From patchwork Sun Nov 16 21:23:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 718 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=VapWrKwR; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id CC337685F2 for ; Sun, 16 Nov 2025 14:23:59 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id dmbw_aVjtOOh for ; Sun, 16 Nov 2025 14:23:59 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id BAC10685C1 for ; Sun, 16 Nov 2025 14:23:59 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 1393868648 for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id L3QlHYlRtOEU for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.53; helo=mail-io1-f53.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f53.google.com (mail-io1-f53.google.com [209.85.166.53]) by mail.u-boot.org (Postfix) with ESMTPS id F08F6684C5 for ; Sun, 16 Nov 2025 14:23:52 -0700 (MST) Received: by mail-io1-f53.google.com with SMTP id ca18e2360f4ac-9490cbf951fso3704139f.1 for ; Sun, 16 Nov 2025 13:23:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328231; x=1763933031; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Aowu9OXBBQvYWOAWDnhHEdsGPjTqmuonYg61sHBkZ4s=; b=VapWrKwRsht0j5bHzcS6irVhzp/tGm0F+uhqh3oumRIkQnPPRMiZRBY0mDCXCU+/H0 T3Ojzis7oVlusqjMRt/Y6GKUox/Qufb3H82kGIgZeUTcpxg+lq/0YCbchR24tbG/gMdv BU5kfqXW4qaCgRcFd0ZjVMMpCwW3DdKc5RL/k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328231; x=1763933031; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Aowu9OXBBQvYWOAWDnhHEdsGPjTqmuonYg61sHBkZ4s=; b=lPsPZk2K6/Z/+lLBNBazalOQMqDEyfGEDzP7RHIsYBnA/bhH17ZA3+BFsHTPpA2zg0 rfn5fW7TPtSOJMgflJGzTzH/o/6BU4qoNB7ld+miNRKx/J0ln0CpDPxTvBFP3N0a35C6 o5qwWX+sx4tpACGbvaC22p61MChtPRkhltwV5Gb8gbdCUrbK22pVAF7GqfsMfFnbxQzo QmSnqEBSKLeMeb7xuN7mfaleZkKRXEL9e11oNoaIEvAZ4ZVAl0Png6ZNgRnvXPx9jTJp hBS9lCZNs0+ikaq0LctYlvGWwmb59axNHcnV7IOfGsYkdXGd0JPqCL5VaRkSKwWFtgLl n23Q== X-Gm-Message-State: AOJu0YziKv1urLNLVa3w9NfEbMy6ffOp7aBFNhDlCkIBfwyEr8GZhR4Z HuK6yJwI1rJDZQP8TeXkNSV4W6JBIi4BNktIw/D+VNy52YwsNQJOM/RT0hRO7xenOmX3T2Ofi5f u25k= X-Gm-Gg: ASbGncukB903FG4NxGGL47/0yQsoBnGfX0u2423u+ABsXO5Wut3X7xu5zIV3QSAsW2k yqRcOWrHXET1VpZGmzHhIsEigLcScnwmBbhnRFK32pEqSOeMo2JxYwWN23g4fwHvroasCx+80sd DFHdS0m/pLlWY4BZtiA9bfU34+Bd6rBX6InwPKnLOMSX60ux6b32MqbIsarB8jZpNxLjqcXoIxU M6MB0sF4g/4osKQQQhyiVcVogMZiV9bcsg5f1ydHF92uZfk5sph4YtfiABhhdN+uM2uXlFYHj13 HPYsXhJO84hOM0jbWXkP48iCxIzYZASK3qThOIYwaIurdIspNK95Y5ImdvCczvBHB60MVHSX2bX xf1tKta1No5utBjNCCUimRxkPNYrTxB++jG6vaS4/hNouYu9D96LJI4NMV0YhbHfNkyOshmROrR 7F71dUaPvyjEmP1JYH X-Google-Smtp-Source: AGHT+IHL2afcGcKBsD6QMAHfuyx8EI62PoS0EcBQ/ZfgwUdvJmGdMwMsTAEjJJ5rKan7gDWh9KI5Ng== X-Received: by 2002:a05:6602:2c02:b0:948:a9aa:1748 with SMTP id ca18e2360f4ac-948e0e45977mr1302409439f.17.1763328231405; Sun, 16 Nov 2025 13:23:51 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:50 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:18 -0700 Message-ID: <20251116212334.1603490-5-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: JVFLLEIFIWDCPCEFD2CHPNMEGG5QAFCV X-Message-ID-Hash: JVFLLEIFIWDCPCEFD2CHPNMEGG5QAFCV X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 04/14] luks: Update try_keyslot() to allow a bytestring List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: In preparation for supporting unlock using binary data, update try_keyslot() to accept an array of bytes instead of a string. Signed-off-by: Simon Glass --- drivers/block/luks.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 94139b4f56d..6a1e6f9a3ca 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -295,6 +295,7 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, * @hdr: LUKS header * @slot_idx: Key slot index to try * @pass: Passphrase to try + * @pass_len: Length of passphrase * @md_type: Hash algorithm type * @key_size: Size of the key * @derived_key: Buffer for derived key (key_size bytes) @@ -308,9 +309,10 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, */ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, struct luks1_phdr *hdr, int slot_idx, - const char *pass, mbedtls_md_type_t md_type, - uint key_size, u8 *derived_key, u8 *km, uint km_blocks, - u8 *split_key, u8 *candidate_key) + const u8 *pass, size_t pass_len, + mbedtls_md_type_t md_type, + uint key_size, u8 *derived_key, u8 *km, + uint km_blocks, u8 *split_key, u8 *candidate_key) { struct luks1_keyslot *slot = &hdr->key_slot[slot_idx]; uint iters, km_offset, stripes, split_key_size; @@ -324,7 +326,7 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, if (be32_to_cpu(slot->active) != LUKS_KEY_ENABLED) return -ENOENT; - log_debug("trying key slot %d...\n", slot_idx); + log_debug("trying key slot %d (pass len=%zu)...\n", slot_idx, pass_len); iters = be32_to_cpu(slot->iterations); km_offset = be32_to_cpu(slot->key_material_offset); @@ -332,14 +334,13 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, split_key_size = key_size * stripes; /* Derive key from passphrase using PBKDF2 */ - log_debug("PBKDF2(pass '%s'[len %zu], ", pass, strlen(pass)); + log_debug("PBKDF2(pass len=%zu, ", pass_len); log_debug_hex("salt[0-7]", (u8 *)slot->salt, 8); log_debug("iter %u, keylen %u)\n", iters, key_size); - ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, (const u8 *)pass, - strlen(pass), + ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, pass, pass_len, (const u8 *)slot->salt, - LUKS_SALTSIZE, iters, key_size, - derived_key); + LUKS_SALTSIZE, iters, + key_size, derived_key); if (ret) { log_debug("PBKDF2 failed: %d\n", ret); return -EPROTO; @@ -360,7 +361,9 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, log_debug("expand key with key_size*8 %u bits\n", key_size * 8); log_debug_hex("derived_key", derived_key, key_size); + /* Decrypt key material */ aes_expand_key(derived_key, key_size * 8, expkey); + log_debug_hex("expanded key [0-15]:", expkey, 16); /* Decrypt with CBC mode: first check if ESSIV is used */ @@ -369,10 +372,8 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, km_blocks, desc->blksz); } else { /* Plain CBC with zero IV */ + log_debug("using plain CBC mode\n"); memset(iv, '\0', sizeof(iv)); - log_debug("using plain CBC with zero IV\n"); - log_debug("decrypting %u blocks\n", - split_key_size / AES_BLOCK_LENGTH); aes_cbc_decrypt_blocks(key_size * 8, expkey, iv, km, split_key, split_key_size / AES_BLOCK_LENGTH); } @@ -514,9 +515,10 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, /* Try each key slot */ for (i = 0; i < LUKS_NUMKEYS; i++) { - ret = try_keyslot(blk, pinfo, hdr, i, pass, md_type, - *key_size, derived_key, km, km_blocks, - split_key, candidate_key); + ret = try_keyslot(blk, pinfo, hdr, i, (const u8 *)pass, + strlen(pass), md_type, *key_size, + derived_key, km, km_blocks, split_key, + candidate_key); if (!ret) { /* Successfully unlocked */