Add infrastructure for supporting multiple token slots per unlock method

Cargo.toml

@@ -142,7 +142,7 @@ version = "0.2.155"
 optional = true
 
 [dependencies.libcryptsetup-rs]
-version = "0.11.0"
+version = "0.11.2"
 features = ["mutex"]
 optional = true
 

src/bin/stratis-legacy-pool.rs

@@ -9,7 +9,7 @@ use serde_json::{json, Map, Value};
 
 use stratisd::{
     engine::{
-        register_clevis_token, EncryptionInfo, KeyDescription, ProcessedPathInfos, StratPool,
+        register_clevis_token, InputEncryptionInfo, KeyDescription, ProcessedPathInfos, StratPool,
         CLEVIS_TANG_TRUST_URL,
     },
     stratis::StratisResult,
@@ -120,12 +120,7 @@ fn main() -> StratisResult<()> {
     )?
     .unpack()
     .1;
-    let encryption_info = match (key_desc, clevis_info) {
-        (Some(kd), Some(ci)) => Some(EncryptionInfo::Both(kd, ci)),
-        (Some(kd), _) => Some(EncryptionInfo::KeyDesc(kd)),
-        (_, Some(ci)) => Some(EncryptionInfo::ClevisInfo(ci)),
-        (_, _) => None,
-    };
+    let encryption_info = InputEncryptionInfo::new_legacy(key_desc, clevis_info);
     register_clevis_token()?;
     StratPool::initialize(name.as_str(), unowned, encryption_info.as_ref())?;
     Ok(())

src/dbus_api/api/manager_3_0/methods.rs

@@ -22,9 +22,9 @@ use crate::{
         util::{engine_to_dbus_err_tuple, get_next_arg, tuple_to_option},
     },
     engine::{
-        CreateAction, DeleteAction, EncryptionInfo, EngineAction, IntegritySpec, KeyDescription,
-        MappingCreateAction, MappingDeleteAction, PoolIdentifier, PoolUuid, SetUnlockAction,
-        UnlockMethod,
+        CreateAction, DeleteAction, EngineAction, InputEncryptionInfo, IntegritySpec,
+        KeyDescription, MappingCreateAction, MappingDeleteAction, PoolIdentifier, PoolUuid,
+        SetUnlockAction, UnlockMethod,
     },
     stratis::StratisError,
 };
@@ -322,12 +322,13 @@ pub fn create_pool(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
         },
         None => None,
     };
+    let encryption_info = InputEncryptionInfo::new_legacy(key_desc, clevis_info);
 
     let dbus_context = m.tree.get_data();
     let create_result = handle_action!(block_on(dbus_context.engine.create_pool(
         name,
         &devs.map(Path::new).collect::<Vec<&Path>>(),
-        EncryptionInfo::from_options((key_desc, clevis_info)).as_ref(),
+        encryption_info.as_ref(),
         IntegritySpec::default(),
     )));
     match create_result {

src/dbus_api/api/manager_3_2/methods.rs

@@ -15,7 +15,7 @@ use crate::{
         types::{DbusErrorEnum, TData, OK_STRING},
         util::{engine_to_dbus_err_tuple, get_next_arg, tuple_to_option},
     },
-    engine::{PoolIdentifier, PoolUuid, StartAction, StopAction, UnlockMethod},
+    engine::{PoolIdentifier, PoolUuid, StartAction, StopAction, TokenUnlockMethod, UnlockMethod},
     stratis::StratisError,
 };
 
@@ -63,7 +63,7 @@ pub fn start_pool(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
 
     let ret = match handle_action!(block_on(dbus_context.engine.start_pool(
         PoolIdentifier::Uuid(pool_uuid),
-        unlock_method,
+        TokenUnlockMethod::from(unlock_method),
         None
     ))) {
         Ok(StartAction::Started(_)) => {

src/dbus_api/api/manager_3_4/methods.rs

@@ -14,7 +14,7 @@ use crate::{
         types::{DbusErrorEnum, TData, OK_STRING},
         util::{engine_to_dbus_err_tuple, get_next_arg, tuple_to_option},
     },
-    engine::{Name, PoolIdentifier, PoolUuid, StartAction, UnlockMethod},
+    engine::{Name, PoolIdentifier, PoolUuid, StartAction, TokenUnlockMethod, UnlockMethod},
     stratis::StratisError,
 };
 
@@ -69,7 +69,7 @@ pub fn start_pool(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
 
     let ret = match handle_action!(block_on(dbus_context.engine.start_pool(
         id.clone(),
-        unlock_method,
+        TokenUnlockMethod::from(unlock_method),
         None
     ))) {
         Ok(StartAction::Started(_)) => {

src/dbus_api/api/manager_3_5/methods.rs

@@ -15,7 +15,7 @@ use crate::{
         types::{DbusErrorEnum, TData, OK_STRING},
         util::{engine_to_dbus_err_tuple, get_next_arg, tuple_to_option},
     },
-    engine::{CreateAction, EncryptionInfo, IntegritySpec, KeyDescription, PoolIdentifier},
+    engine::{CreateAction, InputEncryptionInfo, IntegritySpec, KeyDescription, PoolIdentifier},
     stratis::StratisError,
 };
 
@@ -64,7 +64,7 @@ pub fn create_pool(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
     let create_result = handle_action!(block_on(dbus_context.engine.create_pool(
         name,
         &devs.map(Path::new).collect::<Vec<&Path>>(),
-        EncryptionInfo::from_options((key_desc, clevis_info)).as_ref(),
+        InputEncryptionInfo::new_legacy(key_desc, clevis_info).as_ref(),
         IntegritySpec::default(),
     )));
     match create_result {

src/dbus_api/api/manager_3_8/methods.rs

@@ -23,8 +23,8 @@ use crate::{
         util::{engine_to_dbus_err_tuple, get_next_arg, tuple_to_option},
     },
     engine::{
-        CreateAction, EncryptionInfo, IntegritySpec, IntegrityTagSpec, KeyDescription, Name,
-        PoolIdentifier, PoolUuid, StartAction, UnlockMethod,
+        CreateAction, InputEncryptionInfo, IntegritySpec, IntegrityTagSpec, KeyDescription, Name,
+        PoolIdentifier, PoolUuid, StartAction, TokenUnlockMethod, UnlockMethod,
     },
     stratis::StratisError,
 };
@@ -86,7 +86,7 @@ pub fn start_pool(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
 
     let ret = match handle_action!(block_on(dbus_context.engine.start_pool(
         id.clone(),
-        unlock_method,
+        TokenUnlockMethod::from(unlock_method),
         fd.map(|f| f.into_fd()),
     ))) {
         Ok(StartAction::Started(_)) => {
@@ -208,7 +208,7 @@ pub fn create_pool(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
     let create_result = handle_action!(block_on(dbus_context.engine.create_pool(
         name,
         &devs.map(Path::new).collect::<Vec<&Path>>(),
-        EncryptionInfo::from_options((key_desc, clevis_info)).as_ref(),
+        InputEncryptionInfo::new_legacy(key_desc, clevis_info).as_ref(),
         IntegritySpec {
             journal_size,
             tag_spec,

src/dbus_api/pool/pool_3_0/methods.rs

@@ -20,8 +20,8 @@ use crate::{
         util::{engine_to_dbus_err_tuple, get_next_arg, tuple_to_option},
     },
     engine::{
-        CreateAction, DeleteAction, EngineAction, FilesystemUuid, KeyDescription, Name, PoolUuid,
-        RenameAction,
+        CreateAction, DeleteAction, EngineAction, FilesystemUuid, KeyDescription, Name,
+        OptionalTokenSlotInput, PoolUuid, RenameAction,
     },
     stratis::StratisError,
 };
@@ -376,15 +376,16 @@ pub fn bind_clevis(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
         }
     };
     let msg = match handle_action!(
-        pool.bind_clevis(pin.as_str(), &json),
+        pool.bind_clevis(OptionalTokenSlotInput::Legacy, pin.as_str(), &json),
         dbus_context,
         pool_path.get_name()
     ) {
         Ok(CreateAction::Identity) => {
             return_message.append3(false, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Ok(CreateAction::Created(_)) => {
-            dbus_context.push_pool_clevis_info_change(pool_path.get_name(), pool.encryption_info());
+            dbus_context
+                .push_pool_clevis_info_change(pool_path.get_name(), pool.encryption_info_legacy());
             return_message.append3(true, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Err(e) => {
@@ -416,12 +417,13 @@ pub fn unbind_clevis(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
 
     let mut pool = get_mut_pool!(dbus_context.engine; pool_uuid; default_return; return_message);
 
-    let msg = match handle_action!(pool.unbind_clevis(), dbus_context, pool_path.get_name()) {
+    let msg = match handle_action!(pool.unbind_clevis(None), dbus_context, pool_path.get_name()) {
         Ok(DeleteAction::Identity) => {
             return_message.append3(false, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Ok(DeleteAction::Deleted(_)) => {
-            dbus_context.push_pool_clevis_info_change(pool_path.get_name(), pool.encryption_info());
+            dbus_context
+                .push_pool_clevis_info_change(pool_path.get_name(), pool.encryption_info_legacy());
             return_message.append3(true, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Err(e) => {
@@ -464,15 +466,16 @@ pub fn bind_keyring(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
     let mut pool = get_mut_pool!(dbus_context.engine; pool_uuid; default_return; return_message);
 
     let msg = match handle_action!(
-        pool.bind_keyring(&key_desc),
+        pool.bind_keyring(OptionalTokenSlotInput::Legacy, &key_desc),
         dbus_context,
         pool_path.get_name()
     ) {
         Ok(CreateAction::Identity) => {
             return_message.append3(false, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Ok(CreateAction::Created(_)) => {
-            dbus_context.push_pool_key_desc_change(pool_path.get_name(), pool.encryption_info());
+            dbus_context
+                .push_pool_key_desc_change(pool_path.get_name(), pool.encryption_info_legacy());
             return_message.append3(true, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Err(e) => {
@@ -504,12 +507,17 @@ pub fn unbind_keyring(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult
 
     let mut pool = get_mut_pool!(dbus_context.engine; pool_uuid; default_return; return_message);
 
-    let msg = match handle_action!(pool.unbind_keyring(), dbus_context, pool_path.get_name()) {
+    let msg = match handle_action!(
+        pool.unbind_keyring(None),
+        dbus_context,
+        pool_path.get_name()
+    ) {
         Ok(DeleteAction::Identity) => {
             return_message.append3(false, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Ok(DeleteAction::Deleted(_)) => {
-            dbus_context.push_pool_key_desc_change(pool_path.get_name(), pool.encryption_info());
+            dbus_context
+                .push_pool_key_desc_change(pool_path.get_name(), pool.encryption_info_legacy());
             return_message.append3(true, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Err(e) => {
@@ -552,15 +560,16 @@ pub fn rebind_keyring(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult
     let mut pool = get_mut_pool!(dbus_context.engine; pool_uuid; default_return; return_message);
 
     let msg = match handle_action!(
-        pool.rebind_keyring(&key_desc),
+        pool.rebind_keyring(None, &key_desc),
         dbus_context,
         pool_path.get_name()
     ) {
         Ok(RenameAction::Identity) => {
             return_message.append3(false, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Ok(RenameAction::Renamed(_)) => {
-            dbus_context.push_pool_key_desc_change(pool_path.get_name(), pool.encryption_info());
+            dbus_context
+                .push_pool_key_desc_change(pool_path.get_name(), pool.encryption_info_legacy());
             return_message.append3(true, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Ok(RenameAction::NoSource) => {
@@ -599,9 +608,10 @@ pub fn rebind_clevis(m: &MethodInfo<'_, MTSync<TData>, TData>) -> MethodResult {
 
     let mut pool = get_mut_pool!(dbus_context.engine; pool_uuid; default_return; return_message);
 
-    let msg = match handle_action!(pool.rebind_clevis(), dbus_context, pool_path.get_name()) {
+    let msg = match handle_action!(pool.rebind_clevis(None), dbus_context, pool_path.get_name()) {
         Ok(_) => {
-            dbus_context.push_pool_clevis_info_change(pool_path.get_name(), pool.encryption_info());
+            dbus_context
+                .push_pool_clevis_info_change(pool_path.get_name(), pool.encryption_info_legacy());
             return_message.append3(true, DbusErrorEnum::OK as u16, OK_STRING.to_string())
         }
         Err(e) => {

src/dbus_api/pool/shared.rs

@@ -283,12 +283,12 @@ pub fn pool_avail_actions_prop(pool: &dyn Pool) -> String {
 
 /// Generate D-Bus representation of a pool key description property.
 pub fn pool_key_desc_prop(pool: &dyn Pool) -> (bool, (bool, String)) {
-    prop_conv::key_desc_to_prop(pool.encryption_info())
+    prop_conv::key_desc_to_prop(pool.encryption_info_legacy())
 }
 
 /// Generate D-Bus representation of a pool Clevis info property.
 pub fn pool_clevis_info_prop(pool: &dyn Pool) -> (bool, (bool, (String, String))) {
-    prop_conv::clevis_info_to_prop(pool.encryption_info())
+    prop_conv::clevis_info_to_prop(pool.encryption_info_legacy())
 }
 
 /// Generate D-Bus representation of a boolean indicating whether the pool

src/dbus_api/tree.rs

@@ -298,7 +298,7 @@ impl DbusTreeHandler {
             opath
                 .get_data()
                 .as_ref()
-                .map_or(false, |op_cxt| op_cxt.parent == item)
+                .is_some_and(|op_cxt| op_cxt.parent == item)
         }) {
             if let StratisUuid::Fs(_) = opath
                 .get_data()