Public cryptsetup API. More...

#include <stddef.h>
#include <stdint.h>

Data Structures
struct	crypt_pbkdf_type

struct	crypt_params_plain

struct	crypt_params_luks1

struct	crypt_params_loopaes

struct	crypt_params_verity

struct	crypt_params_tcrypt

struct	crypt_params_integrity

struct	crypt_params_luks2

struct	crypt_active_device

struct	crypt_token_params_luks2_keyring

struct	crypt_token_handler

struct	crypt_params_reencrypt

Macros
#define	CRYPT_LOG_NORMAL 0

#define	CRYPT_LOG_ERROR 1

#define	CRYPT_LOG_VERBOSE 2

#define	CRYPT_LOG_DEBUG -1

#define	CRYPT_LOG_DEBUG_JSON -2

#define	CRYPT_RNG_URANDOM 0

#define	CRYPT_RNG_RANDOM 1

#define	CRYPT_PBKDF_ITER_TIME_SET (1 << 0)

#define	CRYPT_PBKDF_NO_BENCHMARK (1 << 1)

#define	CRYPT_KDF_PBKDF2 "pbkdf2"

#define	CRYPT_KDF_ARGON2I "argon2i"

#define	CRYPT_KDF_ARGON2ID "argon2id"

#define	CRYPT_PLAIN "PLAIN"

#define	CRYPT_LUKS1 "LUKS1"

#define	CRYPT_LUKS2 "LUKS2"

#define	CRYPT_LOOPAES "LOOPAES"

#define	CRYPT_VERITY "VERITY"

#define	CRYPT_TCRYPT "TCRYPT"

#define	CRYPT_INTEGRITY "INTEGRITY"

#define	CRYPT_BITLK "BITLK"

#define	CRYPT_LUKS NULL

#define	CRYPT_VERITY_NO_HEADER (1 << 0)

#define	CRYPT_VERITY_CHECK_HASH (1 << 1)

#define	CRYPT_VERITY_CREATE_HASH (1 << 2)

#define	CRYPT_VERITY_ROOT_HASH_SIGNATURE (1 << 3)

#define	CRYPT_TCRYPT_LEGACY_MODES (1 << 0)

#define	CRYPT_TCRYPT_HIDDEN_HEADER (1 << 1)

#define	CRYPT_TCRYPT_BACKUP_HEADER (1 << 2)

#define	CRYPT_TCRYPT_SYSTEM_HEADER (1 << 3)

#define	CRYPT_TCRYPT_VERA_MODES (1 << 4)

#define	CRYPT_COMPAT_LEGACY_INTEGRITY_PADDING (1 << 0)

#define	CRYPT_COMPAT_LEGACY_INTEGRITY_HMAC (1 << 1)

#define	CRYPT_COMPAT_LEGACY_INTEGRITY_RECALC (1 << 2)

#define	CRYPT_ANY_SLOT -1

#define	CRYPT_VOLUME_KEY_NO_SEGMENT (1 << 0)

#define	CRYPT_VOLUME_KEY_SET (1 << 1)

#define	CRYPT_VOLUME_KEY_DIGEST_REUSE (1 << 2)

#define	CRYPT_ACTIVATE_READONLY (1 << 0)

#define	CRYPT_ACTIVATE_NO_UUID (1 << 1)

#define	CRYPT_ACTIVATE_SHARED (1 << 2)

#define	CRYPT_ACTIVATE_ALLOW_DISCARDS (1 << 3)

#define	CRYPT_ACTIVATE_PRIVATE (1 << 4)

#define	CRYPT_ACTIVATE_CORRUPTED (1 << 5)

#define	CRYPT_ACTIVATE_SAME_CPU_CRYPT (1 << 6)

#define	CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS (1 << 7)

#define	CRYPT_ACTIVATE_IGNORE_CORRUPTION (1 << 8)

#define	CRYPT_ACTIVATE_RESTART_ON_CORRUPTION (1 << 9)

#define	CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS (1 << 10)

#define	CRYPT_ACTIVATE_KEYRING_KEY (1 << 11)

#define	CRYPT_ACTIVATE_NO_JOURNAL (1 << 12)

#define	CRYPT_ACTIVATE_RECOVERY (1 << 13)

#define	CRYPT_ACTIVATE_IGNORE_PERSISTENT (1 << 14)

#define	CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE (1 << 15)

#define	CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY (1 << 16)

#define	CRYPT_ACTIVATE_RECALCULATE (1 << 17)

#define	CRYPT_ACTIVATE_REFRESH (1 << 18)

#define	CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF (1 << 19)

#define	CRYPT_ACTIVATE_NO_JOURNAL_BITMAP (1 << 20)

#define	CRYPT_ACTIVATE_SUSPENDED (1 << 21)

#define	CRYPT_ACTIVATE_IV_LARGE_SECTORS (1 << 22)

#define	CRYPT_ACTIVATE_PANIC_ON_CORRUPTION (1 << 23)

#define	CRYPT_ACTIVATE_NO_READ_WORKQUEUE (1 << 24)

#define	CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE (1 << 25)

#define	CRYPT_ACTIVATE_RECALCULATE_RESET (1 << 26)

#define	CRYPT_REQUIREMENT_OFFLINE_REENCRYPT (1 << 0)

#define	CRYPT_REQUIREMENT_ONLINE_REENCRYPT (1 << 1)

#define	CRYPT_REQUIREMENT_UNKNOWN (1 << 31)

#define	CRYPT_DEACTIVATE_DEFERRED (1 << 0)

#define	CRYPT_DEACTIVATE_FORCE (1 << 1)

#define	CRYPT_DEACTIVATE_DEFERRED_CANCEL (1 << 2)

#define	CRYPT_DEBUG_ALL -1

#define	CRYPT_DEBUG_JSON -2

#define	CRYPT_DEBUG_NONE 0

#define	CRYPT_KEYFILE_STOP_EOL (1 << 0)

#define	CRYPT_WIPE_NO_DIRECT_IO (1 << 0)

#define	CRYPT_ANY_TOKEN -1

#define	CRYPT_TOKEN_ABI_VERSION1 "CRYPTSETUP_TOKEN_1.0"

#define	CRYPT_TOKEN_ABI_OPEN "cryptsetup_token_open" /* mandatory */

#define	CRYPT_TOKEN_ABI_OPEN_PIN "cryptsetup_token_open_pin"

#define	CRYPT_TOKEN_ABI_BUFFER_FREE "cryptsetup_token_buffer_free"

#define	CRYPT_TOKEN_ABI_VALIDATE "cryptsetup_token_validate"

#define	CRYPT_TOKEN_ABI_DUMP "cryptsetup_token_dump"

#define	CRYPT_TOKEN_ABI_VERSION "cryptsetup_token_version"

#define	CRYPT_REENCRYPT_INITIALIZE_ONLY (1 << 0)

#define	CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT (1 << 1)

#define	CRYPT_REENCRYPT_RESUME_ONLY (1 << 2)

#define	CRYPT_REENCRYPT_RECOVERY (1 << 3)

Typedefs
typedef int(*	crypt_token_open_func) (struct crypt_device cd, int token, char buffer, size_t buffer_len, void *usrptr)

typedef int(*	crypt_token_open_pin_func) (struct crypt_device cd, int token, const char pin, size_t pin_size, char *buffer, size_t buffer_len, void *usrptr)

typedef void(*	crypt_token_buffer_free_func) (void *buffer, size_t buffer_len)

typedef int(*	crypt_token_validate_func) (struct crypt_device cd, const char json)

typedef void(*	crypt_token_dump_func) (struct crypt_device cd, const char json)

typedef const char (	crypt_token_version_func) (void)

Enumerations
enum	crypt_flags_type { CRYPT_FLAGS_ACTIVATION , CRYPT_FLAGS_REQUIREMENTS }

enum	crypt_status_info { CRYPT_INVALID , CRYPT_INACTIVE , CRYPT_ACTIVE , CRYPT_BUSY }

enum	crypt_keyslot_info { CRYPT_SLOT_INVALID , CRYPT_SLOT_INACTIVE , CRYPT_SLOT_ACTIVE , CRYPT_SLOT_ACTIVE_LAST , CRYPT_SLOT_UNBOUND }

enum	crypt_keyslot_priority { CRYPT_SLOT_PRIORITY_INVALID =-1 , CRYPT_SLOT_PRIORITY_IGNORE = 0 , CRYPT_SLOT_PRIORITY_NORMAL = 1 , CRYPT_SLOT_PRIORITY_PREFER = 2 }

enum	crypt_wipe_pattern { CRYPT_WIPE_ZERO , CRYPT_WIPE_RANDOM , CRYPT_WIPE_ENCRYPTED_ZERO , CRYPT_WIPE_SPECIAL }

enum	crypt_token_info { CRYPT_TOKEN_INVALID , CRYPT_TOKEN_INACTIVE , CRYPT_TOKEN_INTERNAL , CRYPT_TOKEN_INTERNAL_UNKNOWN , CRYPT_TOKEN_EXTERNAL , CRYPT_TOKEN_EXTERNAL_UNKNOWN }

enum	crypt_reencrypt_direction_info { CRYPT_REENCRYPT_FORWARD = 0 , CRYPT_REENCRYPT_BACKWARD }

enum	crypt_reencrypt_mode_info { CRYPT_REENCRYPT_REENCRYPT = 0 , CRYPT_REENCRYPT_ENCRYPT , CRYPT_REENCRYPT_DECRYPT }

enum	crypt_reencrypt_info { CRYPT_REENCRYPT_NONE = 0 , CRYPT_REENCRYPT_CLEAN , CRYPT_REENCRYPT_CRASH , CRYPT_REENCRYPT_INVALID }

Functions
int	crypt_init (struct crypt_device *cd, const char device)

int	crypt_init_data_device (struct crypt_device *cd, const char device, const char *data_device)

int	crypt_init_by_name_and_header (struct crypt_device *cd, const char name, const char *header_device)

int	crypt_init_by_name (struct crypt_device *cd, const char name)

void	crypt_free (struct crypt_device *cd)

void	crypt_set_confirm_callback (struct crypt_device cd, int(confirm)(const char msg, void usrptr), void *usrptr)

int	crypt_set_data_device (struct crypt_device cd, const char device)

int	crypt_set_data_offset (struct crypt_device *cd, uint64_t data_offset)

void	crypt_set_log_callback (struct crypt_device cd, void(log)(int level, const char msg, void usrptr), void *usrptr)

void	crypt_log (struct crypt_device cd, int level, const char msg)

void	crypt_logf (struct crypt_device cd, int level, const char format,...)

void	crypt_set_rng_type (struct crypt_device *cd, int rng_type)

int	crypt_get_rng_type (struct crypt_device *cd)

int	crypt_set_pbkdf_type (struct crypt_device cd, const struct crypt_pbkdf_type pbkdf)

const struct crypt_pbkdf_type *	crypt_get_pbkdf_type_params (const char *pbkdf_type)

const struct crypt_pbkdf_type *	crypt_get_pbkdf_default (const char *type)

const struct crypt_pbkdf_type *	crypt_get_pbkdf_type (struct crypt_device *cd)

void	crypt_set_iteration_time (struct crypt_device *cd, uint64_t iteration_time_ms)

int	crypt_memory_lock (struct crypt_device *cd, int lock)

int	crypt_metadata_locking (struct crypt_device *cd, int enable)

int	crypt_set_metadata_size (struct crypt_device *cd, uint64_t metadata_size, uint64_t keyslots_size)

int	crypt_get_metadata_size (struct crypt_device cd, uint64_t metadata_size, uint64_t *keyslots_size)

const char *	crypt_get_type (struct crypt_device *cd)

const char *	crypt_get_default_type (void)

int	crypt_format (struct crypt_device cd, const char type, const char cipher, const char cipher_mode, const char uuid, const char volume_key, size_t volume_key_size, void *params)

void	crypt_set_compatibility (struct crypt_device *cd, uint32_t flags)

uint32_t	crypt_get_compatibility (struct crypt_device *cd)

int	crypt_convert (struct crypt_device cd, const char type, void *params)

int	crypt_set_uuid (struct crypt_device cd, const char uuid)

int	crypt_set_label (struct crypt_device cd, const char label, const char *subsystem)

int	crypt_volume_key_keyring (struct crypt_device *cd, int enable)

int	crypt_load (struct crypt_device cd, const char requested_type, void *params)

int	crypt_repair (struct crypt_device cd, const char requested_type, void *params)

int	crypt_resize (struct crypt_device cd, const char name, uint64_t new_size)

int	crypt_suspend (struct crypt_device cd, const char name)

int	crypt_resume_by_passphrase (struct crypt_device cd, const char name, int keyslot, const char *passphrase, size_t passphrase_size)

int	crypt_resume_by_keyfile_device_offset (struct crypt_device cd, const char name, int keyslot, const char *keyfile, size_t keyfile_size, uint64_t keyfile_offset)

int	crypt_resume_by_keyfile_offset (struct crypt_device cd, const char name, int keyslot, const char *keyfile, size_t keyfile_size, size_t keyfile_offset)

int	crypt_resume_by_keyfile (struct crypt_device cd, const char name, int keyslot, const char *keyfile, size_t keyfile_size)

int	crypt_resume_by_volume_key (struct crypt_device cd, const char name, const char *volume_key, size_t volume_key_size)

int	crypt_keyslot_add_by_passphrase (struct crypt_device cd, int keyslot, const char passphrase, size_t passphrase_size, const char *new_passphrase, size_t new_passphrase_size)

int	crypt_keyslot_change_by_passphrase (struct crypt_device cd, int keyslot_old, int keyslot_new, const char passphrase, size_t passphrase_size, const char *new_passphrase, size_t new_passphrase_size)

int	crypt_keyslot_add_by_keyfile_device_offset (struct crypt_device cd, int keyslot, const char keyfile, size_t keyfile_size, uint64_t keyfile_offset, const char *new_keyfile, size_t new_keyfile_size, uint64_t new_keyfile_offset)

int	crypt_keyslot_add_by_keyfile_offset (struct crypt_device cd, int keyslot, const char keyfile, size_t keyfile_size, size_t keyfile_offset, const char *new_keyfile, size_t new_keyfile_size, size_t new_keyfile_offset)

int	crypt_keyslot_add_by_keyfile (struct crypt_device cd, int keyslot, const char keyfile, size_t keyfile_size, const char *new_keyfile, size_t new_keyfile_size)

int	crypt_keyslot_add_by_volume_key (struct crypt_device cd, int keyslot, const char volume_key, size_t volume_key_size, const char *passphrase, size_t passphrase_size)

int	crypt_keyslot_add_by_key (struct crypt_device cd, int keyslot, const char volume_key, size_t volume_key_size, const char *passphrase, size_t passphrase_size, uint32_t flags)

int	crypt_keyslot_destroy (struct crypt_device *cd, int keyslot)

int	crypt_get_active_device (struct crypt_device cd, const char name, struct crypt_active_device *cad)

uint64_t	crypt_get_active_integrity_failures (struct crypt_device cd, const char name)

int	crypt_persistent_flags_set (struct crypt_device *cd, crypt_flags_type type, uint32_t flags)

int	crypt_persistent_flags_get (struct crypt_device cd, crypt_flags_type type, uint32_t flags)

int	crypt_activate_by_passphrase (struct crypt_device cd, const char name, int keyslot, const char *passphrase, size_t passphrase_size, uint32_t flags)

int	crypt_activate_by_keyfile_device_offset (struct crypt_device cd, const char name, int keyslot, const char *keyfile, size_t keyfile_size, uint64_t keyfile_offset, uint32_t flags)

int	crypt_activate_by_keyfile_offset (struct crypt_device cd, const char name, int keyslot, const char *keyfile, size_t keyfile_size, size_t keyfile_offset, uint32_t flags)

int	crypt_activate_by_keyfile (struct crypt_device cd, const char name, int keyslot, const char *keyfile, size_t keyfile_size, uint32_t flags)

int	crypt_activate_by_volume_key (struct crypt_device cd, const char name, const char *volume_key, size_t volume_key_size, uint32_t flags)

int	crypt_activate_by_signed_key (struct crypt_device cd, const char name, const char volume_key, size_t volume_key_size, const char signature, size_t signature_size, uint32_t flags)

int	crypt_activate_by_keyring (struct crypt_device cd, const char name, const char *key_description, int keyslot, uint32_t flags)

int	crypt_deactivate_by_name (struct crypt_device cd, const char name, uint32_t flags)

int	crypt_deactivate (struct crypt_device cd, const char name)

int	crypt_volume_key_get (struct crypt_device cd, int keyslot, char volume_key, size_t volume_key_size, const char passphrase, size_t passphrase_size)

int	crypt_volume_key_verify (struct crypt_device cd, const char volume_key, size_t volume_key_size)

crypt_status_info	crypt_status (struct crypt_device cd, const char name)

int	crypt_dump (struct crypt_device *cd)

int	crypt_dump_json (struct crypt_device cd, const char *json, uint32_t flags)

const char *	crypt_get_cipher (struct crypt_device *cd)

const char *	crypt_get_cipher_mode (struct crypt_device *cd)

const char *	crypt_get_uuid (struct crypt_device *cd)

const char *	crypt_get_device_name (struct crypt_device *cd)

const char *	crypt_get_metadata_device_name (struct crypt_device *cd)

uint64_t	crypt_get_data_offset (struct crypt_device *cd)

uint64_t	crypt_get_iv_offset (struct crypt_device *cd)

int	crypt_get_volume_key_size (struct crypt_device *cd)

int	crypt_get_sector_size (struct crypt_device *cd)

int	crypt_header_is_detached (struct crypt_device *cd)

int	crypt_get_verity_info (struct crypt_device cd, struct crypt_params_verity vp)

int	crypt_get_integrity_info (struct crypt_device cd, struct crypt_params_integrity ip)

int	crypt_benchmark (struct crypt_device cd, const char cipher, const char cipher_mode, size_t volume_key_size, size_t iv_size, size_t buffer_size, double encryption_mbs, double *decryption_mbs)

int	crypt_benchmark_pbkdf (struct crypt_device cd, struct crypt_pbkdf_type pbkdf, const char password, size_t password_size, const char salt, size_t salt_size, size_t volume_key_size, int(progress)(uint32_t time_ms, void usrptr), void *usrptr)

crypt_keyslot_info	crypt_keyslot_status (struct crypt_device *cd, int keyslot)

crypt_keyslot_priority	crypt_keyslot_get_priority (struct crypt_device *cd, int keyslot)

int	crypt_keyslot_set_priority (struct crypt_device *cd, int keyslot, crypt_keyslot_priority priority)

int	crypt_keyslot_max (const char *type)

int	crypt_keyslot_area (struct crypt_device cd, int keyslot, uint64_t offset, uint64_t *length)

int	crypt_keyslot_get_key_size (struct crypt_device *cd, int keyslot)

const char *	crypt_keyslot_get_encryption (struct crypt_device cd, int keyslot, size_t key_size)

int	crypt_keyslot_get_pbkdf (struct crypt_device cd, int keyslot, struct crypt_pbkdf_type pbkdf)

int	crypt_keyslot_set_encryption (struct crypt_device cd, const char cipher, size_t key_size)

const char *	crypt_get_dir (void)

int	crypt_header_backup (struct crypt_device cd, const char requested_type, const char *backup_file)

int	crypt_header_restore (struct crypt_device cd, const char requested_type, const char *backup_file)

void	crypt_set_debug_level (int level)

int	crypt_keyfile_device_read (struct crypt_device cd, const char keyfile, char *key, size_t key_size_read, uint64_t keyfile_offset, size_t key_size, uint32_t flags)

int	crypt_keyfile_read (struct crypt_device cd, const char keyfile, char *key, size_t key_size_read, size_t keyfile_offset, size_t key_size, uint32_t flags)

int	crypt_wipe (struct crypt_device cd, const char dev_path, crypt_wipe_pattern pattern, uint64_t offset, uint64_t length, size_t wipe_block_size, uint32_t flags, int(progress)(uint64_t size, uint64_t offset, void usrptr), void *usrptr)

int	crypt_token_max (const char *type)

int	crypt_token_json_get (struct crypt_device cd, int token, const char *json)

int	crypt_token_json_set (struct crypt_device cd, int token, const char json)

crypt_token_info	crypt_token_status (struct crypt_device cd, int token, const char *type)

int	crypt_token_luks2_keyring_set (struct crypt_device cd, int token, const struct crypt_token_params_luks2_keyring params)

int	crypt_token_luks2_keyring_get (struct crypt_device cd, int token, struct crypt_token_params_luks2_keyring params)

int	crypt_token_assign_keyslot (struct crypt_device *cd, int token, int keyslot)

int	crypt_token_unassign_keyslot (struct crypt_device *cd, int token, int keyslot)

int	crypt_token_is_assigned (struct crypt_device *cd, int token, int keyslot)

int	crypt_token_register (const crypt_token_handler *handler)

const char *	crypt_token_external_path (void)

void	crypt_token_external_disable (void)

int	crypt_activate_by_token (struct crypt_device cd, const char name, int token, void *usrptr, uint32_t flags)

int	crypt_activate_by_token_pin (struct crypt_device cd, const char name, const char type, int token, const char pin, size_t pin_size, void *usrptr, uint32_t flags)

int	crypt_reencrypt_init_by_passphrase (struct crypt_device cd, const char name, const char passphrase, size_t passphrase_size, int keyslot_old, int keyslot_new, const char cipher, const char cipher_mode, const struct crypt_params_reencrypt params)

int	crypt_reencrypt_init_by_keyring (struct crypt_device cd, const char name, const char key_description, int keyslot_old, int keyslot_new, const char cipher, const char cipher_mode, const struct crypt_params_reencrypt params)

int	crypt_reencrypt (struct crypt_device cd, int(progress)(uint64_t size, uint64_t offset, void *usrptr)) __attribute__((deprecated))

int	crypt_reencrypt_run (struct crypt_device cd, int(progress)(uint64_t size, uint64_t offset, void usrptr), void usrptr)

crypt_reencrypt_info	crypt_reencrypt_status (struct crypt_device cd, struct crypt_params_reencrypt params)

void *	crypt_safe_alloc (size_t size)

void	crypt_safe_free (void *data)

void *	crypt_safe_realloc (void *data, size_t size)

void	crypt_safe_memzero (void *data, size_t size)

Detailed Description

Public cryptsetup API.

For more verbose examples of LUKS related use cases, please read examples.

Data Structures

Macros

Typedefs

Enumerations

Functions

Detailed Description