diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2013-06-22 17:38:33 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-11-08 23:18:21 +0100 |
| commit | 6b2e97c2438e85ddf2f166cf7c56f6c923ffcac4 (patch) | |
| tree | 539cf805380559c54767d5d0d3c2c0e010e77c19 /src/Common/Volumes.c | |
| parent | 03867fbf5653c0260e71271e0ddf46ed1045b488 (diff) | |
| download | VeraCrypt-6b2e97c2438e85ddf2f166cf7c56f6c923ffcac4.tar.gz VeraCrypt-6b2e97c2438e85ddf2f166cf7c56f6c923ffcac4.zip | |
Enhance security by rising the iterations used in PBKDF2 : 327670 instead of 1000 when booting in encrypted system partition, and 2000000 instead of 2000 when using encrypted containers and partitions
Diffstat (limited to 'src/Common/Volumes.c')
| -rw-r--r-- | src/Common/Volumes.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index 01ebdf55..3b2c0ca7 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -299,7 +299,7 @@ KeyReady: ; switch (pkcs5_prf)
{
case RIPEMD160:
- derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
+ derive_key_ripemd160 (TRUE, keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
@@ -595,8 +595,8 @@ int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, PCRYPTO_INFO cryptoInfo = *retInfo = crypto_open ();
// PKCS5 PRF
- derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,
- PKCS5_SALT_SIZE, bBoot ? 1000 : 2000, dk, sizeof (dk));
+ derive_key_ripemd160 (TRUE, password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,
+ PKCS5_SALT_SIZE, 32767, dk, sizeof (dk));
// Mode of operation
cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID;
@@ -771,7 +771,7 @@ int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Pass break;
case RIPEMD160:
- derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
+ derive_key_ripemd160 (TRUE, keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
|