zuluCrypt  5.7.1
About: zuluCrypt is a simple but feature rich solution for hard drives encryption. It can manage PLAIN dm-crypt, LUKS, TrueCrypt and VeraCrypt encrypted volumes.
  Fossies Dox: zuluCrypt-5.7.1.tar.xz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

create_tcrypt.c
Go to the documentation of this file.
1 
2  /*
3  *
4  * Copyright (c) 2013-2015
5  * name : Francis Banyikwa
6  * email: mhogomchungu@gmail.com
7  * This program is free software: you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation, either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program. If not, see <http://www.gnu.org/licenses/>.
19  */
20 
21 #include "includes.h"
22 #include <sys/syscall.h>
23 #include <sys/syscall.h>
24 #include <libcryptsetup.h>
25 #include <fcntl.h>
26 #include <unistd.h>
27 #include <sys/mount.h>
28 #include <sys/types.h>
29 #include <sys/stat.h>
30 
31 /*
32  * this header is created at config time
33  */
34 #include "truecrypt_support_1.h"
35 
36 static const int TRUE = 1 ;
37 static const int FALSE = 0 ;
38 
40 {
41  string_t m = StringVoid ;
42 
43  int r ;
44 
45  const char * device_mapper ;
46  const char * mapper ;
47 
48  size_t len ;
49 
50  open_struct_t opts ;
51 
52  memset( &opts,'\0',sizeof( open_struct_t ) ) ;
53 
54  m = String( crypt_get_dir() ) ;
55  len = StringLength( m ) ;
56 
57  StringAppend( m,"/zuluCrypt-" ) ;
58  device_mapper = StringAppendInt( m,syscall( SYS_gettid ) ) ;
59  mapper = device_mapper + len + 1 ;
60 
61  opts.volume_type = TCRYPT_NORMAL ;
62  opts.device = e->device ;
63  opts.mapper_name = mapper ;
64  opts.m_opts = "rw" ;
65 
66  opts.key = e->passphrase ;
67  opts.key_len = e->passphrase_size ;
68 
69  if( e->keyfiles != NULL ){
70 
71  opts.tcrypt_keyfiles = e->keyfiles ;
72  opts.tcrypt_keyfiles_count = e->keyfiles_number ;
73  }
74 
75  opts.veraCrypt_volume = e->veraCrypt_volume ;
77 
78  /*
79  * zuluCryptOpenTcrypt_1 is defined in open_tcrypt.c
80  */
81  r = zuluCryptOpenTcrypt_1( &opts ) ;
82 
83  if( r == 0 ){
84  /*
85  * zuluCryptCreateFileSystemInAVolume() is defined in create_volume.c
86  */
87  if( zuluCryptCreateFileSystemInAVolume( e->fs,device_mapper ) == 0 ){
88 
89  r = 0 ;
90  }else{
91  r = 3 ;
92  }
93  /*
94  * zuluCryptCloseMapper() is defined in close_mapper.c
95  */
96  zuluCryptCloseMapper( device_mapper ) ;
97  }
98 
99  if( r == 0 && e->hidden_volume_size > 0 ){
100 
101  opts.volume_type = TCRYPT_HIDDEN ;
102 
103  opts.key = e->passphrase_h ;
104  opts.key_len = e->passphrase_h_size ;
105 
106  if( e->keyfiles_h != NULL ){
107 
108  opts.tcrypt_keyfiles = e->keyfiles_h ;
109  opts.tcrypt_keyfiles_count = e->keyfiles_h_number ;
110  }
111 
112  r = zuluCryptOpenTcrypt_1( &opts ) ;
113 
114  if( r == 0 ){
115 
116  if( zuluCryptCreateFileSystemInAVolume( e->fs_h,device_mapper ) == 0 ){
117 
118  r = 0 ;
119  }else{
120  r = 3 ;
121  }
122 
123  /*
124  * zuluCryptCloseMapper() is defined in close_mapper.c
125  */
126  zuluCryptCloseMapper( device_mapper ) ;
127  }
128  }
129 
130  StringDelete( &m ) ;
131  return r ;
132 }
133 
134 static string_t _root_device( const char * device,const char ** sys_device )
135 {
136  size_t e ;
137 
138  ssize_t r ;
139 
140  string_t st = String( device ) ;
141 
142  if( StringStartsWithAtLeastOne( st,"/dev/sd","/dev/hd",NULL ) ){
143  /*
144  * this path will convert something like: "/dev/sdc12" to "/dev/sdc".
145  * basically,it removes digits from the end of the string to give the root device
146  * required by tcplay's system volume or fde volume
147  */
148  *sys_device = StringRemoveDigits( st ) ;
149  }else if( StringStartsWith( st,"/dev/mmc" ) ){
150  /*
151  * device path will be something like "/dev/mmcblk0p2" and what we want to do
152  * is cut off the string from p to end iwth "/dev/mmcblk0"
153  */
154  r = StringIndexOfChar( st,0,'p' ) ;
155 
156  if( r != -1 ){
157 
158  e = StringLength( st ) - ( size_t )r ;
159  *sys_device = StringRemoveRight( st,e ) ;
160  }else{
161  *sys_device = StringContent( st ) ;
162  }
163  }else{
164  *sys_device = StringContent( st ) ;
165  }
166  return st ;
167 }
168 
169 static int _modify_tcrypt_header( const char * device,const resolve_path_t * opts )
170 {
171  tc_api_task task ;
172 
173  int r = !TC_OK ;
174 
175  const char * sys_device = NULL ;
176 
177  const info_t * info = opts->args ;
178 
179  string_t st = StringVoid ;
180 
181  if( info->device == NULL ){
182  return r ;
183  }
184  if( tc_api_initialize() ){
185 
186  if( tc_api_task_initialize( &task,"modify" ) ){
187 
188  if( StringsAreEqual( info->opt,"sys" ) ){
189 
190  tc_api_task_set( task,"dev",device ) ;
191  st = _root_device( device,&sys_device ) ;
192  tc_api_task_set( task,"sys",sys_device ) ;
193 
194  }else if( StringsAreEqual( info->opt,"fde" ) ){
195 
196  st = _root_device( device,&sys_device ) ;
197 
198  tc_api_task_set( task,"dev",sys_device ) ;
199  tc_api_task_set( task,"fde",TRUE ) ;
200  }else{
201  tc_api_task_set( task,"dev",device ) ;
202  }
203 
204  tc_api_task_set( task,"veracrypt_mode",info->veraCrypt_volume ) ;
205  /*
206  * zuluCryptVeraCryptPIM() is defined in create_tcrypt.c
207  */
208  tc_api_task_set( task,"iteration_count",
210 
211  tc_api_task_set( task,"hidden_size_bytes",( u_int64_t )0 ) ;
212  tc_api_task_set( task,info->header_source,info->tmp_path ) ;
213  tc_api_task_set( task,info->header_key_source,info->header_key ) ;
215 
216  tc_api_task_set( task,"weak_keys_and_salt",StringsAreEqual( info->rng,"/dev/urandom" ) ) ;
217 
218  r = tc_api_task_do( task ) ;
219 
220  tc_api_task_uninit( task ) ;
221  }
222 
223  tc_api_uninit() ;
224  }
225  StringDelete( &st ) ;
226  return r ;
227 }
228 
230 {
231  /*
232  * resolve_path_t is defined in includes.h
233  */
234  resolve_path_t opts ;
235 
236  memset( &opts,'\0',sizeof( resolve_path_t ) ) ;
237 
238  opts.device = info->device ;
239  opts.args = info ;
240  opts.error_value = 3 ;
241  opts.open_mode = O_RDWR ;
242 
243  /*
244  * zuluCryptResolveDevicePath() is defined in resolve_path.c
245  */
247 }
248 
249 static const char * _set_hash( char * const * q )
250 {
251  const char * e = *q ;
252 
253  if( StringsAreEqual( e,"ripemd160" ) ){
254 
255  return "RIPEMD160" ;
256 
257  }else if( StringsAreEqual( e,"whirlpool" ) ){
258 
259  /*
260  * zuluCryptWhirlpoolIsSupported() is defined in include.h
261  */
263 
264  return "whirlpool" ;
265  }else{
266  return NULL ;
267  }
268 
269  }else if( StringsAreEqual( e,"sha512" ) ){
270 
271  return "SHA512" ;
272  }else{
273  return NULL ;
274  }
275 }
276 
277 static int _zuluExit( int r,char * const * options,stringList_t stl )
278 {
279  StringFree( options ) ;
280  StringListDelete( &stl ) ;
281  return r ;
282 }
283 
284 int zuluCryptVeraCryptPIM( int pim )
285 {
286  if( pim > 0 ){
287  return 15000 + ( pim * 1000 ) ;
288  }else{
289  return 0 ;
290  }
291 }
292 
294 {
295  return pim * 2048 ;
296 }
297 
298 /*
299  * e->encryption_options will contain a structure in the following format:
300  * rng.algorithm.cipher mode.key size in bits.hash function
301  *
302  * different components of the structure are separated by "." character
303  * multiple algorithms are separated by ":" character.
304  *
305  * example structures:
306  * /dev/urandom.aes.xts-plain64.256.ripemd160
307  * /dev/urandom.aes:twofish:serpent.xts-plain64.256.ripemd160
308  *
309  * key size field and cipher mode field are currently not in use
310  */
311 static int _create_tcrypt_volume( const char * device,const resolve_path_t * opts )
312 {
313  tc_api_task task ;
314  int r = !TC_OK ;
315  size_t i ;
316  size_t k ;
317  const char * const * z ;
318 
319  const char * cipher_chain ;
320  const char * hash ;
321  const char * rng ;
322 
323  char * const * options = NULL ;
324  size_t options_count = 0 ;
325 
326  int iteration_count = 0 ;
327 
328  stringList_t stl ;
329 
330  const create_tcrypt_t * e = opts->args ;
331 
332  if( StringHasNothing( e->encryption_options ) ){
333 
334  stl = StringList( "/dev/urandom" ) ;
335  }else{
336  stl = StringListSplit( e->encryption_options,'.' ) ;
337  }
338 
339  StringListStringArray_1( &options,&options_count,stl ) ;
340 
341  if( options_count == 1 ){
342 
343  cipher_chain = "aes" ;
344  rng = *( options + 0 ) ;
345 
346  if( e->veraCrypt_volume ){
347 
348  hash = "SHA512" ;
349  }else{
350  hash = "RIPEMD160" ;
351  }
352 
353  }else if( options_count >= 5 ){
354 
355  rng = *( options + 0 ) ;
356  cipher_chain = *( options + 1 ) ;
357  hash = _set_hash( options + 4 ) ;
358 
359  if( hash == NULL ){
360 
361  return _zuluExit( !TC_OK,options,stl ) ;
362  }
363 
364  if( options_count >= 6 ){
365 
366  iteration_count = ( int )StringConvertToInt( *( options + 5 ) ) ;
367  }
368  }else{
369  return _zuluExit( !TC_OK,options,stl ) ;
370  }
371 
372  if( tc_api_initialize() ){
373 
374  if( tc_api_task_initialize( &task,"create" ) ){
375 
376  tc_api_task_set( task,"veracrypt_mode",e->veraCrypt_volume ) ;
377  tc_api_task_set( task,"iteration_count",zuluCryptVeraCryptPIM( iteration_count ) ) ;
378  tc_api_task_set( task,"dev",device ) ;
379  tc_api_task_set( task,"secure_erase",FALSE ) ;
380  tc_api_task_set( task,"prf_algo",hash ) ;
381  tc_api_task_set( task,"cipher_chain_1",cipher_chain ) ;
382  tc_api_task_set( task,"passphrase",e->passphrase ) ;
383  tc_api_task_set( task,"weak_keys_and_salt",StringsAreEqual( rng,"/dev/urandom" ) ) ;
384 
385  z = e->keyfiles ;
386  k = e->keyfiles_number ;
387 
388  for( i = 0 ; i < k ; i++ ){
389 
390  tc_api_task_set( task,"keyfiles",*( z + i ) ) ;
391  }
392 
393  if( e->hidden_volume_size > 0 ){
394 
395  tc_api_task_set( task,"hidden_size_bytes",e->hidden_volume_size ) ;
396  tc_api_task_set( task,"h_prf_algo",hash ) ;
397  tc_api_task_set( task,"h_cipher_chain_1",cipher_chain ) ;
398  tc_api_task_set( task,"h_passphrase",e->passphrase_h ) ;
399 
400  z = e->keyfiles_h ;
401  k = e->keyfiles_h_number ;
402 
403  for( i = 0 ; i < k ; i++ ){
404 
405  tc_api_task_set( task,"h_keyfiles",*( z + i ) ) ;
406  }
407  }
408 
409  r = tc_api_task_do( task ) ;
410 
411  tc_api_task_uninit( task ) ;
412 
413  if( r == TC_OK ){
414 
416  }
417  }
418 
419  tc_api_uninit() ;
420  }
421 
422  return _zuluExit( r,options,stl ) ;
423 }
424 
426 {
427  /*
428  * resolve_path_t is defined in includes.h
429  */
430  resolve_path_t opts ;
431 
432  memset( &opts,'\0',sizeof( resolve_path_t ) ) ;
433 
434  opts.device = tcrypt->device ;
435  opts.args = tcrypt ;
436  opts.error_value = 3 ;
437  opts.open_mode = O_RDWR ;
438 
439  /*
440  * zuluCryptResolveDevicePath() is defined in resolve_path.c
441  */
443 }
444 
445 int zuluCryptCreateTCrypt( const char * device,const char * file_system,const char * rng,
446  const char * key,size_t key_len,int key_source,
447  u_int64_t hidden_volume_size,
448  const char * file_system_h,const char * key_h,size_t key_len_h,int key_source_h )
449 {
450  string_t st = StringVoid ;
451  string_t xt = StringVoid ;
452 
453  const char * keyFile ;
454  const char * keyFile_h ;
455 
456  int r ;
457 
459 
460  memset( &tcrypt,'\0',sizeof( create_tcrypt_t ) ) ;
461 
462  tcrypt.device = device ;
463  tcrypt.fs = file_system ;
464  tcrypt.fs_h = file_system_h ;
465  tcrypt.hidden_volume_size = hidden_volume_size ;
466  tcrypt.encryption_options = rng ;
467 
468  if( key_source == TCRYPT_PASSPHRASE ){
469  tcrypt.passphrase = key ;
470  }else{
471  /*
472  * zuluCryptCreateKeyFile() is defined in open_tcrypt.c
473  */
474  st = zuluCryptCreateKeyFile( key,key_len,"create_tcrypt-1-" ) ;
475  keyFile = StringContent( st ) ;
476  tcrypt.keyfiles = &keyFile ;
477  tcrypt.keyfiles_number = 1 ;
478  }
479 
480  if( tcrypt.hidden_volume_size > 0 ){
481  if( key_source_h == TCRYPT_PASSPHRASE ){
482  tcrypt.passphrase_h = key_h ;
483  }else{
484  xt = zuluCryptCreateKeyFile( key_h,key_len_h,"create_tcrypt-2-" ) ;
485  keyFile_h = StringContent( xt ) ;
486  tcrypt.keyfiles_h = &keyFile_h ;
487  tcrypt.keyfiles_h_number = 1 ;
488  }
489  }
490 
492 
493  /*
494  * zuluCryptDeleteFile_1() is defined in file_path_security.c
495  */
496  if( st != StringVoid ){
497  zuluCryptDeleteFile_1( st ) ;
498  StringDelete( &st ) ;
499  }
500  if( xt != StringVoid ){
501  zuluCryptDeleteFile_1( xt ) ;
502  StringDelete( &xt ) ;
503  }
504 
505  return r ;
506 }
StringAppendInt
const char * StringAppendInt(string_t st, u_int64_t z)
Definition: String.c:1410
tc_api_task_initialize
static int tc_api_task_initialize(tc_api_task *task, const char *op)
Definition: zuluplay_api.h:103
zuluCryptResolveDevicePath
int zuluCryptResolveDevicePath(int(*)(const char *, const resolve_path_t *), const resolve_path_t *)
Definition: resolve_paths.c:389
zuluCryptCreateTCrypt
int zuluCryptCreateTCrypt(const char *device, const char *file_system, const char *rng, const char *key, size_t key_len, int key_source, u_int64_t hidden_volume_size, const char *file_system_h, const char *key_h, size_t key_len_h, int key_source_h)
Definition: create_tcrypt.c:445
open_struct_t::mapper_name
const char * mapper_name
Definition: includes.h:71
tc_api_initialize
static int tc_api_initialize(void)
Definition: zuluplay_api.h:98
open_struct_t
Definition: includes.h:68
info_t::header_new_key_source
const char * header_new_key_source
Definition: includes.h:61
info_t::header_new_key
const char * header_new_key
Definition: includes.h:60
zuluCryptCreateFileSystemInAVolume
int zuluCryptCreateFileSystemInAVolume(const char *fs, const char *device_mapper)
Definition: create_volume.c:43
info_t::device
const char * device
Definition: includes.h:52
StringLength
size_t StringLength(string_t st)
Definition: String.c:678
StringStartsWith
int StringStartsWith(string_t st, const char *s)
Definition: String.c:821
open_struct_t::tcrypt_keyfiles_count
int tcrypt_keyfiles_count
Definition: includes.h:84
iteration_count
static int iteration_count(int pim, int sys)
Definition: main.c:60
resolve_path_t::args
const void * args
Definition: includes.h:119
StringListDelete
void StringListDelete(stringList_t *stl)
Definition: StringList.c:1184
zuluCryptCreateTCryptVolume
int zuluCryptCreateTCryptVolume(const create_tcrypt_t *tcrypt)
Definition: create_tcrypt.c:425
info_t::header_key_source
const char * header_key_source
Definition: includes.h:59
StringHasNothing
static __inline__ int StringHasNothing(const char *x)
Definition: String.h:864
StringsAreEqual
#define StringsAreEqual(x, y)
Definition: zuluSafe.c:46
zuluCryptVeraCryptPIM
int zuluCryptVeraCryptPIM(int pim)
Definition: create_tcrypt.c:284
info_t::header_source
const char * header_source
Definition: includes.h:53
info_t::iteration_count
int iteration_count
Definition: includes.h:64
_root_device
static string_t _root_device(const char *device, const char **sys_device)
Definition: create_tcrypt.c:134
StringContent
static const __inline__ char * StringContent(string_t st)
Definition: String.h:1011
open_struct_t::device
const char * device
Definition: includes.h:69
zuluCryptCreateKeyFile
string_t zuluCryptCreateKeyFile(const char *key, size_t key_len, const char *fileName)
Definition: open_tcrypt.c:125
StringType
Definition: String.c:49
resolve_path_t::error_value
int error_value
Definition: includes.h:116
open_struct_t::volume_type
int volume_type
Definition: includes.h:81
TC_OK
#define TC_OK
Definition: zuluplay_api.h:36
open_struct_t::iteration_count
int iteration_count
Definition: includes.h:83
zuluCryptModifyTcryptHeader
int zuluCryptModifyTcryptHeader(const info_t *info)
Definition: create_tcrypt.c:229
create_tcrypt_t
Definition: includes.h:97
tcrypt
Definition: tcrypt.h:39
info_t::veraCrypt_volume
int veraCrypt_volume
Definition: includes.h:63
info_t::tmp_path
const char * tmp_path
Definition: includes.h:54
String
string_t String(const char *cstring)
Definition: String.c:318
info_t::opt
const char * opt
Definition: includes.h:55
StringIndexOfChar
ssize_t StringIndexOfChar(string_t st, size_t p, char s)
Definition: String.c:548
StringStartsWithAtLeastOne
int StringStartsWithAtLeastOne(string_t st,...)
Definition: String.c:1076
zuluCryptWhirlpoolIsSupported
static int zuluCryptWhirlpoolIsSupported(void)
Definition: includes.h:128
resolve_path_t::device
const char * device
Definition: includes.h:115
open_struct_t::key
const char * key
Definition: includes.h:73
_modify_tcrypt_header
static int _modify_tcrypt_header(const char *device, const resolve_path_t *opts)
Definition: create_tcrypt.c:169
TCRYPT_HIDDEN
#define TCRYPT_HIDDEN
Definition: libzuluCrypt.h:310
StringListType
Definition: StringList.c:33
info_t::rng
const char * rng
Definition: includes.h:57
zuluCryptCloseMapper
int zuluCryptCloseMapper(const char *mapper)
Definition: close_mapper.c:84
zuluCryptSystemVeraCryptPIM
int zuluCryptSystemVeraCryptPIM(int pim)
Definition: create_tcrypt.c:293
info_t::header_key
const char * header_key
Definition: includes.h:58
open_struct_t::tcrypt_keyfiles
const char *const * tcrypt_keyfiles
Definition: includes.h:90
e
static QString e
Definition: about.cpp:31
StringListSplit
stringList_t StringListSplit(const char *cstring, char splitter)
Definition: StringList.c:428
open_struct_t::veraCrypt_volume
int veraCrypt_volume
Definition: includes.h:85
zuluCryptDeleteFile_1
void zuluCryptDeleteFile_1(string_t st)
Definition: file_path_security.c:83
tc_api_task_uninit
int tc_api_task_uninit(tc_api_task task)
Definition: tcplay_api.c:187
includes.h
StringDelete
void StringDelete(string_t *st)
Definition: String.c:162
StringConvertToInt
u_int64_t StringConvertToInt(const char *s)
Definition: String.c:1416
info_t
Definition: includes.h:51
resolve_path_t::open_mode
int open_mode
Definition: includes.h:118
zuluCryptOpenTcrypt_1
int zuluCryptOpenTcrypt_1(const open_struct_t *)
Definition: open_tcrypt.c:440
_tc_api_task
Definition: tcplay_api_internal.h:46
_set_hash
static const char * _set_hash(char *const *q)
Definition: create_tcrypt.c:249
TCRYPT_PASSPHRASE
#define TCRYPT_PASSPHRASE
Definition: libzuluCrypt.h:305
StringList
stringList_t StringList(const char *cstring)
Definition: StringList.c:157
open_struct_t::key_len
size_t key_len
Definition: includes.h:79
StringRemoveRight
const char * StringRemoveRight(string_t st, size_t x)
Definition: String.c:634
_create_tcrypt_volume
static int _create_tcrypt_volume(const char *device, const resolve_path_t *opts)
Definition: create_tcrypt.c:311
TCRYPT_NORMAL
#define TCRYPT_NORMAL
Definition: libzuluCrypt.h:309
StringRemoveDigits
const char * StringRemoveDigits(string_t st)
Definition: String.c:587
tc_api_uninit
int tc_api_uninit(void)
Definition: tcplay_api.c:57
TRUE
static const int TRUE
Definition: create_tcrypt.c:36
StringAppend
const char * StringAppend(string_t st, const char *s)
Definition: String.c:1052
tc_api_task_do
int tc_api_task_do(tc_api_task task)
Definition: tcplay_api.c:778
tc_api_task_set
int tc_api_task_set(tc_api_task task, const char *key,...)
Definition: tcplay_api.c:312
StringListStringArray_1
void StringListStringArray_1(char *const **buffer, size_t *size, stringList_t stl)
Definition: StringList.c:943
resolve_path_t
Definition: includes.h:114
FALSE
static const int FALSE
Definition: create_tcrypt.c:37
_zuluExit
static int _zuluExit(int r, char *const *options, stringList_t stl)
Definition: create_tcrypt.c:277
open_struct_t::m_opts
const char * m_opts
Definition: includes.h:76
_create_file_system
static int _create_file_system(const create_tcrypt_t *e, int iteration_count)
Definition: create_tcrypt.c:39
StringFree
static __inline__ void StringFree(const void *str)
Definition: String.h:823
StringVoid
#define StringVoid
Definition: String.h:47