lib/bitlk/bitlk.h

   1 /*
   2  * BITLK (BitLocker-compatible) header definition
   3  *
   4  * Copyright (C) 2019-2023 Red Hat, Inc. All rights reserved.
   5  * Copyright (C) 2019-2023 Milan Broz
   6  * Copyright (C) 2019-2023 Vojtech Trefny
   7  *
   8  * This file is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU Lesser General Public
  10  * License as published by the Free Software Foundation; either
  11  * version 2.1 of the License, or (at your option) any later version.
  12  *
  13  * This file is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  16  * Lesser General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU Lesser General Public
  19  * License along with this file; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  21  */
  22
  23 #ifndef _CRYPTSETUP_BITLK_H
  24 #define _CRYPTSETUP_BITLK_H
  25
  26 #include <stddef.h>
  27 #include <stdint.h>
  28 #include <stdbool.h>
  29
  30 struct crypt_device;
  31 struct device;
  32 struct volume_key;
  33
  34 #define BITLK_NONCE_SIZE 12
  35 #define BITLK_SALT_SIZE 16
  36 #define BITLK_VMK_MAC_TAG_SIZE 16
  37
  38 #define BITLK_STATE_NORMAL 0x0004
  39
  40 typedef enum {
  41         BITLK_ENCRYPTION_TYPE_NORMAL = 0,
  42         BITLK_ENCRYPTION_TYPE_EOW,
  43         BITLK_ENCRYPTION_TYPE_UNKNOWN,
  44 } BITLKEncryptionType;
  45
  46 typedef enum {
  47         BITLK_PROTECTION_CLEAR_KEY = 0,
  48         BITLK_PROTECTION_TPM,
  49         BITLK_PROTECTION_STARTUP_KEY,
  50         BITLK_PROTECTION_TPM_PIN,
  51         BITLK_PROTECTION_RECOVERY_PASSPHRASE,
  52         BITLK_PROTECTION_PASSPHRASE,
  53         BITLK_PROTECTION_SMART_CARD,
  54         BITLK_PROTECTION_UNKNOWN,
  55 } BITLKVMKProtection;
  56
  57 typedef enum {
  58         BITLK_ENTRY_TYPE_PROPERTY = 0x0000,
  59         BITLK_ENTRY_TYPE_VMK = 0x0002,
  60         BITLK_ENTRY_TYPE_FVEK = 0x0003,
  61         BITLK_ENTRY_TYPE_STARTUP_KEY = 0x0006,
  62         BITLK_ENTRY_TYPE_DESCRIPTION = 0x0007,
  63         BITLK_ENTRY_TYPE_VOLUME_HEADER = 0x000f,
  64         BITLK_ENTRY_TYPE_VOLUME_GUID = 0x0019,
  65 } BITLKFVEEntryType;
  66
  67 typedef enum {
  68         BITLK_ENTRY_VALUE_ERASED = 0x0000,
  69         BITLK_ENTRY_VALUE_KEY = 0x0001,
  70         BITLK_ENTRY_VALUE_STRING = 0x0002,
  71         BITLK_ENTRY_VALUE_STRETCH_KEY = 0x0003,
  72         BITLK_ENTRY_VALUE_USE_KEY = 0x0004,
  73         BITLK_ENTRY_VALUE_ENCRYPTED_KEY = 0x0005,
  74         BITLK_ENTRY_VALUE_TPM_KEY = 0x0006,
  75         BITLK_ENTRY_VALUE_VALIDATION = 0x0007,
  76         BITLK_ENTRY_VALUE_VMK = 0x0008,
  77         BITLK_ENTRY_VALUE_EXTERNAL_KEY = 0x0009,
  78         BITLK_ENTRY_VALUE_OFFSET_SIZE = 0x000f,
  79         BITLK_ENTRY_VALUE_RECOVERY_TIME = 0x015,
  80         BITLK_ENTRY_VALUE_GUID = 0x0017,
  81 } BITLKFVEEntryValue;
  82
  83 struct bitlk_vmk {
  84         char *guid;
  85         char *name;
  86         BITLKVMKProtection protection;
  87         uint8_t salt[BITLK_SALT_SIZE];
  88         uint8_t mac_tag[BITLK_VMK_MAC_TAG_SIZE];
  89         uint8_t nonce[BITLK_NONCE_SIZE];
  90         struct volume_key *vk;
  91         struct bitlk_vmk *next;
  92 };
  93
  94 struct bitlk_fvek {
  95         uint8_t mac_tag[BITLK_VMK_MAC_TAG_SIZE];
  96         uint8_t nonce[BITLK_NONCE_SIZE];
  97         struct volume_key *vk;
  98 };
  99
 100 struct bitlk_metadata {
 101         uint16_t sector_size;
 102         uint64_t volume_size;
 103         bool togo;
 104         bool state;
 105         BITLKEncryptionType type;
 106         const char *cipher;
 107         const char *cipher_mode;
 108         uint16_t key_size;
 109         char *guid;
 110         uint64_t creation_time;
 111         char *description;
 112         uint64_t metadata_offset[3];
 113         uint32_t metadata_version;
 114         uint64_t volume_header_offset;
 115         uint64_t volume_header_size;
 116         struct bitlk_vmk *vmks;
 117         struct bitlk_fvek *fvek;
 118 };
 119
 120 int BITLK_read_sb(struct crypt_device *cd, struct bitlk_metadata *params);
 121
 122 int BITLK_dump(struct crypt_device *cd, struct device *device, struct bitlk_metadata *params);
 123
 124 int BITLK_get_volume_key(struct crypt_device *cd,
 125                          const char *password,
 126                          size_t passwordLen,
 127                          const struct bitlk_metadata *params,
 128                          struct volume_key **open_fvek_key);
 129
 130 int BITLK_activate_by_passphrase(struct crypt_device *cd,
 131                                  const char *name,
 132                                  const char *password,
 133                                  size_t passwordLen,
 134                                  const struct bitlk_metadata *params,
 135                                  uint32_t flags);
 136
 137 int BITLK_activate_by_volume_key(struct crypt_device *cd,
 138                                  const char *name,
 139                                  const char *volume_key,
 140                                  size_t volume_key_size,
 141                                  const struct bitlk_metadata *params,
 142                                  uint32_t flags);
 143
 144 void BITLK_bitlk_fvek_free(struct bitlk_fvek *fvek);
 145 void BITLK_bitlk_vmk_free(struct bitlk_vmk *vmk);
 146 void BITLK_bitlk_metadata_free(struct bitlk_metadata *params);
 147
 148 #endif