VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common
diff options
context:
space:
mode:
Diffstat (limited to 'src/Common')
-rw-r--r--src/Common/Apidrvr.h7
-rw-r--r--src/Common/BootEncryption.cpp4
-rw-r--r--src/Common/Cache.c10
-rw-r--r--src/Common/Cache.h2
-rw-r--r--src/Common/Crypto.h1
-rw-r--r--src/Common/Dlgcode.c39
-rw-r--r--src/Common/Dlgcode.h5
-rw-r--r--src/Common/Format.c2
-rw-r--r--src/Common/Password.c10
-rw-r--r--src/Common/Password.h2
-rw-r--r--src/Common/Pkcs5.c40
-rw-r--r--src/Common/Pkcs5.h4
-rw-r--r--src/Common/Tcdefs.h4
-rw-r--r--src/Common/Volumes.c44
-rw-r--r--src/Common/Volumes.h4
15 files changed, 51 insertions, 127 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index 2eddc3dd..d8bfc74f 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -129,10 +129,6 @@
#define VC_IOCTL_ENCRYPTION_QUEUE_PARAMS TC_IOCTL (43)
-// Legacy IOCTLs used before version 5.0
-#define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968
-#define TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES 466948
-
// Undocumented IOCTL sent by Windows 10 when handling EFS data on volumes
#define IOCTL_UNKNOWN_WINDOWS10_EFS_ACCESS 0x455610D8
@@ -170,7 +166,6 @@ typedef struct
BOOL RecoveryMode;
int pkcs5_prf;
int ProtectedHidVolPkcs5Prf;
- BOOL bTrueCryptMode;
uint32 BytesPerPhysicalSector;
int VolumePim;
int ProtectedHidVolPim;
@@ -200,7 +195,7 @@ typedef struct
unsigned __int64 diskLength[26];
int ea[26];
int volumeType[26]; /* Volume type (e.g. PROP_VOL_TYPE_OUTER, PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED, etc.) */
- BOOL truecryptMode[26];
+ BOOL reserved[26]; /* needed to keep the same size for the structure so that installer of new version can communicate with installed old version */
} MOUNT_LIST_STRUCT;
typedef struct
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 079eacc6..71d39057 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -4372,7 +4372,7 @@ namespace VeraCrypt
// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)
memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));
- if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, FALSE, NULL, cryptoInfo))
+ if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, NULL, cryptoInfo))
throw ParameterIncorrect (SRC_POS);
DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
@@ -5411,7 +5411,7 @@ namespace VeraCrypt
PCRYPTO_INFO cryptoInfo = NULL;
- int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, FALSE, &cryptoInfo, NULL);
+ int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, &cryptoInfo, NULL);
finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });
if (status != 0)
diff --git a/src/Common/Cache.c b/src/Common/Cache.c
index fe56a554..46249b9c 100644
--- a/src/Common/Cache.c
+++ b/src/Common/Cache.c
@@ -43,7 +43,7 @@ void VcUnprotectPassword (Password* pPassword, uint64 encID)
#endif
-int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo)
+int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo)
{
int nReturnCode = ERR_PASSWORD_WRONG;
int i, effectivePim;
@@ -51,7 +51,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *heade
/* Attempt to recognize volume using mount password */
if (password->Length > 0)
{
- nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, pim, truecryptMode, retInfo, NULL);
+ nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, pim, retInfo, NULL);
/* Save mount passwords back into cache if asked to do so */
if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))
@@ -124,13 +124,11 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *heade
#endif
if ((pCurrentPassword->Length > 0) && (pCurrentPassword->Length <= (unsigned int) ((bBoot? MAX_LEGACY_PASSWORD: MAX_PASSWORD))))
{
- if (truecryptMode)
- effectivePim = 0;
- else if (pim == -1)
+ if (pim == -1)
effectivePim = CachedPim[i];
else
effectivePim = pim;
- nReturnCode = ReadVolumeHeader (bBoot, header, pCurrentPassword, pkcs5_prf, effectivePim, truecryptMode, retInfo, NULL);
+ nReturnCode = ReadVolumeHeader (bBoot, header, pCurrentPassword, pkcs5_prf, effectivePim, retInfo, NULL);
if (nReturnCode != ERR_PASSWORD_WRONG)
break;
diff --git a/src/Common/Cache.h b/src/Common/Cache.h
index 841d5e67..0988bf29 100644
--- a/src/Common/Cache.h
+++ b/src/Common/Cache.h
@@ -22,5 +22,5 @@ extern int cacheEmpty;
void AddPasswordToCache (Password *password, int pim, BOOL bCachePim);
void AddLegacyPasswordToCache (PasswordLegacy *password, int pim);
-int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo);
+int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo);
void WipeCache (void);
diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h
index b9600cf9..178e08e1 100644
--- a/src/Common/Crypto.h
+++ b/src/Common/Crypto.h
@@ -257,7 +257,6 @@ typedef struct CRYPTO_INFO_t
#endif
int noIterations;
- BOOL bTrueCryptMode;
int volumePim;
BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 32e1617d..6318d915 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -5209,7 +5209,6 @@ static int DriverLoad ()
BOOL DriverUnload ()
{
- MOUNT_LIST_STRUCT driver;
int refCount;
int volumesMounted;
DWORD dwResult;
@@ -5234,13 +5233,6 @@ BOOL DriverUnload ()
// Test for mounted volumes
bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL);
- if (!bResult)
- {
- bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL);
- if (bResult)
- volumesMounted = driver.ulMountedDrives;
- }
-
if (bResult)
{
if (volumesMounted != 0)
@@ -5407,9 +5399,6 @@ load:
BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL);
- if (!bResult)
- bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL);
-
#ifndef SETUP // Don't check version during setup to allow removal of another version
if (bResult == FALSE)
{
@@ -6506,27 +6495,27 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
case SHA512:
/* PKCS-5 test with HMAC-SHA-512 used as the PRF */
- derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
+ derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case SHA256:
/* PKCS-5 test with HMAC-SHA-256 used as the PRF */
- derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
+ derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case BLAKE2S:
/* PKCS-5 test with HMAC-BLAKE2s used as the PRF */
- derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
+ derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case WHIRLPOOL:
/* PKCS-5 test with HMAC-Whirlpool used as the PRF */
- derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
+ derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case STREEBOG:
/* PKCS-5 test with HMAC-STREEBOG used as the PRF */
- derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
+ derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
}
}
@@ -6536,7 +6525,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart;
benchmarkTable[benchmarkTotalItems].id = thid;
- benchmarkTable[benchmarkTotalItems].decSpeed = get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot);
+ benchmarkTable[benchmarkTotalItems].decSpeed = get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot);
benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (unsigned __int64) (1000 * ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart / 2));
if (benchmarkPreBoot)
{
@@ -8234,15 +8223,6 @@ BOOL CheckFileExtension (wchar_t *fileName)
return FALSE;
}
-BOOL IsTrueCryptFileExtension (wchar_t *fileName)
-{
- wchar_t *ext = wcsrchr (fileName, L'.');
- if (ext && !_wcsicmp (ext, L".tc"))
- return TRUE;
- else
- return FALSE;
-}
-
void CorrectFileName (wchar_t* fileName)
{
/* replace '/' by '\' */
@@ -8886,7 +8866,6 @@ int MountVolume (HWND hwndDlg,
Password *password,
int pkcs5,
int pim,
- BOOL truecryptMode,
BOOL cachePassword,
BOOL cachePim,
BOOL sharedAccess,
@@ -8967,7 +8946,6 @@ retry:
else
mount.bMountManager = TRUE;
mount.pkcs5_prf = pkcs5;
- mount.bTrueCryptMode = truecryptMode;
mount.VolumePim = pim;
wstring path = volumePath;
@@ -9122,7 +9100,6 @@ retry:
burn (&mount.VolumePassword, sizeof (mount.VolumePassword));
burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword));
burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf));
- burn (&mount.bTrueCryptMode, sizeof (mount.bTrueCryptMode));
burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf));
SetLastError (dwLastError);
@@ -11701,7 +11678,7 @@ void ReportUnexpectedState (const char *techInfo)
#ifndef SETUP
-int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
+int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
{
int status = ERR_PARAMETER_INCORRECT;
int volumeType;
@@ -11876,7 +11853,7 @@ int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password
}
// Decrypt volume header
- status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, truecryptMode, &context->CryptoInfo, NULL);
+ status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, &context->CryptoInfo, NULL);
if (status == ERR_PASSWORD_WRONG)
continue; // Try next volume type
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h
index 7f7efb0f..cdd94938 100644
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -385,7 +385,6 @@ BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo);
BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue);
BOOL CheckCapsLock (HWND hwnd, BOOL quiet);
BOOL CheckFileExtension (wchar_t *fileName);
-BOOL IsTrueCryptFileExtension (wchar_t *fileName);
void CorrectFileName (wchar_t* fileName);
void CorrectURL (wchar_t* fileName);
void IncreaseWrongPwdRetryCount (int count);
@@ -398,7 +397,7 @@ BOOL IsDriveAvailable (int driveNo);
BOOL IsDeviceMounted (wchar_t *deviceName);
int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced);
void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap);
-int MountVolume (HWND hwndDlg, int driveNo, wchar_t *volumePath, Password *password, int pkcs5, int pim, BOOL truecryptMode, BOOL cachePassword, BOOL cachePim, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
+int MountVolume (HWND hwndDlg, int driveNo, wchar_t *volumePath, Password *password, int pkcs5, int pim, BOOL cachePassword, BOOL cachePim, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount);
BOOL UnmountVolumeAfterFormatExCall (HWND hwndDlg, int nDosDriveNo);
BOOL IsPasswordCacheEmpty (void);
@@ -534,7 +533,7 @@ void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT h
BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);
BOOL GetSysDevicePaths (HWND hwndDlg);
BOOL DoDriverInstall (HWND hwndDlg);
-int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
+int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context);
int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode);
BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);
diff --git a/src/Common/Format.c b/src/Common/Format.c
index a34b227d..6c3e2fff 100644
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@@ -787,7 +787,7 @@ error:
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
- if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, Silent, TRUE) < 1)
+ if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, FALSE, FALSE, TRUE, &mountOptions, Silent, TRUE) < 1)
{
if (!Silent)
{
diff --git a/src/Common/Password.c b/src/Common/Password.c
index 4caf3a21..ae6b8035 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -168,7 +168,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim
return TRUE;
}
-int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)
+int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)
{
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@@ -191,7 +191,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
if (oldPassword->Length == 0 || newPassword->Length == 0) return -1;
- if ((wipePassCount <= 0) || (truecryptMode && (old_pkcs5 == SHA256)))
+ if (wipePassCount <= 0)
{
nStatus = ERR_PARAMETER_INCORRECT;
handleError (hwndDlg, nStatus, SRC_POS);
@@ -367,7 +367,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
/* Try to decrypt the header */
- nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, old_pim, truecryptMode, &cryptoInfo, NULL);
+ nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, old_pim, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here
@@ -440,7 +440,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
(volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0,
cryptoInfo->EncryptedAreaStart.Value,
cryptoInfo->EncryptedAreaLength.Value,
- truecryptMode? 0 : cryptoInfo->RequiredProgramVersion,
+ cryptoInfo->RequiredProgramVersion,
cryptoInfo->HeaderFlags,
cryptoInfo->SectorSize,
wipePass < wipePassCount - 1);
@@ -494,7 +494,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
cryptoInfo->VolumeSize.Value,
cryptoInfo->EncryptedAreaStart.Value,
cryptoInfo->EncryptedAreaLength.Value,
- truecryptMode? 0 : cryptoInfo->RequiredProgramVersion,
+ cryptoInfo->RequiredProgramVersion,
cryptoInfo->HeaderFlags,
cryptoInfo->SectorSize,
wipePass < wipePassCount - 1);
diff --git a/src/Common/Password.h b/src/Common/Password.h
index 550558db..dd3fbed6 100644
--- a/src/Common/Password.h
+++ b/src/Common/Password.h
@@ -58,7 +58,7 @@ typedef struct
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
-int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);
+int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c
index 4ba30cb5..d81078e8 100644
--- a/src/Common/Pkcs5.c
+++ b/src/Common/Pkcs5.c
@@ -1278,10 +1278,9 @@ wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id)
-int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot)
+int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL bBoot)
{
if ( (pim < 0)
- || (truecryptMode && pim > 0) /* No PIM for TrueCrypt mode */
)
{
return 0;
@@ -1291,9 +1290,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
{
case BLAKE2S:
- if (truecryptMode)
- return 0; // BLAKE2s not supported by TrueCrypt
- else if (pim == 0)
+ if (pim == 0)
return bBoot? 200000 : 500000;
else
{
@@ -1301,15 +1298,13 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
}
case SHA512:
- return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000);
+ return ((pim == 0)? 500000 : 15000 + pim * 1000);
case WHIRLPOOL:
- return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000);
+ return ((pim == 0)? 500000 : 15000 + pim * 1000);
case SHA256:
- if (truecryptMode)
- return 0; // SHA-256 not supported by TrueCrypt
- else if (pim == 0)
+ if (pim == 0)
return bBoot? 200000 : 500000;
else
{
@@ -1317,9 +1312,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
}
case STREEBOG:
- if (truecryptMode)
- return 1000;
- else if (pim == 0)
+ if (pim == 0)
return bBoot? 200000 : 500000;
else
{
@@ -1334,26 +1327,15 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
#endif
}
-int is_pkcs5_prf_supported (int pkcs5_prf_id, BOOL truecryptMode, PRF_BOOT_TYPE bootType)
+int is_pkcs5_prf_supported (int pkcs5_prf_id, PRF_BOOT_TYPE bootType)
{
if (pkcs5_prf_id == 0) // auto-detection always supported
return 1;
- if (truecryptMode)
- {
- if ( (bootType == PRF_BOOT_GPT)
- || (bootType == PRF_BOOT_MBR)
- || (bootType == PRF_BOOT_NO && pkcs5_prf_id != SHA512 && pkcs5_prf_id != WHIRLPOOL)
- )
- return 0;
- }
- else
- {
- if ( (bootType == PRF_BOOT_MBR && pkcs5_prf_id != BLAKE2S && pkcs5_prf_id != SHA256)
- || (bootType != PRF_BOOT_MBR && (pkcs5_prf_id < FIRST_PRF_ID || pkcs5_prf_id > LAST_PRF_ID))
- )
- return 0;
- }
+ if ( (bootType == PRF_BOOT_MBR && pkcs5_prf_id != BLAKE2S && pkcs5_prf_id != SHA256)
+ || (bootType != PRF_BOOT_MBR && (pkcs5_prf_id < FIRST_PRF_ID || pkcs5_prf_id > LAST_PRF_ID))
+ )
+ return 0;
return 1;
diff --git a/src/Common/Pkcs5.h b/src/Common/Pkcs5.h
index 4a6b6882..a9abeec5 100644
--- a/src/Common/Pkcs5.h
+++ b/src/Common/Pkcs5.h
@@ -40,7 +40,7 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin
void hmac_streebog (char *k, int32 lk, char *d, int32 ld);
void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);
-int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot);
+int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL bBoot);
wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id);
/* check if given PRF supported.*/
@@ -51,7 +51,7 @@ typedef enum
PRF_BOOT_GPT
} PRF_BOOT_TYPE;
-int is_pkcs5_prf_supported (int pkcs5_prf_id, BOOL truecryptMode, PRF_BOOT_TYPE bootType);
+int is_pkcs5_prf_supported (int pkcs5_prf_id, PRF_BOOT_TYPE bootType);
#endif
#if defined(__cplusplus)
diff --git a/src/Common/Tcdefs.h b/src/Common/Tcdefs.h
index 617126a6..021b2d13 100644
--- a/src/Common/Tcdefs.h
+++ b/src/Common/Tcdefs.h
@@ -59,7 +59,7 @@ extern unsigned short _rotl16(unsigned short value, unsigned char shift);
#define TC_APP_NAME "VeraCrypt"
// Version displayed to user
-#define VERSION_STRING "1.26.3"
+#define VERSION_STRING "1.26.4"
#ifdef VC_EFI_CUSTOM_MODE
#define VERSION_STRING_SUFFIX "-CustomEFI"
@@ -73,7 +73,7 @@ extern unsigned short _rotl16(unsigned short value, unsigned char shift);
#define VERSION_NUM 0x0126
// Release date
-#define TC_STR_RELEASE_DATE L"July 2, 2023"
+#define TC_STR_RELEASE_DATE L"July 23, 2023"
#define TC_RELEASE_DATE_YEAR 2023
#define TC_RELEASE_DATE_MONTH 07
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 9590715e..40be21c8 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -169,7 +169,7 @@ typedef struct
BOOL ReadVolumeHeaderRecoveryMode = FALSE;
-int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
+int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned char* keyInfoBuffer = NULL;
@@ -210,14 +210,6 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (pim < 0)
pim = 0;
- if (truecryptMode)
- {
- // SHA-256 not supported in TrueCrypt mode
- if (selected_pkcs5_prf == SHA256)
- return ERR_PARAMETER_INCORRECT;
- pkcs5PrfCount--; // don't count SHA-256 in case of TrueCrypt mode
- }
-
if (retHeaderCryptoInfo != NULL)
{
cryptoInfo = retHeaderCryptoInfo;
@@ -315,9 +307,6 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf)
continue;
- // skip SHA-256 in case of TrueCrypt mode
- if (truecryptMode && (enqPkcs5Prf == SHA256))
- continue;
#if !defined(_UEFI)
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
@@ -335,7 +324,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
EncryptionThreadPoolBeginKeyDerivation (keyDerivationCompletedEvent, noOutstandingWorkItemEvent,
&item->KeyReady, outstandingWorkItemCount, enqPkcs5Prf, keyInfo->userKey,
- keyInfo->keyLength, keyInfo->salt, get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot), item->DerivedKey);
+ keyInfo->keyLength, keyInfo->salt, get_pkcs5_iteration_count (enqPkcs5Prf, pim, bBoot), item->DerivedKey);
++queuedWorkItems;
break;
@@ -357,7 +346,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)
{
pkcs5_prf = item->Pkcs5Prf;
- keyInfo->noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, truecryptMode, bBoot);
+ keyInfo->noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, bBoot);
memcpy (dk, item->DerivedKey, sizeof (dk));
item->Free = TRUE;
@@ -376,7 +365,7 @@ KeyReady: ;
#endif // !defined(_UEFI)
{
pkcs5_prf = enqPkcs5Prf;
- keyInfo->noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot);
+ keyInfo->noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, bBoot);
switch (pkcs5_prf)
{
@@ -465,10 +454,8 @@ KeyReady: ;
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
- // Magic 'VERA' or 'TRUE' depending if we are in TrueCrypt mode or not
- if ((truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545)
- || (!truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241)
- )
+ // Magic 'VERA'
+ if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241)
continue;
// Header version
@@ -488,17 +475,7 @@ KeyReady: ;
// Required program version
cryptoInfo->RequiredProgramVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_REQUIRED_VERSION);
- if (truecryptMode)
- {
- if (cryptoInfo->RequiredProgramVersion < 0x600 || cryptoInfo->RequiredProgramVersion > 0x71a)
- {
- status = ERR_UNSUPPORTED_TRUECRYPT_FORMAT | (((int)cryptoInfo->RequiredProgramVersion) << 16);
- goto err;
- }
- cryptoInfo->LegacyVolume = FALSE;
- }
- else
- cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b;
+ cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b;
// Check CRC of the key set
if (!ReadVolumeHeaderRecoveryMode
@@ -508,7 +485,7 @@ KeyReady: ;
// Now we have the correct password, cipher, hash algorithm, and volume type
// Check the version required to handle this volume
- if (!truecryptMode && (cryptoInfo->RequiredProgramVersion > VERSION_NUM))
+ if (cryptoInfo->RequiredProgramVersion > VERSION_NUM)
{
status = ERR_NEW_VERSION_REQUIRED;
goto err;
@@ -560,7 +537,6 @@ KeyReady: ;
{
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo->noIterations;
- cryptoInfo->bTrueCryptMode = truecryptMode;
cryptoInfo->volumePim = pim;
goto ret;
}
@@ -602,7 +578,6 @@ KeyReady: ;
// PKCS #5
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo->noIterations;
- cryptoInfo->bTrueCryptMode = truecryptMode;
cryptoInfo->volumePim = pim;
// Init the cipher with the decrypted master key
@@ -946,7 +921,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
{
memcpy (keyInfo.userKey, password->Text, nUserKeyLen);
keyInfo.keyLength = nUserKeyLen;
- keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, FALSE, bBoot);
+ keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, bBoot);
}
else
{
@@ -959,7 +934,6 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
// User selected PRF
cryptoInfo->pkcs5 = pkcs5_prf;
- cryptoInfo->bTrueCryptMode = FALSE;
cryptoInfo->noIterations = keyInfo.noIterations;
cryptoInfo->volumePim = pim;
diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h
index 08776711..1c9981c2 100644
--- a/src/Common/Volumes.h
+++ b/src/Common/Volumes.h
@@ -135,11 +135,11 @@ UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
#if defined(TC_WINDOWS_BOOT)
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#elif defined(_UEFI)
-int ReadVolumeHeader(BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
+int ReadVolumeHeader(BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int CreateVolumeHeaderInMemory(BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
BOOL RandgetBytes(unsigned char *buf, int len, BOOL forceSlowPoll);
#else
-int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
+int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#if defined(_WIN32) && !defined(_UEFI)
void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint);
#endif