De-TrueCrypt'ization: Phase 1.

This commit is contained in:
OBattler
2026-01-18 07:53:50 +01:00
parent 246b16e098
commit 38b6712eca
24 changed files with 164 additions and 1330 deletions

View File

@@ -9,12 +9,9 @@
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#include "tcdefs.h"
#include "crc.h"
#include "../common/endian.h"
#ifndef TC_MINIMIZE_CODE_SIZE
/* CRC polynomial 0x04c11db7 */
uint32_t crc_32_tab[]=
{
@@ -96,38 +93,3 @@ int crc32_selftests (void)
return bSuccess;
}
#else // TC_MINIMIZE_CODE_SIZE
uint32_t GetCrc32 (unsigned char *data, int length)
{
uint32_t r = 0xFFFFFFFFUL;
int i, b;
for (i = 0; i < length; ++i)
{
r ^= data[i];
for (b = 0; b < 8; ++b)
{
if ((unsigned __int8) r & 1)
r = (r >> 1) ^ 0xEDB88320UL;
else
r >>= 1;
}
}
return r ^ 0xFFFFFFFFUL;
}
int crc32_selftests ()
{
unsigned __int8 testData[32];
unsigned __int8 i;
for (i = 0; i < sizeof (testData); ++i)
testData[i] = i;
return GetCrc32 (testData, sizeof (testData)) == 0x91267E8AUL;
}
#endif // TC_MINIMIZE_CODE_SIZE

View File

@@ -9,13 +9,11 @@
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#ifndef TC_HEADER_CRC
#define TC_HEADER_CRC
#ifndef HEADER_CRC
#define HEADER_CRC
#include <inttypes.h>
#include "tcdefs.h"
#if defined(__cplusplus)
extern "C"
{
@@ -34,4 +32,4 @@ extern uint32_t crc_32_tab[];
}
#endif
#endif // TC_HEADER_CRC
#endif // HEADER_CRC

View File

@@ -9,7 +9,6 @@
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#include "tcdefs.h"
#include "crypto.h"
#include "xts.h"
#include "crc.h"
@@ -206,7 +205,7 @@ void EncipherBlock(int cipher, void *data, void *ks)
case CAST: CAST_ecb_encrypt (data, data, ks, 1); break; // Deprecated/legacy
case TRIPLEDES: des_ecb3_encrypt (data, data, ks, // Deprecated/legacy
(void*)((char*) ks + CipherGetKeyScheduleSize (DES56)), (void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 1); break;
default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
default: fatal("EncipherBlock(): Unknown/wrong ID\n"); // Unknown/wrong ID
}
}
@@ -226,7 +225,7 @@ void DecipherBlock(int cipher, void *data, void *ks)
case TRIPLEDES: des_ecb3_encrypt (data, data, ks, // Deprecated/legacy
(void*)((char*) ks + CipherGetKeyScheduleSize (DES56)),
(void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 0); break;
default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
default: fatal("DecipherBlock(): Unknown/wrong ID\n"); // Unknown/wrong ID
}
}
@@ -344,7 +343,7 @@ int EAInitMode (PCRYPTO_INFO ci)
return Gf128Tab64Init (ci->k2, &ci->gf_ctx);
default:
TC_THROW_FATAL_EXCEPTION;
fatal("EAInitMode(): Fatal exception\n");
}
break;
@@ -357,7 +356,7 @@ int EAInitMode (PCRYPTO_INFO ci)
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
fatal("EAInitMode(): Unknown/wrong ID\n");
}
return 1;
}
@@ -635,7 +634,7 @@ int HashIsDeprecated (int hashId)
PCRYPTO_INFO crypto_open (void)
{
/* Do the crt allocation */
PCRYPTO_INFO cryptoInfo = (PCRYPTO_INFO) TCalloc (sizeof (CRYPTO_INFO));
PCRYPTO_INFO cryptoInfo = (PCRYPTO_INFO) malloc (sizeof (CRYPTO_INFO));
memset (cryptoInfo, 0, sizeof (CRYPTO_INFO));
if (cryptoInfo == NULL)
@@ -648,21 +647,17 @@ PCRYPTO_INFO crypto_open (void)
void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen)
{
keyInfo->keyLength = nUserKeyLen;
burn (keyInfo->userKey, sizeof (keyInfo->userKey));
memset (keyInfo->userKey, 0x00, sizeof (keyInfo->userKey));
memcpy (keyInfo->userKey, lpszUserKey, nUserKeyLen);
}
void crypto_close (PCRYPTO_INFO cryptoInfo)
{
if (cryptoInfo != NULL)
{
burn (cryptoInfo, sizeof (CRYPTO_INFO));
TCfree (cryptoInfo);
}
free (cryptoInfo);
}
#ifndef TC_NO_COMPILER_INT64
void Xor128 (uint64_t *a, uint64_t *b)
{
*a++ ^= *b++;
@@ -691,7 +686,7 @@ void EncryptBufferLRW128 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64(blockIndex);
if (length % 16)
TC_THROW_FATAL_EXCEPTION;
fatal("EncryptBufferLRW128(): Length not divisible by 16\n");
// Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
@@ -727,7 +722,7 @@ void EncryptBufferLRW128 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64 ( BE64(*(uint64_t *)i) + 1 );
}
FAST_ERASE64 (t, sizeof(t));
memset (t, 0x00, sizeof(t));
}
@@ -745,7 +740,7 @@ void EncryptBufferLRW64 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64(blockIndex);
if (length % 8)
TC_THROW_FATAL_EXCEPTION;
fatal("EncryptBufferLRW64(): Length not divisible by 8\n");
for (b = 0; b < length >> 3; b++)
{
@@ -764,7 +759,7 @@ void EncryptBufferLRW64 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64 ( BE64(*(uint64_t *)i) + 1 );
}
FAST_ERASE64 (t, sizeof(t));
memset (t, 0x00, sizeof(t));
}
@@ -783,7 +778,7 @@ void DecryptBufferLRW128 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64(blockIndex);
if (length % 16)
TC_THROW_FATAL_EXCEPTION;
fatal("DecryptufferLRW128(): Length not divisible by 16\n");
// Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
@@ -820,7 +815,7 @@ void DecryptBufferLRW128 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64 ( BE64(*(uint64_t *)i) + 1 );
}
FAST_ERASE64 (t, sizeof(t));
memset (t, 0x00, sizeof(t));
}
@@ -839,7 +834,7 @@ void DecryptBufferLRW64 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64(blockIndex);
if (length % 8)
TC_THROW_FATAL_EXCEPTION;
fatal("DecryptufferLRW64(): Length not divisible by 64\n");
for (b = 0; b < length >> 3; b++)
{
@@ -858,7 +853,7 @@ void DecryptBufferLRW64 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
*(uint64_t *)i = BE64 ( BE64(*(uint64_t *)i) + 1 );
}
FAST_ERASE64 (t, sizeof(t));
memset (t, 0x00, sizeof(t));
}
@@ -910,7 +905,7 @@ InitSectorIVAndWhitening (uint64_t unitNo,
break;
default:
TC_THROW_FATAL_EXCEPTION;
fatal("InitSectorIVAndWhitening(): Invalid length: %i\n", blockSize);
}
}
@@ -941,7 +936,7 @@ EncryptBufferCBC (uint32_t *data,
int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
if (len % blockSize)
TC_THROW_FATAL_EXCEPTION;
fatal("EncryptBufferCBC(): Length not divisible by %i\n", blockSize);
// IV
bufIV[0] = iv[0];
@@ -1031,7 +1026,7 @@ DecryptBufferCBC (uint32_t *data,
int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
if (len % blockSize)
TC_THROW_FATAL_EXCEPTION;
fatal("DecryptBufferCBC(): Length not divisible by %i\n", blockSize);
// IV
bufIV[0] = iv[0];
@@ -1104,7 +1099,6 @@ DecryptBufferCBC (uint32_t *data,
data += blockSize / sizeof(*data);
}
}
#endif // #ifndef TC_NO_COMPILER_INT64
// EncryptBuffer
@@ -1113,7 +1107,7 @@ DecryptBufferCBC (uint32_t *data,
// len: number of bytes to encrypt; must be divisible by the block size (for cascaded
// ciphers divisible by the largest block size used within the cascade)
void EncryptBuffer (uint8_t *buf,
TC_LARGEST_COMPILER_UINT len,
uint64_t len,
PCRYPTO_INFO cryptoInfo)
{
switch (cryptoInfo->mode)
@@ -1143,7 +1137,6 @@ void EncryptBuffer (uint8_t *buf,
}
break;
#ifndef TC_NO_COMPILER_INT64
case LRW:
/* Deprecated/legacy */
@@ -1159,7 +1152,7 @@ void EncryptBuffer (uint8_t *buf,
break;
default:
TC_THROW_FATAL_EXCEPTION;
fatal("EncryptBuffer(): Invalid length: %i\n", CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)));
}
break;
@@ -1201,167 +1194,20 @@ void EncryptBuffer (uint8_t *buf,
0);
break;
#endif // #ifndef TC_NO_COMPILER_INT64
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
fatal("EncryptBuffer(): Unknown/wrong ID\n");
}
}
// #ifndef TC_NO_COMPILER_INT64
// // Converts a data unit number to the index of the first LRW block in the data unit.
// // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
// uint64_t DataUnit2LRWIndex (uint64_t dataUnit, int blockSize, PCRYPTO_INFO ci)
// {
// /* Deprecated/legacy */
// if (ci->hiddenVolume)
// dataUnit -= ci->hiddenVolumeOffset / ENCRYPTION_DATA_UNIT_SIZE;
// else
// dataUnit -= HEADER_SIZE / ENCRYPTION_DATA_UNIT_SIZE; // Compensate for the volume header size
// switch (blockSize)
// {
// case 8:
// return (dataUnit << 6) | 1;
// case 16:
// return (dataUnit << 5) | 1;
// default:
// TC_THROW_FATAL_EXCEPTION;
// }
// return 0;
// }
// #endif // #ifndef TC_NO_COMPILER_INT64
// // buf: data to be encrypted
// // unitNo: sequential number of the data unit with which the buffer starts
// // nbrUnits: number of data units in the buffer
// void EncryptDataUnits (uint8_t *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci)
// {
// int ea = ci->ea;
// uint8_t *ks = ci->ks;
// uint8_t *ks2 = ci->ks2;
// int cipher;
// #ifndef TC_NO_COMPILER_INT64
// void *iv = ci->k2; // Deprecated/legacy
// uint64_t unitNo = structUnitNo->Value;
// uint64_t *iv64 = (uint64_t *) iv; // Deprecated/legacy
// uint32_t sectorIV[4]; // Deprecated/legacy
// uint32_t secWhitening[2]; // Deprecated/legacy
// #endif
// switch (ci->mode)
// {
// case XTS:
// for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
// {
// EncryptBufferXTS (buf,
// nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
// structUnitNo,
// 0,
// ks,
// ks2,
// cipher);
// ks += CipherGetKeyScheduleSize (cipher);
// ks2 += CipherGetKeyScheduleSize (cipher);
// }
// break;
// #ifndef TC_NO_COMPILER_INT64
// case LRW:
// /* Deprecated/legacy */
// switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
// {
// case 8:
// EncryptBufferLRW64 (buf,
// (uint64_t) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
// DataUnit2LRWIndex (unitNo, 8, ci),
// ci);
// break;
// case 16:
// EncryptBufferLRW128 (buf,
// (uint64_t) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
// DataUnit2LRWIndex (unitNo, 16, ci),
// ci);
// break;
// default:
// TC_THROW_FATAL_EXCEPTION;
// }
// break;
// case CBC:
// case INNER_CBC:
// /* Deprecated/legacy */
// while (nbrUnits--)
// {
// for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
// {
// InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
// EncryptBufferCBC ((uint32_t *) buf,
// ENCRYPTION_DATA_UNIT_SIZE,
// ks,
// sectorIV,
// secWhitening,
// 0,
// cipher);
// ks += CipherGetKeyScheduleSize (cipher);
// }
// ks -= EAGetKeyScheduleSize (ea);
// buf += ENCRYPTION_DATA_UNIT_SIZE;
// unitNo++;
// }
// break;
// case OUTER_CBC:
// /* Deprecated/legacy */
// while (nbrUnits--)
// {
// InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
// EncryptBufferCBC ((uint32_t *) buf,
// ENCRYPTION_DATA_UNIT_SIZE,
// ks,
// sectorIV,
// secWhitening,
// ea,
// 0);
// buf += ENCRYPTION_DATA_UNIT_SIZE;
// unitNo++;
// }
// break;
// #endif // #ifndef TC_NO_COMPILER_INT64
// default:
// // Unknown/wrong ID
// TC_THROW_FATAL_EXCEPTION;
// }
// }
// DecryptBuffer
//
// buf: data to be decrypted
// len: number of bytes to decrypt; must be divisible by the block size (for cascaded
// ciphers divisible by the largest block size used within the cascade)
void DecryptBuffer (uint8_t *buf,
TC_LARGEST_COMPILER_UINT len,
uint64_t len,
uint32_t secSz,
uint64_t secN,
uint8_t flags,
@@ -1398,7 +1244,6 @@ void DecryptBuffer (uint8_t *buf,
}
break;
#ifndef TC_NO_COMPILER_INT64
case LRW:
{
uint32_t n = 0;
@@ -1416,7 +1261,7 @@ void DecryptBuffer (uint8_t *buf,
break;
default:
TC_THROW_FATAL_EXCEPTION;
fatal("DecryptBuffer(): Invalid length: %i\n", CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)));
}
break;
}
@@ -1503,136 +1348,13 @@ void DecryptBuffer (uint8_t *buf,
}
break;
#endif // #ifndef TC_NO_COMPILER_INT64
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
fatal("DecryptBuffer(): Unknown/wrong ID\n");
}
}
// // buf: data to be decrypted
// // unitNo: sequential number of the data unit with which the buffer starts
// // nbrUnits: number of data units in the buffer
// void DecryptDataUnits (uint8_t *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci)
// {
// int ea = ci->ea;
// uint8_t *ks = ci->ks;
// uint8_t *ks2 = ci->ks2;
// int cipher;
// #ifndef TC_NO_COMPILER_INT64
// void *iv = ci->k2; // Deprecated/legacy
// uint64_t unitNo = structUnitNo->Value;
// uint64_t *iv64 = (uint64_t *) iv; // Deprecated/legacy
// uint32_t sectorIV[4]; // Deprecated/legacy
// uint32_t secWhitening[2]; // Deprecated/legacy
// #endif // #ifndef TC_NO_COMPILER_INT64
// switch (ci->mode)
// {
// case XTS:
// ks += EAGetKeyScheduleSize (ea);
// ks2 += EAGetKeyScheduleSize (ea);
// for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
// {
// ks -= CipherGetKeyScheduleSize (cipher);
// ks2 -= CipherGetKeyScheduleSize (cipher);
// DecryptBufferXTS (buf,
// nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
// structUnitNo,
// 0,
// ks,
// ks2,
// cipher);
// }
// break;
// #ifndef TC_NO_COMPILER_INT64
// case LRW:
// /* Deprecated/legacy */
// switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
// {
// case 8:
// DecryptBufferLRW64 (buf,
// (uint64_t) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
// DataUnit2LRWIndex (unitNo, 8, ci),
// ci);
// break;
// case 16:
// DecryptBufferLRW128 (buf,
// (uint64_t) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
// DataUnit2LRWIndex (unitNo, 16, ci),
// ci);
// break;
// default:
// TC_THROW_FATAL_EXCEPTION;
// }
// break;
// case CBC:
// case INNER_CBC:
// /* Deprecated/legacy */
// while (nbrUnits--)
// {
// ks += EAGetKeyScheduleSize (ea);
// for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
// {
// InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
// ks -= CipherGetKeyScheduleSize (cipher);
// DecryptBufferCBC ((uint32_t *) buf,
// ENCRYPTION_DATA_UNIT_SIZE,
// ks,
// sectorIV,
// secWhitening,
// 0,
// cipher);
// }
// buf += ENCRYPTION_DATA_UNIT_SIZE;
// unitNo++;
// }
// break;
// case OUTER_CBC:
// /* Deprecated/legacy */
// while (nbrUnits--)
// {
// InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
// DecryptBufferCBC ((uint32_t *) buf,
// ENCRYPTION_DATA_UNIT_SIZE,
// ks,
// sectorIV,
// secWhitening,
// ea,
// 0);
// buf += ENCRYPTION_DATA_UNIT_SIZE;
// unitNo++;
// }
// break;
// #endif // #ifndef TC_NO_COMPILER_INT64
// default:
// // Unknown/wrong ID
// TC_THROW_FATAL_EXCEPTION;
// }
// }
// Returns the maximum number of bytes necessary to be generated by the PBKDF2 (PKCS #5)
int GetMaxPkcs5OutSize (void)
{

View File

@@ -28,7 +28,19 @@
#define CRYPTO_H
#include <inttypes.h>
#include "tcdefs.h"
enum
{
ERR_SUCCESS = 0,
ERR_OUTOFMEMORY = 2,
ERR_PASSWORD_WRONG,
ERR_CIPHER_INIT_FAILURE = 17,
ERR_CIPHER_INIT_WEAK_KEY,
ERR_MODE_INIT_FAILED = 27
};
#ifdef __cplusplus
extern "C" {
@@ -171,11 +183,7 @@ typedef struct
#define PRAND_DISK_WIPE_PASSES 200
#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES)
# include "../crypto/aes.h"
#else
# include "../crypto/aesSmall.h"
#endif
#include "../crypto/blowfish.h"
#include "../crypto/cast.h"
@@ -278,12 +286,8 @@ int HashIsDeprecated (int hashId);
int GetMaxPkcs5OutSize (void);
//void EncryptDataUnits (uint8_t *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci);
//void DecryptDataUnits (uint8_t *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci);
void EncryptBuffer (uint8_t *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo);
void DecryptBuffer (uint8_t *buf, TC_LARGEST_COMPILER_UINT len, uint32_t secSz, uint64_t secN, uint8_t flags, PCRYPTO_INFO cryptoInfo);
#ifndef TC_NO_COMPILER_INT64
void EncryptBuffer (uint8_t *buf, uint64_t len, PCRYPTO_INFO cryptoInfo);
void DecryptBuffer (uint8_t *buf, uint64_t len, uint32_t secSz, uint64_t secN, uint8_t flags, PCRYPTO_INFO cryptoInfo);
void Xor128 (uint64_t *a, uint64_t *b);
void Xor64 (uint64_t *a, uint64_t *b);
@@ -294,8 +298,6 @@ void EncryptBufferLRW64 (uint8_t *buffer, uint64_t length, uint64_t blockIndex,
void DecryptBufferLRW64 (uint8_t *buffer, uint64_t length, uint64_t blockIndex, PCRYPTO_INFO cryptoInfo);
void InitSectorIVAndWhitening (uint64_t unitNo, int blockSize, uint32_t *iv, uint64_t *ivSeed, uint32_t *whitening);
//uint64_t DataUnit2LRWIndex (uint64_t dataUnit, int blockSize, PCRYPTO_INFO ci);
#endif // #ifndef TC_NO_COMPILER_INT64
#ifdef __cplusplus
}

View File

@@ -9,7 +9,6 @@
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#include "tcdefs.h"
#include "../common/endian.h"
@@ -27,7 +26,6 @@ uint32_t MirrorBytes32 (uint32_t x)
return (n << 8) | (uint8_t) (x >> 24);
}
#ifndef TC_NO_COMPILER_INT64
uint64_t MirrorBytes64 (uint64_t x)
{
uint64_t n = (uint8_t) x;
@@ -39,7 +37,6 @@ uint64_t MirrorBytes64 (uint64_t x)
n <<= 8; n |= (uint8_t) (x >> 48);
return (n << 8) | (uint8_t) (x >> 56);
}
#endif
void
LongReverse (uint32_t *buffer, unsigned byteCount)

View File

@@ -9,8 +9,8 @@
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#ifndef TC_ENDIAN_H
#define TC_ENDIAN_H
#ifndef ENDIAN_H
#define ENDIAN_H
#include <inttypes.h>
@@ -19,6 +19,11 @@ extern "C"
{
#endif
#define uint16 uint16_t
#define uint32 uint32_t
#define uint64 uint64_t
#ifdef _WIN32
# ifndef LITTLE_ENDIAN
@@ -30,9 +35,9 @@ extern "C"
#elif !defined(BYTE_ORDER)
# if defined (__APPLE__) || defined (TC_MACOSX)
# if defined (__APPLE__)
# include <machine/endian.h>
# elif defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__DragonFly__) || defined (TC_BSD)
# elif defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__DragonFly__)
# include <sys/endian.h>
# else
# include <endian.h>
@@ -126,13 +131,11 @@ extern "C"
uint16_t MirrorBytes16 (uint16_t x);
uint32_t MirrorBytes32 (uint32_t x);
#ifndef TC_NO_COMPILER_INT64
uint64_t MirrorBytes64 (uint64_t x);
#endif
void LongReverse ( uint32_t *buffer , unsigned byteCount );
#if defined(__cplusplus)
}
#endif
#endif /* TC_ENDIAN_H */
#endif /* ENDIAN_H */

View File

@@ -49,7 +49,6 @@
#include <stdlib.h>
#include <inttypes.h>
#include "gfmul.h"
#include "tcdefs.h"
#include "../common/endian.h"
/* BUFFER_ALIGN32 or BUFFER_ALIGN64 must be defined at this point to */
@@ -595,7 +594,6 @@ void MirrorBits128 (uint8_t *a)
SetBit128 (127 - i, t);
}
memcpy (a, t, sizeof (t));
burn (t,sizeof (t));
}
void MirrorBits64 (uint8_t *a)
@@ -609,7 +607,6 @@ void MirrorBits64 (uint8_t *a)
SetBit64 (63 - i, t);
}
memcpy (a, t, sizeof (t));
burn (t,sizeof (t));
}
/* Allocate and initialize speed optimization table
@@ -620,7 +617,7 @@ int Gf128Tab64Init (uint8_t *a, GfCtx *ctx)
uint8_t am[16];
int i, j;
ctx8k = (GfCtx8k *) TCalloc (sizeof (GfCtx8k));
ctx8k = (GfCtx8k *) malloc (sizeof (GfCtx8k));
if (!ctx8k)
return 0;
@@ -644,9 +641,7 @@ int Gf128Tab64Init (uint8_t *a, GfCtx *ctx)
}
}
burn (ctx8k ,sizeof (*ctx8k));
burn (am, sizeof (am));
TCfree (ctx8k);
free (ctx8k);
return 1;
}
@@ -658,7 +653,7 @@ int Gf64TabInit (uint8_t *a, GfCtx *ctx)
uint8_t am[8];
int i, j;
ctx4k = (GfCtx4k64 *) TCalloc (sizeof (GfCtx4k64));
ctx4k = (GfCtx4k64 *) malloc (sizeof (GfCtx4k64));
if (!ctx4k)
return 0;
@@ -682,9 +677,7 @@ int Gf64TabInit (uint8_t *a, GfCtx *ctx)
}
}
burn (ctx4k,sizeof (*ctx4k));
burn (am, sizeof (am));
TCfree (ctx4k);
free (ctx4k);
return 1;
}
@@ -842,7 +835,7 @@ int GfMulSelfTest (void)
uint8_t b[16];
uint8_t p1[16];
uint8_t p2[16];
GfCtx *gfCtx = (GfCtx *) TCalloc (sizeof (GfCtx));
GfCtx *gfCtx = (GfCtx *) malloc (sizeof (GfCtx));
int i, j;
if (!gfCtx)
@@ -884,7 +877,7 @@ int GfMulSelfTest (void)
result = 0;
}
TCfree (gfCtx);
free (gfCtx);
return result;
}

View File

@@ -32,8 +32,6 @@
#include <inttypes.h>
#include "tcdefs.h"
#if defined(__cplusplus)
extern "C"
{

View File

@@ -9,8 +9,6 @@
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#include "tcdefs.h"
#include <memory.h>
#include "../crypto/rmd160.h"
#include "../crypto/sha1.h"
@@ -61,7 +59,7 @@ void hmac_sha512
k = key;
lk = SHA512_DIGESTSIZE;
burn (&tctx, sizeof(tctx)); // Prevent leaks
memset (&tctx, 0x00, sizeof(tctx)); // Prevent leaks
}
/**** Inner Digest ****/
@@ -98,12 +96,12 @@ void hmac_sha512
hmac_truncate (osha, out, t);
/* Prevent leaks */
burn (&ictx, sizeof(ictx));
burn (&octx, sizeof(octx));
burn (isha, sizeof(isha));
burn (osha, sizeof(osha));
burn (buf, sizeof(buf));
burn (key, sizeof(key));
memset (&ictx, 0x00, sizeof(ictx));
memset (&octx, 0x00, sizeof(octx));
memset (isha, 0x00, sizeof(isha));
memset (osha, 0x00, sizeof(osha));
memset (buf, 0x00, sizeof(buf));
memset (key, 0x00, sizeof(key));
}
@@ -134,8 +132,8 @@ void derive_u_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int iter
}
/* Prevent possible leaks. */
burn (j, sizeof(j));
burn (k, sizeof(k));
memset (j, 0x00, sizeof(j));
memset (k, 0x00, sizeof(k));
}
@@ -169,7 +167,7 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int it
/* Prevent possible leaks. */
burn (u, sizeof(u));
memset (u, 0x00, sizeof(u));
}
@@ -203,7 +201,7 @@ void hmac_sha1
k = key;
lk = SHA1_DIGESTSIZE;
burn (&tctx, sizeof(tctx)); // Prevent leaks
memset (&tctx, 0x00, sizeof(tctx)); // Prevent leaks
}
/**** Inner Digest ****/
@@ -240,12 +238,12 @@ void hmac_sha1
hmac_truncate (osha, out, t);
/* Prevent leaks */
burn (&ictx, sizeof(ictx));
burn (&octx, sizeof(octx));
burn (isha, sizeof(isha));
burn (osha, sizeof(osha));
burn (buf, sizeof(buf));
burn (key, sizeof(key));
memset (&ictx, 0x00, sizeof(ictx));
memset (&octx, 0x00, sizeof(octx));
memset (isha, 0x00, sizeof(isha));
memset (osha, 0x00, sizeof(osha));
memset (buf, 0x00, sizeof(buf));
memset (key, 0x00, sizeof(key));
}
@@ -277,8 +275,8 @@ void derive_u_sha1 (char *pwd, int pwd_len, char *salt, int salt_len, int iterat
}
/* Prevent possible leaks. */
burn (j, sizeof(j));
burn (k, sizeof(k));
memset (j, 0x00, sizeof(j));
memset (k, 0x00, sizeof(k));
}
@@ -313,7 +311,7 @@ void derive_key_sha1 (char *pwd, int pwd_len, char *salt, int salt_len, int iter
/* Prevent possible leaks. */
burn (u, sizeof(u));
memset (u, 0x00, sizeof(u));
}
@@ -338,7 +336,7 @@ void hmac_ripemd160 (char *key, int keylen, char *input, int len, char *digest)
key = (char *) tk;
keylen = RIPEMD160_DIGESTSIZE;
burn (&tctx, sizeof(tctx)); // Prevent leaks
memset (&tctx, 0x00, sizeof(tctx)); // Prevent leaks
}
/*
@@ -377,10 +375,10 @@ void hmac_ripemd160 (char *key, int keylen, char *input, int len, char *digest)
RMD160Final((uint8_t *) digest, &context); /* finish up 2nd pass */
/* Prevent possible leaks. */
burn (k_ipad, sizeof(k_ipad));
burn (k_opad, sizeof(k_opad));
burn (tk, sizeof(tk));
burn (&context, sizeof(context));
memset (k_ipad, 0x00, sizeof(k_ipad));
memset (k_opad, 0x00, sizeof(k_opad));
memset (tk, 0x00, sizeof(tk));
memset (&context, 0x00, sizeof(context));
}
void derive_u_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b)
@@ -410,8 +408,8 @@ void derive_u_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int i
}
/* Prevent possible leaks. */
burn (j, sizeof(j));
burn (k, sizeof(k));
memset (j, 0x00, sizeof(j));
memset (k, 0x00, sizeof(k));
}
void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
@@ -444,7 +442,7 @@ void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int
/* Prevent possible leaks. */
burn (u, sizeof(u));
memset (u, 0x00, sizeof(u));
}
void hmac_whirlpool
@@ -476,7 +474,7 @@ void hmac_whirlpool
k = key;
lk = WHIRLPOOL_DIGESTSIZE;
burn (&tctx, sizeof(tctx)); // Prevent leaks
memset (&tctx, 0x00, sizeof(tctx)); // Prevent leaks
}
/**** Inner Digest ****/
@@ -513,12 +511,12 @@ void hmac_whirlpool
hmac_truncate (owhi, out, t);
/* Prevent possible leaks. */
burn (&ictx, sizeof(ictx));
burn (&octx, sizeof(octx));
burn (owhi, sizeof(owhi));
burn (iwhi, sizeof(iwhi));
burn (buf, sizeof(buf));
burn (key, sizeof(key));
memset (&ictx, 0x00, sizeof(ictx));
memset (&octx, 0x00, sizeof(octx));
memset (owhi, 0x00, sizeof(owhi));
memset (iwhi, 0x00, sizeof(iwhi));
memset (buf, 0x00, sizeof(buf));
memset (key, 0x00, sizeof(key));
}
void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b)
@@ -548,8 +546,8 @@ void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int i
}
/* Prevent possible leaks. */
burn (j, sizeof(j));
burn (k, sizeof(k));
memset (j, 0x00, sizeof(j));
memset (k, 0x00, sizeof(k));
}
void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
@@ -582,7 +580,7 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int
/* Prevent possible leaks. */
burn (u, sizeof(u));
memset (u, 0x00, sizeof(u));
}
@@ -625,7 +623,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int bBoot)
return 1000;
default:
TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
fatal("get_pkcs5_iteration_count(): Unknown/wrong ID\n"); // Unknown/wrong ID
}
return 0;
}

View File

@@ -9,10 +9,8 @@
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#ifndef TC_HEADER_PKCS5
#define TC_HEADER_PKCS5
#include "tcdefs.h"
#ifndef HEADER_PKCS5
#define HEADER_PKCS5
#if defined(__cplusplus)
extern "C"
@@ -38,4 +36,4 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id);
}
#endif
#endif // TC_HEADER_PKCS5
#endif // HEADER_PKCS5

View File

@@ -1,174 +0,0 @@
/*
Legal Notice: Some portions of the source code contained in this file were
derived from the source code of Encryption for the Masses 2.02a, which is
Copyright (c) 1998-2000 Paul Le Roux and which is governed by the 'License
Agreement for Encryption for the Masses'. Modifications and additions to
the original source code (contained in this file) and all other portions of
this file are Copyright (c) 2003-2008 TrueCrypt Foundation and are governed
by the TrueCrypt License 2.4 the full text of which is contained in the
file License.txt included in TrueCrypt binary and source code distribution
packages. */
#ifndef TCDEFS_H
#define TCDEFS_H
#include <inttypes.h>
#include <stdio.h>
#include <stdlib.h>
#include <86box/86box.h>
#define TC_APP_NAME "TrueCrypt"
// Version displayed to user
#define VERSION_STRING "5.1a"
// Version number to compare against driver
#define VERSION_NUM 0x051a
// Version number written to volume header during format,
// specifies the minimum program version required to mount the volume
#define VOL_REQ_PROG_VERSION 0x0500
// Volume header version
#define VOLUME_HEADER_VERSION 0x0003
// Sector size of encrypted filesystem, which may differ from sector size
// of host filesystem/device (this is fully supported since v4.3).
#define SECTOR_SIZE 512
#define BYTES_PER_KB 1024LL
#define BYTES_PER_MB 1048576LL
#define BYTES_PER_GB 1073741824LL
#define BYTES_PER_TB 1099511627776LL
#define BYTES_PER_PB 1125899906842624LL
/* GUI/driver errors */
#define MAX_128BIT_BLOCK_VOLUME_SIZE BYTES_PER_PB // Security bound (128-bit block XTS mode)
#define MAX_VOLUME_SIZE_GENERAL 0x7fffFFFFffffFFFFLL // Signed 64-bit integer file offset values
#define MAX_VOLUME_SIZE MAX_128BIT_BLOCK_VOLUME_SIZE
#define MIN_FAT_VOLUME_SIZE 19456
#define MAX_FAT_VOLUME_SIZE 0x20000000000LL
#define MIN_NTFS_VOLUME_SIZE 2634752
#define OPTIMAL_MIN_NTFS_VOLUME_SIZE (4 * BYTES_PER_GB)
#define MAX_NTFS_VOLUME_SIZE (128LL * BYTES_PER_TB) // NTFS volume can theoretically be up to 16 exabytes, but Windows XP and 2003 limit the size to that addressable with 32-bit clusters, i.e. max size is 128 TB (if 64-KB clusters are used).
#define MAX_HIDDEN_VOLUME_HOST_SIZE MAX_NTFS_VOLUME_SIZE
#define MAX_HIDDEN_VOLUME_SIZE ( MAX_HIDDEN_VOLUME_HOST_SIZE - HIDDEN_VOL_HEADER_OFFSET - HEADER_SIZE )
#define MIN_VOLUME_SIZE MIN_FAT_VOLUME_SIZE
#define MIN_HIDDEN_VOLUME_HOST_SIZE ( MIN_VOLUME_SIZE * 2 + HIDDEN_VOL_HEADER_OFFSET + HEADER_SIZE )
#ifndef TC_NO_COMPILER_INT64
#if MAX_VOLUME_SIZE > MAX_VOLUME_SIZE_GENERAL
#error MAX_VOLUME_SIZE must be less than or equal to MAX_VOLUME_SIZE_GENERAL
#endif
#endif
#define TCalloc(X) calloc(1, X)
#define TCfree free
#define WIDE(x) (LPWSTR)L##x
typedef int8_t int8;
typedef int16_t int16;
typedef int32_t int32;
typedef uint8_t byte;
typedef uint16_t uint16;
typedef uint32_t uint32;
#ifdef TC_NO_COMPILER_INT64
typedef uint32_t TC_LARGEST_COMPILER_UINT;
#else
typedef uint64_t TC_LARGEST_COMPILER_UINT;
typedef int64_t int64;
typedef uint64_t uint64;
#endif
// Needed by Cryptolib
typedef uint8_t uint_8t;
typedef uint16_t uint_16t;
typedef uint32_t uint_32t;
#ifndef TC_NO_COMPILER_INT64
typedef uint64_t uint_64t;
#endif
typedef union
{
struct
{
uint32_t LowPart;
uint32_t HighPart;
};
#ifndef TC_NO_COMPILER_INT64
uint64_t Value;
#endif
} UINT64_STRUCT;
#ifdef ORIGINAL_FATAL
#define TC_THROW_FATAL_EXCEPTION *(char *) 0 = 0
#else
#define TC_THROW_FATAL_EXCEPTION fatal("TrueCrypt: Fatal exception");
#endif
#define burn(mem,size) do { volatile char *burnm = (volatile char *)(mem); int burnc = size; while (burnc--) *burnm++ = 0; } while (0)
// The size of the memory area to wipe is in bytes amd it must be a multiple of 8.
#ifndef TC_NO_COMPILER_INT64
# define FAST_ERASE64(mem,size) do { volatile uint64_t *burnm = (volatile uint64_t *)(mem); int burnc = size >> 3; while (burnc--) *burnm++ = 0; } while (0)
#else
# define FAST_ERASE64(mem,size) do { volatile uint32_t *burnm = (volatile uint32_t *)(mem); int burnc = size >> 2; while (burnc--) *burnm++ = 0; } while (0)
#endif
#ifdef MAX_PATH
#define TC_MAX_PATH MAX_PATH
#else
#define TC_MAX_PATH 260 /* Includes the null terminator */
#endif
#define MAX_URL_LENGTH 2084 /* Internet Explorer limit. Includes the terminating null character. */
enum
{
/* WARNING: Add any new codes at the end (do NOT insert them between existing). Do NOT delete any
existing codes. Changing these values or their meanings may cause incompatibility with other
versions (for example, if a new version of the TrueCrypt installer receives an error code from
an installed driver whose version is lower, it will interpret the error incorrectly). */
ERR_SUCCESS = 0,
ERR_OS_ERROR = 1,
ERR_OUTOFMEMORY,
ERR_PASSWORD_WRONG,
ERR_VOL_FORMAT_BAD,
ERR_DRIVE_NOT_FOUND,
ERR_FILES_OPEN,
ERR_VOL_SIZE_WRONG,
ERR_COMPRESSION_NOT_SUPPORTED,
ERR_PASSWORD_CHANGE_VOL_TYPE,
ERR_PASSWORD_CHANGE_VOL_VERSION,
ERR_VOL_SEEKING,
ERR_VOL_WRITING,
ERR_FILES_OPEN_LOCK,
ERR_VOL_READING,
ERR_DRIVER_VERSION,
ERR_NEW_VERSION_REQUIRED,
ERR_CIPHER_INIT_FAILURE,
ERR_CIPHER_INIT_WEAK_KEY,
ERR_SELF_TESTS_FAILED,
ERR_SECTOR_SIZE_INCOMPATIBLE,
ERR_VOL_ALREADY_MOUNTED,
ERR_NO_FREE_DRIVES,
ERR_FILE_OPEN_FAILED,
ERR_VOL_MOUNT_FAILED,
ERR_INVALID_DEVICE,
ERR_ACCESS_DENIED,
ERR_MODE_INIT_FAILED,
ERR_DONT_REPORT,
ERR_ENCRYPTION_NOT_COMPLETED,
ERR_PARAMETER_INCORRECT
};
#endif // #ifndef TCDEFS_H

View File

@@ -6,31 +6,6 @@
distribution packages.
*/
/* For low-memory environments, define XTS_LOW_RESOURCE_VERSION, which will save
0.5 KB of RAM, but the speed will be 15-20% lower. However, on multi-core CPUs,
the XTS_LOW_RESOURCE_VERSION code might eventually be faster when parallelized,
because it processes the buffer continuously as a whole -- it does not divide the
buffer into data units (nevertheless, note that GenerateWhiteningValues supports
more than one data unit).
Note that when TC_NO_COMPILER_INT64 is defined, XTS_LOW_RESOURCE_VERSION is implicitly
defined as well (because the non-low-resource version needs 64-bit types).
For big-endian platforms (PowerPC, SPARC, etc.) define BYTE_ORDER as BIG_ENDIAN. */
#ifdef TC_MINIMIZE_CODE_SIZE
# define XTS_LOW_RESOURCE_VERSION
# pragma optimize ("tl", on)
#endif
#ifdef TC_NO_COMPILER_INT64
# ifndef XTS_LOW_RESOURCE_VERSION
# define XTS_LOW_RESOURCE_VERSION
# endif
#endif
#include "xts.h"
@@ -47,7 +22,7 @@ For big-endian platforms (PowerPC, SPARC, etc.) define BYTE_ORDER as BIG_ENDIAN.
// aligned with the start of a data unit. If it is aligned, startCipherBlockNo must be 0; if it
// is not aligned, startCipherBlockNo must reflect the misalignment accordingly.
void EncryptBufferXTS (uint8_t *buffer,
TC_LARGEST_COMPILER_UINT length,
uint64_t length,
const UINT64_STRUCT *startDataUnitNo,
unsigned int startCipherBlockNo,
uint8_t *ks,
@@ -63,7 +38,7 @@ void EncryptBufferXTS (uint8_t *buffer,
uint64_t *bufPtr = (uint64_t *) buffer;
unsigned int startBlock = startCipherBlockNo, endBlock, block;
uint64_t *const finalInt64WhiteningValuesPtr = whiteningValuesPtr64 + sizeof (whiteningValues) / sizeof (*whiteningValuesPtr64) - 1;
TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo;
uint64_t blockCount, dataUnitNo;
/* The encrypted data unit number (i.e. the resultant ciphertext block) is to be multiplied in the
finite field GF(2^128) by j-th power of n, where j is the sequential plaintext/ciphertext block
@@ -79,7 +54,7 @@ void EncryptBufferXTS (uint8_t *buffer,
*((uint64_t *) byteBufUnitNo + 1) = 0;
if (length % BYTES_PER_XTS_BLOCK)
TC_THROW_FATAL_EXCEPTION;
fatal("EncryptBufferXTS: Length not divisible by %i\n", BYTES_PER_XTS_BLOCK);
blockCount = length / BYTES_PER_XTS_BLOCK;
@@ -177,14 +152,14 @@ void EncryptBufferXTS (uint8_t *buffer,
*((uint64_t *) byteBufUnitNo) = LE64 (dataUnitNo);
}
FAST_ERASE64 (whiteningValue, sizeof(whiteningValue));
FAST_ERASE64 (whiteningValues, sizeof(whiteningValues));
memset (whiteningValue, 0x00, sizeof(whiteningValue));
memset (whiteningValues, 0x00, sizeof(whiteningValues));
}
// For descriptions of the input parameters, see EncryptBufferXTS().
void DecryptBufferXTS (uint8_t *buffer,
TC_LARGEST_COMPILER_UINT length,
uint64_t length,
const UINT64_STRUCT *startDataUnitNo,
unsigned int startCipherBlockNo,
uint8_t *ks,
@@ -200,7 +175,7 @@ void DecryptBufferXTS (uint8_t *buffer,
uint64_t *bufPtr = (uint64_t *) buffer;
unsigned int startBlock = startCipherBlockNo, endBlock, block;
uint64_t *const finalInt64WhiteningValuesPtr = whiteningValuesPtr64 + sizeof (whiteningValues) / sizeof (*whiteningValuesPtr64) - 1;
TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo;
uint64_t blockCount, dataUnitNo;
// Convert the 64-bit data unit number into a little-endian 16-byte array.
// Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes.
@@ -209,7 +184,7 @@ void DecryptBufferXTS (uint8_t *buffer,
*((uint64_t *) byteBufUnitNo + 1) = 0;
if (length % BYTES_PER_XTS_BLOCK)
TC_THROW_FATAL_EXCEPTION;
fatal("DecryptBufferXTS: Length not divisible by %i\n", BYTES_PER_XTS_BLOCK);
blockCount = length / BYTES_PER_XTS_BLOCK;
@@ -304,8 +279,8 @@ void DecryptBufferXTS (uint8_t *buffer,
*((uint64_t *) byteBufUnitNo) = LE64 (dataUnitNo);
}
FAST_ERASE64 (whiteningValue, sizeof(whiteningValue));
FAST_ERASE64 (whiteningValues, sizeof(whiteningValues));
memset (whiteningValue, 0x00, sizeof(whiteningValue));
memset (whiteningValues, 0x00, sizeof(whiteningValues));
}
@@ -317,7 +292,7 @@ void DecryptBufferXTS (uint8_t *buffer,
// are stored in memory as a sequence of 64-bit integers in reverse order. For descriptions of the input
// parameters, see EncryptBufferXTS().
static void GenerateWhiteningValues (uint64_t *bufPtr64,
TC_LARGEST_COMPILER_UINT length,
uint64_t length,
const UINT64_STRUCT *startDataUnitNo,
unsigned int startBlock,
uint8_t *ks2,
@@ -330,7 +305,7 @@ static void GenerateWhiteningValues (uint64_t *bufPtr64,
uint64_t *whiteningValuePtr64 = (uint64_t *) whiteningValue;
uint8_t finalCarry;
uint64_t *const finalInt64WhiteningValuePtr = whiteningValuePtr64 + sizeof (whiteningValue) / sizeof (*whiteningValuePtr64) - 1;
TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo;
uint64_t blockCount, dataUnitNo;
dataUnitNo = startDataUnitNo->Value;
@@ -415,7 +390,7 @@ static void GenerateWhiteningValues (uint64_t *bufPtr64,
*((uint64_t *) byteBufUnitNo) = LE64 (dataUnitNo);
}
FAST_ERASE64 (whiteningValue, sizeof(whiteningValue));
memset (whiteningValue, 0x00, sizeof(whiteningValue));
}
#endif // #if 0
@@ -431,14 +406,7 @@ static void GenerateWhiteningValues (uint64_t *bufPtr64,
// Increases a 64-bit value by one in a way compatible with non-64-bit environments/platforms
static void IncUint64Struct (UINT64_STRUCT *uint64Struct)
{
#ifdef TC_NO_COMPILER_INT64
if (!++uint64Struct->LowPart)
{
uint64Struct->HighPart++;
}
#else
uint64Struct->Value++;
#endif
}
@@ -460,13 +428,13 @@ static void Uint64ToLE16ByteArray (uint8_t *byteBuf, unsigned __int32 highInt32,
// Generates and XORs XTS whitening values into blocks in the buffer.
// For descriptions of the input parameters, see EncryptBufferXTS().
static void WhiteningPass (uint8_t *buffer,
TC_LARGEST_COMPILER_UINT length,
uint64_t length,
const UINT64_STRUCT *startDataUnitNo,
unsigned int startBlock,
uint8_t *ks2,
int cipher)
{
TC_LARGEST_COMPILER_UINT blockCount;
uint64_t blockCount;
UINT64_STRUCT dataUnitNo;
unsigned int block;
unsigned int endBlock;
@@ -555,7 +523,7 @@ static void WhiteningPass (uint8_t *buffer,
Uint64ToLE16ByteArray (byteBufUnitNo, dataUnitNo.HighPart, dataUnitNo.LowPart);
}
FAST_ERASE64 (whiteningValue, sizeof(whiteningValue));
memset (whiteningValue, 0x00, sizeof(whiteningValue));
}
@@ -570,18 +538,18 @@ static void WhiteningPass (uint8_t *buffer,
// aligned with the start of a data unit. If it is aligned, startCipherBlockNo must be 0; if it
// is not aligned, startCipherBlockNo must reflect the misalignment accordingly.
void EncryptBufferXTS (uint8_t *buffer,
TC_LARGEST_COMPILER_UINT length,
uint64_t length,
const UINT64_STRUCT *dataUnitNo,
unsigned int startCipherBlockNo,
uint8_t *ks,
uint8_t *ks2,
int cipher)
{
TC_LARGEST_COMPILER_UINT blockCount;
uint64_t blockCount;
uint8_t *bufPtr = buffer;
if (length % BYTES_PER_XTS_BLOCK)
TC_THROW_FATAL_EXCEPTION;
fatal("EncryptBufferXTS(): Length not divisibly by %i\n", BYTES_PER_XTS_BLOCK);
// Pre-whitening (all plaintext blocks in the buffer)
WhiteningPass (buffer, length, dataUnitNo, startCipherBlockNo, ks2, cipher);
@@ -600,18 +568,18 @@ void EncryptBufferXTS (uint8_t *buffer,
// For descriptions of the input parameters, see EncryptBufferXTS().
void DecryptBufferXTS (uint8_t *buffer,
TC_LARGEST_COMPILER_UINT length,
uint64_t length,
const UINT64_STRUCT *dataUnitNo,
unsigned int startCipherBlockNo,
uint8_t *ks,
uint8_t *ks2,
int cipher)
{
TC_LARGEST_COMPILER_UINT blockCount;
uint64_t blockCount;
uint8_t *bufPtr = buffer;
if (length % BYTES_PER_XTS_BLOCK)
TC_THROW_FATAL_EXCEPTION;
fatal("DecryptBufferXTS(): Length not disivibly by %i\n", BYTES_PER_XTS_BLOCK);
WhiteningPass (buffer, length, dataUnitNo, startCipherBlockNo, ks2, cipher);

View File

@@ -13,7 +13,6 @@
#include <inttypes.h>
#include "tcdefs.h"
#include "../common/endian.h"
#include "crypto.h"
@@ -43,34 +42,18 @@ extern "C" {
#endif
// Custom data types
#ifndef TC_LARGEST_COMPILER_UINT
# ifdef TC_NO_COMPILER_INT64
typedef uint32_t TC_LARGEST_COMPILER_UINT;
# else
typedef uint64_t TC_LARGEST_COMPILER_UINT;
# endif
#endif
#ifndef TCDEFS_H
typedef union
{
struct
{
uint32_t LowPart;
uint32_t HighPart;
};
# ifndef TC_NO_COMPILER_INT64
uint64_t Value;
# endif
typedef union {
struct {
uint32_t LowPart;
uint32_t HighPart;
};
uint64_t Value;
} UINT64_STRUCT;
#endif
// Public function prototypes
void EncryptBufferXTS (uint8_t *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, uint8_t *ks, uint8_t *ks2, int cipher);
void DecryptBufferXTS (uint8_t *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, uint8_t *ks, uint8_t *ks2, int cipher);
void EncryptBufferXTS (uint8_t *buffer, uint64_t length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, uint8_t *ks, uint8_t *ks2, int cipher);
void DecryptBufferXTS (uint8_t *buffer, uint64_t length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, uint8_t *ks, uint8_t *ks2, int cipher);
#ifdef __cplusplus
}

View File

@@ -33,7 +33,10 @@
#ifndef _AES_H
#define _AES_H
#include "../common/tcdefs.h"
#include <stdint.h>
#define uint_32t uint32_t
#define uint_8t uint8_t
#ifndef EXIT_SUCCESS
#define EXIT_SUCCESS 0

View File

@@ -302,9 +302,7 @@
If this section is included, tables are used to provide faster finite
field arithmetic (this has no effect if FIXED_TABLES is defined).
*/
#if !defined (TC_WINDOWS_BOOT)
#define FF_TABLES
#endif
/* 7. INTERNAL STATE VARIABLE FORMAT
@@ -323,7 +321,7 @@
statically into the binary file. Otherwise the subroutine aes_init()
must be called to compute them before the code is first used.
*/
#if !defined (TC_WINDOWS_BOOT) && !(defined( _MSC_VER ) && ( _MSC_VER <= 800 ))
#if !(defined( _MSC_VER ) && ( _MSC_VER <= 800 ))
#define FIXED_TABLES
#endif

View File

@@ -263,47 +263,9 @@ static uint_8t fi(const uint_8t x)
static int init = 0;
#ifdef TC_WINDOWS_BOOT
#pragma optimize ("l", on)
uint_8t aes_enc_tab[256][8];
uint_8t aes_dec_tab[256][8];
#endif
AES_RETURN aes_init(void)
{ uint_32t i, w;
#ifdef TC_WINDOWS_BOOT
if (init)
return EXIT_SUCCESS;
for (i = 0; i < 256; ++i)
{
uint_8t x = fwd_affine(fi((uint_8t)i));
aes_enc_tab[i][0] = 0;
aes_enc_tab[i][1] = x;
aes_enc_tab[i][2] = x;
aes_enc_tab[i][3] = f3(x);
aes_enc_tab[i][4] = f2(x);
aes_enc_tab[i][5] = x;
aes_enc_tab[i][6] = x;
aes_enc_tab[i][7] = f3(x);
x = fi((uint_8t)inv_affine((uint_8t)i));
aes_dec_tab[i][0] = fe(x);
aes_dec_tab[i][1] = f9(x);
aes_dec_tab[i][2] = fd(x);
aes_dec_tab[i][3] = fb(x);
aes_dec_tab[i][4] = fe(x);
aes_dec_tab[i][5] = f9(x);
aes_dec_tab[i][6] = fd(x);
aes_dec_tab[i][7] = x;
}
#else // TC_WINDOWS_BOOT
#if defined(FF_TABLES)
uint_8t pow[512], log[256];
@@ -414,8 +376,6 @@ AES_RETURN aes_init(void)
#endif
}
#endif // TC_WINDOWS_BOOT
init = 1;
return EXIT_SUCCESS;
}

View File

@@ -91,20 +91,12 @@
#define X(i) x[i]
#ifndef TC_MINIMIZE_CODE_SIZE
static u_char PADDING[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
#else
static u_char PADDING[64];
#endif
void
RMD160Init(RMD160_CTX *ctx)
{
@@ -157,12 +149,7 @@ void RMD160Final(u_char digest[20], RMD160_CTX *ctx)
u_char size[8];
u_int32_t padlen;
#ifndef TC_NO_COMPILER_INT64
PUT_64BIT_LE(size, ctx->count);
#else
*(uint32_t *) (size + 4) = 0;
PUT_32BIT_LE(size, ctx->count);
#endif
/*
* pad to 64 byte blocks, at least one byte from PADDING plus 8 bytes
* for the size
@@ -180,8 +167,6 @@ void RMD160Final(u_char digest[20], RMD160_CTX *ctx)
memset(ctx, 0, sizeof (*ctx));
}
#ifndef TC_MINIMIZE_CODE_SIZE
void
RMD160Transform(u_int32_t state[5], const u_char block[64])
{
@@ -393,118 +378,3 @@ RMD160Transform(u_int32_t state[5], const u_char block[64])
state[4] = state[0] + bb + c;
state[0] = t;
}
#else // TC_MINIMIZE_CODE_SIZE
/*
Copyright (c) 2008 TrueCrypt Foundation. All rights reserved.
Governed by the TrueCrypt License 2.4 the full text of which is contained
in the file License.txt included in TrueCrypt binary and source code
distribution packages.
*/
#pragma optimize ("tl", on)
typedef uint32_t uint32;
typedef unsigned __int8 byte;
static const byte OrderTab[] = {
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13,
5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
};
static const byte RolTab[] = {
11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6,
8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
};
static const uint32 KTab[] = {
0x00000000UL,
0x5A827999UL,
0x6ED9EBA1UL,
0x8F1BBCDCUL,
0xA953FD4EUL,
0x50A28BE6UL,
0x5C4DD124UL,
0x6D703EF3UL,
0x7A6D76E9UL,
0x00000000UL
};
void RMD160Transform (u_int32_t state[5], const u_char block[64])
{
uint32 a, b, c, d, e;
uint32 a2, b2, c2, d2, e2;
uint32 *data = (uint32 *) block;
byte pos;
uint32 tmp;
a = state[0];
b = state[1];
c = state[2];
d = state[3];
e = state[4];
for (pos = 0; pos < 160; ++pos)
{
tmp = a + data[OrderTab[pos]] + KTab[pos >> 4];
switch (pos >> 4)
{
case 0: case 9: tmp += F0 (b, c, d); break;
case 1: case 8: tmp += F1 (b, c, d); break;
case 2: case 7: tmp += F2 (b, c, d); break;
case 3: case 6: tmp += F3 (b, c, d); break;
case 4: case 5: tmp += F4 (b, c, d); break;
}
tmp = ROL (RolTab[pos], tmp) + e;
a = e;
e = d;
d = ROL (10, c);
c = b;
b = tmp;
if (pos == 79)
{
a2 = a;
b2 = b;
c2 = c;
d2 = d;
e2 = e;
a = state[0];
b = state[1];
c = state[2];
d = state[3];
e = state[4];
}
}
tmp = state[1] + c2 + d;
state[1] = state[2] + d2 + e;
state[2] = state[3] + e2 + a;
state[3] = state[4] + a2 + b;
state[4] = state[0] + b2 + c;
state[0] = tmp;
}
#endif // TC_MINIMIZE_CODE_SIZE

View File

@@ -43,11 +43,7 @@ extern "C"
/* RMD160 context. */
typedef struct RMD160Context {
u_int32_t state[5]; /* state */
#ifndef TC_NO_COMPILER_INT64
u_int64_t count; /* number of bits, modulo 2^64 */
#else
u_int32_t count;
#endif
u_char buffer[64]; /* input buffer */
} RMD160_CTX;

View File

@@ -433,200 +433,6 @@
d ^= k[4 * r + 3];}
#ifdef TC_MINIMIZE_CODE_SIZE
static void S0f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r3 ^= *r0;
*r4 = *r1;
*r1 &= *r3;
*r4 ^= *r2;
*r1 ^= *r0;
*r0 |= *r3;
*r0 ^= *r4;
*r4 ^= *r3;
*r3 ^= *r2;
*r2 |= *r1;
*r2 ^= *r4;
*r4 = ~*r4;
*r4 |= *r1;
*r1 ^= *r3;
*r1 ^= *r4;
*r3 |= *r0;
*r1 ^= *r3;
*r4 ^= *r3;
}
static void S1f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r0 = ~*r0;
*r2 = ~*r2;
*r4 = *r0;
*r0 &= *r1;
*r2 ^= *r0;
*r0 |= *r3;
*r3 ^= *r2;
*r1 ^= *r0;
*r0 ^= *r4;
*r4 |= *r1;
*r1 ^= *r3;
*r2 |= *r0;
*r2 &= *r4;
*r0 ^= *r1;
*r1 &= *r2;
*r1 ^= *r0;
*r0 &= *r2;
*r0 ^= *r4;
}
static void S2f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r4 = *r0;
*r0 &= *r2;
*r0 ^= *r3;
*r2 ^= *r1;
*r2 ^= *r0;
*r3 |= *r4;
*r3 ^= *r1;
*r4 ^= *r2;
*r1 = *r3;
*r3 |= *r4;
*r3 ^= *r0;
*r0 &= *r1;
*r4 ^= *r0;
*r1 ^= *r3;
*r1 ^= *r4;
*r4 = ~*r4;
}
static void S3f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r4 = *r0;
*r0 |= *r3;
*r3 ^= *r1;
*r1 &= *r4;
*r4 ^= *r2;
*r2 ^= *r3;
*r3 &= *r0;
*r4 |= *r1;
*r3 ^= *r4;
*r0 ^= *r1;
*r4 &= *r0;
*r1 ^= *r3;
*r4 ^= *r2;
*r1 |= *r0;
*r1 ^= *r2;
*r0 ^= *r3;
*r2 = *r1;
*r1 |= *r3;
*r1 ^= *r0;
}
static void S4f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r1 ^= *r3;
*r3 = ~*r3;
*r2 ^= *r3;
*r3 ^= *r0;
*r4 = *r1;
*r1 &= *r3;
*r1 ^= *r2;
*r4 ^= *r3;
*r0 ^= *r4;
*r2 &= *r4;
*r2 ^= *r0;
*r0 &= *r1;
*r3 ^= *r0;
*r4 |= *r1;
*r4 ^= *r0;
*r0 |= *r3;
*r0 ^= *r2;
*r2 &= *r3;
*r0 = ~*r0;
*r4 ^= *r2;
}
static void S5f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r0 ^= *r1;
*r1 ^= *r3;
*r3 = ~*r3;
*r4 = *r1;
*r1 &= *r0;
*r2 ^= *r3;
*r1 ^= *r2;
*r2 |= *r4;
*r4 ^= *r3;
*r3 &= *r1;
*r3 ^= *r0;
*r4 ^= *r1;
*r4 ^= *r2;
*r2 ^= *r0;
*r0 &= *r3;
*r2 = ~*r2;
*r0 ^= *r4;
*r4 |= *r3;
*r2 ^= *r4;
}
static void S6f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r2 = ~*r2;
*r4 = *r3;
*r3 &= *r0;
*r0 ^= *r4;
*r3 ^= *r2;
*r2 |= *r4;
*r1 ^= *r3;
*r2 ^= *r0;
*r0 |= *r1;
*r2 ^= *r1;
*r4 ^= *r0;
*r0 |= *r3;
*r0 ^= *r2;
*r4 ^= *r3;
*r4 ^= *r0;
*r3 = ~*r3;
*r2 &= *r4;
*r2 ^= *r3;
}
static void S7f (uint32_t *r0, uint32_t *r1, uint32_t *r2, uint32_t *r3, uint32_t *r4)
{
*r4 = *r2;
*r2 &= *r1;
*r2 ^= *r3;
*r3 &= *r1;
*r4 ^= *r2;
*r2 ^= *r1;
*r1 ^= *r0;
*r0 |= *r4;
*r0 ^= *r2;
*r3 ^= *r1;
*r2 ^= *r3;
*r3 &= *r0;
*r3 ^= *r4;
*r4 ^= *r2;
*r2 &= *r0;
*r4 = ~*r4;
*r2 ^= *r4;
*r4 &= *r0;
*r1 ^= *r3;
*r4 ^= *r1;
}
static void KXf (const uint32_t *k, unsigned int r, uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d)
{
*a ^= k[r];
*b ^= k[r + 1];
*c ^= k[r + 2];
*d ^= k[r + 3];
}
#endif // TC_MINIMIZE_CODE_SIZE
#ifndef TC_MINIMIZE_CODE_SIZE
void serpent_set_key(const uint8_t userKey[], int keylen, uint8_t *ks)
{
uint32_t a,b,c,d,e;
@@ -673,63 +479,6 @@ void serpent_set_key(const uint8_t userKey[], int keylen, uint8_t *ks)
afterS2(LK); afterS2(S3); afterS3(SK);
}
#else // TC_MINIMIZE_CODE_SIZE
static void LKf (uint32_t *k, unsigned int r, uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d)
{
*a = k[r];
*b = k[r + 1];
*c = k[r + 2];
*d = k[r + 3];
}
static void SKf (uint32_t *k, unsigned int r, uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d)
{
k[r + 4] = *a;
k[r + 5] = *b;
k[r + 6] = *c;
k[r + 7] = *d;
}
void serpent_set_key(const uint8_t userKey[], int keylen, uint8_t *ks)
{
uint32_t a,b,c,d,e;
uint32_t *k = (uint32_t *)ks;
uint32_t t;
int i;
for (i = 0; i < keylen / (int)sizeof(__int32); i++)
k[i] = LE32(((uint32_t*)userKey)[i]);
if (keylen < 32)
k[keylen/4] |= (uint32_t)1 << ((keylen%4)*8);
k += 8;
t = k[-1];
for (i = 0; i < 132; ++i)
k[i] = t = rotlFixed(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11);
k -= 20;
for (i=0; i<4; i++)
{
LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c);
LKf (k, 24, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); SKf (k, 20, &a, &e, &b, &d);
LKf (k, 28, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); SKf (k, 24, &c, &b, &a, &e);
LKf (k, 32, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); SKf (k, 28, &b, &e, &c, &a);
k += 8*4;
LKf (k, 4, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e); SKf (k, 0, &d, &e, &b, &a);
LKf (k, 8, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); SKf (k, 4, &a, &c, &d, &b);
LKf (k, 12, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); SKf (k, 8, &a, &c, &b, &e);
LKf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); SKf (k, 12, &b, &a, &e, &c);
}
LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c);
}
#endif // TC_MINIMIZE_CODE_SIZE
#ifndef TC_MINIMIZE_CODE_SIZE
void serpent_encrypt(const uint8_t *inBlock, uint8_t *outBlock, uint8_t *ks)
{
uint32_t a, b, c, d, e;
@@ -776,70 +525,6 @@ void serpent_encrypt(const uint8_t *inBlock, uint8_t *outBlock, uint8_t *ks)
out[3] = LE32(a);
}
#else // TC_MINIMIZE_CODE_SIZE
typedef uint32_t uint32;
static void LTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d)
{
*a = rotlFixed(*a, 13);
*c = rotlFixed(*c, 3);
*d = rotlFixed(*d ^ *c ^ (*a << 3), 7);
*b = rotlFixed(*b ^ *a ^ *c, 1);
*a = rotlFixed(*a ^ *b ^ *d, 5);
*c = rotlFixed(*c ^ *d ^ (*b << 7), 22);
}
void serpent_encrypt(const uint8_t *inBlock, uint8_t *outBlock, uint8_t *ks)
{
uint32_t a, b, c, d, e;
unsigned int i=1;
const uint32_t *k = (uint32_t *)ks + 8;
uint32_t *in = (uint32_t *) inBlock;
uint32_t *out = (uint32_t *) outBlock;
a = LE32(in[0]);
b = LE32(in[1]);
c = LE32(in[2]);
d = LE32(in[3]);
do
{
KXf (k, 0, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); LTf (&b, &e, &c, &a);
KXf (k, 4, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); LTf (&c, &b, &a, &e);
KXf (k, 8, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); LTf (&a, &e, &b, &d);
KXf (k, 12, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); LTf (&e, &b, &d, &c);
KXf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); LTf (&b, &a, &e, &c);
KXf (k, 20, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); LTf (&a, &c, &b, &e);
KXf (k, 24, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); LTf (&a, &c, &d, &b);
KXf (k, 28, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e);
if (i == 4)
break;
++i;
c = b;
b = e;
e = d;
d = a;
a = e;
k += 32;
LTf (&a,&b,&c,&d);
}
while (1);
KXf (k, 32, &d, &e, &b, &a);
out[0] = LE32(d);
out[1] = LE32(e);
out[2] = LE32(b);
out[3] = LE32(a);
}
#endif // TC_MINIMIZE_CODE_SIZE
#if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_SERPENT)
void serpent_decrypt(const uint8_t *inBlock, uint8_t *outBlock, uint8_t *ks)
{
uint32_t a, b, c, d, e;
@@ -880,61 +565,3 @@ start:
out[2] = LE32(b);
out[3] = LE32(e);
}
#else // TC_MINIMIZE_CODE_SIZE && !TC_WINDOWS_BOOT_SERPENT
static void ILTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d)
{
*c = rotrFixed(*c, 22);
*a = rotrFixed(*a, 5);
*c ^= *d ^ (*b << 7);
*a ^= *b ^ *d;
*b = rotrFixed(*b, 1);
*d = rotrFixed(*d, 7) ^ *c ^ (*a << 3);
*b ^= *a ^ *c;
*c = rotrFixed(*c, 3);
*a = rotrFixed(*a, 13);
}
void serpent_decrypt(const uint8_t *inBlock, uint8_t *outBlock, uint8_t *ks)
{
uint32_t a, b, c, d, e;
const uint32_t *k = (uint32_t *)ks + 104;
unsigned int i=4;
uint32_t *in = (uint32_t *) inBlock;
uint32_t *out = (uint32_t *) outBlock;
a = LE32(in[0]);
b = LE32(in[1]);
c = LE32(in[2]);
d = LE32(in[3]);
KXf (k, 32, &a, &b, &c, &d);
goto start;
do
{
c = b;
b = d;
d = e;
k -= 32;
beforeI7(ILT);
start:
beforeI7(I7); KXf (k, 28, &d, &a, &b, &e);
ILTf (&d, &a, &b, &e); afterI7(I6); KXf (k, 24, &a, &b, &c, &e);
ILTf (&a, &b, &c, &e); afterI6(I5); KXf (k, 20, &b, &d, &e, &c);
ILTf (&b, &d, &e, &c); afterI5(I4); KXf (k, 16, &b, &c, &e, &a);
ILTf (&b, &c, &e, &a); afterI4(I3); KXf (k, 12, &a, &b, &e, &c);
ILTf (&a, &b, &e, &c); afterI3(I2); KXf (k, 8, &b, &d, &e, &c);
ILTf (&b, &d, &e, &c); afterI2(I1); KXf (k, 4, &a, &b, &c, &e);
ILTf (&a, &b, &c, &e); afterI1(I0); KXf (k, 0, &a, &d, &b, &e);
}
while (--i != 0);
out[0] = LE32(a);
out[1] = LE32(d);
out[2] = LE32(b);
out[3] = LE32(e);
}
#endif // TC_MINIMIZE_CODE_SIZE && !TC_WINDOWS_BOOT_SERPENT

View File

@@ -28,7 +28,17 @@
#ifndef _SHA2_H
#define _SHA2_H
#include "../common/tcdefs.h"
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <86box/86box.h>
#define uint_64t uint64_t
#define uint_32t uint32_t
#define uint_8t uint8_t
#include "../common/endian.h"
#define SHA_64BIT

View File

@@ -32,20 +32,14 @@
/* Adapted for TrueCrypt by the TrueCrypt Foundation */
#ifdef TC_WINDOWS_BOOT
#pragma optimize ("tl", on)
#endif
#include "twofish.h"
#include "../common/endian.h"
#define Q_TABLES
#define M_TABLE
#if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_TWOFISH)
# define MK_TABLE
# define ONE_STEP
#endif
/* finite field arithmetic for GF(2**8) with the modular */
/* polynomial x^8 + x^6 + x^5 + x^3 + 1 (0x169) */
@@ -417,8 +411,6 @@ u4byte *twofish_set_key(TwofishInstance *instance, const u4byte in_key[], const
/* encrypt a block of text */
#ifndef TC_MINIMIZE_CODE_SIZE
#define f_rnd(i) \
t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); \
blk[2] = rotr(blk[2] ^ (t0 + t1 + l_key[4 * (i) + 8]), 1); \
@@ -447,44 +439,8 @@ void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte o
out_blk[3] = LE32(blk[1] ^ l_key[7]);
};
#else // TC_MINIMIZE_CODE_SIZE
void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[])
{ u4byte t0, t1, blk[4];
u4byte *l_key = instance->l_key;
#ifdef TC_WINDOWS_BOOT_TWOFISH
u4byte *mk_tab = instance->mk_tab;
#endif
int i;
blk[0] = LE32(in_blk[0]) ^ l_key[0];
blk[1] = LE32(in_blk[1]) ^ l_key[1];
blk[2] = LE32(in_blk[2]) ^ l_key[2];
blk[3] = LE32(in_blk[3]) ^ l_key[3];
for (i = 0; i <= 7; ++i)
{
t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]);
blk[2] = rotr(blk[2] ^ (t0 + t1 + l_key[4 * (i) + 8]), 1);
blk[3] = rotl(blk[3], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]);
t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]);
blk[0] = rotr(blk[0] ^ (t0 + t1 + l_key[4 * (i) + 10]), 1);
blk[1] = rotl(blk[1], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]);
}
out_blk[0] = LE32(blk[2] ^ l_key[4]);
out_blk[1] = LE32(blk[3] ^ l_key[5]);
out_blk[2] = LE32(blk[0] ^ l_key[6]);
out_blk[3] = LE32(blk[1] ^ l_key[7]);
};
#endif // TC_MINIMIZE_CODE_SIZE
/* decrypt a block of text */
#ifndef TC_MINIMIZE_CODE_SIZE
#define i_rnd(i) \
t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); \
blk[2] = rotl(blk[2], 1) ^ (t0 + t1 + l_key[4 * (i) + 10]); \
@@ -512,37 +468,3 @@ void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte o
out_blk[2] = LE32(blk[0] ^ l_key[2]);
out_blk[3] = LE32(blk[1] ^ l_key[3]);
};
#else // TC_MINIMIZE_CODE_SIZE
void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[4])
{ u4byte t0, t1, blk[4];
u4byte *l_key = instance->l_key;
#ifdef TC_WINDOWS_BOOT_TWOFISH
u4byte *mk_tab = instance->mk_tab;
#endif
int i;
blk[0] = LE32(in_blk[0]) ^ l_key[4];
blk[1] = LE32(in_blk[1]) ^ l_key[5];
blk[2] = LE32(in_blk[2]) ^ l_key[6];
blk[3] = LE32(in_blk[3]) ^ l_key[7];
for (i = 7; i >= 0; --i)
{
t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]);
blk[2] = rotl(blk[2], 1) ^ (t0 + t1 + l_key[4 * (i) + 10]);
blk[3] = rotr(blk[3] ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]), 1);
t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]);
blk[0] = rotl(blk[0], 1) ^ (t0 + t1 + l_key[4 * (i) + 8]);
blk[1] = rotr(blk[1] ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]), 1);
}
out_blk[0] = LE32(blk[2] ^ l_key[0]);
out_blk[1] = LE32(blk[3] ^ l_key[1]);
out_blk[2] = LE32(blk[0] ^ l_key[2]);
out_blk[3] = LE32(blk[1] ^ l_key[3]);
};
#endif // TC_MINIMIZE_CODE_SIZE

View File

@@ -37,9 +37,7 @@ typedef struct
{
u4byte l_key[40];
u4byte s_key[4];
#if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_TWOFISH)
u4byte mk_tab[4 * 256];
#endif
u4byte k_len;
} TwofishInstance;

View File

@@ -2,7 +2,6 @@
#include "edc.h"
#include "common/tcdefs.h"
#include "common/crypto.h"
#include "common/endian.h"
#include "common/pkcs5.h"
@@ -10,7 +9,16 @@
#include <string.h>
#define byte uint8_t
#define uint64 uint64_t
typedef union {
struct {
uint32_t LowPart;
uint32_t HighPart;
};
uint64_t Value;
} UINT64_STRUCT;
void unshuffle1(u8 *data)
{
@@ -33,7 +41,7 @@ void unshuffle1(u8 *data)
}
void DecryptBlock(u8 *buf,
TC_LARGEST_COMPILER_UINT len,
uint64_t len,
u32 secSz,
u64 secN,
u8 flags,
@@ -104,12 +112,7 @@ UINT64_STRUCT GetHeaderField64 (byte *header, size_t offset)
/* modify BE->LE */
UINT64_STRUCT uint64Struct;
#ifndef TC_NO_COMPILER_INT64
uint64Struct.Value = LE64 (*(uint64 *) (header + offset));
#else
uint64Struct.HighPart = LE32 (*(uint32 *) (header + offset));
uint64Struct.LowPart = LE32 (*(uint32 *) (header + offset + 4));
#endif
return uint64Struct;
}
@@ -175,7 +178,7 @@ int ReadHeader (int bBoot, char *encryptedHeader, Password *password, PCRYPTO_IN
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
fatal("ReadHeader(): Unknown/wrong ID\n");
}
// Test all available modes of operation
@@ -303,8 +306,8 @@ int ReadHeader (int bBoot, char *encryptedHeader, Password *password, PCRYPTO_IN
// Clear out the temporary key buffers
// ret:
burn (dk, sizeof(dk));
burn (&keyInfo, sizeof (keyInfo));
memset (dk, 0x00, sizeof(dk));
memset (&keyInfo, 0x00, sizeof (keyInfo));
return 0;
}
@@ -319,8 +322,8 @@ err:
*retInfo = NULL;
}
burn (&keyInfo, sizeof (keyInfo));
burn (dk, sizeof(dk));
memset (&keyInfo, 0x00, sizeof (keyInfo));
memset (dk, 0x00, sizeof(dk));
return status;
}

View File

@@ -1,8 +1,9 @@
#ifndef MDS_H
#define MDS_H
#include <stdlib.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "defines.h"
@@ -20,8 +21,6 @@ typedef struct Decoder_t
int ctr;
} Decoder;
enum TRACK_TYPE
{
TRK_T_MAINTENANCE = 0,
@@ -140,7 +139,7 @@ typedef struct __attribute__((packed))
// decode.c
void DecryptBlock(u8 *buf, TC_LARGEST_COMPILER_UINT len, u32 secSz, u64 secN, u8 flags, PCRYPTO_INFO cryptoInfo);
void DecryptBlock(u8 *buf, uint64_t len, u32 secSz, u64 secN, u8 flags, PCRYPTO_INFO cryptoInfo);
int decode1(u8 *data, const char *pass, PCRYPTO_INFO *ci);