VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/Pkcs5.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-05-26 01:36:20 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-05-26 01:38:15 +0200
commit8ebf5ac605d57eab80b600a7827d2ba48668d887 (patch)
tree6159a4d45fd79b15746b44ee986ddedb923ab91d /src/Common/Pkcs5.c
parent85e5e383f9b879736d7a793a5dc0f9bce20b8383 (diff)
downloadVeraCrypt-8ebf5ac605d57eab80b600a7827d2ba48668d887.tar.gz
VeraCrypt-8ebf5ac605d57eab80b600a7827d2ba48668d887.zip
Windows: first implementation of dynamic mode
Diffstat (limited to 'src/Common/Pkcs5.c')
-rw-r--r--src/Common/Pkcs5.c67
1 files changed, 44 insertions, 23 deletions
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c
index 6585704c..adce567b 100644
--- a/src/Common/Pkcs5.c
+++ b/src/Common/Pkcs5.c
@@ -119,23 +119,26 @@ void hmac_sha256
burn(key, sizeof(key));
}
#endif
-static void derive_u_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, int b, hmac_sha256_ctx* hmac)
+static void derive_u_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_sha256_ctx* hmac)
{
char* k = hmac->k;
char* u = hmac->u;
uint32 c;
int i;
#ifdef TC_WINDOWS_BOOT
- /* In bootloader, iterations is a boolean : TRUE for boot derivation mode, FALSE otherwise
+ /* In bootloader mode, least significant bit of iterations is a boolean (TRUE for boot derivation mode, FALSE otherwise)
+ * and the most significant 16 bits hold the pin value
* This enables us to save code space needed for implementing other features.
*/
- if (iterations)
- c = 200000;
+ c = iterations >> 16;
+ i = ((int) iterations) & 0x01;
+ if (i)
+ c = (c == 0)? 200000 : c << 11;
else
- c = 500000;
+ c = (c == 0)? 500000 : 15000 + c * 1000;
#else
c = iterations;
#endif
@@ -161,9 +164,9 @@ static void derive_u_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, i
}
}
-void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
+void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
{
hmac_sha256_ctx hmac;
int b, l, r;
#ifndef TC_WINDOWS_BOOT
@@ -304,13 +307,13 @@ void hmac_sha512
burn (&hmac, sizeof(hmac));
burn (key, sizeof(key));
}
-static void derive_u_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, int b, hmac_sha512_ctx* hmac)
+static void derive_u_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_sha512_ctx* hmac)
{
char* k = hmac->k;
char* u = hmac->u;
- int c, i;
+ uint32 c, i;
/* iteration 1 */
memcpy (k, salt, salt_len); /* salt */
/* big-endian block number */
@@ -331,9 +334,9 @@ static void derive_u_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, i
}
}
-void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
+void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
{
hmac_sha512_ctx hmac;
int b, l, r;
char key[SHA512_DIGESTSIZE];
@@ -470,23 +473,26 @@ void hmac_ripemd160 (char *key, int keylen, char *input_digest, int len)
}
#endif
-static void derive_u_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, int b, hmac_ripemd160_ctx* hmac)
+static void derive_u_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_ripemd160_ctx* hmac)
{
char* k = hmac->k;
char* u = hmac->u;
uint32 c;
int i;
#ifdef TC_WINDOWS_BOOT
- /* In bootloader, iterations is a boolean : TRUE for boot derivation mode, FALSE otherwise
+ /* In bootloader mode, least significant bit of iterations is a boolean (TRUE for boot derivation mode, FALSE otherwise)
+ * and the most significant 16 bits hold the pin value
* This enables us to save code space needed for implementing other features.
*/
- if (iterations)
- c = 327661;
+ c = iterations >> 16;
+ i = ((int) iterations) & 0x01;
+ if (i)
+ c = (c == 0)? 327661 : c << 11;
else
- c = 655331;
+ c = (c == 0)? 655331 : 15000 + c * 1000;
#else
c = iterations;
#endif
@@ -511,9 +517,9 @@ static void derive_u_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len
c--;
}
}
-void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
+void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
{
int b, l, r;
hmac_ripemd160_ctx hmac;
#ifndef TC_WINDOWS_BOOT
@@ -650,13 +656,13 @@ void hmac_whirlpool
/* Prevent leaks */
burn(&hmac, sizeof(hmac));
}
-static void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, int b, hmac_whirlpool_ctx* hmac)
+static void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_whirlpool_ctx* hmac)
{
char* u = hmac->u;
char* k = hmac->k;
- int c, i;
+ uint32 c, i;
/* iteration 1 */
memcpy (k, salt, salt_len); /* salt */
/* big-endian block number */
@@ -676,9 +682,9 @@ static void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len
}
}
}
-void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
+void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen)
{
hmac_whirlpool_ctx hmac;
char key[WHIRLPOOL_DIGESTSIZE];
int b, l, r;
@@ -750,30 +756,45 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id)
}
-int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL truecryptMode, BOOL bBoot)
+int get_pkcs5_iteration_count (int pkcs5_prf_id, int pin, BOOL truecryptMode, BOOL bBoot)
{
+ if ( (pin < 0)
+ || (truecryptMode && pin > 0) /* No PIN for TrueCrypt mode */
+ )
+ {
+ return 0;
+ }
+
switch (pkcs5_prf_id)
{
case RIPEMD160:
if (truecryptMode)
return bBoot ? 1000 : 2000;
- else
+ else if (pin == 0)
return bBoot? 327661 : 655331;
+ else
+ {
+ return bBoot? pin * 2048 : 15000 + pin * 1000;
+ }
case SHA512:
- return truecryptMode? 1000 : 500000;
+ return truecryptMode? 1000 : ((pin == 0)? 500000 : 15000 + pin * 1000);
case WHIRLPOOL:
- return truecryptMode? 1000 : 500000;
+ return truecryptMode? 1000 : ((pin == 0)? 500000 : 15000 + pin * 1000);
case SHA256:
if (truecryptMode)
return 0; // SHA-256 not supported by TrueCrypt
- else
+ else if (pin == 0)
return bBoot? 200000 : 500000;
+ else
+ {
+ return bBoot? pin * 2048 : 15000 + pin * 1000;
+ }
default:
TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
}