Bug 194304 - gbde does not announce destroyed keys
Summary: gbde does not announce destroyed keys
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-10-11 17:58 UTC by mwlucas
Modified: 2014-10-14 16:35 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description mwlucas 2014-10-11 17:58:40 UTC
One key feature of GBDE is that it's supposed to say "The passphrase exists, but the key has been destroyed." This feature no longer works. (See the discussion at https://lists.freebsd.org/pipermail/freebsd-hackers/2014-October/046239.html)

Here's some examples:


# gbde nuke gpt/encrypted -l /etc/encrypted.lock -n -1
Enter passphrase:
Opened with key 0
Nuked key 0
Nuked key 1
Nuked key 2
Nuked key 3
# gbde attach gpt/encrypted -l /etc/encrypted.lock
Enter passphrase:
#

The .bde device isn't there, and my filesystem is gone. But I received
no confirmation that the keys were destroyed.

I also didn't get a message that the device couldn't be attached,
although it clearly isn't.

Let's try 'gbde destroy'.

# gbde init /dev/gpt/encrypted -L /etc/encrypted.lock
Enter new passphrase:
Reenter new passphrase:
# gbde destroy gpt/encrypted -l /etc/encrypted.lock
Enter passphrase:
Opened with key 0
# gbde attach gpt/encrypted -l /etc/encrypted.lock
Enter passphrase:
#

The device isn't attached, it just fails silently. And failing with a
specific complaint is the whole point of GBDE.
Comment 1 mwlucas 2014-10-14 16:35:21 UTC
This seems to be a generic GBDE error message breakage. Here I change key 0's passphrase and key file.

# gbde setkey da0p1 -n 0 -l da0p1.lock -k rat.jpg -L da0p1.lock-new
Enter passphrase:
Opened with key 0
Enter new passphrase:
Reenter new passphrase:

I now have a new lock file with a new passphrase. Let's try the old key file and see what happens. It appears to work, except it doesn't.

# gbde attach da0p1 -l da0p1.lock -k rat.jpg
Enter passphrase:
# ls /dev/da0p1*
/dev/da0p1
# gbde detach da0p1
gbde: Detach of da0p1 failed: Geom not found: "da0p1.bde"

The new lock file and passphrase do work.

I would have expected the attach command to call me an idiot rather than fail silently. An ignorant, uneducated, non-programmer look at the code encourages my belief.