eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 21:29:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add --external-tokens-path parameter in cryptsetup.

Browse Source
This commit is contained in:
Ondrej Kozina
2023-11-10 11:59:07 +01:00
parent 0328d61f29
commit 836e5e4539
11 changed files with 82 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/cryptsetup.c
View File

@@ -878,6 +878,15 @@ static int action_resize(void)
else if (ARG_SET(OPT_SIZE_ID))
dev_size = ARG_UINT64(OPT_SIZE_ID);
if (ARG_SET(OPT_EXTERNAL_TOKENS_PATH_ID)) {
r = crypt_token_set_external_path(ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
if (r < 0) {
log_err(_("Failed to set external tokens path %s."),
ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
goto out;
}
}
if (cad.flags & CRYPT_ACTIVATE_KEYRING_KEY) {
if (ARG_SET(OPT_DISABLE_KEYRING_ID)) {
r = -EINVAL;
@@ -1809,6 +1818,15 @@ static int action_open_luks(void)
set_activation_flags(&activate_flags);
if (ARG_SET(OPT_EXTERNAL_TOKENS_PATH_ID)) {
r = crypt_token_set_external_path(ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
if (r < 0) {
log_err(_("Failed to set external tokens path %s."),
ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
goto out;
}
}
if (ARG_SET(OPT_LINK_VK_TO_KEYRING_ID)) {
r = parse_vk_and_keyring_description(cd, ARG_STR(OPT_LINK_VK_TO_KEYRING_ID));
if (r < 0)
@@ -2056,6 +2074,15 @@ static int luksAddUnboundKey(void)
goto out;
}
if (ARG_SET(OPT_EXTERNAL_TOKENS_PATH_ID)) {
r = crypt_token_set_external_path(ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
if (r < 0) {
log_err(_("Failed to set external tokens path %s."),
ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
goto out;
}
}
r = _set_keyslot_encryption_params(cd);
if (r < 0)
goto out;
@@ -2201,6 +2228,15 @@ static int action_luksAddKey(void)
if (r < 0)
goto out;
if (ARG_SET(OPT_EXTERNAL_TOKENS_PATH_ID)) {
r = crypt_token_set_external_path(ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
if (r < 0) {
log_err(_("Failed to set external tokens path %s."),
ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
goto out;
}
}
/* Never call pwquality if using null cipher */
if (crypt_is_cipher_null(crypt_get_cipher(cd)))
ARG_SET_TRUE(OPT_FORCE_PASSWORD_ID);
@@ -2639,6 +2675,15 @@ static int action_luksDump(void)
goto out;
}
if (ARG_SET(OPT_EXTERNAL_TOKENS_PATH_ID)) {
r = crypt_token_set_external_path(ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
if (r < 0) {
log_err(_("Failed to set external tokens path %s."),
ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
goto out;
}
}
if (ARG_SET(OPT_DUMP_VOLUME_KEY_ID))
r = luksDump_with_volume_key(cd);
else if (ARG_SET(OPT_UNBOUND_ID))
@@ -2712,6 +2757,15 @@ static int action_luksResume(void)
goto out;
}
if (ARG_SET(OPT_EXTERNAL_TOKENS_PATH_ID)) {
r = crypt_token_set_external_path(ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
if (r < 0) {
log_err(_("Failed to set external tokens path %s."),
ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
goto out;
}
}
/* try to resume LUKS2 device by token first */
r = _try_token_unlock(cd, ARG_INT32(OPT_KEY_SLOT_ID), ARG_INT32(OPT_TOKEN_ID_ID),
action_argv[0], ARG_STR(OPT_TOKEN_TYPE_ID), 0,
@@ -3230,6 +3284,16 @@ static int action_token(void)
return r;
}
if (ARG_SET(OPT_EXTERNAL_TOKENS_PATH_ID)) {
r = crypt_token_set_external_path(ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
if (r < 0) {
log_err(_("Failed to set external tokens path %s."),
ARG_STR(OPT_EXTERNAL_TOKENS_PATH_ID));
crypt_free(cd);
return r;
}
}
r = -EINVAL;
if (!strcmp(action_argv[0], "add")) {