1 /*- 2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 #ifndef _G_ELI_H_ 30 #define _G_ELI_H_ 31 32 #include <sys/endian.h> 33 #include <sys/errno.h> 34 #include <sys/malloc.h> 35 #include <crypto/sha2/sha2.h> 36 #include <opencrypto/cryptodev.h> 37 #ifdef _KERNEL 38 #include <sys/bio.h> 39 #include <sys/libkern.h> 40 #include <sys/lock.h> 41 #include <sys/mutex.h> 42 #include <sys/queue.h> 43 #include <sys/tree.h> 44 #include <geom/geom.h> 45 #else 46 #include <stdio.h> 47 #include <string.h> 48 #include <strings.h> 49 #endif 50 #ifndef _OpenSSL_ 51 #include <sys/md5.h> 52 #endif 53 54 #define G_ELI_CLASS_NAME "ELI" 55 #define G_ELI_MAGIC "GEOM::ELI" 56 #define G_ELI_SUFFIX ".eli" 57 58 /* 59 * Version history: 60 * 0 - Initial version number. 61 * 1 - Added data authentication support (md_aalgo field and 62 * G_ELI_FLAG_AUTH flag). 63 * 2 - Added G_ELI_FLAG_READONLY. 64 * 3 - Added 'configure' subcommand. 65 * 4 - IV is generated from offset converted to little-endian 66 * (flag G_ELI_FLAG_NATIVE_BYTE_ORDER will be set for older versions). 67 * 5 - Added multiple encrypton keys and AES-XTS support. 68 */ 69 #define G_ELI_VERSION 5 70 71 /* ON DISK FLAGS. */ 72 /* Use random, onetime keys. */ 73 #define G_ELI_FLAG_ONETIME 0x00000001 74 /* Ask for the passphrase from the kernel, before mounting root. */ 75 #define G_ELI_FLAG_BOOT 0x00000002 76 /* Detach on last close, if we were open for writing. */ 77 #define G_ELI_FLAG_WO_DETACH 0x00000004 78 /* Detach on last close. */ 79 #define G_ELI_FLAG_RW_DETACH 0x00000008 80 /* Provide data authentication. */ 81 #define G_ELI_FLAG_AUTH 0x00000010 82 /* Provider is read-only, we should deny all write attempts. */ 83 #define G_ELI_FLAG_RO 0x00000020 84 /* RUNTIME FLAGS. */ 85 /* Provider was open for writing. */ 86 #define G_ELI_FLAG_WOPEN 0x00010000 87 /* Destroy device. */ 88 #define G_ELI_FLAG_DESTROY 0x00020000 89 /* Provider uses native byte-order for IV generation. */ 90 #define G_ELI_FLAG_NATIVE_BYTE_ORDER 0x00040000 91 /* Provider uses single encryption key. */ 92 #define G_ELI_FLAG_SINGLE_KEY 0x00080000 93 /* Device suspended. */ 94 #define G_ELI_FLAG_SUSPEND 0x00100000 95 96 #define G_ELI_NEW_BIO 255 97 98 #define SHA512_MDLEN 64 99 #define G_ELI_AUTH_SECKEYLEN SHA256_DIGEST_LENGTH 100 101 #define G_ELI_MAXMKEYS 2 102 #define G_ELI_MAXKEYLEN 64 103 #define G_ELI_USERKEYLEN G_ELI_MAXKEYLEN 104 #define G_ELI_DATAKEYLEN G_ELI_MAXKEYLEN 105 #define G_ELI_AUTHKEYLEN G_ELI_MAXKEYLEN 106 #define G_ELI_IVKEYLEN G_ELI_MAXKEYLEN 107 #define G_ELI_SALTLEN 64 108 #define G_ELI_DATAIVKEYLEN (G_ELI_DATAKEYLEN + G_ELI_IVKEYLEN) 109 /* Data-Key, IV-Key, HMAC_SHA512(Derived-Key, Data-Key+IV-Key) */ 110 #define G_ELI_MKEYLEN (G_ELI_DATAIVKEYLEN + SHA512_MDLEN) 111 #define G_ELI_OVERWRITES 5 112 /* Switch data encryption key every 2^20 blocks. */ 113 #define G_ELI_KEY_SHIFT 20 114 115 #ifdef _KERNEL 116 extern int g_eli_debug; 117 extern u_int g_eli_overwrites; 118 extern u_int g_eli_batch; 119 120 #define G_ELI_CRYPTO_UNKNOWN 0 121 #define G_ELI_CRYPTO_HW 1 122 #define G_ELI_CRYPTO_SW 2 123 124 #define G_ELI_DEBUG(lvl, ...) do { \ 125 if (g_eli_debug >= (lvl)) { \ 126 printf("GEOM_ELI"); \ 127 if (g_eli_debug > 0) \ 128 printf("[%u]", lvl); \ 129 printf(": "); \ 130 printf(__VA_ARGS__); \ 131 printf("\n"); \ 132 } \ 133 } while (0) 134 #define G_ELI_LOGREQ(lvl, bp, ...) do { \ 135 if (g_eli_debug >= (lvl)) { \ 136 printf("GEOM_ELI"); \ 137 if (g_eli_debug > 0) \ 138 printf("[%u]", lvl); \ 139 printf(": "); \ 140 printf(__VA_ARGS__); \ 141 printf(" "); \ 142 g_print_bio(bp); \ 143 printf("\n"); \ 144 } \ 145 } while (0) 146 147 struct g_eli_worker { 148 struct g_eli_softc *w_softc; 149 struct proc *w_proc; 150 u_int w_number; 151 uint64_t w_sid; 152 boolean_t w_active; 153 LIST_ENTRY(g_eli_worker) w_next; 154 }; 155 156 struct g_eli_softc { 157 struct g_geom *sc_geom; 158 u_int sc_crypto; 159 uint8_t sc_mkey[G_ELI_DATAIVKEYLEN]; 160 uint8_t sc_ekey[G_ELI_DATAKEYLEN]; 161 TAILQ_HEAD(, g_eli_key) sc_ekeys_queue; 162 RB_HEAD(g_eli_key_tree, g_eli_key) sc_ekeys_tree; 163 struct mtx sc_ekeys_lock; 164 uint64_t sc_ekeys_total; 165 uint64_t sc_ekeys_allocated; 166 u_int sc_ealgo; 167 u_int sc_ekeylen; 168 uint8_t sc_akey[G_ELI_AUTHKEYLEN]; 169 u_int sc_aalgo; 170 u_int sc_akeylen; 171 u_int sc_alen; 172 SHA256_CTX sc_akeyctx; 173 uint8_t sc_ivkey[G_ELI_IVKEYLEN]; 174 SHA256_CTX sc_ivctx; 175 int sc_nkey; 176 uint32_t sc_flags; 177 int sc_inflight; 178 off_t sc_mediasize; 179 size_t sc_sectorsize; 180 u_int sc_bytes_per_sector; 181 u_int sc_data_per_sector; 182 183 /* Only for software cryptography. */ 184 struct bio_queue_head sc_queue; 185 struct mtx sc_queue_mtx; 186 LIST_HEAD(, g_eli_worker) sc_workers; 187 }; 188 #define sc_name sc_geom->name 189 #endif /* _KERNEL */ 190 191 struct g_eli_metadata { 192 char md_magic[16]; /* Magic value. */ 193 uint32_t md_version; /* Version number. */ 194 uint32_t md_flags; /* Additional flags. */ 195 uint16_t md_ealgo; /* Encryption algorithm. */ 196 uint16_t md_keylen; /* Key length. */ 197 uint16_t md_aalgo; /* Authentication algorithm. */ 198 uint64_t md_provsize; /* Provider's size. */ 199 uint32_t md_sectorsize; /* Sector size. */ 200 uint8_t md_keys; /* Available keys. */ 201 int32_t md_iterations; /* Number of iterations for PKCS#5v2. */ 202 uint8_t md_salt[G_ELI_SALTLEN]; /* Salt. */ 203 /* Encrypted master key (IV-key, Data-key, HMAC). */ 204 uint8_t md_mkeys[G_ELI_MAXMKEYS * G_ELI_MKEYLEN]; 205 u_char md_hash[16]; /* MD5 hash. */ 206 } __packed; 207 #ifndef _OpenSSL_ 208 static __inline void 209 eli_metadata_encode(struct g_eli_metadata *md, u_char *data) 210 { 211 MD5_CTX ctx; 212 u_char *p; 213 214 p = data; 215 bcopy(md->md_magic, p, sizeof(md->md_magic)); p += sizeof(md->md_magic); 216 le32enc(p, md->md_version); p += sizeof(md->md_version); 217 le32enc(p, md->md_flags); p += sizeof(md->md_flags); 218 le16enc(p, md->md_ealgo); p += sizeof(md->md_ealgo); 219 le16enc(p, md->md_keylen); p += sizeof(md->md_keylen); 220 le16enc(p, md->md_aalgo); p += sizeof(md->md_aalgo); 221 le64enc(p, md->md_provsize); p += sizeof(md->md_provsize); 222 le32enc(p, md->md_sectorsize); p += sizeof(md->md_sectorsize); 223 *p = md->md_keys; p += sizeof(md->md_keys); 224 le32enc(p, md->md_iterations); p += sizeof(md->md_iterations); 225 bcopy(md->md_salt, p, sizeof(md->md_salt)); p += sizeof(md->md_salt); 226 bcopy(md->md_mkeys, p, sizeof(md->md_mkeys)); p += sizeof(md->md_mkeys); 227 MD5Init(&ctx); 228 MD5Update(&ctx, data, p - data); 229 MD5Final(md->md_hash, &ctx); 230 bcopy(md->md_hash, p, sizeof(md->md_hash)); 231 } 232 static __inline int 233 eli_metadata_decode_v0(const u_char *data, struct g_eli_metadata *md) 234 { 235 MD5_CTX ctx; 236 const u_char *p; 237 238 p = data + sizeof(md->md_magic) + sizeof(md->md_version); 239 md->md_flags = le32dec(p); p += sizeof(md->md_flags); 240 md->md_ealgo = le16dec(p); p += sizeof(md->md_ealgo); 241 md->md_keylen = le16dec(p); p += sizeof(md->md_keylen); 242 md->md_provsize = le64dec(p); p += sizeof(md->md_provsize); 243 md->md_sectorsize = le32dec(p); p += sizeof(md->md_sectorsize); 244 md->md_keys = *p; p += sizeof(md->md_keys); 245 md->md_iterations = le32dec(p); p += sizeof(md->md_iterations); 246 bcopy(p, md->md_salt, sizeof(md->md_salt)); p += sizeof(md->md_salt); 247 bcopy(p, md->md_mkeys, sizeof(md->md_mkeys)); p += sizeof(md->md_mkeys); 248 MD5Init(&ctx); 249 MD5Update(&ctx, data, p - data); 250 MD5Final(md->md_hash, &ctx); 251 if (bcmp(md->md_hash, p, 16) != 0) 252 return (EINVAL); 253 return (0); 254 } 255 256 static __inline int 257 eli_metadata_decode_v1v2v3v4v5(const u_char *data, struct g_eli_metadata *md) 258 { 259 MD5_CTX ctx; 260 const u_char *p; 261 262 p = data + sizeof(md->md_magic) + sizeof(md->md_version); 263 md->md_flags = le32dec(p); p += sizeof(md->md_flags); 264 md->md_ealgo = le16dec(p); p += sizeof(md->md_ealgo); 265 md->md_keylen = le16dec(p); p += sizeof(md->md_keylen); 266 md->md_aalgo = le16dec(p); p += sizeof(md->md_aalgo); 267 md->md_provsize = le64dec(p); p += sizeof(md->md_provsize); 268 md->md_sectorsize = le32dec(p); p += sizeof(md->md_sectorsize); 269 md->md_keys = *p; p += sizeof(md->md_keys); 270 md->md_iterations = le32dec(p); p += sizeof(md->md_iterations); 271 bcopy(p, md->md_salt, sizeof(md->md_salt)); p += sizeof(md->md_salt); 272 bcopy(p, md->md_mkeys, sizeof(md->md_mkeys)); p += sizeof(md->md_mkeys); 273 MD5Init(&ctx); 274 MD5Update(&ctx, data, p - data); 275 MD5Final(md->md_hash, &ctx); 276 if (bcmp(md->md_hash, p, 16) != 0) 277 return (EINVAL); 278 return (0); 279 } 280 static __inline int 281 eli_metadata_decode(const u_char *data, struct g_eli_metadata *md) 282 { 283 int error; 284 285 bcopy(data, md->md_magic, sizeof(md->md_magic)); 286 md->md_version = le32dec(data + sizeof(md->md_magic)); 287 switch (md->md_version) { 288 case 0: 289 error = eli_metadata_decode_v0(data, md); 290 break; 291 case 1: 292 case 2: 293 case 3: 294 case 4: 295 case 5: 296 error = eli_metadata_decode_v1v2v3v4v5(data, md); 297 break; 298 default: 299 error = EINVAL; 300 break; 301 } 302 return (error); 303 } 304 #endif /* !_OpenSSL */ 305 306 static __inline u_int 307 g_eli_str2ealgo(const char *name) 308 { 309 310 if (strcasecmp("null", name) == 0) 311 return (CRYPTO_NULL_CBC); 312 else if (strcasecmp("null-cbc", name) == 0) 313 return (CRYPTO_NULL_CBC); 314 else if (strcasecmp("aes", name) == 0) 315 return (CRYPTO_AES_XTS); 316 else if (strcasecmp("aes-cbc", name) == 0) 317 return (CRYPTO_AES_CBC); 318 else if (strcasecmp("aes-xts", name) == 0) 319 return (CRYPTO_AES_XTS); 320 else if (strcasecmp("blowfish", name) == 0) 321 return (CRYPTO_BLF_CBC); 322 else if (strcasecmp("blowfish-cbc", name) == 0) 323 return (CRYPTO_BLF_CBC); 324 else if (strcasecmp("camellia", name) == 0) 325 return (CRYPTO_CAMELLIA_CBC); 326 else if (strcasecmp("camellia-cbc", name) == 0) 327 return (CRYPTO_CAMELLIA_CBC); 328 else if (strcasecmp("3des", name) == 0) 329 return (CRYPTO_3DES_CBC); 330 else if (strcasecmp("3des-cbc", name) == 0) 331 return (CRYPTO_3DES_CBC); 332 return (CRYPTO_ALGORITHM_MIN - 1); 333 } 334 335 static __inline u_int 336 g_eli_str2aalgo(const char *name) 337 { 338 339 if (strcasecmp("hmac/md5", name) == 0) 340 return (CRYPTO_MD5_HMAC); 341 else if (strcasecmp("hmac/sha1", name) == 0) 342 return (CRYPTO_SHA1_HMAC); 343 else if (strcasecmp("hmac/ripemd160", name) == 0) 344 return (CRYPTO_RIPEMD160_HMAC); 345 else if (strcasecmp("hmac/sha256", name) == 0) 346 return (CRYPTO_SHA2_256_HMAC); 347 else if (strcasecmp("hmac/sha384", name) == 0) 348 return (CRYPTO_SHA2_384_HMAC); 349 else if (strcasecmp("hmac/sha512", name) == 0) 350 return (CRYPTO_SHA2_512_HMAC); 351 return (CRYPTO_ALGORITHM_MIN - 1); 352 } 353 354 static __inline const char * 355 g_eli_algo2str(u_int algo) 356 { 357 358 switch (algo) { 359 case CRYPTO_NULL_CBC: 360 return ("NULL"); 361 case CRYPTO_AES_CBC: 362 return ("AES-CBC"); 363 case CRYPTO_AES_XTS: 364 return ("AES-XTS"); 365 case CRYPTO_BLF_CBC: 366 return ("Blowfish-CBC"); 367 case CRYPTO_CAMELLIA_CBC: 368 return ("CAMELLIA-CBC"); 369 case CRYPTO_3DES_CBC: 370 return ("3DES-CBC"); 371 case CRYPTO_MD5_HMAC: 372 return ("HMAC/MD5"); 373 case CRYPTO_SHA1_HMAC: 374 return ("HMAC/SHA1"); 375 case CRYPTO_RIPEMD160_HMAC: 376 return ("HMAC/RIPEMD160"); 377 case CRYPTO_SHA2_256_HMAC: 378 return ("HMAC/SHA256"); 379 case CRYPTO_SHA2_384_HMAC: 380 return ("HMAC/SHA384"); 381 case CRYPTO_SHA2_512_HMAC: 382 return ("HMAC/SHA512"); 383 } 384 return ("unknown"); 385 } 386 387 static __inline void 388 eli_metadata_dump(const struct g_eli_metadata *md) 389 { 390 static const char hex[] = "0123456789abcdef"; 391 char str[sizeof(md->md_mkeys) * 2 + 1]; 392 u_int i; 393 394 printf(" magic: %s\n", md->md_magic); 395 printf(" version: %u\n", (u_int)md->md_version); 396 printf(" flags: 0x%x\n", (u_int)md->md_flags); 397 printf(" ealgo: %s\n", g_eli_algo2str(md->md_ealgo)); 398 printf(" keylen: %u\n", (u_int)md->md_keylen); 399 if (md->md_flags & G_ELI_FLAG_AUTH) 400 printf(" aalgo: %s\n", g_eli_algo2str(md->md_aalgo)); 401 printf(" provsize: %ju\n", (uintmax_t)md->md_provsize); 402 printf("sectorsize: %u\n", (u_int)md->md_sectorsize); 403 printf(" keys: 0x%02x\n", (u_int)md->md_keys); 404 printf("iterations: %u\n", (u_int)md->md_iterations); 405 bzero(str, sizeof(str)); 406 for (i = 0; i < sizeof(md->md_salt); i++) { 407 str[i * 2] = hex[md->md_salt[i] >> 4]; 408 str[i * 2 + 1] = hex[md->md_salt[i] & 0x0f]; 409 } 410 printf(" Salt: %s\n", str); 411 bzero(str, sizeof(str)); 412 for (i = 0; i < sizeof(md->md_mkeys); i++) { 413 str[i * 2] = hex[md->md_mkeys[i] >> 4]; 414 str[i * 2 + 1] = hex[md->md_mkeys[i] & 0x0f]; 415 } 416 printf("Master Key: %s\n", str); 417 bzero(str, sizeof(str)); 418 for (i = 0; i < 16; i++) { 419 str[i * 2] = hex[md->md_hash[i] >> 4]; 420 str[i * 2 + 1] = hex[md->md_hash[i] & 0x0f]; 421 } 422 printf(" MD5 hash: %s\n", str); 423 } 424 425 static __inline u_int 426 g_eli_keylen(u_int algo, u_int keylen) 427 { 428 429 switch (algo) { 430 case CRYPTO_NULL_CBC: 431 if (keylen == 0) 432 keylen = 64 * 8; 433 else { 434 if (keylen > 64 * 8) 435 keylen = 0; 436 } 437 return (keylen); 438 case CRYPTO_AES_CBC: 439 case CRYPTO_CAMELLIA_CBC: 440 switch (keylen) { 441 case 0: 442 return (128); 443 case 128: 444 case 192: 445 case 256: 446 return (keylen); 447 default: 448 return (0); 449 } 450 case CRYPTO_AES_XTS: 451 switch (keylen) { 452 case 0: 453 return (128); 454 case 128: 455 case 256: 456 return (keylen); 457 default: 458 return (0); 459 } 460 case CRYPTO_BLF_CBC: 461 if (keylen == 0) 462 return (128); 463 if (keylen < 128 || keylen > 448) 464 return (0); 465 if ((keylen % 32) != 0) 466 return (0); 467 return (keylen); 468 case CRYPTO_3DES_CBC: 469 if (keylen == 0 || keylen == 192) 470 return (192); 471 return (0); 472 default: 473 return (0); 474 } 475 } 476 477 static __inline u_int 478 g_eli_hashlen(u_int algo) 479 { 480 481 switch (algo) { 482 case CRYPTO_MD5_HMAC: 483 return (16); 484 case CRYPTO_SHA1_HMAC: 485 return (20); 486 case CRYPTO_RIPEMD160_HMAC: 487 return (20); 488 case CRYPTO_SHA2_256_HMAC: 489 return (32); 490 case CRYPTO_SHA2_384_HMAC: 491 return (48); 492 case CRYPTO_SHA2_512_HMAC: 493 return (64); 494 } 495 return (0); 496 } 497 498 #ifdef _KERNEL 499 int g_eli_read_metadata(struct g_class *mp, struct g_provider *pp, 500 struct g_eli_metadata *md); 501 struct g_geom *g_eli_create(struct gctl_req *req, struct g_class *mp, 502 struct g_provider *bpp, const struct g_eli_metadata *md, 503 const u_char *mkey, int nkey); 504 int g_eli_destroy(struct g_eli_softc *sc, boolean_t force); 505 506 int g_eli_access(struct g_provider *pp, int dr, int dw, int de); 507 void g_eli_config(struct gctl_req *req, struct g_class *mp, const char *verb); 508 509 void g_eli_read_done(struct bio *bp); 510 void g_eli_write_done(struct bio *bp); 511 int g_eli_crypto_rerun(struct cryptop *crp); 512 uint8_t *g_eli_crypto_key(struct g_eli_softc *sc, off_t offset, 513 size_t blocksize); 514 void g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv, 515 size_t size); 516 517 void g_eli_crypto_read(struct g_eli_softc *sc, struct bio *bp, boolean_t fromworker); 518 void g_eli_crypto_run(struct g_eli_worker *wr, struct bio *bp); 519 520 void g_eli_auth_read(struct g_eli_softc *sc, struct bio *bp); 521 void g_eli_auth_run(struct g_eli_worker *wr, struct bio *bp); 522 #endif 523 524 void g_eli_mkey_hmac(unsigned char *mkey, const unsigned char *key); 525 int g_eli_mkey_decrypt(const struct g_eli_metadata *md, 526 const unsigned char *key, unsigned char *mkey, unsigned *nkeyp); 527 int g_eli_mkey_encrypt(unsigned algo, const unsigned char *key, unsigned keylen, 528 unsigned char *mkey); 529 #ifdef _KERNEL 530 void g_eli_mkey_propagate(struct g_eli_softc *sc, const unsigned char *mkey); 531 #endif 532 533 int g_eli_crypto_encrypt(u_int algo, u_char *data, size_t datasize, 534 const u_char *key, size_t keysize); 535 int g_eli_crypto_decrypt(u_int algo, u_char *data, size_t datasize, 536 const u_char *key, size_t keysize); 537 538 struct hmac_ctx { 539 SHA512_CTX shactx; 540 u_char k_opad[128]; 541 }; 542 543 void g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey, 544 size_t hkeylen); 545 void g_eli_crypto_hmac_update(struct hmac_ctx *ctx, const uint8_t *data, 546 size_t datasize); 547 void g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize); 548 void g_eli_crypto_hmac(const uint8_t *hkey, size_t hkeysize, 549 const uint8_t *data, size_t datasize, uint8_t *md, size_t mdsize); 550 551 #ifdef _KERNEL 552 void g_eli_key_init(struct g_eli_softc *sc); 553 void g_eli_key_destroy(struct g_eli_softc *sc); 554 uint8_t *g_eli_key_hold(struct g_eli_softc *sc, off_t offset, size_t blocksize); 555 void g_eli_key_drop(struct g_eli_softc *sc, uint8_t *rawkey); 556 #endif 557 #endif /* !_G_ELI_H_ */ 558