cbmk/config/grub/nvme/patches/0007-Compile-with-Argon2id-support.patch

From 67a96fa1d99ebf28dbdaefbce57e6f3cba2f6bf3 Mon Sep 17 00:00:00 2001
From: Ax333l <main@axelen.xyz>
Date: Thu, 17 Aug 2023 00:00:00 +0000
Subject: [PATCH 07/14] Compile with Argon2id support

Signed-off-by: Nicholas Johnson <nick@nicholasjohnson.ch>
---
 Makefile.util.def           |  6 +++++-
 grub-core/Makefile.core.def |  2 +-
 grub-core/disk/luks2.c      | 13 +++++++++++--
 3 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/Makefile.util.def b/Makefile.util.def
index 038253b37..2f19569c9 100644
--- a/Makefile.util.def
+++ b/Makefile.util.def
@@ -3,7 +3,7 @@ AutoGen definitions Makefile.tpl;
 library = {
   name = libgrubkern.a;
   cflags = '$(CFLAGS_GNULIB)';
-  cppflags = '$(CPPFLAGS_GNULIB) -I$(srcdir)/grub-core/lib/json';
+  cppflags = '$(CPPFLAGS_GNULIB) -I$(srcdir)/grub-core/lib/json -I$(srcdir)/grub-core/lib/argon2';
 
   common = util/misc.c;
   common = grub-core/kern/command.c;
@@ -36,6 +36,10 @@ library = {
   common = grub-core/kern/misc.c;
   common = grub-core/kern/partition.c;
   common = grub-core/lib/crypto.c;
+  common = grub-core/lib/argon2/argon2.c;
+  common = grub-core/lib/argon2/core.c;
+  common = grub-core/lib/argon2/ref.c;
+  common = grub-core/lib/argon2/blake2/blake2b.c;
   common = grub-core/lib/json/json.c;
   common = grub-core/disk/luks.c;
   common = grub-core/disk/luks2.c;
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index f5f9b040c..f1f38d8d3 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -1242,7 +1242,7 @@ module = {
   common = disk/luks2.c;
   common = lib/gnulib/base64.c;
   cflags = '$(CFLAGS_POSIX) $(CFLAGS_GNULIB)';
-  cppflags = '$(CPPFLAGS_POSIX) $(CPPFLAGS_GNULIB) -I$(srcdir)/lib/json';
+  cppflags = '$(CPPFLAGS_POSIX) $(CPPFLAGS_GNULIB) -I$(srcdir)/lib/json -I$(srcdir)/lib/argon2';
 };
 
 module = {
diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index efae8ac65..2e742f5be 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -28,6 +28,7 @@
 #include <grub/i18n.h>
 #include <grub/safemath.h>
 
+#include <argon2.h>
 #include <base64.h>
 #include <json.h>
 
@@ -463,8 +464,16 @@ luks2_decrypt_key (grub_uint8_t *out_key,
     {
       case LUKS2_KDF_TYPE_ARGON2I:
       case LUKS2_KDF_TYPE_ARGON2ID:
-	ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Argon2 not supported");
-	goto err;
+	ret = argon2_hash (k->kdf.u.argon2.time, k->kdf.u.argon2.memory, k->kdf.u.argon2.cpus,
+			   passphrase, passphraselen, salt, saltlen, area_key, k->area.key_size,
+			   k->kdf.type == LUKS2_KDF_TYPE_ARGON2I ? Argon2_i : Argon2_id,
+			   ARGON2_VERSION_NUMBER);
+        if (ret)
+	  {
+	    grub_dprintf ("luks2", "Argon2 failed: %s\n", argon2_error_message (ret));
+	    goto err;
+	  }
+        break;
       case LUKS2_KDF_TYPE_PBKDF2:
 	hash = grub_crypto_lookup_md_by_name (k->kdf.u.pbkdf2.hash);
 	if (!hash)
-- 
2.39.5