VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-07-20 05:11:10 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 23:21:32 +0100
commit75f780871949e5bacca4718507e66c8d28d72e69 (patch)
treeb5e57e50960de3d508098e01b3d80397edb9b474 /src/Common
parent0594532cf1d6bb5fc8886d1c99db4e3861185112 (diff)
downloadVeraCrypt-75f780871949e5bacca4718507e66c8d28d72e69.tar.gz
VeraCrypt-75f780871949e5bacca4718507e66c8d28d72e69.zip
Remove deprecated/legacy cryptographic algorithms and encryption modes that are never used by VeraCrypt. This will speed up volumes opening in many cases.
Diffstat (limited to 'src/Common')
-rw-r--r--src/Common/Apidrvr.h4
-rw-r--r--src/Common/Crypto.c874
-rw-r--r--src/Common/Crypto.h28
-rw-r--r--src/Common/Dlgcode.c53
-rw-r--r--src/Common/EncryptionThreadPool.c5
-rw-r--r--src/Common/GfMul.c110
-rw-r--r--src/Common/GfMul.h2
-rw-r--r--src/Common/Pkcs5.c153
-rw-r--r--src/Common/Tests.c646
-rw-r--r--src/Common/Volumes.c83
10 files changed, 16 insertions, 1942 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index 1c7460eb..1a28dec0 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -133,10 +133,6 @@ typedef struct
BOOL readOnly;
BOOL removable;
BOOL partitionInInactiveSysEncScope;
-#if 0
- unsigned __int64 volumeCreationTime; // Deprecated in v6.0
- unsigned __int64 headerCreationTime; // Deprecated in v6.0
-#endif
uint32 volumeHeaderFlags;
unsigned __int64 totalBytesRead;
unsigned __int64 totalBytesWritten;
diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c
index dd30e488..d8f8ae3a 100644
--- a/src/Common/Crypto.c
+++ b/src/Common/Crypto.c
@@ -45,38 +45,27 @@ static Cipher Ciphers[] =
{ AES, "AES", 16, 32, AES_KS },
{ SERPENT, "Serpent", 16, 32, 140*4 },
{ TWOFISH, "Twofish", 16, 32, TWOFISH_KS },
-#ifndef TC_WINDOWS_BOOT
- { BLOWFISH, "Blowfish", 8, 56, sizeof (BF_KEY) }, // Deprecated/legacy
- { CAST, "CAST5", 8, 16, sizeof (CAST_KEY) }, // Deprecated/legacy
- { TRIPLEDES,"Triple DES", 8, 8*3, sizeof (TDES_KEY) }, // Deprecated/legacy
-#endif
{ 0, 0, 0, 0, 0 }
};
// Encryption algorithm configuration
-// The following modes have been deprecated (legacy): LRW, CBC, INNER_CBC, OUTER_CBC
static EncryptionAlgorithm EncryptionAlgorithms[] =
{
// Cipher(s) Modes FormatEnabled
#ifndef TC_WINDOWS_BOOT
- { { 0, 0 }, { 0, 0, 0, 0 }, 0 }, // Must be all-zero
- { { AES, 0 }, { XTS, LRW, CBC, 0 }, 1 },
- { { SERPENT, 0 }, { XTS, LRW, CBC, 0 }, 1 },
- { { TWOFISH, 0 }, { XTS, LRW, CBC, 0 }, 1 },
- { { TWOFISH, AES, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
- { { SERPENT, TWOFISH, AES, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
- { { AES, SERPENT, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
- { { AES, TWOFISH, SERPENT, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
- { { SERPENT, TWOFISH, 0 }, { XTS, LRW, OUTER_CBC, 0 }, 1 },
- { { BLOWFISH, 0 }, { LRW, CBC, 0, 0 }, 0 }, // Deprecated/legacy
- { { CAST, 0 }, { LRW, CBC, 0, 0 }, 0 }, // Deprecated/legacy
- { { TRIPLEDES, 0 }, { LRW, CBC, 0, 0 }, 0 }, // Deprecated/legacy
- { { BLOWFISH, AES, 0 }, { INNER_CBC, 0, 0, 0 }, 0 }, // Deprecated/legacy
- { { SERPENT, BLOWFISH, AES, 0 }, { INNER_CBC, 0, 0, 0 }, 0 }, // Deprecated/legacy
- { { 0, 0 }, { 0, 0, 0, 0 }, 0 } // Must be all-zero
+ { { 0, 0 }, { 0, 0}, 0 }, // Must be all-zero
+ { { AES, 0 }, { XTS, 0 }, 1 },
+ { { SERPENT, 0 }, { XTS, 0 }, 1 },
+ { { TWOFISH, 0 }, { XTS, 0 }, 1 },
+ { { TWOFISH, AES, 0 }, { XTS, 0 }, 1 },
+ { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1 },
+ { { AES, SERPENT, 0 }, { XTS, 0 }, 1 },
+ { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 },
+ { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 },
+ { { 0, 0 }, { 0, 0}, 0 } // Must be all-zero
#else // TC_WINDOWS_BOOT
@@ -105,7 +94,6 @@ static Hash Hashes[] =
#ifndef TC_WINDOWS_BOOT
{ SHA512, "SHA-512", FALSE, FALSE },
{ WHIRLPOOL, "Whirlpool", FALSE, FALSE },
- { SHA1, "SHA-1", TRUE, FALSE }, // Deprecated/legacy
#endif
{ 0, 0, 0 }
};
@@ -138,32 +126,6 @@ int CipherInit (int cipher, unsigned char *key, unsigned __int8 *ks)
twofish_set_key ((TwofishInstance *)ks, (const u4byte *)key, CipherGetKeySize(TWOFISH) * 8);
break;
-#ifndef TC_WINDOWS_BOOT
-
- case BLOWFISH:
- /* Deprecated/legacy */
- BlowfishSetKey ((BF_KEY *)ks, CipherGetKeySize(BLOWFISH), key);
- break;
-
- case CAST:
- /* Deprecated/legacy */
- Cast5SetKey ((CAST_KEY *) ks, CipherGetKeySize(CAST), key);
- break;
-
- case TRIPLEDES:
- /* Deprecated/legacy */
- TripleDesSetKey (key, CipherGetKeySize (TRIPLEDES), (TDES_KEY *) ks);
-
- // Verify whether all three DES keys are mutually different
- if (((*((__int64 *) key) ^ *((__int64 *) key+1)) & 0xFEFEFEFEFEFEFEFEULL) == 0
- || ((*((__int64 *) key+1) ^ *((__int64 *) key+2)) & 0xFEFEFEFEFEFEFEFEULL) == 0
- || ((*((__int64 *) key) ^ *((__int64 *) key+2)) & 0xFEFEFEFEFEFEFEFEULL) == 0)
- retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error
-
- break;
-
-#endif // TC_WINDOWS_BOOT
-
default:
// Unknown/wrong cipher ID
return ERR_CIPHER_INIT_FAILURE;
@@ -188,11 +150,6 @@ void EncipherBlock(int cipher, void *data, void *ks)
case TWOFISH: twofish_encrypt (ks, data, data); break;
case SERPENT: serpent_encrypt (data, data, ks); break;
-#ifndef TC_WINDOWS_BOOT
- case BLOWFISH: BlowfishEncryptLE (data, data, ks, 1); break; // Deprecated/legacy
- case CAST: Cast5Encrypt (data, data, ks); break; // Deprecated/legacy
- case TRIPLEDES: TripleDesEncrypt (data, data, ks, 1); break; // Deprecated/legacy
-#endif
default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
}
}
@@ -256,9 +213,6 @@ void DecipherBlock(int cipher, void *data, void *ks)
aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx)));
break;
- case BLOWFISH: BlowfishEncryptLE (data, data, ks, 0); break; // Deprecated/legacy
- case CAST: Cast5Decrypt (data, data, ks); break; // Deprecated/legacy
- case TRIPLEDES: TripleDesEncrypt (data, data, ks, 0); break; // Deprecated/legacy
#else
case AES: aes_decrypt (data, data, ks); break;
#endif
@@ -427,28 +381,6 @@ BOOL EAInitMode (PCRYPTO_INFO ci)
that the size of each of the volumes is 1024 terabytes). */
break;
- case LRW:
- switch (CipherGetBlockSize (EAGetFirstCipher (ci->ea)))
- {
- case 8:
- /* Deprecated/legacy */
- return Gf64TabInit (ci->k2, &ci->gf_ctx);
-
- case 16:
- return Gf128Tab64Init (ci->k2, &ci->gf_ctx);
-
- default:
- TC_THROW_FATAL_EXCEPTION;
- }
-
- break;
-
- case CBC:
- case INNER_CBC:
- case OUTER_CBC:
- // The mode does not need to be initialized or is initialized elsewhere
- return TRUE;
-
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
@@ -537,37 +469,6 @@ char *EAGetModeName (int ea, int mode, BOOL capitalLetters)
return "XTS";
- case LRW:
-
- /* Deprecated/legacy */
-
- return "LRW";
-
- case CBC:
- {
- /* Deprecated/legacy */
-
- char eaName[100];
- EAGetName (eaName, ea);
-
- if (strcmp (eaName, "Triple DES") == 0)
- return capitalLetters ? "Outer-CBC" : "outer-CBC";
-
- return "CBC";
- }
-
- case OUTER_CBC:
-
- /* Deprecated/legacy */
-
- return capitalLetters ? "Outer-CBC" : "outer-CBC";
-
- case INNER_CBC:
-
- /* Deprecated/legacy */
-
- return capitalLetters ? "Inner-CBC" : "inner-CBC";
-
}
return "[unknown]";
}
@@ -805,441 +706,6 @@ void crypto_close (PCRYPTO_INFO cryptoInfo)
#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
-#ifndef TC_NO_COMPILER_INT64
-void Xor128 (unsigned __int64 *a, unsigned __int64 *b)
-{
- *a++ ^= *b++;
- *a ^= *b;
-}
-
-
-void Xor64 (unsigned __int64 *a, unsigned __int64 *b)
-{
- *a ^= *b;
-}
-
-
-void EncryptBufferLRW128 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo)
-{
- /* Deprecated/legacy */
-
- int cipher = EAGetFirstCipher (cryptoInfo->ea);
- int cipherCount = EAGetCipherCount (cryptoInfo->ea);
- unsigned __int8 *p = buffer;
- unsigned __int8 *ks = cryptoInfo->ks;
- unsigned __int8 i[8];
- unsigned __int8 t[16];
- unsigned __int64 b;
-
- *(unsigned __int64 *)i = BE64(blockIndex);
-
- if (length % 16)
- TC_THROW_FATAL_EXCEPTION;
-
- // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
-
- for (b = 0; b < length >> 4; b++)
- {
- Gf128MulBy64Tab (i, t, &cryptoInfo->gf_ctx);
- Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- if (cipherCount > 1)
- {
- // Cipher cascade
- for (cipher = EAGetFirstCipher (cryptoInfo->ea);
- cipher != 0;
- cipher = EAGetNextCipher (cryptoInfo->ea, cipher))
- {
- EncipherBlock (cipher, p, ks);
- ks += CipherGetKeyScheduleSize (cipher);
- }
- ks = cryptoInfo->ks;
- }
- else
- {
- EncipherBlock (cipher, p, ks);
- }
-
- Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- p += 16;
-
- if (i[7] != 0xff)
- i[7]++;
- else
- *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
- }
-
- FAST_ERASE64 (t, sizeof(t));
-}
-
-
-void EncryptBufferLRW64 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo)
-{
- /* Deprecated/legacy */
-
- int cipher = EAGetFirstCipher (cryptoInfo->ea);
- unsigned __int8 *p = buffer;
- unsigned __int8 *ks = cryptoInfo->ks;
- unsigned __int8 i[8];
- unsigned __int8 t[8];
- unsigned __int64 b;
-
- *(unsigned __int64 *)i = BE64(blockIndex);
-
- if (length % 8)
- TC_THROW_FATAL_EXCEPTION;
-
- for (b = 0; b < length >> 3; b++)
- {
- Gf64MulTab (i, t, &cryptoInfo->gf_ctx);
- Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- EncipherBlock (cipher, p, ks);
-
- Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- p += 8;
-
- if (i[7] != 0xff)
- i[7]++;
- else
- *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
- }
-
- FAST_ERASE64 (t, sizeof(t));
-}
-
-
-void DecryptBufferLRW128 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo)
-{
- /* Deprecated/legacy */
-
- int cipher = EAGetFirstCipher (cryptoInfo->ea);
- int cipherCount = EAGetCipherCount (cryptoInfo->ea);
- unsigned __int8 *p = buffer;
- unsigned __int8 *ks = cryptoInfo->ks;
- unsigned __int8 i[8];
- unsigned __int8 t[16];
- unsigned __int64 b;
-
- *(unsigned __int64 *)i = BE64(blockIndex);
-
- if (length % 16)
- TC_THROW_FATAL_EXCEPTION;
-
- // Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
-
- for (b = 0; b < length >> 4; b++)
- {
- Gf128MulBy64Tab (i, t, &cryptoInfo->gf_ctx);
- Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- if (cipherCount > 1)
- {
- // Cipher cascade
- ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea);
-
- for (cipher = EAGetLastCipher (cryptoInfo->ea);
- cipher != 0;
- cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher))
- {
- ks -= CipherGetKeyScheduleSize (cipher);
- DecipherBlock (cipher, p, ks);
- }
- }
- else
- {
- DecipherBlock (cipher, p, ks);
- }
-
- Xor128 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- p += 16;
-
- if (i[7] != 0xff)
- i[7]++;
- else
- *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
- }
-
- FAST_ERASE64 (t, sizeof(t));
-}
-
-
-
-void DecryptBufferLRW64 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo)
-{
- /* Deprecated/legacy */
-
- int cipher = EAGetFirstCipher (cryptoInfo->ea);
- unsigned __int8 *p = buffer;
- unsigned __int8 *ks = cryptoInfo->ks;
- unsigned __int8 i[8];
- unsigned __int8 t[8];
- unsigned __int64 b;
-
- *(unsigned __int64 *)i = BE64(blockIndex);
-
- if (length % 8)
- TC_THROW_FATAL_EXCEPTION;
-
- for (b = 0; b < length >> 3; b++)
- {
- Gf64MulTab (i, t, &cryptoInfo->gf_ctx);
- Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- DecipherBlock (cipher, p, ks);
-
- Xor64 ((unsigned __int64 *)p, (unsigned __int64 *)t);
-
- p += 8;
-
- if (i[7] != 0xff)
- i[7]++;
- else
- *(unsigned __int64 *)i = BE64 ( BE64(*(unsigned __int64 *)i) + 1 );
- }
-
- FAST_ERASE64 (t, sizeof(t));
-}
-
-
-// Initializes IV and whitening values for sector encryption/decryption in CBC mode.
-// IMPORTANT: This function has been deprecated (legacy).
-static void
-InitSectorIVAndWhitening (unsigned __int64 unitNo,
- int blockSize,
- unsigned __int32 *iv,
- unsigned __int64 *ivSeed,
- unsigned __int32 *whitening)
-{
-
- /* IMPORTANT: This function has been deprecated (legacy) */
-
- unsigned __int64 iv64[4];
- unsigned __int32 *iv32 = (unsigned __int32 *) iv64;
-
- iv64[0] = ivSeed[0] ^ LE64(unitNo);
- iv64[1] = ivSeed[1] ^ LE64(unitNo);
- iv64[2] = ivSeed[2] ^ LE64(unitNo);
- if (blockSize == 16)
- {
- iv64[3] = ivSeed[3] ^ LE64(unitNo);
- }
-
- iv[0] = iv32[0];
- iv[1] = iv32[1];
-
- switch (blockSize)
- {
- case 16:
-
- // 128-bit block
-
- iv[2] = iv32[2];
- iv[3] = iv32[3];
-
- whitening[0] = LE32( crc32int ( &iv32[4] ) ^ crc32int ( &iv32[7] ) );
- whitening[1] = LE32( crc32int ( &iv32[5] ) ^ crc32int ( &iv32[6] ) );
- break;
-
- case 8:
-
- // 64-bit block
-
- whitening[0] = LE32( crc32int ( &iv32[2] ) ^ crc32int ( &iv32[5] ) );
- whitening[1] = LE32( crc32int ( &iv32[3] ) ^ crc32int ( &iv32[4] ) );
- break;
-
- default:
- TC_THROW_FATAL_EXCEPTION;
- }
-}
-
-
-// EncryptBufferCBC (deprecated/legacy)
-//
-// data: data to be encrypted
-// len: number of bytes to encrypt (must be divisible by the largest cipher block size)
-// ks: scheduled key
-// iv: IV
-// whitening: whitening constants
-// ea: outer-CBC cascade ID (0 = CBC/inner-CBC)
-// cipher: CBC/inner-CBC cipher ID (0 = outer-CBC)
-
-static void
-EncryptBufferCBC (unsigned __int32 *data,
- unsigned int len,
- unsigned __int8 *ks,
- unsigned __int32 *iv,
- unsigned __int32 *whitening,
- int ea,
- int cipher)
-{
- /* IMPORTANT: This function has been deprecated (legacy) */
-
- unsigned __int32 bufIV[4];
- unsigned __int64 i;
- int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
-
- if (len % blockSize)
- TC_THROW_FATAL_EXCEPTION;
-
- // IV
- bufIV[0] = iv[0];
- bufIV[1] = iv[1];
- if (blockSize == 16)
- {
- bufIV[2] = iv[2];
- bufIV[3] = iv[3];
- }
-
- // Encrypt each block
- for (i = 0; i < len/blockSize; i++)
- {
- // CBC
- data[0] ^= bufIV[0];
- data[1] ^= bufIV[1];
- if (blockSize == 16)
- {
- data[2] ^= bufIV[2];
- data[3] ^= bufIV[3];
- }
-
- if (ea != 0)
- {
- // Outer-CBC
- for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
- {
- EncipherBlock (cipher, data, ks);
- ks += CipherGetKeyScheduleSize (cipher);
- }
- ks -= EAGetKeyScheduleSize (ea);
- }
- else
- {
- // CBC/inner-CBC
- EncipherBlock (cipher, data, ks);
- }
-
- // CBC
- bufIV[0] = data[0];
- bufIV[1] = data[1];
- if (blockSize == 16)
- {
- bufIV[2] = data[2];
- bufIV[3] = data[3];
- }
-
- // Whitening
- data[0] ^= whitening[0];
- data[1] ^= whitening[1];
- if (blockSize == 16)
- {
- data[2] ^= whitening[0];
- data[3] ^= whitening[1];
- }
-
- data += blockSize / sizeof(*data);
- }
-}
-
-
-// DecryptBufferCBC (deprecated/legacy)
-//
-// data: data to be decrypted
-// len: number of bytes to decrypt (must be divisible by the largest cipher block size)
-// ks: scheduled key
-// iv: IV
-// whitening: whitening constants
-// ea: outer-CBC cascade ID (0 = CBC/inner-CBC)
-// cipher: CBC/inner-CBC cipher ID (0 = outer-CBC)
-
-static void
-DecryptBufferCBC (unsigned __int32 *data,
- unsigned int len,
- unsigned __int8 *ks,
- unsigned __int32 *iv,
- unsigned __int32 *whitening,
- int ea,
- int cipher)
-{
-
- /* IMPORTANT: This function has been deprecated (legacy) */
-
- unsigned __int32 bufIV[4];
- unsigned __int64 i;
- unsigned __int32 ct[4];
- int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher);
-
- if (len % blockSize)
- TC_THROW_FATAL_EXCEPTION;
-
- // IV
- bufIV[0] = iv[0];
- bufIV[1] = iv[1];
- if (blockSize == 16)
- {
- bufIV[2] = iv[2];
- bufIV[3] = iv[3];
- }
-
- // Decrypt each block
- for (i = 0; i < len/blockSize; i++)
- {
- // Dewhitening
- data[0] ^= whitening[0];
- data[1] ^= whitening[1];
- if (blockSize == 16)
- {
- data[2] ^= whitening[0];
- data[3] ^= whitening[1];
- }
-
- // CBC
- ct[0] = data[0];
- ct[1] = data[1];
- if (blockSize == 16)
- {
- ct[2] = data[2];
- ct[3] = data[3];
- }
-
- if (ea != 0)
- {
- // Outer-CBC
- ks += EAGetKeyScheduleSize (ea);
- for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
- {
- ks -= CipherGetKeyScheduleSize (cipher);
- DecipherBlock (cipher, data, ks);
- }
- }
- else
- {
- // CBC/inner-CBC
- DecipherBlock (cipher, data, ks);
- }
-
- // CBC
- data[0] ^= bufIV[0];
- data[1] ^= bufIV[1];
- bufIV[0] = ct[0];
- bufIV[1] = ct[1];
- if (blockSize == 16)
- {
- data[2] ^= bufIV[2];
- data[3] ^= bufIV[3];
- bufIV[2] = ct[2];
- bufIV[3] = ct[3];
- }
-
- data += blockSize / sizeof(*data);
- }
-}
-#endif // #ifndef TC_NO_COMPILER_INT64
-
// EncryptBuffer
//
@@ -1275,100 +741,12 @@ void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_
}
break;
-#ifndef TC_NO_COMPILER_INT64
- case LRW:
-
- /* Deprecated/legacy */
-
- switch (CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)))
- {
- case 8:
- EncryptBufferLRW64 ((unsigned __int8 *)buf, (unsigned __int64) len, 1, cryptoInfo);
- break;
-
- case 16:
- EncryptBufferLRW128 ((unsigned __int8 *)buf, (unsigned __int64) len, 1, cryptoInfo);
- break;
-
- default:
- TC_THROW_FATAL_EXCEPTION;
- }
- break;
-
- case CBC:
- case INNER_CBC:
- {
- /* Deprecated/legacy */
-
- unsigned __int8 *ks = cryptoInfo->ks;
- int cipher;
-
- for (cipher = EAGetFirstCipher (cryptoInfo->ea);
- cipher != 0;
- cipher = EAGetNextCipher (cryptoInfo->ea, cipher))
- {
- EncryptBufferCBC ((unsigned __int32 *) buf,
- (unsigned int) len,
- ks,
- (unsigned __int32 *) cryptoInfo->k2,
- (unsigned __int32 *) &cryptoInfo->k2[8],
- 0,
- cipher);
-
- ks += CipherGetKeyScheduleSize (cipher);
- }
- }
- break;
-
- case OUTER_CBC:
-
- /* Deprecated/legacy */
-
- EncryptBufferCBC ((unsigned __int32 *) buf,
- (unsigned int) len,
- cryptoInfo->ks,
- (unsigned __int32 *) cryptoInfo->k2,
- (unsigned __int32 *) &cryptoInfo->k2[8],
- cryptoInfo->ea,
- 0);
-
- break;
-#endif // #ifndef TC_NO_COMPILER_INT64
-
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
}
}
-#ifndef TC_NO_COMPILER_INT64
-// Converts a data unit number to the index of the first LRW block in the data unit.
-// Note that the maximum supported volume size is 8589934592 GB (i.e., 2^63 bytes).
-uint64 DataUnit2LRWIndex (uint64 dataUnit, int blockSize, PCRYPTO_INFO ci)
-{
- /* Deprecated/legacy */
-
- if (ci->hiddenVolume)
- dataUnit -= ci->hiddenVolumeOffset / ENCRYPTION_DATA_UNIT_SIZE;
- else
- dataUnit -= TC_VOLUME_HEADER_SIZE_LEGACY / ENCRYPTION_DATA_UNIT_SIZE; // Compensate for the volume header size
-
- switch (blockSize)
- {
- case 8:
- return (dataUnit << 6) | 1;
-
- case 16:
- return (dataUnit << 5) | 1;
-
- default:
- TC_THROW_FATAL_EXCEPTION;
- }
-
- return 0;
-}
-#endif // #ifndef TC_NO_COMPILER_INT64
-
// buf: data to be encrypted
// unitNo: sequential number of the data unit with which the buffer starts
@@ -1387,14 +765,6 @@ void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *s
unsigned __int8 *ks2 = ci->ks2;
int cipher;
-#ifndef TC_NO_COMPILER_INT64
- void *iv = ci->k2; // Deprecated/legacy
- unsigned __int64 unitNo = structUnitNo->Value;
- unsigned __int64 *iv64 = (unsigned __int64 *) iv; // Deprecated/legacy
- unsigned __int32 sectorIV[4]; // Deprecated/legacy
- unsigned __int32 secWhitening[2]; // Deprecated/legacy
-#endif
-
switch (ci->mode)
{
case XTS:
@@ -1413,81 +783,6 @@ void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *s
}
break;
-#ifndef TC_NO_COMPILER_INT64
- case LRW:
-
- /* Deprecated/legacy */
-
- switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
- {
- case 8:
- EncryptBufferLRW64 (buf,
- (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
- DataUnit2LRWIndex (unitNo, 8, ci),
- ci);
- break;
-
- case 16:
- EncryptBufferLRW128 (buf,
- (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
- DataUnit2LRWIndex (unitNo, 16, ci),
- ci);
- break;
-
- default:
- TC_THROW_FATAL_EXCEPTION;
- }
- break;
-
- case CBC:
- case INNER_CBC:
-
- /* Deprecated/legacy */
-
- while (nbrUnits--)
- {
- for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher))
- {
- InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
-
- EncryptBufferCBC ((unsigned __int32 *) buf,
- ENCRYPTION_DATA_UNIT_SIZE,
- ks,
- sectorIV,
- secWhitening,
- 0,
- cipher);
-
- ks += CipherGetKeyScheduleSize (cipher);
- }
- ks -= EAGetKeyScheduleSize (ea);
- buf += ENCRYPTION_DATA_UNIT_SIZE;
- unitNo++;
- }
- break;
-
- case OUTER_CBC:
-
- /* Deprecated/legacy */
-
- while (nbrUnits--)
- {
- InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
-
- EncryptBufferCBC ((unsigned __int32 *) buf,
- ENCRYPTION_DATA_UNIT_SIZE,
- ks,
- sectorIV,
- secWhitening,
- ea,
- 0);
-
- buf += ENCRYPTION_DATA_UNIT_SIZE;
- unitNo++;
- }
- break;
-#endif // #ifndef TC_NO_COMPILER_INT64
-
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
@@ -1528,65 +823,6 @@ void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_
}
break;
-#ifndef TC_NO_COMPILER_INT64
- case LRW:
-
- /* Deprecated/legacy */
-
- switch (CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)))
- {
- case 8:
- DecryptBufferLRW64 (buf, (unsigned __int64) len, 1, cryptoInfo);
- break;
-
- case 16:
- DecryptBufferLRW128 (buf, (unsigned __int64) len, 1, cryptoInfo);
- break;
-
- default:
- TC_THROW_FATAL_EXCEPTION;
- }
- break;
-
- case CBC:
- case INNER_CBC:
- {
- /* Deprecated/legacy */
-
- unsigned __int8 *ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea);
- int cipher;
- for (cipher = EAGetLastCipher (cryptoInfo->ea);
- cipher != 0;
- cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher))
- {
- ks -= CipherGetKeyScheduleSize (cipher);
-
- DecryptBufferCBC ((unsigned __int32 *) buf,
- (unsigned int) len,
- ks,
- (unsigned __int32 *) cryptoInfo->k2,
- (unsigned __int32 *) &cryptoInfo->k2[8],
- 0,
- cipher);
- }
- }
- break;
-
- case OUTER_CBC:
-
- /* Deprecated/legacy */
-
- DecryptBufferCBC ((unsigned __int32 *) buf,
- (unsigned int) len,
- cryptoInfo->ks,
- (unsigned __int32 *) cryptoInfo->k2,
- (unsigned __int32 *) &cryptoInfo->k2[8],
- cryptoInfo->ea,
- 0);
-
- break;
-#endif // #ifndef TC_NO_COMPILER_INT64
-
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
@@ -1610,14 +846,6 @@ void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *s
unsigned __int8 *ks2 = ci->ks2;
int cipher;
-#ifndef TC_NO_COMPILER_INT64
- void *iv = ci->k2; // Deprecated/legacy
- unsigned __int64 unitNo = structUnitNo->Value;
- unsigned __int64 *iv64 = (unsigned __int64 *) iv; // Deprecated/legacy
- unsigned __int32 sectorIV[4]; // Deprecated/legacy
- unsigned __int32 secWhitening[2]; // Deprecated/legacy
-#endif // #ifndef TC_NO_COMPILER_INT64
-
switch (ci->mode)
{
@@ -1640,81 +868,6 @@ void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *s
}
break;
-#ifndef TC_NO_COMPILER_INT64
- case LRW:
-
- /* Deprecated/legacy */
-
- switch (CipherGetBlockSize (EAGetFirstCipher (ea)))
- {
- case 8:
- DecryptBufferLRW64 (buf,
- (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
- DataUnit2LRWIndex (unitNo, 8, ci),
- ci);
- break;
-
- case 16:
- DecryptBufferLRW128 (buf,
- (unsigned __int64) nbrUnits * ENCRYPTION_DATA_UNIT_SIZE,
- DataUnit2LRWIndex (unitNo, 16, ci),
- ci);
- break;
-
- default:
- TC_THROW_FATAL_EXCEPTION;
- }
- break;
-
- case CBC:
- case INNER_CBC:
-
- /* Deprecated/legacy */
-
- while (nbrUnits--)
- {
- ks += EAGetKeyScheduleSize (ea);
- for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher))
- {
- InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening);
-
- ks -= CipherGetKeyScheduleSize (cipher);
-
- DecryptBufferCBC ((unsigned __int32 *) buf,
- ENCRYPTION_DATA_UNIT_SIZE,
- ks,
- sectorIV,
- secWhitening,
- 0,
- cipher);
- }
- buf += ENCRYPTION_DATA_UNIT_SIZE;
- unitNo++;
- }
- break;
-
- case OUTER_CBC:
-
- /* Deprecated/legacy */
-
- while (nbrUnits--)
- {
- InitSectorIVAndWhitening (unitNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening);
-
- DecryptBufferCBC ((unsigned __int32 *) buf,
- ENCRYPTION_DATA_UNIT_SIZE,
- ks,
- sectorIV,
- secWhitening,
- ea,
- 0);
-
- buf += ENCRYPTION_DATA_UNIT_SIZE;
- unitNo++;
- }
- break;
-#endif // #ifndef TC_NO_COMPILER_INT64
-
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
@@ -1729,13 +882,6 @@ int GetMaxPkcs5OutSize (void)
size = max (size, EAGetLargestKeyForMode (XTS) * 2); // Sizes of primary + secondary keys
-#ifndef TC_WINDOWS_BOOT
- size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (LRW)); // Deprecated/legacy
- size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (CBC)); // Deprecated/legacy
- size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (OUTER_CBC)); // Deprecated/legacy
- size = max (size, LEGACY_VOL_IV_SIZE + EAGetLargestKeyForMode (INNER_CBC)); // Deprecated/legacy
-#endif
-
return size;
}
diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h
index 4f47ec04..f183a436 100644
--- a/src/Common/Crypto.h
+++ b/src/Common/Crypto.h
@@ -42,9 +42,6 @@ extern "C" {
// Size of the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode)
#define MASTER_KEYDATA_SIZE 256
-// Size of the deprecated volume header item containing either an IV seed (CBC mode) or tweak key (LRW mode)
-#define LEGACY_VOL_IV_SIZE 32
-
// The first PRF to try when mounting
#define FIRST_PRF_ID 1
@@ -55,7 +52,6 @@ enum
#ifndef TC_WINDOWS_BOOT
SHA512,
WHIRLPOOL,
- SHA1, // Deprecated/legacy
#endif
HASH_ENUM_END_ID
};
@@ -89,12 +85,6 @@ enum
/* If you add/remove a mode, update the following: GetMaxPkcs5OutSize(), EAInitMode() */
XTS = FIRST_MODE_OF_OPERATION_ID,
-#ifndef TC_WINDOWS_BOOT
- LRW, // Deprecated/legacy
- CBC, // Deprecated/legacy
- OUTER_CBC, // Deprecated/legacy
- INNER_CBC, // Deprecated/legacy
-#endif
MODE_ENUM_END_ID
};
@@ -115,12 +105,7 @@ enum
NONE = 0,
AES,
SERPENT,
- TWOFISH,
-#ifndef TC_WINDOWS_BOOT
- BLOWFISH, // Deprecated/legacy
- CAST, // Deprecated/legacy
- TRIPLEDES // Deprecated/legacy
-#endif
+ TWOFISH
};
typedef struct
@@ -184,15 +169,11 @@ typedef struct
#endif
#include "Aes_hw_cpu.h"
-#include "Blowfish.h"
-#include "Cast.h"
-#include "Des.h"
#include "Serpent.h"
#include "Twofish.h"
#include "Rmd160.h"
#ifndef TC_WINDOWS_BOOT
-# include "Sha1.h"
# include "Sha2.h"
# include "Whirlpool.h"
#endif
@@ -313,13 +294,6 @@ void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo,
void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci);
void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo);
void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo);
-#ifndef TC_NO_COMPILER_INT64
-void EncryptBufferLRW128 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo);
-void DecryptBufferLRW128 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo);
-void EncryptBufferLRW64 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo);
-void DecryptBufferLRW64 (byte *buffer, uint64 length, uint64 blockIndex, PCRYPTO_INFO cryptoInfo);
-uint64 DataUnit2LRWIndex (uint64 dataUnit, int blockSize, PCRYPTO_INFO ci);
-#endif // #ifndef TC_NO_COMPILER_INT64
BOOL IsAesHwCpuSupported ();
void EnableHwEncryption (BOOL enable);
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 071ed8e2..b40a41cd 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -5366,15 +5366,6 @@ CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
}
else
{
- if (idTestCipher == BLOWFISH)
- {
- /* Deprecated/legacy */
-
- /* Convert to little-endian, this is needed here and not in
- above auto-tests because BF_ecb_encrypt above correctly converts
- from big to little endian, and EncipherBlock does not! */
- LongReverse((unsigned int *) tmp, pt);
- }
CipherInit2(idTestCipher, key, ks_tmp, ks);
@@ -5387,13 +5378,6 @@ CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
DecipherBlock(idTestCipher, tmp, ks_tmp);
}
- if (idTestCipher == BLOWFISH)
- {
- /* Deprecated/legacy */
-
- /* Convert back to big-endian */
- LongReverse((unsigned int *) tmp, pt);
- }
}
*szTmp = 0;
@@ -5464,43 +5448,6 @@ ResetCipherTest(HWND hwndDlg, int idTestCipher)
SetWindowText(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), "0000000000000000000000000000000000000000000000000000000000000000");
SetWindowText(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), "0");
-
- if (idTestCipher == BLOWFISH)
- {
- /* Deprecated/legacy */
-
- ndx = SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) "448");
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 56);
- ndx = SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) "256");
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 32);
- ndx = SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) "128");
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 16);
- ndx = SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) "64");
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 8);
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETCURSEL, 0,0);
- SetWindowText(GetDlgItem(hwndDlg, IDC_KEY), "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000");
- }
-
-
- if (idTestCipher == CAST)
- {
- /* Deprecated/legacy */
-
- ndx = SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) "128");
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 16);
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETCURSEL, ndx,0);
- SetWindowText(GetDlgItem(hwndDlg, IDC_KEY), "00000000000000000000000000000000");
- }
-
- if (idTestCipher == TRIPLEDES)
- {
- /* Deprecated/legacy */
-
- ndx = SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) "168");
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 24);
- SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETCURSEL, ndx,0);
- SetWindowText(GetDlgItem(hwndDlg, IDC_KEY), "000000000000000000000000000000000000000000000000");
- }
SetWindowText(GetDlgItem(hwndDlg, IDC_PLAINTEXT), "0000000000000000");
SetWindowText(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), "0000000000000000");
diff --git a/src/Common/EncryptionThreadPool.c b/src/Common/EncryptionThreadPool.c
index fdedf36f..f213ea34 100644
--- a/src/Common/EncryptionThreadPool.c
+++ b/src/Common/EncryptionThreadPool.c
@@ -173,11 +173,6 @@ static TC_THREAD_PROC EncryptionThreadProc (void *threadArg)
workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize());
break;
- case SHA1:
- derive_key_sha1 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE,
- workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize());
- break;
-
default:
TC_THROW_FATAL_EXCEPTION;
}
diff --git a/src/Common/GfMul.c b/src/Common/GfMul.c
index 7e170bc1..7cc36ec1 100644
--- a/src/Common/GfMul.c
+++ b/src/Common/GfMul.c
@@ -651,43 +651,6 @@ int Gf128Tab64Init (unsigned __int8 *a, GfCtx *ctx)
return TRUE;
}
-int Gf64TabInit (unsigned __int8 *a, GfCtx *ctx)
-{
- /* Deprecated/legacy */
-
- GfCtx4k64 *ctx4k;
- unsigned __int8 am[8];
- int i, j;
-
- ctx4k = (GfCtx4k64 *) TCalloc (sizeof (GfCtx4k64));
- if (!ctx4k)
- return FALSE;
-
- memcpy (am, a, 8);
- MirrorBits64 (am);
- compile_4k_table64 (am, ctx4k);
-
- /* Convert LSB-first table to MSB-first */
- for (i = 0; i < 16; i++)
- {
- for (j = 0; j < 16; j++)
- {
- int jm = 0;
- jm |= (j & 0x1) << 3;
- jm |= (j & 0x2) << 1;
- jm |= (j & 0x4) >> 1;
- jm |= (j & 0x8) >> 3;
-
- memcpy (&ctx->gf_t64[i][jm], (unsigned char *)&ctx4k->gf_t4k[15-i][j], 8);
- MirrorBits64 ((unsigned char *)&ctx->gf_t64[i][jm]);
- }
- }
-
- burn (ctx4k,sizeof (*ctx4k));
- burn (am, sizeof (am));
- TCfree (ctx4k);
- return TRUE;
-}
#define xor_8kt64(i) \
xor_block_aligned(r, ctx->gf_t128[i + i][a[i] & 15]); \
@@ -718,36 +681,6 @@ void Gf128MulBy64Tab (unsigned __int8 a[8], unsigned __int8 p[16], GfCtx *ctx)
move_block_aligned(p, r);
}
-#define xor_8k64(i) \
- xor_block_aligned64(r, ctx->gf_t64[i + i][a[i] & 15]); \
- xor_block_aligned64(r, ctx->gf_t64[i + i + 1][a[i] >> 4])
-
-/* Multiply two 64-bit numbers in the finite field GF(2^64) */
-void Gf64MulTab (unsigned char a[8], unsigned char p[8], GfCtx *ctx)
-{
- /* Deprecated/legacy */
-
- unsigned __int32 r[CBLK_LEN8 >> 2];
-
- move_block_aligned64(r, ctx->gf_t64[7*2][a[7] & 15]);
- xor_block_aligned64(r, ctx->gf_t64[7*2+1][a[7] >> 4]);
-
- if (*(unsigned __int16 *)a)
- {
- xor_8k64(0);
- xor_8k64(1);
- }
- if (a[2])
- {
- xor_8k64(2);
- }
- xor_8k64(3);
- xor_8k64(4);
- xor_8k64(5);
- xor_8k64(6);
-
- move_block_aligned64(p, r);
-}
/* Basic algorithms for testing of optimized algorithms */
@@ -809,32 +742,6 @@ static void shl64 (unsigned __int8 *a)
}
}
-static void GfMul64Basic (unsigned __int8 *a, unsigned __int8 *b, unsigned __int8* p)
-{
- /* Deprecated/legacy */
-
- int i;
- unsigned __int8 la[8];
- memcpy (la, a, 8);
- memset (p, 0, 8);
-
- for (i = 0; i < 64; i++)
- {
- if (IsBitSet64 (i, b))
- xor64 ((uint64 *)p, (uint64 *)la);
-
- if (la[0] & 0x80)
- {
- shl64 (la);
- la[7] ^= 0x1b;
- }
- else
- {
- shl64 (la);
- }
- }
-}
-
BOOL GfMulSelfTest ()
{
@@ -849,23 +756,6 @@ BOOL GfMulSelfTest ()
if (!gfCtx)
return FALSE;
- /* GF(2^64) - deprecated/legacy */
- for (i = 0; i < 0x100; i++)
- {
- for (j = 0; j < 8; j++)
- {
- a[j] = (unsigned __int8) i;
- b[j] = a[j] ^ 0xff;
- }
-
- GfMul64Basic (a, b, p1);
-
- Gf64TabInit (a, gfCtx);
- Gf64MulTab (b, p2, gfCtx);
-
- if (memcmp (p1, p2, 8) != 0)
- result = FALSE;
- }
/* GF(2^128) */
for (i = 0; i < 0x100; i++)
diff --git a/src/Common/GfMul.h b/src/Common/GfMul.h
index ce5aa022..12dc864f 100644
--- a/src/Common/GfMul.h
+++ b/src/Common/GfMul.h
@@ -63,8 +63,6 @@ void GfMul128 (void *a, const void* b);
void GfMul128Tab(unsigned char a[16], GfCtx8k *ctx);
int Gf128Tab64Init (unsigned __int8 *a, GfCtx *ctx);
void Gf128MulBy64Tab (unsigned __int8 a[8], unsigned __int8 p[16], GfCtx *ctx);
-int Gf64TabInit (unsigned __int8 *a, GfCtx *ctx);
-void Gf64MulTab (unsigned char a[8], unsigned char p[8], GfCtx *ctx);
void MirrorBits128 (unsigned __int8 *a);
void MirrorBits64 (unsigned __int8 *a);
BOOL GfMulSelfTest ();
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c
index 00cf7941..8f21bb80 100644
--- a/src/Common/Pkcs5.c
+++ b/src/Common/Pkcs5.c
@@ -14,7 +14,6 @@
#include <memory.h>
#include "Rmd160.h"
#ifndef TC_WINDOWS_BOOT
-#include "Sha1.h"
#include "Sha2.h"
#include "Whirlpool.h"
#endif
@@ -175,150 +174,6 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, int it
burn (u, sizeof(u));
}
-
-/* Deprecated/legacy */
-void hmac_sha1
-(
- char *k, /* secret key */
- int lk, /* length of the key in bytes */
- char *d, /* data */
- int ld, /* length of data in bytes */
- char *out, /* output buffer, at least "t" bytes */
- int t
-)
-{
- sha1_ctx ictx, octx;
- char isha[SHA1_DIGESTSIZE], osha[SHA1_DIGESTSIZE];
- char key[SHA1_DIGESTSIZE];
- char buf[SHA1_BLOCKSIZE];
- int i;
-
- /* If the key is longer than the hash algorithm block size,
- let key = sha1(key), as per HMAC specifications. */
- if (lk > SHA1_BLOCKSIZE)
- {
- sha1_ctx tctx;
-
- sha1_begin (&tctx);
- sha1_hash ((unsigned char *) k, lk, &tctx);
- sha1_end ((unsigned char *) key, &tctx);
-
- k = key;
- lk = SHA1_DIGESTSIZE;
-
- burn (&tctx, sizeof(tctx)); // Prevent leaks
- }
-
- /**** Inner Digest ****/
-
- sha1_begin (&ictx);
-
- /* Pad the key for inner digest */
- for (i = 0; i < lk; ++i)
- buf[i] = (char) (k[i] ^ 0x36);
- for (i = lk; i < SHA1_BLOCKSIZE; ++i)
- buf[i] = 0x36;
-
- sha1_hash ((unsigned char *) buf, SHA1_BLOCKSIZE, &ictx);
- sha1_hash ((unsigned char *) d, ld, &ictx);
-
- sha1_end ((unsigned char *) isha, &ictx);
-
- /**** Outer Digest ****/
-
- sha1_begin (&octx);
-
- for (i = 0; i < lk; ++i)
- buf[i] = (char) (k[i] ^ 0x5C);
- for (i = lk; i < SHA1_BLOCKSIZE; ++i)
- buf[i] = 0x5C;
-
- sha1_hash ((unsigned char *) buf, SHA1_BLOCKSIZE, &octx);
- sha1_hash ((unsigned char *) isha, SHA1_DIGESTSIZE, &octx);
-
- sha1_end ((unsigned char *) osha, &octx);
-
- /* truncate and print the results */
- t = t > SHA1_DIGESTSIZE ? SHA1_DIGESTSIZE : t;
- hmac_truncate (osha, out, t);
-
- /* Prevent leaks */
- burn (&ictx, sizeof(ictx));
- burn (&octx, sizeof(octx));
- burn (isha, sizeof(isha));
- burn (osha, sizeof(osha));
- burn (buf, sizeof(buf));
- burn (key, sizeof(key));
-}
-
-
-/* Deprecated/legacy */
-void derive_u_sha1 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b)
-{
- char j[SHA1_DIGESTSIZE], k[SHA1_DIGESTSIZE];
- char init[128];
- char counter[4];
- int c, i;
-
- /* iteration 1 */
- memset (counter, 0, 4);
- counter[3] = (char) b;
- memcpy (init, salt, salt_len); /* salt */
- memcpy (&init[salt_len], counter, 4); /* big-endian block number */
- hmac_sha1 (pwd, pwd_len, init, salt_len + 4, j, SHA1_DIGESTSIZE);
- memcpy (u, j, SHA1_DIGESTSIZE);
-
- /* remaining iterations */
- for (c = 1; c < iterations; c++)
- {
- hmac_sha1 (pwd, pwd_len, j, SHA1_DIGESTSIZE, k, SHA1_DIGESTSIZE);
- for (i = 0; i < SHA1_DIGESTSIZE; i++)
- {
- u[i] ^= k[i];
- j[i] = k[i];
- }
- }
-
- /* Prevent possible leaks. */
- burn (j, sizeof(j));
- burn (k, sizeof(k));
-}
-
-
-/* Deprecated/legacy */
-void derive_key_sha1 (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen)
-{
- char u[SHA1_DIGESTSIZE];
- int b, l, r;
-
- if (dklen % SHA1_DIGESTSIZE)
- {
- l = 1 + dklen / SHA1_DIGESTSIZE;
- }
- else
- {
- l = dklen / SHA1_DIGESTSIZE;
- }
-
- r = dklen - (l - 1) * SHA1_DIGESTSIZE;
-
- /* first l - 1 blocks */
- for (b = 1; b < l; b++)
- {
- derive_u_sha1 (pwd, pwd_len, salt, salt_len, iterations, u, b);
- memcpy (dk, u, SHA1_DIGESTSIZE);
- dk += SHA1_DIGESTSIZE;
- }
-
- /* last block */
- derive_u_sha1 (pwd, pwd_len, salt, salt_len, iterations, u, b);
- memcpy (dk, u, r);
-
-
- /* Prevent possible leaks. */
- burn (u, sizeof(u));
-}
-
#endif // TC_WINDOWS_BOOT
void hmac_ripemd160 (char *key, int keylen, char *input, int len, char *digest)
@@ -618,9 +473,6 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id)
case SHA512:
return "HMAC-SHA-512";
- case SHA1: // Deprecated/legacy
- return "HMAC-SHA-1";
-
case RIPEMD160:
return "HMAC-RIPEMD-160";
@@ -646,10 +498,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot)
#ifndef TC_WINDOWS_BOOT
case SHA512:
- return 500000;
-
- case SHA1: // Deprecated/legacy
- return 1000000;
+ return 500000;
case WHIRLPOOL:
return 500000;
diff --git a/src/Common/Tests.c b/src/Common/Tests.c
index dd4f1621..226b3e09 100644
--- a/src/Common/Tests.c
+++ b/src/Common/Tests.c
@@ -290,91 +290,6 @@ BOOL XTSAesTest (PCRYPTO_INFO ci)
return TRUE;
}
-/* Blowfish Test Vectors (deprecated/legacy) */
-
-/* Blowfish test vectors from www.counterpane.com/blowfish.html */
-
-#define BF_TEST_COUNT 34
-
-typedef struct {
- unsigned char key[8];
- unsigned char plaintext[8];
- unsigned char ciphertext[8];
- } BF_TEST;
-
-#pragma warning(disable:4295)
-
-BF_TEST bf_ecb_vectors[BF_TEST_COUNT] = {
-"\x00\x00\x00\x00\x00\x00\x00\x00","\x00\x00\x00\x00\x00\x00\x00\x00","\x4E\xF9\x97\x45\x61\x98\xDD\x78",
-"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF","\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF","\x51\x86\x6F\xD5\xB8\x5E\xCB\x8A",
-"\x30\x00\x00\x00\x00\x00\x00\x00","\x10\x00\x00\x00\x00\x00\x00\x01","\x7D\x85\x6F\x9A\x61\x30\x63\xF2",
-"\x11\x11\x11\x11\x11\x11\x11\x11","\x11\x11\x11\x11\x11\x11\x11\x11","\x24\x66\xDD\x87\x8B\x96\x3C\x9D",
-"\x01\x23\x45\x67\x89\xAB\xCD\xEF","\x11\x11\x11\x11\x11\x11\x11\x11","\x61\xF9\xC3\x80\x22\x81\xB0\x96",
-"\x11\x11\x11\x11\x11\x11\x11\x11","\x01\x23\x45\x67\x89\xAB\xCD\xEF","\x7D\x0C\xC6\x30\xAF\xDA\x1E\xC7",
-"\x00\x00\x00\x00\x00\x00\x00\x00","\x00\x00\x00\x00\x00\x00\x00\x00","\x4E\xF9\x97\x45\x61\x98\xDD\x78",
-"\xFE\xDC\xBA\x98\x76\x54\x32\x10","\x01\x23\x45\x67\x89\xAB\xCD\xEF","\x0A\xCE\xAB\x0F\xC6\xA0\xA2\x8D",
-"\x7C\xA1\x10\x45\x4A\x1A\x6E\x57","\x01\xA1\xD6\xD0\x39\x77\x67\x42","\x59\xC6\x82\x45\xEB\x05\x28\x2B",
-"\x01\x31\xD9\x61\x9D\xC1\x37\x6E","\x5C\xD5\x4C\xA8\x3D\xEF\x57\xDA","\xB1\xB8\xCC\x0B\x25\x0F\x09\xA0",
-"\x07\xA1\x13\x3E\x4A\x0B\x26\x86","\x02\x48\xD4\x38\x06\xF6\x71\x72","\x17\x30\xE5\x77\x8B\xEA\x1D\xA4",
-"\x38\x49\x67\x4C\x26\x02\x31\x9E","\x51\x45\x4B\x58\x2D\xDF\x44\x0A","\xA2\x5E\x78\x56\xCF\x26\x51\xEB",
-"\x04\xB9\x15\xBA\x43\xFE\xB5\xB6","\x42\xFD\x44\x30\x59\x57\x7F\xA2","\x35\x38\x82\xB1\x09\xCE\x8F\x1A",
-"\x01\x13\xB9\x70\xFD\x34\xF2\xCE","\x05\x9B\x5E\x08\x51\xCF\x14\x3A","\x48\xF4\xD0\x88\x4C\x37\x99\x18",
-"\x01\x70\xF1\x75\x46\x8F\xB5\xE6","\x07\x56\xD8\xE0\x77\x47\x61\xD2","\x43\x21\x93\xB7\x89\x51\xFC\x98",
-"\x43\x29\x7F\xAD\x38\xE3\x73\xFE","\x76\x25\x14\xB8\x29\xBF\x48\x6A","\x13\xF0\x41\x54\xD6\x9D\x1A\xE5",
-"\x07\xA7\x13\x70\x45\xDA\x2A\x16","\x3B\xDD\x11\x90\x49\x37\x28\x02","\x2E\xED\xDA\x93\xFF\xD3\x9C\x79",
-"\x04\x68\x91\x04\xC2\xFD\x3B\x2F","\x26\x95\x5F\x68\x35\xAF\x60\x9A","\xD8\x87\xE0\x39\x3C\x2D\xA6\xE3",
-"\x37\xD0\x6B\xB5\x16\xCB\x75\x46","\x16\x4D\x5E\x40\x4F\x27\x52\x32","\x5F\x99\xD0\x4F\x5B\x16\x39\x69",
-"\x1F\x08\x26\x0D\x1A\xC2\x46\x5E","\x6B\x05\x6E\x18\x75\x9F\x5C\xCA","\x4A\x05\x7A\x3B\x24\xD3\x97\x7B",
-"\x58\x40\x23\x64\x1A\xBA\x61\x76","\x00\x4B\xD6\xEF\x09\x17\x60\x62","\x45\x20\x31\xC1\xE4\xFA\xDA\x8E",
-"\x02\x58\x16\x16\x46\x29\xB0\x07","\x48\x0D\x39\x00\x6E\xE7\x62\xF2","\x75\x55\xAE\x39\xF5\x9B\x87\xBD",
-"\x49\x79\x3E\xBC\x79\xB3\x25\x8F","\x43\x75\x40\xC8\x69\x8F\x3C\xFA","\x53\xC5\x5F\x9C\xB4\x9F\xC0\x19",
-"\x4F\xB0\x5E\x15\x15\xAB\x73\xA7","\x07\x2D\x43\xA0\x77\x07\x52\x92","\x7A\x8E\x7B\xFA\x93\x7E\x89\xA3",
-"\x49\xE9\x5D\x6D\x4C\xA2\x29\xBF","\x02\xFE\x55\x77\x81\x17\xF1\x2A","\xCF\x9C\x5D\x7A\x49\x86\xAD\xB5",
-"\x01\x83\x10\xDC\x40\x9B\x26\xD6","\x1D\x9D\x5C\x50\x18\xF7\x28\xC2","\xD1\xAB\xB2\x90\x65\x8B\xC7\x78",
-"\x1C\x58\x7F\x1C\x13\x92\x4F\xEF","\x30\x55\x32\x28\x6D\x6F\x29\x5A","\x55\xCB\x37\x74\xD1\x3E\xF2\x01",
-"\x01\x01\x01\x01\x01\x01\x01\x01","\x01\x23\x45\x67\x89\xAB\xCD\xEF","\xFA\x34\xEC\x48\x47\xB2\x68\xB2",
-"\x1F\x1F\x1F\x1F\x0E\x0E\x0E\x0E","\x01\x23\x45\x67\x89\xAB\xCD\xEF","\xA7\x90\x79\x51\x08\xEA\x3C\xAE",
-"\xE0\xFE\xE0\xFE\xF1\xFE\xF1\xFE","\x01\x23\x45\x67\x89\xAB\xCD\xEF","\xC3\x9E\x07\x2D\x9F\xAC\x63\x1D",
-"\x00\x00\x00\x00\x00\x00\x00\x00","\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF","\x01\x49\x33\xE0\xCD\xAF\xF6\xE4",
-"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF","\x00\x00\x00\x00\x00\x00\x00\x00","\xF2\x1E\x9A\x77\xB7\x1C\x49\xBC",
-"\x01\x23\x45\x67\x89\xAB\xCD\xEF","\x00\x00\x00\x00\x00\x00\x00\x00","\x24\x59\x46\x88\x57\x54\x36\x9A",
-"\xFE\xDC\xBA\x98\x76\x54\x32\x10","\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF","\x6B\x5C\x5A\x9C\x5D\x9E\x0A\x5A"
-};
-
-
-#define TRIPLEDES_TEST_COUNT 1
-
-typedef struct {
- unsigned char key[24];
- unsigned char plaintext[8];
- unsigned char ciphertext[8];
- } TRIPLEDES_TEST;
-
-TRIPLEDES_TEST tripledes_vectors[TRIPLEDES_TEST_COUNT] = {
-0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98,
-0x76, 0x54, 0x32, 0x10, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23, 0x45, 0x67,
-
-0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xe7,
-
-0xde, 0x0b, 0x7c, 0x06, 0xae, 0x5e, 0x0e, 0xd5
-};
-
-/* CAST-128 Test Vectors from RFC2144 (deprecated/legacy) */
-
-#define CAST_TEST_COUNT 1
-
-typedef struct {
- unsigned char key[16];
- unsigned char plaintext[8];
- unsigned char ciphertext[8];
- } CAST_TEST;
-
-
-CAST_TEST cast_ecb_vectors[CAST_TEST_COUNT] = {
- "\x01\x23\x45\x67\x12\x34\x56\x78\x23\x45\x67\x89\x34\x56\x78\x9A",
- "\x01\x23\x45\x67\x89\xAB\xCD\xEF",
- "\x23\x8B\x4F\xE5\x84\x7E\x44\xB2"
- };
// AES ECB test vectors FIPS-197
@@ -463,35 +378,6 @@ char *hmac_sha512_test_vectors[] =
"\xe3\x7b\x6a\x77\x5d\xc8\x7d\xba\xa4\xdf\xa9\xf9\x6e\x5e\x3f\xfd\xde\xbd\x71\xf8\x86\x72\x89\x86\x5d\xf5\xa3\x2d\x20\xcd\xc9\x44\xb6\x02\x2c\xac\x3c\x49\x82\xb1\x0d\x5e\xeb\x55\xc3\xe4\xde\x15\x13\x46\x76\xfb\x6d\xe0\x44\x60\x65\xc9\x74\x40\xfa\x8c\x6a\x58",
};
-char *hmac_sha1_test_keys[] =
-{
- // Deprecated/legacy
- "\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3",
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
- "Jefe",
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
-};
-
-char *hmac_sha1_test_data[] =
-{
- // Deprecated/legacy
- "Sample #3",
- "Hi There",
- "what do ya want for nothing?",
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
- "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
-};
-
-char *hmac_sha1_test_vectors[] =
-{
- // Deprecated/legacy
- "\xbc\xf4\x1e\xab\x8b\xb2\xd8\x02\xf3\xd0\x5c\xaf\x7c\xb0\x92\xec\xf8\xd1\xa3\xaa",
- "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00",
- "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79",
- "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3"
-};
-
char *hmac_ripemd160_test_keys[] =
{
"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff\x01\x23\x45\x67",
@@ -534,29 +420,15 @@ void CipherInit2(int cipher, void* key, void* ks, int key_len)
{
switch (cipher)
{
- case BLOWFISH:
- /* Deprecated/legacy */
- BlowfishSetKey (ks, key_len, key);
- break;
case AES:
CipherInit(cipher,key,ks);
break;
- case CAST:
- /* Deprecated/legacy */
- CipherInit(cipher,key,ks);
- break;
-
case SERPENT:
CipherInit(cipher,key,ks);
break;
- case TRIPLEDES:
- /* Deprecated/legacy */
- CipherInit(cipher,key,ks);
- break;
-
case TWOFISH:
CipherInit(cipher,key,ks);
break;
@@ -568,72 +440,6 @@ void CipherInit2(int cipher, void* key, void* ks, int key_len)
}
-/* Deprecated/legacy */
-typedef struct {
- unsigned __int8 key1[32];
- unsigned __int8 key2[16];
- unsigned __int8 index[16];
- unsigned __int8 plaintext[16];
- unsigned __int8 ciphertext[16];
-} LRW_TEST;
-
-#define LRW_TEST_COUNT 2
-
-/* Deprecated/legacy */
-LRW_TEST lrw_vectors[LRW_TEST_COUNT] = {
- {
- { 0xf8, 0xd4, 0x76, 0xff, 0xd6, 0x46, 0xee, 0x6c, 0x23, 0x84, 0xcb, 0x1c, 0x77, 0xd6, 0x19, 0x5d,
- 0xfe, 0xf1, 0xa9, 0xf3, 0x7b, 0xbc, 0x8d, 0x21, 0xa7, 0x9c, 0x21, 0xf8, 0xcb, 0x90, 0x02, 0x89 },
- { 0xa8, 0x45, 0x34, 0x8e, 0xc8, 0xc5, 0xb5, 0xf1, 0x26, 0xf5, 0x0e, 0x76, 0xfe, 0xfd, 0x1b, 0x1e },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
- { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
- { 0xbd, 0x06, 0xb8, 0xe1, 0xdb, 0x98, 0x89, 0x9e, 0xc4, 0x98, 0xe4, 0x91, 0xcf, 0x1c, 0x70, 0x2b }
- },
- {
- { 0xfb, 0x76, 0x15, 0xb2, 0x3d, 0x80, 0x89, 0x1d, 0xd4, 0x70, 0x98, 0x0b, 0xc7, 0x95, 0x84, 0xc8,
- 0xb2, 0xfb, 0x64, 0xce, 0x60, 0x97, 0x87, 0x8d, 0x17, 0xfc, 0xe4, 0x5a, 0x49, 0xe8, 0x30, 0xb7 },
- { 0x6e, 0x78, 0x17, 0xe7, 0x2d, 0x5e, 0x12, 0xd4, 0x60, 0x64, 0x04, 0x7a, 0xf1, 0x2f, 0x9e, 0x0c },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00 },
- { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
- { 0x5b, 0x90, 0x8e, 0xc1, 0xab, 0xdd, 0x67, 0x5f, 0x3d, 0x69, 0x8a, 0x95, 0x53, 0xc8, 0x9c, 0xe5 }
- }
-};
-
-
-BOOL LRWAesTest (PCRYPTO_INFO ci)
-{
- /* Deprecated/legacy */
-
- unsigned __int8 p[16];
- int i;
-
- for (i = 0; i < LRW_TEST_COUNT; i++)
- {
- ci->ea = EAGetByName ("AES");
- if (ci->ea == 0)
- return FALSE;
-
- ci->mode = LRW;
-
- if (EAInit (ci->ea, lrw_vectors[i].key1, ci->ks) != ERR_SUCCESS)
- return FALSE;
-
- memcpy (&ci->k2, lrw_vectors[i].key2, sizeof (lrw_vectors[i].key2));
- if (!EAInitMode (ci))
- return FALSE;
-
- memcpy (p, lrw_vectors[i].plaintext, sizeof (p));
-
- EncryptBufferLRW128 (p, sizeof (p), BE64(((unsigned __int64 *)(lrw_vectors[i].index))[1]), ci);
-
- if (memcmp (lrw_vectors[i].ciphertext, p, sizeof (p)) != 0)
- return FALSE;
- }
-
- return TRUE;
-}
-
-
BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
{
unsigned char buf [ENCRYPTION_DATA_UNIT_SIZE * 4];
@@ -653,15 +459,12 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13
};
- if (!TestLegacySectorBufEncryption (ci))
- return FALSE;
-
/* Encryption/decryption of data units (typically, volume data sectors) */
nbrUnits = sizeof (buf) / ENCRYPTION_DATA_UNIT_SIZE;
- ci->mode = XTS; // Other modes of operation are tested in TestLegacySectorBufEncryption()
+ ci->mode = XTS; // we only implement XTS
/* The buffer can accommodate 4 data units and we'll test 4 cases by "scrolling". The data unit 0xFFFFFFFFFF
will "move" from the start of the buffer to its end. For a 512-byte data unit, the byte offset 562949953420800
@@ -1029,340 +832,6 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
return (nTestsPerformed == 80);
}
-
-BOOL TestLegacySectorBufEncryption (PCRYPTO_INFO ci)
-{
- unsigned char buf [ENCRYPTION_DATA_UNIT_SIZE * 2];
- unsigned int i;
- char name[64];
- unsigned __int32 crc;
- UINT64_STRUCT unitNo;
- uint32 nbrUnits;
- int blockSize;
- BOOL lrw64InitDone = FALSE;
- BOOL lrw128InitDone = FALSE;
- int nTestsPerformed = 0;
-
- unitNo.Value = 0x0234567890ABCDEFull;
- nbrUnits = sizeof (buf) / ENCRYPTION_DATA_UNIT_SIZE;
-
- for (i = 0; i < sizeof (buf); i++)
- buf[i] = (unsigned char) i;
-
- for (i = 0; i < sizeof (ci->k2); i++)
- ci->k2[i] = (unsigned char) i;
-
- // Test all EAs
- for (ci->ea = EAGetFirst (); ci->ea != 0; ci->ea = EAGetNext (ci->ea))
- {
- EAGetName (name, ci->ea);
- blockSize = CipherGetBlockSize (EAGetFirstCipher (ci->ea));
-
- if (EAInit (ci->ea, (unsigned char *)buf, ci->ks) == ERR_CIPHER_INIT_FAILURE)
- return FALSE;
-
- // Test all deprecated modes of operation
- for (ci->mode = EAGetFirstMode (ci->ea);
- ci->mode != 0;
- ci->mode = EAGetNextMode (ci->ea, ci->mode))
- {
- // Skip modes that are not deprecated
- if (ci->mode == XTS)
- continue;
-
- if (ci->mode == LRW
- && (blockSize == 8 && !lrw64InitDone || blockSize == 16 && !lrw128InitDone ))
- {
- if (!EAInitMode (ci))
- return FALSE;
-
- if (blockSize == 8)
- lrw64InitDone = TRUE;
- else if (blockSize == 16)
- lrw128InitDone = TRUE;
- }
-
- EncryptDataUnits (buf, &unitNo, nbrUnits, ci);
- crc = GetCrc32 (buf, sizeof (buf));
-
- switch (ci->mode)
- {
- case LRW: // Deprecated/legacy
- if (strcmp (name, "AES") == 0)
- {
- if (crc != 0x5237acf9)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Blowfish") == 0) // Deprecated/legacy
- {
- if (crc != 0xf94d5300)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "CAST5") == 0) // Deprecated/legacy
- {
- if (crc != 0x33971e82)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent") == 0)
- {
- if (crc != 0x7fb86805)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Triple DES") == 0) // Deprecated/legacy
- {
- if (crc != 0x2b20bb84)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Twofish") == 0)
- {
- if (crc != 0xa9de0f0b)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Twofish") == 0)
- {
- if (crc != 0x4ed0fd80)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Twofish-Serpent") == 0)
- {
- if (crc != 0xea04b3cf)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent-AES") == 0)
- {
- if (crc != 0x0d33596a)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent-Twofish-AES") == 0)
- {
- if (crc != 0x2845d0e3)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Twofish-Serpent") == 0)
- {
- if (crc != 0xca65c5cd)
- return FALSE;
- nTestsPerformed++;
- }
- break;
-
- case CBC: // Deprecated/legacy
- case INNER_CBC: // Deprecated/legacy
- case OUTER_CBC: // Deprecated/legacy
- if (strcmp (name, "AES") == 0)
- {
- if (crc != 0x2274f53d)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Blowfish") == 0) // Deprecated/legacy
- {
- if (crc != 0x033899a1)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "CAST5") == 0) // Deprecated/legacy
- {
- if (crc != 0x331cecc7)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent") == 0)
- {
- if (crc != 0x42dff3d4)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Triple DES") == 0) // Deprecated/legacy
- {
- if (crc != 0xfe497d0c)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Blowfish") == 0) // Deprecated/legacy
- {
- if (crc != 0xa7a80c84)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Blowfish-Serpent") == 0) // Deprecated/legacy
- {
- if (crc != 0xa0584562)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Twofish") == 0)
- {
- if (crc != 0x3c226444)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Twofish-Serpent") == 0)
- {
- if (crc != 0x5e5e77fd)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent-AES") == 0)
- {
- if (crc != 0x57c612d5)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent-Twofish-AES") == 0)
- {
- if (crc != 0x081e045a)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Twofish-Serpent") == 0)
- {
- if (crc != 0xa7b659f3)
- return FALSE;
- nTestsPerformed++;
- }
- break;
- }
-
- if (crc == 0xb70b4c26)
- return FALSE;
-
- DecryptDataUnits (buf, &unitNo, nbrUnits, ci);
-
- if (GetCrc32 (buf, sizeof (buf)) != 0xb70b4c26)
- return FALSE;
-
- nTestsPerformed++;
-
- EncryptBuffer (buf, sizeof (buf), ci);
- crc = GetCrc32 (buf, sizeof (buf));
-
- switch (ci->mode)
- {
- case LRW: // Deprecated/legacy
- if (strcmp (name, "AES") == 0)
- {
- if (crc != 0x5ae1e3d8)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Blowfish") == 0) // Deprecated/legacy
- {
- if (crc != 0x2738426f)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Twofish-Serpent") == 0)
- {
- if (crc != 0x14f2948a)
- return FALSE;
- nTestsPerformed++;
- }
- break;
-
- case CBC: // Deprecated/legacy
- case INNER_CBC: // Deprecated/legacy
- case OUTER_CBC: // Deprecated/legacy
- if (strcmp (name, "AES") == 0)
- {
- if (crc != 0x960f740e)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Blowfish") == 0) // Deprecated/legacy
- {
- if (crc != 0x7e1cfabb)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "CAST5") == 0) // Deprecated/legacy
- {
- if (crc != 0xeaae21c8)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent") == 0)
- {
- if (crc != 0xa8139d62)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Triple DES") == 0) // Deprecated/legacy
- {
- if (crc != 0xecf5d7d0)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Blowfish") == 0) // Deprecated/legacy
- {
- if (crc != 0xb70171b6)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Blowfish-Serpent") == 0) // Deprecated/legacy
- {
- if (crc != 0x1e749a87)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Twofish") == 0)
- {
- if (crc != 0xb4b8bb9b)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "AES-Twofish-Serpent") == 0)
- {
- if (crc != 0x76b6c1cb)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent-AES") == 0)
- {
- if (crc != 0x634f12ed)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Serpent-Twofish-AES") == 0)
- {
- if (crc != 0xe54bc1b9)
- return FALSE;
- nTestsPerformed++;
- }
- else if (strcmp (name, "Twofish-Serpent") == 0)
- {
- if (crc != 0x21cdb382)
- return FALSE;
- nTestsPerformed++;
- }
- break;
- }
-
- if (crc == 0xb70b4c26)
- return FALSE;
-
- DecryptBuffer (buf, sizeof (buf), ci);
-
- if (GetCrc32 (buf, sizeof (buf)) != 0xb70b4c26)
- return FALSE;
-
- nTestsPerformed++;
- }
- }
- return (nTestsPerformed == 86);
-}
-
-
static BOOL DoAutoTestAlgorithms (void)
{
PCRYPTO_INFO ci;
@@ -1377,74 +846,6 @@ static BOOL DoAutoTestAlgorithms (void)
memset (ci, 0, sizeof (*ci));
- /* Blowfish (deprecated/legacy) */
-
- for (i=0;i<BF_TEST_COUNT;i++)
- {
- memcpy(key, bf_ecb_vectors[i].key, 8);
- memcpy(tmp, bf_ecb_vectors[i].plaintext, 8);
- CipherInit2(BLOWFISH, key, ks_tmp, 8);
-
- ((uint32 *)tmp)[0] = BE32 (((uint32 *)tmp)[0]);
- ((uint32 *)tmp)[1] = BE32 (((uint32 *)tmp)[1]);
-
- BlowfishEncryptLE (tmp,tmp,(BF_KEY *)ks_tmp,1);
- BlowfishEncryptLE (tmp,tmp,(BF_KEY *)ks_tmp,0);
- BlowfishEncryptLE (tmp,tmp,(BF_KEY *)ks_tmp,1);
-
- ((uint32 *)tmp)[0] = BE32 (((uint32 *)tmp)[0]);
- ((uint32 *)tmp)[1] = BE32 (((uint32 *)tmp)[1]);
-
- if (memcmp(bf_ecb_vectors[i].ciphertext,tmp,8)!=0)
- break;
- }
-
- if (i != BF_TEST_COUNT)
- bFailed = TRUE;
-
- /* CAST5 (deprecated/legacy) */
-
- for (i=0;i<CAST_TEST_COUNT;i++)
- {
- int cipher = CAST;
- memcpy(key, cast_ecb_vectors[i].key, 16);
- memcpy(tmp, cast_ecb_vectors[i].plaintext, 8);
- CipherInit2(cipher, key, ks_tmp, 16);
-
- EncipherBlock(cipher, tmp, ks_tmp);
- DecipherBlock(cipher, tmp, ks_tmp);
- EncipherBlock(cipher, tmp, ks_tmp);
-
- if (memcmp(cast_ecb_vectors[i].ciphertext, tmp,8)!=0)
- break;
- }
-
- if (i!=CAST_TEST_COUNT)
- bFailed = TRUE;
-
-
- /* Triple DES (TECB, EDE) - deprecated/legacy */
-
- for (i = 0; i < TRIPLEDES_TEST_COUNT; i++)
- {
- int cipher = TRIPLEDES;
- memcpy(key, tripledes_vectors[i].key, sizeof(tripledes_vectors->key));
- memcpy(tmp, tripledes_vectors[i].plaintext, sizeof(tripledes_vectors->plaintext));
-
- CipherInit(cipher, key, ks_tmp);
-
- EncipherBlock(cipher, tmp, ks_tmp);
- if (memcmp(tripledes_vectors[i].ciphertext, tmp, sizeof(tripledes_vectors->ciphertext)) != 0)
- break;
-
- DecipherBlock(cipher, tmp, ks_tmp);
- if (memcmp(tripledes_vectors[i].plaintext, tmp, sizeof(tripledes_vectors->plaintext)) != 0)
- break;
- }
- if (i != TRIPLEDES_TEST_COUNT)
- bFailed = TRUE;
-
-
/* AES */
for (i = 0; i < AES_TEST_COUNT; i++)
@@ -1550,10 +951,6 @@ static BOOL DoAutoTestAlgorithms (void)
if (!XTSAesTest (ci))
bFailed = TRUE;
- /* LRW-AES (deprecated/legacy) */
- if (!LRWAesTest (ci))
- bFailed = TRUE;
-
/* Sector and buffer related algorithms */
if (!TestSectorBufEncryption (ci))
bFailed = TRUE;
@@ -1601,26 +998,6 @@ BOOL test_hmac_sha512 ()
return (nTestsPerformed == 6);
}
-BOOL test_hmac_sha1 ()
-{
- // Deprecated/legacy
-
- int nTestsPerformed = 0;
- int i;
-
- for (i = 0; i < 3; i++)
- {
- char digest[SHA1_DIGESTSIZE];
- hmac_sha1 (hmac_sha1_test_keys[i], (int) strlen (hmac_sha1_test_keys[i]), hmac_sha1_test_data[i], (int) strlen (hmac_sha1_test_data[i]), digest, SHA1_DIGESTSIZE);
- if (memcmp (digest, hmac_sha1_test_vectors[i], SHA1_DIGESTSIZE) != 0)
- return FALSE;
- else
- nTestsPerformed++;
- }
-
- return (nTestsPerformed == 3);
-}
-
BOOL test_hmac_ripemd160 ()
{
int nTestsPerformed = 0;
@@ -1658,10 +1035,6 @@ BOOL test_pkcs5 ()
if (!test_hmac_sha512())
return FALSE;
- /* HMAC-SHA-1 tests (deprecated/legacy) */
- if (test_hmac_sha1() == FALSE)
- return FALSE;
-
/* HMAC-RIPEMD-160 tests */
if (test_hmac_ripemd160() == FALSE)
return FALSE;
@@ -1681,23 +1054,6 @@ BOOL test_pkcs5 ()
if (memcmp (dk, "\x13\x64\xae\xf8\x0d\xf5\x57\x6c\x30\xd5\x71\x4c\xa7\x75\x3f\xfd\x00\xe5\x25\x8b\x39\xc7\x44\x7f\xce\x23\x3d\x08\x75\xe0\x2f\x48\xd6\x30\xd7\x00\xb6\x24\xdb\xe0\x5a\xd7\x47\xef\x52\xca\xa6\x34\x83\x47\xe5\xcb\xe9\x87\xf1\x20\x59\x6a\xe6\xa9\xcf\x51\x78\xc6\xb6\x23\xa6\x74\x0d\xe8\x91\xbe\x1a\xd0\x28\xcc\xce\x16\x98\x9a\xbe\xfb\xdc\x78\xc9\xe1\x7d\x72\x67\xce\xe1\x61\x56\x5f\x96\x68\xe6\xe1\xdd\xf4\xbf\x1b\x80\xe0\x19\x1c\xf4\xc4\xd3\xdd\xd5\xd5\x57\x2d\x83\xc7\xa3\x37\x87\xf4\x4e\xe0\xf6\xd8\x6d\x65\xdc\xa0\x52\xa3\x13\xbe\x81\xfc\x30\xbe\x7d\x69\x58\x34\xb6\xdd\x41\xc6", 144) != 0)
return FALSE;
- /* PKCS-5 test 1 with HMAC-SHA-1 (deprecated/legacy) used as the PRF (derives a key longer than the underlying hash) */
- derive_key_sha1 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 48);
- if (memcmp (dk, "\x5c\x75\xce\xf0\x1a\x96\x0d\xf7\x4c\xb6\xb4\x9b\x9e\x38\xe6\xb5\x3b\x11\x80\xe3\x2f\xf7\xe0\xdd\xaa\xca\x8f\x81\x27\xf6\x9f\x4f\x1d\xc8\x2f\x48\x2d\xdb\x1a\x0a\xca\x90\xcb\x80\xb9\x2e\x90\x9e", 48) != 0)
- return FALSE;
-
- /* PKCS-5 test 2 with HMAC-SHA-1 (deprecated/legacy) used as the PRF */
- derive_key_sha1 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
- if (memcmp (dk, "\x5c\x75\xce\xf0", 4) != 0)
- return FALSE;
-
-#if 0 // This test is disabled because it uses 1200 iterations (to prevent startup slowdown)
- /* PKCS-5 test 3 with HMAC-SHA-1 (deprecated/legacy) used as the PRF */
- derive_key_sha1 ("password", 8, "ATHENA.MIT.EDUraeburn", 21, 1200, dk, 16);
- if (memcmp (dk, "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b", 16) != 0)
- return FALSE;
-#endif
-
/* PKCS-5 test 1 with HMAC-RIPEMD-160 used as the PRF */
derive_key_ripemd160 (FALSE, "password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
if (memcmp (dk, "\x7a\x3d\x7c\x03", 4) != 0)
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 15ee8fe6..9a0d3efc 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -240,10 +240,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
// Test all available PKCS5 PRFs
for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf)
- {
- BOOL lrw64InitDone = FALSE; // Deprecated/legacy
- BOOL lrw128InitDone = FALSE; // Deprecated/legacy
-
+ {
if (encryptionThreadCount > 1)
{
// Enqueue key derivation on thread pool
@@ -314,12 +311,6 @@ KeyReady: ;
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
- case SHA1:
- // Deprecated/legacy
- derive_key_sha1 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
- PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
- break;
-
case WHIRLPOOL:
derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
@@ -338,16 +329,6 @@ KeyReady: ;
{
switch (cryptoInfo->mode)
{
- case LRW:
- case CBC:
- case INNER_CBC:
- case OUTER_CBC:
-
- // For LRW (deprecated/legacy), copy the tweak key
- // For CBC (deprecated/legacy), copy the IV/whitening seed
- memcpy (cryptoInfo->k2, dk, LEGACY_VOL_IV_SIZE);
- primaryKeyOffset = LEGACY_VOL_IV_SIZE;
- break;
default:
primaryKeyOffset = 0;
@@ -383,21 +364,9 @@ KeyReady: ;
goto err;
}
}
- else if (cryptoInfo->mode == LRW
- && (blockSize == 8 && !lrw64InitDone || blockSize == 16 && !lrw128InitDone))
+ else
{
- // Deprecated/legacy
-
- if (!EAInitMode (cryptoInfo))
- {
- status = ERR_MODE_INIT_FAILED;
- goto err;
- }
-
- if (blockSize == 8)
- lrw64InitDone = TRUE;
- else if (blockSize == 16)
- lrw128InitDone = TRUE;
+ continue;
}
// Copy the header for decryption
@@ -519,15 +488,6 @@ KeyReady: ;
switch (cryptoInfo->mode)
{
- case LRW:
- case CBC:
- case INNER_CBC:
- case OUTER_CBC:
-
- // For LRW (deprecated/legacy), the tweak key
- // For CBC (deprecated/legacy), the IV/whitening seed
- memcpy (cryptoInfo->k2, keyInfo.master_keydata, LEGACY_VOL_IV_SIZE);
- break;
default:
// The secondary master key (if cascade, multiple concatenated)
@@ -721,18 +681,6 @@ int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Pass
switch (mode)
{
- case LRW:
- case CBC:
- case INNER_CBC:
- case OUTER_CBC:
-
- // Deprecated/legacy modes of operation
- bytesNeeded = LEGACY_VOL_IV_SIZE + EAGetKeySize (ea);
-
- // In fact, this should never be the case since volumes being newly created are not
- // supposed to use any deprecated mode of operation.
- TC_THROW_FATAL_EXCEPTION;
- break;
default:
bytesNeeded = EAGetKeySize (ea) * 2; // Size of primary + secondary key(s)
@@ -770,12 +718,6 @@ int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Pass
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
- case SHA1:
- // Deprecated/legacy
- derive_key_sha1 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
- PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
- break;
-
case RIPEMD160:
derive_key_ripemd160 (TRUE, keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
@@ -859,16 +801,6 @@ int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Pass
switch (mode)
{
- case LRW:
- case CBC:
- case INNER_CBC:
- case OUTER_CBC:
-
- // For LRW (deprecated/legacy), the tweak key
- // For CBC (deprecated/legacy), the IV/whitening seed
- memcpy (cryptoInfo->k2, dk, LEGACY_VOL_IV_SIZE);
- primaryKeyOffset = LEGACY_VOL_IV_SIZE;
- break;
default:
// The secondary key (if cascade, multiple concatenated)
@@ -902,15 +834,6 @@ int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Pass
switch (cryptoInfo->mode)
{
- case LRW:
- case CBC:
- case INNER_CBC:
- case OUTER_CBC:
-
- // For LRW (deprecated/legacy), the tweak key
- // For CBC (deprecated/legacy), the IV/whitening seed
- memcpy (cryptoInfo->k2, keyInfo.master_keydata, LEGACY_VOL_IV_SIZE);
- break;
default:
// The secondary master key (if cascade, multiple concatenated)