I have an encrypted LUKS container that was created via Linux shell by:
cryptsetup luksFormat <container> <keyfile>
Then the related key file was stored on TPM by:
cryptsetup-tpm2 --tpm2-nv <index> add <container> <keyfile>
After that I need to open this container from the Linux application via cryptsetup API:
https://mbroz.fedorapeople.org/libcryptsetup_API/
What API call do I need to use for my case, i.e. when access to container is via keyfile stored on TPM?
The only API call for opening containers that I see is :
crypt_activate_by_passphrase()
But as I understand it can open container only via passphrase.
I've tried to open container with this API call with an empty password in assumption that it will locate
the needed keyfile, but the API call fails in this case.
The container can be opened via Linux shell by:
cryptsetup-tpm2 open <container> <device name>
but I need to open it via API call from the application.
Thanks in advance.
