diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-12-30 17:01:49 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-12-30 17:06:20 +0100 |
commit | c178e325b807258199ae45b2c50c265b4d7ce7af (patch) | |
tree | 905297a12e86b71d4611ff13d1df7e99c1e20b61 /src/Volume | |
parent | 8d787dcd7128fce554f473da62e20162b0b6c9c4 (diff) | |
download | VeraCrypt-c178e325b807258199ae45b2c50c265b4d7ce7af.tar.gz VeraCrypt-c178e325b807258199ae45b2c50c265b4d7ce7af.zip |
Linux/MacOSX: Implement TrueCrypt conversion and loading support. Correct many GTK issues linked to multi-threaded origine of events by implementing an automatic mechanism for handling such requests in the main thread.
Diffstat (limited to 'src/Volume')
-rw-r--r-- | src/Volume/EncryptionTest.cpp | 6 | ||||
-rw-r--r-- | src/Volume/Pkcs5Kdf.cpp | 31 | ||||
-rw-r--r-- | src/Volume/Pkcs5Kdf.h | 39 | ||||
-rwxr-xr-x | src/Volume/Volume.cpp | 30 | ||||
-rwxr-xr-x | src/Volume/Volume.h | 6 | ||||
-rwxr-xr-x | src/Volume/VolumeHeader.cpp | 25 | ||||
-rwxr-xr-x | src/Volume/VolumeHeader.h | 4 | ||||
-rw-r--r-- | src/Volume/VolumeInfo.cpp | 3 | ||||
-rw-r--r-- | src/Volume/VolumeInfo.h | 3 | ||||
-rw-r--r-- | src/Volume/VolumeLayout.cpp | 8 | ||||
-rw-r--r-- | src/Volume/VolumeLayout.h | 4 |
11 files changed, 100 insertions, 59 deletions
diff --git a/src/Volume/EncryptionTest.cpp b/src/Volume/EncryptionTest.cpp index 8ed90115..c9ced62d 100644 --- a/src/Volume/EncryptionTest.cpp +++ b/src/Volume/EncryptionTest.cpp @@ -791,17 +791,17 @@ namespace VeraCrypt ConstBufferPtr salt (saltData, sizeof (saltData)); Buffer derivedKey (4); - Pkcs5HmacRipemd160 pkcs5HmacRipemd160; + Pkcs5HmacRipemd160 pkcs5HmacRipemd160(false); pkcs5HmacRipemd160.DeriveKey (derivedKey, password, salt, 5); if (memcmp (derivedKey.Ptr(), "\x7a\x3d\x7c\x03", 4) != 0) throw TestFailed (SRC_POS); - Pkcs5HmacSha512 pkcs5HmacSha512; + Pkcs5HmacSha512 pkcs5HmacSha512(false); pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5); if (memcmp (derivedKey.Ptr(), "\x13\x64\xae\xf8", 4) != 0) throw TestFailed (SRC_POS); - Pkcs5HmacWhirlpool pkcs5HmacWhirlpool; + Pkcs5HmacWhirlpool pkcs5HmacWhirlpool(false); pkcs5HmacWhirlpool.DeriveKey (derivedKey, password, salt, 5); if (memcmp (derivedKey.Ptr(), "\x50\x7c\x36\x6f", 4) != 0) throw TestFailed (SRC_POS); diff --git a/src/Volume/Pkcs5Kdf.cpp b/src/Volume/Pkcs5Kdf.cpp index abf45720..beccd62b 100644 --- a/src/Volume/Pkcs5Kdf.cpp +++ b/src/Volume/Pkcs5Kdf.cpp @@ -12,7 +12,7 @@ namespace VeraCrypt { - Pkcs5Kdf::Pkcs5Kdf () + Pkcs5Kdf::Pkcs5Kdf (bool truecryptMode) : m_truecryptMode(truecryptMode) { } @@ -25,9 +25,9 @@ namespace VeraCrypt DeriveKey (key, password, salt, GetIterationCount()); } - shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const wstring &name) + shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const wstring &name, bool truecryptMode) { - foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms()) + foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms(truecryptMode)) { if (kdf->GetName() == name) return kdf; @@ -35,9 +35,9 @@ namespace VeraCrypt throw ParameterIncorrect (SRC_POS); } - shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const Hash &hash) + shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const Hash &hash, bool truecryptMode) { - foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms()) + foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms(truecryptMode)) { if (typeid (*kdf->GetHash()) == typeid (hash)) return kdf; @@ -46,14 +46,23 @@ namespace VeraCrypt throw ParameterIncorrect (SRC_POS); } - Pkcs5KdfList Pkcs5Kdf::GetAvailableAlgorithms () + Pkcs5KdfList Pkcs5Kdf::GetAvailableAlgorithms (bool truecryptMode) { Pkcs5KdfList l; - - l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 ())); - l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool ())); - l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ())); - l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 ())); + + if (truecryptMode) + { + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 (true))); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 (true))); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (true))); + } + else + { + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 (false))); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (false))); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ())); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 (false))); + } return l; } diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h index 19267b0f..b2a13213 100644 --- a/src/Volume/Pkcs5Kdf.h +++ b/src/Volume/Pkcs5Kdf.h @@ -25,17 +25,20 @@ namespace VeraCrypt virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt) const; virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const = 0; - static shared_ptr <Pkcs5Kdf> GetAlgorithm (const wstring &name); - static shared_ptr <Pkcs5Kdf> GetAlgorithm (const Hash &hash); - static Pkcs5KdfList GetAvailableAlgorithms (); + static shared_ptr <Pkcs5Kdf> GetAlgorithm (const wstring &name, bool truecryptMode); + static shared_ptr <Pkcs5Kdf> GetAlgorithm (const Hash &hash, bool truecryptMode); + static Pkcs5KdfList GetAvailableAlgorithms (bool truecryptMode); virtual shared_ptr <Hash> GetHash () const = 0; virtual int GetIterationCount () const = 0; virtual wstring GetName () const = 0; virtual Pkcs5Kdf* Clone () const = 0; virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); } + bool GetTrueCryptMode () const { return m_truecryptMode;} + void SetTrueCryptMode (bool truecryptMode) { m_truecryptMode = truecryptMode;} protected: - Pkcs5Kdf (); + bool m_truecryptMode; + Pkcs5Kdf (bool truecryptMode); void ValidateParameters (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; @@ -47,14 +50,14 @@ namespace VeraCrypt class Pkcs5HmacRipemd160 : public Pkcs5Kdf { public: - Pkcs5HmacRipemd160 () { } + Pkcs5HmacRipemd160 (bool truecryptMode) : Pkcs5Kdf (truecryptMode) { } virtual ~Pkcs5HmacRipemd160 () { } virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); } - virtual int GetIterationCount () const { return 655331; } + virtual int GetIterationCount () const { return m_truecryptMode? 2000 : 655331; } virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; } - virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(); } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(m_truecryptMode); } private: Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &); @@ -64,14 +67,14 @@ namespace VeraCrypt class Pkcs5HmacRipemd160_1000 : public Pkcs5Kdf { public: - Pkcs5HmacRipemd160_1000 () { } + Pkcs5HmacRipemd160_1000 (bool truecryptMode) : Pkcs5Kdf(truecryptMode) { } virtual ~Pkcs5HmacRipemd160_1000 () { } virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); } - virtual int GetIterationCount () const { return 327661; } + virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 327661; } virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; } - virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(); } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(m_truecryptMode); } private: Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &); @@ -81,7 +84,7 @@ namespace VeraCrypt class Pkcs5HmacSha256_Boot : public Pkcs5Kdf { public: - Pkcs5HmacSha256_Boot () { } + Pkcs5HmacSha256_Boot () : Pkcs5Kdf(false) { } virtual ~Pkcs5HmacSha256_Boot () { } virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; @@ -98,7 +101,7 @@ namespace VeraCrypt class Pkcs5HmacSha256 : public Pkcs5Kdf { public: - Pkcs5HmacSha256 () { } + Pkcs5HmacSha256 () : Pkcs5Kdf(false) { } virtual ~Pkcs5HmacSha256 () { } virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; @@ -115,14 +118,14 @@ namespace VeraCrypt class Pkcs5HmacSha512 : public Pkcs5Kdf { public: - Pkcs5HmacSha512 () { } + Pkcs5HmacSha512 (bool truecryptMode) : Pkcs5Kdf(truecryptMode) { } virtual ~Pkcs5HmacSha512 () { } virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); } - virtual int GetIterationCount () const { return 500000; } + virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 500000; } virtual wstring GetName () const { return L"HMAC-SHA-512"; } - virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(); } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(m_truecryptMode); } private: Pkcs5HmacSha512 (const Pkcs5HmacSha512 &); @@ -132,14 +135,14 @@ namespace VeraCrypt class Pkcs5HmacWhirlpool : public Pkcs5Kdf { public: - Pkcs5HmacWhirlpool () { } + Pkcs5HmacWhirlpool (bool truecryptMode) : Pkcs5Kdf(truecryptMode) { } virtual ~Pkcs5HmacWhirlpool () { } virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); } - virtual int GetIterationCount () const { return 500000; } + virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 500000; } virtual wstring GetName () const { return L"HMAC-Whirlpool"; } - virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool(m_truecryptMode); } private: Pkcs5HmacWhirlpool (const Pkcs5HmacWhirlpool &); diff --git a/src/Volume/Volume.cpp b/src/Volume/Volume.cpp index 362b342c..f1f248ba 100755 --- a/src/Volume/Volume.cpp +++ b/src/Volume/Volume.cpp @@ -23,7 +23,8 @@ namespace VeraCrypt VolumeDataSize (0), TopWriteOffset (0), TotalDataRead (0), - TotalDataWritten (0) + TotalDataWritten (0), + TrueCryptMode (false) { } @@ -62,7 +63,7 @@ namespace VeraCrypt return EA->GetMode(); } - void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) + void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) { make_shared_auto (File, file); @@ -93,14 +94,21 @@ namespace VeraCrypt throw; } - return Open (file, password, kdf, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope); + return Open (file, password, kdf, truecryptMode, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope); } - void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) + void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) { if (!volumeFile) throw ParameterIncorrect (SRC_POS); + // TrueCrypt doesn't support SHA-256 + if (kdf && truecryptMode && (kdf->GetName() == L"HMAC-SHA-256")) + throw UnsupportedAlgoInTrueCryptMode (SRC_POS); + + if (truecryptMode && partitionInSystemEncryptionScope) + throw ParameterIncorrect (SRC_POS); + Protection = protection; VolumeFile = volumeFile; SystemEncryption = partitionInSystemEncryptionScope; @@ -182,11 +190,11 @@ namespace VeraCrypt shared_ptr <VolumeHeader> header = layout->GetHeader(); - if (header->Decrypt (headerBuffer, *passwordKey, kdf, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes)) + if (header->Decrypt (headerBuffer, *passwordKey, kdf, truecryptMode, layout->GetSupportedKeyDerivationFunctions(truecryptMode), layoutEncryptionAlgorithms, layoutEncryptionModes)) { // Header decrypted - if (typeid (*layout) == typeid (VolumeLayoutV2Normal) && header->GetRequiredMinProgramVersion() < 0x10b) + if (!truecryptMode && typeid (*layout) == typeid (VolumeLayoutV2Normal) && header->GetRequiredMinProgramVersion() < 0x10b) { // VolumeLayoutV1Normal has been opened as VolumeLayoutV2Normal layout.reset (new VolumeLayoutV1Normal); @@ -194,6 +202,7 @@ namespace VeraCrypt layout->SetHeader (header); } + TrueCryptMode = truecryptMode; Type = layout->GetType(); SectorSize = header->GetSectorSize(); @@ -231,7 +240,7 @@ namespace VeraCrypt Volume protectedVolume; protectedVolume.Open (VolumeFile, - protectionPassword, protectionKdf, protectionKeyfiles, + protectionPassword, protectionKdf, truecryptMode, protectionKeyfiles, VolumeProtection::ReadOnly, shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (), VolumeType::Hidden, @@ -269,11 +278,12 @@ namespace VeraCrypt Buffer mbr (VolumeFile->GetDeviceSectorSize()); driveDevice.ReadAt (mbr, 0); - // Search for the string "VeraCrypt" - size_t nameLen = strlen (TC_APP_NAME); + // Search for the string "VeraCrypt" or "TrueCrypt" + const char* bootSignature = truecryptMode? "TrueCrypt" : TC_APP_NAME; + size_t nameLen = strlen (bootSignature); for (size_t i = 0; i < mbr.Size() - nameLen; ++i) { - if (memcmp (mbr.Ptr() + i, TC_APP_NAME, nameLen) == 0) + if (memcmp (mbr.Ptr() + i, bootSignature, nameLen) == 0) throw PasswordOrMountOptionsIncorrect (SRC_POS); } } diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h index dcc6eb01..d4a2b5a5 100755 --- a/src/Volume/Volume.h +++ b/src/Volume/Volume.h @@ -86,11 +86,12 @@ namespace VeraCrypt uint64 GetTotalDataRead () const { return TotalDataRead; } uint64 GetTotalDataWritten () const { return TotalDataWritten; } VolumeType::Enum GetType () const { return Type; } + bool GetTrueCryptMode() const { return TrueCryptMode; } uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); } bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; } bool IsInSystemEncryptionScope () const { return SystemEncryption; } - void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); - void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); + void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); + void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); void ReadSectors (const BufferPtr &buffer, uint64 byteOffset); void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf); void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset); @@ -116,6 +117,7 @@ namespace VeraCrypt uint64 TopWriteOffset; uint64 TotalDataRead; uint64 TotalDataWritten; + bool TrueCryptMode; private: Volume (const Volume &); diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp index fbdece50..dea3b1ef 100755 --- a/src/Volume/VolumeHeader.cpp +++ b/src/Volume/VolumeHeader.cpp @@ -78,7 +78,7 @@ namespace VeraCrypt EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf); } - bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes) + bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes) { if (password.Size() < 1) throw PasswordEmpty (SRC_POS); @@ -121,7 +121,7 @@ namespace VeraCrypt header.CopyFrom (encryptedData.GetRange (EncryptedHeaderDataOffset, EncryptedHeaderDataSize)); ea->Decrypt (header); - if (Deserialize (header, ea, mode)) + if (Deserialize (header, ea, mode, truecryptMode)) { EA = ea; Pkcs5 = pkcs5; @@ -134,15 +134,21 @@ namespace VeraCrypt return false; } - bool VolumeHeader::Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode) + bool VolumeHeader::Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode, bool truecryptMode) { if (header.Size() != EncryptedHeaderDataSize) throw ParameterIncorrect (SRC_POS); - if (header[0] != 'V' || + if (truecryptMode && (header[0] != 'T' || + header[1] != 'R' || + header[2] != 'U' || + header[3] != 'E')) + return false; + + if (!truecryptMode && (header[0] != 'V' || header[1] != 'E' || header[2] != 'R' || - header[3] != 'A') + header[3] != 'A')) return false; size_t offset = 4; @@ -163,9 +169,16 @@ namespace VeraCrypt RequiredMinProgramVersion = DeserializeEntry <uint16> (header, offset); - if (RequiredMinProgramVersion > Version::Number()) + if (!truecryptMode && (RequiredMinProgramVersion > Version::Number())) throw HigherVersionRequired (SRC_POS); + if (truecryptMode) + { + if (RequiredMinProgramVersion < 0x700 || RequiredMinProgramVersion > 0x71a) + throw UnsupportedTrueCryptFormat (SRC_POS); + RequiredMinProgramVersion = CurrentRequiredMinProgramVersion; + } + VolumeKeyAreaCrc32 = DeserializeEntry <uint32> (header, offset); VolumeCreationTime = DeserializeEntry <uint64> (header, offset); HeaderCreationTime = DeserializeEntry <uint64> (header, offset); diff --git a/src/Volume/VolumeHeader.h b/src/Volume/VolumeHeader.h index cb567f22..40b45b3d 100755 --- a/src/Volume/VolumeHeader.h +++ b/src/Volume/VolumeHeader.h @@ -56,7 +56,7 @@ namespace VeraCrypt virtual ~VolumeHeader (); void Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options); - bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes); + bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes); void EncryptNew (const BufferPtr &newHeaderBuffer, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf); uint64 GetEncryptedAreaStart () const { return EncryptedAreaStart; } uint64 GetEncryptedAreaLength () const { return EncryptedAreaLength; } @@ -74,7 +74,7 @@ namespace VeraCrypt void SetSize (uint32 headerSize); protected: - bool Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode); + bool Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode, bool truecryptMode); template <typename T> T DeserializeEntry (const ConstBufferPtr &header, size_t &offset) const; template <typename T> T DeserializeEntryAt (const ConstBufferPtr &header, const size_t &offset) const; void Init (); diff --git a/src/Volume/VolumeInfo.cpp b/src/Volume/VolumeInfo.cpp index 49a2b3e9..33e0fd6f 100644 --- a/src/Volume/VolumeInfo.cpp +++ b/src/Volume/VolumeInfo.cpp @@ -50,6 +50,7 @@ namespace VeraCrypt Type = static_cast <VolumeType::Enum> (sr.DeserializeInt32 ("Type")); VirtualDevice = sr.DeserializeWString ("VirtualDevice"); sr.Deserialize ("VolumeCreationTime", VolumeCreationTime); + sr.Deserialize ("TrueCryptMode", TrueCryptMode); } bool VolumeInfo::FirstVolumeMountedAfterSecond (shared_ptr <VolumeInfo> first, shared_ptr <VolumeInfo> second) @@ -89,6 +90,7 @@ namespace VeraCrypt sr.Serialize ("Type", static_cast <uint32> (Type)); sr.Serialize ("VirtualDevice", wstring (VirtualDevice)); sr.Serialize ("VolumeCreationTime", VolumeCreationTime); + sr.Serialize ("TrueCryptMode", TrueCryptMode); } void VolumeInfo::Set (const Volume &volume) @@ -112,6 +114,7 @@ namespace VeraCrypt TopWriteOffset = volume.GetTopWriteOffset(); TotalDataRead = volume.GetTotalDataRead(); TotalDataWritten = volume.GetTotalDataWritten(); + TrueCryptMode = volume.GetTrueCryptMode(); } TC_SERIALIZER_FACTORY_ADD_CLASS (VolumeInfo); diff --git a/src/Volume/VolumeInfo.h b/src/Volume/VolumeInfo.h index c58b13f5..96796b50 100644 --- a/src/Volume/VolumeInfo.h +++ b/src/Volume/VolumeInfo.h @@ -27,7 +27,7 @@ namespace VeraCrypt TC_SERIALIZABLE (VolumeInfo); static bool FirstVolumeMountedAfterSecond (shared_ptr <VolumeInfo> first, shared_ptr <VolumeInfo> second); - void Set (const Volume &volume); + void Set (const Volume &volume); // Modifying this structure can introduce incompatibility with previous versions DirectoryPath AuxMountPoint; @@ -56,6 +56,7 @@ namespace VeraCrypt VolumeType::Enum Type; DevicePath VirtualDevice; VolumeTime VolumeCreationTime; + bool TrueCryptMode; private: VolumeInfo (const VolumeInfo &); diff --git a/src/Volume/VolumeLayout.cpp b/src/Volume/VolumeLayout.cpp index 21c00b54..d871baa8 100644 --- a/src/Volume/VolumeLayout.cpp +++ b/src/Volume/VolumeLayout.cpp @@ -196,12 +196,12 @@ namespace VeraCrypt return volumeHostSize; } - Pkcs5KdfList VolumeLayoutSystemEncryption::GetSupportedKeyDerivationFunctions () const + Pkcs5KdfList VolumeLayoutSystemEncryption::GetSupportedKeyDerivationFunctions (bool truecryptMode) const { Pkcs5KdfList l; - - l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ())); - l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160_1000 ())); + if (!truecryptMode) + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ())); + l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160_1000 (truecryptMode))); return l; } } diff --git a/src/Volume/VolumeLayout.h b/src/Volume/VolumeLayout.h index e49f74b6..3c908229 100644 --- a/src/Volume/VolumeLayout.h +++ b/src/Volume/VolumeLayout.h @@ -34,7 +34,7 @@ namespace VeraCrypt virtual uint32 GetHeaderSize () const { return HeaderSize; } virtual uint64 GetMaxDataSize (uint64 volumeSize) const = 0; virtual EncryptionAlgorithmList GetSupportedEncryptionAlgorithms () const { return SupportedEncryptionAlgorithms; } - virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions () const { return Pkcs5Kdf::GetAvailableAlgorithms(); } + virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions (bool truecryptMode) const { return Pkcs5Kdf::GetAvailableAlgorithms(truecryptMode); } virtual EncryptionModeList GetSupportedEncryptionModes () const { return SupportedEncryptionModes; } virtual VolumeType::Enum GetType () const { return Type; } virtual bool HasBackupHeader () const = 0; @@ -122,7 +122,7 @@ namespace VeraCrypt virtual uint64 GetDataOffset (uint64 volumeHostSize) const; virtual uint64 GetDataSize (uint64 volumeHostSize) const; virtual uint64 GetMaxDataSize (uint64 volumeSize) const { throw NotApplicable (SRC_POS); } - virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions () const; + virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions (bool truecryptMode) const; virtual bool HasBackupHeader () const { return false; } virtual bool HasDriveHeader () const { return true; } |