libcryptsetup_rs/
lib.rs

1// This Source Code Form is subject to the terms of the Mozilla Public
2// License, v. 2.0. If a copy of the MPL was not distributed with this
3// file, You can obtain one at http://mozilla.org/MPL/2.0/.
4
5//! This is a wrapper library for libcryptsetup. The intention is to provide as much safety as
6//! possible when crossing FFI boundaries to the cryptsetup C library.
7
8// Keyfile reading functions are supported through a workaround in these bindings due
9// to how memory is handled in these functions - memory for keys is allocated
10// and the corresponding free functions are not part of the public API.
11// The function is copied and pasted from libcryptsetup and compiled into the bindings
12// for now to work around this. This will be supported by libcryptsetup at a later
13// time.
14
15pub use either::Either;
16
17#[macro_use]
18mod macros;
19
20mod activate;
21mod backup;
22pub mod consts;
23mod context;
24mod debug;
25mod device;
26mod err;
27mod format;
28mod key;
29mod keyfile;
30mod keyslot;
31mod log;
32mod luks2;
33mod mem;
34mod runtime;
35mod settings;
36mod status;
37#[cfg(test)]
38mod tests;
39mod wipe;
40
41use once_cell::sync::Lazy;
42
43#[cfg(cryptsetup23supported)]
44pub use crate::mem::{SafeBorrowedMemZero, SafeMemzero, SafeOwnedMemZero};
45pub use crate::{
46    activate::CryptActivationHandle,
47    backup::CryptBackupHandle,
48    context::CryptContextHandle,
49    debug::set_debug_level,
50    device::{CryptDevice, CryptInit},
51    err::LibcryptErr,
52    format::{
53        CryptFormatHandle, CryptParamsIntegrity, CryptParamsIntegrityRef, CryptParamsLoopaes,
54        CryptParamsLoopaesRef, CryptParamsLuks1, CryptParamsLuks1Ref, CryptParamsLuks2,
55        CryptParamsLuks2Ref, CryptParamsPlain, CryptParamsPlainRef, CryptParamsTcrypt,
56        CryptParamsTcryptRef, CryptParamsVerity, CryptParamsVerityRef,
57    },
58    key::CryptVolumeKeyHandle,
59    keyfile::{CryptKeyfileContents, CryptKeyfileHandle},
60    keyslot::CryptKeyslotHandle,
61    log::{log, set_log_callback},
62    luks2::{
63        flags::CryptLuks2FlagsHandle,
64        reencrypt::{CryptLuks2ReencryptHandle, CryptParamsReencrypt, CryptParamsReencryptRef},
65        token::{register, CryptLuks2TokenHandle, CryptTokenInfo, TokenInput},
66    },
67    mem::SafeMemHandle,
68    runtime::{ActiveDevice, CryptRuntimeHandle},
69    settings::{CryptPbkdfType, CryptPbkdfTypeRef, CryptSettingsHandle},
70    status::{get_sector_size, status, CryptDeviceStatusHandle},
71    wipe::CryptWipeHandle,
72};
73
74/// Re-exports `libc` types in API
75pub use libc::{c_int, c_uint, size_t};
76
77/// Result type to be used with `libcryptsetup-rs`
78pub type Result<T> = std::result::Result<T, LibcryptErr>;
79
80#[cfg(feature = "mutex")]
81static MUTEX: Lazy<per_thread_mutex::PerThreadMutex> =
82    Lazy::new(per_thread_mutex::PerThreadMutex::default);
83
84#[cfg(not(feature = "mutex"))]
85static THREAD_ID: Lazy<std::thread::ThreadId> = Lazy::new(|| std::thread::current().id());
86
87#[cfg(test)]
88mod test {
89    use crate::tests;
90
91    #[ignore]
92    #[test]
93    fn test_encrypt_by_password() {
94        tests::encrypt::test_encrypt_by_password();
95    }
96
97    #[ignore]
98    #[test]
99    #[cfg(cryptsetup24supported)]
100    fn test_reencrypt_by_password() {
101        tests::reencrypt::test_reencrypt_by_password();
102    }
103
104    #[ignore]
105    #[test]
106    fn test_encrypt_by_keyfile() {
107        tests::encrypt::test_encrypt_by_keyfile();
108    }
109
110    #[ignore]
111    #[test]
112    fn test_encrypt_by_password_without_explicit_format() {
113        tests::encrypt::test_encrypt_by_password_without_explicit_format();
114    }
115
116    #[ignore]
117    #[test]
118    fn test_unencrypted() {
119        tests::encrypt::test_unencrypted();
120    }
121
122    #[ignore]
123    #[test]
124    fn test_crypt_setup_free_exists() {
125        tests::keyfile::test_keyfile_cleanup();
126    }
127}