VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorlealem47 <60322859+lealem47@users.noreply.github.com>2023-11-12 16:51:31 -0700
committerGitHub <noreply@github.com>2023-11-13 00:51:31 +0100
commit9247ce1bb90c44d19a0069fadb12c0c480ac9b4f (patch)
tree66fb4728d502759271d03eba59d51c1a129b2ffb /src
parent458be85f84a097aa829658c50ce41d82791fb6a8 (diff)
downloadVeraCrypt-9247ce1bb90c44d19a0069fadb12c0c480ac9b4f.tar.gz
VeraCrypt-9247ce1bb90c44d19a0069fadb12c0c480ac9b4f.zip
wolfCrypt as crypto backend for VeraCrypt (#1227)
* wolfCrypt as crypto backend for VeraCrypt * Refactor to use EncryptionModeWolfCryptXTS class
Diffstat (limited to 'src')
-rw-r--r--src/Common/BootEncryption.cpp17
-rw-r--r--src/Common/Crypto.c50
-rw-r--r--src/Common/Dlgcode.c20
-rw-r--r--src/Common/Random.c45
-rw-r--r--src/Common/Tests.c22
-rw-r--r--src/Common/Volumes.c73
-rw-r--r--src/Common/Xts.c10
-rw-r--r--src/Core/RandomNumberGenerator.cpp20
-rw-r--r--src/Core/Unix/Linux/CoreLinux.cpp12
-rw-r--r--src/Core/VolumeCreator.cpp12
-rw-r--r--src/Crypto/Aes.h20
-rw-r--r--src/Crypto/Sha2.h12
-rw-r--r--src/Crypto/cpu.h2
-rw-r--r--src/Crypto/wolfCrypt.c243
-rw-r--r--src/Crypto/wolfCrypt.md25
-rw-r--r--src/Format/Tcformat.c6
-rw-r--r--src/Main/Forms/BenchmarkDialog.cpp11
-rw-r--r--src/Main/Forms/EncryptionTestDialog.cpp10
-rw-r--r--src/Main/Forms/WaitDialog.cpp3
-rw-r--r--src/Makefile9
-rw-r--r--src/Volume/Cipher.cpp58
-rw-r--r--src/Volume/Cipher.h48
-rw-r--r--src/Volume/EncryptionAlgorithm.cpp34
-rw-r--r--src/Volume/EncryptionAlgorithm.h5
-rw-r--r--src/Volume/EncryptionMode.cpp7
-rw-r--r--src/Volume/EncryptionModeWolfCryptXTS.cpp119
-rw-r--r--src/Volume/EncryptionModeWolfCryptXTS.h54
-rw-r--r--src/Volume/EncryptionModeXTS.cpp6
-rw-r--r--src/Volume/EncryptionTest.cpp62
-rw-r--r--src/Volume/Hash.cpp11
-rw-r--r--src/Volume/Hash.h4
-rw-r--r--src/Volume/Pkcs5Kdf.cpp9
-rw-r--r--src/Volume/Pkcs5Kdf.h5
-rw-r--r--src/Volume/Volume.make192
-rw-r--r--src/Volume/VolumeHeader.cpp48
-rw-r--r--src/Volume/VolumeLayout.cpp38
36 files changed, 1103 insertions, 219 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index d3dc249e..af6063e4 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -1687,23 +1687,26 @@ namespace VeraCrypt
if (_stricmp (request.BootEncryptionAlgorithmName, "AES") == 0)
ea = AES;
- else if (_stricmp (request.BootEncryptionAlgorithmName, "Serpent") == 0)
+ #ifndef WOLFCRYPT_BACKEND
+ else if (_stricmp (request.BootEncryptionAlgorithmName, "Camellia") == 0)
+ ea = CAMELLIA;
+ else if (_stricmp (request.BootEncryptionAlgorithmName, "Serpent") == 0)
ea = SERPENT;
else if (_stricmp (request.BootEncryptionAlgorithmName, "Twofish") == 0)
ea = TWOFISH;
- else if (_stricmp (request.BootEncryptionAlgorithmName, "Camellia") == 0)
- ea = CAMELLIA;
-
+ #endif
if (_stricmp(request.BootPrfAlgorithmName, "SHA-256") == 0)
pkcs5_prf = SHA256;
- else if (_stricmp(request.BootPrfAlgorithmName, "BLAKE2s-256") == 0)
- pkcs5_prf = BLAKE2S;
- else if (_stricmp(request.BootPrfAlgorithmName, "SHA-512") == 0)
+ else if (_stricmp(request.BootPrfAlgorithmName, "SHA-512") == 0)
pkcs5_prf = SHA512;
+ #ifndef WOLFCRYPT_BACKEND
+ else if (_stricmp(request.BootPrfAlgorithmName, "BLAKE2s-256") == 0)
+ pkcs5_prf = BLAKE2S;
else if (_stricmp(request.BootPrfAlgorithmName, "Whirlpool") == 0)
pkcs5_prf = WHIRLPOOL;
else if (_stricmp(request.BootPrfAlgorithmName, "Streebog") == 0)
pkcs5_prf = STREEBOG;
+ #endif
else if (strlen(request.BootPrfAlgorithmName) == 0) // case of version < 1.0f
pkcs5_prf = BLAKE2S;
}
diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c
index 38af7fe5..49948107 100644
--- a/src/Common/Crypto.c
+++ b/src/Common/Crypto.c
@@ -57,15 +57,19 @@ static Cipher Ciphers[] =
// ID Name (Bytes) (Bytes) (Bytes)
#ifdef TC_WINDOWS_BOOT
{ AES, "AES", 16, 32, AES_KS },
- { SERPENT, "Serpent", 16, 32, 140*4 },
+#ifndef WOLFCRYPT_BACKEND
+ { SERPENT, "Serpent", 16, 32, 140*4 },
{ TWOFISH, "Twofish", 16, 32, TWOFISH_KS },
+#endif
#else
{ AES, L"AES", 16, 32, AES_KS },
+#ifndef WOLFCRYPT_BACKEND
{ SERPENT, L"Serpent", 16, 32, 140*4 },
{ TWOFISH, L"Twofish", 16, 32, TWOFISH_KS },
{ CAMELLIA, L"Camellia", 16, 32, CAMELLIA_KS },
{ KUZNYECHIK, L"Kuznyechik",16, 32, KUZNYECHIK_KS },
#endif
+#endif
{ 0, 0, 0, 0, 0 }
};
@@ -79,6 +83,7 @@ static EncryptionAlgorithm EncryptionAlgorithms[] =
{ { 0, 0 }, { 0, 0}, 0, 0 }, // Must be all-zero
{ { AES, 0 }, { XTS, 0 }, 1, 1 },
+#ifndef WOLFCRYPT_BACKEND
{ { SERPENT, 0 }, { XTS, 0 }, 1, 1 },
{ { TWOFISH, 0 }, { XTS, 0 }, 1, 1 },
{ { CAMELLIA, 0 }, { XTS, 0 }, 1, 1 },
@@ -93,6 +98,7 @@ static EncryptionAlgorithm EncryptionAlgorithms[] =
{ { SERPENT, CAMELLIA, 0 }, { XTS, 0 }, 0, 1 },
{ { AES, KUZNYECHIK, 0 }, { XTS, 0 }, 0, 1 },
{ { CAMELLIA, SERPENT, KUZNYECHIK, 0 }, { XTS, 0 }, 0, 1 },
+#endif
{ { 0, 0 }, { 0, 0}, 0, 0 } // Must be all-zero
#else // TC_WINDOWS_BOOT
@@ -100,6 +106,7 @@ static EncryptionAlgorithm EncryptionAlgorithms[] =
// Encryption algorithms available for boot drive encryption
{ { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero
{ { AES, 0 }, { XTS, 0 }, 1 },
+#ifndef WOLFCRYPT_BACKEND
{ { SERPENT, 0 }, { XTS, 0 }, 1 },
{ { TWOFISH, 0 }, { XTS, 0 }, 1 },
{ { TWOFISH, AES, 0 }, { XTS, 0 }, 1 },
@@ -107,6 +114,7 @@ static EncryptionAlgorithm EncryptionAlgorithms[] =
{ { AES, SERPENT, 0 }, { XTS, 0 }, 1 },
{ { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 },
{ { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 },
+#endif
{ { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero
#endif
@@ -119,11 +127,13 @@ static EncryptionAlgorithm EncryptionAlgorithms[] =
static Hash Hashes[] =
{ // ID Name Deprecated System Encryption
{ SHA512, L"SHA-512", FALSE, FALSE },
- { WHIRLPOOL, L"Whirlpool", FALSE, FALSE },
- { BLAKE2S, L"BLAKE2s-256", FALSE, TRUE },
{ SHA256, L"SHA-256", FALSE, TRUE },
+ #ifndef WOLFCRYPT_BACKEND
+ { BLAKE2S, L"BLAKE2s-256", FALSE, TRUE },
+ { WHIRLPOOL, L"Whirlpool", FALSE, FALSE },
{ STREEBOG, L"Streebog", FALSE, FALSE },
- { 0, 0, 0 }
+ #endif
+ { 0, 0, 0 }
};
#endif
@@ -147,6 +157,7 @@ int CipherInit (int cipher, unsigned char *key, unsigned __int8 *ks)
#endif
break;
+#ifndef WOLFCRYPT_BACKEND
case SERPENT:
serpent_set_key (key, ks);
break;
@@ -167,6 +178,7 @@ int CipherInit (int cipher, unsigned char *key, unsigned __int8 *ks)
break;
#endif // !defined(TC_WINDOWS_BOOT)
+#endif
default:
// Unknown/wrong cipher ID
return ERR_CIPHER_INIT_FAILURE;
@@ -189,6 +201,7 @@ void EncipherBlock(int cipher, void *data, void *ks)
aes_encrypt (data, data, ks);
break;
+#ifndef WOLFCRYPT_BACKEND
case TWOFISH: twofish_encrypt (ks, data, data); break;
case SERPENT: serpent_encrypt (data, data, ks); break;
#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_CAMELLIA)
@@ -197,6 +210,7 @@ void EncipherBlock(int cipher, void *data, void *ks)
#if !defined(TC_WINDOWS_BOOT)
case KUZNYECHIK: kuznyechik_encrypt_block(data, data, ks); break;
#endif // !defined(TC_WINDOWS_BOOT)
+#endif
default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID
}
}
@@ -230,6 +244,7 @@ void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
KeRestoreFloatingPointState (&floatingPointState);
#endif
}
+#ifndef WOLFCRYPT_BACKEND
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI)
else if (cipher == SERPENT
&& (blockCount >= 4)
@@ -267,6 +282,7 @@ void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
#endif
}
#endif
+#endif
else
{
size_t blockSize = CipherGetBlockSize (cipher);
@@ -284,6 +300,7 @@ void DecipherBlock(int cipher, void *data, void *ks)
{
switch (cipher)
{
+#ifndef WOLFCRYPT_BACKEND
case SERPENT: serpent_decrypt (data, data, ks); break;
case TWOFISH: twofish_decrypt (ks, data, data); break;
#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_CAMELLIA)
@@ -292,6 +309,7 @@ void DecipherBlock(int cipher, void *data, void *ks)
#if !defined(TC_WINDOWS_BOOT)
case KUZNYECHIK: kuznyechik_decrypt_block(data, data, ks); break;
#endif // !defined(TC_WINDOWS_BOOT)
+#endif
#ifndef TC_WINDOWS_BOOT
@@ -341,6 +359,7 @@ void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
KeRestoreFloatingPointState (&floatingPointState);
#endif
}
+#ifndef WOLFCRYPT_BACKEND
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI)
else if (cipher == SERPENT
&& (blockCount >= 4)
@@ -378,6 +397,7 @@ void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
#endif
}
#endif
+#endif
else
{
size_t blockSize = CipherGetBlockSize (cipher);
@@ -523,8 +543,16 @@ BOOL EAInitMode (PCRYPTO_INFO ci, unsigned char* key2)
// Secondary key schedule
if (EAInit (ci->ea, key2, ci->ks2) != ERR_SUCCESS)
return FALSE;
+
+ #ifdef WOLFCRYPT_BACKEND
+ if (xts_encrypt_key256 (key2, (aes_encrypt_ctx *) ci->ks) != EXIT_SUCCESS)
+ return ERR_CIPHER_INIT_FAILURE;
+
+ if (xts_decrypt_key256 (key2, (aes_decrypt_ctx *) (ci->ks + sizeof(aes_encrypt_ctx))) != EXIT_SUCCESS)
+ return ERR_CIPHER_INIT_FAILURE;
+ #endif
- /* Note: XTS mode could potentially be initialized with a weak key causing all blocks in one data unit
+ /* Note: XTS mode could potentially be initialized with a weak key causing all blocks in one data unit
on the volume to be tweaked with zero tweaks (i.e. 512 bytes of the volume would be encrypted in ECB
mode). However, to create a TrueCrypt volume with such a weak key, each human being on Earth would have
to create approximately 11,378,125,361,078,862 (about eleven quadrillion) TrueCrypt volumes (provided
@@ -1093,11 +1121,11 @@ void EncipherBlock(int cipher, void *data, void *ks)
aes_hw_cpu_encrypt ((byte *) ks, data);
else
aes_encrypt (data, data, ks);
-#elif defined (TC_WINDOWS_BOOT_SERPENT)
+#elif defined (TC_WINDOWS_BOOT_SERPENT) && !defined (WOLFCRYPT_BACKEND)
serpent_encrypt (data, data, ks);
-#elif defined (TC_WINDOWS_BOOT_TWOFISH)
+#elif defined (TC_WINDOWS_BOOT_TWOFISH) && !defined (WOLFCRYPT_BACKEND)
twofish_encrypt (ks, data, data);
-#elif defined (TC_WINDOWS_BOOT_CAMELLIA)
+#elif defined (TC_WINDOWS_BOOT_CAMELLIA) && !defined (WOLFCRYPT_BACKEND)
camellia_encrypt (data, data, ks);
#endif
}
@@ -1109,11 +1137,11 @@ void DecipherBlock(int cipher, void *data, void *ks)
aes_hw_cpu_decrypt ((byte *) ks + sizeof (aes_encrypt_ctx) + 14 * 16, data);
else
aes_decrypt (data, data, (aes_decrypt_ctx *) ((byte *) ks + sizeof(aes_encrypt_ctx)));
-#elif defined (TC_WINDOWS_BOOT_SERPENT)
+#elif defined (TC_WINDOWS_BOOT_SERPENT) && !defined (WOLFCRYPT_BACKEND)
serpent_decrypt (data, data, ks);
-#elif defined (TC_WINDOWS_BOOT_TWOFISH)
+#elif defined (TC_WINDOWS_BOOT_TWOFISH) && !defined (WOLFCRYPT_BACKEND)
twofish_decrypt (ks, data, data);
-#elif defined (TC_WINDOWS_BOOT_CAMELLIA)
+#elif defined (TC_WINDOWS_BOOT_CAMELLIA) && !defined (WOLFCRYPT_BACKEND)
camellia_decrypt (data, data, ks);
#endif
}
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 7ad0fdb0..78aa3844 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -6143,11 +6143,13 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
*/
{
BYTE digest [MAX_DIGESTSIZE];
- WHIRLPOOL_CTX wctx;
- blake2s_state bctx;
+ #ifndef WOLFCRYPT_BACKEND
+ WHIRLPOOL_CTX wctx;
+ STREEBOG_CTX stctx;
+ blake2s_state bctx;
+ #endif
sha512_ctx s2ctx;
sha256_ctx s256ctx;
- STREEBOG_CTX stctx;
int hid, i;
@@ -6172,7 +6174,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
sha256_hash (lpTestBuffer, benchmarkBufferSize, &s256ctx);
sha256_end ((unsigned char *) digest, &s256ctx);
break;
-
+ #ifndef WOLFCRYPT_BACKEND
case BLAKE2S:
blake2s_init(&bctx);
blake2s_update(&bctx, lpTestBuffer, benchmarkBufferSize);
@@ -6192,7 +6194,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
break;
}
- }
+ #endif
+ }
if (QueryPerformanceCounter (&performanceCountEnd) == 0)
goto counter_error;
@@ -6240,7 +6243,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
/* PKCS-5 test with HMAC-SHA-256 used as the PRF */
derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
-
+ #ifndef WOLFCRYPT_BACKEND
case BLAKE2S:
/* PKCS-5 test with HMAC-BLAKE2s used as the PRF */
derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
@@ -6256,7 +6259,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
}
- }
+ #endif
+ }
if (QueryPerformanceCounter (&performanceCountEnd) == 0)
goto counter_error;
@@ -15671,4 +15675,4 @@ DWORD FastResizeFile (const wchar_t* filePath, __int64 fileSize)
return dwRet;
}
-#endif // VC_COMREG \ No newline at end of file
+#endif // VC_COMREG
diff --git a/src/Common/Random.c b/src/Common/Random.c
index fd836c7f..ee3fcf53 100644
--- a/src/Common/Random.c
+++ b/src/Common/Random.c
@@ -262,19 +262,17 @@ BOOL Randmix ()
if (bRandmixEnabled)
{
unsigned char hashOutputBuffer [MAX_DIGESTSIZE];
- WHIRLPOOL_CTX wctx;
- blake2s_state bctx;
+ #ifndef WOLFCRYPT_BACKEND
+ WHIRLPOOL_CTX wctx;
+ blake2s_state bctx;
+ STREEBOG_CTX stctx;
+ #endif
sha512_ctx sctx;
sha256_ctx s256ctx;
- STREEBOG_CTX stctx;
int poolIndex, digestIndex, digestSize;
switch (HashFunction)
{
- case BLAKE2S:
- digestSize = BLAKE2S_DIGESTSIZE;
- break;
-
case SHA512:
digestSize = SHA512_DIGESTSIZE;
break;
@@ -283,6 +281,11 @@ BOOL Randmix ()
digestSize = SHA256_DIGESTSIZE;
break;
+ #ifndef WOLFCRYPT_BACKEND
+ case BLAKE2S:
+ digestSize = BLAKE2S_DIGESTSIZE;
+ break;
+
case WHIRLPOOL:
digestSize = WHIRLPOOL_DIGESTSIZE;
break;
@@ -290,7 +293,7 @@ BOOL Randmix ()
case STREEBOG:
digestSize = STREEBOG_DIGESTSIZE;
break;
-
+ #endif
default:
TC_THROW_FATAL_EXCEPTION;
}
@@ -303,12 +306,6 @@ BOOL Randmix ()
/* Compute the message digest of the entire pool using the selected hash function. */
switch (HashFunction)
{
- case BLAKE2S:
- blake2s_init(&bctx);
- blake2s_update(&bctx, pRandPool, RNG_POOL_SIZE);
- blake2s_final(&bctx, hashOutputBuffer);
- break;
-
case SHA512:
sha512_begin (&sctx);
sha512_hash (pRandPool, RNG_POOL_SIZE, &sctx);
@@ -321,6 +318,13 @@ BOOL Randmix ()
sha256_end (hashOutputBuffer, &s256ctx);
break;
+ #ifndef WOLFCRYPT_BACKEND
+ case BLAKE2S:
+ blake2s_init(&bctx);
+ blake2s_update(&bctx, pRandPool, RNG_POOL_SIZE);
+ blake2s_final(&bctx, hashOutputBuffer);
+ break;
+
case WHIRLPOOL:
WHIRLPOOL_init (&wctx);
WHIRLPOOL_add (pRandPool, RNG_POOL_SIZE, &wctx);
@@ -332,7 +336,7 @@ BOOL Randmix ()
STREEBOG_add (&stctx, pRandPool, RNG_POOL_SIZE);
STREEBOG_finalize (&stctx, hashOutputBuffer);
break;
-
+ #endif
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
@@ -349,10 +353,6 @@ BOOL Randmix ()
burn (hashOutputBuffer, MAX_DIGESTSIZE);
switch (HashFunction)
{
- case BLAKE2S:
- burn (&bctx, sizeof(bctx));
- break;
-
case SHA512:
burn (&sctx, sizeof(sctx));
break;
@@ -361,6 +361,11 @@ BOOL Randmix ()
burn (&s256ctx, sizeof(s256ctx));
break;
+ #ifndef WOLFCRYPT_BACKEND
+ case BLAKE2S:
+ burn (&bctx, sizeof(bctx));
+ break;
+
case WHIRLPOOL:
burn (&wctx, sizeof(wctx));
break;
@@ -368,7 +373,7 @@ BOOL Randmix ()
case STREEBOG:
burn (&stctx, sizeof(sctx));
break;
-
+ #endif
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
diff --git a/src/Common/Tests.c b/src/Common/Tests.c
index 4f53d4ed..82564a84 100644
--- a/src/Common/Tests.c
+++ b/src/Common/Tests.c
@@ -311,6 +311,9 @@ AES_TEST aes_ecb_vectors[AES_TEST_COUNT] = {
0x8e,0xa2,0xb7,0xca,0x51,0x67,0x45,0xbf,0xea,0xfc,0x49,0x90,0x4b,0x49,0x60,0x89
};
+
+#ifndef WOLFCRYPT_BACKEND
+
// Serpent ECB test vectors
#define SERPENT_TEST_COUNT 1
@@ -419,6 +422,7 @@ KUZNYECHIK_TEST kuznyechik_vectors[KUZNYECHIK_TEST_COUNT] = {
}
};
+#endif
/* Test vectors from FIPS 198a, RFC 4231, RFC 2104, RFC 2202, and other sources. */
@@ -784,6 +788,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
break;
}
}
+ #ifndef WOLFCRYPT_BACKEND
else if (wcscmp (name, L"Serpent") == 0)
{
switch (testCase)
@@ -1148,7 +1153,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
break;
}
}
-
+ #endif
if (crc == 0x9f5edd58)
return FALSE;
@@ -1200,6 +1205,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
return FALSE;
nTestsPerformed++;
}
+ #ifndef WOLFCRYPT_BACKEND
else if (wcscmp (name, L"Serpent") == 0)
{
if (crc != 0x3494d480)
@@ -1284,7 +1290,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
return FALSE;
nTestsPerformed++;
}
-
+ #endif
if (crc == 0x9f5edd58)
return FALSE;
@@ -1357,6 +1363,7 @@ static BOOL DoAutoTestAlgorithms (void)
bFailed = TRUE;
}
+ #ifndef WOLFCRYPT_BACKEND
/* Serpent */
for (i = 0; i < SERPENT_TEST_COUNT; i++)
@@ -1437,6 +1444,7 @@ static BOOL DoAutoTestAlgorithms (void)
}
if (i != KUZNYECHIK_TEST_COUNT)
bFailed = TRUE;
+ #endif
/* PKCS #5 and HMACs */
if (!test_pkcs5 ())
@@ -1565,6 +1573,7 @@ BOOL test_hmac_sha512 ()
return (nTestsPerformed == 6);
}
+#ifndef WOLFCRYPT_BACKEND
BOOL test_hmac_blake2s ()
{
unsigned int i;
@@ -1609,6 +1618,7 @@ BOOL test_hmac_whirlpool ()
return TRUE;
}
+#endif
/* http://www.tc26.ru/methods/recommendation/%D0%A2%D0%9A26%D0%90%D0%9B%D0%93.pdf */
/* https://tools.ietf.org/html/draft-smyshlyaev-gost-usage-00 */
@@ -1633,6 +1643,7 @@ static const unsigned char gost3411_2012_hmac_r1[] = {
};
+#ifndef WOLFCRYPT_BACKEND
BOOL test_hmac_streebog ()
{
CRYPTOPP_ALIGN_DATA(16) char digest[64]; /* large enough to hold digets and test vector inputs */
@@ -1653,6 +1664,7 @@ int __cdecl StreebogHash (unsigned char* input, unsigned long inputLen, unsigned
STREEBOG_finalize (&ctx, output);
return STREEBOG_DIGESTSIZE;
}
+#endif
BOOL test_pkcs5 ()
{
@@ -1666,6 +1678,7 @@ BOOL test_pkcs5 ()
if (!test_hmac_sha512())
return FALSE;
+#ifndef WOLFCRYPT_BACKEND
/* HMAC-BLAKE2s tests */
if (test_hmac_blake2s() == FALSE)
return FALSE;
@@ -1685,7 +1698,7 @@ BOOL test_pkcs5 ()
/* STREEBOG hash tests */
if (RunHashTest (StreebogHash, Streebog512TestVectors, (HasSSE2() || HasSSE41())? TRUE : FALSE) == FALSE)
return FALSE;
-
+#endif
/* PKCS-5 test 1 with HMAC-SHA-256 used as the PRF (https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00) */
derive_key_sha256 ("passwd", 6, "\x73\x61\x6C\x74", 4, 1, dk, 64);
if (memcmp (dk, "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5\x09\x11\x20\x41\xd3\xa1\x97\x83", 64) != 0)
@@ -1717,6 +1730,7 @@ BOOL test_pkcs5 ()
if (memcmp (dk, "\x13\x64\xae\xf8\x0d\xf5\x57\x6c\x30\xd5\x71\x4c\xa7\x75\x3f\xfd\x00\xe5\x25\x8b\x39\xc7\x44\x7f\xce\x23\x3d\x08\x75\xe0\x2f\x48\xd6\x30\xd7\x00\xb6\x24\xdb\xe0\x5a\xd7\x47\xef\x52\xca\xa6\x34\x83\x47\xe5\xcb\xe9\x87\xf1\x20\x59\x6a\xe6\xa9\xcf\x51\x78\xc6\xb6\x23\xa6\x74\x0d\xe8\x91\xbe\x1a\xd0\x28\xcc\xce\x16\x98\x9a\xbe\xfb\xdc\x78\xc9\xe1\x7d\x72\x67\xce\xe1\x61\x56\x5f\x96\x68\xe6\xe1\xdd\xf4\xbf\x1b\x80\xe0\x19\x1c\xf4\xc4\xd3\xdd\xd5\xd5\x57\x2d\x83\xc7\xa3\x37\x87\xf4\x4e\xe0\xf6\xd8\x6d\x65\xdc\xa0\x52\xa3\x13\xbe\x81\xfc\x30\xbe\x7d\x69\x58\x34\xb6\xdd\x41\xc6", 144) != 0)
return FALSE;
+#ifndef WOLFCRYPT_BACKEND
/* PKCS-5 test 1 with HMAC-BLAKE2s used as the PRF */
derive_key_blake2s ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4);
if (memcmp (dk, "\x8d\x51\xfa\x31", 4) != 0)
@@ -1746,6 +1760,6 @@ BOOL test_pkcs5 ()
derive_key_streebog ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96);
if (memcmp (dk, "\xd0\x53\xa2\x30\x6f\x45\x81\xeb\xbc\x06\x81\xc5\xe7\x53\xa8\x5d\xc7\xf1\x23\x33\x1e\xbe\x64\x2c\x3b\x0f\x26\xd7\x00\xe1\x95\xc9\x65\x26\xb1\x85\xbe\x1e\xe2\xf4\x9b\xfc\x6b\x14\x84\xda\x24\x61\xa0\x1b\x9e\x79\x5c\xee\x69\x6e\xf9\x25\xb1\x1d\xca\xa0\x31\xba\x02\x6f\x9e\x99\x0f\xdb\x25\x01\x5b\xf1\xc7\x10\x19\x53\x3b\x29\x3f\x18\x00\xd6\xfc\x85\x03\xdc\xf2\xe5\xe9\x5a\xb1\x1e\x61\xde", 96) != 0)
return FALSE;
-
+#endif
return TRUE;
}
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 5b1d4065..989b2d14 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -369,31 +369,34 @@ KeyReady: ;
switch (pkcs5_prf)
{
- case BLAKE2S:
- derive_key_blake2s (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
+ case SHA512:
+ derive_key_sha512 (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());
break;
- case SHA512:
- derive_key_sha512 (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
+ case SHA256:
+ derive_key_sha256 (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());
break;
- case WHIRLPOOL:
- derive_key_whirlpool (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
+ #ifndef WOLFCRYPT_BACKEND
+ case BLAKE2S:
+ derive_key_blake2s (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());
break;
- case SHA256:
- derive_key_sha256 (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
+ case WHIRLPOOL:
+ derive_key_whirlpool (keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());
break;
- case STREEBOG:
+
+ case STREEBOG:
derive_key_streebog(keyInfo->userKey, keyInfo->keyLength, keyInfo->salt,
PKCS5_SALT_SIZE, keyInfo->noIterations, dk, GetMaxPkcs5OutSize());
break;
- default:
+ #endif
+ default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
}
@@ -650,7 +653,8 @@ void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderS
//
// we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE
- WHIRLPOOL_CTX whirlpool;
+#ifndef WOLFCRYPT_BACKEND
+ WHIRLPOOL_CTX whirlpool;
sha512_ctx sha2;
WHIRLPOOL_init (&whirlpool);
@@ -667,6 +671,26 @@ void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderS
WHIRLPOOL_finalize (&whirlpool, fingerprint);
sha512_end (&fingerprint [WHIRLPOOL_DIGESTSIZE], &sha2);
+#else
+ sha512_ctx sha2_512;
+ sha256_ctx sha2_256;
+
+ sha512_begin (&sha2_512);
+ sha256_begin (&sha2_256);
+
+ sha512_hash (bootLoaderBuf, TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &sha2_512);
+ sha256_hash (bootLoaderBuf, TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &sha2_256);
+
+ sha512_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2_512);
+ sha256_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2_256);
+
+ sha512_hash (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS), &sha2_512);
+ sha256_hash (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS), &sha2_256);
+
+ sha512_end (&fingerprint, &sha2_512);
+ sha256_end (&fingerprint [SHA512_DIGESTSIZE], &sha2_256);
+ sha256_end (&fingerprint [SHA512_DIGESTSIZE + SHA256_DIGESTSIZE], &sha2_256);
+#endif
}
#endif
@@ -711,11 +735,11 @@ int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCR
#endif
{
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
- #if defined (TC_WINDOWS_BOOT_SERPENT)
+ #if defined (TC_WINDOWS_BOOT_SERPENT) && !defined (WOLFCRYPT_BACKEND)
serpent_set_key (dk, cryptoInfo->ks);
- #elif defined (TC_WINDOWS_BOOT_TWOFISH)
+ #elif defined (TC_WINDOWS_BOOT_TWOFISH) && !defined (WOLFCRYPT_BACKEND)
twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk);
- #elif defined (TC_WINDOWS_BOOT_CAMELLIA)
+ #elif defined (TC_WINDOWS_BOOT_CAMELLIA) && !defined (WOLFCRYPT_BACKEND)
camellia_set_key (dk, cryptoInfo->ks);
#else
status = EAInit (dk, cryptoInfo->ks);
@@ -729,11 +753,11 @@ int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCR
#endif
// Secondary key schedule
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
- #if defined (TC_WINDOWS_BOOT_SERPENT)
+ #if defined (TC_WINDOWS_BOOT_SERPENT) && !defined (WOLFCRYPT_BACKEND)
serpent_set_key (dk + 32, cryptoInfo->ks2);
- #elif defined (TC_WINDOWS_BOOT_TWOFISH)
+ #elif defined (TC_WINDOWS_BOOT_TWOFISH) && !defined (WOLFCRYPT_BACKEND)
twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32));
- #elif defined (TC_WINDOWS_BOOT_CAMELLIA)
+ #elif defined (TC_WINDOWS_BOOT_CAMELLIA) && !defined (WOLFCRYPT_BACKEND)
camellia_set_key (dk + 32, cryptoInfo->ks2);
#else
EAInit (dk + 32, cryptoInfo->ks2);
@@ -790,11 +814,11 @@ int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCR
// Init the encryption algorithm with the decrypted master key
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
- #if defined (TC_WINDOWS_BOOT_SERPENT)
+ #if defined (TC_WINDOWS_BOOT_SERPENT) && !defined (WOLFCRYPT_BACKEND)
serpent_set_key (dk, cryptoInfo->ks);
- #elif defined (TC_WINDOWS_BOOT_TWOFISH)
+ #elif defined (TC_WINDOWS_BOOT_TWOFISH) && !defined (WOLFCRYPT_BACKEND)
twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk);
- #elif defined (TC_WINDOWS_BOOT_CAMELLIA)
+ #elif defined (TC_WINDOWS_BOOT_CAMELLIA) && !defined (WOLFCRYPT_BACKEND)
camellia_set_key (dk, cryptoInfo->ks);
#else
status = EAInit (dk, cryptoInfo->ks);
@@ -809,11 +833,11 @@ int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCR
// The secondary master key (if cascade, multiple concatenated)
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
- #if defined (TC_WINDOWS_BOOT_SERPENT)
+ #if defined (TC_WINDOWS_BOOT_SERPENT) && !defined (WOLFCRYPT_BACKEND)
serpent_set_key (dk + 32, cryptoInfo->ks2);
- #elif defined (TC_WINDOWS_BOOT_TWOFISH)
+ #elif defined (TC_WINDOWS_BOOT_TWOFISH) && !defined (WOLFCRYPT_BACKEND)
twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32));
- #elif defined (TC_WINDOWS_BOOT_CAMELLIA)
+ #elif defined (TC_WINDOWS_BOOT_CAMELLIA) && !defined (WOLFCRYPT_BACKEND)
camellia_set_key (dk + 32, cryptoInfo->ks2);
#else
EAInit (dk + 32, cryptoInfo->ks2);
@@ -976,6 +1000,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
+ #ifndef WOLFCRYPT_BACKEND
case BLAKE2S:
derive_key_blake2s (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
@@ -990,7 +1015,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
derive_key_streebog(keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
-
+ #endif
default:
// Unknown/wrong ID
crypto_close (cryptoInfo);
diff --git a/src/Common/Xts.c b/src/Common/Xts.c
index 390eb31e..4a62aaf3 100644
--- a/src/Common/Xts.c
+++ b/src/Common/Xts.c
@@ -54,10 +54,14 @@ void EncryptBufferXTS (unsigned __int8 *buffer,
unsigned __int8 *ks2,
int cipher)
{
- if (CipherSupportsIntraDataUnitParallelization (cipher))
+ #ifndef WOLFCRYPT_BACKEND
+ if (CipherSupportsIntraDataUnitParallelization (cipher))
EncryptBufferXTSParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher);
else
EncryptBufferXTSNonParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher);
+ #else
+ xts_encrypt(buffer, buffer, length, startDataUnitNo, ks);
+ #endif
}
#if (CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && CRYPTOPP_BOOL_X64)
@@ -380,10 +384,14 @@ void DecryptBufferXTS (unsigned __int8 *buffer,
unsigned __int8 *ks2,
int cipher)
{
+ #ifndef WOLFCRYPT_BACKEND
if (CipherSupportsIntraDataUnitParallelization (cipher))
DecryptBufferXTSParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher);
else
DecryptBufferXTSNonParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher);
+ #else
+ xts_decrypt(buffer, buffer, length, startDataUnitNo, ks);
+ #endif
}
diff --git a/src/Core/RandomNumberGenerator.cpp b/src/Core/RandomNumberGenerator.cpp
index 6b401901..3fb6062a 100644
--- a/src/Core/RandomNumberGenerator.cpp
+++ b/src/Core/RandomNumberGenerator.cpp
@@ -257,7 +257,11 @@ namespace VeraCrypt
void RandomNumberGenerator::Test ()
{
shared_ptr <Hash> origPoolHash = PoolHash;
- PoolHash.reset (new Blake2s());
+ #ifndef WOLFCRYPT_BACKEND
+ PoolHash.reset (new Blake2s());
+ #else
+ PoolHash.reset (new Sha256());
+ #endif
Pool.Zero();
Buffer buffer (1);
@@ -267,15 +271,23 @@ namespace VeraCrypt
AddToPool (buffer);
}
+ #ifndef WOLFCRYPT_BACKEND
if (Crc32::ProcessBuffer (Pool) != 0x9c743238)
- throw TestFailed (SRC_POS);
+ #else
+ if (Crc32::ProcessBuffer (Pool) != 0xac95ac1a)
+ #endif
+ throw TestFailed (SRC_POS);
buffer.Allocate (PoolSize);
buffer.CopyFrom (PeekPool());
AddToPool (buffer);
- if (Crc32::ProcessBuffer (Pool) != 0xd2d09c8d)
- throw TestFailed (SRC_POS);
+ #ifndef WOLFCRYPT_BACKEND
+ if (Crc32::ProcessBuffer (Pool) != 0xd2d09c8d)
+ #else
+ if (Crc32::ProcessBuffer (Pool) != 0xb79f3c12)
+ #endif
+ throw TestFailed (SRC_POS);
PoolHash = origPoolHash;
}
diff --git a/src/Core/Unix/Linux/CoreLinux.cpp b/src/Core/Unix/Linux/CoreLinux.cpp
index e1da6dff..5d5ba38f 100644
--- a/src/Core/Unix/Linux/CoreLinux.cpp
+++ b/src/Core/Unix/Linux/CoreLinux.cpp
@@ -22,6 +22,9 @@
#include "Platform/SystemInfo.h"
#include "Platform/TextReader.h"
#include "Volume/EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "Volume/EncryptionModeWolfCryptXTS.h"
+#endif
#include "Driver/Fuse/FuseService.h"
#include "Core/Unix/CoreServiceProxy.h"
@@ -302,8 +305,13 @@ namespace VeraCrypt
void CoreLinux::MountVolumeNative (shared_ptr <Volume> volume, MountOptions &options, const DirectoryPath &auxMountPoint) const
{
- bool xts = (typeid (*volume->GetEncryptionMode()) == typeid (EncryptionModeXTS));
- bool algoNotSupported = (typeid (*volume->GetEncryptionAlgorithm()) == typeid (Kuznyechik))
+ bool xts = (typeid (*volume->GetEncryptionMode()) ==
+ #ifdef WOLFCRYPT_BACKEND
+ typeid (EncryptionModeWolfCryptXTS));
+ #else
+ typeid (EncryptionModeXTS));
+ #endif
+ bool algoNotSupported = (typeid (*volume->GetEncryptionAlgorithm()) == typeid (Kuznyechik))
|| (typeid (*volume->GetEncryptionAlgorithm()) == typeid (CamelliaKuznyechik))
|| (typeid (*volume->GetEncryptionAlgorithm()) == typeid (KuznyechikTwofish))
|| (typeid (*volume->GetEncryptionAlgorithm()) == typeid (KuznyechikAES))
diff --git a/src/Core/VolumeCreator.cpp b/src/Core/VolumeCreator.cpp
index 5f19a66d..fefbddde 100644
--- a/src/Core/VolumeCreator.cpp
+++ b/src/Core/VolumeCreator.cpp
@@ -12,6 +12,9 @@
#include "Volume/EncryptionTest.h"
#include "Volume/EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "Volume/EncryptionModeWolfCryptXTS.h"
+#endif
#include "Core.h"
#ifdef TC_UNIX
@@ -360,8 +363,13 @@ namespace VeraCrypt
// Data area keys
options->EA->SetKey (MasterKey.GetRange (0, options->EA->GetKeySize()));
- shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
- mode->SetKey (MasterKey.GetRange (options->EA->GetKeySize(), options->EA->GetKeySize()));
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS ());
+ options->EA->SetKeyXTS (MasterKey.GetRange (options->EA->GetKeySize(), options->EA->GetKeySize()));
+ #else
+ shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
+ #endif
+ mode->SetKey (MasterKey.GetRange (options->EA->GetKeySize(), options->EA->GetKeySize()));
options->EA->SetMode (mode);
Options = options;
diff --git a/src/Crypto/Aes.h b/src/Crypto/Aes.h
index e12c6fc8..db1bed27 100644
--- a/src/Crypto/Aes.h
+++ b/src/Crypto/Aes.h
@@ -35,6 +35,11 @@
#include "Common/Tcdefs.h"
+#ifdef WOLFCRYPT_BACKEND
+ #include <wolfssl/options.h>
+ #include <wolfssl/wolfcrypt/aes.h>
+#endif
+
#ifndef EXIT_SUCCESS
#define EXIT_SUCCESS 0
#define EXIT_FAILURE 1
@@ -93,11 +98,19 @@ typedef union
typedef struct
{ uint_32t ks[KS_LENGTH];
aes_inf inf;
+#ifdef WOLFCRYPT_BACKEND
+ XtsAes wc_enc_xts;
+ Aes wc_enc_aes;
+#endif
} aes_encrypt_ctx;
typedef struct
{ uint_32t ks[KS_LENGTH];
aes_inf inf;
+#ifdef WOLFCRYPT_BACKEND
+ XtsAes wc_dec_xts;
+ Aes wc_dec_aes;
+#endif
} aes_decrypt_ctx;
/* This routine must be called before first use if non-static */
@@ -152,6 +165,13 @@ AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_de
#endif
+#ifdef WOLFCRYPT_BACKEND
+AES_RETURN xts_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]);
+AES_RETURN xts_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]);
+AES_RETURN xts_encrypt(const unsigned char *in, unsigned char *out, word64 length, word64 sector, const aes_encrypt_ctx cx[1]);
+AES_RETURN xts_decrypt(const unsigned char *in, unsigned char *out, word64 length, word64 sector, const aes_decrypt_ctx cx[1]);
+#endif
+
#if defined(AES_MODES)
/* Multiple calls to the following subroutines for multiple block */
diff --git a/src/Crypto/Sha2.h b/src/Crypto/Sha2.h
index 7e90abff..1fbcb8d1 100644
--- a/src/Crypto/Sha2.h
+++ b/src/Crypto/Sha2.h
@@ -12,6 +12,13 @@
#include "Common/Endian.h"
#include "Crypto/config.h"
+#ifdef WOLFCRYPT_BACKEND
+ #include <wolfssl/options.h>
+ #include <wolfssl/wolfcrypt/sha256.h>
+ #include <wolfssl/wolfcrypt/sha512.h>
+ #include <wolfssl/wolfcrypt/hash.h>
+#endif
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -28,6 +35,10 @@ extern "C" {
#define SHA2_ALIGN CRYPTOPP_ALIGN_DATA(16)
#endif
+#ifdef WOLFCRYPT_BACKEND
+typedef struct wc_Sha512 sha512_ctx;
+typedef struct wc_Sha256 sha256_ctx;
+#else
typedef struct
{ uint_64t count[2];
SHA2_ALIGN uint_64t hash[8];
@@ -39,6 +50,7 @@ typedef struct
SHA2_ALIGN uint_32t hash[8];
SHA2_ALIGN uint_32t wbuf[16];
} sha256_ctx;
+#endif
void sha512_begin(sha512_ctx* ctx);
diff --git a/src/Crypto/cpu.h b/src/Crypto/cpu.h
index a9806b92..2661bf1c 100644
--- a/src/Crypto/cpu.h
+++ b/src/Crypto/cpu.h
@@ -214,7 +214,7 @@ extern "C" {
#endif
#define CRYPTOPP_CPUID_AVAILABLE
-#ifndef CRYPTOPP_DISABLE_AESNI
+#if !defined(CRYPTOPP_DISABLE_AESNI) && !defined(WOLFCRYPT_BACKEND)
#define TC_AES_HW_CPU
#endif
diff --git a/src/Crypto/wolfCrypt.c b/src/Crypto/wolfCrypt.c
new file mode 100644
index 00000000..39ab93a7
--- /dev/null
+++ b/src/Crypto/wolfCrypt.c
@@ -0,0 +1,243 @@
+/* See src/Crypto/wolfCrypt.md */
+
+#include "Aes.h"
+#include "Sha2.h"
+#include "../Common/Crypto.h"
+#include <wolfssl/wolfcrypt/hmac.h>
+
+
+AES_RETURN aes_init()
+{
+#if defined( AES_ERR_CHK )
+ return EXIT_SUCCESS;
+#else
+ return;
+#endif
+}
+
+AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
+{
+ int ret = 0;
+
+ ret = wc_AesInit(&cx->wc_enc_aes, NULL, INVALID_DEVID);
+
+ if (key_len == 128 || key_len == 192 || key_len == 256)
+ key_len = key_len/8;
+
+ if (ret == 0) {
+ ret = wc_AesSetKey(&cx->wc_enc_aes, key, key_len, NULL, AES_ENCRYPTION);
+ }
+
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+}
+
+AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
+{
+ int ret = 0;
+
+ ret = wc_AesInit(&cx->wc_dec_aes, NULL, INVALID_DEVID);
+
+ if (key_len == 128 || key_len == 192 || key_len == 256)
+ key_len = key_len/8;
+
+ if (ret == 0) {
+ ret = wc_AesSetKey(&cx->wc_dec_aes, key, key_len, NULL, AES_DECRYPTION);
+ }
+
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+}
+
+AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
+{
+ return aes_encrypt_key(key, 128, cx);
+}
+
+AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1])
+{
+ return aes_encrypt_key(key, 192, cx);
+}
+
+AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
+{
+ return aes_encrypt_key(key, 256, cx);
+}
+
+AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
+{
+ return aes_decrypt_key(key, 128, cx);
+}
+
+AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1])
+{
+ return aes_decrypt_key(key, 192, cx);
+}
+
+AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
+{
+ return aes_decrypt_key(key, 256, cx);
+}
+
+AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1])
+{
+ int ret = wc_AesEncryptDirect(&cx->wc_enc_aes, out, in);
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+
+}
+
+AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_decrypt_ctx cx[1])
+{
+ int ret = wc_AesDecryptDirect(&cx->wc_dec_aes, out, in);
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+
+}
+
+AES_RETURN xts_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
+{
+ int ret = 0;
+
+ cx->wc_enc_xts.aes = cx->wc_enc_aes;
+
+ ret = wc_AesInit(&cx->wc_enc_xts.tweak, NULL, INVALID_DEVID);
+
+ if (key_len == 128 || key_len == 192 || key_len == 256)
+ key_len = key_len/8;
+
+ if (ret == 0) {
+ ret = wc_AesSetKey(&cx->wc_enc_xts.tweak, key, key_len, NULL, AES_ENCRYPTION);
+ }
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+}
+
+AES_RETURN xts_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
+{
+ int ret = 0;
+
+ cx->wc_dec_xts.aes = cx->wc_dec_aes;
+
+ ret = wc_AesInit(&cx->wc_dec_xts.tweak, NULL, INVALID_DEVID);
+
+ if (key_len == 128 || key_len == 192 || key_len == 256)
+ key_len = key_len/8;
+
+ if (ret == 0) {
+ ret = wc_AesSetKey(&cx->wc_dec_xts.tweak, key, key_len, NULL, AES_ENCRYPTION);
+ }
+
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+}
+
+AES_RETURN xts_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
+{
+ return xts_encrypt_key(key, 256, cx);
+}
+
+AES_RETURN xts_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
+{
+ return xts_decrypt_key(key, 256, cx);
+}
+
+AES_RETURN xts_encrypt(const unsigned char *in, unsigned char *out, word64 length, word64 sector, const aes_encrypt_ctx cx[1])
+{
+ int ret = wc_AesXtsEncryptConsecutiveSectors(&cx->wc_enc_xts, out, in, length, sector, ENCRYPTION_DATA_UNIT_SIZE);
+
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+
+}
+
+AES_RETURN xts_decrypt(const unsigned char *in, unsigned char *out, word64 length, word64 sector, const aes_decrypt_ctx cx[1])
+{
+ int ret = wc_AesXtsDecryptConsecutiveSectors(&cx->wc_dec_xts, out, in, length, sector, ENCRYPTION_DATA_UNIT_SIZE);
+
+#if defined( AES_ERR_CHK )
+ return ret ? EXIT_FAILURE : EXIT_SUCCESS;
+#else
+ return;
+#endif
+}
+
+
+void sha256_begin(sha256_ctx* ctx)
+{
+ wc_InitSha256(ctx);
+}
+
+void sha256_hash(const unsigned char * source, uint_32t sourceLen, sha256_ctx *ctx)
+{
+ wc_Sha256Update(ctx, source, sourceLen);
+}
+
+void sha256_end(unsigned char * result, sha256_ctx* ctx)
+{
+ wc_Sha256Final(ctx, result);
+}
+
+void sha256(unsigned char * result, const unsigned char* source, uint_32t sourceLen)
+{
+ wc_Sha256 sha256;
+ wc_InitSha256(&sha256);
+ wc_Sha256Update(&sha256, source, sourceLen);
+ wc_Sha256Final(&sha256, result);
+ wc_Sha256Free(&sha256);
+}
+
+void sha512_begin(sha512_ctx* ctx)
+{
+ wc_InitSha512(ctx);
+}
+
+void sha512_hash(const unsigned char * source, uint_64t sourceLen, sha512_ctx *ctx)
+{
+ wc_Sha512Update(ctx, source, sourceLen);
+}
+
+void sha512_end(unsigned char * result, sha512_ctx* ctx)
+{
+ wc_Sha512Final(ctx, result);
+}
+
+void sha512(unsigned char * result, const unsigned char* source, uint_64t sourceLen)
+{
+ wc_Sha512 sha512;
+ wc_InitSha512(&sha512);
+ wc_Sha512Update(&sha512, source, sourceLen);
+ wc_Sha512Final(&sha512, result);
+ wc_Sha512Free(&sha512);
+}
+
+void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) {
+ (void) iterations;
+ wc_HKDF(WC_SHA512, (byte*)pwd, (word32)pwd_len, (byte*)salt, (word32)salt_len, NULL, 0, (byte*)dk, (word32)dklen);
+}
+
+void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) {
+ (void) iterations;
+ wc_HKDF(WC_SHA256, (byte*)pwd, (word32)pwd_len, (byte*)salt, (word32)salt_len, NULL, 0, (byte*)dk, (word32)dklen);
+}
diff --git a/src/Crypto/wolfCrypt.md b/src/Crypto/wolfCrypt.md
new file mode 100644
index 00000000..32ccf242
--- /dev/null
+++ b/src/Crypto/wolfCrypt.md
@@ -0,0 +1,25 @@
+# wolfSSL as crypto provider for VeraCrypt
+
+[wolfCrypt](https://www.wolfssl.com/products/wolfcrypt/) is wolfSSL's cutting edge crypto engine and a
+potential FIPS solution for users of VeraCrypt. Follow the steps below to setup VeraCrypt with wolfCrypt.
+
+## Building wolfSSL
+
+Clone wolfSSL and build it as shown below.
+
+```
+git clone https://github.com/wolfssl/wolfssl && cd wolfssl
+./autogen.sh
+./configure --enable-xts CFLAGS="-DNO_OLD_WC_NAMES"
+make
+sudo make install
+```
+
+## Building VeraCrypt with wolfSSL
+
+Build VeraCrypt with the `WOLFCRYPT` command line option.
+
+```
+make WXSTATIC=1 wxbuild && make WXSTATIC=1 clean && make WXSTATIC=1 WOLFCRYPT=1 && make WXSTATIC=1 WOLFCRYPT=1 package
+```
+
diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index aa28d5ee..658d3797 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -4475,9 +4475,11 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
}
SetFocus (GetDlgItem (hwndDlg, IDC_PIM));
-
+ #ifndef WOLFCRYPT_BACKEND
SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect () && hash_algo != SHA512 && hash_algo != WHIRLPOOL? "PIM_SYSENC_HELP" : "PIM_HELP"));
-
+ #else
+ SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect () && hash_algo != SHA512? "PIM_SYSENC_HELP" : "PIM_HELP"));
+ #endif
ToHyperlink (hwndDlg, IDC_LINK_PIM_INFO);
if (CreatingHiddenSysVol())
diff --git a/src/Main/Forms/BenchmarkDialog.cpp b/src/Main/Forms/BenchmarkDialog.cpp
index 7b0209ff..da2fe43b 100644
--- a/src/Main/Forms/BenchmarkDialog.cpp
+++ b/src/Main/Forms/BenchmarkDialog.cpp
@@ -12,6 +12,9 @@
#include "System.h"
#include "Volume/EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "Volume/EncryptionModeWolfCryptXTS.h"
+#endif
#include "Main/GraphicUserInterface.h"
#include "BenchmarkDialog.h"
@@ -209,9 +212,13 @@ namespace VeraCrypt
Buffer key (ea->GetKeySize());
ea->SetKey (key);
-
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> xts (new EncryptionModeWolfCryptXTS);
+ ea->SetKeyXTS (key);
+ #else
shared_ptr <EncryptionMode> xts (new EncryptionModeXTS);
- xts->SetKey (key);
+ #endif
+ xts->SetKey (key);
ea->SetMode (xts);
wxLongLong startTime = wxGetLocalTimeMillis();
diff --git a/src/Main/Forms/EncryptionTestDialog.cpp b/src/Main/Forms/EncryptionTestDialog.cpp
index 17184a0e..a85bbc94 100644
--- a/src/Main/Forms/EncryptionTestDialog.cpp
+++ b/src/Main/Forms/EncryptionTestDialog.cpp
@@ -12,6 +12,9 @@
#include "System.h"
#include "Volume/EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "Volume/EncryptionModeWolfCryptXTS.h"
+#endif
#include "Volume/EncryptionTest.h"
#include "Main/GraphicUserInterface.h"
#include "EncryptionTestDialog.h"
@@ -94,8 +97,13 @@ namespace VeraCrypt
throw StringConversionFailed (SRC_POS);
}
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> xts (new EncryptionModeWolfCryptXTS);
+ ea->SetKeyXTS (secondaryKey);
+ #else
shared_ptr <EncryptionMode> xts (new EncryptionModeXTS);
- xts->SetKey (secondaryKey);
+ #endif
+ xts->SetKey (secondaryKey);
ea->SetMode (xts);
Buffer sector (ENCRYPTION_DATA_UNIT_SIZE);
diff --git a/src/Main/Forms/WaitDialog.cpp b/src/Main/Forms/WaitDialog.cpp
index d53656f9..102d479a 100644
--- a/src/Main/Forms/WaitDialog.cpp
+++ b/src/Main/Forms/WaitDialog.cpp
@@ -8,6 +8,9 @@
#include "System.h"
#include "Volume/EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "Volume/EncryptionModeWolfCryptXTS.h"
+#endif
#include "Main/GraphicUserInterface.h"
#include "Common/PCSCException.h"
#include "Common/SecurityToken.h"
diff --git a/src/Makefile b/src/Makefile
index 4bea83b4..e8fb1e19 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -24,6 +24,7 @@
# SSE41: Enable SSE4.1 support in compiler
# NOSSE2: Disable SEE2 support in compiler
# WITHGTK3: Build wxWidgets against GTK3
+# WOLFCRYPT: Build with wolfCrypt as crypto provider (see Crypto/wolfCrypt.md)
#------ Targets ------
# all
@@ -145,6 +146,7 @@ export PLATFORM_UNSUPPORTED := 0
export CPU_ARCH ?= unknown
export SIMD_SUPPORTED := 0
export DISABLE_AESNI ?= 0
+export ENABLE_WOLFCRYPT ?= 0
export GCC_GTEQ_440 := 0
export GCC_GTEQ_430 := 0
@@ -185,6 +187,13 @@ ifeq "$(origin NOAESNI)" "command line"
DISABLE_AESNI := 1
endif
+ifeq "$(origin WOLFCRYPT)" "command line"
+ ENABLE_WOLFCRYPT := 1
+ C_CXX_FLAGS += -DWOLFCRYPT_BACKEND
+ export LIBS += -lwolfssl
+ export LD_LIBRARY_PATH=/usr/local/lib
+endif
+
#------ Linux configuration ------
ifeq "$(shell uname -s)" "Linux"
diff --git a/src/Volume/Cipher.cpp b/src/Volume/Cipher.cpp
index 8c6ce390..d0fb7bd5 100644
--- a/src/Volume/Cipher.cpp
+++ b/src/Volume/Cipher.cpp
@@ -94,11 +94,12 @@ namespace VeraCrypt
CipherList l;
l.push_back (shared_ptr <Cipher> (new CipherAES ()));
+ #ifndef WOLFCRYPT_BACKEND
l.push_back (shared_ptr <Cipher> (new CipherSerpent ()));
l.push_back (shared_ptr <Cipher> (new CipherTwofish ()));
l.push_back (shared_ptr <Cipher> (new CipherCamellia ()));
l.push_back (shared_ptr <Cipher> (new CipherKuznyechik ()));
-
+ #endif
return l;
}
@@ -115,6 +116,37 @@ namespace VeraCrypt
Initialized = true;
}
+ #ifdef WOLFCRYPT_BACKEND
+ void Cipher::SetKeyXTS (const ConstBufferPtr &key)
+ {
+ if (key.Size() != GetKeySize ())
+ throw ParameterIncorrect (SRC_POS);
+
+ if (!Initialized)
+ ScheduledKey.Allocate (GetScheduledKeySize ());
+
+ SetCipherKeyXTS (key);
+ Key.CopyFrom (key);
+ Initialized = true;
+ }
+
+ void Cipher::EncryptBlockXTS (byte *data, uint64 length, uint64 startDataUnitNo) const
+ {
+ if (!Initialized)
+ throw NotInitialized (SRC_POS);
+
+ EncryptXTS (data, length, startDataUnitNo);
+ }
+
+ void Cipher::DecryptBlockXTS (byte *data, uint64 length, uint64 startDataUnitNo) const
+ {
+ if (!Initialized)
+ throw NotInitialized (SRC_POS);
+
+ DecryptXTS (data, length, startDataUnitNo);
+ }
+ #endif
+
#define TC_EXCEPTION(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE)
#undef TC_EXCEPTION_NODECL
#define TC_EXCEPTION_NODECL(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE)
@@ -186,6 +218,26 @@ namespace VeraCrypt
#endif
Cipher::EncryptBlocks (data, blockCount);
}
+ #ifdef WOLFCRYPT_BACKEND
+ void CipherAES::EncryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const
+ {
+ xts_encrypt (data, data, length, startDataUnitNo, (aes_encrypt_ctx *) ScheduledKey.Ptr());
+ }
+
+ void CipherAES::DecryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const
+ {
+ xts_decrypt (data, data, length, startDataUnitNo, (aes_decrypt_ctx *) (ScheduledKey.Ptr() + sizeof (aes_encrypt_ctx)));
+ }
+
+ void CipherAES::SetCipherKeyXTS (const byte *key)
+ {
+ if (xts_encrypt_key256 (key, (aes_encrypt_ctx *) ScheduledKey.Ptr()) != EXIT_SUCCESS)
+ throw CipherInitError (SRC_POS);
+
+ if (xts_decrypt_key256 (key, (aes_decrypt_ctx *) (ScheduledKey.Ptr() + sizeof (aes_encrypt_ctx))) != EXIT_SUCCESS)
+ throw CipherInitError (SRC_POS);
+ }
+ #endif
size_t CipherAES::GetScheduledKeySize () const
{
@@ -218,6 +270,7 @@ namespace VeraCrypt
throw CipherInitError (SRC_POS);
}
+ #ifndef WOLFCRYPT_BACKEND
// Serpent
void CipherSerpent::Decrypt (byte *data) const
{
@@ -465,5 +518,6 @@ namespace VeraCrypt
return false;
#endif
}
- bool Cipher::HwSupportEnabled = true;
+ #endif
+ bool Cipher::HwSupportEnabled = true;
}
diff --git a/src/Volume/Cipher.h b/src/Volume/Cipher.h
index 31a519a5..1b7fd233 100644
--- a/src/Volume/Cipher.h
+++ b/src/Volume/Cipher.h
@@ -28,8 +28,15 @@ namespace VeraCrypt
virtual void DecryptBlock (byte *data) const;
virtual void DecryptBlocks (byte *data, size_t blockCount) const;
- static void EnableHwSupport (bool enable) { HwSupportEnabled = enable; }
- virtual void EncryptBlock (byte *data) const;
+ #ifndef WOLFCRYPT_BACKEND
+ static void EnableHwSupport (bool enable) { HwSupportEnabled = enable; }
+ #else
+ static void EnableHwSupport (bool enable) { HwSupportEnabled = false; }
+ virtual void EncryptBlockXTS (byte *data, uint64 length, uint64 startDataUnitNo) const;
+ virtual void DecryptBlockXTS (byte *data, uint64 length, uint64 startDataUnitNo) const;
+ virtual void SetKeyXTS (const ConstBufferPtr &key);
+ #endif
+ virtual void EncryptBlock (byte *data) const;
virtual void EncryptBlocks (byte *data, size_t blockCount) const;
static CipherList GetAvailableCiphers ();
virtual size_t GetBlockSize () const = 0;
@@ -50,6 +57,11 @@ namespace VeraCrypt
virtual void Encrypt (byte *data) const = 0;
virtual size_t GetScheduledKeySize () const = 0;
virtual void SetCipherKey (const byte *key) = 0;
+ #ifdef WOLFCRYPT_BACKEND
+ virtual void DecryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const = 0;
+ virtual void EncryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const = 0;
+ virtual void SetCipherKeyXTS (const byte *key) = 0;
+ #endif
static bool HwSupportEnabled;
bool Initialized;
@@ -69,6 +81,7 @@ namespace VeraCrypt
CipherException (const string &message, const wstring &subject) : Exception (message, subject) { }
};
+#ifdef WOLFCRYPT_BACKEND
#define TC_CIPHER(NAME, BLOCK_SIZE, KEY_SIZE) \
class TC_JOIN (Cipher,NAME) : public Cipher \
@@ -88,12 +101,43 @@ namespace VeraCrypt
virtual void Encrypt (byte *data) const; \
virtual size_t GetScheduledKeySize () const; \
virtual void SetCipherKey (const byte *key); \
+ virtual void DecryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const; \
+ virtual void SetCipherKeyXTS (const byte *key); \
+ virtual void EncryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const; \
\
private: \
TC_JOIN (Cipher,NAME) (const TC_JOIN (Cipher,NAME) &); \
TC_JOIN (Cipher,NAME) &operator= (const TC_JOIN (Cipher,NAME) &); \
}
+#else
+
+#define TC_CIPHER(NAME, BLOCK_SIZE, KEY_SIZE) \
+ class TC_JOIN (Cipher,NAME) : public Cipher \
+ { \
+ public: \
+ TC_JOIN (Cipher,NAME) () { } \
+ virtual ~TC_JOIN (Cipher,NAME) () { } \
+\
+ virtual size_t GetBlockSize () const { return BLOCK_SIZE; }; \
+ virtual size_t GetKeySize () const { return KEY_SIZE; }; \
+ virtual wstring GetName () const { return L###NAME; }; \
+ virtual shared_ptr <Cipher> GetNew () const { return shared_ptr <Cipher> (new TC_JOIN (Cipher,NAME)()); } \
+ TC_CIPHER_ADD_METHODS \
+\
+ protected: \
+ virtual void Decrypt (byte *data) const; \
+ virtual void Encrypt (byte *data) const; \
+ virtual size_t GetScheduledKeySize () const; \
+ virtual void SetCipherKey (const byte *key); \
+\
+ private: \
+ TC_JOIN (Cipher,NAME) (const TC_JOIN (Cipher,NAME) &); \
+ TC_JOIN (Cipher,NAME) &operator= (const TC_JOIN (Cipher,NAME) &); \
+ }
+
+#endif
+
#define TC_CIPHER_ADD_METHODS \
virtual void DecryptBlocks (byte *data, size_t blockCount) const; \
virtual void EncryptBlocks (byte *data, size_t blockCount) const; \
diff --git a/src/Volume/EncryptionAlgorithm.cpp b/src/Volume/EncryptionAlgorithm.cpp
index 85d9be1c..0178da00 100644
--- a/src/Volume/EncryptionAlgorithm.cpp
+++ b/src/Volume/EncryptionAlgorithm.cpp
@@ -12,6 +12,9 @@
#include "EncryptionAlgorithm.h"
#include "EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "EncryptionModeWolfCryptXTS.h"
+#endif
namespace VeraCrypt
{
@@ -62,6 +65,7 @@ namespace VeraCrypt
EncryptionAlgorithmList l;
l.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));
+ #ifndef WOLFCRYPT_BACKEND
l.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
l.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
l.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
@@ -76,7 +80,7 @@ namespace VeraCrypt
l.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));
l.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentTwofishAES ()));
l.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));
-
+ #endif
return l;
}
@@ -215,7 +219,25 @@ namespace VeraCrypt
}
}
- void EncryptionAlgorithm::ValidateState () const
+ #ifdef WOLFCRYPT_BACKEND
+ void EncryptionAlgorithm::SetKeyXTS (const ConstBufferPtr &key)
+ {
+ if (Ciphers.size() < 1)
+ throw NotInitialized (SRC_POS);
+
+ if (GetKeySize() != key.Size())
+ throw ParameterIncorrect (SRC_POS);
+
+ size_t keyOffset = 0;
+ foreach_ref (Cipher &c, Ciphers)
+ {
+ c.SetKeyXTS (key.GetRange (keyOffset, c.GetKeySize()));
+ keyOffset += c.GetKeySize();
+ }
+ }
+ #endif
+
+ void EncryptionAlgorithm::ValidateState () const
{
if (Ciphers.size() < 1 || Mode.get() == nullptr)
throw NotInitialized (SRC_POS);
@@ -226,9 +248,14 @@ namespace VeraCrypt
{
Ciphers.push_back (shared_ptr <Cipher> (new CipherAES()));
+ #ifdef WOLFCRYPT_BACKEND
+ SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeWolfCryptXTS ()));
+ #else
SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
- }
+ #endif
+ }
+#ifndef WOLFCRYPT_BACKEND
// AES-Twofish
AESTwofish::AESTwofish ()
{
@@ -353,4 +380,5 @@ namespace VeraCrypt
SupportedModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
}
+#endif
}
diff --git a/src/Volume/EncryptionAlgorithm.h b/src/Volume/EncryptionAlgorithm.h
index 56642146..d60082fa 100644
--- a/src/Volume/EncryptionAlgorithm.h
+++ b/src/Volume/EncryptionAlgorithm.h
@@ -46,7 +46,10 @@ namespace VeraCrypt
virtual bool IsModeSupported (const EncryptionMode &mode) const;
virtual bool IsModeSupported (const shared_ptr <EncryptionMode> mode) const;
virtual void SetKey (const ConstBufferPtr &key);
- virtual void SetMode (shared_ptr <EncryptionMode> mode);
+ #ifdef WOLFCRYPT_BACKEND
+ virtual void SetKeyXTS (const ConstBufferPtr &key);
+ #endif
+ virtual void SetMode (shared_ptr <EncryptionMode> mode);
protected:
EncryptionAlgorithm ();
diff --git a/src/Volume/EncryptionMode.cpp b/src/Volume/EncryptionMode.cpp
index b7e5cc02..81d275b6 100644
--- a/src/Volume/EncryptionMode.cpp
+++ b/src/Volume/EncryptionMode.cpp
@@ -12,6 +12,9 @@
#include "EncryptionMode.h"
#include "EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "EncryptionModeWolfCryptXTS.h"
+#endif
#include "EncryptionThreadPool.h"
namespace VeraCrypt
@@ -38,7 +41,11 @@ namespace VeraCrypt
{
EncryptionModeList l;
+ #ifdef WOLFCRYPT_BACKEND
+ l.push_back (shared_ptr <EncryptionMode> (new EncryptionModeWolfCryptXTS ()));
+ #else
l.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
+ #endif
return l;
}
diff --git a/src/Volume/EncryptionModeWolfCryptXTS.cpp b/src/Volume/EncryptionModeWolfCryptXTS.cpp
new file mode 100644
index 00000000..891f6007
--- /dev/null
+++ b/src/Volume/EncryptionModeWolfCryptXTS.cpp
@@ -0,0 +1,119 @@
+
+#include "Crypto/cpu.h"
+#include "Crypto/misc.h"
+#include "EncryptionModeWolfCryptXTS.h"
+#include "Common/Crypto.h"
+
+namespace VeraCrypt
+{
+ void EncryptionModeWolfCryptXTS::Encrypt (byte *data, uint64 length) const
+ {
+ EncryptBuffer (data, length, 0);
+ }
+
+ void EncryptionModeWolfCryptXTS::EncryptBuffer (byte *data, uint64 length, uint64 startDataUnitNo) const
+ {
+ if_debug (ValidateState());
+
+ CipherList::const_iterator iSecondaryCipher = SecondaryCiphers.begin();
+
+ for (CipherList::const_iterator iCipher = Ciphers.begin(); iCipher != Ciphers.end(); ++iCipher)
+ {
+ EncryptBufferXTS (**iCipher, **iSecondaryCipher, data, length, startDataUnitNo, 0);
+ ++iSecondaryCipher;
+ }
+
+ assert (iSecondaryCipher == SecondaryCiphers.end());
+ }
+
+ void EncryptionModeWolfCryptXTS::EncryptBufferXTS (Cipher &cipher, const Cipher &secondaryCipher, byte *buffer, uint64 length, uint64 startDataUnitNo, unsigned int startCipherBlockNo) const
+ {
+ cipher.EncryptBlockXTS(buffer, length, startDataUnitNo);
+ }
+
+ void EncryptionModeWolfCryptXTS::EncryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const
+ {
+ EncryptBuffer (data, sectorCount * sectorSize, sectorIndex * sectorSize / ENCRYPTION_DATA_UNIT_SIZE);
+ }
+
+ size_t EncryptionModeWolfCryptXTS::GetKeySize () const
+ {
+ if (Ciphers.empty())
+ throw NotInitialized (SRC_POS);
+
+ size_t keySize = 0;
+ foreach_ref (const Cipher &cipher, SecondaryCiphers)
+ {
+ keySize += cipher.GetKeySize();
+ }
+
+ return keySize;
+ }
+
+ void EncryptionModeWolfCryptXTS::Decrypt (byte *data, uint64 length) const
+ {
+ DecryptBuffer (data, length, 0);
+ }
+
+ void EncryptionModeWolfCryptXTS::DecryptBuffer (byte *data, uint64 length, uint64 startDataUnitNo) const
+ {
+ if_debug (ValidateState());
+
+ CipherList::const_iterator iSecondaryCipher = SecondaryCiphers.end();
+
+ for (CipherList::const_reverse_iterator iCipher = Ciphers.rbegin(); iCipher != Ciphers.rend(); ++iCipher)
+ {
+ --iSecondaryCipher;
+ DecryptBufferXTS (**iCipher, **iSecondaryCipher, data, length, startDataUnitNo, 0);
+ }
+
+ assert (iSecondaryCipher == SecondaryCiphers.begin());
+ }
+
+ void EncryptionModeWolfCryptXTS::DecryptBufferXTS (Cipher &cipher, const Cipher &secondaryCipher, byte *buffer, uint64 length, uint64 startDataUnitNo, unsigned int startCipherBlockNo) const
+ {
+ cipher.DecryptBlockXTS(buffer, length, startDataUnitNo);
+ }
+
+ void EncryptionModeWolfCryptXTS::DecryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const
+ {
+ DecryptBuffer (data, sectorCount * sectorSize, sectorIndex * sectorSize / ENCRYPTION_DATA_UNIT_SIZE);
+ }
+
+ void EncryptionModeWolfCryptXTS::SetCiphers (const CipherList &ciphers)
+ {
+ EncryptionMode::SetCiphers (ciphers);
+
+ SecondaryCiphers.clear();
+
+ foreach_ref (const Cipher &cipher, ciphers)
+ {
+ SecondaryCiphers.push_back (cipher.GetNew());
+ }
+
+ if (SecondaryKey.Size() > 0)
+ SetSecondaryCipherKeys();
+ }
+
+ void EncryptionModeWolfCryptXTS::SetKey (const ConstBufferPtr &key)
+ {
+ SecondaryKey.Allocate (key.Size());
+ SecondaryKey.CopyFrom (key);
+
+ if (!SecondaryCiphers.empty())
+ SetSecondaryCipherKeys();
+
+ }
+
+ void EncryptionModeWolfCryptXTS::SetSecondaryCipherKeys ()
+ {
+ size_t keyOffset = 0;
+ foreach_ref (Cipher &cipher, SecondaryCiphers)
+ {
+ cipher.SetKeyXTS (SecondaryKey.GetRange (keyOffset, cipher.GetKeySize()));
+ keyOffset += cipher.GetKeySize();
+ }
+
+ KeySet = true;
+ }
+}
diff --git a/src/Volume/EncryptionModeWolfCryptXTS.h b/src/Volume/EncryptionModeWolfCryptXTS.h
new file mode 100644
index 00000000..e432f768
--- /dev/null
+++ b/src/Volume/EncryptionModeWolfCryptXTS.h
@@ -0,0 +1,54 @@
+/*
+ Derived from source code of TrueCrypt 7.1a, which is
+ Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
+ by the TrueCrypt License 3.0.
+
+ Modifications and additions to the original source code (contained in this file)
+ and all other portions of this file are Copyright (c) 2013-2017 IDRIX
+ and are governed by the Apache License 2.0 the full text of which is
+ contained in the file License.txt included in VeraCrypt binary and source
+ code distribution packages.
+*/
+
+#ifndef TC_HEADER_Volume_EncryptionModeWolfCryptXTS
+#define TC_HEADER_Volume_EncryptionModeWolfCryptXTS
+
+#include "Platform/Platform.h"
+#include "EncryptionMode.h"
+
+namespace VeraCrypt
+{
+ class EncryptionModeWolfCryptXTS : public EncryptionMode
+ {
+ public:
+ EncryptionModeWolfCryptXTS () { }
+ virtual ~EncryptionModeWolfCryptXTS () { }
+
+ virtual void Decrypt (byte *data, uint64 length) const;
+ virtual void DecryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const;
+ virtual void Encrypt (byte *data, uint64 length) const;
+ virtual void EncryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const;
+ virtual const SecureBuffer &GetKey () const { return SecondaryKey; }
+ virtual size_t GetKeySize () const;
+ virtual wstring GetName () const { return L"XTS"; };
+ virtual shared_ptr <EncryptionMode> GetNew () const { return shared_ptr <EncryptionMode> (new EncryptionModeWolfCryptXTS); }
+ virtual void SetCiphers (const CipherList &ciphers);
+ virtual void SetKey (const ConstBufferPtr &key);
+
+ protected:
+ void DecryptBuffer (byte *data, uint64 length, uint64 startDataUnitNo) const;
+ void DecryptBufferXTS (Cipher &cipher, const Cipher &secondaryCipher, byte *buffer, uint64 length, uint64 startDataUnitNo, unsigned int startCipherBlockNo) const;
+ void EncryptBuffer (byte *data, uint64 length, uint64 startDataUnitNo) const;
+ void EncryptBufferXTS (Cipher &cipher, const Cipher &secondaryCipher, byte *buffer, uint64 length, uint64 startDataUnitNo, unsigned int startCipherBlockNo) const;
+ void SetSecondaryCipherKeys ();
+
+ SecureBuffer SecondaryKey;
+ CipherList SecondaryCiphers;
+
+ private:
+ EncryptionModeWolfCryptXTS (const EncryptionModeWolfCryptXTS &);
+ EncryptionModeWolfCryptXTS &operator= (const EncryptionModeWolfCryptXTS &);
+ };
+}
+
+#endif // TC_HEADER_Volume_EncryptionModeWolfCryptXTS
diff --git a/src/Volume/EncryptionModeXTS.cpp b/src/Volume/EncryptionModeXTS.cpp
index 66f0ff62..56ee895c 100644
--- a/src/Volume/EncryptionModeXTS.cpp
+++ b/src/Volume/EncryptionModeXTS.cpp
@@ -69,7 +69,7 @@ namespace VeraCrypt
void EncryptionModeXTS::EncryptBufferXTS (const Cipher &cipher, const Cipher &secondaryCipher, byte *buffer, uint64 length, uint64 startDataUnitNo, unsigned int startCipherBlockNo) const
{
- byte finalCarry;
+ byte finalCarry;
byte whiteningValues [ENCRYPTION_DATA_UNIT_SIZE];
byte whiteningValue [BYTES_PER_XTS_BLOCK];
byte byteBufUnitNo [BYTES_PER_XTS_BLOCK];
@@ -374,7 +374,7 @@ namespace VeraCrypt
FAST_ERASE64 (whiteningValue, sizeof (whiteningValue));
FAST_ERASE64 (whiteningValues, sizeof (whiteningValues));
- }
+ }
void EncryptionModeXTS::DecryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const
{
@@ -411,7 +411,7 @@ namespace VeraCrypt
foreach_ref (Cipher &cipher, SecondaryCiphers)
{
cipher.SetKey (SecondaryKey.GetRange (keyOffset, cipher.GetKeySize()));
- keyOffset += cipher.GetKeySize();
+ keyOffset += cipher.GetKeySize();
}
KeySet = true;
diff --git a/src/Volume/EncryptionTest.cpp b/src/Volume/EncryptionTest.cpp
index bb9c3a0b..c900885e 100644
--- a/src/Volume/EncryptionTest.cpp
+++ b/src/Volume/EncryptionTest.cpp
@@ -16,6 +16,9 @@
#include "EncryptionAlgorithm.h"
#include "EncryptionMode.h"
#include "EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "EncryptionModeWolfCryptXTS.h"
+#endif
#include "EncryptionTest.h"
#include "Pkcs5Kdf.h"
@@ -64,6 +67,7 @@ namespace VeraCrypt
}
};
+ #ifndef WOLFCRYPT_BACKEND
static const CipherTestVector SerpentTestVectors[] =
{
{
@@ -151,6 +155,7 @@ namespace VeraCrypt
}
}
};
+ #endif
static void TestCipher (Cipher &cipher, const CipherTestVector *testVector, size_t testVectorCount)
{
@@ -190,6 +195,7 @@ namespace VeraCrypt
if (origCrc != Crc32::ProcessBuffer (testData))
throw TestFailed (SRC_POS);
+ #ifndef WOLFCRYPT_BACKEND
CipherSerpent serpent;
TestCipher (serpent, SerpentTestVectors, array_capacity (SerpentTestVectors));
@@ -201,6 +207,7 @@ namespace VeraCrypt
CipherKuznyechik kuznyechik;
TestCipher (kuznyechik, KuznyechikTestVectors, array_capacity (KuznyechikTestVectors));
+ #endif
}
const EncryptionTest::XtsTestVector EncryptionTest::XtsTestVectors[] =
@@ -437,9 +444,16 @@ namespace VeraCrypt
for (i = 0; i < array_capacity (XtsTestVectors); i++)
{
AES aes;
- shared_ptr <EncryptionMode> xts (new EncryptionModeXTS);
-
- aes.SetKey (ConstBufferPtr (XtsTestVectors[i].key1, sizeof (XtsTestVectors[i].key1)));
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> xts (new EncryptionModeWolfCryptXTS);
+ #else
+ shared_ptr <EncryptionMode> xts (new EncryptionModeXTS);
+ #endif
+
+ aes.SetKey (ConstBufferPtr (XtsTestVectors[i].key1, sizeof (XtsTestVectors[i].key1)));
+ #ifdef WOLFCRYPT_BACKEND
+ aes.SetKeyXTS (ConstBufferPtr (XtsTestVectors[i].key2, sizeof (XtsTestVectors[i].key2)));
+ #endif
xts->SetKey (ConstBufferPtr (XtsTestVectors[i].key2, sizeof (XtsTestVectors[i].key2)));
aes.SetMode (xts);
@@ -494,7 +508,11 @@ namespace VeraCrypt
// Test all EAs that support this mode of operation
foreach_ref (EncryptionAlgorithm &ea, EncryptionAlgorithm::GetAvailableAlgorithms())
{
- shared_ptr <EncryptionMode> mode (new EncryptionModeXTS);
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS);
+ #else
+ shared_ptr <EncryptionMode> mode (new EncryptionModeXTS);
+ #endif
if (!ea.IsModeSupported (mode))
continue;
@@ -508,8 +526,11 @@ namespace VeraCrypt
mode->SetKey (modeKey);
ea.SetMode (mode);
+ #ifdef WOLFCRYPT_BACKEND
+ ea.SetKeyXTS (modeKey);
+ #endif
- // Each data unit will contain the same plaintext
+ // Each data unit will contain the same plaintext
for (i = 0; i < nbrUnits; i++)
{
memcpy ((unsigned char *) buf + i * ENCRYPTION_DATA_UNIT_SIZE,
@@ -556,6 +577,7 @@ namespace VeraCrypt
break;
}
}
+ #ifndef WOLFCRYPT_BACKEND
else if (typeid (ea) == typeid (Serpent))
{
switch (testCase)
@@ -920,7 +942,7 @@ namespace VeraCrypt
break;
}
}
-
+ #endif
if (crc == 0x9f5edd58)
throw TestFailed (SRC_POS);
@@ -941,7 +963,11 @@ namespace VeraCrypt
// Test all EAs that support this mode of operation
foreach_ref (EncryptionAlgorithm &ea, EncryptionAlgorithm::GetAvailableAlgorithms())
{
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS);
+ #else
shared_ptr <EncryptionMode> mode (new EncryptionModeXTS);
+ #endif
if (!ea.IsModeSupported (mode))
continue;
@@ -955,6 +981,9 @@ namespace VeraCrypt
mode->SetKey (modeKey);
ea.SetMode (mode);
+ #ifdef WOLFCRYPT_BACKEND
+ ea.SetKeyXTS (modeKey);
+ #endif
// Each data unit will contain the same plaintext
for (i = 0; i < nbrUnits; i++)
@@ -974,6 +1003,7 @@ namespace VeraCrypt
throw TestFailed (SRC_POS);
nTestsPerformed++;
}
+ #ifndef WOLFCRYPT_BACKEND
else if (typeid (ea) == typeid (Serpent))
{
if (crc != 0x3494d480)
@@ -1058,6 +1088,7 @@ namespace VeraCrypt
throw TestFailed (SRC_POS);
nTestsPerformed++;
}
+ #endif
if (crc == 0x9f5edd58)
throw TestFailed (SRC_POS);
@@ -1069,8 +1100,11 @@ namespace VeraCrypt
nTestsPerformed++;
}
-
+ #ifndef WOLFCRYPT_BACKEND
if (nTestsPerformed != 150)
+ #else
+ if (nTestsPerformed != 10)
+ #endif
throw TestFailed (SRC_POS);
}
@@ -1081,6 +1115,7 @@ namespace VeraCrypt
ConstBufferPtr salt (saltData, sizeof (saltData));
Buffer derivedKey (4);
+ #ifndef WOLFCRYPT_BACKEND
Pkcs5HmacBlake2s pkcs5HmacBlake2s;
pkcs5HmacBlake2s.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\x8d\x51\xfa\x31", 4) != 0)
@@ -1105,5 +1140,16 @@ namespace VeraCrypt
pkcs5HmacStreebog.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\xd0\x53\xa2\x30", 4) != 0)
throw TestFailed (SRC_POS);
- }
+ #else
+ Pkcs5HmacSha256 pkcs5HmacSha256;
+ pkcs5HmacSha256.DeriveKey (derivedKey, password, salt, 5);
+ if (memcmp (derivedKey.Ptr(), "\x64\xf3\xa5\xa3", 4) != 0)
+ throw TestFailed (SRC_POS);
+
+ Pkcs5HmacSha512 pkcs5HmacSha512;
+ pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5);
+ if (memcmp (derivedKey.Ptr(), "\x55\xa1\x76\xbb", 4) != 0)
+ throw TestFailed (SRC_POS);
+ #endif
+ }
}
diff --git a/src/Volume/Hash.cpp b/src/Volume/Hash.cpp
index aad900c1..d2e3e649 100644
--- a/src/Volume/Hash.cpp
+++ b/src/Volume/Hash.cpp
@@ -24,11 +24,12 @@ namespace VeraCrypt
HashList l;
l.push_back (shared_ptr <Hash> (new Sha512 ()));
- l.push_back (shared_ptr <Hash> (new Whirlpool ()));
- l.push_back (shared_ptr <Hash> (new Blake2s ()));
l.push_back (shared_ptr <Hash> (new Sha256 ()));
+ #ifndef WOLFCRYPT_BACKEND
+ l.push_back (shared_ptr <Hash> (new Blake2s ()));
+ l.push_back (shared_ptr <Hash> (new Whirlpool ()));
l.push_back (shared_ptr <Hash> (new Streebog ()));
-
+ #endif
return l;
}
@@ -44,6 +45,7 @@ namespace VeraCrypt
throw ParameterIncorrect (SRC_POS);
}
+ #ifndef WOLFCRYPT_BACKEND
// RIPEMD-160
Blake2s::Blake2s ()
{
@@ -67,6 +69,7 @@ namespace VeraCrypt
if_debug (ValidateDataParameters (data));
blake2s_update ((blake2s_state *) Context.Ptr(), data.Get(), data.Size());
}
+ #endif
// SHA-256
Sha256::Sha256 ()
@@ -116,6 +119,7 @@ namespace VeraCrypt
sha512_hash (data.Get(), (int) data.Size(), (sha512_ctx *) Context.Ptr());
}
+ #ifndef WOLFCRYPT_BACKEND
// Whirlpool
Whirlpool::Whirlpool ()
{
@@ -163,4 +167,5 @@ namespace VeraCrypt
if_debug (ValidateDataParameters (data));
STREEBOG_add ((STREEBOG_CTX *) Context.Ptr(), data.Get(), (int) data.Size());
}
+ #endif
}
diff --git a/src/Volume/Hash.h b/src/Volume/Hash.h
index 0e464b37..5720eb50 100644
--- a/src/Volume/Hash.h
+++ b/src/Volume/Hash.h
@@ -48,6 +48,7 @@ namespace VeraCrypt
Hash &operator= (const Hash &);
};
+ #ifndef WOLFCRYPT_BACKEND
// Blake2s
class Blake2s : public Hash
{
@@ -70,6 +71,7 @@ namespace VeraCrypt
Blake2s (const Blake2s &);
Blake2s &operator= (const Blake2s &);
};
+ #endif
// SHA-256
class Sha256 : public Hash
@@ -117,6 +119,7 @@ namespace VeraCrypt
Sha512 &operator= (const Sha512 &);
};
+ #ifndef WOLFCRYPT_BACKEND
// Whirlpool
class Whirlpool : public Hash
{
@@ -162,6 +165,7 @@ namespace VeraCrypt
Streebog (const Streebog &);
Streebog &operator= (const Streebog &);
};
+ #endif
}
#endif // TC_HEADER_Encryption_Hash
diff --git a/src/Volume/Pkcs5Kdf.cpp b/src/Volume/Pkcs5Kdf.cpp
index ff49cefe..820f1121 100644
--- a/src/Volume/Pkcs5Kdf.cpp
+++ b/src/Volume/Pkcs5Kdf.cpp
@@ -56,10 +56,11 @@ namespace VeraCrypt
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 ()));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ()));
+ #ifndef WOLFCRYPT_BACKEND
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacBlake2s ()));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool ()));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool ()));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacStreebog ()));
-
+ #endif
return l;
}
@@ -69,6 +70,7 @@ namespace VeraCrypt
throw ParameterIncorrect (SRC_POS);
}
+ #ifndef WOLFCRYPT_BACKEND
void Pkcs5HmacBlake2s_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
{
ValidateParameters (key, password, salt, iterationCount);
@@ -80,6 +82,7 @@ namespace VeraCrypt
ValidateParameters (key, password, salt, iterationCount);
derive_key_blake2s ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
}
+ #endif
void Pkcs5HmacSha256_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
{
@@ -99,6 +102,7 @@ namespace VeraCrypt
derive_key_sha512 ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
}
+ #ifndef WOLFCRYPT_BACKEND
void Pkcs5HmacWhirlpool::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const
{
ValidateParameters (key, password, salt, iterationCount);
@@ -116,4 +120,5 @@ namespace VeraCrypt
ValidateParameters (key, password, salt, iterationCount);
derive_key_streebog ((char *) password.DataPtr(), (int) password.Size(), (char *) salt.Get(), (int) salt.Size(), iterationCount, (char *) key.Get(), (int) key.Size());
}
+ #endif
}
diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h
index 9071caf0..fc83eb06 100644
--- a/src/Volume/Pkcs5Kdf.h
+++ b/src/Volume/Pkcs5Kdf.h
@@ -48,6 +48,7 @@ namespace VeraCrypt
Pkcs5Kdf &operator= (const Pkcs5Kdf &);
};
+ #ifndef WOLFCRYPT_BACKEND
class Pkcs5HmacBlake2s_Boot : public Pkcs5Kdf
{
public:
@@ -81,6 +82,7 @@ namespace VeraCrypt
Pkcs5HmacBlake2s (const Pkcs5HmacBlake2s &);
Pkcs5HmacBlake2s &operator= (const Pkcs5HmacBlake2s &);
};
+ #endif
class Pkcs5HmacSha256_Boot : public Pkcs5Kdf
{
@@ -132,7 +134,7 @@ namespace VeraCrypt
Pkcs5HmacSha512 (const Pkcs5HmacSha512 &);
Pkcs5HmacSha512 &operator= (const Pkcs5HmacSha512 &);
};
-
+ #ifndef WOLFCRYPT_BACKEND
class Pkcs5HmacWhirlpool : public Pkcs5Kdf
{
public:
@@ -183,6 +185,7 @@ namespace VeraCrypt
Pkcs5HmacStreebog_Boot (const Pkcs5HmacStreebog_Boot &);
Pkcs5HmacStreebog_Boot &operator= (const Pkcs5HmacStreebog_Boot &);
};
+ #endif
}
#endif // TC_HEADER_Encryption_Pkcs5
diff --git a/src/Volume/Volume.make b/src/Volume/Volume.make
index d69ec135..f81df229 100644
--- a/src/Volume/Volume.make
+++ b/src/Volume/Volume.make
@@ -16,7 +16,6 @@ OBJSNOOPT :=
OBJS += Cipher.o
OBJS += EncryptionAlgorithm.o
OBJS += EncryptionMode.o
-OBJS += EncryptionModeXTS.o
OBJS += EncryptionTest.o
OBJS += EncryptionThreadPool.o
OBJS += Hash.o
@@ -30,58 +29,68 @@ OBJS += VolumeLayout.o
OBJS += VolumePassword.o
OBJS += VolumePasswordCache.o
-ifeq "$(PLATFORM)" "MacOSX"
- OBJSEX += ../Crypto/Aes_asm.oo
- OBJS += ../Crypto/Aes_hw_cpu.o
- OBJS += ../Crypto/Aescrypt.o
- OBJSEX += ../Crypto/Twofish_asm.oo
- OBJSEX += ../Crypto/Camellia_asm.oo
- OBJSEX += ../Crypto/Camellia_aesni_asm.oo
- OBJSEX += ../Crypto/sha256-nayuki.oo
- OBJSEX += ../Crypto/sha512-nayuki.oo
- OBJSEX += ../Crypto/sha256_avx1.oo
- OBJSEX += ../Crypto/sha256_avx2.oo
- OBJSEX += ../Crypto/sha256_sse4.oo
- OBJSEX += ../Crypto/sha512_avx1.oo
- OBJSEX += ../Crypto/sha512_avx2.oo
- OBJSEX += ../Crypto/sha512_sse4.oo
-else ifeq "$(CPU_ARCH)" "x86"
- OBJS += ../Crypto/Aes_x86.o
-ifeq "$(DISABLE_AESNI)" "0"
- OBJS += ../Crypto/Aes_hw_cpu.o
-endif
- OBJS += ../Crypto/sha256-x86-nayuki.o
- OBJS += ../Crypto/sha512-x86-nayuki.o
-else ifeq "$(CPU_ARCH)" "x64"
- OBJS += ../Crypto/Aes_x64.o
-ifeq "$(DISABLE_AESNI)" "0"
- OBJS += ../Crypto/Aes_hw_cpu.o
-endif
- OBJS += ../Crypto/Twofish_x64.o
- OBJS += ../Crypto/Camellia_x64.o
- OBJS += ../Crypto/Camellia_aesni_x64.o
- OBJS += ../Crypto/sha512-x64-nayuki.o
- OBJS += ../Crypto/sha256_avx1_x64.o
- OBJS += ../Crypto/sha256_avx2_x64.o
- OBJS += ../Crypto/sha256_sse4_x64.o
- OBJS += ../Crypto/sha512_avx1_x64.o
- OBJS += ../Crypto/sha512_avx2_x64.o
- OBJS += ../Crypto/sha512_sse4_x64.o
+ifeq "$(ENABLE_WOLFCRYPT)" "0"
+OBJS += EncryptionModeXTS.o
else
- OBJS += ../Crypto/Aescrypt.o
+OBJS += EncryptionModeWolfCryptXTS.o
endif
-ifeq "$(GCC_GTEQ_430)" "1"
-OBJSSSE41 += ../Crypto/blake2s_SSE41.osse41
-OBJSSSSE3 += ../Crypto/blake2s_SSSE3.ossse3
+ifeq "$(ENABLE_WOLFCRYPT)" "0"
+ ifeq "$(PLATFORM)" "MacOSX"
+ OBJSEX += ../Crypto/Aes_asm.oo
+ OBJS += ../Crypto/Aes_hw_cpu.o
+ OBJS += ../Crypto/Aescrypt.o
+ OBJSEX += ../Crypto/Twofish_asm.oo
+ OBJSEX += ../Crypto/Camellia_asm.oo
+ OBJSEX += ../Crypto/Camellia_aesni_asm.oo
+ OBJSEX += ../Crypto/sha256-nayuki.oo
+ OBJSEX += ../Crypto/sha512-nayuki.oo
+ OBJSEX += ../Crypto/sha256_avx1.oo
+ OBJSEX += ../Crypto/sha256_avx2.oo
+ OBJSEX += ../Crypto/sha256_sse4.oo
+ OBJSEX += ../Crypto/sha512_avx1.oo
+ OBJSEX += ../Crypto/sha512_avx2.oo
+ OBJSEX += ../Crypto/sha512_sse4.oo
+ else ifeq "$(CPU_ARCH)" "x86"
+ OBJS += ../Crypto/Aes_x86.o
+ ifeq "$(DISABLE_AESNI)" "0"
+ OBJS += ../Crypto/Aes_hw_cpu.o
+ endif
+ OBJS += ../Crypto/sha256-x86-nayuki.o
+ OBJS += ../Crypto/sha512-x86-nayuki.o
+ else ifeq "$(CPU_ARCH)" "x64"
+ OBJS += ../Crypto/Aes_x64.o
+ ifeq "$(DISABLE_AESNI)" "0"
+ OBJS += ../Crypto/Aes_hw_cpu.o
+ endif
+ OBJS += ../Crypto/Twofish_x64.o
+ OBJS += ../Crypto/Camellia_x64.o
+ OBJS += ../Crypto/Camellia_aesni_x64.o
+ OBJS += ../Crypto/sha512-x64-nayuki.o
+ OBJS += ../Crypto/sha256_avx1_x64.o
+ OBJS += ../Crypto/sha256_avx2_x64.o
+ OBJS += ../Crypto/sha256_sse4_x64.o
+ OBJS += ../Crypto/sha512_avx1_x64.o
+ OBJS += ../Crypto/sha512_avx2_x64.o
+ OBJS += ../Crypto/sha512_sse4_x64.o
+ else
+ OBJS += ../Crypto/Aescrypt.o
+ endif
+
+ ifeq "$(GCC_GTEQ_430)" "1"
+ OBJSSSE41 += ../Crypto/blake2s_SSE41.osse41
+ OBJSSSSE3 += ../Crypto/blake2s_SSSE3.ossse3
+ else
+ OBJS += ../Crypto/blake2s_SSE41.o
+ OBJS += ../Crypto/blake2s_SSSE3.o
+ endif
else
-OBJS += ../Crypto/blake2s_SSE41.o
-OBJS += ../Crypto/blake2s_SSSE3.o
+ OBJS += ../Crypto/wolfCrypt.o
endif
+ifeq "$(ENABLE_WOLFCRYPT)" "0"
OBJS += ../Crypto/Aeskey.o
OBJS += ../Crypto/Aestab.o
-OBJS += ../Crypto/cpu.o
OBJS += ../Crypto/blake2s.o
OBJS += ../Crypto/blake2s_SSE2.o
OBJS += ../Crypto/SerpentFast.o
@@ -93,6 +102,10 @@ OBJS += ../Crypto/Camellia.o
OBJS += ../Crypto/Streebog.o
OBJS += ../Crypto/kuznyechik.o
OBJS += ../Crypto/kuznyechik_simd.o
+OBJS += ../Common/Pkcs5.o
+endif
+
+OBJS += ../Crypto/cpu.o
OBJSNOOPT += ../Crypto/jitterentropy-base.o0
@@ -110,54 +123,55 @@ OBJS += ../Common/EMVCard.o
OBJS += ../Common/EMVToken.o
OBJS += ../Common/Endian.o
OBJS += ../Common/GfMul.o
-OBJS += ../Common/Pkcs5.o
OBJS += ../Common/SecurityToken.o
VolumeLibrary: Volume.a
-ifeq "$(PLATFORM)" "MacOSX"
-../Crypto/Aes_asm.oo: ../Crypto/Aes_x86.asm ../Crypto/Aes_x64.asm
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS32) -o ../Crypto/Aes_x86.o ../Crypto/Aes_x86.asm
- $(AS) $(ASFLAGS64) -o ../Crypto/Aes_x64.o ../Crypto/Aes_x64.asm
- lipo -create ../Crypto/Aes_x86.o ../Crypto/Aes_x64.o -output ../Crypto/Aes_asm.oo
- rm -fr ../Crypto/Aes_x86.o ../Crypto/Aes_x64.o
-../Crypto/Twofish_asm.oo: ../Crypto/Twofish_x64.S
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -p gas -o ../Crypto/Twofish_asm.oo ../Crypto/Twofish_x64.S
-../Crypto/Camellia_asm.oo: ../Crypto/Camellia_x64.S
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -p gas -o ../Crypto/Camellia_asm.oo ../Crypto/Camellia_x64.S
-../Crypto/Camellia_aesni_asm.oo: ../Crypto/Camellia_aesni_x64.S
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -p gas -o ../Crypto/Camellia_aesni_asm.oo ../Crypto/Camellia_aesni_x64.S
-../Crypto/sha256-nayuki.oo: ../Crypto/sha256-x86-nayuki.S
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS32) -p gas -o ../Crypto/sha256-x86-nayuki.o ../Crypto/sha256-x86-nayuki.S
- $(AS) $(ASFLAGS64) -p gas -o ../Crypto/sha256-x64-nayuki.o ../Crypto/sha256-x64-nayuki.S
- lipo -create ../Crypto/sha256-x86-nayuki.o ../Crypto/sha256-x64-nayuki.o -output ../Crypto/sha256-nayuki.oo
- rm -fr ../Crypto/sha256-x86-nayuki.o ../Crypto/sha256-x64-nayuki.o
-../Crypto/sha256_avx1.oo: ../Crypto/sha256_avx1_x64.asm
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -o ../Crypto/sha256_avx1.oo ../Crypto/sha256_avx1_x64.asm
-../Crypto/sha256_avx2.oo: ../Crypto/sha256_avx2_x64.asm
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -o ../Crypto/sha256_avx2.oo ../Crypto/sha256_avx2_x64.asm
-../Crypto/sha256_sse4.oo: ../Crypto/sha256_sse4_x64.asm
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -o ../Crypto/sha256_sse4.oo ../Crypto/sha256_sse4_x64.asm
-../Crypto/sha512-nayuki.oo: ../Crypto/sha512-x64-nayuki.S
- @echo Assembling $(<F)
- $(AS) -p gas $(ASFLAGS64) -o ../Crypto/sha512-nayuki.oo ../Crypto/sha512-x64-nayuki.S
-../Crypto/sha512_avx1.oo: ../Crypto/sha512_avx1_x64.asm
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -o ../Crypto/sha512_avx1.oo ../Crypto/sha512_avx1_x64.asm
-../Crypto/sha512_avx2.oo: ../Crypto/sha512_avx2_x64.asm
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -o ../Crypto/sha512_avx2.oo ../Crypto/sha512_avx2_x64.asm
-../Crypto/sha512_sse4.oo: ../Crypto/sha512_sse4_x64.asm
- @echo Assembling $(<F)
- $(AS) $(ASFLAGS64) -o ../Crypto/sha512_sse4.oo ../Crypto/sha512_sse4_x64.asm
+ifeq "$(ENABLE_WOLFCRYPT)" "0"
+ ifeq "$(PLATFORM)" "MacOSX"
+ ../Crypto/Aes_asm.oo: ../Crypto/Aes_x86.asm ../Crypto/Aes_x64.asm
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS32) -o ../Crypto/Aes_x86.o ../Crypto/Aes_x86.asm
+ $(AS) $(ASFLAGS64) -o ../Crypto/Aes_x64.o ../Crypto/Aes_x64.asm
+ lipo -create ../Crypto/Aes_x86.o ../Crypto/Aes_x64.o -output ../Crypto/Aes_asm.oo
+ rm -fr ../Crypto/Aes_x86.o ../Crypto/Aes_x64.o
+ ../Crypto/Twofish_asm.oo: ../Crypto/Twofish_x64.S
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -p gas -o ../Crypto/Twofish_asm.oo ../Crypto/Twofish_x64.S
+ ../Crypto/Camellia_asm.oo: ../Crypto/Camellia_x64.S
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -p gas -o ../Crypto/Camellia_asm.oo ../Crypto/Camellia_x64.S
+ ../Crypto/Camellia_aesni_asm.oo: ../Crypto/Camellia_aesni_x64.S
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -p gas -o ../Crypto/Camellia_aesni_asm.oo ../Crypto/Camellia_aesni_x64.S
+ ../Crypto/sha256-nayuki.oo: ../Crypto/sha256-x86-nayuki.S
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS32) -p gas -o ../Crypto/sha256-x86-nayuki.o ../Crypto/sha256-x86-nayuki.S
+ $(AS) $(ASFLAGS64) -p gas -o ../Crypto/sha256-x64-nayuki.o ../Crypto/sha256-x64-nayuki.S
+ lipo -create ../Crypto/sha256-x86-nayuki.o ../Crypto/sha256-x64-nayuki.o -output ../Crypto/sha256-nayuki.oo
+ rm -fr ../Crypto/sha256-x86-nayuki.o ../Crypto/sha256-x64-nayuki.o
+ ../Crypto/sha256_avx1.oo: ../Crypto/sha256_avx1_x64.asm
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -o ../Crypto/sha256_avx1.oo ../Crypto/sha256_avx1_x64.asm
+ ../Crypto/sha256_avx2.oo: ../Crypto/sha256_avx2_x64.asm
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -o ../Crypto/sha256_avx2.oo ../Crypto/sha256_avx2_x64.asm
+ ../Crypto/sha256_sse4.oo: ../Crypto/sha256_sse4_x64.asm
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -o ../Crypto/sha256_sse4.oo ../Crypto/sha256_sse4_x64.asm
+ ../Crypto/sha512-nayuki.oo: ../Crypto/sha512-x64-nayuki.S
+ @echo Assembling $(<F)
+ $(AS) -p gas $(ASFLAGS64) -o ../Crypto/sha512-nayuki.oo ../Crypto/sha512-x64-nayuki.S
+ ../Crypto/sha512_avx1.oo: ../Crypto/sha512_avx1_x64.asm
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -o ../Crypto/sha512_avx1.oo ../Crypto/sha512_avx1_x64.asm
+ ../Crypto/sha512_avx2.oo: ../Crypto/sha512_avx2_x64.asm
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -o ../Crypto/sha512_avx2.oo ../Crypto/sha512_avx2_x64.asm
+ ../Crypto/sha512_sse4.oo: ../Crypto/sha512_sse4_x64.asm
+ @echo Assembling $(<F)
+ $(AS) $(ASFLAGS64) -o ../Crypto/sha512_sse4.oo ../Crypto/sha512_sse4_x64.asm
+ endif
endif
include $(BUILD_INC)/Makefile.inc
diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp
index d8527ed5..57b63394 100644
--- a/src/Volume/VolumeHeader.cpp
+++ b/src/Volume/VolumeHeader.cpp
@@ -12,6 +12,9 @@
#include "Crc32.h"
#include "EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "EncryptionModeWolfCryptXTS.h"
+#endif
#include "Pkcs5Kdf.h"
#include "Pkcs5Kdf.h"
#include "VolumeHeader.h"
@@ -76,8 +79,12 @@ namespace VeraCrypt
}
EA = options.EA;
- shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
- EA->SetMode (mode);
+ #ifdef WOLFCRYPT_BACKEND
+ shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS ());
+ #else
+ shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
+ #endif
+ EA->SetMode (mode);
EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf);
}
@@ -100,17 +107,28 @@ namespace VeraCrypt
foreach (shared_ptr <EncryptionMode> mode, encryptionModes)
{
- if (typeid (*mode) != typeid (EncryptionModeXTS))
- mode->SetKey (headerKey.GetRange (0, mode->GetKeySize()));
+ #ifdef WOLFCRYPT_BACKEND
+ if (typeid (*mode) != typeid (EncryptionModeWolfCryptXTS))
+ #else
+ if (typeid (*mode) != typeid (EncryptionModeXTS))
+ #endif
+ mode->SetKey (headerKey.GetRange (0, mode->GetKeySize()));
foreach (shared_ptr <EncryptionAlgorithm> ea, encryptionAlgorithms)
{
if (!ea->IsModeSupported (mode))
continue;
+ #ifndef WOLFCRYPT_BACKEND
if (typeid (*mode) == typeid (EncryptionModeXTS))
{
- ea->SetKey (headerKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKey (headerKey.GetRange (0, ea->GetKeySize()));
+ #else
+ if (typeid (*mode) == typeid (EncryptionModeWolfCryptXTS))
+ {
+ ea->SetKey (headerKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKeyXTS (headerKey.GetRange (ea->GetKeySize(), ea->GetKeySize()));
+ #endif
mode = mode->GetNew();
mode->SetKey (headerKey.GetRange (ea->GetKeySize(), ea->GetKeySize()));
@@ -206,9 +224,16 @@ namespace VeraCrypt
ea = ea->GetNew();
mode = mode->GetNew();
+ #ifndef WOLFCRYPT_BACKEND
if (typeid (*mode) == typeid (EncryptionModeXTS))
{
- ea->SetKey (header.GetRange (offset, ea->GetKeySize()));
+ ea->SetKey (header.GetRange (offset, ea->GetKeySize()));
+ #else
+ if (typeid (*mode) == typeid (EncryptionModeWolfCryptXTS))
+ {
+ ea->SetKey (header.GetRange (offset, ea->GetKeySize()));
+ ea->SetKeyXTS (header.GetRange (offset + ea->GetKeySize(), ea->GetKeySize()));
+ #endif
mode->SetKey (header.GetRange (offset + ea->GetKeySize(), ea->GetKeySize()));
}
else
@@ -250,10 +275,17 @@ namespace VeraCrypt
shared_ptr <EncryptionMode> mode = EA->GetMode()->GetNew();
shared_ptr <EncryptionAlgorithm> ea = EA->GetNew();
+ #ifndef WOLFCRYPT_BACKEND
if (typeid (*mode) == typeid (EncryptionModeXTS))
{
- mode->SetKey (newHeaderKey.GetRange (EA->GetKeySize(), EA->GetKeySize()));
- ea->SetKey (newHeaderKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKey (newHeaderKey.GetRange (0, ea->GetKeySize()));
+ #else
+ if (typeid (*mode) == typeid (EncryptionModeWolfCryptXTS))
+ {
+ ea->SetKey (newHeaderKey.GetRange (0, ea->GetKeySize()));
+ ea->SetKeyXTS (newHeaderKey.GetRange (EA->GetKeySize(), EA->GetKeySize()));
+ #endif
+ mode->SetKey (newHeaderKey.GetRange (EA->GetKeySize(), EA->GetKeySize()));
}
else
{
diff --git a/src/Volume/VolumeLayout.cpp b/src/Volume/VolumeLayout.cpp
index efb77649..3600d76f 100644
--- a/src/Volume/VolumeLayout.cpp
+++ b/src/Volume/VolumeLayout.cpp
@@ -12,6 +12,9 @@
#include "Volume/EncryptionMode.h"
#include "Volume/EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "Volume/EncryptionModeWolfCryptXTS.h"
+#endif
#include "VolumeLayout.h"
#include "Boot/Windows/BootCommon.h"
@@ -66,6 +69,7 @@ namespace VeraCrypt
HeaderSize = TC_VOLUME_HEADER_SIZE_LEGACY;
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));
+ #ifndef WOLFCRYPT_BACKEND
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
@@ -75,7 +79,10 @@ namespace VeraCrypt
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentTwofishAES ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));
- SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
+ SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
+ #else
+ SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeWolfCryptXTS ()));
+ #endif
}
uint64 VolumeLayoutV1Normal::GetDataOffset (uint64 volumeHostSize) const
@@ -97,6 +104,7 @@ namespace VeraCrypt
BackupHeaderOffset = -TC_VOLUME_HEADER_GROUP_SIZE;
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));
+ #ifndef WOLFCRYPT_BACKEND
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
@@ -111,9 +119,12 @@ namespace VeraCrypt
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentTwofishAES ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));
-
SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
- }
+ #else
+ SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeWolfCryptXTS ()));
+ #endif
+
+ }
uint64 VolumeLayoutV2Normal::GetDataOffset (uint64 volumeHostSize) const
{
@@ -142,6 +153,7 @@ namespace VeraCrypt
BackupHeaderOffset = -TC_HIDDEN_VOLUME_HEADER_OFFSET;
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));
+ #ifndef WOLFCRYPT_BACKEND
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
@@ -158,6 +170,9 @@ namespace VeraCrypt
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));
SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
+ #else
+ SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeWolfCryptXTS ()));
+ #endif
}
uint64 VolumeLayoutV2Hidden::GetDataOffset (uint64 volumeHostSize) const
@@ -194,6 +209,7 @@ namespace VeraCrypt
HeaderSize = TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE;
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new AES ()));
+ #ifndef WOLFCRYPT_BACKEND
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Serpent ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Twofish ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new Camellia ()));
@@ -208,9 +224,13 @@ namespace VeraCrypt
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentAES ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new SerpentTwofishAES ()));
SupportedEncryptionAlgorithms.push_back (shared_ptr <EncryptionAlgorithm> (new TwofishSerpent ()));
-
- SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
- }
+
+ SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeXTS ()));
+ #else
+ SupportedEncryptionModes.push_back (shared_ptr <EncryptionMode> (new EncryptionModeWolfCryptXTS ()));
+ #endif
+
+ }
uint64 VolumeLayoutSystemEncryption::GetDataOffset (uint64 volumeHostSize) const
{
@@ -226,10 +246,12 @@ namespace VeraCrypt
{
Pkcs5KdfList l;
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ()));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacBlake2s_Boot ()));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 ()));
+ #ifndef WOLFCRYPT_BACKEND
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacBlake2s_Boot ()));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool ()));
l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacStreebog ()));
- return l;
+ #endif
+ return l;
}
}