libcryptsetup_rs/
lib.rs

1// This Source Code Form is subject to the terms of the Mozilla Public
2// License, v. 2.0. If a copy of the MPL was not distributed with this
3// file, You can obtain one at http://mozilla.org/MPL/2.0/.
4
5//! This is a wrapper library for libcryptsetup. The intention is to provide as much safety as
6//! possible when crossing FFI boundaries to the cryptsetup C library.
7
8// Keyfile reading functions are supported through a workaround in these bindings due
9// to how memory is handled in these functions - memory for keys is allocated
10// and the corresponding free functions are not part of the public API.
11// The function is copied and pasted from libcryptsetup and compiled into the bindings
12// for now to work around this. This will be supported by libcryptsetup at a later
13// time.
14
15pub use either::Either;
16
17#[macro_use]
18mod macros;
19
20mod activate;
21mod backup;
22pub mod consts;
23mod context;
24mod debug;
25mod device;
26mod err;
27mod format;
28mod key;
29mod keyfile;
30mod keyslot;
31mod log;
32mod luks2;
33mod mem;
34#[allow(clippy::all)]
35#[cfg(feature = "mutex")]
36mod mutex;
37mod runtime;
38mod settings;
39mod status;
40#[cfg(test)]
41mod tests;
42mod wipe;
43
44use once_cell::sync::Lazy;
45
46#[cfg(cryptsetup23supported)]
47pub use crate::mem::{SafeBorrowedMemZero, SafeMemzero, SafeOwnedMemZero};
48pub use crate::{
49    activate::CryptActivationHandle,
50    backup::CryptBackupHandle,
51    context::CryptContextHandle,
52    debug::set_debug_level,
53    device::{CryptDevice, CryptInit},
54    err::LibcryptErr,
55    format::{
56        CryptFormatHandle, CryptParamsIntegrity, CryptParamsIntegrityRef, CryptParamsLoopaes,
57        CryptParamsLoopaesRef, CryptParamsLuks1, CryptParamsLuks1Ref, CryptParamsLuks2,
58        CryptParamsLuks2Ref, CryptParamsPlain, CryptParamsPlainRef, CryptParamsTcrypt,
59        CryptParamsTcryptRef, CryptParamsVerity, CryptParamsVerityRef,
60    },
61    key::CryptVolumeKeyHandle,
62    keyfile::{CryptKeyfileContents, CryptKeyfileHandle},
63    keyslot::CryptKeyslotHandle,
64    log::{log, set_log_callback},
65    luks2::{
66        flags::CryptLuks2FlagsHandle,
67        reencrypt::{CryptLuks2ReencryptHandle, CryptParamsReencrypt, CryptParamsReencryptRef},
68        token::{register, CryptLuks2TokenHandle, CryptTokenInfo, TokenInput},
69    },
70    mem::SafeMemHandle,
71    runtime::{ActiveDevice, CryptRuntimeHandle},
72    settings::{CryptPbkdfType, CryptPbkdfTypeRef, CryptSettingsHandle},
73    status::{get_sector_size, status, CryptDeviceStatusHandle},
74    wipe::CryptWipeHandle,
75};
76
77/// Re-exports `libc` types in API
78pub use libc::{c_int, c_uint, size_t};
79
80/// Result type to be used with `libcryptsetup-rs`
81pub type Result<T> = std::result::Result<T, LibcryptErr>;
82
83#[cfg(feature = "mutex")]
84static MUTEX: Lazy<crate::mutex::PerThreadMutex> = Lazy::new(crate::mutex::PerThreadMutex::default);
85
86#[cfg(not(feature = "mutex"))]
87static THREAD_ID: Lazy<std::thread::ThreadId> = Lazy::new(|| std::thread::current().id());
88
89#[cfg(test)]
90mod test {
91    use crate::tests;
92
93    #[ignore]
94    #[test]
95    fn test_encrypt_by_password() {
96        tests::encrypt::test_encrypt_by_password();
97    }
98
99    #[ignore]
100    #[test]
101    fn test_encrypt_by_keyfile() {
102        tests::encrypt::test_encrypt_by_keyfile();
103    }
104
105    #[ignore]
106    #[test]
107    fn test_encrypt_by_password_without_explicit_format() {
108        tests::encrypt::test_encrypt_by_password_without_explicit_format();
109    }
110
111    #[ignore]
112    #[test]
113    fn test_unencrypted() {
114        tests::encrypt::test_unencrypted();
115    }
116
117    #[ignore]
118    #[test]
119    fn test_crypt_setup_free_exists() {
120        tests::keyfile::test_keyfile_cleanup();
121    }
122}