grub-devel.gnu.org archive mirror
 help / color / mirror / Atom feed
From: Gary Lin via Grub-devel <grub-devel@gnu.org>
To: The development of GNU GRUB <grub-devel@gnu.org>
Cc: Gary Lin <glin@suse.com>, Daniel Kiper <daniel.kiper@oracle.com>,
	Vladimir 'phcoder' Serbinenko <phcoder@gmail.com>,
	Glenn Washburn <development@efficientek.com>,
	Michael Chang <mchang@suse.com>,
	Waldemar Brodkorb <wbx@openadk.org>
Subject: [PATCH v3 05/12] libgcrypt/kdf: Remove unsupported KDFs
Date: Tue, 26 Aug 2025 10:01:51 +0800	[thread overview]
Message-ID: <20250826020158.738-6-glin@suse.com> (raw)
In-Reply-To: <20250826020158.738-1-glin@suse.com>

Clean up _gcry_kdf_*() to remove unsupported KDFs.

Signed-off-by: Gary Lin <glin@suse.com>
---
 conf/Makefile.extra-dist                      |   1 +
 .../11-kdf-remove-unsupported-kdfs.patch      | 166 ++++++++++++++++++
 2 files changed, 167 insertions(+)
 create mode 100644 grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch

diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist
index ac72a7ecf..abd4227e7 100644
--- a/conf/Makefile.extra-dist
+++ b/conf/Makefile.extra-dist
@@ -45,6 +45,7 @@ EXTRA_DIST += grub-core/lib/libgcrypt-patches/07_disable_64div.patch
 EXTRA_DIST += grub-core/lib/libgcrypt-patches/08_sexp_leak.patch
 EXTRA_DIST += grub-core/lib/libgcrypt-patches/09-blake2b-hash-buffers.patch
 EXTRA_DIST += grub-core/lib/libgcrypt-patches/10-kdf-use-GPG-errs.patch
+EXTRA_DIST += grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch
 
 EXTRA_DIST += grub-core/lib/libtasn1-patches/0001-libtasn1-disable-code-not-needed-in-grub.patch
 EXTRA_DIST += grub-core/lib/libtasn1-patches/0002-libtasn1-replace-strcat-with-strcpy-in-_asn1_str_cat.patch
diff --git a/grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch b/grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch
new file mode 100644
index 000000000..06723201e
--- /dev/null
+++ b/grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch
@@ -0,0 +1,166 @@
+From f46f3dbd2e572a6610d651d14e9a3a8b27883c49 Mon Sep 17 00:00:00 2001
+From: Gary Lin <glin@suse.com>
+Date: Mon, 25 Aug 2025 16:00:17 +0800
+Subject: [PATCH 3/4] libgcrypt/kdf: Remove unsupported KDFs
+
+Clean up _gcry_kdf_*() to remove unsupported KDFs.
+
+Signed-off-by: Gary Lin <glin@suse.com>
+---
+ grub-core/lib/libgcrypt-grub/cipher/kdf.c | 119 ----------------------
+ 1 file changed, 119 deletions(-)
+
+diff --git a/grub-core/lib/libgcrypt-grub/cipher/kdf.c b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
+index 55294672b..6e825d3e8 100644
+--- a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
++++ b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
+@@ -816,64 +816,6 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int subalgo,
+                           key, keylen, ad, adlen);
+       break;
+ 
+-    case GCRY_KDF_BALLOON:
+-      if (!inputlen || !saltlen || keylen || adlen)
+-        ec = GPG_ERR_INV_VALUE;
+-      else
+-        {
+-          (void)key;
+-          (void)ad;
+-          ec = balloon_open (hd, subalgo, param, paramlen,
+-                             input, inputlen, salt, saltlen);
+-        }
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF:
+-      if (!inputlen || !paramlen || !adlen)
+-        ec = GPG_ERR_INV_VALUE;
+-      else
+-        {
+-          (void)salt;
+-          (void)key;
+-          ec = onestep_kdf_open (hd, subalgo, param, paramlen,
+-                                 input, inputlen, ad, adlen);
+-        }
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF_MAC:
+-      if (!inputlen || !paramlen || !keylen || !adlen)
+-        ec = GPG_ERR_INV_VALUE;
+-      else
+-        {
+-          (void)salt;
+-          ec = onestep_kdf_mac_open (hd, subalgo, param, paramlen,
+-                                     input, inputlen, key, keylen, ad, adlen);
+-        }
+-      break;
+-
+-    case GCRY_KDF_HKDF:
+-      if (!inputlen || !paramlen)
+-        ec = GPG_ERR_INV_VALUE;
+-      else
+-        {
+-          (void)salt;
+-          ec = hkdf_open (hd, subalgo, param, paramlen,
+-                          input, inputlen, key, keylen, ad, adlen);
+-        }
+-      break;
+-
+-    case GCRY_KDF_X963_KDF:
+-      if (!inputlen || !paramlen)
+-        ec = GPG_ERR_INV_VALUE;
+-      else
+-        {
+-          (void)salt;
+-          (void)key;
+-          ec = x963_kdf_open (hd, subalgo, param, paramlen,
+-                              input, inputlen, ad, adlen);
+-        }
+-      break;
+-
+     default:
+       ec = GPG_ERR_UNKNOWN_ALGORITHM;
+       break;
+@@ -893,26 +835,6 @@ _gcry_kdf_compute (gcry_kdf_hd_t h, const struct gcry_kdf_thread_ops *ops)
+       ec = argon2_compute ((argon2_ctx_t)(void *)h, ops);
+       break;
+ 
+-    case GCRY_KDF_BALLOON:
+-      ec = balloon_compute_all ((balloon_ctx_t)(void *)h, ops);
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF:
+-      ec = onestep_kdf_compute ((onestep_kdf_ctx_t)(void *)h, ops);
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF_MAC:
+-      ec = onestep_kdf_mac_compute ((onestep_kdf_mac_ctx_t)(void *)h, ops);
+-      break;
+-
+-    case GCRY_KDF_HKDF:
+-      ec = hkdf_compute ((hkdf_ctx_t)(void *)h, ops);
+-      break;
+-
+-    case GCRY_KDF_X963_KDF:
+-      ec = x963_kdf_compute ((x963_kdf_ctx_t)(void *)h, ops);
+-      break;
+-
+     default:
+       ec = GPG_ERR_UNKNOWN_ALGORITHM;
+       break;
+@@ -933,27 +855,6 @@ _gcry_kdf_final (gcry_kdf_hd_t h, size_t resultlen, void *result)
+       ec = argon2_final ((argon2_ctx_t)(void *)h, resultlen, result);
+       break;
+ 
+-    case GCRY_KDF_BALLOON:
+-      ec = balloon_final ((balloon_ctx_t)(void *)h, resultlen, result);
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF:
+-      ec = onestep_kdf_final ((onestep_kdf_ctx_t)(void *)h, resultlen, result);
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF_MAC:
+-      ec = onestep_kdf_mac_final ((onestep_kdf_mac_ctx_t)(void *)h,
+-                                  resultlen, result);
+-      break;
+-
+-    case GCRY_KDF_HKDF:
+-      ec = hkdf_final ((hkdf_ctx_t)(void *)h, resultlen, result);
+-      break;
+-
+-    case GCRY_KDF_X963_KDF:
+-      ec = x963_kdf_final ((x963_kdf_ctx_t)(void *)h, resultlen, result);
+-      break;
+-
+     default:
+       ec = GPG_ERR_UNKNOWN_ALGORITHM;
+       break;
+@@ -971,26 +872,6 @@ _gcry_kdf_close (gcry_kdf_hd_t h)
+       argon2_close ((argon2_ctx_t)(void *)h);
+       break;
+ 
+-    case GCRY_KDF_BALLOON:
+-      balloon_close ((balloon_ctx_t)(void *)h);
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF:
+-      onestep_kdf_close ((onestep_kdf_ctx_t)(void *)h);
+-      break;
+-
+-    case GCRY_KDF_ONESTEP_KDF_MAC:
+-      onestep_kdf_mac_close ((onestep_kdf_mac_ctx_t)(void *)h);
+-      break;
+-
+-    case GCRY_KDF_HKDF:
+-      hkdf_close ((hkdf_ctx_t)(void *)h);
+-      break;
+-
+-    case GCRY_KDF_X963_KDF:
+-      x963_kdf_close ((x963_kdf_ctx_t)(void *)h);
+-      break;
+-
+     default:
+       break;
+     }
+-- 
+2.43.0
+
-- 
2.43.0


_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

  parent reply	other threads:[~2025-08-26  2:05 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-08-26  2:01 [PATCH v3 00/12] Support Argon2 KDF Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 01/12] util/import_gcry: Import kdf.c for Argon2 Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 02/12] crypto: Update crypto.h for libgcrypt KDF functions Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 03/12] libgcrypt/kdf: Implement blake2b_512.hash_buffers() Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 04/12] libgcrypt/kdf: Get rid of gpg_err_code_from_errno() Gary Lin via Grub-devel
2025-08-26  2:01 ` Gary Lin via Grub-devel [this message]
2025-08-26  2:01 ` [PATCH v3 06/12] libgcrypt/kdf: Fix 64-bit modulus on 32-bit platforms Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 07/12] argon2: Introduce grub_crypto_argon2() Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 08/12] Import Argon2 tests from libgcrypt Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 09/12] Integrate Argon2 tests into functional_test Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 10/12] disk/luks2: Add Argon2 support Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 11/12] tests/util/grub-fs-tester: Use Argon2id for LUKS2 test Gary Lin via Grub-devel
2025-08-26  2:01 ` [PATCH v3 12/12] docs: Document argon2 and argon2_test Gary Lin via Grub-devel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250826020158.738-6-glin@suse.com \
    --to=grub-devel@gnu.org \
    --cc=daniel.kiper@oracle.com \
    --cc=development@efficientek.com \
    --cc=glin@suse.com \
    --cc=mchang@suse.com \
    --cc=phcoder@gmail.com \
    --cc=wbx@openadk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).