tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

util/import_gcry: Import kdf.c for Argon2

Browse Source 
The import_gcry.py script now imports kdf.c from libgcrypt. To isolate
the Argon2 implementation, all unrelated functions have been removed.

Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Gary Lin 2025-10-15 11:00:16 +08:00 committed by Daniel Kiper
parent 6b5c671d35
commit 5b81f490c4
1 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
util/import_gcry.py
View File

@ -145,8 +145,8 @@ with codecs.open (os.path.join (cipher_dir_out, "crypto.lst"), "w", "utf-8") as
if re.match (r"(Makefile\.am|primegen\.c|cipher\.c|cipher-.*\.c|mac-.*\.c|mac\.c|pubkey\.c)$", cipher_file):
chlog = "%s%s: Removed\n" % (chlog, chlognew)
continue
# TODO: Support KDF
if re.match (r"(kdf\.c|scrypt\.c)$", cipher_file):
# TODO: Support scrypt KDF
if re.match (r"(scrypt\.c)$", cipher_file):
chlog = "%s%s: Removed\n" % (chlog, chlognew)
continue
# TODO: Support chacha20 and poly1305
@ -313,6 +313,17 @@ with codecs.open (os.path.join (cipher_dir_out, "crypto.lst"), "w", "utf-8") as
chlognew = "%s %s" % (chlognew, chmsg)
nch = True
continue
elif re.match ("_gcry_kdf_selftest|check_one|_gcry_kdf_pkdf2|_gcry_kdf_derive|openpgp_s2k|ballon_context_size|balloon_*|prng_aes_*|onestep_kdf_*|hkdf_*|x963_kdf_*", line) is not None and cipher_file == "kdf.c":
# TODO Support other KDFs
skip = 1
fname = re.match ("[a-zA-Z0-9_]*", line).group ()
chmsg = "(%s): Removed." % fname
if nch:
chlognew = "%s\n %s" % (chlognew, chmsg)
else:
chlognew = "%s %s" % (chlognew, chmsg)
nch = True
continue
else:
fw.write (holdline)
m = re.match ("# *include <(.*)>", line)
@ -439,7 +450,7 @@ with codecs.open (os.path.join (cipher_dir_out, "crypto.lst"), "w", "utf-8") as
nch = True
continue
m = re.match (r"((static )?const char( |)\*|static const gcry_md_spec_t \*|(static )?gpg_err_code_t|gpg_error_t|void|(static )?int|(static )?unsigned int|(static )?gcry_err_code_t|static gcry_mpi_t|static void|void|static elliptic_curve_t) *$", line)
m = re.match (r"((static )?const char( |)\*|static const gcry_md_spec_t \*|(static )?gpg_err_code_t|gpg_error_t|void|(static )?int|(static )?unsigned int|(static )?gcry_err_code_t|static gcry_mpi_t|static void|void|static elliptic_curve_t|static u64|static size_t) *$", line)
if not m is None:
hold = True
holdline = line
@ -575,6 +586,20 @@ with codecs.open (os.path.join (cipher_dir_out, "crypto.lst"), "w", "utf-8") as
conf.write ("};\n\n")
if nch:
chlog = "%s%s\n" % (chlog, chlognew)
elif cipher_file == "kdf.c":
modfiles = ["kdf.c"]
if modname in extra_files:
modfiles += extra_files[modname]
conf.write ("module = {\n")
conf.write (" name = %s;\n" % modname)
for src in modfiles:
conf.write (" common = lib/libgcrypt-grub/cipher/%s;\n" % src)
confutil.write (" common = grub-core/lib/libgcrypt-grub/cipher/%s;\n" % src)
conf.write (" cflags = '$(CFLAGS_GCRY)';\n")
conf.write (" cppflags = '$(CPPFLAGS_GCRY)';\n")
conf.write ("};\n\n")
if nch:
chlog = "%s%s\n" % (chlog, chlognew)
elif isc and cipher_file not in extra_files_list:
print ("WARNING: C file isn't a module: %s" % cipher_file)
os.remove (outfile)