forge/pgl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit

Browse source
This commit is contained in:
amartin 2017-01-12 15:01:19 -06:00
commit 599967d5e1
11 changed files with 1452 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
CHANGELOG Normal file
View file

@ -0,0 +1,14 @@
v0.3
Beta version for decrypt script
v0.3.1
Fixes bug with log() function which added an extra line at every log
v0.4
Adds asyncronous drive opening
v0.5
Adds password function for systems with no keedrive
v0.5.1
Fixes bug in help parser

7
LICENSE Normal file
View file

@ -0,0 +1,7 @@
Copyright (c) 2016 Antoine Martin <antoine.martin@protonmail.com>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

34
PKGBUILD Normal file
View file

@ -0,0 +1,34 @@
pkgname=decrypt
pkgver=0.5.1
pkgrel=4
pkgdesc="Decryption script"
arch=('any')
license=('MIT')
depends=('cryptsetup')
changelog=changelog
install=decrypt.install
source=(
'binaries/decrypt.sh'
'initcpio/archlinux/decrypt.hook'
'initcpio/archlinux/decrypt.install'
)
package() {
# Install last known script with service
install -Dm 755 "${srcdir}/decrypt.hook" "${pkgdir}/usr/lib/initcpio/hooks/decrypt"
install -Dm 755 "${srcdir}/decrypt.sh" "${pkgdir}/usr/lib/initcpio/hooks/decrypt.sh"
install -Dm 755 "${srcdir}/decrypt.install" "${pkgdir}/usr/lib/initcpio/install/decrypt"
# Add copywrite header to all files
for i in $(find ${pkgdir}/* -type f -not -name ".PKGINFO" -not -name ".BUILDINFO" -not -name ".MTREE"); do
echo "#
# Author Antoine Martin
# Copyright (c) $(date +%Y) Antoine Martin <antoine.martin@protonmail.com>
# Release v${pkgver}-${pkgrel} ${pkgname}
#
$(cat "${i}")
" > ${i}
done
}

596
binaries/decrypt.sh Normal file
View file

@ -0,0 +1,596 @@
#!/usr/bin/ash
# Global variables
VERSION="0.5"
STDERR=$(mktemp /tmp/STDERR.XXXXXXXXXX)
INDENT=0
WARN=false
driveArray=()
o_kch=false
o_efi=false
o_cfg=false
o_mkcfg=false
function log {
if [ ${1} = "INDENT" ]; then
if [ -z "${1}" ]; then
INDENT="0"
else
shift
INDENT=$((${INDENT} ${1} *6 ))
fi
elif [ ${1} = "EXEC" ]; then
shift
echo -en "$(tput cuf "${INDENT}") [ ] ${1}\n"
elif [ ${1} = "OK" ]; then
if [ -z "${2}" ]; then
HEIGHT=1
else
HEIGHT=$(( ${2} + 1))
fi
echo -en "$(tput cuu "${HEIGHT}")$(tput cuf "${INDENT}") [$(tput bold)$(tput setaf 2) OK $(tput sgr0)]$(tput cub 100)$(tput cud "${HEIGHT}")"
elif [ ${1} = "WARN" ]; then
shift;
if [ -z "${2}" ]; then
HEIGHT=1
else
HEIGHT=$(( ${2} + 1))
fi
echo -en "$(tput cuu "${HEIGHT}")$(tput cuf "${INDENT}") [$(tput bold)$(tput setaf 3) WARN $(tput sgr0)]"
echo -en "\n$(tput cuf "${INDENT}") [>>>>>>] ${1} \n"
if [ -n "${STDERR}" ]; then
cat ${STDERR}
fi
rm ${STDERR}
STDERR=$(mktemp /tmp/STDERR.XXXXXXXXXX)
echo -en "$(tput cub 100)$(tput cud "${HEIGHT}")"
elif [ ${1} = "FAIL" ]; then
shift;
if [ -z "${2}" ]; then
HEIGHT=1
else
HEIGHT=$(( ${2} + 1))
fi
echo -en "$(tput cuu "${HEIGHT}")$(tput cuf "${INDENT}") [$(tput bold)$(tput setaf 1) FAIL $(tput sgr0)]"
echo -en "\n$(tput cuf "${INDENT}") [>>>>>>] ${1} \n"
if [ -n "${STDERR}" ]; then
cat ${STDERR}
fi
rm ${STDERR}
STDERR=$(mktemp /tmp/STDERR.XXXXXXXXXX)
echo -en "$(tput cuf "${INDENT}") [ ] Fatal error reported. Press any key to shutdown."
read -n 1 -s
echo -en "$(tput cub 100)$(tput cuf "${INDENT}") ["
TIME=3
while [ ${TIME} -ne 0 ]; do
sleep 1;
echo -en "||"
TIME=$(( ${TIME}-1 ))
done
echo -en "\n$(tput cub 100)$(tput cud "${HEIGHT}")"
exit
elif [ ${1} = "ECHO" ]; then
shift
echo -e "$(tput cuf "${INDENT}") [======] ${1}"
fi
}
function cfg_loader {
if [ -z "${CFG}" ]; then
CFG="/tmp/decrypt/mnt/decrypt/decrypt.cfg"
fi
if [ -z "${EFI}" ]; then
EFI="/dev/disk/by-partlabel/EFI"
fi
log EXEC "Loading decrypt.cfg"
mkdir -p /tmp/decrypt/mnt
if [ "${o_cfg}" == false ]; then
mount -r -t vfat "${EFI}" /tmp/decrypt/mnt >${STDERR} 2>&1
if [ $? == 0 ]; then
echo -n
else
log FAIL "Could not mount EFI partition"
fi
fi
if [ -e "${CFG}" ]; then
if egrep -q -v '^#|^[^ ]*=[^;]*' "${CFG}"; then
log WARN "Unclean config detected. Someone may be doing something weird. Cleaning and then echoing"
egrep '^#|^[^ ]*=[^;&]*' "${CFG}" > "/tmp/decrypt/decrypt.cfg"
cat "/tmp/decrypt/decrypt.cfg"
log ECHO "If it looks good, press any key to continue. If not, exit and clean it manually"
read -n 1 -s
source /tmp/decrypt/decrypt.cfg
else
log OK
dd if=${CFG} of=/tmp/decrypt/decrypt.cfg >/dev/null 2>&1
source /tmp/decrypt/decrypt.cfg
fi
if [ "${o_cfg}" == false ]; then
umount /tmp/decrypt/mnt
fi
else
log FAIL "Could not find decrypt.cfg."
fi
}
function cfg_generator {
log
}
function help {
case ${1} in
# Help for decrypt open
open)
echo -e "\033[1A
Usage: decrypt open
Opens encrypted drive array
Opens encrypted drive array and mounts them to /dev/mapper/<partlabel> using the
configuration file and keychain key found in the EFI partition (Any partition
with 'EFI' as partlabel) in the ./decrypt subfolder. If there's no key drive,
a password will be requested.
"
exit
;;
# Help for decrypt close
close)
echo -e "\033[1A
Usage: decryt close
Closes encrypted drive array
Closes encrypted drive array, which implies unmounting them from /dev/mapper/<partlabel>.
If the partitions are mounted to the local filesystem, this action will fail.
"
;;
# Help for decrypt create
create)
echo -e "\033[1A
Usage: decrypt create [--config-only=<output>] <keydrive> <efi> <devices>
Creates encrypted drive array
Creates encrypted drive array with the devices defined at the endby first generating a
keydrive and a decypt subfolder in the efi partition. In this folder, a config file and
a keychain key will be generated as well. The keychain key is used to unlock the keydrive.
The config file is used to know what drives to open and which keydrive is used (Both via
the partition UUIDs).
For an encrypted drive array to be created, a few things must be done:
* A partition with a PARTLABEL called 'EFI' formatted as FAT32. In the standard configuration,
the EFI partition will also be where the boot files will live
* An unformatted key-drive (Any removable device with a minimum of 4MB of unformatted space)
* Unformatted partitions that will be encrypted
* Use of the GPT partition scheme.
--config-only=<output>
This will only generate a config file
"
;;
# Help for decrypt addkey
addkey)
echo -e "\033[1A
Usage: decrypt addkey <key-drive>
Add a keydrive to the drive array
"
;;
# Help for decrypt --info
info)
echo -e "\033[1A
Decrypt v${VERSION} written under the MIT license (see license) by Antoine Martin.
"
exit
;;
# Help for decrypt --help
*)
echo -e "\033[1A
Usage: decrypt [--help] [--info] [<options>] <command> [<args>]
Options
--config=</path/to/config>
In a setup where no EFI partition exists, or is not usable, you can manually
specify the location of the configuration file. This is usually used in a recovery
setting. Requires --keychain to be called. Ignored if command is 'decrypt create'
--keychain=</path/to/keychain>
In a setup where no EFI partition exists, or is not usable, you can manually
specify the location of the keychain. This is usually used in a recovery setting.
Requires --config to be called. Ignored if 'decrypt create' is called.
--efi-partition=</path/to/efi/device>
In a setup with multiple partitions that has EFI as partlabel, this option
manually defines the efi partition. Within this partition, it will look
for decrypt.cfg and kch in the ./decrypt subfolder. Ignored if 'decrypt create'
is called. Ignored if --keychain or --config is called.
Commands
open
Opens encrypted drive array
close
Closes encrypted drive arra
create [--config-only=<output>] <keydrive> <efi> <devices>
Creates an encrypted drive array
NOTICE: Full drive array creation not yet supported, --config-only is forced on
addkey <new-keydrive>
Add a keydrive to the drive array
NOTE: Function not supported yet
remkey <old-keydrive>
Remove a keydrive from the drive array
NOTE: Function not supported yet
"
;;
esac
}
#Recursive argument parser
while true; do
case ${1} in
--help)
help
exit
;;
--info)
help info
exit
;;
--config=*)
if [ -z "${1#*=}" ]; then
help
else
log ECHO "--config called. Config file location defined as: ${1#*=}"
CFG="${1#*=}"
o_cfg=true
fi
;;
--keychain=*)
if [ -z "${1#*=}" ]; then
help
else
log ECHO "--keychain called. Keychain file location defined as: ${1#*=}"
KCH="${1#*=}"
o_kch=true
fi
;;
--efi-partition=*)
if [ -z "${1#*=}" ]; then
help
else
log ECHO "--efi-partition called. EFI partition defined as: ${1#*=}"
EFI="${1#*=}"
o_efi=true
fi
;;
*)
break
;;
esac
shift
done
#Level 1 argument parser
case ${1} in
open)
shift
log ECHO "Executing decryption script"
cfg_loader
if [ -z ${kd[@]+x} ]; then
KEYDRIVE_NAME=KCH
if [ -z "${KCH}" ]; then
mount -r -t vfat "/dev/disk/by-partlabel/EFI" /tmp/decrypt/mnt > ${STDERR} 2>&1
if [ $? == 0 ]; then
KCH="/tmp/decrypt/mnt/decrypt/kch"
else
log FAIL "Could not mount EFI partition"
fi
fi
dd if="${KCH}" of="/tmp/decrypt/kch" > /dev/null 2>&1
if [ $? == 1 ]; then
log FAIL "Could not find keychain"
fi
log EXEC "Please input password"
while true; do
read -s PASSWD
printf "%s" "${PASSWD}" | cryptsetup luksOpen "/tmp/decrypt/kch" ${KEYDRIVE_NAME} > ${STDERR} 2>&1
if [ $? == 0 ]; then
log OK
break
elif [ $? == 1 ] || [ $? == 2 ]; then
log WARN "Keychain decryption failed."
log EXEC "Please input password again"
else
log FAIL "Keychain decrypting failed"
fi
done
else
log EXEC "Looking for keydrive"
while true; do
currentDrive=1
for i in ${kd[@]// /:}; do
# Value extractor
currentArray=$(echo "${i}" | sed "s/\:/ /g")
currentArray=(${currentArray})
if [ ${#currentArray[@]} != 1 ]; then
echo "${currentArray[@]}" > ${STDERR}
log FAIL "Bad configuration, expected only 1 element, echoing variables for keydrive ${currentDrive}"
fi
dd if="/dev/disk/by-partuuid/${currentArray[0]}" of="/tmp/decrypt/keychain" >/dev/null 2>&1
if [ $? == 0 ]; then
KEYDRIVE_NAME=$(lsblk --output=PARTLABEL /dev/disk/by-partuuid/${currentArray[0]} | sed '2q;d')
log OK
log INDENT +1
log EXEC "Extracting keys from ${KEYDRIVE_NAME}"
if [ -z "${KCH}" ]; then
mount -r -t vfat "/dev/disk/by-partlabel/EFI" /tmp/decrypt/mnt > ${STDERR} 2>&1
KCH="/tmp/decrypt/mnt/decrypt/kch"
fi
dd if="${KCH}" of="/tmp/decrypt/kch" >/dev/null 2>&1
if [ $? == 1 ]; then
log FAIL "Could not find keychain"
break 2
fi
cryptsetup -d "/tmp/decrypt/kch" open --type plain "/tmp/decrypt/keychain" "${KEYDRIVE_NAME}" > ${STDERR} 2>&1
if [ $? == 0 ]; then
log OK
break 2
else
log FAIL "Keychain decryption failed."
break 2
fi
fi
currentDrive=$((${currentDrive} +1))
done
sleep 0.5
done
fi
log EXEC "Opening drives..."
log INDENT +1
currentDrive=1
for i in ${ed[@]// /:}; do
log EXEC "Opening drive ${currentDrive}"
# Value extractor
currentArray=$(echo "${i}" | sed "s/\:/ /g")
currentArray=(${currentArray})
if [ ${#currentArray[@]} != 3 ]; then
echo "${currentArray[@]}" > ${STDERR}
log FAIL "Bad configuration file, expected 3 elements, echoing variables for drive ${currentDrive}"
fi
# Device name extractor
DEVICE_NAME=$(lsblk --output=PARTLABEL /dev/disk/by-partuuid/${currentArray[0]} | sed '2q;d')
# Open cryptdevice
cryptsetup -d "/dev/mapper/${KEYDRIVE_NAME}" --keyfile-offset=${currentArray[1]} --keyfile-size=${currentArray[2]} luksOpen "/dev/disk/by-partuuid/${currentArray[0]}" "${DEVICE_NAME}" > ${STDERR} 2>&1 &
cryptsetup_pid[${currentDrive}]=$!
currentDrive=$((${currentDrive} +1))
done
waitDrive=1
for i in ${ed[@]// /:}; do
wait ${cryptsetup_pid[${waitDrive}]}
if [ $? == 0 ]; then
log OK $(if [ ${currentDrive} == 2 ]; then echo ""; else echo "$(( ${currentDrive} - 2 ))"; fi)
else
log WARN "Drive ${curentDrive} open failed" $(if [ ${currentDrive} == 2 ]; then echo ""; else echo "$(( ${currentDrive} - 2 ))"; fi)
WARN=true
fi
currentDrive=$((${currentDrive} -1))
done
log INDENT -1
cryptsetup close ${KEYDRIVE_NAME}
if [ ${WARN} == true ]; then
log ECHO "Non-fatal errors have occured. Some drives may not have opened properly, proceed with caution" ${#ed[@]}
else
log OK ${#ed[@]}
log INDENT -1
log ECHO "Decryption script complete"
fi
if [ "${o_cfg}" == false ]; then
umount /tmp/decrypt/mnt
fi
;;
close)
shift
cfg_loader
log EXEC "Closing drives..."
log INDENT +1
currentDrive=1
for i in ${ed[@]// /:}; do
log EXEC "Closing drive ${currentDrive}"
# Value extractor
currentArray=$(echo "${i}" | sed "s/\:/ /g")
currentArray=(${currentArray})
if [ ${#currentArray[@]} != 3 ]; then
echo "${currentArray[@]}" > ${STDERR}
log FAIL "Bad configuration file, expected 3 elements, echoing variables for drive ${currentDrive}"
fi
# Device name extractor
DEVICE_NAME=$(lsblk --output=PARTLABEL /dev/disk/by-partuuid/${currentArray[0]} | sed '2q;d')
# Open cryptdevice
cryptsetup close "/dev/mapper/${DEVICE_NAME}" > ${STDERR} 2>&1
if [ $? == 0 ]; then
log OK
else
log WARN "Drive ${curentDrive} close failed"
WARN=true
fi
currentDrive=$((${currentDrive} +1))
done
log INDENT -1
if [ ${WARN} == true ]; then
log ECHO "Non-fatal errors have occured. Some drives may not have closed properly, proceed with caution" ${#ed[@]}
else
log OK ${#ed[@]}
fi
;;
create)
#TODO: Support full disk generation. For now, config generator only.
o_mkcfg=true
shift
# Options parser
case ${1} in
--config-only=*)
if [ -z "${1#*=}" ]; then
help
else
log ECHO "--config-only called. Config generation output defined as: ${1#*=}"
MKCFG="${1#*=}"
o_mkcfg=true
shift
fi
;;
esac
# Variable parser
KEYDRIVE=${1}
EFI=${2}
while true; do
case ${3} in
/dev*)
driveArray=(${driveArray[@]} ${3})
;;
*)
break
;;
esac
shift
done
# Sanity check
log EXEC "Sanity checking..."
if [ -b ${KEYDRIVE} ]; then
if [ -z "$(lsblk --output=FSTYPE ${KEYDRIVE} | sed '2q;d'| sed 's/\ //g')" ]; then
echo -n
else
log FAIL "Requires ${KEYDRIVE} to be unformatted to be used as Keydrive"
fi
else
log FAIL "${KEYDRIVE} block device does not exist"
fi
if [ -b ${EFI} ]; then
if [ $(lsblk --output=FSTYPE ${EFI} | sed '2q;d'| sed 's/\ //g') == vfat ]; then
echo -n
else
log FAIL "Requires ${EFI} to be formatted to vfat (F32) to be used as EFI partition"
fi
else
log FAIL "${EFI} block device does not exist"
fi
for i in ${driveArray[@]}; do
if [ -b ${i} ]; then
if [ -z "$(lsblk --output=FSTYPE ${i} | sed '2q;d'| sed 's/\ //g')" ]; then
echo -n
else
log FAIL "Requires ${i} to be unformatted to be used as encrypted drive"
fi
else
log FAIL "${i} block device does not exist"
fi
done
log OK
# Notice
log ECHO "Notice: You are about to create an encrypted drive array with the following devices:"
log INDENT +1
log ECHO "EFI Partion: ${EFI}, $(lsblk --output=SIZE ${EFI} | sed '2q;d'| sed 's/\ //g'), $(lsblk --output=FSTYPE ${EFI} | sed '2q;d'| sed 's/\ //g')"
log ECHO "Keydrive 1: ${KEYDRIVE}, $(lsblk --output=SIZE ${KEYDRIVE} | sed '2q;d' | sed 's/\ //g'), $(lsblk --output=FSTYPE ${KEYDRIVE} | sed '2q;d' | sed 's/\ //g')"
currentDrive=1
for i in ${driveArray[@]}; do
log ECHO "Drive ${currentDrive}: ${i}, $(lsblk --output=SIZE ${i} | sed '2q;d'| sed 's/\ //g'), $(lsblk --output=FSTYPE ${KEYDRIVE} | sed '2q;d' | sed 's/\ //g')"
currentDrive=$((${currentDrive} + 1))
done
log INDENT -1
log ECHO "WARNING!"
log INDENT +1
log ECHO "This will overwrite data on all of these devices"
log EXEC "Are you sure? (Type uppercase yes): "
echo -en "\033[1A\033[53C"
read confirm
if [ ${confirm} == "YES" ]; then
log OK
else
log FAIL "Input was not YES, exiting"
fi
log INDENT -1
# Config generator
log ECHO "Generating config file to EFI partition"
log INDENT +1
if [ -d "/tmp/decrypt" ]; then
echo -n
else
mkdir /tmp/decrypt
fi
# Checks and mounts EFI partition
if [ ${o_mkcfg} == false ]; then
log EXEC "Mounting EFI partition"
mount -t vfat "${EFI}" /tmp/decrypt/ >${STDERR} 2>&1
if [ $? == 0 ]; then
log OK
log EXEC "Checking if decrypt.cfg already exists..."
if [ -f "/tmp/decrypt/decrypt/decrypt.cfg" ]; then
log WARN "decrypt.cfg already exists, renamed to decrypt.cfg.old"
mv /tmp/decrypt/decrypt/decrypt.cfg /tmp/decrypt/decrypt/decrypt.cfg.old
CFG="/tmp/decrypt/decrypt/decrypt.cfg"
else
CFG="/tmp/decrypt/decrypt/decrypt.cfg"
log OK
fi
else
log FAIL "Could not mount EFI partition"
fi
else
CFG="${MKCFG}"
fi
log EXEC "Generating..."
# Echo burst
echo "#!/usr/bin/ash" > ${CFG}
currentDrive=1
for i in ${driveArray[@]}; do
echo "sd[${currentDrive}]=$(lsblk --output=PARTUUID ${i} | sed '2q;d'| sed 's/\ //g') $((RANDOM%4194304+1)) 2048" >> ${CFG}
currentDrive=$((${currentDrive} + 1))
done
echo "kd[1]=$(lsblk --output=PARTUUID ${KEYDRIVE} | sed '2q;d'| sed 's/\ //g')" >> ${CFG}
log OK
log INDENT -1
if [ ${o_mkcfg} == false ]; then
log EXEC "Generating keychain key"
dd if=/dev/urandom of=/tmp/decrypt/decrypt/kch bs=512 count=4 > /dev/null 2>&1
log OK
cfg_loader
log EXEC "Formatting drives"
INDENT +1
log EXEC "Keydrive..."
fi
;;
addkey)
#TODO: Code this function
shift
help
;;
remkey)
#TODO: Code this function
shift
help
;;
*)
help
;;
esac

11
decrypt.install Normal file
View file

@ -0,0 +1,11 @@
post_install() {
echo "INSTALL INSTRUCTIONS"
echo "1) Add 'decrypt' in /etc/mkinitcpio"
echo "2) Execute 'mkinitcpio -p linux'"
}
post_upgrade() {
mkinitcpio -p linux
}

8
decrypt.sublime-project Normal file
View file

@ -0,0 +1,8 @@
{
"folders":
[
{
"path": "."
}
]
}

638
decrypt.sublime-workspace Normal file
View file

@ -0,0 +1,638 @@
{
"auto_complete":
{
"selected_items":
[
[
"else",
"else"
],
[
"eval",
"evaluate_retval"
]
]
},
"buffers":
[
{
"file": "src/decrypt.sh",
"settings":
{
"buffer_size": 16587,
"encoding": "UTF-8",
"line_ending": "Unix"
}
},
{
"file": "src/debian/src/decrypt.hook",
"settings":
{
"buffer_size": 1167,
"encoding": "UTF-8",
"line_ending": "Unix"
}
},
{
"file": "src/debian/src/decrypt.install",
"settings":
{
"buffer_size": 149,
"line_ending": "Unix"
}
},
{
"file": "PKGBUILD",
"settings":
{
"buffer_size": 821,
"encoding": "UTF-8",
"line_ending": "Unix"
}
},
{
"file": "decrypt.install",
"settings":
{
"buffer_size": 184,
"encoding": "UTF-8",
"line_ending": "Unix"
}
},
{
"file": "changelog",
"settings":
{
"buffer_size": 241,
"encoding": "UTF-8",
"line_ending": "Unix"
}
},
{
"file": "license",
"settings":
{
"buffer_size": 1089,
"encoding": "UTF-8",
"line_ending": "Unix"
}
}
],
"build_system": "",
"build_system_choices":
[
],
"build_varint": "",
"command_palette":
{
"height": 392.0,
"last_filter": "",
"selected_items":
[
[
"Package Control: Ins",
"Package Control: Install Package"
],
[
"Package Control: install",
"Package Control: Install Package"
],
[
"Package Control: ",
"Package Control: List Packages"
]
],
"width": 449.0
},
"console":
{
"height": 126.0,
"history":
[
"import urllib.request,os,hashlib; h = 'eb2297e1a458f27d836c04bb0cbaf282' + 'd0e7a3098092775ccb37ca9d6b2e4b7d'; pf = 'Package Control.sublime-package'; ipp = sublime.installed_packages_path(); urllib.request.install_opener( urllib.request.build_opener( urllib.request.ProxyHandler()) ); by = urllib.request.urlopen( 'http://packagecontrol.io/' + pf.replace(' ', '%20')).read(); dh = hashlib.sha256(by).hexdigest(); print('Error validating download (got %s instead of %s), please try manual install' % (dh, h)) if dh != h else open(os.path.join( ipp, pf), 'wb' ).write(by)"
]
},
"distraction_free":
{
"menu_visible": true,
"show_minimap": false,
"show_open_files": false,
"show_tabs": false,
"side_bar_visible": false,
"status_bar_visible": false
},
"expanded_folders":
[
"/home/amartin/Projects/Coding/decrypt"
],
"file_history":
[
"/usr/lib/initcpio/hooks/decrypt.sh",
"/mnt/decrypt/decrypt.sh",
"/home/amartin/Projects/Packages/archlinux/decrypt/build.sh",
"/var/abs/local/linux-ck/PKGBUILD",
"/etc/fstab",
"/home/Ayakael/patch.sh",
"/media/Selkie-ISO2/mount.kveykva",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/debian/decrypt.hook",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/debian/decrypt.install",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/archlinux/decrypt.install",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/archlinux/decrypt.hook",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/changelog",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/[distro]/archlinux/PKGBUILD",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/archlinux/decrypt.hooks",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/decrypt.install",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/decrypt.install",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/decrypt.hooks",
"/boot/decrypt/decrypt.cfg",
"/home/Ayakael/Projects/Packages/archlinux/decrypt/src/decrypt.sh",
"/var/abs/local/btrfs-progs-git/PKGBUILD",
"/var/abs/local/btrfs-",
"/home/Ayakael/Projects/Coding/(Functions)/log",
"/home/Ayakael/Projects/Coding/decrypt/decrypt.install",
"/home/Ayakael/.config/sublime-text-3/Packages/User/makepkg.sublime-build",
"/home/Ayakael/Projects/Coding/Bridge/src/lastknown.service",
"/home/Ayakael/Projects/Coding/Bridge/src/lastknown",
"/home/Ayakael/Projects/Coding/Bridge/src/bridge",
"/home/Ayakael/Projects/Coding/decrypt/PKGBUILD",
"/boot/grub/grub.cfg",
"/etc/powerpill/powerpill.json",
"/var/abs/local/aura/PKGBUILD",
"/var/abs/local/protonmail/PKGBUILD",
"/usr/bin/mirrorsync",
"/home/Ayakael/Projects/Coding/netsync/src/netsync",
"/home/Ayakael/Projects/Coding/decrypt/decrypt",
"/var/abs/local/ttf-win7-fonts/_COPY.BAT",
"/usr/bin/serial.artalus",
"/etc/fstab.kveykva",
"/usr/lib/initcpio/hooks/encrypt",
"/usr/lib/initcpio/hooks/decrypt",
"/var/abs/local/ttf-win7-fonts/copy.sh",
"/bridge/Artalus-DAT/[deluge]/(downloads)/tmp/The.Walking.Dead.S06E04.PROPER.720p.HDTV.x264-KILLERS[ettv]/Torrent-Downloaded-from-ExtraTorrent.cc.txt",
"/bridge/Vindramos-DAT/{Richard}/recovery/audit.txt",
"/bridge/Vindramos-DAT/{Richard}/hexdump",
"/home/Ayakael/Projects/Coding/ecryptfs/ecryptfs",
"/home/Ayakael/Projects/Coding/Btrfs Subvolume Protcol/btrfs-smp.sh",
"/home/Ayakael/Documents/Downloads/CA Toronto.ovpn",
"/home/Ayakael/Projects/Coding/decrypt/decrypt.hooks",
"/usr/lib/initcpio/install/decrypt",
"/home/Ayakael/Projects/Coding/Functions/log",
"/bridge/Vindramos-DAT/{Richard}/binarydymp",
"/home/Ayakael/Documents/Downloads/DNSBench.exe",
"/home/Ayakael/decrypt.cfg",
"/home/Ayakael/Artalus.spathi",
"/home/Ayakael/log",
"/home/Ayakael/spathi",
"/home/Ayakael/test",
"/home/Ayakael/testfile",
"/media/Pink Floyd - aMLoR1/access-cli",
"/home/Ayakael/rockbox/.git/hooks/update.sample",
"/home/Ayakael/rockbox/.git/config",
"/etc/crypttab",
"/media/IPOD/.rockbox/viewers.config",
"/media/IPOD/.rockbox/rockbox-info.txt",
"/media/IPOD/.rockbox/config.cfg",
"/media/IPOD/.rockbox/tagnavi.config",
"/bridge/Artalus-DAT/[deluge]/(downloads)/tmp/The.Walking.Dead.S06E05.INTERNAL.720p.HDTV.x264-KILLERS[ettv]/Torrent-Downloaded-from-ExtraTorrent.cc.txt",
"/home/Ayakael/.config/awesome/rc.lua",
"/media/A016_1104OK/102-96B-75F_log.txt",
"/media/SPATHI1/decrypt",
"/home/Ayakael/Projects/Coding/decrypt/logtest",
"/home/Ayakael/Downloads/FF.Communicator",
"/home/Ayakael/Projects/Computers/rockbox/rbutil.log",
"/home/Ayakael/Documents/decrypt.cfg",
"/media/USB/btrfs-restore",
"/root/restore.log",
"/etc/security/pam_mount.conf.xml",
"/bridge/Vindramos-SYS/{Vindramos-SYS}/[Ayakael]/(home)/__active/.pam_mount.conf.xml",
"/home/Ayakael/Documents/Downloads/VMware Workstation v12.0.0 Linux x64 Incl Keymaker-EMBRACE/Write for Us.txt",
"/home/Ayakael/Documents/Downloads/VMware Workstation v12.0.0 Linux x64 Incl Keymaker-EMBRACE/Install Notes.txt",
"/usr/bin/ecryptfs.gen",
"/home/Ayakael/btrfs-undelete",
"/home/Ayakael/restore",
"/home/Ayakael/.config/redshift.conf",
"/media/USB/artalus/decrypt.artalus",
"/home/Ayakael/Projects/Scripts/glibc-core-2.17/uninstall.sh",
"/bridge/Artalus-DAT/[deluge]/(downloads)/tmp/[V-A]_Now_and_Then,_Here_and_There/[V-A]_Now_and_Then,_Here_and_There.nfo",
"/home/Ayakael/Projects/Computers/rockbox/tagnavi.config",
"/etc/X11/xorg.conf.d/10-monitor.conf",
"/etc/X11/xorg.conf.d/20-radeon.conf",
"/bridge/Artalus-DAT/[deluge]/(downloads)/tmp/[V-A]_Now_and_Then,_Here_and_There/[V-A]_Now_and_Then,_Here_and_There.sfv",
"/media/VINDRAMOS-K/decrypt",
"/home/Ayakael/Downloads/VMware Workstation v12.0.0 Linux x64 Incl Keymaker-EMBRACE/VMware-Workstation-Full-12.0.0-2985596.x86_64.bundle",
"/home/Ayakael/Downloads/VMware Workstation v12.0.0 Linux x64 Incl Keymaker-EMBRACE/Install Notes.txt",
"/home/Ayakael/transfer",
"/bridge/Kveykva-SYS/{Kveykva-SYS}/[Ayakael]/(home)/__active/1.sh",
"/home/Ayakael/Projects/Coding/Decrypt Bootstrap/artalus/decrypt.cfg",
"/home/Ayakael/Projects/Coding/EcryptfsFS Manager/.ecryptfs Generator",
"/home/~",
"/home/.mnt/Ayakael/Documents/.ecryptfs/Private.mnt",
"/home/.mnt/Ayakael/Media/.ecryptfs/Private.sig",
"/home/.mnt/Ayakael/Media/.ecryptfs/Private.mnt",
"/home/.mnt/Ayakael/Documents/.ecryptfs/Private.sig",
"/home/.ecryptfs/Ayakael/.ecryptfs/Private.mnt",
"/home/Ayakael/Documents/Downloads/22560-001.bin",
"/home/Ayakael/Projects/Coding/Decrypt Bootstrap/decrypt",
"/home/Ayakael/Projects/Scripts/Secure CD Generator/src/access-cli",
"/home/Ayakael/Projects/Scripts/libgcrypt-1.5.0-1/uninstall.sh",
"/home/Ayakael/Projects/Scripts/cryptsetup-1.6.0-1/install.sh",
"/home/Ayakael/Projects/Scripts/cryptsetup-1.6.0-1/update.sh",
"/home/Ayakael/Projects/Scripts/cryptsetup-1.6.0-1/uninstall.sh",
"/home/Ayakael/Projects/Scripts/Decrypt Bootstrap/artalus/decrypt.cfg",
"/home/Ayakael/Projects/Packages/glibc-core-2.17/uninstall.sh",
"/home/Ayakael/Projects/Packages/btrfs-progs-3.12-2/uninstall.sh",
"/home/Ayakael/Projects/Packages/btrfs-progs-3.12-2/install.sh",
"/boot/decrypt/decrypt.cfh",
"/bridge/Vindramos-SYS/[root]/(system)/etc/fstab",
"/home/Ayakael/.bashrc",
"/home/Ayakael/IMAGE/access-cli",
"/backup/Lykourgus/Pictures/Themes/7. Basic Theme Files/Placebo Black Market 2 - BASIC.theme",
"/backup/Lykourgus/Pictures/Themes/1. Placebo/Placebo Black Market 2.theme",
"/backup/Lykourgus/Pictures/Themes/1. Placebo/Placebo Black Market 2/BM2.msstyles",
"/home/Ayakael/Documents/Scripts/Secure CD Generator/src/access-cli",
"/home/Ayakael/Documents/Scripts/Secure CD Generator/src/mksecurecd",
"/usr/bin/speedtest-cli",
"/var/abs/local/speedtest-cli/PKGBUILD",
"/etc/initcpio/hooks/decrypt.sh",
"/media/IPFire_2.175/decrypt.sh"
],
"find":
{
"height": 36.0
},
"find_in_files":
{
"height": 93.0,
"where_history":
[
""
]
},
"find_state":
{
"case_sensitive": false,
"find_history":
[
"true",
"d",
"Vindramot",
"COPY",
"%MYSHARE%\\",
"%WINDIR%\\FONTS\\",
"%WINDIR%",
"menubar",
"p",
"umount",
"awesome.restart",
"btrfs",
"\"REP\"",
" REP ",
"REP",
"FAT",
" ERR ",
"0 ERR",
"ERR",
"CMP",
"CAT",
"ACT",
">/dev/null 2>&1",
">/dev/null",
"vfat",
"}-KEY",
"key",
"kernel",
"256",
"Linux",
"openvpn",
"encryption",
"key",
"Ciphers",
"rules",
"Tags",
"/usr/share/awesome/themes/default/"
],
"highlight": true,
"in_selection": false,
"preserve_case": false,
"regex": false,
"replace_history":
[
"Vindramos",
"cp",
"/var/abs/local/ttf-win7-fonts/font/",
"/bridge/Vindramot-WIN/Windows/Fonts/",
"/bridge/Vindramot-WIN/Windows/",
"REPT",
" REPT ",
"REPT",
"FAIL",
" WARN ",
"0 WARN",
"WARN",
"OK",
"LINE",
"EXEC",
">${STDERR} 2>&1",
">${STDERR}",
"/home/Ayakael/.config/awesome/themes/Vindramos/"
],
"reverse": false,
"show_context": true,
"use_buffer2": true,
"whole_word": false,
"wrap": true
},
"groups":
[
{
"selected": 0,
"sheets":
[
{
"buffer": 0,
"file": "src/decrypt.sh",
"semi_transient": false,
"settings":
{
"buffer_size": 16587,
"regions":
{
},
"selection":
[
[
6784,
6784
]
],
"settings":
{
"syntax": "Packages/ShellScript/Shell-Unix-Generic.sublime-syntax",
"translate_tabs_to_spaces": false
},
"translation.x": 0.0,
"translation.y": 2034.0,
"zoom_level": 1.0
},
"stack_index": 0,
"type": "text"
},
{
"buffer": 1,
"file": "src/debian/src/decrypt.hook",
"semi_transient": false,
"settings":
{
"buffer_size": 1167,
"regions":
{
},
"selection":
[
[
9,
9
]
],
"settings":
{
"syntax": "Packages/ShellScript/Shell-Unix-Generic.sublime-syntax",
"translate_tabs_to_spaces": false
},
"translation.x": 0.0,
"translation.y": 0.0,
"zoom_level": 1.0
},
"stack_index": 2,
"type": "text"
},
{
"buffer": 2,
"file": "src/debian/src/decrypt.install",
"semi_transient": false,
"settings":
{
"buffer_size": 149,
"regions":
{
},
"selection":
[
[
32,
32
]
],
"settings":
{
"syntax": "Packages/ShellScript/Shell-Unix-Generic.sublime-syntax"
},
"translation.x": 0.0,
"translation.y": 0.0,
"zoom_level": 1.0
},
"stack_index": 1,
"type": "text"
},
{
"buffer": 3,
"file": "PKGBUILD",
"semi_transient": false,
"settings":
{
"buffer_size": 821,
"regions":
{
},
"selection":
[
[
37,
37
]
],
"settings":
{
"syntax": "Packages/ShellScript/Shell-Unix-Generic.sublime-syntax"
},
"translation.x": 0.0,
"translation.y": 0.0,
"zoom_level": 1.0
},
"stack_index": 6,
"type": "text"
},
{
"buffer": 4,
"file": "decrypt.install",
"semi_transient": false,
"settings":
{
"buffer_size": 184,
"regions":
{
},
"selection":
[
[
182,
182
]
],
"settings":
{
"syntax": "Packages/Text/Plain text.tmLanguage"
},
"translation.x": 0.0,
"translation.y": 0.0,
"zoom_level": 1.0
},
"stack_index": 5,
"type": "text"
},
{
"buffer": 5,
"file": "changelog",
"semi_transient": false,
"settings":
{
"buffer_size": 241,
"regions":
{
},
"selection":
[
[
241,
241
]
],
"settings":
{
"syntax": "Packages/Text/Plain text.tmLanguage"
},
"translation.x": 0.0,
"translation.y": 0.0,
"zoom_level": 1.0
},
"stack_index": 4,
"type": "text"
},
{
"buffer": 6,
"file": "license",
"semi_transient": false,
"settings":
{
"buffer_size": 1089,
"regions":
{
},
"selection":
[
[
0,
0
]
],
"settings":
{
"syntax": "Packages/Text/Plain text.tmLanguage"
},
"translation.x": 0.0,
"translation.y": 0.0,
"zoom_level": 1.0
},
"stack_index": 3,
"type": "text"
}
]
}
],
"incremental_find":
{
"height": 27.0
},
"input":
{
"height": 32.0
},
"layout":
{
"cells":
[
[
0,
0,
1,
1
]
],
"cols":
[
0.0,
1.0
],
"rows":
[
0.0,
1.0
]
},
"menu_visible": true,
"output.exec":
{
"height": 112.0
},
"output.find_results":
{
"height": 0.0
},
"pinned_build_system": "Packages/User/makepkg.sublime-build",
"project": "decrypt.sublime-project",
"replace":
{
"height": 64.0
},
"save_all_on_build": true,
"select_file":
{
"height": 0.0,
"last_filter": "",
"selected_items":
[
],
"width": 0.0
},
"select_project":
{
"height": 0.0,
"last_filter": "",
"selected_items":
[
],
"width": 0.0
},
"select_symbol":
{
"height": 0.0,
"last_filter": "",
"selected_items":
[
],
"width": 0.0
},
"selected_group": 0,
"settings":
{
},
"show_minimap": true,
"show_open_files": false,
"show_tabs": true,
"side_bar_visible": true,
"side_bar_width": 322.0,
"status_bar_visible": true,
"template_settings":
{
}
}

14
initcpio/archlinux/decrypt.hook Executable file
View file

@ -0,0 +1,14 @@
#
# Author Antoine Martin
# Copyright (c) 2016 Antoine Martin <antoine.martin@protonmail.com>
# Release v0.5.1-4 decrypt
#
#!/usr/bin/ash
run_hook() {
modprobe -a -q dm-crypt >/dev/null 2>&1
[ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
export TERMINFO=/usr/lib/terminfo
bash /usr/bin/decrypt open
}

58
initcpio/archlinux/decrypt.install Executable file
View file

@ -0,0 +1,58 @@
#
# Author Antoine Martin
# Copyright (c) 2016 Antoine Martin <antoine.martin@protonmail.com>
# Release v0.5.1-4 decrypt
#
#!/bin/bash
build() {
local mod
add_module dm-crypt
if [[ $CRYPTO_MODULES ]]; then
for mod in $CRYPTO_MODULES; do
add_module "$mod"
done
else
add_all_modules '/crypto/'
fi
add_binary "cryptsetup"
add_binary "dmsetup"
add_binary "mount"
add_binary "egrep"
add_binary "lsblk"
add_binary "sed"
add_binary "bash"
add_binary "tput"
add_file "/usr/lib/udev/rules.d/10-dm.rules"
add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/share/terminfo/l/linux" "/usr/lib/terminfo/l/linux"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
add_file "/usr/lib/initcpio/hooks/decrypt.sh" "/usr/bin/decrypt"
add_runscript
}
help() {
cat <<HELPEOF
This hook allows for an encrypted root device. Users should specify the device
to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
where 'device' is the path to the raw device, and 'dmname' is the name given to
the device after unlocking, and will be available as /dev/mapper/dmname.
For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on
the kernel cmdline, where 'device' represents the raw block device where the key
exists, 'fstype' is the filesystem type of 'device' (or auto), and 'path' is
the absolute path of the keyfile within the device.
Without specifying a keyfile, you will be prompted for the password at runtime.
This means you must have a keyboard available to input it, and you may need
the keymap hook as well to ensure that the keyboard is using the layout you
expect.
HELPEOF
}
# vim: set ft=sh ts=4 sw=4 et:

53
initcpio/debian/decrypt.hook Normal file
View file

@ -0,0 +1,53 @@
#!/bin/sh
PREREQS="udev"
EXEC="/usr/bin/bash /sbin/cryptsetup dmsetup mount egrep lsblk sed tput"
RULES="55-dm.rules"
FILES="'/usr/share/terminfo/l/linux-16color:/lib/terminfo/l/linux' '/usr/share/initramfs-tools/scripts/local-premount/decrypt.sh:/usr/bin/decrypt'"
prereqs()
{
echo "${PREREQ}"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
. /usr/share/initramfs-tools/hook-functions
for exec in ${EXEC}; do
if [ -e ${exec} ]; then
copy_exec "${exec}"
else
echo "${exec} not found"
done
mkdir -p ${DESTDIR}/lib/udev/rules.d/; do
for rules in ${RULES}; do
if [ -e /etc/udev/rules.d/${rules} ]; then
cp -p "/etc/udev/rules.d/${rules}" "${DESTDIR}/etc/udev/rules.d/"
elif [ -e /lib/udev/rules.d/${rules} ]; then
cp -p "/lib/udev/rules.d/${rules}" "${DESTDIR}/lib/udev/rules.d/"
else
echo "${rules} not found"
fi
done
for files in ${FILES}; do
FILES_SRC=$(echo ${files} | sed 's/.*://')
FILES_DST=$(echo ${files} | sed 's/:.*//')
FILES_NAME=$(echo ${files} | sed 's|.*/||')
mkdir -p ${DESTDIR}/${FILES_NAME}
if [ -e ${FILES_SRC} ]; then
cp -p "${FILES_SRC}" "${DESTDIR}/{FILES_DST}"
else
echo "${FILES_SRC} not found"
done
exit 0

19
initcpio/debian/decrypt.install Normal file
View file

@ -0,0 +1,19 @@
#!/bin/sh
set -e
PREREQS="udev"
prereqs()
{
echo "${PREREQ}"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
/sbin/bash "/usr/bin/decrypt open"