From e5a0bf22b17d7d6c92d7793bed5d63d0e9e72e4c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sat, 24 Aug 2024 17:53:44 +0200 Subject: Windows: Exclude Argon2 for System Encryption and from automatic detection Bootloader doesn't support Argon2 yet. We don't want to add overhead to automatic detection for now. --- src/Common/BootEncryption.cpp | 4 ++++ src/Common/Crypto.c | 5 +++++ src/Common/Crypto.h | 1 + src/Common/Dlgcode.c | 8 ++++++-- src/Common/Pkcs5.c | 4 ++++ src/Common/Random.c | 3 ++- src/Common/Volumes.c | 15 +++++++++++++++ 7 files changed, 37 insertions(+), 3 deletions(-) (limited to 'src/Common') diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index c22e5526..5b11aa72 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -1741,6 +1741,10 @@ namespace VeraCrypt if (!bIsGPT && pkcs5_prf != BLAKE2S && pkcs5_prf != SHA256) throw ParameterIncorrect (SRC_POS); + // we don't support Argon2 for system encryption for now + if (pkcs5_prf == ARGON2) + throw ParameterIncorrect (SRC_POS); + int bootSectorId = 0; int bootLoaderId = 0; diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index 4ed60c03..aea52d42 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -822,6 +822,11 @@ BOOL HashForSystemEncryption (int hashId) } +BOOL HashIsAvailable (int hashId) +{ + return (hashId != ARGON2) && (HashGet(hashId) != 0); // Argon2 is not a hash function +} + // Returns the largest key size needed by an EA for the specified mode of operation int EAGetLargestKeyForMode (int mode) { diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index bb66e307..b558e983 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -378,6 +378,7 @@ Hash *HashGet (int id); void HashGetName2 (wchar_t *buf, size_t bufLen, int hashId); BOOL HashIsDeprecated (int hashId); BOOL HashForSystemEncryption (int hashId); +BOOL HashIsAvailable (int hashId); int GetMaxPkcs5OutSize (void); #endif diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index a6874e5f..05aa813a 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -6289,6 +6289,10 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) { if (benchmarkPreBoot && !benchmarkGPT && !HashForSystemEncryption (thid)) continue; + + // we don't support Argon2 for system encryption + if (benchmarkPreBoot && thid == ARGON2) + continue; if (QueryPerformanceCounter (&performanceCountStart) == 0) goto counter_error; @@ -6800,7 +6804,7 @@ static BOOL CALLBACK RandomPoolEnrichementDlgProc (HWND hwndDlg, UINT msg, WPARA SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) { - if (!HashIsDeprecated (hid)) + if (!HashIsDeprecated (hid) && HashIsAvailable (hid)) AddComboPair (hComboBox, HashGetName(hid), hid); } SelectAlgo (hComboBox, &hash_algo); @@ -6995,7 +6999,7 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) { - if (!HashIsDeprecated (hid)) + if (!HashIsDeprecated (hid) && HashIsAvailable (hid)) AddComboPair (hComboBox, HashGetName(hid), hid); } SelectAlgo (hComboBox, &hash_algo); diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index 0369896c..3f237a66 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -1349,6 +1349,9 @@ int is_pkcs5_prf_supported (int pkcs5_prf_id, PRF_BOOT_TYPE bootType) || (bootType != PRF_BOOT_MBR && (pkcs5_prf_id < FIRST_PRF_ID || pkcs5_prf_id > LAST_PRF_ID)) ) return 0; + // we don't support Argon2 in pre-boot authentication + if ((bootType == PRF_BOOT_MBR || bootType == PRF_BOOT_GPT) && pkcs5_prf_id == ARGON2) + return 0; return 1; @@ -1358,6 +1361,7 @@ void derive_key_argon2(char *pwd, int pwd_len, char *salt, int salt_len, uint32 { //TODO: Implement Argon2 derivation // In case of failure, just fill the derived key dk with zeroes + memset(dk, 0, dklen); } void get_argon2_params(int pim, int* pIterations, int* pMemcost) diff --git a/src/Common/Random.c b/src/Common/Random.c index 1cfa6fcf..18292b31 100644 --- a/src/Common/Random.c +++ b/src/Common/Random.c @@ -364,7 +364,8 @@ BOOL Randmix () break; #ifndef WOLFCRYPT_BACKEND - case BLAKE2S: + case ARGON2: // in case of Argon2, we use Blake2s + case BLAKE2S: burn (&bctx, sizeof(bctx)); break; diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index a57a8319..0551f0b9 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -308,6 +308,14 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int // if a PRF is specified, we skip all other PRFs if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf) continue; + + // we don't support Argon2 in pre-boot authentication + if (bBoot && (enqPkcs5Prf == ARGON2)) + continue; + + // For now, we don't included Argon2 in automatic detection + if (selected_pkcs5_prf == 0 && enqPkcs5Prf == ARGON2) + continue; #if !defined(_UEFI) if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) @@ -923,6 +931,13 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, if (pim < 0) pim = 0; + // we don't support Argon2 in pre-boot authentication + if (bBoot && (pkcs5_prf == ARGON2)) + { + crypto_close (cryptoInfo); + return ERR_PARAMETER_INCORRECT; + } + memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); #if !defined(_UEFI) VirtualLock (&keyInfo, sizeof (keyInfo)); -- cgit v1.2.3