diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-10-26 00:57:44 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-11-08 23:24:25 +0100 |
| commit | 3f2e20e33941c51b3956adc4e653c2ec7457238e (patch) | |
| tree | 7e7bb522b3eba823f1e0e30b03e5ccf386c8f204 /src/Common/Pkcs5.c | |
| parent | 714a2ce0ae7e8b2cee32b0d6245a59e787758fc5 (diff) | |
| download | VeraCrypt-3f2e20e33941c51b3956adc4e653c2ec7457238e.tar.gz VeraCrypt-3f2e20e33941c51b3956adc4e653c2ec7457238e.zip | |
Simplify code handling iterations count: in boot mode, we'll set the correct iterations count inside derive_u_sha256 and derive_u_ripemd160 depending in the value of the iterations parameter. On normal mode, we use normal values of iterations count. Removes the special test parameter from RIPEMD160 functions.
Diffstat (limited to 'src/Common/Pkcs5.c')
| -rw-r--r-- | src/Common/Pkcs5.c | 47 |
1 files changed, 26 insertions, 21 deletions
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index ba1054e0..e3f8031b 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -122,10 +122,17 @@ void derive_u_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, int iter uint32 c;
int i;
- if (iterations == 2000)
+#ifdef TC_WINDOWS_BOOT
+ /* In bootloader, iterations is a boolean : TRUE for boot derivation mode, FALSE otherwise
+ * This enables us to save code space needed for implementing other features.
+ */
+ if (iterations)
c = 200000;
else
c = 500000;
+#else
+ c = iterations;
+#endif
/* iteration 1 */
memset (counter, 0, 4);
@@ -410,7 +417,7 @@ void hmac_ripemd160 (char *key, int keylen, char *input, int len, char *digest) burn (&context, sizeof(context));
}
-void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b)
+void derive_u_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b)
{
char j[RIPEMD160_DIGESTSIZE], k[RIPEMD160_DIGESTSIZE];
char init[128];
@@ -418,17 +425,17 @@ void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int uint32 c;
int i;
- if (bNotTest)
- {
- if (iterations == 32767)
- c = 655331;
- else
- c = 327661;
- }
+#ifdef TC_WINDOWS_BOOT
+ /* In bootloader, iterations is a boolean : TRUE for boot derivation mode, FALSE otherwise
+ * This enables us to save code space needed for implementing other features.
+ */
+ if (iterations)
+ c = 327661;
else
- {
- c = iterations;
- }
+ c = 655331;
+#else
+ c = iterations;
+#endif
/* iteration 1 */
memset (counter, 0, 4);
@@ -455,7 +462,7 @@ void derive_u_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int burn (k, sizeof(k));
}
-void derive_key_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
+void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
{
char u[RIPEMD160_DIGESTSIZE];
int b, l, r;
@@ -474,13 +481,13 @@ void derive_key_ripemd160 (BOOL bNotTest, char *pwd, int pwd_len, char *salt, in /* first l - 1 blocks */
for (b = 1; b < l; b++)
{
- derive_u_ripemd160 (bNotTest, pwd, pwd_len, salt, salt_len, iterations, u, b);
+ derive_u_ripemd160 (pwd, pwd_len, salt, salt_len, iterations, u, b);
memcpy (dk, u, RIPEMD160_DIGESTSIZE);
dk += RIPEMD160_DIGESTSIZE;
}
/* last block */
- derive_u_ripemd160 (bNotTest, pwd, pwd_len, salt, salt_len, iterations, u, b);
+ derive_u_ripemd160 (pwd, pwd_len, salt, salt_len, iterations, u, b);
memcpy (dk, u, r);
@@ -656,7 +663,6 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id) }
}
-#endif //!TC_WINDOWS_BOOT
int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot)
@@ -665,22 +671,21 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot) {
case RIPEMD160:
- return bBoot? 16384 : 32767; /* it will be changed to 327661 and 655331 respectively inside derive_u_ripemd160 */
-
-#ifndef TC_WINDOWS_BOOT
+ return bBoot? 327661 : 655331;
case SHA512:
return 500000;
case WHIRLPOOL:
return 500000;
-#endif
case SHA256:
- return bBoot? 2000 : 5000; /* it will be changed to 200000 and 500000 respectively inside derive_u_sha256 */
+ return bBoot? 200000 : 500000;
default:
TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
}
return 0;
}
+
+#endif //!TC_WINDOWS_BOOT
\ No newline at end of file |