#define _GNU_SOURCE #include "encryption.h" #include "shared.h" #include #include #include #include #include #include #include #include #include int checkSodium(void) { int ret = sodium_init(); if(ret < 0) error(1, ENOTSUP, "Couldn't initialize sodium for some reason. Quitting..."); return ret; } // To encrypt: // 1- Create a temp file with the correct name in the root folder of the partition being encrypted -- // 1.1- Detect the partition and find the root folder -- DONE || NOT NECESSARY // 1.2- Create the temp file -- DONE // 2- Encrypt the file's contents to the temp file -- // 2.1- Open the file -- // 2.2- Stream the file's contents into some encryption algo -- // 2.3- Pipe the output of the encryption into the temp file -- // 3- Once the file has been encrypted, hard link it back to the original location, with the right name -- // 4- Delete the original file -- // 5- Delete the temp file -- int maketmp(const char *dest) { return open(dest, (O_TMPFILE | O_WRONLY | O_CLOEXEC | O_SYNC), (S_IRUSR | S_IWUSR)); } int encrypttotmp(const char *toencrypt) { struct stat esb; int efd = -1; // Make sure the file is real and an actual file that can be encrypted if(stat(toencrypt, &esb) < 0) return -1; if(!S_ISREG(esb.st_mode)) return -2; // Open the file as read-only if((efd = open(toencrypt, O_RDONLY)) < 0) return -3; // Need to get a secret key from a password and then set up cryptostream from libsodium return 0; } #define TESTING #ifdef TESTING #include int main(void) { const char *dir = ".", *testmsg = "we do a little testing\n"; char *path = NULL; int fd = maketmp(dir); if(fd < 0) error(1, errno, "Couldn't make temp file at %s", dir); if(write(fd, testmsg, strlen(testmsg)) < 0) error(1, errno, "write broke"); asprintf(&path, "/proc/self/fd/%d", fd); linkat(AT_FDCWD, path, AT_FDCWD, "./test", AT_SYMLINK_FOLLOW); free(path); // Apparently, I don't have the CAP_DAC_READ_SEARCH capibility. Thanks for the solution, linux man pages if(close(fd) < 0) error(1, errno, "close broke"); return 0; } #endif