]>
Commit | Line | Data |
---|---|---|
b5256303 TC |
1 | /* |
2 | * CDDL HEADER START | |
3 | * | |
4 | * This file and its contents are supplied under the terms of the | |
5 | * Common Development and Distribution License ("CDDL"), version 1.0. | |
6 | * You may only use this file in accordance with the terms of version | |
7 | * 1.0 of the CDDL. | |
8 | * | |
9 | * A full copy of the text of the CDDL should have accompanied this | |
10 | * source. A copy of the CDDL is also available via the Internet at | |
11 | * http://www.illumos.org/license/CDDL. | |
12 | * | |
13 | * CDDL HEADER END | |
14 | */ | |
15 | ||
16 | /* | |
17 | * Copyright (c) 2017, Datto, Inc. All rights reserved. | |
18 | */ | |
19 | ||
20 | #ifndef _SYS_ZIO_CRYPT_H | |
21 | #define _SYS_ZIO_CRYPT_H | |
22 | ||
23 | #include <sys/dmu.h> | |
24 | #include <sys/refcount.h> | |
25 | #include <sys/crypto/api.h> | |
26 | #include <sys/nvpair.h> | |
27 | #include <sys/avl.h> | |
28 | #include <sys/zio.h> | |
29 | ||
30 | /* forward declarations */ | |
31 | struct zbookmark_phys; | |
32 | ||
33 | #define WRAPPING_KEY_LEN 32 | |
34 | #define WRAPPING_IV_LEN ZIO_DATA_IV_LEN | |
35 | #define WRAPPING_MAC_LEN 16 | |
36 | ||
37 | #define SHA1_DIGEST_LEN 20 | |
38 | #define SHA512_DIGEST_LEN 64 | |
39 | #define SHA512_HMAC_KEYLEN 64 | |
40 | ||
41 | #define MASTER_KEY_MAX_LEN 32 | |
42 | #define L2ARC_DEFAULT_CRYPT ZIO_CRYPT_AES_256_CCM | |
43 | ||
44 | /* utility macros */ | |
45 | #define BITS_TO_BYTES(x) ((x + NBBY - 1) / NBBY) | |
46 | #define BYTES_TO_BITS(x) (x * NBBY) | |
47 | ||
48 | typedef enum zio_crypt_type { | |
49 | ZC_TYPE_NONE = 0, | |
50 | ZC_TYPE_CCM, | |
51 | ZC_TYPE_GCM | |
52 | } zio_crypt_type_t; | |
53 | ||
54 | /* table of supported crypto algorithms, modes and keylengths. */ | |
55 | typedef struct zio_crypt_info { | |
56 | /* mechanism name, needed by ICP */ | |
57 | crypto_mech_name_t ci_mechname; | |
58 | ||
59 | /* cipher mode type (GCM, CCM) */ | |
60 | zio_crypt_type_t ci_crypt_type; | |
61 | ||
62 | /* length of the encryption key */ | |
63 | size_t ci_keylen; | |
64 | ||
65 | /* human-readable name of the encryption alforithm */ | |
66 | char *ci_name; | |
67 | } zio_crypt_info_t; | |
68 | ||
69 | extern zio_crypt_info_t zio_crypt_table[ZIO_CRYPT_FUNCTIONS]; | |
70 | ||
71 | /* in memory representation of an unwrapped key that is loaded into memory */ | |
72 | typedef struct zio_crypt_key { | |
73 | /* encryption algorithm */ | |
74 | uint64_t zk_crypt; | |
75 | ||
76 | /* GUID for uniquely identifying this key. Not encrypted on disk. */ | |
77 | uint64_t zk_guid; | |
78 | ||
79 | /* buffer for master key */ | |
80 | uint8_t zk_master_keydata[MASTER_KEY_MAX_LEN]; | |
81 | ||
82 | /* buffer for hmac key */ | |
83 | uint8_t zk_hmac_keydata[SHA512_HMAC_KEYLEN]; | |
84 | ||
85 | /* buffer for currrent encryption key derived from master key */ | |
86 | uint8_t zk_current_keydata[MASTER_KEY_MAX_LEN]; | |
87 | ||
88 | /* current 64 bit salt for deriving an encryption key */ | |
89 | uint8_t zk_salt[ZIO_DATA_SALT_LEN]; | |
90 | ||
91 | /* count of how many times the current salt has been used */ | |
92 | uint64_t zk_salt_count; | |
93 | ||
94 | /* illumos crypto api current encryption key */ | |
95 | crypto_key_t zk_current_key; | |
96 | ||
97 | /* template of current encryption key for illumos crypto api */ | |
98 | crypto_ctx_template_t zk_current_tmpl; | |
99 | ||
100 | /* illumos crypto api current hmac key */ | |
101 | crypto_key_t zk_hmac_key; | |
102 | ||
103 | /* template of hmac key for illumos crypto api */ | |
104 | crypto_ctx_template_t zk_hmac_tmpl; | |
105 | ||
106 | /* lock for changing the salt and dependant values */ | |
107 | krwlock_t zk_salt_lock; | |
108 | } zio_crypt_key_t; | |
109 | ||
110 | void zio_crypt_key_destroy(zio_crypt_key_t *key); | |
111 | int zio_crypt_key_init(uint64_t crypt, zio_crypt_key_t *key); | |
112 | int zio_crypt_key_get_salt(zio_crypt_key_t *key, uint8_t *salt_out); | |
113 | ||
114 | int zio_crypt_key_wrap(crypto_key_t *cwkey, zio_crypt_key_t *key, uint8_t *iv, | |
115 | uint8_t *mac, uint8_t *keydata_out, uint8_t *hmac_keydata_out); | |
116 | int zio_crypt_key_unwrap(crypto_key_t *cwkey, uint64_t crypt, uint64_t guid, | |
117 | uint8_t *keydata, uint8_t *hmac_keydata, uint8_t *iv, uint8_t *mac, | |
118 | zio_crypt_key_t *key); | |
119 | int zio_crypt_generate_iv(uint8_t *ivbuf); | |
120 | int zio_crypt_generate_iv_salt_dedup(zio_crypt_key_t *key, uint8_t *data, | |
121 | uint_t datalen, uint8_t *ivbuf, uint8_t *salt); | |
122 | ||
123 | void zio_crypt_encode_params_bp(blkptr_t *bp, uint8_t *salt, uint8_t *iv); | |
124 | void zio_crypt_decode_params_bp(const blkptr_t *bp, uint8_t *salt, uint8_t *iv); | |
125 | void zio_crypt_encode_mac_bp(blkptr_t *bp, uint8_t *mac); | |
126 | void zio_crypt_decode_mac_bp(const blkptr_t *bp, uint8_t *mac); | |
127 | void zio_crypt_encode_mac_zil(void *data, uint8_t *mac); | |
128 | void zio_crypt_decode_mac_zil(const void *data, uint8_t *mac); | |
129 | void zio_crypt_copy_dnode_bonus(abd_t *src_abd, uint8_t *dst, uint_t datalen); | |
130 | ||
131 | int zio_crypt_do_indirect_mac_checksum(boolean_t generate, void *buf, | |
132 | uint_t datalen, boolean_t byteswap, uint8_t *cksum); | |
133 | int zio_crypt_do_indirect_mac_checksum_abd(boolean_t generate, abd_t *abd, | |
134 | uint_t datalen, boolean_t byteswap, uint8_t *cksum); | |
135 | int zio_crypt_do_hmac(zio_crypt_key_t *key, uint8_t *data, uint_t datalen, | |
136 | uint8_t *digestbuf); | |
137 | int zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, | |
138 | boolean_t byteswap, uint8_t *portable_mac, uint8_t *local_mac); | |
139 | int zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key, uint8_t *salt, | |
140 | dmu_object_type_t ot, uint8_t *iv, uint8_t *mac, uint_t datalen, | |
141 | boolean_t byteswap, uint8_t *plainbuf, uint8_t *cipherbuf, | |
142 | boolean_t *no_crypt); | |
143 | int zio_do_crypt_abd(boolean_t encrypt, zio_crypt_key_t *key, uint8_t *salt, | |
144 | dmu_object_type_t ot, uint8_t *iv, uint8_t *mac, uint_t datalen, | |
145 | boolean_t byteswap, abd_t *pabd, abd_t *cabd, boolean_t *no_crypt); | |
146 | ||
147 | #endif |