forked from bwalex/tc-play
-
Notifications
You must be signed in to change notification settings - Fork 5
/
tcplay.8
537 lines (537 loc) · 15.3 KB
/
tcplay.8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
.\"
.\" Copyright (c) 2011
.\" The DragonFly Project. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\" 3. Neither the name of The DragonFly Project nor the names of its
.\" contributors may be used to endorse or promote products derived
.\" from this software without specific, prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
.\" COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
.\" OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd December 8, 2013
.Dt TCPLAY 8
.Os
.Sh NAME
.Nm tcplay
.Nd tool to manage TrueCrypt volumes
.Sh SYNOPSIS
.Nm
.Fl c
.Fl d Ar device
.Op Fl g
.Op Fl z
.Op Fl w
.Op Fl a Ar pbkdf_hash
.Op Fl b Ar cipher
.Op Fl f Ar keyfile_hidden
.Op Fl k Ar keyfile
.Op Fl x Ar pbkdf_hash
.Op Fl y Ar cipher
.Nm
.Fl i
.Fl d Ar device
.Op Fl e
.Op Fl f Ar keyfile_hidden
.Op Fl k Ar keyfile
.Op Fl s Ar system_device
.Op Fl -fde
.Op Fl -use-backup
.Op Fl -use-hdr-file Ar hdr_file
.Op Fl -use-hidden-hdr-file Ar hdr_file
.Nm
.Fl j Ar mapping
.Nm
.Fl m Ar mapping
.Fl d Ar device
.Op Fl e
.Op Fl f Ar keyfile_hidden
.Op Fl k Ar keyfile
.Op Fl s Ar system_device
.Op Fl t
.Op Fl -fde
.Op Fl -read-only
.Op Fl -use-backup
.Op Fl -use-hdr-file Ar hdr_file
.Op Fl -use-hidden-hdr-file Ar hdr_file
.Nm
.Fl -modify
.Fl d Ar device
.Op Fl k Ar keyfile
.Op Fl -new-keyfile Ar new_keyfile
.Op Fl -new-pbkdf-prf Ar pbkdf_hash
.Op Fl s Ar system_device
.Op Fl -fde
.Op Fl -use-backup
.Op Fl -use-hdr-file Ar hdr_file
.Op Fl -use-hidden-hdr-file Ar hdr_file
.Op Fl -save-hdr-backup Ar hdr_file
.Op Fl w
.Nm
.Fl -modify
.Fl d Ar device
.Op Fl k Ar keyfile
.Fl -restore-from-backup-hdr
.Op Fl w
.Nm
.Fl u Ar mapping
.Nm
.Fl h | v
.Sh DESCRIPTION
The
.Nm
utility provides full support for creating and opening/mapping
TrueCrypt-compatible volumes.
It supports the following commands, each with a set of options
detailed further below:
.Bl -tag -width indent
.It Fl c , Fl -create
Create a new encrypted TrueCrypt volume on the device
specified by
.Fl -device .
.It Fl h, Fl -help
Print help message and exit.
.It Fl i , Fl -info
Print out information about the encrypted device specified by
.Fl -device .
.It Fl j Ar mapping , Fl -info-mapped Ns = Ns Ar mapping
Print out information about the mapped tcplay volume specified
by
.Ar mapping .
Information such as key CRC and the PBKDF2 PRF is not available
via this command.
.It Fl -modify
Modify the volume header.
This mode allows changing passphrase, keyfiles, PBKDF2 PRF as
well as restoring from a backup header.
.It Fl m Ar mapping , Fl -map Ns = Ns Ar mapping
Map the encrypted TrueCrypt volume on the device specified by
.Fl -device
as a
.Xr dm 4
mapping called
.Ar mapping .
The
.Ar mapping
argument should not contain any spaces or special characters.
.It Fl u Ar mapping , Fl -unmap Ns = Ns Ar mapping
Removes (unmaps) the
.Xr dm 4
mapping specified by
.Ar mapping
as well as any related cascade mappings.
If you mapped a volume using full disk encryption and created
mapping for individual partitions using
.Xr kpartx 8 ,
you must remove these prior to unmapping the volume.
.It Fl v, Fl -version
Print version message and exit.
.El
.Pp
Options common to all commands are:
.Bl -tag -width indent
.It Fl d Ar device , Fl -device Ns = Ns Ar device
Specifies the disk
.Ar device
on which the TrueCrypt volume resides/will reside.
This option is mandatory for all commands.
.It Fl f Ar keyfile_hidden , Fl -keyfile-hidden Ns = Ns Ar keyfile_hidden
Specifies a keyfile
to use in addition to the passphrase when either creating a
hidden volume or when protecting a hidden volume while mapping
or querying the outer volume.
If you only intend to map a hidden volume, the
.Fl -keyfile
option has to be used.
This option can appear multiple times; if so, multiple
keyfiles will be used.
This option is not valid in the
.Fl -modify
mode.
.It Fl k Ar keyfile , Fl -keyfile Ns = Ns Ar keyfile
Specifies a
.Ar keyfile
to use in addition to the passphrase.
This option can appear multiple times; if so, multiple
keyfiles will be used.
.El
.Pp
Additional options for the
.Fl -create
command are:
.Bl -tag -width indent
.It Fl a Ar pbkdf_hash , Fl -pbkdf-prf Ns = Ns Ar pbkdf_hash
Specifies which hash algorithm to use for the PBKDF2 password
derivation.
To see which algorithms are supported, specify
.Fl -pbkdf-prf Ns = Ns Cm help .
.It Fl b Ar cipher , Fl -cipher Ns = Ns Ar cipher
Specifies which cipher algorithm or cascade of ciphers to use
to encrypt the new volume.
To see which algorithms are supported, specify
.Fl -cipher Ns = Ns Cm help .
.It Fl g, Fl -hidden
Specifies that the newly created volume will contain a hidden
volume.
The keyfiles applied to the passphrase for the hidden
volume are those specified by
.Fl -keyfile-hidden .
The user will be prompted for the size of the hidden volume
interactively.
.It Fl w, Fl -weak-keys
Use
.Xr urandom 4
for key material instead of a strong entropy source.
This is in general a really bad idea and should only be used
for testing.
.It Fl x Ar pbkdf_hash , Fl -pbkdf-prf-hidden Ns = Ns Ar pbkdf_hash
Specifies which hash algorithm to use for the PBKDF2 password
derivation for the hidden volume.
Only valid in conjunction with
.Fl -hidden .
If no algorithm is specified, the same as for the outer volume
will be used.
To see which algorithms are supported, specify
.Fl -pbkdf-prf-hidden Ns = Ns Cm help .
.It Fl y Ar cipher , Fl -cipher-hidden Ns = Ns Ar cipher
Specifies which cipher algorithm or cascade of ciphers to use
to encrypt the hidden volume on the new TrueCrypt volume.
Only valid in conjunction with
.Fl -hidden .
If no cipher is specified, the same as for the outer volume
will be used.
To see which algorithms are supported, specify
.Fl -cipher-hidden Ns = Ns Cm help .
.It Fl z, Fl -insecure-erase
Skips the secure erase of the disk.
Use this option carefully as it is a security risk!
.El
.Pp
Additional options for the
.Fl -info ,
.Fl -map
and
.Fl -modify
commands are:
.Bl -tag -width indent
.It Fl e, Fl -protect-hidden
Specifies that an outer volume will be queried or mapped, but
its reported size will be adjusted accordingly to the size of
the hidden volume contained in it.
Both the hidden volume and outer volume passphrase and keyfiles
will be required.
This option only applies to the
.Fl -info
and
.Fl -map
commands.
.It Fl s Ar system_device , Fl -system-encryption Ns = Ns Ar system_device
This option is required if you are attempting to access a device
that uses system encryption, for example an encrypted
.Tn Windows
system partition.
It does not apply to disks using full disk encryption.
The
.Fl -device
option will point at the actual encrypted partition, while the
.Ar system_device
argument will point to the parent device (i.e.\& underlying physical disk)
of the encrypted partition.
.It Fl -fde
This option is intended to be used with disks using full disk encryption (FDE).
When a disk has been encrypted using TrueCrypt's FDE, the complete disk
is encrypted except for the first 63 sectors.
The
.Fl -device
option should point to the whole disk device, not to any particular
partition.
The resultant mapping will cover the whole disk, and will not appear as
separate partitions.
To access individual partitions after mapping,
.Xr kpartx 8
can be used.
.It Fl -use-backup
This option is intended to be used when the primary headers of a volume
have been corrupted.
This option will force
.Nm
to use the backup headers, which are located at the end of the device,
to access the volume.
.El
.Pp
Additional options only for the
.Fl -map
command are:
.Bl -tag -width indent
.It Fl t , Fl -allow-trim
This option enables TRIM (discard) support on the mapped volume.
.El
.Pp
Additional options only for the
.Fl -modify
command are:
.Bl -tag -width indent
.It Fl -new-pbkdf-prf Ns = Ns Ar pbkdf_hash
Specifies which hash algorithm to use for the PBKDF2 password
derivation on reencrypting the volume header.
If this option is not specified, the reencrypted header will
use the current PRF.
To see which algorithms are supported, specify
.Fl -pbkdf-prf Ns = Ns Cm help .
.It Fl -new-keyfile Ns = Ns Ar keyfile
Specifies a
.Ar keyfile
to use in addition to the new passphrase on reencrypting the
volume header.
This option can appear multiple times; if so, multiple
keyfiles will be used.
.It Fl -restore-from-backup-hdr
If this option is specified, neither
.Fl -new-pbkdf-prf
nor
.Fl -new-keyfile
should be specified.
This option implies
.Fl -use-backup .
Use this option to restore the volume headers from the backup
header.
.El
.Pp
Sending a
.Dv SIGINFO
or
.Dv SIGUSR1
signal to a running
.Nm
process makes it print progress on slower tasks
such as gathering entropy or wiping the volume.
.Sh NOTES
TrueCrypt limits passphrases to 64 characters (including the terminating
null character).
To be compatible with it,
.Nm
does the same.
All passphrases (excluding keyfiles) are trimmed to 64 characters.
Similarly, keyfiles are limited to a size of 1 MB, but up to
256 keyfiles can be used.
.Sh PLAUSIBLE DENIABILITY
.Nm
offers plausible deniability. Hidden volumes are created within an outer
volume.
Which volume is accessed solely depends on the passphrase and keyfile(s)
used.
If the passphrase and keyfiles for the outer volume are specified,
no information about the existance of the hidden volume is exposed.
Without knowledge of the passphrase and keyfile(s) of the hidden volume
its existence remains unexposed.
The hidden volume can be protected when mapping the outer volume by
using the
.Fl -protect-hidden
option and specifying the passphrase and keyfiles for both the outer
and hidden volumes.
.Sh EXAMPLES
Create a new TrueCrypt volume on
.Pa /dev/vn0
using the cipher cascade
of AES and Twofish and the Whirlpool hash algorithm for
PBKDF2 password derivation and two keyfiles,
.Pa one.key
and
.Pa two.key :
.Bd -ragged -offset indent
.Nm Fl -create
.Fl -device Ns = Ns Cm /dev/vn0
.Fl -cipher Ns = Ns Cm TWOFISH-256-XTS,AES-256-XTS
.Fl -pbkdf-prf Ns = Ns Cm whirlpool
.Fl -keyfile Ns = Ns Cm one.key
.Fl -keyfile Ns = Ns Cm two.key
.Ed
.Pp
Map the outer volume on the TrueCrypt volume on
.Pa /dev/vn0
as
.Sy truecrypt1 ,
but protect the hidden volume, using the keyfile
.Pa hidden.key ,
from being overwritten:
.Bd -ragged -offset indent
.Nm Fl -map Ns = Ns Cm truecrypt1
.Fl -device Ns = Ns Cm /dev/vn0
.Fl -protect-hidden
.Fl -keyfile-hidden Ns = Ns Cm hidden.key
.Ed
.Pp
Map the hidden volume on the TrueCrypt volume on
.Pa /dev/vn0
as
.Sy truecrypt2 ,
using the keyfile
.Pa hidden.key :
.Bd -ragged -offset indent
.Nm Fl -map Ns = Ns Cm truecrypt2
.Fl -device Ns = Ns Cm /dev/vn0
.Fl -keyfile Ns = Ns Cm hidden.key
.Ed
.Pp
Map and mount the volume in the file
.Pa secvol
on Linux:
.Bd -ragged -offset indent
.Sy losetup Cm /dev/loop1 Cm secvol
.Ed
.Bd -ragged -offset indent
.Nm Fl -map Ns = Ns Cm secv
.Fl -device Ns = Ns Cm /dev/loop1
.Ed
.Bd -ragged -offset indent
.Sy mount Cm /dev/mapper/secv Cm /mnt
.Ed
.Pp
Similarly on
.Dx :
.Bd -ragged -offset indent
.Sy vnconfig Cm vn1 Cm secvol
.Ed
.Bd -ragged -offset indent
.Nm Fl -map Ns = Ns Cm secv
.Fl -device Ns = Ns Cm /dev/vn1
.Ed
.Bd -ragged -offset indent
.Sy mount Cm /dev/mapper/secv Cm /mnt
.Ed
.Pp
Unmapping the volume
.Sy truecrypt2
on both Linux and
.Dx
after unmounting:
.Bd -ragged -offset indent
.Sy dmsetup Cm remove Cm truecrypt2
.Ed
.Pp
Or alternatively:
.Bd -ragged -offset indent
.Nm Fl -unmap Ns = Ns Cm truecrypt2
.Ed
.Pp
A hidden volume whose existance can be plausibly denied and its outer volume
can for example be created with
.Bd -ragged -offset indent
.Nm Fl -create
.Fl -hidden
.Fl -device Ns = Ns Cm /dev/loop0
.Fl -cipher Ns = Ns Cm TWOFISH-256-XTS,AES-256-XTS
.Fl -pbkdf-prf Ns = Ns Cm whirlpool
.Fl -keyfile Ns = Ns Cm one.key
.Fl -cipher-hidden Ns = Ns Cm AES-256-XTS
.Fl -pbkdf-prf-hidden Ns = Ns Cm whirlpool
.Fl -keyfile-hidden Ns = Ns Cm hidden.key
.Ed
.Pp
.Nm
will prompt the user for the passphrase for both the outer and hidden volume
as well as the size of the hidden volume inside the outer volume.
The hidden volume will be created inside the area spanned by the outer volume.
The hidden volume can optionally use a different cipher and prf function
as specified by the
.Fl -cipher-hidden
and
.Fl -pbkdf-prf-hidden
options.
Which volume is later accessed depends only on which passphrase and keyfile(s)
are being used,
so that the existance of the hidden volume remains unknown without knowledge
of the passphrase and keyfile it is protected by since it is located within
the outer volume.
To map the outer volume without potentially damaging the hidden volume,
the passphrase and keyfile(s) of the hidden volume must be known and provided
alongside the
.Fl -protect-hidden
option.
.Pp
A disk encrypted using full disk encryption can be mapped using
.Bd -ragged -offset indent
.Nm Fl -map Ns = Ns Cm tcplay_sdb
.Fl -device Ns = Ns Cm /dev/sdb
.Fl -fde
.Ed
.Pp
To access individual partitions on the now mapped disk,
the following command will generate mappings for each
individual partition on the encrypted disk:
.Bd -ragged -offset indent
.Sy kpartx Fl -av Cm /dev/mapper/tcplay_sdb
.Ed
.Pp
To restore the main volume header from the backup header, the following
command can be used:
.Bd -ragged -offset indent
.Nm Fl -modify
.Fl -device Ns = Ns Cm /dev/sdb
.Fl -restore-from-backup-hdr
.Ed
.Pp
As with most other commands, which header is saved (used as source) depends
on the passphrase and keyfiles used.
.Pp
To save a backup copy of a header, the following command can be used:
.Bd -ragged -offset indent
.Nm Fl -modify
.Fl -device Ns = Ns Cm /dev/sdb
.Fl -save-hdr-backup Ns = Ns Cm /tmp/sdb_backup_header.hdr
.Ed
.Pp
As with most other commands, which header is saved (used as source) depends
on the passphrase and keyfiles used.
.Pp
To restore a header from a backup header file, the following command can be
used:
.Bd -ragged -offset indent
.Nm Fl -modify
.Nm -use-hdr-file Ns = Ns Cm /tmp/sdb_backup_header.hdr
.Ed
.Pp
Similarly, to restore a hidden header from a backup header file:
.Bd -ragged -offset indent
.Nm Fl -modify
.Nm -use-hidden-hdr-file Ns = Ns Cm /tmp/sdb_backup_hidden_header.hdr
.Ed
.Pp
Which header is used as the source of the operation will still depend on the
passphrase and keyfiles used.
Even if you use the
.Fl -use-hidden-hdr-file
option, if you specify the passphrase and keyfiles for the main header, the
main header will be used instead.
.Sh SEE ALSO
.Xr crypttab 5 ,
.Xr cryptsetup 8 ,
.Xr dmsetup 8 ,
.Xr kpartx 8
.Sh HISTORY
The
.Nm
utility appeared in
.Dx 2.11 .
.Sh AUTHORS
.An Alex Hornung