Building TrueCrypt 5.0a on Linux

Friday, February 15th, 2008 at 10:32 am | 5,412 views | trackback url

The new TrueCrypt 5.0/5.0a was recently released, and because I’ve had to make a [few] [previous] [posts] on how to patch it to build and run cleanly on Linux, I thought it only appropriate that I follow that trend here with version 5.0a.

Here are some of the new features in TrueCrypt 5.0/5.0a:

  • Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts). (Windows Vista/XP/2003)
  • Pipelined operations increasing read/write speed by up to 100% (Windows)
  • Mac OS X version
  • Graphical user interface for the Linux version of TrueCrypt
  • The TrueCrypt Volume Creation Wizard now allows creation of hidden volumes within NTFS volumes. (Windows)
  • XTS mode of operation, which was designed by Phillip Rogaway in 2003 and which was recently approved as the IEEE 1619 standard for cryptographic protection of data on block-oriented storage devices. XTS is faster and more secure than LRW mode (for more information on XTS mode, see the section Modes of Operation in the documentation).

    Note: New volumes created by this version of TrueCrypt can be encrypted only in XTS mode. However, volumes created by previous versions of TrueCrypt can still be mounted using this version of TrueCrypt.

  • SHA-512 hash algorithm (replacing SHA-1, which is no longer available when creating new volumes).

    Note: To re-encrypt the header of an existing volume with a header key derived using HMAC-SHA-512 (PRF), select ‘Volumes’ > ‘Set Header Key Derivation Algorithm’.

To build this to run on Linux, you will need two things:

  1. Download the tarball version of the 5.0a source
  2. Download the latest stable wxWidgets library (wxAll in that list)

This version requires a little more than the previous versions, because it now includes a fully-graphical UI like the Windows version has for quite some time. If you simply enter the ./truecrypt-5.0a-source directory and try to build it with ‘make’, you’ll get the following errors:

Compiling CoreLinux.cpp
Updating library Core.a
make[1]: /src/compiling/truecrypt-5.0a-source/wxrelease/wx-config: Command not found
make[1]: /src/compiling/truecrypt-5.0a-source/wxrelease/wx-config: Command not found
Precompiling SystemPrecompiled.h
In file included from /usr/include/wx/platform.h:88,
                 from /usr/include/wx/defs.h:19,
                 from /usr/include/wx/wx.h:15,
                 from SystemPrecompiled.h:9:
/usr/include/wx/chkconf.h:47:9: error: #error "wxUSE_DYNLIB_CLASS must be defined."
/usr/include/wx/chkconf.h:55:9: error: #error "wxUSE_FILESYSTEM must be defined."
/usr/include/wx/chkconf.h:68:9: error: #error "wxUSE_DYNAMIC_LOADER must be defined."

This is because the required ./wxrelease subdirectory is not built or prepared. Steps to building this correctly are as follows:

  1. Unpack the wxWidgets source tree into some local directory. I put mine in /src/compiling/, but your own path may vary. The version used at the time I’m writing this post, is version 2.8.7 (direct download link from SourceForge). This will create a tree named ./wxWidgets-2.8.7.
  2. Unpack the TrueCrypt 5.0a source into another directory. This will create a tree named ./truecrypt-5.0a-source.
  3. Change into the ./truecrypt-5.0a-source directory and run the following:
    WX_ROOT=/src/compiling/wxWidgets-2.8.7 make wxbuild

    You will see the following output:

    Configuring wxWidgets library...
    Building wxWidgets library...

    This will build the ./wxrelease subdirectory of the ./truecrypt-5.0a-source source tree.

    You’ll get the following warning, which you can safely ignore:

    ./wxWidgets-2.8.7/src/gtk/gsockgtk.cpp:134: warning: ‘wxDummyGsockVar’ defined but not used
  4. Now run the following:
    WX_ROOT=/src/compiling/wxWidgets-2.8.7 make

    As you build this, you’ll see the following warning:

    Compiling PlatformTest.cpp
    PlatformTest.cpp: In static member function ‘static bool TrueCrypt::PlatformTest::TestAll()’:
    PlatformTest.cpp:243: warning: unused variable ‘finally243’

    And these:

    TextUserInterface.cpp:70: warning: unused variable ‘finally70’
    TextUserInterface.cpp:297: warning: unused variable ‘finally297’
    Unix/Main.cpp:55: warning: unused variable ‘finally55’

    You can safely ignore this and similar warnings. They are simply internal self-tests, which checks the line of source code in that file, as follows:

      // finally
      TestFlag = false;
              finally_do ({ TestFlag = true; });
              if (TestFlag)
                      throw TestFailed (SRC_POS);
      if (!TestFlag)
              throw TestFailed (SRC_POS);
      TestFlag = false;

That’s it. Now you should have a truecrypt binary in ./truecrypt-5.0a-source/Main which includes full graphical capability.

Main/truecrypt: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), stripped

If everything builds clean, the new TrueCrypt 5.0a GUI will look like this:

TrueCrypt 5.0a GUI on Linux

Last Modified: Saturday, March 5th, 2016 @ 22:57

Leave a Reply

You must be logged in to post a comment.

Bad Behavior has blocked 415 access attempts in the last 7 days.