59 lines
2.1 KiB
Diff
59 lines
2.1 KiB
Diff
From 0044d32121bf52c4547c6b3c78f12d7305f57e6b Mon Sep 17 00:00:00 2001
|
|
From: Ax333l <main@axelen.xyz>
|
|
Date: Thu, 17 Aug 2023 00:00:00 +0000
|
|
Subject: [PATCH 4/6] Error on missing Argon2id parameters
|
|
|
|
Signed-off-by: Nicholas Johnson <nick@nicholasjohnson.ch>
|
|
---
|
|
grub-core/disk/luks2.c | 13 ++++++++-----
|
|
1 file changed, 8 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
|
|
index d5106402f..bc818ea69 100644
|
|
--- a/grub-core/disk/luks2.c
|
|
+++ b/grub-core/disk/luks2.c
|
|
@@ -38,6 +38,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
|
|
enum grub_luks2_kdf_type
|
|
{
|
|
LUKS2_KDF_TYPE_ARGON2I,
|
|
+ LUKS2_KDF_TYPE_ARGON2ID,
|
|
LUKS2_KDF_TYPE_PBKDF2
|
|
};
|
|
typedef enum grub_luks2_kdf_type grub_luks2_kdf_type_t;
|
|
@@ -90,7 +91,7 @@ struct grub_luks2_keyslot
|
|
grub_int64_t time;
|
|
grub_int64_t memory;
|
|
grub_int64_t cpus;
|
|
- } argon2i;
|
|
+ } argon2;
|
|
struct
|
|
{
|
|
const char *hash;
|
|
@@ -160,10 +161,11 @@ luks2_parse_keyslot (grub_luks2_keyslot_t *out, const grub_json_t *keyslot)
|
|
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing or invalid KDF");
|
|
else if (!grub_strcmp (type, "argon2i") || !grub_strcmp (type, "argon2id"))
|
|
{
|
|
- out->kdf.type = LUKS2_KDF_TYPE_ARGON2I;
|
|
- if (grub_json_getint64 (&out->kdf.u.argon2i.time, &kdf, "time") ||
|
|
- grub_json_getint64 (&out->kdf.u.argon2i.memory, &kdf, "memory") ||
|
|
- grub_json_getint64 (&out->kdf.u.argon2i.cpus, &kdf, "cpus"))
|
|
+ out->kdf.type = !grub_strcmp (type, "argon2i")
|
|
+ ? LUKS2_KDF_TYPE_ARGON2I : LUKS2_KDF_TYPE_ARGON2ID;
|
|
+ if (grub_json_getint64 (&out->kdf.u.argon2.time, &kdf, "time") ||
|
|
+ grub_json_getint64 (&out->kdf.u.argon2.memory, &kdf, "memory") ||
|
|
+ grub_json_getint64 (&out->kdf.u.argon2.cpus, &kdf, "cpus"))
|
|
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing Argon2i parameters");
|
|
}
|
|
else if (!grub_strcmp (type, "pbkdf2"))
|
|
@@ -459,6 +461,7 @@ luks2_decrypt_key (grub_uint8_t *out_key,
|
|
switch (k->kdf.type)
|
|
{
|
|
case LUKS2_KDF_TYPE_ARGON2I:
|
|
+ case LUKS2_KDF_TYPE_ARGON2ID:
|
|
ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Argon2 not supported");
|
|
goto err;
|
|
case LUKS2_KDF_TYPE_PBKDF2:
|
|
--
|
|
2.39.2
|
|
|