mirror of
https://github.com/veracrypt/VeraCrypt.git
synced 2025-12-30 10:29:44 -06:00
Windows: Add support for Streebog (hash) and kuznyechik (encryption)
This commit is contained in:
Mounir IDRASSI
@@ -16,6 +16,8 @@
|
||||
#include "Crypto/Serpent.h"
|
||||
#include "Crypto/Twofish.h"
|
||||
#include "Crypto/Camellia.h"
|
||||
#include "Crypto/GostCipher.h"
|
||||
#include "Crypto/kuznyechik.h"
|
||||
|
||||
#ifdef TC_AES_HW_CPU
|
||||
# include "Crypto/Aes_hw_cpu.h"
|
||||
@@ -80,6 +82,8 @@ namespace VeraCrypt
|
||||
l.push_back (shared_ptr <Cipher> (new CipherSerpent ()));
|
||||
l.push_back (shared_ptr <Cipher> (new CipherTwofish ()));
|
||||
l.push_back (shared_ptr <Cipher> (new CipherCamellia ()));
|
||||
l.push_back (shared_ptr <Cipher> (new CipherGost89 ()));
|
||||
l.push_back (shared_ptr <Cipher> (new CipherKuznyechik ()));
|
||||
|
||||
return l;
|
||||
}
|
||||
@@ -264,6 +268,46 @@ namespace VeraCrypt
|
||||
camellia_set_key (key, ScheduledKey.Ptr());
|
||||
}
|
||||
|
||||
// GOST89
|
||||
void CipherGost89::Decrypt (byte *data) const
|
||||
{
|
||||
gost_decrypt (data, data, (gost_kds *) ScheduledKey.Ptr(), 1);
|
||||
}
|
||||
|
||||
void CipherGost89::Encrypt (byte *data) const
|
||||
{
|
||||
gost_encrypt (data, data, (gost_kds *) ScheduledKey.Ptr(), 1);
|
||||
}
|
||||
|
||||
size_t CipherGost89::GetScheduledKeySize () const
|
||||
{
|
||||
return GOST_KS;
|
||||
}
|
||||
|
||||
void CipherGost89::SetCipherKey (const byte *key)
|
||||
{
|
||||
gost_set_key (key, (gost_kds *) ScheduledKey.Ptr());
|
||||
}
|
||||
|
||||
// Kuznyechik
|
||||
void CipherKuznyechik::Decrypt (byte *data) const
|
||||
{
|
||||
kuznyechik_decrypt_block (data, data, (kuznyechik_kds *) ScheduledKey.Ptr());
|
||||
}
|
||||
|
||||
void CipherKuznyechik::Encrypt (byte *data) const
|
||||
{
|
||||
kuznyechik_encrypt_block (data, data, (kuznyechik_kds *) ScheduledKey.Ptr());
|
||||
}
|
||||
|
||||
size_t CipherKuznyechik::GetScheduledKeySize () const
|
||||
{
|
||||
return KUZNYECHIK_KS;
|
||||
}
|
||||
|
||||
void CipherKuznyechik::SetCipherKey (const byte *key)
|
||||
{
|
||||
kuznyechik_set_key (key, (kuznyechik_kds *) ScheduledKey.Ptr());
|
||||
}
|
||||
bool Cipher::HwSupportEnabled = true;
|
||||
}
|
||||
|
||||
@@ -107,6 +107,8 @@ namespace VeraCrypt
|
||||
TC_CIPHER (Serpent, 16, 32);
|
||||
TC_CIPHER (Twofish, 16, 32);
|
||||
TC_CIPHER (Camellia, 16, 32);
|
||||
TC_CIPHER (Gost89, 16, 32);
|
||||
TC_CIPHER (Kuznyechik, 16, 32);
|
||||
|
||||
#undef TC_CIPHER
|
||||
|
||||
|
||||
@@ -65,6 +65,8 @@ namespace VeraCrypt
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofish ()));
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofishSerpent ()));
|
||||
l.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));
|
||||
@@ -293,4 +295,21 @@ namespace VeraCrypt
|
||||
|
||||
SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
|
||||
}
|
||||
|
||||
|
||||
// GOST89
|
||||
GOST89::GOST89 ()
|
||||
{
|
||||
Ciphers.push_back (shared_ptr <Cipher> (new CipherGost89()));
|
||||
|
||||
SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
|
||||
}
|
||||
|
||||
// Kuznyechik
|
||||
Kuznyechik::Kuznyechik ()
|
||||
{
|
||||
Ciphers.push_back (shared_ptr <Cipher> (new CipherKuznyechik()));
|
||||
|
||||
SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -86,6 +86,8 @@ namespace VeraCrypt
|
||||
TC_ENCRYPTION_ALGORITHM (TwofishSerpent);
|
||||
TC_ENCRYPTION_ALGORITHM (SerpentTwofishAES);
|
||||
TC_ENCRYPTION_ALGORITHM (Camellia);
|
||||
TC_ENCRYPTION_ALGORITHM (GOST89);
|
||||
TC_ENCRYPTION_ALGORITHM (Kuznyechik);
|
||||
|
||||
#undef TC_ENCRYPTION_ALGORITHM
|
||||
}
|
||||
|
||||
@@ -847,7 +847,7 @@ namespace VeraCrypt
|
||||
nTestsPerformed++;
|
||||
}
|
||||
|
||||
if (nTestsPerformed != 90)
|
||||
if (nTestsPerformed != 100)
|
||||
throw TestFailed (SRC_POS);
|
||||
}
|
||||
|
||||
@@ -872,5 +872,15 @@ namespace VeraCrypt
|
||||
pkcs5HmacWhirlpool.DeriveKey (derivedKey, password, salt, 5);
|
||||
if (memcmp (derivedKey.Ptr(), "\x50\x7c\x36\x6f", 4) != 0)
|
||||
throw TestFailed (SRC_POS);
|
||||
|
||||
Pkcs5HmacSha256 pkcs5HmacSha256;
|
||||
pkcs5HmacSha256.DeriveKey (derivedKey, password, salt, 5);
|
||||
if (memcmp (derivedKey.Ptr(), "\xf2\xa0\x4f\xb2", 4) != 0)
|
||||
throw TestFailed (SRC_POS);
|
||||
|
||||
Pkcs5HmacStreebog pkcs5HmacStreebog;
|
||||
pkcs5HmacStreebog.DeriveKey (derivedKey, password, salt, 5);
|
||||
if (memcmp (derivedKey.Ptr(), "\xd0\x53\xa2\x30", 4) != 0)
|
||||
throw TestFailed (SRC_POS);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
#include "Crypto/Rmd160.h"
|
||||
#include "Crypto/Sha2.h"
|
||||
#include "Crypto/Whirlpool.h"
|
||||
#include "Crypto/Streebog.h"
|
||||
|
||||
namespace VeraCrypt
|
||||
{
|
||||
@@ -138,4 +139,28 @@ namespace VeraCrypt
|
||||
if_debug (ValidateDataParameters (data));
|
||||
WHIRLPOOL_add (data.Get(), (int) data.Size(), (WHIRLPOOL_CTX *) Context.Ptr());
|
||||
}
|
||||
|
||||
// Streebog
|
||||
Streebog::Streebog ()
|
||||
{
|
||||
Context.Allocate (sizeof (STREEBOG_CTX));
|
||||
Init();
|
||||
}
|
||||
|
||||
void Streebog::GetDigest (const BufferPtr &buffer)
|
||||
{
|
||||
if_debug (ValidateDigestParameters (buffer));
|
||||
STREEBOG_finalize ((STREEBOG_CTX *) Context.Ptr(), buffer);
|
||||
}
|
||||
|
||||
void Streebog::Init ()
|
||||
{
|
||||
STREEBOG_init ((STREEBOG_CTX *) Context.Ptr());
|
||||
}
|
||||
|
||||
void Streebog::ProcessData (const ConstBufferPtr &data)
|
||||
{
|
||||
if_debug (ValidateDataParameters (data));
|
||||
STREEBOG_add (data.Get(), (int) data.Size(), (STREEBOG_CTX *) Context.Ptr());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -139,6 +139,29 @@ namespace VeraCrypt
|
||||
Whirlpool (const Whirlpool &);
|
||||
Whirlpool &operator= (const Whirlpool &);
|
||||
};
|
||||
|
||||
// Streebog
|
||||
class Streebog : public Hash
|
||||
{
|
||||
public:
|
||||
Streebog ();
|
||||
virtual ~Streebog () { }
|
||||
|
||||
virtual void GetDigest (const BufferPtr &buffer);
|
||||
virtual size_t GetBlockSize () const { return 64; }
|
||||
virtual size_t GetDigestSize () const { return 512 / 8; }
|
||||
virtual wstring GetName () const { return L"Streebog"; }
|
||||
virtual wstring GetAltName () const { return L"Streebog"; }
|
||||
virtual shared_ptr <Hash> GetNew () const { return shared_ptr <Hash> (new Streebog); }
|
||||
virtual void Init ();
|
||||
virtual void ProcessData (const ConstBufferPtr &data);
|
||||
|
||||
protected:
|
||||
|
||||
private:
|
||||
Streebog (const Streebog &);
|
||||
Streebog &operator= (const Streebog &);
|
||||
};
|
||||
}
|
||||
|
||||
#endif // TC_HEADER_Encryption_Hash
|
||||
|
||||
@@ -66,6 +66,7 @@ namespace VeraCrypt
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (false)));
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ()));
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 (false)));
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacStreebog ()));
|
||||
}
|
||||
|
||||
return l;
|
||||
@@ -112,4 +113,16 @@ namespace VeraCrypt
|
||||
ValidateParameters (key, password, salt, iterationCount);
|
||||
derive_key_whirlpool ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
|
||||
}
|
||||
|
||||
void Pkcs5HmacStreebog::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
|
||||
{
|
||||
ValidateParameters (key, password, salt, iterationCount);
|
||||
derive_key_streebog ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
|
||||
}
|
||||
|
||||
void Pkcs5HmacStreebog_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
|
||||
{
|
||||
ValidateParameters (key, password, salt, iterationCount);
|
||||
derive_key_streebog ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -152,6 +152,40 @@ namespace VeraCrypt
|
||||
Pkcs5HmacWhirlpool (const Pkcs5HmacWhirlpool &);
|
||||
Pkcs5HmacWhirlpool &operator= (const Pkcs5HmacWhirlpool &);
|
||||
};
|
||||
|
||||
class Pkcs5HmacStreebog : public Pkcs5Kdf
|
||||
{
|
||||
public:
|
||||
Pkcs5HmacStreebog () : Pkcs5Kdf(false) { }
|
||||
virtual ~Pkcs5HmacStreebog () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Streebog); }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); }
|
||||
virtual wstring GetName () const { return L"HMAC-Streebog"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacStreebog(m_truecryptMode); }
|
||||
|
||||
private:
|
||||
Pkcs5HmacStreebog (const Pkcs5HmacStreebog &);
|
||||
Pkcs5HmacStreebog &operator= (const Pkcs5HmacStreebog &);
|
||||
};
|
||||
|
||||
class Pkcs5HmacStreebog_Boot : public Pkcs5Kdf
|
||||
{
|
||||
public:
|
||||
Pkcs5HmacStreebog_Boot () : Pkcs5Kdf(false) { }
|
||||
virtual ~Pkcs5HmacStreebog_Boot () { }
|
||||
|
||||
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
|
||||
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Streebog); }
|
||||
virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : pim * 2048; }
|
||||
virtual wstring GetName () const { return L"HMAC-Streebog"; }
|
||||
virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacStreebog_Boot(m_truecryptMode); }
|
||||
|
||||
private:
|
||||
Pkcs5HmacStreebog_Boot (const Pkcs5HmacStreebog_Boot &);
|
||||
Pkcs5HmacStreebog_Boot &operator= (const Pkcs5HmacStreebog_Boot &);
|
||||
};
|
||||
}
|
||||
|
||||
#endif // TC_HEADER_Encryption_Pkcs5
|
||||
|
||||
@@ -52,6 +52,9 @@ OBJS += ../Crypto/Sha2.o
|
||||
OBJS += ../Crypto/Twofish.o
|
||||
OBJS += ../Crypto/Whirlpool.o
|
||||
OBJS += ../Crypto/Camellia.o
|
||||
OBJS += ../Crypto/GostCipher.o
|
||||
OBJS += ../Crypto/Streebog.o
|
||||
OBJS += ../Crypto/kuznyechik.o
|
||||
|
||||
OBJS += ../Common/Crc.o
|
||||
OBJS += ../Common/Endian.o
|
||||
|
||||
@@ -100,6 +100,8 @@ namespace VeraCrypt
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofish ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofishSerpent ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));
|
||||
@@ -139,6 +141,8 @@ namespace VeraCrypt
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofish ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofishSerpent ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));
|
||||
@@ -185,6 +189,8 @@ namespace VeraCrypt
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofish ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofishSerpent ()));
|
||||
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));
|
||||
@@ -210,6 +216,12 @@ namespace VeraCrypt
|
||||
if (!truecryptMode)
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ()));
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160_1000 (truecryptMode)));
|
||||
if (!truecryptMode)
|
||||
{
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 (false)));
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (false)));
|
||||
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacStreebog ()));
|
||||
}
|
||||
return l;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user