From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1j0YWO-0002VH-U6
	for mharc-grub-devel@gnu.org; Sat, 08 Feb 2020 17:24:16 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:56790)
 by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <ps@pks.im>)
 id 1j0YWL-0002S3-My
 for grub-devel@gnu.org; Sat, 08 Feb 2020 17:24:15 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <ps@pks.im>) id 1j0YWK-0007cg-8d
 for grub-devel@gnu.org; Sat, 08 Feb 2020 17:24:13 -0500
Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:37717)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <ps@pks.im>) id 1j0YWJ-0007bw-Mf
 for grub-devel@gnu.org; Sat, 08 Feb 2020 17:24:12 -0500
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
 by mailout.west.internal (Postfix) with ESMTP id 3868F5A6;
 Sat,  8 Feb 2020 17:24:08 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute1.internal (MEProxy); Sat, 08 Feb 2020 17:24:08 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=date
 :from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=fm3; bh=v3ni0AKPpYS15DN8rYrRBUn1JgL
 xAI237dixzCZtGog=; b=ZwTnUdUOU8dSat4wTa6e9u45/4xagwEJxV9kjB9cgkn
 nMd+Cnlz2Th0Y/cd/V+eXaCyc5k4y08pdYjvlv43r7VmEVG6rgulv7hYfnthzF0G
 QJLct+JwbkkHh16985Sd8mYuL/knHcbY/Q23++G1rIus8jExc88IlimCtZzqkOIV
 cn7ZRfm8s0KlVdxn3J8z/cqe2DQaOkxg7Hdx2jInz3yo+oFXm4N3EY9Y45Am1yuU
 pAqJKCIsd/MAQfAh9cD0Z6GQeF5I2oSi+JOtqIZ4xMb4WoqtjdN/uDOdJLdec++L
 FZHuBOtWHDFB6iP1+h46xrRa/WOxYb2xOB2hSa7q08Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=v3ni0A
 KPpYS15DN8rYrRBUn1JgLxAI237dixzCZtGog=; b=iRi95mSHMwTTsptOoWmT69
 HiARjvYL7O2/V2U6BSnO3nkgF6Y3Wo9dq8FQjOl78kt1MTlmYpy0Srklq70eVa5c
 vrqkvRs769d5Yn0ThXYiI65wViiHc0XznFAdA4+Ejxi3CZg0v+ncLeI7fBUCxXxw
 e6Stqon3u0pF1CGdv1ByMBQhyjiVHUkPeT2uJ+vCoQx7N++2nnG7ELUrUF3w6j0X
 p7dhrM8Sg4TV4WILBrEIODD79PB+Qm8FGePo61TH1TfIMus/N+I/xT72tXB/FwPR
 RbJJyezpNOzyfAQC2eNxFwoikVmuM0GDey+UDHjphCNuxD0SH07kaldBM+cQD3zw
 ==
X-ME-Sender: <xms:BzU_XgxlW--ng5t_BBaxwbR1uwG2ZCNgy0Pep_WH9a53O4fL-sYQ8w>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrheejgdduieefucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhepfffhvffukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrrghtrhhi
 tghkucfuthgvihhnhhgrrhguthcuoehpshesphhkshdrihhmqeenucffohhmrghinhepgh
 hithhhuhgsrdgtohhmnecukfhppeejkedrheehrddutddtrddvieenucevlhhushhtvghr
 ufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpshesphhkshdrihhm
X-ME-Proxy: <xmx:BzU_XtNLiX_W2ICxrONuxqPJIlB4QSdpwq6RsfkUMa8KmqxTxGTa0w>
 <xmx:BzU_XkTGsCVuGDgDmmbCE6bPqhXXqRamhiVc86z6roLnncHSBvCT2Q>
 <xmx:BzU_XrY1qng3bHWdfCOXuT8jku5WU41Ge_LQ30foW1uzVStAEfQDlQ>
 <xmx:BzU_XjffJ8F_38DDGszf9hWZ285aA0AyFQV-CZPcLsfFOEVYePgXIQ>
Received: from vm-mail (x4e37641a.dyn.telefonica.de [78.55.100.26])
 by mail.messagingengine.com (Postfix) with ESMTPA id 09E8F328005D;
 Sat,  8 Feb 2020 17:24:06 -0500 (EST)
Received: from localhost (<unknown> [10.192.0.12])
 by vm-mail (OpenSMTPD) with ESMTPSA id 4f4b4387
 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); 
 Sat, 8 Feb 2020 22:24:05 +0000 (UTC)
Date: Sat, 8 Feb 2020 23:25:03 +0100
From: Patrick Steinhardt <ps@pks.im>
To: Milan Broz <gmazyland@gmail.com>
Cc: The development of GNU GRUB <grub-devel@gnu.org>,
 Daniel Kiper <daniel.kiper@oracle.com>
Subject: Re: [PATCH 2/5] argon2: Import Argon2 from cryptsetup
Message-ID: <20200208222503.GA33796@xps>
References: <cover.1580998938.git.ps@pks.im>
 <c55946ca5cfbdf32967cbcc9c1012f783e210e77.1580998938.git.ps@pks.im>
 <ea1aef3b-832d-619d-0d33-883643af27f5@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="ZGiS0Q5IWpPtfppv"
Content-Disposition: inline
In-Reply-To: <ea1aef3b-832d-619d-0d33-883643af27f5@gmail.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-Received-From: 64.147.123.25
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Feb 2020 22:24:15 -0000


--ZGiS0Q5IWpPtfppv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Feb 08, 2020 at 12:30:54PM +0100, Milan Broz wrote:
> On 06/02/2020 15:27, Patrick Steinhardt wrote:
> > In order to support the Argon2 key derival function for LUKS2, we
> > obviously need to implement Argon2. It doesn't make a lot of sense to
> > hand-code any crypto, which is why this commit instead imports Argon2
> > from the cryptsetup project. The cryptsetup project was chosen as
> > upstream simply because it is the de-facto home of LUKS2, making us
> > bug-to-bug compatible with their Argon2 implementation.
> >=20
> > As the cryptsetup project imported the code themselves from the
> > repository hosted at https://github.com/P-H-C/phc-winner-argon2, it is
> > licensed under a mixture of LGPLv2.1+ and CC0 1.0 Universal/Apache 2.0.
> > Given that both LGPLv2.1+ and Apache 2.0 are compatible with GPLv3, it
> > should be fine to import that code.
>=20
> Well, it was a temporary solution as we (cryptsetup developers) are trying
> to include Argon2 in OpenSSL (default crypto backend for cryptsetup) - and
> perhaps in gcrypt later.
>=20
> So if gcrypt includes Argon2 implementation in future, what is your plan?
> Switch to it or keep this embedded copy still in place? Just asking :)
> ...

GRUB already uses libgcrypt for some stuff, so switching to an
implementation provided by it would most likely be the way to go as soon
as it got support for it.

> > diff --git a/grub-core/lib/argon2/argon2.c b/grub-core/lib/argon2/argon=
2.c
> > new file mode 100644
> > index 000000000..1b8b092ae
> > --- /dev/null
> > +++ b/grub-core/lib/argon2/argon2.c
> > @@ -0,0 +1,614 @@
> > +/*
> > + * Argon2 PBKDF2 library wrapper
> > + *
> > + * Copyright (C) 2016-2020 Red Hat, Inc. All rights reserved.
> > + * Copyright (C) 2016-2020 Milan Broz
>=20
> You are missing copyright of the original Argon2 authors here.
> (This is apparently not the original wrapper code only but internal argon=
2 implementation.)

Oops, definitely, forgot to merge them in while collapsing files into
one. Thanks for the hint.

> Anyway, this is interesting addition to GRUB2 (and people often asks
> cryptsetup upstream about this). Thanks!
>=20
> Milan

--ZGiS0Q5IWpPtfppv
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEtmscHsieVjl9VyNUEXxntp6r8SwFAl4/NTwACgkQEXxntp6r
8SwWIQ/8DHG3dLZOCk6/nPRNmtXn1EKFKFlkW3EHMQLCAOXucFEOapUoHuxRr38Y
pWBUePZrhIq3o5l1++9ny5dvuKwZSIGuIkMbbjLwSZcb7U8jyhGwlWQJBL2NZkl4
QKcSTaSddYsCMyViaMpv2iNf97Clj+63BoXgVHrVR99YI2O6x42vKSseBGlDl0Qy
sb+uOxEhnG1WHSzCX++m+NixfO7JIKzHjJMFRBJrC2BuqFqh6wHdr04OgdrYv/BY
9GYQve5qGvNSzX9pLa+MfGCgIzRdHvUiv4876FUcpAT5I+74ijhBqADFPzuvXQVZ
GLEwjeg327mL2NbPkA7esDkpyhkex2e/yCR5DGiLxpVWCM5kAmT4m/a5xatqE59S
2PWmrILTyrdDOAajooFaTvhJWdXCC/Ugc9mkaWQVVHp3RHZzQGZYtstfM/HNvYfe
YzF6vTLhQtGUel4ZF4ieHXxJ44KmqnRAVVnUa3JDJYOB1dTjVEHUh9WH5fBmy4dg
RYn9xid70OAXbQ37znE0ibRzAoW6hrNcFp1BwrjWCUmoP48L9op2fo0t8yYhriVc
zkvT7Z3FSls04BcinC2QCW4Svt9VaZNj92mrxDBh5DBcSLe73vmh9DIPI3SenK9X
rY5A7WiLhOxd8/Ig6jY+dkpmPbX+9mKWI+XyKi3yGqQBWN5eQ4Y=
=uA5C
-----END PGP SIGNATURE-----

--ZGiS0Q5IWpPtfppv--