Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

wolfCrypt as crypto backend for VeraCrypt (#1227)

Browse Source 
* wolfCrypt as crypto backend for VeraCrypt

* Refactor to use EncryptionModeWolfCryptXTS class
This commit is contained in:
lealem47
2023-11-12 16:51:31 -07:00
committed by GitHub
parent 458be85f84
commit 9247ce1bb9
36 changed files with 1104 additions and 220 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
src/Volume/EncryptionTest.cpp
View File

@@ -16,6 +16,9 @@
#include "EncryptionAlgorithm.h"
#include "EncryptionMode.h"
#include "EncryptionModeXTS.h"
#ifdef WOLFCRYPT_BACKEND
#include "EncryptionModeWolfCryptXTS.h"
#endif
#include "EncryptionTest.h"
#include "Pkcs5Kdf.h"
@@ -64,6 +67,7 @@ namespace VeraCrypt
}
};
#ifndef WOLFCRYPT_BACKEND
static const CipherTestVector SerpentTestVectors[] =
{
{
@@ -151,6 +155,7 @@ namespace VeraCrypt
}
}
};
#endif
static void TestCipher (Cipher &cipher, const CipherTestVector *testVector, size_t testVectorCount)
{
@@ -190,6 +195,7 @@ namespace VeraCrypt
if (origCrc != Crc32::ProcessBuffer (testData))
throw TestFailed (SRC_POS);
#ifndef WOLFCRYPT_BACKEND
CipherSerpent serpent;
TestCipher (serpent, SerpentTestVectors, array_capacity (SerpentTestVectors));
@@ -201,6 +207,7 @@ namespace VeraCrypt
CipherKuznyechik kuznyechik;
TestCipher (kuznyechik, KuznyechikTestVectors, array_capacity (KuznyechikTestVectors));
#endif
}
const EncryptionTest::XtsTestVector EncryptionTest::XtsTestVectors[] =
@@ -437,9 +444,16 @@ namespace VeraCrypt
for (i = 0; i < array_capacity (XtsTestVectors); i++)
{
AES aes;
shared_ptr <EncryptionMode> xts (new EncryptionModeXTS);
#ifdef WOLFCRYPT_BACKEND
shared_ptr <EncryptionMode> xts (new EncryptionModeWolfCryptXTS);
#else
shared_ptr <EncryptionMode> xts (new EncryptionModeXTS);
#endif
aes.SetKey (ConstBufferPtr (XtsTestVectors[i].key1, sizeof (XtsTestVectors[i].key1)));
aes.SetKey (ConstBufferPtr (XtsTestVectors[i].key1, sizeof (XtsTestVectors[i].key1)));
#ifdef WOLFCRYPT_BACKEND
aes.SetKeyXTS (ConstBufferPtr (XtsTestVectors[i].key2, sizeof (XtsTestVectors[i].key2)));
#endif
xts->SetKey (ConstBufferPtr (XtsTestVectors[i].key2, sizeof (XtsTestVectors[i].key2)));
aes.SetMode (xts);
@@ -494,7 +508,11 @@ namespace VeraCrypt
// Test all EAs that support this mode of operation
foreach_ref (EncryptionAlgorithm &ea, EncryptionAlgorithm::GetAvailableAlgorithms())
{
shared_ptr <EncryptionMode> mode (new EncryptionModeXTS);
#ifdef WOLFCRYPT_BACKEND
shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS);
#else
shared_ptr <EncryptionMode> mode (new EncryptionModeXTS);
#endif
if (!ea.IsModeSupported (mode))
continue;
@@ -508,8 +526,11 @@ namespace VeraCrypt
mode->SetKey (modeKey);
ea.SetMode (mode);
#ifdef WOLFCRYPT_BACKEND
ea.SetKeyXTS (modeKey);
#endif
// Each data unit will contain the same plaintext
// Each data unit will contain the same plaintext
for (i = 0; i < nbrUnits; i++)
{
memcpy ((unsigned char *) buf + i * ENCRYPTION_DATA_UNIT_SIZE,
@@ -556,6 +577,7 @@ namespace VeraCrypt
break;
}
}
#ifndef WOLFCRYPT_BACKEND
else if (typeid (ea) == typeid (Serpent))
{
switch (testCase)
@@ -920,7 +942,7 @@ namespace VeraCrypt
break;
}
}
#endif
if (crc == 0x9f5edd58)
throw TestFailed (SRC_POS);
@@ -941,7 +963,11 @@ namespace VeraCrypt
// Test all EAs that support this mode of operation
foreach_ref (EncryptionAlgorithm &ea, EncryptionAlgorithm::GetAvailableAlgorithms())
{
#ifdef WOLFCRYPT_BACKEND
shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS);
#else
shared_ptr <EncryptionMode> mode (new EncryptionModeXTS);
#endif
if (!ea.IsModeSupported (mode))
continue;
@@ -955,6 +981,9 @@ namespace VeraCrypt
mode->SetKey (modeKey);
ea.SetMode (mode);
#ifdef WOLFCRYPT_BACKEND
ea.SetKeyXTS (modeKey);
#endif
// Each data unit will contain the same plaintext
for (i = 0; i < nbrUnits; i++)
@@ -974,6 +1003,7 @@ namespace VeraCrypt
throw TestFailed (SRC_POS);
nTestsPerformed++;
}
#ifndef WOLFCRYPT_BACKEND
else if (typeid (ea) == typeid (Serpent))
{
if (crc != 0x3494d480)
@@ -1058,6 +1088,7 @@ namespace VeraCrypt
throw TestFailed (SRC_POS);
nTestsPerformed++;
}
#endif
if (crc == 0x9f5edd58)
throw TestFailed (SRC_POS);
@@ -1069,8 +1100,11 @@ namespace VeraCrypt
nTestsPerformed++;
}
#ifndef WOLFCRYPT_BACKEND
if (nTestsPerformed != 150)
#else
if (nTestsPerformed != 10)
#endif
throw TestFailed (SRC_POS);
}
@@ -1081,6 +1115,7 @@ namespace VeraCrypt
ConstBufferPtr salt (saltData, sizeof (saltData));
Buffer derivedKey (4);
#ifndef WOLFCRYPT_BACKEND
Pkcs5HmacBlake2s pkcs5HmacBlake2s;
pkcs5HmacBlake2s.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\x8d\x51\xfa\x31", 4) != 0)
@@ -1105,5 +1140,16 @@ namespace VeraCrypt
pkcs5HmacStreebog.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\xd0\x53\xa2\x30", 4) != 0)
throw TestFailed (SRC_POS);
}
#else
Pkcs5HmacSha256 pkcs5HmacSha256;
pkcs5HmacSha256.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\x64\xf3\xa5\xa3", 4) != 0)
throw TestFailed (SRC_POS);
Pkcs5HmacSha512 pkcs5HmacSha512;
pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\x55\xa1\x76\xbb", 4) != 0)
throw TestFailed (SRC_POS);
#endif
}
}