geliboot: Use the correct IV length for AES-XTS.

- Use AES_XTS_IV_LEN instead of the key length as the IV length. - Use G_ELI_IVKEYLEN as the size of the zeroed iv[] array in g_eli_crypto_cipher() to match geli_io(). PR: 261172 Reported by: Malcolm Matalka <mmatalka@gmail.com>, mikael Reviewed by: markj Sponsored by: FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D33884
2022-01-13 17:19:54 -08:00 · 2022-01-13 17:19:54 -08:00 · c7721958ff
commit c7721958ff
parent be887b3e6c
3 changed files with 6 additions and 7 deletions
--- a/stand/libsa/geli/geliboot.c
+++ b/stand/libsa/geli/geliboot.c
@ -345,7 +345,7 @@ geli_io(struct geli_dev *gdev, geli_op_t enc, off_t offset, u_char *buf,
 		g_eli_key_fill(&gdev->sc, &gkey, keyno);

 		error = geliboot_crypt(gdev->sc.sc_ealgo, enc, pbuf, secsize,
-		    gkey.gek_key, gdev->sc.sc_ekeylen, iv, sizeof(iv));
+		    gkey.gek_key, gdev->sc.sc_ekeylen, iv);

 		if (error != 0) {
 			explicit_bzero(&gkey, sizeof(gkey));
--- a/stand/libsa/geli/geliboot_crypto.c
+++ b/stand/libsa/geli/geliboot_crypto.c
@ -36,7 +36,7 @@

 int
 geliboot_crypt(u_int algo, geli_op_t enc, u_char *data, size_t datasize,
-    const u_char *key, size_t keysize, u_char *iv, size_t ivlen)
+    const u_char *key, size_t keysize, u_char *iv)
 {
 	keyInstance aeskey;
 	cipherInstance cipher;
@ -81,7 +81,7 @@ geliboot_crypt(u_int algo, geli_op_t enc, u_char *data, size_t datasize,
 		ctxp = &xtsctx;

 		enc_xform_aes_xts.setkey(ctxp, key, xts_len / 8);
-		enc_xform_aes_xts.reinit(ctxp, iv, ivlen);
+		enc_xform_aes_xts.reinit(ctxp, iv, AES_XTS_IV_LEN);

 		switch (enc) {
 		case GELI_DECRYPT:
@ -106,11 +106,10 @@ static int
 g_eli_crypto_cipher(u_int algo, geli_op_t enc, u_char *data, size_t datasize,
    const u_char *key, size_t keysize)
 {
-	u_char iv[keysize];
+	u_char iv[G_ELI_IVKEYLEN];

 	explicit_bzero(iv, sizeof(iv));
-	return (geliboot_crypt(algo, enc, data, datasize, key, keysize, iv,
-	    sizeof(iv)));
+	return (geliboot_crypt(algo, enc, data, datasize, key, keysize, iv));
 }

 int
--- a/stand/libsa/geli/geliboot_internal.h
+++ b/stand/libsa/geli/geliboot_internal.h
@ -68,6 +68,6 @@ struct geli_dev {
 };

 int geliboot_crypt(u_int algo, geli_op_t  enc, u_char *data, size_t datasize,
-    const u_char *key, size_t keysize, u_char *iv, size_t ivlen);
+    const u_char *key, size_t keysize, u_char *iv);

 #endif /* _GELIBOOT_INTERNAL_H_ */