State of Argon2 support

State of Argon2 support

[Nikolaos Chatzikonstantinou]

Hello list,

I was wondering what the state of Argon2 support is. From some
searches online I found patches by Patrick Steinhardt that
experimentally add support for it.

I skimmed through the discussions on this list to understand what some
of the issues are:

1. Argon2 requires a lot of memory. How to allocate without breaking
backward-compat?
<https://lists.gnu.org/archive/html/grub-devel/2020-03/msg00180.html>
2. libgcrypt does not have support for Argon2. Possible solution is to
use the reference implementation, licensed under CC0. This is bringing
up issues (that I don't fully understand), would be preferable if the
authors released under GPLv3. Has there been a follow-up on this?
<https://lists.gnu.org/archive/html/grub-devel/2020-03/msg00170.html>

I don't know if there are more issues. I would appreciate some clarity
on this. If I can help in any way please let me know. Even if you'd
just like me to read the mailing lists and patches and describe a good
summary of the state of the issue, I can do it.

The interest in getting this done comes from the Guix System project
https://guix.gnu.org/>. In this distribution, the kernel lies under
/gnu/store and the usual (for me?) plain-boot encrypted-rest setup
cannot work unless using PBKDF.

Regards,
Nikolaos Chatzikonstantinou

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Oskari Pirhonen]

[-- Attachment #1.1: Type: text/plain, Size: 581 bytes --]

On Fri, Dec 22, 2023 at 12:29:22 -0500, Nikolaos Chatzikonstantinou wrote:
> 2. libgcrypt does not have support for Argon2. Possible solution is to
> use the reference implementation, licensed under CC0. This is bringing
> up issues (that I don't fully understand), would be preferable if the
> authors released under GPLv3. Has there been a follow-up on this?
> <https://lists.gnu.org/archive/html/grub-devel/2020-03/msg00170.html>
> 

Libgcrypt supports Argon2 as of 1.10 (March 2022). The version of
libgcrypt that is bundled with GRUB is older than that.

- Oskari

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

[-- Attachment #2: Type: text/plain, Size: 141 bytes --]

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Patrick Steinhardt]

[-- Attachment #1.1: Type: text/plain, Size: 2606 bytes --]

On Fri, Dec 22, 2023 at 09:43:35PM -0600, Oskari Pirhonen wrote:
> On Fri, Dec 22, 2023 at 12:29:22 -0500, Nikolaos Chatzikonstantinou wrote:
> > 2. libgcrypt does not have support for Argon2. Possible solution is to
> > use the reference implementation, licensed under CC0. This is bringing
> > up issues (that I don't fully understand), would be preferable if the
> > authors released under GPLv3. Has there been a follow-up on this?
> > <https://lists.gnu.org/archive/html/grub-devel/2020-03/msg00170.html>
> > 
> 
> Libgcrypt supports Argon2 as of 1.10 (March 2022). The version of
> libgcrypt that is bundled with GRUB is older than that.
> 
> - Oskari

Indeed. There are two different ways to implement Argon2 support in
GRUB:

  - Use the reference implementation of Argon2.

  - Update libgcrypt to a newer version.

I have sent patches that bundles the reference implementation in [1]
quite a while ago. Back then there was the problem that we couldn't
allocate required memory on UEFI-based systems, but we improved the
memory allocator with GRUB 2.12 to support this usecase now.

Still, I consider it to be the inferior option. Back when I posted the
patches (February 2020 originally) there was no Argon2 support in
libgcrypt yet, so it was the obvious choice. But now that libgcrypt does
have support it's a no-brainer to use its version of libgcrypt instead.

Problem is that upgrading the bundled libgcrypt library is not trivial
at all. I've tried multiple times, and every single time I quickly gave
up. There's simply too many things that have changed, and GRUB does have
quite a lot of patches on top of the current bundled version of the
library. Regardless of that it would be the right thing to do, because
in the long run we do want an up-to-date version of libgrcypt regardless
of Argon2 support anyway.

That being said, I do not see myself updating it given that it's such a
huge and frustrating endeavour to update it. If anybody else wants to
take up this task I'd be more than happy and would definitely want to
rebase my own patches on top of this work. But until somebody steps up
to handle this task it's not going to happen.

The alternative would be to just live with the current state of my patch
series, where we use the reference implementation until libgcrypt gets
updated. But I'm not sure whether Daniel would consider pulling this
version (Cc'd him so that he can post his opinion). If he would then I'd
be happy to re-send a rebased version of my patch series.

Patrick

[1]: <cover.1628430731.git.ps@pks.im>

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[-- Attachment #2: Type: text/plain, Size: 141 bytes --]

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Nikolaos Chatzikonstantinou]

On Mon, Jan 1, 2024 at 2:48 PM Patrick Steinhardt <ps@pks.im> wrote:
>
> On Fri, Dec 22, 2023 at 09:43:35PM -0600, Oskari Pirhonen wrote:
> > On Fri, Dec 22, 2023 at 12:29:22 -0500, Nikolaos Chatzikonstantinou wrote:
> > > 2. libgcrypt does not have support for Argon2. Possible solution is to
> > > use the reference implementation, licensed under CC0. This is bringing
> > > up issues (that I don't fully understand), would be preferable if the
> > > authors released under GPLv3. Has there been a follow-up on this?
> > > <https://lists.gnu.org/archive/html/grub-devel/2020-03/msg00170.html>
> > >
> >
> > Libgcrypt supports Argon2 as of 1.10 (March 2022). The version of
> > libgcrypt that is bundled with GRUB is older than that.
>
> Indeed. There are two different ways to implement Argon2 support in
> GRUB:
>
>   - Use the reference implementation of Argon2.
>
>   - Update libgcrypt to a newer version.
>
> Problem is that upgrading the bundled libgcrypt library is not trivial
> at all. I've tried multiple times, and every single time I quickly gave
> up. There's simply too many things that have changed, and GRUB does have
> quite a lot of patches on top of the current bundled version of the
> library. Regardless of that it would be the right thing to do, because
> in the long run we do want an up-to-date version of libgrcypt regardless
> of Argon2 support anyway.

That is interesting! Maybe I can give it a try.

It seems to me that my game plan is to find the two versions of
libgcrypt (old and new) and read the NEWS file carefully for how to
migrate.

Regards,
Nikolaos Chatzikonstantinou

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Daniel Kiper]

On Thu, Jan 04, 2024 at 10:49:06AM -0500, Nikolaos Chatzikonstantinou wrote:
> On Mon, Jan 1, 2024 at 2:48 PM Patrick Steinhardt <ps@pks.im> wrote:
> > On Fri, Dec 22, 2023 at 09:43:35PM -0600, Oskari Pirhonen wrote:
> > > On Fri, Dec 22, 2023 at 12:29:22 -0500, Nikolaos Chatzikonstantinou wrote:
> > > > 2. libgcrypt does not have support for Argon2. Possible solution is to
> > > > use the reference implementation, licensed under CC0. This is bringing
> > > > up issues (that I don't fully understand), would be preferable if the
> > > > authors released under GPLv3. Has there been a follow-up on this?
> > > > <https://lists.gnu.org/archive/html/grub-devel/2020-03/msg00170.html>
> > > >
> > >
> > > Libgcrypt supports Argon2 as of 1.10 (March 2022). The version of
> > > libgcrypt that is bundled with GRUB is older than that.
> >
> > Indeed. There are two different ways to implement Argon2 support in
> > GRUB:
> >
> >   - Use the reference implementation of Argon2.
> >
> >   - Update libgcrypt to a newer version.
> >
> > Problem is that upgrading the bundled libgcrypt library is not trivial
> > at all. I've tried multiple times, and every single time I quickly gave
> > up. There's simply too many things that have changed, and GRUB does have
> > quite a lot of patches on top of the current bundled version of the
> > library. Regardless of that it would be the right thing to do, because
> > in the long run we do want an up-to-date version of libgrcypt regardless
> > of Argon2 support anyway.
>
> That is interesting! Maybe I can give it a try.
>
> It seems to me that my game plan is to find the two versions of
> libgcrypt (old and new) and read the NEWS file carefully for how to
> migrate.

If you manage to do that it would be perfect...

If you have any questions or need help drop me a line.

Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Nikolaos Chatzikonstantinou]

On Tue, Jan 23, 2024 at 11:58 AM Daniel Kiper <dkiper@net-space.pl> wrote:
>
> On Thu, Jan 04, 2024 at 10:49:06AM -0500, Nikolaos Chatzikonstantinou wrote:
> > On Mon, Jan 1, 2024 at 2:48 PM Patrick Steinhardt <ps@pks.im> wrote:
> > >
> > > Indeed. There are two different ways to implement Argon2 support in
> > > GRUB:
> > >
> > >   - Use the reference implementation of Argon2.
> > >
> > >   - Update libgcrypt to a newer version.
> > >
> > > Problem is that upgrading the bundled libgcrypt library is not trivial
> > > at all. I've tried multiple times, and every single time I quickly gave
> > > up. There's simply too many things that have changed, and GRUB does have
> > > quite a lot of patches on top of the current bundled version of the
> > > library. Regardless of that it would be the right thing to do, because
> > > in the long run we do want an up-to-date version of libgrcypt regardless
> > > of Argon2 support anyway.
> >
> > That is interesting! Maybe I can give it a try.
> >
> > It seems to me that my game plan is to find the two versions of
> > libgcrypt (old and new) and read the NEWS file carefully for how to
> > migrate.
>
> If you manage to do that it would be perfect...
>
> If you have any questions or need help drop me a line.


Dear Daniel,

Thank you for offering your help, you motivated me to look into this.
I would like to ask, where is the libgcrypt source code bundled with
grub from? I checked that the files are not from the libgcrypt
repository in <git://git.gnupg.org/libgcrypt.git>. My method was to
search for the sha-1 sums with `git rev-list` and `git rev-parse`. I
automated the task by writing a python script which I called
"gitsearchdigest" (you can grab it from
<https://github.com/createyourpersonalaccount/gitsearchdigest>.)

What I did was run this command:

    cd grub-core/lib/libgcrypt/src
    find . -print0 | gitsearchdigest -C /path/to/libgcrypt_repo

However it came out blank, which, if my script is correct, means that
the files under grub-core/lib/libgcrypt/src do not ever appear in
their exact form in the git repository of libgcrypt. I made a manual
visual check on ChangeLog-2011 and it appeared to be modified.

Thus my conclusion is that grub has files that never appeared in the
libgcrypt repository, and it makes my attempt to upgrade it much
harder unless I can find out where they came from.

Regards,
Nikolaos Chatzikonstantinou

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Nikolaos Chatzikonstantinou]

On Wed, Jan 24, 2024 at 12:05 AM Nikolaos Chatzikonstantinou
<nchatz314@gmail.com> wrote:
>
> On Tue, Jan 23, 2024 at 11:58 AM Daniel Kiper <dkiper@net-space.pl> wrote:
> >
> > On Thu, Jan 04, 2024 at 10:49:06AM -0500, Nikolaos Chatzikonstantinou wrote:
> > > On Mon, Jan 1, 2024 at 2:48 PM Patrick Steinhardt <ps@pks.im> wrote:
> > > >
> > > > Indeed. There are two different ways to implement Argon2 support in
> > > > GRUB:
> > > >
> > > >   - Use the reference implementation of Argon2.
> > > >
> > > >   - Update libgcrypt to a newer version.
> > > >
> > > > Problem is that upgrading the bundled libgcrypt library is not trivial
> > > > at all. I've tried multiple times, and every single time I quickly gave
> > > > up. There's simply too many things that have changed, and GRUB does have
> > > > quite a lot of patches on top of the current bundled version of the
> > > > library. Regardless of that it would be the right thing to do, because
> > > > in the long run we do want an up-to-date version of libgrcypt regardless
> > > > of Argon2 support anyway.
> > >
> > > That is interesting! Maybe I can give it a try.
> > >
> > > It seems to me that my game plan is to find the two versions of
> > > libgcrypt (old and new) and read the NEWS file carefully for how to
> > > migrate.
> >
> > If you manage to do that it would be perfect...
> >
> > If you have any questions or need help drop me a line.
>
>
> Dear Daniel,
>
> Thank you for offering your help, you motivated me to look into this.
> I would like to ask, where is the libgcrypt source code bundled with
> grub from? I checked that the files are not from the libgcrypt
> repository in <git://git.gnupg.org/libgcrypt.git>.

Of course I misused my own tool by using it under the wrong CWD. This works:

    cd grub-core/lib/libgcrypt && find . print0 | gitsearchdigest -C
/path/to/libgcrypt_repo

With some fiddling via `git log $commit --pretty="tformat:%H %ct" -1`
and sorting on the unix timestamp I got the libgcrypt commit 897ccd2
from March of 2016 . I have a decent starting point now.

Regards,
Nikolaos Chatzikonstantinou

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Nikolaos Chatzikonstantinou]

On Wed, Jan 24, 2024 at 12:46 AM Nikolaos Chatzikonstantinou
<nchatz314@gmail.com> wrote:
>
> On Wed, Jan 24, 2024 at 12:05 AM Nikolaos Chatzikonstantinou
> <nchatz314@gmail.com> wrote:
> >
> > On Tue, Jan 23, 2024 at 11:58 AM Daniel Kiper <dkiper@net-space.pl> wrote:
> > >
> > > On Thu, Jan 04, 2024 at 10:49:06AM -0500, Nikolaos Chatzikonstantinou wrote:
> > > > On Mon, Jan 1, 2024 at 2:48 PM Patrick Steinhardt <ps@pks.im> wrote:
> > > > >
> > > > > Indeed. There are two different ways to implement Argon2 support in
> > > > > GRUB:
> > > > >
> > > > >   - Use the reference implementation of Argon2.
> > > > >
> > > > >   - Update libgcrypt to a newer version.
> > > > >
> > > > > Problem is that upgrading the bundled libgcrypt library is not trivial
> > > > > at all. I've tried multiple times, and every single time I quickly gave
> > > > > up. There's simply too many things that have changed, and GRUB does have
> > > > > quite a lot of patches on top of the current bundled version of the
> > > > > library. Regardless of that it would be the right thing to do, because
> > > > > in the long run we do want an up-to-date version of libgrcypt regardless
> > > > > of Argon2 support anyway.
> > > >
> > > > That is interesting! Maybe I can give it a try.
> > > >
> > > > It seems to me that my game plan is to find the two versions of
> > > > libgcrypt (old and new) and read the NEWS file carefully for how to
> > > > migrate.
> > >
> > > If you manage to do that it would be perfect...
> > >
> > > If you have any questions or need help drop me a line.
> >
> >
> > Dear Daniel,
> >
> > Thank you for offering your help, you motivated me to look into this.
> > I would like to ask, where is the libgcrypt source code bundled with
> > grub from? I checked that the files are not from the libgcrypt
> > repository in <git://git.gnupg.org/libgcrypt.git>.
>
> Of course I misused my own tool by using it under the wrong CWD. This works:
>
>     cd grub-core/lib/libgcrypt && find . print0 | gitsearchdigest -C
> /path/to/libgcrypt_repo
>
> With some fiddling via `git log $commit --pretty="tformat:%H %ct" -1`
> and sorting on the unix timestamp I got the libgcrypt commit 897ccd2
> from March of 2016 . I have a decent starting point now.

My apologies for the repeated messages, but I came up with just one
more question that I'm curious about. To summarize my questions:

1. Where is the libgcrypt bundle from grub from? I think my
investigation has led me around version 1.7.0 of libgcrypt, but if I
can get a precise commit or version, that would be useful.

... and now to my new question:

2. What is the reason libgcrypt is bundled as opposed to a regular dependency?

Thank you,
Nikolaos Chatzikonstantinou

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Daniel Kiper]

Adding Vladimir who knows GRUB history better than I...

On Wed, Jan 24, 2024 at 01:23:55AM -0500, Nikolaos Chatzikonstantinou wrote:

[...]

> My apologies for the repeated messages, but I came up with just one
> more question that I'm curious about. To summarize my questions:
>
> 1. Where is the libgcrypt bundle from grub from? I think my
> investigation has led me around version 1.7.0 of libgcrypt, but if I
> can get a precise commit or version, that would be useful.
>
> ... and now to my new question:

Vladimir, could you help with that?

> 2. What is the reason libgcrypt is bundled as opposed to a regular dependency?

I am not entirely sure I understand the question. Could you elaborate?

Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Nikolaos Chatzikonstantinou]

On Thu, Jan 25, 2024 at 1:15 PM Daniel Kiper <dkiper@net-space.pl> wrote:
>
> Adding Vladimir who knows GRUB history better than I...
>
> On Wed, Jan 24, 2024 at 01:23:55AM -0500, Nikolaos Chatzikonstantinou wrote:
>
> [...]
>
> > My apologies for the repeated messages, but I came up with just one
> > more question that I'm curious about. To summarize my questions:
> >
> > 1. Where is the libgcrypt bundle from grub from? I think my
> > investigation has led me around version 1.7.0 of libgcrypt, but if I
> > can get a precise commit or version, that would be useful.
> >
> > ... and now to my new question:
>
> Vladimir, could you help with that?
>
> > 2. What is the reason libgcrypt is bundled as opposed to a regular dependency?
>
> I am not entirely sure I understand the question. Could you elaborate?

By bundling, I mean that someone copied libgcrypt files into the GRUB project.

To elaborate further, regular programs (not like GRUB which is a
bootloader) can link statically or dynamically to libraries; but also,
there's a third option, to dump the source code of a library directly
into the source tree of the project. To my understanding this third
option (which is not really a third linker option as it is not related
to the linker) is chosen when the project needs to include its own
patch set to the library. I am curious if GRUB has patched libgcrypt
for some reason, and is that why libgcrypt is bundled with GRUB?

Regards,
Nikolaos Chatzikonstantinou

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Patrick Steinhardt]

[-- Attachment #1.1: Type: text/plain, Size: 2218 bytes --]

On Fri, Jan 26, 2024 at 03:18:57AM -0500, Nikolaos Chatzikonstantinou wrote:
> On Thu, Jan 25, 2024 at 1:15 PM Daniel Kiper <dkiper@net-space.pl> wrote:
> >
> > Adding Vladimir who knows GRUB history better than I...
> >
> > On Wed, Jan 24, 2024 at 01:23:55AM -0500, Nikolaos Chatzikonstantinou wrote:
> >
> > [...]
> >
> > > My apologies for the repeated messages, but I came up with just one
> > > more question that I'm curious about. To summarize my questions:
> > >
> > > 1. Where is the libgcrypt bundle from grub from? I think my
> > > investigation has led me around version 1.7.0 of libgcrypt, but if I
> > > can get a precise commit or version, that would be useful.
> > >
> > > ... and now to my new question:
> >
> > Vladimir, could you help with that?
> >
> > > 2. What is the reason libgcrypt is bundled as opposed to a regular dependency?
> >
> > I am not entirely sure I understand the question. Could you elaborate?
> 
> By bundling, I mean that someone copied libgcrypt files into the GRUB project.
> 
> To elaborate further, regular programs (not like GRUB which is a
> bootloader) can link statically or dynamically to libraries; but also,
> there's a third option, to dump the source code of a library directly
> into the source tree of the project. To my understanding this third
> option (which is not really a third linker option as it is not related
> to the linker) is chosen when the project needs to include its own
> patch set to the library. I am curious if GRUB has patched libgcrypt
> for some reason, and is that why libgcrypt is bundled with GRUB?

Yeah, the libgcrypt version carried by GRUB is heavily patched so that
it compiles within the non-libc environment that GRUB uses. That is the
whole crux of this topic -- if libgcrypt was simply a vanilla version
then it shouldn't be all that hard to update.

I think in the long term it would be great indeed if we could refrain
from patching libgcrypt to the widest extent possible so that future
updates become easier. I guess that would require something of a "shim"
header that makes available all of the prerequisites that are currently
missing for libgcrypt to compile.

Patrick

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[-- Attachment #2: Type: text/plain, Size: 141 bytes --]

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Daniel Kiper]

On Fri, Jan 26, 2024 at 03:18:57AM -0500, Nikolaos Chatzikonstantinou wrote:
> On Thu, Jan 25, 2024 at 1:15 PM Daniel Kiper <dkiper@net-space.pl> wrote:
> >
> > Adding Vladimir who knows GRUB history better than I...
> >
> > On Wed, Jan 24, 2024 at 01:23:55AM -0500, Nikolaos Chatzikonstantinou wrote:
> >
> > [...]
> >
> > > My apologies for the repeated messages, but I came up with just one
> > > more question that I'm curious about. To summarize my questions:
> > >
> > > 1. Where is the libgcrypt bundle from grub from? I think my
> > > investigation has led me around version 1.7.0 of libgcrypt, but if I
> > > can get a precise commit or version, that would be useful.
> > >
> > > ... and now to my new question:
> >
> > Vladimir, could you help with that?
> >
> > > 2. What is the reason libgcrypt is bundled as opposed to a regular dependency?
> >
> > I am not entirely sure I understand the question. Could you elaborate?
>
> By bundling, I mean that someone copied libgcrypt files into the GRUB project.
>
> To elaborate further, regular programs (not like GRUB which is a
> bootloader) can link statically or dynamically to libraries; but also,
> there's a third option, to dump the source code of a library directly
> into the source tree of the project. To my understanding this third
> option (which is not really a third linker option as it is not related
> to the linker) is chosen when the project needs to include its own
> patch set to the library. I am curious if GRUB has patched libgcrypt
> for some reason, and is that why libgcrypt is bundled with GRUB?

I think Vladimir could tell us more here...

Anyway, I think we should avoid patching libgcrypt, or any given library
merged with GRUB source, as much as possible.

Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Daniel Kiper]

On Fri, Jan 26, 2024 at 10:55:21AM +0100, Patrick Steinhardt wrote:
> On Fri, Jan 26, 2024 at 03:18:57AM -0500, Nikolaos Chatzikonstantinou wrote:
> > On Thu, Jan 25, 2024 at 1:15 PM Daniel Kiper <dkiper@net-space.pl> wrote:
> > >
> > > Adding Vladimir who knows GRUB history better than I...
> > >
> > > On Wed, Jan 24, 2024 at 01:23:55AM -0500, Nikolaos Chatzikonstantinou wrote:
> > >
> > > [...]
> > >
> > > > My apologies for the repeated messages, but I came up with just one
> > > > more question that I'm curious about. To summarize my questions:
> > > >
> > > > 1. Where is the libgcrypt bundle from grub from? I think my
> > > > investigation has led me around version 1.7.0 of libgcrypt, but if I
> > > > can get a precise commit or version, that would be useful.
> > > >
> > > > ... and now to my new question:
> > >
> > > Vladimir, could you help with that?
> > >
> > > > 2. What is the reason libgcrypt is bundled as opposed to a regular dependency?
> > >
> > > I am not entirely sure I understand the question. Could you elaborate?
> >
> > By bundling, I mean that someone copied libgcrypt files into the GRUB project.
> >
> > To elaborate further, regular programs (not like GRUB which is a
> > bootloader) can link statically or dynamically to libraries; but also,
> > there's a third option, to dump the source code of a library directly
> > into the source tree of the project. To my understanding this third
> > option (which is not really a third linker option as it is not related
> > to the linker) is chosen when the project needs to include its own
> > patch set to the library. I am curious if GRUB has patched libgcrypt
> > for some reason, and is that why libgcrypt is bundled with GRUB?
>
> Yeah, the libgcrypt version carried by GRUB is heavily patched so that
> it compiles within the non-libc environment that GRUB uses. That is the
> whole crux of this topic -- if libgcrypt was simply a vanilla version
> then it shouldn't be all that hard to update.
>
> I think in the long term it would be great indeed if we could refrain
> from patching libgcrypt to the widest extent possible so that future
> updates become easier. I guess that would require something of a "shim"
> header that makes available all of the prerequisites that are currently
> missing for libgcrypt to compile.

I concur! However, it would be nice to have simple mechanism which allow
us to disable unused features. I am not sure it will be possible without
patching libgcrypt heavily.

Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Vladimir 'phcoder' Serbinenko]

[-- Attachment #1.1: Type: text/plain, Size: 2218 bytes --]

Le ven. 26 janv. 2024, 20:50, Daniel Kiper <dkiper@net-space.pl> a écrit :

> On Fri, Jan 26, 2024 at 03:18:57AM -0500, Nikolaos Chatzikonstantinou
> wrote:
> > On Thu, Jan 25, 2024 at 1:15 PM Daniel Kiper <dkiper@net-space.pl>
> wrote:
> > >
> > > Adding Vladimir who knows GRUB history better than I...
> > >
> > > On Wed, Jan 24, 2024 at 01:23:55AM -0500, Nikolaos Chatzikonstantinou
> wrote:
> > >
> > > [...]
> > >
> > > > My apologies for the repeated messages, but I came up with just one
> > > > more question that I'm curious about. To summarize my questions:
> > > >
> > > > 1. Where is the libgcrypt bundle from grub from? I think my
> > > > investigation has led me around version 1.7.0 of libgcrypt, but if I
> > > > can get a precise commit or version, that would be useful.
> > > >
> > > > ... and now to my new question:
> > >
> > > Vladimir, could you help with that?
> > >
> > > > 2. What is the reason libgcrypt is bundled as opposed to a regular
> dependency?
> > >
> > > I am not entirely sure I understand the question. Could you elaborate?
> >
> > By bundling, I mean that someone copied libgcrypt files into the GRUB
> project.
> >
> > To elaborate further, regular programs (not like GRUB which is a
> > bootloader) can link statically or dynamically to libraries; but also,
> > there's a third option, to dump the source code of a library directly
> > into the source tree of the project. To my understanding this third
> > option (which is not really a third linker option as it is not related
> > to the linker) is chosen when the project needs to include its own
> > patch set to the library. I am curious if GRUB has patched libgcrypt
> > for some reason, and is that why libgcrypt is bundled with GRUB?
>
> I think Vladimir could tell us more here...
>
> Anyway, I think we should avoid patching libgcrypt, or any given library
> merged with GRUB source, as much as possible.
>
This was my goal as well. Almost all the changes are difficult to avoid.
But at least they are automated in most cases. See import_gcry script. I'm
not on my computer now. I hope to find a time to have a look until the end
of next week.

>
> Daniel
>

[-- Attachment #1.2: Type: text/html, Size: 3023 bytes --]

[-- Attachment #2: Type: text/plain, Size: 141 bytes --]

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Nikolaos Chatzikonstantinou]

I want to share a small update:

I'm reading the GRUB source code for the memory manager to get a bit
acclimated.  I was surprised to see libgcrypt depend on <stdio.h>.
Asking around, the monocypher library was brought to my attention,
<https://monocypher.org/>. No external dependencies, the license is
compatible, just two files monocypher.c and .h that can be bundled,
supports argon2, and it's already used by some bootloaders/firmware
(ArduPilot Project, Joulescope). It is however written in pure C99; it
seems to me that it supports architectures that a C99 compiler can
target.

While the goal of upgrading libgcrypt is noble, it is a bit scary as
libgcrypt seems difficult to navigate for me, the import_gcry.py
script also being hard to read. So I have the following questions:

1) What are the cryptographic requirements of GRUB? I.e. which
features and algorithms does GRUB require right now?
2) Can we include monocypher just for the purpose of unlocking
argon2-configured luks2 partitions?
3) Is it of interest to replace libgcrypt entirely (if possible, with
monocypher e.g.?)

If the best plan to go ahead with is to upgrade libgcrypt, as I've
said before, it would be good to know the version currently bundled
with GRUB  (I'm just reiterating this point.) But from my viewpoint,
libgcrypt is a userland library with a wide range of features; perhaps
not the most appropriate for a bootloader. I'm wondering if the
reasons that led to choosing libgcrypt in the past for GRUB can be
reevaluated now that there are more options for cryptographic
libraries.

Regards,
Nikolaos Chatzikonstantinou

On Fri, Jan 26, 2024 at 3:31 PM Vladimir 'phcoder' Serbinenko
<phcoder@gmail.com> wrote:
>
>
>
> Le ven. 26 janv. 2024, 20:50, Daniel Kiper <dkiper@net-space.pl> a écrit :
>>
>> On Fri, Jan 26, 2024 at 03:18:57AM -0500, Nikolaos Chatzikonstantinou wrote:
>> > On Thu, Jan 25, 2024 at 1:15 PM Daniel Kiper <dkiper@net-space.pl> wrote:
>> > >
>> > > Adding Vladimir who knows GRUB history better than I...
>> > >
>> > > On Wed, Jan 24, 2024 at 01:23:55AM -0500, Nikolaos Chatzikonstantinou wrote:
>> > >
>> > > [...]
>> > >
>> > > > My apologies for the repeated messages, but I came up with just one
>> > > > more question that I'm curious about. To summarize my questions:
>> > > >
>> > > > 1. Where is the libgcrypt bundle from grub from? I think my
>> > > > investigation has led me around version 1.7.0 of libgcrypt, but if I
>> > > > can get a precise commit or version, that would be useful.
>> > > >
>> > > > ... and now to my new question:
>> > >
>> > > Vladimir, could you help with that?
>> > >
>> > > > 2. What is the reason libgcrypt is bundled as opposed to a regular dependency?
>> > >
>> > > I am not entirely sure I understand the question. Could you elaborate?
>> >
>> > By bundling, I mean that someone copied libgcrypt files into the GRUB project.
>> >
>> > To elaborate further, regular programs (not like GRUB which is a
>> > bootloader) can link statically or dynamically to libraries; but also,
>> > there's a third option, to dump the source code of a library directly
>> > into the source tree of the project. To my understanding this third
>> > option (which is not really a third linker option as it is not related
>> > to the linker) is chosen when the project needs to include its own
>> > patch set to the library. I am curious if GRUB has patched libgcrypt
>> > for some reason, and is that why libgcrypt is bundled with GRUB?
>>
>> I think Vladimir could tell us more here...
>>
>> Anyway, I think we should avoid patching libgcrypt, or any given library
>> merged with GRUB source, as much as possible.
>
> This was my goal as well. Almost all the changes are difficult to avoid. But at least they are automated in most cases. See import_gcry script. I'm not on my computer now. I hope to find a time to have a look until the end of next week.
>>
>>
>> Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Daniel Kiper]

On Tue, Jan 30, 2024 at 10:18:20AM -0500, Nikolaos Chatzikonstantinou wrote:
> I want to share a small update:
>
> I'm reading the GRUB source code for the memory manager to get a bit
> acclimated.  I was surprised to see libgcrypt depend on <stdio.h>.

Hmmm...

> Asking around, the monocypher library was brought to my attention,
> <https://monocypher.org/>. No external dependencies, the license is
> compatible, just two files monocypher.c and .h that can be bundled,
> supports argon2, and it's already used by some bootloaders/firmware
> (ArduPilot Project, Joulescope). It is however written in pure C99; it
> seems to me that it supports architectures that a C99 compiler can
> target.
>
> While the goal of upgrading libgcrypt is noble, it is a bit scary as
> libgcrypt seems difficult to navigate for me, the import_gcry.py
> script also being hard to read. So I have the following questions:
>
> 1) What are the cryptographic requirements of GRUB? I.e. which
> features and algorithms does GRUB require right now?
> 2) Can we include monocypher just for the purpose of unlocking
> argon2-configured luks2 partitions?
> 3) Is it of interest to replace libgcrypt entirely (if possible, with
> monocypher e.g.?)

If this change will not break (much) currently existing features and
simplify the code I am OK with doing this experiment.

> If the best plan to go ahead with is to upgrade libgcrypt, as I've
> said before, it would be good to know the version currently bundled
> with GRUB  (I'm just reiterating this point.) But from my viewpoint,

Let me poke Vladimir once again...

> libgcrypt is a userland library with a wide range of features; perhaps
> not the most appropriate for a bootloader. I'm wondering if the
> reasons that led to choosing libgcrypt in the past for GRUB can be
> reevaluated now that there are more options for cryptographic
> libraries.

As I said above, I am OK with reevaluating current libgcrypt approach.

Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: State of Argon2 support

[Nikolaos Chatzikonstantinou]

On Fri, Feb 2, 2024 at 9:10 AM Daniel Kiper <dkiper@net-space.pl> wrote:
>
> On Tue, Jan 30, 2024 at 10:18:20AM -0500, Nikolaos Chatzikonstantinou wrote:
> > I want to share a small update:
> >
> > I'm reading the GRUB source code for the memory manager to get a bit
> > acclimated.  I was surprised to see libgcrypt depend on <stdio.h>.
>
> Hmmm...
>
> > Asking around, the monocypher library was brought to my attention,
> > <https://monocypher.org/>. No external dependencies, the license is
> > compatible, just two files monocypher.c and .h that can be bundled,
> > supports argon2, and it's already used by some bootloaders/firmware
> > (ArduPilot Project, Joulescope). It is however written in pure C99; it
> > seems to me that it supports architectures that a C99 compiler can
> > target.
> >
> > While the goal of upgrading libgcrypt is noble, it is a bit scary as
> > libgcrypt seems difficult to navigate for me, the import_gcry.py
> > script also being hard to read. So I have the following questions:
> >
> > 1) What are the cryptographic requirements of GRUB? I.e. which
> > features and algorithms does GRUB require right now?
> > 2) Can we include monocypher just for the purpose of unlocking
> > argon2-configured luks2 partitions?
> > 3) Is it of interest to replace libgcrypt entirely (if possible, with
> > monocypher e.g.?)
>
> If this change will not break (much) currently existing features and
> simplify the code I am OK with doing this experiment.
>
> > If the best plan to go ahead with is to upgrade libgcrypt, as I've
> > said before, it would be good to know the version currently bundled
> > with GRUB  (I'm just reiterating this point.) But from my viewpoint,
>
> Let me poke Vladimir once again...
>
> > libgcrypt is a userland library with a wide range of features; perhaps
> > not the most appropriate for a bootloader. I'm wondering if the
> > reasons that led to choosing libgcrypt in the past for GRUB can be
> > reevaluated now that there are more options for cryptographic
> > libraries.
>
> As I said above, I am OK with reevaluating current libgcrypt approach.

Ping on this; Vladimir if you are busy that is ok, just give me a
later date and I can ping you later. You said something about the end
of the week, so I keep thinking about this... But for me it's not
urgent. If you want to respond in 2 months, that's fine too, but just
let me know so that I can put it past me for now.

Regards,
Nikolaos Chatzikonstantinou

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel