better error reporting in case crypt_activate_by_signed_key() doesn't work if no matching key is in keyring
Right now libcryptsetup returns ENODEV in case crypt_activate_by_signed_key() is called for a signed dm-verity block device. It returns ENODEV in some other cases too though, for example if we concurrently set up the same verity device from the same file twice.
This is pretty annoying since we'd like to handle such errors differntly: in the latter case we'd rather retry a couple of times. In the key missing case we'd however completely fail and give the user a friendly log message about the key missing in the keyring. Right now we cannot do that however.
Hence, any chance that this can be fixed in libcryptsetup? if crypt_activateby_signed_key() would return ENOKEY in this case this would be ideal to us.