From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1j4q7u-0001vC-0X for mharc-grub-devel@gnu.org; Thu, 20 Feb 2020 13:00:42 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:45721) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j4q7q-0001sx-Eb for grub-devel@gnu.org; Thu, 20 Feb 2020 13:00:39 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1j4q7p-0007Ce-2O for grub-devel@gnu.org; Thu, 20 Feb 2020 13:00:38 -0500 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]:46699) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1j4q7o-0007Bq-K0 for grub-devel@gnu.org; Thu, 20 Feb 2020 13:00:37 -0500 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id C6F525BB; Thu, 20 Feb 2020 13:00:34 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute1.internal (MEProxy); Thu, 20 Feb 2020 13:00:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=from :to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm3; bh=08E2fihe4BkQh qyJEtGh63cAhZD1lSESwZXj2fA+HS8=; b=e7nb2/xYoqnYRUtn1RL+WPVcO7FUH b2UxsZNZG1xIWcJabIbgeg+9vWXQeY7W8VkS40y0/qZ0ym0TesRROd0LfxaRErdi 2NgQZ4j92qmFhJYW57PsQlxZmjdfU3ljeQTd4rLuB65g9X1FVHoP9tm+gzspYnxk ZWKn84F6WiPGMuyaU/TACXz1uOSJDi9CPOUX/VDTygwGKhXMawCv8mhtbYqSLigU C+f6L1NSztP00S9ycI05yjbLbNDoXFdSA1avJwkVlO59vSPkjusHO3lP1G5wTaN1 CiZ8Y+YY/LenNhmx7MhgX3uZX8GIYuFXzyoHdB4ymLUtdocTKhvWdRHqg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=08E2fihe4BkQhqyJEtGh63cAhZD1lSESwZXj2fA+HS8=; b=UwnSJUxW W1cWV5r7M0/aihaQ4Cmjl+/+VbaZ/f2Oa+5JTvxU4CFAR5naXiBoUwN9k2Gxb1pL b6kadK98C27zG85h9IQiNWkFYTP9LJIb0JOFsCDTIyBXk9YLSuybgf3CQjzhHs4F MxIMq66nSsybQfNH+1/yB985oXezjww2l5L53RESbU3EgLNvLZ6KObT+QwYg6F1E eRmnCb9LxY0YsYzBvU1BaXFoQ1mYBwPeSe+WrE1geLKyyICP/u0c2fgUzZ3TLz60 avhS+g8Bj0jRrrk4gp5S6VfJf8WkV2OvaMLB9RYMR+hc/QvIbP6zNj9gXNwoNu1j cq6yeOsBqCkCOQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrkedvgddutdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefrrghtrhhi tghkucfuthgvihhnhhgrrhguthcuoehpshesphhkshdrihhmqeenucfkphepjeekrdehhe drvddvrddujeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr ohhmpehpshesphhkshdrihhm X-ME-Proxy: Received: from vm-mail (x4e371611.dyn.telefonica.de [78.55.22.17]) by mail.messagingengine.com (Postfix) with ESMTPA id DAC843060F9B; Thu, 20 Feb 2020 13:00:32 -0500 (EST) Received: from localhost (ncase [10.192.0.11]) by vm-mail (OpenSMTPD) with ESMTPSA id 09ff5685 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Thu, 20 Feb 2020 18:00:30 +0000 (UTC) From: Patrick Steinhardt To: grub-devel@gnu.org Cc: Patrick Steinhardt , Daniel Kiper , gmazyland@gmail.com, leif@nuviainc.com, agraf@csgraf.de, pjones@redhat.com, mjg59@google.com, phcoder@gmail.com Subject: [PATCH v2 0/6] Support Argon2 KDF in LUKS2 Date: Thu, 20 Feb 2020 19:00:48 +0100 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 64.147.123.19 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Feb 2020 18:00:40 -0000 Hi, this is the second version of my patchset to add support for Argon2 encryption keys for LUKS2. The most important change is that I've now verbosely imported the argon2 code from the official reference implementation instead of from the cryptsetup project. The diff between both isn't that big in the end, and including from crypsetup's upstream seems a bit cleaner to me. There were several transformations required to use GRUB's types and functions as well as stripping of unused stuff, which I've now documented the dev manual. This also fixes my previously mistaken license headers. One thing I'm not sure about here is whether it's fine to declare the argon2 mod's license as GPLv3. The code is licensed under CC0/Apache 2.0, where the latter is compatible with GPLv3. But I don't know whether it's legit to just say "Yeah, this mod is a GPLv3 one". I didn't address the comment made by Leif yet with regards to grabbing memory. I ain't got much of a clue of GRUB's memory subsystem, so I'd gladly accept help there. Otherwise I'll have to dig a bit deeper. The range diff compared to the previous version of this patch set is attached to this mail. Patrick Patrick Steinhardt (6): efi: Allocate half of available memory by default types.h: add UINT-related macros needed for Argon2 argon2: Import Argon2 from cryptsetup luks2: Add missing newline to debug message luks2: Discern Argon2i and Argon2id luks2: Support key derival via Argon2 Makefile.util.def | 6 +- docs/grub-dev.texi | 64 +++ grub-core/Makefile.core.def | 10 +- grub-core/disk/luks2.c | 28 +- grub-core/kern/efi/mm.c | 4 +- grub-core/lib/argon2/argon2.c | 232 ++++++++ grub-core/lib/argon2/argon2.h | 264 +++++++++ grub-core/lib/argon2/blake2/blake2-impl.h | 151 +++++ grub-core/lib/argon2/blake2/blake2.h | 89 +++ grub-core/lib/argon2/blake2/blake2b.c | 388 +++++++++++++ .../lib/argon2/blake2/blamka-round-ref.h | 56 ++ grub-core/lib/argon2/core.c | 525 ++++++++++++++++++ grub-core/lib/argon2/core.h | 228 ++++++++ grub-core/lib/argon2/ref.c | 190 +++++++ include/grub/types.h | 8 + 15 files changed, 2231 insertions(+), 12 deletions(-) create mode 100644 grub-core/lib/argon2/argon2.c create mode 100644 grub-core/lib/argon2/argon2.h create mode 100644 grub-core/lib/argon2/blake2/blake2-impl.h create mode 100644 grub-core/lib/argon2/blake2/blake2.h create mode 100644 grub-core/lib/argon2/blake2/blake2b.c create mode 100644 grub-core/lib/argon2/blake2/blamka-round-ref.h create mode 100644 grub-core/lib/argon2/core.c create mode 100644 grub-core/lib/argon2/core.h create mode 100644 grub-core/lib/argon2/ref.c Range-diff against v1: 1: 53cdfdc27 = 1: 15bdf830e efi: Allocate half of available memory by default 2: c55946ca5 < -: --------- argon2: Import Argon2 from cryptsetup -: --------- > 2: e81db7d95 types.h: add UINT-related macros needed for Argon2 -: --------- > 3: 50aff9670 argon2: Import Argon2 from cryptsetup 3: c17cd2197 ! 4: af3f85665 disk: luks2: Add missing newline to debug message @@ Metadata Author: Patrick Steinhardt ## Commit message ## - disk: luks2: Add missing newline to debug message + luks2: Add missing newline to debug message The debug message printed when decryption with a keyslot fails is missing its trailing newline. Add it to avoid mangling it with subsequent output. Signed-off-by: Patrick Steinhardt + Reviewed-by: Daniel Kiper ## grub-core/disk/luks2.c ## @@ grub-core/disk/luks2.c: luks2_recover_key (grub_disk_t disk, 4: 390728cea ! 5: 89abe827b disk: luks2: Discern Argon2i and Argon2id @@ Metadata Author: Patrick Steinhardt ## Commit message ## - disk: luks2: Discern Argon2i and Argon2id + luks2: Discern Argon2i and Argon2id While GRUB is already able to parse both Argon2i and Argon2id parameters from the LUKS2 header, it doesn't discern both types. This commit 5: ec4389627 ! 6: 70a354e0b disk: luks2: Support key derival via Argon2 @@ Metadata Author: Patrick Steinhardt ## Commit message ## - disk: luks2: Support key derival via Argon2 + luks2: Support key derival via Argon2 One addition with LUKS2 was support of the key derival function Argon2 in addition to the previously supported PBKDF2 algortihm. In order to @@ Makefile.util.def: library = { common = grub-core/kern/partition.c; common = grub-core/lib/crypto.c; + common = grub-core/lib/argon2/argon2.c; ++ common = grub-core/lib/argon2/core.c; ++ common = grub-core/lib/argon2/ref.c; + common = grub-core/lib/argon2/blake2/blake2b.c; common = grub-core/lib/json/json.c; common = grub-core/disk/luks.c; @@ grub-core/disk/luks2.c: luks2_decrypt_key (grub_uint8_t *out_key, case LUKS2_KDF_TYPE_ARGON2ID: - ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Argon2 not supported"); - goto err; -+ ret = grub_crypto_argon2 (passphrase, passphraselen, salt, saltlen, -+ k->kdf.u.argon2.time, k->kdf.u.argon2.memory, k->kdf.u.argon2.cpus, -+ k->kdf.type == LUKS2_KDF_TYPE_ARGON2I ? GRUB_ARGON2_I : GRUB_ARGON2_ID, -+ GRUB_ARGON2_VERSION_NUMBER, -+ area_key, k->area.key_size); ++ ret = argon2_hash (k->kdf.u.argon2.time, k->kdf.u.argon2.memory, k->kdf.u.argon2.cpus, ++ passphrase, passphraselen, salt, saltlen, area_key, k->area.key_size, ++ k->kdf.type == LUKS2_KDF_TYPE_ARGON2I ? Argon2_i : Argon2_id, ++ ARGON2_VERSION_NUMBER); + if (ret) + { -+ grub_dprintf ("luks2", "Argon2 failed: %s\n", grub_errmsg); ++ grub_dprintf ("luks2", "Argon2 failed: %s\n", argon2_error_message (ret)); + goto err; + } + break; -- 2.25.1