TrueCrypt for FreeBSD
This is actually quite an old project (I guess I started it around 2010 or so), but I thought I’d share it anyway. Some years ago, I was in the situation of having to mount TrueCrypt images on my FreeBSD machines. As there is no working FreeBSD port of TrueCrypt (to the best of my knowledge), I decided to do a tiny implementation myself.
Thanks to the geom_gate interface, creating block devices that are backed by userland code is pretty easy in FreeBSD. The Linux version of TrueCrypt makes use of FUSE in combination with loopback devices (ouch). The TrueCrypt file format itself is pretty straight-forward. I would love to say it’s well-documented, but this isn’t exactly the case. The documentation isn’t always accurate. However, after some trial-and-error, I was able to build a C implementation that works for me. It should probably re-written by a better coder and I’m not going to claim that it’s secure either. Still, it can serve as a PoC of how a FreeBSD TrueCrypt could look like.
The code still has some issues. Only simple encrypted volumes are supported. No fancy hidden volumes or full system encryption. And of course there are probably quite some bugs / missing features I just don’t know about.
WARNING: This may or may not work! I’m not making any security claims here. Really, please consider this code just as a PoC!
Get the Code
The code is hosted on GitHub.
git clone https://github.com/greg42/truecrypt4bsd.git
Building
The build process is rather straight:makeYou can now try the code using an existing TrueCrypt container. Please be careful, don’t use a container that contains any important data.
sudo kldload geom_gate ./ggateTruecrypt create container.tc sudo mount -t msdosfs /dev/ggate0 /mnt