Build TrueCrypt on OS X 64 bit with hardware acceleration

by cs

The TrueCrypt binary for OS X that you can get from truecrypt.org has several issues:

To address these problems, it’s best to build TrueCrypt from source. Here are some instructions. You’ll need a 64 bit cpu for this to work.

  1. Install MacPorts (don’t forget to install XCode and the Command Line Tools – these prerequisites are somewhat hidden on MacPorts’ installation page).
  2. Get some build dependencies from MacPorts (do not install osxfuse from MacPorts if you want to use your own build of osxfuse instead – see bottom of post for instructions):
    sudo port install wxWidgets-3.0 osxfuse nasm wget pkgconfig
  3. Select wxWidgets-3.0:
    sudo port select wxWidgets wxWidgets-3.0
  4. Download the TrueCrypt 7.1 source code (not sure whether I’m allowed to redistribute it).
  5. Extract the source code and change into the source directory:
    tar -xzf Downloads/TrueCrypt\ 7.1a\ Source.tar.gz
    cd truecrypt-7.1a-source
  6. Download this patch:
    wget http://www.nerdenmeister.org/truecrypt-osx.patch
  7. Download some Pkcs11 header files into the source directory:
    mkdir Pkcs11
    cd Pkcs11
    wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11.h
    wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h
    wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h
    cd ..
  8. Apply the patch:
    patch -p0 < truecrypt-osx.patch
  9. Build:
    make -j4
    The GUI is still buggy on OS X 10.9 (Mavericks), but the command-line version works fine:
    make -j4 NOGUI=1
  10. The application bundle will end up in Main/TrueCrypt.app. The command-line executable is located in Main/TrueCrypt

TrueCrypt 7.a

 

Update 19th Oct 2013: The patch is now under version control as a gist on github.

Update 28th Oct 2013: These instructions are not yet recommended for OS X 10.9 (Mavericks). MacPorts doesn’t seem to be ready yet.

Update 29th Oct 2013: The GUI is still very buggy on Mavericks, but the command-line version seems to be stable:
make -j4 NOGUI=1
The executable will end up in Main/TrueCrypt.

Update 11th Nov 2013: If you want to use your own build of OSXFUSE instead of the MacPorts version, you’ll have to modify the following two files after patching the source code (i.e. after step 8):
Main/Main.make:100
-FUSE_LIBS = $(shell pkg-config fuse --libs)
+FUSE_LIBS = -L/usr/local/lib -losxfuse -pthread -liconv

Driver/Fuse/Driver.make:14
-CXXFLAGS += $(shell pkg-config fuse --cflags)
+CXXFLAGS += -D_FILE_OFFSET_BITS=64 -D_DARWIN_USE_64_BIT_INODE -I/usr/local/include/osxfuse

I’d recommend to uninstall fuse4x and fuse4x-kext in that case to avoid any mess.

Update 17th Nov 2013: Portfile is available on github now. If you’d like to see this integrated into MacPorts, please voice your support here.

Update 20th Apr 2014: Updated Portfile to switch to osxfuse because fuse4x has been deprecated by MacPorts.

Update 2nd Jun 2014: As TrueCrypt is down and the code isn’t available any longer from the official site, I’ve decided to start a Github repo that contains all changes that are required to build on OS X 64bit. This may also be useful for other platforms as the code was ported to wxWidgets 3.0 in the process.