Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

Windows: Remove support for 32-bit driver code. Set build target as Windows 10. Simplify code and fix all warnings in driver.

Browse Source
This commit is contained in:
Mounir IDRASSI
2024-11-13 02:08:51 +01:00
parent ec4b44c238
commit cb97351250
31 changed files with 513 additions and 778 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Common/BootEncryption.cpp
View File

@@ -4382,14 +4382,14 @@ namespace VeraCrypt
if (!IsRandomNumberGeneratorStarted())
throw ParameterIncorrect (SRC_POS);
throw_sys_if (CreateVolumeHeaderInMemory (ParentWindow, TRUE, (char *) VolumeHeader, ea, mode, password, pkcs5, pim, NULL, &cryptoInfo,
throw_sys_if (CreateVolumeHeaderInMemory (ParentWindow, TRUE, VolumeHeader, ea, mode, password, pkcs5, pim, NULL, &cryptoInfo,
volumeSize, 0, encryptedAreaStart, 0, TC_SYSENC_KEYSCOPE_MIN_REQ_PROG_VERSION, TC_HEADER_FLAG_ENCRYPTED_SYSTEM, TC_SECTOR_SIZE_BIOS, FALSE) != 0);
finally_do_arg (PCRYPTO_INFO*, &cryptoInfo, { crypto_close (*finally_arg); });
// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)
memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));
if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, NULL, cryptoInfo))
if (0 != ReadVolumeHeader (TRUE, RescueVolumeHeader, password, pkcs5, pim, NULL, cryptoInfo))
throw ParameterIncorrect (SRC_POS);
DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
@@ -5391,7 +5391,7 @@ namespace VeraCrypt
SystemDriveConfiguration config = GetSystemDriveConfiguration ();
char header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE];
unsigned char header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE];
Device device (config.DevicePath);
device.CheckOpened (SRC_POS);
@@ -5421,7 +5421,7 @@ namespace VeraCrypt
}
device.SeekAt (headerOffset);
device.Read ((uint8 *) header, sizeof (header));
device.Read (header, sizeof (header));
PCRYPTO_INFO cryptoInfo = NULL;

2
src/Common/Cache.c
View File

@@ -43,7 +43,7 @@ void VcUnprotectPassword (Password* pPassword, uint64 encID)
#endif
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo)
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo)
{
int nReturnCode = ERR_PASSWORD_WRONG;
int i, effectivePim;

2
src/Common/Cache.h
View File

@@ -22,5 +22,5 @@ extern int cacheEmpty;
void AddPasswordToCache (Password *password, int pim, BOOL bCachePim);
void AddLegacyPasswordToCache (PasswordLegacy *password, int pim);
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo);
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo);
void WipeCache (void);

12
src/Common/Crypto.c
View File

@@ -659,8 +659,8 @@ int EAGetNextMode (int ea, int previousModeId)
return 0;
}
// Returns the name of the mode of operation of the whole EA
wchar_t *EAGetModeName (int ea, int mode, BOOL capitalLetters)
// Returns the name of the mode of operation
const wchar_t *EAGetModeName (int mode)
{
switch (mode)
{
@@ -669,7 +669,7 @@ wchar_t *EAGetModeName (int ea, int mode, BOOL capitalLetters)
return L"XTS";
}
return L"[unknown]";
return L"[UNKNOWN]";
}
#endif // TC_WINDOWS_BOOT
@@ -891,7 +891,7 @@ PCRYPTO_INFO crypto_open ()
}
#ifndef TC_WINDOWS_BOOT
void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen)
void crypto_loadkey (PKEY_INFO keyInfo, unsigned char *lpszUserKey, int nUserKeyLen)
{
keyInfo->keyLength = nUserKeyLen;
burn (keyInfo->userKey, sizeof (keyInfo->userKey));
@@ -1239,9 +1239,11 @@ static BOOL RamEncryptionEnabled = FALSE;
BOOL IsCpuRngSupported ()
{
#ifndef _M_ARM64
if (HasRDSEED() || HasRDRAND())
return TRUE;
else
#endif
return FALSE;
}
@@ -1313,7 +1315,7 @@ uint8 GetRandomIndex (ChaCha20RngCtx* pCtx, uint8 elementsCount)
return index;
}
#if defined(_WIN64) && !defined (_UEFI)
#if !defined (_UEFI)
/* declaration of variables and functions used for RAM encryption on 64-bit build */
static uint8* pbKeyDerivationArea = NULL;
static ULONG cbKeyDerivationArea = 0;

10
src/Common/Crypto.h
View File

@@ -228,9 +228,9 @@ typedef struct keyInfo_t
int noIterations; /* Number of times to iterate (PKCS-5) */
int keyLength; /* Length of the key */
uint64 dummy; /* Dummy field to ensure 16-byte alignment of this structure */
__int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */
CRYPTOPP_ALIGN_DATA(16) __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */
CRYPTOPP_ALIGN_DATA(16) __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */
unsigned __int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */
CRYPTOPP_ALIGN_DATA(16) unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */
CRYPTOPP_ALIGN_DATA(16) unsigned __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */
} KEY_INFO, *PKEY_INFO;
#endif
@@ -309,7 +309,7 @@ typedef struct BOOT_CRYPTO_HEADER_t
PCRYPTO_INFO crypto_open (void);
#ifndef TC_WINDOWS_BOOT
void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen);
void crypto_loadkey (PKEY_INFO keyInfo, unsigned char *lpszUserKey, int nUserKeyLen);
void crypto_eraseKeys (PCRYPTO_INFO cryptoInfo);
#endif
void crypto_close (PCRYPTO_INFO cryptoInfo);
@@ -348,7 +348,7 @@ int EAGetKeySize (int ea);
int EAGetFirstMode (int ea);
int EAGetNextMode (int ea, int previousModeId);
#ifndef TC_WINDOWS_BOOT
wchar_t * EAGetModeName (int ea, int mode, BOOL capitalLetters);
const wchar_t * EAGetModeName (int mode);
#endif
int EAGetKeyScheduleSize (int ea);
int EAGetLargestKey ();

29
src/Common/Dlgcode.c
View File

@@ -859,11 +859,6 @@ BOOL VerifyModuleSignature (const wchar_t* path)
WINTRUST_DATA WVTData = {0};
wchar_t filePath [TC_MAX_PATH + 1024];
// we check our own authenticode signature only starting from Windows 10 since this is
// the minimal supported OS apart from XP where we can't verify SHA256 signatures
if (!IsOSAtLeast (WIN_10))
return TRUE;
// Strip quotation marks (if any)
if (path [0] == L'"')
{
@@ -3603,10 +3598,10 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
InitOSVersionInfo();
if (!IsOSAtLeast (WIN_7))
if (!IsOSAtLeast (WIN_10))
{
// abort using a message that says that VeraCrypt can run only on Windows 7 and later and that it is officially supported only on Windows 10 and later
AbortProcessDirect(L"VeraCrypt requires at least Windows 7 to run.");
// abort using a message that says that VeraCrypt can run only on Windows 10 and later
AbortProcessDirect(L"VeraCrypt requires at least Windows 10 to run.");
}
SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories");
@@ -6266,7 +6261,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
*/
{
int thid, i;
char dk[MASTER_KEYDATA_SIZE];
unsigned char dk[MASTER_KEYDATA_SIZE];
char *tmp_salt = {"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"};
for (thid = FIRST_PRF_ID; thid <= LAST_PRF_ID; thid++)
@@ -6284,27 +6279,27 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
case SHA512:
/* PKCS-5 test with HMAC-SHA-512 used as the PRF */
derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_sha512 ((unsigned char*) "passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case SHA256:
/* PKCS-5 test with HMAC-SHA-256 used as the PRF */
derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_sha256 ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
#ifndef WOLFCRYPT_BACKEND
case BLAKE2S:
/* PKCS-5 test with HMAC-BLAKE2s used as the PRF */
derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_blake2s ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case WHIRLPOOL:
/* PKCS-5 test with HMAC-Whirlpool used as the PRF */
derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_whirlpool ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case STREEBOG:
/* PKCS-5 test with HMAC-STREEBOG used as the PRF */
derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_streebog((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
}
#endif
@@ -7639,7 +7634,7 @@ CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
else
{
CipherInit2(idTestCipher, key, ks_tmp, ks);
CipherInit2(idTestCipher, key, ks_tmp);
if (bEncrypt)
{
@@ -11480,7 +11475,7 @@ int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password
int volumeType;
wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
wchar_t szDosDevice[TC_MAX_PATH];
char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
LARGE_INTEGER headerOffset;
DWORD dwResult;
DISK_GEOMETRY_EX deviceGeometry;
@@ -11694,7 +11689,7 @@ void CloseVolume (OpenVolumeContext *context)
}
int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode)
int ReEncryptVolumeHeader (HWND hwndDlg, unsigned char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode)
{
CRYPTO_INFO *newCryptoInfo = NULL;

2
src/Common/Dlgcode.h
View File

@@ -540,7 +540,7 @@ BOOL GetSysDevicePaths (HWND hwndDlg);
BOOL DoDriverInstall (HWND hwndDlg);
int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context);
int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode);
int ReEncryptVolumeHeader (HWND hwndDlg, unsigned char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode);
BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);
BOOL IsPagingFileWildcardActive ();
BOOL DisablePagingFile ();

8
src/Common/EncryptionThreadPool.c
View File

@@ -98,14 +98,14 @@ typedef struct EncryptionThreadPoolWorkItemStruct
{
TC_EVENT *CompletionEvent;
LONG *CompletionFlag;
char *DerivedKey;
unsigned char *DerivedKey;
int IterationCount;
TC_EVENT *NoOutstandingWorkItemEvent;
LONG *OutstandingWorkItemCount;
char *Password;
unsigned char *Password;
int PasswordLength;
int Pkcs5Prf;
char *Salt;
unsigned char *Salt;
} KeyDerivation;
@@ -533,7 +533,7 @@ void EncryptionThreadPoolStop ()
}
void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey)
void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, unsigned char *password, int passwordLength, unsigned char *salt, int iterationCount, unsigned char *derivedKey)
{
EncryptionThreadPoolWorkItem *workItem;

2
src/Common/EncryptionThreadPool.h
View File

@@ -32,7 +32,7 @@ typedef enum
size_t GetCpuCount (WORD* pGroupCount);
#endif
void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey);
void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, unsigned char *password, int passwordLength, unsigned char *salt, int iterationCount, unsigned char *derivedKey);
void EncryptionThreadPoolBeginReadVolumeHeaderFinalization (TC_EVENT *keyDerivationCompletedEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG* outstandingWorkItemCount, void* keyInfoBuffer, int keyInfoBufferSize, void* keyDerivationWorkItems, int keyDerivationWorkItemsSize);
void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, uint8 *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo);
BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount);

2
src/Common/Format.c
View File

@@ -84,7 +84,7 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
PCRYPTO_INFO cryptoInfo = NULL;
HANDLE dev = INVALID_HANDLE_VALUE;
DWORD dwError;
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned __int64 num_sectors, startSector;
fatparams ft;
FILETIME ftCreationTime;

2
src/Common/Password.c
View File

@@ -173,7 +173,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
wchar_t szDosDevice[TC_MAX_PATH];
char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
PCRYPTO_INFO cryptoInfo = NULL, ci = NULL;
void *dev = INVALID_HANDLE_VALUE;
DWORD dwError;

405
src/Common/Pkcs5.c
View File

@@ -43,13 +43,13 @@ typedef struct hmac_sha256_ctx_struct
sha256_ctx ctx;
sha256_ctx inner_digest_ctx; /*pre-computed inner digest context */
sha256_ctx outer_digest_ctx; /*pre-computed outer digest context */
char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA256 hash */
char u[SHA256_DIGESTSIZE];
unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA256 hash */
unsigned char u[SHA256_DIGESTSIZE];
} hmac_sha256_ctx;
void hmac_sha256_internal
(
char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
int ld, /* length of input data in bytes */
hmac_sha256_ctx* hmac /* HMAC-SHA256 context which holds temporary variables */
)
@@ -60,44 +60,38 @@ void hmac_sha256_internal
memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha256_ctx));
sha256_hash ((unsigned char *) d, ld, ctx);
sha256_hash (d, ld, ctx);
sha256_end ((unsigned char *) d, ctx); /* d = inner digest */
sha256_end (d, ctx); /* d = inner digest */
/**** Restore Precomputed Outer Digest Context ****/
memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha256_ctx));
sha256_hash ((unsigned char *) d, SHA256_DIGESTSIZE, ctx);
sha256_hash (d, SHA256_DIGESTSIZE, ctx);
sha256_end ((unsigned char *) d, ctx); /* d = outer digest */
sha256_end (d, ctx); /* d = outer digest */
}
#ifndef TC_WINDOWS_BOOT
void hmac_sha256
(
char *k, /* secret key */
unsigned char *k, /* secret key */
int lk, /* length of the key in bytes */
char *d, /* data */
unsigned char *d, /* data */
int ld /* length of data in bytes */
)
{
hmac_sha256_ctx hmac;
sha256_ctx* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b;
char key[SHA256_DIGESTSIZE];
#if defined (DEVICE_DRIVER)
unsigned char key[SHA256_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
#ifdef _WIN64
XSTATE_SAVE SaveState;
if (IsCpuIntel() && HasSAVX())
saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState);
#else
KFLOATING_SAVE floatingPointState;
if (HasSSE2())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
#endif
/* If the key is longer than the hash algorithm block size,
let key = sha256(key), as per HMAC specifications. */
@@ -106,8 +100,8 @@ void hmac_sha256
sha256_ctx tctx;
sha256_begin (&tctx);
sha256_hash ((unsigned char *) k, lk, &tctx);
sha256_end ((unsigned char *) key, &tctx);
sha256_hash (k, lk, &tctx);
sha256_end (key, &tctx);
k = key;
lk = SHA256_DIGESTSIZE;
@@ -122,10 +116,10 @@ void hmac_sha256
/* Pad the key for inner digest */
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x36);
buf[b] = (unsigned char) (k[b] ^ 0x36);
memset (&buf[lk], 0x36, SHA256_BLOCKSIZE - lk);
sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx);
sha256_hash (buf, SHA256_BLOCKSIZE, ctx);
/**** Precompute HMAC Outer Digest ****/
@@ -133,20 +127,16 @@ void hmac_sha256
sha256_begin (ctx);
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x5C);
buf[b] = (unsigned char) (k[b] ^ 0x5C);
memset (&buf[lk], 0x5C, SHA256_BLOCKSIZE - lk);
sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx);
sha256_hash (buf, SHA256_BLOCKSIZE, ctx);
hmac_sha256_internal(d, ld, &hmac);
#if defined (DEVICE_DRIVER)
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
if (NT_SUCCESS (saveStatus))
#ifdef _WIN64
KeRestoreExtendedProcessorStateVC(&SaveState);
#else
KeRestoreFloatingPointState (&floatingPointState);
#endif
#endif
/* Prevent leaks */
@@ -155,10 +145,10 @@ void hmac_sha256
}
#endif
static void derive_u_sha256 (char *salt, int salt_len, uint32 iterations, int b, hmac_sha256_ctx* hmac)
static void derive_u_sha256 (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_sha256_ctx* hmac)
{
char* k = hmac->k;
char* u = hmac->u;
unsigned char* k = hmac->k;
unsigned char* u = hmac->u;
uint32 c;
int i;
@@ -184,7 +174,7 @@ static void derive_u_sha256 (char *salt, int salt_len, uint32 iterations, int b,
#ifdef TC_WINDOWS_BOOT
/* specific case of 16-bit bootloader: b is a 16-bit integer that is always < 256 */
memset (&k[salt_len], 0, 3);
k[salt_len + 3] = (char) b;
k[salt_len + 3] = (unsigned char) b;
#else
b = bswap_32 (b);
memcpy (&k[salt_len], &b, 4);
@@ -206,25 +196,19 @@ static void derive_u_sha256 (char *salt, int salt_len, uint32 iterations, int b,
}
void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
void derive_key_sha256 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen)
{
hmac_sha256_ctx hmac;
sha256_ctx* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b, l, r;
#ifndef TC_WINDOWS_BOOT
char key[SHA256_DIGESTSIZE];
#if defined (DEVICE_DRIVER)
unsigned char key[SHA256_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
#ifdef _WIN64
XSTATE_SAVE SaveState;
if (IsCpuIntel() && HasSAVX())
saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState);
#else
KFLOATING_SAVE floatingPointState;
if (HasSSE2())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
#endif
/* If the password is longer than the hash algorithm block size,
let pwd = sha256(pwd), as per HMAC specifications. */
@@ -233,8 +217,8 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
sha256_ctx tctx;
sha256_begin (&tctx);
sha256_hash ((unsigned char *) pwd, pwd_len, &tctx);
sha256_end ((unsigned char *) key, &tctx);
sha256_hash (pwd, pwd_len, &tctx);
sha256_end (key, &tctx);
pwd = key;
pwd_len = SHA256_DIGESTSIZE;
@@ -261,10 +245,10 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
/* Pad the key for inner digest */
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x36);
buf[b] = (unsigned char) (pwd[b] ^ 0x36);
memset (&buf[pwd_len], 0x36, SHA256_BLOCKSIZE - pwd_len);
sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx);
sha256_hash (buf, SHA256_BLOCKSIZE, ctx);
/**** Precompute HMAC Outer Digest ****/
@@ -272,10 +256,10 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
sha256_begin (ctx);
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x5C);
buf[b] = (unsigned char) (pwd[b] ^ 0x5C);
memset (&buf[pwd_len], 0x5C, SHA256_BLOCKSIZE - pwd_len);
sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx);
sha256_hash (buf, SHA256_BLOCKSIZE, ctx);
/* first l - 1 blocks */
for (b = 1; b < l; b++)
@@ -289,13 +273,9 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
derive_u_sha256 (salt, salt_len, iterations, b, &hmac);
memcpy (dk, hmac.u, r);
#if defined (DEVICE_DRIVER)
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
if (NT_SUCCESS (saveStatus))
#ifdef _WIN64
KeRestoreExtendedProcessorStateVC(&SaveState);
#else
KeRestoreFloatingPointState (&floatingPointState);
#endif
#endif
/* Prevent possible leaks. */
@@ -314,13 +294,13 @@ typedef struct hmac_sha512_ctx_struct
sha512_ctx ctx;
sha512_ctx inner_digest_ctx; /*pre-computed inner digest context */
sha512_ctx outer_digest_ctx; /*pre-computed outer digest context */
char k[SHA512_BLOCKSIZE]; /* enough to hold (salt_len + 4) and also the SHA512 hash */
char u[SHA512_DIGESTSIZE];
unsigned char k[SHA512_BLOCKSIZE]; /* enough to hold (salt_len + 4) and also the SHA512 hash */
unsigned char u[SHA512_DIGESTSIZE];
} hmac_sha512_ctx;
void hmac_sha512_internal
(
char *d, /* data and also output buffer of at least 64 bytes */
unsigned char *d, /* data and also output buffer of at least 64 bytes */
int ld, /* length of data in bytes */
hmac_sha512_ctx* hmac
)
@@ -331,43 +311,37 @@ void hmac_sha512_internal
memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha512_ctx));
sha512_hash ((unsigned char *) d, ld, ctx);
sha512_hash (d, ld, ctx);
sha512_end ((unsigned char *) d, ctx);
sha512_end (d, ctx);
/**** Restore Precomputed Outer Digest Context ****/
memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha512_ctx));
sha512_hash ((unsigned char *) d, SHA512_DIGESTSIZE, ctx);
sha512_hash (d, SHA512_DIGESTSIZE, ctx);
sha512_end ((unsigned char *) d, ctx);
sha512_end (d, ctx);
}
void hmac_sha512
(
char *k, /* secret key */
unsigned char *k, /* secret key */
int lk, /* length of the key in bytes */
char *d, /* data and also output buffer of at least 64 bytes */
unsigned char *d, /* data and also output buffer of at least 64 bytes */
int ld /* length of data in bytes */
)
{
hmac_sha512_ctx hmac;
sha512_ctx* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b;
char key[SHA512_DIGESTSIZE];
#if defined (DEVICE_DRIVER)
unsigned char key[SHA512_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
#ifdef _WIN64
XSTATE_SAVE SaveState;
if (IsCpuIntel() && HasSAVX())
saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState);
#else
KFLOATING_SAVE floatingPointState;
if (HasSSSE3() && HasMMX())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
#endif
/* If the key is longer than the hash algorithm block size,
@@ -377,8 +351,8 @@ void hmac_sha512
sha512_ctx tctx;
sha512_begin (&tctx);
sha512_hash ((unsigned char *) k, lk, &tctx);
sha512_end ((unsigned char *) key, &tctx);
sha512_hash (k, lk, &tctx);
sha512_end (key, &tctx);
k = key;
lk = SHA512_DIGESTSIZE;
@@ -393,10 +367,10 @@ void hmac_sha512
/* Pad the key for inner digest */
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x36);
buf[b] = (unsigned char) (k[b] ^ 0x36);
memset (&buf[lk], 0x36, SHA512_BLOCKSIZE - lk);
sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx);
sha512_hash (buf, SHA512_BLOCKSIZE, ctx);
/**** Precompute HMAC Outer Digest ****/
@@ -404,20 +378,16 @@ void hmac_sha512
sha512_begin (ctx);
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x5C);
buf[b] = (unsigned char) (k[b] ^ 0x5C);
memset (&buf[lk], 0x5C, SHA512_BLOCKSIZE - lk);
sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx);
sha512_hash (buf, SHA512_BLOCKSIZE, ctx);
hmac_sha512_internal (d, ld, &hmac);
#if defined (DEVICE_DRIVER)
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
if (NT_SUCCESS (saveStatus))
#ifdef _WIN64
KeRestoreExtendedProcessorStateVC(&SaveState);
#else
KeRestoreFloatingPointState (&floatingPointState);
#endif
#endif
/* Prevent leaks */
@@ -425,10 +395,10 @@ void hmac_sha512
burn (key, sizeof(key));
}
static void derive_u_sha512 (char *salt, int salt_len, uint32 iterations, int b, hmac_sha512_ctx* hmac)
static void derive_u_sha512 (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_sha512_ctx* hmac)
{
char* k = hmac->k;
char* u = hmac->u;
unsigned char* k = hmac->k;
unsigned char* u = hmac->u;
uint32 c, i;
/* iteration 1 */
@@ -452,24 +422,18 @@ static void derive_u_sha512 (char *salt, int salt_len, uint32 iterations, int b,
}
void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
void derive_key_sha512 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen)
{
hmac_sha512_ctx hmac;
sha512_ctx* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b, l, r;
char key[SHA512_DIGESTSIZE];
#if defined (DEVICE_DRIVER)
unsigned char key[SHA512_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
#ifdef _WIN64
XSTATE_SAVE SaveState;
if (IsCpuIntel() && HasSAVX())
saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState);
#else
KFLOATING_SAVE floatingPointState;
if (HasSSSE3() && HasMMX())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
#endif
/* If the password is longer than the hash algorithm block size,
@@ -479,8 +443,8 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
sha512_ctx tctx;
sha512_begin (&tctx);
sha512_hash ((unsigned char *) pwd, pwd_len, &tctx);
sha512_end ((unsigned char *) key, &tctx);
sha512_hash (pwd, pwd_len, &tctx);
sha512_end (key, &tctx);
pwd = key;
pwd_len = SHA512_DIGESTSIZE;
@@ -506,10 +470,10 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
/* Pad the key for inner digest */
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x36);
buf[b] = (unsigned char) (pwd[b] ^ 0x36);
memset (&buf[pwd_len], 0x36, SHA512_BLOCKSIZE - pwd_len);
sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx);
sha512_hash (buf, SHA512_BLOCKSIZE, ctx);
/**** Precompute HMAC Outer Digest ****/
@@ -517,10 +481,10 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
sha512_begin (ctx);
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x5C);
buf[b] = (unsigned char) (pwd[b] ^ 0x5C);
memset (&buf[pwd_len], 0x5C, SHA512_BLOCKSIZE - pwd_len);
sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx);
sha512_hash (buf, SHA512_BLOCKSIZE, ctx);
/* first l - 1 blocks */
for (b = 1; b < l; b++)
@@ -534,13 +498,9 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32
derive_u_sha512 (salt, salt_len, iterations, b, &hmac);
memcpy (dk, hmac.u, r);
#if defined (DEVICE_DRIVER)
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
if (NT_SUCCESS (saveStatus))
#ifdef _WIN64
KeRestoreExtendedProcessorStateVC(&SaveState);
#else
KeRestoreFloatingPointState (&floatingPointState);
#endif
#endif
/* Prevent possible leaks. */
@@ -557,13 +517,13 @@ typedef struct hmac_blake2s_ctx_struct
blake2s_state ctx;
blake2s_state inner_digest_ctx; /*pre-computed inner digest context */
blake2s_state outer_digest_ctx; /*pre-computed outer digest context */
char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Blake2s hash */
char u[BLAKE2S_DIGESTSIZE];
unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Blake2s hash */
unsigned char u[BLAKE2S_DIGESTSIZE];
} hmac_blake2s_ctx;
void hmac_blake2s_internal
(
char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
int ld, /* length of input data in bytes */
hmac_blake2s_ctx* hmac /* HMAC-BLAKE2S context which holds temporary variables */
)
@@ -576,7 +536,7 @@ void hmac_blake2s_internal
blake2s_update (ctx, d, ld);
blake2s_final (ctx, (unsigned char*) d); /* d = inner digest */
blake2s_final (ctx, d); /* d = inner digest */
/**** Restore Precomputed Outer Digest Context ****/
@@ -584,34 +544,28 @@ void hmac_blake2s_internal
blake2s_update (ctx, d, BLAKE2S_DIGESTSIZE);
blake2s_final (ctx, (unsigned char *) d); /* d = outer digest */
blake2s_final (ctx, d); /* d = outer digest */
}
#ifndef TC_WINDOWS_BOOT
void hmac_blake2s
(
char *k, /* secret key */
unsigned char *k, /* secret key */
int lk, /* length of the key in bytes */
char *d, /* data */
unsigned char *d, /* data */
int ld /* length of data in bytes */
)
{
hmac_blake2s_ctx hmac;
blake2s_state* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b;
char key[BLAKE2S_DIGESTSIZE];
#if defined (DEVICE_DRIVER)
unsigned char key[BLAKE2S_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
#ifdef _WIN64
XSTATE_SAVE SaveState;
if (IsCpuIntel() && HasSAVX())
saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState);
#else
KFLOATING_SAVE floatingPointState;
if (HasSSE2())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
#endif
/* If the key is longer than the hash algorithm block size,
let key = blake2s(key), as per HMAC specifications. */
@@ -621,7 +575,7 @@ void hmac_blake2s
blake2s_init (&tctx);
blake2s_update (&tctx, k, lk);
blake2s_final (&tctx, (unsigned char *) key);
blake2s_final (&tctx, key);
k = key;
lk = BLAKE2S_DIGESTSIZE;
@@ -636,10 +590,10 @@ void hmac_blake2s
/* Pad the key for inner digest */
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x36);
buf[b] = (unsigned char) (k[b] ^ 0x36);
memset (&buf[lk], 0x36, BLAKE2S_BLOCKSIZE - lk);
blake2s_update (ctx, (unsigned char *) buf, BLAKE2S_BLOCKSIZE);
blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE);
/**** Precompute HMAC Outer Digest ****/
@@ -647,20 +601,16 @@ void hmac_blake2s
blake2s_init (ctx);
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x5C);
buf[b] = (unsigned char) (k[b] ^ 0x5C);
memset (&buf[lk], 0x5C, BLAKE2S_BLOCKSIZE - lk);
blake2s_update (ctx, (unsigned char *) buf, BLAKE2S_BLOCKSIZE);
blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE);
hmac_blake2s_internal(d, ld, &hmac);
#if defined (DEVICE_DRIVER)
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
if (NT_SUCCESS (saveStatus))
#ifdef _WIN64
KeRestoreExtendedProcessorStateVC(&SaveState);
#else
KeRestoreFloatingPointState (&floatingPointState);
#endif
#endif
/* Prevent leaks */
@@ -669,10 +619,10 @@ void hmac_blake2s
}
#endif
static void derive_u_blake2s (char *salt, int salt_len, uint32 iterations, int b, hmac_blake2s_ctx* hmac)
static void derive_u_blake2s (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_blake2s_ctx* hmac)
{
char* k = hmac->k;
char* u = hmac->u;
unsigned char* k = hmac->k;
unsigned char* u = hmac->u;
uint32 c;
int i;
@@ -698,7 +648,7 @@ static void derive_u_blake2s (char *salt, int salt_len, uint32 iterations, int b
#ifdef TC_WINDOWS_BOOT
/* specific case of 16-bit bootloader: b is a 16-bit integer that is always < 256 */
memset (&k[salt_len], 0, 3);
k[salt_len + 3] = (char) b;
k[salt_len + 3] = (unsigned char) b;
#else
b = bswap_32 (b);
memcpy (&k[salt_len], &b, 4);
@@ -720,25 +670,22 @@ static void derive_u_blake2s (char *salt, int salt_len, uint32 iterations, int b
}
void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
void derive_key_blake2s (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen)
{
hmac_blake2s_ctx hmac;
blake2s_state* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b, l, r;
#ifndef TC_WINDOWS_BOOT
char key[BLAKE2S_DIGESTSIZE];
#if defined (DEVICE_DRIVER)
unsigned char key[BLAKE2S_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
#ifdef _WIN64
XSTATE_SAVE SaveState;
if (IsCpuIntel() && HasSAVX())
saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState);
#else
KFLOATING_SAVE floatingPointState;
if (HasSSE2())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
#endif
/* If the password is longer than the hash algorithm block size,
let pwd = blake2s(pwd), as per HMAC specifications. */
@@ -748,7 +695,7 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3
blake2s_init (&tctx);
blake2s_update (&tctx, pwd, pwd_len);
blake2s_final (&tctx, (unsigned char *) key);
blake2s_final (&tctx, key);
pwd = key;
pwd_len = BLAKE2S_DIGESTSIZE;
@@ -775,7 +722,7 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3
/* Pad the key for inner digest */
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x36);
buf[b] = (unsigned char) (pwd[b] ^ 0x36);
memset (&buf[pwd_len], 0x36, BLAKE2S_BLOCKSIZE - pwd_len);
blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE);
@@ -786,7 +733,7 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3
blake2s_init (ctx);
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x5C);
buf[b] = (unsigned char) (pwd[b] ^ 0x5C);
memset (&buf[pwd_len], 0x5C, BLAKE2S_BLOCKSIZE - pwd_len);
blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE);
@@ -803,13 +750,9 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3
derive_u_blake2s (salt, salt_len, iterations, b, &hmac);
memcpy (dk, hmac.u, r);
#if defined (DEVICE_DRIVER)
#if defined (DEVICE_DRIVER) && !defined(_M_ARM64)
if (NT_SUCCESS (saveStatus))
#ifdef _WIN64
KeRestoreExtendedProcessorStateVC(&SaveState);
#else
KeRestoreFloatingPointState (&floatingPointState);
#endif
#endif
/* Prevent possible leaks. */
@@ -828,13 +771,13 @@ typedef struct hmac_whirlpool_ctx_struct
WHIRLPOOL_CTX ctx;
WHIRLPOOL_CTX inner_digest_ctx; /*pre-computed inner digest context */
WHIRLPOOL_CTX outer_digest_ctx; /*pre-computed outer digest context */
CRYPTOPP_ALIGN_DATA(16) char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Whirlpool hash */
char u[WHIRLPOOL_DIGESTSIZE];
CRYPTOPP_ALIGN_DATA(16) unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Whirlpool hash */
unsigned char u[WHIRLPOOL_DIGESTSIZE];
} hmac_whirlpool_ctx;
void hmac_whirlpool_internal
(
char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */
unsigned char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */
int ld, /* length of input data in bytes */
hmac_whirlpool_ctx* hmac /* HMAC-Whirlpool context which holds temporary variables */
)
@@ -845,38 +788,32 @@ void hmac_whirlpool_internal
memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (WHIRLPOOL_CTX));
WHIRLPOOL_add ((unsigned char *) d, ld, ctx);
WHIRLPOOL_add (d, ld, ctx);
WHIRLPOOL_finalize (ctx, (unsigned char *) d);
WHIRLPOOL_finalize (ctx, d);
/**** Restore Precomputed Outer Digest Context ****/
memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (WHIRLPOOL_CTX));
WHIRLPOOL_add ((unsigned char *) d, WHIRLPOOL_DIGESTSIZE, ctx);
WHIRLPOOL_add (d, WHIRLPOOL_DIGESTSIZE, ctx);
WHIRLPOOL_finalize (ctx, (unsigned char *) d);
WHIRLPOOL_finalize (ctx, d);
}
void hmac_whirlpool
(
char *k, /* secret key */
unsigned char *k, /* secret key */
int lk, /* length of the key in bytes */
char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
int ld /* length of data in bytes */
)
{
hmac_whirlpool_ctx hmac;
WHIRLPOOL_CTX* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b;
char key[WHIRLPOOL_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
if (HasISSE())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
unsigned char key[WHIRLPOOL_DIGESTSIZE];
/* If the key is longer than the hash algorithm block size,
let key = whirlpool(key), as per HMAC specifications. */
if (lk > WHIRLPOOL_BLOCKSIZE)
@@ -884,8 +821,8 @@ void hmac_whirlpool
WHIRLPOOL_CTX tctx;
WHIRLPOOL_init (&tctx);
WHIRLPOOL_add ((unsigned char *) k, lk, &tctx);
WHIRLPOOL_finalize (&tctx, (unsigned char *) key);
WHIRLPOOL_add (k, lk, &tctx);
WHIRLPOOL_finalize (&tctx, key);
k = key;
lk = WHIRLPOOL_DIGESTSIZE;
@@ -900,10 +837,10 @@ void hmac_whirlpool
/* Pad the key for inner digest */
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x36);
buf[b] = (unsigned char) (k[b] ^ 0x36);
memset (&buf[lk], 0x36, WHIRLPOOL_BLOCKSIZE - lk);
WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx);
WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx);
/**** Precompute HMAC Outer Digest ****/
@@ -911,25 +848,21 @@ void hmac_whirlpool
WHIRLPOOL_init (ctx);
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x5C);
buf[b] = (unsigned char) (k[b] ^ 0x5C);
memset (&buf[lk], 0x5C, WHIRLPOOL_BLOCKSIZE - lk);
WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx);
WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx);
hmac_whirlpool_internal(d, ld, &hmac);
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
if (NT_SUCCESS (saveStatus))
KeRestoreFloatingPointState (&floatingPointState);
#endif
/* Prevent leaks */
burn(&hmac, sizeof(hmac));
}
static void derive_u_whirlpool (char *salt, int salt_len, uint32 iterations, int b, hmac_whirlpool_ctx* hmac)
static void derive_u_whirlpool (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_whirlpool_ctx* hmac)
{
char* u = hmac->u;
char* k = hmac->k;
unsigned char* u = hmac->u;
unsigned char* k = hmac->k;
uint32 c, i;
/* iteration 1 */
@@ -952,19 +885,13 @@ static void derive_u_whirlpool (char *salt, int salt_len, uint32 iterations, int
}
}
void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
void derive_key_whirlpool (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen)
{
hmac_whirlpool_ctx hmac;
WHIRLPOOL_CTX* ctx;
char* buf = hmac.k;
char key[WHIRLPOOL_DIGESTSIZE];
unsigned char* buf = hmac.k;
unsigned char key[WHIRLPOOL_DIGESTSIZE];
int b, l, r;
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
if (HasISSE())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
/* If the password is longer than the hash algorithm block size,
let pwd = whirlpool(pwd), as per HMAC specifications. */
if (pwd_len > WHIRLPOOL_BLOCKSIZE)
@@ -972,8 +899,8 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin
WHIRLPOOL_CTX tctx;
WHIRLPOOL_init (&tctx);
WHIRLPOOL_add ((unsigned char *) pwd, pwd_len, &tctx);
WHIRLPOOL_finalize (&tctx, (unsigned char *) key);
WHIRLPOOL_add (pwd, pwd_len, &tctx);
WHIRLPOOL_finalize (&tctx, key);
pwd = key;
pwd_len = WHIRLPOOL_DIGESTSIZE;
@@ -999,10 +926,10 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin
/* Pad the key for inner digest */
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x36);
buf[b] = (unsigned char) (pwd[b] ^ 0x36);
memset (&buf[pwd_len], 0x36, WHIRLPOOL_BLOCKSIZE - pwd_len);
WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx);
WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx);
/**** Precompute HMAC Outer Digest ****/
@@ -1010,10 +937,10 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin
WHIRLPOOL_init (ctx);
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x5C);
buf[b] = (unsigned char) (pwd[b] ^ 0x5C);
memset (&buf[pwd_len], 0x5C, WHIRLPOOL_BLOCKSIZE - pwd_len);
WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx);
WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx);
/* first l - 1 blocks */
for (b = 1; b < l; b++)
@@ -1027,11 +954,6 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin
derive_u_whirlpool (salt, salt_len, iterations, b, &hmac);
memcpy (dk, hmac.u, r);
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
if (NT_SUCCESS (saveStatus))
KeRestoreFloatingPointState (&floatingPointState);
#endif
/* Prevent possible leaks. */
burn (&hmac, sizeof(hmac));
burn (key, sizeof(key));
@@ -1043,13 +965,13 @@ typedef struct hmac_streebog_ctx_struct
STREEBOG_CTX ctx;
STREEBOG_CTX inner_digest_ctx; /*pre-computed inner digest context */
STREEBOG_CTX outer_digest_ctx; /*pre-computed outer digest context */
CRYPTOPP_ALIGN_DATA(16) char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Streebog hash */
char u[STREEBOG_DIGESTSIZE];
CRYPTOPP_ALIGN_DATA(16) unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Streebog hash */
unsigned char u[STREEBOG_DIGESTSIZE];
} hmac_streebog_ctx;
void hmac_streebog_internal
(
char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */
unsigned char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */
int ld, /* length of input data in bytes */
hmac_streebog_ctx* hmac /* HMAC-Whirlpool context which holds temporary variables */
)
@@ -1060,38 +982,32 @@ void hmac_streebog_internal
memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (STREEBOG_CTX));
STREEBOG_add (ctx, (unsigned char *) d, ld);
STREEBOG_add (ctx, d, ld);
STREEBOG_finalize (ctx, (unsigned char *) d);
STREEBOG_finalize (ctx, d);
/**** Restore Precomputed Outer Digest Context ****/
memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (STREEBOG_CTX));
STREEBOG_add (ctx, (unsigned char *) d, STREEBOG_DIGESTSIZE);
STREEBOG_add (ctx, d, STREEBOG_DIGESTSIZE);
STREEBOG_finalize (ctx, (unsigned char *) d);
STREEBOG_finalize (ctx, d);
}
void hmac_streebog
(
char *k, /* secret key */
unsigned char *k, /* secret key */
int lk, /* length of the key in bytes */
char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */
int ld /* length of data in bytes */
)
{
hmac_streebog_ctx hmac;
STREEBOG_CTX* ctx;
char* buf = hmac.k;
unsigned char* buf = hmac.k;
int b;
CRYPTOPP_ALIGN_DATA(16) char key[STREEBOG_DIGESTSIZE];
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
if (HasSSE2() || HasSSE41())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
CRYPTOPP_ALIGN_DATA(16) unsigned char key[STREEBOG_DIGESTSIZE];
/* If the key is longer than the hash algorithm block size,
let key = streebog(key), as per HMAC specifications. */
if (lk > STREEBOG_BLOCKSIZE)
@@ -1099,8 +1015,8 @@ void hmac_streebog
STREEBOG_CTX tctx;
STREEBOG_init (&tctx);
STREEBOG_add (&tctx, (unsigned char *) k, lk);
STREEBOG_finalize (&tctx, (unsigned char *) key);
STREEBOG_add (&tctx, k, lk);
STREEBOG_finalize (&tctx, key);
k = key;
lk = STREEBOG_DIGESTSIZE;
@@ -1115,10 +1031,10 @@ void hmac_streebog
/* Pad the key for inner digest */
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x36);
buf[b] = (unsigned char) (k[b] ^ 0x36);
memset (&buf[lk], 0x36, STREEBOG_BLOCKSIZE - lk);
STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE);
STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE);
/**** Precompute HMAC Outer Digest ****/
@@ -1126,25 +1042,21 @@ void hmac_streebog
STREEBOG_init (ctx);
for (b = 0; b < lk; ++b)
buf[b] = (char) (k[b] ^ 0x5C);
buf[b] = (unsigned char) (k[b] ^ 0x5C);
memset (&buf[lk], 0x5C, STREEBOG_BLOCKSIZE - lk);
STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE);
STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE);
hmac_streebog_internal(d, ld, &hmac);
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
if (NT_SUCCESS (saveStatus))
KeRestoreFloatingPointState (&floatingPointState);
#endif
/* Prevent leaks */
burn(&hmac, sizeof(hmac));
}
static void derive_u_streebog (char *salt, int salt_len, uint32 iterations, int b, hmac_streebog_ctx* hmac)
static void derive_u_streebog (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_streebog_ctx* hmac)
{
char* u = hmac->u;
char* k = hmac->k;
unsigned char* u = hmac->u;
unsigned char* k = hmac->k;
uint32 c, i;
/* iteration 1 */
@@ -1167,19 +1079,13 @@ static void derive_u_streebog (char *salt, int salt_len, uint32 iterations, int
}
}
void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
void derive_key_streebog (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen)
{
hmac_streebog_ctx hmac;
STREEBOG_CTX* ctx;
char* buf = hmac.k;
char key[STREEBOG_DIGESTSIZE];
unsigned char* buf = hmac.k;
unsigned char key[STREEBOG_DIGESTSIZE];
int b, l, r;
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
if (HasSSE2() || HasSSE41())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
/* If the password is longer than the hash algorithm block size,
let pwd = streebog(pwd), as per HMAC specifications. */
if (pwd_len > STREEBOG_BLOCKSIZE)
@@ -1187,8 +1093,8 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint
STREEBOG_CTX tctx;
STREEBOG_init (&tctx);
STREEBOG_add (&tctx, (unsigned char *) pwd, pwd_len);
STREEBOG_finalize (&tctx, (unsigned char *) key);
STREEBOG_add (&tctx, pwd, pwd_len);
STREEBOG_finalize (&tctx, key);
pwd = key;
pwd_len = STREEBOG_DIGESTSIZE;
@@ -1214,10 +1120,10 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint
/* Pad the key for inner digest */
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x36);
buf[b] = (unsigned char) (pwd[b] ^ 0x36);
memset (&buf[pwd_len], 0x36, STREEBOG_BLOCKSIZE - pwd_len);
STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE);
STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE);
/**** Precompute HMAC Outer Digest ****/
@@ -1225,10 +1131,10 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint
STREEBOG_init (ctx);
for (b = 0; b < pwd_len; ++b)
buf[b] = (char) (pwd[b] ^ 0x5C);
buf[b] = (unsigned char) (pwd[b] ^ 0x5C);
memset (&buf[pwd_len], 0x5C, STREEBOG_BLOCKSIZE - pwd_len);
STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE);
STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE);
/* first l - 1 blocks */
for (b = 1; b < l; b++)
@@ -1242,11 +1148,6 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint
derive_u_streebog (salt, salt_len, iterations, b, &hmac);
memcpy (dk, hmac.u, r);
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
if (NT_SUCCESS (saveStatus))
KeRestoreFloatingPointState (&floatingPointState);
#endif
/* Prevent possible leaks. */
burn (&hmac, sizeof(hmac));
burn (key, sizeof(key));

20
src/Common/Pkcs5.h
View File

@@ -21,24 +21,24 @@ extern "C"
{
#endif
/* output written to input_digest which must be at lease 32 bytes long */
void hmac_blake2s (char *key, int keylen, char *input_digest, int len);
void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);
void hmac_blake2s (unsigned char *key, int keylen, unsigned char *input_digest, int len);
void derive_key_blake2s (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen);
/* output written to d which must be at lease 32 bytes long */
void hmac_sha256 (char *k, int lk, char *d, int ld);
void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);
void hmac_sha256 (unsigned char *k, int lk, unsigned char *d, int ld);
void derive_key_sha256 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen);
#ifndef TC_WINDOWS_BOOT
/* output written to d which must be at lease 64 bytes long */
void hmac_sha512 (char *k, int lk, char *d, int ld);
void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);
void hmac_sha512 (unsigned char *k, int lk, unsigned char *d, int ld);
void derive_key_sha512 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen);
/* output written to d which must be at lease 64 bytes long */
void hmac_whirlpool (char *k, int lk, char *d, int ld);
void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);
void hmac_whirlpool (unsigned char *k, int lk, unsigned char *d, int ld);
void derive_key_whirlpool (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen);
void hmac_streebog (char *k, int32 lk, char *d, int32 ld);
void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);
void hmac_streebog (unsigned char *k, int32 lk, unsigned char *d, int32 ld);
void derive_key_streebog (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen);
int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL bBoot);
wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id);

12
src/Common/Tcdefs.h
View File

@@ -255,20 +255,10 @@ void ThrowFatalException(int line);
#include <ntddk.h> /* Standard header file for nt drivers */
#include <ntdddisk.h> /* Standard I/O control codes */
/* defines needed for using enhanced protection of NX pool under Windows 8 and later */
#define NonPagedPoolNx 512
#define MdlMappingNoExecute 0x40000000
/* variables used in the implementation of enhanced protection of NX pool under Windows 8 and later */
extern POOL_TYPE ExDefaultNonPagedPoolType;
extern ULONG ExDefaultMdlProtection;
#ifdef _WIN64
extern ULONG AllocTag;
#else
#define AllocTag 'MMCV'
#endif
#define TCalloc(size) ((void *) ExAllocatePoolWithTag( ExDefaultNonPagedPoolType, size, AllocTag ))
#define TCalloc(size) ((void *) ExAllocatePool2( POOL_FLAG_NON_PAGED, size, AllocTag ))
#define TCfree(memblock) ExFreePoolWithTag( memblock, AllocTag )
#define DEVICE_DRIVER

66
src/Common/Tests.c
View File

@@ -567,19 +567,13 @@ unsigned long HexStringToByteArray(const char* hexStr, unsigned char* pbData)
return count;
}
BOOL RunHashTest (HashFunction fn, HashTestVector* vector, BOOL bUseSSE)
BOOL RunHashTest (HashFunction fn, HashTestVector* vector)
{
CRYPTOPP_ALIGN_DATA (16) unsigned char input[256];
unsigned char output[64];
unsigned char digest[64];
unsigned long i = 0, inputLen, outputLen, digestLen;
BOOL bRet = TRUE;
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
if (bUseSSE)
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
while (vector[i].hexInput && vector[i].hexOutput)
{
inputLen = HexStringToByteArray (vector[i].hexInput, input);
@@ -593,11 +587,6 @@ BOOL RunHashTest (HashFunction fn, HashTestVector* vector, BOOL bUseSSE)
i++;
}
#if defined (DEVICE_DRIVER) && !defined (_WIN64)
if (NT_SUCCESS (saveStatus))
KeRestoreFloatingPointState (&floatingPointState);
#endif
return bRet;
}
@@ -651,7 +640,7 @@ HashTestVector Blake2sTestVectors[] = {
unsigned char ks_tmp[MAX_EXPANDED_KEY];
void CipherInit2(int cipher, void* key, void* ks, int key_len)
void CipherInit2(int cipher, void* key, void* ks)
{
switch (cipher)
{
@@ -1307,7 +1296,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
static BOOL DoAutoTestAlgorithms (void)
{
PCRYPTO_INFO ci;
CRYPTOPP_ALIGN_DATA(16) char key[32];
CRYPTOPP_ALIGN_DATA(16) unsigned char key[32];
unsigned char tmp[16];
BOOL bFailed = FALSE;
int i;
@@ -1342,7 +1331,6 @@ static BOOL DoAutoTestAlgorithms (void)
{
uint8 testData[1024];
uint32 origCrc;
size_t i;
for (i = 0; i < sizeof (testData); ++i)
{
@@ -1526,12 +1514,12 @@ BOOL test_hmac_sha256 ()
for (i = 0; i < sizeof (hmac_sha256_test_data) / sizeof(char *); i++)
{
char digest[1024]; /* large enough to hold digets and test vector inputs */
unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */
size_t dataLen = strlen (hmac_sha256_test_data[i]);
if (dataLen <= sizeof(digest))
{
memcpy (digest, hmac_sha256_test_data[i], dataLen);
hmac_sha256 (hmac_sha256_test_keys[i], (int) strlen (hmac_sha256_test_keys[i]), digest, (int) dataLen);
hmac_sha256 ((unsigned char*) hmac_sha256_test_keys[i], (int) strlen (hmac_sha256_test_keys[i]), digest, (int) dataLen);
if (memcmp (digest, hmac_sha256_test_vectors[i], SHA256_DIGESTSIZE) != 0)
return FALSE;
else
@@ -1553,12 +1541,12 @@ BOOL test_hmac_sha512 ()
for (i = 0; i < sizeof (hmac_sha512_test_data) / sizeof(char *); i++)
{
char digest[1024]; /* large enough to hold digets and test vector inputs */
unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */
size_t dataLen = strlen (hmac_sha512_test_data[i]);
if (dataLen <= sizeof(digest))
{
memcpy (digest, hmac_sha512_test_data[i], dataLen );
hmac_sha512 (hmac_sha512_test_keys[i], (int) strlen (hmac_sha512_test_keys[i]), digest, (int) dataLen);
hmac_sha512 ((unsigned char*) hmac_sha512_test_keys[i], (int) strlen (hmac_sha512_test_keys[i]), digest, (int) dataLen);
if (memcmp (digest, hmac_sha512_test_vectors[i], SHA512_DIGESTSIZE) != 0)
return FALSE;
else
@@ -1581,12 +1569,12 @@ BOOL test_hmac_blake2s ()
for (i = 0; i < sizeof (hmac_blake2s_test_data) / sizeof(char *); i++)
{
char digest[1024]; /* large enough to hold digets and test vector inputs */
unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */
size_t dataLen = strlen (hmac_blake2s_test_data[i]);
if (dataLen <= sizeof(digest))
{
memcpy (digest, hmac_blake2s_test_data[i], dataLen);
hmac_blake2s (hmac_blake2s_test_keys[i], (int) strlen (hmac_blake2s_test_keys[i]), digest, (int) dataLen);
hmac_blake2s ((unsigned char*)(unsigned char*)hmac_blake2s_test_keys[i], (int) strlen (hmac_blake2s_test_keys[i]), digest, (int) dataLen);
if (memcmp (digest, hmac_blake2s_test_vectors[i], BLAKE2S_DIGESTSIZE) != 0)
return FALSE;
else
@@ -1612,7 +1600,7 @@ BOOL test_hmac_whirlpool ()
unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */
memcpy (digest, hmac_whirlpool_test_data, strlen (hmac_whirlpool_test_data));
hmac_whirlpool (hmac_whirlpool_test_key, 64, digest, (int) strlen (hmac_whirlpool_test_data));
hmac_whirlpool ((unsigned char*) hmac_whirlpool_test_key, 64, digest, (int) strlen (hmac_whirlpool_test_data));
if (memcmp (digest, hmac_whirlpool_test_vectors, WHIRLPOOL_DIGESTSIZE) != 0)
return FALSE;
@@ -1646,10 +1634,10 @@ static const unsigned char gost3411_2012_hmac_r1[] = {
#ifndef WOLFCRYPT_BACKEND
BOOL test_hmac_streebog ()
{
CRYPTOPP_ALIGN_DATA(16) char digest[64]; /* large enough to hold digets and test vector inputs */
CRYPTOPP_ALIGN_DATA(16) unsigned char digest[64]; /* large enough to hold digets and test vector inputs */
memcpy (digest, gost3411_2012_hmac_m1, sizeof (gost3411_2012_hmac_m1));
hmac_streebog ((char*) gost3411_2012_hmac_k1, sizeof(gost3411_2012_hmac_k1), digest, (int) sizeof (gost3411_2012_hmac_m1));
hmac_streebog ((unsigned char*) gost3411_2012_hmac_k1, sizeof(gost3411_2012_hmac_k1), digest, (int) sizeof (gost3411_2012_hmac_m1));
if (memcmp (digest, gost3411_2012_hmac_r1, STREEBOG_DIGESTSIZE) != 0)
return FALSE;
@@ -1668,7 +1656,7 @@ int __cdecl StreebogHash (unsigned char* input, unsigned long inputLen, unsigned
BOOL test_pkcs5 ()
{
char dk[144];
unsigned char dk[144];
/* HMAC-SHA-256 tests */
if (!test_hmac_sha256())
@@ -1684,7 +1672,7 @@ BOOL test_pkcs5 ()
return FALSE;
/* Blake2s hash tests */
if (RunHashTest (Blake2sHash, Blake2sTestVectors, (HasSSE2())? TRUE : FALSE) == FALSE)
if (RunHashTest (Blake2sHash, Blake2sTestVectors))
return FALSE;
/* HMAC-Whirlpool tests */
@@ -1696,68 +1684,68 @@ BOOL test_pkcs5 ()
return FALSE;
/* STREEBOG hash tests */
if (RunHashTest (StreebogHash, Streebog512TestVectors, (HasSSE2() || HasSSE41())? TRUE : FALSE) == FALSE)
if (RunHashTest (StreebogHash, Streebog512TestVectors))
return FALSE;
#endif
/* PKCS-5 test 1 with HMAC-SHA-256 used as the PRF (https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00) */
derive_key_sha256 ("passwd", 6, "\x73\x61\x6C\x74", 4, 1, dk, 64);
derive_key_sha256 ((unsigned char*) "passwd", 6, (unsigned char*) "\x73\x61\x6C\x74", 4, 1, dk, 64);
if (memcmp (dk, "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5\x09\x11\x20\x41\xd3\xa1\x97\x83", 64) != 0)
return FALSE;
/* PKCS-5 test 2 with HMAC-SHA-256 used as the PRF (https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors) */
derive_key_sha256 ("password", 8, "\x73\x61\x6C\x74", 4, 2, dk, 32);
derive_key_sha256 ((unsigned char*) "password", 8, (unsigned char*) "\x73\x61\x6C\x74", 4, 2, dk, 32);
if (memcmp (dk, "\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9\x28\xf0\x6d\xd0\x2a\x30\x3f\x8e\xf3\xc2\x51\xdf\xd6\xe2\xd8\x5a\x95\x47\x4c\x43", 32) != 0)
return FALSE;
/* PKCS-5 test 3 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */
derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
derive_key_sha256 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4);
if (memcmp (dk, "\xf2\xa0\x4f\xb2", 4) != 0)
return FALSE;
/* PKCS-5 test 4 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */
derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144);
derive_key_sha256 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 144);
if (memcmp (dk, "\xf2\xa0\x4f\xb2\xd3\xe9\xa5\xd8\x51\x0b\x5c\x06\xdf\x70\x8e\x24\xe9\xc7\xd9\x15\x3d\x22\xcd\xde\xb8\xa6\xdb\xfd\x71\x85\xc6\x99\x32\xc0\xee\x37\x27\xf7\x24\xcf\xea\xa6\xac\x73\xa1\x4c\x4e\x52\x9b\x94\xf3\x54\x06\xfc\x04\x65\xa1\x0a\x24\xfe\xf0\x98\x1d\xa6\x22\x28\xeb\x24\x55\x74\xce\x6a\x3a\x28\xe2\x04\x3a\x59\x13\xec\x3f\xf2\xdb\xcf\x58\xdd\x53\xd9\xf9\x17\xf6\xda\x74\x06\x3c\x0b\x66\xf5\x0f\xf5\x58\xa3\x27\x52\x8c\x5b\x07\x91\xd0\x81\xeb\xb6\xbc\x30\x69\x42\x71\xf2\xd7\x18\x42\xbe\xe8\x02\x93\x70\x66\xad\x35\x65\xbc\xf7\x96\x8e\x64\xf1\xc6\x92\xda\xe0\xdc\x1f\xb5\xf4", 144) != 0)
return FALSE;
/* PKCS-5 test 1 with HMAC-SHA-512 used as the PRF */
derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
derive_key_sha512 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4);
if (memcmp (dk, "\x13\x64\xae\xf8", 4) != 0)
return FALSE;
/* PKCS-5 test 2 with HMAC-SHA-512 used as the PRF (derives a key longer than the underlying
hash output size and block size) */
derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144);
derive_key_sha512 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 144);
if (memcmp (dk, "\x13\x64\xae\xf8\x0d\xf5\x57\x6c\x30\xd5\x71\x4c\xa7\x75\x3f\xfd\x00\xe5\x25\x8b\x39\xc7\x44\x7f\xce\x23\x3d\x08\x75\xe0\x2f\x48\xd6\x30\xd7\x00\xb6\x24\xdb\xe0\x5a\xd7\x47\xef\x52\xca\xa6\x34\x83\x47\xe5\xcb\xe9\x87\xf1\x20\x59\x6a\xe6\xa9\xcf\x51\x78\xc6\xb6\x23\xa6\x74\x0d\xe8\x91\xbe\x1a\xd0\x28\xcc\xce\x16\x98\x9a\xbe\xfb\xdc\x78\xc9\xe1\x7d\x72\x67\xce\xe1\x61\x56\x5f\x96\x68\xe6\xe1\xdd\xf4\xbf\x1b\x80\xe0\x19\x1c\xf4\xc4\xd3\xdd\xd5\xd5\x57\x2d\x83\xc7\xa3\x37\x87\xf4\x4e\xe0\xf6\xd8\x6d\x65\xdc\xa0\x52\xa3\x13\xbe\x81\xfc\x30\xbe\x7d\x69\x58\x34\xb6\xdd\x41\xc6", 144) != 0)
return FALSE;
#ifndef WOLFCRYPT_BACKEND
/* PKCS-5 test 1 with HMAC-BLAKE2s used as the PRF */
derive_key_blake2s ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
derive_key_blake2s ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4);
if (memcmp (dk, "\x8d\x51\xfa\x31", 4) != 0)
return FALSE;
/* PKCS-5 test 2 with HMAC-BLAKE2s used as the PRF (derives a key longer than the underlying hash) */
derive_key_blake2s ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 48);
derive_key_blake2s ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 48);
if (memcmp (dk, "\x8d\x51\xfa\x31\x46\x25\x37\x67\xa3\x29\x6b\x3c\x6b\xc1\x5d\xb2\xee\xe1\x6c\x28\x00\x26\xea\x08\x65\x9c\x12\xf1\x07\xde\x0d\xb9\x9b\x4f\x39\xfa\xc6\x80\x26\xb1\x8f\x8e\x48\x89\x85\x2d\x24\x2d", 48) != 0)
return FALSE;
/* PKCS-5 test 1 with HMAC-Whirlpool used as the PRF */
derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
derive_key_whirlpool ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4);
if (memcmp (dk, "\x50\x7c\x36\x6f", 4) != 0)
return FALSE;
/* PKCS-5 test 2 with HMAC-Whirlpool used as the PRF (derives a key longer than the underlying hash) */
derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96);
derive_key_whirlpool ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 96);
if (memcmp (dk, "\x50\x7c\x36\x6f\xee\x10\x2e\x9a\xe2\x8a\xd5\x82\x72\x7d\x27\x0f\xe8\x4d\x7f\x68\x7a\xcf\xb5\xe7\x43\x67\xaa\x98\x93\x52\x2b\x09\x6e\x42\xdf\x2c\x59\x4a\x91\x6d\x7e\x10\xae\xb2\x1a\x89\x8f\xb9\x8f\xe6\x31\xa9\xd8\x9f\x98\x26\xf4\xda\xcd\x7d\x65\x65\xde\x10\x95\x91\xb4\x84\x26\xae\x43\xa1\x00\x5b\x1e\xb8\x38\x97\xa4\x1e\x4b\xd2\x65\x64\xbc\xfa\x1f\x35\x85\xdb\x4f\x97\x65\x6f\xbd\x24", 96) != 0)
return FALSE;
/* PKCS-5 test 1 with HMAC-STREEBOG used as the PRF */
derive_key_streebog ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
derive_key_streebog ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4);
if (memcmp (dk, "\xd0\x53\xa2\x30", 4) != 0)
return FALSE;
/* PKCS-5 test 2 with HMAC-STREEBOG used as the PRF (derives a key longer than the underlying hash) */
derive_key_streebog ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96);
derive_key_streebog ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 96);
if (memcmp (dk, "\xd0\x53\xa2\x30\x6f\x45\x81\xeb\xbc\x06\x81\xc5\xe7\x53\xa8\x5d\xc7\xf1\x23\x33\x1e\xbe\x64\x2c\x3b\x0f\x26\xd7\x00\xe1\x95\xc9\x65\x26\xb1\x85\xbe\x1e\xe2\xf4\x9b\xfc\x6b\x14\x84\xda\x24\x61\xa0\x1b\x9e\x79\x5c\xee\x69\x6e\xf9\x25\xb1\x1d\xca\xa0\x31\xba\x02\x6f\x9e\x99\x0f\xdb\x25\x01\x5b\xf1\xc7\x10\x19\x53\x3b\x29\x3f\x18\x00\xd6\xfc\x85\x03\xdc\xf2\xe5\xe9\x5a\xb1\x1e\x61\xde", 96) != 0)
return FALSE;
#endif

2
src/Common/Tests.h
View File

@@ -17,7 +17,7 @@ extern "C" {
extern unsigned char ks_tmp[MAX_EXPANDED_KEY];
void CipherInit2(int cipher, void* key, void* ks, int key_len);
void CipherInit2(int cipher, void* key, void* ks);
BOOL test_hmac_sha512 (void);
BOOL test_hmac_blake2s (void);
BOOL test_hmac_whirlpool (void);

20
src/Common/Volumes.c
View File

@@ -160,7 +160,7 @@ UINT64_STRUCT GetHeaderField64 (uint8 *header, int offset)
typedef struct
{
char DerivedKey[MASTER_KEYDATA_SIZE];
unsigned char DerivedKey[MASTER_KEYDATA_SIZE];
BOOL Free;
LONG KeyReady;
int Pkcs5Prf;
@@ -169,15 +169,15 @@ typedef struct
BOOL ReadVolumeHeaderRecoveryMode = FALSE;
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
int ReadVolumeHeader (BOOL bBoot, unsigned char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned char* keyInfoBuffer = NULL;
int keyInfoBufferSize = sizeof (KEY_INFO) + 16;
size_t keyInfoBufferOffset;
PKEY_INFO keyInfo;
PCRYPTO_INFO cryptoInfo;
CRYPTOPP_ALIGN_DATA(16) char dk[MASTER_KEYDATA_SIZE];
CRYPTOPP_ALIGN_DATA(16) unsigned char dk[MASTER_KEYDATA_SIZE];
int enqPkcs5Prf, pkcs5_prf;
uint16 headerVersion;
int status = ERR_PARAMETER_INCORRECT;
@@ -704,12 +704,12 @@ void ComputeBootloaderFingerprint (uint8 *bootLoaderBuf, unsigned int bootLoader
#else // TC_WINDOWS_BOOT
int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
int ReadVolumeHeader (BOOL bBoot, unsigned char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
char dk[32 * 2]; // 2 * 256-bit key
unsigned char dk[32 * 2]; // 2 * 256-bit key
#else
char dk[32 * 2 * 3]; // 6 * 256-bit key
unsigned char dk[32 * 2 * 3]; // 6 * 256-bit key
#endif
PCRYPTO_INFO cryptoInfo;
@@ -882,18 +882,18 @@ ret:
// Creates a volume header in memory
#if defined(_UEFI)
int CreateVolumeHeaderInMemory(BOOL bBoot, char *header, int ea, int mode, Password *password,
int CreateVolumeHeaderInMemory(BOOL bBoot, unsigned char *header, int ea, int mode, Password *password,
int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo,
unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize,
unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode)
#else
int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, int mode, Password *password,
int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, unsigned char *header, int ea, int mode, Password *password,
int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo,
unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize,
unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode)
#endif // !defined(_UEFI)
{
unsigned char *p = (unsigned char *) header;
unsigned char *p = header;
static CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo;
int nUserKeyLen = password? password->Length : 0;

10
src/Common/Volumes.h
View File

@@ -133,20 +133,20 @@ uint16 GetHeaderField16 (uint8 *header, int offset);
uint32 GetHeaderField32 (uint8 *header, int offset);
UINT64_STRUCT GetHeaderField64 (uint8 *header, int offset);
#if defined(TC_WINDOWS_BOOT)
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int ReadVolumeHeader (BOOL bBoot, unsigned char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#elif defined(_UEFI)
int ReadVolumeHeader(BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int CreateVolumeHeaderInMemory(BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
int ReadVolumeHeader(BOOL bBoot, unsigned char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int CreateVolumeHeaderInMemory(BOOL bBoot, unsigned char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
BOOL RandgetBytes(unsigned char *buf, int len, BOOL forceSlowPoll);
#else
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int ReadVolumeHeader (BOOL bBoot, unsigned char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#if defined(_WIN32) && !defined(_UEFI)
void ComputeBootloaderFingerprint (uint8 *bootLoaderBuf, unsigned int bootLoaderSize, uint8* fingerprint);
#endif
#endif
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) && !defined(_UEFI)
int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, unsigned char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, uint8 *header, DWORD *bytesRead);
BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, uint8 *header);
int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly);

7
src/Common/Wipe.c
View File

@@ -14,11 +14,6 @@
#include "Wipe.h"
static BOOL Wipe1PseudoRandom (int pass, uint8 *buffer, size_t size)
{
return FALSE;
}
// Fill buffer with wipe patterns defined in "National Industrial Security Program Operating Manual", US DoD 5220.22-M.
// Return: FALSE = buffer must be filled with random data
@@ -173,7 +168,7 @@ BOOL WipeBuffer (WipeAlgorithmId algorithm, uint8 randChars[TC_WIPE_RAND_CHAR_CO
{
case TC_WIPE_1_RAND:
case TC_WIPE_256:
return Wipe1PseudoRandom (pass, buffer, size);
return FALSE; // Delegate buffer filling to the caller
case TC_WIPE_3_DOD_5220:
return Wipe3Dod5220 (pass, buffer, size);