1eb63303Tom Caputi/*
2eb63303Tom Caputi * CDDL HEADER START
3eb63303Tom Caputi *
4eb63303Tom Caputi * This file and its contents are supplied under the terms of the
5eb63303Tom Caputi * Common Development and Distribution License ("CDDL"), version 1.0.
6eb63303Tom Caputi * You may only use this file in accordance with the terms of version
7eb63303Tom Caputi * 1.0 of the CDDL.
8eb63303Tom Caputi *
9eb63303Tom Caputi * A full copy of the text of the CDDL should have accompanied this
10eb63303Tom Caputi * source.  A copy of the CDDL is also available via the Internet at
11eb63303Tom Caputi * http://www.illumos.org/license/CDDL.
12eb63303Tom Caputi *
13eb63303Tom Caputi * CDDL HEADER END
14eb63303Tom Caputi */
15eb63303Tom Caputi
16eb63303Tom Caputi/*
17eb63303Tom Caputi * Copyright (c) 2017, Datto, Inc. All rights reserved.
18eb63303Tom Caputi */
19eb63303Tom Caputi
20eb63303Tom Caputi#ifndef	_SYS_ZIO_CRYPT_H
21eb63303Tom Caputi#define	_SYS_ZIO_CRYPT_H
22eb63303Tom Caputi
23eb63303Tom Caputi#include <sys/dmu.h>
24eb63303Tom Caputi#include <sys/refcount.h>
25eb63303Tom Caputi#include <sys/crypto/api.h>
26eb63303Tom Caputi#include <sys/nvpair.h>
27eb63303Tom Caputi#include <sys/avl.h>
28eb63303Tom Caputi#include <sys/zio.h>
29eb63303Tom Caputi
30eb63303Tom Caputi#ifdef	__cplusplus
31eb63303Tom Caputiextern "C" {
32eb63303Tom Caputi#endif
33eb63303Tom Caputi
34eb63303Tom Caputi/* forward declarations */
35eb63303Tom Caputistruct zbookmark_phys;
36eb63303Tom Caputi
37eb63303Tom Caputi#define	WRAPPING_KEY_LEN	32
38eb63303Tom Caputi#define	WRAPPING_IV_LEN		ZIO_DATA_IV_LEN
39eb63303Tom Caputi#define	WRAPPING_MAC_LEN	ZIO_DATA_MAC_LEN
40eb63303Tom Caputi#define	MASTER_KEY_MAX_LEN	32
41eb63303Tom Caputi#define	SHA512_HMAC_KEYLEN	64
42eb63303Tom Caputi
43eb63303Tom Caputi#define	ZIO_CRYPT_KEY_CURRENT_VERSION	1ULL
44eb63303Tom Caputi
45eb63303Tom Caputitypedef enum zio_crypt_type {
46eb63303Tom Caputi	ZC_TYPE_NONE = 0,
47eb63303Tom Caputi	ZC_TYPE_CCM,
48eb63303Tom Caputi	ZC_TYPE_GCM
49eb63303Tom Caputi} zio_crypt_type_t;
50eb63303Tom Caputi
51eb63303Tom Caputi/* table of supported crypto algorithms, modes and keylengths. */
52eb63303Tom Caputitypedef struct zio_crypt_info {
53eb63303Tom Caputi	/* mechanism name, needed by ICP */
54eb63303Tom Caputi	crypto_mech_name_t ci_mechname;
55eb63303Tom Caputi
56eb63303Tom Caputi	/* cipher mode type (GCM, CCM) */
57eb63303Tom Caputi	zio_crypt_type_t ci_crypt_type;
58eb63303Tom Caputi
59eb63303Tom Caputi	/* length of the encryption key */
60eb63303Tom Caputi	size_t ci_keylen;
61eb63303Tom Caputi
62eb63303Tom Caputi	/* human-readable name of the encryption alforithm */
63eb63303Tom Caputi	char *ci_name;
64eb63303Tom Caputi} zio_crypt_info_t;
65eb63303Tom Caputi
66eb63303Tom Caputiextern zio_crypt_info_t zio_crypt_table[ZIO_CRYPT_FUNCTIONS];
67eb63303Tom Caputi
68eb63303Tom Caputi/* in memory representation of an unwrapped key that is loaded into memory */
69eb63303Tom Caputitypedef struct zio_crypt_key {
70eb63303Tom Caputi	/* encryption algorithm */
71eb63303Tom Caputi	uint64_t zk_crypt;
72eb63303Tom Caputi
73eb63303Tom Caputi	/* on-disk format version */
74eb63303Tom Caputi	uint64_t zk_version;
75eb63303Tom Caputi
76eb63303Tom Caputi	/* GUID for uniquely identifying this key. Not encrypted on disk. */
77eb63303Tom Caputi	uint64_t zk_guid;
78eb63303Tom Caputi
79eb63303Tom Caputi	/* buffer for master key */
80eb63303Tom Caputi	uint8_t zk_master_keydata[MASTER_KEY_MAX_LEN];
81eb63303Tom Caputi
82eb63303Tom Caputi	/* buffer for hmac key */
83eb63303Tom Caputi	uint8_t zk_hmac_keydata[SHA512_HMAC_KEYLEN];
84eb63303Tom Caputi
85eb63303Tom Caputi	/* buffer for currrent encryption key derived from master key */
86eb63303Tom Caputi	uint8_t zk_current_keydata[MASTER_KEY_MAX_LEN];
87eb63303Tom Caputi
88eb63303Tom Caputi	/* current 64 bit salt for deriving an encryption key */
89eb63303Tom Caputi	uint8_t zk_salt[ZIO_DATA_SALT_LEN];
90eb63303Tom Caputi
91eb63303Tom Caputi	/* count of how many times the current salt has been used */
92eb63303Tom Caputi	uint64_t zk_salt_count;
93eb63303Tom Caputi
94eb63303Tom Caputi	/* illumos crypto api current encryption key */
95eb63303Tom Caputi	crypto_key_t zk_current_key;
96eb63303Tom Caputi
97eb63303Tom Caputi	/* template of current encryption key for illumos crypto api */
98eb63303Tom Caputi	crypto_ctx_template_t zk_current_tmpl;
99eb63303Tom Caputi
100eb63303Tom Caputi	/* illumos crypto api current hmac key */
101eb63303Tom Caputi	crypto_key_t zk_hmac_key;
102eb63303Tom Caputi
103eb63303Tom Caputi	/* template of hmac key for illumos crypto api */
104eb63303Tom Caputi	crypto_ctx_template_t zk_hmac_tmpl;
105eb63303Tom Caputi
106eb63303Tom Caputi	/* lock for changing the salt and dependant values */
107eb63303Tom Caputi	krwlock_t zk_salt_lock;
108eb63303Tom Caputi} zio_crypt_key_t;
109eb63303Tom Caputi
110eb63303Tom Caputivoid zio_crypt_key_destroy(zio_crypt_key_t *key);
111eb63303Tom Caputiint zio_crypt_key_init(uint64_t crypt, zio_crypt_key_t *key);
112eb63303Tom Caputiint zio_crypt_key_get_salt(zio_crypt_key_t *key, uint8_t *salt_out);
113eb63303Tom Caputi
114eb63303Tom Caputiint zio_crypt_key_wrap(crypto_key_t *cwkey, zio_crypt_key_t *key, uint8_t *iv,
115eb63303Tom Caputi    uint8_t *mac, uint8_t *keydata_out, uint8_t *hmac_keydata_out);
116eb63303Tom Caputiint zio_crypt_key_unwrap(crypto_key_t *cwkey, uint64_t crypt, uint64_t version,
117eb63303Tom Caputi    uint64_t guid, uint8_t *keydata, uint8_t *hmac_keydata, uint8_t *iv,
118eb63303Tom Caputi    uint8_t *mac, zio_crypt_key_t *key);
119eb63303Tom Caputiint zio_crypt_generate_iv(uint8_t *ivbuf);
120eb63303Tom Caputiint zio_crypt_generate_iv_salt_dedup(zio_crypt_key_t *key, uint8_t *data,
121eb63303Tom Caputi    uint_t datalen, uint8_t *ivbuf, uint8_t *salt);
122eb63303Tom Caputi
123eb63303Tom Caputivoid zio_crypt_encode_params_bp(blkptr_t *bp, uint8_t *salt, uint8_t *iv);
124eb63303Tom Caputivoid zio_crypt_decode_params_bp(const blkptr_t *bp, uint8_t *salt, uint8_t *iv);
125eb63303Tom Caputivoid zio_crypt_encode_mac_bp(blkptr_t *bp, uint8_t *mac);
126eb63303Tom Caputivoid zio_crypt_decode_mac_bp(const blkptr_t *bp, uint8_t *mac);
127eb63303Tom Caputivoid zio_crypt_encode_mac_zil(void *data, uint8_t *mac);
128eb63303Tom Caputivoid zio_crypt_decode_mac_zil(const void *data, uint8_t *mac);
129eb63303Tom Caputivoid zio_crypt_copy_dnode_bonus(abd_t *src_abd, uint8_t *dst, uint_t datalen);
130eb63303Tom Caputi
131eb63303Tom Caputiint zio_crypt_do_indirect_mac_checksum(boolean_t generate, void *buf,
132eb63303Tom Caputi    uint_t datalen, boolean_t byteswap, uint8_t *cksum);
133eb63303Tom Caputiint zio_crypt_do_indirect_mac_checksum_abd(boolean_t generate, abd_t *abd,
134eb63303Tom Caputi    uint_t datalen, boolean_t byteswap, uint8_t *cksum);
135eb63303Tom Caputiint zio_crypt_do_hmac(zio_crypt_key_t *key, uint8_t *data, uint_t datalen,
136eb63303Tom Caputi    uint8_t *digestbuf, uint_t digestlen);
137eb63303Tom Caputiint zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen,
138eb63303Tom Caputi    boolean_t byteswap, uint8_t *portable_mac, uint8_t *local_mac);
139eb63303Tom Caputiint zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key,
140eb63303Tom Caputi    dmu_object_type_t ot, boolean_t byteswap, uint8_t *salt, uint8_t *iv,
141eb63303Tom Caputi    uint8_t *mac, uint_t datalen, uint8_t *plainbuf, uint8_t *cipherbuf,
142eb63303Tom Caputi    boolean_t *no_crypt);
143eb63303Tom Caputiint zio_do_crypt_abd(boolean_t encrypt, zio_crypt_key_t *key,
144eb63303Tom Caputi    dmu_object_type_t ot, boolean_t byteswap, uint8_t *salt, uint8_t *iv,
145eb63303Tom Caputi    uint8_t *mac, uint_t datalen, abd_t *pabd, abd_t *cabd,
146eb63303Tom Caputi    boolean_t *no_crypt);
147eb63303Tom Caputi
148eb63303Tom Caputi#ifdef	__cplusplus
149eb63303Tom Caputi}
150eb63303Tom Caputi#endif
151eb63303Tom Caputi
152eb63303Tom Caputi#endif /* _SYS_ZIO_CRYPT_H */
153