#![deny(warnings)] #![allow(non_camel_case_types)] extern crate libc; use libc::{c_char, c_double, c_int, c_uint, c_void, size_t}; use std::str::FromStr; pub enum crypt_device {} #[repr(i32)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_log_level { CRYPT_LOG_NORMAL = 0, CRYPT_LOG_ERROR = 1, CRYPT_LOG_VERBOSE = 2, CRYPT_LOG_DEBUG = -1, } pub type crypt_log_cb = extern "C" fn(crypt_log_level, *const c_char, *mut c_void); pub type crypt_confirm_cb = extern "C" fn(*const c_char, *mut c_void) -> c_int; pub type crypt_password_cb = extern "C" fn(*const c_char, *mut c_char, size_t, *mut c_void) -> c_int; #[repr(i32)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_rng_type { CRYPT_RNG_URANDOM = 0, CRYPT_RNG_RANDOM = 1, } #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_device_type { PLAIN, LUKS1, LOOPAES, VERITY, TCRYPT, } #[repr(C)] pub struct crypt_params_plain { pub hash: *const c_char, pub offset: u64, pub skip: u64, pub size: u64, } #[repr(C)] pub struct crypt_params_luks1 { pub hash: *const c_char, pub data_alignment: size_t, pub data_device: *const c_char, } #[repr(C)] pub struct crypt_params_loopaes { pub hash: *const c_char, pub offset: u64, pub skip: u64, } #[repr(C)] pub struct crypt_params_verity { pub hash_name: *const c_char, pub data_device: *const c_char, pub hash_device: *const c_char, pub salt: *const c_char, pub salt_size: u32, pub hash_type: u32, pub data_block_size: u32, pub hash_block_size: u32, pub data_size: u64, pub hash_area_offset: u64, pub flags: u32, } #[repr(u32)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_verity_flag { CRYPT_VERITY_NO_HEADER = (1 << 0), CRYPT_VERITY_CHECK_HASH = (1 << 1), CRYPT_VERITY_CREATE_HASH = (1 << 2), } #[repr(C)] pub struct crypt_params_tcrypt { pub passphrase: *const c_char, pub passphrase_size: size_t, pub keyfiles: *const *const c_char, pub keyfiles_count: c_uint, pub hash_name: *const c_char, pub cipher: *const c_char, pub mode: *const c_char, pub key_size: size_t, pub flags: u32, } #[repr(u32)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_tcrypt_flag { CRYPT_TCRYPT_LEGACY_MODES = (1 << 0), CRYPT_TCRYPT_HIDDEN_HEADER = (1 << 1), CRYPT_TCRYPT_BACKUP_HEADER = (1 << 2), CRYPT_TCRYPT_SYSTEM_HEADER = (1 << 3), CRYPT_TCRYPT_VERA_MODES = (1 << 4), } pub const CRYPT_ANY_SLOT: c_int = -1; #[repr(u32)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_activation_flag { CRYPT_ACTIVATE_READONLY = (1 << 0), CRYPT_ACTIVATE_NO_UUID = (1 << 1), CRYPT_ACTIVATE_SHARED = (1 << 2), CRYPT_ACTIVATE_ALLOW_DISCARDS = (1 << 3), CRYPT_ACTIVATE_PRIVATE = (1 << 4), CRYPT_ACTIVATE_CORRUPTED = (1 << 5), CRYPT_ACTIVATE_SAME_CPU_CRYPT = (1 << 6), CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS = (1 << 7), CRYPT_ACTIVATE_IGNORE_CORRUPTION = (1 << 8), CRYPT_ACTIVATE_RESTART_ON_CORRUPTION = (1 << 9), CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS = (1 << 10), } #[repr(C)] pub struct crypt_active_device { pub offset: u64, pub iv_offset: u64, pub size: u64, pub flags: u32, } #[repr(C)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_status_info { CRYPT_INVALID, CRYPT_INACTIVE, CRYPT_ACTIVE, CRYPT_BUSY, } #[repr(C)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_keyslot_info { CRYPT_SLOT_INVALID, CRYPT_SLOT_INACTIVE, CRYPT_SLOT_ACTIVE, CRYPT_SLOT_ACTIVE_LAST, } #[repr(C)] #[derive(PartialEq, Eq, Clone, Copy, Debug)] pub enum crypt_debug_level { CRYPT_DEBUG_ALL = -1, CRYPT_DEBUG_NONE = 0, } extern "C" { pub fn crypt_init(cd: *mut *mut crypt_device, device: *const c_char) -> c_int; pub fn crypt_init_by_name_and_header( cd: *mut *mut crypt_device, name: *const c_char, header_device: *const c_char, ) -> c_int; pub fn crypt_init_by_name(cd: *mut *mut crypt_device, name: *const c_char) -> c_int; pub fn crypt_set_log_callback( cd: *mut crypt_device, log: Option, usrptr: *mut c_void, ); pub fn crypt_log(cd: *mut crypt_device, level: crypt_log_level, msg: *const c_char); pub fn crypt_set_confirm_callback( cd: *mut crypt_device, confirm: crypt_confirm_cb, usrptr: *mut c_void, ); #[deprecated] pub fn crypt_set_password_callback( cd: *mut crypt_device, password: crypt_password_cb, usrptr: *mut c_void, ); #[deprecated] pub fn crypt_set_timeout(cd: *mut crypt_device, timeout: u64); #[deprecated] pub fn crypt_set_password_retry(cd: *mut crypt_device, tries: c_int); pub fn crypt_set_iteration_time(cd: *mut crypt_device, iteration_time_ms: u64); #[deprecated] pub fn crypt_set_password_verify(cd: *mut crypt_device, password_verify: c_int); pub fn crypt_set_data_device(cd: *mut crypt_device, device: *const c_char) -> c_int; pub fn crypt_set_rng_type(cd: *mut crypt_device, rng_type: crypt_rng_type); pub fn crypt_get_rng_type(cd: *mut crypt_device) -> c_int; pub fn crypt_memory_lock(cd: *mut crypt_device, lock: c_int) -> c_int; pub fn crypt_get_type(cd: *mut crypt_device) -> *const c_char; pub fn crypt_format( cd: *mut crypt_device, crypt_type: *const c_char, cipher: *const c_char, cipher_mode: *const c_char, uuid: *const c_char, volume_key: *const c_char, volume_key_size: size_t, params: *mut c_void, ) -> c_int; pub fn crypt_set_uuid(cd: *mut crypt_device, uuid: *const c_char) -> c_int; pub fn crypt_load( cd: *mut crypt_device, requested_type: *const c_char, params: *mut c_void, ) -> c_int; pub fn crypt_repair( cd: *mut crypt_device, requested_type: *const c_char, params: *mut c_void, ) -> c_int; pub fn crypt_resize(cd: *mut crypt_device, name: *const c_char, new_size: u64) -> c_int; pub fn crypt_suspend(cd: *mut crypt_device, name: *const c_char) -> c_int; pub fn crypt_resume_by_passphrase( cd: *mut crypt_device, name: *const c_char, keyslot: c_int, passphrase: *const c_char, passphrase_size: size_t, ) -> c_int; pub fn crypt_resume_by_keyfile_offset( cd: *mut crypt_device, name: *const c_char, keyslot: c_int, keyfile: *const c_char, keyfile_size: size_t, keyfile_offset: size_t, ) -> c_int; pub fn crypt_resume_by_keyfile( cd: *mut crypt_device, name: *const c_char, keyslot: c_int, keyfile: *const c_char, keyfile_size: size_t, ) -> c_int; pub fn crypt_free(cd: *mut crypt_device); pub fn crypt_keyslot_add_by_passphrase( cd: *mut crypt_device, keyslot: c_int, passphrase: *const c_char, passphrase_size: size_t, new_passphrase: *const c_char, new_passphrase_size: size_t, ) -> c_int; pub fn crypt_keyslot_change_by_passphrase( cd: *mut crypt_device, keyslot_old: c_int, keyslot_new: c_int, passphrase: *const c_char, passphrase_size: size_t, new_passphrase: *const c_char, new_passphrase_size: size_t, ) -> c_int; pub fn crypt_keyslot_add_by_keyfile_offset( cd: *mut crypt_device, keyslot: c_int, keyfile: *const c_char, keyfile_size: size_t, keyfile_offset: size_t, new_keyfile: *const c_char, new_keyfile_size: size_t, new_keyfile_offset: size_t, ) -> c_int; pub fn crypt_keyslot_add_by_keyfile( cd: *mut crypt_device, keyslot: c_int, keyfile: *const c_char, keyfile_size: size_t, new_keyfile: *const c_char, new_keyfile_size: size_t, ) -> c_int; pub fn crypt_keyslot_add_by_volume_key( cd: *mut crypt_device, keyslot: c_int, volume_key: *const c_char, volume_key_size: size_t, passphrase: *const c_char, passphrase_size: size_t, ) -> c_int; pub fn crypt_keyslot_destroy(cd: *mut crypt_device, keyslot: c_int) -> c_int; pub fn crypt_get_active_device( cd: *mut crypt_device, name: *const c_char, cad: *mut crypt_active_device, ) -> c_int; pub fn crypt_activate_by_passphrase( cd: *mut crypt_device, name: *const c_char, keyslot: c_int, passphrase: *const c_char, passphrase_size: size_t, flags: u32, ) -> c_int; pub fn crypt_activate_by_keyfile_offset( cd: *mut crypt_device, name: *const c_char, keyslot: c_int, keyfile: *const c_char, keyfile_size: size_t, keyfile_offset: size_t, flags: u32, ) -> c_int; pub fn crypt_activate_by_keyfile( cd: *mut crypt_device, name: *const c_char, keyslot: c_int, keyfile: *const c_char, keyfile_size: size_t, flags: u32, ) -> c_int; pub fn crypt_activate_by_volume_key( cd: *mut crypt_device, name: *const c_char, volume_key: *const c_char, volume_key_size: size_t, flags: u32, ) -> c_int; pub fn crypt_deactivate(cd: *mut crypt_device, name: *const c_char) -> c_int; pub fn crypt_volume_key_get( cd: *mut crypt_device, keyslot: c_int, volume_key: *mut c_char, volume_key_size: *mut size_t, passphrase: *const c_char, passphrase_size: size_t, ) -> c_int; pub fn crypt_volume_key_verify( cd: *mut crypt_device, volume_key: *const c_char, volume_key_size: size_t, ) -> c_int; pub fn crypt_status(cd: *mut crypt_device, name: *const c_char) -> crypt_status_info; pub fn crypt_dump(cd: *mut crypt_device) -> c_int; pub fn crypt_get_cipher(cd: *mut crypt_device) -> *const c_char; pub fn crypt_get_cipher_mode(cd: *mut crypt_device) -> *const c_char; pub fn crypt_get_uuid(cd: *mut crypt_device) -> *const c_char; pub fn crypt_get_device_name(cd: *mut crypt_device) -> *const c_char; pub fn crypt_get_data_offset(cd: *mut crypt_device) -> u64; pub fn crypt_get_iv_offset(cd: *mut crypt_device) -> u64; pub fn crypt_get_volume_key_size(cd: *mut crypt_device) -> c_int; pub fn crypt_get_verity_info(cd: *mut crypt_device, vp: *mut crypt_params_verity); pub fn crypt_benchmark( cd: *mut crypt_device, cipher: *const c_char, cipher_mode: *const c_char, volume_key_size: size_t, iv_size: size_t, buffer_size: size_t, encryption_mbs: *mut c_double, decryption_mbs: *mut c_double, ) -> c_int; pub fn crypt_benchmark_kdf( cd: *mut crypt_device, kdf: *const c_char, hash: *const c_char, password: *const c_char, password_size: size_t, salt: *const c_char, salt_size: size_t, iterations_sec: *mut u64, ) -> c_int; pub fn crypt_keyslot_status(cd: *mut crypt_device, keyslot: c_int) -> crypt_keyslot_info; pub fn crypt_keyslot_max(crypt_device_type: *const c_char) -> c_int; pub fn crypt_keyslot_area( cd: *mut crypt_device, keyslot: c_int, offset: *mut u64, length: *mut u64, ) -> c_int; pub fn crypt_header_backup( cd: *mut crypt_device, requested_type: *const c_char, backup_file: *const c_char, ) -> c_int; pub fn crypt_header_restore( cd: *mut crypt_device, requested_type: *const c_char, backup_file: *const c_char, ) -> c_int; #[deprecated] pub fn crypt_last_error(cd: *mut crypt_device, buf: *mut c_char, size: size_t); #[deprecated] pub fn crypt_get_error(buf: *mut c_char, size: size_t); pub fn crypt_get_dir() -> *const c_char; pub fn crypt_set_debug_level(level: crypt_debug_level); } impl FromStr for crypt_device_type { type Err = (); fn from_str(s: &str) -> Result { match s { "PLAIN" => Ok(crypt_device_type::PLAIN), "LUKS1" => Ok(crypt_device_type::LUKS1), "LOOPAES" => Ok(crypt_device_type::LOOPAES), "VERITY" => Ok(crypt_device_type::VERITY), "TCRYPT" => Ok(crypt_device_type::TCRYPT), _ => Err(()), } } } impl crypt_device_type { pub fn to_str(&self) -> &str { match self { &crypt_device_type::PLAIN => "PLAIN", &crypt_device_type::LUKS1 => "LUKS1", &crypt_device_type::LOOPAES => "LOOPAES", &crypt_device_type::VERITY => "VERITY", &crypt_device_type::TCRYPT => "TCRYPT", } } } #[cfg(test)] mod tests { use super::*; use std::ffi::CString; use std::str::FromStr; #[test] fn test_device_type_conversion() { assert_eq!( Ok(crypt_device_type::PLAIN), crypt_device_type::from_str("PLAIN") ); assert_eq!( Ok(crypt_device_type::LUKS1), crypt_device_type::from_str("LUKS1") ); assert_eq!( Ok(crypt_device_type::LOOPAES), crypt_device_type::from_str("LOOPAES") ); assert_eq!( Ok(crypt_device_type::VERITY), crypt_device_type::from_str("VERITY") ); assert_eq!( Ok(crypt_device_type::TCRYPT), crypt_device_type::from_str("TCRYPT") ); } #[test] fn test_keyslot_max_gt_zero() { unsafe { let luks_type = CString::new("LUKS1").unwrap(); assert!(crypt_keyslot_max(luks_type.as_ptr()) > 0); } } }