13 #include <linux/random.h>
14 #include <libscrypt.h>
19 char *read_passphrase(const char *prompt)
25 if (isatty(STDIN_FILENO)) {
26 struct termios old, new;
28 fprintf(stderr, "%s", prompt);
31 if (tcgetattr(STDIN_FILENO, &old))
32 die("error getting terminal attrs");
36 if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &new))
37 die("error setting terminal attrs");
39 len = getline(&buf, &buflen, stdin);
41 tcsetattr(STDIN_FILENO, TCSAFLUSH, &old);
42 fprintf(stderr, "\n");
44 len = getline(&buf, &buflen, stdin);
48 die("error reading passphrase");
49 if (len && buf[len - 1] == '\n')
55 void derive_passphrase(struct bch_sb_field_crypt *crypt,
57 const char *passphrase)
59 const unsigned char salt[] = "bcache";
62 switch (BCH_CRYPT_KDF_TYPE(crypt)) {
64 ret = libscrypt_scrypt((void *) passphrase, strlen(passphrase),
66 1ULL << BCH_KDF_SCRYPT_N(crypt),
67 1ULL << BCH_KDF_SCRYPT_R(crypt),
68 1ULL << BCH_KDF_SCRYPT_P(crypt),
69 (void *) key, sizeof(*key));
71 die("scrypt error: %i", ret);
74 die("unknown kdf type %llu", BCH_CRYPT_KDF_TYPE(crypt));
78 void bch_sb_crypt_init(struct bch_sb *sb,
79 struct bch_sb_field_crypt *crypt,
80 const char *passphrase)
82 struct bch_key passphrase_key;
84 SET_BCH_CRYPT_KDF_TYPE(crypt, BCH_KDF_SCRYPT);
85 SET_BCH_KDF_SCRYPT_N(crypt, ilog2(SCRYPT_N));
86 SET_BCH_KDF_SCRYPT_R(crypt, ilog2(SCRYPT_r));
87 SET_BCH_KDF_SCRYPT_P(crypt, ilog2(SCRYPT_p));
89 derive_passphrase(crypt, &passphrase_key, passphrase);
91 crypt->key.magic = BCH_KEY_MAGIC;
92 get_random_bytes(&crypt->key.key, sizeof(crypt->key.key));
94 assert(!bch_key_is_encrypted(&crypt->key));
96 if (bch_chacha_encrypt_key(&passphrase_key, __bch_sb_key_nonce(sb),
97 &crypt->key, sizeof(crypt->key)))
98 die("error encrypting key");
100 assert(bch_key_is_encrypted(&crypt->key));
102 memzero_explicit(&passphrase_key, sizeof(passphrase_key));