pkcs5_prf = WHIRLPOOL;

else if (_stricmp(request.BootPrfAlgorithmName, "Streebog") == 0)

pkcs5_prf = STREEBOG;

#endif

else if (strlen(request.BootPrfAlgorithmName) == 0) // case of version < 1.0f

pkcs5_prf = BLAKE2S;

{ BLAKE2S, L"BLAKE2s-256", FALSE, TRUE },

{ WHIRLPOOL, L"Whirlpool", FALSE, FALSE },

{ STREEBOG, L"Streebog", FALSE, FALSE },

#endif

{ 0, 0, 0 }

};

SHA256,

BLAKE2S,

STREEBOG,

HASH_ENUM_END_ID

};

typedef struct keyInfo_t

{

int noIterations; /* Number of times to iterate (PKCS-5) */

int keyLength; /* Length of the key */

uint64 dummy; /* Dummy field to ensure 16-byte alignment of this structure */

__int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */

#endif

int noIterations;

int volumePim;

BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting

unsigned __int64 encSpeed;

unsigned __int64 decSpeed;

unsigned __int64 meanBytesPerSec;

} BENCHMARK_REC;

BENCHMARK_REC benchmarkTable [BENCHMARK_MAX_ITEMS];

LvCol.cx = CompensateXDPI (80);

LvCol.fmt = LVCFMT_RIGHT;

SendMessageW (hList,LVM_INSERTCOLUMNW,2,(LPARAM)&LvCol);

break;

}

}

LvItem.iSubItem = 1;

LvItem.pszText = item1;

SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem);

LvItem.iSubItem = 2;

LvItem.pszText = item1;

SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem);

break;

}

}

for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)

{

if (QueryPerformanceCounter (&performanceCountStart) == 0)

goto counter_error;

int thid, i;

char dk[MASTER_KEYDATA_SIZE];

char *tmp_salt = {"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"};

for (thid = FIRST_PRF_ID; thid <= LAST_PRF_ID; thid++)

{

for (i = 1; i <= 2; i++)

{

switch (thid)

{

case SHA512:

/* PKCS-5 test with HMAC-SHA-512 used as the PRF */

break;

case SHA256:

/* PKCS-5 test with HMAC-SHA-256 used as the PRF */

break;

#ifndef WOLFCRYPT_BACKEND

case BLAKE2S:

/* PKCS-5 test with HMAC-BLAKE2s used as the PRF */

break;

case WHIRLPOOL:

/* PKCS-5 test with HMAC-Whirlpool used as the PRF */

break;

case STREEBOG:

/* PKCS-5 test with HMAC-STREEBOG used as the PRF */

break;

}

#endif

benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart;

benchmarkTable[benchmarkTotalItems].id = thid;

benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (unsigned __int64) (1000 * ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart / 2));

if (benchmarkPreBoot)

{

LONG *CompletionFlag;

char *DerivedKey;

int IterationCount;

TC_EVENT *NoOutstandingWorkItemEvent;

LONG *OutstandingWorkItemCount;

char *Password;

workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize());

break;

default:

TC_THROW_FATAL_EXCEPTION;

}

}

{

EncryptionThreadPoolWorkItem *workItem;

workItem->KeyDerivation.CompletionFlag = completionFlag;

workItem->KeyDerivation.DerivedKey = derivedKey;

workItem->KeyDerivation.IterationCount = iterationCount;

workItem->KeyDerivation.NoOutstandingWorkItemEvent = noOutstandingWorkItemEvent;

workItem->KeyDerivation.OutstandingWorkItemCount = outstandingWorkItemCount;

workItem->KeyDerivation.Password = password;

size_t GetCpuCount (WORD* pGroupCount);

#endif

void EncryptionThreadPoolBeginReadVolumeHeaderFinalization (TC_EVENT *keyDerivationCompletedEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG* outstandingWorkItemCount, void* keyInfoBuffer, int keyInfoBufferSize, void* keyDerivationWorkItems, int keyDerivationWorkItemsSize);

void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, uint8 *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo);

BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount);

<entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry>

<entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry>

<entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry>

</localization>

<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">

<xs:element name="VeraCrypt">

case STREEBOG:

return L"HMAC-STREEBOG";

default:

return L"(Unknown)";

}

{

if ( (pim < 0)

)

{

return 0;

}

switch (pkcs5_prf_id)

{

return bBoot? pim * 2048 : 15000 + pim * 1000;

}

default:

TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID

}

}

#endif //!TC_WINDOWS_BOOT

void hmac_streebog (char *k, int32 lk, char *d, int32 ld);

void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);

wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id);

/* check if given PRF supported.*/

typedef enum

{

break;

#ifndef WOLFCRYPT_BACKEND

digestSize = BLAKE2S_DIGESTSIZE;

break;

break;

#ifndef WOLFCRYPT_BACKEND

blake2s_init(&bctx);

blake2s_update(&bctx, pRandPool, RNG_POOL_SIZE);

blake2s_final(&bctx, hashOutputBuffer);

size_t encryptionThreadCount = GetEncryptionThreadCount();

LONG *outstandingWorkItemCount = NULL;

int i;

#endif

size_t queuedWorkItems = 0;

item->KeyReady = FALSE;

item->Pkcs5Prf = enqPkcs5Prf;

EncryptionThreadPoolBeginKeyDerivation (keyDerivationCompletedEvent, noOutstandingWorkItemEvent,

&item->KeyReady, outstandingWorkItemCount, enqPkcs5Prf, keyInfo->userKey,

++queuedWorkItems;

break;

if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)

{

pkcs5_prf = item->Pkcs5Prf;

memcpy (dk, item->DerivedKey, sizeof (dk));

item->Free = TRUE;

#endif // !defined(_UEFI)

{

pkcs5_prf = enqPkcs5Prf;

switch (pkcs5_prf)

{

break;

#ifndef WOLFCRYPT_BACKEND

derive_key_blake2s (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,

PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());

break;

derive_key_whirlpool (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,

PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());

break;

derive_key_streebog(keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,

PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());

break;

#endif

default:

// Unknown/wrong ID

{

cryptoInfo->pkcs5 = pkcs5_prf;

cryptoInfo->noIterations = keyInfo->noIterations;

cryptoInfo->volumePim = pim;

goto ret;

}

// PKCS #5

cryptoInfo->pkcs5 = pkcs5_prf;

cryptoInfo->noIterations = keyInfo->noIterations;

cryptoInfo->volumePim = pim;

// Init the cipher with the decrypted master key

{

memcpy (keyInfo.userKey, password->Text, nUserKeyLen);

keyInfo.keyLength = nUserKeyLen;

}

else

{

keyInfo.keyLength = 0;

keyInfo.noIterations = 0;

}

// User selected encryption algorithm

// User selected PRF

cryptoInfo->pkcs5 = pkcs5_prf;

cryptoInfo->noIterations = keyInfo.noIterations;

cryptoInfo->volumePim = pim;

// Mode of operation

derive_key_streebog(keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,

PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());

break;

#endif

default:

// Unknown/wrong ID