Смонтировать зашифрованный HFS в Ubuntu

You can't mount an HFS+ partition encrypted in OS X using mount's option encryption=aes. The reason is that encrypted HFS+ partitions and volumes use a proprietary format.

Neither Cryptoloop nor Loop-AES, which are the underlying decryption methods used by mount and encryption, understand that format.

This is what I found out:

Cryptoloop can mount partitions or disk images encrypted as a single AES block (this is called single-key mode, see http://www.tldp.org/HOWTO/html_single/Cryptoloop-HOWTO/#cryptoloop-introduction):

 /dev/sdXX disk image /dev/loopX +-----------+ +-------------+ | | | | | | | | | | | unencrypted | | AES block | -AES passwd->AES key->decrypt I/O to loop device-> | partition | | | | | | | | | | | | | +-----------+ +-------------+ 

AES-Loop can mount single-key (like above) and multi-key encrypted partitions or disk images:

 /dev/sdXX disk image /dev/loopX +------------+ +-------------+ |AES block #1| | | +------------+ | | |AES block #2| | unencrypted | +------------+ -AES passwd->AES key(s)->decrypt I/O to loop dev-> | partition | |AES block #3| | | +------------+ | | | ... | | | +------------+ +-------------+ 

On the other hand, an encrypted HFS+ partition:

• includes a header (you can dump it with xxd)
• uses several keys in an undocumented way (see http://events.ccc.de/congress/2006/Fahrplan/attachments/1244-23C3VileFault.pdf)
• beginning with OS X 10.7 "Lion", it is wrapped in a CoreStorage Logical Volume Group (see man diskutil or https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man8/diskutil.8.html)

• uses AES-XTS:

   $ diskutil coreStorage list (...) +-> Logical Volume Family D1C4665F-EAC8-4DAB-B392-634842A59559 ---------------------------------------------------------- Encryption Status: Unlocked Encryption Type: AES-XTS (...) 

  which doesn't seem to be supported by Cryptoloop nor Loop-AES.

Cryptoloop's successor, dm-crypt, can't read encrypted HFS+ either.

But before all hope is gone:

• A group of cryptographic experts have created vfdecrypt (included in Ubuntu package dmg2img, tar.gz is here: http://code.google.com/p/iphone-elite/downloads/list), which decrypts encrypted FileVault disk images (it won't work with device files).

  This tool looks very promising but didn't work with any of several encrypted disk images I created with Disk Utility on OS X 10.8.2 "Mountain Lion". Other people (http://bre.klaki.net/blog/2011/08/17/) seem to have had success with old encrypted images.

• Other experts work on project libfvde (https://code.google.com/p/libfvde), which includes command fvdemount for reading FileVault encrypted system volumes. The limiting factor here is "system volume". It doesn't support partitions on removable media. If you're curious, the description is here: https://code.google.com/p/libfvde/wiki/Mounting#Mouting_the_system_volume. The source code can be downloaded here: https://code.google.com/p/libfvde/downloads/list.

As for the error messages you encountered:

First error:

Error: Password must be at least 20 characters. 

Surprisingly, mount enforces long passwords not only for encryption but also for decryption, although you may not have control over the partition to decrypt. You can only get around this nuisance by downloading and editing the source and recompiling. (Other distributions, like SuSE Linux Enterprise Server (SLES), don't have this restriction.)

Second error:

ioctl: LOOP_SET_STATUS: Invalid argument, requested cipher or key (256 bits) not supported by kernel 

You need to load the Cryptoloop kernel module:

$ sudo modprobe cryptoloop 

because although you installed package loop-aes-utils you are not using Loop-AES.

Loop-AES uses several modified user space tools (mount, umount, losetup, swapon and swapoff, provided by loop-aes-utils) and a modified loop.ko kernel module. Recent Ubuntu versions compile an unmodified loop module into the kernel:

 $ cd /usr/src/linux-source-3.2.0/linux-source-3.2.0/drivers/block/ $ diff -q /tmp/loop.c-3.x.patched loop.c Files /tmp/loop.c-3.x.patched and loop.c differ 

so Loop-AES can't be used on Ubuntu out of the box. You need to patch and recompile the kernel as explained here: http://loop-aes.sourceforge.net/loop-AES.README. That's why mount still needs Cryptoloop.

If you still get a similar error message after loading cryptoloop.ko the encryption type may be not recognized. For example, my Ubuntu 12.04 didn't recognize aes-128, but aes. SLES only recognizes aes-128.

На самом деле, есть Java-приложение hfsexplorer, которое может открывать зашифрованные .dmgфайлы и создавать дешифрованные .dmgобразы, которые можно монтировать в Linux.

Мне удалось создать зашифрованные .dmgфайлы в OS X 10.9.5, а затем изучить образ с виртуальной машины под управлением Ubuntu 14.04.2 LTS. И шифрование AES-128 и AES-256 работало для моих тестовых случаев.

Вот как я создал .dmgизображение:

$ hdiutil create -size 10m -layout NONE -fs HFS+ -encryption AES-256 -volname "Vault" vault.dmg 

С виртуальной машины под управлением Ubuntu я смог открыть образ:

$ ./hfsexplorer-0/bin/hfsexplorer.sh /tmp/vault.dmg 

Он запрашивает пароль, а затем показывает содержимое изображения. Существует опция (Инструменты -> создать образ диска), которая создает расшифрованный образ диска, который затем можно смонтировать с помощью инструментов hfs из linux.

$ mount vault_decrypted.dmg /mnt/hfs/ 

Работали даже файловые системы HFS + Journaled. Единственным ограничением является то, что поддержка записи в файловые системы HFS + J по умолчанию отключена в Linux.

Это демонстрирует, что шифрование .dmgпонимается hfsexplorerи может быть реализовано в mountкоманде. С созданием незашифрованного .dmgможно в конечном итоге смонтировать образ в Linux.

vfdecrypt у меня тоже не сработало.