diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-10-14 21:19:53 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-11-08 23:24:03 +0100 |
commit | f05f6a00a6b0f150b0a0b51cd7b44b9c9193e3de (patch) | |
tree | 68ff46ae6fa1575eb6052465a8708fb96311894e | |
parent | 905a3ff4a5d70a00d9ba7819b9f43ad9ce0654e6 (diff) | |
download | VeraCrypt-f05f6a00a6b0f150b0a0b51cd7b44b9c9193e3de.tar.gz VeraCrypt-f05f6a00a6b0f150b0a0b51cd7b44b9c9193e3de.zip |
Integrate SHA-256 support into Linux/MacOSX code. Set PRF priority to SHA-512 -> Whirlpool -> SHA-256 -> RIPEMD-160 .
-rw-r--r-- | src/Volume/Hash.cpp | 29 | ||||
-rw-r--r-- | src/Volume/Hash.h | 22 | ||||
-rw-r--r-- | src/Volume/Pkcs5Kdf.cpp | 17 | ||||
-rw-r--r-- | src/Volume/Pkcs5Kdf.h | 31 | ||||
-rw-r--r-- | src/Volume/VolumeLayout.cpp | 3 |
5 files changed, 97 insertions, 5 deletions
diff --git a/src/Volume/Hash.cpp b/src/Volume/Hash.cpp index b917a8e5..cc582b92 100644 --- a/src/Volume/Hash.cpp +++ b/src/Volume/Hash.cpp @@ -17,10 +17,11 @@ namespace VeraCrypt HashList Hash::GetAvailableAlgorithms () { HashList l; - - l.push_back (shared_ptr <Hash> (new Ripemd160 ())); + l.push_back (shared_ptr <Hash> (new Sha512 ())); l.push_back (shared_ptr <Hash> (new Whirlpool ())); + l.push_back (shared_ptr <Hash> (new Sha256 ())); + l.push_back (shared_ptr <Hash> (new Ripemd160 ())); return l; } @@ -60,6 +61,30 @@ namespace VeraCrypt if_debug (ValidateDataParameters (data)); RMD160Update ((RMD160_CTX *) Context.Ptr(), data.Get(), (int) data.Size()); } + + // SHA-256 + Sha256::Sha256 () + { + Context.Allocate (sizeof (sha256_ctx)); + Init(); + } + + void Sha256::GetDigest (const BufferPtr &buffer) + { + if_debug (ValidateDigestParameters (buffer)); + sha256_end (buffer, (sha256_ctx *) Context.Ptr()); + } + + void Sha256::Init () + { + sha256_begin ((sha256_ctx *) Context.Ptr()); + } + + void Sha256::ProcessData (const ConstBufferPtr &data) + { + if_debug (ValidateDataParameters (data)); + sha256_hash (data.Get(), (int) data.Size(), (sha256_ctx *) Context.Ptr()); + } // SHA-512 Sha512::Sha512 () diff --git a/src/Volume/Hash.h b/src/Volume/Hash.h index 70872d54..3df9f5b7 100644 --- a/src/Volume/Hash.h +++ b/src/Volume/Hash.h @@ -64,6 +64,28 @@ namespace VeraCrypt Ripemd160 (const Ripemd160 &); Ripemd160 &operator= (const Ripemd160 &); }; + + // SHA-256 + class Sha256 : public Hash + { + public: + Sha256 (); + virtual ~Sha256 () { } + + virtual void GetDigest (const BufferPtr &buffer); + virtual size_t GetBlockSize () const { return 64; } + virtual size_t GetDigestSize () const { return 256 / 8; } + virtual wstring GetName () const { return L"SHA-256"; } + virtual shared_ptr <Hash> GetNew () const { return shared_ptr <Hash> (new Sha256); } + virtual void Init (); + virtual void ProcessData (const ConstBufferPtr &data); + + protected: + + private: + Sha256 (const Sha256 &); + Sha256 &operator= (const Sha256 &); + }; // SHA-512 class Sha512 : public Hash diff --git a/src/Volume/Pkcs5Kdf.cpp b/src/Volume/Pkcs5Kdf.cpp index 6521e71a..b81cc7c4 100644 --- a/src/Volume/Pkcs5Kdf.cpp +++ b/src/Volume/Pkcs5Kdf.cpp @@ -49,10 +49,11 @@ namespace VeraCrypt Pkcs5KdfList Pkcs5Kdf::GetAvailableAlgorithms () { Pkcs5KdfList l; - - l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 ())); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 ())); l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool ())); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ())); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 ())); return l; } @@ -74,6 +75,18 @@ namespace VeraCrypt ValidateParameters (key, password, salt, iterationCount); derive_key_ripemd160 (bNotTest, (char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size()); } + + void Pkcs5HmacSha256_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest) const + { + ValidateParameters (key, password, salt, iterationCount); + derive_key_sha256 ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size()); + } + + void Pkcs5HmacSha256::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest) const + { + ValidateParameters (key, password, salt, iterationCount); + derive_key_sha256 ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size()); + } void Pkcs5HmacSha512::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest) const { diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h index 00e7a0a9..23de2c8c 100644 --- a/src/Volume/Pkcs5Kdf.h +++ b/src/Volume/Pkcs5Kdf.h @@ -74,7 +74,38 @@ namespace VeraCrypt Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &); Pkcs5HmacRipemd160_1000 &operator= (const Pkcs5HmacRipemd160_1000 &); }; + + class Pkcs5HmacSha256_Boot : public Pkcs5Kdf + { + public: + Pkcs5HmacSha256_Boot () { } + virtual ~Pkcs5HmacSha256_Boot () { } + + virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest = TRUE) const; + virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); } + virtual int GetIterationCount () const { return 200000; } + virtual wstring GetName () const { return L"HMAC-SHA-256"; } + private: + Pkcs5HmacSha256_Boot (const Pkcs5HmacSha256_Boot &); + Pkcs5HmacSha256_Boot &operator= (const Pkcs5HmacSha256_Boot &); + }; + + class Pkcs5HmacSha256 : public Pkcs5Kdf + { + public: + Pkcs5HmacSha256 () { } + virtual ~Pkcs5HmacSha256 () { } + + virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest = TRUE) const; + virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); } + virtual int GetIterationCount () const { return 500000; } + virtual wstring GetName () const { return L"HMAC-SHA-256"; } + + private: + Pkcs5HmacSha256 (const Pkcs5HmacSha256 &); + Pkcs5HmacSha256 &operator= (const Pkcs5HmacSha256 &); + }; class Pkcs5HmacSha512 : public Pkcs5Kdf { diff --git a/src/Volume/VolumeLayout.cpp b/src/Volume/VolumeLayout.cpp index a3ecab02..fb75a869 100644 --- a/src/Volume/VolumeLayout.cpp +++ b/src/Volume/VolumeLayout.cpp @@ -229,7 +229,8 @@ namespace VeraCrypt Pkcs5KdfList VolumeLayoutSystemEncryption::GetSupportedKeyDerivationFunctions () const { Pkcs5KdfList l; - + + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ())); l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160_1000 ())); return l; } |