From: Eric Biggers <ebiggers@kernel.org>
To: fstests@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
Subject: [PATCH v2 3/5] fscrypt-crypt-util: add support for dumping key identifier
Date: Sat, 12 Mar 2022 17:05:57 -0800 [thread overview]
Message-ID: <20220313010559.545995-4-ebiggers@kernel.org> (raw)
In-Reply-To: <20220313010559.545995-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Add an option to fscrypt-crypt-util to make it compute the key
identifier for the given key. This will allow testing the correctness
of the filesystem's key identifier computation.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
src/fscrypt-crypt-util.c | 51 ++++++++++++++++++++++++++++++++++++----
1 file changed, 46 insertions(+), 5 deletions(-)
diff --git a/src/fscrypt-crypt-util.c b/src/fscrypt-crypt-util.c
index 124eb23f..ffb9534d 100644
--- a/src/fscrypt-crypt-util.c
+++ b/src/fscrypt-crypt-util.c
@@ -46,7 +46,7 @@
static void usage(FILE *fp)
{
fputs(
-"Usage: " PROGRAM_NAME " [OPTION]... CIPHER MASTER_KEY\n"
+"Usage: " PROGRAM_NAME " [OPTION]... [CIPHER | --dump-key-identifier] MASTER_KEY\n"
"\n"
"Utility for verifying fscrypt-encrypted data. This program encrypts\n"
"(or decrypts) the data on stdin using the given CIPHER with the given\n"
@@ -66,6 +66,8 @@ static void usage(FILE *fp)
" --decrypt Decrypt instead of encrypt\n"
" --direct-key Use the format where the IVs include the file\n"
" nonce and the same key is shared across files.\n"
+" --dump-key-identifier Instead of encrypting/decrypting data, just\n"
+" compute and dump the key identifier.\n"
" --file-nonce=NONCE File's nonce as a 32-character hex string\n"
" --fs-uuid=UUID The filesystem UUID as a 32-character hex string.\n"
" Required for --iv-ino-lblk-32 and\n"
@@ -1949,11 +1951,38 @@ static void get_key_and_iv(const struct key_and_iv_params *params,
generate_iv(params, iv);
}
+static void do_dump_key_identifier(const struct key_and_iv_params *params)
+{
+ u8 info[9] = "fscrypt";
+ u8 key_identifier[16];
+ int i;
+
+ info[8] = HKDF_CONTEXT_KEY_IDENTIFIER;
+
+ if (params->kdf != KDF_HKDF_SHA512)
+ die("--dump-key-identifier requires --kdf=HKDF-SHA512");
+ hkdf_sha512(params->master_key, params->master_key_size,
+ NULL, 0, info, sizeof(info),
+ key_identifier, sizeof(key_identifier));
+
+ for (i = 0; i < sizeof(key_identifier); i++)
+ printf("%02x", key_identifier[i]);
+}
+
+static void parse_master_key(const char *arg, struct key_and_iv_params *params)
+{
+ params->master_key_size = hex2bin(arg, params->master_key,
+ MAX_KEY_SIZE);
+ if (params->master_key_size < 0)
+ die("Invalid master_key: %s", arg);
+}
+
enum {
OPT_BLOCK_NUMBER,
OPT_BLOCK_SIZE,
OPT_DECRYPT,
OPT_DIRECT_KEY,
+ OPT_DUMP_KEY_IDENTIFIER,
OPT_FILE_NONCE,
OPT_FS_UUID,
OPT_HELP,
@@ -1970,6 +1999,7 @@ static const struct option longopts[] = {
{ "block-size", required_argument, NULL, OPT_BLOCK_SIZE },
{ "decrypt", no_argument, NULL, OPT_DECRYPT },
{ "direct-key", no_argument, NULL, OPT_DIRECT_KEY },
+ { "dump-key-identifier", no_argument, NULL, OPT_DUMP_KEY_IDENTIFIER },
{ "file-nonce", required_argument, NULL, OPT_FILE_NONCE },
{ "fs-uuid", required_argument, NULL, OPT_FS_UUID },
{ "help", no_argument, NULL, OPT_HELP },
@@ -1986,6 +2016,7 @@ int main(int argc, char *argv[])
{
size_t block_size = 4096;
bool decrypting = false;
+ bool dump_key_identifier = false;
struct key_and_iv_params params;
size_t padding = 0;
const struct fscrypt_cipher *cipher;
@@ -2027,6 +2058,9 @@ int main(int argc, char *argv[])
case OPT_DIRECT_KEY:
params.direct_key = true;
break;
+ case OPT_DUMP_KEY_IDENTIFIER:
+ dump_key_identifier = true;
+ break;
case OPT_FILE_NONCE:
if (hex2bin(optarg, params.file_nonce, FILE_NONCE_SIZE)
!= FILE_NONCE_SIZE)
@@ -2074,6 +2108,15 @@ int main(int argc, char *argv[])
argc -= optind;
argv += optind;
+ if (dump_key_identifier) {
+ if (argc != 1) {
+ usage(stderr);
+ return 2;
+ }
+ parse_master_key(argv[0], ¶ms);
+ do_dump_key_identifier(¶ms);
+ return 0;
+ }
if (argc != 2) {
usage(stderr);
return 2;
@@ -2087,10 +2130,8 @@ int main(int argc, char *argv[])
die("Block size of %zu bytes is too small for cipher %s",
block_size, cipher->name);
- params.master_key_size = hex2bin(argv[1], params.master_key,
- MAX_KEY_SIZE);
- if (params.master_key_size < 0)
- die("Invalid master_key: %s", argv[1]);
+ parse_master_key(argv[1], ¶ms);
+
if (params.master_key_size < cipher->keysize)
die("Master key is too short for cipher %s", cipher->name);
--
2.35.1
next prev parent reply other threads:[~2022-03-13 1:06 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-13 1:05 [PATCH v2 0/5] xfstests: fscrypt test cleanups Eric Biggers
2022-03-13 1:05 ` [PATCH v2 1/5] fscrypt-crypt-util: use an explicit --direct-key option Eric Biggers
2022-03-13 1:05 ` [PATCH v2 2/5] fscrypt-crypt-util: refactor get_key_and_iv() Eric Biggers
2022-03-13 1:05 ` Eric Biggers [this message]
2022-03-13 1:05 ` [PATCH v2 4/5] common/encrypt: log full ciphertext verification params Eric Biggers
2022-03-13 1:05 ` [PATCH v2 5/5] common/encrypt: verify the key identifiers Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220313010559.545995-4-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.