Date: Mon, 23 Sep 2013 01:01:29 GMT From: def@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r257632 - in soc2013/def/crashdump-head: sbin/dumpkey sbin/savecore sys/kern sys/sys Message-ID: <201309230101.r8N11TsF079389@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: def Date: Mon Sep 23 01:01:29 2013 New Revision: 257632 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257632 Log: Include a tweak in an encrypted key. Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c soc2013/def/crashdump-head/sbin/savecore/decryptfile.c soc2013/def/crashdump-head/sbin/savecore/decryptfile.h soc2013/def/crashdump-head/sys/kern/kern_shutdown.c soc2013/def/crashdump-head/sys/sys/kerneldump.h Modified: soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c ============================================================================== --- soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Mon Sep 23 00:16:19 2013 (r257631) +++ soc2013/def/crashdump-head/sbin/dumpkey/dumpkey.c Mon Sep 23 01:01:29 2013 (r257632) @@ -71,7 +71,10 @@ if (public_key == NULL) return (-1); - if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE, plainkey, key->encrypted_key, public_key, RSA_PKCS1_PADDING) == -1) + memcpy(plainkey + KERNELDUMP_KEY_SIZE, key->tweak, KERNELDUMP_TWEAK_SIZE); + + if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE, plainkey, + key->encrypted_key, public_key, RSA_PKCS1_PADDING) == -1) return (-1); key->keysize = RSA_size(public_key); @@ -112,7 +115,7 @@ main(int argc, char **argv) { struct kerneldumpkey key; - char *public_key_file, buf[KERNELDUMP_KEY_SIZE]; + char *public_key_file, buf[KERNELDUMP_KEY_SIZE + KERNELDUMP_TWEAK_SIZE]; int ch, error; RSA *public_key; @@ -147,20 +150,20 @@ goto out; } - if (expand_key(buf, &key.data_ctx, &key.tweak_ctx)) { - printf("Error: cannot expand a symmetric key."); + if (random_data(key.tweak, KERNELDUMP_TWEAK_SIZE)) { + printf("Error: cannot generate a tweak.\n"); error = 1; goto out; } - if (encrypt_key(buf, &key, public_key, public_key_file)) { - printf("Error: cannot encrypt a symmetric key.\n"); + if (expand_key(buf, &key.data_ctx, &key.tweak_ctx)) { + printf("Error: cannot expand a symmetric key."); error = 1; goto out; } - if (random_data(key.tweak, KERNELDUMP_TWEAK_SIZE)) { - printf("Error: cannot generate a tweak.\n"); + if (encrypt_key(buf, &key, public_key, public_key_file)) { + printf("Error: cannot encrypt a symmetric key.\n"); error = 1; goto out; } Modified: soc2013/def/crashdump-head/sbin/savecore/decryptfile.c ============================================================================== --- soc2013/def/crashdump-head/sbin/savecore/decryptfile.c Mon Sep 23 00:16:19 2013 (r257631) +++ soc2013/def/crashdump-head/sbin/savecore/decryptfile.c Mon Sep 23 01:01:29 2013 (r257632) @@ -148,7 +148,6 @@ fd->keysize = h->keysize; memcpy(fd->encrypted_key, h->encrypted_key, KERNELDUMP_ENCRYPTED_KEY_SIZE); - memcpy(fd->tweak, h->tweak, KERNELDUMP_TWEAK_SIZE); bzero(&fd->tweak_ctx, sizeof(fd->tweak_ctx)); bzero(&fd->data_ctx, sizeof(fd->data_ctx)); bzero(key, KERNELDUMP_KEY_SIZE); Modified: soc2013/def/crashdump-head/sbin/savecore/decryptfile.h ============================================================================== --- soc2013/def/crashdump-head/sbin/savecore/decryptfile.h Mon Sep 23 00:16:19 2013 (r257631) +++ soc2013/def/crashdump-head/sbin/savecore/decryptfile.h Mon Sep 23 01:01:29 2013 (r257632) @@ -8,8 +8,8 @@ FILE *fp; int keysize; char key[KERNELDUMP_KEY_SIZE]; - char encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE]; char tweak[KERNELDUMP_TWEAK_SIZE]; + char encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE]; struct xts_ctx tweak_ctx; struct xts_ctx data_ctx; off_t offset; Modified: soc2013/def/crashdump-head/sys/kern/kern_shutdown.c ============================================================================== --- soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon Sep 23 00:16:19 2013 (r257631) +++ soc2013/def/crashdump-head/sys/kern/kern_shutdown.c Mon Sep 23 01:01:29 2013 (r257632) @@ -972,6 +972,5 @@ strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); kdh->keysize = dumper.kdk->keysize; memcpy(kdh->encrypted_key, dumper.kdk->encrypted_key, KERNELDUMP_ENCRYPTED_KEY_SIZE); - memcpy(kdh->tweak, dumper.kdk->tweak, KERNELDUMP_TWEAK_SIZE); kdh->parity = kerneldump_parity(kdh); } Modified: soc2013/def/crashdump-head/sys/sys/kerneldump.h ============================================================================== --- soc2013/def/crashdump-head/sys/sys/kerneldump.h Mon Sep 23 00:16:19 2013 (r257631) +++ soc2013/def/crashdump-head/sys/sys/kerneldump.h Mon Sep 23 01:01:29 2013 (r257632) @@ -83,11 +83,10 @@ uint64_t dumptime; uint32_t blocksize; char hostname[64]; - char versionstring[58]; - char panicstring[58]; + char versionstring[62]; + char panicstring[62]; int keysize; char encrypted_key[KERNELDUMP_ENCRYPTED_KEY_SIZE]; - char tweak[KERNELDUMP_TWEAK_SIZE]; uint32_t parity; };
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201309230101.r8N11TsF079389>