Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 02:58:02 -06:00
Code Activity

Windows driver: remove volumes master keys from CRYPTO_INFO since they are not needed after their key schedule is created

Browse Source
This commit is contained in:
Mounir IDRASSI
2019-01-21 00:42:53 +01:00
parent 27b3fee02d
commit ee0a2659da
11 changed files with 62 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/Common/Volumes.c
View File

@@ -392,11 +392,12 @@ KeyReady: ;
if (cryptoInfo->mode == XTS)
{
#ifndef TC_WINDOWS_DRIVER
// Copy the secondary key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
#endif
// Secondary key schedule
if (!EAInitMode (cryptoInfo))
if (!EAInitMode (cryptoInfo, dk + EAGetKeySize (cryptoInfo->ea)))
{
status = ERR_MODE_INIT_FAILED;
goto err;
@@ -526,8 +527,17 @@ KeyReady: ;
// Master key data
memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE);
#ifdef TC_WINDOWS_DRIVER
{
sha512_ctx sha2;
sha512_begin (&sha2);
sha512_hash (keyInfo.master_keydata, MASTER_KEYDATA_SIZE, &sha2);
sha512_hash (header, sizeof(header), &sha2);
sha512_end (cryptoInfo->master_keydata_hash, &sha2);
}
#else
memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
#endif
// PKCS #5
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo.noIterations;
@@ -538,17 +548,11 @@ KeyReady: ;
status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
switch (cryptoInfo->mode)
{
default:
// The secondary master key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
}
if (!EAInitMode (cryptoInfo))
#ifndef TC_WINDOWS_DRIVER
// The secondary master key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
#endif
if (!EAInitMode (cryptoInfo, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea)))
{
status = ERR_MODE_INIT_FAILED;
goto err;
@@ -1031,14 +1035,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
/* Header encryption */
switch (mode)
{
default:
// The secondary key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
primaryKeyOffset = 0;
}
#ifndef TC_WINDOWS_DRIVER
// The secondary key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
primaryKeyOffset = 0;
#endif
retVal = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks);
if (retVal != ERR_SUCCESS)
@@ -1048,7 +1049,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
}
// Mode of operation
if (!EAInitMode (cryptoInfo))
if (!EAInitMode (cryptoInfo, dk + EAGetKeySize (cryptoInfo->ea)))
{
crypto_close (cryptoInfo);
retVal = ERR_OUTOFMEMORY;
@@ -1074,16 +1075,13 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
switch (cryptoInfo->mode)
{
default:
// The secondary master key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
}
#ifndef TC_WINDOWS_DRIVER
// The secondary master key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
#endif
// Mode of operation
if (!EAInitMode (cryptoInfo))
if (!EAInitMode (cryptoInfo, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea)))
{
crypto_close (cryptoInfo);
retVal = ERR_OUTOFMEMORY;
@@ -1282,7 +1280,7 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO
if (nStatus != ERR_SUCCESS)
goto final_seq;
if (!EAInitMode (cryptoInfo))
if (!EAInitMode (cryptoInfo, cryptoInfo->k2))
{
nStatus = ERR_MODE_INIT_FAILED;
goto final_seq;
@@ -1344,7 +1342,7 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO
if (nStatus != ERR_SUCCESS)
goto final_seq;
if (!EAInitMode (cryptoInfo))
if (!EAInitMode (cryptoInfo, cryptoInfo->k2))
{
nStatus = ERR_MODE_INIT_FAILED;
goto final_seq;