diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-01-21 00:42:53 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-01-21 00:45:31 +0100 |
commit | ee0a2659da24b4b7543f52647fb2d8cbbd12408c (patch) | |
tree | 2977c82ee2d24d4c0bfd18a30b3f0fe7b4b25601 /src/Common/Volumes.c | |
parent | 27b3fee02d5242e743f87dd15db61d89073e8caa (diff) | |
download | VeraCrypt-ee0a2659da24b4b7543f52647fb2d8cbbd12408c.tar.gz VeraCrypt-ee0a2659da24b4b7543f52647fb2d8cbbd12408c.zip |
Windows driver: remove volumes master keys from CRYPTO_INFO since they are not needed after their key schedule is created
Diffstat (limited to 'src/Common/Volumes.c')
-rw-r--r-- | src/Common/Volumes.c | 64 |
1 files changed, 31 insertions, 33 deletions
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index bcd5c40c..111a2287 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -392,11 +392,12 @@ KeyReady: ; if (cryptoInfo->mode == XTS) { +#ifndef TC_WINDOWS_DRIVER // Copy the secondary key (if cascade, multiple concatenated) memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - +#endif // Secondary key schedule - if (!EAInitMode (cryptoInfo)) + if (!EAInitMode (cryptoInfo, dk + EAGetKeySize (cryptoInfo->ea))) { status = ERR_MODE_INIT_FAILED; goto err; @@ -526,8 +527,17 @@ KeyReady: ; // Master key data memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE); +#ifdef TC_WINDOWS_DRIVER + { + sha512_ctx sha2; + sha512_begin (&sha2); + sha512_hash (keyInfo.master_keydata, MASTER_KEYDATA_SIZE, &sha2); + sha512_hash (header, sizeof(header), &sha2); + sha512_end (cryptoInfo->master_keydata_hash, &sha2); + } +#else memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); - +#endif // PKCS #5 cryptoInfo->pkcs5 = pkcs5_prf; cryptoInfo->noIterations = keyInfo.noIterations; @@ -538,17 +548,11 @@ KeyReady: ; status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks); if (status == ERR_CIPHER_INIT_FAILURE) goto err; - - switch (cryptoInfo->mode) - { - - default: - // The secondary master key (if cascade, multiple concatenated) - memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - - } - - if (!EAInitMode (cryptoInfo)) +#ifndef TC_WINDOWS_DRIVER + // The secondary master key (if cascade, multiple concatenated) + memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); +#endif + if (!EAInitMode (cryptoInfo, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea))) { status = ERR_MODE_INIT_FAILED; goto err; @@ -1031,14 +1035,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, /* Header encryption */ - switch (mode) - { - - default: - // The secondary key (if cascade, multiple concatenated) - memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - primaryKeyOffset = 0; - } +#ifndef TC_WINDOWS_DRIVER + // The secondary key (if cascade, multiple concatenated) + memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); + primaryKeyOffset = 0; +#endif retVal = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks); if (retVal != ERR_SUCCESS) @@ -1048,7 +1049,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, } // Mode of operation - if (!EAInitMode (cryptoInfo)) + if (!EAInitMode (cryptoInfo, dk + EAGetKeySize (cryptoInfo->ea))) { crypto_close (cryptoInfo); retVal = ERR_OUTOFMEMORY; @@ -1074,16 +1075,13 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); - switch (cryptoInfo->mode) - { - - default: - // The secondary master key (if cascade, multiple concatenated) - memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - } +#ifndef TC_WINDOWS_DRIVER + // The secondary master key (if cascade, multiple concatenated) + memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); +#endif // Mode of operation - if (!EAInitMode (cryptoInfo)) + if (!EAInitMode (cryptoInfo, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea))) { crypto_close (cryptoInfo); retVal = ERR_OUTOFMEMORY; @@ -1282,7 +1280,7 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO if (nStatus != ERR_SUCCESS) goto final_seq; - if (!EAInitMode (cryptoInfo)) + if (!EAInitMode (cryptoInfo, cryptoInfo->k2)) { nStatus = ERR_MODE_INIT_FAILED; goto final_seq; @@ -1344,7 +1342,7 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO if (nStatus != ERR_SUCCESS) goto final_seq; - if (!EAInitMode (cryptoInfo)) + if (!EAInitMode (cryptoInfo, cryptoInfo->k2)) { nStatus = ERR_MODE_INIT_FAILED; goto final_seq; |