diff --git a/man/systemd-creds.xml b/man/systemd-creds.xml index 60f38f6bd9..5f52540e84 100644 --- a/man/systemd-creds.xml +++ b/man/systemd-creds.xml @@ -310,7 +310,7 @@ When specified with the encrypt command controls the encryption/signature key to use. Takes one of host, tpm2, - host+tpm2, tpm2-absent, auto, + host+tpm2, null, auto, auto-initrd. See above for details on the three key types. If set to auto (which is the default) the TPM2 key is used if a TPM2 device is found and not running in a container. The host key is used if /var/lib/systemd/ is on @@ -318,13 +318,13 @@ chip and the OS installation, and both need to be available to decrypt the credential again. If auto is selected but neither TPM2 is available (or running in container) nor /var/lib/systemd/ is on persistent media, encryption will fail. If set to - tpm2-absent a fixed zero length key is used (thus, in this mode no confidentiality + null a fixed zero length key is used (thus, in this mode no confidentiality nor authenticity are provided!). This logic is useful to cover for systems that lack a TPM2 chip but where credentials shall be generated. Note that decryption of such credentials is refused on systems that have a TPM2 chip and where UEFI SecureBoot is enabled (this is done so that such a locked down system cannot be tricked into loading a credential generated this way that lacks authentication information). If set to auto-initrd a TPM2 key is used if a TPM2 is found. If not - a fixed zero length key is used, equivalent to tpm2-absent mode. This option is + a fixed zero length key is used, equivalent to null mode. This option is particularly useful to generate credentials files that are encrypted/authenticated against TPM2 where available but still work on systems lacking support for this. diff --git a/src/creds/creds.c b/src/creds/creds.c index 5586baff9a..f84eee292b 100644 --- a/src/creds/creds.c +++ b/src/creds/creds.c @@ -843,8 +843,8 @@ static int parse_argv(int argc, char *argv[]) { arg_with_key = CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC; else if (STR_IN_SET(optarg, "host+tpm2-with-public-key", "tpm2-with-public-key+host")) arg_with_key = CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC_WITH_PK; - else if (streq(optarg, "tpm2-absent")) - arg_with_key = CRED_AES256_GCM_BY_TPM2_ABSENT; + else if (STR_IN_SET(optarg, "null", "tpm2-absent")) + arg_with_key = CRED_AES256_GCM_BY_NULL; else return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown key type: %s", optarg); diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c index 0026da5b48..1c12fdfa9f 100644 --- a/src/shared/creds-util.c +++ b/src/shared/creds-util.c @@ -760,7 +760,7 @@ int encrypt_credential_and_warn( CRED_AES256_GCM_BY_TPM2_HMAC_WITH_PK, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC_WITH_PK, - CRED_AES256_GCM_BY_TPM2_ABSENT)) + CRED_AES256_GCM_BY_NULL)) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid key type: " SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(with_key)); if (name && !credential_name_valid(name)) @@ -911,14 +911,14 @@ int encrypt_credential_and_warn( else if (host_key) id = CRED_AES256_GCM_BY_HOST; else if (sd_id128_equal(with_key, _CRED_AUTO_INITRD)) - id = CRED_AES256_GCM_BY_TPM2_ABSENT; + id = CRED_AES256_GCM_BY_NULL; else return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "TPM2 not available and host key located on temporary file system, no encryption key available."); } else id = with_key; - if (sd_id128_equal(id, CRED_AES256_GCM_BY_TPM2_ABSENT)) + if (sd_id128_equal(id, CRED_AES256_GCM_BY_NULL)) log_warning("Using a null key for encryption and signing. Confidentiality or authenticity will not be provided."); /* Let's now take the host key and the TPM2 key and hash it together, to use as encryption key for the data */ @@ -1092,7 +1092,7 @@ int decrypt_credential_and_warn( struct encrypted_credential_header *h; struct metadata_credential_header *m; uint8_t md[SHA256_DIGEST_LENGTH]; - bool with_tpm2, with_host_key, is_tpm2_absent, with_tpm2_pk; + bool with_tpm2, with_tpm2_pk, with_host_key, with_null; const EVP_CIPHER *cc; int r, added; @@ -1109,9 +1109,9 @@ int decrypt_credential_and_warn( with_host_key = sd_id128_in_set(h->id, CRED_AES256_GCM_BY_HOST, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC_WITH_PK); with_tpm2_pk = sd_id128_in_set(h->id, CRED_AES256_GCM_BY_TPM2_HMAC_WITH_PK, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC_WITH_PK); with_tpm2 = sd_id128_in_set(h->id, CRED_AES256_GCM_BY_TPM2_HMAC, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC) || with_tpm2_pk; - is_tpm2_absent = sd_id128_equal(h->id, CRED_AES256_GCM_BY_TPM2_ABSENT); + with_null = sd_id128_equal(h->id, CRED_AES256_GCM_BY_NULL); - if (!with_host_key && !with_tpm2 && !is_tpm2_absent) + if (!with_host_key && !with_tpm2 && !with_null) return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Unknown encryption format, or corrupted data: %m"); if (with_tpm2_pk) { @@ -1120,7 +1120,7 @@ int decrypt_credential_and_warn( return log_error_errno(r, "Failed to load pcr signature: %m"); } - if (is_tpm2_absent) { + if (with_null) { /* So this is a credential encrypted with a zero length key. We support this to cover for the * case where neither a host key not a TPM2 are available (specifically: initrd environments * where the host key is not yet accessible and no TPM2 chip exists at all), to minimize @@ -1257,7 +1257,7 @@ int decrypt_credential_and_warn( return log_error_errno(r, "Failed to determine local credential key: %m"); } - if (is_tpm2_absent) + if (with_null) log_warning("Warning: using a null key for decryption and authentication. Confidentiality or authenticity are not provided."); sha256_hash_host_and_tpm2_key(host_key, host_key_size, tpm2_key, tpm2_key_size, md); diff --git a/src/shared/creds-util.h b/src/shared/creds-util.h index 36ca0fb610..b34dba7cc2 100644 --- a/src/shared/creds-util.h +++ b/src/shared/creds-util.h @@ -67,7 +67,7 @@ int get_credential_user_password(const char *username, char **ret_password, bool #define CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC SD_ID128_MAKE(93,a8,94,09,48,74,44,90,90,ca,f2,fc,93,ca,b5,53) #define CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC_WITH_PK \ SD_ID128_MAKE(af,49,50,a8,49,13,4e,b1,a7,38,46,30,4f,f3,0c,05) -#define CRED_AES256_GCM_BY_TPM2_ABSENT SD_ID128_MAKE(05,84,69,da,f6,f5,43,24,80,05,49,da,0f,8e,a2,fb) +#define CRED_AES256_GCM_BY_NULL SD_ID128_MAKE(05,84,69,da,f6,f5,43,24,80,05,49,da,0f,8e,a2,fb) /* Two special IDs to pick a general automatic mode (i.e. tpm2+host if TPM2 exists, only host otherwise) or * an initrd-specific automatic mode (i.e. tpm2 if firmware can do it, otherwise fixed zero-length key, and