Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 02:58:02 -06:00
Code Activity

Correct issue in handling hidden system partitions that made it impossible to verify their password.

Browse Source
This commit is contained in:
Mounir IDRASSI
2014-06-03 09:12:42 +02:00
parent 9b19baf73e
commit 751a454e6c
2 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/Common/Pkcs5.c
View File

@@ -393,7 +393,7 @@ void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int
char init[128];
char counter[4];
int c, i, l;
int EnhanceSecurityLoops = (bNotTest)? 10 : 1;
int EnhanceSecurityLoops = (bNotTest)? 20 : 1;
/* iteration 1 */
memset (counter, 0, 4);
@@ -417,6 +417,21 @@ void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int
}
}
/* add extra 10 loops to ensure backward compatibilty with the previous count (327661 for boot, 655331 for normal) */
if (iterations == 32767)
{
/* case of normal partition : add 10 iterations to have a total of 655331 = (32767 - 1)*20 + 1 + 10 */
for (c = 0; c < 10; c++)
{
hmac_ripemd160 (pwd, pwd_len, j, RIPEMD160_DIGESTSIZE, k);
for (i = 0; i < RIPEMD160_DIGESTSIZE; i++)
{
u[i] ^= k[i];
j[i] = k[i];
}
}
}
/* Prevent possible leaks. */
burn (j, sizeof(j));
burn (k, sizeof(k));
@@ -624,13 +639,11 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot)
{
switch (pkcs5_prf_id)
{
#ifdef TC_WINDOWS_BOOT
case RIPEMD160:
return 32767; /* we multiply this number by 10 inside derive_u_ripemd160 */
#else
case RIPEMD160:
return bBoot? 32767 : 65534; /* we multiply this number by 10 inside derive_u_ripemd160 */
return bBoot? 16384 : 32767; /* we multiply this number by 10 inside derive_u_ripemd160 */
#ifndef TC_WINDOWS_BOOT
case SHA512:
return 500000;

4
src/Common/Volumes.c
View File

@@ -41,7 +41,7 @@
// Unencrypted:
// 0 64 Salt
// Encrypted:
// 64 4 ASCII string 'TRUE'
// 64 4 ASCII string 'VERA'
// 68 2 Header version
// 70 2 Required program version
// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511
@@ -596,7 +596,7 @@ int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, PCRYPTO_INFO
// PKCS5 PRF
derive_key_ripemd160 (TRUE, password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,
PKCS5_SALT_SIZE, 32767, dk, sizeof (dk));
PKCS5_SALT_SIZE, bBoot ? 16384 : 32767, dk, sizeof (dk));
// Mode of operation
cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID;