From ee0a2659da24b4b7543f52647fb2d8cbbd12408c Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Mon, 21 Jan 2019 00:42:53 +0100
Subject: Windows driver: remove volumes master keys from CRYPTO_INFO since
 they are not needed after their key schedule is created

---
 src/Common/Volumes.c | 64 +++++++++++++++++++++++++---------------------------
 1 file changed, 31 insertions(+), 33 deletions(-)

(limited to 'src/Common/Volumes.c')

diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index bcd5c40c..111a2287 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -392,11 +392,12 @@ KeyReady:	;
 
 				if (cryptoInfo->mode == XTS)
 				{
+#ifndef TC_WINDOWS_DRIVER
 					// Copy the secondary key (if cascade, multiple concatenated)
 					memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
-
+#endif
 					// Secondary key schedule
-					if (!EAInitMode (cryptoInfo))
+					if (!EAInitMode (cryptoInfo, dk + EAGetKeySize (cryptoInfo->ea)))
 					{
 						status = ERR_MODE_INIT_FAILED;
 						goto err;
@@ -526,8 +527,17 @@ KeyReady:	;
 
 				// Master key data
 				memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE);
+#ifdef TC_WINDOWS_DRIVER
+				{
+					sha512_ctx sha2;
+					sha512_begin (&sha2);
+					sha512_hash (keyInfo.master_keydata, MASTER_KEYDATA_SIZE, &sha2);
+					sha512_hash (header, sizeof(header), &sha2);
+					sha512_end (cryptoInfo->master_keydata_hash, &sha2);
+				}
+#else
 				memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
-
+#endif
 				// PKCS #5
 				cryptoInfo->pkcs5 = pkcs5_prf;
 				cryptoInfo->noIterations = keyInfo.noIterations;
@@ -538,17 +548,11 @@ KeyReady:	;
 				status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks);
 				if (status == ERR_CIPHER_INIT_FAILURE)
 					goto err;
-
-				switch (cryptoInfo->mode)
-				{
-
-				default:
-					// The secondary master key (if cascade, multiple concatenated)
-					memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
-
-				}
-
-				if (!EAInitMode (cryptoInfo))
+#ifndef TC_WINDOWS_DRIVER
+				// The secondary master key (if cascade, multiple concatenated)
+				memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
+#endif
+				if (!EAInitMode (cryptoInfo, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea)))
 				{
 					status = ERR_MODE_INIT_FAILED;
 					goto err;
@@ -1031,14 +1035,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
 
 	/* Header encryption */
 
-	switch (mode)
-	{
-
-	default:
-		// The secondary key (if cascade, multiple concatenated)
-		memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
-		primaryKeyOffset = 0;
-	}
+#ifndef TC_WINDOWS_DRIVER
+	// The secondary key (if cascade, multiple concatenated)
+	memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
+	primaryKeyOffset = 0;
+#endif
 
 	retVal = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks);
 	if (retVal != ERR_SUCCESS)
@@ -1048,7 +1049,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
 	}
 
 	// Mode of operation
-	if (!EAInitMode (cryptoInfo))
+	if (!EAInitMode (cryptoInfo, dk + EAGetKeySize (cryptoInfo->ea)))
 	{
 		crypto_close (cryptoInfo);
 		retVal = ERR_OUTOFMEMORY;
@@ -1074,16 +1075,13 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
 
 	memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
 
-	switch (cryptoInfo->mode)
-	{
-
-	default:
-		// The secondary master key (if cascade, multiple concatenated)
-		memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
-	}
+#ifndef TC_WINDOWS_DRIVER
+	// The secondary master key (if cascade, multiple concatenated)
+	memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
+#endif
 
 	// Mode of operation
-	if (!EAInitMode (cryptoInfo))
+	if (!EAInitMode (cryptoInfo, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea)))
 	{
 		crypto_close (cryptoInfo);
 		retVal = ERR_OUTOFMEMORY;
@@ -1282,7 +1280,7 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO
 		if (nStatus != ERR_SUCCESS)
 			goto final_seq;
 
-		if (!EAInitMode (cryptoInfo))
+		if (!EAInitMode (cryptoInfo, cryptoInfo->k2))
 		{
 			nStatus = ERR_MODE_INIT_FAILED;
 			goto final_seq;
@@ -1344,7 +1342,7 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO
 	if (nStatus != ERR_SUCCESS)
 		goto final_seq;
 
-	if (!EAInitMode (cryptoInfo))
+	if (!EAInitMode (cryptoInfo, cryptoInfo->k2))
 	{
 		nStatus = ERR_MODE_INIT_FAILED;
 		goto final_seq;
-- 
cgit v1.2.3