From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1kFJ3l-0003dd-E6
	for mharc-grub-devel@gnu.org; Mon, 07 Sep 2020 11:27:57 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:60100)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ps@pks.im>) id 1kFJ3k-0003as-9C
 for grub-devel@gnu.org; Mon, 07 Sep 2020 11:27:56 -0400
Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:44411)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ps@pks.im>) id 1kFJ3i-0007EA-JG
 for grub-devel@gnu.org; Mon, 07 Sep 2020 11:27:56 -0400
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.west.internal (Postfix) with ESMTP id 3B3418F5;
 Mon,  7 Sep 2020 11:27:53 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Mon, 07 Sep 2020 11:27:53 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=date
 :from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=fm2; bh=5sk6ZV03H26jYasWP7VGc5O1dxy
 ZnbsQ3YXGPvffCI4=; b=uLW8O/fMH6sjXTXIloO9mKxW880XfVrVOYuvPKKb31D
 4N9CAPp08r2F33KlzCJcdnabhgDRZ0+SGxO55N4Yb9Y6R9ghGomqRqnAcG58H3Wd
 HBkdy8isoHGpPb6LHLCNky7TgkAajy1q6zD6ItnZS+68zlpjKY5yXCoqRvC28g9A
 PhlNS7n0+2Yu9hnLV1Ttgx1kRCZsDG+zaOBjKleYwZRNpcm+o9s2PgjcapGEOMAN
 W0pDI+rXSltLdcVoQrMkmjxLuK0ushvBeiMfVltcM/oWS/Il6r8vPTbIBruxqmpk
 rdmV/RnNhpC9uMTPjHvY3z0Gc3m7N/t3/RTXoCHNkQQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=5sk6ZV
 03H26jYasWP7VGc5O1dxyZnbsQ3YXGPvffCI4=; b=M7YdMN4aEYdeQJ7jsOgwmg
 y6nTocoHU5sKYzJT7uJDemMtjG+gzefTc8Vu+EjxhE3+6388Gz/A5bSSPOOEdVbR
 qeItAJdujXNA3YoKegbpUYHcq+MZ95WKZ28iCrDcdv1Q/1hDXXAnuXyYRVESf86c
 v3rivCGf+PgJnBp35CCXpjfk/dwXmWtGeOqoSqKFGl/ejPFXiVaz28qjsf5GCtSG
 jaG12QA22WHHkyDbwtv2i/hR7HqVc/spYhfhFL5qimMdhvr/I0R8QW4nmcZ3aqnk
 WJg0JSmPQ1HlYw7f7n+DpbGdTRGtM+ipxEi14CBj9Uv+yJBWocXvaS97Z9IgPbfg
 ==
X-ME-Sender: <xms:eFFWXy0QGWscqNYQjQIwnObGzBeuMbBXj5nNbyYJGWBBQLzAF_cf7A>
 <xme:eFFWX1FtplUTrQHo2R5n_SVBF20EVT9eV0ALXw_a0O4VS-DM0fnxkcsDJisPJay6A
 YNbm-nV2NSD8jQq_Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrudehtddgledtucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhepfffhvffukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrrghtrhhi
 tghkucfuthgvihhnhhgrrhguthcuoehpshesphhkshdrihhmqeenucggtffrrghtthgvrh
 hnpeehgefhtdefueffheekgfffudelffejtdfhvdejkedthfehvdelgfetgfdvtedthfen
 ucfkphepkeelrddugedrfeekrddufeegnecuvehluhhsthgvrhfuihiivgepheenucfrrg
 hrrghmpehmrghilhhfrhhomhepphhssehpkhhsrdhimh
X-ME-Proxy: <xmx:eFFWX66pH_owOu2xh6dEsHqbvOOFPjymSlYL0BEpakam2XcVbNo6YQ>
 <xmx:eFFWXz3_OIevlKgswFjsEH7LW7jUuLkCk0ULh1X4xhOuJHRurH4naQ>
 <xmx:eFFWX1E_FTeXdqadt5bq_-vp0mYO8uePWwuDgD6qQd-vtPrr5buISQ>
 <xmx:eFFWXzPVB7erJfSBDHgM71KJe-JlQeUJET4J1BpKl9fKEeggQ03cBA>
Received: from vm-mail.pks.im (x590e2686.dyn.telefonica.de [89.14.38.134])
 by mail.messagingengine.com (Postfix) with ESMTPA id 157BF3280063;
 Mon,  7 Sep 2020 11:27:51 -0400 (EDT)
Received: from localhost (tanuki [10.192.0.23])
 by vm-mail.pks.im (OpenSMTPD) with ESMTPSA id f0a42ef2
 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); 
 Mon, 7 Sep 2020 15:27:51 +0000 (UTC)
Date: Mon, 7 Sep 2020 17:27:50 +0200
From: Patrick Steinhardt <ps@pks.im>
To: grub-devel@gnu.org
Cc: Denis GNUtoo Carikli <GNUtoo@cyberdimension.org>,
 Glenn Washburn <development@efficientek.com>,
 Daniel Kiper <daniel.kiper@oracle.com>
Subject: [PATCH v3 5/9] luks2: Improve error reporting when
 decrypting/verifying key
Message-ID: <eb4198a01b85dc4c985f969816f047a59337cf26.1599492346.git.ps@pks.im>
References: <cover.1598179677.git.ps@pks.im> <cover.1599492346.git.ps@pks.im>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="gKMricLos+KVdGMg"
Content-Disposition: inline
In-Reply-To: <cover.1599492346.git.ps@pks.im>
Received-SPF: pass client-ip=64.147.123.25; envelope-from=ps@pks.im;
 helo=wout2-smtp.messagingengine.com
X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/07 11:26:12
X-ACL-Warn: Detected OS   = Linux 2.2.x-3.x [generic] [fuzzy]
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Sep 2020 15:27:56 -0000


--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

While we already set up error messages in both `luks2_verify_key()` and
`luks2_decrypt_key()`, we do not ever print them. This makes it really
hard to discover why a given key actually failed to decrypt a disk.

Improve this by including the error message in the user-visible output.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
 grub-core/disk/luks2.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index 5f15a4d2c..26e1126b1 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -612,14 +612,16 @@ luks2_recover_key (grub_disk_t disk,
 			       (const grub_uint8_t *) passphrase, grub_strlen (passphrase));
       if (ret)
 	{
-	  grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_SIZE" failed=
\n", i);
+	  grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_SIZE" failed=
: %s\n",
+			i, grub_errmsg);
 	  continue;
 	}
=20
       ret =3D luks2_verify_key (&digest, candidate_key, keyslot.key_size);
       if (ret)
 	{
-	  grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_SIZE"\n", i);
+	  grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_SIZE": %s\n",
+			i, grub_errmsg);
 	  continue;
 	}
=20
--=20
2.28.0


--gKMricLos+KVdGMg
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEF9hrgiFbCdvenl/rVbJhu7ckPpQFAl9WUXUACgkQVbJhu7ck
PpTwtQ//bm4oqKObRht5sV9JhWMymFUPS3yoGs/5yoj3eHj35T2ibzvallgdJ1FO
rq7Nh45aI09P0HmB64L6yE8eIpOKRnS/8KSTj1Wb2oRY1v462FkcYCssL2neBJ64
xiFpzo3dKrpN9K68opWrzXw7aBYkAaIJuUP9j2C2ShNUhvjcCWpClIrdlBxjX8XP
PH6cpl0IF1BWytjGHd3Jiuso5cxcNXXIZEYAL2dcNsW5q8ZoRw0uDIE9Kwo6Kkf3
6WL3ZdzSNhiPQJYBzSNIk5B2LmDpMm3s1XX4rk4wCCOL3fc+nkZjtbqDu+pywtzp
IywbNR3sYMcmNIlT6jPSY0o2H9oQtULKbcKAE18f9JuGVMgz1qFN0Hoqr1feqAS/
+pHqRmA3gFpfnFFec3K319SYpllNgY74fTHKm8/QIEpONMKkiEUZoeDevvWAa6Ub
edwWLj4getqZTQNaKGM+aU10iaUU4UXT3kL48Il1SlKDUF5v+WvOFLS4pt1CTSGR
E90Jv8Dtpc56H7m2zVMNQCdNuqeCoB6AUy0Kid95asXoy1Dstd5IZa9MBiDKAyUu
HtfBOKN//2SOH048ZLAYMZC/E+XETxKOB4WlwYegVdI+Q2vFGrLKlKOFMm8M8xWA
SqN0pu+TWCvAnza/8dxASiAjNF2hrcX8T+Joiw3lqtoLRcg8kAI=
=YJ9g
-----END PGP SIGNATURE-----

--gKMricLos+KVdGMg--