// The first PRF to try when mounting

#define FIRST_PRF_ID 1

// Hash algorithms (pseudorandom functions).

enum

{

RIPEMD160 = FIRST_PRF_ID,

#ifndef TC_WINDOWS_BOOT

SHA512,

WHIRLPOOL,

#endif

HASH_ENUM_END_ID

};

// The last PRF to try when mounting and also the number of implemented PRFs

#define LAST_PRF_ID (HASH_ENUM_END_ID - 1)

#define RIPEMD160_BLOCKSIZE 64

#define RIPEMD160_DIGESTSIZE 20

#define SHA512_BLOCKSIZE 128

#define SHA512_DIGESTSIZE 64

#define WHIRLPOOL_BLOCKSIZE 64

#define WHIRLPOOL_DIGESTSIZE 64

#define MAX_DIGESTSIZE WHIRLPOOL_DIGESTSIZE

#define DEFAULT_HASH_ALGORITHM FIRST_PRF_ID

#define DEFAULT_HASH_ALGORITHM_BOOT RIPEMD160

// The mode of operation used for newly created volumes and first to try when mounting

#define FIRST_MODE_OF_OPERATION_ID 1

// Modes of operation

enum

{

/* If you add/remove a mode, update the following: GetMaxPkcs5OutSize(), EAInitMode() */

XTS = FIRST_MODE_OF_OPERATION_ID,

{

EncryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci);

DecryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci);

}

}

}

#endif

#if HASH_FNC_BENCHMARKS

/* Measures the speed at which each of the hash algorithms processes the message to produce

a single digest.

The hash algorithm benchmarks are included here for development purposes only. Do not enable

them when building a public release (the benchmark GUI strings wouldn't make sense). */

{

BYTE *digest [MAX_DIGESTSIZE];

WHIRLPOOL_CTX wctx;

RMD160_CTX rctx;

sha512_ctx s2ctx;

int hid;

for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)

{

if (QueryPerformanceCounter (&performanceCountStart) == 0)

goto counter_error;

switch (hid)

{

case SHA512:

sha512_begin (&s2ctx);

sha512_hash (lpTestBuffer, benchmarkBufferSize, &s2ctx);

sha512_end ((unsigned char *) digest, &s2ctx);

break;

case RIPEMD160:

RMD160Init(&rctx);

RMD160Update(&rctx, lpTestBuffer, benchmarkBufferSize);

RMD160Final((unsigned char *) digest, &rctx);

break;

case WHIRLPOOL:

WHIRLPOOL_init (&wctx);

WHIRLPOOL_add (lpTestBuffer, benchmarkBufferSize * 8, &wctx);

WHIRLPOOL_finalize (&wctx, (unsigned char *) digest);

break;

}

/* Measures the time that it takes for the PKCS-5 routine to derive a header key using

each of the implemented PRF algorithms.

The PKCS-5 benchmarks are included here for development purposes only. Do not enable

them when building a public release (the benchmark GUI strings wouldn't make sense). */

{

int thid, i;

char dk[MASTER_KEYDATA_SIZE];

char *tmp_salt = {"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"};

for (thid = FIRST_PRF_ID; thid <= LAST_PRF_ID; thid++)

{

if (QueryPerformanceCounter (&performanceCountStart) == 0)

goto counter_error;

for (i = 1; i <= 5; i++)

{

switch (thid)

{

case SHA512:

/* PKCS-5 test with HMAC-SHA-512 used as the PRF */

derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE), dk, MASTER_KEYDATA_SIZE);

break;

case RIPEMD160:

/* PKCS-5 test with HMAC-RIPEMD-160 used as the PRF */

derive_key_ripemd160 (FALSE, "passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE), dk, MASTER_KEYDATA_SIZE);

break;

case WHIRLPOOL:

/* PKCS-5 test with HMAC-Whirlpool used as the PRF */

derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE), dk, MASTER_KEYDATA_SIZE);

break;

}

}

if (QueryPerformanceCounter (&performanceCountEnd) == 0)

goto counter_error;

Agreement for Encryption for the Masses'. Modifications and additions to

the original source code (contained in this file) and all other portions

of this file are Copyright (c) 2003-2008 TrueCrypt Developers Association

and are governed by the TrueCrypt License 3.0 the full text of which is

contained in the file License.txt included in TrueCrypt binary and source

code distribution packages. */

#ifndef TC_HEADER_PKCS5

#define TC_HEADER_PKCS5

#include "Tcdefs.h"

#if defined(__cplusplus)

extern "C"

{

#endif

void hmac_sha512 (char *k, int lk, char *d, int ld, char *out, int t);

void derive_u_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b);

void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen);

void hmac_ripemd160 (char *key, int keylen, char *input, int len, char *digest);

void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b);

void derive_key_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen);

void hmac_whirlpool (char *k, int lk, char *d, int ld, char *out, int t);

void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b);

void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen);

int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot);

char *get_pkcs5_prf_name (int pkcs5_prf_id);

#if defined(__cplusplus)

}

#endif

#endif // TC_HEADER_PKCS5

/*

Legal Notice: Some portions of the source code contained in this file were

derived from the source code of Encryption for the Masses 2.02a, which is

Copyright (c) 1998-2000 Paul Le Roux and which is governed by the 'License

Agreement for Encryption for the Masses'. Modifications and additions to

the original source code (contained in this file) and all other portions

of this file are Copyright (c) 2003-2008 TrueCrypt Developers Association

and are governed by the TrueCrypt License 3.0 the full text of which is

contained in the file License.txt included in TrueCrypt binary and source

code distribution packages. */

#ifdef __cplusplus

extern "C" {

#endif

extern unsigned char ks_tmp[MAX_EXPANDED_KEY];

void CipherInit2(int cipher, void* key, void* ks, int key_len);

BOOL test_hmac_sha512 (void);

BOOL test_hmac_ripemd160 (void);

BOOL test_hmac_whirlpool (void);

BOOL test_pkcs5 (void);

BOOL TestSectorBufEncryption ();

BOOL TestLegacySectorBufEncryption ();

BOOL AutoTestAlgorithms (void);

#ifdef __cplusplus

}

#endif

/*

Copyright (c) 2008-2010 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#include <fstream>

#include <iomanip>

#include <mntent.h>

#include <stdio.h>

#include <stdlib.h>

#include <unistd.h>

#include <sys/mount.h>

#include <sys/wait.h>

#include "CoreLinux.h"

#include "Platform/SystemInfo.h"

#include "Platform/TextReader.h"

#include "Volume/EncryptionModeXTS.h"

#include "Driver/Fuse/FuseService.h"

#include "Core/Unix/CoreServiceProxy.h"

namespace VeraCrypt

{

CoreLinux::CoreLinux ()

{

}

CoreLinux::~CoreLinux ()

{

}

DevicePath CoreLinux::AttachFileToLoopDevice (const FilePath &filePath, bool readOnly) const

{

list <string> loopPaths;

loopPaths.push_back ("/dev/loop");

loopPaths.push_back ("/dev/loop/");

loopPaths.push_back ("/dev/.static/dev/loop");

try

{

if (!FilesystemSupportsUnixPermissions (devicePath))

{

stringstream userMountOptions;

userMountOptions << "uid=" << GetRealUserId() << ",gid=" << GetRealGroupId() << ",umask=077" << (!systemMountOptions.empty() ? "," : "");

CoreUnix::MountFilesystem (devicePath, mountPoint, filesystemType, readOnly, userMountOptions.str() + systemMountOptions);

fsMounted = true;

}

}

catch (...) { }

if (!fsMounted)

CoreUnix::MountFilesystem (devicePath, mountPoint, filesystemType, readOnly, systemMountOptions);

}

void CoreLinux::MountVolumeNative (shared_ptr <Volume> volume, MountOptions &options, const DirectoryPath &auxMountPoint) const

{

bool xts = (typeid (*volume->GetEncryptionMode()) == typeid (EncryptionModeXTS));

if (options.NoKernelCrypto

|| volume->GetProtectionType() == VolumeProtection::HiddenVolumeReadOnly)

{

throw NotApplicable (SRC_POS);

}

if (!SystemInfo::IsVersionAtLeast (2, 6, xts ? 24 : 20))

throw NotApplicable (SRC_POS);

// Load device mapper kernel module

list <string> execArgs;

foreach (const string &dmModule, StringConverter::Split ("dm_mod dm-mod dm"))

{

execArgs.clear();

execArgs.push_back (dmModule);

try

{

Process::Execute ("modprobe", execArgs);

break;

}

dmCreateArgs << ' ' << (xts ? startSector + volume->GetEncryptionMode()->GetSectorOffset() : 0) << ' ';

if (nativeDevCount == 0)

dmCreateArgs << string (volumePath) << ' ' << startSector;

else

dmCreateArgs << nativeDevPath << " 0";

SecureBuffer dmCreateArgsBuf (dmCreateArgs.str().size());

dmCreateArgsBuf.CopyFrom (ConstBufferPtr ((byte *) dmCreateArgs.str().c_str(), dmCreateArgs.str().size()));

// Keys

const SecureBuffer &cipherKey = cipher.GetKey();

secondaryKeyOffset -= cipherKey.Size();

ConstBufferPtr secondaryKey = volume->GetEncryptionMode()->GetKey().GetRange (xts ? secondaryKeyOffset : 0, xts ? cipherKey.Size() : 16);

SecureBuffer hexStr (3);

for (size_t i = 0; i < cipherKey.Size(); ++i)

{

sprintf ((char *) hexStr.Ptr(), "%02x", (int) cipherKey[i]);

dmCreateArgsBuf.GetRange (keyArgOffset + i * 2, 2).CopyFrom (hexStr.GetRange (0, 2));

sprintf ((char *) hexStr.Ptr(), "%02x", (int) secondaryKey[i]);

dmCreateArgsBuf.GetRange (keyArgOffset + cipherKey.Size() * 2 + i * 2, 2).CopyFrom (hexStr.GetRange (0, 2));

}

stringstream nativeDevName;

nativeDevName << "veracrypt" << options.SlotNumber;

if (nativeDevCount != cipherCount - 1)

nativeDevName << "_" << cipherCount - nativeDevCount - 2;

nativeDevPath = "/dev/mapper/" + nativeDevName.str();

execArgs.clear();

execArgs.push_back ("create");

execArgs.push_back (nativeDevName.str());

Process::Execute ("dmsetup", execArgs, -1, nullptr, &dmCreateArgsBuf);

// Wait for the device to be created

for (int t = 0; true; t++)

Filter="h;hpp;hxx;hm;inl;inc;xsd"

UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"

>

<File

RelativePath=".\Aes.h"

>

</File>

<File

RelativePath=".\Aes_hw_cpu.h"

>

</File>

<File

RelativePath=".\Aesopt.h"

>

</File>

<File

RelativePath=".\Aestab.h"

>

</File>

<File

RelativePath=".\Rmd160.h"

>

</File>

<File

RelativePath=".\Serpent.h"

>

</File>

<File

RelativePath=".\Sha2.h"

>

</File>

<File

RelativePath=".\Twofish.h"

>

</File>

<File

RelativePath=".\Whirlpool.h"

>

</File>

</Filter>

<Filter

Name="Resource Files"

Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"

UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"

>

</Filter>

</Files>

<Globals>

TARGETNAME=Crypto

TARGETTYPE=DRIVER_LIBRARY

INCLUDES = ..

NTTARGETFILES = \

"$(OBJ_PATH)\$(O)\Aes_$(TC_ARCH).obj" \

"$(OBJ_PATH)\$(O)\Aes_hw_cpu.obj"

SOURCES = \

Aes_$(TC_ARCH).asm \

Aes_hw_cpu.asm \

Aeskey.c \

Aestab.c \

Rmd160.c \

Serpent.c \

Sha2.c \

Twofish.c \

Whirlpool.c

ShowWarning (e);

}

}

else

ShowWarning (e);

}

catch (PasswordException &e)

{

ShowWarning (e);

}

}

}

catch (exception &e)

{

ShowError (e);

}

#ifdef TC_LINUX

if (volume && !Preferences.NonInteractive && !Preferences.DisableKernelEncryptionModeWarning

&& volume->EncryptionModeName != L"XTS"

&& !AskYesNo (LangString["ENCRYPTION_MODE_NOT_SUPPORTED_BY_KERNEL"] + _("\n\nDo you want to show this message next time you mount such a volume?"), true, true))

{

UserPreferences prefs = GetPreferences();

prefs.DisableKernelEncryptionModeWarning = true;

Gui->SetPreferences (prefs);

}

#endif

return volume;

}

void GraphicUserInterface::OnAutoDismountAllEvent ()

{

VolumeInfoList mountedVolumes = Core->GetMountedVolumes();

if (!mountedVolumes.empty())

{

wxBusyCursor busy;

AutoDismountVolumes (mountedVolumes);

}

}

}

}

else

{

ShowInfo (e);

options.Password.reset();

}

ShowString (L"\n");

}

catch (PasswordException &e)

{

ShowInfo (e);

options.Password.reset();

}

}

#ifdef TC_LINUX

if (!Preferences.NonInteractive && !Preferences.DisableKernelEncryptionModeWarning

&& volume->EncryptionModeName != L"XTS"

{

ShowWarning (LangString["ENCRYPTION_MODE_NOT_SUPPORTED_BY_KERNEL"]);

}

#endif

return volume;

}

bool TextUserInterface::OnInit ()

{

try

{

DefaultMessageOutput = new wxMessageOutputStderr;

wxMessageOutput::Set (DefaultMessageOutput);

InterfaceType = UserInterfaceType::Text;

Init();

}

catch (exception &e)

{

/*

Copyright (c) 2008-2010 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#include "Platform/Platform.h"

#include "Cipher.h"

#include "Crypto/Aes.h"

#include "Crypto/Serpent.h"

#include "Crypto/Twofish.h"

#ifdef TC_AES_HW_CPU

# include "Crypto/Aes_hw_cpu.h"

#endif

namespace VeraCrypt

{

Cipher::Cipher () : Initialized (false)

{

}

Cipher::~Cipher ()

{

}

void Cipher::DecryptBlock (byte *data) const

{

if (!Initialized)

void Cipher::EncryptBlocks (byte *data, size_t blockCount) const

{

if (!Initialized)

throw NotInitialized (SRC_POS);

while (blockCount-- > 0)

{

Encrypt (data);

data += GetBlockSize();

}

}

CipherList Cipher::GetAvailableCiphers ()

{

CipherList l;

l.push_back (shared_ptr <Cipher> (new CipherAES ()));

l.push_back (shared_ptr <Cipher> (new CipherSerpent ()));

l.push_back (shared_ptr <Cipher> (new CipherTwofish ()));

return l;

}

void Cipher::SetKey (const ConstBufferPtr &key)

{

if (key.Size() != GetKeySize ())

throw ParameterIncorrect (SRC_POS);

if (!Initialized)

ScheduledKey.Allocate (GetScheduledKeySize ());

SetCipherKey (key);

Key.CopyFrom (key);

Initialized = true;

}

#define TC_EXCEPTION(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE)

#undef TC_EXCEPTION_NODECL

#define TC_EXCEPTION_NODECL(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE)

if (!stateValid)

{

state = is_aes_hw_cpu_supported() ? true : false;

stateValid = true;

}

return state && HwSupportEnabled;

#else

return false;

#endif

}

void CipherAES::SetCipherKey (const byte *key)

{

if (aes_encrypt_key256 (key, (aes_encrypt_ctx *) ScheduledKey.Ptr()) != EXIT_SUCCESS)

throw CipherInitError (SRC_POS);

if (aes_decrypt_key256 (key, (aes_decrypt_ctx *) (ScheduledKey.Ptr() + sizeof (aes_encrypt_ctx))) != EXIT_SUCCESS)

throw CipherInitError (SRC_POS);

}

// Serpent

void CipherSerpent::Decrypt (byte *data) const

{

serpent_decrypt (data, data, ScheduledKey);

}

void CipherSerpent::Encrypt (byte *data) const

{

serpent_encrypt (data, data, ScheduledKey);

}

size_t CipherSerpent::GetScheduledKeySize () const

{

return 140*4;

}

void CipherSerpent::SetCipherKey (const byte *key)

{

serpent_set_key (key, static_cast<int> (GetKeySize ()), ScheduledKey);

}

// Twofish

void CipherTwofish::Decrypt (byte *data) const

{

twofish_decrypt ((TwofishInstance *) ScheduledKey.Ptr(), (unsigned int *)data, (unsigned int *)data);

}

void CipherTwofish::Encrypt (byte *data) const

{

twofish_encrypt ((TwofishInstance *) ScheduledKey.Ptr(), (unsigned int *)data, (unsigned int *)data);

}

size_t CipherTwofish::GetScheduledKeySize () const

{

return TWOFISH_KS;

}

void CipherTwofish::SetCipherKey (const byte *key)

{

twofish_set_key ((TwofishInstance *) ScheduledKey.Ptr(), (unsigned int *) key, static_cast<int> (GetKeySize ()) * 8);

}

virtual void Decrypt (byte *data) const; \

virtual void Encrypt (byte *data) const; \

virtual size_t GetScheduledKeySize () const; \

virtual void SetCipherKey (const byte *key); \

\

private: \

TC_JOIN (Cipher,NAME) (const TC_JOIN (Cipher,NAME) &); \

TC_JOIN (Cipher,NAME) &operator= (const TC_JOIN (Cipher,NAME) &); \

}

#define TC_CIPHER_ADD_METHODS \

virtual void DecryptBlocks (byte *data, size_t blockCount) const; \

virtual void EncryptBlocks (byte *data, size_t blockCount) const; \

virtual bool IsHwSupportAvailable () const;

TC_CIPHER (AES, 16, 32);

#undef TC_CIPHER_ADD_METHODS

#define TC_CIPHER_ADD_METHODS

TC_CIPHER (Serpent, 16, 32);

TC_CIPHER (Twofish, 16, 32);

#undef TC_CIPHER

#define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,CipherException)

#undef TC_EXCEPTION_SET

#define TC_EXCEPTION_SET \

TC_EXCEPTION (CipherInitError); \

TC_EXCEPTION (WeakKeyDetected);

TC_EXCEPTION_SET;

#undef TC_EXCEPTION

#if (defined (TC_ARCH_X86) || defined (TC_ARCH_X64)) && !defined (__ppc__)

# define TC_AES_HW_CPU

#endif

/*

Copyright (c) 2008 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#include "EncryptionAlgorithm.h"

#include "EncryptionModeXTS.h"

namespace VeraCrypt

{

EncryptionAlgorithm::EncryptionAlgorithm () : Deprecated (false)

{

}

EncryptionAlgorithm::~EncryptionAlgorithm ()

{

}

void EncryptionAlgorithm::Decrypt (byte *data, uint64 length) const

{

if_debug (ValidateState ());

Mode->Decrypt (data, length);

}

void EncryptionAlgorithm::Decrypt (const BufferPtr &data) const

{

void EncryptionAlgorithm::EncryptSectors (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const

{

if_debug (ValidateState ());

Mode->EncryptSectors (data, sectorIndex, sectorCount, sectorSize);

}

EncryptionAlgorithmList EncryptionAlgorithm::GetAvailableAlgorithms ()

{

EncryptionAlgorithmList l;

l.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));

l.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));

l.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));

l.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofish ()));

l.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofishSerpent ()));

l.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));

l.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentTwofishAES ()));

l.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));

return l;

}

size_t EncryptionAlgorithm::GetLargestKeySize (const EncryptionAlgorithmList &algorithms)

{

size_t largestKeySize = 0;

foreach_ref (const EncryptionAlgorithm &ea, algorithms)

{

if (ea.GetKeySize() > largestKeySize)

largestKeySize = ea.GetKeySize();

}

return largestKeySize;

}

size_t EncryptionAlgorithm::GetKeySize () const

{

if (Ciphers.size() < 1)

throw NotInitialized (SRC_POS);

size_t keyOffset = 0;

foreach_ref (Cipher &c, Ciphers)

{

c.SetKey (key.GetRange (keyOffset, c.GetKeySize()));

keyOffset += c.GetKeySize();

}

}

void EncryptionAlgorithm::ValidateState () const

{

if (Ciphers.size() < 1 || Mode.get() == nullptr)

throw NotInitialized (SRC_POS);

}

// AES

AES::AES ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherAES()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

// AES-Twofish

AESTwofish::AESTwofish ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherTwofish ()));

Ciphers.push_back (shared_ptr <Cipher> (new CipherAES ()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

// AES-Twofish-Serpent

AESTwofishSerpent::AESTwofishSerpent ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherSerpent ()));

Ciphers.push_back (shared_ptr <Cipher> (new CipherTwofish ()));

Ciphers.push_back (shared_ptr <Cipher> (new CipherAES ()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

// Serpent

Serpent::Serpent ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherSerpent()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

// Serpent-AES

SerpentAES::SerpentAES ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherAES ()));

Ciphers.push_back (shared_ptr <Cipher> (new CipherSerpent ()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

// Twofish

Twofish::Twofish ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherTwofish()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

// Twofish-Serpent

TwofishSerpent::TwofishSerpent ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherSerpent ()));

Ciphers.push_back (shared_ptr <Cipher> (new CipherTwofish ()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

// Serpent-Twofish-AES

SerpentTwofishAES::SerpentTwofishAES ()

{

Ciphers.push_back (shared_ptr <Cipher> (new CipherAES ()));

Ciphers.push_back (shared_ptr <Cipher> (new CipherTwofish ()));

Ciphers.push_back (shared_ptr <Cipher> (new CipherSerpent ()));

SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

}

private:

EncryptionAlgorithm (const EncryptionAlgorithm &);

EncryptionAlgorithm &operator= (const EncryptionAlgorithm &);

};

#define TC_ENCRYPTION_ALGORITHM(NAME) \

class NAME : public EncryptionAlgorithm \

{ \

public: \

NAME (); \

virtual ~NAME () { } \

\

virtual shared_ptr <EncryptionAlgorithm> GetNew () const { return shared_ptr <EncryptionAlgorithm> (new NAME()); } \

\

private: \

NAME (const NAME &); \

NAME &operator= (const NAME &); \

}

TC_ENCRYPTION_ALGORITHM (AES);

TC_ENCRYPTION_ALGORITHM (AESTwofish);

TC_ENCRYPTION_ALGORITHM (AESTwofishSerpent);

TC_ENCRYPTION_ALGORITHM (Serpent);

TC_ENCRYPTION_ALGORITHM (SerpentAES);

TC_ENCRYPTION_ALGORITHM (Twofish);

TC_ENCRYPTION_ALGORITHM (TwofishSerpent);

TC_ENCRYPTION_ALGORITHM (SerpentTwofishAES);

#undef TC_ENCRYPTION_ALGORITHM

}

#endif // TC_HEADER_Encryption_EncryptionAlgorithm

/*

Copyright (c) 2008 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#include "EncryptionMode.h"

#include "EncryptionModeXTS.h"

#include "EncryptionThreadPool.h"

namespace VeraCrypt

{

EncryptionMode::EncryptionMode () : KeySet (false), SectorOffset (0)

{

}

EncryptionMode::~EncryptionMode ()

{

}

void EncryptionMode::DecryptSectors (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const

{

EncryptionThreadPool::DoWork (EncryptionThreadPool::WorkType::DecryptDataUnits, this, data, sectorIndex, sectorCount, sectorSize);

}

void EncryptionMode::EncryptSectors (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const

{

EncryptionThreadPool::DoWork (EncryptionThreadPool::WorkType::EncryptDataUnits, this, data, sectorIndex, sectorCount, sectorSize);

}

EncryptionModeList EncryptionMode::GetAvailableModes ()

{

EncryptionModeList l;

l.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

return l;

}

void EncryptionMode::ValidateState () const

{

if (!KeySet || Ciphers.size() < 1)

throw NotInitialized (SRC_POS);

}

void EncryptionMode::ValidateParameters (byte *data, uint64 length) const

{

if ((Ciphers.size() > 0 && (length % Ciphers.front()->GetBlockSize()) != 0))

throw ParameterIncorrect (SRC_POS);

}

void EncryptionMode::ValidateParameters (byte *data, uint64 sectorCount, size_t sectorSize) const

{

if (sectorCount == 0 || sectorSize == 0 || (sectorSize % EncryptionDataUnitSize) != 0)

throw ParameterIncorrect (SRC_POS);

/*

Copyright (c) 2008-2010 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#include "Cipher.h"

#include "Common/Crc.h"

#include "Crc32.h"

#include "EncryptionAlgorithm.h"

#include "EncryptionMode.h"

#include "EncryptionModeXTS.h"

#include "EncryptionTest.h"

#include "Pkcs5Kdf.h"

namespace VeraCrypt

{

void EncryptionTest::TestAll ()

{

TestAll (false);

TestAll (true);

}

void EncryptionTest::TestAll (bool enableCpuEncryptionSupport)

{

bool hwSupportEnabled = Cipher::IsHwSupportEnabled();

finally_do_arg (bool, hwSupportEnabled, { Cipher::EnableHwSupport (finally_arg); });

Cipher::EnableHwSupport (enableCpuEncryptionSupport);

TestCiphers();

TestXtsAES();

TestXts();

TestPkcs5();

}

struct CipherTestVector

{

byte Key[32];

byte Plaintext[16];

byte Ciphertext[16];

};

static const CipherTestVector AESTestVectors[] =

{

{

{

0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,

0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,

},

{

0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff

},

{

0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf, 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89

nTestsPerformed++;

}

if (nTestsPerformed != 80)

throw TestFailed (SRC_POS);

}

void EncryptionTest::TestPkcs5 ()

{

VolumePassword password ("password", 8);

static const byte saltData[] = { 0x12, 0x34, 0x56, 0x78 };

ConstBufferPtr salt (saltData, sizeof (saltData));

Buffer derivedKey (4);

Pkcs5HmacRipemd160 pkcs5HmacRipemd160;

pkcs5HmacRipemd160.DeriveKey (derivedKey, password, salt, 5, FALSE);

if (memcmp (derivedKey.Ptr(), "\x7a\x3d\x7c\x03", 4) != 0)

throw TestFailed (SRC_POS);

Pkcs5HmacSha512 pkcs5HmacSha512;

pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5, FALSE);

if (memcmp (derivedKey.Ptr(), "\x13\x64\xae\xf8", 4) != 0)

throw TestFailed (SRC_POS);

Pkcs5HmacWhirlpool pkcs5HmacWhirlpool;

pkcs5HmacWhirlpool.DeriveKey (derivedKey, password, salt, 5, FALSE);

if (memcmp (derivedKey.Ptr(), "\x50\x7c\x36\x6f", 4) != 0)

throw TestFailed (SRC_POS);

}

}

/*

Copyright (c) 2008 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#include "Hash.h"

#include "Crypto/Rmd160.h"

#include "Crypto/Sha2.h"

#include "Crypto/Whirlpool.h"

namespace VeraCrypt

{

HashList Hash::GetAvailableAlgorithms ()

{

HashList l;

l.push_back (shared_ptr <Hash> (new Ripemd160 ()));

l.push_back (shared_ptr <Hash> (new Sha512 ()));

l.push_back (shared_ptr <Hash> (new Whirlpool ()));

return l;

}

void Hash::ValidateDataParameters (const ConstBufferPtr &data) const

{

if (data.Size() < 1)

throw ParameterIncorrect (SRC_POS);

}

void Hash::ValidateDigestParameters (const BufferPtr &buffer) const

{

if (buffer.Size() != GetDigestSize ())

throw ParameterIncorrect (SRC_POS);

}

// RIPEMD-160

Ripemd160::Ripemd160 ()

{

Context.Allocate (sizeof (RMD160_CTX));

Init();

}

void Ripemd160::GetDigest (const BufferPtr &buffer)

{

if_debug (ValidateDigestParameters (buffer));

RMD160Final (buffer, (RMD160_CTX *) Context.Ptr());

}

void Ripemd160::Init ()

{

RMD160Init ((RMD160_CTX *) Context.Ptr());

}

void Ripemd160::ProcessData (const ConstBufferPtr &data)

{

if_debug (ValidateDataParameters (data));

RMD160Update ((RMD160_CTX *) Context.Ptr(), data.Get(), (int) data.Size());

}

// SHA-512

Sha512::Sha512 ()

{

Context.Allocate (sizeof (sha512_ctx));

Init();

}

void Sha512::GetDigest (const BufferPtr &buffer)

{

if_debug (ValidateDigestParameters (buffer));

sha512_end (buffer, (sha512_ctx *) Context.Ptr());

}

void Sha512::Init ()

{

sha512_begin ((sha512_ctx *) Context.Ptr());

}

void Sha512::ProcessData (const ConstBufferPtr &data)

{

public:

Ripemd160 ();

virtual ~Ripemd160 () { }

virtual void GetDigest (const BufferPtr &buffer);

virtual size_t GetBlockSize () const { return 64; }

virtual size_t GetDigestSize () const { return 160 / 8; }

virtual wstring GetName () const { return L"RIPEMD-160"; }

virtual shared_ptr <Hash> GetNew () const { return shared_ptr <Hash> (new Ripemd160); }

virtual void Init ();

virtual void ProcessData (const ConstBufferPtr &data);

protected:

private:

Ripemd160 (const Ripemd160 &);

Ripemd160 &operator= (const Ripemd160 &);

};

// SHA-512

class Sha512 : public Hash

{

public:

Sha512 ();

virtual ~Sha512 () { }

virtual void GetDigest (const BufferPtr &buffer);

virtual size_t GetBlockSize () const { return 128; }

virtual size_t GetDigestSize () const { return 512 / 8; }

virtual wstring GetName () const { return L"SHA-512"; }

virtual shared_ptr <Hash> GetNew () const { return shared_ptr <Hash> (new Sha512); }

virtual void Init ();

virtual void ProcessData (const ConstBufferPtr &data);

protected:

private:

Sha512 (const Sha512 &);

Sha512 &operator= (const Sha512 &);

}

shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const Hash &hash)

{

foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms())

{

if (typeid (*kdf->GetHash()) == typeid (hash))

return kdf;

}

throw ParameterIncorrect (SRC_POS);

}

Pkcs5KdfList Pkcs5Kdf::GetAvailableAlgorithms ()

{

Pkcs5KdfList l;

l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 ()));

l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 ()));

l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool ()));

return l;

}

void Pkcs5Kdf::ValidateParameters (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const

{

if (key.Size() < 1 || password.Size() < 1 || salt.Size() < 1 || iterationCount < 1)

throw ParameterIncorrect (SRC_POS);

}

void Pkcs5HmacRipemd160::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest) const

{

ValidateParameters (key, password, salt, iterationCount);

derive_key_ripemd160 (bNotTest, (char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());

}

void Pkcs5HmacRipemd160_1000::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest) const

{

ValidateParameters (key, password, salt, iterationCount);

derive_key_ripemd160 (bNotTest, (char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());

}

void Pkcs5HmacSha512::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest) const

{

ValidateParameters (key, password, salt, iterationCount);

derive_key_sha512 ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());

}

void Pkcs5HmacWhirlpool::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest) const

{

ValidateParameters (key, password, salt, iterationCount);

derive_key_whirlpool ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());

}

}

Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &);

Pkcs5HmacRipemd160 &operator= (const Pkcs5HmacRipemd160 &);

};

class Pkcs5HmacRipemd160_1000 : public Pkcs5Kdf

{

public:

Pkcs5HmacRipemd160_1000 () { }

virtual ~Pkcs5HmacRipemd160_1000 () { }

virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest = TRUE) const;

virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }

virtual int GetIterationCount () const { return 16384; }

virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }

private:

Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &);

Pkcs5HmacRipemd160_1000 &operator= (const Pkcs5HmacRipemd160_1000 &);

};

class Pkcs5HmacSha512 : public Pkcs5Kdf

{

public:

Pkcs5HmacSha512 () { }

virtual ~Pkcs5HmacSha512 () { }

virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount, BOOL bNotTest = TRUE) const;

virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); }

virtual int GetIterationCount () const { return 500000; }

virtual wstring GetName () const { return L"HMAC-SHA-512"; }

private:

Pkcs5HmacSha512 (const Pkcs5HmacSha512 &);

Pkcs5HmacSha512 &operator= (const Pkcs5HmacSha512 &);

};

class Pkcs5HmacWhirlpool : public Pkcs5Kdf

{

public:

/*

Copyright (c) 2008-2010 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#ifndef TC_WINDOWS

#include <errno.h>

#endif

#include "EncryptionModeXTS.h"

#include "Volume.h"

#include "VolumeHeader.h"

#include "VolumeLayout.h"

#include "Common/Crypto.h"

namespace VeraCrypt

{

Volume::Volume ()

: HiddenVolumeProtectionTriggered (false),

SystemEncryption (false),

VolumeDataSize (0),

TopWriteOffset (0),

TotalDataRead (0),

TotalDataWritten (0)

{

}

Volume::~Volume ()

{

VolumeDataSize = layout->GetDataSize (VolumeHostSize);

Header = header;

Layout = layout;

EA = header->GetEncryptionAlgorithm();

EncryptionMode &mode = *EA->GetMode();

if (layout->HasDriveHeader())

{

if (header->GetEncryptedAreaLength() != header->GetVolumeDataSize())

throw VolumeEncryptionNotCompleted (SRC_POS);

uint64 partitionStartOffset = VolumeFile->GetPartitionDeviceStartOffset();

if (partitionStartOffset < header->GetEncryptedAreaStart()

|| partitionStartOffset >= header->GetEncryptedAreaStart() + header->GetEncryptedAreaLength())

throw PasswordIncorrect (SRC_POS);

mode.SetSectorOffset (partitionStartOffset / ENCRYPTION_DATA_UNIT_SIZE);

}

// Volume protection

if (Protection == VolumeProtection::HiddenVolumeReadOnly)

{

if (Type == VolumeType::Hidden)

throw PasswordIncorrect (SRC_POS);

else

{

try

{

Volume protectedVolume;

protectedVolume.Open (VolumeFile,

protectionPassword, protectionKeyfiles,

VolumeProtection::ReadOnly,

shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> (),

VolumeType::Hidden,

useBackupHeaders);

if (protectedVolume.GetType() != VolumeType::Hidden)

OBJS += VolumeInfo.o

OBJS += VolumeLayout.o

OBJS += VolumePassword.o

OBJS += VolumePasswordCache.o

ifeq "$(CPU_ARCH)" "x86"

OBJS += ../Crypto/Aes_x86.o

OBJS += ../Crypto/Aes_hw_cpu.o

ifeq "$(PLATFORM)" "MacOSX"

OBJS += ../Crypto/Aescrypt.o

endif

else ifeq "$(CPU_ARCH)" "x64"

OBJS += ../Crypto/Aes_x64.o

OBJS += ../Crypto/Aes_hw_cpu.o

else

OBJS += ../Crypto/Aescrypt.o

endif

OBJS += ../Crypto/Aeskey.o

OBJS += ../Crypto/Aestab.o

OBJS += ../Crypto/Rmd160.o

OBJS += ../Crypto/Serpent.o

OBJS += ../Crypto/Sha2.o

OBJS += ../Crypto/Twofish.o

OBJS += ../Crypto/Whirlpool.o

OBJS += ../Common/Crc.o

OBJS += ../Common/Endian.o

OBJS += ../Common/GfMul.o

OBJS += ../Common/Pkcs5.o

OBJS += ../Common/SecurityToken.o

VolumeLibrary: Volume.a

include $(BUILD_INC)/Makefile.inc

/*

Copyright (c) 2008 TrueCrypt Developers Association. All rights reserved.

Governed by the TrueCrypt License 3.0 the full text of which is contained in

the file License.txt included in TrueCrypt binary and source code distribution

packages.

*/

#include "Volume/EncryptionMode.h"

#include "Volume/EncryptionModeXTS.h"

#include "VolumeLayout.h"

#include "Boot/Windows/BootCommon.h"

namespace VeraCrypt

{

VolumeLayout::VolumeLayout ()

{

}

VolumeLayout::~VolumeLayout ()

{

}

VolumeLayoutList VolumeLayout::GetAvailableLayouts (VolumeType::Enum type)

{

VolumeLayoutList layouts;

layouts.push_back (shared_ptr <VolumeLayout> (new VolumeLayoutV2Normal ()));

layouts.push_back (shared_ptr <VolumeLayout> (new VolumeLayoutV1Normal ()));

return Header;

}

VolumeLayoutV1Normal::VolumeLayoutV1Normal ()

{

Type = VolumeType::Normal;

HeaderOffset = TC_VOLUME_HEADER_OFFSET;

HeaderSize = TC_VOLUME_HEADER_SIZE_LEGACY;

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofish ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofishSerpent ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentTwofishAES ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));

SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

uint64 VolumeLayoutV1Normal::GetDataOffset (uint64 volumeHostSize) const

{

return HeaderSize;

}

uint64 VolumeLayoutV1Normal::GetDataSize (uint64 volumeHostSize) const

{

return volumeHostSize - GetHeaderSize();

}

VolumeLayoutV1Hidden::VolumeLayoutV1Hidden ()

{

Type = VolumeType::Hidden;

HeaderOffset = -TC_HIDDEN_VOLUME_HEADER_OFFSET_LEGACY;

HeaderSize = TC_VOLUME_HEADER_SIZE_LEGACY;

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofish ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AESTwofishSerpent ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentTwofishAES ()));

SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));

SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));

}

uint64 VolumeLayoutV1Hidden::GetDataOffset (uint64 volumeHostSize) const

{

return volumeHostSize - GetDataSize (volumeHostSize) + HeaderOffset;

}

uint64 VolumeLayoutV1Hidden::GetDataSize (uint64 volumeHostSize) const

{

return Header->GetHiddenVolumeDataSize ();

}

VolumeLayoutV2Normal::VolumeLayoutV2Normal ()

{

Type = VolumeType::Normal;

HeaderOffset = TC_VOLUME_HEADER_OFFSET;

HeaderSize = TC_VOLUME_HEADER_SIZE;

BackupHeaderOffset = -TC_VOLUME_HEADER_GROUP_SIZE;