--- /dev/null
+/* config.h. Generated from config.h.in by configure. */
+/* config.h.in. Generated from configure.in by autoheader. */
+
+/* Define if building universal (internal helper macro) */
+/* #undef AC_APPLE_UNIVERSAL_BUILD */
+
+/* cipher for LUKS1 */
+#define DEFAULT_LUKS1_CIPHER "aes"
+
+/* hash function for LUKS1 header */
+#define DEFAULT_LUKS1_HASH "sha1"
+
+/* key length in bits for LUKS1 */
+#define DEFAULT_LUKS1_KEYBITS 256
+
+/* cipher mode for LUKS1 */
+#define DEFAULT_LUKS1_MODE "cbc-essiv:sha256"
+
+/* cipher for plain mode */
+#define DEFAULT_PLAIN_CIPHER "aes"
+
+/* password hashing function for plain mode */
+#define DEFAULT_PLAIN_HASH "ripemd160"
+
+/* key length in bits for plain mode */
+#define DEFAULT_PLAIN_KEYBITS 256
+
+/* cipher mode for plain mode */
+#define DEFAULT_PLAIN_MODE "cbc-essiv:sha256"
+
+/* Define to 1 if translation of program messages to the user's native
+ language is requested. */
+//#define ENABLE_NLS 0
+
+/* Define to 1 if you have the MacOS X function CFLocaleCopyCurrent in the
+ CoreFoundation framework. */
+/* #undef HAVE_CFLOCALECOPYCURRENT */
+
+/* Define to 1 if you have the MacOS X function CFPreferencesCopyAppValue in
+ the CoreFoundation framework. */
+/* #undef HAVE_CFPREFERENCESCOPYAPPVALUE */
+
+/* Define to 1 if you have the <ctype.h> header file. */
+#define HAVE_CTYPE_H 1
+
+/* Define if the GNU dcgettext() function is already present or preinstalled.
+ */
+//#define HAVE_DCGETTEXT 0
+
+/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
+ */
+#define HAVE_DIRENT_H 1
+
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#define HAVE_DLFCN_H 1
+
+/* Define to 1 if you have the `dm_task_set_cookie' function. */
+#define HAVE_DM_TASK_SET_COOKIE 1
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#define HAVE_FCNTL_H 1
+
+/* Define if the GNU gettext() function is already present or preinstalled. */
+//#define HAVE_GETTEXT 0
+
+/* Define if you have the iconv() function. */
+/* #undef HAVE_ICONV */
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#define HAVE_INTTYPES_H 1
+
+/* Define to 1 if you have the `devmapper' library (-ldevmapper). */
+/* #undef HAVE_LIBDEVMAPPER */
+
+/* Define to 1 if you have the `popt' library (-lpopt). */
+//#define HAVE_LIBPOPT 0
+
+/* Define to 1 if you have the `selinux' library (-lselinux). */
+//#define HAVE_LIBSELINUX 0
+
+/* Define to 1 if you have the `sepol' library (-lsepol). */
+//#define HAVE_LIBSEPOL 0
+
+/* Define to 1 if you have the `uuid' library (-luuid). */
+#define HAVE_LIBUUID 1
+
+/* Define to 1 if you have the <locale.h> header file. */
+#define HAVE_LOCALE_H 1
+
+/* Define to 1 if you have the <malloc.h> header file. */
+#define HAVE_MALLOC_H 1
+
+/* Define to 1 if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
+/* #undef HAVE_NDIR_H */
+
+/* Define to 1 if you have the `posix_memalign' function. */
+#define HAVE_POSIX_MEMALIGN 1
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#define HAVE_STDINT_H 1
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if `st_rdev' is a member of `struct stat'. */
+#define HAVE_STRUCT_STAT_ST_RDEV 1
+
+/* Define to 1 if your `struct stat' has `st_rdev'. Deprecated, use
+ `HAVE_STRUCT_STAT_ST_RDEV' instead. */
+#define HAVE_ST_RDEV 1
+
+/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
+ */
+/* #undef HAVE_SYS_DIR_H */
+
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
+#define HAVE_SYS_IOCTL_H 1
+
+/* Define to 1 if you have the <sys/mman.h> header file. */
+#define HAVE_SYS_MMAN_H 1
+
+/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
+ */
+/* #undef HAVE_SYS_NDIR_H */
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to 1 if you have the <uuid/uuid.h> header file. */
+#define HAVE_UUID_UUID_H 1
+
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+ */
+#define LT_OBJDIR ".libs/"
+
+/* Define to 1 if your C compiler doesn't accept -c and -o together. */
+/* #undef NO_MINUS_C_MINUS_O */
+
+/* Name of package */
+#define PACKAGE "cryptsetup"
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT ""
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME "cryptsetup"
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING "cryptsetup 1.1.2"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "cryptsetup"
+
+/* Define to the home page for this package. */
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION "1.1.2"
+
+/* Define to 1 if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Enable extensions on AIX 3, Interix. */
+#ifndef _ALL_SOURCE
+# define _ALL_SOURCE 1
+#endif
+/* Enable GNU extensions on systems that have them. */
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE 1
+#endif
+/* Enable threading extensions on Solaris. */
+#ifndef _POSIX_PTHREAD_SEMANTICS
+# define _POSIX_PTHREAD_SEMANTICS 1
+#endif
+/* Enable extensions on HP NonStop. */
+#ifndef _TANDEM_SOURCE
+# define _TANDEM_SOURCE 1
+#endif
+/* Enable general extensions on Solaris. */
+#ifndef __EXTENSIONS__
+# define __EXTENSIONS__ 1
+#endif
+
+
+/* Try to use udev synchronisation? */
+#define USE_UDEV 1
+
+/* Version number of package */
+#define VERSION "1.1.2"
+
+/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
+ significant byte first (like Motorola and SPARC, unlike Intel). */
+#if defined AC_APPLE_UNIVERSAL_BUILD
+# if defined __BIG_ENDIAN__
+# define WORDS_BIGENDIAN 1
+# endif
+#else
+# ifndef WORDS_BIGENDIAN
+/* # undef WORDS_BIGENDIAN */
+# endif
+#endif
+
+/* Number of bits in a file offset, on hosts where this is settable. */
+/* #undef _FILE_OFFSET_BITS */
+
+/* Define for large files, on AIX-style hosts. */
+/* #undef _LARGE_FILES */
+
+/* Define to 1 if on MINIX. */
+/* #undef _MINIX */
+
+/* Define to 2 if the system does not provide POSIX.1 features except with
+ this defined. */
+/* #undef _POSIX_1_SOURCE */
+
+/* Define to 1 if you need to in order for `stat' and other things to work. */
+/* #undef _POSIX_SOURCE */
+
+/* Define to empty if `const' does not conform to ANSI C. */
+/* #undef const */
+
+/* Define to `long int' if <sys/types.h> does not define. */
+/* #undef off_t */
#include <string.h>
#include <stdlib.h>
#include <errno.h>
+#include <openssl/evp.h>
#include "libcryptsetup.h"
#include "internal.h"
-extern struct hash_backend hash_gcrypt_backend;
-
-static struct hash_backend *hash_backends[] = {
- &hash_gcrypt_backend,
- NULL
-};
-
-struct hash_backend *get_hash_backend(const char *name)
-{
- struct hash_backend **backend;
-
- for(backend = hash_backends; *backend; backend++)
- if (!name || strcmp(name, (*backend)->name) == 0)
- break;
-
- return *backend;
-}
-
-void put_hash_backend(struct hash_backend *backend)
+int init_crypto(void)
{
+ return 0;
}
int hash(const char *backend_name, const char *hash_name,
char *result, size_t size,
const char *passphrase, size_t sizep)
{
- struct hash_backend *backend;
- struct hash_type *hashes = NULL, *hash;
- char hash_name_buf[256], *s;
+ EVP_MD_CTX mdctx;
+ const EVP_MD *md;
size_t pad = 0;
int r = -ENOENT;
- if (strlen(hash_name) >= sizeof(hash_name_buf)) {
- set_error("hash name too long: %s", hash_name);
- return -ENAMETOOLONG;
- }
-
- if ((s = strchr(hash_name, ':'))) {
- size_t hlen;
- strcpy(hash_name_buf, hash_name);
- hash_name_buf[s-hash_name] = '\0';
- hash_name = hash_name_buf;
- hlen = atoi(++s);
- if (hlen > size) {
- set_error("requested hash length (%zd) > key length (%zd)", hlen, size);
- return -EINVAL;
- }
- pad = size-hlen;
- size = hlen;
- }
-
- backend = get_hash_backend(backend_name);
- if (!backend) {
- set_error("No hash backend found");
- return -ENOSYS;
- }
-
- hashes = backend->get_hashes();
- if (!hashes) {
- set_error("No hash functions available");
- goto out;
- }
-
- for(hash = hashes; hash->name; hash++)
- if (strcmp(hash->name, hash_name) == 0)
- break;
- if (!hash->name) {
+ OpenSSL_add_all_digests();
+ md = EVP_get_digestbyname(hash_name);
+ if (md == NULL) {
set_error("Unknown hash type %s", hash_name);
goto out;
}
- r = hash->fn(hash->private, size, result, sizep, passphrase);
- if (r < 0) {
- set_error("Error hashing passphrase");
- goto out;
+ if (EVP_MD_size(md) > size) {
+ set_error("requested hash length (%zd) > key length (%zd)", EVP_MD_size(md), size);
+ return -EINVAL;
}
+ pad = size - EVP_MD_size(md);
+
+ EVP_DigestInit(&mdctx, md);
+ EVP_DigestUpdate(&mdctx, passphrase, sizep);
+ EVP_DigestFinal(&mdctx, result, NULL);
+
if (pad) {
memset(result+size, 0, pad);
}
out:
- if (hashes)
- backend->free_hashes(hashes);
- put_hash_backend(backend);
-
return r;
}
+
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <stdio.h>
+#include <string.h>
#include <dirent.h>
#include <errno.h>
#include <libdevmapper.h>
#include <fcntl.h>
-#include <linux/fs.h>
-#include <uuid/uuid.h>
+#include <uuid.h>
#include "internal.h"
#include "luks.h"
/* Compatibility for old device-mapper without udev support */
#ifndef HAVE_DM_TASK_SET_COOKIE
#define CRYPT_TEMP_UDEV_FLAGS 0
-static int dm_task_set_cookie(struct dm_task *dmt, uint32_t *cookie, uint16_t flags) { return 0; }
-static int dm_udev_wait(uint32_t cookie) { return 0; };
#else
#define CRYPT_TEMP_UDEV_FLAGS DM_UDEV_DISABLE_SUBSYSTEM_RULES_FLAG | \
DM_UDEV_DISABLE_DISK_RULES_FLAG | \
if ((fd = open(dev, O_RDONLY)) < 0)
return 0;
- r = ioctl(fd, BLKRAGET, &read_ahead_long) ? 0 : 1;
+ r = 0;
+ //r = ioctl(fd, BLKRAGET, &read_ahead_long) ? 0 : 1;
close(fd);
if (r)
char *ptr, uuid2[UUID_LEN] = {0};
uuid_t uu;
int i = 0;
+ uint32_t ret;
/* Remove '-' chars */
- if (uuid && !uuid_parse(uuid, uu)) {
+ uuid_from_string(uuid, &uu, ret);
+ if (uuid && ret != uuid_s_ok) {
+ printf("crap happened in uuid_from_string(%s), err = %d\n", uuid, ret);
for (ptr = uuid2, i = 0; i < UUID_LEN; i++)
if (uuid[i] != '-') {
*ptr = uuid[i];
ptr++;
}
+ } else {
+ printf("went well in uuid_from_string(%s), err = %d\n", uuid, ret);
}
i = snprintf(buf, buflen, DM_UUID_PREFIX "%s%s%s%s%s",
#include <stddef.h>
#include <stdarg.h>
#include <errno.h>
-#include <linux/fs.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/types.h>
#include <termios.h>
#include <sys/mman.h>
#include <sys/resource.h>
+#include <cpu/param.h>
+#include <sys/diskslice.h>
#include "libcryptsetup.h"
#include "internal.h"
static int sector_size(int fd)
{
int bsize;
+ return DEV_BSIZE;
+#if 0
if (ioctl(fd,BLKSSZGET, &bsize) < 0)
return -EINVAL;
else
return bsize;
+#endif
}
int sector_size_for_device(const char *device)
int get_device_infos(const char *device, struct device_infos *infos, struct crypt_device *cd)
{
+ struct partinfo pinfo;
uint64_t size;
unsigned long size_small;
int readonly = 0;
return -1;
}
-#ifdef BLKROGET
- /* If the device can be opened read-write, i.e. readonly is still 0, then
- * check whether BKROGET says that it is read-only. E.g. read-only loop
- * devices may be openend read-write but are read-only according to BLKROGET
- */
- if (readonly == 0 && ioctl(fd, BLKROGET, &readonly) < 0) {
- log_err(cd, _("BLKROGET failed on device %s.\n"), device);
- goto out;
- }
-#else
-#error BLKROGET not available
-#endif
-
#ifdef BLKGETSIZE64
if (ioctl(fd, BLKGETSIZE64, &size) >= 0) {
size >>= SECTOR_SHIFT;
goto out;
}
#else
-# error Need at least the BLKGETSIZE ioctl!
+ if (ioctl(fd, DIOCGPART, &pinfo) >= 0) {
+ size = pinfo.media_blocks;
+ ret = 0;
+ goto out;
+ }
#endif
log_err(cd, _("BLKGETSIZE failed on device %s.\n"), device);
#include <string.h>
#include <netinet/in.h>
#include <errno.h>
-#include <gcrypt.h>
+#include <openssl/evp.h>
#include "random.h"
static void XORblock(char const *src1, char const *src2, char *dst, size_t n)
dst[j] = src1[j] ^ src2[j];
}
-static int hash_buf(char *src, char *dst, uint32_t iv, int len, int hash_id)
+static int hash_buf(char *src, char *dst, uint32_t iv, int len, const EVP_MD *hash_id)
{
- gcry_md_hd_t hd;
+ EVP_MD_CTX mdctx;
unsigned char *digest;
iv = htonl(iv);
- if (gcry_md_open(&hd, hash_id, 0))
- return 1;
- gcry_md_write(hd, (unsigned char *)&iv, sizeof(iv));
- gcry_md_write(hd, src, len);
- digest = gcry_md_read(hd, hash_id);
- memcpy(dst, digest, len);
- gcry_md_close(hd);
+
+ EVP_DigestInit(&mdctx, hash_id);
+ EVP_DigestUpdate(&mdctx, (unsigned char *)&iv, sizeof(iv));
+ EVP_DigestUpdate(&mdctx, src, len);
+ EVP_DigestFinal(&mdctx, dst, NULL);
+
return 0;
}
* the help of hash function.
*/
-static int diffuse(char *src, char *dst, size_t size, int hash_id)
+static int diffuse(char *src, char *dst, size_t size, const EVP_MD *hash_id)
{
- unsigned int digest_size = gcry_md_get_algo_dlen(hash_id);
+ unsigned int digest_size = EVP_MD_size(hash_id);
unsigned int i, blocks, padding;
blocks = size / digest_size;
unsigned int i;
char *bufblock;
int r = -EINVAL;
- int hash_id;
+ const EVP_MD *hash_id;
- if (!(hash_id = gcry_md_map_name(hash)))
+ OpenSSL_add_all_digests();
+ if (!(hash_id = EVP_get_digestbyname(hash)))
return -EINVAL;
if((bufblock = calloc(blocksize, 1)) == NULL) return -ENOMEM;
unsigned int i;
char *bufblock;
int r = -EINVAL;
- int hash_id;
+ const EVP_MD *hash_id;
- if (!(hash_id = gcry_md_map_name(hash)))
+ OpenSSL_add_all_digests();
+ if (!(hash_id = EVP_get_digestbyname(hash)))
return -EINVAL;
if((bufblock = calloc(blocksize, 1)) == NULL) return -ENOMEM;
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
-#include <linux/fs.h>
#include <netinet/in.h>
#include <fcntl.h>
#include <errno.h>
#include "af.h"
#include "pbkdf.h"
#include "random.h"
-#include <uuid/uuid.h>
+#include <uuid.h>
#include <../lib/internal.h>
#define div_round_up(a,b) ({ \
unsigned int i=0;
unsigned int blocksPerStripeSet = div_round_up(mk->keyLength*stripes,SECTOR_SIZE);
int r;
+ uint32_t ret;
char luksMagic[] = LUKS_MAGIC;
uuid_t partitionUuid;
int currentSector;
/* alignOffset - offset from natural device alignment provided by topology info */
header->payloadOffset = currentSector + alignOffset;
- if (uuid && !uuid_parse(uuid, partitionUuid)) {
+ uuid_from_string(uuid, &partitionUuid, &ret);
+ if (uuid && ret != uuid_s_ok) {
log_err(ctx, _("Wrong UUID format provided, generating new one.\n"));
uuid = NULL;
}
if (!uuid)
- uuid_generate(partitionUuid);
- uuid_unparse(partitionUuid, header->uuid);
+ uuid_create(&partitionUuid, &ret);
+ uuid_to_string(&partitionUuid, &header->uuid, &ret);
log_dbg("Data offset %d, UUID %s, digest iterations %" PRIu32,
header->payloadOffset, header->uuid, header->mkDigestIterations);
#include <netinet/in.h>
#include <errno.h>
#include <signal.h>
-#include <alloca.h>
#include <sys/time.h>
-#include <gcrypt.h>
+#include <string.h>
+#include <strings.h>
+#include <stdlib.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
static volatile uint64_t __PBKDF2_global_j = 0;
static volatile uint64_t __PBKDF2_performance = 0;
-int init_crypto(void);
-
/*
* 5.2 PBKDF2
*
unsigned int c, unsigned int dkLen,
char *DK, int perfcheck)
{
- gcry_md_hd_t prf;
char U[MAX_PRF_BLOCK_LEN];
char T[MAX_PRF_BLOCK_LEN];
- int PRF, i, k, rc = -EINVAL;
+ const EVP_MD *PRF;
+ HMAC_CTX ctx;
+ int i, k, rc = -EINVAL;
unsigned int u, hLen, l, r;
unsigned char *p;
size_t tmplen = Slen + 4;
if (tmp == NULL)
return -ENOMEM;
- if (init_crypto())
- return -ENOSYS;
-
- PRF = gcry_md_map_name(hash);
- if (PRF == 0)
+ OpenSSL_add_all_digests();
+ PRF = EVP_get_digestbyname(hash);
+ if (PRF == NULL) {
+ printf("pkcs5_pbkdf2: invalid hash %s\n", hash);
return -EINVAL;
+ }
- hLen = gcry_md_get_algo_dlen(PRF);
+ hLen = EVP_MD_size(PRF);
if (hLen == 0 || hLen > MAX_PRF_BLOCK_LEN)
return -EINVAL;
* into a small set of values.
*
*/
-
- if(gcry_md_open(&prf, PRF, GCRY_MD_FLAG_HMAC))
- return -EINVAL;
-
- if (gcry_md_setkey(prf, P, Plen))
- goto out;
+ HMAC_CTX_init(&ctx);
for (i = 1; (uint) i <= l; i++) {
memset(T, 0, hLen);
for (u = 1; u <= c ; u++) {
- gcry_md_reset(prf);
-
if (u == 1) {
memcpy(tmp, S, Slen);
tmp[Slen + 0] = (i & 0xff000000) >> 24;
tmp[Slen + 1] = (i & 0x00ff0000) >> 16;
tmp[Slen + 2] = (i & 0x0000ff00) >> 8;
tmp[Slen + 3] = (i & 0x000000ff) >> 0;
-
- gcry_md_write(prf, tmp, tmplen);
+ HMAC_Init_ex(&ctx, P, Plen, PRF, NULL);
+ HMAC_Update(&ctx, tmp, tmplen);
+ HMAC_Final(&ctx, U, NULL);
} else {
- gcry_md_write(prf, U, hLen);
+ HMAC(PRF, P, Plen, U, hLen, U, NULL);
}
- p = gcry_md_read(prf, PRF);
- if (p == NULL)
- goto out;
-
- memcpy(U, p, hLen);
-
for (k = 0; (uint) k < hLen; k++)
T[k] ^= U[k];
}
rc = 0;
out:
- gcry_md_close(prf);
+ HMAC_CTX_cleanup(&ctx);
return rc;
}
int PBKDF2_HMAC_ready(const char *hash)
{
- int hash_id = gcry_md_map_name(hash);
+ const EVP_MD *md;
- if (!hash_id)
+ OpenSSL_add_all_digests();
+ md = EVP_get_digestbyname(hash);
+ if (md == NULL)
return -EINVAL;
-
+
/* Used hash must have at least 160 bits */
- if (gcry_md_get_algo_dlen(hash_id) < 20)
+ if (EVP_MD_size(md) < 20)
return -EINVAL;
return 1;
char buf;
struct itimerval it;
- if (__PBKDF2_global_j)
+ if (__PBKDF2_global_j) {
+ printf("foo1\n");
return -EBUSY;
+ }
- if (!PBKDF2_HMAC_ready(hash))
+ if (!PBKDF2_HMAC_ready(hash)) {
+ printf("foo2\n");
return -EINVAL;
+ }
signal(SIGVTALRM,sigvtalarm);
it.it_interval.tv_usec = 0;
it.it_interval.tv_sec = 0;
it.it_value.tv_usec = 0;
it.it_value.tv_sec = 1;
- if (setitimer (ITIMER_VIRTUAL, &it, NULL) < 0)
+ if (setitimer (ITIMER_VIRTUAL, &it, NULL) < 0) {
+ printf("foo3\n");
return -EINVAL;
+ }
r = pkcs5_pbkdf2(hash, "foo", 3, "bar", 3, ~(0U), 1, &buf, 1);
-
+ printf("foo4: %d\n", r);
*iter = __PBKDF2_performance;
__PBKDF2_global_j = 0;
__PBKDF2_performance = 0;
#include <unistd.h>
#include <fcntl.h>
#include <assert.h>
+#include <getopt.h>
#include <libcryptsetup.h>
-#include <popt.h>
-#include "../config.h"
+#include "config.h"
#include "cryptsetup.h"
static void show_status(int errcode)
{
- char error[256], *error_;
+ char error[256];
+ int ret;
if(!opt_verbose)
return;
crypt_get_error(error, sizeof(error));
if (!error[0]) {
- error_ = strerror_r(-errcode, error, sizeof(error));
- if (error_ != error) {
- strncpy(error, error_, sizeof(error));
- error[sizeof(error) - 1] = '\0';
- }
+ ret = strerror_r(-errcode, error, sizeof(error));
}
log_err(_("Command failed with code %i"), -errcode);
return r;
}
-static void usage(poptContext popt_context, int exitcode,
- const char *error, const char *more)
+static void usage(const char *msg)
{
- poptPrintUsage(popt_context, stderr, 0);
- if (error)
- log_err("%s: %s\n", more, error);
- exit(exitcode);
+ log_err("Usage: cryptsetup [-?vyrq] [-?|--help] [--usage] [-v|--verbose]\n"
+ " [--debug] [-c|--cipher=STRING] [-h|--hash=STRING]\n"
+ " [-y|--verify-passphrase] [-d|--key-file=STRING]\n"
+ " [--master-key-file=STRING] [-s|--key-size=BITS] [-S|--key-slot=INT]\n"
+ " [-b|--size=SECTORS] [-o|--offset=SECTORS] [-p|--skip=SECTORS]\n"
+ " [-r|--readonly] [-i|--iter-time=msecs] [-q|--batch-mode] [--version]\n"
+ " [-t|--timeout=secs] [-T|--tries=INT] [--align-payload=SECTORS]\n"
+ " [--non-exclusive] [--header-backup-file=STRING] [OPTION...]\n"
+ " <action> <action-specific>]\n");
+
+ if (msg)
+ log_err("%s\n", msg);
+
+ exit(1);
}
-static void help(poptContext popt_context, enum poptCallbackReason reason,
- struct poptOption *key, const char * arg, void *data)
+static void help()
{
- if (key->shortName == '?') {
- struct action_type *action;
+ struct action_type *action;
- log_std("%s\n",PACKAGE_STRING);
+ log_std("%s\n",PACKAGE_STRING);
+ log_std("Usage: cryptsetup [OPTION...] <action> <action-specific>]\n"
+ " -v, --verbose Shows more detailed error messages\n"
+ " --debug Show debug messages\n"
+ " -c, --cipher=STRING The cipher used to encrypt the disk (see /proc/crypto)\n"
+ " -h, --hash=STRING The hash used to create the encryption key from the passphrase\n"
+ " -y, --verify-passphrase Verifies the passphrase by asking for it twice\n"
+ " -d, --key-file=STRING Read the key from a file (can be /dev/random)\n"
+ " --master-key-file=STRING Read the volume (master) key from file.\n"
+ " -s, --key-size=BITS The size of the encryption key\n"
+ " -S, --key-slot=INT Slot number for new key (default is first free)\n"
+ " -b, --size=SECTORS The size of the device\n"
+ " -o, --offset=SECTORS The start offset in the backend device\n"
+ " -p, --skip=SECTORS How many sectors of the encrypted data to skip at the beginning\n"
+ " -r, --readonly Create a readonly mapping\n"
+ " -i, --iter-time=msecs PBKDF2 iteration time for LUKS (in ms)\n"
+ " -q, --batch-mode Do not ask for confirmation\n"
+ " --version Print package version\n"
+ " -t, --timeout=secs Timeout for interactive passphrase prompt (in seconds)\n"
+ " -T, --tries=INT How often the input of the passphrase can be retried\n"
+ " --align-payload=SECTORS Align payload at <n> sector boundaries - for luksFormat\n"
+ " --non-exclusive (Obsoleted, see man page.)\n"
+ " --header-backup-file=STRING File with LUKS header and keyslots backup.\n"
+ "\n"
+ "Help options:\n"
+ " -?, --help Show this help message\n"
+ " --usage Display brief usage\n" );
+
+ log_std(_("\n"
+ "<action> is one of:\n"));
- poptPrintHelp(popt_context, stdout, 0);
+ for(action = action_types; action->type; action++)
+ log_std("\t%s %s - %s\n", action->type, _(action->arg_desc), _(action->desc));
+
+ log_std(_("\n"
+ "<name> is the device to create under %s\n"
+ "<device> is the encrypted device\n"
+ "<key slot> is the LUKS key slot number to modify\n"
+ "<key file> optional key file for the new key for luksAddKey action\n"),
+ crypt_get_dir());
- log_std(_("\n"
- "<action> is one of:\n"));
+ log_std(_("\nDefault compiled-in device cipher parameters:\n"
+ "\tplain: %s, Key: %d bits, Password hashing: %s\n"
+ "\tLUKS1: %s, Key: %d bits, LUKS header hashing: %s\n"),
+ DEFAULT_CIPHER(PLAIN), DEFAULT_PLAIN_KEYBITS, DEFAULT_PLAIN_HASH,
+ DEFAULT_CIPHER(LUKS1), DEFAULT_LUKS1_KEYBITS, DEFAULT_LUKS1_HASH);
+ exit(0);
- for(action = action_types; action->type; action++)
- log_std("\t%s %s - %s\n", action->type, _(action->arg_desc), _(action->desc));
-
- log_std(_("\n"
- "<name> is the device to create under %s\n"
- "<device> is the encrypted device\n"
- "<key slot> is the LUKS key slot number to modify\n"
- "<key file> optional key file for the new key for luksAddKey action\n"),
- crypt_get_dir());
-
- log_std(_("\nDefault compiled-in device cipher parameters:\n"
- "\tplain: %s, Key: %d bits, Password hashing: %s\n"
- "\tLUKS1: %s, Key: %d bits, LUKS header hashing: %s\n"),
- DEFAULT_CIPHER(PLAIN), DEFAULT_PLAIN_KEYBITS, DEFAULT_PLAIN_HASH,
- DEFAULT_CIPHER(LUKS1), DEFAULT_LUKS1_KEYBITS, DEFAULT_LUKS1_HASH);
- exit(0);
- } else
- usage(popt_context, 0, NULL, NULL);
}
void set_debug_level(int level);
int main(int argc, char **argv)
{
- static char *popt_tmp;
- static struct poptOption popt_help_options[] = {
- { NULL, '\0', POPT_ARG_CALLBACK, help, 0, NULL, NULL },
- { "help", '?', POPT_ARG_NONE, NULL, 0, N_("Show this help message"), NULL },
- { "usage", '\0', POPT_ARG_NONE, NULL, 0, N_("Display brief usage"), NULL },
- POPT_TABLEEND
- };
- static struct poptOption popt_options[] = {
- { NULL, '\0', POPT_ARG_INCLUDE_TABLE, popt_help_options, 0, N_("Help options:"), NULL },
- { "verbose", 'v', POPT_ARG_NONE, &opt_verbose, 0, N_("Shows more detailed error messages"), NULL },
- { "debug", '\0', POPT_ARG_NONE, &opt_debug, 0, N_("Show debug messages"), NULL },
- { "cipher", 'c', POPT_ARG_STRING, &opt_cipher, 0, N_("The cipher used to encrypt the disk (see /proc/crypto)"), NULL },
- { "hash", 'h', POPT_ARG_STRING, &opt_hash, 0, N_("The hash used to create the encryption key from the passphrase"), NULL },
- { "verify-passphrase", 'y', POPT_ARG_NONE, &opt_verify_passphrase, 0, N_("Verifies the passphrase by asking for it twice"), NULL },
- { "key-file", 'd', POPT_ARG_STRING, &opt_key_file, 0, N_("Read the key from a file (can be /dev/random)"), NULL },
- { "master-key-file", '\0', POPT_ARG_STRING, &opt_master_key_file, 0, N_("Read the volume (master) key from file."), NULL },
- { "key-size", 's', POPT_ARG_INT, &opt_key_size, 0, N_("The size of the encryption key"), N_("BITS") },
- { "key-slot", 'S', POPT_ARG_INT, &opt_key_slot, 0, N_("Slot number for new key (default is first free)"), NULL },
- { "size", 'b', POPT_ARG_STRING, &popt_tmp, 1, N_("The size of the device"), N_("SECTORS") },
- { "offset", 'o', POPT_ARG_STRING, &popt_tmp, 2, N_("The start offset in the backend device"), N_("SECTORS") },
- { "skip", 'p', POPT_ARG_STRING, &popt_tmp, 3, N_("How many sectors of the encrypted data to skip at the beginning"), N_("SECTORS") },
- { "readonly", 'r', POPT_ARG_NONE, &opt_readonly, 0, N_("Create a readonly mapping"), NULL },
- { "iter-time", 'i', POPT_ARG_INT, &opt_iteration_time, 0, N_("PBKDF2 iteration time for LUKS (in ms)"), N_("msecs") },
- { "batch-mode", 'q', POPT_ARG_NONE, &opt_batch_mode, 0, N_("Do not ask for confirmation"), NULL },
- { "version", '\0', POPT_ARG_NONE, &opt_version_mode, 0, N_("Print package version"), NULL },
- { "timeout", 't', POPT_ARG_INT, &opt_timeout, 0, N_("Timeout for interactive passphrase prompt (in seconds)"), N_("secs") },
- { "tries", 'T', POPT_ARG_INT, &opt_tries, 0, N_("How often the input of the passphrase can be retried"), NULL },
- { "align-payload", '\0', POPT_ARG_INT, &opt_align_payload, 0, N_("Align payload at <n> sector boundaries - for luksFormat"), N_("SECTORS") },
- { "non-exclusive", '\0', POPT_ARG_NONE, &opt_non_exclusive, 0, N_("(Obsoleted, see man page.)"), NULL },
- { "header-backup-file",'\0', POPT_ARG_STRING, &opt_header_backup_file, 0, N_("File with LUKS header and keyslots backup."), NULL },
- POPT_TABLEEND
+ static struct option options[] = {
+ { "help", no_argument, NULL, '?' },
+ { "usage", no_argument, NULL, 'u' },
+ { "verbose", no_argument, NULL, 'v' },
+ { "debug", no_argument, &opt_debug, 1 },
+ { "cipher", required_argument, NULL, 'c' },
+ { "hash", required_argument, NULL, 'h' },
+ { "verify-passphrase", no_argument, NULL, 'y' },
+ { "key-file", required_argument, NULL, 'd' },
+ { "master-key-file", required_argument, NULL, 'm' },
+ { "key-size", required_argument, NULL, 's' },
+ { "key-slot", required_argument, NULL, 'S' },
+ { "size", required_argument, NULL, 'b' },
+ { "offset", required_argument, NULL, 'o' },
+ { "skip", required_argument, NULL, 'p' },
+ { "readonly", no_argument, NULL, 'r' },
+ { "iter-time", required_argument, NULL, 'i' },
+ { "batch-mode", no_argument, NULL, 'q' },
+ { "version", no_argument, &opt_version_mode, 1 },
+ { "timeout", required_argument, NULL, 't' },
+ { "tries", required_argument, NULL, 'T' },
+ { "align-payload", required_argument, NULL, 'a' },
+ { "header-backup-file",required_argument, NULL, 'x' },
+ { NULL, 0, NULL, 0 }
};
- poptContext popt_context;
struct action_type *action;
char *aname;
int r;
bindtextdomain(PACKAGE, LOCALEDIR);
textdomain(PACKAGE);
- popt_context = poptGetContext(PACKAGE, argc, (const char **)argv,
- popt_options, 0);
- poptSetOtherOptionHelp(popt_context,
- N_("[OPTION...] <action> <action-specific>]"));
-
- while((r = poptGetNextOpt(popt_context)) > 0) {
- unsigned long long ull_value;
- char *endp;
-
- ull_value = strtoull(popt_tmp, &endp, 0);
- if (*endp || !*popt_tmp)
- r = POPT_ERROR_BADNUMBER;
-
- switch(r) {
- case 1:
- opt_size = ull_value;
- break;
- case 2:
- opt_offset = ull_value;
- break;
- case 3:
- opt_skip = ull_value;
- break;
- }
-
- if (r < 0)
+ while((r = getopt_long(argc, argv, "?vc:h:yd:m:s:S:b:o:p:ri:qt:T:", options, NULL)) != -1)
+ {
+ switch (r) {
+ case 'u':
+ usage(NULL);
break;
- }
-
- if (r < -1)
- usage(popt_context, 1, poptStrerror(r),
- poptBadOption(popt_context, POPT_BADOPTION_NOALIAS));
- if (opt_version_mode) {
- log_std("%s %s\n", PACKAGE_NAME, PACKAGE_VERSION);
- exit(0);
+ case 'v':
+ opt_verbose = 1;
+ break;
+ case 'c':
+ opt_cipher = optarg;
+ break;
+ case 'h':
+ opt_hash = optarg;
+ break;
+ case 'y':
+ opt_verify_passphrase = 1;
+ break;
+ case 'd':
+ opt_key_file = optarg;
+ break;
+ case 'm':
+ opt_master_key_file = optarg;
+ break;
+ case 's':
+ opt_key_size = atoi(optarg);
+ break;
+ case 'S':
+ opt_key_slot = atoi(optarg);
+ break;
+ case 'b':
+ opt_size = strtoull(optarg, NULL, 0);
+ break;
+ case 'o':
+ opt_offset = strtoull(optarg, NULL, 0);
+ break;
+ case 'p':
+ opt_skip = strtoull(optarg, NULL, 0);
+ break;
+ case 'r':
+ opt_readonly = 1;
+ break;
+ case 'i':
+ opt_iteration_time = atoi(optarg);
+ break;
+ case 'q':
+ opt_batch_mode = 1;
+ break;
+ case 't':
+ opt_timeout = atoi(optarg);
+ break;
+ case 'T':
+ opt_tries = atoi(optarg);
+ break;
+ case 'a':
+ opt_align_payload = atoi(optarg);
+ break;
+ case 'x':
+ opt_header_backup_file = optarg;
+ break;
+ case '?':
+ help();
+ break;
+ case 0:
+ if (opt_version_mode) {
+ log_std("%s %s\n", PACKAGE_NAME, PACKAGE_VERSION);
+ exit(0);
+ }
+ break;
+ }
}
if (opt_key_size % 8)
- usage(popt_context, 1,
- _("Key size must be a multiple of 8 bits"),
- poptGetInvocationName(popt_context));
+ usage(_("Key size must be a multiple of 8 bits"));
+
+ argc -= optind;
+ argv += optind;
- if (!(aname = (char *)poptGetArg(popt_context)))
- usage(popt_context, 1, _("Argument <action> missing."),
- poptGetInvocationName(popt_context));
+ if (argc == 0) {
+ usage(_("Argument <action> missing."));
+ /* NOTREACHED */
+ }
+
+ aname = argv[0];
for(action = action_types; action->type; action++)
if (strcmp(action->type, aname) == 0)
break;
- if (!action->type)
- usage(popt_context, 1, _("Unknown action."),
- poptGetInvocationName(popt_context));
-
- action_argc = 0;
- action_argv = poptGetArgs(popt_context);
- /* Make return values of poptGetArgs more consistent in case of remaining argc = 0 */
- if(!action_argv)
- action_argv = null_action_argv;
+ if (!action->type) {
+ usage( _("Unknown action."));
+ /* NOTREACHED */
+ }
- /* Count args, somewhat unnice, change? */
- while(action_argv[action_argc] != NULL)
- action_argc++;
+ action_argc = argc-1;
+ action_argv = &argv[1];
if(action_argc < action->required_action_argc) {
char buf[128];
snprintf(buf, 128,_("%s: requires %s as arguments"), action->type, action->arg_desc);
- usage(popt_context, 1, buf,
- poptGetInvocationName(popt_context));
+ usage(buf);
+ /* NOTREACHED */
}
if (opt_debug) {
# $FreeBSD: src/gnu/usr.bin/Makefile,v 1.51 2000/01/16 00:11:34 obrien Exp $
# $DragonFly: src/gnu/usr.bin/Makefile,v 1.32 2007/09/05 21:40:10 pavalos Exp $
-SUBDIR= dmsetup lvm
+SUBDIR= cryptsetup dmsetup lvm
.include <bsd.subdir.mk>
--- /dev/null
+CRYPTSETUP_DIR= ${.CURDIR}/../../../contrib/cryptsetup
+
+CRYPTSETUP_SRCDIR= ${CRYPTSETUP_DIR}/src
+CRYPTSETUP_LUKSDIR= ${CRYPTSETUP_DIR}/luks
+CRYPTSETUP_LIBDIR= ${CRYPTSETUP_DIR}/lib
+.PATH: ${CRYPTSETUP_DIR}/man
+
+PROG= cryptsetup
+
+# Add a backend...
+SRCS+= backends.c libdevmapper.c setup.c utils.c \
+ utils_debug.c
+
+SRCS+= af.c hexprint.c keyencryption.c keymanage.c \
+ pbkdf.c random.c
+
+SRCS+= cryptsetup.c
+
+MAN= cryptsetup.8
+
+#CFLAGS+= -D_XOPEN_SOURCE=600
+CFLAGS+= -I${CRYPTSETUP_SRCDIR} -I${CRYPTSETUP_LIBDIR} \
+ -I${CRYPTSETUP_LUKSDIR} -I. -I${CRYPTSETUP_DIR}
+
+LDADD+= -L${.CURDIR}/../../lib/libdevmapper -ldevmapper
+DPADD+= ${.CURDIR}/../../lib/libdevmapper/libdevmapper.a
+
+LDADD+= -lprop -lcrypto
+
+.PATH: ${CRYPTSETUP_SRCDIR}
+.PATH: ${CRYPTSETUP_LUKSDIR}
+.PATH: ${CRYPTSETUP_LIBDIR}
+
+.include <bsd.prog.mk>
projects / dragonfly.git / commitdiff