diff mbox series

[Concept,11/15] luks: Export the af_merge() function

Message ID	20251111124131.1198930-12-sjg@u-boot.org
State	New
Headers	From: Simon Glass <sjg@u-boot.org> To: U-Boot Concept <concept@u-boot.org> Date: Tue, 11 Nov 2025 05:41:17 -0700 Message-ID: <20251111124131.1198930-12-sjg@u-boot.org> In-Reply-To: <20251111124131.1198930-1-sjg@u-boot.org> References: <20251111124131.1198930-1-sjg@u-boot.org> MIME-Version: 1.0 Message-ID-Hash: V2NUBIBWQSOXEONK2U2WRI75MFFZJ3YB CC: Heinrich Schuchardt <xypron.glpk@gmx.de>, Simon Glass <simon.glass@canonical.com>, Claude <noreply@anthropic.com> Precedence: list Subject: [Concept] [PATCH 11/15] luks: Export the af_merge() function Archived-At: <https://lists.u-boot.org/archives/list/concept@u-boot.org/message/V2NUBIBWQSOXEONK2U2WRI75MFFZJ3YB/> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit
Series	luks: Provide support for LUKSv2 \| [Concept,00/15] luks: Provide support for LUKSv2 [Concept,01/15] mbedtls: Allow use of XTS functions [Concept,02/15] mbedtls: Allow use of base64 [Concept,03/15] test: Check for null string in assert functions [Concept,05/15] lib: Bring in argon2 library [Concept,06/15] lib: Adapt argon2 library for U-Boot [Concept,07/15] lib: Plumb in argon2 library [Concept,08/15] test: Shorten the encrypt_passphrase parameter for FsHelper [Concept,09/15] test: Add a way to create a LUKS2 partition with XTS [Concept,10/15] test: Switch mmc12 over to use argon2id [Concept,11/15] luks: Export the af_merge() function [Concept,12/15] luks: Tidy up the code style in the block driver [Concept,13/15] luks: Provide an implementation of luks2 [Concept,14/15] luks: Enable LUKSv2 support in the luks command

Commit Message

Simon Glass Nov. 11, 2025, 12:41 p.m. UTC

  From: Simon Glass <simon.glass@canonical.com>

Provide this function through an internal header, so that luks2 will be
able to use it.

Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
---

 drivers/block/luks.c          |  5 +++--
 drivers/block/luks_internal.h | 30 ++++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+), 2 deletions(-)
 create mode 100644 drivers/block/luks_internal.h

diff mbox series

Patch

diff --git a/drivers/block/luks.c b/drivers/block/luks.c
index 4400f1cfd84..826fe062757 100644
--- a/drivers/block/luks.c
+++ b/drivers/block/luks.c
@@ -25,6 +25,7 @@ 
 #include <mbedtls/pkcs5.h>
 #include <u-boot/sha256.h>
 #include <u-boot/sha512.h>
+#include "luks_internal.h"
 
 int luks_get_version(struct udevice *blk, struct disk_partition *pinfo)
 {
@@ -206,8 +207,8 @@  static int af_hash(struct hash_algo *algo, size_t key_size, u8 *block_buf)
  * @hash_spec:	Hash algorithm name (e.g., "sha256")
  * Return:	0 on success, -ve on error
  */
-static int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes,
-		    const char *hash_spec)
+int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes,
+	     const char *hash_spec)
 {
 	struct hash_algo *algo;
 	u8 block_buf[128];
diff --git a/drivers/block/luks_internal.h b/drivers/block/luks_internal.h
new file mode 100644
index 00000000000..32714787550
--- /dev/null
+++ b/drivers/block/luks_internal.h
@@ -0,0 +1,30 @@ 
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * LUKS (Linux Unified Key Setup) internal interfaces
+ *
+ * Copyright (C) 2025 Canonical Ltd
+ */
+
+#ifndef __LUKS_INTERNAL_H__
+#define __LUKS_INTERNAL_H__
+
+#include <hash.h>
+
+/**
+ * af_merge() - Merge anti-forensic split key into original key
+ *
+ * This performs the LUKS AF-merge operation to recover the original key from
+ * its AF-split representation. The algorithm XORs all stripes together,
+ * applying diffusion between each stripe. Used by both LUKS1 and LUKS2.
+ *
+ * @src:	AF-split key material (key_size * stripes bytes)
+ * @dst:	Output buffer for merged key (key_size bytes)
+ * @key_size:	Size of the original key
+ * @stripes:	Number of anti-forensic stripes
+ * @hash_spec:	Hash algorithm name (e.g., "sha256")
+ * Return:	0 on success, -ve on error
+ */
+int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes,
+	     const char *hash_spec);
+
+#endif /* __LUKS_INTERNAL_H__ */