1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/truecrypt_init.sh Tue Nov 04 18:26:39 2014 +0100
1.3 @@ -0,0 +1,135 @@
1.4 +#!/bin/sh
1.5 +
1.6 +# ------------------------------------------------------------
1.7 +# opensecurity package file
1.8 +#
1.9 +# Autor: X-Net Services GmbH <office@x-net.at>
1.10 +#
1.11 +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
1.12 +#
1.13 +#
1.14 +# X-Net Technologies GmbH
1.15 +# Elisabethstrasse 1
1.16 +# 4020 Linz
1.17 +# AUSTRIA
1.18 +# https://www.x-net.at
1.19 +#
1.20 +# AIT Austrian Institute of Technology
1.21 +# Donau City Strasse 1
1.22 +# 1220 Wien
1.23 +# AUSTRIA
1.24 +# http://www.ait.ac.at
1.25 +#
1.26 +#
1.27 +# Licensed under the Apache License, Version 2.0 (the "License");
1.28 +# you may not use this file except in compliance with the License.
1.29 +# You may obtain a copy of the License at
1.30 +#
1.31 +# http://www.apache.org/licenses/LICENSE-2.0
1.32 +#
1.33 +# Unless required by applicable law or agreed to in writing, software
1.34 +# distributed under the License is distributed on an "AS IS" BASIS,
1.35 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1.36 +# See the License for the specific language governing permissions and
1.37 +# limitations under the License.
1.38 +# ------------------------------------------------------------
1.39 +
1.40 +BASEDIR="$(dirname $0)"
1.41 +DEVICE="$1"
1.42 +MOUNTPOINT="$2"
1.43 +PASSWORD="$3"
1.44 +KEYFILE="$4"
1.45 +
1.46 +
1.47 +getRemoteIp ()
1.48 +{
1.49 + ip_address=$(ifconfig eth0 | grep "inet " | awk '{ print $2 }' | cut -d ":" -f 2)
1.50 + ip_netmask=$(ifconfig eth0 | grep "inet " | awk '{ print $4 }' | cut -d ":" -f 2)
1.51 + remote_ip=$(ipcalc $ip_address/$ip_netmask | grep HostMin | awk '{ print $2}')
1.52 +
1.53 + echo $remote_ip
1.54 +}
1.55 +
1.56 +sendInfoNotification ()
1.57 +{
1.58 + MESSAGE="$1"
1.59 + wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/message?msgtype=information&text=$MESSAGE"
1.60 +}
1.61 +
1.62 +sendErrorNotification ()
1.63 +{
1.64 + MESSAGE="$1"
1.65 + wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/notification?msgtype=critical&text=$MESSAGE"
1.66 +}
1.67 +
1.68 +
1.69 +if [ -r "$BASEDIR/truecrypt_config.cfg" ]
1.70 +then
1.71 + . "$BASEDIR/truecrypt_config.cfg"
1.72 +else
1.73 + echo "truecrypt_config.cfg not found" >&2
1.74 + exit 1
1.75 +fi
1.76 +
1.77 +# make sure to have "/dev/sdb" (not "/dev/sdb1")
1.78 +#DEVICE="${DEVICE:0:8}" the bash way does not work in dash -.-
1.79 +DEVICE="$(echo "$DEVICE" | awk '{print substr($1,0,9)}')"
1.80 +
1.81 +sendInfoNotification "Encrypt device"
1.82 +if [ -z "$KEYFILE" ]
1.83 +then
1.84 + message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" "$DEVICE")"
1.85 + result="$?"
1.86 +else
1.87 + message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")"
1.88 + result="$?"
1.89 +fi
1.90 +
1.91 +
1.92 +if [ "$result" != "0" ]
1.93 +then
1.94 + sendErrorNotification "Encryption failed"
1.95 + exit 1
1.96 +fi
1.97 +
1.98 +sendInfoNotification "Device encrypted"
1.99 +
1.100 +
1.101 +
1.102 +if [ -z "$KEYFILE" ]
1.103 +then
1.104 + message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" "$DEVICE")"
1.105 + result="$?"
1.106 +else
1.107 + message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")"
1.108 + result="$?"
1.109 +fi
1.110 +
1.111 +if [ "$result" != "0" ]
1.112 +then
1.113 + exit 1
1.114 +fi
1.115 +
1.116 +
1.117 +
1.118 +sendInfoNotification "Create NTFS filesystem on encrypted device"
1.119 +
1.120 +TC_DEVICE=$(truecrypt -l | awk '{print $3}')
1.121 +
1.122 +message="$message\n$(mkfs.ntfs --quick "$TC_DEVICE")"
1.123 +result="$?"
1.124 +
1.125 +if [ "$result" != "0" ]
1.126 +then
1.127 + sendErrorNotification "Filesystem creation failed"
1.128 + exit 1
1.129 +fi
1.130 +
1.131 +sendInfoNotification "Filesystem successfully created"
1.132 +
1.133 +mount "$TC_DEVICE" "$MOUNTPOINT"
1.134 +
1.135 +sendInfoNotification "Stick is now initialized"
1.136 +
1.137 +echo "$message"
1.138 +exit 0
1.139 \ No newline at end of file