Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-27720

Allow LUKS2 Key Encryption with GCM to meet Common Criteria FDE-PP

XMLWordPrintable

    • Normal
    • FutureFeature
    • Customer Facing, Customer Reported
    • sst_logical_storage
    • ssg_platform_storage
    • False
    • Hide

      None

      Show
      None
    • All

      What were you trying to do that didn't work?

      Customer is asking that GCM be allowed as a key-cipher to encrypt the LUKS master key such that Red Hat Enterprise Linux with Full Disk Encryption is fully "Common Criteria" compliant.

      REFERENCE: "Common Criteria Full Disk Encryption - Protection Profile:

      https://www.commoncriteriaportal.org/files/ppfiles/CPP_FDE_EE_V2.0E.pdf

      EXAMPLE: luks header information showing XTS is being used for key encryption, we need to be able

      cryptsetup luksDump /dev/sda4

      LUKS header information
      Version: 2
      Epoch: 6
      Metadata area: 16384 [bytes]
      Keyslots area: 16744448 [bytes]
      UUID: 76a0701f-3ee5-45bc-8438-dc48d934051b
      Label: (no label)
      Subsystem: (no subsystem)
      Flags: (no flags)

      Data segments:
      0: crypt
      offset: 16777216 [bytes]
      length: (whole device)
      cipher: aes-xts-plain64 <-----------------AES in XTS mode for data, OK
      sector: 512 [bytes]

      Keyslots:
      0: luks2
      Key: 512 bits
      Priority: normal
      Cipher: aes-xts-plain64 <---------------- AES in XTS mode for key wrap, NOT OK
      Cipher key: 512 bits
      PBKDF: pbkdf2
      Hash: sha256

      Please provide the package NVR for which bug is seen:

      cryptsetup

      How reproducible:

      Always. Encrypting a block device using GCM fails with:

      Steps to reproduce

      1. Create a new disk
      2. Attempt to encrypt with:
        cryptsetup luksFormat --debug --cipher aes-xts-essiv:sha256 --keyslot-cipher=aes-gcm-essiv:sha256 --keyslot-key-size 256 -v -q vaultfile.img keyfile

      Expected results

      Expect we should be able to encrypt the LUKS master key with GCM.

      Actual results

      Command failed with code -1 (wrong or missing parameters).
      um:e95f4658c88a41c8876d72c18af414ff3c5f04a616cd47f598a43dcefe85764d (in-memory)
      Trying to read secondary LUKS2 header at offset 0x4000.
      Reusing open ro fd on device vaultfile.img
      LUKS2 header version 2 of size 16384 bytes, checksum
      sha256.Checksum:ec02992e6358a6f138749bb42c8f7675b660b54462401b1b5edfd1e0a0 d9058b
      e(on-disk)Checksum:ec02992e6358a6f138749bb42c8f7675b660b54462401b1b5edfd1e0a0d9058b
      (in-memory)
      Device size 31457280, offset 16777216.
      Device vaultfile.img READ lock released.
      Existing 'crypto_LUKS' superblock signature on device vaultfile.img will be wiped.
      Existing 'crypto_LUKS' superblock signature on device vaultfile.img will be wiped.
      Releasing crypt device vaultfile.img context.
      Releasing device-mapper backend.
      Closing read only fd for vaultfile.img.
      Closing read write fd for vaultfile.img.
      Unlocking memory.
      Command failed with code -1 (wrong or missing parameters).

            okozina@redhat.com Ondrej Kozina
            rhn-support-cbradsha Christopher Bradshaw
            Ondrej Kozina Ondrej Kozina
            storage-qe storage-qe
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: