bcachefs-tools/crypto.c

#include <errno.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <termios.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <time.h>
#include <unistd.h>

#include <keyutils.h>
#include <linux/random.h>
#include <libscrypt.h>
#include <uuid/uuid.h>

#include "checksum.h"
#include "crypto.h"

char *read_passphrase(const char *prompt)
{
	char *buf = NULL;
	size_t buflen = 0;
	ssize_t len;

	if (isatty(STDIN_FILENO)) {
		struct termios old, new;

		fprintf(stderr, "%s", prompt);
		fflush(stderr);

		if (tcgetattr(STDIN_FILENO, &old))
			die("error getting terminal attrs");

		new = old;
		new.c_lflag &= ~ECHO;
		if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &new))
			die("error setting terminal attrs");

		len = getline(&buf, &buflen, stdin);

		tcsetattr(STDIN_FILENO, TCSAFLUSH, &old);
		fprintf(stderr, "\n");
	} else {
		len = getline(&buf, &buflen, stdin);
	}

	if (len < 0)
		die("error reading passphrase");
	if (len && buf[len - 1] == '\n')
		buf[len - 1] = '\0';

	return buf;
}

void derive_passphrase(struct bch_sb_field_crypt *crypt,
		       struct bch_key *key,
		       const char *passphrase)
{
	const unsigned char salt[] = "bcache";
	int ret;

	switch (BCH_CRYPT_KDF_TYPE(crypt)) {
	case BCH_KDF_SCRYPT:
		ret = libscrypt_scrypt((void *) passphrase, strlen(passphrase),
				       salt, sizeof(salt),
				       1ULL << BCH_KDF_SCRYPT_N(crypt),
				       1ULL << BCH_KDF_SCRYPT_R(crypt),
				       1ULL << BCH_KDF_SCRYPT_P(crypt),
				       (void *) key, sizeof(*key));
		if (ret)
			die("scrypt error: %i", ret);
		break;
	default:
		die("unknown kdf type %llu", BCH_CRYPT_KDF_TYPE(crypt));
	}
}

void bch2_add_key(struct bch_sb *sb, const char *passphrase)
{
	struct bch_sb_field_crypt *crypt = bch2_sb_get_crypt(sb);
	if (!crypt)
		die("filesystem is not encrypted");

	struct bch_encrypted_key sb_key = crypt->key;
	if (!bch2_key_is_encrypted(&sb_key))
		die("filesystem does not have encryption key");

	struct bch_key passphrase_key;
	derive_passphrase(crypt, &passphrase_key, passphrase);

	/* Check if the user supplied the correct passphrase: */
	if (bch2_chacha_encrypt_key(&passphrase_key, __bch2_sb_key_nonce(sb),
				   &sb_key, sizeof(sb_key)))
		die("error encrypting key");

	if (bch2_key_is_encrypted(&sb_key))
		die("incorrect passphrase");

	char uuid[40];
	uuid_unparse_lower(sb->user_uuid.b, uuid);

	char *description = mprintf("bcachefs:%s", uuid);

	if (add_key("logon", description,
		    &passphrase_key, sizeof(passphrase_key),
		    KEY_SPEC_USER_KEYRING) < 0 ||
	    add_key("user", description,
		    &passphrase_key, sizeof(passphrase_key),
		    KEY_SPEC_USER_KEYRING) < 0)
		die("add_key error: %s", strerror(errno));

	memzero_explicit(description, strlen(description));
	free(description);
	memzero_explicit(&passphrase_key, sizeof(passphrase_key));
	memzero_explicit(&sb_key, sizeof(sb_key));
}

void bch_sb_crypt_init(struct bch_sb *sb,
		       struct bch_sb_field_crypt *crypt,
		       const char *passphrase)
{
	crypt->key.magic = BCH_KEY_MAGIC;
	get_random_bytes(&crypt->key.key, sizeof(crypt->key.key));

	if (passphrase) {
		struct bch_key passphrase_key;

		SET_BCH_CRYPT_KDF_TYPE(crypt, BCH_KDF_SCRYPT);
		SET_BCH_KDF_SCRYPT_N(crypt, ilog2(SCRYPT_N));
		SET_BCH_KDF_SCRYPT_R(crypt, ilog2(SCRYPT_r));
		SET_BCH_KDF_SCRYPT_P(crypt, ilog2(SCRYPT_p));

		derive_passphrase(crypt, &passphrase_key, passphrase);

		assert(!bch2_key_is_encrypted(&crypt->key));

		if (bch2_chacha_encrypt_key(&passphrase_key, __bch2_sb_key_nonce(sb),
					   &crypt->key, sizeof(crypt->key)))
			die("error encrypting key");

		assert(bch2_key_is_encrypted(&crypt->key));

		memzero_explicit(&passphrase_key, sizeof(passphrase_key));
	}
}
New on disk format - encryption 2016-10-04 06:22:17 +03:00			`#include <errno.h>`
			`#include <stdbool.h>`
			`#include <stdio.h>`
			`#include <stdlib.h>`
			`#include <string.h>`
			`#include <termios.h>`
			`#include <sys/types.h>`
			`#include <sys/stat.h>`
			`#include <fcntl.h>`
			`#include <time.h>`
			`#include <unistd.h>`

cmd_migrate 2017-03-01 13:45:15 +03:00			`#include <keyutils.h>`
New on disk format - encryption 2016-10-04 06:22:17 +03:00			`#include <linux/random.h>`
			`#include <libscrypt.h>`
cmd_migrate 2017-03-01 13:45:15 +03:00			`#include <uuid/uuid.h>`
New on disk format - encryption 2016-10-04 06:22:17 +03:00
			`#include "checksum.h"`
			`#include "crypto.h"`

			`char read_passphrase(const char prompt)`
			`{`
			`char *buf = NULL;`
			`size_t buflen = 0;`
			`ssize_t len;`

			`if (isatty(STDIN_FILENO)) {`
			`struct termios old, new;`

			`fprintf(stderr, "%s", prompt);`
			`fflush(stderr);`

			`if (tcgetattr(STDIN_FILENO, &old))`
			`die("error getting terminal attrs");`

			`new = old;`
			`new.c_lflag &= ~ECHO;`
			`if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &new))`
			`die("error setting terminal attrs");`

			`len = getline(&buf, &buflen, stdin);`

			`tcsetattr(STDIN_FILENO, TCSAFLUSH, &old);`
			`fprintf(stderr, "\n");`
			`} else {`
			`len = getline(&buf, &buflen, stdin);`
			`}`

			`if (len < 0)`
			`die("error reading passphrase");`
			`if (len && buf[len - 1] == '\n')`
			`buf[len - 1] = '\0';`

			`return buf;`
			`}`

			`void derive_passphrase(struct bch_sb_field_crypt *crypt,`
			`struct bch_key *key,`
			`const char *passphrase)`
			`{`
			`const unsigned char salt[] = "bcache";`
			`int ret;`

			`switch (BCH_CRYPT_KDF_TYPE(crypt)) {`
			`case BCH_KDF_SCRYPT:`
			`ret = libscrypt_scrypt((void *) passphrase, strlen(passphrase),`
			`salt, sizeof(salt),`
			`1ULL << BCH_KDF_SCRYPT_N(crypt),`
			`1ULL << BCH_KDF_SCRYPT_R(crypt),`
			`1ULL << BCH_KDF_SCRYPT_P(crypt),`
			`(void ) key, sizeof(key));`
			`if (ret)`
			`die("scrypt error: %i", ret);`
			`break;`
			`default:`
			`die("unknown kdf type %llu", BCH_CRYPT_KDF_TYPE(crypt));`
			`}`
			`}`

More cmd_migrate improvements Factor out bch2_pick_bucket_size() from the format code, and pick the bucket size before picking the superblock location - that way we can ensure the superblock gets its own bucket and doesn't trigger warnings due to the allocation code noticing different types of data in the same bucket. 2017-04-03 06:43:35 +03:00			`void bch2_add_key(struct bch_sb sb, const char passphrase)`
New on disk format - encryption 2016-10-04 06:22:17 +03:00			`{`
Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`struct bch_sb_field_crypt *crypt = bch2_sb_get_crypt(sb);`
cmd_migrate 2017-03-01 13:45:15 +03:00			`if (!crypt)`
			`die("filesystem is not encrypted");`
New on disk format - encryption 2016-10-04 06:22:17 +03:00
cmd_migrate 2017-03-01 13:45:15 +03:00			`struct bch_encrypted_key sb_key = crypt->key;`
Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`if (!bch2_key_is_encrypted(&sb_key))`
cmd_migrate 2017-03-01 13:45:15 +03:00			`die("filesystem does not have encryption key");`
New on disk format - encryption 2016-10-04 06:22:17 +03:00
cmd_migrate 2017-03-01 13:45:15 +03:00			`struct bch_key passphrase_key;`
New on disk format - encryption 2016-10-04 06:22:17 +03:00			`derive_passphrase(crypt, &passphrase_key, passphrase);`

cmd_migrate 2017-03-01 13:45:15 +03:00			`/* Check if the user supplied the correct passphrase: */`
Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`if (bch2_chacha_encrypt_key(&passphrase_key, __bch2_sb_key_nonce(sb),`
cmd_migrate 2017-03-01 13:45:15 +03:00			`&sb_key, sizeof(sb_key)))`
			`die("error encrypting key");`

Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`if (bch2_key_is_encrypted(&sb_key))`
cmd_migrate 2017-03-01 13:45:15 +03:00			`die("incorrect passphrase");`

			`char uuid[40];`
			`uuid_unparse_lower(sb->user_uuid.b, uuid);`

Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`char *description = mprintf("bcachefs:%s", uuid);`
cmd_migrate 2017-03-01 13:45:15 +03:00
			`if (add_key("logon", description,`
			`&passphrase_key, sizeof(passphrase_key),`
			`KEY_SPEC_USER_KEYRING) < 0 \|\|`
			`add_key("user", description,`
			`&passphrase_key, sizeof(passphrase_key),`
			`KEY_SPEC_USER_KEYRING) < 0)`
			`die("add_key error: %s", strerror(errno));`

			`memzero_explicit(description, strlen(description));`
			`free(description);`
			`memzero_explicit(&passphrase_key, sizeof(passphrase_key));`
			`memzero_explicit(&sb_key, sizeof(sb_key));`
			`}`

			`void bch_sb_crypt_init(struct bch_sb *sb,`
			`struct bch_sb_field_crypt *crypt,`
			`const char *passphrase)`
			`{`
New on disk format - encryption 2016-10-04 06:22:17 +03:00			`crypt->key.magic = BCH_KEY_MAGIC;`
			`get_random_bytes(&crypt->key.key, sizeof(crypt->key.key));`

cmd_migrate 2017-03-01 13:45:15 +03:00			`if (passphrase) {`
			`struct bch_key passphrase_key;`
New on disk format - encryption 2016-10-04 06:22:17 +03:00
cmd_migrate 2017-03-01 13:45:15 +03:00			`SET_BCH_CRYPT_KDF_TYPE(crypt, BCH_KDF_SCRYPT);`
			`SET_BCH_KDF_SCRYPT_N(crypt, ilog2(SCRYPT_N));`
			`SET_BCH_KDF_SCRYPT_R(crypt, ilog2(SCRYPT_r));`
			`SET_BCH_KDF_SCRYPT_P(crypt, ilog2(SCRYPT_p));`
New on disk format - encryption 2016-10-04 06:22:17 +03:00
cmd_migrate 2017-03-01 13:45:15 +03:00			`derive_passphrase(crypt, &passphrase_key, passphrase);`
New on disk format - encryption 2016-10-04 06:22:17 +03:00
Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`assert(!bch2_key_is_encrypted(&crypt->key));`
cmd_migrate 2017-03-01 13:45:15 +03:00
Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`if (bch2_chacha_encrypt_key(&passphrase_key, __bch2_sb_key_nonce(sb),`
cmd_migrate 2017-03-01 13:45:15 +03:00			`&crypt->key, sizeof(crypt->key)))`
			`die("error encrypting key");`

Rename from bcache-tools to bcachefs-tools 2017-03-20 02:56:34 +03:00			`assert(bch2_key_is_encrypted(&crypt->key));`
cmd_migrate 2017-03-01 13:45:15 +03:00
			`memzero_explicit(&passphrase_key, sizeof(passphrase_key));`
			`}`
New on disk format - encryption 2016-10-04 06:22:17 +03:00			`}`