Library for managing partitions. Common code for KDE Partition Manager and other projects. https://www.kde.org/applications/system/kdepartitionmanager/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

luks.cpp 21KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698
  1. /*************************************************************************
  2. * Copyright (C) 2012 by Volker Lanz <vl@fidra.de> *
  3. * Copyright (C) 2013-2017 by Andrius Štikonas <andrius@stikonas.eu> *
  4. * Copyright (C) 2015-2016 by Teo Mrnjavac <teo@kde.org> *
  5. * *
  6. * This program is free software; you can redistribute it and/or *
  7. * modify it under the terms of the GNU General Public License as *
  8. * published by the Free Software Foundation; either version 3 of *
  9. * the License, or (at your option) any later version. *
  10. * *
  11. * This program is distributed in the hope that it will be useful, *
  12. * but WITHOUT ANY WARRANTY; without even the implied warranty of *
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
  14. * GNU General Public License for more details. *
  15. * *
  16. * You should have received a copy of the GNU General Public License *
  17. * along with this program. If not, see <http://www.gnu.org/licenses/>.*
  18. *************************************************************************/
  19. #include "fs/luks.h"
  20. #include "fs/lvm2_pv.h"
  21. #include "fs/filesystemfactory.h"
  22. #include "util/externalcommand.h"
  23. #include "util/capacity.h"
  24. #include "util/helpers.h"
  25. #include "util/report.h"
  26. #include <cmath>
  27. #include <QDebug>
  28. #include <QDialog>
  29. #include <QJsonArray>
  30. #include <QJsonObject>
  31. #include <QJsonDocument>
  32. #include <QRegularExpression>
  33. #include <QPointer>
  34. #include <QStorageInfo>
  35. #include <QString>
  36. #include <QUuid>
  37. #include <QWidget>
  38. #include <KLocalizedString>
  39. #include <KPasswordDialog>
  40. namespace FS
  41. {
  42. FileSystem::CommandSupportType luks::m_GetUsed = FileSystem::cmdSupportNone;
  43. FileSystem::CommandSupportType luks::m_GetLabel = FileSystem::cmdSupportNone;
  44. FileSystem::CommandSupportType luks::m_Create = FileSystem::cmdSupportNone;
  45. FileSystem::CommandSupportType luks::m_Grow = FileSystem::cmdSupportNone;
  46. FileSystem::CommandSupportType luks::m_Shrink = FileSystem::cmdSupportNone;
  47. FileSystem::CommandSupportType luks::m_Move = FileSystem::cmdSupportNone;
  48. FileSystem::CommandSupportType luks::m_Check = FileSystem::cmdSupportNone;
  49. FileSystem::CommandSupportType luks::m_Copy = FileSystem::cmdSupportNone;
  50. FileSystem::CommandSupportType luks::m_Backup = FileSystem::cmdSupportNone;
  51. FileSystem::CommandSupportType luks::m_SetLabel = FileSystem::cmdSupportNone;
  52. FileSystem::CommandSupportType luks::m_UpdateUUID = FileSystem::cmdSupportNone;
  53. FileSystem::CommandSupportType luks::m_GetUUID = FileSystem::cmdSupportNone;
  54. luks::luks(qint64 firstsector,
  55. qint64 lastsector,
  56. qint64 sectorsused,
  57. const QString& label,
  58. FileSystem::Type t)
  59. : FileSystem(firstsector, lastsector, sectorsused, label, t)
  60. , m_innerFs(nullptr)
  61. , m_isCryptOpen(false)
  62. , m_cryptsetupFound(m_Create != cmdSupportNone)
  63. , m_isMounted(false)
  64. , m_KeySize(-1)
  65. , m_PayloadOffset(-1)
  66. {
  67. }
  68. luks::~luks()
  69. {
  70. delete m_innerFs;
  71. }
  72. void luks::init()
  73. {
  74. CommandSupportType cryptsetupFound = findExternal(QStringLiteral("cryptsetup")) ? cmdSupportFileSystem : cmdSupportNone;
  75. m_Create = cryptsetupFound;
  76. m_UpdateUUID = cryptsetupFound;
  77. m_GetUUID = cryptsetupFound;
  78. m_Grow = cryptsetupFound;
  79. m_Shrink = cryptsetupFound;
  80. m_SetLabel = cmdSupportNone;
  81. m_GetLabel = cmdSupportFileSystem;
  82. m_Check = cmdSupportCore;
  83. m_Copy = cmdSupportCore;
  84. m_Move = cmdSupportCore;
  85. m_Backup = cmdSupportCore;
  86. m_GetUsed = cmdSupportNone; // libparted does not support LUKS, we do this as a special case
  87. }
  88. void luks::scan(const QString& deviceNode)
  89. {
  90. getMapperName(deviceNode);
  91. getLuksInfo(deviceNode);
  92. }
  93. bool luks::supportToolFound() const
  94. {
  95. return m_cryptsetupFound && ((m_isCryptOpen && m_innerFs) ? m_innerFs->supportToolFound() : true);
  96. }
  97. FileSystem::SupportTool luks::supportToolName() const
  98. {
  99. if (m_isCryptOpen && m_innerFs && m_cryptsetupFound)
  100. return m_innerFs->supportToolName();
  101. return SupportTool(QStringLiteral("cryptsetup"),
  102. QUrl(QStringLiteral("https://code.google.com/p/cryptsetup/")));
  103. }
  104. bool luks::create(Report& report, const QString& deviceNode)
  105. {
  106. Q_ASSERT(m_innerFs);
  107. Q_ASSERT(!m_passphrase.isEmpty());
  108. ExternalCommand createCmd(report, QStringLiteral("cryptsetup"),
  109. { QStringLiteral("-s"),
  110. QStringLiteral("512"),
  111. QStringLiteral("--batch-mode"),
  112. QStringLiteral("--force-password"),
  113. QStringLiteral("--type"), QStringLiteral("luks1"),
  114. QStringLiteral("luksFormat"),
  115. deviceNode });
  116. if (!( createCmd.write(m_passphrase.toLocal8Bit() + '\n') &&
  117. createCmd.start(-1) && createCmd.exitCode() == 0))
  118. {
  119. return false;
  120. }
  121. ExternalCommand openCmd(report, QStringLiteral("cryptsetup"),
  122. { QStringLiteral("open"),
  123. deviceNode,
  124. suggestedMapperName(deviceNode) });
  125. if (!( openCmd.write(m_passphrase.toLocal8Bit() + '\n') && openCmd.start(-1)))
  126. return false;
  127. setPayloadSize();
  128. scan(deviceNode);
  129. if (mapperName().isEmpty())
  130. return false;
  131. if (!m_innerFs->create(report, mapperName()))
  132. return false;
  133. return true;
  134. }
  135. QString luks::mountTitle() const
  136. {
  137. return xi18nc("@title:menu", "Mount");
  138. }
  139. QString luks::unmountTitle() const
  140. {
  141. return xi18nc("@title:menu", "Unmount");
  142. }
  143. QString luks::cryptOpenTitle() const
  144. {
  145. return xi18nc("@title:menu", "Unlock");
  146. }
  147. QString luks::cryptCloseTitle() const
  148. {
  149. return xi18nc("@title:menu", "Lock");
  150. }
  151. void luks::setPassphrase(const QString& passphrase)
  152. {
  153. m_passphrase = passphrase;
  154. }
  155. QString luks::passphrase() const
  156. {
  157. return m_passphrase;
  158. }
  159. bool luks::canMount(const QString&, const QString& mountPoint) const
  160. {
  161. return m_isCryptOpen &&
  162. !m_isMounted &&
  163. m_innerFs &&
  164. m_innerFs->canMount(mapperName(), mountPoint);
  165. }
  166. bool luks::canUnmount(const QString&) const
  167. {
  168. return m_isCryptOpen &&
  169. m_isMounted &&
  170. m_innerFs &&
  171. m_innerFs->canUnmount(mapperName());
  172. }
  173. bool luks::isMounted() const
  174. {
  175. return m_isCryptOpen && m_isMounted;
  176. }
  177. void luks::setMounted(bool mounted)
  178. {
  179. m_isMounted = mounted;
  180. }
  181. bool luks::canCryptOpen(const QString&) const
  182. {
  183. return !m_isCryptOpen && !m_isMounted && supportToolFound();
  184. }
  185. bool luks::canCryptClose(const QString&) const
  186. {
  187. return m_isCryptOpen && !m_isMounted && m_cryptsetupFound;
  188. }
  189. bool luks::isCryptOpen() const
  190. {
  191. return m_isCryptOpen;
  192. }
  193. void luks::setCryptOpen(bool cryptOpen)
  194. {
  195. m_isCryptOpen = cryptOpen;
  196. }
  197. bool luks::cryptOpen(QWidget* parent, const QString& deviceNode)
  198. {
  199. if (m_isCryptOpen)
  200. {
  201. if (!mapperName().isEmpty())
  202. {
  203. qWarning() << "LUKS device" << deviceNode
  204. << "already decrypted."
  205. << "Cannot decrypt again.";
  206. return false;
  207. }
  208. else
  209. {
  210. qWarning() << "LUKS device" << deviceNode
  211. << "reportedly decrypted but mapper node not found."
  212. << "Marking device as NOT decrypted and trying to "
  213. "decrypt again anyway.";
  214. m_isCryptOpen = false;
  215. }
  216. }
  217. KPasswordDialog dlg( parent );
  218. dlg.setPrompt(i18n("Enter passphrase for %1:", deviceNode));
  219. if( !dlg.exec() )
  220. return false;
  221. QString passphrase = dlg.password();
  222. ExternalCommand openCmd(QStringLiteral("cryptsetup"),
  223. { QStringLiteral("open"),
  224. QStringLiteral("--tries"), QStringLiteral("1"),
  225. deviceNode,
  226. suggestedMapperName(deviceNode) });
  227. if (!( openCmd.write(passphrase.toLocal8Bit() + '\n') &&
  228. openCmd.start(-1) && openCmd.exitCode() == 0) )
  229. return false;
  230. if (m_innerFs) {
  231. delete m_innerFs;
  232. m_innerFs = nullptr;
  233. }
  234. scan(deviceNode);
  235. if (mapperName().isEmpty())
  236. return false;
  237. loadInnerFileSystem(mapperName());
  238. m_isCryptOpen = (m_innerFs != nullptr);
  239. if (!m_isCryptOpen)
  240. return false;
  241. for (auto &p : LVM::pvList::list())
  242. if (p.isLuks() && p.partition()->deviceNode() == deviceNode && p.partition()->fileSystem().type() == FileSystem::Type::Lvm2_PV)
  243. p.setLuks(false);
  244. m_passphrase = passphrase;
  245. return true;
  246. }
  247. bool luks::cryptClose(const QString& deviceNode)
  248. {
  249. if (!m_isCryptOpen)
  250. {
  251. qWarning() << "Cannot close LUKS device" << deviceNode
  252. << "because it's not open.";
  253. return false;
  254. }
  255. if (m_isMounted)
  256. {
  257. qWarning() << "Cannot close LUKS device" << deviceNode
  258. << "because the filesystem is mounted.";
  259. return false;
  260. }
  261. ExternalCommand cmd(QStringLiteral("cryptsetup"),
  262. { QStringLiteral("close"), mapperName() });
  263. if (!(cmd.run(-1) && cmd.exitCode() == 0))
  264. return false;
  265. delete m_innerFs;
  266. m_innerFs = nullptr;
  267. m_passphrase.clear();
  268. setLabel(FileSystem::readLabel(deviceNode));
  269. setUUID(readUUID(deviceNode));
  270. setSectorsUsed(-1);
  271. m_isCryptOpen = (m_innerFs != nullptr);
  272. for (auto &p : LVM::pvList::list())
  273. if (!p.isLuks() && p.partition()->deviceNode() == deviceNode)
  274. p.setLuks(true);
  275. return true;
  276. }
  277. void luks::loadInnerFileSystem(const QString& mapperNode)
  278. {
  279. Q_ASSERT(!m_innerFs);
  280. FileSystem::Type innerFsType = detectFileSystem(mapperNode);
  281. m_innerFs = FileSystemFactory::cloneWithNewType(innerFsType,
  282. *this);
  283. setLabel(m_innerFs->readLabel(mapperNode));
  284. setUUID(m_innerFs->readUUID(mapperNode));
  285. if (m_innerFs->supportGetUsed() == FileSystem::cmdSupportFileSystem)
  286. setSectorsUsed(static_cast<qint64>(std::ceil((m_innerFs->readUsedCapacity(mapperNode) + payloadOffset()) / static_cast<double>(sectorSize()) )));
  287. m_innerFs->scan(mapperNode);
  288. }
  289. void luks::createInnerFileSystem(FileSystem::Type type)
  290. {
  291. Q_ASSERT(!m_innerFs);
  292. m_innerFs = FileSystemFactory::cloneWithNewType(type, *this);
  293. }
  294. bool luks::check(Report& report, const QString&) const
  295. {
  296. Q_ASSERT(m_innerFs);
  297. if (mapperName().isEmpty())
  298. return false;
  299. return m_innerFs->check(report, mapperName());
  300. }
  301. qint64 luks::readUsedCapacity(const QString& deviceNode) const
  302. {
  303. if (!m_isCryptOpen)
  304. return -1;
  305. if (m_innerFs)
  306. return m_innerFs->readUsedCapacity(deviceNode);
  307. return -1;
  308. }
  309. bool luks::mount(Report& report, const QString& deviceNode, const QString& mountPoint)
  310. {
  311. if (!m_isCryptOpen)
  312. {
  313. qWarning() << "Cannot mount device" << deviceNode
  314. << "before decrypting it first.";
  315. return false;
  316. }
  317. if (m_isMounted)
  318. {
  319. qWarning() << "Cannot mount device" << deviceNode
  320. << "because it's already mounted.";
  321. return false;
  322. }
  323. Q_ASSERT(m_innerFs);
  324. if (mapperName().isEmpty())
  325. return false;
  326. if (m_innerFs->canMount(mapperName(), mountPoint))
  327. {
  328. if (m_innerFs->mount(report, mapperName(), mountPoint))
  329. {
  330. m_isMounted = true;
  331. const QStorageInfo storageInfo = QStorageInfo(mountPoint);
  332. if (storageInfo.isValid() && !mountPoint.isEmpty())
  333. setSectorsUsed( (storageInfo.bytesTotal() - storageInfo.bytesFree() + payloadOffset()) / sectorSize());
  334. return true;
  335. }
  336. }
  337. else {
  338. ExternalCommand mountCmd(
  339. report,
  340. QStringLiteral("mount"),
  341. { QStringLiteral("--verbose"), mapperName(), mountPoint });
  342. if (mountCmd.run() && mountCmd.exitCode() == 0)
  343. {
  344. m_isMounted = true;
  345. return true;
  346. }
  347. }
  348. return false;
  349. }
  350. bool luks::unmount(Report& report, const QString& deviceNode)
  351. {
  352. if (!m_isCryptOpen)
  353. {
  354. qWarning() << "Cannot unmount device" << deviceNode
  355. << "before decrypting it first.";
  356. return false;
  357. }
  358. if (!m_isMounted)
  359. {
  360. qWarning() << "Cannot unmount device" << deviceNode
  361. << "because it's not mounted.";
  362. return false;
  363. }
  364. Q_ASSERT(m_innerFs);
  365. if (mapperName().isEmpty())
  366. return false;
  367. if (m_innerFs->canUnmount(mapperName()))
  368. {
  369. if (m_innerFs->unmount(report, mapperName()))
  370. {
  371. m_isMounted = false;
  372. return true;
  373. }
  374. }
  375. else {
  376. ExternalCommand unmountCmd( report,
  377. QStringLiteral("umount"),
  378. { QStringLiteral("--verbose"), QStringLiteral("--all-targets"), mapperName() });
  379. if (unmountCmd.run() && unmountCmd.exitCode() == 0)
  380. {
  381. m_isMounted = false;
  382. return true;
  383. }
  384. }
  385. return false;
  386. }
  387. FileSystem::Type luks::type() const
  388. {
  389. if (m_isCryptOpen && m_innerFs)
  390. return m_innerFs->type();
  391. return FileSystem::Type::Luks;
  392. }
  393. QString luks::suggestedMapperName(const QString& deviceNode) const
  394. {
  395. return QStringLiteral("luks-") + readOuterUUID(deviceNode);
  396. }
  397. QString luks::readLabel(const QString& deviceNode) const
  398. {
  399. if (m_isCryptOpen && m_innerFs)
  400. return m_innerFs->readLabel(mapperName());
  401. return FileSystem::readLabel(deviceNode);
  402. }
  403. bool luks::writeLabel(Report& report, const QString&, const QString& newLabel)
  404. {
  405. Q_ASSERT(m_innerFs);
  406. return m_innerFs->writeLabel(report, mapperName(), newLabel);
  407. }
  408. bool luks::resize(Report& report, const QString& deviceNode, qint64 newLength) const
  409. {
  410. Q_ASSERT(m_innerFs);
  411. if (mapperName().isEmpty())
  412. return false;
  413. if ( newLength - length() * sectorSize() > 0 )
  414. {
  415. ExternalCommand cryptResizeCmd(report, QStringLiteral("cryptsetup"), { QStringLiteral("resize"), mapperName() });
  416. report.line() << xi18nc("@info:progress", "Resizing LUKS crypt on partition <filename>%1</filename>.", deviceNode);
  417. if (cryptResizeCmd.run(-1) && cryptResizeCmd.exitCode() == 0)
  418. return m_innerFs->resize(report, mapperName(), m_PayloadSize);
  419. }
  420. else if (m_innerFs->resize(report, mapperName(), m_PayloadSize))
  421. {
  422. ExternalCommand cryptResizeCmd(report, QStringLiteral("cryptsetup"),
  423. { QStringLiteral("--size"), QString::number(m_PayloadSize / 512), // LUKS1 payload length is specified in multiples of 512 bytes
  424. QStringLiteral("resize"), mapperName() });
  425. report.line() << xi18nc("@info:progress", "Resizing LUKS crypt on partition <filename>%1</filename>.", deviceNode);
  426. if (cryptResizeCmd.run(-1) && cryptResizeCmd.exitCode() == 0)
  427. return true;
  428. }
  429. report.line() << xi18nc("@info:progress", "Resizing encrypted file system on partition <filename>%1</filename> failed.", deviceNode);
  430. return false;
  431. }
  432. bool luks::resizeOnline(Report& report, const QString& deviceNode, const QString& mountPoint, qint64 length) const
  433. {
  434. Q_UNUSED(mountPoint)
  435. return resize(report, deviceNode, length);
  436. }
  437. QString luks::readUUID(const QString& deviceNode) const
  438. {
  439. QString outerUuid = readOuterUUID(deviceNode);
  440. if (m_isCryptOpen && m_innerFs)
  441. return m_innerFs->readUUID(mapperName());
  442. return outerUuid;
  443. }
  444. QString luks::readOuterUUID(const QString &deviceNode) const
  445. {
  446. if ( deviceNode.isEmpty() )
  447. return QString();
  448. ExternalCommand cmd(QStringLiteral("cryptsetup"),
  449. { QStringLiteral("luksUUID"), deviceNode });
  450. if (cmd.run()) {
  451. if ( cmd.exitCode() )
  452. {
  453. qWarning() << "Cannot get luksUUID for device" << deviceNode
  454. << "\tcryptsetup exit code" << cmd.exitCode()
  455. << "\toutput:" << cmd.output().trimmed();
  456. return QString();
  457. }
  458. QString outerUuid = cmd.output().trimmed();
  459. const_cast< QString& >( m_outerUuid ) = outerUuid;
  460. return outerUuid;
  461. }
  462. return QStringLiteral("---");
  463. }
  464. bool luks::updateUUID(Report& report, const QString& deviceNode) const
  465. {
  466. const QString uuid = QUuid::createUuid().toString().remove(QRegularExpression(QStringLiteral("\\{|\\}")));
  467. ExternalCommand cmd(report,
  468. QStringLiteral("cryptsetup"),
  469. { QStringLiteral("luksUUID"),
  470. deviceNode,
  471. QStringLiteral("--uuid"),
  472. uuid });
  473. return cmd.run(-1) && cmd.exitCode() == 0;
  474. }
  475. void luks::getMapperName(const QString& deviceNode)
  476. {
  477. ExternalCommand cmd(QStringLiteral("lsblk"),
  478. { QStringLiteral("--list"),
  479. QStringLiteral("--noheadings"),
  480. QStringLiteral("--paths"),
  481. QStringLiteral("--json"),
  482. QStringLiteral("--output"),
  483. QStringLiteral("type,name"),
  484. deviceNode });
  485. m_MapperName = QString();
  486. if (cmd.run(-1) && cmd.exitCode() == 0) {
  487. const QJsonDocument jsonDocument = QJsonDocument::fromJson(cmd.rawOutput());
  488. QJsonObject jsonObject = jsonDocument.object();
  489. const QJsonArray jsonArray = jsonObject[QLatin1String("blockdevices")].toArray();
  490. for (const auto &deviceLine : jsonArray) {
  491. QJsonObject deviceObject = deviceLine.toObject();
  492. if (deviceObject[QLatin1String("type")].toString() == QLatin1String("crypt")) {
  493. m_MapperName = deviceObject[QLatin1String("name")].toString();
  494. break;
  495. }
  496. }
  497. }
  498. }
  499. void luks::getLuksInfo(const QString& deviceNode)
  500. {
  501. ExternalCommand cmd(QStringLiteral("cryptsetup"), { QStringLiteral("luksDump"), deviceNode });
  502. if (cmd.run(-1) && cmd.exitCode() == 0) {
  503. QRegularExpression re(QStringLiteral("Cipher name:\\s+(\\w+)"));
  504. QRegularExpressionMatch rem = re.match(cmd.output());
  505. if (rem.hasMatch())
  506. m_CipherName = rem.captured(1);
  507. else
  508. m_CipherName = QLatin1String("---");
  509. re.setPattern(QStringLiteral("Cipher mode:\\s+(\\w+)"));
  510. rem = re.match(cmd.output());
  511. if (rem.hasMatch())
  512. m_CipherMode = rem.captured(1);
  513. else
  514. m_CipherMode = QLatin1String("---");
  515. re.setPattern(QStringLiteral("Hash spec:\\s+(\\w+)"));
  516. rem = re.match(cmd.output());
  517. if (rem.hasMatch())
  518. m_HashName = rem.captured(1);
  519. else
  520. m_HashName = QLatin1String("---");
  521. re.setPattern(QStringLiteral("MK bits:\\s+(\\d+)"));
  522. rem = re.match(cmd.output());
  523. if (rem.hasMatch())
  524. m_KeySize = rem.captured(1).toLongLong();
  525. else
  526. m_KeySize = -1;
  527. re.setPattern(QStringLiteral("Payload offset:\\s+(\\d+)"));
  528. rem = re.match(cmd.output());
  529. if (rem.hasMatch())
  530. m_PayloadOffset = rem.captured(1).toLongLong() * 512; // assuming LUKS sector size is 512;
  531. else
  532. m_PayloadOffset = -1;
  533. }
  534. else {
  535. m_CipherName = QLatin1String("---");
  536. m_CipherMode = QLatin1String("---");
  537. m_HashName = QLatin1String("---");
  538. m_KeySize = -1;
  539. m_PayloadOffset = -1;
  540. }
  541. }
  542. QString luks::outerUuid() const
  543. {
  544. return m_outerUuid;
  545. }
  546. bool luks::canEncryptType(FileSystem::Type type)
  547. {
  548. switch (type)
  549. {
  550. case Type::Btrfs:
  551. case Type::F2fs:
  552. case Type::Ext2:
  553. case Type::Ext3:
  554. case Type::Ext4:
  555. case Type::Jfs:
  556. case Type::LinuxSwap:
  557. case Type::Lvm2_PV:
  558. case Type::Nilfs2:
  559. case Type::ReiserFS:
  560. case Type::Reiser4:
  561. case Type::Xfs:
  562. case Type::Zfs:
  563. return true;
  564. default:
  565. return false;
  566. }
  567. }
  568. void luks::initLUKS()
  569. {
  570. setPayloadSize();
  571. QString mapperNode = mapperName();
  572. bool isCryptOpen = !mapperNode.isEmpty();
  573. setCryptOpen(isCryptOpen);
  574. if (isCryptOpen) {
  575. loadInnerFileSystem(mapperNode);
  576. setMounted(detectMountStatus(innerFS(), mapperNode));
  577. }
  578. }
  579. void luks::setPayloadSize()
  580. {
  581. ExternalCommand dmsetupCmd(QStringLiteral("dmsetup"), { QStringLiteral("table"), mapperName() });
  582. dmsetupCmd.run();
  583. QRegularExpression re(QStringLiteral("\\d+ (\\d+)"));
  584. QRegularExpressionMatch rem = re.match(dmsetupCmd.output());
  585. if (rem.hasMatch())
  586. m_PayloadSize = rem.captured(1).toLongLong() * sectorSize();
  587. }
  588. bool luks::testPassphrase(const QString& deviceNode, const QString& passphrase) const {
  589. ExternalCommand cmd(QStringLiteral("cryptsetup"), { QStringLiteral("open"), QStringLiteral("--tries"), QStringLiteral("1"), QStringLiteral("--test-passphrase"), deviceNode });
  590. if (cmd.write(passphrase.toLocal8Bit() + '\n') && cmd.start(-1) && cmd.exitCode() == 0)
  591. return true;
  592. return false;
  593. }
  594. }