From 0044d32121bf52c4547c6b3c78f12d7305f57e6b Mon Sep 17 00:00:00 2001 From: Ax333l <main@axelen.xyz> Date: Thu, 17 Aug 2023 00:00:00 +0000 Subject: [PATCH 4/6] Error on missing Argon2id parameters Signed-off-by: Nicholas Johnson <nick@nicholasjohnson.ch> --- grub-core/disk/luks2.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c index d5106402f..bc818ea69 100644 --- a/grub-core/disk/luks2.c +++ b/grub-core/disk/luks2.c @@ -38,6 +38,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); enum grub_luks2_kdf_type { LUKS2_KDF_TYPE_ARGON2I, + LUKS2_KDF_TYPE_ARGON2ID, LUKS2_KDF_TYPE_PBKDF2 }; typedef enum grub_luks2_kdf_type grub_luks2_kdf_type_t; @@ -90,7 +91,7 @@ struct grub_luks2_keyslot grub_int64_t time; grub_int64_t memory; grub_int64_t cpus; - } argon2i; + } argon2; struct { const char *hash; @@ -160,10 +161,11 @@ luks2_parse_keyslot (grub_luks2_keyslot_t *out, const grub_json_t *keyslot) return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing or invalid KDF"); else if (!grub_strcmp (type, "argon2i") || !grub_strcmp (type, "argon2id")) { - out->kdf.type = LUKS2_KDF_TYPE_ARGON2I; - if (grub_json_getint64 (&out->kdf.u.argon2i.time, &kdf, "time") || - grub_json_getint64 (&out->kdf.u.argon2i.memory, &kdf, "memory") || - grub_json_getint64 (&out->kdf.u.argon2i.cpus, &kdf, "cpus")) + out->kdf.type = !grub_strcmp (type, "argon2i") + ? LUKS2_KDF_TYPE_ARGON2I : LUKS2_KDF_TYPE_ARGON2ID; + if (grub_json_getint64 (&out->kdf.u.argon2.time, &kdf, "time") || + grub_json_getint64 (&out->kdf.u.argon2.memory, &kdf, "memory") || + grub_json_getint64 (&out->kdf.u.argon2.cpus, &kdf, "cpus")) return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing Argon2i parameters"); } else if (!grub_strcmp (type, "pbkdf2")) @@ -459,6 +461,7 @@ luks2_decrypt_key (grub_uint8_t *out_key, switch (k->kdf.type) { case LUKS2_KDF_TYPE_ARGON2I: + case LUKS2_KDF_TYPE_ARGON2ID: ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Argon2 not supported"); goto err; case LUKS2_KDF_TYPE_PBKDF2: -- 2.39.2