From patchwork Sun Nov 16 21:23:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 715 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=ZvkixNwp; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 9C428685D7 for ; Sun, 16 Nov 2025 14:23:53 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id rFOl7946XXzp for ; Sun, 16 Nov 2025 14:23:53 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 8BFE06858A for ; Sun, 16 Nov 2025 14:23:53 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 5C5BC685BF for ; Sun, 16 Nov 2025 14:23:51 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 8y7u6-JRWqxp for ; Sun, 16 Nov 2025 14:23:51 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.47; helo=mail-io1-f47.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f47.google.com (mail-io1-f47.google.com [209.85.166.47]) by mail.u-boot.org (Postfix) with ESMTPS id 10744685C8 for ; Sun, 16 Nov 2025 14:23:46 -0700 (MST) Received: by mail-io1-f47.google.com with SMTP id ca18e2360f4ac-948733e7810so138542139f.0 for ; Sun, 16 Nov 2025 13:23:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328224; x=1763933024; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=OQACSROPT/wqb5vCO4QCgEfrJS/4EOQWpl+TQsktpXQ=; b=ZvkixNwpVu+iCpmPlz2/g2Tjn9no4jdmPhZnNndE/vC/7/4UEPg6XvxXJD9ljwCvxG ucMlOip/2WU4imGfWEapSb16H7BxG/YLxsLe/NaccGKLzoi0Z8wEFeOUqESE4EH2SdZ+ 3i4Vs9iOtUU2/PxM6jBbt68Hp3Qk4cm8fnooM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328224; x=1763933024; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=OQACSROPT/wqb5vCO4QCgEfrJS/4EOQWpl+TQsktpXQ=; b=KFt600WPjPNm7VKRB3NXhO8ZhwOAD3jyIIgH7RWWT3W+07QUQuplp5RbOmI4SOEJgK SVeVNP2vk0H0H68ebcjOPk9npvB+n0fKo1fjhwXMNFob9Xak/iOGOMnOfUKsSbqDCqKP 0dsIb/O5Kys9zw3gaz5A76au/xMrYrLrnhp768A/D8M548ZPn//bKGIpBtVaOVxRX6k2 WB7Qnqv0ms7YlpZpeoigCkJZxQiH6/0d/l6scTnvNWYckTFfMC906tgQDeG0MkVoL2/w 0bZs2UDMIFcvilFC+Zb2NSXtQ//Y0a/KGaSGUDrAGfIHcOHO7KZdDeBqgWfNxnqc8t2R pCkw== X-Gm-Message-State: AOJu0YwPwE40JfPUeIyxcKmnMXCnB44qBJZlyIwD+gFVK7gvFGfr/eY5 XqJ5CkuL39R1MA3iwHL3L/BLErD6l50xrUxDq9UFL4Qm177ky/vY0jgZH0nCqZqDKfzPebI1ogN YlS4= X-Gm-Gg: ASbGncsnqesovVmYtD+p7vGlFusi63EdOhAynesEKJp854z7VlIRNqICnZnZWmIhMhh fUGpdM0KfswXxCM0mnwwMOxDwlhFVp0f9N3jKasfJY0e76C9asgL3sAdUmKjgulCGaIxhzi8xGp zY4Qg+6dLanm3vdVRqfDH+iC3dJJFMNMN6/cJiHLHc5RX6MzVPDWvGS96PRPgwi4WNKvoK3s42v DIXh9DvgRh7jZ6+87174HTPn43oAEA5uJUuwolmhD8Q3iMoV8twO2bSpPrpjhAB2BeBrfm+fuss fHKj2GH5Y74j+6A4gc1T+0zYGwNsIdNwfQLBi7ro8OQAZLTYBmWuu7op7sniKsZvx49dAkAQLe4 wStJPBlGQGd754X8q/nufxUr1S9i29qPaEp/M8zqRY7peziqFqN4lzHBCAzwuAkRcrNXQLb8MqK aRkTI98vh7lUY618bPHBgWe91A+sw= X-Google-Smtp-Source: AGHT+IHCYEalNBcf2rP8UkJdXmKG53FZgpbmqUe5dixJPa3dg9s/LNequTByq2Jjly3AD2RW8YQ3pQ== X-Received: by 2002:a05:6602:2d8c:b0:948:a2aa:edc8 with SMTP id ca18e2360f4ac-948e0d43f0cmr1417662539f.4.1763328224471; Sun, 16 Nov 2025 13:23:44 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:43 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:15 -0700 Message-ID: <20251116212334.1603490-2-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: G7ELO5AOXUKR4QG54ZMXWPFLOMNNQQ5U X-Message-ID-Hash: G7ELO5AOXUKR4QG54ZMXWPFLOMNNQQ5U X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 01/14] test/py: Avoid pulling in Labgrid with tests List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: When Labgrid is installed as an editable package (pip install -e), pytest automatically loads it as a plugin. This can interfere with U-Boot's test suite. Disable automatic loading of the Labgrid pytest plugin to prevent conflicts. Signed-off-by: Simon Glass --- test/py/pytest.ini | 1 + 1 file changed, 1 insertion(+) diff --git a/test/py/pytest.ini b/test/py/pytest.ini index 361be0178ee..0a0268ec247 100644 --- a/test/py/pytest.ini +++ b/test/py/pytest.ini @@ -5,6 +5,7 @@ # Static configuration data for pytest. pytest reads this at startup time. [pytest] +addopts = -p no:labgrid markers = boardspec: U-Boot: Describes the set of boards a test can/can't run on. buildconfigspec: U-Boot: Describes Kconfig/config-header constraints. From patchwork Sun Nov 16 21:23:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 717 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=PbROMvkD; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id D1D1A68641 for ; Sun, 16 Nov 2025 14:23:56 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id wkFk3t-qCIdn for ; Sun, 16 Nov 2025 14:23:56 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id E65E56862B for ; Sun, 16 Nov 2025 14:23:54 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 6E836684C5 for ; Sun, 16 Nov 2025 14:23:51 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id OvTm_RkK48np for ; Sun, 16 Nov 2025 14:23:51 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.48; helo=mail-io1-f48.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f48.google.com (mail-io1-f48.google.com [209.85.166.48]) by mail.u-boot.org (Postfix) with ESMTPS id E21E9685F2 for ; Sun, 16 Nov 2025 14:23:48 -0700 (MST) Received: by mail-io1-f48.google.com with SMTP id ca18e2360f4ac-9486248f01bso125683739f.0 for ; Sun, 16 Nov 2025 13:23:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328227; x=1763933027; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=o/pCs5gUZRrgAbscDrn25UrOhS7c7yUamOyTi+ASi6Q=; b=PbROMvkDO9d+ZNbFyfCjcu+PJJWM0l+BLw63kr+IyrFJdyWYCSS7RBlQAbnTvY1xFQ 4iOZxf9+NlEFCAj4PJXKPe/2dCGtbKwXKyOv9+QanBW5eSScqnyLF2hDdrSgdwTC3Co8 /ok3kyvE+nM+QgGbi/41+heS55m1+PZqNDk6M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328227; x=1763933027; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=o/pCs5gUZRrgAbscDrn25UrOhS7c7yUamOyTi+ASi6Q=; b=lM85/yd+nVS1q9ai/Kn4BL+FEjKkejG5K6cJvKQO6BwDDgJ81m1ompk/dDHlF9XtGT T1l0Hrb51mZEf6rdljcHW96VlTiGvyaoR1dXERx8aOI7kr2VEi2p8X2YnhgWG6CTHe3f JhOY9gnSKuh36DM4dSGru65iy5dx0SjR1bvBtdeSYu1GPMm//whatTC8uGEPcPem7To+ 6JUwwzdtuD/W1TfIAqCDurDlzW42k7ovsYeQp7VZZSkt2rE9BTPISPwxwNfyQy2bK5k7 wEA2RSVk8JZ3bpWmKol0k04cnECbFKf3n/GkkhdeDgrqIFUmXeugqkeoCCcBETxBFI3X 8NzA== X-Gm-Message-State: AOJu0YwAqAmZI1TCR6ots8uZ2bGjtAflKndQ+Pp1c1sU6yfI6KTyxppX qbBF+bm19irCEGDkJWnNWkjY3Zcki5srOl1g5yHqK2XWLwxJKxLYcbgHfF5reZOE12bG14M9jYd xwnA= X-Gm-Gg: ASbGncsjht9dYnQtMPB693a9YRSNrsadKaJ6KgrWXeimB3hSadF9NAZZEfxl6UzVI72 V4hsHnx5/4q4kCEsIFgt7gHjJYuZiwSU8cbNTCiUQ8h3MUJtMjguyYQH9iNAOdaaoVViHVrd8yF w/eJxHUkikwFn8YZJwkfJ/rFVnj/Zv5InfTp0DRvK0mgreBFt7YiyxfOBLWFfrPLV2tdQHRYRuq Y9mm9KECQ7liTe3w/TSr1pg3sjrPzI/MLBtBvb2KdklnO1ssL554bvB3jMqPVDYvDYzrYFVBku4 wO/awsMASCyOPtttdHEa8UNu/dph98IHawOFs5rFxBXkgV59UOiMyO6LlVgGAJmFOJeUBZcZ5t+ 859mjg4Pyfxsgsvmz/GNuefjybwggXVl+Z/N2c0ldAyLP7oLxtd3l3jqW3O7SFsOvTgMDxl2otU I710309A9xnmCMEyvN X-Google-Smtp-Source: AGHT+IGeb16SxEVoJGU7Gl6uW/RGgXaFlBqrx818cosa+Dn7LiNkizYkb3Lz+aKPhlmuhXE9zaVx8Q== X-Received: by 2002:a05:6602:3416:b0:949:b4c:3875 with SMTP id ca18e2360f4ac-9490b4c4007mr110115439f.11.1763328227347; Sun, 16 Nov 2025 13:23:47 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:45 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:16 -0700 Message-ID: <20251116212334.1603490-3-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: YEMIGJQBZ3KZ5HWFG62YJBIXUA7KT6WO X-Message-ID-Hash: YEMIGJQBZ3KZ5HWFG62YJBIXUA7KT6WO X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 02/14] luks: Make essiv_decrypt() a shared function List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Both luks.c and luks2.c have similar implementations of essiv_decrypt(). Drop the version in the later to reduce code duplication. Drop the duplicate function comments while we are here, since exported functions should have the information in the header file. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks.c | 48 ++------------------------ drivers/block/luks2.c | 63 ----------------------------------- drivers/block/luks_internal.h | 18 ++++++++++ 3 files changed, 20 insertions(+), 109 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 923932c0dad..a7f5b436e12 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -195,20 +195,6 @@ static int af_hash(struct hash_algo *algo, size_t key_size, u8 *block_buf) return 0; } -/** - * af_merge() - Merge anti-forensic split key into original key - * - * This performs the LUKS AF-merge operation to recover the original key from - * its AF-split representation. The algorithm XORs all stripes together, - * applying diffusion between each stripe. - * - * @src: AF-split key material (key_size * stripes bytes) - * @dst: Output buffer for merged key (key_size bytes) - * @key_size: Size of the original key - * @stripes: Number of anti-forensic stripes - * @hash_spec: Hash algorithm name (e.g., "sha256") - * Return: 0 on success, -ve on error - */ int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes, const char *hash_spec) { @@ -250,23 +236,8 @@ int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes, return 0; } -/** - * essiv_decrypt() - Decrypt key material using ESSIV mode - * - * ESSIV (Encrypted Salt-Sector Initialization Vector) mode generates a unique - * IV for each sector by encrypting the sector number with a key derived from - * hashing the encryption key. - * - * @derived_key: Key derived from passphrase - * @key_size: Size of the encryption key in bytes - * @expkey: Expanded AES key for decryption - * @km: Encrypted key material buffer - * @split_key: Output buffer for decrypted key material - * @km_blocks: Number of blocks of key material - * @blksz: Block size in bytes - */ -static void essiv_decrypt(u8 *derived_key, uint key_size, u8 *expkey, u8 *km, - u8 *split_key, uint km_blocks, uint blksz) +void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, + u8 *km, u8 *split_key, uint km_blocks, uint blksz) { u8 essiv_expkey[AES256_EXPAND_KEY_LENGTH]; u8 essiv_key_material[SHA256_SUM_LEN]; @@ -576,21 +547,6 @@ out: return ret; } -/** - * luks_create_blkmap() - Create a blkmap device for a LUKS partition - * - * This creates and configures a blkmap device to provide access to the - * decrypted contents of a LUKS partition. The master key must already be - * unlocked using luks_unlock(). - * - * @blk: Block device containing the LUKS partition - * @pinfo: Partition information - * @master_key: Unlocked master key - * @key_size: Size of the master key in bytes - * @label: Label for the blkmap device - * @blkmapp: Output pointer for created blkmap device - * Return: 0 on success, -ve on error - */ int luks_create_blkmap(struct udevice *blk, struct disk_partition *pinfo, const u8 *master_key, u32 key_size, const char *label, struct udevice **blkmapp) diff --git a/drivers/block/luks2.c b/drivers/block/luks2.c index 4720f9d92ce..6836c372de2 100644 --- a/drivers/block/luks2.c +++ b/drivers/block/luks2.c @@ -454,69 +454,6 @@ out: return ret; } -/** - * essiv_decrypt() - Decrypt key material using ESSIV mode - * - * ESSIV (Encrypted Salt-Sector Initialization Vector) mode generates a unique - * IV for each sector by encrypting the sector number with a key derived from - * hashing the encryption key. - * - * @derived_key: Key derived from passphrase - * @key_size: Size of the encryption key in bytes - * @expkey: Expanded AES key for decryption - * @km: Encrypted key material buffer - * @split_key: Output buffer for decrypted key material - * @km_blocks: Number of blocks of key material - * @blksz: Block size in bytes - */ -static void essiv_decrypt(u8 *derived_key, uint key_size, u8 *expkey, - u8 *km, u8 *split_key, uint km_blocks, uint blksz) -{ - u8 essiv_expkey[AES256_EXPAND_KEY_LENGTH]; - u8 essiv_key_material[SHA256_SUM_LEN]; - u32 num_sectors = km_blocks; - u8 iv[AES_BLOCK_LENGTH]; - uint rel_sect; - - /* Generate ESSIV key by hashing the encryption key */ - log_debug("using ESSIV mode\n"); - sha256_csum_wd(derived_key, key_size, essiv_key_material, - CHUNKSZ_SHA256); - - log_debug_hex("ESSIV key[0-7]:", essiv_key_material, 8); - - /* Expand ESSIV key for AES */ - aes_expand_key(essiv_key_material, 256, essiv_expkey); - - /* - * Decrypt each sector with its own IV - * NOTE: sector number is relative to the key material buffer, - * not an absolute disk sector - */ - for (rel_sect = 0; rel_sect < num_sectors; rel_sect++) { - u8 sector_iv[AES_BLOCK_LENGTH]; - - /* Create IV: little-endian sector number padded to 16 bytes */ - memset(sector_iv, '\0', AES_BLOCK_LENGTH); - put_unaligned_le32(rel_sect, sector_iv); - - /* Encrypt sector number with ESSIV key to get IV */ - aes_encrypt(256, sector_iv, essiv_expkey, iv); - - /* Show the first sector for debugging */ - if (!rel_sect) { - log_debug("rel_sect %x, ", rel_sect); - log_debug_hex("IV[0-7]:", iv, 8); - } - - /* Decrypt this sector */ - aes_cbc_decrypt_blocks(key_size * 8, expkey, iv, - km + (rel_sect * blksz), - split_key + (rel_sect * blksz), - blksz / AES_BLOCK_LENGTH); - } -} - /** * decrypt_km_xts() - Decrypt key material using XTS mode * diff --git a/drivers/block/luks_internal.h b/drivers/block/luks_internal.h index 14d3839fe6a..3bc572cdfd9 100644 --- a/drivers/block/luks_internal.h +++ b/drivers/block/luks_internal.h @@ -27,6 +27,24 @@ int af_merge(const u8 *src, u8 *dst, size_t key_size, uint stripes, const char *hash_spec); +/** + * essiv_decrypt() - Decrypt key material using ESSIV mode + * + * ESSIV (Encrypted Salt-Sector Initialization Vector) mode generates a unique + * IV for each sector by encrypting the sector number with a key derived from + * hashing the encryption key. Used by both LUKS1 and LUKS2. + * + * @derived_key: Key derived from passphrase + * @key_size: Size of the encryption key in bytes + * @expkey: Expanded AES key for decryption + * @km: Encrypted key material buffer + * @split_key: Output buffer for decrypted key material + * @km_blocks: Number of blocks of key material + * @blksz: Block size in bytes + */ +void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, u8 *km, + u8 *split_key, uint km_blocks, uint blksz); + /** * unlock_luks2() - Unlock a LUKS2 partition with a passphrase * From patchwork Sun Nov 16 21:23:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 716 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=gnwl12Ww; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 8A27C6862A for ; Sun, 16 Nov 2025 14:23:56 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 8qY5L0jDq6Wo for ; Sun, 16 Nov 2025 14:23:56 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 885AE685EA for ; Sun, 16 Nov 2025 14:23:54 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 66890685BF for ; Sun, 16 Nov 2025 14:23:51 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id bb0V_exZItBm for ; Sun, 16 Nov 2025 14:23:51 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.51; helo=mail-io1-f51.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f51.google.com (mail-io1-f51.google.com [209.85.166.51]) by mail.u-boot.org (Postfix) with ESMTPS id E9E96684C5 for ; Sun, 16 Nov 2025 14:23:50 -0700 (MST) Received: by mail-io1-f51.google.com with SMTP id ca18e2360f4ac-948733e7810so138543039f.0 for ; Sun, 16 Nov 2025 13:23:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328229; x=1763933029; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=v4gevCGzqMdaWORKyTkNwcc7eeYnURnPZa1qn6bZEn0=; b=gnwl12WwTLJEEs/48SnNFHtR/mWiVgHfgaJviI8ZfhV79pr9+KaBWI5ZA5WlcaR3yB Z5ZsfIj59Wpl4jKJeShW75U0dzcHAuGBT4PqEBM57c6xnDKv6/gF+Wkax4YBNaRWvU/a 7LowBUb2TYWtoh+YIVFaSmua1WL2pu7sBK0Aw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328229; x=1763933029; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=v4gevCGzqMdaWORKyTkNwcc7eeYnURnPZa1qn6bZEn0=; b=UYZ+DJZAsQ4xQi8jwQ++7lmFkqt5R5HlXVwN61J79D+4LJNnSWWDe/hyTookzWCItv JBToMvMg6peZOfCGUcFsEICw0vey7O32rIcb+DdLWMB+LguDG+cStxQVJJ5kAdzm9Zms efZTJ9o1hP5SYd9bQWaOZzGFnA48unAJ3QSNtePeGpFSEeJ3F5StRjH2TSEx6GCrrUAL pg4ixXZuPEtypqj8IBCn4q39EZljCCL6HI4wfKnXPkLn66xA+sgdx3KS9HVaw5qX1Cw4 Jez/Xa6Bof2GyuxP0ZCRc1bD+RMLxbfIulMHTEMBkrHEw2PalBHAgRUt3LdVttYe0ZHu tS1A== X-Gm-Message-State: AOJu0Yxbr0JD7+NRIdrg5wUJL0wxUrW8p0oLLe2nsIYTvnKFN4JiarOa lTk4IGJwE4EPgu25Qtinirm6yz3F4JUzhGmFP+9JZSnaXPTNjjIqHnlrUe98l2ei7K2QPFayAqM xQgE= X-Gm-Gg: ASbGncsAH8nN6IhNtKcG7f37g8D4qcgKOcPTYsfvvy0DOPO7eC9l2A2KOge0t2f1flc D8Cy5Sp1tzpd4deW06ABNXMhMwWzSm1jTYjTHHoHA/cOcdDVxl5bz9lMOXfWuaAUa0NXWjre3xt ecEtODzW5pG8CzYN5StcheyASd21Xi42hbZlSiRLlrEyLqMtbMZVTgoSqvcCyDUGnftZCSuMsx0 UnRJRznQ9tvSlSP7INaKJnODJuK0HrW9oRnPzlpqaMfQnIT8a6uerCHvHm289Xpmf+Yoi7G7GgC Clbgm+6XsCsW58m8oxmvT3SUuEYQuUEA15DAB5fN7lU1+FxPETEGChvzyhJjpGXBe59ncF8BNJg 9HaNyWHzbfeSpiG0R0Myq76LEoJvgmBrjjB8Ssa9AohE2B400mw9Kp0zu6rgwAu/yLCsKPLYmei 2EnBD5K8DtEZGWS0KoKdur1f7kHbw= X-Google-Smtp-Source: AGHT+IFUn8JpJz2pQRry7/Guz90ZRL/2B7wdlnOCt9OWVwTTPBK+xCsHuK7MeXk1Tz8CglvSylBHsg== X-Received: by 2002:a02:a592:0:b0:5b7:c46d:f82e with SMTP id 8926c6da1cb9f-5b7c9de8cf8mr5218118173.18.1763328229315; Sun, 16 Nov 2025 13:23:49 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:48 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:17 -0700 Message-ID: <20251116212334.1603490-4-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: USMBW4XKZNGYVPQ5JMCAV44KYBR7KQRM X-Message-ID-Hash: USMBW4XKZNGYVPQ5JMCAV44KYBR7KQRM X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 03/14] luks: Tidy up debugging of unlock List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Name the derived key as such to avoid confusion. Fix a typo in nearby log_debug() statement. Update essiv_decrypt() to have a const * for its first argument. Signed-off-by: Simon Glass --- drivers/block/luks.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index a7f5b436e12..94139b4f56d 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -358,7 +358,7 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, /* Decrypt key material using derived key */ log_debug("expand key with key_size*8 %u bits\n", key_size * 8); - log_debug_hex("input key (derived_key) full:", derived_key, key_size); + log_debug_hex("derived_key", derived_key, key_size); aes_expand_key(derived_key, key_size * 8, expkey); log_debug_hex("expanded key [0-15]:", expkey, 16); @@ -405,7 +405,7 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, /* Check if the digest matches */ if (!memcmp(key_digest, hdr->mk_digest, LUKS_DIGESTSIZE)) { - log_debug("Uunlocked with key slot %d\n", slot_idx); + log_debug("Unlocked with key slot %d\n", slot_idx); return 0; } log_debug("key slot %d: wrong passphrase\n", slot_idx); From patchwork Sun Nov 16 21:23:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 718 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=VapWrKwR; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id CC337685F2 for ; Sun, 16 Nov 2025 14:23:59 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id dmbw_aVjtOOh for ; Sun, 16 Nov 2025 14:23:59 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id BAC10685C1 for ; Sun, 16 Nov 2025 14:23:59 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 1393868648 for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id L3QlHYlRtOEU for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.53; helo=mail-io1-f53.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f53.google.com (mail-io1-f53.google.com [209.85.166.53]) by mail.u-boot.org (Postfix) with ESMTPS id F08F6684C5 for ; Sun, 16 Nov 2025 14:23:52 -0700 (MST) Received: by mail-io1-f53.google.com with SMTP id ca18e2360f4ac-9490cbf951fso3704139f.1 for ; Sun, 16 Nov 2025 13:23:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328231; x=1763933031; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Aowu9OXBBQvYWOAWDnhHEdsGPjTqmuonYg61sHBkZ4s=; b=VapWrKwRsht0j5bHzcS6irVhzp/tGm0F+uhqh3oumRIkQnPPRMiZRBY0mDCXCU+/H0 T3Ojzis7oVlusqjMRt/Y6GKUox/Qufb3H82kGIgZeUTcpxg+lq/0YCbchR24tbG/gMdv BU5kfqXW4qaCgRcFd0ZjVMMpCwW3DdKc5RL/k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328231; x=1763933031; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Aowu9OXBBQvYWOAWDnhHEdsGPjTqmuonYg61sHBkZ4s=; b=lPsPZk2K6/Z/+lLBNBazalOQMqDEyfGEDzP7RHIsYBnA/bhH17ZA3+BFsHTPpA2zg0 rfn5fW7TPtSOJMgflJGzTzH/o/6BU4qoNB7ld+miNRKx/J0ln0CpDPxTvBFP3N0a35C6 o5qwWX+sx4tpACGbvaC22p61MChtPRkhltwV5Gb8gbdCUrbK22pVAF7GqfsMfFnbxQzo QmSnqEBSKLeMeb7xuN7mfaleZkKRXEL9e11oNoaIEvAZ4ZVAl0Png6ZNgRnvXPx9jTJp hBS9lCZNs0+ikaq0LctYlvGWwmb59axNHcnV7IOfGsYkdXGd0JPqCL5VaRkSKwWFtgLl n23Q== X-Gm-Message-State: AOJu0YziKv1urLNLVa3w9NfEbMy6ffOp7aBFNhDlCkIBfwyEr8GZhR4Z HuK6yJwI1rJDZQP8TeXkNSV4W6JBIi4BNktIw/D+VNy52YwsNQJOM/RT0hRO7xenOmX3T2Ofi5f u25k= X-Gm-Gg: ASbGncukB903FG4NxGGL47/0yQsoBnGfX0u2423u+ABsXO5Wut3X7xu5zIV3QSAsW2k yqRcOWrHXET1VpZGmzHhIsEigLcScnwmBbhnRFK32pEqSOeMo2JxYwWN23g4fwHvroasCx+80sd DFHdS0m/pLlWY4BZtiA9bfU34+Bd6rBX6InwPKnLOMSX60ux6b32MqbIsarB8jZpNxLjqcXoIxU M6MB0sF4g/4osKQQQhyiVcVogMZiV9bcsg5f1ydHF92uZfk5sph4YtfiABhhdN+uM2uXlFYHj13 HPYsXhJO84hOM0jbWXkP48iCxIzYZASK3qThOIYwaIurdIspNK95Y5ImdvCczvBHB60MVHSX2bX xf1tKta1No5utBjNCCUimRxkPNYrTxB++jG6vaS4/hNouYu9D96LJI4NMV0YhbHfNkyOshmROrR 7F71dUaPvyjEmP1JYH X-Google-Smtp-Source: AGHT+IHL2afcGcKBsD6QMAHfuyx8EI62PoS0EcBQ/ZfgwUdvJmGdMwMsTAEjJJ5rKan7gDWh9KI5Ng== X-Received: by 2002:a05:6602:2c02:b0:948:a9aa:1748 with SMTP id ca18e2360f4ac-948e0e45977mr1302409439f.17.1763328231405; Sun, 16 Nov 2025 13:23:51 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:50 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:18 -0700 Message-ID: <20251116212334.1603490-5-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: JVFLLEIFIWDCPCEFD2CHPNMEGG5QAFCV X-Message-ID-Hash: JVFLLEIFIWDCPCEFD2CHPNMEGG5QAFCV X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 04/14] luks: Update try_keyslot() to allow a bytestring List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: In preparation for supporting unlock using binary data, update try_keyslot() to accept an array of bytes instead of a string. Signed-off-by: Simon Glass --- drivers/block/luks.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 94139b4f56d..6a1e6f9a3ca 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -295,6 +295,7 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, * @hdr: LUKS header * @slot_idx: Key slot index to try * @pass: Passphrase to try + * @pass_len: Length of passphrase * @md_type: Hash algorithm type * @key_size: Size of the key * @derived_key: Buffer for derived key (key_size bytes) @@ -308,9 +309,10 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, */ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, struct luks1_phdr *hdr, int slot_idx, - const char *pass, mbedtls_md_type_t md_type, - uint key_size, u8 *derived_key, u8 *km, uint km_blocks, - u8 *split_key, u8 *candidate_key) + const u8 *pass, size_t pass_len, + mbedtls_md_type_t md_type, + uint key_size, u8 *derived_key, u8 *km, + uint km_blocks, u8 *split_key, u8 *candidate_key) { struct luks1_keyslot *slot = &hdr->key_slot[slot_idx]; uint iters, km_offset, stripes, split_key_size; @@ -324,7 +326,7 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, if (be32_to_cpu(slot->active) != LUKS_KEY_ENABLED) return -ENOENT; - log_debug("trying key slot %d...\n", slot_idx); + log_debug("trying key slot %d (pass len=%zu)...\n", slot_idx, pass_len); iters = be32_to_cpu(slot->iterations); km_offset = be32_to_cpu(slot->key_material_offset); @@ -332,14 +334,13 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, split_key_size = key_size * stripes; /* Derive key from passphrase using PBKDF2 */ - log_debug("PBKDF2(pass '%s'[len %zu], ", pass, strlen(pass)); + log_debug("PBKDF2(pass len=%zu, ", pass_len); log_debug_hex("salt[0-7]", (u8 *)slot->salt, 8); log_debug("iter %u, keylen %u)\n", iters, key_size); - ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, (const u8 *)pass, - strlen(pass), + ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, pass, pass_len, (const u8 *)slot->salt, - LUKS_SALTSIZE, iters, key_size, - derived_key); + LUKS_SALTSIZE, iters, + key_size, derived_key); if (ret) { log_debug("PBKDF2 failed: %d\n", ret); return -EPROTO; @@ -360,7 +361,9 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, log_debug("expand key with key_size*8 %u bits\n", key_size * 8); log_debug_hex("derived_key", derived_key, key_size); + /* Decrypt key material */ aes_expand_key(derived_key, key_size * 8, expkey); + log_debug_hex("expanded key [0-15]:", expkey, 16); /* Decrypt with CBC mode: first check if ESSIV is used */ @@ -369,10 +372,8 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, km_blocks, desc->blksz); } else { /* Plain CBC with zero IV */ + log_debug("using plain CBC mode\n"); memset(iv, '\0', sizeof(iv)); - log_debug("using plain CBC with zero IV\n"); - log_debug("decrypting %u blocks\n", - split_key_size / AES_BLOCK_LENGTH); aes_cbc_decrypt_blocks(key_size * 8, expkey, iv, km, split_key, split_key_size / AES_BLOCK_LENGTH); } @@ -514,9 +515,10 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, /* Try each key slot */ for (i = 0; i < LUKS_NUMKEYS; i++) { - ret = try_keyslot(blk, pinfo, hdr, i, pass, md_type, - *key_size, derived_key, km, km_blocks, - split_key, candidate_key); + ret = try_keyslot(blk, pinfo, hdr, i, (const u8 *)pass, + strlen(pass), md_type, *key_size, + derived_key, km, km_blocks, split_key, + candidate_key); if (!ret) { /* Successfully unlocked */ From patchwork Sun Nov 16 21:23:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 719 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=MoAHRqnk; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 377666862B for ; Sun, 16 Nov 2025 14:24:02 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id SQfQPU9-6er2 for ; Sun, 16 Nov 2025 14:24:02 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 32705685C1 for ; Sun, 16 Nov 2025 14:24:00 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 244E7684C5 for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 9HY1RroxilQZ for ; Sun, 16 Nov 2025 14:23:57 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.54; helo=mail-io1-f54.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f54.google.com (mail-io1-f54.google.com [209.85.166.54]) by mail.u-boot.org (Postfix) with ESMTPS id 5BD93685C6 for ; Sun, 16 Nov 2025 14:23:56 -0700 (MST) Received: by mail-io1-f54.google.com with SMTP id ca18e2360f4ac-9490cbf951fso3704539f.1 for ; Sun, 16 Nov 2025 13:23:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328234; x=1763933034; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Zxhdpn887YrarsN3WoiU/zWWvvrex2VCrXIzVdSS2II=; b=MoAHRqnkAAB3guMltDryDph+4GNx0JkcfqjZUVDZacu0Yo8kZ92iAcLgmXEVdZ9Esh EM65IL9dFLMMTfymWvBDtyOk97Q8Gw2Cm8rwHDKAkhj6aaiIGb0LJbl1wwtm4sKrbepu P4eQfDzU3sybFPUWg+i+rijbpgvZw+tIBE/yw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328234; x=1763933034; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Zxhdpn887YrarsN3WoiU/zWWvvrex2VCrXIzVdSS2II=; b=YQ2hZwWJF/Nd9gj/ENW4GQ0lrld4yppgPWrRZqMmmJ//IFh2bKOmJc7vKlJghgHzR1 eYPkp6AjpsXMb3UecnEP0tdtg+nKK5Mo3KiPDe6O4L2CSyRTmg4Xyt+bgMPNXqtC3k0n S7LRBOvNjFCAiUtabELnEfPT+qMrgUYLNNFiXEXzk8TgMETfSMQzTnzpipfAMvkzhGu+ Xmd1lqbiyXC+ZciaZBZ25UG4csi0UZjzo8qMh/uZa7sRuwRPNJtK0T1cQM0pN6rou2iT g5bbZ+oihV9fM5pt3aedToYJg/bpmnIw7PIGaPNzu9Dsot3soGfIDeVABqYljAMTWd8o AsTg== X-Gm-Message-State: AOJu0YxPyUr3yPVRo8G5OM4OWmlR6NmUo5iA3dbuIfyYyZVu9BmR6AnM fh26ZoZyPxZSFBWBZ+Pgfc3Jv14G43Ao+KM6hocggC+kIt6jYL6dtfFDy1KtxMkvdmV9/ROoCTS 3mPE= X-Gm-Gg: ASbGncuUqXfNJdzPh+VFmwvsQBN0IbZXpL98XV5GxIOKnonXEdGjaWYvlWL1Ne/Hdk7 cdl4IVZfIJARcZxOtiO9x2kntw1FVUMuFjv32xwq7kHaiVA5DNSshm1G2+M6QB1FxFl5OlmwdYV rZ5FwD+2xhTRfhKewa8S5E8d4SXNXpx1ojtQKLrDEwo/WOYBb2AJ2aIBb87EjtEk97QEJR42v6N LQ5y7D2tekXoUzD9++0SO4otVty/Sn67oHoDo5KQzPh3lGgH3iLCzOaKcqlARkxwHwMLi9320o4 4ZfxM9Apjhp1WdSzfRk7ZvKVCqFAhYUiF0oAnrLvOWwMV9UXFMUT3shPrIA1PKryYBYvv6Fl5i+ yiR2R/lSGxAnoAhhy0StuPFh0IiYdE9s57eO3jkLSoeXYpSXcrpzd6WV5qRruJXhheRf1Xbo4Sj GKoRiszEJoORkcnonpTArzqaTQHDA= X-Google-Smtp-Source: AGHT+IGbRq6ddSw/uNBJmIQ3RAnUn+FoMq7PTjQo8KcaTabmWFKcn81PQ2t0Vf5b67RkjN7c0xvK3A== X-Received: by 2002:a05:6602:2d8c:b0:948:a2aa:edc8 with SMTP id ca18e2360f4ac-948e0d43f0cmr1417697139f.4.1763328234352; Sun, 16 Nov 2025 13:23:54 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:52 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:19 -0700 Message-ID: <20251116212334.1603490-6-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: QDI5QSHLL4QVT7C5IXZ6UEQKJAGVAAI2 X-Message-ID-Hash: QDI5QSHLL4QVT7C5IXZ6UEQKJAGVAAI2 X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 05/14] luks: Update unlock_luks2() to take binary passphrase List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Update unlock_luks2() and related functions to accept a binary passphrase instead of a string passphrase. This will allow unlocking using hashed data. For now this is internal to the luks implementation. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks.c | 3 ++- drivers/block/luks2.c | 41 ++++++++++++++++++++--------------- drivers/block/luks_internal.h | 4 +++- 3 files changed, 28 insertions(+), 20 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 6a1e6f9a3ca..93b50dd105a 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -452,7 +452,8 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, version = be16_to_cpu(*(__be16 *)(buffer + LUKS_MAGIC_LEN)); if (version == LUKS_VERSION_2) - return unlock_luks2(blk, pinfo, pass, master_key, key_size); + return unlock_luks2(blk, pinfo, (const u8 *)pass, strlen(pass), + master_key, key_size); if (version != LUKS_VERSION_1) { log_debug("unsupported LUKS version %d\n", version); diff --git a/drivers/block/luks2.c b/drivers/block/luks2.c index 6836c372de2..57e6b9f37d9 100644 --- a/drivers/block/luks2.c +++ b/drivers/block/luks2.c @@ -586,8 +586,9 @@ static int decrypt_km_cbc(u8 *derived_key, uint key_size, const char *encrypt, * Return: 0 on success, negative error code on failure */ static int try_keyslot_pbkdf2(struct udevice *blk, struct disk_partition *pinfo, - const struct luks2_keyslot *ks, const char *pass, - mbedtls_md_type_t md_type, u8 *cand_key) + const struct luks2_keyslot *ks, const u8 *pass, + size_t pass_len, mbedtls_md_type_t md_type, + u8 *cand_key) { struct blk_desc *desc = dev_get_uclass_plat(blk); int ret, km_blocks, size; @@ -597,10 +598,10 @@ static int try_keyslot_pbkdf2(struct udevice *blk, struct disk_partition *pinfo, log_debug("LUKS2: trying keyslot with %u iters\n", ks->kdf.iters); /* Derive key from passphrase */ - ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, (const u8 *)pass, - strlen(pass), ks->kdf.salt, - ks->kdf.salt_len, ks->kdf.iters, - ks->area.key_size, derived_key); + ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, pass, pass_len, + ks->kdf.salt, ks->kdf.salt_len, + ks->kdf.iters, ks->area.key_size, + derived_key); if (ret) return -EPROTO; @@ -655,8 +656,8 @@ out: /* Unlock using Argon2 keyslot */ static int try_keyslot_argon2(struct udevice *blk, struct disk_partition *pinfo, - const struct luks2_keyslot *ks, const char *pass, - u8 *cand_key) + const struct luks2_keyslot *ks, const u8 *pass, + size_t pass_len, u8 *cand_key) { struct blk_desc *desc = dev_get_uclass_plat(blk); int ret, km_blocks, size; @@ -667,11 +668,11 @@ static int try_keyslot_argon2(struct udevice *blk, struct disk_partition *pinfo, ks->kdf.time, ks->kdf.memory, ks->kdf.cpus); /* Derive key from passphrase using Argon2id */ - log_debug("LUKS2 Argon2: passphrase='%s', t=%u, m=%u, p=%u, saltlen=%d, keylen=%u\n", - pass, ks->kdf.time, ks->kdf.memory, ks->kdf.cpus, + log_debug("LUKS2 Argon2: pass_len=%zu, t=%u, m=%u, p=%u, saltlen=%d, keylen=%u\n", + pass_len, ks->kdf.time, ks->kdf.memory, ks->kdf.cpus, ks->kdf.salt_len, ks->area.key_size); ret = argon2id_hash_raw(ks->kdf.time, ks->kdf.memory, ks->kdf.cpus, - pass, strlen(pass), ks->kdf.salt, + pass, pass_len, ks->kdf.salt, ks->kdf.salt_len, derived_key, ks->area.key_size); if (ret) { @@ -826,8 +827,9 @@ static int verify_master_key(const struct luks2_digest *digest, static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, ofnode keyslot_node, const struct luks2_digest *digest, - mbedtls_md_type_t md_type, const char *pass, - u8 *master_key, uint *key_sizep) + mbedtls_md_type_t md_type, const u8 *pass, + size_t pass_len, u8 *master_key, + uint *key_sizep) { struct luks2_keyslot keyslot; u8 cand_key[128]; @@ -846,12 +848,13 @@ static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, /* Try the keyslot using the appropriate KDF */ if (keyslot.kdf.type == LUKS2_KDF_PBKDF2) { log_debug("LUKS2: calling try_keyslot_pbkdf2\n"); - ret = try_keyslot_pbkdf2(blk, pinfo, &keyslot, pass, md_type, - cand_key); + ret = try_keyslot_pbkdf2(blk, pinfo, &keyslot, pass, pass_len, + md_type, cand_key); } else { /* Argon2 (already checked for CONFIG_ARGON2 support) */ log_debug("LUKS2: calling try_keyslot_argon2\n"); - ret = try_keyslot_argon2(blk, pinfo, &keyslot, pass, cand_key); + ret = try_keyslot_argon2(blk, pinfo, &keyslot, pass, pass_len, + cand_key); } log_debug("LUKS2: keyslot try returned %d\n", ret); @@ -874,7 +877,8 @@ static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, } int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, - const char *pass, u8 *master_key, uint *key_sizep) + const u8 *pass, size_t pass_len, u8 *master_key, + uint *key_sizep) { ofnode keyslots_node, keyslot_node; struct luks2_digest digest; @@ -892,7 +896,8 @@ int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, ret = -EACCES; ofnode_for_each_subnode(keyslot_node, keyslots_node) { ret = try_unlock_keyslot(blk, pinfo, keyslot_node, &digest, - md_type, pass, master_key, key_sizep); + md_type, pass, pass_len, master_key, + key_sizep); if (!ret) /* Successfully unlocked! */ break; diff --git a/drivers/block/luks_internal.h b/drivers/block/luks_internal.h index 3bc572cdfd9..6b0e41267ff 100644 --- a/drivers/block/luks_internal.h +++ b/drivers/block/luks_internal.h @@ -51,11 +51,13 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, u8 *km, * @blk: Block device * @pinfo: Partition information * @pass: Passphrase to unlock the partition + * @pass_len: Length of the passphrase in bytes * @master_key: Buffer to receive the decrypted master key * @key_sizep: Returns the key size * Return: 0 on success, -ve on error */ int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, - const char *pass, u8 *master_key, uint *key_sizep); + const u8 *pass, size_t pass_len, u8 *master_key, + uint *key_sizep); #endif /* __LUKS_INTERNAL_H__ */ From patchwork Sun Nov 16 21:23:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 720 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=hgFnXg78; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id A8AE6685F2 for ; Sun, 16 Nov 2025 14:24:06 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id pUUCJt-dRRpt for ; Sun, 16 Nov 2025 14:24:06 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 989CF685C8 for ; Sun, 16 Nov 2025 14:24:06 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 80715685C1 for ; Sun, 16 Nov 2025 14:24:04 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id h--Q_iOJY0Tj for ; Sun, 16 Nov 2025 14:24:04 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.43; helo=mail-io1-f43.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f43.google.com (mail-io1-f43.google.com [209.85.166.43]) by mail.u-boot.org (Postfix) with ESMTPS id BD4FA685BF for ; Sun, 16 Nov 2025 14:23:58 -0700 (MST) Received: by mail-io1-f43.google.com with SMTP id ca18e2360f4ac-94861514a5cso289424339f.1 for ; Sun, 16 Nov 2025 13:23:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328237; x=1763933037; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=817GTrkM4W1obeC1cfpVyI/joIo3aKJqVJtKyyFPmZ0=; b=hgFnXg784nJK8rdlhU7E/HerqxFlfQ8Cz2g0Fn96bK8Ey4jy8P8F32ucFyNI0WUsU6 LuMZPT6yf97hWZlrOhgnOGh/akyGWl1SO52CjptTyafdaOEtQH8GplJbsoT4Y8lDc3UG tyqJk+c3ernJ11fxhMbcv7tFg5E0Xks4XDasw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328237; x=1763933037; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=817GTrkM4W1obeC1cfpVyI/joIo3aKJqVJtKyyFPmZ0=; b=iExEs62xVVZJyTUpiJ2kGCFpMfE6O+EcjtUNEQV+LFM0JBOUWv2YubCd6lAORMoO8P VQ8gbiMd252G6y1YQ1UAz2fLTh/bAX5mL4JGrTZikXSS1Xvlu0Xgo73Mpn2Si47Om5+k o1w55cOF2oTx6LK/+Hq8RZcX5DEOf4l2awyKi2J7kWTgpRdYC4rt91DARcIqTm7pKf/d yFakRUqp3C0FZkWYtyulvU7rhKMaDcoo3AXBbxnuuiN0FC6Zww7uAqILD9Oz/cRME/AC Fhb0ZnaCo2vRVOVxDu6o9Q3+gnwNZxa8psjAFrOgtOUckIfNUtZubXZOu0TU5gBTLrz/ gHSQ== X-Gm-Message-State: AOJu0Yzk4gBIpf/JvqFYuidmAOFNQlIydb8/j3Pv90Irwr0FnhCyhypJ PCfdTP2PFFylgCi6x2p/e6nJUv/fSAz7vYpYiIpnzQ/txMKRLwKfiBrkRngTzONpA8zHrPGSDHX k62I= X-Gm-Gg: ASbGncu3YIybWuOSYPDYelWu6YMvDmtHXBIe7YjI7b20QbQ3qDI02ryPaxoXWPtCoFF QewUSXVg4o5MEj8HOZAvwEc9sa4NMWUA11zdCIeBhFkCpWyVP8H5ZqOSEUHVS27R/0WuN2SFE1Q dIfE1x6QwrqAWdC4oViGKy+vdBdvK5erwIvh/XcBqDDii+H4OeFNU4k7vM0NJLUsRK8LAuTCKDo gcDcJ0XbijGAp3Y+uHydn2e2Hfl3NAb6cEm1YUAJ4WsdaNeVDxwmOSOWrGpAZnRh6UT2aXhK3zB B5kLHrsOD/PKmVJooAiLvNlqWvQcPOfkOOvRMdhl5qH8iH17EYXSOnpKRJxJ4PwXjhUX7A8cD5w Rz/qPxqeVSjfTkKpuuW1FWZsrFHMi0Zqvdm1RpQMBy0hxukKlctw0X7X6MpfoLYu9paHWdwmXDI OaaNfYV/g4gi9yPQNk X-Google-Smtp-Source: AGHT+IFTeK75TuqGJ1kSopCd98rNY7UPvNlYUlKRrL0C3/WG4OJNiZMwPDeoLicUdXrrvYGS5hj/bA== X-Received: by 2002:a02:c042:0:b0:5ad:751:f088 with SMTP id 8926c6da1cb9f-5b7c9df4947mr4962409173.13.1763328237237; Sun, 16 Nov 2025 13:23:57 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:55 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:20 -0700 Message-ID: <20251116212334.1603490-7-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: LMF56DECFEKKKWORAQ5MUFIAMGOMVGUR X-Message-ID-Hash: LMF56DECFEKKKWORAQ5MUFIAMGOMVGUR X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 06/14] luks: Update luks_unlock() to take binary passphrase List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Update luks_unlock() to accept a binary passphrase, to match the LUKS2 implementation. Co-developed-by: Claude Signed-off-by: Simon Glass --- cmd/luks.c | 4 ++-- drivers/block/luks.c | 14 +++++++------- include/luks.h | 4 +++- test/boot/luks.c | 4 ++-- 4 files changed, 14 insertions(+), 12 deletions(-) diff --git a/cmd/luks.c b/cmd/luks.c index c1e8035e685..defd987776d 100644 --- a/cmd/luks.c +++ b/cmd/luks.c @@ -88,8 +88,8 @@ static int do_luks_unlock(struct cmd_tbl *cmdtp, int flag, int argc, printf("Unlocking LUKS%d partition...\n", version); /* Unlock the partition to get the master key */ - ret = luks_unlock(dev_desc->bdev, &info, passphrase, master_key, - &key_size); + ret = luks_unlock(dev_desc->bdev, &info, (const u8 *)passphrase, + strlen(passphrase), master_key, &key_size); if (ret) { printf("Failed to unlock LUKS partition (err %dE)\n", ret); return CMD_RET_FAILURE; diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 93b50dd105a..96180d39b4e 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -415,7 +415,8 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, } int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, - const char *pass, u8 *master_key, u32 *key_size) + const u8 *pass, size_t pass_len, u8 *master_key, + u32 *key_size) { uint version, split_key_size, km_blocks, hdr_blocks; u8 *split_key, *derived_key; @@ -452,8 +453,8 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, version = be16_to_cpu(*(__be16 *)(buffer + LUKS_MAGIC_LEN)); if (version == LUKS_VERSION_2) - return unlock_luks2(blk, pinfo, (const u8 *)pass, strlen(pass), - master_key, key_size); + return unlock_luks2(blk, pinfo, pass, pass_len, master_key, + key_size); if (version != LUKS_VERSION_1) { log_debug("unsupported LUKS version %d\n", version); @@ -516,10 +517,9 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, /* Try each key slot */ for (i = 0; i < LUKS_NUMKEYS; i++) { - ret = try_keyslot(blk, pinfo, hdr, i, (const u8 *)pass, - strlen(pass), md_type, *key_size, - derived_key, km, km_blocks, split_key, - candidate_key); + ret = try_keyslot(blk, pinfo, hdr, i, pass, pass_len, md_type, + *key_size, derived_key, km, km_blocks, + split_key, candidate_key); if (!ret) { /* Successfully unlocked */ diff --git a/include/luks.h b/include/luks.h index 6c39db7a2d2..8826fa96507 100644 --- a/include/luks.h +++ b/include/luks.h @@ -146,6 +146,7 @@ int luks_show_info(struct udevice *blk, struct disk_partition *pinfo); * @blk: Block device * @pinfo: Partition information * @pass: Passphrase to unlock the partition + * @pass_len: Length of the passphrase in bytes * @master_key: Buffer to receive the decrypted master key * @key_size: Size of the master_key buffer * Return: 0 on success, @@ -157,7 +158,8 @@ int luks_show_info(struct udevice *blk, struct disk_partition *pinfo); * -EIO if failed to read from block device */ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, - const char *pass, u8 *master_key, u32 *key_size); + const u8 *pass, size_t pass_len, u8 *master_key, + u32 *key_size); /** * luks_create_blkmap() - Create a blkmap device for a LUKS partition diff --git a/test/boot/luks.c b/test/boot/luks.c index 6bf613f3b08..93cc8ce6681 100644 --- a/test/boot/luks.c +++ b/test/boot/luks.c @@ -274,8 +274,8 @@ static int bootstd_test_luks2_unlock(struct unit_test_state *uts) /* Test that unlock fails for partition 1 (not LUKS) */ ut_assertok(part_get_info(desc, 1, &info)); - ut_asserteq(-ENOENT, luks_unlock(desc->bdev, &info, "test", master_key, - &key_size)); + ut_asserteq(-ENOENT, luks_unlock(desc->bdev, &info, (const u8 *)"test", + 4, master_key, &key_size)); /* Test unlocking partition 2 with correct passphrase */ ut_assertok(run_command("luks unlock mmc c:2 test", 0)); From patchwork Sun Nov 16 21:23:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 721 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=h/80qwzK; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 072AD685C6 for ; Sun, 16 Nov 2025 14:24:09 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id F2Fprh39fN8f for ; Sun, 16 Nov 2025 14:24:08 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 6D905685F2 for ; Sun, 16 Nov 2025 14:24:07 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 89A56685BF for ; Sun, 16 Nov 2025 14:24:04 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 9-1oa0RyxHtk for ; Sun, 16 Nov 2025 14:24:04 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.44; helo=mail-io1-f44.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f44.google.com (mail-io1-f44.google.com [209.85.166.44]) by mail.u-boot.org (Postfix) with ESMTPS id D5747685EA for ; Sun, 16 Nov 2025 14:24:01 -0700 (MST) Received: by mail-io1-f44.google.com with SMTP id ca18e2360f4ac-94903ea3766so36817639f.3 for ; Sun, 16 Nov 2025 13:24:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328240; x=1763933040; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=y83xvCGFcDAVbWjPQRduD+nbD/YVk/tXuRhRGGlM22Q=; b=h/80qwzKEQI5pN5mp2jP1BUj+f7jNdMN5Ie/P6wG3rmC1d9Da32WzxC94vx3muL/Dy Lpdp8EBtngwX9TqoLOKuUXznIhXz/aAMGIfSLeS9Dr489BjhK7SOrGKFdyrYSAEGy0uG N9gAXahnw3oBSeBUTXrrVlm8UIM0KjG0XcIeY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328240; x=1763933040; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=y83xvCGFcDAVbWjPQRduD+nbD/YVk/tXuRhRGGlM22Q=; b=ar4PAZTimxxCPBev7spU+c9D6PUzZCjUq4J+St4DEvBRgaS9h079TSaUZVc1P9A3pi vyFY8MByj1y5eFGDcuhOjozL4JwfR90NhFbUlUTRSa6uR3P7W6GRCwwDBxCVEgUJoW5h oFpKs+/cdF7TUhkfrhZDUISkvjUB1Yky5O/P8PMZaXBIVICVPUV+4jas/fQD7xAmOu0u RT4uxVve5aE5KI+VFO3L4yqYZrOFK2BL2S6+L2raBaEUlJUf+HxxsyY2y59hNodeDVM5 F6sz6IgmlFgIJlVuf9jn2Jp3YdE9hVx76bNctBEPiVAnI6pzotUy7Om0aIR76qyEg+it cXjQ== X-Gm-Message-State: AOJu0YxxAwPBGaf60ai9vy5Kq+spYpbp75OJfeJKkUcTzRvAr8BVsOCL d0DPmho5Cw3syYtlJpkwYmk+eRTrP8f1gpxSX9zjnImRoIR3YuALgmEHu4dt1Vr02U4aAsDIR/F HpPk= X-Gm-Gg: ASbGnctEG6XrCdpkhZrOuvPRNKS252w0hPbomlw+rKSyv6bZzwSDLC87kBQJ3Yhgo6e /5h+/00F9LuIfyEO1ceQMQhkEtEzid/S6xvHTRIRykA0/xmeFtKdEvg1uDySq3ZLSd7BJDnTv38 ojf30KYJOlBEnVtxWpDeCvdbShouMyPZ69xVnZtAxUXx2sK8gH94H1Vf2xGgwLvK4k/94Bq1w4e XGlliXrKlY5CcqPXBlQrkdFoekuJ6OaR6alsz9xAxkA9TjsupmJWtgE0hJKfhu/PpVfGZf/4gWe QFWRYQcHopD55X8QQQbsEzxrsN7r0VdovdAP1Mx4P8e5z19TMNrNEGl3CqWsdi1QBwIAT3Fw7Eo eJP0t81k+OinRuDxrcxhGxnudEdHIWauQYl22GtrITkaNn4mG1NWjl++VVGOFzLN+7LKTom8qzB Z0hpXz2ywQfXpenMSF3jbgaHX6JiQ= X-Google-Smtp-Source: AGHT+IFZ8zmQyN/QSBg/T+zR5XfRVNNtXvMaakufiJH/eUHElYXMxcgESJ0mOyWmgcKkfVnvME3bzw== X-Received: by 2002:a05:6638:650f:b0:5b7:d710:661a with SMTP id 8926c6da1cb9f-5b7d7106700mr5969061173.21.1763328240199; Sun, 16 Nov 2025 13:24:00 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.23.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:23:58 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:21 -0700 Message-ID: <20251116212334.1603490-8-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: FUREF4N6POCE4OVMED25WDWBVIWNLYXK X-Message-ID-Hash: FUREF4N6POCE4OVMED25WDWBVIWNLYXK X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 07/14] luks: Extract PBKDF2 key derivation into separate function List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Create a new derive_key_pbkdf2() function to handle key derivation, to allow this be called from other places and to reduce the size of try_keyslot() Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks.c | 56 ++++++++++++++++++++++++++++++++------------ 1 file changed, 41 insertions(+), 15 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 96180d39b4e..48f281ef77c 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -287,6 +287,42 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, } } +/** + * derive_key_pbkdf2() - Derive key from passphrase using PBKDF2 + * + * @slot: LUKS keyslot containing salt and iteration count + * @pass: Passphrase + * @pass_len: Length of passphrase + * @md_type: Hash algorithm type + * @key_size: Size of the key to derive + * @derived_key: Buffer for derived key (key_size bytes) + * Return: 0 on success, -EPROTO on error + */ +static int derive_key_pbkdf2(struct luks1_keyslot *slot, const u8 *pass, + size_t pass_len, mbedtls_md_type_t md_type, + uint key_size, u8 *derived_key) +{ + uint iters = be32_to_cpu(slot->iterations); + int ret; + + /* Derive key from passphrase using PBKDF2 */ + log_debug("PBKDF2(pass len=%zu, ", pass_len); + log_debug_hex("salt[0-7]", (u8 *)slot->salt, 8); + log_debug("iter %u, keylen %u)\n", iters, key_size); + ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, pass, pass_len, + (const u8 *)slot->salt, + LUKS_SALTSIZE, iters, + key_size, derived_key); + if (ret) { + log_debug("PBKDF2 failed: %d\n", ret); + return -EPROTO; + } + + log_debug_hex("derived_key[0-7]", derived_key, 8); + + return 0; +} + /** * try_keyslot() - Unlock a LUKS key slot with a passphrase * @@ -315,7 +351,7 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, uint km_blocks, u8 *split_key, u8 *candidate_key) { struct luks1_keyslot *slot = &hdr->key_slot[slot_idx]; - uint iters, km_offset, stripes, split_key_size; + uint km_offset, stripes, split_key_size; struct blk_desc *desc = dev_get_uclass_plat(blk); u8 expkey[AES256_EXPAND_KEY_LENGTH]; u8 key_digest[LUKS_DIGESTSIZE]; @@ -328,25 +364,15 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, log_debug("trying key slot %d (pass len=%zu)...\n", slot_idx, pass_len); - iters = be32_to_cpu(slot->iterations); km_offset = be32_to_cpu(slot->key_material_offset); stripes = be32_to_cpu(slot->stripes); split_key_size = key_size * stripes; /* Derive key from passphrase using PBKDF2 */ - log_debug("PBKDF2(pass len=%zu, ", pass_len); - log_debug_hex("salt[0-7]", (u8 *)slot->salt, 8); - log_debug("iter %u, keylen %u)\n", iters, key_size); - ret = mbedtls_pkcs5_pbkdf2_hmac_ext(md_type, pass, pass_len, - (const u8 *)slot->salt, - LUKS_SALTSIZE, iters, - key_size, derived_key); - if (ret) { - log_debug("PBKDF2 failed: %d\n", ret); - return -EPROTO; - } - - log_debug_hex("derived_key[0-7]", derived_key, 8); + ret = derive_key_pbkdf2(slot, pass, pass_len, md_type, key_size, + derived_key); + if (ret) + return ret; /* Read encrypted key material */ ret = blk_read(blk, pinfo->start + km_offset, km_blocks, km); From patchwork Sun Nov 16 21:23:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 722 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=G4loMmMH; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 785DF684C5 for ; Sun, 16 Nov 2025 14:24:11 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id DzeqDW0BqUtQ for ; Sun, 16 Nov 2025 14:24:11 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id D103F685BF for ; Sun, 16 Nov 2025 14:24:10 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 41DD46864C for ; Sun, 16 Nov 2025 14:24:09 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 3LslgEaXFc4N for ; Sun, 16 Nov 2025 14:24:09 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.44; helo=mail-io1-f44.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f44.google.com (mail-io1-f44.google.com [209.85.166.44]) by mail.u-boot.org (Postfix) with ESMTPS id 995D8685BF for ; Sun, 16 Nov 2025 14:24:04 -0700 (MST) Received: by mail-io1-f44.google.com with SMTP id ca18e2360f4ac-9490a482b7bso11893339f.1 for ; Sun, 16 Nov 2025 13:24:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328243; x=1763933043; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=GiBjr1H7KWTRMc/cXkRBV7ljw6t6o02DxD3en/kIAX0=; b=G4loMmMHlsYNG2oaY96t+CoPgnB5TMLjPqGXldrO92wUrqaKz5D6/fQVKjuuH49iF8 RCi2vbk1w2sfXlGC7H9ElU+MYER8MUb/TR9nmMIdpIuvDNjgXz1EW3OZv/HCoiHGCVct YEzmJHTnIPztZBtwmk6ILMhYKM1aWwA+Ml0Vk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328243; x=1763933043; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=GiBjr1H7KWTRMc/cXkRBV7ljw6t6o02DxD3en/kIAX0=; b=cnmPXjkXNXlsZr6pwRtuem9lh6UsituQNRLPIgOnwR5z3IpQEbzQEcYNZABfxq4ulW MvVTStk1gCnX4yf6NOHPx2WSx7GeLiv1eoSyRWbRa5W+15xiZKX5FT3PZwfDbxYZrl5n JbN6wAv9YErO+Jv9QZn7iiqiMOLKPgkHAjP6Jk7jL5Lov/483kvh+HO5/Ogesn5z2bES zl1Rma6PHXHsI3CmJcAJ6QsaWVeXj68e43v5ezgqXKJZIMYKkPZx5O9PVITm5c7GPfyX KwSrI1hcjgecJ9t5rJrJjaY2hQO+q8eeOUd1C4mLvgCA2dSafiYuspV9wZKe/JG0FqJB LjAA== X-Gm-Message-State: AOJu0Yyl1b2SSoG/SMGOOhU97wfiqPMancmUlyKpGLF0CxblB0kPd5PR Ho5SKYKZQxISNRs6y/lT6bqysWXz2rVUZGg1EcgKtclYowSaq8JSikVvNbBiDfvHCaWrU2kvfE1 Jf28= X-Gm-Gg: ASbGncstWTU++u3fYrIt/Pbb3mIFl0tLBK5Ipe+bo1JzMAZGmPQzz9slav9XWldhquu AvZq5nDVgELYSBTJTKLB95LuEZ7o1BlWv938JKl+DrBm2Iv7EOwUun6xlgQTHD+u+T0UXfkXixD Hp7S/ypiQAmAvT9dyzgmbE/Ut852dV+5Cyc3SJQWwn5eLtG34P2/ceKlLdYkZGuyU5wn3XBBBxY M21c/6u33H/UVdbowGRR+n7fPn1WsGaLYA75pHsv0dEVv97yXX3gx5IVX0l9l2pvBh8RCNIzDsP sYffKkZdNoMb6s7W5i1UBF3nvQfXb5Tw2hR7ulHISrkEIIcdiQH+RrYx38FAfOcK2TaR+fpqr+O EqY/XAzxg1qrxn+0rrNEet5zbb9XhgJCuk9Xfs05+u9Cfrql2WsRo4yU4fyd8ZB1il9zBmBWeos 7//r3McP6Dnh3CeGp8 X-Google-Smtp-Source: AGHT+IGhifmmkk+/jrOwhk0khXs9ECOR2njWonUymhxrHCh9gC2CbnF1UAUWrG4kCGAUfsjk0PSrqQ== X-Received: by 2002:a05:6602:640d:b0:948:8be8:a8d7 with SMTP id ca18e2360f4ac-948e0da72e6mr1475006439f.13.1763328243107; Sun, 16 Nov 2025 13:24:03 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.24.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:24:01 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:22 -0700 Message-ID: <20251116212334.1603490-9-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: LKK52JB43PFEPIINYINYLNPOII7ZVI2K X-Message-ID-Hash: LKK52JB43PFEPIINYINYLNPOII7ZVI2K X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 08/14] luks: Move key derivation to the caller of try_keyslot() List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Move the derive_key_pbkdf2() call from inside try_keyslot() to the caller, luks_unlock() With this change luks_unlock() deals with key derivation and try_keyslot() only handles the decryption part, using a supplied derived key. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks.c | 49 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 25 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 48f281ef77c..c23b6f50671 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -324,31 +324,27 @@ static int derive_key_pbkdf2(struct luks1_keyslot *slot, const u8 *pass, } /** - * try_keyslot() - Unlock a LUKS key slot with a passphrase + * try_keyslot() - Try to unlock a LUKS key slot with a derived key * * @blk: Block device * @pinfo: Partition information * @hdr: LUKS header * @slot_idx: Key slot index to try - * @pass: Passphrase to try - * @pass_len: Length of passphrase - * @md_type: Hash algorithm type + * @md_type: Hash algorithm type for master key verification * @key_size: Size of the key - * @derived_key: Buffer for derived key (key_size bytes) + * @derived_key: Pre-derived key from PBKDF2 (key_size bytes) * @km: Buffer for encrypted key material * @km_blocks: Size of km buffer in blocks * @split_key: Buffer for AF-split key * @candidate_key: Buffer to receive decrypted master key * - * Return: 0 on success (correct passphrase), -EPROTO on mbedtls error, -ve on - * other error + * Return: 0 on success (correct key), -ve on error */ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, struct luks1_phdr *hdr, int slot_idx, - const u8 *pass, size_t pass_len, - mbedtls_md_type_t md_type, - uint key_size, u8 *derived_key, u8 *km, - uint km_blocks, u8 *split_key, u8 *candidate_key) + mbedtls_md_type_t md_type, uint key_size, + const u8 *derived_key, u8 *km, uint km_blocks, + u8 *split_key, u8 *candidate_key) { struct luks1_keyslot *slot = &hdr->key_slot[slot_idx]; uint km_offset, stripes, split_key_size; @@ -358,22 +354,12 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, u8 iv[AES_BLOCK_LENGTH]; int ret; - /* Check if slot is active */ - if (be32_to_cpu(slot->active) != LUKS_KEY_ENABLED) - return -ENOENT; - - log_debug("trying key slot %d (pass len=%zu)...\n", slot_idx, pass_len); + log_debug("trying key slot %d with derived key\n", slot_idx); km_offset = be32_to_cpu(slot->key_material_offset); stripes = be32_to_cpu(slot->stripes); split_key_size = key_size * stripes; - /* Derive key from passphrase using PBKDF2 */ - ret = derive_key_pbkdf2(slot, pass, pass_len, md_type, key_size, - derived_key); - if (ret) - return ret; - /* Read encrypted key material */ ret = blk_read(blk, pinfo->start + km_offset, km_blocks, km); if (ret != km_blocks) { @@ -543,9 +529,22 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, /* Try each key slot */ for (i = 0; i < LUKS_NUMKEYS; i++) { - ret = try_keyslot(blk, pinfo, hdr, i, pass, pass_len, md_type, - *key_size, derived_key, km, km_blocks, - split_key, candidate_key); + struct luks1_keyslot *slot = &hdr->key_slot[i]; + + /* Skip inactive slots */ + if (be32_to_cpu(slot->active) != LUKS_KEY_ENABLED) + continue; + + /* Derive key for this slot */ + ret = derive_key_pbkdf2(slot, pass, pass_len, md_type, + *key_size, derived_key); + if (ret) + continue; + + /* Try to unlock with the derived key */ + ret = try_keyslot(blk, pinfo, hdr, i, md_type, *key_size, + derived_key, km, km_blocks, split_key, + candidate_key); if (!ret) { /* Successfully unlocked */ From patchwork Sun Nov 16 21:23:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 723 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=SX5wleO0; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id C6AE068641 for ; Sun, 16 Nov 2025 14:24:11 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id yAXjGqJ3uTU0 for ; Sun, 16 Nov 2025 14:24:11 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 3F3C9685F2 for ; Sun, 16 Nov 2025 14:24:11 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 5274D685BF for ; Sun, 16 Nov 2025 14:24:09 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id D9_w0hhsqf-E for ; Sun, 16 Nov 2025 14:24:09 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.47; helo=mail-io1-f47.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f47.google.com (mail-io1-f47.google.com [209.85.166.47]) by mail.u-boot.org (Postfix) with ESMTPS id AA6616864A for ; Sun, 16 Nov 2025 14:24:07 -0700 (MST) Received: by mail-io1-f47.google.com with SMTP id ca18e2360f4ac-9486696aafeso285913139f.3 for ; Sun, 16 Nov 2025 13:24:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328246; x=1763933046; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=CPQXVx6Nx0PQ5Wt1eV4uiHIQiTF5mKtSqfiiV/aFwc8=; b=SX5wleO0Ihh1JZnouJp13OT+ojUSMBj8OwMF6oY8XofvQ5HpHt+cvMcwsBEktLjUSv w6I5ZhH6HzJx2A9gwzGe8CvY1VDBEqoDbdAQT21AKV1KiUxPtRps3Y2yfUUZhGUPc8Lc oqXar6sBoEkFUDglw/kFOk9GbqsUDrlWPslo4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328246; x=1763933046; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=CPQXVx6Nx0PQ5Wt1eV4uiHIQiTF5mKtSqfiiV/aFwc8=; b=XX4kDChNtU4G//21Y3UExGJQDTcwNhag15GULrUP6pedpYn4Zn42HxYwGX6cbBtd5A yeT3pWvv930wBkFHyIjwPBnlvFtk62ilTWeH0D6+jW3YO+nUHnF9FpYSzz65Y6kA5i5u DrOn/nUWfM7HJWbC2xVRdi6gh0Ukkxhp2s7Q6lYFhbg1FKFDVHDlLyWNLmSXUQ/anCed 3KggNgP7EeeLqep+Y1g4nqBVvxG7HP70kNkwy1T6YzbmcjHMoELOlkNWzuPtiq9PcZbU tq8T90zAj1hpaw3BrO7JPZlfy1mZJQLt/+5xXNuTW1/Ow0f9yS66RUz7eelkelY5MwpO H0Cg== X-Gm-Message-State: AOJu0Yz+Mp2FLCJRRMGCreGyrEKPuX6XfXj61gMM5GnHLyz6LdQ03OaJ +v798EoZLuS1Fz2QEcV0RjA2UKDjcxDRzAWqkSKtwXdigPV1ONVMtRyDzC1yCBMrlWWmuQdMu8Z zKgE= X-Gm-Gg: ASbGnct0XGQH2LfL10Zv5zCcp6nyt0OYqY9tdmEZpe2yntS5tkFscHenGymDuzoe7s7 vj+uGJ274DOw44d95Oz5vi/s/SqDB/Fr5CYNKd8XwpqlBOvtQPGqwHxWzHlvPLEDV3KL9GKEnlK SKflB1ydBp46wD12U+hy3SCFwLOhZoQo8sE5amurkslKs1h6gFrmj5YRGuULFtoEGqeF0qfGIGf n80LpuJoAZ+KxdMIpQW4pim6q1IJ7/qk+nHTf3weo7P5tEzVgReHRuESceMYOvwHIig2AJ5Hj6H ya/yjC+c0FJWZEPdynRR8FEPeKNNIkkDuwTi6lauQ6urdahmb71ydvwsuG3je5GDqCqM2D8yQUW 61LT5rPyOgOrWALdwV6rjFY1Z9YJh23BHLqqhcy0R3JZi6On8TzMtcSrUWcsX1meD5AM0q1Oqqx y+u7pv5z+7ZMf9h+m7QU6U2YsY764= X-Google-Smtp-Source: AGHT+IE6Vo6smTfQVFSwUnonx2vm0a1lbRGsVE5jfDLIxKDqQKXBw1DHhHufR1x9dfShjBnGgRa7Dw== X-Received: by 2002:a05:6602:6c0b:b0:945:a6ed:d7a5 with SMTP id ca18e2360f4ac-948e0cdf757mr1362416639f.1.1763328246045; Sun, 16 Nov 2025 13:24:06 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.24.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:24:04 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:23 -0700 Message-ID: <20251116212334.1603490-10-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: ELGQZULUPUWU66CX6L3SVFDO53DRH7M6 X-Message-ID-Hash: ELGQZULUPUWU66CX6L3SVFDO53DRH7M6 X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 09/14] luks: Split LUKSv1 unlock code into a separate function List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Move the LUKSv1-specific unlock logic from luks_unlock() into a new unlock_luks1() function, lining up with the structure used for LUKSv2. Also update unlock_luks1() to use a local key_size variable and only set the output parameter on success. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks.c | 153 ++++++++++++++++++++++++++++--------------- 1 file changed, 102 insertions(+), 51 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index c23b6f50671..a3c86c5a197 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -323,6 +323,23 @@ static int derive_key_pbkdf2(struct luks1_keyslot *slot, const u8 *pass, return 0; } +/** + * unlock_luks1() - Unlock a LUKSv1 partition + * + * @blk: Block device + * @pinfo: Partition information + * @hdr: LUKS1 header (already read) + * @pass: Passphrase + * @pass_len: Length of passphrase + * @master_key: Buffer to receive master key + * @key_size: Output for key size + * + * Return: 0 on success, -ve on error + */ +static int unlock_luks1(struct udevice *blk, struct disk_partition *pinfo, + struct luks1_phdr *hdr, const u8 *pass, size_t pass_len, + u8 *master_key, u32 *key_size); + /** * try_keyslot() - Try to unlock a LUKS key slot with a derived key * @@ -426,62 +443,44 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, return -EACCES; } -int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, - const u8 *pass, size_t pass_len, u8 *master_key, - u32 *key_size) +/** + * unlock_luks1() - Unlock a LUKSv1 partition + * + * Attempts to unlock a LUKSv1 encrypted partition by trying each active + * key slot with the provided passphrase. Uses PBKDF2 for key derivation + * and supports CBC cipher mode with optional ESSIV. + * + * @blk: Block device containing the partition + * @pinfo: Partition information + * @hdr: LUKSv1 header (already read and validated) + * @pass: Passphrase (binary data) + * @pass_len: Length of passphrase in bytes + * @master_key: Buffer to receive unlocked master key (min 128 bytes) + * @key_sizep: Output for master key size in bytes (set only on success) + * + * Return: 0 on success, -ve on error + */ +static int unlock_luks1(struct udevice *blk, struct disk_partition *pinfo, + struct luks1_phdr *hdr, const u8 *pass, size_t pass_len, + u8 *master_key, u32 *key_sizep) { - uint version, split_key_size, km_blocks, hdr_blocks; + uint split_key_size, km_blocks, key_size; u8 *split_key, *derived_key; struct hash_algo *hash_algo; u8 candidate_key[128], *km; mbedtls_md_type_t md_type; - struct luks1_phdr *hdr; struct blk_desc *desc; int i, ret; - if (!blk || !pinfo || !pass || !master_key || !key_size) - return -EINVAL; - desc = dev_get_uclass_plat(blk); - /* LUKS1 header is 592 bytes, calculate blocks needed */ - hdr_blocks = (sizeof(struct luks1_phdr) + desc->blksz - 1) / - desc->blksz; - - /* Allocate buffer for LUKS header */ - ALLOC_CACHE_ALIGN_BUFFER(u8, buffer, hdr_blocks * desc->blksz); - - /* Read LUKS header */ - if (blk_read(blk, pinfo->start, hdr_blocks, buffer) != hdr_blocks) { - log_debug("failed to read LUKS header\n"); - return -EIO; - } - - /* Verify it's LUKS */ - if (memcmp(buffer, LUKS_MAGIC, LUKS_MAGIC_LEN) != 0) { - log_debug("not a LUKS partition\n"); - return -ENOENT; - } - - version = be16_to_cpu(*(__be16 *)(buffer + LUKS_MAGIC_LEN)); - if (version == LUKS_VERSION_2) - return unlock_luks2(blk, pinfo, pass, pass_len, master_key, - key_size); - - if (version != LUKS_VERSION_1) { - log_debug("unsupported LUKS version %d\n", version); - return -ENOTSUPP; - } - - hdr = (struct luks1_phdr *)buffer; - /* Debug: show what we read from header */ log_debug("Read header at sector %llu, mk_digest[0-7] ", (unsigned long long)pinfo->start); log_debug_hex("", (u8 *)hdr->mk_digest, 8); /* Verify cipher mode - only CBC supported */ - if (strncmp(hdr->cipher_mode, "cbc", 3) != 0) { + if (strncmp(hdr->cipher_mode, "cbc", 3)) { log_debug("only CBC mode is currently supported (got: %.32s)\n", hdr->cipher_mode); return -ENOTSUPP; @@ -495,11 +494,11 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, } md_type = hash_mbedtls_type(hash_algo); - - *key_size = be32_to_cpu(hdr->key_bytes); + key_size = be32_to_cpu(hdr->key_bytes); /* Find the first active slot to get the stripes value */ u32 stripes = 0; + for (i = 0; i < LUKS_NUMKEYS; i++) { if (be32_to_cpu(hdr->key_slot[i].active) == LUKS_KEY_ENABLED) { stripes = be32_to_cpu(hdr->key_slot[i].stripes); @@ -511,13 +510,11 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, return -ENOENT; } - split_key_size = *key_size * stripes; - - log_debug("Trying to unlock LUKS partition: key size: %u bytes\n", - *key_size); + split_key_size = key_size * stripes; + log_debug("Unlocking LUKS partition: key size: %u bytes\n", key_size); /* Allocate buffers */ - derived_key = malloc(*key_size); + derived_key = malloc(key_size); split_key = malloc(split_key_size); km_blocks = (split_key_size + desc->blksz - 1) / desc->blksz; km = malloc_cache_aligned(km_blocks * desc->blksz); @@ -537,18 +534,19 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, /* Derive key for this slot */ ret = derive_key_pbkdf2(slot, pass, pass_len, md_type, - *key_size, derived_key); + key_size, derived_key); if (ret) continue; /* Try to unlock with the derived key */ - ret = try_keyslot(blk, pinfo, hdr, i, md_type, *key_size, + ret = try_keyslot(blk, pinfo, hdr, i, md_type, key_size, derived_key, km, km_blocks, split_key, candidate_key); if (!ret) { /* Successfully unlocked */ - memcpy(master_key, candidate_key, *key_size); + memcpy(master_key, candidate_key, key_size); + *key_sizep = key_size; goto out; } /* Continue trying other slots on failure */ @@ -559,7 +557,7 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, out: if (derived_key) { - memset(derived_key, '\0', *key_size); + memset(derived_key, '\0', key_size); free(derived_key); } if (split_key) { @@ -575,6 +573,59 @@ out: return ret; } +int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, + const u8 *pass, size_t pass_len, u8 *master_key, u32 *key_sizep) +{ + uint version, hdr_blocks; + struct luks1_phdr *hdr; + struct blk_desc *desc; + int ret; + + if (!blk || !pinfo || !pass || !master_key || !key_sizep) + return -EINVAL; + + desc = dev_get_uclass_plat(blk); + + /* LUKS1 header is 592 bytes, calculate blocks needed */ + hdr_blocks = (sizeof(struct luks1_phdr) + desc->blksz - 1) / + desc->blksz; + + /* Allocate buffer for LUKS header */ + ALLOC_CACHE_ALIGN_BUFFER(u8, buffer, hdr_blocks * desc->blksz); + + /* Read LUKS header */ + if (blk_read(blk, pinfo->start, hdr_blocks, buffer) != hdr_blocks) { + log_debug("failed to read LUKS header\n"); + return -EIO; + } + + /* Verify it's LUKS */ + if (memcmp(buffer, LUKS_MAGIC, LUKS_MAGIC_LEN) != 0) { + log_debug("not a LUKS partition\n"); + return -ENOENT; + } + + version = be16_to_cpu(*(__be16 *)(buffer + LUKS_MAGIC_LEN)); + switch (version) { + case LUKS_VERSION_1: + hdr = (struct luks1_phdr *)buffer; + ret = unlock_luks1(blk, pinfo, hdr, pass, pass_len, master_key, + key_sizep); + break; + case LUKS_VERSION_2: + ret = unlock_luks2(blk, pinfo, pass, pass_len, master_key, + key_sizep); + break; + default: + log_debug("unsupported LUKS version %d\n", version); + return -ENOTSUPP; + } + if (ret) + return ret; + + return 0; +} + int luks_create_blkmap(struct udevice *blk, struct disk_partition *pinfo, const u8 *master_key, u32 key_size, const char *label, struct udevice **blkmapp) From patchwork Sun Nov 16 21:23:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 724 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=Le9NOw3J; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 223A6685C6 for ; Sun, 16 Nov 2025 14:24:14 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id gSlIIwcAgM9M for ; Sun, 16 Nov 2025 14:24:14 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 551EA6864C for ; Sun, 16 Nov 2025 14:24:12 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 64CF86864A for ; Sun, 16 Nov 2025 14:24:11 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 3AKlvL8zr5QC for ; Sun, 16 Nov 2025 14:24:11 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.54; helo=mail-io1-f54.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f54.google.com (mail-io1-f54.google.com [209.85.166.54]) by mail.u-boot.org (Postfix) with ESMTPS id 80437684C5 for ; Sun, 16 Nov 2025 14:24:10 -0700 (MST) Received: by mail-io1-f54.google.com with SMTP id ca18e2360f4ac-949031532f9so29654739f.0 for ; Sun, 16 Nov 2025 13:24:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328249; x=1763933049; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=F+e/o9Y81iU1s4yM57ZnV7qqpArG3la/EKKkLc1wjeM=; b=Le9NOw3JRzS9G02jxNNrARri+VkISkT6lhki1thLyoxQj7/VEldpOtqbXtp7RiFYDE NnwTrd/UtsGzmRD0SX7Y5d3K9dqpKA2hrSIPQJHpLbVmv1fJGSI9+9S1a0saXGcxn/wB Vrsf3MzkrWN1L0ZlxrZSUdKg6VACPcFrf0g4c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328249; x=1763933049; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=F+e/o9Y81iU1s4yM57ZnV7qqpArG3la/EKKkLc1wjeM=; b=kAF9Zee8GuUTIa9Ygl6Q0oHRuOQywV59UFxlm5khJpG63GV99BggZB87ZGGYkG6QJA pWE9xjPCo+W5gVXUpIXDVUV1q5ZkLjyAJuG5rtPeP0X8xZ470R6CvlD3iPSm0y0r3eKI 4gUjqrfITBiZaOfoUZkyf28Jmc+eCDufsC/Aj/j7gm7JPIAcEdjKlNd0l+DrRYP6zdSe mLWPmrSwUxO1VrTKGeUZOgz5HPsZ4+suJVGIlqsO0g+z5i4Z9YuX4uDybH5cwt3bQaRx t9zPwoYp/E59nuDarDFvrVr81SSUmYZDH472NW3mRnF6xhivd0SJpUZoyQ6230CvEErS izNQ== X-Gm-Message-State: AOJu0YxkAHd4clTzMXBB8pUWKbveC23ALje6CuyumuM2EkGFKSgQrz/I fILPPI3/KUcH4S1m/cxLl7i8Rbh5UKTl3yuAjdBPR3NhY0AOfZkeVq7OlUB6kqX9tarlEkAzTEW R8ag= X-Gm-Gg: ASbGncsTeMEYzJBWqRgpTnkQ4b78GDfxVqvXESkW+GUg5Yk24Mgozhvi9YSVho0+OU2 hqPCpZpKLUnpZonz+7BD1bLCMe2Z1btswBbmj2MEjYtu5JXgDMhlIB5wKEE1H5GutAmUqaFDA6W Z/ezB84K5uBstd4bXeTEmA/Iol4fdRQ8T+o/1thPBZsBY4oX3DeIsO0zBNy3oFtB31tIjJeLhHR w4gXBgnF2E0YLjIBYZDUolVjfGAsWHBjdjyLSUfuxBys5WE+PBK9eRDWkZ7Mlaueg+NXegb8S/R Z2NEQqJZ7ghoaNjKpluFimQKUVK2VnKz1ca7VzYzV7XV7qUKpAsxrV46Sr7tZz5RsV4fSs1LT9A k9zfe1yCBvWTmG6BVq9IFNqVdhKCViFIxgofdWuq/K2XOGPibLEQx9BlxfHaia4YKo/rnPsFb1S Rxn0aM5NM1ITa8+0PhC8KYUwL4sck= X-Google-Smtp-Source: AGHT+IGIKw139g+ZstLlO5448GmlKKLN4bs8XojXmrU5Na68eOm22bDfKwE4N3qbW0UE3wLPWqac1A== X-Received: by 2002:a05:6638:300e:b0:5b7:1afc:dd10 with SMTP id 8926c6da1cb9f-5b7c82cb38bmr6915780173.5.1763328248950; Sun, 16 Nov 2025 13:24:08 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.24.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:24:07 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:24 -0700 Message-ID: <20251116212334.1603490-11-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: YDRS7HI4MFMKX2YWJ7TYRGDCKTYFBA6K X-Message-ID-Hash: YDRS7HI4MFMKX2YWJ7TYRGDCKTYFBA6K X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 10/14] luks: Support a pre-derived key with LUKSv1 List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: In some cases we may wish to provide a pre-derived key, e.g. obtained from a TKey. Provide an option for this with LUKSv1. For now it is not exported. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks.c | 40 ++++++++++++++++++++++++++++------------ 1 file changed, 28 insertions(+), 12 deletions(-) diff --git a/drivers/block/luks.c b/drivers/block/luks.c index a3c86c5a197..3fc54dbbb9a 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -329,8 +329,9 @@ static int derive_key_pbkdf2(struct luks1_keyslot *slot, const u8 *pass, * @blk: Block device * @pinfo: Partition information * @hdr: LUKS1 header (already read) - * @pass: Passphrase + * @pass: Passphrase or pre-derived key * @pass_len: Length of passphrase + * @pre_derived: True if pass is a pre-derived key, false for passphrase * @master_key: Buffer to receive master key * @key_size: Output for key size * @@ -338,7 +339,7 @@ static int derive_key_pbkdf2(struct luks1_keyslot *slot, const u8 *pass, */ static int unlock_luks1(struct udevice *blk, struct disk_partition *pinfo, struct luks1_phdr *hdr, const u8 *pass, size_t pass_len, - u8 *master_key, u32 *key_size); + bool pre_derived, u8 *master_key, u32 *key_size); /** * try_keyslot() - Try to unlock a LUKS key slot with a derived key @@ -447,14 +448,16 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, * unlock_luks1() - Unlock a LUKSv1 partition * * Attempts to unlock a LUKSv1 encrypted partition by trying each active - * key slot with the provided passphrase. Uses PBKDF2 for key derivation - * and supports CBC cipher mode with optional ESSIV. + * key slot with the provided passphrase or pre-derived key. When pre_derived + * is false, uses PBKDF2 for key derivation. When true, uses the pass data + * directly as the derived key. Supports CBC cipher mode with optional ESSIV. * * @blk: Block device containing the partition * @pinfo: Partition information * @hdr: LUKSv1 header (already read and validated) - * @pass: Passphrase (binary data) + * @pass: Passphrase (binary data) or pre-derived key * @pass_len: Length of passphrase in bytes + * @pre_derived: True if pass is a pre-derived key, false for passphrase * @master_key: Buffer to receive unlocked master key (min 128 bytes) * @key_sizep: Output for master key size in bytes (set only on success) * @@ -462,7 +465,7 @@ static int try_keyslot(struct udevice *blk, struct disk_partition *pinfo, */ static int unlock_luks1(struct udevice *blk, struct disk_partition *pinfo, struct luks1_phdr *hdr, const u8 *pass, size_t pass_len, - u8 *master_key, u32 *key_sizep) + bool pre_derived, u8 *master_key, u32 *key_sizep) { uint split_key_size, km_blocks, key_size; u8 *split_key, *derived_key; @@ -524,6 +527,17 @@ static int unlock_luks1(struct udevice *blk, struct disk_partition *pinfo, goto out; } + /* If using pre-derived key, use it directly */ + if (pre_derived) { + if (pass_len != key_size) { + log_debug("Pre-derived key size mismatch: got %zu, need %u\n", + pass_len, key_size); + ret = -EINVAL; + goto out; + } + memcpy(derived_key, pass, key_size); + } + /* Try each key slot */ for (i = 0; i < LUKS_NUMKEYS; i++) { struct luks1_keyslot *slot = &hdr->key_slot[i]; @@ -532,11 +546,13 @@ static int unlock_luks1(struct udevice *blk, struct disk_partition *pinfo, if (be32_to_cpu(slot->active) != LUKS_KEY_ENABLED) continue; - /* Derive key for this slot */ - ret = derive_key_pbkdf2(slot, pass, pass_len, md_type, - key_size, derived_key); - if (ret) - continue; + /* Derive key for this slot if not pre-derived */ + if (!pre_derived) { + ret = derive_key_pbkdf2(slot, pass, pass_len, md_type, + key_size, derived_key); + if (ret) + continue; + } /* Try to unlock with the derived key */ ret = try_keyslot(blk, pinfo, hdr, i, md_type, key_size, @@ -610,7 +626,7 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, case LUKS_VERSION_1: hdr = (struct luks1_phdr *)buffer; ret = unlock_luks1(blk, pinfo, hdr, pass, pass_len, master_key, - key_sizep); + false, key_sizep); break; case LUKS_VERSION_2: ret = unlock_luks2(blk, pinfo, pass, pass_len, master_key, From patchwork Sun Nov 16 21:23:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 725 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=H4+09uIf; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id CAE47685C6 for ; Sun, 16 Nov 2025 14:24:19 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id i7ZJ6UPwIrp1 for ; Sun, 16 Nov 2025 14:24:19 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id B716B685BF for ; Sun, 16 Nov 2025 14:24:19 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id B7A746858A for ; Sun, 16 Nov 2025 14:24:17 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 8nqcgPFa-Hk1 for ; Sun, 16 Nov 2025 14:24:17 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.50; helo=mail-io1-f50.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f50.google.com (mail-io1-f50.google.com [209.85.166.50]) by mail.u-boot.org (Postfix) with ESMTPS id E40E3685BF for ; Sun, 16 Nov 2025 14:24:13 -0700 (MST) Received: by mail-io1-f50.google.com with SMTP id ca18e2360f4ac-9486696aafeso285915439f.3 for ; Sun, 16 Nov 2025 13:24:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328252; x=1763933052; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lzh268hfC5NNlFfm6tftnwRuWbF7DsFZWc2/q9ecKGQ=; b=H4+09uIfOUUXES4LnM1U62Z42uSPOWJHKnwHnan7xrgmtmdI6xz/N5023I64JV4Ab9 rPZo6ORD58yXuK5IybbT5e06+G2XjZFvFFOttMaQW0hviyPiYb8A2FkOYVSB+n6Nrq1k hY1qvcb/fkaM6FWERz3mznELr0IABOvfLoexg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328252; x=1763933052; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=lzh268hfC5NNlFfm6tftnwRuWbF7DsFZWc2/q9ecKGQ=; b=jm3jA82U8bnajZO43ingHAmx4yFhq0cp9rOoSaz+/se/zRsd3C1S55Wlnt1Mk6olFs Vaw4jbYL9/3p5Fq0yM+p1UzZ96PB0NDJTQ4V+fF8iE06muHIfH8nN3UNB491dZj9+u95 XVtU++ngxAy/Ne2/J+wv0JN7hhcI8mGMNm1JJ2zMWLLO/ZssfNbcdwIfYd/VrqlE0up/ AJxikrLiQ7D0JfeO7ur6SA4LjDevr2UedAIU7LZOEV3OWvjR4W4Nq0ZXngozrY9+EoOJ X3CscpSs+QsRat4vPBvIGVpLdJMtvhGwkSD8rXyawnG6JwHGGypJ16gTLm6Np7da5T77 CASw== X-Gm-Message-State: AOJu0Yyoro+W0YePlwdwBgcUYvyelc78ecDoTs5Jj4NOR0dXNqHmyqV9 STwUl19IaF/eCYamZslmJtEYEknAk6hnYcEDeLi3CtsodBjpVA5Tsw241/wSdV7dd+N1ASucR+n s8mg= X-Gm-Gg: ASbGncuXaKH8OqIiUX/fVyXnOw21B1gxeNltb5q7tZoTDoU2WcKcQdxt0XzScy18tWc RPU1WGvQi/3kYO5aivuinrK5K2YYi88vC25HlQ4HjeD5H9AHqxjT3IgW+cR+NwQFJnTaVT2mKhg 0iK6yBEzjh0EvbRkJgGe34DvlMSk8Co88e9ACv4wMxQw22hNui1o/Edl6MGeh8jOfXz545Tpd9u VPieNX20bELYjxG9+Suj7T6OCS5MdwKl56yW5SWAqFDcxFH6KPoKmWs8KoQrEarebjCb19z9Lcc 5cSb5RNOzydgp0CX5GfjqdY3JZKwo3Czox0ZtiuMLrtpVR5uHr7Ke7rTQrGBB/1RHdgiHs1radE Ma2wHPhxZUnhD/SSHUYf1kqbeOyrBm+eIL1t7SpjW94bsA9eW1ZeXgJby7TbYzcRB6CFgtNS35t BMbAylrrqfUR4SbBQSNpokC5g99TA= X-Google-Smtp-Source: AGHT+IFPea3CKiIymD8f0GDak78b1cSpMKz8Vg0tkXa2d2cLxaWA00/pUZcP4GXVIyEaDS9GQMc7fw== X-Received: by 2002:a05:6638:6b97:b0:571:2bd0:eb59 with SMTP id 8926c6da1cb9f-5b7c9c7d928mr5759718173.6.1763328251958; Sun, 16 Nov 2025 13:24:11 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.24.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:24:10 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:25 -0700 Message-ID: <20251116212334.1603490-12-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: ZZ2BXLPNGLG5JH2NGORNPBIM5SAPUWST X-Message-ID-Hash: ZZ2BXLPNGLG5JH2NGORNPBIM5SAPUWST X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 11/14] luks: Support a pre-derived key with LUKSv2 List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: In some cases we may wish to provide a pre-derived key, e.g. obtained from a TKey. Provide an option for this with LUKSv2. For now it is not exported. Improve the error-return documentation while we are here. Co-developed-by: Claude Signed-off-by: Simon Glass --- drivers/block/luks2.c | 54 ++++++++++++++++++++++------------- drivers/block/luks_internal.h | 10 ++++--- 2 files changed, 40 insertions(+), 24 deletions(-) diff --git a/drivers/block/luks2.c b/drivers/block/luks2.c index 57e6b9f37d9..e3f3ac28c34 100644 --- a/drivers/block/luks2.c +++ b/drivers/block/luks2.c @@ -544,9 +544,9 @@ static int decrypt_km_xts(const u8 *derived_key, uint key_size, const u8 *km, * @blksz: Block size in bytes * Return: 0 on success, negative error code on failure */ -static int decrypt_km_cbc(u8 *derived_key, uint key_size, const char *encrypt, - u8 *km, u8 *split_key, int size, int km_blocks, - int blksz) +static int decrypt_km_cbc(const u8 *derived_key, uint key_size, + const char *encrypt, u8 *km, u8 *split_key, + int size, int km_blocks, int blksz) { u8 expkey[AES256_EXPAND_KEY_LENGTH]; @@ -811,7 +811,8 @@ static int verify_master_key(const struct luks2_digest *digest, * * This function attempts to unlock one keyslot by: * 1. Reading keyslot metadata from ofnode - * 2. Deriving the candidate master key using the appropriate KDF + * 2. Deriving the candidate master key using the appropriate KDF (or using + * pre-derived key directly) * 3. Verifying the candidate key against the stored digest * * @blk: Block device containing the LUKS partition @@ -819,7 +820,9 @@ static int verify_master_key(const struct luks2_digest *digest, * @keyslot_node: ofnode for this specific keyslot * @digest: Digest information for verification * @md_type: mbedtls message digest type (for PBKDF2) - * @pass: User-provided passphrase + * @pass: User-provided passphrase or pre-derived key + * @pass_len: Length of passphrase + * @pre_derived: True if pass is a pre-derived key, false for passphrase * @master_key: Output buffer for verified master key * @key_sizep: Returns the key size * Return: 0 if unlocked successfully, -EAGAIN to continue trying, -ve on error @@ -828,8 +831,8 @@ static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, ofnode keyslot_node, const struct luks2_digest *digest, mbedtls_md_type_t md_type, const u8 *pass, - size_t pass_len, u8 *master_key, - uint *key_sizep) + size_t pass_len, bool pre_derived, + u8 *master_key, uint *key_sizep) { struct luks2_keyslot keyslot; u8 cand_key[128]; @@ -845,16 +848,27 @@ static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, log_debug("LUKS2: trying keyslot (type=%d)\n", keyslot.kdf.type); - /* Try the keyslot using the appropriate KDF */ - if (keyslot.kdf.type == LUKS2_KDF_PBKDF2) { - log_debug("LUKS2: calling try_keyslot_pbkdf2\n"); - ret = try_keyslot_pbkdf2(blk, pinfo, &keyslot, pass, pass_len, - md_type, cand_key); + /* If using pre-derived key, use it directly */ + if (pre_derived) { + if (pass_len != keyslot.key_size) { + log_debug("Pre-derived key size mismatch: got %zu, need %u\n", + pass_len, keyslot.key_size); + return -EAGAIN; + } + memcpy(cand_key, pass, pass_len); + ret = 0; } else { - /* Argon2 (already checked for CONFIG_ARGON2 support) */ - log_debug("LUKS2: calling try_keyslot_argon2\n"); - ret = try_keyslot_argon2(blk, pinfo, &keyslot, pass, pass_len, - cand_key); + /* Try the keyslot using the appropriate KDF */ + if (keyslot.kdf.type == LUKS2_KDF_PBKDF2) { + log_debug("LUKS2: calling try_keyslot_pbkdf2\n"); + ret = try_keyslot_pbkdf2(blk, pinfo, &keyslot, pass, pass_len, + md_type, cand_key); + } else { + /* Argon2 (already checked for CONFIG_ARGON2 support) */ + log_debug("LUKS2: calling try_keyslot_argon2\n"); + ret = try_keyslot_argon2(blk, pinfo, &keyslot, pass, pass_len, + cand_key); + } } log_debug("LUKS2: keyslot try returned %d\n", ret); @@ -877,8 +891,8 @@ static int try_unlock_keyslot(struct udevice *blk, struct disk_partition *pinfo, } int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, - const u8 *pass, size_t pass_len, u8 *master_key, - uint *key_sizep) + const u8 *pass, size_t pass_len, bool pre_derived, + u8 *master_key, uint *key_sizep) { ofnode keyslots_node, keyslot_node; struct luks2_digest digest; @@ -896,8 +910,8 @@ int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, ret = -EACCES; ofnode_for_each_subnode(keyslot_node, keyslots_node) { ret = try_unlock_keyslot(blk, pinfo, keyslot_node, &digest, - md_type, pass, pass_len, master_key, - key_sizep); + md_type, pass, pass_len, pre_derived, + master_key, key_sizep); if (!ret) /* Successfully unlocked! */ break; diff --git a/drivers/block/luks_internal.h b/drivers/block/luks_internal.h index 6b0e41267ff..33f6ce12689 100644 --- a/drivers/block/luks_internal.h +++ b/drivers/block/luks_internal.h @@ -50,14 +50,16 @@ void essiv_decrypt(const u8 *derived_key, uint key_size, u8 *expkey, u8 *km, * * @blk: Block device * @pinfo: Partition information - * @pass: Passphrase to unlock the partition + * @pass: Passphrase to unlock the partition or pre-derived key * @pass_len: Length of the passphrase in bytes + * @pre_derived: True if pass is a pre-derived key, false for passphrase * @master_key: Buffer to receive the decrypted master key * @key_sizep: Returns the key size - * Return: 0 on success, -ve on error + * Return: 0 on success, -EACCES if no keyslots matched, other -ve on other + * error */ int unlock_luks2(struct udevice *blk, struct disk_partition *pinfo, - const u8 *pass, size_t pass_len, u8 *master_key, - uint *key_sizep); + const u8 *pass, size_t pass_len, bool pre_derived, + u8 *master_key, uint *key_sizep); #endif /* __LUKS_INTERNAL_H__ */ From patchwork Sun Nov 16 21:23:26 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 726 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=Lic/m1Ak; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 36A796864C for ; Sun, 16 Nov 2025 14:24:20 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id OTemXEPCu4dH for ; Sun, 16 Nov 2025 14:24:20 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 2572D684C5 for ; Sun, 16 Nov 2025 14:24:20 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 0CF60685BF for ; Sun, 16 Nov 2025 14:24:18 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id PLhjer4yS1s8 for ; Sun, 16 Nov 2025 14:24:17 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.51; helo=mail-io1-f51.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f51.google.com (mail-io1-f51.google.com [209.85.166.51]) by mail.u-boot.org (Postfix) with ESMTPS id C410A684C5 for ; Sun, 16 Nov 2025 14:24:15 -0700 (MST) Received: by mail-io1-f51.google.com with SMTP id ca18e2360f4ac-948614ceac0so144673939f.0 for ; Sun, 16 Nov 2025 13:24:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328254; x=1763933054; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KAL6EpicLQrWkaFzkhghZzlHtLaIhqVWgZ2NUJh+1G4=; b=Lic/m1AkZUmwarKq4oSvRZlYNLoEv8xMQDYEc9lLT/QKDtzL5kjN7oC2tb+19PRP43 bneeDpf91dGd4+SHYPs0N0SvL314j07g/zQaZ6nqpH1S9/P3v1EltzsC73/FxubzV6sX otKAfdfOlmng0bL8Z4XCjbBLjfs9H9sqg20Jg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328254; x=1763933054; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=KAL6EpicLQrWkaFzkhghZzlHtLaIhqVWgZ2NUJh+1G4=; b=fCn1vN9vv9CsDuo95CUxKKFvkcprb1sUKxgBeehakeFvm88ePZ5bay7589PPYLJPGP Rz18H2Rn/LcvHisgIXGsiI9+CJ58b0Hm5IWQvJiwJO7gNuSI+Ap1CyXmV+Vx2604YLBn PI+XMNAdTdUDmPjPnmN2rZ/LPJ+yexOb4Crj3a86px2vX0ufLcZgVn89367zKN3h05zO R/mXiDa4lRD0d9GRjB7mP8Swrvi5h4qvdQfEixrQsF6YRYShDxQf6XLwrSnlx263evzQ DKg26EVaaPPS3qdHA9knoTkZVYabu0lm0c9JFmyCrS2ZDtYdcazFU7e1iqLet5uiXcTi S+cw== X-Gm-Message-State: AOJu0YxHJotT7gcS9/QbAN6rKODuZGb0cGDnHZczPqs3x6Rd6PiLlUqQ aNDtvFxooVNgUxC2OcRJOR9pnEuckWZjz+i9l5QNw4rF6iPRCJfGusrrc+ZTnJ2Anwg6v2iNKLK kq7c= X-Gm-Gg: ASbGncu0lR8oG8yyuI38Tb6xv8axj3vXJo8I3uJeHVsVvGWBrqsKsZJ7Lgqyd5oOsHT 2UfUmR/1eO81pnRUOfXRJ5oqb9mswSdrlw4U9eGNmzftgc3enndTpFBjOKuvQ4ENas3K7Obs+jy QYycYn6RhPtBZmkg7bEOifhuB1lJNajQlRFK1v/yIpfgyN3MUViXQtIjGiNLovx814naZGgjaxj Wc+YTyTza7VNNUhL6GuasLx9bbpQTpzKc5NmuY1/zroodwyg9fyUYcqQi1T4YogOG8zn6BVDPCs Kjv6o/1wmp43PAhsOfCq6o8X1V4DKLkSgl4qd/liDFFTMOGQdDTKJwTRNBxQdTqR3xpj03IjIik 6YnUDWYbZjsG2PZnMhFh5DJQTUg/8nVElZVObY6saYHlz+4Atg2UwjJdPVks0sXn84pJWZztrcN 2lsWlMUgxrPejeKl3M X-Google-Smtp-Source: AGHT+IH0/QG80eJDIRoUED8CtwQgqLpCdFQddd4MM/u2ee/OlL/IwZBSnO/Hox4HjWWBzkJz/AxABw== X-Received: by 2002:a05:6638:4e2d:b0:5b7:135f:57d6 with SMTP id 8926c6da1cb9f-5b7c9e1c78cmr5617233173.17.1763328254375; Sun, 16 Nov 2025 13:24:14 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.24.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:24:13 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:26 -0700 Message-ID: <20251116212334.1603490-13-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: HUYAN7YL5XUMMSFKUYX5IZPFPGXUVI3V X-Message-ID-Hash: HUYAN7YL5XUMMSFKUYX5IZPFPGXUVI3V X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 12/14] luks: Support a pre-derived key List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Update luks_unlock() to support a pre-derived key, such as that obtained from a TKey. This must match the key_size of the LUKS partition, otherwise it will fail to unlock. Signed-off-by: Simon Glass --- cmd/luks.c | 2 +- drivers/block/luks.c | 11 ++++++----- include/luks.h | 4 ++-- test/boot/luks.c | 2 +- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/cmd/luks.c b/cmd/luks.c index defd987776d..47d3e5bed7b 100644 --- a/cmd/luks.c +++ b/cmd/luks.c @@ -89,7 +89,7 @@ static int do_luks_unlock(struct cmd_tbl *cmdtp, int flag, int argc, /* Unlock the partition to get the master key */ ret = luks_unlock(dev_desc->bdev, &info, (const u8 *)passphrase, - strlen(passphrase), master_key, &key_size); + strlen(passphrase), false, master_key, &key_size); if (ret) { printf("Failed to unlock LUKS partition (err %dE)\n", ret); return CMD_RET_FAILURE; diff --git a/drivers/block/luks.c b/drivers/block/luks.c index 3fc54dbbb9a..10ef4a2e31a 100644 --- a/drivers/block/luks.c +++ b/drivers/block/luks.c @@ -590,7 +590,8 @@ out: } int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, - const u8 *pass, size_t pass_len, u8 *master_key, u32 *key_sizep) + const u8 *pass, size_t pass_len, bool pre_derived, + u8 *master_key, u32 *key_sizep) { uint version, hdr_blocks; struct luks1_phdr *hdr; @@ -625,12 +626,12 @@ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, switch (version) { case LUKS_VERSION_1: hdr = (struct luks1_phdr *)buffer; - ret = unlock_luks1(blk, pinfo, hdr, pass, pass_len, master_key, - false, key_sizep); + ret = unlock_luks1(blk, pinfo, hdr, pass, pass_len, + pre_derived, master_key, key_sizep); break; case LUKS_VERSION_2: - ret = unlock_luks2(blk, pinfo, pass, pass_len, master_key, - key_sizep); + ret = unlock_luks2(blk, pinfo, pass, pass_len, pre_derived, + master_key, key_sizep); break; default: log_debug("unsupported LUKS version %d\n", version); diff --git a/include/luks.h b/include/luks.h index 8826fa96507..da9be12e2a3 100644 --- a/include/luks.h +++ b/include/luks.h @@ -158,8 +158,8 @@ int luks_show_info(struct udevice *blk, struct disk_partition *pinfo); * -EIO if failed to read from block device */ int luks_unlock(struct udevice *blk, struct disk_partition *pinfo, - const u8 *pass, size_t pass_len, u8 *master_key, - u32 *key_size); + const u8 *pass, size_t pass_len, bool pre_derived, + u8 *master_key, u32 *key_size); /** * luks_create_blkmap() - Create a blkmap device for a LUKS partition diff --git a/test/boot/luks.c b/test/boot/luks.c index 93cc8ce6681..dfd6f7b411c 100644 --- a/test/boot/luks.c +++ b/test/boot/luks.c @@ -275,7 +275,7 @@ static int bootstd_test_luks2_unlock(struct unit_test_state *uts) /* Test that unlock fails for partition 1 (not LUKS) */ ut_assertok(part_get_info(desc, 1, &info)); ut_asserteq(-ENOENT, luks_unlock(desc->bdev, &info, (const u8 *)"test", - 4, master_key, &key_size)); + 4, false, master_key, &key_size)); /* Test unlocking partition 2 with correct passphrase */ ut_assertok(run_command("luks unlock mmc c:2 test", 0)); From patchwork Sun Nov 16 21:23:27 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 727 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=aXboxl+x; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 4263D6862A for ; Sun, 16 Nov 2025 14:24:24 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 2jTun-ewT2wG for ; Sun, 16 Nov 2025 14:24:24 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 31023685EA for ; Sun, 16 Nov 2025 14:24:24 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 85825685BF for ; Sun, 16 Nov 2025 14:24:22 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id BEyXS82HE4zh for ; Sun, 16 Nov 2025 14:24:22 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.54; helo=mail-io1-f54.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f54.google.com (mail-io1-f54.google.com [209.85.166.54]) by mail.u-boot.org (Postfix) with ESMTPS id E9C1B6858A for ; Sun, 16 Nov 2025 14:24:17 -0700 (MST) Received: by mail-io1-f54.google.com with SMTP id ca18e2360f4ac-948614ceac0so144674339f.0 for ; Sun, 16 Nov 2025 13:24:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328256; x=1763933056; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JXKL8obfGSIwqvtTShlsZyxSX5OyrhUvX5iR5f8Lcgk=; b=aXboxl+xhPV8OrXaKBxcuAv378eCtPgbRz13RIvvpTZn+7+2MZHiDUu/1Iimg1sJcR 3AHOWiMua9ebGTRNzzSuubLRxHpWa1ywsvnj9CQDh73ToKdwNksyX7ZAZxs442mvbUaE sDdzENWJeSnIdzmgzBq+VqyPfeeA8+3mmBK5o= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328256; x=1763933056; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=JXKL8obfGSIwqvtTShlsZyxSX5OyrhUvX5iR5f8Lcgk=; b=RJQklScUViVAKa6VXsrM/HXhh1NpdNhmxnD9zr6GDZVzHnNOGkw6xEZ9o5JYljlkJV +mG6Jdppp3N4AFVquQdAmvym3zMjaKWioWSG3Fnfb4P5PSKkNG3dPtcYkmMOot7CqXCm XeURRLsq/Kbmjm/Umq6vevTGchyGY6vztdrH7xbb2IOfvLxoSsBlVKxxOqRpvqgCKELI UDbAeIWkGuwnWnOqMr+Bg6M86Hy45xZ9lGVOan9gJnjB6QKyoSR9NwlA1YoPWOyxanDh yT/7D6sMkbFUbRtotQk1baEmyQVyPyu1QnpzMpiuPo+tqxb4Uj+Q7ka3cICvWeGR5K7p wfxg== X-Gm-Message-State: AOJu0YzaiKBit5tohdTnMheaKqm1gZot9prdn6BLDfAnJQnF1CJ8D0oP MvFe6CAIVJiNCIG2Fgzmq6BeMiJ6s3Ko1rGcI7i4i5POaBWacCh3jWpsn4/fHybPbYtCNNxIhw/ X0X4= X-Gm-Gg: ASbGnctzaeeew/b7R/oJnVfmsIjQPwIqciEj8kNFkdb8dfAfWza5TF4DNOO4C2OVOzG LASTE8CJX5rpcflfF9aK1pjSv161iWRInav/K++YXBdIiDdMHw3bjyhWkWW6Csv80QlK6UjMnQ+ n0WrfmwzQ9T5IWKLtDlyey21TLk1ECL6GoVIpVPnHMi/knGF7TA4Zige1g2HLLFW14Pc4s8cE9M hU3QMBuQ9P6rwhsDEkoU79vfpG9Ufr7SIONwUD6HhfUTklo1Et68fziY55Jc98tGjmaEOvLxGsO ZLbkpMB27oCEeqE1+UixcD3oIU6a7/HtmFc6t0NpvCrTnG6mIT36fVIPNltzYgwgL5EgdOj+2kn b1sjfYXqY5+dxzs2jeRZCMou41JOgU3mZB+NNRJ2uIxGjdEK8CQa87Jtj5j87gneoQIJn//hHdC Rnbjc1Eoi4nkJQgPmLXiFlDaRxsRn2f6U6R2fwNg== X-Google-Smtp-Source: AGHT+IHRSCsLXmwCVQr+PkgWPxKtO+NmxNfbBOn81U8/YmWfBu8GzdWdwu9bq1/Z6Jmsc0mupCNKMQ== X-Received: by 2002:a05:6638:aa10:b0:5b7:40b5:7ba8 with SMTP id 8926c6da1cb9f-5b7c9de90fdmr6639356173.16.1763328256432; Sun, 16 Nov 2025 13:24:16 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.24.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:24:15 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:27 -0700 Message-ID: <20251116212334.1603490-14-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: PWYRXUQDNVMQQIT4DNWLHAWUEN6TNHCO X-Message-ID-Hash: PWYRXUQDNVMQQIT4DNWLHAWUEN6TNHCO X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 13/14] luks: Check for out-of-memory with Argon2 List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This algorithm can use a lot of memory, so add a check for this condition and return the correct error. Signed-off-by: Simon Glass --- drivers/block/luks2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/block/luks2.c b/drivers/block/luks2.c index e3f3ac28c34..db5f13badd9 100644 --- a/drivers/block/luks2.c +++ b/drivers/block/luks2.c @@ -676,7 +676,10 @@ static int try_keyslot_argon2(struct udevice *blk, struct disk_partition *pinfo, ks->kdf.salt_len, derived_key, ks->area.key_size); if (ret) { - log_err("Argon2id failed: %s\n", argon2_error_message(ret)); + log_err("Argon2id failed: %s (code=%d)\n", + argon2_error_message(ret), ret); + if (ret == ARGON2_MEMORY_ALLOCATION_ERROR) + return -ENOMEM; return -EPROTO; } log_debug("LUKS2 Argon2: key derivation succeeded\n"); From patchwork Sun Nov 16 21:23:28 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 728 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org Authentication-Results: mail.u-boot.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=GnMnv+Qu; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id A249B685FE for ; Sun, 16 Nov 2025 14:24:26 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id rmBgZE_uhy7r for ; Sun, 16 Nov 2025 14:24:26 -0700 (MST) Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id AE1446864C for ; Sun, 16 Nov 2025 14:24:24 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 99651684C5 for ; Sun, 16 Nov 2025 14:24:22 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id TE3VgrZRSTj0 for ; Sun, 16 Nov 2025 14:24:22 -0700 (MST) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.166.49; helo=mail-io1-f49.google.com; envelope-from=sjg@chromium.org; receiver=u-boot.org Received: from mail-io1-f49.google.com (mail-io1-f49.google.com [209.85.166.49]) by mail.u-boot.org (Postfix) with ESMTPS id CA57568641 for ; Sun, 16 Nov 2025 14:24:20 -0700 (MST) Received: by mail-io1-f49.google.com with SMTP id ca18e2360f4ac-94880a46f3fso112039439f.2 for ; Sun, 16 Nov 2025 13:24:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1763328259; x=1763933059; darn=u-boot.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jlqI9bRY37tfsnqw+zSi4scRbQWESX7SbhgZk1FSL7M=; b=GnMnv+QukQ0Exs8tPERUutPypOs3OVKhWkZis5Kh6eD5XGGwd8Esu5KMAKSXnZE1+V FSpe1TmeOqrJh5qM0fYTEDpHDkc2fdIoT0aEBw4xFLvUz/IHTJB7vC/zcQKEt6PBC9Kb HIXwx6apAhq+pw77o8JwlOMk3Wfnbb8kYhjag= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763328259; x=1763933059; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=jlqI9bRY37tfsnqw+zSi4scRbQWESX7SbhgZk1FSL7M=; b=j+onVOUKD8ty6/Egy/NPrYi/wfFzI+jUi2YdaRShGtTxX/sVzOG8XhFOb7QKip7THK UtoJYHHmEsGo3QkYAxgE4S26YgrfgQ65Krlag4eJ5uKPwiQ1SVG3dYT+MyR74n8wVEeY 93lAaLNfGvFElo8x8JGCjslf++qNRkO/STCV9dCHM7RikJRW7FP70MR0Gjynt6nCXtM2 l/GF+nl4/j9qy0EQO5kXqMc+h1VqN0jCfenV1e5oHO91/zYgaDtmUi7ugzNg7x9/iH7j Bu5PNGL/zCFjs5C5WB79KZiVyb7tml2YzzHwQH4laV4ihity7rkpL6Pc4U9hcWiCaY5Q y+zw== X-Gm-Message-State: AOJu0YzfH8y6yqfveffYbDAuheyudxOU57WbGVVgRfRkyt9Ou0W7pml7 CGTrwnRE4ckc4KugEcZgSgZeQ0m5V2R3OWtzko2oqP5wJCM992Ra3K4WHIrEMLnN9kH2dHNBIq8 WlmQ= X-Gm-Gg: ASbGncumLh5XnO3ZG/P93KG4CZC2opmtgistUNOOuFY6hZzQn67RZhKBIm7QY9hdice jfivxW8cgIjhBbTIte8Zq8+GMIGuzY7Ktup7rAAdfKn9wN4EeZdIWwYehbBIx8CFrCblQqzvU54 UMItqdlwBNDgnSovzqKD5T+2D6QgwtA3rvRvIDQaQdh07WXCHF47DEsRmAYWl/Qvu1+oGSYyXEl HKBwqk8/vUfnoGOz6+/34uLWeJIR5taOAbWNL6cghka9Z4e9hbkG+eCH7QNTufaNRhFWgMfxL4H hNwcMhkVXKbrgEN3DnlDGZQbRNOUhgad8mF1TWWMxoBr8+AdUKRdxSHpKu6KJjIsp2Tk1gL0b8M MQzxTNr9QdD3Jhbncmq4cKr733F8eZju7U8tCy6MfjarmwaC5/sCZqbNsdalfXmi4H0k8gws89H W9qQvdCUecAAOgUHX7 X-Google-Smtp-Source: AGHT+IHJpGv3gTM/w6OprRVEKXBEziuIDYj9K9/JXUoop9MPLYl/+PnepS54jzfXFZWNIXWjYUY2tQ== X-Received: by 2002:a05:6602:1344:b0:945:a27d:d4a6 with SMTP id ca18e2360f4ac-948e0d640d6mr1204433439f.12.1763328259317; Sun, 16 Nov 2025 13:24:19 -0800 (PST) Received: from chromium.org ([73.34.74.121]) by smtp.gmail.com with ESMTPSA id ca18e2360f4ac-948d2d162dcsm577962339f.13.2025.11.16.13.24.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Nov 2025 13:24:17 -0800 (PST) From: Simon Glass X-Google-Original-From: Simon Glass To: U-Boot Concept Date: Sun, 16 Nov 2025 14:23:28 -0700 Message-ID: <20251116212334.1603490-15-simon.glass@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251116212334.1603490-1-simon.glass@canonical.com> References: <20251116212334.1603490-1-simon.glass@canonical.com> MIME-Version: 1.0 Message-ID-Hash: PSXDJFG5EX227FUURAVGCMYQKNG5XRGM X-Message-ID-Hash: PSXDJFG5EX227FUURAVGCMYQKNG5XRGM X-MailFrom: sjg@chromium.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 14/14] luks: Support disk unlock using a TKey List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Add a -t option to the 'luks unlock' command to allow a TKey to be used to unlock a disk. The password is used as the user-supplied secret (USS) in this case. Co-developed-by: Claude Signed-off-by: Simon Glass --- cmd/luks.c | 94 +++++++++++++++++++++++++++++++++++++++--- doc/usage/cmd/luks.rst | 36 +++++++++++++--- 2 files changed, 119 insertions(+), 11 deletions(-) diff --git a/cmd/luks.c b/cmd/luks.c index 47d3e5bed7b..ec4d400b44e 100644 --- a/cmd/luks.c +++ b/cmd/luks.c @@ -8,8 +8,11 @@ #include #include #include +#include #include #include +#include +#include static int do_luks_detect(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) @@ -57,18 +60,86 @@ static int do_luks_info(struct cmd_tbl *cmdtp, int flag, int argc, return CMD_RET_SUCCESS; } +/** + * unlock_with_tkey() - Unlock LUKS partition using TKey-derived key + * + * This function uses TKey to derive a disk encryption key from the + * provided passphrase (used as USS) and uses it to unlock the LUKS partition. + * + * @dev_desc: Block device descriptor + * @info: Partition information + * @passphrase: Passphrase to use as USS for TKey + * @master_key: Buffer to receive unlocked master key + * @key_size: Pointer to receive key size + * Return: 0 on success, -ve on error + */ +static int unlock_with_tkey(struct blk_desc *dev_desc, + struct disk_partition *info, const char *passphrase, + u8 *master_key, u32 *key_size) +{ + u8 tkey_disk_key[TKEY_DISK_KEY_SIZE]; + u8 pubkey[TKEY_PUBKEY_SIZE]; + struct udevice *tkey_dev; + int ret; + + printf("Using TKey for disk encryption key\n"); + + /* Find TKey device */ + ret = uclass_first_device_err(UCLASS_TKEY, &tkey_dev); + if (ret) { + printf("Failed to find TKey device (err %dE)\n", ret); + return ret; + } + + /* Derive disk key using TKey with passphrase as USS */ + printf("Loading TKey signer app (%lx bytes) with USS...\n", + TKEY_SIGNER_SIZE); + ret = tkey_derive_disk_key(tkey_dev, (const u8 *)__signer_1_0_0_begin, + TKEY_SIGNER_SIZE, (const u8 *)passphrase, + strlen(passphrase), tkey_disk_key, pubkey, + NULL); + if (ret) { + printf("Failed to derive TKey disk key (err %dE)\n", ret); + return ret; + } + + printf("TKey public key: "); + print_hex_dump(" ", DUMP_PREFIX_NONE, 16, 1, pubkey, + TKEY_PUBKEY_SIZE, false); + + printf("TKey disk key derived successfully\n"); + printf("TKey derived disk key: "); + print_hex_dump(" ", DUMP_PREFIX_NONE, 16, 1, tkey_disk_key, + TKEY_DISK_KEY_SIZE, false); + + ret = luks_unlock(dev_desc->bdev, info, tkey_disk_key, + TKEY_DISK_KEY_SIZE, true, master_key, key_size); + + /* Wipe TKey disk key */ + memset(tkey_disk_key, '\0', sizeof(tkey_disk_key)); + + return ret; +} + static int do_luks_unlock(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) { struct blk_desc *dev_desc; struct disk_partition info; struct udevice *blkmap_dev; - const char *passphrase; + const char *passphrase = NULL; + bool use_tkey = false; int part, ret, version; u8 master_key[128]; char label[64]; u32 key_size; + /* Check for -t flag */ + if (!strcmp(argv[1], "-t")) { + use_tkey = true; + argc--; + argv++; + } if (argc != 4) return CMD_RET_USAGE; @@ -78,6 +149,10 @@ static int do_luks_unlock(struct cmd_tbl *cmdtp, int flag, int argc, passphrase = argv[3]; + log_debug("Partition start %llx blks %llx blksz%lx\n", + (unsigned long long)info.start, (unsigned long long)info.size, + (ulong)dev_desc->blksz); + /* Verify it's a LUKS partition */ version = luks_get_version(dev_desc->bdev, &info); if (version < 0) { @@ -87,9 +162,15 @@ static int do_luks_unlock(struct cmd_tbl *cmdtp, int flag, int argc, printf("Unlocking LUKS%d partition...\n", version); - /* Unlock the partition to get the master key */ - ret = luks_unlock(dev_desc->bdev, &info, (const u8 *)passphrase, - strlen(passphrase), false, master_key, &key_size); + if (use_tkey) { + ret = unlock_with_tkey(dev_desc, &info, passphrase, master_key, + &key_size); + } else { + /* Unlock with passphrase */ + ret = luks_unlock(dev_desc->bdev, &info,(const u8 *)passphrase, + strlen(passphrase), false, master_key, + &key_size); + } if (ret) { printf("Failed to unlock LUKS partition (err %dE)\n", ret); return CMD_RET_FAILURE; @@ -121,10 +202,11 @@ cleanup: static char luks_help_text[] = "detect - detect if partition is LUKS encrypted\n" "luks info - show LUKS header information\n" - "luks unlock - unlock LUKS partition\n"; + "luks unlock [-t] - unlock LUKS partition\n" + " -t: Use TKey hardware security token with passphrase as USS\n"; U_BOOT_CMD_WITH_SUBCMDS(luks, "LUKS (Linux Unified Key Setup) operations", luks_help_text, U_BOOT_SUBCMD_MKENT(detect, 3, 1, do_luks_detect), U_BOOT_SUBCMD_MKENT(info, 3, 1, do_luks_info), - U_BOOT_SUBCMD_MKENT(unlock, 4, 1, do_luks_unlock)); + U_BOOT_SUBCMD_MKENT(unlock, 5, 1, do_luks_unlock)); diff --git a/doc/usage/cmd/luks.rst b/doc/usage/cmd/luks.rst index 3c8576dc8a1..ccf915f5844 100644 --- a/doc/usage/cmd/luks.rst +++ b/doc/usage/cmd/luks.rst @@ -13,7 +13,7 @@ Synopsis luks detect luks info - luks unlock + luks unlock [-t] Description ----------- @@ -88,12 +88,17 @@ dev[:part] luks unlock ~~~~~~~~~~~ -Unlock a LUKS encrypted partition using a passphrase. This command: +Unlock a LUKS encrypted partition using a passphrase or TKey hardware token. +This command: 1. Verifies the partition is LUKS encrypted (LUKS1 or LUKS2) 2. Parses LUKS2 JSON metadata (if LUKS2) using FDT conversion -3. Derives the encryption key using PBKDF2 or Argon2id with the provided - passphrase +3. Derives the encryption key: + + - **Without -t**: Uses PBKDF2 or Argon2id with the provided passphrase + - **With -t**: Uses TKey hardware token with passphrase as USS (User-Supplied + Secret) to derive a disk encryption key + 4. Attempts to unlock each active key slot 5. Verifies the master key against the stored digest 6. Creates a blkmap device providing on-the-fly decryption @@ -118,6 +123,11 @@ be used to access files on the unlocked partition. * **Argon2id**: Memory-hard KDF resistant to GPU attacks (LUKS2 only, requires CONFIG_ARGON2) +-t + Optional flag to use TKey hardware security token. When specified, the + passphrase is used as the USS (User-Supplied Secret) to derive a disk + encryption key from the TKey's public key. + interface The storage interface type (e.g., mmc, usb, scsi) @@ -125,7 +135,8 @@ dev[:part] The device number and optional partition number passphrase - The passphrase to unlock the LUKS partition. Note that the passphrase is + The passphrase to unlock the LUKS partition. When using -t flag, this is + used as the USS for TKey key derivation. Note that the passphrase is passed as a command-line argument and may be visible in command history. Consider using environment variables to minimize exposure. @@ -228,6 +239,17 @@ Unlock and load a kernel from encrypted partition:: => bootz ${kernel_addr_r} - ${fdt_addr_r} +Unlock using TKey hardware token:: + + => luks unlock -t mmc 0:2 mypassword + Using TKey for disk encryption key + Loading TKey signer app (7168 bytes) with USS... + TKey public key: 3a b2 c4 ... (32 bytes) + TKey disk key derived successfully + Unlocking LUKS2 partition... + Successfully unlocked with key slot 0! + Unlocked LUKS partition as blkmap device 'luks-mmc-0:2' + Configuration ------------- @@ -254,6 +276,10 @@ For Argon2id support (modern LUKS2 KDF):: CONFIG_ARGON2=y # Argon2 password hashing (adds ~50KB to binary) +For TKey hardware token support (requires -t flag):: + + CONFIG_TKEY=y # TKey hardware security token support + Return value ------------