Aw: CBE key encryption

Uwe at
Tue Nov 23 14:03:53 CET 2021

Ideas inline.

> Gesendet: Dienstag, 23. November 2021 um 11:21 Uhr
> Von: "Stefan Thöni" <stefan.thoeni at>
> An: "users" <users at>
> Betreff: CBE key encryption
> Hello Genodians,
> we are still working to add hardware-based encryption to CBE. To this
> end, we have implemented a custom trust anchor and crypto engine.
> Generating a key, encrypting this key on behalf of cbe_init and
> decrypting it again on behalf of the vfs_cbe plugin works fine.
> But then the vfs_cbe requests to have a all zero key encrypted which due
> to the ICV added by hardware black key handling fails. We cannot seam to
Why is an all zero key invalid? In my understanding of crypto such a key
should be possible as well or the implementation is insecure.
> find out where the request originates or why vfs_cbe would ever encrypt
> any key, let alone a key of all zeros.
> Any pointer or idea would by very welcome.
You can compile vfs_cbe with profiling enabled and write a custom profile
function, which uses /dev/log to mark entry and exit of functions. And in
the encryption you check for an all zero key and log this event to /dev/log
too. Then you can trace all calls in the log which led up to this event.

I hope you can make such a implementation (of logging profile and event marks)
available as library because such debugging aid will be needed more universally.
> Kind regards
> Stefan
> _______________________________________________
> Genode users mailing list
> users at

More information about the users mailing list