eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 19:00:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow activating multi key devices using VKs in keyring.

Browse Source 
We already support activation of a device using a volume key in keyring.
However, in case of multi-key devices (i.e. device with reencryption
running) we need to supply two volume keys.
This commit is contained in:
Daniel Zatovic
2024-01-09 16:23:05 +01:00
committed by Daniel Zaťovič
parent 4321992561
commit 7fb98caa79
7 changed files with 301 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/libcryptsetup.h
View File

@@ -1628,8 +1628,8 @@ int crypt_persistent_flags_get(struct crypt_device *cd,
* reencryption), more than one keyslot context is required (e.g. one for the old
* volume key and one for the new volume key). The order of the keyslot
* contexts does not matter. When less keyslot contexts are supplied than
* required to unlock the device an -EPERM/-ENOKEY/TODO error code is returned
* and you should call the function again with more keyslot contexts.
* required to unlock the device an -ENOKEY error code is returned and you
* should call the function again with an additional keyslot context specified.
*
* NOTE: the API at the moment works for one keyslot context only, the second
* keyslot context is just an API placeholder