eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow keyslot in internal LUKS2 token activation code.

Browse Source 
Extends code so that later API may support LUKS2 device
activation via token with specified keyslot.

Also allows testing if specific token is able to unlock specific
keyslot.
This commit is contained in:
Ondrej Kozina
2022-11-24 16:00:27 +01:00
committed by Daniel Zatovic
parent 50207333f1
commit 6751b43424
4 changed files with 61 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/keyslot_context.c
View File

@@ -206,7 +206,7 @@ static int get_volume_key_by_key(struct crypt_device *cd,
static int get_luks2_key_by_token(struct crypt_device *cd,
struct crypt_keyslot_context *kc,
int keyslot __attribute__((unused)),
int keyslot,
int segment,
struct volume_key **r_vk)
{
@@ -216,7 +216,7 @@ static int get_luks2_key_by_token(struct crypt_device *cd,
assert(kc && kc->type == CRYPT_KC_TYPE_TOKEN);
assert(r_vk);
r = LUKS2_token_unlock_key(cd, crypt_get_hdr(cd, CRYPT_LUKS2), kc->u.t.id, kc->u.t.type,
r = LUKS2_token_unlock_key(cd, crypt_get_hdr(cd, CRYPT_LUKS2), keyslot, kc->u.t.id, kc->u.t.type,
kc->u.t.pin, kc->u.t.pin_size, segment, kc->u.t.usrptr, r_vk);
if (r < 0)
kc->error = r;
@@ -226,10 +226,10 @@ static int get_luks2_key_by_token(struct crypt_device *cd,
static int get_luks2_volume_key_by_token(struct crypt_device *cd,
struct crypt_keyslot_context *kc,
int keyslot __attribute__((unused)),
int keyslot,
struct volume_key **r_vk)
{
return get_luks2_key_by_token(cd, kc, -2 /* unused */, CRYPT_DEFAULT_SEGMENT, r_vk);
return get_luks2_key_by_token(cd, kc, keyslot, CRYPT_DEFAULT_SEGMENT, r_vk);
}
static int get_passphrase_by_token(struct crypt_device *cd,