![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to crypto.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [truecrypt] / truecrypt / common|
Return to crypto.c CVS log | Up to [truecrypt] / truecrypt / common |
1.1.1.11 root 1: /*
1.1.1.13 root 2: Legal Notice: Some portions of the source code contained in this file were
3: derived from the source code of Encryption for the Masses 2.02a, which is
4: Copyright (c) 1998-2000 Paul Le Roux and which is governed by the 'License
5: Agreement for Encryption for the Masses'. Modifications and additions to
6: the original source code (contained in this file) and all other portions of
7: this file are Copyright (c) 2003-2008 TrueCrypt Foundation and are governed
8: by the TrueCrypt License 2.4 the full text of which is contained in the
9: file License.txt included in TrueCrypt binary and source code distribution
1.1.1.11 root 10: packages. */
1.1.1.7 root 11:
12: #include "Tcdefs.h"
13: #include "Crypto.h"
1.1.1.13 root 14: #include "Xts.h"
1.1.1.7 root 15: #include "Crc.h"
1.1.1.11 root 16: #include "Common/Endian.h"
17: #include <string.h>
1.1.1.5 root 18:
19: /* Update the following when adding a new cipher or EA:
20:
21: Crypto.h:
22: ID #define
23: MAX_EXPANDED_KEY #define
24:
25: Crypto.c:
26: Ciphers[]
27: EncryptionAlgorithms[]
28: CipherInit()
29: EncipherBlock()
30: DecipherBlock()
1.1.1.7 root 31:
1.1.1.5 root 32: */
33:
1.1.1.14! root 34: #ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
! 35:
1.1.1.5 root 36: // Cipher configuration
37: static Cipher Ciphers[] =
38: {
1.1.1.7 root 39: // Block Size Key Size Key Schedule Size
40: // ID Name (Bytes) (Bytes) (Bytes)
1.1.1.13 root 41: { AES, "AES", 16, 32, AES_KS },
42: { SERPENT, "Serpent", 16, 32, 140*4 },
43: { TWOFISH, "Twofish", 16, 32, TWOFISH_KS },
44: #ifndef TC_WINDOWS_BOOT
1.1.1.12 root 45: { BLOWFISH, "Blowfish", 8, 56, 4168 }, // Deprecated/legacy
46: { CAST, "CAST5", 8, 16, 128 }, // Deprecated/legacy
47: { DES56, "DES", 8, 7, 128 }, // Deprecated/legacy
48: { TRIPLEDES,"Triple DES", 8, 8*3, 128*3 }, // Deprecated/legacy
1.1.1.13 root 49: #endif
1.1.1.12 root 50: { 0, 0, 0, 0, 0 }
1.1.1.5 root 51: };
52:
1.1.1.13 root 53:
1.1.1.5 root 54: // Encryption algorithm configuration
1.1.1.13 root 55: // The following modes have been deprecated (legacy): LRW, CBC, INNER_CBC, OUTER_CBC
1.1.1.5 root 56: static EncryptionAlgorithm EncryptionAlgorithms[] =
57: {
1.1.1.13 root 58: // Cipher(s) Modes FormatEnabled
59:
60: #ifndef TC_WINDOWS_BOOT
61:
62: { { 0, 0 }, { 0, 0, 0, 0 }, 0 }, // Must be all-zero
63: { { AES, 0 }, { XTS, LRW, CBC, 0 }, 1 },
64: { { SERPENT, 0 }, { XTS, LRW, CBC, 0 }, 1 },
65: { { TWOFISH, 0 }, { XTS, LRW, CBC, 0 }, 1 },
66: { { TWOFISH, AES, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
67: { { SERPENT, TWOFISH, AES, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
68: { { AES, SERPENT, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
69: { { AES, TWOFISH, SERPENT, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
70: { { SERPENT, TWOFISH, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
71: { { BLOWFISH, 0 }, { LRW, CBC, 0, 0 }, 0 }, // Deprecated/legacy
72: { { CAST, 0 }, { LRW, CBC, 0, 0 }, 0 }, // Deprecated/legacy
73: { { TRIPLEDES, 0 }, { LRW, CBC, 0, 0 }, 0 }, // Deprecated/legacy
74: { { BLOWFISH, AES, 0 }, { INNER_CBC, 0, 0, 0 }, 0 }, // Deprecated/legacy
75: { { SERPENT, BLOWFISH, AES, 0 }, { INNER_CBC, 0, 0, 0 }, 0 }, // Deprecated/legacy
76: { { 0, 0 }, { 0, 0, 0, 0 }, 0 } // Must be all-zero
77:
78: #else // TC_WINDOWS_BOOT
79:
80: // Encryption algorithms available for boot drive encryption
81: { { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero
82: { { AES, 0 }, { XTS, 0 }, 1 },
83: { { SERPENT, 0 }, { XTS, 0 }, 1 },
84: { { TWOFISH, 0 }, { XTS, 0 }, 1 },
85: { { TWOFISH, AES, 0 }, { XTS, 0 }, 1 },
86: { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1 },
87: { { AES, SERPENT, 0 }, { XTS, 0 }, 1 },
88: { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 },
89: { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 },
90: { { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero
91:
92: #endif
93:
1.1.1.5 root 94: };
95:
1.1.1.13 root 96:
97:
1.1.1.9 root 98: // Hash algorithms
99: static Hash Hashes[] =
1.1.1.13 root 100: { // ID Name Deprecated System Encryption
101: { RIPEMD160, "RIPEMD-160", FALSE, TRUE },
102: #ifndef TC_WINDOWS_BOOT
103: { SHA512, "SHA-512", FALSE, FALSE },
104: { WHIRLPOOL, "Whirlpool", FALSE, FALSE },
105: { SHA1, "SHA-1", TRUE, FALSE }, // Deprecated/legacy
106: #endif
107: { 0, 0, 0 }
1.1.1.9 root 108: };
1.1.1.8 root 109:
1.1.1.7 root 110: /* Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) */
1.1.1.8 root 111: int CipherInit (int cipher, unsigned char *key, unsigned __int8 *ks)
1.1.1.5 root 112: {
1.1.1.10 root 113: int retVal = ERR_SUCCESS;
1.1.1.7 root 114:
1.1.1.5 root 115: switch (cipher)
116: {
117: case AES:
1.1.1.13 root 118: #ifndef TC_WINDOWS_BOOT
1.1.1.14! root 119: if (aes_encrypt_key256 (key, (aes_encrypt_ctx *) ks) != EXIT_SUCCESS)
1.1.1.7 root 120: return ERR_CIPHER_INIT_FAILURE;
121:
1.1.1.14! root 122: if (aes_decrypt_key256 (key, (aes_decrypt_ctx *) (ks + sizeof(aes_encrypt_ctx))) != EXIT_SUCCESS)
1.1.1.7 root 123: return ERR_CIPHER_INIT_FAILURE;
1.1.1.13 root 124: #else
125: if (aes_set_key (key, (length_type) CipherGetKeySize(AES), (aes_context *) ks) != 0)
126: return ERR_CIPHER_INIT_FAILURE;
127: #endif
128: break;
129:
130: case SERPENT:
131: serpent_set_key (key, CipherGetKeySize(SERPENT) * 8, ks);
132: break;
133:
134: case TWOFISH:
135: twofish_set_key ((TwofishInstance *)ks, (const u4byte *)key, CipherGetKeySize(TWOFISH) * 8);
136: break;
1.1.1.7 root 137:
1.1.1.13 root 138: #ifndef TC_WINDOWS_BOOT
139:
140: case BLOWFISH:
141: /* Deprecated/legacy */
142: BF_set_key ((BF_KEY *)ks, CipherGetKeySize(BLOWFISH), key);
1.1.1.5 root 143: break;
144:
1.1.1.7 root 145: case DES56:
1.1.1.12 root 146: /* Deprecated/legacy */
1.1.1.7 root 147: switch (des_key_sched ((des_cblock *) key, (struct des_ks_struct *) ks))
148: {
149: case -1:
150: return ERR_CIPHER_INIT_FAILURE;
151: case -2:
152: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
153: break;
154: }
1.1.1.5 root 155: break;
156:
157: case CAST:
1.1.1.12 root 158: /* Deprecated/legacy */
1.1.1.5 root 159: CAST_set_key((CAST_KEY *) ks, CipherGetKeySize(CAST), key);
160: break;
161:
162: case TRIPLEDES:
1.1.1.12 root 163: /* Deprecated/legacy */
1.1.1.7 root 164: switch (des_key_sched ((des_cblock *) key, (struct des_ks_struct *) ks))
165: {
166: case -1:
167: return ERR_CIPHER_INIT_FAILURE;
168: case -2:
169: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
170: break;
171: }
172: switch (des_key_sched ((des_cblock *) ((char*)(key)+8), (struct des_ks_struct *) (ks + CipherGetKeyScheduleSize (DES56))))
173: {
174: case -1:
175: return ERR_CIPHER_INIT_FAILURE;
176: case -2:
177: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
178: break;
179: }
180: switch (des_key_sched ((des_cblock *) ((char*)(key)+16), (struct des_ks_struct *) (ks + CipherGetKeyScheduleSize (DES56) * 2)))
181: {
182: case -1:
183: return ERR_CIPHER_INIT_FAILURE;
184: case -2:
185: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
186: break;
187: }
1.1.1.9 root 188:
189: // Verify whether all three DES keys are mutually different
1.1.1.10 root 190: if (((*((__int64 *) key) ^ *((__int64 *) key+1)) & 0xFEFEFEFEFEFEFEFEULL) == 0
191: || ((*((__int64 *) key+1) ^ *((__int64 *) key+2)) & 0xFEFEFEFEFEFEFEFEULL) == 0
192: || ((*((__int64 *) key) ^ *((__int64 *) key+2)) & 0xFEFEFEFEFEFEFEFEULL) == 0)
1.1.1.9 root 193: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
194:
1.1.1.5 root 195: break;
196:
1.1.1.13 root 197: #endif // TC_WINDOWS_BOOT
1.1.1.5 root 198:
1.1.1.13 root 199: default:
200: // Unknown/wrong cipher ID
201: return ERR_CIPHER_INIT_FAILURE;
1.1.1.5 root 202: }
1.1.1.13 root 203:
1.1.1.7 root 204: return retVal;
1.1.1.5 root 205: }
206:
207: void EncipherBlock(int cipher, void *data, void *ks)
208: {
209: switch (cipher)
210: {
211: case AES: aes_encrypt (data, data, ks); break;
1.1.1.13 root 212: case TWOFISH: twofish_encrypt (ks, data, data); break;
213: case SERPENT: serpent_encrypt (data, data, ks); break;
214: #ifndef TC_WINDOWS_BOOT
215: case BLOWFISH: BF_ecb_le_encrypt (data, data, ks, 1); break; // Deprecated/legacy
1.1.1.12 root 216: case DES56: des_encrypt (data, ks, 1); break; // Deprecated/legacy
217: case CAST: CAST_ecb_encrypt (data, data, ks, 1); break; // Deprecated/legacy
218: case TRIPLEDES: des_ecb3_encrypt (data, data, ks, // Deprecated/legacy
1.1.1.5 root 219: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56)), (void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 1); break;
1.1.1.13 root 220: #endif
221: default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
1.1.1.5 root 222: }
223: }
224:
225: void DecipherBlock(int cipher, void *data, void *ks)
226: {
227: switch (cipher)
228: {
1.1.1.13 root 229: case SERPENT: serpent_decrypt (data, data, ks); break;
230: case TWOFISH: twofish_decrypt (ks, data, data); break;
231: #ifndef TC_WINDOWS_BOOT
1.1.1.5 root 232: case AES: aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx))); break;
1.1.1.13 root 233: case BLOWFISH: BF_ecb_le_encrypt (data, data, ks, 0); break; // Deprecated/legacy
1.1.1.12 root 234: case DES56: des_encrypt (data, ks, 0); break; // Deprecated/legacy
235: case CAST: CAST_ecb_encrypt (data, data, ks,0); break; // Deprecated/legacy
236: case TRIPLEDES: des_ecb3_encrypt (data, data, ks, // Deprecated/legacy
1.1.1.5 root 237: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56)),
238: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 0); break;
1.1.1.13 root 239: #else
240: case AES: aes_decrypt (data, data, ks); break;
241: #endif
242: default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
1.1.1.5 root 243: }
244: }
245:
246: // Ciphers support
247:
248: Cipher *CipherGet (int id)
249: {
250: int i;
251: for (i = 0; Ciphers[i].Id != 0; i++)
252: if (Ciphers[i].Id == id)
253: return &Ciphers[i];
254:
1.1.1.13 root 255: return NULL;
1.1.1.5 root 256: }
257:
258: char *CipherGetName (int cipherId)
259: {
260: return CipherGet (cipherId) -> Name;
261: }
262:
263: int CipherGetBlockSize (int cipherId)
264: {
265: return CipherGet (cipherId) -> BlockSize;
266: }
267:
268: int CipherGetKeySize (int cipherId)
269: {
270: return CipherGet (cipherId) -> KeySize;
271: }
272:
273: int CipherGetKeyScheduleSize (int cipherId)
274: {
275: return CipherGet (cipherId) -> KeyScheduleSize;
276: }
277:
278:
279: // Encryption algorithms support
280:
281: int EAGetFirst ()
282: {
283: return 1;
284: }
285:
286: // Returns number of EAs
287: int EAGetCount (void)
288: {
289: int ea, count = 0;
290:
291: for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
292: {
293: count++;
294: }
295: return count;
296: }
297:
298: int EAGetNext (int previousEA)
299: {
300: int id = previousEA + 1;
301: if (EncryptionAlgorithms[id].Ciphers[0] != 0) return id;
302: return 0;
303: }
304:
1.1.1.8 root 305:
306: // Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal)
307: int EAInit (int ea, unsigned char *key, unsigned __int8 *ks)
1.1.1.5 root 308: {
1.1.1.10 root 309: int c, retVal = ERR_SUCCESS;
310:
311: if (ea == 0)
312: return ERR_CIPHER_INIT_FAILURE;
1.1.1.5 root 313:
314: for (c = EAGetFirstCipher (ea); c != 0; c = EAGetNextCipher (ea, c))
315: {
1.1.1.7 root 316: switch (CipherInit (c, key, ks))
317: {
318: case ERR_CIPHER_INIT_FAILURE:
319: return ERR_CIPHER_INIT_FAILURE;
320:
321: case ERR_CIPHER_INIT_WEAK_KEY:
322: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
323: break;
324: }
1.1.1.5 root 325:
326: key += CipherGetKeySize (c);
327: ks += CipherGetKeyScheduleSize (c);
328: }
1.1.1.7 root 329: return retVal;
1.1.1.5 root 330: }
331:
1.1.1.8 root 332:
1.1.1.14! root 333: #ifndef TC_WINDOWS_BOOT
! 334:
1.1.1.8 root 335: int EAInitMode (PCRYPTO_INFO ci)
336: {
337: switch (ci->mode)
338: {
1.1.1.13 root 339: case XTS:
340: // Secondary key schedule
341: if (EAInit (ci->ea, ci->k2, ci->ks2) != ERR_SUCCESS)
342: return FALSE;
343:
344: /* Note: XTS mode could potentially be initialized with a weak key causing all blocks in one data unit
345: on the volume to be tweaked with zero tweaks (i.e. 512 bytes of the volume would be encrypted in ECB
346: mode). However, to create a TrueCrypt volume with such a weak key, each human being on Earth would have
347: to create approximately 11,378,125,361,078,862 (about eleven quadrillion) TrueCrypt volumes (provided
348: that the size of each of the volumes is 1024 terabytes). */
349: break;
350:
1.1.1.8 root 351: case LRW:
352: switch (CipherGetBlockSize (EAGetFirstCipher (ci->ea)))
353: {
354: case 8:
1.1.1.12 root 355: /* Deprecated/legacy */
1.1.1.13 root 356: return Gf64TabInit (ci->k2, &ci->gf_ctx);
1.1.1.8 root 357:
358: case 16:
1.1.1.13 root 359: return Gf128Tab64Init (ci->k2, &ci->gf_ctx);
1.1.1.8 root 360:
361: default:
1.1.1.13 root 362: TC_THROW_FATAL_EXCEPTION;
1.1.1.8 root 363: }
364:
1.1.1.13 root 365: break;
366:
367: case CBC:
368: case INNER_CBC:
369: case OUTER_CBC:
370: // The mode does not need to be initialized or is initialized elsewhere
371: return TRUE;
372:
373: default:
374: // Unknown/wrong ID
375: TC_THROW_FATAL_EXCEPTION;
376: }
1.1.1.8 root 377: return TRUE;
378: }
379:
380:
1.1.1.5 root 381: // Returns name of EA, cascaded cipher names are separated by hyphens
382: char *EAGetName (char *buf, int ea)
383: {
384: int i = EAGetLastCipher(ea);
1.1.1.10 root 385: strcpy (buf, (i != 0) ? CipherGetName (i) : "?");
1.1.1.5 root 386:
387: while (i = EAGetPreviousCipher(ea, i))
388: {
389: strcat (buf, "-");
390: strcat (buf, CipherGetName (i));
391: }
392:
393: return buf;
394: }
395:
1.1.1.8 root 396:
397: int EAGetByName (char *name)
398: {
399: int ea = EAGetFirst ();
400: char n[128];
401:
402: do
403: {
404: EAGetName (n, ea);
405: if (strcmp (n, name) == 0)
406: return ea;
407: }
408: while (ea = EAGetNext (ea));
409:
410: return 0;
411: }
412:
1.1.1.13 root 413: #endif // TC_WINDOWS_BOOT
1.1.1.8 root 414:
1.1.1.13 root 415: // Returns sum of key sizes of all ciphers of the EA (in bytes)
1.1.1.5 root 416: int EAGetKeySize (int ea)
417: {
1.1.1.8 root 418: int i = EAGetFirstCipher (ea);
1.1.1.5 root 419: int size = CipherGetKeySize (i);
420:
1.1.1.8 root 421: while (i = EAGetNextCipher (ea, i))
1.1.1.5 root 422: {
423: size += CipherGetKeySize (i);
424: }
425:
426: return size;
427: }
428:
1.1.1.8 root 429:
430: // Returns the first mode of operation of EA
431: int EAGetFirstMode (int ea)
432: {
433: return (EncryptionAlgorithms[ea].Modes[0]);
434: }
435:
436:
437: int EAGetNextMode (int ea, int previousModeId)
1.1.1.5 root 438: {
1.1.1.8 root 439: int c, i = 0;
440: while (c = EncryptionAlgorithms[ea].Modes[i++])
441: {
442: if (c == previousModeId)
443: return EncryptionAlgorithms[ea].Modes[i];
444: }
445:
446: return 0;
1.1.1.5 root 447: }
448:
1.1.1.8 root 449:
1.1.1.13 root 450: #ifndef TC_WINDOWS_BOOT
451:
1.1.1.5 root 452: // Returns the name of the mode of operation of the whole EA
1.1.1.8 root 453: char *EAGetModeName (int ea, int mode, BOOL capitalLetters)
1.1.1.5 root 454: {
1.1.1.8 root 455: switch (mode)
1.1.1.5 root 456: {
1.1.1.13 root 457: case XTS:
458:
459: return "XTS";
460:
1.1.1.8 root 461: case LRW:
1.1.1.13 root 462:
463: /* Deprecated/legacy */
464:
1.1.1.8 root 465: return "LRW";
466:
1.1.1.5 root 467: case CBC:
1.1.1.7 root 468: {
1.1.1.8 root 469: /* Deprecated/legacy */
470:
1.1.1.7 root 471: char eaName[100];
472: EAGetName (eaName, ea);
1.1.1.5 root 473:
1.1.1.7 root 474: if (strcmp (eaName, "Triple DES") == 0)
475: return capitalLetters ? "Outer-CBC" : "outer-CBC";
1.1.1.5 root 476:
1.1.1.7 root 477: return "CBC";
478: }
1.1.1.5 root 479:
480: case OUTER_CBC:
1.1.1.8 root 481:
482: /* Deprecated/legacy */
483:
1.1.1.7 root 484: return capitalLetters ? "Outer-CBC" : "outer-CBC";
1.1.1.5 root 485:
486: case INNER_CBC:
1.1.1.8 root 487:
488: /* Deprecated/legacy */
489:
1.1.1.7 root 490: return capitalLetters ? "Inner-CBC" : "inner-CBC";
1.1.1.5 root 491:
492: }
1.1.1.7 root 493: return "[unknown]";
1.1.1.5 root 494: }
495:
1.1.1.13 root 496: #endif // TC_WINDOWS_BOOT
1.1.1.8 root 497:
1.1.1.13 root 498:
499: // Returns sum of key schedule sizes of all ciphers of the EA
1.1.1.5 root 500: int EAGetKeyScheduleSize (int ea)
501: {
502: int i = EAGetFirstCipher(ea);
503: int size = CipherGetKeyScheduleSize (i);
504:
505: while (i = EAGetNextCipher(ea, i))
506: {
507: size += CipherGetKeyScheduleSize (i);
508: }
509:
510: return size;
511: }
512:
1.1.1.8 root 513:
1.1.1.13 root 514: // Returns the largest key size needed by an EA for the specified mode of operation
515: int EAGetLargestKeyForMode (int mode)
516: {
517: int ea, key = 0;
518:
519: for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
520: {
521: if (!EAIsModeSupported (ea, mode))
522: continue;
523:
524: if (EAGetKeySize (ea) >= key)
525: key = EAGetKeySize (ea);
526: }
527: return key;
528: }
529:
530:
531: // Returns the largest key needed by any EA for any mode
1.1.1.5 root 532: int EAGetLargestKey ()
533: {
534: int ea, key = 0;
535:
1.1.1.13 root 536: for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
1.1.1.5 root 537: {
538: if (EAGetKeySize (ea) >= key)
539: key = EAGetKeySize (ea);
540: }
541:
542: return key;
543: }
544:
1.1.1.8 root 545:
1.1.1.5 root 546: // Returns number of ciphers in EA
547: int EAGetCipherCount (int ea)
548: {
549: int i = 0;
550: while (EncryptionAlgorithms[ea].Ciphers[i++]);
551:
552: return i - 1;
553: }
554:
555:
556: int EAGetFirstCipher (int ea)
557: {
558: return EncryptionAlgorithms[ea].Ciphers[0];
559: }
560:
1.1.1.8 root 561:
1.1.1.5 root 562: int EAGetLastCipher (int ea)
563: {
564: int c, i = 0;
565: while (c = EncryptionAlgorithms[ea].Ciphers[i++]);
566:
567: return EncryptionAlgorithms[ea].Ciphers[i - 2];
568: }
569:
1.1.1.8 root 570:
1.1.1.5 root 571: int EAGetNextCipher (int ea, int previousCipherId)
572: {
573: int c, i = 0;
574: while (c = EncryptionAlgorithms[ea].Ciphers[i++])
575: {
576: if (c == previousCipherId)
577: return EncryptionAlgorithms[ea].Ciphers[i];
578: }
579:
580: return 0;
581: }
582:
1.1.1.8 root 583:
1.1.1.5 root 584: int EAGetPreviousCipher (int ea, int previousCipherId)
585: {
586: int c, i = 0;
587:
588: if (EncryptionAlgorithms[ea].Ciphers[i++] == previousCipherId)
589: return 0;
590:
591: while (c = EncryptionAlgorithms[ea].Ciphers[i++])
592: {
593: if (c == previousCipherId)
594: return EncryptionAlgorithms[ea].Ciphers[i - 2];
595: }
596:
597: return 0;
598: }
599:
1.1.1.8 root 600:
1.1.1.11 root 601: int EAIsFormatEnabled (int ea)
602: {
603: return EncryptionAlgorithms[ea].FormatEnabled;
604: }
605:
606:
1.1.1.13 root 607: // Returns TRUE if the mode of operation is supported for the encryption algorithm
608: BOOL EAIsModeSupported (int ea, int testedMode)
609: {
610: int mode;
611:
612: for (mode = EAGetFirstMode (ea); mode != 0; mode = EAGetNextMode (ea, mode))
613: {
614: if (mode == testedMode)
615: return TRUE;
616: }
617: return FALSE;
618: }
619:
620:
1.1.1.9 root 621: Hash *HashGet (int id)
1.1.1.5 root 622: {
1.1.1.9 root 623: int i;
624: for (i = 0; Hashes[i].Id != 0; i++)
625: if (Hashes[i].Id == id)
626: return &Hashes[i];
627:
628: return 0;
629: }
630:
631:
632: int HashGetIdByName (char *name)
633: {
634: int i;
635: for (i = 0; Hashes[i].Id != 0; i++)
636: if (strcmp (Hashes[i].Name, name) == 0)
637: return Hashes[i].Id;
638:
639: return 0;
640: }
641:
642:
643: char *HashGetName (int hashId)
644: {
645: return HashGet (hashId) -> Name;
1.1.1.5 root 646: }
647:
1.1 root 648:
1.1.1.13 root 649: BOOL HashIsDeprecated (int hashId)
650: {
651: return HashGet (hashId) -> Deprecated;
652: }
653:
654:
1.1.1.14! root 655: #endif // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
! 656:
! 657:
1.1.1.13 root 658: #ifdef TC_WINDOWS_BOOT
659:
660: static byte CryptoInfoBufferInUse = 0;
661: CRYPTO_INFO CryptoInfoBuffer;
662:
663: #endif
664:
665: PCRYPTO_INFO crypto_open ()
1.1 root 666: {
1.1.1.13 root 667: #ifndef TC_WINDOWS_BOOT
668:
1.1 root 669: /* Do the crt allocation */
1.1.1.9 root 670: PCRYPTO_INFO cryptoInfo = (PCRYPTO_INFO) TCalloc (sizeof (CRYPTO_INFO));
671: memset (cryptoInfo, 0, sizeof (CRYPTO_INFO));
672:
1.1.1.2 root 673: #ifndef DEVICE_DRIVER
1.1.1.7 root 674: #ifdef _WIN32
1.1.1.2 root 675: VirtualLock (cryptoInfo, sizeof (CRYPTO_INFO));
676: #endif
1.1.1.7 root 677: #endif
1.1.1.2 root 678:
1.1 root 679: if (cryptoInfo == NULL)
680: return NULL;
681:
1.1.1.5 root 682: cryptoInfo->ea = -1;
1.1 root 683: return cryptoInfo;
1.1.1.13 root 684:
685: #else // TC_WINDOWS_BOOT
686:
687: #if 0
688: if (CryptoInfoBufferInUse)
689: TC_THROW_FATAL_EXCEPTION;
690: #endif
691: CryptoInfoBufferInUse = 1;
692: return &CryptoInfoBuffer;
693:
694: #endif // TC_WINDOWS_BOOT
1.1 root 695: }
696:
1.1.1.13 root 697: void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen)
1.1 root 698: {
699: keyInfo->keyLength = nUserKeyLen;
700: burn (keyInfo->userKey, sizeof (keyInfo->userKey));
701: memcpy (keyInfo->userKey, lpszUserKey, nUserKeyLen);
702: }
703:
1.1.1.13 root 704: void crypto_close (PCRYPTO_INFO cryptoInfo)
1.1 root 705: {
1.1.1.13 root 706: #ifndef TC_WINDOWS_BOOT
707:
1.1.1.7 root 708: if (cryptoInfo != NULL)
709: {
710: burn (cryptoInfo, sizeof (CRYPTO_INFO));
1.1.1.2 root 711: #ifndef DEVICE_DRIVER
1.1.1.7 root 712: #ifdef _WIN32
713: VirtualUnlock (cryptoInfo, sizeof (CRYPTO_INFO));
714: #endif
1.1.1.2 root 715: #endif
1.1.1.7 root 716: TCfree (cryptoInfo);
717: }
1.1.1.13 root 718:
719: #else // TC_WINDOWS_BOOT
720:
721: burn (&CryptoInfoBuffer, sizeof (CryptoInfoBuffer));
722: CryptoInfoBufferInUse = FALSE;
723:
724: #endif // TC_WINDOWS_BOOT
725: }
726:
727:
1.1.1.14! root 728: #ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
! 729:
! 730:
1.1.1.13 root 731: #ifndef TC_NO_COMPILER_INT64
732: void Xor128 (unsigned __int64 *a, unsigned __int64 *b)
733: {
734: *a++ ^= *b++;
735: *a ^= *b;
736: }
737:
738:
739: void Xor64 (unsigned __int64 *a, unsigned __int64 *b)
740: {
741: *a ^= *b;
1.1 root 742: }
1.1.1.9 root 743:
744:
1.1.1.13 root 745: void EncryptBufferLRW128 (unsigned __int8 *buffer, unsigned __int64 length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
1.1.1.9 root 746: {
1.1.1.13 root 747: /* Deprecated/legacy */
748:
749: int cipher = EAGetFirstCipher (cryptoInfo->ea);
750: int cipherCount = EAGetCipherCount (cryptoInfo->ea);
751: unsigned __int8 *p = buffer;
752: unsigned __int8 *ks = cryptoInfo->ks;
753: unsigned __int8 i[8];
754: unsigned __int8 t[16];
755: unsigned __int64 b;
1.1.1.9 root 756:
1.1.1.13 root 757: *(unsigned __int64 *)i = BE64(blockIndex);
758:
759: if (length % 16)
760: TC_THROW_FATAL_EXCEPTION;
761:
762: // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
1.1.1.9 root 763:
1.1.1.13 root 764: for (b = 0; b < length >> 4; b++)
1.1.1.9 root 765: {
1.1.1.13 root 766: Gf128MulBy64Tab (i, t, &cryptoInfo->gf_ctx);
767: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
768:
769: if (cipherCount > 1)
1.1.1.9 root 770: {
1.1.1.13 root 771: // Cipher cascade
772: for (cipher = EAGetFirstCipher (cryptoInfo->ea);
773: cipher != 0;
774: cipher = EAGetNextCipher (cryptoInfo->ea, cipher))
1.1.1.9 root 775: {
1.1.1.13 root 776: EncipherBlock (cipher, p, ks);
777: ks += CipherGetKeyScheduleSize (cipher);
1.1.1.9 root 778: }
1.1.1.13 root 779: ks = cryptoInfo->ks;
780: }
781: else
782: {
783: EncipherBlock (cipher, p, ks);
1.1.1.9 root 784: }
785:
1.1.1.13 root 786: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
1.1.1.9 root 787:
1.1.1.13 root 788: p += 16;
789:
790: if (i[7] != 0xff)
791: i[7]++;
792: else
793: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
794: }
795:
796: FAST_ERASE64 (t, sizeof(t));
1.1.1.9 root 797: }
798:
1.1 root 799:
1.1.1.13 root 800: void EncryptBufferLRW64 (unsigned __int8 *buffer, unsigned __int64 length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
1.1 root 801: {
1.1.1.13 root 802: /* Deprecated/legacy */
1.1.1.8 root 803:
1.1.1.13 root 804: int cipher = EAGetFirstCipher (cryptoInfo->ea);
805: unsigned __int8 *p = buffer;
806: unsigned __int8 *ks = cryptoInfo->ks;
807: unsigned __int8 i[8];
808: unsigned __int8 t[8];
809: unsigned __int64 b;
1.1.1.5 root 810:
1.1.1.13 root 811: *(unsigned __int64 *)i = BE64(blockIndex);
1.1.1.5 root 812:
1.1.1.13 root 813: if (length % 8)
814: TC_THROW_FATAL_EXCEPTION;
1.1.1.5 root 815:
1.1.1.13 root 816: for (b = 0; b < length >> 3; b++)
1.1.1.5 root 817: {
1.1.1.13 root 818: Gf64MulTab (i, t, &cryptoInfo->gf_ctx);
819: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
1.1.1.5 root 820:
1.1.1.13 root 821: EncipherBlock (cipher, p, ks);
1.1.1.5 root 822:
1.1.1.13 root 823: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
1.1.1.5 root 824:
1.1.1.13 root 825: p += 8;
1.1.1.5 root 826:
1.1.1.13 root 827: if (i[7] != 0xff)
828: i[7]++;
829: else
830: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
1.1 root 831: }
832:
1.1.1.13 root 833: FAST_ERASE64 (t, sizeof(t));
834: }
1.1.1.5 root 835:
836:
1.1.1.13 root 837: void DecryptBufferLRW128 (unsigned __int8 *buffer, unsigned __int64 length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
1.1 root 838: {
1.1.1.13 root 839: /* Deprecated/legacy */
1.1.1.8 root 840:
1.1.1.13 root 841: int cipher = EAGetFirstCipher (cryptoInfo->ea);
842: int cipherCount = EAGetCipherCount (cryptoInfo->ea);
843: unsigned __int8 *p = buffer;
844: unsigned __int8 *ks = cryptoInfo->ks;
845: unsigned __int8 i[8];
846: unsigned __int8 t[16];
847: unsigned __int64 b;
1.1.1.5 root 848:
1.1.1.13 root 849: *(unsigned __int64 *)i = BE64(blockIndex);
850:
851: if (length % 16)
852: TC_THROW_FATAL_EXCEPTION;
853:
854: // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
855:
856: for (b = 0; b < length >> 4; b++)
857: {
858: Gf128MulBy64Tab (i, t, &cryptoInfo->gf_ctx);
859: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
860:
861: if (cipherCount > 1)
862: {
863: // Cipher cascade
864: ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea);
865:
866: for (cipher = EAGetLastCipher (cryptoInfo->ea);
867: cipher != 0;
868: cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher))
869: {
870: ks -= CipherGetKeyScheduleSize (cipher);
871: DecipherBlock (cipher, p, ks);
872: }
873: }
874: else
875: {
876: DecipherBlock (cipher, p, ks);
877: }
878:
879: Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
880:
881: p += 16;
882:
883: if (i[7] != 0xff)
884: i[7]++;
885: else
886: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
887: }
888:
889: FAST_ERASE64 (t, sizeof(t));
890: }
891:
892:
893:
894: void DecryptBufferLRW64 (unsigned __int8 *buffer, unsigned __int64 length, unsigned __int64 blockIndex, PCRYPTO_INFO cryptoInfo)
895: {
896: /* Deprecated/legacy */
897:
898: int cipher = EAGetFirstCipher (cryptoInfo->ea);
899: unsigned __int8 *p = buffer;
900: unsigned __int8 *ks = cryptoInfo->ks;
901: unsigned __int8 i[8];
902: unsigned __int8 t[8];
903: unsigned __int64 b;
904:
905: *(unsigned __int64 *)i = BE64(blockIndex);
906:
907: if (length % 8)
908: TC_THROW_FATAL_EXCEPTION;
909:
910: for (b = 0; b < length >> 3; b++)
911: {
912: Gf64MulTab (i, t, &cryptoInfo->gf_ctx);
913: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
914:
915: DecipherBlock (cipher, p, ks);
916:
917: Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
918:
919: p += 8;
920:
921: if (i[7] != 0xff)
922: i[7]++;
923: else
924: *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
925: }
926:
927: FAST_ERASE64 (t, sizeof(t));
928: }
929:
930:
931: // Initializes IV and whitening values for sector encryption/decryption in CBC mode.
932: // IMPORTANT: This function has been deprecated (legacy).
933: static void
934: InitSectorIVAndWhitening (unsigned __int64 unitNo,
935: int blockSize,
936: unsigned __int32 *iv,
937: unsigned __int64 *ivSeed,
938: unsigned __int32 *whitening)
939: {
940:
941: /* IMPORTANT: This function has been deprecated (legacy) */
942:
943: unsigned __int64 iv64[4];
944: unsigned __int32 *iv32 = (unsigned __int32 *) iv64;
945:
946: iv64[0] = ivSeed[0] ^ LE64(unitNo);
947: iv64[1] = ivSeed[1] ^ LE64(unitNo);
948: iv64[2] = ivSeed[2] ^ LE64(unitNo);
949: if (blockSize == 16)
950: {
951: iv64[3] = ivSeed[3] ^ LE64(unitNo);
952: }
953:
954: iv[0] = iv32[0];
955: iv[1] = iv32[1];
956:
957: switch (blockSize)
958: {
959: case 16:
960:
961: // 128-bit block
962:
963: iv[2] = iv32[2];
964: iv[3] = iv32[3];
965:
966: whitening[0] = LE32( crc32int ( &iv32[4] ) ^ crc32int ( &iv32[7] ) );
967: whitening[1] = LE32( crc32int ( &iv32[5] ) ^ crc32int ( &iv32[6] ) );
968: break;
969:
970: case 8:
971:
972: // 64-bit block
973:
974: whitening[0] = LE32( crc32int ( &iv32[2] ) ^ crc32int ( &iv32[5] ) );
975: whitening[1] = LE32( crc32int ( &iv32[3] ) ^ crc32int ( &iv32[4] ) );
976: break;
977:
978: default:
979: TC_THROW_FATAL_EXCEPTION;
980: }
981: }
982:
983:
984: // EncryptBufferCBC (deprecated/legacy)
985: //
986: // data: data to be encrypted
987: // len: number of bytes to encrypt (must be divisible by the largest cipher block size)
988: // ks: scheduled key
989: // iv: IV
990: // whitening: whitening constants
991: // ea: outer-CBC cascade ID (0 = CBC/inner-CBC)
992: // cipher: CBC/inner-CBC cipher ID (0 = outer-CBC)
993:
994: static void
995: EncryptBufferCBC (unsigned __int32 *data,
996: unsigned int len,
997: unsigned __int8 *ks,
998: unsigned __int32 *iv,
999: unsigned __int32 *whitening,
1000: int ea,
1001: int cipher)
1002: {
1003: /* IMPORTANT: This function has been deprecated (legacy) */
1004:
1005: unsigned __int32 bufIV[4];
1006: unsigned __int64 i;
1007: int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
1008:
1009: if (len % blockSize)
1010: TC_THROW_FATAL_EXCEPTION;
1011:
1012: // IV
1013: bufIV[0] = iv[0];
1014: bufIV[1] = iv[1];
1015: if (blockSize == 16)
1016: {
1017: bufIV[2] = iv[2];
1.1.1.5 root 1018: bufIV[3] = iv[3];
1019: }
1020:
1021: // Encrypt each block
1022: for (i = 0; i < len/blockSize; i++)
1023: {
1024: // CBC
1025: data[0] ^= bufIV[0];
1026: data[1] ^= bufIV[1];
1027: if (blockSize == 16)
1028: {
1029: data[2] ^= bufIV[2];
1030: data[3] ^= bufIV[3];
1031: }
1032:
1033: if (ea != 0)
1034: {
1035: // Outer-CBC
1036: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
1037: {
1038: EncipherBlock (cipher, data, ks);
1039: ks += CipherGetKeyScheduleSize (cipher);
1040: }
1041: ks -= EAGetKeyScheduleSize (ea);
1042: }
1043: else
1044: {
1045: // CBC/inner-CBC
1046: EncipherBlock (cipher, data, ks);
1047: }
1048:
1049: // CBC
1050: bufIV[0] = data[0];
1051: bufIV[1] = data[1];
1052: if (blockSize == 16)
1053: {
1054: bufIV[2] = data[2];
1055: bufIV[3] = data[3];
1056: }
1057:
1058: // Whitening
1059: data[0] ^= whitening[0];
1060: data[1] ^= whitening[1];
1061: if (blockSize == 16)
1062: {
1063: data[2] ^= whitening[0];
1064: data[3] ^= whitening[1];
1065: }
1066:
1.1.1.7 root 1067: data += blockSize / sizeof(*data);
1.1.1.5 root 1068: }
1.1 root 1069: }
1070:
1.1.1.5 root 1071:
1.1.1.8 root 1072: // DecryptBufferCBC (deprecated/legacy)
1.1.1.5 root 1073: //
1074: // data: data to be decrypted
1075: // len: number of bytes to decrypt (must be divisible by the largest cipher block size)
1076: // ks: scheduled key
1077: // iv: IV
1078: // whitening: whitening constants
1079: // ea: outer-CBC cascade ID (0 = CBC/inner-CBC)
1080: // cipher: CBC/inner-CBC cipher ID (0 = outer-CBC)
1081:
1082: static void
1.1.1.7 root 1083: DecryptBufferCBC (unsigned __int32 *data,
1084: unsigned int len,
1.1.1.8 root 1085: unsigned __int8 *ks,
1.1.1.7 root 1086: unsigned __int32 *iv,
1087: unsigned __int32 *whitening,
1.1.1.5 root 1088: int ea,
1089: int cipher)
1.1 root 1090: {
1.1.1.8 root 1091:
1092: /* IMPORTANT: This function has been deprecated (legacy) */
1093:
1.1.1.7 root 1094: unsigned __int32 bufIV[4];
1.1.1.5 root 1095: unsigned __int64 i;
1.1.1.7 root 1096: unsigned __int32 ct[4];
1.1.1.5 root 1097: int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
1098:
1.1.1.13 root 1099: if (len % blockSize)
1100: TC_THROW_FATAL_EXCEPTION;
1101:
1.1.1.5 root 1102: // IV
1103: bufIV[0] = iv[0];
1104: bufIV[1] = iv[1];
1105: if (blockSize == 16)
1.1 root 1106: {
1.1.1.5 root 1107: bufIV[2] = iv[2];
1108: bufIV[3] = iv[3];
1109: }
1110:
1111: // Decrypt each block
1112: for (i = 0; i < len/blockSize; i++)
1113: {
1114: // Dewhitening
1115: data[0] ^= whitening[0];
1116: data[1] ^= whitening[1];
1117: if (blockSize == 16)
1118: {
1119: data[2] ^= whitening[0];
1120: data[3] ^= whitening[1];
1121: }
1122:
1123: // CBC
1124: ct[0] = data[0];
1125: ct[1] = data[1];
1126: if (blockSize == 16)
1127: {
1128: ct[2] = data[2];
1129: ct[3] = data[3];
1130: }
1131:
1132: if (ea != 0)
1133: {
1134: // Outer-CBC
1135: ks += EAGetKeyScheduleSize (ea);
1136: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
1137: {
1138: ks -= CipherGetKeyScheduleSize (cipher);
1139: DecipherBlock (cipher, data, ks);
1140: }
1141: }
1142: else
1143: {
1144: // CBC/inner-CBC
1145: DecipherBlock (cipher, data, ks);
1146: }
1147:
1148: // CBC
1149: data[0] ^= bufIV[0];
1150: data[1] ^= bufIV[1];
1151: bufIV[0] = ct[0];
1152: bufIV[1] = ct[1];
1153: if (blockSize == 16)
1154: {
1155: data[2] ^= bufIV[2];
1156: data[3] ^= bufIV[3];
1157: bufIV[2] = ct[2];
1158: bufIV[3] = ct[3];
1159: }
1160:
1.1.1.7 root 1161: data += blockSize / sizeof(*data);
1.1 root 1162: }
1163: }
1.1.1.13 root 1164: #endif // #ifndef TC_NO_COMPILER_INT64
1.1.1.5 root 1165:
1166:
1.1.1.13 root 1167: // EncryptBuffer
1168: //
1169: // buf: data to be encrypted
1170: // len: number of bytes to encrypt; must be divisible by the block size (for cascaded
1171: // ciphers divisible by the largest block size used within the cascade)
1172: void EncryptBuffer (unsigned __int8 *buf,
1173: TC_LARGEST_COMPILER_UINT len,
1174: PCRYPTO_INFO cryptoInfo)
1.1.1.8 root 1175: {
1.1.1.13 root 1176: switch (cryptoInfo->mode)
1.1.1.8 root 1177: {
1.1.1.13 root 1178: case XTS:
1.1.1.8 root 1179: {
1.1.1.13 root 1180: unsigned __int8 *ks = cryptoInfo->ks;
1181: unsigned __int8 *ks2 = cryptoInfo->ks2;
1182: UINT64_STRUCT dataUnitNo;
1183: int cipher;
1184:
1185: // When encrypting/decrypting a buffer (typically a volume header) the sequential number
1186: // of the first XTS data unit in the buffer is always 0 and the start of the buffer is
1187: // always considered aligned with the start of a data unit.
1188: dataUnitNo.LowPart = 0;
1189: dataUnitNo.HighPart = 0;
1190:
1.1.1.8 root 1191: for (cipher = EAGetFirstCipher (cryptoInfo->ea);
1192: cipher != 0;
1193: cipher = EAGetNextCipher (cryptoInfo->ea, cipher))
1194: {
1.1.1.13 root 1195: EncryptBufferXTS (buf, len, &dataUnitNo, 0, ks, ks2, cipher);
1.1.1.8 root 1196:
1.1.1.13 root 1197: ks += CipherGetKeyScheduleSize (cipher);
1198: ks2 += CipherGetKeyScheduleSize (cipher);
1.1.1.8 root 1199: }
1200: }
1.1.1.13 root 1201: break;
1.1.1.8 root 1202:
1.1.1.13 root 1203: #ifndef TC_NO_COMPILER_INT64
1204: case LRW:
1.1.1.5 root 1205:
1.1.1.13 root 1206: /* Deprecated/legacy */
1.1.1.5 root 1207:
1.1.1.8 root 1208: switch (CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)))
1209: {
1210: case 8:
1.1.1.13 root 1211: EncryptBufferLRW64 ((unsigned __int8 *)buf, (unsigned __int64) len, 1, cryptoInfo);
1.1.1.8 root 1212: break;
1213:
1214: case 16:
1.1.1.13 root 1215: EncryptBufferLRW128 ((unsigned __int8 *)buf, (unsigned __int64) len, 1, cryptoInfo);
1.1.1.8 root 1216: break;
1.1.1.13 root 1217:
1218: default:
1219: TC_THROW_FATAL_EXCEPTION;
1.1.1.8 root 1220: }
1221: break;
1222:
1.1.1.5 root 1223: case CBC:
1224: case INNER_CBC:
1225: {
1.1.1.8 root 1226: /* Deprecated/legacy */
1.1.1.5 root 1227:
1.1.1.8 root 1228: unsigned __int8 *ks = cryptoInfo->ks;
1229: int cipher;
1.1.1.13 root 1230:
1.1.1.8 root 1231: for (cipher = EAGetFirstCipher (cryptoInfo->ea);
1232: cipher != 0;
1233: cipher = EAGetNextCipher (cryptoInfo->ea, cipher))
1234: {
1.1.1.13 root 1235: EncryptBufferCBC ((unsigned __int32 *) buf,
1.1.1.8 root 1236: (unsigned int) len,
1237: ks,
1.1.1.13 root 1238: (unsigned __int32 *) cryptoInfo->k2,
1239: (unsigned __int32 *) &cryptoInfo->k2[8],
1.1.1.8 root 1240: 0,
1241: cipher);
1.1.1.5 root 1242:
1.1.1.8 root 1243: ks += CipherGetKeyScheduleSize (cipher);
1244: }
1245: }
1.1.1.5 root 1246: break;
1247:
1248: case OUTER_CBC:
1249:
1.1.1.8 root 1250: /* Deprecated/legacy */
1251:
1.1.1.13 root 1252: EncryptBufferCBC ((unsigned __int32 *) buf,
1.1.1.7 root 1253: (unsigned int) len,
1.1.1.8 root 1254: cryptoInfo->ks,
1.1.1.13 root 1255: (unsigned __int32 *) cryptoInfo->k2,
1256: (unsigned __int32 *) &cryptoInfo->k2[8],
1.1.1.8 root 1257: cryptoInfo->ea,
1.1.1.5 root 1258: 0);
1259:
1260: break;
1.1.1.13 root 1261: #endif // #ifndef TC_NO_COMPILER_INT64
1262:
1263: default:
1264: // Unknown/wrong ID
1265: TC_THROW_FATAL_EXCEPTION;
1.1.1.5 root 1266: }
1267: }
1268:
1.1.1.13 root 1269: #ifndef TC_NO_COMPILER_INT64
1270: // Converts a data unit number to the index of the first LRW block in the data unit.
1.1.1.8 root 1271: // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
1.1.1.13 root 1272: unsigned __int64 DataUnit2LRWIndex (unsigned __int64 dataUnit, int blockSize, PCRYPTO_INFO ci)
1.1.1.8 root 1273: {
1.1.1.13 root 1274: /* Deprecated/legacy */
1275:
1.1.1.8 root 1276: if (ci->hiddenVolume)
1.1.1.13 root 1277: dataUnit -= ci->hiddenVolumeOffset / ENCRYPTION_DATA_UNIT_SIZE;
1.1.1.8 root 1278: else
1.1.1.13 root 1279: dataUnit -= HEADER_SIZE / ENCRYPTION_DATA_UNIT_SIZE; // Compensate for the volume header size
1.1.1.8 root 1280:
1281: switch (blockSize)
1282: {
1283: case 8:
1.1.1.13 root 1284: return (dataUnit << 6) | 1;
1.1.1.8 root 1285:
1286: case 16:
1.1.1.13 root 1287: return (dataUnit << 5) | 1;
1288:
1289: default:
1290: TC_THROW_FATAL_EXCEPTION;
1.1.1.8 root 1291: }
1292:
1293: return 0;
1294: }
1.1.1.13 root 1295: #endif // #ifndef TC_NO_COMPILER_INT64
1.1.1.8 root 1296:
1297:
1.1.1.5 root 1298: // buf: data to be encrypted
1.1.1.13 root 1299: // unitNo: sequential number of the data unit with which the buffer starts
1300: // nbrUnits: number of data units in the buffer
1301: void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci)
1.1.1.8 root 1302: {
1303: int ea = ci->ea;
1304: unsigned __int8 *ks = ci->ks;
1.1.1.13 root 1305: unsigned __int8 *ks2 = ci->ks2;
1.1.1.5 root 1306: int cipher;
1307:
1.1.1.13 root 1308: #ifndef TC_NO_COMPILER_INT64
1309: void *iv = ci->k2; // Deprecated/legacy
1310: unsigned __int64 unitNo = structUnitNo->Value;
1311: unsigned __int64 *iv64 = (unsigned __int64 *) iv; // Deprecated/legacy
1312: unsigned __int32 sectorIV[4]; // Deprecated/legacy
1313: unsigned __int32 secWhitening[2]; // Deprecated/legacy
1314: #endif
1315:
1.1.1.8 root 1316: switch (ci->mode)
1.1.1.5 root 1317: {
1.1.1.13 root 1318: case XTS:
1319: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
1320: {
1321: EncryptBufferXTS (buf,
1322: nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
1323: structUnitNo,
1324: 0,
1325: ks,
1326: ks2,
1327: cipher);
1328:
1329: ks += CipherGetKeyScheduleSize (cipher);
1330: ks2 += CipherGetKeyScheduleSize (cipher);
1331: }
1332: break;
1333:
1334: #ifndef TC_NO_COMPILER_INT64
1.1.1.8 root 1335: case LRW:
1.1.1.13 root 1336:
1337: /* Deprecated/legacy */
1338:
1339: switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
1.1.1.8 root 1340: {
1.1.1.13 root 1341: case 8:
1342: EncryptBufferLRW64 (buf,
1343: (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
1344: DataUnit2LRWIndex (unitNo, 8, ci),
1345: ci);
1346: break;
1347:
1348: case 16:
1349: EncryptBufferLRW128 (buf,
1350: (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
1351: DataUnit2LRWIndex (unitNo, 16, ci),
1352: ci);
1353: break;
1354:
1355: default:
1356: TC_THROW_FATAL_EXCEPTION;
1.1.1.8 root 1357: }
1358: break;
1359:
1.1.1.5 root 1360: case CBC:
1361: case INNER_CBC:
1362:
1.1.1.8 root 1363: /* Deprecated/legacy */
1364:
1.1.1.13 root 1365: while (nbrUnits--)
1.1.1.5 root 1366: {
1367: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
1368: {
1.1.1.13 root 1369: InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
1.1.1.5 root 1370:
1.1.1.13 root 1371: EncryptBufferCBC ((unsigned __int32 *) buf,
1372: ENCRYPTION_DATA_UNIT_SIZE,
1.1.1.5 root 1373: ks,
1374: sectorIV,
1375: secWhitening,
1376: 0,
1377: cipher);
1378:
1379: ks += CipherGetKeyScheduleSize (cipher);
1380: }
1381: ks -= EAGetKeyScheduleSize (ea);
1.1.1.13 root 1382: buf += ENCRYPTION_DATA_UNIT_SIZE;
1383: unitNo++;
1.1.1.5 root 1384: }
1385: break;
1386:
1387: case OUTER_CBC:
1388:
1.1.1.8 root 1389: /* Deprecated/legacy */
1390:
1.1.1.13 root 1391: while (nbrUnits--)
1.1.1.5 root 1392: {
1.1.1.13 root 1393: InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
1.1.1.5 root 1394:
1.1.1.13 root 1395: EncryptBufferCBC ((unsigned __int32 *) buf,
1396: ENCRYPTION_DATA_UNIT_SIZE,
1.1.1.5 root 1397: ks,
1398: sectorIV,
1399: secWhitening,
1400: ea,
1401: 0);
1402:
1.1.1.13 root 1403: buf += ENCRYPTION_DATA_UNIT_SIZE;
1404: unitNo++;
1.1.1.5 root 1405: }
1406: break;
1.1.1.13 root 1407: #endif // #ifndef TC_NO_COMPILER_INT64
1408:
1409: default:
1410: // Unknown/wrong ID
1411: TC_THROW_FATAL_EXCEPTION;
1.1.1.5 root 1412: }
1413: }
1414:
1415: // DecryptBuffer
1416: //
1417: // buf: data to be decrypted
1418: // len: number of bytes to decrypt; must be divisible by the block size (for cascaded
1419: // ciphers divisible by the largest block size used within the cascade)
1.1.1.13 root 1420: void DecryptBuffer (unsigned __int8 *buf,
1421: TC_LARGEST_COMPILER_UINT len,
1.1.1.8 root 1422: PCRYPTO_INFO cryptoInfo)
1.1.1.5 root 1423: {
1.1.1.8 root 1424: switch (cryptoInfo->mode)
1.1.1.5 root 1425: {
1.1.1.13 root 1426: case XTS:
1427: {
1428: unsigned __int8 *ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea);
1429: unsigned __int8 *ks2 = cryptoInfo->ks2 + EAGetKeyScheduleSize (cryptoInfo->ea);
1430: UINT64_STRUCT dataUnitNo;
1431: int cipher;
1432:
1433: // When encrypting/decrypting a buffer (typically a volume header) the sequential number
1434: // of the first XTS data unit in the buffer is always 0 and the start of the buffer is
1435: // always considered aligned with the start of the data unit 0.
1436: dataUnitNo.LowPart = 0;
1437: dataUnitNo.HighPart = 0;
1438:
1439: for (cipher = EAGetLastCipher (cryptoInfo->ea);
1440: cipher != 0;
1441: cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher))
1442: {
1443: ks -= CipherGetKeyScheduleSize (cipher);
1444: ks2 -= CipherGetKeyScheduleSize (cipher);
1445:
1446: DecryptBufferXTS (buf, len, &dataUnitNo, 0, ks, ks2, cipher);
1447: }
1448: }
1449: break;
1450:
1451: #ifndef TC_NO_COMPILER_INT64
1.1.1.8 root 1452: case LRW:
1.1.1.13 root 1453:
1454: /* Deprecated/legacy */
1455:
1.1.1.8 root 1456: switch (CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)))
1457: {
1458: case 8:
1.1.1.13 root 1459: DecryptBufferLRW64 (buf, (unsigned __int64) len, 1, cryptoInfo);
1.1.1.8 root 1460: break;
1461:
1462: case 16:
1.1.1.13 root 1463: DecryptBufferLRW128 (buf, (unsigned __int64) len, 1, cryptoInfo);
1.1.1.8 root 1464: break;
1.1.1.13 root 1465:
1466: default:
1467: TC_THROW_FATAL_EXCEPTION;
1.1.1.8 root 1468: }
1469: break;
1470:
1.1.1.5 root 1471: case CBC:
1472: case INNER_CBC:
1473: {
1.1.1.8 root 1474: /* Deprecated/legacy */
1475:
1476: unsigned __int8 *ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea);
1477: int cipher;
1478: for (cipher = EAGetLastCipher (cryptoInfo->ea);
1479: cipher != 0;
1480: cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher))
1481: {
1482: ks -= CipherGetKeyScheduleSize (cipher);
1483:
1.1.1.13 root 1484: DecryptBufferCBC ((unsigned __int32 *) buf,
1.1.1.8 root 1485: (unsigned int) len,
1486: ks,
1.1.1.13 root 1487: (unsigned __int32 *) cryptoInfo->k2,
1488: (unsigned __int32 *) &cryptoInfo->k2[8],
1.1.1.8 root 1489: 0,
1490: cipher);
1491: }
1.1.1.5 root 1492: }
1493: break;
1494:
1495: case OUTER_CBC:
1496:
1.1.1.8 root 1497: /* Deprecated/legacy */
1498:
1.1.1.13 root 1499: DecryptBufferCBC ((unsigned __int32 *) buf,
1.1.1.7 root 1500: (unsigned int) len,
1.1.1.8 root 1501: cryptoInfo->ks,
1.1.1.13 root 1502: (unsigned __int32 *) cryptoInfo->k2,
1503: (unsigned __int32 *) &cryptoInfo->k2[8],
1.1.1.8 root 1504: cryptoInfo->ea,
1.1.1.5 root 1505: 0);
1506:
1507: break;
1.1.1.13 root 1508: #endif // #ifndef TC_NO_COMPILER_INT64
1509:
1510: default:
1511: // Unknown/wrong ID
1512: TC_THROW_FATAL_EXCEPTION;
1.1.1.5 root 1513: }
1514: }
1515:
1516: // buf: data to be decrypted
1.1.1.13 root 1517: // unitNo: sequential number of the data unit with which the buffer starts
1518: // nbrUnits: number of data units in the buffer
1519: void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci)
1.1.1.8 root 1520: {
1521: int ea = ci->ea;
1522: unsigned __int8 *ks = ci->ks;
1.1.1.13 root 1523: unsigned __int8 *ks2 = ci->ks2;
1.1.1.5 root 1524: int cipher;
1525:
1.1.1.13 root 1526: #ifndef TC_NO_COMPILER_INT64
1527: void *iv = ci->k2; // Deprecated/legacy
1528: unsigned __int64 unitNo = structUnitNo->Value;
1529: unsigned __int64 *iv64 = (unsigned __int64 *) iv; // Deprecated/legacy
1530: unsigned __int32 sectorIV[4]; // Deprecated/legacy
1531: unsigned __int32 secWhitening[2]; // Deprecated/legacy
1532: #endif // #ifndef TC_NO_COMPILER_INT64
1533:
1534:
1.1.1.8 root 1535: switch (ci->mode)
1.1.1.5 root 1536: {
1.1.1.13 root 1537: case XTS:
1538: ks += EAGetKeyScheduleSize (ea);
1539: ks2 += EAGetKeyScheduleSize (ea);
1540:
1541: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
1542: {
1543: ks -= CipherGetKeyScheduleSize (cipher);
1544: ks2 -= CipherGetKeyScheduleSize (cipher);
1545:
1546: DecryptBufferXTS (buf,
1547: nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
1548: structUnitNo,
1549: 0,
1550: ks,
1551: ks2,
1552: cipher);
1553: }
1554: break;
1555:
1556: #ifndef TC_NO_COMPILER_INT64
1.1.1.8 root 1557: case LRW:
1.1.1.13 root 1558:
1559: /* Deprecated/legacy */
1560:
1561: switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
1.1.1.8 root 1562: {
1.1.1.13 root 1563: case 8:
1564: DecryptBufferLRW64 (buf,
1565: (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
1566: DataUnit2LRWIndex (unitNo, 8, ci),
1567: ci);
1568: break;
1569:
1570: case 16:
1571: DecryptBufferLRW128 (buf,
1572: (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
1573: DataUnit2LRWIndex (unitNo, 16, ci),
1574: ci);
1575: break;
1576:
1577: default:
1578: TC_THROW_FATAL_EXCEPTION;
1.1.1.8 root 1579: }
1580: break;
1581:
1.1.1.5 root 1582: case CBC:
1583: case INNER_CBC:
1584:
1.1.1.8 root 1585: /* Deprecated/legacy */
1586:
1.1.1.13 root 1587: while (nbrUnits--)
1.1.1.5 root 1588: {
1589: ks += EAGetKeyScheduleSize (ea);
1590: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
1591: {
1.1.1.13 root 1592: InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
1.1.1.5 root 1593:
1594: ks -= CipherGetKeyScheduleSize (cipher);
1595:
1.1.1.13 root 1596: DecryptBufferCBC ((unsigned __int32 *) buf,
1597: ENCRYPTION_DATA_UNIT_SIZE,
1.1.1.5 root 1598: ks,
1599: sectorIV,
1600: secWhitening,
1601: 0,
1602: cipher);
1603: }
1.1.1.13 root 1604: buf += ENCRYPTION_DATA_UNIT_SIZE;
1605: unitNo++;
1.1.1.5 root 1606: }
1607: break;
1608:
1609: case OUTER_CBC:
1610:
1.1.1.8 root 1611: /* Deprecated/legacy */
1612:
1.1.1.13 root 1613: while (nbrUnits--)
1.1.1.5 root 1614: {
1.1.1.13 root 1615: InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
1.1.1.5 root 1616:
1.1.1.13 root 1617: DecryptBufferCBC ((unsigned __int32 *) buf,
1618: ENCRYPTION_DATA_UNIT_SIZE,
1.1.1.5 root 1619: ks,
1620: sectorIV,
1621: secWhitening,
1622: ea,
1623: 0);
1624:
1.1.1.13 root 1625: buf += ENCRYPTION_DATA_UNIT_SIZE;
1626: unitNo++;
1.1.1.5 root 1627: }
1628: break;
1.1.1.13 root 1629: #endif // #ifndef TC_NO_COMPILER_INT64
1630:
1631: default:
1632: // Unknown/wrong ID
1633: TC_THROW_FATAL_EXCEPTION;
1.1.1.5 root 1634: }
1635: }
1636:
1.1.1.13 root 1637:
1638: // Returns the maximum number of bytes necessary to be generated by the PBKDF2 (PKCS #5)
1639: int GetMaxPkcs5OutSize (void)
1640: {
1641: int size = 32;
1642:
1643: #ifndef max
1644: #define max(a,b) (((a) > (b)) ? (a) : (b))
1645: #endif
1646:
1647: size = max (size, EAGetLargestKeyForMode (XTS) * 2); // Sizes of primary + secondary keys
1648:
1649: #ifndef TC_WINDOWS_BOOT
1650: size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (LRW)); // Deprecated/legacy
1651: size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (CBC)); // Deprecated/legacy
1652: size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (OUTER_CBC)); // Deprecated/legacy
1653: size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (INNER_CBC)); // Deprecated/legacy
1654: #endif
1655:
1656: return size;
1657: }
1.1.1.14! root 1658:
! 1659:
! 1660: #else // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
! 1661:
! 1662:
! 1663: #if !defined (TC_WINDOWS_BOOT_AES) && !defined (TC_WINDOWS_BOOT_SERPENT) && !defined (TC_WINDOWS_BOOT_TWOFISH)
! 1664: #error No cipher defined
! 1665: #endif
! 1666:
! 1667: void EncipherBlock(int cipher, void *data, void *ks)
! 1668: {
! 1669: #ifdef TC_WINDOWS_BOOT_AES
! 1670: aes_encrypt (data, data, ks);
! 1671: #elif defined (TC_WINDOWS_BOOT_SERPENT)
! 1672: serpent_encrypt (data, data, ks);
! 1673: #elif defined (TC_WINDOWS_BOOT_TWOFISH)
! 1674: twofish_encrypt (ks, data, data);
! 1675: #endif
! 1676: }
! 1677:
! 1678: void DecipherBlock(int cipher, void *data, void *ks)
! 1679: {
! 1680: #ifdef TC_WINDOWS_BOOT_AES
! 1681: aes_decrypt (data, data, (aes_decrypt_ctx *) ((byte *) ks + sizeof(aes_encrypt_ctx)));
! 1682: #elif defined (TC_WINDOWS_BOOT_SERPENT)
! 1683: serpent_decrypt (data, data, ks);
! 1684: #elif defined (TC_WINDOWS_BOOT_TWOFISH)
! 1685: twofish_decrypt (ks, data, data);
! 1686: #endif
! 1687: }
! 1688:
! 1689: int EAGetFirst ()
! 1690: {
! 1691: return 1;
! 1692: }
! 1693:
! 1694: int EAGetNext (int previousEA)
! 1695: {
! 1696: return 0;
! 1697: }
! 1698:
! 1699: int EAInit (int ea, unsigned char *key, unsigned __int8 *ks)
! 1700: {
! 1701: #ifdef TC_WINDOWS_BOOT_AES
! 1702:
! 1703: aes_init();
! 1704:
! 1705: if (aes_encrypt_key256 (key, (aes_encrypt_ctx *) ks) != EXIT_SUCCESS)
! 1706: return ERR_CIPHER_INIT_FAILURE;
! 1707: if (aes_decrypt_key256 (key, (aes_decrypt_ctx *) (ks + sizeof (aes_encrypt_ctx))) != EXIT_SUCCESS)
! 1708: return ERR_CIPHER_INIT_FAILURE;
! 1709:
! 1710: #elif defined (TC_WINDOWS_BOOT_SERPENT)
! 1711: serpent_set_key (key, 32 * 8, ks);
! 1712: #elif defined (TC_WINDOWS_BOOT_TWOFISH)
! 1713: twofish_set_key ((TwofishInstance *)ks, (const u4byte *)key, 32 * 8);
! 1714: #endif
! 1715: return ERR_SUCCESS;
! 1716: }
! 1717:
! 1718: int EAGetKeySize (int ea)
! 1719: {
! 1720: return 32;
! 1721: }
! 1722:
! 1723: int EAGetFirstCipher (int ea)
! 1724: {
! 1725: return 1;
! 1726: }
! 1727:
! 1728: void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo)
! 1729: {
! 1730: UINT64_STRUCT dataUnitNo;
! 1731: dataUnitNo.LowPart = 0; dataUnitNo.HighPart = 0;
! 1732: EncryptBufferXTS (buf, len, &dataUnitNo, 0, cryptoInfo->ks, cryptoInfo->ks2, 1);
! 1733: }
! 1734:
! 1735: void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci)
! 1736: {
! 1737: EncryptBufferXTS (buf, nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, structUnitNo, 0, ci->ks, ci->ks2, 1);
! 1738: }
! 1739:
! 1740: void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo)
! 1741: {
! 1742: UINT64_STRUCT dataUnitNo;
! 1743: dataUnitNo.LowPart = 0; dataUnitNo.HighPart = 0;
! 1744: DecryptBufferXTS (buf, len, &dataUnitNo, 0, cryptoInfo->ks, cryptoInfo->ks2, 1);
! 1745: }
! 1746:
! 1747: void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci)
! 1748: {
! 1749: DecryptBufferXTS (buf, nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, structUnitNo, 0, ci->ks, ci->ks2, 1);
! 1750: }
! 1751:
! 1752: #endif // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.