projects / platform / upstream / cryptsetup.git / blob
? search:


156f0c1d33767ea2882cf00b205dbcf7a4ddb570
[platform/upstream/cryptsetup.git] / lib / luks2 / luks2_keyslot_luks2.c
1 /*
2  * LUKS - Linux Unified Key Setup v2, LUKS2 type keyslot handler
3  *
4  * Copyright (C) 2015-2020 Red Hat, Inc. All rights reserved.
5  * Copyright (C) 2015-2020 Milan Broz
6  *
7  * This program is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU General Public License
9  * as published by the Free Software Foundation; either version 2
10  * of the License, or (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20  */
21
22 #include "luks2_internal.h"
23
24 /* FIXME: move keyslot encryption to crypto backend */
25 #include "../luks1/af.h"
26
27 #define LUKS_SALTSIZE 32
28 #define LUKS_SLOT_ITERATIONS_MIN 1000
29 #define LUKS_STRIPES 4000
30
31 /* Serialize memory-hard keyslot access: optional workaround for parallel processing */
32 #define MIN_MEMORY_FOR_SERIALIZE_LOCK_KB 32*1024 /* 32MB */
33
34 static int luks2_encrypt_to_storage(char *src, size_t srcLength,
35         const char *cipher, const char *cipher_mode,
36         struct volume_key *vk, unsigned int sector,
37         struct crypt_device *cd)
38 {
39 #ifndef ENABLE_AF_ALG /* Support for old kernel without Crypto API */
40         return LUKS_encrypt_to_storage(src, srcLength, cipher, cipher_mode, vk, sector, cd);
41 #else
42         struct crypt_storage *s;
43         int devfd, r;
44         struct device *device = crypt_metadata_device(cd);
45
46         /* Only whole sector writes supported */
47         if (MISALIGNED_512(srcLength))
48                 return -EINVAL;
49
50         /* Encrypt buffer */
51         r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength);
52         if (r) {
53                 log_err(cd, _("Cannot use %s-%s cipher for keyslot encryption."), cipher, cipher_mode);
54                 return r;
55         }
56
57         r = crypt_storage_encrypt(s, 0, srcLength, src);
58         crypt_storage_destroy(s);
59         if (r) {
60                 log_err(cd, _("IO error while encrypting keyslot."));
61                 return r;
62         }
63
64         devfd = device_open_locked(cd, device, O_RDWR);
65         if (devfd >= 0) {
66                 if (write_lseek_blockwise(devfd, device_block_size(cd, device),
67                                           device_alignment(device), src,
68                                           srcLength, sector * SECTOR_SIZE) < 0)
69                         r = -EIO;
70                 else
71                         r = 0;
72
73                 device_sync(cd, device);
74         } else
75                 r = -EIO;
76
77         if (r)
78                 log_err(cd, _("IO error while encrypting keyslot."));
79
80         return r;
81 #endif
82 }
83
84 static int luks2_decrypt_from_storage(char *dst, size_t dstLength,
85         const char *cipher, const char *cipher_mode, struct volume_key *vk,
86         unsigned int sector, struct crypt_device *cd)
87 {
88         struct device *device = crypt_metadata_device(cd);
89 #ifndef ENABLE_AF_ALG /* Support for old kernel without Crypto API */
90         int r = device_read_lock(cd, device);
91         if (r) {
92                 log_err(cd, _("Failed to acquire read lock on device %s."), device_path(device));
93                 return r;
94         }
95         r = LUKS_decrypt_from_storage(dst, dstLength, cipher, cipher_mode, vk, sector, cd);
96         device_read_unlock(cd, crypt_metadata_device(cd));
97         return r;
98 #else
99         struct crypt_storage *s;
100         int devfd, r;
101
102         /* Only whole sector writes supported */
103         if (MISALIGNED_512(dstLength))
104                 return -EINVAL;
105
106         r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, vk->key, vk->keylength);
107         if (r) {
108                 log_err(cd, _("Cannot use %s-%s cipher for keyslot encryption."), cipher, cipher_mode);
109                 return r;
110         }
111
112         r = device_read_lock(cd, device);
113         if (r) {
114                 log_err(cd, _("Failed to acquire read lock on device %s."),
115                         device_path(device));
116                 crypt_storage_destroy(s);
117                 return r;
118         }
119
120         devfd = device_open_locked(cd, device, O_RDONLY);
121         if (devfd >= 0) {
122                 if (read_lseek_blockwise(devfd, device_block_size(cd, device),
123                                          device_alignment(device), dst,
124                                          dstLength, sector * SECTOR_SIZE) < 0)
125                         r = -EIO;
126                 else
127                         r = 0;
128         } else
129                 r = -EIO;
130
131         device_read_unlock(cd, device);
132
133         /* Decrypt buffer */
134         if (!r)
135                 r = crypt_storage_decrypt(s, 0, dstLength, dst);
136         else
137                 log_err(cd, _("IO error while decrypting keyslot."));
138
139         crypt_storage_destroy(s);
140         return r;
141 #endif
142 }
143
144 static int luks2_keyslot_get_pbkdf_params(json_object *jobj_keyslot,
145                                 struct crypt_pbkdf_type *pbkdf, char *salt)
146 {
147         json_object *jobj_kdf, *jobj1, *jobj2;
148         size_t salt_len;
149
150         if (!jobj_keyslot || !pbkdf)
151                 return -EINVAL;
152
153         memset(pbkdf, 0, sizeof(*pbkdf));
154
155         if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf))
156                 return -EINVAL;
157
158         if (!json_object_object_get_ex(jobj_kdf, "type", &jobj1))
159                 return -EINVAL;
160         pbkdf->type = json_object_get_string(jobj1);
161         if (!strcmp(pbkdf->type, CRYPT_KDF_PBKDF2)) {
162                 if (!json_object_object_get_ex(jobj_kdf, "hash", &jobj2))
163                         return -EINVAL;
164                 pbkdf->hash = json_object_get_string(jobj2);
165                 if (!json_object_object_get_ex(jobj_kdf, "iterations", &jobj2))
166                         return -EINVAL;
167                 pbkdf->iterations = json_object_get_int(jobj2);
168                 pbkdf->max_memory_kb = 0;
169                 pbkdf->parallel_threads = 0;
170         } else {
171                 if (!json_object_object_get_ex(jobj_kdf, "time", &jobj2))
172                         return -EINVAL;
173                 pbkdf->iterations = json_object_get_int(jobj2);
174                 if (!json_object_object_get_ex(jobj_kdf, "memory", &jobj2))
175                         return -EINVAL;
176                 pbkdf->max_memory_kb = json_object_get_int(jobj2);
177                 if (!json_object_object_get_ex(jobj_kdf, "cpus", &jobj2))
178                         return -EINVAL;
179                 pbkdf->parallel_threads = json_object_get_int(jobj2);
180         }
181
182         if (!json_object_object_get_ex(jobj_kdf, "salt", &jobj2))
183                 return -EINVAL;
184         salt_len = LUKS_SALTSIZE;
185         if (!base64_decode(json_object_get_string(jobj2),
186                            json_object_get_string_len(jobj2),
187                            salt, &salt_len))
188                 return -EINVAL;
189         if (salt_len != LUKS_SALTSIZE)
190                 return -EINVAL;
191
192         return 0;
193 }
194
195 static int luks2_keyslot_set_key(struct crypt_device *cd,
196         json_object *jobj_keyslot,
197         const char *password, size_t passwordLen,
198         const char *volume_key, size_t volume_key_len)
199 {
200         struct volume_key *derived_key;
201         char salt[LUKS_SALTSIZE], cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
202         char *AfKey = NULL;
203         const char *af_hash = NULL;
204         size_t AFEKSize, keyslot_key_len;
205         json_object *jobj2, *jobj_kdf, *jobj_af, *jobj_area;
206         uint64_t area_offset;
207         struct crypt_pbkdf_type pbkdf;
208         int r;
209
210         if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf) ||
211             !json_object_object_get_ex(jobj_keyslot, "af", &jobj_af) ||
212             !json_object_object_get_ex(jobj_keyslot, "area", &jobj_area))
213                 return -EINVAL;
214
215         /* prevent accidental volume key size change after allocation */
216         if (!json_object_object_get_ex(jobj_keyslot, "key_size", &jobj2))
217                 return -EINVAL;
218         if (json_object_get_int(jobj2) != (int)volume_key_len)
219                 return -EINVAL;
220
221         if (!json_object_object_get_ex(jobj_area, "offset", &jobj2))
222                 return -EINVAL;
223         area_offset = crypt_jobj_get_uint64(jobj2);
224
225         if (!json_object_object_get_ex(jobj_area, "encryption", &jobj2))
226                 return -EINVAL;
227         r = crypt_parse_name_and_mode(json_object_get_string(jobj2), cipher, NULL, cipher_mode);
228         if (r < 0)
229                 return r;
230
231         if (!json_object_object_get_ex(jobj_area, "key_size", &jobj2))
232                 return -EINVAL;
233         keyslot_key_len = json_object_get_int(jobj2);
234
235         if (!json_object_object_get_ex(jobj_af, "hash", &jobj2))
236                 return -EINVAL;
237         af_hash = json_object_get_string(jobj2);
238
239         if (luks2_keyslot_get_pbkdf_params(jobj_keyslot, &pbkdf, salt))
240                 return -EINVAL;
241
242         /*
243          * Allocate derived key storage.
244          */
245         derived_key = crypt_alloc_volume_key(keyslot_key_len, NULL);
246         if (!derived_key)
247                 return -ENOMEM;
248         /*
249          * Calculate keyslot content, split and store it to keyslot area.
250          */
251         r = crypt_pbkdf(pbkdf.type, pbkdf.hash, password, passwordLen,
252                         salt, LUKS_SALTSIZE,
253                         derived_key->key, derived_key->keylength,
254                         pbkdf.iterations, pbkdf.max_memory_kb,
255                         pbkdf.parallel_threads);
256         if (r < 0) {
257                 crypt_free_volume_key(derived_key);
258                 return r;
259         }
260
261         // FIXME: verity key_size to AFEKSize
262         AFEKSize = AF_split_sectors(volume_key_len, LUKS_STRIPES) * SECTOR_SIZE;
263         AfKey = crypt_safe_alloc(AFEKSize);
264         if (!AfKey) {
265                 crypt_free_volume_key(derived_key);
266                 return -ENOMEM;
267         }
268
269         r = AF_split(cd, volume_key, AfKey, volume_key_len, LUKS_STRIPES, af_hash);
270
271         if (r == 0) {
272                 log_dbg(cd, "Updating keyslot area [0x%04x].", (unsigned)area_offset);
273                 /* FIXME: sector_offset should be size_t, fix LUKS_encrypt... accordingly */
274                 r = luks2_encrypt_to_storage(AfKey, AFEKSize, cipher, cipher_mode,
275                                     derived_key, (unsigned)(area_offset / SECTOR_SIZE), cd);
276         }
277
278         crypt_safe_free(AfKey);
279         crypt_free_volume_key(derived_key);
280         if (r < 0)
281                 return r;
282
283         return 0;
284 }
285
286 static int luks2_keyslot_get_key(struct crypt_device *cd,
287         json_object *jobj_keyslot,
288         const char *password, size_t passwordLen,
289         char *volume_key, size_t volume_key_len)
290 {
291         struct volume_key *derived_key;
292         struct crypt_pbkdf_type pbkdf;
293         char *AfKey;
294         size_t AFEKSize;
295         const char *af_hash = NULL;
296         char salt[LUKS_SALTSIZE], cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
297         json_object *jobj2, *jobj_af, *jobj_area;
298         uint64_t area_offset;
299         size_t keyslot_key_len;
300         bool try_serialize_lock = false;
301         int r;
302
303         if (!json_object_object_get_ex(jobj_keyslot, "af", &jobj_af) ||
304             !json_object_object_get_ex(jobj_keyslot, "area", &jobj_area))
305                 return -EINVAL;
306
307         if (luks2_keyslot_get_pbkdf_params(jobj_keyslot, &pbkdf, salt))
308                 return -EINVAL;
309
310         if (!json_object_object_get_ex(jobj_af, "hash", &jobj2))
311                 return -EINVAL;
312         af_hash = json_object_get_string(jobj2);
313
314         if (!json_object_object_get_ex(jobj_area, "offset", &jobj2))
315                 return -EINVAL;
316         area_offset = crypt_jobj_get_uint64(jobj2);
317
318         if (!json_object_object_get_ex(jobj_area, "encryption", &jobj2))
319                 return -EINVAL;
320         r = crypt_parse_name_and_mode(json_object_get_string(jobj2), cipher, NULL, cipher_mode);
321         if (r < 0)
322                 return r;
323
324         if (!json_object_object_get_ex(jobj_area, "key_size", &jobj2))
325                 return -EINVAL;
326         keyslot_key_len = json_object_get_int(jobj2);
327
328         /*
329          * If requested, serialize unlocking for memory-hard KDF. Usually NOOP.
330          */
331         if (pbkdf.max_memory_kb > MIN_MEMORY_FOR_SERIALIZE_LOCK_KB)
332                 try_serialize_lock = true;
333         if (try_serialize_lock && crypt_serialize_lock(cd))
334                 return -EINVAL;
335         /*
336          * Allocate derived key storage space.
337          */
338         derived_key = crypt_alloc_volume_key(keyslot_key_len, NULL);
339         if (!derived_key)
340                 return -ENOMEM;
341
342         AFEKSize = AF_split_sectors(volume_key_len, LUKS_STRIPES) * SECTOR_SIZE;
343         AfKey = crypt_safe_alloc(AFEKSize);
344         if (!AfKey) {
345                 crypt_free_volume_key(derived_key);
346                 return -ENOMEM;
347         }
348         /*
349          * Calculate derived key, decrypt keyslot content and merge it.
350          */
351         r = crypt_pbkdf(pbkdf.type, pbkdf.hash, password, passwordLen,
352                         salt, LUKS_SALTSIZE,
353                         derived_key->key, derived_key->keylength,
354                         pbkdf.iterations, pbkdf.max_memory_kb,
355                         pbkdf.parallel_threads);
356
357         if (try_serialize_lock)
358                 crypt_serialize_unlock(cd);
359
360         if (r == 0) {
361                 log_dbg(cd, "Reading keyslot area [0x%04x].", (unsigned)area_offset);
362                 /* FIXME: sector_offset should be size_t, fix LUKS_decrypt... accordingly */
363                 r = luks2_decrypt_from_storage(AfKey, AFEKSize, cipher, cipher_mode,
364                                       derived_key, (unsigned)(area_offset / SECTOR_SIZE), cd);
365         }
366
367         if (r == 0)
368                 r = AF_merge(cd, AfKey, volume_key, volume_key_len, LUKS_STRIPES, af_hash);
369
370         crypt_free_volume_key(derived_key);
371         crypt_safe_free(AfKey);
372
373         return r;
374 }
375
376 /*
377  * currently we support update of only:
378  *
379  * - af hash function
380  * - kdf params
381  */
382 static int luks2_keyslot_update_json(struct crypt_device *cd,
383         json_object *jobj_keyslot,
384         const struct luks2_keyslot_params *params)
385 {
386         const struct crypt_pbkdf_type *pbkdf;
387         json_object *jobj_af, *jobj_area, *jobj_kdf;
388         char salt[LUKS_SALTSIZE], *salt_base64 = NULL;
389         int r;
390
391         /* jobj_keyslot is not yet validated */
392
393         if (!json_object_object_get_ex(jobj_keyslot, "af", &jobj_af) ||
394             !json_object_object_get_ex(jobj_keyslot, "area", &jobj_area))
395                 return -EINVAL;
396
397         /* update area encryption parameters */
398         json_object_object_add(jobj_area, "encryption", json_object_new_string(params->area.raw.encryption));
399         json_object_object_add(jobj_area, "key_size", json_object_new_int(params->area.raw.key_size));
400
401         pbkdf = crypt_get_pbkdf_type(cd);
402         if (!pbkdf)
403                 return -EINVAL;
404
405         r = crypt_benchmark_pbkdf_internal(cd, CONST_CAST(struct crypt_pbkdf_type *)pbkdf, params->area.raw.key_size);
406         if (r < 0)
407                 return r;
408
409         /* refresh whole 'kdf' object */
410         jobj_kdf = json_object_new_object();
411         if (!jobj_kdf)
412                 return -ENOMEM;
413         json_object_object_add(jobj_kdf, "type", json_object_new_string(pbkdf->type));
414         if (!strcmp(pbkdf->type, CRYPT_KDF_PBKDF2)) {
415                 json_object_object_add(jobj_kdf, "hash", json_object_new_string(pbkdf->hash));
416                 json_object_object_add(jobj_kdf, "iterations", json_object_new_int(pbkdf->iterations));
417         } else {
418                 json_object_object_add(jobj_kdf, "time", json_object_new_int(pbkdf->iterations));
419                 json_object_object_add(jobj_kdf, "memory", json_object_new_int(pbkdf->max_memory_kb));
420                 json_object_object_add(jobj_kdf, "cpus", json_object_new_int(pbkdf->parallel_threads));
421         }
422         json_object_object_add(jobj_keyslot, "kdf", jobj_kdf);
423
424         /*
425          * Regenerate salt and add it in 'kdf' object
426          */
427         r = crypt_random_get(cd, salt, LUKS_SALTSIZE, CRYPT_RND_SALT);
428         if (r < 0)
429                 return r;
430         base64_encode_alloc(salt, LUKS_SALTSIZE, &salt_base64);
431         if (!salt_base64)
432                 return -ENOMEM;
433         json_object_object_add(jobj_kdf, "salt", json_object_new_string(salt_base64));
434         free(salt_base64);
435
436         /* update 'af' hash */
437         json_object_object_add(jobj_af, "hash", json_object_new_string(params->af.luks1.hash));
438
439         JSON_DBG(cd, jobj_keyslot, "Keyslot JSON:");
440         return 0;
441 }
442
443 static int luks2_keyslot_alloc(struct crypt_device *cd,
444         int keyslot,
445         size_t volume_key_len,
446         const struct luks2_keyslot_params *params)
447 {
448         struct luks2_hdr *hdr;
449         uint64_t area_offset, area_length;
450         json_object *jobj_keyslots, *jobj_keyslot, *jobj_af, *jobj_area;
451         int r;
452
453         log_dbg(cd, "Trying to allocate LUKS2 keyslot %d.", keyslot);
454
455         if (!params || params->area_type != LUKS2_KEYSLOT_AREA_RAW ||
456             params->af_type != LUKS2_KEYSLOT_AF_LUKS1) {
457                 log_dbg(cd, "Invalid LUKS2 keyslot parameters.");
458                 return -EINVAL;
459         }
460
461         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
462                 return -EINVAL;
463
464         if (keyslot == CRYPT_ANY_SLOT)
465                 keyslot = LUKS2_keyslot_find_empty(hdr);
466
467         if (keyslot < 0 || keyslot >= LUKS2_KEYSLOTS_MAX)
468                 return -ENOMEM;
469
470         if (LUKS2_get_keyslot_jobj(hdr, keyslot)) {
471                 log_dbg(cd, "Cannot modify already active keyslot %d.", keyslot);
472                 return -EINVAL;
473         }
474
475         if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots))
476                 return -EINVAL;
477
478         r = LUKS2_find_area_gap(cd, hdr, volume_key_len, &area_offset, &area_length);
479         if (r < 0) {
480                 log_err(cd, _("No space for new keyslot."));
481                 return r;
482         }
483
484         jobj_keyslot = json_object_new_object();
485         json_object_object_add(jobj_keyslot, "type", json_object_new_string("luks2"));
486         json_object_object_add(jobj_keyslot, "key_size", json_object_new_int(volume_key_len));
487
488         /* AF object */
489         jobj_af = json_object_new_object();
490         json_object_object_add(jobj_af, "type", json_object_new_string("luks1"));
491         json_object_object_add(jobj_af, "stripes", json_object_new_int(params->af.luks1.stripes));
492         json_object_object_add(jobj_keyslot, "af", jobj_af);
493
494         /* Area object */
495         jobj_area = json_object_new_object();
496         json_object_object_add(jobj_area, "type", json_object_new_string("raw"));
497         json_object_object_add(jobj_area, "offset", crypt_jobj_new_uint64(area_offset));
498         json_object_object_add(jobj_area, "size", crypt_jobj_new_uint64(area_length));
499         json_object_object_add(jobj_keyslot, "area", jobj_area);
500
501         json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot);
502
503         r = luks2_keyslot_update_json(cd, jobj_keyslot, params);
504
505         if (!r && LUKS2_check_json_size(cd, hdr)) {
506                 log_dbg(cd, "Not enough space in header json area for new keyslot.");
507                 r = -ENOSPC;
508         }
509
510         if (r)
511                 json_object_object_del_by_uint(jobj_keyslots, keyslot);
512
513         return r;
514 }
515
516 static int luks2_keyslot_open(struct crypt_device *cd,
517         int keyslot,
518         const char *password,
519         size_t password_len,
520         char *volume_key,
521         size_t volume_key_len)
522 {
523         struct luks2_hdr *hdr;
524         json_object *jobj_keyslot;
525
526         log_dbg(cd, "Trying to open LUKS2 keyslot %d.", keyslot);
527
528         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
529                 return -EINVAL;
530
531         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
532         if (!jobj_keyslot)
533                 return -EINVAL;
534
535         return luks2_keyslot_get_key(cd, jobj_keyslot,
536                                      password, password_len,
537                                      volume_key, volume_key_len);
538 }
539
540 /*
541  * This function must not modify json.
542  * It's called after luks2 keyslot validation.
543  */
544 static int luks2_keyslot_store(struct crypt_device *cd,
545         int keyslot,
546         const char *password,
547         size_t password_len,
548         const char *volume_key,
549         size_t volume_key_len)
550 {
551         struct luks2_hdr *hdr;
552         json_object *jobj_keyslot;
553         int r;
554
555         log_dbg(cd, "Calculating attributes for LUKS2 keyslot %d.", keyslot);
556
557         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
558                 return -EINVAL;
559
560         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
561         if (!jobj_keyslot)
562                 return -EINVAL;
563
564         r = LUKS2_device_write_lock(cd, hdr, crypt_metadata_device(cd));
565         if(r)
566                 return r;
567
568         r = luks2_keyslot_set_key(cd, jobj_keyslot,
569                                   password, password_len,
570                                   volume_key, volume_key_len);
571         if (!r)
572                 r = LUKS2_hdr_write(cd, hdr);
573
574         device_write_unlock(cd, crypt_metadata_device(cd));
575
576         return r < 0 ? r : keyslot;
577 }
578
579 static int luks2_keyslot_wipe(struct crypt_device *cd, int keyslot)
580 {
581         struct luks2_hdr *hdr;
582
583         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
584                 return -EINVAL;
585
586         /* Remove any reference of deleted keyslot from digests and tokens */
587         LUKS2_digest_assign(cd, hdr, keyslot, CRYPT_ANY_DIGEST, 0, 0);
588         LUKS2_token_assign(cd, hdr, keyslot, CRYPT_ANY_TOKEN, 0, 0);
589
590         return 0;
591 }
592
593 static int luks2_keyslot_dump(struct crypt_device *cd, int keyslot)
594 {
595         json_object *jobj_keyslot, *jobj1, *jobj_kdf, *jobj_af, *jobj_area;
596
597         jobj_keyslot = LUKS2_get_keyslot_jobj(crypt_get_hdr(cd, CRYPT_LUKS2), keyslot);
598         if (!jobj_keyslot)
599                 return -EINVAL;
600
601         if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf) ||
602             !json_object_object_get_ex(jobj_keyslot, "af", &jobj_af) ||
603             !json_object_object_get_ex(jobj_keyslot, "area", &jobj_area))
604                 return -EINVAL;
605
606         json_object_object_get_ex(jobj_area, "encryption", &jobj1);
607         log_std(cd, "\tCipher:     %s\n", json_object_get_string(jobj1));
608
609         json_object_object_get_ex(jobj_area, "key_size", &jobj1);
610         log_std(cd, "\tCipher key: %u bits\n", crypt_jobj_get_uint32(jobj1) * 8);
611
612         json_object_object_get_ex(jobj_kdf, "type", &jobj1);
613         log_std(cd, "\tPBKDF:      %s\n", json_object_get_string(jobj1));
614
615         if (!strcmp(json_object_get_string(jobj1), CRYPT_KDF_PBKDF2)) {
616                 json_object_object_get_ex(jobj_kdf, "hash", &jobj1);
617                 log_std(cd, "\tHash:       %s\n", json_object_get_string(jobj1));
618
619                 json_object_object_get_ex(jobj_kdf, "iterations", &jobj1);
620                 log_std(cd, "\tIterations: %" PRIu64 "\n", crypt_jobj_get_uint64(jobj1));
621         } else {
622                 json_object_object_get_ex(jobj_kdf, "time", &jobj1);
623                 log_std(cd, "\tTime cost:  %" PRIu64 "\n", json_object_get_int64(jobj1));
624
625                 json_object_object_get_ex(jobj_kdf, "memory", &jobj1);
626                 log_std(cd, "\tMemory:     %" PRIu64 "\n", json_object_get_int64(jobj1));
627
628                 json_object_object_get_ex(jobj_kdf, "cpus", &jobj1);
629                 log_std(cd, "\tThreads:    %" PRIu64 "\n", json_object_get_int64(jobj1));
630         }
631         json_object_object_get_ex(jobj_kdf, "salt", &jobj1);
632         log_std(cd, "\tSalt:       ");
633         hexprint_base64(cd, jobj1, " ", "            ");
634
635
636         json_object_object_get_ex(jobj_af, "stripes", &jobj1);
637         log_std(cd, "\tAF stripes: %u\n", json_object_get_int(jobj1));
638
639         json_object_object_get_ex(jobj_af, "hash", &jobj1);
640         log_std(cd, "\tAF hash:    %s\n", json_object_get_string(jobj1));
641
642         json_object_object_get_ex(jobj_area, "offset", &jobj1);
643         log_std(cd, "\tArea offset:%" PRIu64 " [bytes]\n", crypt_jobj_get_uint64(jobj1));
644
645         json_object_object_get_ex(jobj_area, "size", &jobj1);
646         log_std(cd, "\tArea length:%" PRIu64 " [bytes]\n", crypt_jobj_get_uint64(jobj1));
647
648         return 0;
649 }
650
651 static int luks2_keyslot_validate(struct crypt_device *cd, json_object *jobj_keyslot)
652 {
653         json_object *jobj_kdf, *jobj_af, *jobj_area, *jobj1;
654         const char *type;
655         int count;
656
657         if (!jobj_keyslot)
658                 return -EINVAL;
659
660         if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf) ||
661             !json_object_object_get_ex(jobj_keyslot, "af", &jobj_af) ||
662             !json_object_object_get_ex(jobj_keyslot, "area", &jobj_area))
663                 return -EINVAL;
664
665         count = json_object_object_length(jobj_kdf);
666
667         jobj1 = json_contains(cd, jobj_kdf, "", "kdf section", "type", json_type_string);
668         if (!jobj1)
669                 return -EINVAL;
670         type = json_object_get_string(jobj1);
671
672         if (!strcmp(type, CRYPT_KDF_PBKDF2)) {
673                 if (count != 4 || /* type, salt, hash, iterations only */
674                     !json_contains(cd, jobj_kdf, "kdf type", type, "hash", json_type_string) ||
675                     !json_contains(cd, jobj_kdf, "kdf type", type, "iterations", json_type_int) ||
676                     !json_contains(cd, jobj_kdf, "kdf type", type, "salt", json_type_string))
677                         return -EINVAL;
678         } else if (!strcmp(type, CRYPT_KDF_ARGON2I) || !strcmp(type, CRYPT_KDF_ARGON2ID)) {
679                 if (count != 5 || /* type, salt, time, memory, cpus only */
680                     !json_contains(cd, jobj_kdf, "kdf type", type, "time", json_type_int) ||
681                     !json_contains(cd, jobj_kdf, "kdf type", type, "memory", json_type_int) ||
682                     !json_contains(cd, jobj_kdf, "kdf type", type, "cpus", json_type_int) ||
683                     !json_contains(cd, jobj_kdf, "kdf type", type, "salt", json_type_string))
684                         return -EINVAL;
685         }
686
687         if (!json_object_object_get_ex(jobj_af, "type", &jobj1))
688                 return -EINVAL;
689         if (!strcmp(json_object_get_string(jobj1), "luks1")) {
690                 if (!json_contains(cd, jobj_af, "", "luks1 af", "hash", json_type_string) ||
691                     !json_contains(cd, jobj_af, "", "luks1 af", "stripes", json_type_int))
692                         return -EINVAL;
693         } else
694                 return -EINVAL;
695
696         // FIXME check numbered
697         if (!json_object_object_get_ex(jobj_area, "type", &jobj1))
698                 return -EINVAL;
699         if (!strcmp(json_object_get_string(jobj1), "raw")) {
700                 if (!json_contains(cd, jobj_area, "area", "raw type", "encryption", json_type_string) ||
701                     !json_contains(cd, jobj_area, "area", "raw type", "key_size", json_type_int) ||
702                     !json_contains(cd, jobj_area, "area", "raw type", "offset", json_type_string) ||
703                     !json_contains(cd, jobj_area, "area", "raw type", "size", json_type_string))
704                         return -EINVAL;
705         } else
706                 return -EINVAL;
707
708         return 0;
709 }
710
711 static int luks2_keyslot_update(struct crypt_device *cd,
712         int keyslot,
713         const struct luks2_keyslot_params *params)
714 {
715         struct luks2_hdr *hdr;
716         json_object *jobj_keyslot;
717         int r;
718
719         log_dbg(cd, "Updating LUKS2 keyslot %d.", keyslot);
720
721         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
722                 return -EINVAL;
723
724         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
725         if (!jobj_keyslot)
726                 return -EINVAL;
727
728         r = luks2_keyslot_update_json(cd, jobj_keyslot, params);
729
730         if (!r && LUKS2_check_json_size(cd, hdr)) {
731                 log_dbg(cd, "Not enough space in header json area for updated keyslot %d.", keyslot);
732                 r = -ENOSPC;
733         }
734
735         return r;
736 }
737
738 static void luks2_keyslot_repair(struct crypt_device *cd, json_object *jobj_keyslot)
739 {
740         const char *type;
741         json_object *jobj_kdf, *jobj_type;
742
743         if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf) ||
744             !json_object_is_type(jobj_kdf, json_type_object))
745                 return;
746
747         if (!json_object_object_get_ex(jobj_kdf, "type", &jobj_type) ||
748             !json_object_is_type(jobj_type, json_type_string))
749                 return;
750
751         type = json_object_get_string(jobj_type);
752
753         if (!strcmp(type, CRYPT_KDF_PBKDF2)) {
754                 /* type, salt, hash, iterations only */
755                 json_object_object_foreach(jobj_kdf, key, val) {
756                         UNUSED(val);
757                         if (!strcmp(key, "type") || !strcmp(key, "salt") ||
758                             !strcmp(key, "hash") || !strcmp(key, "iterations"))
759                                         continue;
760                         json_object_object_del(jobj_kdf, key);
761                 }
762         } else if (!strcmp(type, CRYPT_KDF_ARGON2I) || !strcmp(type, CRYPT_KDF_ARGON2ID)) {
763                 /* type, salt, time, memory, cpus only */
764                 json_object_object_foreach(jobj_kdf, key, val) {
765                         UNUSED(val);
766                         if (!strcmp(key, "type") || !strcmp(key, "salt") ||
767                             !strcmp(key, "time") || !strcmp(key, "memory") ||
768                             !strcmp(key, "cpus"))
769                                         continue;
770                         json_object_object_del(jobj_kdf, key);
771                 }
772         }
773 }
774
775 const keyslot_handler luks2_keyslot = {
776         .name  = "luks2",
777         .alloc  = luks2_keyslot_alloc,
778         .update = luks2_keyslot_update,
779         .open  = luks2_keyslot_open,
780         .store = luks2_keyslot_store,
781         .wipe  = luks2_keyslot_wipe,
782         .dump  = luks2_keyslot_dump,
783         .validate = luks2_keyslot_validate,
784         .repair = luks2_keyslot_repair
785 };
Domain: System / System Framework;