From 9247ce1bb90c44d19a0069fadb12c0c480ac9b4f Mon Sep 17 00:00:00 2001 From: lealem47 <60322859+lealem47@users.noreply.github.com> Date: Sun, 12 Nov 2023 16:51:31 -0700 Subject: wolfCrypt as crypto backend for VeraCrypt (#1227) * wolfCrypt as crypto backend for VeraCrypt * Refactor to use EncryptionModeWolfCryptXTS class --- src/Volume/Cipher.cpp | 58 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 56 insertions(+), 2 deletions(-) (limited to 'src/Volume/Cipher.cpp') diff --git a/src/Volume/Cipher.cpp b/src/Volume/Cipher.cpp index 8c6ce390..d0fb7bd5 100644 --- a/src/Volume/Cipher.cpp +++ b/src/Volume/Cipher.cpp @@ -94,11 +94,12 @@ namespace VeraCrypt CipherList l; l.push_back (shared_ptr (new CipherAES ())); + #ifndef WOLFCRYPT_BACKEND l.push_back (shared_ptr (new CipherSerpent ())); l.push_back (shared_ptr (new CipherTwofish ())); l.push_back (shared_ptr (new CipherCamellia ())); l.push_back (shared_ptr (new CipherKuznyechik ())); - + #endif return l; } @@ -115,6 +116,37 @@ namespace VeraCrypt Initialized = true; } + #ifdef WOLFCRYPT_BACKEND + void Cipher::SetKeyXTS (const ConstBufferPtr &key) + { + if (key.Size() != GetKeySize ()) + throw ParameterIncorrect (SRC_POS); + + if (!Initialized) + ScheduledKey.Allocate (GetScheduledKeySize ()); + + SetCipherKeyXTS (key); + Key.CopyFrom (key); + Initialized = true; + } + + void Cipher::EncryptBlockXTS (byte *data, uint64 length, uint64 startDataUnitNo) const + { + if (!Initialized) + throw NotInitialized (SRC_POS); + + EncryptXTS (data, length, startDataUnitNo); + } + + void Cipher::DecryptBlockXTS (byte *data, uint64 length, uint64 startDataUnitNo) const + { + if (!Initialized) + throw NotInitialized (SRC_POS); + + DecryptXTS (data, length, startDataUnitNo); + } + #endif + #define TC_EXCEPTION(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) #undef TC_EXCEPTION_NODECL #define TC_EXCEPTION_NODECL(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) @@ -186,6 +218,26 @@ namespace VeraCrypt #endif Cipher::EncryptBlocks (data, blockCount); } + #ifdef WOLFCRYPT_BACKEND + void CipherAES::EncryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const + { + xts_encrypt (data, data, length, startDataUnitNo, (aes_encrypt_ctx *) ScheduledKey.Ptr()); + } + + void CipherAES::DecryptXTS (byte *data, uint64 length, uint64 startDataUnitNo) const + { + xts_decrypt (data, data, length, startDataUnitNo, (aes_decrypt_ctx *) (ScheduledKey.Ptr() + sizeof (aes_encrypt_ctx))); + } + + void CipherAES::SetCipherKeyXTS (const byte *key) + { + if (xts_encrypt_key256 (key, (aes_encrypt_ctx *) ScheduledKey.Ptr()) != EXIT_SUCCESS) + throw CipherInitError (SRC_POS); + + if (xts_decrypt_key256 (key, (aes_decrypt_ctx *) (ScheduledKey.Ptr() + sizeof (aes_encrypt_ctx))) != EXIT_SUCCESS) + throw CipherInitError (SRC_POS); + } + #endif size_t CipherAES::GetScheduledKeySize () const { @@ -218,6 +270,7 @@ namespace VeraCrypt throw CipherInitError (SRC_POS); } + #ifndef WOLFCRYPT_BACKEND // Serpent void CipherSerpent::Decrypt (byte *data) const { @@ -465,5 +518,6 @@ namespace VeraCrypt return false; #endif } - bool Cipher::HwSupportEnabled = true; + #endif + bool Cipher::HwSupportEnabled = true; } -- cgit v1.2.3