"Fossies" - the Fresh Open Source Software Archive

Member "zuluCrypt-5.7.1/zuluCrypt-cli/lib/create_luks.c" (3 Feb 2020, 8970 Bytes) of package /linux/misc/zuluCrypt-5.7.1.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "create_luks.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 5.7.0_vs_5.7.1.

    1 /*
    2  *
    3  *  Copyright (c) 2011-2015
    4  *  name : Francis Banyikwa
    5  *  email: mhogomchungu@gmail.com
    6  *  This program is free software: you can redistribute it and/or modify
    7  *  it under the terms of the GNU General Public License as published by
    8  *  the Free Software Foundation, either version 2 of the License, or
    9  *  (at your option) any later version.
   10  *
   11  *  This program is distributed in the hope that it will be useful,
   12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
   13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   14  *  GNU General Public License for more details.
   15  *
   16  *  You should have received a copy of the GNU General Public License
   17  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
   18  */
   19 
   20 #include "includes.h"
   21 #include <fcntl.h>
   22 #include <unistd.h>
   23 #include <stdio.h>
   24 #include <sys/syscall.h>
   25 
   26 #include <libcryptsetup.h>
   27 
   28 #include "luks2_support.h"
   29 
   30 typedef struct arguments{
   31 
   32     size_t key_len ;
   33     size_t key_size ;
   34 
   35     const char * key ;
   36     const char * type ;
   37     const char * hash ;
   38     const char * algo ;
   39     const char * cipher ;
   40     const char * rng ;
   41     const char * integrity ;
   42 
   43     void * params ;
   44     void * pbkdf ;
   45 
   46     u_int64_t iterations ;
   47 
   48     void *( *function )( const struct arguments * ) ;
   49     int ( *format )( struct crypt_device * ) ;
   50 
   51 }arguments ;
   52 
   53 static void _debug( int a,const char * b,void * c )
   54 {
   55     if( c ){}
   56 
   57     if( a == CRYPT_LOG_ERROR ){
   58 
   59         if( b ){
   60 
   61             printf( "log level: %d,log msg: %s",a,b ) ;
   62         }else{
   63             printf( "log level: %d,log msg: NULL",a ) ;
   64         }
   65     }
   66 }
   67 
   68 void zuluCryptPrintLogOutPut( void * cd )
   69 {
   70     crypt_set_log_callback( cd,_debug,NULL ) ;
   71 }
   72 
   73 static int zuluExit( int st,stringList_t stl,char * const * options )
   74 {
   75     StringFree( options ) ;
   76 
   77     StringListDelete( &stl ) ;
   78 
   79     return st ;
   80 }
   81 
   82 static int zuluExit_1( int st,struct crypt_device * cd )
   83 {
   84     crypt_free( cd ) ;
   85 
   86     return st ;
   87 }
   88 
   89 static int _not_supported_argument_encountered( char * const * options )
   90 {
   91     const char * e = *( options + 1 ) ;
   92 
   93     /*
   94      * supported algorithms are: aes,serpent and twofish
   95      */
   96     if( StringAtLeastOneMatch_1( e,"aes","serpent","twofish",NULL ) ){
   97 
   98         e = *( options + 2 ) ;
   99         /*
  100          * supported ciphers are: xts-plain64 and cbc-essiv:sha256
  101          */
  102         if( StringAtLeastOneMatch_1( e,"xts-plain64","cbc-essiv:sha256",NULL ) ){
  103 
  104             e = *( options + 3 ) ;
  105 
  106             /*
  107              * supported keysizes in bits are: 256 and 512
  108              */
  109             if( StringAtLeastOneMatch_1( e,"256","512",NULL ) ){
  110 
  111                 e = *( options + 4 ) ;
  112 
  113                 /*
  114                  * supported hashes are: sha1,sha256,sha512,ripemd160 and whirlpool
  115                  */
  116 
  117                 if( StringsAreEqual( e,"whirlpool" ) ){
  118                     /*
  119                      * zuluCryptWhirlpoolIsSupported() is defined in include.h
  120                      */
  121                     if( zuluCryptWhirlpoolIsSupported() ){
  122 
  123                         return 0 ;
  124                     }else{
  125                         return 1 ;
  126                     }
  127                 }
  128                 if( StringAtLeastOneMatch_1( e,"sha1","sha256","sha512","ripemd160",NULL ) ){
  129 
  130                     return 0 ;
  131                 }
  132             }
  133         }
  134     }
  135 
  136     return 1 ;
  137 }
  138 
  139 static int _create_luks( const char * device,const resolve_path_t * opts )
  140 {
  141     struct crypt_device * cd = NULL ;
  142 
  143     const arguments * args = opts->args ;
  144 
  145     if( crypt_init( &cd,device ) != 0 ){
  146 
  147         return 1 ;
  148     }
  149 
  150     if( args->integrity != NULL ){
  151 
  152         zuluCryptPrintLogOutPut( cd ) ;
  153     }
  154 
  155     if( StringsAreEqual( args->rng,"/dev/random" ) ){
  156 
  157         crypt_set_rng_type( cd,CRYPT_RNG_RANDOM ) ;
  158     }else{
  159         crypt_set_rng_type( cd,CRYPT_RNG_URANDOM ) ;
  160     }
  161 
  162     if( args->iterations != 0 ){
  163 
  164         crypt_set_iteration_time( cd,args->iterations ) ;
  165     }
  166 
  167     if( crypt_format( cd,args->type,args->algo,args->cipher,NULL,NULL,
  168               args->key_size,args->params ) != 0 ){
  169 
  170         return zuluExit_1( 2,cd ) ;
  171     }
  172 
  173     if( crypt_keyslot_add_by_volume_key( cd,CRYPT_ANY_SLOT,NULL,args->key_size,
  174         args->key,args->key_len ) < 0 ){
  175         return zuluExit_1( 3,cd ) ;
  176     }else{
  177         if( args->integrity ){
  178 
  179             if( args->format( cd ) == 0 ){
  180 
  181                 return zuluExit_1( 0,cd ) ;
  182             }else{
  183                 return zuluExit_1( 3,cd ) ;
  184             }
  185         }else{
  186             return zuluExit_1( 0,cd ) ;
  187         }
  188     }
  189 }
  190 
  191 static int _create_luks_0( arguments * args,const char * device,const char * key,
  192                size_t key_len,const char * options )
  193 {
  194     /*
  195      * resolve_path_t is defined in includes.h
  196      */
  197     resolve_path_t opts ;
  198 
  199     size_t list_count = 0 ;
  200 
  201     char * const * list = NULL ;
  202 
  203     stringList_t stl ;
  204 
  205     /*
  206      * options is structure expected to be in a format of:
  207      * rng.algo.cipher.keysize.hash.iteration_count
  208      */
  209 
  210     if( StringHasNothing( options ) ){
  211 
  212         stl = StringList( "/dev/urandom" ) ;
  213     }else{
  214         stl = StringListSplit( options,'.' ) ;
  215     }
  216 
  217     StringListStringArray_1( &list,&list_count,stl ) ;
  218 
  219     if( list_count == 1 ){
  220 
  221         args->hash     = "sha256" ;
  222         args->cipher   = "xts-plain64" ;
  223         args->algo     = "aes" ;
  224         args->key_size = 64 ;
  225         args->rng      = *( list + 0 ) ;
  226 
  227     }else if( list_count >= 5 ){
  228 
  229         if( _not_supported_argument_encountered( list ) ){
  230 
  231             return zuluExit( 1,stl,list ) ;
  232         }else{
  233             args->rng      = *( list + 0 ) ;
  234             args->algo     = *( list + 1 ) ;
  235             args->cipher   = *( list + 2 ) ;
  236             args->key_size = ( size_t ) StringConvertToInt( *( list + 3 ) ) / 8 ;
  237             args->hash     = *( list + 4 ) ;
  238 
  239             if( list_count > 5 ){
  240 
  241                 args->iterations = StringConvertToInt( *( list + 5 ) ) ;
  242             }
  243 
  244             if( list_count > 6 ){
  245 
  246                 args->integrity = *( list + 6 ) ;
  247             }
  248         }
  249     }else{
  250         return zuluExit( 1,stl,list ) ;
  251     }
  252 
  253     args->key      = key ;
  254     args->key_len  = key_len ;
  255 
  256     args->params   = args->function( args ) ;
  257 
  258     opts.args         = args ;
  259     opts.device       = device ;
  260     opts.open_mode    = O_RDWR ;
  261     opts.error_value  = 2 ;
  262 
  263     /*
  264      * zuluCryptResolveDevicePath() is defined in resolve_path.c
  265      */
  266     return zuluExit( zuluCryptResolveDevicePath( _create_luks,&opts ),stl,list ) ;
  267 }
  268 
  269 static void * _luks1( const arguments * args )
  270 {
  271     struct crypt_params_luks1 * params = args->params ;
  272 
  273     params->hash           = args->hash ;
  274     params->data_alignment = 4096 ;
  275 
  276     return params ;
  277 }
  278 
  279 static int _format_0( struct crypt_device * cd )
  280 {
  281     if( cd ){}
  282     return 0 ;
  283 }
  284 
  285 int zuluCryptCreateLuks( const char * device,const char * key,size_t key_len,const char * options )
  286 {
  287     struct crypt_params_luks1 params ;
  288 
  289     arguments args ;
  290 
  291     memset( &args,'\0',sizeof( args ) ) ;
  292     memset( &params,'\0',sizeof( params ) ) ;
  293 
  294     args.params   = &params ;
  295     args.function = _luks1 ;
  296     args.type     = CRYPT_LUKS1 ;
  297     args.format   = _format_0 ;
  298 
  299     return _create_luks_0( &args,device,key,key_len,options ) ;
  300 }
  301 
  302 #ifdef CRYPT_LUKS2
  303 
  304 static int _tools_wipe_progress( uint64_t size,uint64_t offset,void * usrptr )
  305 {
  306     int * progress = usrptr ;
  307 
  308     int x = ( int )( offset * 100 / size ) ;
  309 
  310     if( x > *progress ){
  311 
  312         printf( "%s complete: %d\n","%",x ) ;
  313 
  314         *progress = x ;
  315     }
  316 
  317     return 0 ;
  318 }
  319 
  320 static int _format( struct crypt_device * cd )
  321 {
  322     int progress = 0 ;
  323 
  324     int i ;
  325 
  326     string_t s = String_1( crypt_get_dir(),"/",NULL ) ;
  327 
  328     string_t m = String( "zuluCrypt-wipe-volume-" ) ;
  329 
  330     const char * mapper = StringAppendInt( m,(u_int64_t)syscall( SYS_gettid ) ) ;
  331 
  332     int r = crypt_activate_by_volume_key( cd,
  333                           mapper,
  334                           NULL,
  335                           0,
  336                           CRYPT_ACTIVATE_PRIVATE | CRYPT_ACTIVATE_NO_JOURNAL ) ;
  337     if( r < 0 ){
  338 
  339         return 3 ;
  340     }
  341 
  342     printf( "----Starting to wipe an integrity device----\n" ) ;
  343 
  344     crypt_wipe( cd,
  345             StringAppendString( s,m ),
  346             CRYPT_WIPE_ZERO,
  347             0,
  348             0,
  349             (size_t)crypt_get_sector_size( cd ) * 512,
  350             0,
  351             _tools_wipe_progress,
  352             &progress ) ;
  353 
  354     printf( "----Finish wiping an integrity device----\n" ) ;
  355 
  356     for( i = 0 ; i < 3 ; i++ ){
  357 
  358         if( crypt_deactivate( cd,mapper ) == 0 ){
  359 
  360             break ;
  361         }else{
  362             sleep( 1 ) ;
  363         }
  364     }
  365 
  366     StringDelete( &m ) ;
  367     StringDelete( &s ) ;
  368 
  369     return 0 ;
  370 }
  371 
  372 void zuluCryptDisableMetadataLocking( void )
  373 {
  374     crypt_metadata_locking( NULL,0 ) ;
  375 }
  376 
  377 static void * _luks2( const arguments * args )
  378 {
  379     struct crypt_params_luks2 * params = args->params ;
  380 
  381     params->sector_size     = 512 ;
  382     params->integrity       = args->integrity ;
  383 
  384 #if SUPPORT_crypt_get_pbkdf_default //added in cryptsetup 2.0.3
  385 
  386     params->pbkdf = crypt_get_pbkdf_default( CRYPT_LUKS2 ) ;
  387 #else
  388     struct crypt_pbkdf_type   * pbkdf  = args->pbkdf ;
  389 
  390     pbkdf->type             = CRYPT_KDF_ARGON2I ;
  391     pbkdf->hash             = args->hash ;
  392     pbkdf->time_ms          = 800 ;
  393     pbkdf->max_memory_kb    = 1024 ;
  394     pbkdf->parallel_threads = 4 ;
  395 
  396     params->pbkdf           = pbkdf ;
  397 #endif
  398     return params ;
  399 }
  400 
  401 int zuluCryptCreateLuks2( const char * device,const char * key,size_t key_len,const char * options )
  402 {
  403     struct crypt_params_luks2 params ;
  404     struct crypt_pbkdf_type pbkdf ;
  405 
  406     arguments args ;
  407 
  408     memset( &args,'\0',sizeof( args ) ) ;
  409     memset( &params,'\0',sizeof( params ) ) ;
  410     memset( &pbkdf,'\0',sizeof( pbkdf ) ) ;
  411 
  412     args.pbkdf    = &pbkdf ;
  413     args.params   = &params ;
  414     args.function = _luks2 ;
  415     args.type     = CRYPT_LUKS2 ;
  416     args.format   = _format ;
  417 
  418     return _create_luks_0( &args,device,key,key_len,options ) ;
  419 }
  420 
  421 #else
  422 
  423 void zuluCryptDisableMetadataLocking( void )
  424 {
  425 }
  426 
  427 int zuluCryptCreateLuks2( const char * device,const char * pass,size_t pass_size,const char * options )
  428 {
  429     if( 0 && device && pass && pass_size && options ){;}
  430     return 2 ;
  431 }
  432 
  433 #endif