The debug message printed when decryption with a keyslot fails is
missing its trailing newline. Add it to avoid mangling it with
subsequent output.
Signed-off-by: Patrick Steinhardt
---
grub-core/disk/luks2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/disk/luks
While GRUB is already able to parse both Argon2i and Argon2id parameters
from the LUKS2 header, it doesn't discern both types. This commit
introduces a new KDF type for Argon2id and sets up the parsed KDF's type
accordingly.
Signed-off-by: Patrick Steinhardt
---
grub-core/disk/luks2.c | 13 +
Hi,
as promised back when LUKS2 support was merged, here's the code that
enables decrypting LUKS2 partitions that use Argon2 as their key derival
function. Most of this is simple legwork, but I expect two things to be
potentially controversial:
- I've changed how EFI allocates memory. On my t
By default, GRUB will allocate a quarter of the pages it got available
in the EFI subsystem. On many current systems, this will amount to
roughly 800MB of RAM assuming an address space of 32 bits. This is
plenty for most use cases, but it doesn't suffice when using full disk
encryption with a key d
One addition with LUKS2 was support of the key derival function Argon2
in addition to the previously supported PBKDF2 algortihm. In order to
ease getting in initial support for LUKS2, we only reused infrastructure
to support LUKS2 with PBKDF2, but left out Argon2.
This commit now introduces suppor
In order to support the Argon2 key derival function for LUKS2, we
obviously need to implement Argon2. It doesn't make a lot of sense to
hand-code any crypto, which is why this commit instead imports Argon2
from the cryptsetup project. The cryptsetup project was chosen as
upstream simply because it