codebase: make sure same exact vocabulary is used TPM Owner Password, GPG User PIN, GPG Admin PIN, Secrets app PIN

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2025-04-14 14:36:43 +00:00 · 2025-04-03 15:46:56 -04:00 · 2025-04-03 15:46:56 -04:00 · 3692a41e90
commit 3692a41e90
parent 4fbd4e7506
4 changed files with 7 additions and 7 deletions
--- a/initrd/bin/kexec-select-boot
+++ b/initrd/bin/kexec-select-boot
@ -75,7 +75,7 @@ if [ "$CONFIG_TPM2_TOOLS" = "y" ]; then
 		warn "Hash of TPM2 primary key handle does not exist"
 		warn "Please rebuild the TPM2 primary key handle hash by setting a default OS to boot."
 		warn "Select Options-> Boot Options -> Show OS Boot Menu -> <Pick OS> -> Make default"
-		#TODO: Simplify/Automatize TPM2 firmware upgrade process. Today: upgrade, reboot, reseal(type TPM owner pass), resign, boot
+		#TODO: Simplify/Automatize TPM2 firmware upgrade process. Today: upgrade, reboot, reseal(type TPM Owner Password), resign, boot
 		default_failed="y"
 		DEBUG "Hash of TPM2 primary key handle does not exist under $PRIMHASH_FILE"
 	fi
--- a/initrd/bin/oem-factory-reset
+++ b/initrd/bin/oem-factory-reset
@ -152,13 +152,13 @@ mount_boot() {
 reset_nk3_secret_app() {
 	TRACE_FUNC

-	# Reset Nitrokey 3 Secrets app with $ADMIN_PIN (default 12345678, or customised)
+	# Reset Nitrokey 3 Secrets app PIN with $ADMIN_PIN (default 12345678, or customised)
 	if lsusb | grep -q "20a0:42b2" && [ -x /bin/hotp_verification ]; then
 		echo
-		warn "Resetting Nitrokey 3's Secrets App with PIN. Physical presence (touch) will be required"
+		warn "Resetting Nitrokey 3's Secrets app with PIN. Physical presence (touch) will be required"
 		# TODO: change message when https://github.com/Nitrokey/nitrokey-hotp-verification/issues/41 is fixed
 		# Reset Nitrokey 3 secret app with PIN
-		# Do 3 attempts to reset Nitrokey 3 Secrets App if return code is 3 (no touch)
+		# Do 3 attempts to reset Nitrokey 3 Secrets app if return code is 3 (no touch)
 		for attempt in 1 2 3; do
 			if /bin/hotp_verification reset "${ADMIN_PIN}"; then
 				echo
@ -168,7 +168,7 @@ reset_nk3_secret_app() {
 				if [ $error_code -eq 3 ] && [ $attempt -lt 3 ]; then
 					whiptail --msgbox "Nitrokey 3 requires physical presence: touch the dongle when requested" $HEIGHT $WIDTH --title "Nk3 cecrets app reset attempt: $attempt/3"
 				else
-					whiptail_error_die "Nitrokey 3's secrets app reset failed with error:$error_code. Contact Nitrokey support"
+					whiptail_error_die "Nitrokey 3's Secrets app reset failed with error:$error_code. Contact Nitrokey support"
 				fi
 			fi
 		done
--- a/initrd/bin/tpmr
+++ b/initrd/bin/tpmr
@ -302,7 +302,7 @@ tpm2_counter_inc() {

 tpm1_counter_create() {
 	TRACE_FUNC
-	# tpmr handles the TPM owner password (from cache or prompt), but all
+	# tpmr handles the TPM Owner Password (from cache or prompt), but all
 	# other parameters for TPM1 are passed directly, and TPM2 mimics the
 	# TPM1 interface.
 	prompt_tpm_owner_password
--- a/initrd/etc/functions
+++ b/initrd/etc/functions
@ -83,7 +83,7 @@ confirm_gpg_card() {

 	#TODO: ideally, we ask for confirmation only once per boot session
 	#TODO: even change logic here to try first and then ask user to confirm if not found
-	#TODO: or ask GPG user PIN once and cache it for the rest of the boot session for reusal
+	#TODO: or ask GPG User PIN once and cache it for the rest of the boot session for reusal
 	# This is getting in the way of unattended stuff and GPG prompts are confusing anyway, hide them from user.

 	TRACE_FUNC