summaryrefslogtreecommitdiff
path: root/src/cryptsetup/cryptsetup-pkcs11.h
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2020-04-29 16:37:14 +0200
committerLennart Poettering <lennart@poettering.net>2020-05-19 17:28:25 +0200
commit7407f689807963d48dce08e5581b5cb4b4e56813 (patch)
tree6395340d8be7c5a4e1ee31a3105e333a8e00794e /src/cryptsetup/cryptsetup-pkcs11.h
parent23769fb3711e268386453ae3b4d8ed3feadeb516 (diff)
downloadsystemd-7407f689807963d48dce08e5581b5cb4b4e56813.tar.gz
cryptsetup: automatically load luks keys off disk
Let's make loading of keys a bit more automatic and define a common place where key files can be placed. Specifically, whenever a volume of name "foo" is attempted, search for a key file in /etc/cryptsetup-keys.d/foo.key and /run/cryptsetup-keys.d/foo.key, unless a key file is declared explicitly. With this scheme we have a simple discovery in place that should make it more straightfoward wher to place keys, and requires no explicit configuration to be used.
Diffstat (limited to 'src/cryptsetup/cryptsetup-pkcs11.h')
-rw-r--r--src/cryptsetup/cryptsetup-pkcs11.h4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/cryptsetup/cryptsetup-pkcs11.h b/src/cryptsetup/cryptsetup-pkcs11.h
index 264ccb66b1..af2487e75b 100644
--- a/src/cryptsetup/cryptsetup-pkcs11.h
+++ b/src/cryptsetup/cryptsetup-pkcs11.h
@@ -14,6 +14,8 @@ int decrypt_pkcs11_key(
const char *key_file,
size_t key_file_size,
uint64_t key_file_offset,
+ const void *key_data,
+ size_t key_data_size,
usec_t until,
void **ret_decrypted_key,
size_t *ret_decrypted_key_size);
@@ -26,6 +28,8 @@ static inline int decrypt_pkcs11_key(
const char *key_file,
size_t key_file_size,
uint64_t key_file_offset,
+ const void *key_data,
+ size_t key_data_size,
usec_t until,
void **ret_decrypted_key,
size_t *ret_decrypted_key_size) {
View Lorry Controller Status