]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c01a5c0) | patch
cryptenroll: change class in provided PKCS#11 URI if necessary 29692/head
authorVladimir Stoiakin <VStoiakin@lavabit.com>
Tue, 24 Oct 2023 16:00:43 +0000 (19:00 +0300)
committerVladimir Stoiakin <VStoiakin@lavabit.com>
Fri, 5 Jan 2024 09:32:36 +0000 (12:32 +0300)
commit85828ef92027b935f49e6cce02d69d6717d95f18
treec97c089c313d2f81c6155fc5b680650d1a09106dtree | snapshot
parentc01a5c0527b7c49d4b10f5d525de060feb2b37f2commit | diff
cryptenroll: change class in provided PKCS#11 URI if necessary

cryptenroll accepts only PKCS#11 URIs that match both a certificate and a private key in a token.
This patch allows users to provide a PKCS#11 URI that points to a certificate only, and makes possible to use output of some PKCS#11 tools directly.
Internally the patch changes 'type=cert' in the provided PKCS#11 URI to 'type=private' before storing in a LUKS2 header.

Fixes: #23479
man/systemd-cryptenroll.xml diff | blob | blame | history
src/cryptenroll/cryptenroll-pkcs11.c diff | blob | blame | history
src/shared/pkcs11-util.c diff | blob | blame | history
src/shared/pkcs11-util.h diff | blob | blame | history
test/units/testsuite-24.sh diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.