Add support for creating and preparing hardware-wrapped keys

ebiggers · ebiggers · commit 8ebbd97a1ba6 · 2025-10-29T15:55:45.000-07:00
Add fscryptctl commands that wrap the BLKCRYPTOIMPORTKEY,
BLKCRYPTOGENERATEKEY, and BLKCRYPTOPREPAREKEY ioctls that were added in
Linux 6.15.  These are needed to use hardware-wrapped keys.
diff --git a/NEWS.md b/NEWS.md
@@ -4,6 +4,9 @@
 
 * `fscryptctl add_key` now supports the `--hw-wrapped-key` option.
 
+* Added new commands `fscryptctl import_hw_wrapped_key`,
+  `fscryptctl generate_hw_wrapped_key`, and `fscryptctl prepare_hw_wrapped_key`.
+
 ## Version 1.2.0
 
 * `fscryptctl set_policy` now accepts the `--data-unit-size` option.
diff --git a/README.md b/README.md
@@ -29,6 +29,7 @@ For the release notes, see the [NEWS file](NEWS.md).
 - [Runtime Dependencies](#runtime-dependencies)
 - [Features](#features)
 - [Example Usage](#example-usage)
+- [Example Usage with Hardware-Wrapped Key](#example-usage-with-hardware-wrapped-key)
 - [Contributing](#contributing)
 - [Legal](#legal)
 
@@ -72,6 +73,9 @@ tips](https://github.com/google/fscrypt#getting-encryption-not-enabled-on-an-ext
 * `fscryptctl key_status` - get the status of an encryption key on a filesystem
 * `fscryptctl get_policy` - get the encryption policy of a file or directory
 * `fscryptctl set_policy` - set the encryption policy of an empty directory
+* `fscryptctl import_hw_wrapped_key` - import a hardware-wrapped key
+* `fscryptctl generate_hw_wrapped_key` - generate a hardware-wrapped key
+* `fscryptctl prepare_hw_wrapped_key` - prepare a hardware-wrapped key
 
 For full usage details, see the manual page (`man fscryptctl`), or alternatively
 run `fscryptctl --help`.
@@ -154,6 +158,18 @@ bar foo
 foo
 ```
 
+## Example Usage with Hardware-Wrapped Key
+
+```shell
+> mkfs.ext4 -O encrypt /dev/vdb
+> mount /dev/vdb -o inlinecrypt /mnt
+> head -c 32 /dev/urandom | fscryptctl import_hw_wrapped_key /dev/vdb > /tmp/lt_key
+> fscryptctl prepare_hw_wrapped_key /dev/vdb < /tmp/lt_key | fscryptctl add_key --hw-wrapped-key /mnt
+f12fccad977328d20a16c79627787a1c
+> mkdir /mnt/dir
+> fscryptctl set_policy f12fccad977328d20a16c79627787a1c /mnt/dir
+```
+
 ## Contributing
 
 We would love to accept your contributions to `fscryptctl`.  See the
diff --git a/fscryptctl.1.md b/fscryptctl.1.md
@@ -9,7 +9,10 @@ fscryptctl - low-level userspace tool for Linux filesystem encryption
 **fscryptctl remove_key** [*OPTION*...] *KEY_IDENTIFIER* *MOUNTPOINT* \
 **fscryptctl key_status** *KEY_IDENTIFIER* *MOUNTPOINT* \
 **fscryptctl get_policy** *PATH* \
-**fscryptctl set_policy** [*OPTION*...] *KEY_IDENTIFIER* *DIRECTORY*
+**fscryptctl set_policy** [*OPTION*...] *KEY_IDENTIFIER* *DIRECTORY* \
+**fscryptctl import_hw_wrapped_key** *BLOCK_DEVICE* \
+**fscryptctl generate_hw_wrapped_key** *BLOCK_DEVICE* \
+**fscryptctl prepare_hw_wrapped_key** *BLOCK_DEVICE*
 
 # DESCRIPTION
 
@@ -147,6 +150,40 @@ Options accepted by **fscryptctl set_policy**:
 :   Select the crypto data unit size, i.e. the granularity of file contents
     encryption, in bytes.
 
+## **fscryptctl import_hw_wrapped_key** *BLOCK_DEVICE*
+
+Create a hardware-wrapped inline encryption key by importing a raw key, turning
+it into a long-term wrapped key.  The raw key is read from standard input and
+the long-term wrapped key blob is written to standard output, both in binary.
+
+This subcommand is a thin wrapper around the **BLKCRYPTOIMPORTKEY** ioctl.  For
+more information, see the kernel documentation.
+
+**fscryptctl import_hw_wrapped_key** does not accept any options.
+
+## **fscryptctl generate_hw_wrapped_key** *BLOCK_DEVICE*
+
+Create a hardware-wrapped inline encryption key by having the hardware generate
+one.  The new long-term wrapped key blob is written to standard output in
+binary.
+
+This subcommand is a thin wrapper around the **BLKCRYPTOGENERATEKEY** ioctl.
+For more information, see the kernel documentation.
+
+**fscryptctl generate_hw_wrapped_key** does not accept any options.
+
+## **fscryptctl prepare_hw_wrapped_key** *BLOCK_DEVICE*
+
+Prepares a hardware-wrapped inline encryption key to be used by converting it
+from long-term wrapped form to ephemerally-wrapped form.  The long-term wrapped
+key blob is read from standard input and the ephemerally-wrapped key blob is
+written to standard output, both in binary.
+
+This subcommand is a thin wrapper around the **BLKCRYPTOPREPAREKEY** ioctl.  For
+more information, see the kernel documentation.
+
+**fscryptctl prepare_hw_wrapped_key** does not accept any options.
+
 # SEE ALSO
 
 * [**fscryptctl** README
@@ -157,3 +194,6 @@ Options accepted by **fscryptctl set_policy**:
 
 * [**fscrypt** tool, recommended for most users over
   fscryptctl](https://github.com/google/fscrypt)
+
+* [Linux kernel documentation for hardware-wrapped
+  keys](https://docs.kernel.org/block/inline-encryption.html#hardware-wrapped-keys)
diff --git a/fscryptctl.c b/fscryptctl.c
@@ -34,6 +34,7 @@
 #include <sys/utsname.h>
 #include <unistd.h>
 
+#include "blk-crypto_uapi.h"
 #include "fscrypt_uapi.h"
 
 #ifndef VERSION
@@ -134,6 +135,13 @@ static void __attribute__((__noreturn__)) usage(FILE *out) {
       "  fscryptctl set_policy <key identifier> <directory>\n"
       "    Set up an encryption policy on the specified directory with the\n"
       "    specified key identifier.\n"
+      "  fscryptctl import_hw_wrapped_key <block device>\n"
+      "    Create a hardware-wrapped key by importing a raw key.\n"
+      "  fscryptctl generate_hw_wrapped_key <block device>\n"
+      "    Create a hardware-wrapped key by generating one in hardware.\n"
+      "  fscryptctl prepare_hw_wrapped_key <block device>\n"
+      "    Prepare a hardware-wrapped key to be used by converting it from\n"
+      "    long-term wrapped form to ephemerally-wrapped form.\n"
       "\nOptions:\n"
       "    -h, --help\n"
       "        print this help screen\n"
@@ -778,6 +786,125 @@ static int cmd_set_policy(int argc, char *const argv[]) {
   return EXIT_SUCCESS;
 }
 
+static int cmd_import_hw_wrapped_key(int argc, char *const argv[]) {
+  handle_no_options(&argc, &argv);
+  if (argc != 1) {
+    fputs("error: must specify a single block device\n", stderr);
+    return EXIT_FAILURE;
+  }
+  const char *blkdev = argv[0];
+  int status = EXIT_FAILURE;
+
+  struct blk_crypto_import_key_arg arg = {0};
+  uint8_t *raw_key = xzalloc(FSCRYPT_MAX_KEY_SIZE);
+  uint8_t *lt_key = xzalloc(MAX_WRAPPED_KEY_SIZE);
+  arg.raw_key_ptr = (uintptr_t)raw_key;
+  arg.raw_key_size = read_key(raw_key, FSCRYPT_MAX_KEY_SIZE);
+  if (arg.raw_key_size == 0) {
+    goto cleanup;
+  }
+  arg.lt_key_ptr = (uintptr_t)lt_key;
+  arg.lt_key_size = MAX_WRAPPED_KEY_SIZE;
+
+  int fd = open(blkdev, O_RDONLY | O_CLOEXEC);
+  if (fd < 0) {
+    fprintf(stderr, "error: opening %s: %s\n", blkdev, strerror(errno));
+    goto cleanup;
+  }
+  if (ioctl(fd, BLKCRYPTOIMPORTKEY, &arg) != 0) {
+    fprintf(stderr, "error: importing hardware-wrapped key: %s\n",
+            strerror(errno));
+    close(fd);
+    goto cleanup;
+  }
+  close(fd);
+  if (!full_write(STDOUT_FILENO, lt_key, arg.lt_key_size)) {
+    goto cleanup;
+  }
+  status = EXIT_SUCCESS;
+cleanup:
+  wipe_and_free(raw_key, FSCRYPT_MAX_KEY_SIZE);
+  wipe_and_free(lt_key, MAX_WRAPPED_KEY_SIZE);
+  return status;
+}
+
+static int cmd_generate_hw_wrapped_key(int argc, char *const argv[]) {
+  handle_no_options(&argc, &argv);
+  if (argc != 1) {
+    fputs("error: must specify a single block device\n", stderr);
+    return EXIT_FAILURE;
+  }
+  const char *blkdev = argv[0];
+  int status = EXIT_FAILURE;
+
+  struct blk_crypto_generate_key_arg arg = {0};
+  uint8_t *lt_key = xzalloc(MAX_WRAPPED_KEY_SIZE);
+  arg.lt_key_ptr = (uintptr_t)lt_key;
+  arg.lt_key_size = MAX_WRAPPED_KEY_SIZE;
+
+  int fd = open(blkdev, O_RDONLY | O_CLOEXEC);
+  if (fd < 0) {
+    fprintf(stderr, "error: opening %s: %s\n", blkdev, strerror(errno));
+    goto cleanup;
+  }
+  if (ioctl(fd, BLKCRYPTOGENERATEKEY, &arg) != 0) {
+    fprintf(stderr, "error: generating hardware-wrapped key: %s\n",
+            strerror(errno));
+    close(fd);
+    goto cleanup;
+  }
+  close(fd);
+  if (!full_write(STDOUT_FILENO, lt_key, arg.lt_key_size)) {
+    goto cleanup;
+  }
+  status = EXIT_SUCCESS;
+cleanup:
+  wipe_and_free(lt_key, MAX_WRAPPED_KEY_SIZE);
+  return status;
+}
+
+static int cmd_prepare_hw_wrapped_key(int argc, char *const argv[]) {
+  handle_no_options(&argc, &argv);
+  if (argc != 1) {
+    fputs("error: must specify a single block device\n", stderr);
+    return EXIT_FAILURE;
+  }
+  const char *blkdev = argv[0];
+  int status = EXIT_FAILURE;
+
+  struct blk_crypto_prepare_key_arg arg = {0};
+  uint8_t *lt_key = xzalloc(MAX_WRAPPED_KEY_SIZE);
+  uint8_t *eph_key = xzalloc(MAX_WRAPPED_KEY_SIZE);
+  arg.lt_key_ptr = (uintptr_t)lt_key;
+  arg.lt_key_size = read_key(lt_key, MAX_WRAPPED_KEY_SIZE);
+  if (arg.lt_key_size == 0) {
+    goto cleanup;
+  }
+  arg.eph_key_ptr = (uintptr_t)eph_key;
+  arg.eph_key_size = MAX_WRAPPED_KEY_SIZE;
+
+  int fd = open(blkdev, O_RDONLY | O_CLOEXEC);
+  if (fd < 0) {
+    fprintf(stderr, "error: opening %s: %s\n", blkdev, strerror(errno));
+    goto cleanup;
+  }
+  if (ioctl(fd, BLKCRYPTOPREPAREKEY, &arg) != 0) {
+    fprintf(stderr, "error: preparing hardware-wrapped key: %s\n",
+            strerror(errno));
+    close(fd);
+    goto cleanup;
+  }
+  close(fd);
+  if (!full_write(STDOUT_FILENO, eph_key, arg.eph_key_size)) {
+    goto cleanup;
+  }
+  status = EXIT_SUCCESS;
+cleanup:
+  wipe_and_free(lt_key, MAX_WRAPPED_KEY_SIZE);
+  wipe_and_free(eph_key, MAX_WRAPPED_KEY_SIZE);
+  return status;
+}
+
 // -----------------------------------------------------------------------------
 //                            The main() function
 // -----------------------------------------------------------------------------
@@ -786,9 +913,14 @@ static const struct {
   const char *name;
   int (*func)(int argc, char *const argv[]);
 } commands[] = {
-    {"add_key", cmd_add_key},       {"remove_key", cmd_remove_key},
-    {"key_status", cmd_key_status}, {"get_policy", cmd_get_policy},
+    {"add_key", cmd_add_key},
+    {"remove_key", cmd_remove_key},
+    {"key_status", cmd_key_status},
+    {"get_policy", cmd_get_policy},
     {"set_policy", cmd_set_policy},
+    {"import_hw_wrapped_key", cmd_import_hw_wrapped_key},
+    {"generate_hw_wrapped_key", cmd_generate_hw_wrapped_key},
+    {"prepare_hw_wrapped_key", cmd_prepare_hw_wrapped_key},
 };
 
 int main(int argc, char *const argv[]) {
