From 3c18d54d1e3f10462ccdb2d44f220db1ee021477 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Wed, 30 Jan 2019 11:48:07 +0100
Subject: Windows driver: replace SHA512 by RIPEMD160 when calculating internal
 hash of master key to avoid calling
 KeSaveFloatingPointState/KeSaveExtendedProcessorState since SHA512
 implementation uses SSE2/AVX and RIPEMD160 is pure C

---
 src/Common/Crypto.h  |  2 +-
 src/Common/Volumes.c | 11 ++++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

(limited to 'src/Common')

diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h
index 27bc723f..a362f5d1 100644
--- a/src/Common/Crypto.h
+++ b/src/Common/Crypto.h
@@ -246,7 +246,7 @@ typedef struct CRYPTO_INFO_t
 	uint16 HeaderVersion;
 
 #ifdef TC_WINDOWS_DRIVER
-	unsigned __int8 master_keydata_hash[SHA512_DIGESTSIZE];
+	unsigned __int8 master_keydata_hash[RIPEMD160_DIGESTSIZE];
 #else
 	CRYPTOPP_ALIGN_DATA(16) unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE];	/* This holds the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */
 	CRYPTOPP_ALIGN_DATA(16) unsigned __int8 k2[MASTER_KEYDATA_SIZE];				/* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 111a2287..53734abb 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -529,11 +529,12 @@ KeyReady:	;
 				memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE);
 #ifdef TC_WINDOWS_DRIVER
 				{
-					sha512_ctx sha2;
-					sha512_begin (&sha2);
-					sha512_hash (keyInfo.master_keydata, MASTER_KEYDATA_SIZE, &sha2);
-					sha512_hash (header, sizeof(header), &sha2);
-					sha512_end (cryptoInfo->master_keydata_hash, &sha2);
+					RMD160_CTX ctx;
+					RMD160Init (&ctx);
+					RMD160Update (&ctx, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
+					RMD160Update (&ctx, header, sizeof(header));
+					RMD160Final (cryptoInfo->master_keydata_hash, &ctx);
+					burn(&ctx, sizeof (ctx));
 				}
 #else
 				memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
-- 
cgit v1.2.3