andrius
/
kpmcore
Watch 1
Star 0
Fork 0
Code Pull Requests 0 Releases 21 Activity
Library for managing partitions. Common code for KDE Partition Manager and other projects. https://www.kde.org/applications/system/kdepartitionmanager/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
986 Commits
4 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
kpmcore/src/fs/luks.cpp

luks.cpp 21KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698 
  1. /*************************************************************************

  2.  *  Copyright (C) 2012 by Volker Lanz <vl@fidra.de>                      *

  3.  *  Copyright (C) 2013-2017 by Andrius Štikonas <andrius@stikonas.eu>    *

  4.  *  Copyright (C) 2015-2016 by Teo Mrnjavac <teo@kde.org>                *

  5.  *                                                                       *

  6.  *  This program is free software; you can redistribute it and/or        *

  7.  *  modify it under the terms of the GNU General Public License as       *

  8.  *  published by the Free Software Foundation; either version 3 of       *

  9.  *  the License, or (at your option) any later version.                  *

  10.  *                                                                       *

  11.  *  This program is distributed in the hope that it will be useful,      *

  12.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of       *

  13.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *

  14.  *  GNU General Public License for more details.                         *

  15.  *                                                                       *

  16.  *  You should have received a copy of the GNU General Public License    *

  17.  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.*

  18.  *************************************************************************/

  19. 

  20. #include "fs/luks.h"

  21. #include "fs/lvm2_pv.h"

  22. 

  23. #include "fs/filesystemfactory.h"

  24. 

  25. #include "util/externalcommand.h"

  26. #include "util/capacity.h"

  27. #include "util/helpers.h"

  28. #include "util/report.h"

  29. 

  30. #include <cmath>

  31. 

  32. #include <QDebug>

  33. #include <QDialog>

  34. #include <QJsonArray>

  35. #include <QJsonObject>

  36. #include <QJsonDocument>

  37. #include <QRegularExpression>

  38. #include <QPointer>

  39. #include <QStorageInfo>

  40. #include <QString>

  41. #include <QUuid>

  42. #include <QWidget>

  43. 

  44. #include <KLocalizedString>

  45. #include <KPasswordDialog>

  46. 

  47. namespace FS

  48. {

  49. FileSystem::CommandSupportType luks::m_GetUsed = FileSystem::cmdSupportNone;

  50. FileSystem::CommandSupportType luks::m_GetLabel = FileSystem::cmdSupportNone;

  51. FileSystem::CommandSupportType luks::m_Create = FileSystem::cmdSupportNone;

  52. FileSystem::CommandSupportType luks::m_Grow = FileSystem::cmdSupportNone;

  53. FileSystem::CommandSupportType luks::m_Shrink = FileSystem::cmdSupportNone;

  54. FileSystem::CommandSupportType luks::m_Move = FileSystem::cmdSupportNone;

  55. FileSystem::CommandSupportType luks::m_Check = FileSystem::cmdSupportNone;

  56. FileSystem::CommandSupportType luks::m_Copy = FileSystem::cmdSupportNone;

  57. FileSystem::CommandSupportType luks::m_Backup = FileSystem::cmdSupportNone;

  58. FileSystem::CommandSupportType luks::m_SetLabel = FileSystem::cmdSupportNone;

  59. FileSystem::CommandSupportType luks::m_UpdateUUID = FileSystem::cmdSupportNone;

  60. FileSystem::CommandSupportType luks::m_GetUUID = FileSystem::cmdSupportNone;

  61. 

  62. luks::luks(qint64 firstsector,

  63.            qint64 lastsector,

  64.            qint64 sectorsused,

  65.            const QString& label,

  66.            FileSystem::Type t)

  67.     : FileSystem(firstsector, lastsector, sectorsused, label, t)

  68.     , m_innerFs(nullptr)

  69.     , m_isCryptOpen(false)

  70.     , m_cryptsetupFound(m_Create != cmdSupportNone)

  71.     , m_isMounted(false)

  72.     , m_KeySize(-1)

  73.     , m_PayloadOffset(-1)

  74. {

  75. }

  76. 

  77. luks::~luks()

  78. {

  79.     delete m_innerFs;

  80. }

  81. 

  82. void luks::init()

  83. {

  84.     CommandSupportType cryptsetupFound = findExternal(QStringLiteral("cryptsetup")) ? cmdSupportFileSystem : cmdSupportNone;

  85. 

  86.     m_Create     = cryptsetupFound;

  87.     m_UpdateUUID = cryptsetupFound;

  88.     m_GetUUID    = cryptsetupFound;

  89.     m_Grow       = cryptsetupFound;

  90.     m_Shrink     = cryptsetupFound;

  91. 

  92.     m_SetLabel = cmdSupportNone;

  93.     m_GetLabel = cmdSupportFileSystem;

  94.     m_Check = cmdSupportCore;

  95.     m_Copy = cmdSupportCore;

  96.     m_Move = cmdSupportCore;

  97.     m_Backup = cmdSupportCore;

  98.     m_GetUsed = cmdSupportNone; // libparted does not support LUKS, we do this as a special case

  99. }

  100. 

  101. void luks::scan(const QString& deviceNode)

  102. {

  103.     getMapperName(deviceNode);

  104.     getLuksInfo(deviceNode);

  105. }

  106. 

  107. bool luks::supportToolFound() const

  108. {

  109.     return m_cryptsetupFound && ((m_isCryptOpen && m_innerFs) ? m_innerFs->supportToolFound() : true);

  110. }

  111. 

  112. FileSystem::SupportTool luks::supportToolName() const

  113. {

  114.     if (m_isCryptOpen && m_innerFs && m_cryptsetupFound)

  115.         return m_innerFs->supportToolName();

  116.     return SupportTool(QStringLiteral("cryptsetup"),

  117.                        QUrl(QStringLiteral("https://code.google.com/p/cryptsetup/")));

  118. }

  119. 

  120. bool luks::create(Report& report, const QString& deviceNode)

  121. {

  122.     Q_ASSERT(m_innerFs);

  123.     Q_ASSERT(!m_passphrase.isEmpty());

  124. 

  125.     ExternalCommand createCmd(report, QStringLiteral("cryptsetup"),

  126.                               { QStringLiteral("-s"),

  127.                                 QStringLiteral("512"),

  128.                                 QStringLiteral("--batch-mode"),

  129.                                 QStringLiteral("--force-password"),

  130.                                 QStringLiteral("--type"), QStringLiteral("luks1"),

  131.                                 QStringLiteral("luksFormat"),

  132.                                 deviceNode });

  133.     if (!( createCmd.write(m_passphrase.toLocal8Bit() + '\n') &&

  134.                 createCmd.start(-1) && createCmd.exitCode() == 0))

  135.     {

  136.         return false;

  137.     }

  138. 

  139.     ExternalCommand openCmd(report, QStringLiteral("cryptsetup"),

  140.                               { QStringLiteral("open"),

  141.                                 deviceNode,

  142.                                 suggestedMapperName(deviceNode) });

  143. 

  144.     if (!( openCmd.write(m_passphrase.toLocal8Bit() + '\n') && openCmd.start(-1)))

  145.         return false;

  146. 

  147.     setPayloadSize();

  148.     scan(deviceNode);

  149. 

  150.     if (mapperName().isEmpty())

  151.         return false;

  152. 

  153.     if (!m_innerFs->create(report, mapperName()))

  154.         return false;

  155. 

  156.     return true;

  157. }

  158. 

  159. QString luks::mountTitle() const

  160. {

  161.     return xi18nc("@title:menu", "Mount");

  162. }

  163. 

  164. QString luks::unmountTitle() const

  165. {

  166.     return xi18nc("@title:menu", "Unmount");

  167. }

  168. 

  169. QString luks::cryptOpenTitle() const

  170. {

  171.     return xi18nc("@title:menu", "Unlock");

  172. }

  173. 

  174. QString luks::cryptCloseTitle() const

  175. {

  176.     return xi18nc("@title:menu", "Lock");

  177. }

  178. 

  179. void luks::setPassphrase(const QString& passphrase)

  180. {

  181.     m_passphrase = passphrase;

  182. }

  183. 

  184. QString luks::passphrase() const

  185. {

  186.     return m_passphrase;

  187. }

  188. 

  189. bool luks::canMount(const QString&, const QString& mountPoint) const

  190. {

  191.     return m_isCryptOpen &&

  192.            !m_isMounted &&

  193.            m_innerFs &&

  194.            m_innerFs->canMount(mapperName(), mountPoint);

  195. }

  196. 

  197. bool luks::canUnmount(const QString&) const

  198. {

  199.     return m_isCryptOpen &&

  200.            m_isMounted &&

  201.            m_innerFs &&

  202.            m_innerFs->canUnmount(mapperName());

  203. }

  204. 

  205. bool luks::isMounted() const

  206. {

  207.     return m_isCryptOpen && m_isMounted;

  208. }

  209. 

  210. void luks::setMounted(bool mounted)

  211. {

  212.     m_isMounted = mounted;

  213. }

  214. 

  215. bool luks::canCryptOpen(const QString&) const

  216. {

  217.     return !m_isCryptOpen && !m_isMounted && supportToolFound();

  218. }

  219. 

  220. bool luks::canCryptClose(const QString&) const

  221. {

  222.     return m_isCryptOpen && !m_isMounted && m_cryptsetupFound;

  223. }

  224. 

  225. bool luks::isCryptOpen() const

  226. {

  227.     return m_isCryptOpen;

  228. }

  229. 

  230. void luks::setCryptOpen(bool cryptOpen)

  231. {

  232.     m_isCryptOpen = cryptOpen;

  233. }

  234. 

  235. bool luks::cryptOpen(QWidget* parent, const QString& deviceNode)

  236. {

  237.     if (m_isCryptOpen)

  238.     {

  239.         if (!mapperName().isEmpty())

  240.         {

  241.             qWarning() << "LUKS device" << deviceNode

  242.                        << "already decrypted."

  243.                        << "Cannot decrypt again.";

  244.             return false;

  245.         }

  246.         else

  247.         {

  248.             qWarning() << "LUKS device" << deviceNode

  249.                        << "reportedly decrypted but mapper node not found."

  250.                        << "Marking device as NOT decrypted and trying to "

  251.                           "decrypt again anyway.";

  252.             m_isCryptOpen = false;

  253.         }

  254.     }

  255. 

  256.     KPasswordDialog dlg( parent );

  257.     dlg.setPrompt(i18n("Enter passphrase for %1:", deviceNode));

  258.     if( !dlg.exec() )

  259.         return false;

  260. 

  261.     QString passphrase = dlg.password();

  262.     ExternalCommand openCmd(QStringLiteral("cryptsetup"),

  263.                               { QStringLiteral("open"),

  264.                                 QStringLiteral("--tries"), QStringLiteral("1"),

  265.                                 deviceNode,

  266.                                 suggestedMapperName(deviceNode) });

  267. 

  268.     if (!( openCmd.write(passphrase.toLocal8Bit() + '\n') &&

  269.                     openCmd.start(-1) && openCmd.exitCode() == 0) )

  270.         return false;

  271. 

  272.     if (m_innerFs) {

  273.         delete m_innerFs;

  274.         m_innerFs = nullptr;

  275.     }

  276. 

  277.     scan(deviceNode);

  278. 

  279.     if (mapperName().isEmpty())

  280.         return false;

  281. 

  282.     loadInnerFileSystem(mapperName());

  283.     m_isCryptOpen = (m_innerFs != nullptr);

  284. 

  285.     if (!m_isCryptOpen)

  286.         return false;

  287. 

  288.     for (auto &p : LVM::pvList::list())

  289.         if (p.isLuks() && p.partition()->deviceNode() == deviceNode && p.partition()->fileSystem().type() == FileSystem::Type::Lvm2_PV)

  290.             p.setLuks(false);

  291. 

  292.     m_passphrase = passphrase;

  293.     return true;

  294. }

  295. 

  296. bool luks::cryptClose(const QString& deviceNode)

  297. {

  298.     if (!m_isCryptOpen)

  299.     {

  300.         qWarning() << "Cannot close LUKS device" << deviceNode

  301.                    << "because it's not open.";

  302.         return false;

  303.     }

  304. 

  305.     if (m_isMounted)

  306.     {

  307.         qWarning() << "Cannot close LUKS device" << deviceNode

  308.                    << "because the filesystem is mounted.";

  309.         return false;

  310.     }

  311. 

  312.     ExternalCommand cmd(QStringLiteral("cryptsetup"),

  313.                         { QStringLiteral("close"), mapperName() });

  314.     if (!(cmd.run(-1) && cmd.exitCode() == 0))

  315.         return false;

  316. 

  317.     delete m_innerFs;

  318.     m_innerFs = nullptr;

  319. 

  320.     m_passphrase.clear();

  321.     setLabel(FileSystem::readLabel(deviceNode));

  322.     setUUID(readUUID(deviceNode));

  323.     setSectorsUsed(-1);

  324. 

  325.     m_isCryptOpen = (m_innerFs != nullptr);

  326. 

  327.     for (auto &p : LVM::pvList::list())

  328.         if (!p.isLuks() && p.partition()->deviceNode() == deviceNode)

  329.             p.setLuks(true);

  330. 

  331.     return true;

  332. }

  333. 

  334. void luks::loadInnerFileSystem(const QString& mapperNode)

  335. {

  336.     Q_ASSERT(!m_innerFs);

  337.     FileSystem::Type innerFsType = detectFileSystem(mapperNode);

  338.     m_innerFs = FileSystemFactory::cloneWithNewType(innerFsType,

  339.                                                     *this);

  340.     setLabel(m_innerFs->readLabel(mapperNode));

  341.     setUUID(m_innerFs->readUUID(mapperNode));

  342.     if (m_innerFs->supportGetUsed() == FileSystem::cmdSupportFileSystem)

  343.         setSectorsUsed(static_cast<qint64>(std::ceil((m_innerFs->readUsedCapacity(mapperNode) + payloadOffset()) / static_cast<double>(sectorSize()) )));

  344.     m_innerFs->scan(mapperNode);

  345. }

  346. 

  347. void luks::createInnerFileSystem(FileSystem::Type type)

  348. {

  349.     Q_ASSERT(!m_innerFs);

  350.     m_innerFs = FileSystemFactory::cloneWithNewType(type, *this);

  351. }

  352. 

  353. bool luks::check(Report& report, const QString&) const

  354. {

  355.     Q_ASSERT(m_innerFs);

  356. 

  357.     if (mapperName().isEmpty())

  358.         return false;

  359. 

  360.     return m_innerFs->check(report, mapperName());

  361. }

  362. 

  363. qint64 luks::readUsedCapacity(const QString& deviceNode) const

  364. {

  365.     if (!m_isCryptOpen)

  366.         return -1;

  367.     if (m_innerFs)

  368.         return m_innerFs->readUsedCapacity(deviceNode);

  369.     return -1;

  370. }

  371. 

  372. bool luks::mount(Report& report, const QString& deviceNode, const QString& mountPoint)

  373. {

  374.     if (!m_isCryptOpen)

  375.     {

  376.         qWarning() << "Cannot mount device" << deviceNode

  377.                    << "before decrypting it first.";

  378.         return false;

  379.     }

  380. 

  381.     if (m_isMounted)

  382.     {

  383.         qWarning() << "Cannot mount device" << deviceNode

  384.                    << "because it's already mounted.";

  385.         return false;

  386.     }

  387. 

  388.     Q_ASSERT(m_innerFs);

  389. 

  390.     if (mapperName().isEmpty())

  391.         return false;

  392. 

  393.     if (m_innerFs->canMount(mapperName(), mountPoint))

  394.     {

  395.         if (m_innerFs->mount(report, mapperName(), mountPoint))

  396.         {

  397.             m_isMounted = true;

  398. 

  399.             const QStorageInfo storageInfo = QStorageInfo(mountPoint);

  400.             if (storageInfo.isValid() && !mountPoint.isEmpty())

  401.                 setSectorsUsed( (storageInfo.bytesTotal() - storageInfo.bytesFree() + payloadOffset()) / sectorSize());

  402. 

  403.             return true;

  404.         }

  405.     }

  406.     else {

  407.         ExternalCommand mountCmd(

  408.                 report,

  409.                 QStringLiteral("mount"),

  410.                 { QStringLiteral("--verbose"), mapperName(), mountPoint });

  411.         if (mountCmd.run() && mountCmd.exitCode() == 0)

  412.         {

  413.             m_isMounted = true;

  414.             return true;

  415.         }

  416.     }

  417.     return false;

  418. }

  419. 

  420. bool luks::unmount(Report& report, const QString& deviceNode)

  421. {

  422.     if (!m_isCryptOpen)

  423.     {

  424.         qWarning() << "Cannot unmount device" << deviceNode

  425.                    << "before decrypting it first.";

  426.         return false;

  427.     }

  428. 

  429.     if (!m_isMounted)

  430.     {

  431.         qWarning() << "Cannot unmount device" << deviceNode

  432.                    << "because it's not mounted.";

  433.         return false;

  434.     }

  435. 

  436.     Q_ASSERT(m_innerFs);

  437. 

  438.     if (mapperName().isEmpty())

  439.         return false;

  440. 

  441.     if (m_innerFs->canUnmount(mapperName()))

  442.     {

  443.         if (m_innerFs->unmount(report, mapperName()))

  444.         {

  445.             m_isMounted = false;

  446.             return true;

  447.         }

  448.     }

  449.     else {

  450.         ExternalCommand unmountCmd( report,

  451.                 QStringLiteral("umount"),

  452.                 { QStringLiteral("--verbose"), QStringLiteral("--all-targets"), mapperName() });

  453.         if (unmountCmd.run() && unmountCmd.exitCode() == 0)

  454.         {

  455.             m_isMounted = false;

  456.             return true;

  457.         }

  458.     }

  459.     return false;

  460. }

  461. 

  462. FileSystem::Type luks::type() const

  463. {

  464.     if (m_isCryptOpen && m_innerFs)

  465.         return m_innerFs->type();

  466.     return FileSystem::Type::Luks;

  467. }

  468. 

  469. QString luks::suggestedMapperName(const QString& deviceNode) const

  470. {

  471.     return QStringLiteral("luks-") + readOuterUUID(deviceNode);

  472. }

  473. 

  474. QString luks::readLabel(const QString& deviceNode) const

  475. {

  476.     if (m_isCryptOpen && m_innerFs)

  477.         return m_innerFs->readLabel(mapperName());

  478. 

  479.     return FileSystem::readLabel(deviceNode);

  480. }

  481. 

  482. bool luks::writeLabel(Report& report, const QString&, const QString& newLabel)

  483. {

  484.     Q_ASSERT(m_innerFs);

  485.     return m_innerFs->writeLabel(report, mapperName(), newLabel);

  486. }

  487. 

  488. bool luks::resize(Report& report, const QString& deviceNode, qint64 newLength) const

  489. {

  490.     Q_ASSERT(m_innerFs);

  491. 

  492.     if (mapperName().isEmpty())

  493.         return false;

  494. 

  495.     if ( newLength - length() * sectorSize() > 0 )

  496.     {

  497.         ExternalCommand cryptResizeCmd(report, QStringLiteral("cryptsetup"), { QStringLiteral("resize"), mapperName() });

  498.         report.line() << xi18nc("@info:progress", "Resizing LUKS crypt on partition <filename>%1</filename>.", deviceNode);

  499. 

  500.         if (cryptResizeCmd.run(-1) && cryptResizeCmd.exitCode() == 0)

  501.             return m_innerFs->resize(report, mapperName(), m_PayloadSize);

  502.     }

  503.     else if (m_innerFs->resize(report, mapperName(), m_PayloadSize))

  504.     {

  505.         ExternalCommand cryptResizeCmd(report, QStringLiteral("cryptsetup"),

  506.                 {  QStringLiteral("--size"), QString::number(m_PayloadSize / 512), // LUKS1 payload length is specified in multiples of 512 bytes

  507.                    QStringLiteral("resize"), mapperName() });

  508.         report.line() << xi18nc("@info:progress", "Resizing LUKS crypt on partition <filename>%1</filename>.", deviceNode);

  509.         if (cryptResizeCmd.run(-1) && cryptResizeCmd.exitCode() == 0)

  510.             return true;

  511.     }

  512.     report.line() << xi18nc("@info:progress", "Resizing encrypted file system on partition <filename>%1</filename> failed.", deviceNode);

  513.     return false;

  514. }

  515. 

  516. bool luks::resizeOnline(Report& report, const QString& deviceNode, const QString& mountPoint, qint64 length) const

  517. {

  518.     Q_UNUSED(mountPoint)

  519.     return resize(report, deviceNode, length);

  520. }

  521. 

  522. QString luks::readUUID(const QString& deviceNode) const

  523. {

  524.     QString outerUuid = readOuterUUID(deviceNode);

  525.     if (m_isCryptOpen && m_innerFs)

  526.         return m_innerFs->readUUID(mapperName());

  527.     return outerUuid;

  528. }

  529. 

  530. QString luks::readOuterUUID(const QString &deviceNode) const

  531. {

  532.     if ( deviceNode.isEmpty() )

  533.         return QString();

  534. 

  535.     ExternalCommand cmd(QStringLiteral("cryptsetup"),

  536.                         { QStringLiteral("luksUUID"), deviceNode });

  537.     if (cmd.run()) {

  538.         if ( cmd.exitCode() )

  539.         {

  540.             qWarning() << "Cannot get luksUUID for device" << deviceNode

  541.                        << "\tcryptsetup exit code" << cmd.exitCode()

  542.                        << "\toutput:" << cmd.output().trimmed();

  543.             return QString();

  544.         }

  545.         QString outerUuid = cmd.output().trimmed();

  546.         const_cast< QString& >( m_outerUuid ) = outerUuid;

  547.         return outerUuid;

  548.     }

  549.     return QStringLiteral("---");

  550. }

  551. 

  552. bool luks::updateUUID(Report& report, const QString& deviceNode) const

  553. {

  554.     const QString uuid = QUuid::createUuid().toString().remove(QRegularExpression(QStringLiteral("\\{|\\}")));

  555. 

  556.     ExternalCommand cmd(report,

  557.                         QStringLiteral("cryptsetup"),

  558.                         { QStringLiteral("luksUUID"),

  559.                           deviceNode,

  560.                           QStringLiteral("--uuid"),

  561.                           uuid });

  562.     return cmd.run(-1) && cmd.exitCode() == 0;

  563. }

  564. 

  565. void luks::getMapperName(const QString& deviceNode)

  566. {

  567.     ExternalCommand cmd(QStringLiteral("lsblk"),

  568.                         { QStringLiteral("--list"),

  569.                           QStringLiteral("--noheadings"),

  570.                           QStringLiteral("--paths"),

  571.                           QStringLiteral("--json"),

  572.                           QStringLiteral("--output"),

  573.                           QStringLiteral("type,name"),

  574.                           deviceNode });

  575.     m_MapperName = QString();

  576. 

  577.     if (cmd.run(-1) && cmd.exitCode() == 0) {

  578.         const QJsonDocument jsonDocument = QJsonDocument::fromJson(cmd.rawOutput());

  579.         QJsonObject jsonObject = jsonDocument.object();

  580.         const QJsonArray jsonArray = jsonObject[QLatin1String("blockdevices")].toArray();

  581.         for (const auto &deviceLine : jsonArray) {

  582.             QJsonObject deviceObject = deviceLine.toObject();

  583.             if (deviceObject[QLatin1String("type")].toString() == QLatin1String("crypt")) {

  584.                 m_MapperName = deviceObject[QLatin1String("name")].toString();

  585.                 break;

  586.             }

  587.         }

  588.     }

  589. }

  590. 

  591. void luks::getLuksInfo(const QString& deviceNode)

  592. {

  593.     ExternalCommand cmd(QStringLiteral("cryptsetup"), { QStringLiteral("luksDump"), deviceNode });

  594.     if (cmd.run(-1) && cmd.exitCode() == 0) {

  595.         QRegularExpression re(QStringLiteral("Cipher name:\\s+(\\w+)"));

  596.         QRegularExpressionMatch rem = re.match(cmd.output());

  597.         if (rem.hasMatch())

  598.             m_CipherName = rem.captured(1);

  599.         else

  600.             m_CipherName = QLatin1String("---");

  601. 

  602.         re.setPattern(QStringLiteral("Cipher mode:\\s+(\\w+)"));

  603.         rem = re.match(cmd.output());

  604.         if (rem.hasMatch())

  605.             m_CipherMode = rem.captured(1);

  606.         else

  607.             m_CipherMode = QLatin1String("---");

  608. 

  609.         re.setPattern(QStringLiteral("Hash spec:\\s+(\\w+)"));

  610.         rem = re.match(cmd.output());

  611.         if (rem.hasMatch())

  612.             m_HashName = rem.captured(1);

  613.         else

  614.             m_HashName = QLatin1String("---");

  615. 

  616.         re.setPattern(QStringLiteral("MK bits:\\s+(\\d+)"));

  617.         rem = re.match(cmd.output());

  618.         if (rem.hasMatch())

  619.             m_KeySize = rem.captured(1).toLongLong();

  620.         else

  621.             m_KeySize = -1;

  622. 

  623.         re.setPattern(QStringLiteral("Payload offset:\\s+(\\d+)"));

  624.         rem = re.match(cmd.output());

  625.         if (rem.hasMatch())

  626.             m_PayloadOffset = rem.captured(1).toLongLong() * 512; // assuming LUKS sector size is 512;

  627.         else

  628.             m_PayloadOffset = -1;

  629. 

  630.     }

  631.     else {

  632.         m_CipherName = QLatin1String("---");

  633.         m_CipherMode = QLatin1String("---");

  634.         m_HashName = QLatin1String("---");

  635.         m_KeySize = -1;

  636.         m_PayloadOffset = -1;

  637.     }

  638. }

  639. 

  640. QString luks::outerUuid() const

  641. {

  642.     return m_outerUuid;

  643. }

  644. 

  645. bool luks::canEncryptType(FileSystem::Type type)

  646. {

  647.     switch (type)

  648.     {

  649.         case Type::Btrfs:

  650.         case Type::F2fs:

  651.         case Type::Ext2:

  652.         case Type::Ext3:

  653.         case Type::Ext4:

  654.         case Type::Jfs:

  655.         case Type::LinuxSwap:

  656.         case Type::Lvm2_PV:

  657.         case Type::Nilfs2:

  658.         case Type::ReiserFS:

  659.         case Type::Reiser4:

  660.         case Type::Xfs:

  661.         case Type::Zfs:

  662.             return true;

  663.         default:

  664.             return false;

  665.     }

  666. }

  667. 

  668. void luks::initLUKS()

  669. {

  670.     setPayloadSize();

  671.     QString mapperNode = mapperName();

  672.     bool isCryptOpen = !mapperNode.isEmpty();

  673.     setCryptOpen(isCryptOpen);

  674.     if (isCryptOpen) {

  675.         loadInnerFileSystem(mapperNode);

  676.         setMounted(detectMountStatus(innerFS(), mapperNode));

  677.     }

  678. }

  679. 

  680. void luks::setPayloadSize()

  681. {

  682.     ExternalCommand dmsetupCmd(QStringLiteral("dmsetup"), { QStringLiteral("table"), mapperName() });

  683.     dmsetupCmd.run();

  684.     QRegularExpression re(QStringLiteral("\\d+ (\\d+)"));

  685.     QRegularExpressionMatch rem = re.match(dmsetupCmd.output());

  686.     if (rem.hasMatch())

  687.         m_PayloadSize = rem.captured(1).toLongLong() * sectorSize();

  688. }

  689. 

  690. bool luks::testPassphrase(const QString& deviceNode, const QString& passphrase) const {

  691.     ExternalCommand cmd(QStringLiteral("cryptsetup"), { QStringLiteral("open"), QStringLiteral("--tries"), QStringLiteral("1"), QStringLiteral("--test-passphrase"), deviceNode });

  692.     if (cmd.write(passphrase.toLocal8Bit() + '\n') && cmd.start(-1) && cmd.exitCode() == 0)

  693.         return true;

  694. 

  695.     return false;

  696. }

  697. 

  698. }