Saturday 6 June 2009

SOURCE: http://forums.remote-exploit.org/backtrack3-howtos/18470-howto-compile-truecrypt-6-1-bt3-final.html
-----------------------------
Howto: Compile TrueCrypt 6.1 on BT3-Final
/offtopic:

First of all, as this is my first post on the forum, I want to thank all the people involved in this community and of course all the guys from remote-exploit for putting together this great distro!
Thanks to you people I've been learning a great deal in the past few weeks and I have a feeling there is lots more to come! Once again, thanks.

And now to the topic.


/ontopic:

Since I am using quite a lot of external hard drives which are all crypted using TrueCrypt 6.1, I wanted to be able to use them on BT3 too. unfortunately, BT3-Final still comes with an outdated version of TrueCrypt. So I sat down and learned how to compile the current TrueCrypt 6.1.

It wasn't really that hard, basically some reading of and thinking about the right information that comes along with the downloads.

First of all, we will need the sourcefiles of Truecrypt, which can be downloaded here:


Code:

hxxp://www(dot)truecrypt(dot)org/downloads2.php


See that you the Linux/Mac OS tar.gz file AND the corresponding PGP signature file, just so we can make sure we got the "real deal" here... This we will do by taking a look at "gpg" to verify the source code we just got is valid and not tempered with.

Now if you don't know what gpg is, feel free to search google, because to explain all the features and their usage of gpg would be far beyond my little tutorial here. Just so much: Me just found out that messing with it might be a Pretty-Good-Precaution for future communication... On the other hand, if you are the trustworthy and "I-don't-think-the-world-is-bad-cause-everyone-is-full-of-good-intentions" kind of person, feel free to skip this part (and maybe consider doing a reboot into the M$-world)

Otherwise, you will need to fire up a terminal and do a:


Code:

wgex hxxp://truecrypt(dot)sourceforge(dot)net/TrueCrypt-Foundation-Public-Key.asc


to get the public key, which we will than import into gpg:


Code:

gpg --import TrueCrypt-Foundation-Public-Key.asc


Now we can finally verify that we got the correct source files by typing:


Code:

gpg --verify TrueCrypt\ 6.1\ Source.tar.gz.sig TrueCrypt\ 6.1\ Source.tar.gz


After that we should get a good signature message in return from gpg, telling us that our downloaded file is the original, unmodified source code given out by the authors.

Next would be to untar the source and change the pwd to the new directory:


Code:

tar -zxvf TrueCrypt\ 6.1\ Source.tar.gz
cd truecrypt-6.1-source


To actually compile the binaries of TrueCrypt 6.1, a


Code:

less Readme.txt


tells us we will need the RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 header files and where we can get them. So we will do a


Code:

wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/cryptoki.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/ct-kip.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/opt-pkcs11.h
wgex fxp://ftp(fot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20a3.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20a3d3.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/pkcs11.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/pkcs11t-consolidated-d1.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h
wgex fxp://ftp(dot)rsasecurity(dot)com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h.org

which should provide us with the needed files now being stored in the source code directory. After that we should be ready to create a working binary from the source by including the PKCS header files by typing:


Code:

make PKCS11_INC=/root/truecrypt-6.1-source


Of course you would have to adjust the code of the PKCS11_INC variable to your needs, if you happen to work in a different directory structure. Just make sure it points to the PKCS files we got earlier.

If everything goes well, we should end up with a nice working binary of TrueCrypt 6.1 in the "/root/truecrypt-6.1-source/Main" directory. We can now change into this directory, copy the compiled file to "/usr/bin" and thus overwriting the old binary of TrueCrypt 4.3a (I think it was). To keep things clean, we can also delete the directory with the source code as we don't need it anymore.


Code:

cd /root/truecrypt-6.1-source/Main
cp truecrypt /usr/bin/
cd /root
rm -rf truecrypt-6.1-source


That's it folks. For the looks and feels one might want to right-click on the K --> Menu-Editor, navigate to Backtrack --> Miscellaneous --> Truecrypt and uncheck the "Run in terminal" box. Also, in the "Command" text field, make sure truecrypt doesn't get any arguments passed on startup through the menu. Save the KDE Menu Editor, hit the X and off you go...

I hope this tutorial is of any use for someone. Shouldn't be to hard to walk through, as a rather beginning user as myself could figure this out and get it to compile.

Any comments, suggestions and critics are wellcome. Thanks again guys and have fun playing around with this info as I did.

Cheers
FreqVer

CODE: http://repository.slacky.eu/slackware-12.1/security/truecrypt/6.1a/src/

No comments: