1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
#define _GNU_SOURCE
#include "encryption.h"
#include "shared.h"
#include <sodium.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <stdarg.h>
#include <unistd.h>
#include <errno.h>
#include <error.h>
#include <fcntl.h>
#include <stdio.h>
int checkSodium(void) {
int ret = sodium_init();
if(ret < 0)
error(1, ENOTSUP, "Couldn't initialize sodium for some reason. Quitting...");
return ret;
}
// To encrypt:
// 1- Create a temp file with the correct name in the root folder of the partition being encrypted --
// 1.1- Detect the partition and find the root folder -- DONE || NOT NECESSARY
// 1.2- Create the temp file -- DONE
// 2- Encrypt the file's contents to the temp file --
// 2.1- Open the file --
// 2.2- Stream the file's contents into some encryption algo --
// 2.3- Pipe the output of the encryption into the temp file --
// 3- Once the file has been encrypted, hard link it back to the original location, with the right name --
// 4- Delete the original file --
// 5- Delete the temp file --
int maketmp(const char *dest) {
return open(dest, (O_TMPFILE | O_WRONLY | O_CLOEXEC | O_SYNC), (S_IRUSR | S_IWUSR));
}
int encrypttotmp(const char *toencrypt) {
struct stat esb;
int efd = -1;
// Make sure the file is real and an actual file that can be encrypted
if(stat(toencrypt, &esb) < 0)
return -1;
if(!S_ISREG(esb.st_mode))
return -2;
// Open the file as read-only
if((efd = open(toencrypt, O_RDONLY)) < 0)
return -3;
// Need to get a secret key from a password and then set up cryptostream from libsodium
return 0;
}
#define TESTING
#ifdef TESTING
#include <string.h>
int main(void) {
const char *dir = ".", *testmsg = "we do a little testing\n";
char *path = NULL;
int fd = maketmp(dir);
if(fd < 0)
error(1, errno, "Couldn't make temp file at %s", dir);
if(write(fd, testmsg, strlen(testmsg)) < 0)
error(1, errno, "write broke");
asprintf(&path, "/proc/self/fd/%d", fd);
linkat(AT_FDCWD, path, AT_FDCWD, "./test", AT_SYMLINK_FOLLOW);
free(path);
// Apparently, I don't have the CAP_DAC_READ_SEARCH capibility. Thanks for the solution, linux man pages
if(close(fd) < 0)
error(1, errno, "close broke");
return 0;
}
#endif
|
