[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 4/5] disk: luks2: Discern Argon2i and Argon2id
From: |
Patrick Steinhardt |
Subject: |
[PATCH 4/5] disk: luks2: Discern Argon2i and Argon2id |
Date: |
Thu, 6 Feb 2020 15:27:32 +0100 |
While GRUB is already able to parse both Argon2i and Argon2id parameters
from the LUKS2 header, it doesn't discern both types. This commit
introduces a new KDF type for Argon2id and sets up the parsed KDF's type
accordingly.
Signed-off-by: Patrick Steinhardt <address@hidden>
---
grub-core/disk/luks2.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index 65c4f0aac..767631198 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -40,6 +40,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
enum grub_luks2_kdf_type
{
LUKS2_KDF_TYPE_ARGON2I,
+ LUKS2_KDF_TYPE_ARGON2ID,
LUKS2_KDF_TYPE_PBKDF2
};
typedef enum grub_luks2_kdf_type grub_luks2_kdf_type_t;
@@ -90,7 +91,7 @@ struct grub_luks2_keyslot
grub_int64_t time;
grub_int64_t memory;
grub_int64_t cpus;
- } argon2i;
+ } argon2;
struct
{
const char *hash;
@@ -158,10 +159,11 @@ luks2_parse_keyslot (grub_luks2_keyslot_t *out, const
grub_json_t *keyslot)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing or invalid KDF");
else if (!grub_strcmp (type, "argon2i") || !grub_strcmp (type, "argon2id"))
{
- out->kdf.type = LUKS2_KDF_TYPE_ARGON2I;
- if (grub_json_getint64 (&out->kdf.u.argon2i.time, &kdf, "time") ||
- grub_json_getint64 (&out->kdf.u.argon2i.memory, &kdf, "memory") ||
- grub_json_getint64 (&out->kdf.u.argon2i.cpus, &kdf, "cpus"))
+ out->kdf.type = !grub_strcmp (type, "argon2i")
+ ? LUKS2_KDF_TYPE_ARGON2I : LUKS2_KDF_TYPE_ARGON2ID;
+ if (grub_json_getint64 (&out->kdf.u.argon2.time, &kdf, "time") ||
+ grub_json_getint64 (&out->kdf.u.argon2.memory, &kdf, "memory") ||
+ grub_json_getint64 (&out->kdf.u.argon2.cpus, &kdf, "cpus"))
return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing Argon2i parameters");
}
else if (!grub_strcmp (type, "pbkdf2"))
@@ -432,6 +434,7 @@ luks2_decrypt_key (grub_uint8_t *out_key,
switch (k->kdf.type)
{
case LUKS2_KDF_TYPE_ARGON2I:
+ case LUKS2_KDF_TYPE_ARGON2ID:
ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Argon2 not supported");
goto err;
case LUKS2_KDF_TYPE_PBKDF2:
--
2.25.0
- [PATCH 0/5] Support Argon2 KDF in LUKS2, Patrick Steinhardt, 2020/02/06
- [PATCH 3/5] disk: luks2: Add missing newline to debug message, Patrick Steinhardt, 2020/02/06
- [PATCH 1/5] efi: Allocate half of available memory by default, Patrick Steinhardt, 2020/02/06
- [PATCH 4/5] disk: luks2: Discern Argon2i and Argon2id,
Patrick Steinhardt <=
- [PATCH 2/5] argon2: Import Argon2 from cryptsetup, Patrick Steinhardt, 2020/02/06
- [PATCH 5/5] disk: luks2: Support key derival via Argon2, Patrick Steinhardt, 2020/02/06
- Re: [PATCH 0/5] Support Argon2 KDF in LUKS2, Daniel Kiper, 2020/02/11