Date: Fri, 06 Dec 2024 17:19:17 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 283043] gptboot fails to read the encrypted rootfs if geli authentication (geli -a) is used Message-ID: <bug-283043-227-XmrbqwkGgz@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-283043-227@https.bugs.freebsd.org/bugzilla/> References: <bug-283043-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D283043 John Baldwin <jhb@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jhb@FreeBSD.org --- Comment #2 from John Baldwin <jhb@FreeBSD.org> --- Hmm, I think we aren't deriving the encryption key correctly when auth is configured. The code in the kernel for this case in sys/geom/eli/g_eli_key= .c: /* * Find and decrypt Master Key encrypted with 'key' at slot 'nkey'. * Return 0 on success, > 0 on failure, -1 on bad key. */ int g_eli_mkey_decrypt(const struct g_eli_metadata *md, const unsigned char *ke= y, unsigned char *mkey, unsigned nkey) { unsigned char tmpmkey[G_ELI_MKEYLEN]; unsigned char enckey[SHA512_MDLEN]; /* Key for encryption. */ const unsigned char *mmkey; int bit, error; if (nkey > G_ELI_MKEYLEN) return (-1); /* * The key for encryption is: enckey =3D HMAC_SHA512(Derived-Key, 1) */ g_eli_crypto_hmac(key, G_ELI_USERKEYLEN, "\x01", 1, enckey, 0); ... but in geliboot.c we have: if ((gdev->sc.sc_flags & G_ELI_FLAG_AUTH) =3D=3D 0) { bcopy(mkp, gdev->sc.sc_ekey, G_ELI_DATAKEYLEN); } else { /* * The encryption key is: ekey =3D HMAC_SHA512(Data-Key, 0x= 10) */ g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, (const uint8_t *)"\x10", 1, gdev->sc.sc_ekey, 0); } Try this change to see if it works: diff --git a/stand/libsa/geli/geliboot.c b/stand/libsa/geli/geliboot.c index 04c53e73b29a..bdb288d2733c 100644 --- a/stand/libsa/geli/geliboot.c +++ b/stand/libsa/geli/geliboot.c @@ -286,9 +286,9 @@ geli_probe(struct geli_dev *gdev, const char *passphras= e, u_char *mkeyp) bcopy(mkp, gdev->sc.sc_ekey, G_ELI_DATAKEYLEN); } else { /* - * The encryption key is: ekey =3D HMAC_SHA512(Data-Key, 0x= 10) + * The encryption key is: ekey =3D HMAC_SHA512(Derived-Key,= 1) */ - g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, (const uint8_t *)"\x10", 1, + g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, (const uint8_t *)"\x01", 1, gdev->sc.sc_ekey, 0); } explicit_bzero(mkey, sizeof(mkey)); --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-283043-227-XmrbqwkGgz>