git.ipfire.org Git - thirdparty/systemd.git/commit

author	Jonas Witschel <diabonas@archlinux.org>
	Wed, 25 May 2022 12:06:12 +0000 (14:06 +0200)
committer	Jonas Witschel <diabonas@archlinux.org>
	Fri, 5 Aug 2022 10:19:57 +0000 (12:19 +0200)
commit	35ba2b4f0193ea791a19d23ba9f316082f36852b
tree	619339f371e8745e159a89ef0ac54b7d50356a67	tree \| snapshot
parent	d14114995776d6c6640bf7af3845581df8b6532c	commit \| diff

cryptsetup: implement cryptsetup_token_open_pin for systemd-tpm2 LUKS2 token

This finishes the implementation started in commit
1f895adac287b5f1b6b854caa586093616ccc172 ("cryptsetup: add libcryptsetup TPM2
PIN support").

Note that the previous implementation took a shortcut by returning EOPNOTSUPP
instead of the correct ENOANO as per the cryptsetup documentation. This meant
that systemd-cryptsetup fell back to the non-plugin implementation in order to
ask for the PIN. Since this does not happen any more when returning ENOANO, we
need to ask for the PIN in attach_luks2_by_tpm2_via_plugin() instead like
attach_luks2_by_fido2_via_plugin() does.

src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c		diff \| blob \| blame \| history
src/cryptsetup/cryptsetup-tokens/cryptsetup-token-util.c		diff \| blob \| blame \| history
src/cryptsetup/cryptsetup-tokens/cryptsetup-token-util.h		diff \| blob \| blame \| history
src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c		diff \| blob \| blame \| history
src/cryptsetup/cryptsetup-tokens/luks2-tpm2.h		diff \| blob \| blame \| history
src/cryptsetup/cryptsetup.c		diff \| blob \| blame \| history