Permalink
Browse files

major refactoring (move out info & map)

  • Loading branch information...
1 parent 05bf0a1 commit 94d9e9101f714308e55653a1856d6a06da2eae2b @bwalex committed Jul 3, 2011
Showing with 218 additions and 100 deletions.
  1. +12 −98 main.c
  2. +197 −2 tc-play.c
  3. +9 −0 tc-play.h
View
110 main.c
@@ -106,18 +106,13 @@ main(int argc, char *argv[])
const char *dev = NULL, *sys_dev = NULL, *map_name = NULL;
const char *keyfiles[MAX_KEYFILES];
const char *h_keyfiles[MAX_KEYFILES];
- char *pass;
- char *h_pass = NULL;
- struct tchdr_enc *ehdr, *hehdr = NULL;
- struct tcplay_info *info, *hinfo = NULL;
int nkeyfiles;
int n_hkeyfiles;
- int ch, error, error2, r = 0;
+ int ch, error;
int sflag = 0, info_vol = 0, map_vol = 0, protect_hidden = 0,
create_vol = 0, contain_hidden = 0;
struct pbkdf_prf_algo *prf = NULL;
struct tc_cipher_chain *cipher_chain = NULL;
- size_t sz;
tc_play_init();
@@ -208,101 +203,20 @@ main(int argc, char *argv[])
if (create_vol) {
error = create_volume(dev, contain_hidden, keyfiles, nkeyfiles,
h_keyfiles, n_hkeyfiles, prf, cipher_chain, NULL, NULL,
- 0, 1 /* Interactive */);
+ 0, 1 /* interactive */);
if (error) {
- err(1, "could not create new volume on %s\n", dev);
+ tc_log(1, "could not create new volume on %s\n", dev);
}
- exit(0);
- /* NOT REACHED */
- }
-
- /* This is only for info_vol and map_vol: */
- if ((pass = alloc_safe_mem(MAX_PASSSZ)) == NULL) {
- err(1, "could not allocate safe passphrase memory");
- }
-
- if ((error = read_passphrase("Passphrase: ", pass, MAX_PASSSZ))) {
- err(1, "could not read passphrase");
- }
-
- if (nkeyfiles > 0) {
- /* Apply keyfiles to 'pass' */
- if ((error = apply_keyfiles(pass, MAX_PASSSZ, keyfiles,
- nkeyfiles))) {
- err(1, "could not apply keyfiles");
- }
- }
-
- if (protect_hidden) {
- if ((h_pass = alloc_safe_mem(MAX_PASSSZ)) == NULL) {
- err(1, "could not allocate safe passphrase memory");
- }
-
- if ((error = read_passphrase("Passphrase for hidden volume: ",
- h_pass, MAX_PASSSZ))) {
- err(1, "could not read passphrase");
- }
-
- if (n_hkeyfiles > 0) {
- /* Apply keyfiles to 'h_pass' */
- if ((error = apply_keyfiles(h_pass, MAX_PASSSZ, h_keyfiles,
- n_hkeyfiles))) {
- err(1, "could not apply keyfiles");
- }
- }
- }
-
- sz = HDRSZ;
- ehdr = (struct tchdr_enc *)read_to_safe_mem((sflag) ? sys_dev : dev,
- (sflag) ? HDR_OFFSET_SYS : 0, &sz);
- if (ehdr == NULL) {
- err(1, "read hdr_enc: %s", dev);
- }
-
- if (!sflag) {
- sz = HDRSZ;
- hehdr = (struct tchdr_enc *)read_to_safe_mem(dev, HDR_OFFSET_HIDDEN, &sz);
- if (hehdr == NULL) {
- err(1, "read hdr_enc: %s", dev);
- }
- } else {
- hehdr = NULL;
- }
-
- error = process_hdr(dev, pass, (nkeyfiles > 0)?MAX_PASSSZ:strlen(pass),
- ehdr, &info);
-
- if (hehdr && (error || protect_hidden)) {
- if (error) {
- error2 = process_hdr(dev, pass,
- (nkeyfiles > 0)?MAX_PASSSZ:strlen(pass), hehdr,
- &info);
- } else if (protect_hidden) {
- error2 = process_hdr(dev, h_pass,
- (n_hkeyfiles > 0)?MAX_PASSSZ:strlen(h_pass), hehdr,
- &hinfo);
- }
- }
-
- if ((protect_hidden && (error || error2)) || /* We need both to protect a h. vol */
- (error && error2)) {
- errx(1, "Incorrect password or not a TrueCrypt volume\n");
- }
-
- if (protect_hidden) {
- if (adjust_info(info, hinfo) != 0) {
- errx(1, "Could not protected hidden volume\n");
- }
- }
-
- if (info_vol) {
- print_info(info);
+ } else if (info_vol) {
+ error = info_volume(dev, sflag, sys_dev, protect_hidden,
+ keyfiles, nkeyfiles, h_keyfiles, n_hkeyfiles, NULL, NULL,
+ 1 /* interactive */, DEFAULT_RETRIES);
} else if (map_vol) {
- if ((error = dm_setup(map_name, info)) != 0) {
- err(1, "could not set up dm-crypt mapping");
- }
- printf("All ok!");
+ error = map_volume(map_name,
+ dev, sflag, sys_dev, protect_hidden,
+ keyfiles, nkeyfiles, h_keyfiles, n_hkeyfiles, NULL, NULL,
+ 1 /* interactive */, DEFAULT_RETRIES);
}
- return r;
+ return error;
}
View
199 tc-play.c
@@ -389,7 +389,7 @@ create_volume(const char *dev, int hidden, const char *keyfiles[], int nkeyfiles
}
if ((error = read_passphrase("Passphrase: ", pass, MAX_PASSSZ) ||
- (error = read_passphrase("Repeat passphrase", pass_again,
+ (read_passphrase("Repeat passphrase", pass_again,
MAX_PASSSZ)))) {
tc_log(1, "could not read passphrase\n");
return -1;
@@ -432,7 +432,7 @@ create_volume(const char *dev, int hidden, const char *keyfiles[], int nkeyfiles
if ((error = read_passphrase("Passphrase for hidden volume: ",
h_pass, MAX_PASSSZ) ||
- (error = read_passphrase("Repeat passphrase", pass_again,
+ (read_passphrase("Repeat passphrase", pass_again,
MAX_PASSSZ)))) {
tc_log(1, "could not read passphrase\n");
return -1;
@@ -579,6 +579,201 @@ create_volume(const char *dev, int hidden, const char *keyfiles[], int nkeyfiles
return 0;
}
+static
+struct tcplay_info *
+info_map_common(const char *dev, int sflag, const char *sys_dev,
+ int protect_hidden, const char *keyfiles[], int nkeyfiles,
+ const char *h_keyfiles[], int n_hkeyfiles, char *passphrase,
+ char *passphrase_hidden, int interactive, int retries)
+{
+ struct tchdr_enc *ehdr, *hehdr = NULL;
+ struct tcplay_info *info, *hinfo = NULL;
+ char *pass;
+ char *h_pass;
+ int error, error2;
+ size_t sz;
+
+ info = NULL;
+ if (retries < 1)
+ retries = 1;
+
+ while ((info == NULL) && retries-- > 0)
+ {
+ h_pass = NULL;
+ ehdr = NULL;
+ hehdr = NULL;
+
+ if ((pass = alloc_safe_mem(MAX_PASSSZ)) == NULL) {
+ tc_log(1, "could not allocate safe passphrase memory\n");
+ return NULL;
+ }
+
+ if (interactive) {
+ if ((error = read_passphrase("Passphrase: ", pass, MAX_PASSSZ))) {
+ tc_log(1, "could not read passphrase\n");
+ return NULL;
+ }
+ } else {
+ /* In batch mode, use provided passphrase */
+ if (passphrase != NULL)
+ strcpy(pass, passphrase);
+ }
+
+ if (nkeyfiles > 0) {
+ /* Apply keyfiles to 'pass' */
+ if ((error = apply_keyfiles(pass, MAX_PASSSZ, keyfiles,
+ nkeyfiles))) {
+ tc_log(1, "could not apply keyfiles");
+ return NULL;
+ }
+ }
+
+ if (protect_hidden) {
+ if ((h_pass = alloc_safe_mem(MAX_PASSSZ)) == NULL) {
+ tc_log(1, "could not allocate safe passphrase memory\n");
+ return NULL;
+ }
+
+ if (interactive) {
+ if ((error = read_passphrase(
+ "Passphrase for hidden volume: ", h_pass,
+ MAX_PASSSZ))) {
+ tc_log(1, "could not read passphrase\n");
+ return NULL;
+ }
+ } else {
+ /* In batch mode, use provided passphrase */
+ if (passphrase_hidden != NULL)
+ strcpy(h_pass, passphrase_hidden);
+ }
+
+ if (n_hkeyfiles > 0) {
+ /* Apply keyfiles to 'pass' */
+ if ((error = apply_keyfiles(h_pass, MAX_PASSSZ, h_keyfiles,
+ n_hkeyfiles))) {
+ tc_log(1, "could not apply keyfiles");
+ return NULL;
+ }
+ }
+ }
+
+ sz = HDRSZ;
+ ehdr = (struct tchdr_enc *)read_to_safe_mem((sflag) ? sys_dev : dev,
+ (sflag) ? HDR_OFFSET_SYS : 0, &sz);
+ if (ehdr == NULL) {
+ tc_log(1, "error read hdr_enc: %s", dev);
+ return NULL;
+ }
+
+ if (!sflag) {
+ sz = HDRSZ;
+ hehdr = (struct tchdr_enc *)read_to_safe_mem(dev,
+ HDR_OFFSET_HIDDEN, &sz);
+ if (hehdr == NULL) {
+ tc_log(1, "error read hdr_enc: %s", dev);
+ return NULL;
+ }
+ } else {
+ hehdr = NULL;
+ }
+
+ error = process_hdr(dev, pass, (nkeyfiles > 0)?MAX_PASSSZ:strlen(pass),
+ ehdr, &info);
+
+ /*
+ * Try to process hidden header if we have to protect the hidden
+ * volume, or the decryption/verification of the main header
+ * failed.
+ */
+ if (hehdr && (error || protect_hidden)) {
+ if (error) {
+ error2 = process_hdr(dev, pass,
+ (nkeyfiles > 0)?MAX_PASSSZ:strlen(pass), hehdr,
+ &info);
+ } else if (protect_hidden) {
+ error2 = process_hdr(dev, h_pass,
+ (n_hkeyfiles > 0)?MAX_PASSSZ:strlen(h_pass), hehdr,
+ &hinfo);
+ }
+ }
+
+ /* We need both to protect a hidden volume */
+ if ((protect_hidden && (error || error2)) ||
+ (error && error2)) {
+ tc_log(1, "Incorrect password or not a TrueCrypt volume\n");
+ info = NULL;
+ hinfo = NULL;
+
+ /* Try again (or finish) */
+ free_safe_mem(pass);
+ if (h_pass)
+ free_safe_mem(h_pass);
+ if (ehdr)
+ free_safe_mem(ehdr);
+ if (hehdr)
+ free_safe_mem(hehdr);
+ continue;
+ }
+
+ if (protect_hidden) {
+ if (adjust_info(info, hinfo) != 0) {
+ tc_log(1, "Could not protect hidden volume\n");
+ return NULL;
+ }
+ }
+ }
+
+ return info;
+}
+
+int
+info_volume(const char *device, int sflag, const char *sys_dev,
+ int protect_hidden, const char *keyfiles[], int nkeyfiles,
+ const char *h_keyfiles[], int n_hkeyfiles,
+ char *passphrase, char *passphrase_hidden, int interactive, int retries)
+{
+ struct tcplay_info *info;
+
+ info = info_map_common(device, sflag, sys_dev, protect_hidden,
+ keyfiles, nkeyfiles, h_keyfiles, n_hkeyfiles,
+ passphrase, passphrase_hidden, interactive, retries);
+
+ if (info != NULL) {
+ if (interactive)
+ print_info(info);
+ }
+
+ return (info != NULL) ? 0 : -1;
+}
+
+int
+map_volume(const char *map_name, const char *device, int sflag,
+ const char *sys_dev, int protect_hidden, const char *keyfiles[],
+ int nkeyfiles, const char *h_keyfiles[], int n_hkeyfiles,
+ char *passphrase, char *passphrase_hidden, int interactive, int retries)
+
+{
+ struct tcplay_info *info;
+ int error;
+
+ info = info_map_common(device, sflag, sys_dev, protect_hidden,
+ keyfiles, nkeyfiles, h_keyfiles, n_hkeyfiles,
+ passphrase, passphrase_hidden, interactive, retries);
+
+ if (info == NULL)
+ return -1;
+
+ if ((error = dm_setup(map_name, info)) != 0) {
+ tc_log(1, "Could not set up mapping %s\n", map_name);
+ return -1;
+ }
+
+ if (interactive)
+ printf("All ok!");
+
+ return 0;
+}
+
/* XXX: unroll changes that dm_setup does on error */
int
dm_setup(const char *mapname, struct tcplay_info *info)
View
@@ -45,6 +45,7 @@
#define SALT_LEN 64
#define MIN_VOL_BLOCKS 256
#define MAX_CIPHER_CHAINS 64
+#define DEFAULT_RETRIES 3
/* TrueCrypt Volume flags */
#define TC_VOLFLAG_SYSTEM 0x01 /* system encryption */
@@ -171,6 +172,14 @@ int create_volume(const char *dev, int hidden, const char *keyfiles[],
struct pbkdf_prf_algo *prf_algo, struct tc_cipher_chain *cipher_chain,
char *passphrase, char *h_passphrase, size_t hidden_blocks_in,
int interactive);
+int info_volume(const char *device, int sflag, const char *sys_dev,
+ int protect_hidden, const char *keyfiles[], int nkeyfiles,
+ const char *h_keyfiles[], int n_hkeyfiles,
+ char *passphrase, char *passphrase_hidden, int interactive, int retries);
+int map_volume(const char *map_name, const char *device, int sflag,
+ const char *sys_dev, int protect_hidden, const char *keyfiles[],
+ int nkeyfiles, const char *h_keyfiles[], int n_hkeyfiles,
+ char *passphrase, char *passphrase_hidden, int interactive, int retries);
int dm_setup(const char *mapname, struct tcplay_info *info);
extern int tc_internal_verbose;

0 comments on commit 94d9e91

Please sign in to comment.