Skip to content

Add PBKDF Memory support during update bundle encryption

The Password-Based Key Derivation Function (PBKDF) memory cost is defined during encrypted bundle creation.
This value is used during decryption to allocate memory and can be too large on small devices, preventing to unlock with following errors:

# Trying to open LUKS2 keyslot 0.
# Keyslot 0 (luks2) open failed with -12.

Command failed with code -3 (out of memory).

PHP RFC recommends to use a power of 2 when changing the memory cost value, see https://wiki.php.net/rfc/argon2_password_hash and https://github.com/P-H-C/phc-winner-argon2/blob/master/README.md.

Fix it to 64M.

Signed-off-by: Frédéric Danis frederic.danis@collabora.com

Edited by Frederic Danis

Merge request reports

Loading