diff options
author | Lennart Poettering <lennart@poettering.net> | 2024-02-19 18:16:47 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2024-02-20 16:50:00 +0100 |
commit | 1c12daa46f90a8b74b83a14c0b657d71a535ac6f (patch) | |
tree | 8a3e98e9ee73ed624526c9b2dacf81e5ab8f26c7 | |
parent | cryptenroll,cryptsetup: clean up unlock credential for TPM2 + FIDO2 (diff) | |
download | systemd-1c12daa46f90a8b74b83a14c0b657d71a535ac6f.tar.xz systemd-1c12daa46f90a8b74b83a14c0b657d71a535ac6f.zip |
cryptsetup-pkcs11: also plug credential name to use to credential plugin
-rw-r--r-- | src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c | 1 | ||||
-rw-r--r-- | src/cryptsetup/cryptsetup.c | 11 | ||||
-rw-r--r-- | src/shared/pkcs11-util.h | 1 |
3 files changed, 12 insertions, 1 deletions
diff --git a/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c b/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c index 512a4cf18a..0203e72645 100644 --- a/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c +++ b/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c @@ -158,6 +158,7 @@ static int acquire_luks2_key_systemd( data.friendly_name = params->friendly_name; data.headless = params->headless; + data.askpw_credential = params->askpw_credential; data.askpw_flags = params->askpw_flags; data.until = params->until; diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index e96686cff3..63f8cdb81f 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -1492,6 +1492,7 @@ static int attach_luks2_by_pkcs11_via_plugin( const char *friendly_name, usec_t until, bool headless, + const char *askpw_credential, uint32_t flags) { #if HAVE_LIBCRYPTSETUP_PLUGINS @@ -1504,6 +1505,7 @@ static int attach_luks2_by_pkcs11_via_plugin( .friendly_name = friendly_name, .until = until, .headless = headless, + .askpw_credential = askpw_credential, .askpw_flags = arg_ask_password_flags, }; @@ -1567,7 +1569,14 @@ static int attach_luks_or_plain_or_bitlk_by_pkcs11( for (;;) { if (use_libcryptsetup_plugin && arg_pkcs11_uri_auto) - r = attach_luks2_by_pkcs11_via_plugin(cd, name, friendly, until, arg_headless, flags); + r = attach_luks2_by_pkcs11_via_plugin( + cd, + name, + friendly, + until, + arg_headless, + "cryptsetup.pkcs11-pin", + flags); else { r = decrypt_pkcs11_key( name, diff --git a/src/shared/pkcs11-util.h b/src/shared/pkcs11-util.h index 9b4336dc05..dbd88ede67 100644 --- a/src/shared/pkcs11-util.h +++ b/src/shared/pkcs11-util.h @@ -112,6 +112,7 @@ typedef struct { const char *friendly_name; usec_t until; bool headless; + const char *askpw_credential; AskPasswordFlags askpw_flags; } systemd_pkcs11_plugin_params; |