]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e560cf4) | patch
tpm2: support policies with PIN
authorGrigori Goronzy <greg@chown.ath.cx>
Wed, 16 Feb 2022 21:13:42 +0000 (22:13 +0100)
committerGrigori Goronzy <greg@chown.ath.cx>
Tue, 15 Mar 2022 20:17:00 +0000 (21:17 +0100)
commit2f5a892aa0d70aa4f1f10c8dba495ad52bc02bc3
tree112247928cb0af5b7f376fc78fe02f99250ed9d0tree | snapshot
parente560cf4f71bf237019d982603af3d6be86394788commit | diff
tpm2: support policies with PIN

Modify TPM2 authentication policy to optionally include an authValue, i.e.
a password/PIN. We use the "PIN" terminology since it's used by other
systems such as Windows, even though the PIN is not necessarily numeric.

The pin is hashed via SHA256 to allow for arbitrary length PINs.

v2: fix tpm2_seal in sd-repart
v3: applied review feedback
src/cryptenroll/cryptenroll-tpm2.c diff | blob | blame | history
src/cryptsetup/cryptsetup-tokens/luks2-tpm2.c diff | blob | blame | history
src/cryptsetup/cryptsetup-tpm2.c diff | blob | blame | history
src/partition/repart.c diff | blob | blame | history
src/shared/creds-util.c diff | blob | blame | history
src/shared/tpm2-util.c diff | blob | blame | history
src/shared/tpm2-util.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.