Mark some functions in userland __printflike.
[dragonfly.git] / lib / libtcplay / tcplay.h
CommitLineData
0d9ba1e1
AH
1/*
2 * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
19 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
20 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
22 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
26 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30/* Version of tcplay */
31#define MAJ_VER 0
81b79547 32#define MIN_VER 9
0d9ba1e1
AH
33
34
35#define MAX_BLKSZ 4096
36#define MAX_KEYSZ 192
37#define HDRSZ 512
38#define HDR_OFFSET_SYS 31744 /* 512 * (63 -1) */
39#define TC_SIG "TRUE"
40#define MAX_PASSSZ 64
41#define KPOOL_SZ 64
42#define MAX_KFILE_SZ 1048576 /* 1 MB */
43#define MAX_KEYFILES 256
44#define HDR_OFFSET_HIDDEN 65536
81b79547
AH
45#define BACKUP_HDR_HIDDEN_OFFSET_END 65536
46#define BACKUP_HDR_OFFSET_END 131072
0d9ba1e1 47#define SALT_LEN 64
81b79547
AH
48#define VOL_RSVD_BYTES_START (256*512) /* Reserved bytes at vol. start */
49#define VOL_RSVD_BYTES_END (256*512) /* Reserved bytes at vol. end */
50#define MIN_VOL_BYTES (VOL_RSVD_BYTES_START + VOL_RSVD_BYTES_END)
51
0d9ba1e1
AH
52#define MAX_CIPHER_CHAINS 64
53#define DEFAULT_RETRIES 3
54#define ERASE_BUFFER_SIZE 4*1024*1024 /* 4 MB */
55
56/* TrueCrypt Volume flags */
57#define TC_VOLFLAG_SYSTEM 0x01 /* system encryption */
58#define TC_VOLFLAG_INPLACE 0x02 /* non-system in-place-encrypted volume */
59
60#define LOG_BUFFER_SZ 1024
61#if 0
62#define DEBUG 1
63#endif
64
81b79547
AH
65#include <inttypes.h>
66
67#if defined(__DragonFly__)
0d9ba1e1 68#include <uuid.h>
81b79547
AH
69#elif defined(__linux__)
70#include <uuid/uuid.h>
71#endif
0d9ba1e1
AH
72
73struct pbkdf_prf_algo {
74 const char *name;
75 int iteration_count;
76};
77
78struct tc_crypto_algo {
79 const char *name;
80 const char *dm_crypt_str;
81 int klen;
82 int ivlen;
83};
84
85struct tc_cipher_chain {
86 struct tc_crypto_algo *cipher;
87 unsigned char *key;
88 char dm_key[MAX_KEYSZ*2 + 1];
89
90 struct tc_cipher_chain *prev;
91 struct tc_cipher_chain *next;
92};
93
94struct tchdr_enc {
95 unsigned char salt[SALT_LEN]; /* Salt for PBKDF */
96 unsigned char enc[448]; /* Encrypted part of the header */
97} __attribute__((__packed__));
98
99struct tchdr_dec {
100 char tc_str[4]; /* ASCII string "TRUE" */
101 uint16_t tc_ver; /* Volume header format version */
102 uint16_t tc_min_ver;
103 uint32_t crc_keys; /* CRC32 of the key section */
104 uint64_t vol_ctime; /* Volume creation time */
105 uint64_t hdr_ctime; /* Header creation time */
106 uint64_t sz_hidvol; /* Size of hidden volume (set to zero
107 in non-hidden volumes) */
108 uint64_t sz_vol; /* Size of volume */
109 uint64_t off_mk_scope; /* Byte offset of the start of the
110 master key scope */
111 uint64_t sz_mk_scope; /* Size of the encrypted area within
112 the master key scope */
113 uint32_t flags; /* Flag bits
114 (bit 0: system encryption;
115 bit 1: non-system in-place-encrypted volume;
116 bits 2–31 are reserved) */
117 uint32_t sec_sz; /* Sector size (in bytes) */
118 unsigned char unused3[120];
119 uint32_t crc_dhdr; /* CRC32 of dec. header (except keys) */
120 unsigned char keys[256];
121} __attribute__((__packed__));
122
123struct tcplay_info {
124 const char *dev;
125 struct tchdr_dec *hdr;
126 struct tc_cipher_chain *cipher_chain;
127 struct pbkdf_prf_algo *pbkdf_prf;
128 char key[MAX_KEYSZ*2 + 1];
129 off_t start; /* Logical volume offset in table */
130 size_t size; /* Volume size */
131
132 off_t skip; /* IV offset */
133 off_t offset; /* Block offset */
134
135 /* Populated by dm_setup */
136 uuid_t uuid;
137};
138
139void *read_to_safe_mem(const char *file, off_t offset, size_t *sz);
140int get_random(unsigned char *buf, size_t len);
141int secure_erase(const char *dev, size_t bytes, size_t blksz);
142int get_disk_info(const char *dev, size_t *blocks, size_t *bsize);
81b79547
AH
143int write_to_disk(const char *dev, off_t offset, size_t blksz, void *mem,
144 size_t bytes);
0d9ba1e1
AH
145int read_passphrase(const char *prompt, char *pass, size_t passlen,
146 time_t timeout);
147
148int tc_crypto_init(void);
149int tc_cipher_chain_populate_keys(struct tc_cipher_chain *cipher_chain,
150 unsigned char *key);
81b79547 151int tc_cipher_chain_free_keys(struct tc_cipher_chain *cipher_chain);
0d9ba1e1
AH
152int tc_encrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
153 unsigned char *iv,
154 unsigned char *in, int in_len, unsigned char *out);
155int tc_decrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
156 unsigned char *iv,
157 unsigned char *in, int in_len, unsigned char *out);
81b79547
AH
158
159/* The following two are platform dependent */
160int syscrypt(struct tc_crypto_algo *cipher, unsigned char *key, size_t klen,
161 unsigned char *iv, unsigned char *in, unsigned char *out, size_t len,
162 int do_encrypt);
163int pbkdf2(struct pbkdf_prf_algo *hash, const char *pass, int passlen,
164 const unsigned char *salt, int saltlen,
165 int keylen, unsigned char *out);
166
0d9ba1e1
AH
167int apply_keyfiles(unsigned char *pass, size_t pass_memsz, const char *keyfiles[],
168 int nkeyfiles);
169
170struct tchdr_enc *create_hdr(unsigned char *pass, int passlen,
171 struct pbkdf_prf_algo *prf_algo, struct tc_cipher_chain *cipher_chain,
172 size_t sec_sz, size_t total_blocks,
81b79547
AH
173 off_t offset, size_t blocks, int hidden,
174 struct tchdr_enc **backup_hdr);
0d9ba1e1
AH
175struct tchdr_dec *decrypt_hdr(struct tchdr_enc *ehdr,
176 struct tc_cipher_chain *cipher_chain, unsigned char *key);
177int verify_hdr(struct tchdr_dec *hdr);
178
179void *_alloc_safe_mem(size_t req_sz, const char *file, int line);
180void _free_safe_mem(void *mem, const char *file, int line);
181void check_and_purge_safe_mem(void);
182
183struct tc_crypto_algo *check_cipher(const char *cipher, int quiet);
184struct tc_cipher_chain *check_cipher_chain(char *cipher_chain, int quiet);
185struct pbkdf_prf_algo *check_prf_algo(char *algo, int quiet);
186
187int tc_play_init(void);
f7eac9d2 188void tc_log(int err, const char *fmt, ...) __printflike(2, 3);
0d9ba1e1
AH
189void print_info(struct tcplay_info *info);
190int adjust_info(struct tcplay_info *info, struct tcplay_info *hinfo);
191int process_hdr(const char *dev, unsigned char *pass, int passlen,
192 struct tchdr_enc *ehdr, struct tcplay_info **pinfo);
193int create_volume(const char *dev, int hidden, const char *keyfiles[],
194 int nkeyfiles, const char *h_keyfiles[], int n_hkeyfiles,
195 struct pbkdf_prf_algo *prf_algo, struct tc_cipher_chain *cipher_chain,
196 struct pbkdf_prf_algo *h_prf_algo, struct tc_cipher_chain *h_cipher_chain,
81b79547 197 char *passphrase, char *h_passphrase, size_t hidden_bytes_in,
0d9ba1e1
AH
198 int interactive);
199int info_volume(const char *device, int sflag, const char *sys_dev,
200 int protect_hidden, const char *keyfiles[], int nkeyfiles,
201 const char *h_keyfiles[], int n_hkeyfiles,
202 char *passphrase, char *passphrase_hidden, int interactive, int retries,
203 time_t timeout);
204int map_volume(const char *map_name, const char *device, int sflag,
205 const char *sys_dev, int protect_hidden, const char *keyfiles[],
206 int nkeyfiles, const char *h_keyfiles[], int n_hkeyfiles,
207 char *passphrase, char *passphrase_hidden, int interactive, int retries,
208 time_t timeout);
209int dm_setup(const char *mapname, struct tcplay_info *info);
210int dm_teardown(const char *mapname, const char *device);
211
212typedef void(*summary_fn_t)(void);
213
214extern int tc_internal_verbose;
215extern char tc_internal_log_buffer[];
216extern summary_fn_t summary_fn;
217
218#define alloc_safe_mem(x) \
219 _alloc_safe_mem(x, __FILE__, __LINE__)
220
221#define free_safe_mem(x) \
222 _free_safe_mem(x, __FILE__, __LINE__)
81b79547
AH
223
224#define __unused __attribute__((__unused__))