From fc37cc4a02ed13d1a73b941a9f80975600fd1b99 Mon Sep 17 00:00:00 2001 From: David Foerster Date: Tue, 10 May 2016 20:20:14 +0200 Subject: Normalize all line terminators --- src/Common/Crypto.h | 726 ++++++++++++++++++++++++++-------------------------- 1 file changed, 363 insertions(+), 363 deletions(-) (limited to 'src/Common/Crypto.h') diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index e081dc60..96f0a9a6 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -1,363 +1,363 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -/* Update the following when adding a new cipher or EA: - - Crypto.h: - ID #define - MAX_EXPANDED_KEY #define - - Crypto.c: - Ciphers[] - EncryptionAlgorithms[] - CipherInit() - EncipherBlock() - DecipherBlock() - -*/ - -#ifndef CRYPTO_H -#define CRYPTO_H - -#include "Tcdefs.h" - -#ifdef __cplusplus -extern "C" { -#endif - -// Encryption data unit size, which may differ from the sector size and must always be 512 -#define ENCRYPTION_DATA_UNIT_SIZE 512 - -// Size of the salt (in bytes) -#define PKCS5_SALT_SIZE 64 - -// Size of the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode) -#define MASTER_KEYDATA_SIZE 256 - -// The first PRF to try when mounting -#define FIRST_PRF_ID 1 - -// Hash algorithms (pseudorandom functions). -enum -{ - SHA512 = FIRST_PRF_ID, - WHIRLPOOL, - SHA256, - RIPEMD160, - HASH_ENUM_END_ID -}; - -// The last PRF to try when mounting and also the number of implemented PRFs -#define LAST_PRF_ID (HASH_ENUM_END_ID - 1) - -#define RIPEMD160_BLOCKSIZE 64 -#define RIPEMD160_DIGESTSIZE 20 - -#define SHA256_BLOCKSIZE 64 -#define SHA256_DIGESTSIZE 32 - -#define SHA512_BLOCKSIZE 128 -#define SHA512_DIGESTSIZE 64 - -#define WHIRLPOOL_BLOCKSIZE 64 -#define WHIRLPOOL_DIGESTSIZE 64 - -#define MAX_DIGESTSIZE WHIRLPOOL_DIGESTSIZE - -#define DEFAULT_HASH_ALGORITHM FIRST_PRF_ID -#define DEFAULT_HASH_ALGORITHM_BOOT SHA256 - -// The mode of operation used for newly created volumes and first to try when mounting -#define FIRST_MODE_OF_OPERATION_ID 1 - -// Modes of operation -enum -{ - /* If you add/remove a mode, update the following: GetMaxPkcs5OutSize(), EAInitMode() */ - - XTS = FIRST_MODE_OF_OPERATION_ID, - MODE_ENUM_END_ID -}; - - -// The last mode of operation to try when mounting and also the number of implemented modes -#define LAST_MODE_OF_OPERATION (MODE_ENUM_END_ID - 1) - -// Ciphertext/plaintext block size for XTS mode (in bytes) -#define BYTES_PER_XTS_BLOCK 16 - -// Number of ciphertext/plaintext blocks per XTS data unit -#define BLOCKS_PER_XTS_DATA_UNIT (ENCRYPTION_DATA_UNIT_SIZE / BYTES_PER_XTS_BLOCK) - - -// Cipher IDs -enum -{ - NONE = 0, - AES, - SERPENT, - TWOFISH -}; - -typedef struct -{ - int Id; // Cipher ID -#ifdef TC_WINDOWS_BOOT - char *Name; // Name -#else - wchar_t *Name; // Name -#endif - int BlockSize; // Block size (bytes) - int KeySize; // Key size (bytes) - int KeyScheduleSize; // Scheduled key size (bytes) -} Cipher; - -typedef struct -{ - int Ciphers[4]; // Null terminated array of ciphers used by encryption algorithm - int Modes[LAST_MODE_OF_OPERATION + 1]; // Null terminated array of modes of operation - int FormatEnabled; -} EncryptionAlgorithm; - -#ifndef TC_WINDOWS_BOOT -typedef struct -{ - int Id; // Hash ID - wchar_t *Name; // Name - BOOL Deprecated; - BOOL SystemEncryption; // Available for system encryption -} Hash; -#endif - -// Maxium length of scheduled key -#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) -# define AES_KS (sizeof(aes_encrypt_ctx) + sizeof(aes_decrypt_ctx)) -#else -# define AES_KS (sizeof(aes_context)) -#endif -#define SERPENT_KS (140 * 4) - -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - -# ifdef TC_WINDOWS_BOOT_AES -# define MAX_EXPANDED_KEY AES_KS -# elif defined (TC_WINDOWS_BOOT_SERPENT) -# define MAX_EXPANDED_KEY SERPENT_KS -# elif defined (TC_WINDOWS_BOOT_TWOFISH) -# define MAX_EXPANDED_KEY TWOFISH_KS -# endif - -#else - -#define MAX_EXPANDED_KEY (AES_KS + SERPENT_KS + TWOFISH_KS) - -#endif - -#ifdef DEBUG -# define PRAND_DISK_WIPE_PASSES 3 -#else -# define PRAND_DISK_WIPE_PASSES 256 -#endif - -/* specific value for volume header wipe used only when drive is fully wiped. */ -#define PRAND_HEADER_WIPE_PASSES 3 - -#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) -# include "Aes.h" -#else -# include "AesSmall.h" -#endif - -#include "Aes_hw_cpu.h" -#include "Serpent.h" -#include "Twofish.h" - -#include "Rmd160.h" -#ifndef TC_WINDOWS_BOOT -# include "Sha2.h" -# include "Whirlpool.h" -#endif - -#include "GfMul.h" -#include "Password.h" - -#ifndef TC_WINDOWS_BOOT - -#include "config.h" - -typedef struct keyInfo_t -{ - int noIterations; /* Number of times to iterate (PKCS-5) */ - int keyLength; /* Length of the key */ - uint64 dummy; /* Dummy field to ensure 16-byte alignment of this structure */ - __int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */ - __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ - CRYPTOPP_ALIGN_DATA(16) __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */ -} KEY_INFO, *PKEY_INFO; - -#endif - -typedef struct CRYPTO_INFO_t -{ - int ea; /* Encryption algorithm ID */ - int mode; /* Mode of operation (e.g., XTS) */ - int pkcs5; /* PRF algorithm */ - - unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */ - unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */ - - BOOL hiddenVolume; // Indicates whether the volume is mounted/mountable as hidden volume - -#ifndef TC_WINDOWS_BOOT - uint16 HeaderVersion; - - GfCtx gf_ctx; - - unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* This holds the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ - unsigned __int8 k2[MASTER_KEYDATA_SIZE]; /* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */ - unsigned __int8 salt[PKCS5_SALT_SIZE]; - int noIterations; - BOOL bTrueCryptMode; - int volumePim; - - uint64 volume_creation_time; // Legacy - uint64 header_creation_time; // Legacy - - BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting - BOOL bHiddenVolProtectionAction; // TRUE if a write operation has been denied by the driver in order to prevent the hidden volume from being overwritten (set to FALSE upon volume mount). - - uint64 volDataAreaOffset; // Absolute position, in bytes, of the first data sector of the volume. - - uint64 hiddenVolumeSize; // Size of the hidden volume excluding the header (in bytes). Set to 0 for standard volumes. - uint64 hiddenVolumeOffset; // Absolute position, in bytes, of the first hidden volume data sector within the host volume (provided that there is a hidden volume within). This must be set for all hidden volumes; in case of a normal volume, this variable is only used when protecting a hidden volume within it. - uint64 hiddenVolumeProtectedSize; - - BOOL bPartitionInInactiveSysEncScope; // If TRUE, the volume is a partition located on an encrypted system drive and mounted without pre-boot authentication. - - UINT64_STRUCT FirstDataUnitNo; // First data unit number of the volume. This is 0 for file-hosted and non-system partition-hosted volumes. For partitions within key scope of system encryption this reflects real physical offset within the device (this is used e.g. when such a partition is mounted as a regular volume without pre-boot authentication). - - uint16 RequiredProgramVersion; - BOOL LegacyVolume; - - uint32 SectorSize; - -#endif // !TC_WINDOWS_BOOT - - UINT64_STRUCT VolumeSize; - - UINT64_STRUCT EncryptedAreaStart; - UINT64_STRUCT EncryptedAreaLength; - - uint32 HeaderFlags; - -} CRYPTO_INFO, *PCRYPTO_INFO; - -#ifdef _WIN32 - -#pragma pack (push) -#pragma pack(1) - -typedef struct BOOT_CRYPTO_HEADER_t -{ - __int16 ea; /* Encryption algorithm ID */ - __int16 mode; /* Mode of operation (e.g., XTS) */ - __int16 pkcs5; /* PRF algorithm */ - -} BOOT_CRYPTO_HEADER, *PBOOT_CRYPTO_HEADER; - -#pragma pack (pop) - -#endif - -PCRYPTO_INFO crypto_open (void); -#ifndef TC_WINDOWS_BOOT -void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen); -#endif -void crypto_close (PCRYPTO_INFO cryptoInfo); - -int CipherGetBlockSize (int cipher); -int CipherGetKeySize (int cipher); -int CipherGetKeyScheduleSize (int cipher); -BOOL CipherSupportsIntraDataUnitParallelization (int cipher); - -#ifndef TC_WINDOWS_BOOT -const wchar_t * CipherGetName (int cipher); -#endif - -int CipherInit (int cipher, unsigned char *key, unsigned char *ks); -#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE -int EAInit (int ea, unsigned char *key, unsigned char *ks); -#else -int EAInit (unsigned char *key, unsigned char *ks); -#endif -BOOL EAInitMode (PCRYPTO_INFO ci); -void EncipherBlock(int cipher, void *data, void *ks); -void DecipherBlock(int cipher, void *data, void *ks); -#ifndef TC_WINDOWS_BOOT -void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); -void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); -#endif - -int EAGetFirst (); -int EAGetCount (void); -int EAGetNext (int previousEA); -#ifndef TC_WINDOWS_BOOT -wchar_t * EAGetName (wchar_t *buf, int ea, int guiDisplay); -int EAGetByName (wchar_t *name); -#endif -int EAGetKeySize (int ea); -int EAGetFirstMode (int ea); -int EAGetNextMode (int ea, int previousModeId); -#ifndef TC_WINDOWS_BOOT -wchar_t * EAGetModeName (int ea, int mode, BOOL capitalLetters); -#endif -int EAGetKeyScheduleSize (int ea); -int EAGetLargestKey (); -int EAGetLargestKeyForMode (int mode); - -int EAGetCipherCount (int ea); -int EAGetFirstCipher (int ea); -int EAGetLastCipher (int ea); -int EAGetNextCipher (int ea, int previousCipherId); -int EAGetPreviousCipher (int ea, int previousCipherId); -int EAIsFormatEnabled (int ea); -BOOL EAIsModeSupported (int ea, int testedMode); - - -#ifndef TC_WINDOWS_BOOT -const wchar_t *HashGetName (int hash_algo_id); - -Hash *HashGet (int id); -void HashGetName2 (wchar_t *buf, int hashId); -BOOL HashIsDeprecated (int hashId); -BOOL HashForSystemEncryption (int hashId); -int GetMaxPkcs5OutSize (void); -#endif - - -void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); -void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); -void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); -void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); -void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); -void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); - -BOOL IsAesHwCpuSupported (); -void EnableHwEncryption (BOOL enable); -BOOL IsHwEncryptionEnabled (); - -#ifdef __cplusplus -} -#endif - -#endif /* CRYPTO_H */ +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +/* Update the following when adding a new cipher or EA: + + Crypto.h: + ID #define + MAX_EXPANDED_KEY #define + + Crypto.c: + Ciphers[] + EncryptionAlgorithms[] + CipherInit() + EncipherBlock() + DecipherBlock() + +*/ + +#ifndef CRYPTO_H +#define CRYPTO_H + +#include "Tcdefs.h" + +#ifdef __cplusplus +extern "C" { +#endif + +// Encryption data unit size, which may differ from the sector size and must always be 512 +#define ENCRYPTION_DATA_UNIT_SIZE 512 + +// Size of the salt (in bytes) +#define PKCS5_SALT_SIZE 64 + +// Size of the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode) +#define MASTER_KEYDATA_SIZE 256 + +// The first PRF to try when mounting +#define FIRST_PRF_ID 1 + +// Hash algorithms (pseudorandom functions). +enum +{ + SHA512 = FIRST_PRF_ID, + WHIRLPOOL, + SHA256, + RIPEMD160, + HASH_ENUM_END_ID +}; + +// The last PRF to try when mounting and also the number of implemented PRFs +#define LAST_PRF_ID (HASH_ENUM_END_ID - 1) + +#define RIPEMD160_BLOCKSIZE 64 +#define RIPEMD160_DIGESTSIZE 20 + +#define SHA256_BLOCKSIZE 64 +#define SHA256_DIGESTSIZE 32 + +#define SHA512_BLOCKSIZE 128 +#define SHA512_DIGESTSIZE 64 + +#define WHIRLPOOL_BLOCKSIZE 64 +#define WHIRLPOOL_DIGESTSIZE 64 + +#define MAX_DIGESTSIZE WHIRLPOOL_DIGESTSIZE + +#define DEFAULT_HASH_ALGORITHM FIRST_PRF_ID +#define DEFAULT_HASH_ALGORITHM_BOOT SHA256 + +// The mode of operation used for newly created volumes and first to try when mounting +#define FIRST_MODE_OF_OPERATION_ID 1 + +// Modes of operation +enum +{ + /* If you add/remove a mode, update the following: GetMaxPkcs5OutSize(), EAInitMode() */ + + XTS = FIRST_MODE_OF_OPERATION_ID, + MODE_ENUM_END_ID +}; + + +// The last mode of operation to try when mounting and also the number of implemented modes +#define LAST_MODE_OF_OPERATION (MODE_ENUM_END_ID - 1) + +// Ciphertext/plaintext block size for XTS mode (in bytes) +#define BYTES_PER_XTS_BLOCK 16 + +// Number of ciphertext/plaintext blocks per XTS data unit +#define BLOCKS_PER_XTS_DATA_UNIT (ENCRYPTION_DATA_UNIT_SIZE / BYTES_PER_XTS_BLOCK) + + +// Cipher IDs +enum +{ + NONE = 0, + AES, + SERPENT, + TWOFISH +}; + +typedef struct +{ + int Id; // Cipher ID +#ifdef TC_WINDOWS_BOOT + char *Name; // Name +#else + wchar_t *Name; // Name +#endif + int BlockSize; // Block size (bytes) + int KeySize; // Key size (bytes) + int KeyScheduleSize; // Scheduled key size (bytes) +} Cipher; + +typedef struct +{ + int Ciphers[4]; // Null terminated array of ciphers used by encryption algorithm + int Modes[LAST_MODE_OF_OPERATION + 1]; // Null terminated array of modes of operation + int FormatEnabled; +} EncryptionAlgorithm; + +#ifndef TC_WINDOWS_BOOT +typedef struct +{ + int Id; // Hash ID + wchar_t *Name; // Name + BOOL Deprecated; + BOOL SystemEncryption; // Available for system encryption +} Hash; +#endif + +// Maxium length of scheduled key +#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) +# define AES_KS (sizeof(aes_encrypt_ctx) + sizeof(aes_decrypt_ctx)) +#else +# define AES_KS (sizeof(aes_context)) +#endif +#define SERPENT_KS (140 * 4) + +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + +# ifdef TC_WINDOWS_BOOT_AES +# define MAX_EXPANDED_KEY AES_KS +# elif defined (TC_WINDOWS_BOOT_SERPENT) +# define MAX_EXPANDED_KEY SERPENT_KS +# elif defined (TC_WINDOWS_BOOT_TWOFISH) +# define MAX_EXPANDED_KEY TWOFISH_KS +# endif + +#else + +#define MAX_EXPANDED_KEY (AES_KS + SERPENT_KS + TWOFISH_KS) + +#endif + +#ifdef DEBUG +# define PRAND_DISK_WIPE_PASSES 3 +#else +# define PRAND_DISK_WIPE_PASSES 256 +#endif + +/* specific value for volume header wipe used only when drive is fully wiped. */ +#define PRAND_HEADER_WIPE_PASSES 3 + +#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) +# include "Aes.h" +#else +# include "AesSmall.h" +#endif + +#include "Aes_hw_cpu.h" +#include "Serpent.h" +#include "Twofish.h" + +#include "Rmd160.h" +#ifndef TC_WINDOWS_BOOT +# include "Sha2.h" +# include "Whirlpool.h" +#endif + +#include "GfMul.h" +#include "Password.h" + +#ifndef TC_WINDOWS_BOOT + +#include "config.h" + +typedef struct keyInfo_t +{ + int noIterations; /* Number of times to iterate (PKCS-5) */ + int keyLength; /* Length of the key */ + uint64 dummy; /* Dummy field to ensure 16-byte alignment of this structure */ + __int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */ + __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ + CRYPTOPP_ALIGN_DATA(16) __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */ +} KEY_INFO, *PKEY_INFO; + +#endif + +typedef struct CRYPTO_INFO_t +{ + int ea; /* Encryption algorithm ID */ + int mode; /* Mode of operation (e.g., XTS) */ + int pkcs5; /* PRF algorithm */ + + unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */ + unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */ + + BOOL hiddenVolume; // Indicates whether the volume is mounted/mountable as hidden volume + +#ifndef TC_WINDOWS_BOOT + uint16 HeaderVersion; + + GfCtx gf_ctx; + + unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* This holds the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ + unsigned __int8 k2[MASTER_KEYDATA_SIZE]; /* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */ + unsigned __int8 salt[PKCS5_SALT_SIZE]; + int noIterations; + BOOL bTrueCryptMode; + int volumePim; + + uint64 volume_creation_time; // Legacy + uint64 header_creation_time; // Legacy + + BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting + BOOL bHiddenVolProtectionAction; // TRUE if a write operation has been denied by the driver in order to prevent the hidden volume from being overwritten (set to FALSE upon volume mount). + + uint64 volDataAreaOffset; // Absolute position, in bytes, of the first data sector of the volume. + + uint64 hiddenVolumeSize; // Size of the hidden volume excluding the header (in bytes). Set to 0 for standard volumes. + uint64 hiddenVolumeOffset; // Absolute position, in bytes, of the first hidden volume data sector within the host volume (provided that there is a hidden volume within). This must be set for all hidden volumes; in case of a normal volume, this variable is only used when protecting a hidden volume within it. + uint64 hiddenVolumeProtectedSize; + + BOOL bPartitionInInactiveSysEncScope; // If TRUE, the volume is a partition located on an encrypted system drive and mounted without pre-boot authentication. + + UINT64_STRUCT FirstDataUnitNo; // First data unit number of the volume. This is 0 for file-hosted and non-system partition-hosted volumes. For partitions within key scope of system encryption this reflects real physical offset within the device (this is used e.g. when such a partition is mounted as a regular volume without pre-boot authentication). + + uint16 RequiredProgramVersion; + BOOL LegacyVolume; + + uint32 SectorSize; + +#endif // !TC_WINDOWS_BOOT + + UINT64_STRUCT VolumeSize; + + UINT64_STRUCT EncryptedAreaStart; + UINT64_STRUCT EncryptedAreaLength; + + uint32 HeaderFlags; + +} CRYPTO_INFO, *PCRYPTO_INFO; + +#ifdef _WIN32 + +#pragma pack (push) +#pragma pack(1) + +typedef struct BOOT_CRYPTO_HEADER_t +{ + __int16 ea; /* Encryption algorithm ID */ + __int16 mode; /* Mode of operation (e.g., XTS) */ + __int16 pkcs5; /* PRF algorithm */ + +} BOOT_CRYPTO_HEADER, *PBOOT_CRYPTO_HEADER; + +#pragma pack (pop) + +#endif + +PCRYPTO_INFO crypto_open (void); +#ifndef TC_WINDOWS_BOOT +void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen); +#endif +void crypto_close (PCRYPTO_INFO cryptoInfo); + +int CipherGetBlockSize (int cipher); +int CipherGetKeySize (int cipher); +int CipherGetKeyScheduleSize (int cipher); +BOOL CipherSupportsIntraDataUnitParallelization (int cipher); + +#ifndef TC_WINDOWS_BOOT +const wchar_t * CipherGetName (int cipher); +#endif + +int CipherInit (int cipher, unsigned char *key, unsigned char *ks); +#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE +int EAInit (int ea, unsigned char *key, unsigned char *ks); +#else +int EAInit (unsigned char *key, unsigned char *ks); +#endif +BOOL EAInitMode (PCRYPTO_INFO ci); +void EncipherBlock(int cipher, void *data, void *ks); +void DecipherBlock(int cipher, void *data, void *ks); +#ifndef TC_WINDOWS_BOOT +void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); +void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); +#endif + +int EAGetFirst (); +int EAGetCount (void); +int EAGetNext (int previousEA); +#ifndef TC_WINDOWS_BOOT +wchar_t * EAGetName (wchar_t *buf, int ea, int guiDisplay); +int EAGetByName (wchar_t *name); +#endif +int EAGetKeySize (int ea); +int EAGetFirstMode (int ea); +int EAGetNextMode (int ea, int previousModeId); +#ifndef TC_WINDOWS_BOOT +wchar_t * EAGetModeName (int ea, int mode, BOOL capitalLetters); +#endif +int EAGetKeyScheduleSize (int ea); +int EAGetLargestKey (); +int EAGetLargestKeyForMode (int mode); + +int EAGetCipherCount (int ea); +int EAGetFirstCipher (int ea); +int EAGetLastCipher (int ea); +int EAGetNextCipher (int ea, int previousCipherId); +int EAGetPreviousCipher (int ea, int previousCipherId); +int EAIsFormatEnabled (int ea); +BOOL EAIsModeSupported (int ea, int testedMode); + + +#ifndef TC_WINDOWS_BOOT +const wchar_t *HashGetName (int hash_algo_id); + +Hash *HashGet (int id); +void HashGetName2 (wchar_t *buf, int hashId); +BOOL HashIsDeprecated (int hashId); +BOOL HashForSystemEncryption (int hashId); +int GetMaxPkcs5OutSize (void); +#endif + + +void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); +void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); +void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); +void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); +void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); +void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); + +BOOL IsAesHwCpuSupported (); +void EnableHwEncryption (BOOL enable); +BOOL IsHwEncryptionEnabled (); + +#ifdef __cplusplus +} +#endif + +#endif /* CRYPTO_H */ -- cgit v1.2.3