# --- T2-COPYRIGHT-NOTE-BEGIN ---
# This copyright note is auto-generated by scripts/Create-CopyPatch.
# 
# T2 SDE: package/*/grub2/uuid-hyphens.patch
# Copyright (C) 2017 - 2021 The T2 SDE Project
# 
# More information can be found in the files COPYING and README.
# 
# This patch file is dual-licensed. It is available under the license the
# patched project is licensed under, as long as it is an OpenSource license
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
# of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
# --- T2-COPYRIGHT-NOTE-END ---

From f723c22cb7d8a5a6633eaa0682e024e667fb581a Mon Sep 17 00:00:00 2001
From: John Lane <john@lane.uk.net>
Date: Fri, 26 Jun 2015 22:48:03 +0100
Subject: [PATCH 5/5] Cryptomount support for hyphens in UUID

Rebased and added luks2 support:

  - René Rebe <rene@exactcode.de>

---
 grub-core/disk/cryptodisk.c | 20 +++++++++++++++++---
 grub-core/disk/luks.c       | 26 ++++++++------------------
 include/grub/cryptodisk.h   |  2 ++
 3 files changed, 27 insertions(+), 21 deletions(-)

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index cd5cfc9..d36d16b 100644
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -113,6 +113,20 @@ gf_mul_be (grub_uint8_t *o, const grub_uint8_t *a, const grub_uint8_t *b)
     }
 }
 
+int
+grub_cryptodisk_uuidcmp(const char *uuid_a, const char *uuid_b)
+{
+  while ((*uuid_a != '\0') && (*uuid_b != '\0'))
+    {
+      while (*uuid_a == '-') uuid_a++;
+      while (*uuid_b == '-') uuid_b++;
+      if (grub_toupper(*uuid_a) != grub_toupper(*uuid_b)) break;
+      uuid_a++;
+      uuid_b++;
+    }
+  return (*uuid_a == '\0') && (*uuid_b == '\0');
+}
+
 static gcry_err_code_t
 grub_crypto_pcbc_decrypt (grub_crypto_cipher_handle_t cipher,
 			 void *out, void *in, grub_size_t size,
@@ -507,8 +521,8 @@ grub_cryptodisk_open (const char *name, grub_disk_t disk)
   if (grub_memcmp (name, "cryptouuid/", sizeof ("cryptouuid/") - 1) == 0)
     {
       for (dev = cryptodisk_list; dev != NULL; dev = dev->next)
-	if (grub_strcasecmp (name + sizeof ("cryptouuid/") - 1, dev->uuid) == 0)
-	  break;
+        if (grub_cryptodisk_uuidcmp(name + sizeof ("cryptouuid/") - 1, dev->uuid))
+          break;
     }
   else
     {
@@ -739,7 +753,7 @@ grub_cryptodisk_get_by_uuid (const char *uuid)
 {
   grub_cryptodisk_t dev;
   for (dev = cryptodisk_list; dev != NULL; dev = dev->next)
-    if (grub_strcasecmp (dev->uuid, uuid) == 0)
+    if (grub_cryptodisk_uuidcmp(dev->uuid, uuid))
       return dev;
   return NULL;
 }
--- grub-2.02/grub-core/disk/luks.c.orig	2015-09-02 22:10:53.000000000 +0200
+++ grub-2.02/grub-core/disk/luks.c	2017-12-03 18:02:29.093945562 +0100
@@ -69,9 +69,7 @@
 		   int check_boot)
 {
   grub_cryptodisk_t newdev;
-  const char *iptr;
   struct grub_luks_phdr header;
-  char *optr;
   char uuid[sizeof (header.uuid) + 1];
   char ciphername[sizeof (header.cipherName) + 1];
   char ciphermode[sizeof (header.cipherMode) + 1];
@@ -94,20 +94,6 @@
     return NULL;
 
   grub_memset (uuid, 0, sizeof (uuid));
-  optr = uuid;
-  for (iptr = header.uuid; iptr < &header.uuid[ARRAY_SIZE (header.uuid)];
-       iptr++)
-    {
-      if (*iptr != '-')
-	*optr++ = *iptr;
-    }
-  *optr = 0;
-
-  if (check_uuid && grub_strcasecmp (check_uuid, uuid) != 0)
-    {
-      grub_dprintf ("luks", "%s != %s\n", uuid, check_uuid);
-      return NULL;
-    }
 
   /* Make sure that strings are null terminated.  */
   grub_memcpy (ciphername, header.cipherName, sizeof (header.cipherName));
@@ -125,6 +108,14 @@
   ciphermode[sizeof (header.cipherMode)] = 0;
   grub_memcpy (hashspec, header.hashSpec, sizeof (header.hashSpec));
   hashspec[sizeof (header.hashSpec)] = 0;
+  grub_memcpy (uuid, header.uuid, sizeof (header.uuid));
+  uuid[sizeof (header.uuid)] = 0;
+
+  if ( check_uuid && ! grub_cryptodisk_uuidcmp(check_uuid, uuid))
+    {
+      grub_dprintf ("luks", "%s != %s\n", uuid, check_uuid);
+      return NULL;
+    }
 
   ciph = grub_crypto_lookup_cipher_by_name (ciphername);
   if (!ciph)
diff --git a/include/grub/cryptodisk.h b/include/grub/cryptodisk.h
index 4076412..a564f2c 100644
--- a/include/grub/cryptodisk.h
+++ b/include/grub/cryptodisk.h
@@ -167,4 +167,6 @@ grub_cryptodisk_t grub_cryptodisk_get_by_source_disk (grub_disk_t disk);
 grub_cryptodisk_t grub_cryptodisk_create (grub_disk_t disk, char *uuid,
 				   char *ciphername, char *ciphermode, char *digest);
 
+int
+grub_cryptodisk_uuidcmp(const char *uuid_a, const char *uuid_b);
 #endif
-- 
2.1.2

--- grub-2.06~rc1/grub-core/disk/luks2.c.vanilla	2021-03-13 13:33:43.247134523 +0100
+++ grub-2.06~rc1/grub-core/disk/luks2.c	2021-03-13 13:39:37.093113432 +0100
@@ -353,7 +353,6 @@
   grub_cryptodisk_t cryptodisk;
   grub_luks2_header_t header;
   char uuid[sizeof (header.uuid) + 1];
-  grub_size_t i, j;
 
   if (check_boot)
     return NULL;
@@ -364,13 +363,14 @@
       return NULL;
     }
 
-  for (i = 0, j = 0; i < sizeof (header.uuid); i++)
-    if (header.uuid[i] != '-')
-      uuid[j++] = header.uuid[i];
-  uuid[j] = '\0';
+  grub_memcpy (uuid, header.uuid, sizeof (header.uuid));
+  uuid[sizeof (header.uuid)] = 0;
 
-  if (check_uuid && grub_strcasecmp (check_uuid, uuid) != 0)
-    return NULL;
+  if ( check_uuid && ! grub_cryptodisk_uuidcmp(check_uuid, uuid))
+    {
+      grub_dprintf ("luks", "%s != %s\n", uuid, check_uuid);
+      return NULL;
+    }
 
   cryptodisk = grub_zalloc (sizeof (*cryptodisk));
   if (!cryptodisk)