]>
Commit | Line | Data |
---|---|---|
b5256303 TC |
1 | /* |
2 | * CDDL HEADER START | |
3 | * | |
4 | * This file and its contents are supplied under the terms of the | |
5 | * Common Development and Distribution License ("CDDL"), version 1.0. | |
6 | * You may only use this file in accordance with the terms of version | |
7 | * 1.0 of the CDDL. | |
8 | * | |
9 | * A full copy of the text of the CDDL should have accompanied this | |
10 | * source. A copy of the CDDL is also available via the Internet at | |
11 | * http://www.illumos.org/license/CDDL. | |
12 | * | |
13 | * CDDL HEADER END | |
14 | */ | |
15 | ||
16 | /* | |
17 | * Copyright (c) 2017, Datto, Inc. All rights reserved. | |
18 | */ | |
19 | ||
20 | #ifndef _SYS_ZIO_CRYPT_H | |
21 | #define _SYS_ZIO_CRYPT_H | |
22 | ||
23 | #include <sys/dmu.h> | |
24 | #include <sys/refcount.h> | |
25 | #include <sys/crypto/api.h> | |
26 | #include <sys/nvpair.h> | |
27 | #include <sys/avl.h> | |
28 | #include <sys/zio.h> | |
29 | ||
30 | /* forward declarations */ | |
31 | struct zbookmark_phys; | |
32 | ||
33 | #define WRAPPING_KEY_LEN 32 | |
34 | #define WRAPPING_IV_LEN ZIO_DATA_IV_LEN | |
4807c0ba | 35 | #define WRAPPING_MAC_LEN ZIO_DATA_MAC_LEN |
b5256303 | 36 | #define MASTER_KEY_MAX_LEN 32 |
4807c0ba | 37 | #define SHA512_HMAC_KEYLEN 64 |
b5256303 TC |
38 | |
39 | typedef enum zio_crypt_type { | |
40 | ZC_TYPE_NONE = 0, | |
41 | ZC_TYPE_CCM, | |
42 | ZC_TYPE_GCM | |
43 | } zio_crypt_type_t; | |
44 | ||
45 | /* table of supported crypto algorithms, modes and keylengths. */ | |
46 | typedef struct zio_crypt_info { | |
47 | /* mechanism name, needed by ICP */ | |
48 | crypto_mech_name_t ci_mechname; | |
49 | ||
50 | /* cipher mode type (GCM, CCM) */ | |
51 | zio_crypt_type_t ci_crypt_type; | |
52 | ||
53 | /* length of the encryption key */ | |
54 | size_t ci_keylen; | |
55 | ||
56 | /* human-readable name of the encryption alforithm */ | |
57 | char *ci_name; | |
58 | } zio_crypt_info_t; | |
59 | ||
60 | extern zio_crypt_info_t zio_crypt_table[ZIO_CRYPT_FUNCTIONS]; | |
61 | ||
62 | /* in memory representation of an unwrapped key that is loaded into memory */ | |
63 | typedef struct zio_crypt_key { | |
64 | /* encryption algorithm */ | |
65 | uint64_t zk_crypt; | |
66 | ||
67 | /* GUID for uniquely identifying this key. Not encrypted on disk. */ | |
68 | uint64_t zk_guid; | |
69 | ||
70 | /* buffer for master key */ | |
71 | uint8_t zk_master_keydata[MASTER_KEY_MAX_LEN]; | |
72 | ||
73 | /* buffer for hmac key */ | |
74 | uint8_t zk_hmac_keydata[SHA512_HMAC_KEYLEN]; | |
75 | ||
76 | /* buffer for currrent encryption key derived from master key */ | |
77 | uint8_t zk_current_keydata[MASTER_KEY_MAX_LEN]; | |
78 | ||
79 | /* current 64 bit salt for deriving an encryption key */ | |
80 | uint8_t zk_salt[ZIO_DATA_SALT_LEN]; | |
81 | ||
82 | /* count of how many times the current salt has been used */ | |
83 | uint64_t zk_salt_count; | |
84 | ||
85 | /* illumos crypto api current encryption key */ | |
86 | crypto_key_t zk_current_key; | |
87 | ||
88 | /* template of current encryption key for illumos crypto api */ | |
89 | crypto_ctx_template_t zk_current_tmpl; | |
90 | ||
91 | /* illumos crypto api current hmac key */ | |
92 | crypto_key_t zk_hmac_key; | |
93 | ||
94 | /* template of hmac key for illumos crypto api */ | |
95 | crypto_ctx_template_t zk_hmac_tmpl; | |
96 | ||
97 | /* lock for changing the salt and dependant values */ | |
98 | krwlock_t zk_salt_lock; | |
99 | } zio_crypt_key_t; | |
100 | ||
101 | void zio_crypt_key_destroy(zio_crypt_key_t *key); | |
102 | int zio_crypt_key_init(uint64_t crypt, zio_crypt_key_t *key); | |
103 | int zio_crypt_key_get_salt(zio_crypt_key_t *key, uint8_t *salt_out); | |
104 | ||
105 | int zio_crypt_key_wrap(crypto_key_t *cwkey, zio_crypt_key_t *key, uint8_t *iv, | |
106 | uint8_t *mac, uint8_t *keydata_out, uint8_t *hmac_keydata_out); | |
107 | int zio_crypt_key_unwrap(crypto_key_t *cwkey, uint64_t crypt, uint64_t guid, | |
108 | uint8_t *keydata, uint8_t *hmac_keydata, uint8_t *iv, uint8_t *mac, | |
109 | zio_crypt_key_t *key); | |
110 | int zio_crypt_generate_iv(uint8_t *ivbuf); | |
111 | int zio_crypt_generate_iv_salt_dedup(zio_crypt_key_t *key, uint8_t *data, | |
112 | uint_t datalen, uint8_t *ivbuf, uint8_t *salt); | |
113 | ||
114 | void zio_crypt_encode_params_bp(blkptr_t *bp, uint8_t *salt, uint8_t *iv); | |
115 | void zio_crypt_decode_params_bp(const blkptr_t *bp, uint8_t *salt, uint8_t *iv); | |
116 | void zio_crypt_encode_mac_bp(blkptr_t *bp, uint8_t *mac); | |
117 | void zio_crypt_decode_mac_bp(const blkptr_t *bp, uint8_t *mac); | |
118 | void zio_crypt_encode_mac_zil(void *data, uint8_t *mac); | |
119 | void zio_crypt_decode_mac_zil(const void *data, uint8_t *mac); | |
120 | void zio_crypt_copy_dnode_bonus(abd_t *src_abd, uint8_t *dst, uint_t datalen); | |
121 | ||
122 | int zio_crypt_do_indirect_mac_checksum(boolean_t generate, void *buf, | |
123 | uint_t datalen, boolean_t byteswap, uint8_t *cksum); | |
124 | int zio_crypt_do_indirect_mac_checksum_abd(boolean_t generate, abd_t *abd, | |
125 | uint_t datalen, boolean_t byteswap, uint8_t *cksum); | |
126 | int zio_crypt_do_hmac(zio_crypt_key_t *key, uint8_t *data, uint_t datalen, | |
4807c0ba | 127 | uint8_t *digestbuf, uint_t digestlen); |
b5256303 TC |
128 | int zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, |
129 | boolean_t byteswap, uint8_t *portable_mac, uint8_t *local_mac); | |
130 | int zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key, uint8_t *salt, | |
131 | dmu_object_type_t ot, uint8_t *iv, uint8_t *mac, uint_t datalen, | |
132 | boolean_t byteswap, uint8_t *plainbuf, uint8_t *cipherbuf, | |
133 | boolean_t *no_crypt); | |
134 | int zio_do_crypt_abd(boolean_t encrypt, zio_crypt_key_t *key, uint8_t *salt, | |
135 | dmu_object_type_t ot, uint8_t *iv, uint8_t *mac, uint_t datalen, | |
136 | boolean_t byteswap, abd_t *pabd, abd_t *cabd, boolean_t *no_crypt); | |
137 | ||
138 | #endif |