![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to crypto.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [truecrypt] / truecrypt / common|
Return to crypto.c CVS log | Up to [truecrypt] / truecrypt / common |
1.1.1.11 root 1: /*
2: Legal Notice: The source code contained in this file has been derived from
3: the source code of Encryption for the Masses 2.02a, which is Copyright (c)
4: Paul Le Roux and which is covered by the 'License Agreement for Encryption
5: for the Masses'. Modifications and additions to that source code contained
6: in this file are Copyright (c) TrueCrypt Foundation and are covered by the
1.1.1.12! root 7: TrueCrypt License 2.3 the full text of which is contained in the file
1.1.1.11 root 8: License.txt included in TrueCrypt binary and source code distribution
9: packages. */
1.1.1.7 root 10:
11: #include "Tcdefs.h"
12: #include "Crypto.h"
13: #include "Crc.h"
1.1.1.11 root 14: #include "Common/Endian.h"
1.1.1.7 root 15:
16: #ifdef LINUX_DRIVER
1.1.1.8 root 17: #include <linux/module.h>
1.1.1.7 root 18: #include <linux/string.h>
1.1.1.11 root 19: #else
20: #include <string.h>
1.1.1.7 root 21: #endif
1.1.1.5 root 22:
23: /* Update the following when adding a new cipher or EA:
24:
25: Crypto.h:
26: ID #define
27: MAX_EXPANDED_KEY #define
28:
29: Crypto.c:
30: Ciphers[]
31: EncryptionAlgorithms[]
32: CipherInit()
33: EncipherBlock()
34: DecipherBlock()
1.1.1.7 root 35:
1.1.1.5 root 36: */
37:
38: // Cipher configuration
39: static Cipher Ciphers[] =
40: {
1.1.1.7 root 41: // Block Size Key Size Key Schedule Size
42: // ID Name (Bytes) (Bytes) (Bytes)
1.1.1.5 root 43: { AES, "AES", 16, 32, sizeof(aes_encrypt_ctx)+sizeof(aes_decrypt_ctx) },
1.1.1.12! root 44: { BLOWFISH, "Blowfish", 8, 56, 4168 }, // Deprecated/legacy
! 45: { CAST, "CAST5", 8, 16, 128 }, // Deprecated/legacy
! 46: { DES56, "DES", 8, 7, 128 }, // Deprecated/legacy
! 47: { SERPENT, "Serpent", 16, 32, 140*4 },
! 48: { TRIPLEDES,"Triple DES", 8, 8*3, 128*3 }, // Deprecated/legacy
! 49: { TWOFISH, "Twofish", 16, 32, TWOFISH_KS },
! 50: { 0, 0, 0, 0, 0 }
1.1.1.5 root 51: };
52:
53: // Encryption algorithm configuration
1.1.1.12! root 54: // The following modes have been deprecated (legacy): CBC, INNER_CBC, OUTER_CBC
1.1.1.5 root 55: static EncryptionAlgorithm EncryptionAlgorithms[] =
56: {
1.1.1.8 root 57: // Cipher(s) Modes
1.1.1.11 root 58: { { 0, 0 }, { 0, 0, 0 }, 0 }, // Must be all-zero
59: { { AES, 0 }, { LRW, CBC, 0 }, 1 },
1.1.1.12! root 60: { { BLOWFISH, 0 }, { LRW, CBC, 0 }, 0 }, // Deprecated/legacy
! 61: { { CAST, 0 }, { LRW, CBC, 0 }, 0 }, // Deprecated/legacy
1.1.1.11 root 62: { { SERPENT, 0 }, { LRW, CBC, 0 }, 1 },
1.1.1.12! root 63: { { TRIPLEDES, 0 }, { LRW, CBC, 0 }, 0 }, // Deprecated/legacy
1.1.1.11 root 64: { { TWOFISH, 0 }, { LRW, CBC, 0 }, 1 },
65: { { TWOFISH, AES, 0 }, { LRW, OUTER_CBC, 0 }, 1 },
66: { { SERPENT, TWOFISH, AES, 0 }, { LRW, OUTER_CBC, 0 }, 1 },
67: { { AES, SERPENT, 0 }, { LRW, OUTER_CBC, 0 }, 1 },
68: { { AES, TWOFISH, SERPENT, 0 }, { LRW, OUTER_CBC, 0 }, 1 },
69: { { SERPENT, TWOFISH, 0 }, { LRW, OUTER_CBC, 0 }, 1 },
1.1.1.12! root 70: { { BLOWFISH, AES, 0 }, { INNER_CBC, 0, 0 }, 0 }, // Deprecated/legacy
! 71: { { SERPENT, BLOWFISH, AES, 0 }, { INNER_CBC, 0, 0 }, 0 }, // Deprecated/legacy
1.1.1.11 root 72: { { 0, 0 }, { 0, 0, 0 }, 0 } // Must be all-zero
1.1.1.5 root 73: };
74:
1.1.1.9 root 75: // Hash algorithms
76: static Hash Hashes[] =
77: {
78: { RIPEMD160, "RIPEMD-160" },
79: { SHA1, "SHA-1" },
80: { WHIRLPOOL, "Whirlpool" },
81: { 0, 0 }
82: };
1.1.1.8 root 83:
1.1.1.7 root 84: /* Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) */
1.1.1.8 root 85: int CipherInit (int cipher, unsigned char *key, unsigned __int8 *ks)
1.1.1.5 root 86: {
1.1.1.10 root 87: int retVal = ERR_SUCCESS;
1.1.1.7 root 88:
1.1.1.5 root 89: switch (cipher)
90: {
91: case BLOWFISH:
1.1.1.12! root 92: /* Deprecated/legacy */
1.1.1.5 root 93: BF_set_key ((BF_KEY *)ks, CipherGetKeySize(BLOWFISH), key);
94: break;
95:
96: case AES:
1.1.1.8 root 97: if (aes_encrypt_key(key, CipherGetKeySize(AES), (aes_encrypt_ctx *) ks) != EXIT_SUCCESS)
1.1.1.7 root 98: return ERR_CIPHER_INIT_FAILURE;
99:
1.1.1.8 root 100: if (aes_decrypt_key(key, CipherGetKeySize(AES), (aes_decrypt_ctx *) (ks + sizeof(aes_encrypt_ctx))) != EXIT_SUCCESS)
1.1.1.7 root 101: return ERR_CIPHER_INIT_FAILURE;
102:
1.1.1.5 root 103: break;
104:
1.1.1.7 root 105: case DES56:
1.1.1.12! root 106: /* Deprecated/legacy */
1.1.1.7 root 107: switch (des_key_sched ((des_cblock *) key, (struct des_ks_struct *) ks))
108: {
109: case -1:
110: return ERR_CIPHER_INIT_FAILURE;
111: case -2:
112: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
113: break;
114: }
1.1.1.5 root 115: break;
116:
117: case CAST:
1.1.1.12! root 118: /* Deprecated/legacy */
1.1.1.5 root 119: CAST_set_key((CAST_KEY *) ks, CipherGetKeySize(CAST), key);
120: break;
121:
122: case SERPENT:
123: serpent_set_key (key, CipherGetKeySize(SERPENT) * 8, ks);
124: break;
125:
126: case TRIPLEDES:
1.1.1.12! root 127: /* Deprecated/legacy */
1.1.1.7 root 128: switch (des_key_sched ((des_cblock *) key, (struct des_ks_struct *) ks))
129: {
130: case -1:
131: return ERR_CIPHER_INIT_FAILURE;
132: case -2:
133: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
134: break;
135: }
136: switch (des_key_sched ((des_cblock *) ((char*)(key)+8), (struct des_ks_struct *) (ks + CipherGetKeyScheduleSize (DES56))))
137: {
138: case -1:
139: return ERR_CIPHER_INIT_FAILURE;
140: case -2:
141: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
142: break;
143: }
144: switch (des_key_sched ((des_cblock *) ((char*)(key)+16), (struct des_ks_struct *) (ks + CipherGetKeyScheduleSize (DES56) * 2)))
145: {
146: case -1:
147: return ERR_CIPHER_INIT_FAILURE;
148: case -2:
149: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
150: break;
151: }
1.1.1.9 root 152:
153: // Verify whether all three DES keys are mutually different
1.1.1.10 root 154: if (((*((__int64 *) key) ^ *((__int64 *) key+1)) & 0xFEFEFEFEFEFEFEFEULL) == 0
155: || ((*((__int64 *) key+1) ^ *((__int64 *) key+2)) & 0xFEFEFEFEFEFEFEFEULL) == 0
156: || ((*((__int64 *) key) ^ *((__int64 *) key+2)) & 0xFEFEFEFEFEFEFEFEULL) == 0)
1.1.1.9 root 157: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
158:
1.1.1.5 root 159: break;
160:
161: case TWOFISH:
162: twofish_set_key ((TwofishInstance *)ks, (const u4byte *)key, CipherGetKeySize(TWOFISH) * 8);
163: break;
164:
165: }
1.1.1.7 root 166: return retVal;
1.1.1.5 root 167: }
168:
169: void EncipherBlock(int cipher, void *data, void *ks)
170: {
171: switch (cipher)
172: {
1.1.1.12! root 173: case BLOWFISH: BF_ecb_le_encrypt (data, data, ks, 1); break; // Deprecated/legacy
1.1.1.5 root 174: case AES: aes_encrypt (data, data, ks); break;
1.1.1.12! root 175: case DES56: des_encrypt (data, ks, 1); break; // Deprecated/legacy
! 176: case CAST: CAST_ecb_encrypt (data, data, ks, 1); break; // Deprecated/legacy
1.1.1.5 root 177: case SERPENT: serpent_encrypt (data, data, ks); break;
1.1.1.12! root 178: case TRIPLEDES: des_ecb3_encrypt (data, data, ks, // Deprecated/legacy
1.1.1.5 root 179: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56)), (void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 1); break;
180: case TWOFISH: twofish_encrypt (ks, data, data); break;
181: }
182: }
183:
184: void DecipherBlock(int cipher, void *data, void *ks)
185: {
186: switch (cipher)
187: {
1.1.1.12! root 188: case BLOWFISH: BF_ecb_le_encrypt (data, data, ks, 0); break; // Deprecated/legacy
1.1.1.5 root 189: case AES: aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx))); break;
1.1.1.12! root 190: case DES56: des_encrypt (data, ks, 0); break; // Deprecated/legacy
! 191: case CAST: CAST_ecb_encrypt (data, data, ks,0); break; // Deprecated/legacy
1.1.1.5 root 192: case SERPENT: serpent_decrypt (data, data, ks); break;
1.1.1.12! root 193: case TRIPLEDES: des_ecb3_encrypt (data, data, ks, // Deprecated/legacy
1.1.1.5 root 194: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56)),
195: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 0); break;
196: case TWOFISH: twofish_decrypt (ks, data, data); break;
197: }
198: }
199:
200: // Ciphers support
201:
202: Cipher *CipherGet (int id)
203: {
204: int i;
205: for (i = 0; Ciphers[i].Id != 0; i++)
206: if (Ciphers[i].Id == id)
207: return &Ciphers[i];
208:
209: return 0;
210: }
211:
212: char *CipherGetName (int cipherId)
213: {
214: return CipherGet (cipherId) -> Name;
215: }
216:
217: int CipherGetBlockSize (int cipherId)
218: {
219: return CipherGet (cipherId) -> BlockSize;
220: }
221:
222: int CipherGetKeySize (int cipherId)
223: {
224: return CipherGet (cipherId) -> KeySize;
225: }
226:
227: int CipherGetKeyScheduleSize (int cipherId)
228: {
229: return CipherGet (cipherId) -> KeyScheduleSize;
230: }
231:
232:
233: // Encryption algorithms support
234:
235: int EAGetFirst ()
236: {
237: return 1;
238: }
239:
240: // Returns number of EAs
241: int EAGetCount (void)
242: {
243: int ea, count = 0;
244:
245: for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
246: {
247: count++;
248: }
249: return count;
250: }
251:
252: int EAGetNext (int previousEA)
253: {
254: int id = previousEA + 1;
255: if (EncryptionAlgorithms[id].Ciphers[0] != 0) return id;
256: return 0;
257: }
258:
1.1.1.8 root 259:
260: // Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal)
261: int EAInit (int ea, unsigned char *key, unsigned __int8 *ks)
1.1.1.5 root 262: {
1.1.1.10 root 263: int c, retVal = ERR_SUCCESS;
264:
265: if (ea == 0)
266: return ERR_CIPHER_INIT_FAILURE;
1.1.1.5 root 267:
268: for (c = EAGetFirstCipher (ea); c != 0; c = EAGetNextCipher (ea, c))
269: {
1.1.1.7 root 270: switch (CipherInit (c, key, ks))
271: {
272: case ERR_CIPHER_INIT_FAILURE:
273: return ERR_CIPHER_INIT_FAILURE;
274:
275: case ERR_CIPHER_INIT_WEAK_KEY:
276: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
277: break;
278: }
1.1.1.5 root 279:
280: key += CipherGetKeySize (c);
281: ks += CipherGetKeyScheduleSize (c);
282: }
1.1.1.7 root 283: return retVal;
1.1.1.5 root 284: }
285:
1.1.1.8 root 286:
287: int EAInitMode (PCRYPTO_INFO ci)
288: {
289: switch (ci->mode)
290: {
291: case LRW:
292: switch (CipherGetBlockSize (EAGetFirstCipher (ci->ea)))
293: {
294: case 8:
1.1.1.12! root 295: /* Deprecated/legacy */
1.1.1.8 root 296: return Gf64TabInit (ci->iv, &ci->gf_ctx);
297:
298: case 16:
299: return Gf128Tab64Init (ci->iv, &ci->gf_ctx);
300:
301: default:
302: return FALSE;
303: }
304: }
305:
306: return TRUE;
307: }
308:
309:
1.1.1.5 root 310: // Returns name of EA, cascaded cipher names are separated by hyphens
311: char *EAGetName (char *buf, int ea)
312: {
313: int i = EAGetLastCipher(ea);
1.1.1.10 root 314: strcpy (buf, (i != 0) ? CipherGetName (i) : "?");
1.1.1.5 root 315:
316: while (i = EAGetPreviousCipher(ea, i))
317: {
318: strcat (buf, "-");
319: strcat (buf, CipherGetName (i));
320: }
321:
322: return buf;
323: }
324:
1.1.1.8 root 325:
326: int EAGetByName (char *name)
327: {
328: int ea = EAGetFirst ();
329: char n[128];
330:
331: do
332: {
333: EAGetName (n, ea);
334: if (strcmp (n, name) == 0)
335: return ea;
336: }
337: while (ea = EAGetNext (ea));
338:
339: return 0;
340: }
341:
342:
1.1.1.5 root 343: // Returns sum of key sizes of all EA ciphers
344: int EAGetKeySize (int ea)
345: {
1.1.1.8 root 346: int i = EAGetFirstCipher (ea);
1.1.1.5 root 347: int size = CipherGetKeySize (i);
348:
1.1.1.8 root 349: while (i = EAGetNextCipher (ea, i))
1.1.1.5 root 350: {
351: size += CipherGetKeySize (i);
352: }
353:
354: return size;
355: }
356:
1.1.1.8 root 357:
358: // Returns the first mode of operation of EA
359: int EAGetFirstMode (int ea)
360: {
361: return (EncryptionAlgorithms[ea].Modes[0]);
362: }
363:
364:
365: int EAGetNextMode (int ea, int previousModeId)
1.1.1.5 root 366: {
1.1.1.8 root 367: int c, i = 0;
368: while (c = EncryptionAlgorithms[ea].Modes[i++])
369: {
370: if (c == previousModeId)
371: return EncryptionAlgorithms[ea].Modes[i];
372: }
373:
374: return 0;
1.1.1.5 root 375: }
376:
1.1.1.8 root 377:
1.1.1.5 root 378: // Returns the name of the mode of operation of the whole EA
1.1.1.8 root 379: char *EAGetModeName (int ea, int mode, BOOL capitalLetters)
1.1.1.5 root 380: {
1.1.1.8 root 381: switch (mode)
1.1.1.5 root 382: {
1.1.1.8 root 383: case LRW:
384: return "LRW";
385:
1.1.1.5 root 386: case CBC:
1.1.1.7 root 387: {
1.1.1.8 root 388: /* Deprecated/legacy */
389:
1.1.1.7 root 390: char eaName[100];
391: EAGetName (eaName, ea);
1.1.1.5 root 392:
1.1.1.7 root 393: if (strcmp (eaName, "Triple DES") == 0)
394: return capitalLetters ? "Outer-CBC" : "outer-CBC";
1.1.1.5 root 395:
1.1.1.7 root 396: return "CBC";
397: }
1.1.1.5 root 398:
399: case OUTER_CBC:
1.1.1.8 root 400:
401: /* Deprecated/legacy */
402:
1.1.1.7 root 403: return capitalLetters ? "Outer-CBC" : "outer-CBC";
1.1.1.5 root 404:
405: case INNER_CBC:
1.1.1.8 root 406:
407: /* Deprecated/legacy */
408:
1.1.1.7 root 409: return capitalLetters ? "Inner-CBC" : "inner-CBC";
1.1.1.5 root 410:
411: }
1.1.1.7 root 412: return "[unknown]";
1.1.1.5 root 413: }
414:
1.1.1.8 root 415:
1.1.1.5 root 416: // Returns sum of key schedule sizes of all EA ciphers
417: int EAGetKeyScheduleSize (int ea)
418: {
419: int i = EAGetFirstCipher(ea);
420: int size = CipherGetKeyScheduleSize (i);
421:
422: while (i = EAGetNextCipher(ea, i))
423: {
424: size += CipherGetKeyScheduleSize (i);
425: }
426:
427: return size;
428: }
429:
1.1.1.8 root 430:
1.1.1.5 root 431: // Returns largest key needed by all EAs
432: int EAGetLargestKey ()
433: {
434: int ea, key = 0;
435:
436: for (ea = EAGetFirst (); ea != 0 ; ea = EAGetNext (ea))
437: {
438: if (EAGetKeySize (ea) >= key)
439: key = EAGetKeySize (ea);
440: }
441:
442: return key;
443: }
444:
1.1.1.8 root 445:
1.1.1.5 root 446: // Returns number of ciphers in EA
447: int EAGetCipherCount (int ea)
448: {
449: int i = 0;
450: while (EncryptionAlgorithms[ea].Ciphers[i++]);
451:
452: return i - 1;
453: }
454:
455:
456: int EAGetFirstCipher (int ea)
457: {
458: return EncryptionAlgorithms[ea].Ciphers[0];
459: }
460:
1.1.1.8 root 461:
1.1.1.5 root 462: int EAGetLastCipher (int ea)
463: {
464: int c, i = 0;
465: while (c = EncryptionAlgorithms[ea].Ciphers[i++]);
466:
467: return EncryptionAlgorithms[ea].Ciphers[i - 2];
468: }
469:
1.1.1.8 root 470:
1.1.1.5 root 471: int EAGetNextCipher (int ea, int previousCipherId)
472: {
473: int c, i = 0;
474: while (c = EncryptionAlgorithms[ea].Ciphers[i++])
475: {
476: if (c == previousCipherId)
477: return EncryptionAlgorithms[ea].Ciphers[i];
478: }
479:
480: return 0;
481: }
482:
1.1.1.8 root 483:
1.1.1.5 root 484: int EAGetPreviousCipher (int ea, int previousCipherId)
485: {
486: int c, i = 0;
487:
488: if (EncryptionAlgorithms[ea].Ciphers[i++] == previousCipherId)
489: return 0;
490:
491: while (c = EncryptionAlgorithms[ea].Ciphers[i++])
492: {
493: if (c == previousCipherId)
494: return EncryptionAlgorithms[ea].Ciphers[i - 2];
495: }
496:
497: return 0;
498: }
499:
1.1.1.8 root 500:
1.1.1.11 root 501: int EAIsFormatEnabled (int ea)
502: {
503: return EncryptionAlgorithms[ea].FormatEnabled;
504: }
505:
506:
1.1.1.9 root 507: Hash *HashGet (int id)
1.1.1.5 root 508: {
1.1.1.9 root 509: int i;
510: for (i = 0; Hashes[i].Id != 0; i++)
511: if (Hashes[i].Id == id)
512: return &Hashes[i];
513:
514: return 0;
515: }
516:
517:
518: int HashGetIdByName (char *name)
519: {
520: int i;
521: for (i = 0; Hashes[i].Id != 0; i++)
522: if (strcmp (Hashes[i].Name, name) == 0)
523: return Hashes[i].Id;
524:
525: return 0;
526: }
527:
528:
529: char *HashGetName (int hashId)
530: {
531: return HashGet (hashId) -> Name;
1.1.1.5 root 532: }
533:
1.1 root 534:
535: PCRYPTO_INFO
536: crypto_open ()
537: {
538: /* Do the crt allocation */
1.1.1.9 root 539: PCRYPTO_INFO cryptoInfo = (PCRYPTO_INFO) TCalloc (sizeof (CRYPTO_INFO));
540: memset (cryptoInfo, 0, sizeof (CRYPTO_INFO));
541:
1.1.1.2 root 542: #ifndef DEVICE_DRIVER
1.1.1.7 root 543: #ifdef _WIN32
1.1.1.2 root 544: VirtualLock (cryptoInfo, sizeof (CRYPTO_INFO));
545: #endif
1.1.1.7 root 546: #endif
1.1.1.2 root 547:
1.1 root 548: if (cryptoInfo == NULL)
549: return NULL;
550:
1.1.1.5 root 551: cryptoInfo->ea = -1;
1.1 root 552: return cryptoInfo;
553: }
554:
555: void
556: crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen)
557: {
558: keyInfo->keyLength = nUserKeyLen;
559: burn (keyInfo->userKey, sizeof (keyInfo->userKey));
560: memcpy (keyInfo->userKey, lpszUserKey, nUserKeyLen);
561: }
562:
563: void
564: crypto_close (PCRYPTO_INFO cryptoInfo)
565: {
1.1.1.7 root 566: if (cryptoInfo != NULL)
567: {
568: burn (cryptoInfo, sizeof (CRYPTO_INFO));
1.1.1.2 root 569: #ifndef DEVICE_DRIVER
1.1.1.7 root 570: #ifdef _WIN32
571: VirtualUnlock (cryptoInfo, sizeof (CRYPTO_INFO));
572: #endif
1.1.1.2 root 573: #endif
1.1.1.7 root 574: TCfree (cryptoInfo);
575: }
1.1 root 576: }
1.1.1.9 root 577:
578:
579: // Detect weak and potentially weak secondary LRW keys.
580: // Remark: These tests reduce the key search space by approximately 0.001%
581: BOOL DetectWeakSecondaryKey (unsigned char *key, int len)
582: {
583: #define LRW_MAX_SUCCESSIVE_IDENTICAL_BITS 24
584: #define LRW_MIN_HAMMING_WEIGHT_16 39
585: #define LRW_MIN_HAMMING_WEIGHT_8 15
586:
587: int minWeight = (len == 16 ? LRW_MIN_HAMMING_WEIGHT_16 : LRW_MIN_HAMMING_WEIGHT_8);
588: int i, b, zero = 0, one = 0, zeroTotal = 0, oneTotal = 0;
589:
590: for (i = 0; i < len; i++)
591: {
592: for (b = 7; b >= 0; b--)
593: {
594: if ((key[i] & (1 << b)) == 0)
595: {
596: zeroTotal++;
597: zero++;
598: one = 0;
599: }
600: else
601: {
602: oneTotal++;
603: one++;
604: zero = 0;
605: }
606:
607: // Maximum number of consecutive identical bit values
608: if (one >= LRW_MAX_SUCCESSIVE_IDENTICAL_BITS || zero >= LRW_MAX_SUCCESSIVE_IDENTICAL_BITS)
609: return TRUE;
610: }
611: }
612:
613: // Minimum and maximum Hamming weight
614: if (zeroTotal < minWeight || oneTotal < minWeight)
615: return TRUE;
616:
617: return FALSE;
618: }
619:
1.1 root 620:
1.1.1.8 root 621: // Initializes IV and whitening values for sector encryption/decryption in CBC mode.
622: // IMPORTANT: This function has been deprecated (legacy).
1.1.1.5 root 623: static void
624: InitSectorIVAndWhitening (unsigned __int64 secNo,
625: int blockSize,
1.1.1.7 root 626: unsigned __int32 *iv,
1.1.1.5 root 627: unsigned __int64 *ivSeed,
1.1.1.7 root 628: unsigned __int32 *whitening)
1.1 root 629: {
1.1.1.8 root 630:
631: /* IMPORTANT: This function has been deprecated (legacy) */
632:
1.1.1.5 root 633: unsigned __int64 iv64[4];
1.1.1.7 root 634: unsigned __int32 *iv32 = (unsigned __int32 *) iv64;
1.1.1.5 root 635:
1.1.1.7 root 636: iv64[0] = ivSeed[0] ^ LE64(secNo);
637: iv64[1] = ivSeed[1] ^ LE64(secNo);
638: iv64[2] = ivSeed[2] ^ LE64(secNo);
1.1.1.5 root 639: if (blockSize == 16)
1.1 root 640: {
1.1.1.7 root 641: iv64[3] = ivSeed[3] ^ LE64(secNo);
1.1.1.5 root 642: }
643:
644: iv[0] = iv32[0];
645: iv[1] = iv32[1];
646:
647: switch (blockSize)
648: {
649: case 16:
650:
651: // 128-bit block
652:
653: iv[2] = iv32[2];
654: iv[3] = iv32[3];
655:
1.1.1.7 root 656: whitening[0] = LE32( crc32int ( &iv32[4] ) ^ crc32int ( &iv32[7] ) );
657: whitening[1] = LE32( crc32int ( &iv32[5] ) ^ crc32int ( &iv32[6] ) );
1.1.1.5 root 658: break;
659:
660: case 8:
661:
1.1.1.12! root 662: // 64-bit block - deprecated/legacy
1.1.1.5 root 663:
1.1.1.7 root 664: whitening[0] = LE32( crc32int ( &iv32[2] ) ^ crc32int ( &iv32[5] ) );
665: whitening[1] = LE32( crc32int ( &iv32[3] ) ^ crc32int ( &iv32[4] ) );
1.1.1.5 root 666: break;
1.1 root 667: }
668: }
669:
1.1.1.5 root 670:
1.1.1.8 root 671: // EncryptBufferCBC (deprecated/legacy)
1.1.1.5 root 672: //
673: // data: data to be encrypted
674: // len: number of bytes to encrypt (must be divisible by the largest cipher block size)
675: // ks: scheduled key
676: // iv: IV
677: // whitening: whitening constants
678: // ea: outer-CBC cascade ID (0 = CBC/inner-CBC)
679: // cipher: CBC/inner-CBC cipher ID (0 = outer-CBC)
680:
681: static void
1.1.1.7 root 682: EncryptBufferCBC (unsigned __int32 *data,
683: unsigned int len,
1.1.1.8 root 684: unsigned __int8 *ks,
1.1.1.7 root 685: unsigned __int32 *iv,
686: unsigned __int32 *whitening,
1.1.1.5 root 687: int ea,
688: int cipher)
1.1 root 689: {
1.1.1.8 root 690: /* IMPORTANT: This function has been deprecated (legacy) */
691:
1.1.1.7 root 692: unsigned __int32 bufIV[4];
1.1.1.5 root 693: unsigned __int64 i;
694: int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
695:
696: // IV
697: bufIV[0] = iv[0];
698: bufIV[1] = iv[1];
699: if (blockSize == 16)
700: {
701: bufIV[2] = iv[2];
702: bufIV[3] = iv[3];
703: }
704:
705: // Encrypt each block
706: for (i = 0; i < len/blockSize; i++)
707: {
708: // CBC
709: data[0] ^= bufIV[0];
710: data[1] ^= bufIV[1];
711: if (blockSize == 16)
712: {
713: data[2] ^= bufIV[2];
714: data[3] ^= bufIV[3];
715: }
716:
717: if (ea != 0)
718: {
719: // Outer-CBC
720: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
721: {
722: EncipherBlock (cipher, data, ks);
723: ks += CipherGetKeyScheduleSize (cipher);
724: }
725: ks -= EAGetKeyScheduleSize (ea);
726: }
727: else
728: {
729: // CBC/inner-CBC
730: EncipherBlock (cipher, data, ks);
731: }
732:
733: // CBC
734: bufIV[0] = data[0];
735: bufIV[1] = data[1];
736: if (blockSize == 16)
737: {
738: bufIV[2] = data[2];
739: bufIV[3] = data[3];
740: }
741:
742: // Whitening
743: data[0] ^= whitening[0];
744: data[1] ^= whitening[1];
745: if (blockSize == 16)
746: {
747: data[2] ^= whitening[0];
748: data[3] ^= whitening[1];
749: }
750:
1.1.1.7 root 751: data += blockSize / sizeof(*data);
1.1.1.5 root 752: }
1.1 root 753: }
754:
1.1.1.5 root 755:
1.1.1.8 root 756: // DecryptBufferCBC (deprecated/legacy)
1.1.1.5 root 757: //
758: // data: data to be decrypted
759: // len: number of bytes to decrypt (must be divisible by the largest cipher block size)
760: // ks: scheduled key
761: // iv: IV
762: // whitening: whitening constants
763: // ea: outer-CBC cascade ID (0 = CBC/inner-CBC)
764: // cipher: CBC/inner-CBC cipher ID (0 = outer-CBC)
765:
766: static void
1.1.1.7 root 767: DecryptBufferCBC (unsigned __int32 *data,
768: unsigned int len,
1.1.1.8 root 769: unsigned __int8 *ks,
1.1.1.7 root 770: unsigned __int32 *iv,
771: unsigned __int32 *whitening,
1.1.1.5 root 772: int ea,
773: int cipher)
1.1 root 774: {
1.1.1.8 root 775:
776: /* IMPORTANT: This function has been deprecated (legacy) */
777:
1.1.1.7 root 778: unsigned __int32 bufIV[4];
1.1.1.5 root 779: unsigned __int64 i;
1.1.1.7 root 780: unsigned __int32 ct[4];
1.1.1.5 root 781: int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
782:
783: // IV
784: bufIV[0] = iv[0];
785: bufIV[1] = iv[1];
786: if (blockSize == 16)
1.1 root 787: {
1.1.1.5 root 788: bufIV[2] = iv[2];
789: bufIV[3] = iv[3];
790: }
791:
792: // Decrypt each block
793: for (i = 0; i < len/blockSize; i++)
794: {
795: // Dewhitening
796: data[0] ^= whitening[0];
797: data[1] ^= whitening[1];
798: if (blockSize == 16)
799: {
800: data[2] ^= whitening[0];
801: data[3] ^= whitening[1];
802: }
803:
804: // CBC
805: ct[0] = data[0];
806: ct[1] = data[1];
807: if (blockSize == 16)
808: {
809: ct[2] = data[2];
810: ct[3] = data[3];
811: }
812:
813: if (ea != 0)
814: {
815: // Outer-CBC
816: ks += EAGetKeyScheduleSize (ea);
817: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
818: {
819: ks -= CipherGetKeyScheduleSize (cipher);
820: DecipherBlock (cipher, data, ks);
821: }
822: }
823: else
824: {
825: // CBC/inner-CBC
826: DecipherBlock (cipher, data, ks);
827: }
828:
829: // CBC
830: data[0] ^= bufIV[0];
831: data[1] ^= bufIV[1];
832: bufIV[0] = ct[0];
833: bufIV[1] = ct[1];
834: if (blockSize == 16)
835: {
836: data[2] ^= bufIV[2];
837: data[3] ^= bufIV[3];
838: bufIV[2] = ct[2];
839: bufIV[3] = ct[3];
840: }
841:
1.1.1.7 root 842: data += blockSize / sizeof(*data);
1.1 root 843: }
844: }
1.1.1.5 root 845:
846:
1.1.1.8 root 847: void Xor128 (unsigned __int64 *a, unsigned __int64 *b)
848: {
849: *a++ ^= *b++;
850: *a ^= *b;
851: }
852:
853:
854: void Xor64 (unsigned __int64 *a, unsigned __int64 *b)
855: {
856: *a ^= *b;
857: }
858:
859:
860: void EncryptBufferLRW128 (unsigned __int8 *plainText, unsigned int length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
861: {
862: int cipher = EAGetFirstCipher (cryptoInfo->ea);
863: int cipherCount = EAGetCipherCount (cryptoInfo->ea);
864: unsigned __int8 *p = plainText;
865: unsigned __int8 *ks = cryptoInfo->ks;
866: unsigned __int8 i[8];
867: unsigned __int8 t[16];
868: unsigned int b;
869:
870: *(unsigned __int64 *)i = BE64(blockIndex);
871:
872: // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
873:
874: for (b = 0; b < length >> 4; b++)
875: {
876: Gf128MulBy64Tab (i, t, &cryptoInfo->gf_ctx);
877: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
878:
879: if (cipherCount > 1)
880: {
881: // Cipher cascade
882: for (cipher = EAGetFirstCipher (cryptoInfo->ea);
883: cipher != 0;
884: cipher = EAGetNextCipher (cryptoInfo->ea, cipher))
885: {
886: EncipherBlock (cipher, p, ks);
887: ks += CipherGetKeyScheduleSize (cipher);
888: }
889: ks = cryptoInfo->ks;
890: }
891: else
892: {
893: EncipherBlock (cipher, p, ks);
894: }
895:
896: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
897:
898: p += 16;
899:
900: if (i[7] != 0xff)
901: i[7]++;
902: else
903: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
904: }
905:
906: memset (t, 0, sizeof (t));
907: }
908:
909:
910: void EncryptBufferLRW64 (unsigned __int8 *plainText, unsigned int length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
911: {
1.1.1.12! root 912: /* Deprecated/legacy */
! 913:
1.1.1.8 root 914: int cipher = EAGetFirstCipher (cryptoInfo->ea);
915: unsigned __int8 *p = plainText;
916: unsigned __int8 *ks = cryptoInfo->ks;
917: unsigned __int8 i[8];
918: unsigned __int8 t[8];
919: unsigned int b;
920:
921: *(unsigned __int64 *)i = BE64(blockIndex);
922:
923: for (b = 0; b < length >> 3; b++)
924: {
925: Gf64MulTab (i, t, &cryptoInfo->gf_ctx);
926: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
927:
928: EncipherBlock (cipher, p, ks);
929:
930: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
931:
932: p += 8;
933:
934: if (i[7] != 0xff)
935: i[7]++;
936: else
937: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
938: }
939:
940: memset (t, 0, sizeof (t));
941: }
942:
943:
944: void DecryptBufferLRW128 (unsigned __int8 *plainText, int length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
945: {
946: int cipher = EAGetFirstCipher (cryptoInfo->ea);
947: int cipherCount = EAGetCipherCount (cryptoInfo->ea);
948: unsigned __int8 *p = plainText;
949: unsigned __int8 *ks = cryptoInfo->ks;
950: unsigned __int8 i[8];
951: unsigned __int8 t[16];
952: int b;
953:
954: *(unsigned __int64 *)i = BE64(blockIndex);
955:
956: // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
957:
958: for (b = 0; b < length >> 4; b++)
959: {
960: Gf128MulBy64Tab (i, t, &cryptoInfo->gf_ctx);
961: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
962:
963: if (cipherCount > 1)
964: {
965: // Cipher cascade
966: ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea);
967:
968: for (cipher = EAGetLastCipher (cryptoInfo->ea);
969: cipher != 0;
970: cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher))
971: {
972: ks -= CipherGetKeyScheduleSize (cipher);
973: DecipherBlock (cipher, p, ks);
974: }
975: }
976: else
977: {
978: DecipherBlock (cipher, p, ks);
979: }
980:
981: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
982:
983: p += 16;
984:
985: if (i[7] != 0xff)
986: i[7]++;
987: else
988: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
989: }
990:
991: memset (t, 0, sizeof (t));
992: }
993:
994:
995:
996: void DecryptBufferLRW64 (unsigned __int8 *plainText, int length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
997: {
1.1.1.12! root 998: /* Deprecated/legacy */
! 999:
1.1.1.8 root 1000: int cipher = EAGetFirstCipher (cryptoInfo->ea);
1001: unsigned __int8 *p = plainText;
1002: unsigned __int8 *ks = cryptoInfo->ks;
1003: unsigned __int8 i[8];
1004: unsigned __int8 t[8];
1005: int b;
1006:
1007: *(unsigned __int64 *)i = BE64(blockIndex);
1008:
1009: for (b = 0; b < length >> 3; b++)
1010: {
1011: Gf64MulTab (i, t, &cryptoInfo->gf_ctx);
1012: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
1013:
1014: DecipherBlock (cipher, p, ks);
1015:
1016: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
1017:
1018: p += 8;
1019:
1020: if (i[7] != 0xff)
1021: i[7]++;
1022: else
1023: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
1024: }
1025:
1026: memset (t, 0, sizeof (t));
1027: }
1028:
1029:
1.1.1.5 root 1030: // EncryptBuffer
1031: //
1032: // buf: data to be encrypted
1033: // len: number of bytes to encrypt; must be divisible by the block size (for cascaded
1034: // ciphers divisible by the largest block size used within the cascade)
1035:
1036: void
1.1.1.7 root 1037: EncryptBuffer (unsigned __int32 *buf,
1.1.1.5 root 1038: unsigned __int64 len,
1.1.1.8 root 1039: PCRYPTO_INFO cryptoInfo)
1.1.1.5 root 1040: {
1041:
1.1.1.8 root 1042: switch (cryptoInfo->mode)
1.1.1.5 root 1043: {
1.1.1.8 root 1044: case LRW:
1045: switch (CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)))
1046: {
1047: case 8:
1.1.1.12! root 1048: /* Deprecated/legacy */
1.1.1.8 root 1049: EncryptBufferLRW64 ((unsigned __int8 *)buf, (unsigned int) len, 1, cryptoInfo);
1050: break;
1051:
1052: case 16:
1053: EncryptBufferLRW128 ((unsigned __int8 *)buf, (unsigned int) len, 1, cryptoInfo);
1054: break;
1055: }
1056: break;
1057:
1.1.1.5 root 1058: case CBC:
1059: case INNER_CBC:
1060: {
1.1.1.8 root 1061: /* Deprecated/legacy */
1.1.1.5 root 1062:
1.1.1.8 root 1063: unsigned __int8 *ks = cryptoInfo->ks;
1064: int cipher;
1065: for (cipher = EAGetFirstCipher (cryptoInfo->ea);
1066: cipher != 0;
1067: cipher = EAGetNextCipher (cryptoInfo->ea, cipher))
1068: {
1069: EncryptBufferCBC (buf,
1070: (unsigned int) len,
1071: ks,
1072: (unsigned __int32 *) cryptoInfo->iv,
1073: (unsigned __int32 *) &cryptoInfo->iv[8],
1074: 0,
1075: cipher);
1.1.1.5 root 1076:
1.1.1.8 root 1077: ks += CipherGetKeyScheduleSize (cipher);
1078: }
1079: }
1.1.1.5 root 1080: break;
1081:
1082: case OUTER_CBC:
1083:
1.1.1.8 root 1084: /* Deprecated/legacy */
1085:
1.1.1.5 root 1086: EncryptBufferCBC (buf,
1.1.1.7 root 1087: (unsigned int) len,
1.1.1.8 root 1088: cryptoInfo->ks,
1089: (unsigned __int32 *) cryptoInfo->iv,
1090: (unsigned __int32 *) &cryptoInfo->iv[8],
1091: cryptoInfo->ea,
1.1.1.5 root 1092: 0);
1093:
1094: break;
1095: }
1096: }
1097:
1.1.1.8 root 1098: // Convert sector number to the index of the first LRW block in the sector.
1099: // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
1100: unsigned __int64 LRWSector2Index (unsigned __int64 sector, int blockSize, PCRYPTO_INFO ci)
1101: {
1102: if (ci->hiddenVolume)
1103: sector -= ci->hiddenVolumeOffset / SECTOR_SIZE;
1104: else
1105: sector -= HEADER_SIZE / SECTOR_SIZE; // Compensate for the volume header size
1106:
1107: switch (blockSize)
1108: {
1109: case 8:
1.1.1.12! root 1110: // Deprecated/legacy
1.1.1.8 root 1111: return (sector << 6) | 1;
1112:
1113: case 16:
1114: return (sector << 5) | 1;
1115: }
1116:
1117: return 0;
1118: }
1119:
1120:
1.1.1.5 root 1121: // EncryptSectors
1122: //
1123: // buf: data to be encrypted
1124: // secNo: sector number relative to volume start
1125: // noSectors: number of sectors in buffer
1126: // ks: scheduled key
1127: // iv: IV
1128: // ea: encryption algorithm
1129:
1.1.1.11 root 1130: void
1.1.1.7 root 1131: EncryptSectors (unsigned __int32 *buf,
1.1.1.5 root 1132: unsigned __int64 secNo,
1133: unsigned __int64 noSectors,
1.1.1.8 root 1134: PCRYPTO_INFO ci)
1135: {
1136: int ea = ci->ea;
1137: void *iv = ci->iv; // Deprecated/legacy
1138: unsigned __int8 *ks = ci->ks;
1139: unsigned __int64 *iv64 = (unsigned __int64 *) iv; // Deprecated/legacy
1140: unsigned __int32 sectorIV[4]; // Deprecated/legacy
1141: unsigned __int32 secWhitening[2]; // Deprecated/legacy
1.1.1.5 root 1142: int cipher;
1143:
1.1.1.8 root 1144: switch (ci->mode)
1.1.1.5 root 1145: {
1.1.1.8 root 1146: case LRW:
1147: {
1148: switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
1149: {
1150: case 8:
1.1.1.12! root 1151: /* Deprecated/legacy */
1.1.1.8 root 1152: EncryptBufferLRW64 ((unsigned __int8 *)buf,
1153: (unsigned int) noSectors * SECTOR_SIZE,
1154: LRWSector2Index (secNo, 8, ci),
1155: ci);
1156: break;
1157:
1158: case 16:
1159: EncryptBufferLRW128 ((unsigned __int8 *)buf,
1160: (unsigned int) noSectors * SECTOR_SIZE,
1161: LRWSector2Index (secNo, 16, ci),
1162: ci);
1163: break;
1164: }
1165: }
1166: break;
1167:
1.1.1.5 root 1168: case CBC:
1169: case INNER_CBC:
1170:
1.1.1.8 root 1171: /* Deprecated/legacy */
1172:
1.1.1.5 root 1173: while (noSectors--)
1174: {
1175: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
1176: {
1177: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
1178:
1179: EncryptBufferCBC (buf,
1180: SECTOR_SIZE,
1181: ks,
1182: sectorIV,
1183: secWhitening,
1184: 0,
1185: cipher);
1186:
1187: ks += CipherGetKeyScheduleSize (cipher);
1188: }
1189: ks -= EAGetKeyScheduleSize (ea);
1.1.1.7 root 1190: buf += SECTOR_SIZE / sizeof(*buf);
1.1.1.5 root 1191: secNo++;
1192: }
1193: break;
1194:
1195: case OUTER_CBC:
1196:
1.1.1.8 root 1197: /* Deprecated/legacy */
1198:
1.1.1.5 root 1199: while (noSectors--)
1200: {
1201: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
1202:
1203: EncryptBufferCBC (buf,
1204: SECTOR_SIZE,
1205: ks,
1206: sectorIV,
1207: secWhitening,
1208: ea,
1209: 0);
1210:
1.1.1.7 root 1211: buf += SECTOR_SIZE / sizeof(*buf);
1.1.1.5 root 1212: secNo++;
1213: }
1214: break;
1215: }
1216: }
1217:
1218: // DecryptBuffer
1219: //
1220: // buf: data to be decrypted
1221: // len: number of bytes to decrypt; must be divisible by the block size (for cascaded
1222: // ciphers divisible by the largest block size used within the cascade)
1223: void
1.1.1.7 root 1224: DecryptBuffer (unsigned __int32 *buf,
1.1.1.5 root 1225: unsigned __int64 len,
1.1.1.8 root 1226: PCRYPTO_INFO cryptoInfo)
1.1.1.5 root 1227: {
1.1.1.8 root 1228: switch (cryptoInfo->mode)
1.1.1.5 root 1229: {
1.1.1.8 root 1230: case LRW:
1231: switch (CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)))
1232: {
1233: case 8:
1.1.1.12! root 1234: /* Deprecated/legacy */
1.1.1.8 root 1235: DecryptBufferLRW64 ((unsigned __int8 *)buf, (unsigned int) len, 1, cryptoInfo);
1236: break;
1237:
1238: case 16:
1239: DecryptBufferLRW128 ((unsigned __int8 *)buf, (unsigned int) len, 1, cryptoInfo);
1240: break;
1241: }
1242: break;
1243:
1.1.1.5 root 1244: case CBC:
1245: case INNER_CBC:
1246: {
1247:
1.1.1.8 root 1248: /* Deprecated/legacy */
1249:
1250: unsigned __int8 *ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea);
1251: int cipher;
1252: for (cipher = EAGetLastCipher (cryptoInfo->ea);
1253: cipher != 0;
1254: cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher))
1255: {
1256: ks -= CipherGetKeyScheduleSize (cipher);
1257:
1258: DecryptBufferCBC (buf,
1259: (unsigned int) len,
1260: ks,
1261: (unsigned __int32 *) cryptoInfo->iv,
1262: (unsigned __int32 *) &cryptoInfo->iv[8],
1263: 0,
1264: cipher);
1265: }
1.1.1.5 root 1266: }
1267: break;
1268:
1269: case OUTER_CBC:
1270:
1.1.1.8 root 1271: /* Deprecated/legacy */
1272:
1.1.1.5 root 1273: DecryptBufferCBC (buf,
1.1.1.7 root 1274: (unsigned int) len,
1.1.1.8 root 1275: cryptoInfo->ks,
1276: (unsigned __int32 *) cryptoInfo->iv,
1277: (unsigned __int32 *) &cryptoInfo->iv[8],
1278: cryptoInfo->ea,
1.1.1.5 root 1279: 0);
1280:
1281: break;
1282: }
1283: }
1284:
1285: // DecryptSectors
1286: //
1287: // buf: data to be decrypted
1288: // secNo: sector number relative to volume start
1289: // noSectors: number of sectors in buffer
1290: // ks: scheduled key
1291: // iv: IV
1292: // ea: encryption algorithm
1293:
1.1.1.11 root 1294: void
1.1.1.7 root 1295: DecryptSectors (unsigned __int32 *buf,
1.1.1.5 root 1296: unsigned __int64 secNo,
1297: unsigned __int64 noSectors,
1.1.1.8 root 1298: PCRYPTO_INFO ci
1299: )
1300: {
1301: int ea = ci->ea;
1302: void *iv = ci->iv; // Deprecated/legacy
1303: unsigned __int8 *ks = ci->ks;
1304: unsigned __int64 *iv64 = (unsigned __int64 *) iv; // Deprecated/legacy
1305: unsigned __int32 sectorIV[4]; // Deprecated/legacy
1306: unsigned __int32 secWhitening[2]; // Deprecated/legacy
1.1.1.5 root 1307: int cipher;
1308:
1.1.1.8 root 1309: switch (ci->mode)
1.1.1.5 root 1310: {
1.1.1.8 root 1311: case LRW:
1312: {
1313: switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
1314: {
1315: case 8:
1.1.1.12! root 1316: /* Deprecated/legacy */
1.1.1.8 root 1317: DecryptBufferLRW64 ((unsigned __int8 *)buf,
1318: (unsigned int) noSectors * SECTOR_SIZE,
1319: LRWSector2Index (secNo, 8, ci),
1320: ci);
1321: break;
1322:
1323: case 16:
1324: DecryptBufferLRW128 ((unsigned __int8 *)buf,
1325: (unsigned int) noSectors * SECTOR_SIZE,
1326: LRWSector2Index (secNo, 16, ci),
1327: ci);
1328: break;
1329: }
1330: }
1331: break;
1332:
1.1.1.5 root 1333: case CBC:
1334: case INNER_CBC:
1335:
1.1.1.8 root 1336: /* Deprecated/legacy */
1337:
1.1.1.5 root 1338: while (noSectors--)
1339: {
1340: ks += EAGetKeyScheduleSize (ea);
1341: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
1342: {
1343: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
1344:
1345: ks -= CipherGetKeyScheduleSize (cipher);
1346:
1347: DecryptBufferCBC (buf,
1348: SECTOR_SIZE,
1349: ks,
1350: sectorIV,
1351: secWhitening,
1352: 0,
1353: cipher);
1354: }
1.1.1.7 root 1355: buf += SECTOR_SIZE / sizeof(*buf);
1.1.1.5 root 1356: secNo++;
1357: }
1358: break;
1359:
1360: case OUTER_CBC:
1361:
1.1.1.8 root 1362: /* Deprecated/legacy */
1363:
1.1.1.5 root 1364: while (noSectors--)
1365: {
1366: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
1367:
1368: DecryptBufferCBC (buf,
1369: SECTOR_SIZE,
1370: ks,
1371: sectorIV,
1372: secWhitening,
1373: ea,
1374: 0);
1375:
1.1.1.7 root 1376: buf += SECTOR_SIZE / sizeof(*buf);
1.1.1.5 root 1377: secNo++;
1378: }
1379: break;
1380: }
1381: }
1382:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.