1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
From 0044d32121bf52c4547c6b3c78f12d7305f57e6b Mon Sep 17 00:00:00 2001
From: Ax333l <main@axelen.xyz>
Date: Thu, 17 Aug 2023 00:00:00 +0000
Subject: [PATCH 4/6] Error on missing Argon2id parameters
Signed-off-by: Nicholas Johnson <nick@nicholasjohnson.ch>
---
grub-core/disk/luks2.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index d5106402f..bc818ea69 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -38,6 +38,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
enum grub_luks2_kdf_type
{
LUKS2_KDF_TYPE_ARGON2I,
+ LUKS2_KDF_TYPE_ARGON2ID,
LUKS2_KDF_TYPE_PBKDF2
};
typedef enum grub_luks2_kdf_type grub_luks2_kdf_type_t;
@@ -90,7 +91,7 @@ struct grub_luks2_keyslot
grub_int64_t time;
grub_int64_t memory;
grub_int64_t cpus;
- } argon2i;
+ } argon2;
struct
{
const char *hash;
@@ -160,10 +161,11 @@ luks2_parse_keyslot (grub_luks2_keyslot_t *out, const grub_json_t *keyslot)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing or invalid KDF");
else if (!grub_strcmp (type, "argon2i") || !grub_strcmp (type, "argon2id"))
{
- out->kdf.type = LUKS2_KDF_TYPE_ARGON2I;
- if (grub_json_getint64 (&out->kdf.u.argon2i.time, &kdf, "time") ||
- grub_json_getint64 (&out->kdf.u.argon2i.memory, &kdf, "memory") ||
- grub_json_getint64 (&out->kdf.u.argon2i.cpus, &kdf, "cpus"))
+ out->kdf.type = !grub_strcmp (type, "argon2i")
+ ? LUKS2_KDF_TYPE_ARGON2I : LUKS2_KDF_TYPE_ARGON2ID;
+ if (grub_json_getint64 (&out->kdf.u.argon2.time, &kdf, "time") ||
+ grub_json_getint64 (&out->kdf.u.argon2.memory, &kdf, "memory") ||
+ grub_json_getint64 (&out->kdf.u.argon2.cpus, &kdf, "cpus"))
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing Argon2i parameters");
}
else if (!grub_strcmp (type, "pbkdf2"))
@@ -459,6 +461,7 @@ luks2_decrypt_key (grub_uint8_t *out_key,
switch (k->kdf.type)
{
case LUKS2_KDF_TYPE_ARGON2I:
+ case LUKS2_KDF_TYPE_ARGON2ID:
ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Argon2 not supported");
goto err;
case LUKS2_KDF_TYPE_PBKDF2:
--
2.39.2
|
