Added cryptsetup supportc-refactor

Currently, we allow 5 tries to get the password correct before returning
code 1 and aborting early.

Updated str split function to require str argument to be a const char.

Note that this version of the init program does not mount the decrypted
root. It also requires one cli argument, the path to a cmdline file.
This will be removed at a later date as this configuration is just for
testing.

3 files changed, 81 insertions, 8 deletions

diff --git a/Makefile b/Makefile
index 2623012..3f9344c 100644
--- a/Makefile
+++ b/Makefile
@@ -4,7 +4,7 @@ all:
 	if [ ! -d obj ]; then mkdir obj; fi
 	cc $(dbg) src/str.c -c -o obj/str.o
 	cc $(dbg) src/cmdline.c -c -o obj/cmdline.o
-	cc $(dbg) src/init.c obj/*.o -lblkid -o init
+	cc $(dbg) src/init.c obj/*.o -lblkid -lcryptsetup -o init
 
 debug:
 	make all dbg='-g'
diff --git a/src/init.c b/src/init.c
index 9ae7232..8b69060 100644
--- a/src/init.c
+++ b/src/init.c
@@ -4,6 +4,7 @@
 #include <sys/mount.h>
 #include <blkid/blkid.h>
 #include <termios.h>
+#include <libcryptsetup.h>
 
 #include "cmdline.h"
 
@@ -31,6 +32,40 @@ int blk_get_fstype(const char* path, char* outfs) {
 }
 
 
+int cryptsetup_luksopen(char* path, char* devname, char* password) {
+  struct crypt_device* cd;
+  struct crypt_active_device cad;
+  int retval;
+
+  // Create the context
+  retval = crypt_init(&cd, path);
+  if(retval < 0) {
+    printf("Failed to initialize crypt context for '%s'.\n", path);
+    return -1;
+  }
+
+
+  // Load luks header into context
+  retval = crypt_load(cd, CRYPT_LUKS1, NULL);
+  if(retval < 0) {
+    printf("Failed to load Luks header for '%s'.\n", path);
+    crypt_free(cd);
+    return -1;
+  }
+
+  // Attempt opening the device with the specified password
+  retval = crypt_activate_by_passphrase(
+      cd,
+      devname,
+      CRYPT_ANY_SLOT,
+      password, strlen(password),
+      CRYPT_ACTIVATE_READONLY);
+
+  crypt_free(cd);
+  return retval;
+}
+
+
 /**
  * readnchar:
  * @fd:  File descriptor to read from
@@ -80,13 +115,17 @@ int main(int argc, char* argv[]) {
   struct cmdline args; // Command line argument object (from /proc/cmdline)
   char fstype[64];     // Detected filesystem on root fs.
   char* newroot = "/mnt/root"; // Path to the new root mountpoint
+  char* devname = "newroot";   // Name of the mapper device for a decrypted root
   char password[1024];
+  int tries = 5;       // Number of tries allowed to decrypt root
+  int retval;
 
   // Clear the screen
   printf("\033[2J\033[1;1H");
 
   // Read and parse /proc/cmdline into the new object
-  cmdline_new("/proc/cmdline", &args);
+  //cmdline_new("/proc/cmdline", &args);
+  cmdline_new(argv[1], &args);
 
   // Get filesystem type of 'root' argument
   if(blk_get_fstype(args.root, fstype) != 0) {
@@ -94,17 +133,51 @@ int main(int argc, char* argv[]) {
     return 1;
   }
 
+  /**
+   * TODO: Move this into its own function
+   */
   if(strcmp(fstype, "crypto_LUKS") == 0) {
     printf("Root device '%s' is encrypted.\n", args.root);
-    printf("Please specify a decription password: ");
-    readnchar(stdin, 1024, password);
-    printf("\nDecrypting dev '%s' with password '%s'\n", args.root, password);
-  }
 
+    while(tries > 0) {
+      printf("Please specify a decription password: ");
+      readnchar(stdin, 1024, password);
+      printf("\nDecrypting dev '%s' with password '%s'\n", args.root, password);
+      retval = cryptsetup_luksopen(args.root, devname, password);
+
+      if(retval == 0) {
+        printf("Remapping root '%s' to '/dev/mapper/%s'\n", args.root, devname);
+        sprintf(args.root, "/dev/mapper/%s", devname);
+        break;
+      }
+
+      // Respond to return values
+      if(retval = -1) {
+        printf("Password incorect for device %s (%s)\n", devname, args.root);
+      } else if(retval == -22) {
+        printf("Cannot open devices without root.\n");
+        return 1;
+      } else {
+        printf("Unknown error occured decrypting device %s.\n", devname);
+        printf("Code %d\n", retval);
+        return 1;
+      }
+
+      tries--;
+    }
+    if(tries == 0) {
+      printf("Maximum number of decryption attempts reached.\n");
+      return 1;
+    }
+  }
 
   cmdline_dump(&args);
-
   printf("Mounting %s on %s, fs type %s\n", args.root, newroot, fstype);
+
+
+  if(retval != 0)
+    return 1;
+
   // if(mount(rootdev, fakeroot, fstype, MS_RDONLY, NULL) != 0) {
   //   printf("Error mounting %s on %s\n", args.root, newroot);
   //   return 1;
diff --git a/src/str.h b/src/str.h
index 6595c11..73bfbb4 100644
--- a/src/str.h
+++ b/src/str.h
@@ -1,4 +1,4 @@
 #include <string.h>
 #include <stdio.h>
 
-int strsplit(char* str, char delim, char* key, char* val);
+int strsplit(const char*, char, char*, char*);