"Fossies" - the Fresh Open Source Software Archive

Member "tc-play-3.3/tcplay.h" (2 Mar 2020, 11626 Bytes) of package /linux/misc/tc-play-3.3.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "tcplay.h" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 3.1_vs_3.3.

    1 /*
    2  * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>.
    3  * All rights reserved.
    4  *
    5  * Redistribution and use in source and binary forms, with or without
    6  * modification, are permitted provided that the following conditions
    7  * are met:
    8  *
    9  * 1. Redistributions of source code must retain the above copyright
   10  *    notice, this list of conditions and the following disclaimer.
   11  * 2. Redistributions in binary form must reproduce the above copyright
   12  *    notice, this list of conditions and the following disclaimer in
   13  *    the documentation and/or other materials provided with the
   14  *    distribution.
   15  *
   16  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   17  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
   18  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
   19  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
   20  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
   21  * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
   22  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
   23  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
   24  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   25  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   26  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   27  * SUCH DAMAGE.
   28  */
   29 
   30 /* Version of tcplay specified during build (CMakeLists.txt, Makefile.classic) */
   31 
   32 #ifndef _TCPLAY_H
   33 #define _TCPLAY_H
   34 
   35 #define MAX_BLKSZ       4096
   36 #define MAX_KEYSZ       192
   37 #define HDRSZ           512
   38 #define HDR_OFFSET_SYS      31744   /* 512 * (63 -1) */
   39 #define TC_SIG          "TRUE"
   40 #define VC_SIG          "VERA"
   41 #define MAX_PASSSZ      64
   42 #define PASS_BUFSZ      256
   43 #define KPOOL_SZ        64
   44 #define MAX_KFILE_SZ        1048576 /* 1 MB */
   45 #define MAX_KEYFILES        256
   46 #define HDR_OFFSET_HIDDEN   65536
   47 #define BACKUP_HDR_HIDDEN_OFFSET_END    65536
   48 #define BACKUP_HDR_OFFSET_END   131072
   49 #define SALT_LEN        64
   50 #define VOL_RSVD_BYTES_START    (256*512) /* Reserved bytes at vol. start */
   51 #define VOL_RSVD_BYTES_END  (256*512) /* Reserved bytes at vol. end */
   52 #define MIN_VOL_BYTES       (VOL_RSVD_BYTES_START + VOL_RSVD_BYTES_END)
   53 
   54 #define MAX_CIPHER_CHAINS   64
   55 #define DEFAULT_RETRIES     3
   56 #define ERASE_BUFFER_SIZE   4*1024*1024 /* 4 MB */
   57 
   58 /* TrueCrypt Volume flags */
   59 #define TC_VOLFLAG_SYSTEM   0x01    /* system encryption */
   60 #define TC_VOLFLAG_INPLACE  0x02    /* non-system in-place-encrypted volume */
   61 
   62 #define TC_VOLFLAG_SET(f, x)    ((f & TC_VOLFLAG_##x) == TC_VOLFLAG_##x)
   63 
   64 #define LOG_BUFFER_SZ       1024
   65 #if 0
   66 #define DEBUG 1
   67 #endif
   68 
   69 #define TC_FLAG_SYS     0x0001
   70 #define TC_FLAG_FDE     0x0002
   71 #define TC_FLAG_BACKUP      0x0004
   72 #define TC_FLAG_ONLY_RESTORE    0x0008
   73 #define TC_FLAG_ALLOW_TRIM  0x0010
   74 #define TC_FLAG_SAVE_TO_FILE    0x0020
   75 #define TC_FLAG_HDR_FROM_FILE   0x0040
   76 #define TC_FLAG_H_HDR_FROM_FILE 0x0080
   77 
   78 #define TC_FLAG_SET(f, x)   ((f & TC_FLAG_##x) == TC_FLAG_##x)
   79 
   80 #include <limits.h>
   81 #include <inttypes.h>
   82 
   83 #if defined(__DragonFly__)
   84 #include <uuid.h>
   85 #elif defined(__linux__)
   86 #include <uuid/uuid.h>
   87 #endif
   88 
   89 
   90 typedef uint64_t disksz_t;
   91 #define DISKSZ_FMT PRIu64
   92 
   93 
   94 struct pbkdf_prf_algo {
   95     const char *name;
   96     const char *algo;
   97     int iteration_count;
   98     const char *sig;
   99     int sys;
  100 };
  101 
  102 #define DEFAULT_PRF_ALGO_IDX    6
  103 
  104 struct tc_crypto_algo {
  105     const char *name;
  106     const char *dm_crypt_str;
  107     int klen;
  108     int ivlen;
  109 };
  110 
  111 struct tc_cipher_chain {
  112     struct tc_crypto_algo *cipher;
  113     unsigned char *key;
  114     char dm_key[MAX_KEYSZ*2 + 1];
  115 
  116     struct tc_cipher_chain *prev;
  117     struct tc_cipher_chain *next;
  118 };
  119 
  120 struct tchdr_enc {
  121     unsigned char salt[SALT_LEN];   /* Salt for PBKDF */
  122     unsigned char enc[448];     /* Encrypted part of the header */
  123 } __attribute__((__packed__));
  124 
  125 struct tchdr_dec {
  126     char        tc_str[4];  /* ASCII string "TRUE" */
  127     uint16_t    tc_ver;     /* Volume header format version */
  128     uint16_t    tc_min_ver;
  129     uint32_t    crc_keys;   /* CRC32 of the key section */
  130     uint64_t    vol_ctime;  /* Volume creation time */
  131     uint64_t    hdr_ctime;  /* Header creation time */
  132     uint64_t    sz_hidvol;  /* Size of hidden volume (set to zero
  133                        in non-hidden volumes) */
  134     uint64_t    sz_vol;     /* Size of volume */
  135     uint64_t    off_mk_scope;   /* Byte offset of the start of the
  136                        master key scope */
  137     uint64_t    sz_mk_scope;    /* Size of the encrypted area within
  138                        the master key scope */
  139     uint32_t    flags;      /* Flag bits
  140                        (bit 0: system encryption;
  141                        bit 1: non-system in-place-encrypted volume;
  142                        bits 2–31 are reserved) */
  143     uint32_t    sec_sz;     /* Sector size (in bytes) */
  144     unsigned char   unused3[120];
  145     uint32_t    crc_dhdr;   /* CRC32 of dec. header (except keys) */
  146     unsigned char   keys[256];
  147 } __attribute__((__packed__));
  148 
  149 struct tcplay_info {
  150     char dev[PATH_MAX];
  151     struct tchdr_dec *hdr;
  152     struct tc_cipher_chain *cipher_chain;
  153     struct pbkdf_prf_algo *pbkdf_prf;
  154     char key[MAX_KEYSZ*2 + 1];
  155 
  156     int flags;
  157     int volflags;
  158 
  159     uint32_t blk_sz;
  160 
  161     off_t start;    /* Logical volume offset in table (in blk_sz blocks) */
  162     disksz_t size;  /* Volume size (in blk_sz blocks) */
  163 
  164     off_t skip; /* IV offset (in blk_sz blocks) */
  165     off_t offset;   /* Block offset (in blk_sz blocks) */
  166 
  167     /* Populated by dm_setup */
  168     uuid_t uuid;
  169 
  170     int hidden;
  171 };
  172 
  173 #define INFO_TO_DM_BLOCKS(info, memb) \
  174     (((info)->memb * (uint64_t)((info)->blk_sz))/512)
  175 
  176 struct tcplay_dm_table {
  177     char device[PATH_MAX];  /* Underlying device */
  178     char target[256];   /* DM Target type */
  179     off_t start;        /* Logical volume offset in table */
  180     disksz_t size;      /* Volume size */
  181 
  182     char cipher[256];   /* Cipher */
  183     off_t skip;     /* IV offset */
  184     off_t offset;       /* Block offset */
  185 };
  186 
  187 
  188 typedef int (*tc_state_change_fn)(void *, const char *, int);
  189 
  190 struct tcplay_opts {
  191     /* (Mostly) common options */
  192     const char  *dev;
  193     const char  *keyfiles[MAX_KEYFILES];
  194     int     nkeyfiles;
  195     const char  *h_keyfiles[MAX_KEYFILES];
  196     int     n_hkeyfiles;
  197     struct pbkdf_prf_algo   *prf_algo;
  198     struct tc_cipher_chain  *cipher_chain;
  199     struct pbkdf_prf_algo   *h_prf_algo;
  200     struct tc_cipher_chain  *h_cipher_chain;
  201     const char  *passphrase;
  202     const char  *h_passphrase;
  203     int     interactive;
  204     int     weak_keys_and_salt;
  205 
  206     /* Options for create */
  207     int     hidden;
  208     disksz_t    hidden_size_bytes;
  209     int     secure_erase; /* XXX: default to 1! */
  210 
  211     /* Options for map, info_mapped */
  212     const char  *map_name;
  213 
  214     /* Options for info, map, modify */
  215     int     flags;
  216     const char  *sys_dev;
  217     int     protect_hidden;
  218     int     retries;    /* XXX: default to DEFAULT_RETRIES */
  219     time_t      timeout;
  220     int     prompt_passphrase;
  221 
  222     const char  *hdr_file_in;
  223     const char  *h_hdr_file_in;
  224 
  225     /* Options for modify only */
  226     struct pbkdf_prf_algo   *new_prf_algo;
  227     const char  *new_passphrase;
  228     const char  *hdr_file_out;
  229     const char  *new_keyfiles[MAX_KEYFILES];
  230     int     n_newkeyfiles;
  231 
  232     void        *api_ctx;
  233     tc_state_change_fn  state_change_fn;
  234 };
  235 
  236 
  237 struct tcplay_opts *opts_init(void);
  238 int opts_add_keyfile(struct tcplay_opts *opts, const char *keyfile);
  239 int opts_add_keyfile_hidden(struct tcplay_opts *opts, const char *keyfile);
  240 int opts_add_keyfile_new(struct tcplay_opts *opts, const char *keyfile);
  241 void opts_free(struct tcplay_opts *opts);
  242 void opts_clear_keyfile(struct tcplay_opts *opts);
  243 void opts_clear_keyfile_hidden(struct tcplay_opts *opts);
  244 void opts_clear_keyfile_new(struct tcplay_opts *opts);
  245 
  246 void *read_to_safe_mem(const char *file, off_t offset, size_t *sz);
  247 int get_random(unsigned char *buf, size_t len, int weak);
  248 int secure_erase(const char *dev, disksz_t bytes, size_t blksz);
  249 int get_disk_info(const char *dev, disksz_t *blocks, size_t *bsize);
  250 int write_to_disk(const char *dev, off_t offset, size_t blksz, void *mem,
  251     size_t bytes);
  252 int write_to_file(const char *file, void *mem, size_t bytes);
  253 int read_passphrase(const char *prompt, char *pass, size_t passlen,
  254     size_t bufsz, time_t timeout);
  255 float get_random_read_progress(void);
  256 float get_secure_erase_progress(void);
  257 
  258 
  259 int tc_crypto_init(void);
  260 int tc_cipher_chain_populate_keys(struct tc_cipher_chain *cipher_chain,
  261     unsigned char *key);
  262 int tc_cipher_chain_free_keys(struct tc_cipher_chain *cipher_chain);
  263 int tc_encrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
  264     unsigned char *iv,
  265     unsigned char *in, int in_len, unsigned char *out);
  266 int tc_decrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
  267     unsigned char *iv,
  268     unsigned char *in, int in_len, unsigned char *out);
  269 
  270 /* The following two are platform dependent */
  271 int syscrypt(struct tc_crypto_algo *cipher, unsigned char *key, size_t klen,
  272     unsigned char *iv, unsigned char *in, unsigned char *out, size_t len,
  273     int do_encrypt);
  274 int pbkdf2(struct pbkdf_prf_algo *hash, const char *pass, int passlen,
  275     const unsigned char *salt, int saltlen,
  276     int keylen, unsigned char *out);
  277 
  278 int apply_keyfiles(unsigned char *pass, size_t pass_memsz, const char *keyfiles[],
  279     int nkeyfiles);
  280 
  281 struct tchdr_enc *create_hdr(unsigned char *pass, int passlen,
  282     struct pbkdf_prf_algo *prf_algo, struct tc_cipher_chain *cipher_chain,
  283     size_t sec_sz, disksz_t total_blocks,
  284     off_t offset, disksz_t blocks, int hidden, int weak,
  285     struct tchdr_enc **backup_hdr);
  286 struct tchdr_dec *decrypt_hdr(struct tchdr_enc *ehdr,
  287     struct tc_cipher_chain *cipher_chain, unsigned char *key);
  288 int verify_hdr(struct tchdr_dec *hdr, struct pbkdf_prf_algo *prf_algo);
  289 struct tchdr_enc *copy_reencrypt_hdr(unsigned char *pass, int passlen,
  290     struct pbkdf_prf_algo *prf_algo, int weak, struct tcplay_info *info,
  291     struct tchdr_enc **backup_hdr);
  292 
  293 void *_alloc_safe_mem(size_t req_sz, const char *file, int line);
  294 void *_strdup_safe_mem(const char *in, const char *file, int line);
  295 void _free_safe_mem(void *mem, const char *file, int line);
  296 void check_and_purge_safe_mem(void);
  297 
  298 struct tc_crypto_algo *check_cipher(const char *cipher, int quiet);
  299 struct tc_cipher_chain *check_cipher_chain(const char *cipher_chain, int quiet);
  300 struct pbkdf_prf_algo *check_prf_algo(const char *algo, int sys, int quiet);
  301 
  302 int tc_play_init(void);
  303 void tc_log(int err, const char *fmt, ...);
  304 int tc_cipher_chain_klen(struct tc_cipher_chain *chain);
  305 int tc_cipher_chain_length(struct tc_cipher_chain *chain);
  306 char *tc_cipher_chain_sprint(char *buf, size_t bufsz,
  307     struct tc_cipher_chain *chain);
  308 int free_info(struct tcplay_info *info);
  309 void print_info(struct tcplay_info *info);
  310 int adjust_info(struct tcplay_info *info, struct tcplay_info *hinfo);
  311 int process_hdr(const char *dev, int flags, unsigned char *pass, int passlen,
  312     struct tchdr_enc *ehdr, struct tcplay_info **pinfo);
  313 int create_volume(struct tcplay_opts *opts);
  314 struct tcplay_info *info_map_common(struct tcplay_opts *opts,
  315     char *passphrase_out);
  316 int info_mapped_volume(struct tcplay_opts *opts);
  317 int info_volume(struct tcplay_opts *opts);
  318 int map_volume(struct tcplay_opts *opts);
  319 int modify_volume(struct tcplay_opts *opts);
  320 int dm_setup(const char *mapname, struct tcplay_info *info);
  321 int dm_teardown(const char *mapname, const char *device);
  322 struct tcplay_info *dm_info_map(const char *map_name);
  323 
  324 typedef void(*summary_fn_t)(void);
  325 
  326 extern int tc_internal_verbose;
  327 extern char tc_internal_log_buffer[];
  328 extern summary_fn_t summary_fn;
  329 extern struct pbkdf_prf_algo pbkdf_prf_algos[];
  330 extern struct tc_cipher_chain *tc_cipher_chains[MAX_CIPHER_CHAINS];
  331 
  332 #define STATE_UNKNOWN       0
  333 #define STATE_GET_RANDOM    1
  334 #define STATE_ERASE     2
  335 
  336 extern int tc_internal_state;
  337 #ifndef __DECONST
  338 #define __DECONST(type, var)    ((type)(uintptr_t)(const void *)(var))
  339 #endif
  340 
  341 #define alloc_safe_mem(x) \
  342     _alloc_safe_mem(x, __FILE__, __LINE__)
  343 
  344 #define strdup_safe_mem(x) \
  345     _strdup_safe_mem(x, __FILE__, __LINE__)
  346 
  347 #define free_safe_mem(x) \
  348     _free_safe_mem(__DECONST(void *, x), __FILE__, __LINE__)
  349 
  350 #define __unused       __attribute__((__unused__))
  351 
  352 #endif