VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2016-09-24 23:25:58 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2016-10-17 18:40:13 +0200
commit194b641ebdf0a8bd8c090afc373643cba788825e (patch)
tree0f7c45060d1e5d4a934e17cd602186202c43fa21
parent7c154a3f262212d49086fd381676502a42269513 (diff)
downloadVeraCrypt-194b641ebdf0a8bd8c090afc373643cba788825e.tar.gz
VeraCrypt-194b641ebdf0a8bd8c090afc373643cba788825e.zip
Crypto: remove specific PBKDF2 optimization for block index encoding (except in 16-bit bootloader) in order to make code clearer and avoid bad usage in the future if this implementation is used to generate more bytes than today.
-rw-r--r--src/Common/Pkcs5.c24
-rw-r--r--src/Crypto/misc.h1
2 files changed, 19 insertions, 6 deletions
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c
index bc747cc7..753c49b4 100644
--- a/src/Common/Pkcs5.c
+++ b/src/Common/Pkcs5.c
@@ -171,8 +171,14 @@ static void derive_u_sha256 (char *salt, int salt_len, uint32 iterations, int b,
memcpy (k, salt, salt_len); /* salt */
/* big-endian block number */
+#ifdef TC_WINDOWS_BOOT
+ /* specific case of 16-bit bootloader: b is a 16-bit integer that is always < 256 */
memset (&k[salt_len], 0, 3);
k[salt_len + 3] = (char) b;
+#else
+ b = bswap_32 (b);
+ memcpy (&k[salt_len], &b, 4);
+#endif
hmac_sha256_internal (k, salt_len + 4, hmac);
memcpy (u, k, SHA256_DIGESTSIZE);
@@ -377,8 +383,8 @@ static void derive_u_sha512 (char *salt, int salt_len, uint32 iterations, int b,
/* iteration 1 */
memcpy (k, salt, salt_len); /* salt */
/* big-endian block number */
- memset (&k[salt_len], 0, 3);
- k[salt_len + 3] = (char) b;
+ b = bswap_32 (b);
+ memcpy (&k[salt_len], &b, 4);
hmac_sha512_internal (k, salt_len + 4, hmac);
memcpy (u, k, SHA512_DIGESTSIZE);
@@ -587,8 +593,14 @@ static void derive_u_ripemd160 (char *salt, int salt_len, uint32 iterations, int
memcpy (k, salt, salt_len); /* salt */
/* big-endian block number */
+#ifdef TC_WINDOWS_BOOT
+ /* specific case of 16-bit bootloader: b is a 16-bit integer that is always < 256*/
memset (&k[salt_len], 0, 3);
k[salt_len + 3] = (char) b;
+#else
+ b = bswap_32 (b);
+ memcpy (&k[salt_len], &b, 4);
+#endif
hmac_ripemd160_internal (k, salt_len + 4, hmac);
memcpy (u, k, RIPEMD160_DIGESTSIZE);
@@ -800,8 +812,8 @@ static void derive_u_whirlpool (char *salt, int salt_len, uint32 iterations, int
/* iteration 1 */
memcpy (k, salt, salt_len); /* salt */
/* big-endian block number */
- memset (&k[salt_len], 0, 3);
- k[salt_len + 3] = (char) b;
+ b = bswap_32 (b);
+ memcpy (&k[salt_len], &b, 4);
hmac_whirlpool_internal (k, salt_len + 4, hmac);
memcpy (u, k, WHIRLPOOL_DIGESTSIZE);
@@ -1015,8 +1027,8 @@ static void derive_u_streebog (char *salt, int salt_len, uint32 iterations, int
/* iteration 1 */
memcpy (k, salt, salt_len); /* salt */
/* big-endian block number */
- memset (&k[salt_len], 0, 3);
- k[salt_len + 3] = (char) b;
+ b = bswap_32 (b);
+ memcpy (&k[salt_len], &b, 4);
hmac_streebog_internal (k, salt_len + 4, hmac);
memcpy (u, k, STREEBOG_DIGESTSIZE);
diff --git a/src/Crypto/misc.h b/src/Crypto/misc.h
index e7391764..31fa1187 100644
--- a/src/Crypto/misc.h
+++ b/src/Crypto/misc.h
@@ -85,6 +85,7 @@
#define CRYPTOPP_BYTESWAP_AVAILABLE
#include <byteswap.h>
#elif defined(_MSC_VER) && _MSC_VER >= 1300 && !defined(_UEFI)
+#pragma intrinsic(_byteswap_ulong,_byteswap_uint64)
#define CRYPTOPP_BYTESWAP_AVAILABLE
#define bswap_32(x) _byteswap_ulong(x)
#define bswap_64(x) _byteswap_uint64(x)