VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Volume/VolumeHeader.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/Volume/VolumeHeader.cpp')
-rw-r--r--src/Volume/VolumeHeader.cpp80
1 files changed, 53 insertions, 27 deletions
diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp
index 13f04b35..2b8699a3 100644
--- a/src/Volume/VolumeHeader.cpp
+++ b/src/Volume/VolumeHeader.cpp
@@ -3,16 +3,19 @@
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
- and all other portions of this file are Copyright (c) 2013-2016 IDRIX
+ and all other portions of this file are Copyright (c) 2013-2017 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#include "Crc32.h"
#include "EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "EncryptionModeWolfCryptXTS.h"
+#endif
#include "Pkcs5Kdf.h"
#include "Pkcs5Kdf.h"
#include "VolumeHeader.h"
#include "VolumeException.h"
@@ -43,8 +46,9 @@ namespace VeraCrypt
EncryptedAreaStart = 0;
EncryptedAreaLength = 0;
Flags = 0;
SectorSize = 0;
+ XtsKeyVulnerable = false;
}
void VolumeHeader::Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options)
{
@@ -58,8 +62,11 @@ namespace VeraCrypt
DataAreaKey.Zero();
DataAreaKey.CopyFrom (options.DataKey);
+ // check if the XTS key is vulnerable by comparing the two parts of the key
+ XtsKeyVulnerable = (memcmp (options.DataKey.Get() + options.EA->GetKeySize(), options.DataKey.Get(), options.EA->GetKeySize()) == 0);
+
VolumeCreationTime = 0;
HiddenVolumeDataSize = (options.Type == VolumeType::Hidden ? options.VolumeDataSize : 0);
VolumeDataSize = options.VolumeDataSize;
@@ -75,15 +82,19 @@ namespace VeraCrypt
throw ParameterIncorrect (SRC_POS);
}
EA = options.EA;
- shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
- EA->SetMode (mode);
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS ());
+ #else
+ shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
+ #endif
+ EA->SetMode (mode);
EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf);
}
- bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
+ bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, int pim, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
{
if (password.Size() < 1)
throw PasswordEmpty (SRC_POS);
@@ -99,19 +110,30 @@ namespace VeraCrypt
pkcs5->DeriveKey (headerKey, password, pim, salt);
foreach (shared_ptr <EncryptionMode> mode, encryptionModes)
{
- if (typeid (*mode) != typeid (EncryptionModeXTS))
- mode->SetKey (headerKey.GetRange (0, mode->GetKeySize()));
+ #ifdef WOLFCRYPT_BACKEND
+ if (typeid (*mode) != typeid (EncryptionModeWolfCryptXTS))
+ #else
+ if (typeid (*mode) != typeid (EncryptionModeXTS))
+ #endif
+ mode->SetKey (headerKey.GetRange (0, mode->GetKeySize()));
foreach (shared_ptr <EncryptionAlgorithm> ea, encryptionAlgorithms)
{
if (!ea->IsModeSupported (mode))
continue;
+ #ifndef WOLFCRYPT_BACKEND
if (typeid (*mode) == typeid (EncryptionModeXTS))
{
- ea->SetKey (headerKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKey (headerKey.GetRange (0, ea->GetKeySize()));
+ #else
+ if (typeid (*mode) == typeid (EncryptionModeWolfCryptXTS))
+ {
+ ea->SetKey (headerKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKeyXTS (headerKey.GetRange (ea->GetKeySize(), ea->GetKeySize()));
+ #endif
mode = mode->GetNew();
mode->SetKey (headerKey.GetRange (ea->GetKeySize(), ea->GetKeySize()));
}
@@ -124,9 +146,9 @@ namespace VeraCrypt
header.CopyFrom (encryptedData.GetRange (EncryptedHeaderDataOffset, EncryptedHeaderDataSize));
ea->Decrypt (header);
- if (Deserialize (header, ea, mode, truecryptMode))
+ if (Deserialize (header, ea, mode))
{
EA = ea;
Pkcs5 = pkcs5;
return true;
@@ -137,20 +159,14 @@ namespace VeraCrypt
return false;
}
- bool VolumeHeader::Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode, bool truecryptMode)
+ bool VolumeHeader::Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode)
{
if (header.Size() != EncryptedHeaderDataSize)
throw ParameterIncorrect (SRC_POS);
- if (truecryptMode && (header[0] != 'T' ||
- header[1] != 'R' ||
- header[2] != 'U' ||
- header[3] != 'E'))
- return false;
-
- if (!truecryptMode && (header[0] != 'V' ||
+ if ((header[0] != 'V' ||
header[1] != 'E' ||
header[2] != 'R' ||
header[3] != 'A'))
return false;
@@ -172,18 +188,11 @@ namespace VeraCrypt
}
RequiredMinProgramVersion = DeserializeEntry <uint16> (header, offset);
- if (!truecryptMode && (RequiredMinProgramVersion > Version::Number()))
+ if ((RequiredMinProgramVersion > Version::Number()))
throw HigherVersionRequired (SRC_POS);
- if (truecryptMode)
- {
- if (RequiredMinProgramVersion < 0x600 || RequiredMinProgramVersion > 0x71a)
- throw UnsupportedTrueCryptFormat (SRC_POS);
- RequiredMinProgramVersion = CurrentRequiredMinProgramVersion;
- }
-
VolumeKeyAreaCrc32 = DeserializeEntry <uint32> (header, offset);
VolumeCreationTime = DeserializeEntry <uint64> (header, offset);
HeaderCreationTime = DeserializeEntry <uint64> (header, offset);
HiddenVolumeDataSize = DeserializeEntry <uint64> (header, offset);
@@ -218,12 +227,22 @@ namespace VeraCrypt
ea = ea->GetNew();
mode = mode->GetNew();
+ #ifndef WOLFCRYPT_BACKEND
if (typeid (*mode) == typeid (EncryptionModeXTS))
{
- ea->SetKey (header.GetRange (offset, ea->GetKeySize()));
+ ea->SetKey (header.GetRange (offset, ea->GetKeySize()));
+ #else
+ if (typeid (*mode) == typeid (EncryptionModeWolfCryptXTS))
+ {
+ ea->SetKey (header.GetRange (offset, ea->GetKeySize()));
+ ea->SetKeyXTS (header.GetRange (offset + ea->GetKeySize(), ea->GetKeySize()));
+ #endif
mode->SetKey (header.GetRange (offset + ea->GetKeySize(), ea->GetKeySize()));
+
+ // check if the XTS key is vulnerable by comparing the two parts of the key
+ XtsKeyVulnerable = (memcmp (DataAreaKey.Ptr() + ea->GetKeySize(), DataAreaKey.Ptr(), ea->GetKeySize()) == 0);
}
else
{
mode->SetKey (header.GetRange (offset, mode->GetKeySize()));
@@ -262,12 +281,19 @@ namespace VeraCrypt
shared_ptr <EncryptionMode> mode = EA->GetMode()->GetNew();
shared_ptr <EncryptionAlgorithm> ea = EA->GetNew();
+ #ifndef WOLFCRYPT_BACKEND
if (typeid (*mode) == typeid (EncryptionModeXTS))
{
- mode->SetKey (newHeaderKey.GetRange (EA->GetKeySize(), EA->GetKeySize()));
- ea->SetKey (newHeaderKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKey (newHeaderKey.GetRange (0, ea->GetKeySize()));
+ #else
+ if (typeid (*mode) == typeid (EncryptionModeWolfCryptXTS))
+ {
+ ea->SetKey (newHeaderKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKeyXTS (newHeaderKey.GetRange (EA->GetKeySize(), EA->GetKeySize()));
+ #endif
+ mode->SetKey (newHeaderKey.GetRange (EA->GetKeySize(), EA->GetKeySize()));
}
else
{
mode->SetKey (newHeaderKey.GetRange (0, mode->GetKeySize()));