From e5a0bf22b17d7d6c92d7793bed5d63d0e9e72e4c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sat, 24 Aug 2024 17:53:44 +0200 Subject: Windows: Exclude Argon2 for System Encryption and from automatic detection Bootloader doesn't support Argon2 yet. We don't want to add overhead to automatic detection for now. --- src/Common/BootEncryption.cpp | 4 ++++ src/Common/Crypto.c | 5 +++++ src/Common/Crypto.h | 1 + src/Common/Dlgcode.c | 8 ++++++-- src/Common/Pkcs5.c | 4 ++++ src/Common/Random.c | 3 ++- src/Common/Volumes.c | 15 +++++++++++++++ src/Format/Tcformat.c | 4 ++-- src/Mount/Mount.c | 4 ++-- 9 files changed, 41 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index c22e5526..5b11aa72 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -1741,6 +1741,10 @@ namespace VeraCrypt if (!bIsGPT && pkcs5_prf != BLAKE2S && pkcs5_prf != SHA256) throw ParameterIncorrect (SRC_POS); + // we don't support Argon2 for system encryption for now + if (pkcs5_prf == ARGON2) + throw ParameterIncorrect (SRC_POS); + int bootSectorId = 0; int bootLoaderId = 0; diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index 4ed60c03..aea52d42 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -822,6 +822,11 @@ BOOL HashForSystemEncryption (int hashId) } +BOOL HashIsAvailable (int hashId) +{ + return (hashId != ARGON2) && (HashGet(hashId) != 0); // Argon2 is not a hash function +} + // Returns the largest key size needed by an EA for the specified mode of operation int EAGetLargestKeyForMode (int mode) { diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index bb66e307..b558e983 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -378,6 +378,7 @@ Hash *HashGet (int id); void HashGetName2 (wchar_t *buf, size_t bufLen, int hashId); BOOL HashIsDeprecated (int hashId); BOOL HashForSystemEncryption (int hashId); +BOOL HashIsAvailable (int hashId); int GetMaxPkcs5OutSize (void); #endif diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index a6874e5f..05aa813a 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -6289,6 +6289,10 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) { if (benchmarkPreBoot && !benchmarkGPT && !HashForSystemEncryption (thid)) continue; + + // we don't support Argon2 for system encryption + if (benchmarkPreBoot && thid == ARGON2) + continue; if (QueryPerformanceCounter (&performanceCountStart) == 0) goto counter_error; @@ -6800,7 +6804,7 @@ static BOOL CALLBACK RandomPoolEnrichementDlgProc (HWND hwndDlg, UINT msg, WPARA SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) { - if (!HashIsDeprecated (hid)) + if (!HashIsDeprecated (hid) && HashIsAvailable (hid)) AddComboPair (hComboBox, HashGetName(hid), hid); } SelectAlgo (hComboBox, &hash_algo); @@ -6995,7 +6999,7 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) { - if (!HashIsDeprecated (hid)) + if (!HashIsDeprecated (hid) && HashIsAvailable (hid)) AddComboPair (hComboBox, HashGetName(hid), hid); } SelectAlgo (hComboBox, &hash_algo); diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index 0369896c..3f237a66 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -1349,6 +1349,9 @@ int is_pkcs5_prf_supported (int pkcs5_prf_id, PRF_BOOT_TYPE bootType) || (bootType != PRF_BOOT_MBR && (pkcs5_prf_id < FIRST_PRF_ID || pkcs5_prf_id > LAST_PRF_ID)) ) return 0; + // we don't support Argon2 in pre-boot authentication + if ((bootType == PRF_BOOT_MBR || bootType == PRF_BOOT_GPT) && pkcs5_prf_id == ARGON2) + return 0; return 1; @@ -1358,6 +1361,7 @@ void derive_key_argon2(char *pwd, int pwd_len, char *salt, int salt_len, uint32 { //TODO: Implement Argon2 derivation // In case of failure, just fill the derived key dk with zeroes + memset(dk, 0, dklen); } void get_argon2_params(int pim, int* pIterations, int* pMemcost) diff --git a/src/Common/Random.c b/src/Common/Random.c index 1cfa6fcf..18292b31 100644 --- a/src/Common/Random.c +++ b/src/Common/Random.c @@ -364,7 +364,8 @@ BOOL Randmix () break; #ifndef WOLFCRYPT_BACKEND - case BLAKE2S: + case ARGON2: // in case of Argon2, we use Blake2s + case BLAKE2S: burn (&bctx, sizeof(bctx)); break; diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index a57a8319..0551f0b9 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -308,6 +308,14 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int // if a PRF is specified, we skip all other PRFs if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf) continue; + + // we don't support Argon2 in pre-boot authentication + if (bBoot && (enqPkcs5Prf == ARGON2)) + continue; + + // For now, we don't included Argon2 in automatic detection + if (selected_pkcs5_prf == 0 && enqPkcs5Prf == ARGON2) + continue; #if !defined(_UEFI) if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) @@ -923,6 +931,13 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, if (pim < 0) pim = 0; + // we don't support Argon2 in pre-boot authentication + if (bBoot && (pkcs5_prf == ARGON2)) + { + crypto_close (cryptoInfo); + return ERR_PARAMETER_INCORRECT; + } + memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); #if !defined(_UEFI) VirtualLock (&keyInfo, sizeof (keyInfo)); diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index 658d3797..3134c816 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -4195,7 +4195,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) { - if ((!HashIsDeprecated (hid)) && (bSystemIsGPT || HashForSystemEncryption (hid))) + if ((!HashIsDeprecated (hid)) && (bSystemIsGPT || HashForSystemEncryption (hid)) && (hid != ARGON2)) // We don't support Argon2 for system encryption AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid); } } @@ -5988,7 +5988,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa { HWND hHashAlgoItem = GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO); int selectedAlgo = (int) SendMessage (hHashAlgoItem, CB_GETITEMDATA, SendMessage (hHashAlgoItem, CB_GETCURSEL, 0, 0), 0); - if (!bSystemIsGPT && !HashForSystemEncryption(selectedAlgo)) + if ((!bSystemIsGPT && !HashForSystemEncryption(selectedAlgo)) || (selectedAlgo == ARGON2)) { hash_algo = DEFAULT_HASH_ALGORITHM_BOOT; RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT); diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index a851ebef..c2da8440 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -2749,7 +2749,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - if (new_hash_algo_id != 0 && !bSystemIsGPT && !HashForSystemEncryption(new_hash_algo_id)) + if (new_hash_algo_id != 0 && (!bSystemIsGPT && !HashForSystemEncryption(new_hash_algo_id)) || (new_hash_algo_id == ARGON2)) { int new_hash_algo_id = DEFAULT_HASH_ALGORITHM_BOOT; Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); @@ -3094,7 +3094,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) { - if (bSystemIsGPT || HashForSystemEncryption(i)) + if ((bSystemIsGPT || HashForSystemEncryption(i)) && (i != ARGON2)) { nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); -- cgit v1.2.3