Add pin size parameter in crypt_active_by_pin_token.

Well, after all it really should have supported binary data
of arbitrary length.

lib/libcryptsetup.h

@@ -2170,7 +2170,8 @@ typedef int (*crypt_token_open_func) (
  *
  * @param cd crypt device handle
  * @param token token id
- * @param pin passphrase (or PIN) to unlock token
+ * @param pin passphrase (or PIN) to unlock token (may be binary data)
+ * @param pin_size size of @e pin
  * @param buffer returned allocated buffer with password
  * @param buffer_len length of the buffer
  * @param usrptr user data in @link crypt_activate_by_token @endlink
@@ -2179,6 +2180,7 @@ typedef int (*crypt_token_open_pin_func) (
 	struct crypt_device *cd,
 	int token,
 	const char *pin,
+	size_t pin_size,
 	char **buffer,
 	size_t *buffer_len,
 	void *usrptr);
@@ -2287,7 +2289,8 @@ int crypt_activate_by_token(struct crypt_device *cd,
  * @param cd crypt device handle
  * @param name name of device to create, if @e NULL only check token
  * @param token requested token to check or CRYPT_ANY_TOKEN to check all
- * @param pin passphrase (or PIN) to unlock token
+ * @param pin passphrase (or PIN) to unlock token (may be binary data)
+ * @param pin_size size of @e pin
  * @param usrptr provided identification in callback
  * @param flags activation flags
  *
@@ -2297,6 +2300,7 @@ int crypt_activate_by_pin_token(struct crypt_device *cd,
 	const char *name,
 	int token,
 	const char *pin,
+	size_t pin_size,
 	void *usrptr,
 	uint32_t flags);
 /** @} */

lib/luks2/luks2.h

@@ -272,6 +272,7 @@ int LUKS2_token_open_and_activate(struct crypt_device *cd,
 	int token,
 	const char *name,
 	const char *pin,
+	size_t pin_size,
 	uint32_t flags,
 	void *usrptr);
 
@@ -279,6 +280,7 @@ int LUKS2_token_open_and_activate_any(struct crypt_device *cd,
 	struct luks2_hdr *hdr,
 	const char *name,
 	const char *pin,
+	size_t pin_size,
 	uint32_t flags);
 
 int LUKS2_token_keyring_get(struct crypt_device *cd,

lib/luks2/luks2_token.c

@@ -378,6 +378,7 @@ static int LUKS2_token_open(struct crypt_device *cd,
 	struct luks2_hdr *hdr,
 	int token,
 	const char *pin,
+	size_t pin_size,
 	char **buffer,
 	size_t *buffer_len,
 	void *usrptr)
@@ -402,7 +403,7 @@ static int LUKS2_token_open(struct crypt_device *cd,
 	if (pin && !h->open_pin)
 		r = -ENOENT;
 	else if (pin)
-		r = h->open_pin(cd, token, pin, buffer, buffer_len, usrptr);
+		r = h->open_pin(cd, token, pin, pin_size, buffer, buffer_len, usrptr);
 	else
 		r = h->open(cd, token, buffer, buffer_len, usrptr);
 	if (r < 0)
@@ -470,6 +471,7 @@ int LUKS2_token_open_and_activate(struct crypt_device *cd,
 	int token,
 	const char *name,
 	const char *pin,
+	size_t pin_size,
 	uint32_t flags,
 	void *usrptr)
 {
@@ -479,7 +481,7 @@ int LUKS2_token_open_and_activate(struct crypt_device *cd,
 	size_t buffer_len;
 	struct volume_key *vk = NULL;
 
-	r = LUKS2_token_open(cd, hdr, token, pin, &buffer, &buffer_len, usrptr);
+	r = LUKS2_token_open(cd, hdr, token, pin, pin_size, &buffer, &buffer_len, usrptr);
 	if (r < 0)
 		return r;
 
@@ -520,6 +522,7 @@ int LUKS2_token_open_and_activate_any(struct crypt_device *cd,
 	struct luks2_hdr *hdr,
 	const char *name,
 	const char *pin,
+	size_t pin_size,
 	uint32_t flags)
 {
 	char *buffer;
@@ -534,7 +537,7 @@ int LUKS2_token_open_and_activate_any(struct crypt_device *cd,
 		UNUSED(val);
 		token = atoi(slot);
 
-		r = LUKS2_token_open(cd, hdr, token, pin, &buffer, &buffer_len, NULL);
+		r = LUKS2_token_open(cd, hdr, token, pin, pin_size, &buffer, &buffer_len, NULL);
 		if (r < 0)
 			continue;
 

lib/setup.c

@@ -5596,7 +5596,7 @@ void crypt_set_luks2_reencrypt(struct crypt_device *cd, struct luks2_reencrypt *
  * Token handling
  */
 int crypt_activate_by_pin_token(struct crypt_device *cd, const char *name, int token,
-	const char *pin, void *usrptr, uint32_t flags)
+	const char *pin, size_t pin_size, void *usrptr, uint32_t flags)
 {
 	int r;
 
@@ -5613,15 +5613,15 @@ int crypt_activate_by_pin_token(struct crypt_device *cd, const char *name, int t
 		return -EINVAL;
 
 	if (token == CRYPT_ANY_TOKEN)
-		return LUKS2_token_open_and_activate_any(cd, &cd->u.luks2.hdr, name, pin, flags);
+		return LUKS2_token_open_and_activate_any(cd, &cd->u.luks2.hdr, name, pin, pin_size, flags);
 
-	return LUKS2_token_open_and_activate(cd, &cd->u.luks2.hdr, token, name, pin, flags, usrptr);
+	return LUKS2_token_open_and_activate(cd, &cd->u.luks2.hdr, token, name, pin, pin_size, flags, usrptr);
 }
 
 int crypt_activate_by_token(struct crypt_device *cd,
 	const char *name, int token, void *usrptr, uint32_t flags)
 {
-	return crypt_activate_by_pin_token(cd, name, token, NULL, usrptr, flags);
+	return crypt_activate_by_pin_token(cd, name, token, NULL, 0, usrptr, flags);
 }
 
 int crypt_token_json_get(struct crypt_device *cd, int token, const char **json)

src/cryptsetup.c

@@ -1542,7 +1542,7 @@ static int action_open_luks(void)
 			if (r < 0)
 				goto out;
 			r = crypt_activate_by_pin_token(cd, activated_name, ARG_INT32(OPT_TOKEN_ID_ID),
-							password, NULL, activate_flags);
+							password, passwordLen, NULL, activate_flags);
 			tools_keyslot_msg(r, UNLOCKED);
 		}
 

tokens/ssh/libcryptsetup-token-ssh.c

@@ -221,7 +221,8 @@ static int sshplugin_public_key_auth(struct crypt_device *cd, ssh_session ssh, c
 }
 
 int cryptsetup_token_open_pin(struct crypt_device *cd, int token, const char *pin,
-	char **password, size_t *password_len, void *usrptr __attribute__((unused)))
+	size_t pin_size __attribute__((unused)), char **password, size_t *password_len,
+	void *usrptr __attribute__((unused)))
 {
 	int r;
 	json_object *jobj_server, *jobj_user, *jobj_path, *jobj_token, *jobj_keypath;
@@ -267,7 +268,7 @@ int cryptsetup_token_open_pin(struct crypt_device *cd, int token, const char *pi
 int cryptsetup_token_open(struct crypt_device *cd, int token,
 	char **password, size_t *password_len, void *usrptr)
 {
-	return cryptsetup_token_open_pin(cd, token, NULL, password, password_len, usrptr);
+	return cryptsetup_token_open_pin(cd, token, NULL, 0, password, password_len, usrptr);
 }
 
 void cryptsetup_token_dump(struct crypt_device *cd, const char *json)