Linux Unified Key Setup: C++/STL parsing library

Linux Unified Key Setup (LUKS) is a format specification for storing disk encryption parameters and up to 8 user keys (which can unlock the master key).

KS implementation details

License: CC0-1.0

This page hosts a formal specification of Linux Unified Key Setup using Kaitai Struct. This specification can be automatically translated into a variety of programming languages to get a parsing library.

Usage

Using Kaitai Struct in C++/STL usually consists of 3 steps.

  1. We need to create an STL input stream (std::istream).
    • One can open a stream for reading from a local file:
      #include <fstream>
      
      std::ifstream is("path/to/local/file.luks", std::ifstream::binary);
    • Or one can prepare a stream for reading from existing std::string str:
      #include <sstream>
      
      std::istringstream is(str);
    • Or one can parse arbitrary char* buffer in memory, given that we know its size:
      #include <sstream>
      
      const char buf[] = { ... };
      std::string str(buf, sizeof buf);
      std::istringstream is(str);
  2. We need to wrap our input stream into Kaitai stream:
    #include <kaitai/kaitaistream.h>
    
    kaitai::kstream ks(&is);
  3. And finally, we can invoke the parsing:
    luks_t data(&ks);

After that, one can get various attributes from the structure by invoking getter methods like:

data.partition_header() // => get partition header

C++/STL source code to parse Linux Unified Key Setup

luks.h

#ifndef LUKS_H_
#define LUKS_H_

// This is a generated file! Please edit source .ksy file and use kaitai-struct-compiler to rebuild

#include "kaitai/kaitaistruct.h"

#include <stdint.h>
#include <vector>

#if KAITAI_STRUCT_VERSION < 7000L
#error "Incompatible Kaitai Struct C++/STL API: version 0.7 or later is required"
#endif

/**
 * Linux Unified Key Setup (LUKS) is a format specification for storing disk
 * encryption parameters and up to 8 user keys (which can unlock the master key).
 * \sa Source
 */

class luks_t : public kaitai::kstruct {

public:
    class partition_header_t;

    luks_t(kaitai::kstream* p__io, kaitai::kstruct* p__parent = 0, luks_t* p__root = 0);

private:
    void _read();

public:
    ~luks_t();

    class partition_header_t : public kaitai::kstruct {

    public:
        class key_slot_t;

        partition_header_t(kaitai::kstream* p__io, luks_t* p__parent = 0, luks_t* p__root = 0);

    private:
        void _read();

    public:
        ~partition_header_t();

        class key_slot_t : public kaitai::kstruct {

        public:

            enum key_slot_states_t {
                KEY_SLOT_STATES_DISABLED_KEY_SLOT = 57005,
                KEY_SLOT_STATES_ENABLED_KEY_SLOT = 11301363
            };

            key_slot_t(kaitai::kstream* p__io, luks_t::partition_header_t* p__parent = 0, luks_t* p__root = 0);

        private:
            void _read();

        public:
            ~key_slot_t();

        private:
            bool f_key_material;
            std::string m_key_material;

        public:
            std::string key_material();

        private:
            key_slot_states_t m_state_of_key_slot;
            uint32_t m_iteration_parameter;
            std::string m_salt_parameter;
            uint32_t m_start_sector_of_key_material;
            uint32_t m_number_of_anti_forensic_stripes;
            luks_t* m__root;
            luks_t::partition_header_t* m__parent;

        public:
            key_slot_states_t state_of_key_slot() const { return m_state_of_key_slot; }
            uint32_t iteration_parameter() const { return m_iteration_parameter; }
            std::string salt_parameter() const { return m_salt_parameter; }
            uint32_t start_sector_of_key_material() const { return m_start_sector_of_key_material; }
            uint32_t number_of_anti_forensic_stripes() const { return m_number_of_anti_forensic_stripes; }
            luks_t* _root() const { return m__root; }
            luks_t::partition_header_t* _parent() const { return m__parent; }
        };

    private:
        std::string m_magic;
        std::string m_version;
        std::string m_cipher_name_specification;
        std::string m_cipher_mode_specification;
        std::string m_hash_specification;
        uint32_t m_payload_offset;
        uint32_t m_number_of_key_bytes;
        std::string m_master_key_checksum;
        std::string m_master_key_salt_parameter;
        uint32_t m_master_key_iterations_parameter;
        std::string m_uuid;
        std::vector<key_slot_t*>* m_key_slots;
        luks_t* m__root;
        luks_t* m__parent;

    public:
        std::string magic() const { return m_magic; }
        std::string version() const { return m_version; }
        std::string cipher_name_specification() const { return m_cipher_name_specification; }
        std::string cipher_mode_specification() const { return m_cipher_mode_specification; }
        std::string hash_specification() const { return m_hash_specification; }
        uint32_t payload_offset() const { return m_payload_offset; }
        uint32_t number_of_key_bytes() const { return m_number_of_key_bytes; }
        std::string master_key_checksum() const { return m_master_key_checksum; }
        std::string master_key_salt_parameter() const { return m_master_key_salt_parameter; }
        uint32_t master_key_iterations_parameter() const { return m_master_key_iterations_parameter; }
        std::string uuid() const { return m_uuid; }
        std::vector<key_slot_t*>* key_slots() const { return m_key_slots; }
        luks_t* _root() const { return m__root; }
        luks_t* _parent() const { return m__parent; }
    };

private:
    bool f_payload;
    std::string m_payload;

public:
    std::string payload();

private:
    partition_header_t* m_partition_header;
    luks_t* m__root;
    kaitai::kstruct* m__parent;

public:
    partition_header_t* partition_header() const { return m_partition_header; }
    luks_t* _root() const { return m__root; }
    kaitai::kstruct* _parent() const { return m__parent; }
};

#endif  // LUKS_H_

luks.cpp

// This is a generated file! Please edit source .ksy file and use kaitai-struct-compiler to rebuild

#include "luks.h"



luks_t::luks_t(kaitai::kstream* p__io, kaitai::kstruct* p__parent, luks_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = this;
    f_payload = false;
    _read();
}

void luks_t::_read() {
    m_partition_header = new partition_header_t(m__io, this, m__root);
}

luks_t::~luks_t() {
    delete m_partition_header;
    if (f_payload) {
    }
}

luks_t::partition_header_t::partition_header_t(kaitai::kstream* p__io, luks_t* p__parent, luks_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    _read();
}

void luks_t::partition_header_t::_read() {
    m_magic = m__io->ensure_fixed_contents(std::string("\x4C\x55\x4B\x53\xBA\xBE", 6));
    m_version = m__io->ensure_fixed_contents(std::string("\x00\x01", 2));
    m_cipher_name_specification = kaitai::kstream::bytes_to_str(m__io->read_bytes(32), std::string("ASCII"));
    m_cipher_mode_specification = kaitai::kstream::bytes_to_str(m__io->read_bytes(32), std::string("ASCII"));
    m_hash_specification = kaitai::kstream::bytes_to_str(m__io->read_bytes(32), std::string("ASCII"));
    m_payload_offset = m__io->read_u4be();
    m_number_of_key_bytes = m__io->read_u4be();
    m_master_key_checksum = m__io->read_bytes(20);
    m_master_key_salt_parameter = m__io->read_bytes(32);
    m_master_key_iterations_parameter = m__io->read_u4be();
    m_uuid = kaitai::kstream::bytes_to_str(m__io->read_bytes(40), std::string("ASCII"));
    int l_key_slots = 8;
    m_key_slots = new std::vector<key_slot_t*>();
    m_key_slots->reserve(l_key_slots);
    for (int i = 0; i < l_key_slots; i++) {
        m_key_slots->push_back(new key_slot_t(m__io, this, m__root));
    }
}

luks_t::partition_header_t::~partition_header_t() {
    for (std::vector<key_slot_t*>::iterator it = m_key_slots->begin(); it != m_key_slots->end(); ++it) {
        delete *it;
    }
    delete m_key_slots;
}

luks_t::partition_header_t::key_slot_t::key_slot_t(kaitai::kstream* p__io, luks_t::partition_header_t* p__parent, luks_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    f_key_material = false;
    _read();
}

void luks_t::partition_header_t::key_slot_t::_read() {
    m_state_of_key_slot = static_cast<luks_t::partition_header_t::key_slot_t::key_slot_states_t>(m__io->read_u4be());
    m_iteration_parameter = m__io->read_u4be();
    m_salt_parameter = m__io->read_bytes(32);
    m_start_sector_of_key_material = m__io->read_u4be();
    m_number_of_anti_forensic_stripes = m__io->read_u4be();
}

luks_t::partition_header_t::key_slot_t::~key_slot_t() {
    if (f_key_material) {
    }
}

std::string luks_t::partition_header_t::key_slot_t::key_material() {
    if (f_key_material)
        return m_key_material;
    std::streampos _pos = m__io->pos();
    m__io->seek((start_sector_of_key_material() * 512));
    m_key_material = m__io->read_bytes((_parent()->number_of_key_bytes() * number_of_anti_forensic_stripes()));
    m__io->seek(_pos);
    f_key_material = true;
    return m_key_material;
}

std::string luks_t::payload() {
    if (f_payload)
        return m_payload;
    std::streampos _pos = m__io->pos();
    m__io->seek((partition_header()->payload_offset() * 512));
    m_payload = m__io->read_bytes_full();
    m__io->seek(_pos);
    f_payload = true;
    return m_payload;
}