kexec-seal/save-key /etc/functions : some more uniformisation of TPM DUK verbiage

initrd/bin/kexec-save-key

@@ -73,7 +73,7 @@ for dev in $key_devices; do
 done
 
 kexec-seal-key $paramsdir ||
-	die "Failed to save and generate key in TPM"
+	die "Failed to save and generate TPM Disk Unlock Key"
 
 if [ "$skip_sign" != "y" ]; then
 	extparam=

initrd/bin/kexec-seal-key

@@ -61,7 +61,7 @@ if [ "$key_password" != "$key_password2" ]; then
 fi
 
 # Generate key file
-echo "++++++ Generating new randomized 128 bytes key file that will be unsealed by TPM Disk Unlock Key passphrase"
+echo "++++++ Generating new randomized 128 bytes key file that will be sealed/unsealed by TPM Disk Unlock Key passphrase"
 dd \
 	if=/dev/urandom \
 	of="$KEY_FILE" \
@@ -85,7 +85,7 @@ for dev in $(cat "$KEY_DEVICES" | cut -d\  -f1); do
 		fi
 	else
 		DEBUG "Slot 1 is not the only existing slot on $dev"
-		DEBUG "$dev Slot 1 will be used to store LUKS Disk Unlock Key that will be sealed into TPM next"
+		DEBUG "$dev Slot 1 will be used to store LUKS Disk Unlock Key that TPM will seal/unseal with TPM Disk Unlock Key passphrase"
 	fi
 done
 

initrd/etc/functions

@@ -96,7 +96,7 @@ reseal_tpm_disk_decryption_key() {
 	fi
 
 	if [ -s /boot/kexec_key_devices.txt ] || [ -s /boot/kexec_key_lvm.txt ]; then
-		warn "A TPM Disk Unlock Key previously sealed is now invalid since firmware measurements cannot be unsealed"
+		warn "A TPM Disk Unlock Key previously sealed is now invalid since firmware measurements could not unseal TOTP"
 		echo "Renewing LUKS Disk Unlock Key to be unsealed by TPM Disk Unlock Key passphrase"
 		while ! kexec-seal-key /boot; do
 			warn "Recovery Disk Encryption key passphrase invalid. Try again!"