Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[sabakan-cryptsetup] TPM 2.0 support #164

Merged
merged 13 commits into from
Jul 29, 2019
Merged

[sabakan-cryptsetup] TPM 2.0 support #164

merged 13 commits into from
Jul 29, 2019

Conversation

mitsutaka
Copy link
Contributor

Update documents.

@mitsutaka mitsutaka self-assigned this Jul 22, 2019
@mitsutaka mitsutaka force-pushed the cryptsetup-with-tpm branch 5 times, most recently from b210050 to e3fdfb3 Compare July 25, 2019 08:14
@mitsutaka mitsutaka marked this pull request as ready for review July 25, 2019 08:39
ymmt2005
ymmt2005 reviewed Jul 25, 2019
View reviewed changes
pkg/sabakan-cryptsetup/cmd/driver.go Outdated
}, nil
}

// Setup setup crypt devices.
func (d *Driver) Setup(ctx context.Context) error {
kek := []byte("")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

var kek []byte でいいのでは?

ymmt2005
ymmt2005 requested changes Jul 25, 2019
View reviewed changes
pkg/sabakan-cryptsetup/cmd/meta.go Outdated
func (m *Metadata) DecryptKey(ek []byte) ([]byte, error) {
if len(ek) != len(m.kek) {
return nil, fmt.Errorf("key length mismatch: expected=%d, actual=%d", len(m.kek), len(ek))
func (m *Metadata) DecryptKey(kek, tpmKek []byte) ([]byte, error) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DecryptKey の第一引数は「暗号化されたキー」であるので ek が正しくて、kek (key encryption key)ではないので元に戻してください。

tapih
tapih approved these changes Jul 29, 2019
View reviewed changes
Copy link
Contributor

@tapih tapih left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

paired

@tapih tapih merged commit 30919a4 into master Jul 29, 2019
@tapih tapih deleted the cryptsetup-with-tpm branch July 29, 2019 08:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ymmt2005 ymmt2005 ymmt2005 requested changes

@tapih tapih tapih approved these changes

Assignees

@mitsutaka mitsutaka

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mitsutaka @ymmt2005 @tapih