VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Volume
diff options
context:
space:
mode:
Diffstat (limited to 'src/Volume')
-rw-r--r--src/Volume/EncryptionTest.cpp6
-rw-r--r--src/Volume/Pkcs5Kdf.cpp31
-rw-r--r--src/Volume/Pkcs5Kdf.h39
-rwxr-xr-xsrc/Volume/Volume.cpp30
-rwxr-xr-xsrc/Volume/Volume.h6
-rwxr-xr-xsrc/Volume/VolumeHeader.cpp25
-rwxr-xr-xsrc/Volume/VolumeHeader.h4
-rw-r--r--src/Volume/VolumeInfo.cpp3
-rw-r--r--src/Volume/VolumeInfo.h3
-rw-r--r--src/Volume/VolumeLayout.cpp8
-rw-r--r--src/Volume/VolumeLayout.h4
11 files changed, 100 insertions, 59 deletions
diff --git a/src/Volume/EncryptionTest.cpp b/src/Volume/EncryptionTest.cpp
index 8ed90115..c9ced62d 100644
--- a/src/Volume/EncryptionTest.cpp
+++ b/src/Volume/EncryptionTest.cpp
@@ -791,17 +791,17 @@ namespace VeraCrypt
ConstBufferPtr salt (saltData, sizeof (saltData));
Buffer derivedKey (4);
- Pkcs5HmacRipemd160 pkcs5HmacRipemd160;
+ Pkcs5HmacRipemd160 pkcs5HmacRipemd160(false);
pkcs5HmacRipemd160.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\x7a\x3d\x7c\x03", 4) != 0)
throw TestFailed (SRC_POS);
- Pkcs5HmacSha512 pkcs5HmacSha512;
+ Pkcs5HmacSha512 pkcs5HmacSha512(false);
pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\x13\x64\xae\xf8", 4) != 0)
throw TestFailed (SRC_POS);
- Pkcs5HmacWhirlpool pkcs5HmacWhirlpool;
+ Pkcs5HmacWhirlpool pkcs5HmacWhirlpool(false);
pkcs5HmacWhirlpool.DeriveKey (derivedKey, password, salt, 5);
if (memcmp (derivedKey.Ptr(), "\x50\x7c\x36\x6f", 4) != 0)
throw TestFailed (SRC_POS);
diff --git a/src/Volume/Pkcs5Kdf.cpp b/src/Volume/Pkcs5Kdf.cpp
index abf45720..beccd62b 100644
--- a/src/Volume/Pkcs5Kdf.cpp
+++ b/src/Volume/Pkcs5Kdf.cpp
@@ -12,7 +12,7 @@
namespace VeraCrypt
{
- Pkcs5Kdf::Pkcs5Kdf ()
+ Pkcs5Kdf::Pkcs5Kdf (bool truecryptMode) : m_truecryptMode(truecryptMode)
{
}
@@ -25,9 +25,9 @@ namespace VeraCrypt
DeriveKey (key, password, salt, GetIterationCount());
}
- shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const wstring &name)
+ shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const wstring &name, bool truecryptMode)
{
- foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms())
+ foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms(truecryptMode))
{
if (kdf->GetName() == name)
return kdf;
@@ -35,9 +35,9 @@ namespace VeraCrypt
throw ParameterIncorrect (SRC_POS);
}
- shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const Hash &hash)
+ shared_ptr <Pkcs5Kdf> Pkcs5Kdf::GetAlgorithm (const Hash &hash, bool truecryptMode)
{
- foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms())
+ foreach (shared_ptr <Pkcs5Kdf> kdf, GetAvailableAlgorithms(truecryptMode))
{
if (typeid (*kdf->GetHash()) == typeid (hash))
return kdf;
@@ -46,14 +46,23 @@ namespace VeraCrypt
throw ParameterIncorrect (SRC_POS);
}
- Pkcs5KdfList Pkcs5Kdf::GetAvailableAlgorithms ()
+ Pkcs5KdfList Pkcs5Kdf::GetAvailableAlgorithms (bool truecryptMode)
{
Pkcs5KdfList l;
-
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 ()));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool ()));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ()));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 ()));
+
+ if (truecryptMode)
+ {
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 (true)));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 (true)));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (true)));
+ }
+ else
+ {
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha512 (false)));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacWhirlpool (false)));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256 ()));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160 (false)));
+ }
return l;
}
diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h
index 19267b0f..b2a13213 100644
--- a/src/Volume/Pkcs5Kdf.h
+++ b/src/Volume/Pkcs5Kdf.h
@@ -25,17 +25,20 @@ namespace VeraCrypt
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt) const;
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const = 0;
- static shared_ptr <Pkcs5Kdf> GetAlgorithm (const wstring &name);
- static shared_ptr <Pkcs5Kdf> GetAlgorithm (const Hash &hash);
- static Pkcs5KdfList GetAvailableAlgorithms ();
+ static shared_ptr <Pkcs5Kdf> GetAlgorithm (const wstring &name, bool truecryptMode);
+ static shared_ptr <Pkcs5Kdf> GetAlgorithm (const Hash &hash, bool truecryptMode);
+ static Pkcs5KdfList GetAvailableAlgorithms (bool truecryptMode);
virtual shared_ptr <Hash> GetHash () const = 0;
virtual int GetIterationCount () const = 0;
virtual wstring GetName () const = 0;
virtual Pkcs5Kdf* Clone () const = 0;
virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); }
+ bool GetTrueCryptMode () const { return m_truecryptMode;}
+ void SetTrueCryptMode (bool truecryptMode) { m_truecryptMode = truecryptMode;}
protected:
- Pkcs5Kdf ();
+ bool m_truecryptMode;
+ Pkcs5Kdf (bool truecryptMode);
void ValidateParameters (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
@@ -47,14 +50,14 @@ namespace VeraCrypt
class Pkcs5HmacRipemd160 : public Pkcs5Kdf
{
public:
- Pkcs5HmacRipemd160 () { }
+ Pkcs5HmacRipemd160 (bool truecryptMode) : Pkcs5Kdf (truecryptMode) { }
virtual ~Pkcs5HmacRipemd160 () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
- virtual int GetIterationCount () const { return 655331; }
+ virtual int GetIterationCount () const { return m_truecryptMode? 2000 : 655331; }
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
- virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(); }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(m_truecryptMode); }
private:
Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &);
@@ -64,14 +67,14 @@ namespace VeraCrypt
class Pkcs5HmacRipemd160_1000 : public Pkcs5Kdf
{
public:
- Pkcs5HmacRipemd160_1000 () { }
+ Pkcs5HmacRipemd160_1000 (bool truecryptMode) : Pkcs5Kdf(truecryptMode) { }
virtual ~Pkcs5HmacRipemd160_1000 () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
- virtual int GetIterationCount () const { return 327661; }
+ virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 327661; }
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
- virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(); }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(m_truecryptMode); }
private:
Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &);
@@ -81,7 +84,7 @@ namespace VeraCrypt
class Pkcs5HmacSha256_Boot : public Pkcs5Kdf
{
public:
- Pkcs5HmacSha256_Boot () { }
+ Pkcs5HmacSha256_Boot () : Pkcs5Kdf(false) { }
virtual ~Pkcs5HmacSha256_Boot () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
@@ -98,7 +101,7 @@ namespace VeraCrypt
class Pkcs5HmacSha256 : public Pkcs5Kdf
{
public:
- Pkcs5HmacSha256 () { }
+ Pkcs5HmacSha256 () : Pkcs5Kdf(false) { }
virtual ~Pkcs5HmacSha256 () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
@@ -115,14 +118,14 @@ namespace VeraCrypt
class Pkcs5HmacSha512 : public Pkcs5Kdf
{
public:
- Pkcs5HmacSha512 () { }
+ Pkcs5HmacSha512 (bool truecryptMode) : Pkcs5Kdf(truecryptMode) { }
virtual ~Pkcs5HmacSha512 () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); }
- virtual int GetIterationCount () const { return 500000; }
+ virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 500000; }
virtual wstring GetName () const { return L"HMAC-SHA-512"; }
- virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(); }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(m_truecryptMode); }
private:
Pkcs5HmacSha512 (const Pkcs5HmacSha512 &);
@@ -132,14 +135,14 @@ namespace VeraCrypt
class Pkcs5HmacWhirlpool : public Pkcs5Kdf
{
public:
- Pkcs5HmacWhirlpool () { }
+ Pkcs5HmacWhirlpool (bool truecryptMode) : Pkcs5Kdf(truecryptMode) { }
virtual ~Pkcs5HmacWhirlpool () { }
virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const;
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); }
- virtual int GetIterationCount () const { return 500000; }
+ virtual int GetIterationCount () const { return m_truecryptMode? 1000 : 500000; }
virtual wstring GetName () const { return L"HMAC-Whirlpool"; }
- virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool(m_truecryptMode); }
private:
Pkcs5HmacWhirlpool (const Pkcs5HmacWhirlpool &);
diff --git a/src/Volume/Volume.cpp b/src/Volume/Volume.cpp
index 362b342c..f1f248ba 100755
--- a/src/Volume/Volume.cpp
+++ b/src/Volume/Volume.cpp
@@ -23,7 +23,8 @@ namespace VeraCrypt
VolumeDataSize (0),
TopWriteOffset (0),
TotalDataRead (0),
- TotalDataWritten (0)
+ TotalDataWritten (0),
+ TrueCryptMode (false)
{
}
@@ -62,7 +63,7 @@ namespace VeraCrypt
return EA->GetMode();
}
- void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
make_shared_auto (File, file);
@@ -93,14 +94,21 @@ namespace VeraCrypt
throw;
}
- return Open (file, password, kdf, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
+ return Open (file, password, kdf, truecryptMode, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
}
- void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
if (!volumeFile)
throw ParameterIncorrect (SRC_POS);
+ // TrueCrypt doesn't support SHA-256
+ if (kdf && truecryptMode && (kdf->GetName() == L"HMAC-SHA-256"))
+ throw UnsupportedAlgoInTrueCryptMode (SRC_POS);
+
+ if (truecryptMode && partitionInSystemEncryptionScope)
+ throw ParameterIncorrect (SRC_POS);
+
Protection = protection;
VolumeFile = volumeFile;
SystemEncryption = partitionInSystemEncryptionScope;
@@ -182,11 +190,11 @@ namespace VeraCrypt
shared_ptr <VolumeHeader> header = layout->GetHeader();
- if (header->Decrypt (headerBuffer, *passwordKey, kdf, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes))
+ if (header->Decrypt (headerBuffer, *passwordKey, kdf, truecryptMode, layout->GetSupportedKeyDerivationFunctions(truecryptMode), layoutEncryptionAlgorithms, layoutEncryptionModes))
{
// Header decrypted
- if (typeid (*layout) == typeid (VolumeLayoutV2Normal) && header->GetRequiredMinProgramVersion() < 0x10b)
+ if (!truecryptMode && typeid (*layout) == typeid (VolumeLayoutV2Normal) && header->GetRequiredMinProgramVersion() < 0x10b)
{
// VolumeLayoutV1Normal has been opened as VolumeLayoutV2Normal
layout.reset (new VolumeLayoutV1Normal);
@@ -194,6 +202,7 @@ namespace VeraCrypt
layout->SetHeader (header);
}
+ TrueCryptMode = truecryptMode;
Type = layout->GetType();
SectorSize = header->GetSectorSize();
@@ -231,7 +240,7 @@ namespace VeraCrypt
Volume protectedVolume;
protectedVolume.Open (VolumeFile,
- protectionPassword, protectionKdf, protectionKeyfiles,
+ protectionPassword, protectionKdf, truecryptMode, protectionKeyfiles,
VolumeProtection::ReadOnly,
shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (),
VolumeType::Hidden,
@@ -269,11 +278,12 @@ namespace VeraCrypt
Buffer mbr (VolumeFile->GetDeviceSectorSize());
driveDevice.ReadAt (mbr, 0);
- // Search for the string "VeraCrypt"
- size_t nameLen = strlen (TC_APP_NAME);
+ // Search for the string "VeraCrypt" or "TrueCrypt"
+ const char* bootSignature = truecryptMode? "TrueCrypt" : TC_APP_NAME;
+ size_t nameLen = strlen (bootSignature);
for (size_t i = 0; i < mbr.Size() - nameLen; ++i)
{
- if (memcmp (mbr.Ptr() + i, TC_APP_NAME, nameLen) == 0)
+ if (memcmp (mbr.Ptr() + i, bootSignature, nameLen) == 0)
throw PasswordOrMountOptionsIncorrect (SRC_POS);
}
}
diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h
index dcc6eb01..d4a2b5a5 100755
--- a/src/Volume/Volume.h
+++ b/src/Volume/Volume.h
@@ -86,11 +86,12 @@ namespace VeraCrypt
uint64 GetTotalDataRead () const { return TotalDataRead; }
uint64 GetTotalDataWritten () const { return TotalDataWritten; }
VolumeType::Enum GetType () const { return Type; }
+ bool GetTrueCryptMode() const { return TrueCryptMode; }
uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); }
bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; }
bool IsInSystemEncryptionScope () const { return SystemEncryption; }
- void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
- void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
void ReadSectors (const BufferPtr &buffer, uint64 byteOffset);
void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
@@ -116,6 +117,7 @@ namespace VeraCrypt
uint64 TopWriteOffset;
uint64 TotalDataRead;
uint64 TotalDataWritten;
+ bool TrueCryptMode;
private:
Volume (const Volume &);
diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp
index fbdece50..dea3b1ef 100755
--- a/src/Volume/VolumeHeader.cpp
+++ b/src/Volume/VolumeHeader.cpp
@@ -78,7 +78,7 @@ namespace VeraCrypt
EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf);
}
- bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
+ bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
{
if (password.Size() < 1)
throw PasswordEmpty (SRC_POS);
@@ -121,7 +121,7 @@ namespace VeraCrypt
header.CopyFrom (encryptedData.GetRange (EncryptedHeaderDataOffset, EncryptedHeaderDataSize));
ea->Decrypt (header);
- if (Deserialize (header, ea, mode))
+ if (Deserialize (header, ea, mode, truecryptMode))
{
EA = ea;
Pkcs5 = pkcs5;
@@ -134,15 +134,21 @@ namespace VeraCrypt
return false;
}
- bool VolumeHeader::Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode)
+ bool VolumeHeader::Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode, bool truecryptMode)
{
if (header.Size() != EncryptedHeaderDataSize)
throw ParameterIncorrect (SRC_POS);
- if (header[0] != 'V' ||
+ if (truecryptMode && (header[0] != 'T' ||
+ header[1] != 'R' ||
+ header[2] != 'U' ||
+ header[3] != 'E'))
+ return false;
+
+ if (!truecryptMode && (header[0] != 'V' ||
header[1] != 'E' ||
header[2] != 'R' ||
- header[3] != 'A')
+ header[3] != 'A'))
return false;
size_t offset = 4;
@@ -163,9 +169,16 @@ namespace VeraCrypt
RequiredMinProgramVersion = DeserializeEntry <uint16> (header, offset);
- if (RequiredMinProgramVersion > Version::Number())
+ if (!truecryptMode && (RequiredMinProgramVersion > Version::Number()))
throw HigherVersionRequired (SRC_POS);
+ if (truecryptMode)
+ {
+ if (RequiredMinProgramVersion < 0x700 || RequiredMinProgramVersion > 0x71a)
+ throw UnsupportedTrueCryptFormat (SRC_POS);
+ RequiredMinProgramVersion = CurrentRequiredMinProgramVersion;
+ }
+
VolumeKeyAreaCrc32 = DeserializeEntry <uint32> (header, offset);
VolumeCreationTime = DeserializeEntry <uint64> (header, offset);
HeaderCreationTime = DeserializeEntry <uint64> (header, offset);
diff --git a/src/Volume/VolumeHeader.h b/src/Volume/VolumeHeader.h
index cb567f22..40b45b3d 100755
--- a/src/Volume/VolumeHeader.h
+++ b/src/Volume/VolumeHeader.h
@@ -56,7 +56,7 @@ namespace VeraCrypt
virtual ~VolumeHeader ();
void Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options);
- bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
+ bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
void EncryptNew (const BufferPtr &newHeaderBuffer, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
uint64 GetEncryptedAreaStart () const { return EncryptedAreaStart; }
uint64 GetEncryptedAreaLength () const { return EncryptedAreaLength; }
@@ -74,7 +74,7 @@ namespace VeraCrypt
void SetSize (uint32 headerSize);
protected:
- bool Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode);
+ bool Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode, bool truecryptMode);
template <typename T> T DeserializeEntry (const ConstBufferPtr &header, size_t &offset) const;
template <typename T> T DeserializeEntryAt (const ConstBufferPtr &header, const size_t &offset) const;
void Init ();
diff --git a/src/Volume/VolumeInfo.cpp b/src/Volume/VolumeInfo.cpp
index 49a2b3e9..33e0fd6f 100644
--- a/src/Volume/VolumeInfo.cpp
+++ b/src/Volume/VolumeInfo.cpp
@@ -50,6 +50,7 @@ namespace VeraCrypt
Type = static_cast <VolumeType::Enum> (sr.DeserializeInt32 ("Type"));
VirtualDevice = sr.DeserializeWString ("VirtualDevice");
sr.Deserialize ("VolumeCreationTime", VolumeCreationTime);
+ sr.Deserialize ("TrueCryptMode", TrueCryptMode);
}
bool VolumeInfo::FirstVolumeMountedAfterSecond (shared_ptr <VolumeInfo> first, shared_ptr <VolumeInfo> second)
@@ -89,6 +90,7 @@ namespace VeraCrypt
sr.Serialize ("Type", static_cast <uint32> (Type));
sr.Serialize ("VirtualDevice", wstring (VirtualDevice));
sr.Serialize ("VolumeCreationTime", VolumeCreationTime);
+ sr.Serialize ("TrueCryptMode", TrueCryptMode);
}
void VolumeInfo::Set (const Volume &volume)
@@ -112,6 +114,7 @@ namespace VeraCrypt
TopWriteOffset = volume.GetTopWriteOffset();
TotalDataRead = volume.GetTotalDataRead();
TotalDataWritten = volume.GetTotalDataWritten();
+ TrueCryptMode = volume.GetTrueCryptMode();
}
TC_SERIALIZER_FACTORY_ADD_CLASS (VolumeInfo);
diff --git a/src/Volume/VolumeInfo.h b/src/Volume/VolumeInfo.h
index c58b13f5..96796b50 100644
--- a/src/Volume/VolumeInfo.h
+++ b/src/Volume/VolumeInfo.h
@@ -27,7 +27,7 @@ namespace VeraCrypt
TC_SERIALIZABLE (VolumeInfo);
static bool FirstVolumeMountedAfterSecond (shared_ptr <VolumeInfo> first, shared_ptr <VolumeInfo> second);
- void Set (const Volume &volume);
+ void Set (const Volume &volume);
// Modifying this structure can introduce incompatibility with previous versions
DirectoryPath AuxMountPoint;
@@ -56,6 +56,7 @@ namespace VeraCrypt
VolumeType::Enum Type;
DevicePath VirtualDevice;
VolumeTime VolumeCreationTime;
+ bool TrueCryptMode;
private:
VolumeInfo (const VolumeInfo &);
diff --git a/src/Volume/VolumeLayout.cpp b/src/Volume/VolumeLayout.cpp
index 21c00b54..d871baa8 100644
--- a/src/Volume/VolumeLayout.cpp
+++ b/src/Volume/VolumeLayout.cpp
@@ -196,12 +196,12 @@ namespace VeraCrypt
return volumeHostSize;
}
- Pkcs5KdfList VolumeLayoutSystemEncryption::GetSupportedKeyDerivationFunctions () const
+ Pkcs5KdfList VolumeLayoutSystemEncryption::GetSupportedKeyDerivationFunctions (bool truecryptMode) const
{
Pkcs5KdfList l;
-
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ()));
- l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160_1000 ()));
+ if (!truecryptMode)
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacSha256_Boot ()));
+ l.push_back (shared_ptr <Pkcs5Kdf> (new Pkcs5HmacRipemd160_1000 (truecryptMode)));
return l;
}
}
diff --git a/src/Volume/VolumeLayout.h b/src/Volume/VolumeLayout.h
index e49f74b6..3c908229 100644
--- a/src/Volume/VolumeLayout.h
+++ b/src/Volume/VolumeLayout.h
@@ -34,7 +34,7 @@ namespace VeraCrypt
virtual uint32 GetHeaderSize () const { return HeaderSize; }
virtual uint64 GetMaxDataSize (uint64 volumeSize) const = 0;
virtual EncryptionAlgorithmList GetSupportedEncryptionAlgorithms () const { return SupportedEncryptionAlgorithms; }
- virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions () const { return Pkcs5Kdf::GetAvailableAlgorithms(); }
+ virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions (bool truecryptMode) const { return Pkcs5Kdf::GetAvailableAlgorithms(truecryptMode); }
virtual EncryptionModeList GetSupportedEncryptionModes () const { return SupportedEncryptionModes; }
virtual VolumeType::Enum GetType () const { return Type; }
virtual bool HasBackupHeader () const = 0;
@@ -122,7 +122,7 @@ namespace VeraCrypt
virtual uint64 GetDataOffset (uint64 volumeHostSize) const;
virtual uint64 GetDataSize (uint64 volumeHostSize) const;
virtual uint64 GetMaxDataSize (uint64 volumeSize) const { throw NotApplicable (SRC_POS); }
- virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions () const;
+ virtual Pkcs5KdfList GetSupportedKeyDerivationFunctions (bool truecryptMode) const;
virtual bool HasBackupHeader () const { return false; }
virtual bool HasDriveHeader () const { return true; }