Both luks.c and luks2.c have similar implementations of essiv_decrypt(). Drop the version in the later to reduce code duplication. Drop the duplicate function comments while we are here, since exported functions should have the information in the header file. Co-developed-by: Claude <noreply@anthropic.com> Signed-off-by: Simon Glass <simon.glass@canonical.com> --- drivers/block/luks.c | 48 ++------------------------ drivers/block/luks2.c | 63 ----------------------------------- drivers/block/luks_internal.h | 18 ++++++++++ 3 files changed, 20 insertions(+), 109 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 923932c0dad..a7f5b436e12 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -195,20 +195,6 @@ static int af_hash(struct hash_algo *algo, size_t key_size, u8 *block_buf) return 0; } -/** - * af_merge() - Merge anti-forensic split key into original key - * - * This performs the LUKS AF-merge operation to recover the original key from - * its AF-split representation. The algorithm XORs all stripes together, - * applying diffusion between each stripe. - * - * @src: AF-split key material (key_size * stripes bytes) - * @dst: Output buffer for merged key (key_size bytes) - * @key_size: Size of the original key - * @stripes: Number of anti-forensic stripes - * @hash_spec: Hash algorithm name (e.g., "sha256") - * Return: 0 on success, -ve on error - */ int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes, const char *hash_spec) { @@ -250,23 +236,8 @@ int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes, return 0; } -/** - * essiv_decrypt() - Decrypt key material using ESSIV mode - * - * ESSIV (Encrypted Salt-Sector Initialization Vector) mode generates a unique - * IV for each sector by encrypting the sector number with a key derived from - * hashing the encryption key. - * - * @derived_key: Key derived from passphrase - * @key_size: Size of the encryption key in bytes - * @expkey: Expanded AES key for decryption - * @km: Encrypted key material buffer - * @split_key: Output buffer for decrypted key material - * @km_blocks: Number of blocks of key material - * @blksz: Block size in bytes - */ -static void essiv_decrypt(u8 *derived_key, uint key_size, u8 *expkey, u8 *km, - u8 *split_key, uint km_blocks, uint blksz) +void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, + u8 *km, u8 *split_key, uint km_blocks, uint blksz) { u8 essiv_expkey[AES256_EXPAND_KEY_LENGTH]; u8 essiv_key_material[SHA256_SUM_LEN]; @@ -576,21 +547,6 @@ out: return ret; } -/** - * luks_create_blkmap() - Create a blkmap device for a LUKS partition - * - * This creates and configures a blkmap device to provide access to the - * decrypted contents of a LUKS partition. The master key must already be - * unlocked using luks_unlock(). - * - * @blk: Block device containing the LUKS partition - * @pinfo: Partition information - * @master_key: Unlocked master key - * @key_size: Size of the master key in bytes - * @label: Label for the blkmap device - * @blkmapp: Output pointer for created blkmap device - * Return: 0 on success, -ve on error - */ int luks_create_blkmap(struct udevice *blk, struct disk_partition *pinfo, const u8 *master_key, u32 key_size, const char *label, struct udevice **blkmapp) diff --git a/drivers/block/luks2.c b/drivers/block/luks2.c index 4720f9d92ce..6836c372de2 100644 --- a/drivers/block/luks2.c +++ b/drivers/block/luks2.c @@ -454,69 +454,6 @@ out: return ret; } -/** - * essiv_decrypt() - Decrypt key material using ESSIV mode - * - * ESSIV (Encrypted Salt-Sector Initialization Vector) mode generates a unique - * IV for each sector by encrypting the sector number with a key derived from - * hashing the encryption key. - * - * @derived_key: Key derived from passphrase - * @key_size: Size of the encryption key in bytes - * @expkey: Expanded AES key for decryption - * @km: Encrypted key material buffer - * @split_key: Output buffer for decrypted key material - * @km_blocks: Number of blocks of key material - * @blksz: Block size in bytes - */ -static void essiv_decrypt(u8 *derived_key, uint key_size, u8 *expkey, - u8 *km, u8 *split_key, uint km_blocks, uint blksz) -{ - u8 essiv_expkey[AES256_EXPAND_KEY_LENGTH]; - u8 essiv_key_material[SHA256_SUM_LEN]; - u32 num_sectors = km_blocks; - u8 iv[AES_BLOCK_LENGTH]; - uint rel_sect; - - /* Generate ESSIV key by hashing the encryption key */ - log_debug("using ESSIV mode\n"); - sha256_csum_wd(derived_key, key_size, essiv_key_material, - CHUNKSZ_SHA256); - - log_debug_hex("ESSIV key[0-7]:", essiv_key_material, 8); - - /* Expand ESSIV key for AES */ - aes_expand_key(essiv_key_material, 256, essiv_expkey); - - /* - * Decrypt each sector with its own IV - * NOTE: sector number is relative to the key material buffer, - * not an absolute disk sector - */ - for (rel_sect = 0; rel_sect < num_sectors; rel_sect++) { - u8 sector_iv[AES_BLOCK_LENGTH]; - - /* Create IV: little-endian sector number padded to 16 bytes */ - memset(sector_iv, '\0', AES_BLOCK_LENGTH); - put_unaligned_le32(rel_sect, sector_iv); - - /* Encrypt sector number with ESSIV key to get IV */ - aes_encrypt(256, sector_iv, essiv_expkey, iv); - - /* Show the first sector for debugging */ - if (!rel_sect) { - log_debug("rel_sect %x, ", rel_sect); - log_debug_hex("IV[0-7]:", iv, 8); - } - - /* Decrypt this sector */ - aes_cbc_decrypt_blocks(key_size * 8, expkey, iv, - km + (rel_sect * blksz), - split_key + (rel_sect * blksz), - blksz / AES_BLOCK_LENGTH); - } -} - /** * decrypt_km_xts() - Decrypt key material using XTS mode * diff --git a/drivers/block/luks_internal.h b/drivers/block/luks_internal.h index 14d3839fe6a..3bc572cdfd9 100644 --- a/drivers/block/luks_internal.h +++ b/drivers/block/luks_internal.h @@ -27,6 +27,24 @@ int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes, const char *hash_spec); +/** + * essiv_decrypt() - Decrypt key material using ESSIV mode + * + * ESSIV (Encrypted Salt-Sector Initialization Vector) mode generates a unique + * IV for each sector by encrypting the sector number with a key derived from + * hashing the encryption key. Used by both LUKS1 and LUKS2. + * + * @derived_key: Key derived from passphrase + * @key_size: Size of the encryption key in bytes + * @expkey: Expanded AES key for decryption + * @km: Encrypted key material buffer + * @split_key: Output buffer for decrypted key material + * @km_blocks: Number of blocks of key material + * @blksz: Block size in bytes + */ +void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, u8 *km, + u8 *split_key, uint km_blocks, uint blksz); + /** * unlock_luks2() - Unlock a LUKS2 partition with a passphrase * -- 2.43.0