'luksOpen'` encrypted volumes

[fevo1971]

What new functionality do you want?

I am looking for a tool/script that derives the encryption password from METADATA (that's what I use as KMS) and encryptionPassphrase

What is the value to the end user? (why is it a priority?)

so i will be able to (manually) luksOpen my encrypted volumes e.g. in case of disaster recovery.

How will we know we have a good solution? (acceptance criteria)

any kind of help would be appicated (script, comand line tool or just a HowTo docuemntation)

[nixpanic]

I do not think there is a tool or script that can do this for you. If you write something for it, consider contributing it back to this project.

If you have the keys stored in the metadata of the RBD-image, you can find the encrypted key in the rbd.csi.ceph.com/dek metdata. Each RBD-image has its own key and nounce, stored as JSON.

You can decrypt that the key with the passphrase and nounce (volume id) that were used to encrypt the key. This is the function that does it:

ceph-csi/internal/kms/secretskms.go

Lines 237 to 264 in d376271

	// DecryptDEK takes the JSON formatted `encryptedMetadataDEK` contents, and it
	// fetches secretKMS passphrase to decrypt the DEK.
	func (kms secretsMetadataKMS) DecryptDEK(ctx context.Context, volumeID, encryptedDEK string) (string, error) {
	// use the passphrase from the secretKMS
	passphrase, err := kms.secretsKMS.FetchDEK(ctx, volumeID)
	if err != nil {
	return "", fmt.Errorf("failed to get passphrase: %w", err)
	}
	aead, err := generateCipher(passphrase, volumeID)
	if err != nil {
	return "", fmt.Errorf("failed to generate cipher: %w", err)
	}
	emd := encryptedMetedataDEK{}
	err = json.Unmarshal([]byte(encryptedDEK), &emd)
	if err != nil {
	return "", fmt.Errorf("failed to convert data to "+
	"encryptedMetedataDEK: %w", err)
	}
	dek, err := aead.Open(nil, emd.Nonce, emd.DEK, nil)
	if err != nil {
	return "", fmt.Errorf("failed to decrypt DEK: %w", err)
	}
	return string(dek), nil
	}

[lynxis]

I'm looking for valid test data.
Can someone post some test data?
I would need:

• masterkey
• dek + nonce
• volumeid

from cryptography.hazmat.primitives.ciphers.aead import AESGCM
import hashlib
import binascii

def decrypt(*, masterkey: bytes, volumeid: bytes, dek: bytes, nonce: bytes):
    key = hashlib.scrypt(password=masterkey, salt=volumeid, n=32768, r=8, p=1, maxmem=128*1024*1024, dklen=32)
    aesgcm = AESGCM(key)
    cleartext = aesgcm.decrypt(nonce, dek, None)
    return cleartext

def decrypt_b64(*, masterkey: bytes, volumeid: bytes, dek_b64: str, nonce_b64: str):
    dek = binascii.a2b_base64(dek_b64)
    nonce = binascii.a2b_base64(nonce_b64)
    return decrypt(masterkey=masterkey, volumeid=volumeid, dek=dek, nonce=nonce)

def test_decrypt_b64():
    # TODO: need to find valid example data!
    pass

EDIT: I could validate my function to decrypt at least with the test in secretkms_test.go, but with the live system it doesn't work!

I used secretskms_test.go / TestWorkflowSecretsMetadataKMS() to generate an example DEK.

def test_decrypt_b64():
    metadata = {"dek":"87fHEvZLW3i90CPtJDQIfE1z7cTeiGGdy0dwvjGEy2br4ZdfirvWd1sagwcXR5JYPFgZacpbZC0ynZNZOgSkKZNC6l19yA==","nonce":"iPFWBZhuZ5RRbfkv"}
    masterkey = b'my-passphrase-from-kubernetes'
    volumeid = b'csi-vol-1b00f5f8-b1c1-11e9-8421-9243c1f659f0'
    assert(decrypt_b64(masterkey=masterkey, volumeid=volumeid, dek_b64=metadata['dek'], nonce_b64=metadata['nonce']) ==  b'usually created with generateNewEncryptionPassphrase()')

Why does it not work for live data?
Is the volume id somehow encoded?

• tried uuid as bytes, etc.
• tridd to shorted it, ...

Is the global passphrase from the secret store somehow modified?

• additional salt?
• additional chars?

[lynxis]

The problem was the volume id.
The volume id is not the usual volume id like csi-vol-<uuid>. It is the VolumeHandle!
Even when the tests give a wrong example and everywhere the argument and variable name is VolumeID and not VolumeHandle.

E.g.

    metadata = {"dek":"dek_encrypted_and_encoded_in_base64","nonce":"some_nonce_as_base64"}
    masterkey = b'my-passphrase-from-kubernetes'
    volumeid = volumehandle = b'001-<length_clusterid>-<clusterid>-<poolid>-<volumeid>'

With production data you get a base64 string (which originates from 20 random bytes).
This base64 encoded string is the lukspassword as in its base64 encoded form without decoding.