#!/bin/sh

## 输入密码
if [ -f ".input_key.flag" ]; then
    /lib/cryptsetup/askpass "Please unlock disk luks_crypt: "
    exit
fi

## 优先使用tpm解密
tpm2ToolPath=$(which tpm2-initramfs-tool)
if [ -n "${tpm2ToolPath}" ]; then
    passwordStr=`${tpm2ToolPath} unseal  2> /dev/null`
    if [ -n "${passwordStr}" ]; then
        echo -n "${passwordStr}"
        exit
    else
        echo "the tpm read failed"
    fi
else
    echo "the tpm tool could not be found"
fi

## 最后使用输入密码的方式解锁磁盘
touch .input_key.flag