static int _open_plain( const char * device,const char * mapper,const char * mode,const char * pass,size_t pass_size ) { int flags ; struct crypt_device * cd ; struct crypt_params_plain params ; memset( ¶ms,'\0',sizeof( struct crypt_params_plain ) ) ; params.hash = "ripemd160"; params.skip = 0; params.offset = 0; if( zuluCryptPathIsNotValid( device ) ){ return 3 ; } if( StringHasComponent( mode,"ro" ) ){ flags = 1 ; }else{ flags = 0 ; } if( crypt_init( &cd,device ) != 0 ){ return 2 ; } if( crypt_format( cd,CRYPT_PLAIN,"aes","cbc-essiv:sha256",NULL,NULL,32,¶ms ) != 0 ){ return zuluExit( 2,cd ) ; } if( crypt_activate_by_passphrase( cd,mapper,CRYPT_ANY_SLOT,pass,pass_size,flags ) < 0 ){ return zuluExit( 2,cd ) ; }else{ return zuluExit( 0,cd ) ; } }
static int _open_plain( const char * device,const open_struct_t * opt ) { uint32_t flags ; struct crypt_device * cd ; struct crypt_params_plain params ; memset( ¶ms,'\0',sizeof( struct crypt_params_plain ) ) ; params.hash = "ripemd160" ; if( zuluCryptPathIsNotValid( device ) ){ return 3 ; } if( crypt_init( &cd,device ) != 0 ){ return 2 ; } params.offset = _offset( opt->offset ) ; if( StringHasComponent( opt->m_opts,"ro" ) ){ flags = CRYPT_ACTIVATE_READONLY ; }else{ flags = CRYPT_ACTIVATE_ALLOW_DISCARDS ; } if( crypt_format( cd,CRYPT_PLAIN,"aes","cbc-essiv:sha256",NULL,NULL,32,¶ms ) != 0 ){ return zuluExit( 2,cd ) ; } if( crypt_activate_by_passphrase( cd,opt->mapper_name,CRYPT_ANY_SLOT, opt->key,opt->key_len,flags ) < 0 ){ return zuluExit( 2,cd ) ; }else{ return zuluExit( 0,cd ) ; } }
static int _create_volume( const char * dev,const char * fs,const char * type,const char * pass,size_t pass_size,const char * rng ) { size_t len ; int status ; string_t m = StringVoid ; const char * device_mapper ; const char * mapper ; if ( zuluCryptPathIsNotValid( dev ) ){ return 1 ; } m = String( crypt_get_dir() ) ; len = StringLength( m ) ; StringAppend( m,"/zuluCrypt-" ) ; device_mapper = StringAppendInt( m,syscall( SYS_gettid ) ) ; mapper = device_mapper + len + 1 ; if( StringsAreEqual( type,"luks" ) ){ if( StringsAreNotEqual( rng,"/dev/random" ) ){ if( StringsAreNotEqual( rng,"/dev/urandom" ) ){ return zuluExit( 2,m ) ; } } if( zuluCryptCreateLuks( dev,pass,pass_size,rng ) != 0 ){ return zuluExit( 3,m ) ; } if( zuluCryptOpenLuks( dev,mapper,"rw",pass,pass_size ) != 0 ){ return zuluExit( 3,m ) ; } }else if( StringsAreEqual( type,"plain") ){ if( zuluCryptOpenPlain( dev,mapper,"rw",pass,pass_size ) != 0 ){ return zuluExit( 3,m ) ; } }else{ return zuluExit( 2,m ) ; } status = zuluCryptCreateFileSystemInAVolume( fs,device_mapper ) ; /* * zuluCryptCloseMapper() is defined in close_mapper.c */ zuluCryptCloseMapper( device_mapper ); if( status == 0 ){ return zuluExit( 0,m ) ; }else{ return zuluExit( 3,m ) ; } }
static int _open_plain( const char * device,const resolve_path_t * opts ) { uint32_t flags ; struct crypt_device * cd ; struct crypt_params_plain params ; size_t size ; /* * open_struct_t is defined in includes.h */ const open_struct_t * opt = opts->args ; const args * e = opt->variables ; memset( ¶ms,'\0',sizeof( struct crypt_params_plain ) ) ; params.hash = e->hash ; if( zuluCryptPathIsNotValid( device ) ){ return 3 ; } if( crypt_init( &cd,device ) != 0 ){ return 2 ; } params.offset = _offset( e->offset ) ; if( opts->open_mode == O_RDONLY ){ flags = CRYPT_ACTIVATE_READONLY ; }else{ flags = CRYPT_ACTIVATE_ALLOW_DISCARDS ; } size = ( size_t ) StringConvertToInt( e->keySize ) / 8 ; if( crypt_format( cd,CRYPT_PLAIN,e->algo,e->cipher,NULL,NULL,size,¶ms ) != 0 ){ return zuluExit( 2,cd ) ; } if( crypt_activate_by_passphrase( cd,opt->mapper_name,CRYPT_ANY_SLOT, opt->key,opt->key_len,flags ) < 0 ){ return zuluExit( 2,cd ) ; }else{ return zuluExit( 0,cd ) ; } }
static int _open_luks_2( const char * device,const resolve_path_t * opt ) { struct crypt_device * cd ; uint32_t flags ; int st ; /* * open_struct_t is defined in includes.h */ const open_struct_t * opts = opt->args ; if( zuluCryptPathIsNotValid( device ) ){ return 3 ; } if( crypt_init( &cd,device ) != 0 ){ return 2 ; } if( crypt_load( cd,NULL,NULL ) != 0 ){ return zuluExit( 2,cd ) ; } if( opt->open_mode == O_RDONLY ){ flags = CRYPT_ACTIVATE_READONLY ; }else{ flags = CRYPT_ACTIVATE_ALLOW_DISCARDS ; } st = crypt_activate_by_passphrase( cd,opts->mapper_name,CRYPT_ANY_SLOT, opts->key,opts->key_len,flags ) ; if( st >= 0 ){ return zuluExit( 0,cd ) ; }else if( st == -1 ){ return zuluExit( 1,cd ) ; }else{ return zuluExit( 2,cd ) ; } }
static int crypt_opt( const struct_opts * opts,uid_t uid,int opt ) { string_t q = StringVoid ; string_t p = StringVoid ; int st ; const char * source = opts->device ; const char * dest = opts->m_opts ; const char * passphrase = opts->key ; const char * type = opts->key_source ; return zuluExit( 16 ) ; if( dest == NULL ){ return zuluExit( 9 ) ; } if( source == NULL ){ return zuluExit( 14 ) ; } /* * zuluCryptPathStartsWith() is defined in real_path.c */ if( zuluCryptPathStartsWith( dest,"/dev/" ) ){ return zuluExit( 10 ) ; } if( zuluCryptPathStartsWith( source,"/dev/" ) ){ return zuluExit( 15 ) ; } /* * zuluCryptPathIsValid() is defined in ../lib/is_path_valid.c */ if( zuluCryptPathIsValid( dest ) ){ return zuluExit( 5 ) ; } /* * zuluCryptPathIsNotValid() is defined in ../lib/is_path_valid.c */ if( zuluCryptPathIsNotValid( source ) ){ return zuluExit( 6 ) ; } /* * below two functions are defined in path_access.c */ if( zuluCryptCanOpenPathForWriting( dest,uid ) == 1 ){ return zuluExit( 10 ) ; } if( zuluCryptCanOpenPathForReading( source,uid ) == 1 ){ return zuluExit( 15 ) ; } if( type == NULL ){ printf( gettext( "Enter passphrase: " ) ) ; /* * ZULUCRYPT_KEY_MAX_SIZE is set in ../constants.h */ switch( StringSilentlyGetFromTerminal_1( &p,ZULUCRYPT_KEY_MAX_SIZE ) ){ case 1 : return zuluExit( 12 ) ; case 2 : return zuluExit( 13 ) ; } printf( gettext( "\nRe enter passphrase: " ) ) ; switch( StringSilentlyGetFromTerminal_1( &q,ZULUCRYPT_KEY_MAX_SIZE ) ){ case 1 : StringClearDelete( &p ) ; return zuluExit( 12 ) ; case 2 : StringClearDelete( &p ) ; return zuluExit( 13 ) ; } printf( "\n" ) ; if( !StringEqualString( p,q ) ){ StringClearDelete( &p ) ; StringClearDelete( &q ) ; return zuluExit( 8 ) ; }else{ StringDelete( &q ) ; } }else{ if( type == NULL ){ return zuluExit( 9 ) ; } if( StringsAreEqual( type,"-p" ) ){ p = String( passphrase ) ; }else if( StringsAreEqual( type,"-f" ) ){ p = StringGetFromFile( passphrase ) ; if( p == NULL ){ return zuluExit( 2 ) ; } }else{ return zuluExit( 3 ) ; } } if( opt == ENCRYPT ){ /* * zuluCryptEncryptFile() is defined in ./crypt_file.c */ st = zuluCryptEncryptFile( source,dest,StringContent( p ),StringLength( p ) ) ; }else{ /* * zuluCryptDecryptFile() is defined in ./crypt_file.c */ st = zuluCryptDecryptFile( source,dest,StringContent( p ),StringLength( p ) ) ; } StringClearDelete( &p ) ; switch( st ){ case 1 : return zuluExit( 4 ) ; case 2 : return zuluExit( 11 ) ; } chmod( dest,S_IRUSR | S_IWUSR ) ; chown( dest,uid,uid ) ; if( opt == 1 ){ return zuluExit( 1 ) ; }else{ return zuluExit( 0 ) ; } }
int zuluCryptOpenVolume( const char * dev,const char * mapper, const char * m_point,uid_t id,unsigned long m_opts, const char * fs_opts,const char * pass,size_t pass_size ) { int h ; string_t p = StringVoid ; string_t q = StringVoid ; int lmode ; int fd ; const char * mode ; const char * mapper_1 ; /* * zuluCryptPathIsNotValid() is defined in is_path_valid.c */ if( zuluCryptPathIsNotValid( dev ) ){ return 3 ; } /* * zuluCryptMapperPrefix() is defined in create_mapper_name.c */ p = String( zuluCryptMapperPrefix() ) ; mapper_1 = StringMultipleAppend( p,"/",mapper,END ) ; /* * zuluCryptPathIsValid() is defined in is_path_valid.c */ if( zuluCryptPathIsValid( mapper_1 ) ){ return zuluExit( 2,p ) ; } if( m_opts & MS_RDONLY ){ lmode = O_RDONLY ; mode = "ro" ; }else{ lmode = O_RDWR ; mode = "rw" ; } if( StringPrefixMatch( dev,"/dev/",5 ) ){ h = _open_mapper( dev,mapper,mode,pass,pass_size ) ; }else{ /* * zuluCryptAttachLoopDeviceToFile() is defined in create_loop_device.c */ if( zuluCryptAttachLoopDeviceToFile( dev,lmode,&fd,&q ) ){ dev = StringContent( q ) ; h = _open_mapper( dev,mapper,mode,pass,pass_size ) ; close( fd ) ; StringDelete( &q ) ; }else{ h = 1 ; } } switch( h ){ case 1 : return zuluExit( 4,p ) ; case 2 : return zuluExit( 8,p ) ; case 3 : return zuluExit( 3,p ) ; } if( m_point != NULL ){ /* * zuluCryptMountVolume() is defined in mount_volume.c */ h = zuluCryptMountVolume( mapper_1,m_point,m_opts,fs_opts,id ) ; if( h != 0 ){ /* * zuluCryptCloseMapper() is defined in close_mapper.c */ if( zuluCryptCloseMapper( mapper_1 ) != 0 ){ h = 15 ; } } } return zuluExit( h,p ) ; }
static int _create_tcrypt_volume( const char * device,const char * file_system, const char * rng,const char * key,size_t key_len, int key_source,u_int64_t hidden_volume_size, const char * file_system_h,const char * key_h,size_t key_len_h,int key_source_h ) { string_t st = StringVoid ; string_t xt = StringVoid ; tcrypt_t info ; int r = 3 ; if( zuluCryptPathIsNotValid( device ) ){ return 1 ; } memset( &info,'\0',sizeof( tcrypt_t ) ) ; info.device = device ; info.key_source = key_source ; info.key_source_h = key_source_h ; info.hidden_volume_size = hidden_volume_size ; if( StringPrefixMatch( rng,"/dev/urandom",12 ) ){ info.weak_keys_and_salt = 1 ; } if( info.key_source == TCRYPT_PASSPHRASE ){ info.key = key ; info.key_source_1 = "passphrase" ; }else{ /* * zuluCryptCreateKeyFile() is defined in open_tcrypt.c */ st = zuluCryptCreateKeyFile( key,key_len,"create_tcrypt-1-" ) ; info.key = StringContent( st ) ; info.key_source = TCRYPT_KEYFILE_FILE ; info.key_source_1 = "keyfiles" ; } if( info.hidden_volume_size > 0 ){ if( info.key_source_h == TCRYPT_PASSPHRASE ){ info.key_h = key_h ; info.key_source_h_1 = "h_passphrase" ; }else{ xt = zuluCryptCreateKeyFile( key_h,key_len_h,"create_tcrypt-2-" ) ; info.key_h = StringContent( xt ) ; info.key_source_h = TCRYPT_KEYFILE_FILE ; info.key_source_h_1 = "h_keyfiles" ; } } if( _create_volume( &info ) == TC_OK ){ r = _create_file_system( device,file_system,info.key_source,info.key,key_len,TCRYPT_NORMAL ) ; if( info.hidden_volume_size > 0 && r == 0 ){ r = _create_file_system( device,file_system_h,info.key_source_h,info.key_h,key_len_h,TCRYPT_HIDDEN ) ; } } /* * zuluCryptDeleteFile() is defined in file_path_security.c */ if( st != StringVoid ){ zuluCryptDeleteFile( StringContent( st ) ) ; StringDelete( &st ) ; } if( xt != StringVoid ){ zuluCryptDeleteFile( StringContent( xt ) ) ; StringDelete( &xt ) ; } return r ; }