Monday, May 30, 2011

Truecrypt 7 on Synology

The following is a basic guide to getting truecrypt 7.0a to compile on a Synology 1511+, using the optware tools. You should be able to follow this guide for non-x86 devices by changing references to "-march=i686" to the architecture of your device.

 

Download the latest truecrypt 7 sources from truecrypt.org (this post is based on 7.0a)

NASM

Download NASM sources from the web

./configure --prefix=/opt/local CFLAGS="-march=i686" CC=gcc
make
make install

 

FUSE

Download Fuse 2.8.5 from the web

./configure --prefix=/opt/local
make
make install
in fuse-src/include
cp fuse.h fuse_com*.h fuse_opt.h ../../truecrypt-7.0a-source/
make install-pkgconfigDATA
export PKG_CONFIG_PATH=/opt/local/lib/pkgconfig

 

wxWidgets

Download wxWdigets 2.8.12 - Truecrypt won't compile using 2.9.x series!

 

PKCS Headers

In /tmp/pkcs
wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11.h
wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h
wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h
export PKCS11_INC=/tmp/pkcs11

 

Build wxWidgets

In truecrypt-src directory

make NOGUI=1 WX_ROOT=/tmp/wxWidgets-2.8.12 wxbuild CFLAGS="-march=i686" CC=gcc

 

Build TrueCrypt

If you get something on the lines of

"TrueCrypt::CipherAES::IsHwSupportAvailable() const"

or "is_aes_hw_cpu_supported" make sure you have NOASM=1. It is for hardware AES anyway.

 

export LD_LIBRARY_PATH='/opt/lib:/opt/local/lib'
You will need to edit the Makefile and in the "Linux" section, add
CC_FLAGS += '-march=i686'
CC_XX_FLAGS += '-march=i686'

 

Else you will get complaints about _sync_fetch_and_add_4. (http://systemsnotebook.blogspot.com/2011/05/ddrescue-on-synology-optware.html)

 

Final step!

make NOGUI=1 WXSTATIC=1 ARCH=i686 CC=gcc AS=/opt/local/bin/nasm NOASM=1

 

Truecrypt compiled in Main/truecrypt

 

Copy this to your /opt/local/bin or where ever you place your executables.

 

I'll have a following post on using Truecrypt files.

When trying to mount an Truecrypt image it complained about a missing module. I have compiled the required modules in this post.

8 comments:

  1. super guide thanks a bunch.

    I followed this guide for a DS411 ignored the CFLAGS and ARCH stuff as the CPU is different, also had a couple of issues with libfuse and truecrypt but changing the -ldl options in the Makefiles for both to -lrt sorted that out.

    Great guide thanks!

    ReplyDelete
  2. Could you provide a download for the compiled binaries? Pliis?

    ReplyDelete
  3. yes i would like that too!!!

    ReplyDelete
  4. Note that it is C_CXX_FLAGS instead of CC_XX_FLAGS
    and also: export PKCS11_INC=/tmp/pkcs
    Otherwise thanks a lot for the great guide!

    ReplyDelete
  5. Could you provide a download for the compiled binaries? I also have an Synology 1511+.

    ReplyDelete
  6. When I try to compile truecrypt I get the following error:

    Synology> make NOGUI=1 WXSTATIC=1 ARCH=i686 CC=gcc AS=/opt/local/bin/nasm NOASM=1
    Compiling SecurityToken.cpp
    ../Common/SecurityToken.cpp: In static member function 'static void TrueCrypt::SecurityToken::CloseLibrary()':
    ../Common/SecurityToken.cpp:82: error: 'dlclose' was not declared in this scope
    ../Common/SecurityToken.cpp: In static member function 'static void TrueCrypt::SecurityToken::InitLibrary(const std::string&, std::auto_ptr, std::auto_ptr)':
    ../Common/SecurityToken.cpp:517: error: 'RTLD_NOW' was not declared in this scope
    ../Common/SecurityToken.cpp:517: error: 'RTLD_LOCAL' was not declared in this scope
    ../Common/SecurityToken.cpp:517: error: 'dlopen' was not declared in this scope
    ../Common/SecurityToken.cpp:525: error: 'dlsym' was not declared in this scope
    make[1]: *** [../Common/SecurityToken.o] Error 1
    make: *** [all] Error 2


    All the other modules are getting compiled.

    ReplyDelete
  7. best part of a decade late, but Veracrypt can be compiled on DSM6.x:
    https://www.synoforum.com/threads/compiling-veracrypt-on-your-nas.4707/

    ReplyDelete