VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/Crypto.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-10-14 17:09:18 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 23:23:50 +0100
commitf38cf0b6943da24c802424f53588b54aada48fd8 (patch)
tree6cf5ff0e6d51e6a022b6be29780f215195a403f6 /src/Common/Crypto.c
parentbd7d151abf2c51e24a0dc60f7400c0388904c9f1 (diff)
downloadVeraCrypt-f38cf0b6943da24c802424f53588b54aada48fd8.tar.gz
VeraCrypt-f38cf0b6943da24c802424f53588b54aada48fd8.zip
Add support for SHA-256 in key derivation for bootloader encryption. Create separate bootloader images for SHA-256 and RIPEMD-160. Set SHA-256 as the default PRF for boot encryption and SHA-512 as default PRF for all other cases. Depricate RIPEMD-160.
Diffstat (limited to 'src/Common/Crypto.c')
-rw-r--r--src/Common/Crypto.c47
1 files changed, 31 insertions, 16 deletions
diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c
index a63bc954..9fc69022 100644
--- a/src/Common/Crypto.c
+++ b/src/Common/Crypto.c
@@ -90,11 +90,12 @@ static EncryptionAlgorithm EncryptionAlgorithms[] =
// Hash algorithms
static Hash Hashes[] =
{ // ID Name Deprecated System Encryption
- { RIPEMD160, "RIPEMD-160", FALSE, TRUE },
#ifndef TC_WINDOWS_BOOT
{ SHA512, "SHA-512", FALSE, FALSE },
{ WHIRLPOOL, "Whirlpool", FALSE, FALSE },
#endif
+ { SHA256, "SHA-256", FALSE, TRUE },
+ { RIPEMD160, "RIPEMD-160", TRUE, TRUE },
{ 0, 0, 0 }
};
@@ -651,17 +652,42 @@ char *HashGetName (int hashId)
#endif
}
+#ifndef TC_WINDOWS_BOOT
+void HashGetName2 (char *buf, int hashId)
+{
+ Hash* pHash = HashGet(hashId);
+ if (pHash)
+ strcpy(buf, pHash -> Name);
+ else
+ buf[0] = '\0';
+}
BOOL HashIsDeprecated (int hashId)
{
-#ifdef TC_WINDOWS_BOOT
- return HashGet(hashId) -> Deprecated;
-#else
Hash* pHash = HashGet(hashId);
return pHash? pHash -> Deprecated : FALSE;
-#endif
+
}
+BOOL HashForSystemEncryption (int hashId)
+{
+ Hash* pHash = HashGet(hashId);
+ return pHash? pHash -> SystemEncryption : FALSE;
+
+}
+
+// Returns the maximum number of bytes necessary to be generated by the PBKDF2 (PKCS #5)
+int GetMaxPkcs5OutSize (void)
+{
+ int size = 32;
+
+ size = max (size, EAGetLargestKeyForMode (XTS) * 2); // Sizes of primary + secondary keys
+
+ return size;
+}
+
+#endif
+
#endif // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
@@ -904,17 +930,6 @@ void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *s
}
-// Returns the maximum number of bytes necessary to be generated by the PBKDF2 (PKCS #5)
-int GetMaxPkcs5OutSize (void)
-{
- int size = 32;
-
- size = max (size, EAGetLargestKeyForMode (XTS) * 2); // Sizes of primary + secondary keys
-
- return size;
-}
-
-
#else // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE