On 05/07/2016 09:03 AM, Johanna A wrote: > In a comment to the last pull request I suggest adding pkcs#11 support > in cryptsetup in a similar way as to how keyfiles are handled. In a > way keyfiles and pkcs#11 data objects are quite similar. Both are > accessiable via an URI (https://tools.ietf.org/html/rfc7512), both can > be read depending on size or until EOF. Hi, in new version of LUKS we plan to add some kind of token support (at least to store some metadata inside LUKS to identify what token can open particular keyslots and that token will contain data to open particular keyslot). Anyway, PKCS#11 is one of example I would like to see to be tested from the beginning. What library it should use is another question. It would be nice if you can create "feature request" issue on cryptsetup gitlab page (https://gitlab.com/cryptsetup/cryptsetup/issues) and link your code (and possibly previous discussion) there. We will return to that later (in guess in 1-2 months, unfortunately...) and I update the issue there once this happens. Thanks, Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
