From patchwork Sun Nov 16 21:23:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 719 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=MoAHRqnk; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 377666862B for ; Sun, 16 Nov 2025 14:24:02 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id SQfQPU9-6er2 for ; Sun, 16 Nov 2025 14:24:02 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 32705685C1 for ; Sun, 16 Nov 2025 14:24:00 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 244E7684C5 for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 9HY1RroxilQZ for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.54; helo=mail-io1-f54.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f54.google.com (mail-io1-f54.google.com [209.85.166.54]) by mail.u-boot.org (Postfix) with ESMTPS id 5BD93685C6 for ; Sun, 16 Nov 2025 14:23:56 -0700 (MST) Received: by mail-io1-f54.google.com with SMTP id ca18e2360f4ac-9490cbf951fso3704539f.1 for ; Sun, 16 Nov 2025 13:23:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328234; x=1763933034; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Zxhdpn887YrarsN3WoiU/zWWvvrex2VCrXIzVdSS2II=; b=MoAHRqnkAAB3guMltDryDph+4GNx0JkcfqjZUVDZacu0Yo8kZ92iAcLgmXEVdZ9Esh EM65IL9dFLMMTfymWvBDtyOk97Q8Gw2Cm8rwHDKAkhj6aaiIGb0LJbl1wwtm4sKrbepu P4eQfDzU3sybFPUWg+i+rijbpgvZw+tIBE/yw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328234; x=1763933034; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Zxhdpn887YrarsN3WoiU/zWWvvrex2VCrXIzVdSS2II=; b=YQ2hZwWJF/Nd9gj/ENW4GQ0lrld4yppgPWrRZqMmmJ//IFh2bKOmJc7vKlJghgHzR1 eYPkp6AjpsXMb3UecnEP0tdtg+nKK5Mo3KiPDe6O4L2CSyRTmg4Xyt+bgMPNXqtC3k0n S7LRBOvNjFCAiUtabELnEfPT+qMrgUYLNNFiXEXzk8TgMETfSMQzTnzpipfAMvkzhGu+ Xmd1lqbiyXC+ZciaZBZ25UG4csi0UZjzo8qMh/uZa7sRuwRPNJtK0T1cQM0pN6rou2iT g5bbZ+oihV9fM5pt3aedToYJg/bpmnIw7PIGaPNzu9Dsot3soGfIDeVABqYljAMTWd8o AsTg== X-Gm-Message-State: AOJu0YxPyUr3yPVRo8G5OM4OWmlR6NmUo5iA3dbuIfyYyZVu9BmR6AnM fh26ZoZyPxZSFBWBZ+Pgfc3Jv14G43Ao+KM6hocggC+kIt6jYL6dtfFDy1KtxMkvdmV9/ROoCTS 3mPE= X-Gm-Gg: ASbGncuUqXfNJdzPh+VFmwvsQBN0IbZXpL98XV5GxIOKnonXEdGjaWYvlWL1Ne/Hdk7 cdl4IVZfIJARcZxOtiO9x2kntw1FVUMuFjv32xwq7kHaiVA5DNSshm1G2+M6QB1FxFl5OlmwdYV rZ5FwD+2xhTRfhKewa8S5E8d4SXNXpx1ojtQKLrDEwo/WOYBb2AJ2aIBb87EjtEk97QEJR42v6N LQ5y7D2tekXoUzD9++0SO4otVty/Sn67oHoDo5KQzPh3lGgH3iLCzOaKcqlARkxwHwMLi9320o4 4ZfxM9Apjhp1WdSzfRk7ZvKVCqFAhYUiF0oAnrLvOWwMV9UXFMUT3shPrIA1PKryYBYvv6Fl5i+ yiR2R/lSGxAnoAhhy0StuPFh0IiYdE9s57eO3jkLSoeXYpSXcrpzd6WV5qRruJXhheRf1Xbo4Sj GKoRiszEJoORkcnonpTArzqaTQHDA= X-Google-Smtp-Source: AGHT+IGbRq6ddSw/uNBJmIQ3RAnUn+FoMq7PTjQo8KcaTabmWFKcn81PQ2t0Vf5b67RkjN7c0xvK3A== X-Received: by 2002:a05:6602:2d8c:b0:948:a2aa:edc8 with SMTP id ca18e2360f4ac-948e0d43f0cmr1417697139f.4.1763328234352; Sun, 16 Nov 2025 13:23:54 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:52 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:19 -0700 Message-ID: <20251116212334.1603490-6-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: QDI5QSHLL4QVT7C5IXZ6UEQKJAGVAAI2 X-Message-ID-Hash: QDI5QSHLL4QVT7C5IXZ6UEQKJAGVAAI2 X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 05/14] luks: Update unlock_luks2() to take binary passphrase List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Update unlock_luks2() and related functions to accept a binary passphrase instead of a string passphrase. This will allow unlocking using hashed data. For now this is internal to the luks implementation. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks.c | 3 ++- drivers/block/luks2.c | 41 ++++++++++++++++++++--------------- drivers/block/luks_internal.h | 4 +++- 3 files changed, 28 insertions(+), 20 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 6a1e6f9a3ca..93b50dd105a 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -452,7 +452,8 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, version = be16_to_cpu(*(__be16 *)(buffer + LUKS_MAGIC_LEN)); if (version == LUKS_VERSION_2) - return unlock_luks2(blk, pinfo, pass, master_key, key_size); + return unlock_luks2(blk, pinfo, (const u8 *)pass, strlen(pass), + master_key, key_size); if (version != LUKS_VERSION_1) { log_debug("unsupported LUKS version %d\n", version); diff --git a/drivers/block/luks2.c b/drivers/block/luks2.c index 6836c372de2..57e6b9f37d9 100644 --- a/drivers/block/luks2.c +++ b/drivers/block/luks2.c @@ -586,8 +586,9 @@ static int decrypt_km_cbc(u8 *derived_key, uint key_size, const char *encrypt, * Return: 0 on success, negative error code on failure */ static int try_keyslot_pbkdf2(struct udevice *blk, struct disk_partition *pinfo, - const struct luks2_keyslot *ks, const char *pass, - mbedtls_md_type_t md_type, u8 *cand_key) + const struct luks2_keyslot *ks, const u8 *pass, + size_t pass_len, mbedtls_md_type_t md_type, + u8 *cand_key) { struct blk_desc *desc = dev_get_uclass_plat(blk); int ret, km_blocks, size; @@ -597,10 +598,10 @@ static int try_keyslot_pbkdf2(struct udevice *blk, struct disk_partition *pinfo, log_debug("LUKS2: trying keyslot with %u iters\n", ks->kdf.iters); /* Derive key from passphrase */ - ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, (const u8 *)pass, - strlen(pass), ks->kdf.salt, - ks->kdf.salt_len, ks->kdf.iters, - ks->area.key_size, derived_key); + ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, pass, pass_len, + ks->kdf.salt, ks->kdf.salt_len, + ks->kdf.iters, ks->area.key_size, + derived_key); if (ret) return -EPROTO; @@ -655,8 +656,8 @@ out: /* Unlock using Argon2 keyslot */ static int try_keyslot_argon2(struct udevice *blk, struct disk_partition *pinfo, - const struct luks2_keyslot *ks, const char *pass, - u8 *cand_key) + const struct luks2_keyslot *ks, const u8 *pass, + size_t pass_len, u8 *cand_key) { struct blk_desc *desc = dev_get_uclass_plat(blk); int ret, km_blocks, size; @@ -667,11 +668,11 @@ static int try_keyslot_argon2(struct udevice *blk, struct disk_partition *pinfo, ks->kdf.time, ks->kdf.memory, ks->kdf.cpus); /* Derive key from passphrase using Argon2id */ - log_debug("LUKS2 Argon2: passphrase='%s', t=%u, m=%u, p=%u, saltlen=%d, keylen=%u\n", - pass, ks->kdf.time, ks->kdf.memory, ks->kdf.cpus, + log_debug("LUKS2 Argon2: pass_len=%zu, t=%u, m=%u, p=%u, saltlen=%d, keylen=%u\n", + pass_len, ks->kdf.time, ks->kdf.memory, ks->kdf.cpus, ks->kdf.salt_len, ks->area.key_size); ret = argon2id_hash_raw(ks->kdf.time, ks->kdf.memory, ks->kdf.cpus, - pass, strlen(pass), ks->kdf.salt, + pass, pass_len, ks->kdf.salt, ks->kdf.salt_len, derived_key, ks->area.key_size); if (ret) { @@ -826,8 +827,9 @@ static int verify_master_key(const struct luks2_digest *digest, static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, ofnode keyslot_node, const struct luks2_digest *digest, - mbedtls_md_type_t md_type, const char *pass, - u8 *master_key, uint *key_sizep) + mbedtls_md_type_t md_type, const u8 *pass, + size_t pass_len, u8 *master_key, + uint *key_sizep) { struct luks2_keyslot keyslot; u8 cand_key[128]; @@ -846,12 +848,13 @@ static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, /* Try the keyslot using the appropriate KDF */ if (keyslot.kdf.type == LUKS2_KDF_PBKDF2) { log_debug("LUKS2: calling try_keyslot_pbkdf2\n"); - ret = try_keyslot_pbkdf2(blk, pinfo, &keyslot, pass, md_type, - cand_key); + ret = try_keyslot_pbkdf2(blk, pinfo, &keyslot, pass, pass_len, + md_type, cand_key); } else { /* Argon2 (already checked for CONFIG_ARGON2 support) */ log_debug("LUKS2: calling try_keyslot_argon2\n"); - ret = try_keyslot_argon2(blk, pinfo, &keyslot, pass, cand_key); + ret = try_keyslot_argon2(blk, pinfo, &keyslot, pass, pass_len, + cand_key); } log_debug("LUKS2: keyslot try returned %d\n", ret); @@ -874,7 +877,8 @@ static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, } int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, - const char *pass, u8 *master_key, uint *key_sizep) + const u8 *pass, size_t pass_len, u8 *master_key, + uint *key_sizep) { ofnode keyslots_node, keyslot_node; struct luks2_digest digest; @@ -892,7 +896,8 @@ int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, ret = -EACCES; ofnode_for_each_subnode(keyslot_node, keyslots_node) { ret = try_unlock_keyslot(blk, pinfo, keyslot_node, &digest, - md_type, pass, master_key, key_sizep); + md_type, pass, pass_len, master_key, + key_sizep); if (!ret) /* Successfully unlocked! */ break; diff --git a/drivers/block/luks_internal.h b/drivers/block/luks_internal.h index 3bc572cdfd9..6b0e41267ff 100644 --- a/drivers/block/luks_internal.h +++ b/drivers/block/luks_internal.h @@ -51,11 +51,13 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, u8 *km, * @blk: Block device * @pinfo: Partition information * @pass: Passphrase to unlock the partition + * @pass_len: Length of the passphrase in bytes * @master_key: Buffer to receive the decrypted master key * @key_sizep: Returns the key size * Return: 0 on success, -ve on error */ int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, - const char *pass, u8 *master_key, uint *key_sizep); + const u8 *pass, size_t pass_len, u8 *master_key, + uint *key_sizep); #endif /* __LUKS_INTERNAL_H__ */