mirror of
https://github.com/veracrypt/VeraCrypt.git
synced 2025-11-12 03:18:26 -06:00
Linux/MacOSX: first dynamic mode implementation
This commit is contained in:
Mounir IDRASSI
4
src/Volume/Pkcs5Kdf.cpp
Normal file → Executable file
4
src/Volume/Pkcs5Kdf.cpp
Normal file → Executable file
@@ -20,9 +20,9 @@ namespace VeraCrypt
|
||||
{
|
||||
}
|
||||
|
||||
void Pkcs5Kdf::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt) const
|
||||
void Pkcs5Kdf::DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const
|
||||
{
|
||||
DeriveKey (key, password, salt, GetIterationCount());
|
||||
DeriveKey (key, password, salt, GetIterationCount(pim));
|
||||
}
|
||||
|
||||
shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const wstring &name, bool truecryptMode)
|
||||
|
||||
16
src/Volume/Pkcs5Kdf.h
Normal file → Executable file
16
src/Volume/Pkcs5Kdf.h
Normal file → Executable file
@@ -23,13 +23,13 @@ namespace VeraCrypt
|
||||
public:
|
||||
virtual ~Pkcs5Kdf ();
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt) const;
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const;
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const = 0;
|
||||
static shared_ptr <Pkcs5Kdf> GetAlgorithm (const wstring &name, bool truecryptMode);
|
||||
static shared_ptr <Pkcs5Kdf> GetAlgorithm (const Hash &hash, bool truecryptMode);
|
||||
static Pkcs5KdfList GetAvailableAlgorithms (bool truecryptMode);
|
||||
virtual shared_ptr <Hash> GetHash () const = 0;
|
||||
virtual int GetIterationCount () const = 0;
|
||||
virtual int GetIterationCount (int pim) const = 0;
|
||||
virtual wstring GetName () const = 0;
|
||||
virtual Pkcs5Kdf* Clone () const = 0;
|
||||
virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); }
|
||||
@@ -55,7 +55,7 @@ namespace VeraCrypt
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
|
||||
virtual int GetIterationCount () const { return m_truecryptMode? 2000 : 655331; }
|
||||
virtual int GetIterationCount (int pim) const { return m_truecryptMode? 2000 : (pim <= 0 ? 655331 : (15000 + (pim * 1000))) ; }
|
||||
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(m_truecryptMode); }
|
||||
|
||||
@@ -72,7 +72,7 @@ namespace VeraCrypt
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
|
||||
virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 327661; }
|
||||
virtual int GetIterationCount (int pim) const { return m_truecryptMode? 1000 : (pim <= 0 ? 327661 : (pim * 2048)); }
|
||||
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(m_truecryptMode); }
|
||||
|
||||
@@ -89,7 +89,7 @@ namespace VeraCrypt
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
|
||||
virtual int GetIterationCount () const { return 200000; }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : (pim * 2048); }
|
||||
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256_Boot(); }
|
||||
|
||||
@@ -106,7 +106,7 @@ namespace VeraCrypt
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
|
||||
virtual int GetIterationCount () const { return 500000; }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); }
|
||||
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256(); }
|
||||
|
||||
@@ -123,7 +123,7 @@ namespace VeraCrypt
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); }
|
||||
virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 500000; }
|
||||
virtual int GetIterationCount (int pim) const { return m_truecryptMode? 1000 : (pim <= 0 ? 500000 : (15000 + (pim * 1000))); }
|
||||
virtual wstring GetName () const { return L"HMAC-SHA-512"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(m_truecryptMode); }
|
||||
|
||||
@@ -140,7 +140,7 @@ namespace VeraCrypt
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); }
|
||||
virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 500000; }
|
||||
virtual int GetIterationCount (int pim) const { return m_truecryptMode? 1000 : (pim <= 0 ? 500000 : (15000 + (pim * 1000))); }
|
||||
virtual wstring GetName () const { return L"HMAC-Whirlpool"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool(m_truecryptMode); }
|
||||
|
||||
|
||||
@@ -24,7 +24,8 @@ namespace VeraCrypt
|
||||
TopWriteOffset (0),
|
||||
TotalDataRead (0),
|
||||
TotalDataWritten (0),
|
||||
TrueCryptMode (false)
|
||||
TrueCryptMode (false),
|
||||
Pim (0)
|
||||
{
|
||||
}
|
||||
|
||||
@@ -63,7 +64,7 @@ namespace VeraCrypt
|
||||
return EA->GetMode();
|
||||
}
|
||||
|
||||
void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
|
||||
void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, int protectionPim, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
|
||||
{
|
||||
make_shared_auto (File, file);
|
||||
|
||||
@@ -94,10 +95,10 @@ namespace VeraCrypt
|
||||
throw;
|
||||
}
|
||||
|
||||
return Open (file, password, kdf, truecryptMode, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
|
||||
return Open (file, password, pim, kdf, truecryptMode, keyfiles, protection, protectionPassword, protectionPim, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
|
||||
}
|
||||
|
||||
void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
|
||||
void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, int protectionPim, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
|
||||
{
|
||||
if (!volumeFile)
|
||||
throw ParameterIncorrect (SRC_POS);
|
||||
@@ -187,7 +188,7 @@ namespace VeraCrypt
|
||||
|
||||
shared_ptr <VolumeHeader> header = layout->GetHeader();
|
||||
|
||||
if (header->Decrypt (headerBuffer, *passwordKey, kdf, truecryptMode, layout->GetSupportedKeyDerivationFunctions(truecryptMode), layoutEncryptionAlgorithms, layoutEncryptionModes))
|
||||
if (header->Decrypt (headerBuffer, *passwordKey, pim, kdf, truecryptMode, layout->GetSupportedKeyDerivationFunctions(truecryptMode), layoutEncryptionAlgorithms, layoutEncryptionModes))
|
||||
{
|
||||
// Header decrypted
|
||||
|
||||
@@ -200,6 +201,7 @@ namespace VeraCrypt
|
||||
}
|
||||
|
||||
TrueCryptMode = truecryptMode;
|
||||
Pim = pim;
|
||||
Type = layout->GetType();
|
||||
SectorSize = header->GetSectorSize();
|
||||
|
||||
@@ -237,9 +239,9 @@ namespace VeraCrypt
|
||||
Volume protectedVolume;
|
||||
|
||||
protectedVolume.Open (VolumeFile,
|
||||
protectionPassword, protectionKdf, truecryptMode, protectionKeyfiles,
|
||||
protectionPassword, protectionPim, protectionKdf, truecryptMode, protectionKeyfiles,
|
||||
VolumeProtection::ReadOnly,
|
||||
shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (),
|
||||
shared_ptr <VolumePassword> (), 0, shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (),
|
||||
VolumeType::Hidden,
|
||||
useBackupHeaders);
|
||||
|
||||
|
||||
@@ -87,11 +87,12 @@ namespace VeraCrypt
|
||||
uint64 GetTotalDataWritten () const { return TotalDataWritten; }
|
||||
VolumeType::Enum GetType () const { return Type; }
|
||||
bool GetTrueCryptMode() const { return TrueCryptMode; }
|
||||
int GetPim() const { return Pim;}
|
||||
uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); }
|
||||
bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; }
|
||||
bool IsInSystemEncryptionScope () const { return SystemEncryption; }
|
||||
void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
|
||||
void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
|
||||
void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
|
||||
void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
|
||||
void ReadSectors (const BufferPtr &buffer, uint64 byteOffset);
|
||||
void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
|
||||
void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
|
||||
@@ -118,6 +119,7 @@ namespace VeraCrypt
|
||||
uint64 TotalDataRead;
|
||||
uint64 TotalDataWritten;
|
||||
bool TrueCryptMode;
|
||||
int Pim;
|
||||
|
||||
private:
|
||||
Volume (const Volume &);
|
||||
|
||||
@@ -78,7 +78,7 @@ namespace VeraCrypt
|
||||
EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf);
|
||||
}
|
||||
|
||||
bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
|
||||
bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
|
||||
{
|
||||
if (password.Size() < 1)
|
||||
throw PasswordEmpty (SRC_POS);
|
||||
@@ -92,7 +92,7 @@ namespace VeraCrypt
|
||||
if (kdf && (kdf->GetName() != pkcs5->GetName()))
|
||||
continue;
|
||||
|
||||
pkcs5->DeriveKey (headerKey, password, salt);
|
||||
pkcs5->DeriveKey (headerKey, password, pim, salt);
|
||||
|
||||
foreach (shared_ptr <EncryptionMode> mode, encryptionModes)
|
||||
{
|
||||
|
||||
@@ -56,7 +56,7 @@ namespace VeraCrypt
|
||||
virtual ~VolumeHeader ();
|
||||
|
||||
void Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options);
|
||||
bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
|
||||
bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
|
||||
void EncryptNew (const BufferPtr &newHeaderBuffer, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
|
||||
uint64 GetEncryptedAreaStart () const { return EncryptedAreaStart; }
|
||||
uint64 GetEncryptedAreaLength () const { return EncryptedAreaLength; }
|
||||
|
||||
5
src/Volume/VolumeInfo.cpp
Normal file → Executable file
5
src/Volume/VolumeInfo.cpp
Normal file → Executable file
@@ -51,6 +51,7 @@ namespace VeraCrypt
|
||||
VirtualDevice = sr.DeserializeWString ("VirtualDevice");
|
||||
sr.Deserialize ("VolumeCreationTime", VolumeCreationTime);
|
||||
sr.Deserialize ("TrueCryptMode", TrueCryptMode);
|
||||
sr.Deserialize ("Pim", Pim);
|
||||
}
|
||||
|
||||
bool VolumeInfo::FirstVolumeMountedAfterSecond (shared_ptr <VolumeInfo> first, shared_ptr <VolumeInfo> second)
|
||||
@@ -91,6 +92,7 @@ namespace VeraCrypt
|
||||
sr.Serialize ("VirtualDevice", wstring (VirtualDevice));
|
||||
sr.Serialize ("VolumeCreationTime", VolumeCreationTime);
|
||||
sr.Serialize ("TrueCryptMode", TrueCryptMode);
|
||||
sr.Serialize ("Pim", Pim);
|
||||
}
|
||||
|
||||
void VolumeInfo::Set (const Volume &volume)
|
||||
@@ -105,7 +107,7 @@ namespace VeraCrypt
|
||||
HiddenVolumeProtectionTriggered = volume.IsHiddenVolumeProtectionTriggered();
|
||||
MinRequiredProgramVersion = volume.GetHeader()->GetRequiredMinProgramVersion();
|
||||
Path = volume.GetPath();
|
||||
Pkcs5IterationCount = volume.GetPkcs5Kdf()->GetIterationCount();
|
||||
Pkcs5IterationCount = volume.GetPkcs5Kdf()->GetIterationCount(volume.GetPim ());
|
||||
Pkcs5PrfName = volume.GetPkcs5Kdf()->GetName();
|
||||
Protection = volume.GetProtectionType();
|
||||
Size = volume.GetSize();
|
||||
@@ -115,6 +117,7 @@ namespace VeraCrypt
|
||||
TotalDataRead = volume.GetTotalDataRead();
|
||||
TotalDataWritten = volume.GetTotalDataWritten();
|
||||
TrueCryptMode = volume.GetTrueCryptMode();
|
||||
Pim = volume.GetPim ();
|
||||
}
|
||||
|
||||
TC_SERIALIZER_FACTORY_ADD_CLASS (VolumeInfo);
|
||||
|
||||
@@ -57,6 +57,7 @@ namespace VeraCrypt
|
||||
DevicePath VirtualDevice;
|
||||
VolumeTime VolumeCreationTime;
|
||||
bool TrueCryptMode;
|
||||
int Pim;
|
||||
|
||||
private:
|
||||
VolumeInfo (const VolumeInfo &);
|
||||
|
||||
Reference in New Issue
Block a user