How to compile Truecrypt from source

A few days ago my new USB hard drive arrived. My idea was to connect the hard drive to my Raspberry Pi so that everyone in the network can read the data on that drive. But all the data stored on that drive should be encrypted. The problem was that I also wanted to use the hard drive to copy files from a computer of a friend. Not everyone uses Linux, so I could not encrypt the hard drive with LUKS.
But I had an idea to encrypt the hard drive with Truecrypt, which is available for Windows, Mac OS X and Linux. I created a little partition (about 100MB) which is not encrypted and download the Truecrypt installer for each OS to that partition. The advantage is that you don’t need an internet connection to download the installer. The rest of the hard drive is encrypted with Truecrypt.

The main problem was the installation of Truecrypt on my Pi because there is no ARM binary. I’ve no X-Server on my Pi so I had to install Truecrypt as console-only version. Here are the steps I’ve done to install Truecrypt on my Pi.

Truecrypt has some dependencies, here is an excerpt of the Readme:

Requirements for Building TrueCrypt for Linux and Mac OS X:
-----------------------------------------------------------
- GNU Make
- GNU C++ Compiler 4.0 or compatible
- Apple Xcode (Mac OS X only)
- NASM assembler 2.08 or compatible (x86/x64 architecture only)
- pkg-config
- wxWidgets 2.8 shared library and header files installed or
  wxWidgets 2.8 library source code (available at http://www.wxwidgets.org)
- FUSE library and header files (available at http://fuse.sourceforge.net
  and http://code.google.com/p/macfuse)
- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20
  header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20)
  located in a standard include path or in a directory defined by the
  environment variable 'PKCS11_INC'.

I downloaded the latest wxWidgets source (Version 3.0.0) but the compilation failed. It took some time to figure out why it failed. The problem was the latest version of wxWidgets. I tried wxWidgets version 2.8.12 and it works fine. You can download version 2.8.12 at http://prdownloads.sourceforge.net/wxwindows/wxWidgets-2.8.12.tar.gz or use the following command.

$ wget http://prdownloads.sourceforge.net/wxwindows/wxWidgets-2.8.12.tar.gz

I also needed the PKCS #11 Cryptographic Token Interface:

$ wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11.h
$ wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h
$ wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h

To compile the console-only version you can use the following commands:

$ make NOGUI=1 WX_ROOT=/usr/local/src/wxWidgets-2.8.12 wxbuild
$ make NOGUI=1 WXSTATIC=1 PKCS11_INC=/path/to/pkcs-11-header-files

The first command compiles wxWidgets and the second compiles Truecrypt. Replace the path to the wxWidgets source “/usr/local/src/wxWidgets-2.8.12” with your path. If you want the GUI version just omit the NOGUI=1 option. It took some time to compile Truecrypt on my Pi but it worked.

The Truecrypt executable truecrypt is located at the Main folder. You can create a symbolic link to the executable to use Truecrypt or you can copy the truecrypt executable to /usr/local/bin or /usr/bin. If you need some help check out the help-option:

truecrypt --help

That’s it.