From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1ny5HZ-0008T4-Ol for mharc-grub-devel@gnu.org; Mon, 06 Jun 2022 01:28:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33808) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ny5HY-0008SP-Co for grub-devel@gnu.org; Mon, 06 Jun 2022 01:28:04 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:35949) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ny5HU-00021j-DA for grub-devel@gnu.org; Mon, 06 Jun 2022 01:28:02 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 4C2F45C00EC; Mon, 6 Jun 2022 01:27:59 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Mon, 06 Jun 2022 01:27:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=cc:cc :content-type:date:date:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to; s=fm2; t= 1654493279; x=1654579679; bh=xNj0xDYEhtoA75Js2WKKQtmmNmVoN4e7iGQ NtuMbMEE=; b=cN/5/m7393wvTlK+XOgBI+WR0HlonXOU1GAeF4hrNJ+yMzdpwH1 vVi3crEZSXJ3U3/kvMbEOGZqxp5sWSOnX9J8Ovi/eeBDMywSzCkR3yLEl1zPFG7j 8BHfUz0rh/6QBi8PTiD/eWu6OwKqPc5kHt3redOpK8qrWz3KJ1PcZ2J8TzEP1w8L xXibBqYW2u0kIpo+xUy0bAxWHX3TWmdV2dT4NyHWvhy02CYqe65sezeSTlTxqv6p w/Q27yO4uk78rQmx/Lpw6GQxD/K6BiPvLY0V2SqcpQhqcb08A6lXJScSSjPyNYHt WLgRgDnxBWsRH4/6UZDXbDk30ZWnymnHycg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:message-id:mime-version :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1654493279; x= 1654579679; bh=xNj0xDYEhtoA75Js2WKKQtmmNmVoN4e7iGQNtuMbMEE=; b=n QTeZzTeoFDjRMJNyN7mxsxUSCh9tvI0K0dn1s8hLZ0qSgxdaR0vvq4kUwMt3H85X DqAsDkAWgpR//OkgvMu6V3RK/KpeY+e1lozP8vf7XRM7B3zAY8e1mqGvjvv13YRL pdtXFFktP/rlfreG9P8mRTVo3nphlatHwyyrXX2LsutAFRadX4hI2UuqWbBdrh7U oH4zhlMJ2zzhzUpNZJrusUEp0ptxEsZ6nSWG8SaozbnjpdScRdK2LEtmmBy00/ni KPz27UYaethy1mJ1IPlrs2eg7Y1NFEFXi1SXmlz+JKUSRY0vARjjf3syAHzVMKh6 66CfDHlmuk18OAdjtroLA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedruddtuddgleeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkgggtugesghdtreertddtvdenucfhrhhomheprfgrthhrihgt khcuufhtvghinhhhrghrughtuceophhssehpkhhsrdhimheqnecuggftrfgrthhtvghrnh epvdefjeduudfffefgudeuueeuiefgvddtieejudefgeejueegieehgfetfeeuffehnecu ffhomhgrihhnpehivghtfhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrh grmhepmhgrihhlfhhrohhmpehpshesphhkshdrihhm X-ME-Proxy: Feedback-ID: i197146af:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 6 Jun 2022 01:27:58 -0400 (EDT) Received: from localhost (tanuki [10.192.0.23]) by vm-mail.pks.im (OpenSMTPD) with ESMTPSA id d875c519 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Mon, 6 Jun 2022 05:27:55 +0000 (UTC) Date: Mon, 6 Jun 2022 07:28:51 +0200 From: Patrick Steinhardt To: grub-devel@gnu.org Cc: Daniel Kiper , Glenn Washburn Subject: [PATCH v4 0/2] luks2: Fix decoding of digests and salts with escaped chars Message-ID: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ZeStskwNKARh6QuO" Content-Disposition: inline Received-SPF: pass client-ip=66.111.4.25; envelope-from=ps@pks.im; helo=out1-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2022 05:28:04 -0000 --ZeStskwNKARh6QuO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, this is the fourth version of my patch series which fixes decoding of digests and salts in LUKS2 headers in case they happen to contain escaped characters. While modern cryptsetup versions in fact don't escape any characters part of the Base64 alphabet, old versions of cryptsetup did this until v2.0.2. Changes compared to v3: - Fixed the confusion between `size_t` and `grub_size_t` so that we consistently use the latter. - Improved error handling in `grub_json_unescape ()`: we now verify that the out-parameters are set, check for memory allocation errors and now return any errors encountered. - `luks2_base64_decode ()` now initializes the out-parameters it passes to `grub_json_unescape ()`. This should address all the feedback by Glenn, except for modifying `grub_json_unescape ()` to allow for in-place unescaping. I found the end result to be less readable and more fragile when requiring the caller to pass in a buffer, and we cannot make use of it right now anyway. Thanks for your feedback! Patrick Patrick Steinhardt (2): json: Add function to unescape JSON-encoded strings luks2: Fix decoding of digests and salts with escaped chars grub-core/disk/luks2.c | 28 +++++++++-- grub-core/lib/json/json.c | 101 ++++++++++++++++++++++++++++++++++++++ grub-core/lib/json/json.h | 12 +++++ 3 files changed, 137 insertions(+), 4 deletions(-) Range-diff against v3: 1: 3055f9f2f ! 1: c2233323a json: Add function to unescape JSON-encoded s= trings @@ grub-core/lib/json/json.c: grub_json_getint64 (grub_int64_t *out, co= nst grub_jso } + +grub_err_t -+grub_json_unescape (char **out, size_t *outlen, const char *in, size_= t inlen) ++grub_json_unescape (char **out, grub_size_t *outlen, const char *in, = grub_size_t inlen) +{ + grub_err_t ret =3D GRUB_ERR_NONE; -+ size_t inpos, resultpos; ++ grub_size_t inpos, resultpos; + char *result; + ++ if (!out || !outlen) ++ return grub_error (GRUB_ERR_BAD_ARGUMENT, "Output parameters are = not set"); ++ + result =3D grub_calloc (1, inlen + 1); ++ if (!result) ++ return GRUB_ERR_OUT_OF_MEMORY; + + for (inpos =3D resultpos =3D 0; inpos < inlen; inpos++) + { @@ grub-core/lib/json/json.c: grub_json_getint64 (grub_int64_t *out, co= nst grub_jso + } + } + else -+ { + result[resultpos++] =3D in[inpos]; -+ } + } + + *out =3D result; @@ grub-core/lib/json/json.c: grub_json_getint64 (grub_int64_t *out, co= nst grub_jso + if (ret !=3D GRUB_ERR_NONE) + grub_free (result); + -+ return GRUB_ERR_NONE; ++ return ret; +} =20 ## grub-core/lib/json/json.h ## @@ grub-core/lib/json/json.h: extern grub_err_t EXPORT_FUNC(grub_json_g= etint64) (gr + * See https://datatracker.ietf.org/doc/html/rfc8259#section-7 for mo= re + * information on escaping in JSON. + */ -+extern grub_err_t EXPORT_FUNC(grub_json_unescape) (char **out, size_t= *outlen, -+ const char *in, size_t inlen); ++extern grub_err_t EXPORT_FUNC(grub_json_unescape) (char **out, grub_s= ize_t *outlen, ++ const char *in, grub_size_t inlen); + #endif 2: 69424b2d1 ! 2: 84370adba luks2: Fix decoding of digests and salts with= escaped chars @@ grub-core/disk/luks2.c: luks2_scan (grub_disk_t disk, grub_cryptomou= nt_args_t ca } =20 +static grub_err_t -+luks2_base64_decode (const char *in, size_t inlen, grub_uint8_t *deco= ded, idx_t *decodedlen) ++luks2_base64_decode (const char *in, grub_size_t inlen, grub_uint8_t = *decoded, idx_t *decodedlen) +{ -+ size_t unescaped_len; -+ char *unescaped; ++ grub_size_t unescaped_len =3D 0; ++ char *unescaped =3D NULL; + bool successful; + + if (grub_json_unescape (&unescaped, &unescaped_len, in, inlen) !=3D= GRUB_ERR_NONE) + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not unescape Bas= e64 string"); + -+ successful =3D base64_decode (unescaped, unescaped_len, (char *)dec= oded, decodedlen); ++ successful =3D base64_decode (unescaped, (size_t)unescaped_len, (ch= ar *)decoded, decodedlen); + grub_free (unescaped); + if (!successful) + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not decode Base6= 4 string"); --=20 2.36.1 --ZeStskwNKARh6QuO Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEF9hrgiFbCdvenl/rVbJhu7ckPpQFAmKdkJIACgkQVbJhu7ck PpQMfQ/+KGXlJMmhceQxheEvqUgLoAenjN0ssWK283simQg+woCpiKt8xphkN1Ec /3jNYaB+6ZE4znamhOyYetsFJBdCzbj+oRRG0WHCxL62sEg0mVkt5rT8QrEhdsVt UsAjJqqnrR+vrxPkW7B0ZMrxDETziKMHwtQxZnLSVYxbEVb5fUz/QQ8DuYsHBlL2 3oAJKB9VnTw2vOQwsfwaRTJMKLwzDwFihvGW//wc604ObyGfjfgP+JaI0H+cnkjx x0LYwjTuVhDWBLB+GRo8q9X1T3xxNs+4C8e/EdHsdauca8fRVDVSoxZ3IeFGwfu2 OG1zYlqvBTOKMUBftS9PBbAr60gVdF8Q3uK1E2+/PcE8mCTM5SnzNy54nGCJzqnJ yPLMgGiv0eQH6s0oUKzw+Karf4o02XkRxZAmNLwQcoC1A1fw2QASYBKWE7yEaGmX LL/UMnZ216aCbBts795mCIjYzEEVU1QfcIauO3VgFCq9mKqGact0kOAsbCMYe6QV 0GngpHu332wID4HAsOC3PXAOajN0y48ZjzsMkkBSV+w405BhI+EKcnrCoRTyWRW/ 88H8zsJVaJqjUuPulJhVcU2ncSqRW8Vkv9CqgzSVE796TVlYGNA1kowbFSmLj04q m7SBbB+XY7Kh8PAuTXXf2p/JcZNiV8ZddlH7pakZfrB2qJLnx8A= =2V7L -----END PGP SIGNATURE----- --ZeStskwNKARh6QuO--