cryptsetup-pkcs11: also plug credential name to use to credential plugin

author Lennart Poettering <lennart@poettering.net>

Mon, 19 Feb 2024 17:16:47 +0000 (18:16 +0100)

committer Lennart Poettering <lennart@poettering.net>

Tue, 20 Feb 2024 15:50:00 +0000 (16:50 +0100)
author Lennart Poettering <lennart@poettering.net>
Mon, 19 Feb 2024 17:16:47 +0000 (18:16 +0100)
committer Lennart Poettering <lennart@poettering.net>
Tue, 20 Feb 2024 15:50:00 +0000 (16:50 +0100)
diff --git a/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c b/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c

index 512a4cf18ac99b93eb9c0f631b0181bd44935ecd..0203e726450a32b1671e00030ec702a437cfbf55 100644 (file)
--- a/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c
+++ b/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c
@@ -158,6 +158,7 @@ static int acquire_luks2_key_systemd(
  
          data.friendly_name = params->friendly_name;
          data.headless = params->headless;
+        data.askpw_credential = params->askpw_credential;
          data.askpw_flags = params->askpw_flags;
          data.until = params->until;
  
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c

index e96686cff329955b78adc2a55131458f32f7c813..63f8cdb81f1fdc87c0c60e94a28fd4d9d4f2c76d 100644 (file)
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -1492,6 +1492,7 @@ static int attach_luks2_by_pkcs11_via_plugin(
                  const char *friendly_name,
                  usec_t until,
                  bool headless,
+                const char *askpw_credential,
                  uint32_t flags) {
  
  #if HAVE_LIBCRYPTSETUP_PLUGINS
@@ -1504,6 +1505,7 @@ static int attach_luks2_by_pkcs11_via_plugin(
                  .friendly_name = friendly_name,
                  .until = until,
                  .headless = headless,
+                .askpw_credential = askpw_credential,
                  .askpw_flags = arg_ask_password_flags,
          };
  
@@ -1567,7 +1569,14 @@ static int attach_luks_or_plain_or_bitlk_by_pkcs11(
  
          for (;;) {
                  if (use_libcryptsetup_plugin && arg_pkcs11_uri_auto)
-                        r = attach_luks2_by_pkcs11_via_plugin(cd, name, friendly, until, arg_headless, flags);
+                        r = attach_luks2_by_pkcs11_via_plugin(
+                                        cd,
+                                        name,
+                                        friendly,
+                                        until,
+                                        arg_headless,
+                                        "cryptsetup.pkcs11-pin",
+                                        flags);
                  else {
                          r = decrypt_pkcs11_key(
                                          name,
diff --git a/src/shared/pkcs11-util.h b/src/shared/pkcs11-util.h

index 9b4336dc05605d2858ffefed07e07db3af2e13a7..dbd88ede677352bdc8c074f9cad69426d816f199 100644 (file)
--- a/src/shared/pkcs11-util.h
+++ b/src/shared/pkcs11-util.h
@@ -112,6 +112,7 @@ typedef struct {
          const char *friendly_name;
          usec_t until;
          bool headless;
+        const char *askpw_credential;
          AskPasswordFlags askpw_flags;
  } systemd_pkcs11_plugin_params;
author	Lennart Poettering <lennart@poettering.net>
	Mon, 19 Feb 2024 17:16:47 +0000 (18:16 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 20 Feb 2024 15:50:00 +0000 (16:50 +0100)
src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c		patch \| blob \| blame \| history
src/cryptsetup/cryptsetup.c		patch \| blob \| blame \| history
src/shared/pkcs11-util.h		patch \| blob \| blame \| history