error = g_eli_mkey_encrypt(md->md_ealgo, key, md->md_keylen, mkeydst);
891 bzero(key, sizeof(key));
893 bzero(md, sizeof(*md));
894 gctl_error(req, "Cannot encrypt Master Key: %s.",
899 /* Store metadata with fresh key. */
900 eli_metadata_store(req, prov, md);
901 bzero(md, sizeof(*md));
905 eli_setkey(struct gctl_req *req)
907 struct g_eli_metadata md;
911 nargs = gctl_get_int(req, "nargs");
913 gctl_error(req, "Invalid number of arguments.");
916 prov = gctl_get_ascii(req, "arg0");
918 if (eli_metadata_read(req, prov, &md) == -1)
921 if (eli_is_attached(prov))
922 eli_setkey_attached(req, &md);
924 eli_setkey_detached(req, prov, &md);
926 if (req->error == NULL || req->error[0] == '\0') {
927 printf("Note, that the master key encrypted with old keys "
928 "and/or passphrase may still exists in a metadata backup "
934 eli_delkey_attached(struct gctl_req *req, const char *prov __unused)
941 eli_delkey_detached(struct gctl_req *req, const char *prov)
943 struct g_eli_metadata md;
944 unsigned char *mkeydst;
949 if (eli_metadata_read(req, prov, &md) == -1)
952 all = gctl_get_int(req, "all");
954 arc4rand(md.md_mkeys, sizeof(md.md_mkeys));
956 force = gctl_get_int(req, "force");
957 val = gctl_get_intmax(req, "keyno");
959 gctl_error(req, "Key number has to be specified.");
963 if (nkey >= G_ELI_MAXMKEYS) {
964 gctl_error(req, "Invalid '%s' argument.", "keyno");
967 if (!(md.md_keys & (1 << nkey)) && !force) {
968 gctl_error(req, "Master Key %u is not set.", nkey);
971 md.md_keys &= ~(1 << nkey);
972 if (md.md_keys == 0 && !force) {
973 gctl_error(req, "This is the last Master Key. Use '-f' "
974 "option if you really want to remove it.");
977 mkeydst = md.md_mkeys + nkey * G_ELI_MKEYLEN;
978 arc4rand(mkeydst, G_ELI_MKEYLEN);
981 eli_metadata_store(req, prov, &md);
982 bzero(&md, sizeof(md));
986 eli_delkey(struct gctl_req *req)
991 nargs = gctl_get_int(req, "nargs");
993 gctl_error(req, "Invalid number of arguments.");
996 prov = gctl_get_ascii(req, "arg0");
998 if (eli_is_attached(prov))
999 eli_delkey_attached(req, prov);
1001 eli_delkey_detached(req, prov);
1005 eli_kill_detached(struct gctl_req *req, const char *prov)
1007 struct g_eli_metadata md;
1011 * NOTE: Maybe we should verify if this is geli provider first,
1012 * but 'kill' command is quite critical so better don't waste
1016 error = g_metadata_read(prov, (unsigned char *)&md, sizeof(md),
1019 gctl_error(req, "Cannot read metadata from %s: %s.", prov,
1025 arc4rand((unsigned char *)&md, sizeof(md));
1026 error = g_metadata_store(prov, (unsigned char *)&md, sizeof(md));
1028 gctl_error(req, "Cannot write metadata to %s: %s.", prov,
1034 eli_kill(struct gctl_req *req)
1039 nargs = gctl_get_int(req, "nargs");
1040 all = gctl_get_int(req, "all");
1041 if (!all && nargs == 0) {
1042 gctl_error(req, "Too few arguments.");
1046 * How '-a' option combine with a list of providers:
1047 * Delete Master Keys from all attached providers:
1049 * Delete Master Keys from all attached providers and from
1050 * detached da0 and da1:
1051 * geli kill -a da0 da1
1052 * Delete Master Keys from (attached or detached) da0 and da1:
1056 /* First detached providers. */
1057 for (i = 0; i < nargs; i++) {
1058 prov = gctl_get_ascii(req, "arg%d", i);
1059 if (!eli_is_attached(prov))
1060 eli_kill_detached(req, prov);
1062 /* Now attached providers. */
1067 eli_backup_create(struct gctl_req *req, const char *prov, const char *file)
1069 struct g_eli_metadata md;
1071 unsigned char *sector;
1073 int filefd, provfd, ret;
1076 provfd = filefd = -1;
1080 provfd = open(prov, O_RDONLY);
1081 if (provfd == -1 && errno == ENOENT && prov[0] != '/') {
1082 char devprov[MAXPATHLEN];
1084 snprintf(devprov, sizeof(devprov), "%s%s", _PATH_DEV, prov);
1085 provfd = open(devprov, O_RDONLY);
1088 gctl_error(req, "Cannot open %s: %s.", prov, strerror(errno));
1091 filefd = open(file, O_WRONLY | O_TRUNC | O_CREAT, 0600);
1093 gctl_error(req, "Cannot open %s: %s.", file, strerror(errno));
1097 mediasize = g_get_mediasize(prov);
1098 secsize = g_get_sectorsize(prov);
1099 if (mediasize == 0 || secsize == 0) {
1100 gctl_error(req, "Cannot get informations about %s: %s.", prov,
1105 sector = malloc(secsize);
1106 if (sector == NULL) {
1107 gctl_error(req, "Cannot allocate memory.");
1111 /* Read metadata from the provider. */
1112 if (pread(provfd, sector, secsize, mediasize - secsize) !=
1114 gctl_error(req, "Cannot read metadata: %s.", strerror(errno));
1117 /* Check if this is geli provider. */
1118 if (eli_metadata_decode(sector, &md) != 0) {
1119 gctl_error(req, "MD5 hash mismatch: not a geli provider?");
1122 /* Write metadata to the destination file. */
1123 if (write(filefd, sector, secsize) != (ssize_t)secsize) {
1124 gctl_error(req, "Cannot write to %s: %s.", file,
1135 if (sector != NULL) {
1136 bzero(sector, secsize);
1143 eli_backup(struct gctl_req *req)
1145 const char *file, *prov;
1148 nargs = gctl_get_int(req, "nargs");
1150 gctl_error(req, "Invalid number of arguments.");
1153 prov = gctl_get_ascii(req, "arg0");
1154 file = gctl_get_ascii(req, "arg1");
1156 eli_backup_create(req, prov, file);
1160 eli_restore(struct gctl_req *req)
1162 struct g_eli_metadata md;
1163 const char *file, *prov;
1164 unsigned char *sector;
1167 int nargs, filefd, provfd;
1169 nargs = gctl_get_int(req, "nargs");
1171 gctl_error(req, "Invalid number of arguments.");
1174 file = gctl_get_ascii(req, "arg0");
1175 prov = gctl_get_ascii(req, "arg1");
1177 provfd = filefd = -1;
1181 filefd = open(file, O_RDONLY);
1183 gctl_error(req, "Cannot open %s: %s.", file, strerror(errno));
1186 provfd = open(prov, O_WRONLY);
1187 if (provfd == -1 && errno == ENOENT && prov[0] != '/') {
1188 char devprov[MAXPATHLEN];
1190 snprintf(devprov, sizeof(devprov), "%s%s", _PATH_DEV, prov);
1191 provfd = open(devprov, O_WRONLY);
1194 gctl_error(req, "Cannot open %s: %s.", prov, strerror(errno));
1198 mediasize = g_get_mediasize(prov);
1199 secsize = g_get_sectorsize(prov);
1200 if (mediasize == 0 || secsize == 0) {
1201 gctl_error(req, "Cannot get informations about %s: %s.", prov,
1206 sector = malloc(secsize);
1207 if (sector == NULL) {
1208 gctl_error(req, "Cannot allocate memory.");
1212 /* Read metadata from the backup file. */
1213 if (read(filefd, sector, secsize) != (ssize_t)secsize) {
1214 gctl_error(req, "Cannot read from %s: %s.", file,
1218 /* Check if this file contains geli metadata. */
1219 if (eli_metadata_decode(sector, &md) != 0) {
1220 gctl_error(req, "MD5 hash mismatch: not a geli backup file?");
1223 /* Write metadata from the provider. */
1224 if (pwrite(provfd, sector, secsize, mediasize - secsize) !=
1226 gctl_error(req, "Cannot write metadata: %s.", strerror(errno));
1234 if (sector != NULL) {
1235 bzero(sector, secsize);
1241 eli_clear(struct gctl_req *req)
1244 int error, i, nargs;
1246 nargs = gctl_get_int(req, "nargs");
1248 gctl_error(req, "Too few arguments.");
1252 for (i = 0; i < nargs; i++) {
1253 name = gctl_get_ascii(req, "arg%d", i);
1254 error = g_metadata_clear(name, G_ELI_MAGIC);
1256 fprintf(stderr, "Cannot clear metadata on %s: %s.\n",
1257 name, strerror(error));
1258 gctl_error(req, "Not fully done.");
1262 printf("Metadata cleared on %s.\n", name);
1267 eli_dump(struct gctl_req *req)
1269 struct g_eli_metadata md, tmpmd;
1271 int error, i, nargs;
1273 nargs = gctl_get_int(req, "nargs");
1275 gctl_error(req, "Too few arguments.");
1279 for (i = 0; i < nargs; i++) {
1280 name = gctl_get_ascii(req, "arg%d", i);
1281 error = g_metadata_read(name, (unsigned char *)&tmpmd,
1282 sizeof(tmpmd), G_ELI_MAGIC);
1284 fprintf(stderr, "Cannot read metadata from %s: %s.\n",
1285 name, strerror(error));
1286 gctl_error(req, "Not fully done.");
1289 if (eli_metadata_decode((unsigned char *)&tmpmd, &md) != 0) {
1290 fprintf(stderr, "MD5 hash mismatch for %s, skipping.\n",
1292 gctl_error(req, "Not fully done.");
1295 printf("Metadata on %s:\n", name);
1296 eli_metadata_dump(&md);
projects / FreeBSD / releng / 8.1.git / blob