int main(int argc, char *argv[])
{
char buf[1024];
uint64_t n, out;
int err;
if (argc < 3)
return -1;
n = strtoull(argv[1], NULL, 10);
err = _humanize_number(buf, 1024, n);
assert(err == 0);
err = _dehumanize_number(buf, &out);
assert(err == 0);
printf("Converting: %"PRIu64" => %s => %"PRIu64"\n", n, buf, out);
err = _dehumanize_number(argv[2], &out);
assert (err == 0);
printf("Converting: %s => %"PRIu64"\n", argv[2], out);
return 0;
}
int
create_volume(struct tcplay_opts *opts)
{
char *pass, *pass_again;
char *h_pass = NULL;
char buf[1024];
disksz_t blocks, hidden_blocks = 0;
size_t blksz;
struct tchdr_enc *ehdr, *hehdr;
struct tchdr_enc *ehdr_backup, *hehdr_backup;
uint64_t tmp;
int error, r, ret;
pass = h_pass = pass_again = NULL;
ehdr = hehdr = NULL;
ehdr_backup = hehdr_backup = NULL;
ret = -1; /* Default to returning error */
if (opts->cipher_chain == NULL)
opts->cipher_chain = tc_cipher_chains[0];
if (opts->prf_algo == NULL)
opts->prf_algo = &pbkdf_prf_algos[0];
if (opts->h_cipher_chain == NULL)
opts->h_cipher_chain = opts->cipher_chain;
if (opts->h_prf_algo == NULL)
opts->h_prf_algo = opts->prf_algo;
if ((error = get_disk_info(opts->dev, &blocks, &blksz)) != 0) {
tc_log(1, "could not get disk info\n");
return -1;
}
if ((blocks*blksz) <= MIN_VOL_BYTES) {
tc_log(1, "Cannot create volumes on devices with less "
"than %d bytes\n", MIN_VOL_BYTES);
return -1;
}
if (opts->interactive) {
if (((pass = alloc_safe_mem(PASS_BUFSZ)) == NULL) ||
((pass_again = alloc_safe_mem(PASS_BUFSZ)) == NULL)) {
tc_log(1, "could not allocate safe passphrase memory\n");
goto out;
}
if ((error = read_passphrase("Passphrase: ", pass, MAX_PASSSZ,
PASS_BUFSZ, 0) ||
(read_passphrase("Repeat passphrase: ", pass_again,
MAX_PASSSZ, PASS_BUFSZ, 0)))) {
tc_log(1, "could not read passphrase\n");
goto out;
}
if (strcmp(pass, pass_again) != 0) {
tc_log(1, "Passphrases don't match\n");
goto out;
}
free_safe_mem(pass_again);
pass_again = NULL;
} else {
/* In batch mode, use provided passphrase */
if ((pass = alloc_safe_mem(PASS_BUFSZ)) == NULL) {
tc_log(1, "could not allocate safe "
"passphrase memory");
goto out;
}
if (opts->passphrase != NULL) {
strncpy(pass, opts->passphrase, MAX_PASSSZ);
pass[MAX_PASSSZ] = '\0';
}
}
if (opts->nkeyfiles > 0) {
/* Apply keyfiles to 'pass' */
if ((error = apply_keyfiles((unsigned char *)pass, PASS_BUFSZ,
opts->keyfiles, opts->nkeyfiles))) {
tc_log(1, "could not apply keyfiles\n");
goto out;
}
}
if (opts->hidden) {
if (opts->interactive) {
if (((h_pass = alloc_safe_mem(PASS_BUFSZ)) == NULL) ||
((pass_again = alloc_safe_mem(PASS_BUFSZ)) == NULL)) {
tc_log(1, "could not allocate safe "
"passphrase memory\n");
goto out;
}
if ((error = read_passphrase("Passphrase for hidden volume: ",
h_pass, MAX_PASSSZ, PASS_BUFSZ, 0) ||
(read_passphrase("Repeat passphrase: ", pass_again,
MAX_PASSSZ, PASS_BUFSZ, 0)))) {
tc_log(1, "could not read passphrase\n");
goto out;
}
if (strcmp(h_pass, pass_again) != 0) {
tc_log(1, "Passphrases for hidden volume don't "
"match\n");
goto out;
}
free_safe_mem(pass_again);
pass_again = NULL;
} else {
/* In batch mode, use provided passphrase */
if ((h_pass = alloc_safe_mem(PASS_BUFSZ)) == NULL) {
tc_log(1, "could not allocate safe "
"passphrase memory");
goto out;
}
if (opts->h_passphrase != NULL) {
strncpy(h_pass, opts->h_passphrase, MAX_PASSSZ);
h_pass[MAX_PASSSZ] = '\0';
}
}
if (opts->n_hkeyfiles > 0) {
/* Apply keyfiles to 'h_pass' */
if ((error = apply_keyfiles((unsigned char *)h_pass,
PASS_BUFSZ, opts->h_keyfiles, opts->n_hkeyfiles))) {
tc_log(1, "could not apply keyfiles\n");
goto out;
}
}
if (opts->interactive) {
hidden_blocks = 0;
} else {
hidden_blocks = opts->hidden_size_bytes/blksz;
if (hidden_blocks == 0) {
tc_log(1, "hidden_blocks to create volume "
"cannot be zero!\n");
goto out;
}
if (opts->hidden_size_bytes >=
(blocks*blksz) - MIN_VOL_BYTES) {
tc_log(1, "Hidden volume needs to be "
"smaller than the outer volume\n");
goto out;
}
}
/* This only happens in interactive mode */
while (hidden_blocks == 0) {
if ((r = _humanize_number(buf, sizeof(buf),
(uint64_t)(blocks * blksz))) < 0) {
sprintf(buf, "%"DISKSZ_FMT" bytes", (blocks * blksz));
}
printf("The total volume size of %s is %s (bytes)\n", opts->dev, buf);
memset(buf, 0, sizeof(buf));
printf("Size of hidden volume (e.g. 127M): ");
fflush(stdout);
if ((fgets(buf, sizeof(buf), stdin)) == NULL) {
tc_log(1, "Could not read from stdin\n");
goto out;
}
/* get rid of trailing newline */
buf[strlen(buf)-1] = '\0';
if ((error = _dehumanize_number(buf,
&tmp)) != 0) {
tc_log(1, "Could not interpret input: %s\n", buf);
continue;
}
if (tmp >= (blocks*blksz) - MIN_VOL_BYTES) {
tc_log(1, "Hidden volume needs to be "
"smaller than the outer volume\n");
hidden_blocks = 0;
continue;
}
hidden_blocks = (size_t)tmp;
hidden_blocks /= blksz;
}
}
if (opts->interactive) {
/* Show summary and ask for confirmation */
printf("Summary of actions:\n");
if (opts->secure_erase)
printf(" - Completely erase *EVERYTHING* on %s\n", opts->dev);
printf(" - Create %svolume on %s\n", opts->hidden?("outer "):"", opts->dev);
if (opts->hidden) {
printf(" - Create hidden volume of %"DISKSZ_FMT" bytes at end of "
"outer volume\n",
hidden_blocks * blksz);
}
printf("\n Are you sure you want to proceed? (y/n) ");
fflush(stdout);
if ((fgets(buf, sizeof(buf), stdin)) == NULL) {
tc_log(1, "Could not read from stdin\n");
goto out;
}
if ((buf[0] != 'y') && (buf[0] != 'Y')) {
tc_log(1, "User cancelled action(s)\n");
goto out;
}
}
/* erase volume */
if (opts->secure_erase) {
tc_log(0, "Securely erasing the volume...\nThis process may take "
"some time depending on the size of the volume\n");
if (opts->state_change_fn)
opts->state_change_fn(opts->api_ctx, "secure_erase", 1);
if ((error = secure_erase(opts->dev, blocks * blksz, blksz)) != 0) {
tc_log(1, "could not securely erase device %s\n", opts->dev);
goto out;
}
if (opts->state_change_fn)
opts->state_change_fn(opts->api_ctx, "secure_erase", 0);
}
tc_log(0, "Creating volume headers...\nDepending on your system, this "
"process may take a few minutes as it uses true random data which "
"might take a while to refill\n");
if (opts->weak_keys_and_salt) {
tc_log(0, "WARNING: Using a weak random generator to get "
"entropy for the key material. Odds are this is NOT "
"what you want.\n");
}
if (opts->state_change_fn)
opts->state_change_fn(opts->api_ctx, "create_header", 1);
/* create encrypted headers */
ehdr = create_hdr((unsigned char *)pass,
(opts->nkeyfiles > 0)?MAX_PASSSZ:strlen(pass),
opts->prf_algo, opts->cipher_chain, blksz, blocks, VOL_RSVD_BYTES_START/blksz,
blocks - (MIN_VOL_BYTES/blksz), 0, opts->weak_keys_and_salt, &ehdr_backup);
if (ehdr == NULL) {
tc_log(1, "Could not create header\n");
goto out;
}
if (opts->hidden) {
hehdr = create_hdr((unsigned char *)h_pass,
(opts->n_hkeyfiles > 0)?MAX_PASSSZ:strlen(h_pass), opts->h_prf_algo,
opts->h_cipher_chain,
blksz, blocks,
blocks - (VOL_RSVD_BYTES_END/blksz) - hidden_blocks,
hidden_blocks, 1, opts->weak_keys_and_salt, &hehdr_backup);
if (hehdr == NULL) {
tc_log(1, "Could not create hidden volume header\n");
goto out;
}
}
if (opts->state_change_fn)
opts->state_change_fn(opts->api_ctx, "create_header", 0);
tc_log(0, "Writing volume headers to disk...\n");
if ((error = write_to_disk(opts->dev, 0, blksz, ehdr, sizeof(*ehdr))) != 0) {
tc_log(1, "Could not write volume header to device\n");
goto out;
}
/* Write backup header; it's offset is relative to the end */
if ((error = write_to_disk(opts->dev, (blocks*blksz - BACKUP_HDR_OFFSET_END),
blksz, ehdr_backup, sizeof(*ehdr_backup))) != 0) {
tc_log(1, "Could not write backup volume header to device\n");
goto out;
}
if (opts->hidden) {
if ((error = write_to_disk(opts->dev, HDR_OFFSET_HIDDEN, blksz, hehdr,
sizeof(*hehdr))) != 0) {
tc_log(1, "Could not write hidden volume header to "
"device\n");
goto out;
}
/* Write backup hidden header; offset is relative to end */
if ((error = write_to_disk(opts->dev,
(blocks*blksz - BACKUP_HDR_HIDDEN_OFFSET_END), blksz,
hehdr_backup, sizeof(*hehdr_backup))) != 0) {
tc_log(1, "Could not write backup hidden volume "
"header to device\n");
goto out;
}
}
/* Everything went ok */
tc_log(0, "All done!\n");
ret = 0;
out:
if (pass)
free_safe_mem(pass);
if (h_pass)
free_safe_mem(h_pass);
if (pass_again)
free_safe_mem(pass_again);
if (ehdr)
free_safe_mem(ehdr);
if (hehdr)
free_safe_mem(hehdr);
if (ehdr_backup)
free_safe_mem(ehdr_backup);
if (hehdr_backup)
free_safe_mem(hehdr_backup);
return ret;
}
