-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[sabakan-cryptsetup] TPM 2.0 support #164
Conversation
Update documents.
88bdfb3
to
a47fce0
Compare
b210050
to
e3fdfb3
Compare
e3fdfb3
to
e7f9d5d
Compare
pkg/sabakan-cryptsetup/cmd/driver.go
Outdated
}, nil | ||
} | ||
|
||
// Setup setup crypt devices. | ||
func (d *Driver) Setup(ctx context.Context) error { | ||
kek := []byte("") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
var kek []byte
でいいのでは?
pkg/sabakan-cryptsetup/cmd/meta.go
Outdated
func (m *Metadata) DecryptKey(ek []byte) ([]byte, error) { | ||
if len(ek) != len(m.kek) { | ||
return nil, fmt.Errorf("key length mismatch: expected=%d, actual=%d", len(m.kek), len(ek)) | ||
func (m *Metadata) DecryptKey(kek, tpmKek []byte) ([]byte, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
DecryptKey の第一引数は「暗号化されたキー」であるので ek
が正しくて、kek
(key encryption key)ではないので元に戻してください。
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
paired
Update documents.