>From f06f4c0388797a50b55f479f7b10a24a52be4701 Mon Sep 17 00:00:00 2001
From: Klaus Frank <address@hidden>
Date: Sun, 20 Jan 2019 00:03:13 +0100
Subject: [PATCH 4/4] add verify password functionality

---
 util/grub-mkpasswd-pbkdf2.c | 33 ++++++++++++++++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/util/grub-mkpasswd-pbkdf2.c b/util/grub-mkpasswd-pbkdf2.c
index 92e18fd37..4ed62d04f 100644
--- a/util/grub-mkpasswd-pbkdf2.c
+++ b/util/grub-mkpasswd-pbkdf2.c
@@ -42,10 +42,13 @@
 
 #include "progname.h"
 
+int unhexify(grub_uint8_t*, const char*);
+
 static struct argp_option options[] = {
   {"iteration-count",  'c', N_("NUM"), 0, N_("Number of PBKDF2 iterations"), 0},
   {"buflen",  'l', N_("NUM"), 0, N_("Length of generated hash"), 0},
   {"salt",  's', N_("NUM"), 0, N_("Length of salt"), 0},
+  {"salt-value", 'v', N_("STR"), 0, N_("Salt"), 0},
   {"quiet", 'q', 0, 0, N_("Only output hash, suppress other output, indended for pipes"), 0},
   { 0, 0, 0, 0, 0, 0 }
 };
@@ -55,6 +58,7 @@ struct arguments
   unsigned int count;
   unsigned int buflen;
   unsigned int saltlen;
+  char *value;
   unsigned char quiet;
 };
 
@@ -79,6 +83,10 @@ argp_parser (int key, char *arg, struct argp_state *state)
       arguments->saltlen = strtoul (arg, NULL, 0);
       break;
 
+    case 'v':
+      arguments->value = arg;
+      break;
+
     case 'q':
       arguments->quiet = 1;
       break;
@@ -119,6 +127,19 @@ hexify (char *hex, grub_uint8_t *bin, grub_size_t n)
   *hex = 0;
 }
 
+int
+unhexify(grub_uint8_t* output, const char* hexstring) {
+  if (sizeof(output) < (sizeof(hexstring) - 1) / 2 + 1) {
+    return -1;
+  }
+  char *output_ptr = (char*)output;
+  char *hexstring_ptr = (char*)hexstring;
+  for (int c; hexstring[0] && hexstring[1] && sscanf(hexstring_ptr, "%2x", &c); hexstring_ptr += 2) {
+    sprintf(output_ptr++, "%s",(char*)&c);
+  }
+  return 0;
+}
+
 int
 main (int argc, char *argv[])
 {
@@ -126,6 +147,7 @@ main (int argc, char *argv[])
     .count = 10000,
     .buflen = 64,
     .saltlen = 64,
+    .value = NULL,
     .quiet = 0
   };
   char *result, *ptr;
@@ -175,13 +197,22 @@ main (int argc, char *argv[])
     memset (pass2, 0, sizeof (pass2));
   }
 
-  if (grub_get_random (salt, arguments.saltlen))
+  if (arguments.value) {
+    if (unhexify(salt, arguments.value)) {
+      memset(pass1, 0, sizeof(pass1));
+      free(buf);
+      free(salt);
+      grub_util_error("%s", _("couldn't convert hexstring into salt"));
+    }
+  } else {
+    if (grub_get_random (salt, arguments.saltlen))
     {
       memset (pass1, 0, sizeof (pass1));
       free (buf);
       free (salt);
       grub_util_error ("%s", _("couldn't retrieve random data for salt"));
     }
+  }
 
   gcry_err = grub_crypto_pbkdf2 (GRUB_MD_SHA512,
 				 (grub_uint8_t *) pass1, strlen (pass1),
-- 
2.20.1