From 35fd4ce0b3731876a5b7b2635d423734f6f12b9b Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 3 Jun 2020 19:25:01 -0700 Subject: generic: verify ciphertext of IV_INO_LBLK_32 encryption policies Verify the ciphertext for v2 encryption policies that use the IV_INO_LBLK_32 flag and that use AES-256-XTS to encrypt file contents and AES-256-CTS-CBC to encrypt file names. The IV_INO_LBLK_32 encryption policy flag modifies the IV generation and key derivation to be optimized for use with inline encryption hardware that only accepts 32-bit IVs. It is similar to IV_INO_LBLK_64 (which is tested by generic/592), but it uses a trick to get the IV down to 32 bits. For more information, see kernel commit e3b1078bedd3 ("fscrypt: add support for IV_INO_LBLK_32 policies"). This test required adding SipHash support to fscrypt-crypt-util. Running this test requires a kernel containing the above commit, e.g. the latest mainline (which will become v5.8 and later). For ext4, it also needs an e2fsprogs version that supports the stable_inodes feature, e.g. the latest git master branch (which will become v1.46 and later). Signed-off-by: Eric Biggers --- common/encrypt | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'common') diff --git a/common/encrypt b/common/encrypt index 5695a123..c4cc2d83 100644 --- a/common/encrypt +++ b/common/encrypt @@ -97,7 +97,8 @@ _require_encryption_policy_support() echo "Checking whether kernel supports encryption policy: $set_encpolicy_args" \ >> $seqres.full - if (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then + if (( policy_flags & (FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 | + FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) )); then _scratch_unmount _scratch_mkfs_stable_inodes_encrypted &>> $seqres.full _scratch_mount @@ -769,6 +770,7 @@ FSCRYPT_MODE_ADIANTUM=9 FSCRYPT_POLICY_FLAG_DIRECT_KEY=0x04 FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64=0x08 +FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32=0x10 FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR=1 FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER=2 @@ -797,6 +799,7 @@ _fscrypt_mode_name_to_num() # 'v2': test a v2 encryption policy # 'direct': test the DIRECT_KEY policy flag # 'iv_ino_lblk_64': test the IV_INO_LBLK_64 policy flag +# 'iv_ino_lblk_32': test the IV_INO_LBLK_32 policy flag # _verify_ciphertext_for_encryption_policy() { @@ -826,6 +829,9 @@ _verify_ciphertext_for_encryption_policy() iv_ino_lblk_64) (( policy_flags |= FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )) ;; + iv_ino_lblk_32) + (( policy_flags |= FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 )) + ;; *) _fail "Unknown option '$opt' passed to ${FUNCNAME[0]}" ;; @@ -841,14 +847,15 @@ _verify_ciphertext_for_encryption_policy() set_encpolicy_args+=" -v 2" crypt_util_args+=" --kdf=HKDF-SHA512" if (( policy_flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY )); then - if (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then - _fail "'direct' and 'iv_ino_lblk_64' options are mutually exclusive" - fi crypt_util_args+=" --mode-num=$contents_mode_num" elif (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then crypt_util_args+=" --iv-ino-lblk-64" crypt_util_contents_args+=" --mode-num=$contents_mode_num" crypt_util_filename_args+=" --mode-num=$filenames_mode_num" + elif (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 )); then + crypt_util_args+=" --iv-ino-lblk-32" + crypt_util_contents_args+=" --mode-num=$contents_mode_num" + crypt_util_filename_args+=" --mode-num=$filenames_mode_num" fi else if (( policy_flags & ~FSCRYPT_POLICY_FLAG_DIRECT_KEY )); then @@ -872,7 +879,8 @@ _verify_ciphertext_for_encryption_policy() fi echo "Creating encryption-capable filesystem" >> $seqres.full - if (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then + if (( policy_flags & (FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 | + FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) )); then _scratch_mkfs_stable_inodes_encrypted &>> $seqres.full else _scratch_mkfs_encrypted &>> $seqres.full -- cgit v1.2.3