@@ -361,6 +361,11 @@ typedef enum {
361361 BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS = 1 << 5,
362362} BDCryptoIntegrityOpenFlags;
363363
364+ typedef enum {
365+ BD_CRYPTO_OPEN_ALLOW_DISCARDS = 1 << 0,
366+ BD_CRYPTO_OPEN_READONLY = 1 << 1,
367+ } BDCryptoOpenFlags;
368+
364369#define BD_CRYPTO_TYPE_LUKS_INFO (bd_crypto_luks_info_get_type ())
365370GType bd_crypto_luks_info_get_type();
366371
@@ -939,6 +944,31 @@ gboolean bd_crypto_luks_format (const gchar *device, const gchar *cipher, guint6
939944 */
940945gboolean bd_crypto_luks_open (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, gboolean read_only, GError **error);
941946
947+ /**
948+ * bd_crypto_luks_open_flags:
949+ * @device: the device to open
950+ * @name: name for the LUKS device
951+ * @context: key slot context (passphrase/keyfile/token...) to open this LUKS @device
952+ * @flags: activation flags for the LUKS device
953+ * @error: (out) (optional): place to store error (if any)
954+ *
955+ * Supported @context types for this function: passphrase, key file, keyring
956+ *
957+ * Returns: whether the @device was successfully opened or not
958+ *
959+ * Tech category: %BD_CRYPTO_TECH_LUKS-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE
960+ *
961+ * Example of using %bd_crypto_luks_open with %BDCryptoKeyslotContext:
962+ *
963+ * |[<!-- language="C" -->
964+ * BDCryptoKeyslotContext *context = NULL;
965+ *
966+ * context = bd_crypto_keyslot_context_new_passphrase ("passphrase", 10, NULL);
967+ * bd_crypto_luks_open ("/dev/vda1", "luks-device", context, FALSE, NULL);
968+ * ]|
969+ */
970+ gboolean bd_crypto_luks_open_flags (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, BDCryptoOpenFlags flags, GError **error);
971+
942972/**
943973 * bd_crypto_luks_close:
944974 * @luks_device: LUKS device to close
@@ -1300,6 +1330,27 @@ gboolean bd_crypto_device_seems_encrypted (const gchar *device, GError **error);
13001330 */
13011331gboolean bd_crypto_tc_open (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, const gchar **keyfiles, gboolean hidden, gboolean system, gboolean veracrypt, guint32 veracrypt_pim, gboolean read_only, GError **error);
13021332
1333+ /**
1334+ * bd_crypto_tc_open_flags:
1335+ * @device: the device to open
1336+ * @name: name for the TrueCrypt/VeraCrypt device
1337+ * @context: (nullable): passphrase key slot context for this TrueCrypt/VeraCrypt volume
1338+ * @flags: activation flags for the TrueCrypt/VeraCrypt device
1339+ * @keyfiles: (nullable) (array zero-terminated=1): paths to the keyfiles for the TrueCrypt/VeraCrypt volume
1340+ * @hidden: whether a hidden volume inside the volume should be opened
1341+ * @system: whether to try opening as an encrypted system (with boot loader)
1342+ * @veracrypt: whether to try VeraCrypt modes (TrueCrypt modes are tried anyway)
1343+ * @veracrypt_pim: VeraCrypt PIM value (only used if @veracrypt is %TRUE)
1344+ * @error: (out) (optional): place to store error (if any)
1345+ *
1346+ * Supported @context types for this function: passphrase
1347+ *
1348+ * Returns: whether the @device was successfully opened or not
1349+ *
1350+ * Tech category: %BD_CRYPTO_TECH_TRUECRYPT-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE
1351+ */
1352+ gboolean bd_crypto_tc_open_flags (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, const gchar **keyfiles, gboolean hidden, gboolean system, gboolean veracrypt, guint32 veracrypt_pim, BDCryptoOpenFlags flags, GError **error);
1353+
13031354/**
13041355 * bd_crypto_tc_close:
13051356 * @tc_device: TrueCrypt/VeraCrypt device to close
@@ -1342,6 +1393,22 @@ gboolean bd_crypto_escrow_device (const gchar *device, const gchar *passphrase,
13421393 */
13431394gboolean bd_crypto_bitlk_open (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, gboolean read_only, GError **error);
13441395
1396+ /**
1397+ * bd_crypto_bitlk_open_flags:
1398+ * @device: the device to open
1399+ * @name: name for the BITLK device
1400+ * @context: key slot context (passphrase/keyfile/token...) for this BITLK device
1401+ * @flags: activation flags for the BITLK device
1402+ * @error: (out) (optional): place to store error (if any)
1403+ *
1404+ * Supported @context types for this function: passphrase, key file
1405+ *
1406+ * Returns: whether the @device was successfully opened or not
1407+ *
1408+ * Tech category: %BD_CRYPTO_TECH_BITLK-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE
1409+ */
1410+ gboolean bd_crypto_bitlk_open_flags (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, BDCryptoOpenFlags flags, GError **error);
1411+
13451412/**
13461413 * bd_crypto_bitlk_close:
13471414 * @bitlk_device: BITLK device to close
@@ -1369,6 +1436,22 @@ gboolean bd_crypto_bitlk_close (const gchar *bitlk_device, GError **error);
13691436 */
13701437gboolean bd_crypto_fvault2_open (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, gboolean read_only, GError **error);
13711438
1439+ /**
1440+ * bd_crypto_fvault2_open_flags:
1441+ * @device: the device to open
1442+ * @name: name for the FVAULT2 device
1443+ * @context: key slot context (passphrase/keyfile/token...) for this FVAULT2 volume
1444+ * @flags: activation flags for the FVAULT2 device
1445+ * @error: (out) (optional): place to store error (if any)
1446+ *
1447+ * Supported @context types for this function: passphrase, key file
1448+ *
1449+ * Returns: whether the @device was successfully opened or not
1450+ *
1451+ * Tech category: %BD_CRYPTO_TECH_FVAULT2-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE
1452+ */
1453+ gboolean bd_crypto_fvault2_open_flags (const gchar *device, const gchar *name, BDCryptoKeyslotContext *context, BDCryptoOpenFlags flags, GError **error);
1454+
13721455/**
13731456 * bd_crypto_fvault2_close:
13741457 * @fvault2_device: FVAULT2 device to close
0 commit comments