Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-12 03:18:26 -06:00
Code Activity

Windows: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption.

Browse Source
This commit is contained in:
Mounir IDRASSI
2014-12-16 00:14:42 +01:00
parent 6349162303
commit c27461572c
32 changed files with 426 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Common/Apidrvr.h
View File

@@ -100,6 +100,8 @@ typedef struct
Password ProtectedHidVolPassword; /* Password to the hidden volume to be protected against overwriting */
BOOL UseBackupHeader;
BOOL RecoveryMode;
int pkcs5_prf;
int ProtectedHidVolPkcs5Prf;
} MOUNT_STRUCT;
typedef struct
@@ -235,6 +237,7 @@ typedef struct
typedef struct
{
Password VolumePassword;
int pkcs5_prf;
} ReopenBootVolumeHeaderRequest;

7
src/Common/BootEncryption.cpp
View File

@@ -1638,7 +1638,7 @@ namespace VeraCrypt
// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)
memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));
ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, NULL, cryptoInfo);
ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, NULL, cryptoInfo);
DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
@@ -2117,7 +2117,7 @@ namespace VeraCrypt
}
int BootEncryption::ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount)
int BootEncryption::ChangePassword (Password *oldPassword, int old_pkcs5,Password *newPassword, int pkcs5, int wipePassCount)
{
BootEncryptionStatus encStatus = GetStatus();
@@ -2159,7 +2159,7 @@ namespace VeraCrypt
PCRYPTO_INFO cryptoInfo = NULL;
int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, &cryptoInfo, NULL);
int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, &cryptoInfo, NULL);
finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });
if (status != 0)
@@ -2257,6 +2257,7 @@ namespace VeraCrypt
{
ReopenBootVolumeHeaderRequest reopenRequest;
reopenRequest.VolumePassword = *newPassword;
reopenRequest.pkcs5_prf = cryptoInfo->pkcs5;
finally_do_arg (ReopenBootVolumeHeaderRequest*, &reopenRequest, { burn (finally_arg, sizeof (*finally_arg)); });
CallDriver (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER, &reopenRequest, sizeof (reopenRequest));

2
src/Common/BootEncryption.h
View File

@@ -141,7 +141,7 @@ namespace VeraCrypt
void AbortSetup ();
void AbortSetupWait ();
void CallDriver (DWORD ioctl, void *input = nullptr, DWORD inputSize = 0, void *output = nullptr, DWORD outputSize = 0);
int ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount);
int ChangePassword (Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount);
void CheckDecoyOSWipeResult ();
void CheckEncryptionSetupResult ();
void CheckRequirements ();

6
src/Common/Cache.c
View File

@@ -21,7 +21,7 @@ Password CachedPasswords[CACHE_SIZE];
int cacheEmpty = 1;
static int nPasswordIdx = 0;
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, PCRYPTO_INFO *retInfo)
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo)
{
int nReturnCode = ERR_PASSWORD_WRONG;
int i;
@@ -29,7 +29,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
/* Attempt to recognize volume using mount password */
if (password->Length > 0)
{
nReturnCode = ReadVolumeHeader (bBoot, header, password, retInfo, NULL);
nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, retInfo, NULL);
/* Save mount passwords back into cache if asked to do so */
if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))
@@ -59,7 +59,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
{
if (CachedPasswords[i].Length > 0)
{
nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], retInfo, NULL);
nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], pkcs5_prf, retInfo, NULL);
if (nReturnCode != ERR_PASSWORD_WRONG)
break;

2
src/Common/Cache.h
View File

@@ -19,5 +19,5 @@
extern int cacheEmpty;
void AddPasswordToCache (Password *password);
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, PCRYPTO_INFO *retInfo);
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo);
void WipeCache (void);

1
src/Common/Common.h
View File

@@ -76,6 +76,7 @@ typedef struct
Password ProtectedHidVolPassword; /* Password of hidden volume to protect against overwriting */
BOOL UseBackupHeader;
BOOL RecoveryMode;
int ProtectedHidVolPkcs5Prf;
} MountOptions;
#endif

23
src/Common/Common.rc
View File

@@ -65,7 +65,7 @@ BEGIN
PUSHBUTTON "Cancel",IDCANCEL,248,190,50,14
END
IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 172
IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 204
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - Mount Options"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -78,16 +78,18 @@ BEGIN
CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,86,252,10
EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,104,151,14,ES_PASSWORD | ES_AUTOHSCROLL
CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,123,90,10
CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,136,90,10
PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,125,60,14
LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,151,247,10,SS_NOTIFY
CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,146,90,10
CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,159,90,10
PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,148,60,14
LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,174,247,10,SS_NOTIFY
DEFPUSHBUTTON "OK",IDOK,211,7,60,14
PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14
RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,103,91,17,0,WS_EX_RIGHT
GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,95
GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,120
CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,126,91,17
END
IDD_KEYFILES DIALOGEX 0, 0, 345, 237
@@ -307,12 +309,13 @@ BEGIN
LTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,8,274,9
END
IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 42
IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 61
STYLE DS_SETFONT | DS_MODALFRAME | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION
CAPTION "VeraCrypt"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
CTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,11,274,9
CTEXT "Please wait...\nThis process may take a long time and VeraCrypt may become unresponsive.",IDT_STATIC_MODAL_WAIT_DLG_INFO,9,11,274,20
CONTROL "",IDC_WAIT_PROGRESS_BAR,"msctls_progress32",WS_BORDER,7,37,278,14
END
@@ -341,7 +344,7 @@ BEGIN
BEGIN
LEFTMARGIN, 7
TOPMARGIN, 7
BOTTOMMARGIN, 166
BOTTOMMARGIN, 198
END
IDD_KEYFILES, DIALOG
@@ -453,7 +456,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 285
TOPMARGIN, 7
BOTTOMMARGIN, 35
BOTTOMMARGIN, 54
END
END
#endif // APSTUDIO_INVOKED

20
src/Common/Crypto.h
View File

@@ -196,6 +196,7 @@ typedef struct CRYPTO_INFO_t
{
int ea; /* Encryption algorithm ID */
int mode; /* Mode of operation (e.g., XTS) */
int pkcs5; /* PRF algorithm */
unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */
unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */
@@ -240,10 +241,26 @@ typedef struct CRYPTO_INFO_t
UINT64_STRUCT EncryptedAreaLength;
uint32 HeaderFlags;
int pkcs5;
} CRYPTO_INFO, *PCRYPTO_INFO;
#ifdef _WIN32
#pragma pack (push)
#pragma pack(1)
typedef struct BOOT_CRYPTO_HEADER_t
{
__int16 ea; /* Encryption algorithm ID */
__int16 mode; /* Mode of operation (e.g., XTS) */
__int16 pkcs5; /* PRF algorithm */
} BOOT_CRYPTO_HEADER, *PBOOT_CRYPTO_HEADER;
#pragma pack (pop)
#endif
PCRYPTO_INFO crypto_open (void);
void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen);
void crypto_close (PCRYPTO_INFO cryptoInfo);
@@ -300,6 +317,7 @@ const
char *HashGetName (int hash_algo_id);
#ifndef TC_WINDOWS_BOOT
Hash *HashGet (int id);
void HashGetName2 (char *buf, int hashId);
BOOL HashIsDeprecated (int hashId);
BOOL HashForSystemEncryption (int hashId);

17
src/Common/Dlgcode.c
View File

@@ -6168,6 +6168,14 @@ static BOOL CALLBACK MountWaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
{
MountThreadParam* thParam = (MountThreadParam*) lParam;
HANDLE hThread = NULL;
// set the progress bar type to MARQUEE (indefinite progress)
HWND hProgress = GetDlgItem (hwndDlg, IDC_WAIT_PROGRESS_BAR);
if (hProgress)
{
SetWindowLongPtr (hProgress, GWL_STYLE, PBS_MARQUEE | GetWindowLongPtr (hProgress, GWL_STYLE));
::SendMessage(hProgress, PBM_SETMARQUEE, (WPARAM) TRUE, (LPARAM) 0);
}
thParam->hwnd = hwndDlg;
@@ -6225,6 +6233,7 @@ int MountVolume (HWND hwndDlg,
int driveNo,
char *volumePath,
Password *password,
int pkcs5,
BOOL cachePassword,
BOOL sharedAccess,
const MountOptions* const mountOptions,
@@ -6285,6 +6294,7 @@ retry:
{
mount.ProtectedHidVolPassword = mountOptions->ProtectedHidVolPassword;
mount.bProtectHiddenVolume = TRUE;
mount.ProtectedHidVolPkcs5Prf = mountOptions->ProtectedHidVolPkcs5Prf;
}
else
mount.bProtectHiddenVolume = FALSE;
@@ -6294,6 +6304,7 @@ retry:
mount.bPreserveTimestamp = mountOptions->PreserveTimestamp;
mount.bMountManager = TRUE;
mount.pkcs5_prf = pkcs5;
// Windows 2000 mount manager causes problems with remounted volumes
if (CurrentOSMajor == 5 && CurrentOSMinor == 0)
@@ -6364,6 +6375,8 @@ retry:
burn (&mount.VolumePassword, sizeof (mount.VolumePassword));
burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword));
burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf));
burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf));
if (bResult == FALSE)
{
@@ -8881,7 +8894,7 @@ void ReportUnexpectedState (char *techInfo)
#ifndef SETUP
int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
{
int status = ERR_PARAMETER_INCORRECT;
int volumeType;
@@ -9043,7 +9056,7 @@ int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *pa
}
// Decrypt volume header
status = ReadVolumeHeader (FALSE, buffer, password, &context->CryptoInfo, NULL);
status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, &context->CryptoInfo, NULL);
if (status == ERR_PASSWORD_WRONG)
continue; // Try next volume type

4
src/Common/Dlgcode.h
View File

@@ -325,7 +325,7 @@ BOOL IsDriveAvailable (int driveNo);
BOOL IsDeviceMounted (char *deviceName);
int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced);
void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap);
int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, int pkcs5, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount);
BOOL IsPasswordCacheEmpty (void);
BOOL IsMountedVolume (const char *volname);
@@ -447,7 +447,7 @@ void ToBootPwdField (HWND hwndDlg, UINT ctrlId);
void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont);
BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);
BOOL DoDriverInstall (HWND hwndDlg);
int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context);
int ReEncryptVolumeHeader (char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, BOOL wipeMode);
BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);

2
src/Common/Format.c
View File

@@ -623,7 +623,7 @@ error:
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND);
MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);

3
src/Common/Language.xml
View File

@@ -270,6 +270,7 @@
<control lang="en" key="IDT_PARALLELIZATION_OPTIONS">Thread-Based Parallelization</control>
<control lang="en" key="IDT_PKCS11_LIB_PATH">PKCS #11 Library Path</control>
<control lang="en" key="IDT_PKCS5_PRF">PKCS-5 PRF:</control>
<control lang="en" key="IDT_NEW_PKCS5_PRF">PKCS-5 PRF:</control>
<control lang="en" key="IDT_PW_CACHE_OPTIONS">Password Cache</control>
<control lang="en" key="IDT_SECURITY_OPTIONS">Security Options</control>
<control lang="en" key="IDT_TASKBAR_ICON">VeraCrypt Background Task</control>
@@ -345,6 +346,7 @@
<control lang="en" key="IDT_SECURITY_TOKEN">Security token:</control>
<control lang="en" key="IDT_SORT_METHOD">Sort Method:</control>
<control lang="en" key="IDT_STATIC_MODELESS_WAIT_DLG_INFO">Please wait. This process may take a long time...</control>
<control lang="en" key="IDT_STATIC_MODAL_WAIT_DLG_INFO">Please wait...\nThis process may take a long time and VeraCrypt may become unresponsive.</control>
<control lang="en" key="IDT_TEST_BLOCK_NUMBER">Block number:</control>
<control lang="en" key="IDT_TEST_CIPHERTEXT">Ciphertext (hexadecimal)</control>
<control lang="en" key="IDT_TEST_DATA_UNIT_NUMBER">Data unit number (64-bit hexadecimal, data unit size is 512 bytes)</control>
@@ -756,6 +758,7 @@
<string lang="en" key="REMOVABLE_DISK">Removable Disk</string>
<string lang="en" key="HARDDISK">Harddisk</string>
<string lang="en" key="UNCHANGED">Unchanged</string>
<string lang="en" key="AUTODETECTION">Autodetection</string>
<string lang="en" key="SETUP_MODE_TITLE">Wizard Mode</string>
<string lang="en" key="SETUP_MODE_INFO">Select one of the modes. If you are not sure which to select, use the default mode.</string>
<string lang="en" key="SETUP_MODE_HELP_INSTALL">Select this option if you want to install VeraCrypt on this system.</string>

4
src/Common/Password.c
View File

@@ -119,7 +119,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem)
return TRUE;
}
int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@@ -287,7 +287,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
/* Try to decrypt the header */
nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, &cryptoInfo, NULL);
nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here

2
src/Common/Password.h
View File

@@ -35,7 +35,7 @@ typedef struct
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)

6
src/Common/Resource.h
View File

@@ -184,6 +184,10 @@
#define IDC_KEYFILES_RANDOM_SIZE 5122
#define IDT_KEYFILES_SIZE 5123
#define IDD_STATIC_MODAL_WAIT_DLG 5124
#define IDT_STATIC_MODAL_WAIT_DLG_INFO 5125
#define IDC_WAIT_PROGRESS_BAR 5126
#define IDC_PKCS5_PRF_ID 5127
#define IDT_PKCS5_PRF 5128
// Next default values for new objects
//
@@ -192,7 +196,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 542
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 5125
#define _APS_NEXT_CONTROL_VALUE 5129
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif

13
src/Common/Volumes.c
View File

@@ -163,7 +163,7 @@ typedef struct
BOOL ReadVolumeHeaderRecoveryMode = FALSE;
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
KEY_INFO keyInfo;
@@ -198,7 +198,8 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
return ERR_OUTOFMEMORY;
}
if (encryptionThreadCount > 1)
/* use thread pool only if no PRF was specified */
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
keyDerivationWorkItems = TCalloc (sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
if (!keyDerivationWorkItems)
@@ -241,7 +242,11 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
// Test all available PKCS5 PRFs
for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf)
{
if (encryptionThreadCount > 1)
// if a PRF is specified, we skip all other PRFs
if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf)
continue;
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
// Enqueue key derivation on thread pool
if (queuedWorkItems < encryptionThreadCount && enqPkcs5Prf <= LAST_PRF_ID)
@@ -529,7 +534,7 @@ ret:
VirtualUnlock (&dk, sizeof (dk));
#endif
if (encryptionThreadCount > 1)
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
TC_WAIT_EVENT (noOutstandingWorkItemEvent);

4
src/Common/Volumes.h
View File

@@ -126,7 +126,11 @@ extern BOOL ReadVolumeHeaderRecoveryMode;
uint16 GetHeaderField16 (byte *header, int offset);
uint32 GetHeaderField32 (byte *header, int offset);
UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
#ifdef TC_WINDOWS_BOOT
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#else
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#endif
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)
int CreateVolumeHeaderInMemory (BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);