VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Volume
diff options
context:
space:
mode:
Diffstat (limited to 'src/Volume')
-rw-r--r--src/Volume/Cipher.cpp44
-rw-r--r--src/Volume/Cipher.h3
-rw-r--r--src/Volume/EncryptionAlgorithm.cpp12
-rw-r--r--src/Volume/EncryptionAlgorithm.h1
-rw-r--r--src/Volume/EncryptionTest.cpp61
-rw-r--r--src/Volume/Hash.cpp21
-rw-r--r--src/Volume/Hash.h20
-rw-r--r--src/Volume/Pkcs5Kdf.cpp11
-rw-r--r--src/Volume/Pkcs5Kdf.h36
-rw-r--r--src/Volume/Volume.make12
-rw-r--r--src/Volume/VolumeLayout.cpp8
11 files changed, 60 insertions, 169 deletions
diff --git a/src/Volume/Cipher.cpp b/src/Volume/Cipher.cpp
index 02ee6989..8c6ce390 100644
--- a/src/Volume/Cipher.cpp
+++ b/src/Volume/Cipher.cpp
@@ -18,3 +18,2 @@
#include "Crypto/Camellia.h"
-#include "Crypto/GostCipher.h"
#include "Crypto/kuznyechik.h"
@@ -100,3 +99,2 @@ namespace VeraCrypt
l.push_back (shared_ptr <Cipher> (new CipherCamellia ()));
- l.push_back (shared_ptr <Cipher> (new CipherGost89 ()));
l.push_back (shared_ptr <Cipher> (new CipherKuznyechik ()));
@@ -401,44 +399,2 @@ namespace VeraCrypt
- // GOST89
- void CipherGost89::Decrypt (byte *data) const
- {
- gost_decrypt (data, data, (gost_kds *) ScheduledKey.Ptr(), 1);
- }
-
- void CipherGost89::Encrypt (byte *data) const
- {
- gost_encrypt (data, data, (gost_kds *) ScheduledKey.Ptr(), 1);
- }
-
- size_t CipherGost89::GetScheduledKeySize () const
- {
- return GOST_KS;
- }
-
- void CipherGost89::SetCipherKey (const byte *key)
- {
- gost_set_key (key, (gost_kds *) ScheduledKey.Ptr(), 1);
- }
-
- // GOST89 with static SBOX
- void CipherGost89StaticSBOX::Decrypt (byte *data) const
- {
- gost_decrypt (data, data, (gost_kds *) ScheduledKey.Ptr(), 1);
- }
-
- void CipherGost89StaticSBOX::Encrypt (byte *data) const
- {
- gost_encrypt (data, data, (gost_kds *) ScheduledKey.Ptr(), 1);
- }
-
- size_t CipherGost89StaticSBOX::GetScheduledKeySize () const
- {
- return GOST_KS;
- }
-
- void CipherGost89StaticSBOX::SetCipherKey (const byte *key)
- {
- gost_set_key (key, (gost_kds *) ScheduledKey.Ptr(), 0);
- }
-
// Kuznyechik
diff --git a/src/Volume/Cipher.h b/src/Volume/Cipher.h
index 061dcc38..31a519a5 100644
--- a/src/Volume/Cipher.h
+++ b/src/Volume/Cipher.h
@@ -110,5 +110,2 @@ namespace VeraCrypt
- TC_CIPHER (Gost89, 16, 32);
- TC_CIPHER (Gost89StaticSBOX, 16, 32);
-
#undef TC_CIPHER
diff --git a/src/Volume/EncryptionAlgorithm.cpp b/src/Volume/EncryptionAlgorithm.cpp
index b94f69fa..85d9be1c 100644
--- a/src/Volume/EncryptionAlgorithm.cpp
+++ b/src/Volume/EncryptionAlgorithm.cpp
@@ -67,3 +67,2 @@ namespace VeraCrypt
l.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
- l.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
l.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
@@ -303,13 +302,2 @@ namespace VeraCrypt
-
- // GOST89
- GOST89::GOST89 ()
- {
- Deprecated = true;
-
- Ciphers.push_back (shared_ptr <Cipher> (new CipherGost89()));
-
- SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
- }
-
// Kuznyechik
diff --git a/src/Volume/EncryptionAlgorithm.h b/src/Volume/EncryptionAlgorithm.h
index a701e700..56642146 100644
--- a/src/Volume/EncryptionAlgorithm.h
+++ b/src/Volume/EncryptionAlgorithm.h
@@ -88,3 +88,2 @@ namespace VeraCrypt
TC_ENCRYPTION_ALGORITHM (Camellia);
- TC_ENCRYPTION_ALGORITHM (GOST89);
TC_ENCRYPTION_ALGORITHM (Kuznyechik);
diff --git a/src/Volume/EncryptionTest.cpp b/src/Volume/EncryptionTest.cpp
index 22aea220..5c251bd5 100644
--- a/src/Volume/EncryptionTest.cpp
+++ b/src/Volume/EncryptionTest.cpp
@@ -125,19 +125,3 @@ namespace VeraCrypt
};
-
- static const CipherTestVector GOST89TestVectors[] =
- {
- {
- {
- 0xFF, 0xEE, 0xDD, 0xCC, 0xBB, 0xAA, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00,
- 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF
- },
- {
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, 0xFF, 0xEE, 0xDD, 0xCC, 0xBB, 0xAA, 0x99, 0x88
- },
- {
- 0x8F, 0xC6, 0xFE, 0xB8, 0x91, 0x51, 0x4C, 0x37, 0x4D, 0x51, 0x46, 0xEF, 0x02, 0x9D, 0xBD, 0x9F
- }
- }
- };
-
+
static const CipherTestVector KuznyechikTestVectors[] =
@@ -217,5 +201,2 @@ namespace VeraCrypt
- CipherGost89StaticSBOX gost89;
- TestCipher (gost89, GOST89TestVectors, array_capacity (GOST89TestVectors));
-
CipherKuznyechik kuznyechik;
@@ -655,28 +636,2 @@ namespace VeraCrypt
}
- else if (typeid (ea) == typeid (GOST89))
- {
- switch (testCase)
- {
- case 0:
- if (crc != 0x12194ef5)
- throw TestFailed (SRC_POS);
- nTestsPerformed++;
- break;
- case 1:
- if (crc != 0xda8d429b)
- throw TestFailed (SRC_POS);
- nTestsPerformed++;
- break;
- case 2:
- if (crc != 0xdbf0b12e)
- throw TestFailed (SRC_POS);
- nTestsPerformed++;
- break;
- case 3:
- if (crc != 0xb986eb4a)
- throw TestFailed (SRC_POS);
- nTestsPerformed++;
- break;
- }
- }
else if (typeid (ea) == typeid (Kuznyechik))
@@ -1039,8 +994,2 @@ namespace VeraCrypt
}
- else if (typeid (ea) == typeid (GOST89))
- {
- if (crc != 0x9e8653cb)
- throw TestFailed (SRC_POS);
- nTestsPerformed++;
- }
else if (typeid (ea) == typeid (Kuznyechik))
@@ -1123,3 +1072,3 @@ namespace VeraCrypt
- if (nTestsPerformed != 160)
+ if (nTestsPerformed != 150)
throw TestFailed (SRC_POS);
@@ -1134,5 +1083,5 @@ namespace VeraCrypt
- Pkcs5HmacRipemd160 pkcs5HmacRipemd160(false);
- pkcs5HmacRipemd160.DeriveKey (derivedKey, password, salt, 5);
- if (memcmp (derivedKey.Ptr(), "\x7a\x3d\x7c\x03", 4) != 0)
+ Pkcs5HmacBlake2s pkcs5HmacBlake2s;
+ pkcs5HmacBlake2s.DeriveKey (derivedKey, password, salt, 5);
+ if (memcmp (derivedKey.Ptr(), "\x8d\x51\xfa\x31", 4) != 0)
throw TestFailed (SRC_POS);
diff --git a/src/Volume/Hash.cpp b/src/Volume/Hash.cpp
index 3925dde6..aad900c1 100644
--- a/src/Volume/Hash.cpp
+++ b/src/Volume/Hash.cpp
@@ -14,3 +14,3 @@
-#include "Crypto/Rmd160.h"
+#include "Crypto/blake2.h"
#include "Crypto/Sha2.h"
@@ -27,5 +27,5 @@ namespace VeraCrypt
l.push_back (shared_ptr <Hash> (new Whirlpool ()));
+ l.push_back (shared_ptr <Hash> (new Blake2s ()));
l.push_back (shared_ptr <Hash> (new Sha256 ()));
l.push_back (shared_ptr <Hash> (new Streebog ()));
- l.push_back (shared_ptr <Hash> (new Ripemd160 ()));
@@ -47,6 +47,5 @@ namespace VeraCrypt
// RIPEMD-160
- Ripemd160::Ripemd160 ()
+ Blake2s::Blake2s ()
{
- Deprecated = true; // Mark RIPEMD-160 as deprecated like on Windows.
- Context.Allocate (sizeof (RMD160_CTX), 32);
+ Context.Allocate (sizeof (blake2s_state), 32);
Init();
@@ -54,17 +53,17 @@ namespace VeraCrypt
- void Ripemd160::GetDigest (const BufferPtr &buffer)
+ void Blake2s::GetDigest (const BufferPtr &buffer)
{
if_debug (ValidateDigestParameters (buffer));
- RMD160Final (buffer, (RMD160_CTX *) Context.Ptr());
+ blake2s_final ((blake2s_state *) Context.Ptr(), buffer);
}
- void Ripemd160::Init ()
+ void Blake2s::Init ()
{
- RMD160Init ((RMD160_CTX *) Context.Ptr());
+ blake2s_init ((blake2s_state *) Context.Ptr());
}
- void Ripemd160::ProcessData (const ConstBufferPtr &data)
+ void Blake2s::ProcessData (const ConstBufferPtr &data)
{
if_debug (ValidateDataParameters (data));
- RMD160Update ((RMD160_CTX *) Context.Ptr(), data.Get(), (int) data.Size());
+ blake2s_update ((blake2s_state *) Context.Ptr(), data.Get(), data.Size());
}
diff --git a/src/Volume/Hash.h b/src/Volume/Hash.h
index c76a6896..0e464b37 100644
--- a/src/Volume/Hash.h
+++ b/src/Volume/Hash.h
@@ -50,8 +50,8 @@ namespace VeraCrypt
- // RIPEMD-160
- class Ripemd160 : public Hash
+ // Blake2s
+ class Blake2s : public Hash
{
public:
- Ripemd160 ();
- virtual ~Ripemd160 () { }
+ Blake2s ();
+ virtual ~Blake2s () { }
@@ -59,6 +59,6 @@ namespace VeraCrypt
virtual size_t GetBlockSize () const { return 64; }
- virtual size_t GetDigestSize () const { return 160 / 8; }
- virtual wstring GetName () const { return L"RIPEMD-160"; }
- virtual wstring GetAltName () const { return L"RIPEMD160"; }
- virtual shared_ptr <Hash> GetNew () const { return shared_ptr <Hash> (new Ripemd160); }
+ virtual size_t GetDigestSize () const { return 32; }
+ virtual wstring GetName () const { return L"BLAKE2s-256"; }
+ virtual wstring GetAltName () const { return L"BLAKE2s"; }
+ virtual shared_ptr <Hash> GetNew () const { return shared_ptr <Hash> (new Blake2s); }
virtual void Init ();
@@ -69,4 +69,4 @@ namespace VeraCrypt
private:
- Ripemd160 (const Ripemd160 &);
- Ripemd160 &operator= (const Ripemd160 &);
+ Blake2s (const Blake2s &);
+ Blake2s &operator= (const Blake2s &);
};
diff --git a/src/Volume/Pkcs5Kdf.cpp b/src/Volume/Pkcs5Kdf.cpp
index ba5f46dd..fee057a8 100644
--- a/src/Volume/Pkcs5Kdf.cpp
+++ b/src/Volume/Pkcs5Kdf.cpp
@@ -60,3 +60,2 @@ namespace VeraCrypt
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (true)));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 (true)));
}
@@ -66,4 +65,4 @@ namespace VeraCrypt
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ()));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacBlake2s ()));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (false)));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 (false)));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacStreebog ()));
@@ -80,12 +79,12 @@ namespace VeraCrypt
- void Pkcs5HmacRipemd160::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
+ void Pkcs5HmacBlake2s_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
{
ValidateParameters (key, password, salt, iterationCount);
- derive_key_ripemd160 ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
+ derive_key_blake2s ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
}
- void Pkcs5HmacRipemd160_1000::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
+ void Pkcs5HmacBlake2s::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
{
ValidateParameters (key, password, salt, iterationCount);
- derive_key_ripemd160 ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
+ derive_key_blake2s ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
}
diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h
index 76cc56a0..25ad76e8 100644
--- a/src/Volume/Pkcs5Kdf.h
+++ b/src/Volume/Pkcs5Kdf.h
@@ -53,34 +53,34 @@ namespace VeraCrypt
- class Pkcs5HmacRipemd160 : public Pkcs5Kdf
+ class Pkcs5HmacBlake2s_Boot : public Pkcs5Kdf
{
public:
- Pkcs5HmacRipemd160 (bool truecryptMode) : Pkcs5Kdf (truecryptMode) { }
- virtual ~Pkcs5HmacRipemd160 () { }
+ Pkcs5HmacBlake2s_Boot () : Pkcs5Kdf(false) { }
+ virtual ~Pkcs5HmacBlake2s_Boot () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
- virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
- virtual int GetIterationCount (int pim) const { return m_truecryptMode? 2000 : (pim <= 0 ? 655331 : (15000 + (pim * 1000))) ; }
- virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
- virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(m_truecryptMode); }
+ virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Blake2s); }
+ virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : (pim * 2048); }
+ virtual wstring GetName () const { return L"HMAC-BLAKE2s-256"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacBlake2s_Boot(); }
private:
- Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &);
- Pkcs5HmacRipemd160 &operator= (const Pkcs5HmacRipemd160 &);
+ Pkcs5HmacBlake2s_Boot (const Pkcs5HmacBlake2s_Boot &);
+ Pkcs5HmacBlake2s_Boot &operator= (const Pkcs5HmacBlake2s_Boot &);
};
- class Pkcs5HmacRipemd160_1000 : public Pkcs5Kdf
+ class Pkcs5HmacBlake2s : public Pkcs5Kdf
{
public:
- Pkcs5HmacRipemd160_1000 (bool truecryptMode) : Pkcs5Kdf(truecryptMode) { }
- virtual ~Pkcs5HmacRipemd160_1000 () { }
+ Pkcs5HmacBlake2s () : Pkcs5Kdf(false) { }
+ virtual ~Pkcs5HmacBlake2s () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
- virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
- virtual int GetIterationCount (int pim) const { return m_truecryptMode? 1000 : (pim <= 0 ? 327661 : (pim * 2048)); }
- virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
- virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(m_truecryptMode); }
+ virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Blake2s); }
+ virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); }
+ virtual wstring GetName () const { return L"HMAC-BLAKE2s-256"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacBlake2s(); }
private:
- Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &);
- Pkcs5HmacRipemd160_1000 &operator= (const Pkcs5HmacRipemd160_1000 &);
+ Pkcs5HmacBlake2s (const Pkcs5HmacBlake2s &);
+ Pkcs5HmacBlake2s &operator= (const Pkcs5HmacBlake2s &);
};
diff --git a/src/Volume/Volume.make b/src/Volume/Volume.make
index a7f9ef0a..91f40fb7 100644
--- a/src/Volume/Volume.make
+++ b/src/Volume/Volume.make
@@ -73,2 +73,10 @@ endif
+ifeq "$(GCC_GTEQ_430)" "1"
+OBJSSSE41 += ../Crypto/blake2s_SSE41.osse41
+OBJSSSSE3 += ../Crypto/blake2s_SSSE3.ossse3
+else
+OBJS += ../Crypto/blake2s_SSE41.o
+OBJS += ../Crypto/blake2s_SSSE3.o
+endif
+
OBJS += ../Crypto/Aeskey.o
@@ -76,3 +84,4 @@ OBJS += ../Crypto/Aestab.o
OBJS += ../Crypto/cpu.o
-OBJS += ../Crypto/Rmd160.o
+OBJS += ../Crypto/blake2s.o
+OBJS += ../Crypto/blake2s_SSE2.o
OBJS += ../Crypto/SerpentFast.o
@@ -83,3 +92,2 @@ OBJS += ../Crypto/Whirlpool.o
OBJS += ../Crypto/Camellia.o
-OBJS += ../Crypto/GostCipher.o
OBJS += ../Crypto/Streebog.o
diff --git a/src/Volume/VolumeLayout.cpp b/src/Volume/VolumeLayout.cpp
index 0eaed427..3045ba83 100644
--- a/src/Volume/VolumeLayout.cpp
+++ b/src/Volume/VolumeLayout.cpp
@@ -102,3 +102,2 @@ namespace VeraCrypt
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
- SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
@@ -148,3 +147,2 @@ namespace VeraCrypt
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
- SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
@@ -201,3 +199,2 @@ namespace VeraCrypt
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
- SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new GOST89 ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Kuznyechik ()));
@@ -231,6 +228,5 @@ namespace VeraCrypt
if (!truecryptMode)
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ()));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160_1000 (truecryptMode)));
- if (!truecryptMode)
{
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ()));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacBlake2s_Boot ()));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 (false)));