bitlocker: Open bitlocker devices with clearkey

Always trying to open with clearkey when available
2025-12-05 16:00:05 +01:00 · 2025-11-02 23:48:29 +02:00
parent 72173b2777
commit 4fe1601d9c
2 changed files with 19 additions and 8 deletions
--- a/lib/setup.c
+++ b/lib/setup.c
@@ -5921,7 +5921,7 @@ int crypt_volume_key_get_by_keyslot_context(struct crypt_device *cd,
 	struct volume_key *vk = NULL;
 	if (!cd || !volume_key || !volume_key_size ||
-	    (!kc && !isLUKS(cd->type) && !isTCRYPT(cd->type) && !isVERITY(cd->type)))
+	    (!kc && !isLUKS(cd->type) && !isTCRYPT(cd->type) && !isVERITY(cd->type) && !isBITLK(cd->type)))
 		return -EINVAL;
 	if (isLUKS2(cd->type) && keyslot != CRYPT_ANY_SLOT)
@@ -5981,6 +5981,8 @@ int crypt_volume_key_get_by_keyslot_context(struct crypt_device *cd,
 	} else if (isBITLK(cd->type)) {
 		if (kc && kc->get_bitlk_volume_key)
 			r = kc->get_bitlk_volume_key(cd, kc, &cd->u.bitlk.params, &vk);
 		else if (!kc)
 			r = BITLK_get_volume_key(cd, NULL, 0, &cd->u.bitlk.params, &vk);
 		if (r < 0)
 			log_err(cd, _("Cannot retrieve volume key for BITLK device."));
 	} else if (isFVAULT2(cd->type)) {
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -509,6 +509,10 @@ static int action_open_bitlk(void)
 		r = crypt_activate_by_volume_key(cd, activated_name,
 						 key, keysize, activate_flags);
 	} else {
 		r = crypt_activate_by_passphrase(cd, activated_name, CRYPT_ANY_SLOT, NULL, 0, activate_flags);
 		if (r != -EPERM)
 			goto out;
 		tries = set_tries_tty(false);
 		do {
 			r = tools_get_key(NULL, &password, &passwordLen,
@@ -617,14 +621,19 @@ static int bitlkDump_with_volume_key(struct crypt_device *cd)
 	if (!vk)
 		return -ENOMEM;
 	r = tools_get_key(NULL, &password, &passwordLen,
 			  ARG_UINT64(OPT_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_KEYFILE_SIZE_ID), ARG_STR(OPT_KEY_FILE_ID),
 			  ARG_UINT32(OPT_TIMEOUT_ID), 0, 0, cd);
 	if (r < 0)
 		goto out;
 	r = crypt_volume_key_get(cd, CRYPT_ANY_SLOT, vk, &vk_size,
-				 password, passwordLen);
+					password, passwordLen);
 	if (r < 0) {
 		r = tools_get_key(NULL, &password, &passwordLen,
 					ARG_UINT64(OPT_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_KEYFILE_SIZE_ID), ARG_STR(OPT_KEY_FILE_ID),
 					ARG_UINT32(OPT_TIMEOUT_ID), 0, 0, cd);
 		if (r < 0)
 			goto out;
 		r = crypt_volume_key_get(cd, CRYPT_ANY_SLOT, vk, &vk_size,
 						password, passwordLen);
 	}
 	tools_passphrase_msg(r);
 	check_signal(&r);
 	if (r < 0)