From 07156b6c09165cf61a6bd499d26151d1f32bf3a9 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Fri, 19 Dec 2014 18:18:23 +0100
Subject: Linux/MacOSX: Enhance performance by implementing the possibility to
 choose the correct hash algorithm of volumes during various operations
 (mount, change password...), both using the GUI and the command line.

---
 src/Volume/Pkcs5Kdf.h       |  7 +++++++
 src/Volume/Volume.cpp       | 12 ++++++------
 src/Volume/Volume.h         |  4 ++--
 src/Volume/VolumeHeader.cpp |  5 ++++-
 src/Volume/VolumeHeader.h   |  2 +-
 5 files changed, 20 insertions(+), 10 deletions(-)
 mode change 100644 => 100755 src/Volume/Volume.cpp
 mode change 100644 => 100755 src/Volume/Volume.h
 mode change 100644 => 100755 src/Volume/VolumeHeader.cpp
 mode change 100644 => 100755 src/Volume/VolumeHeader.h

(limited to 'src/Volume')

diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h
index 8618bb97..19267b0f 100644
--- a/src/Volume/Pkcs5Kdf.h
+++ b/src/Volume/Pkcs5Kdf.h
@@ -31,6 +31,7 @@ namespace VeraCrypt
 		virtual shared_ptr <Hash> GetHash () const = 0;
 		virtual int GetIterationCount () const = 0;
 		virtual wstring GetName () const = 0;
+		virtual Pkcs5Kdf* Clone () const = 0;
 		virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); }
 
 	protected:
@@ -53,6 +54,7 @@ namespace VeraCrypt
 		virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
 		virtual int GetIterationCount () const { return 655331; }
 		virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
+		virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(); }
 
 	private:
 		Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &);
@@ -69,6 +71,7 @@ namespace VeraCrypt
 		virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
 		virtual int GetIterationCount () const { return 327661; }
 		virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
+		virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(); }
 
 	private:
 		Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &);
@@ -85,6 +88,7 @@ namespace VeraCrypt
 		virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
 		virtual int GetIterationCount () const { return 200000; }
 		virtual wstring GetName () const { return L"HMAC-SHA-256"; }
+		virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256_Boot(); }
 
 	private:
 		Pkcs5HmacSha256_Boot (const Pkcs5HmacSha256_Boot &);
@@ -101,6 +105,7 @@ namespace VeraCrypt
 		virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
 		virtual int GetIterationCount () const { return 500000; }
 		virtual wstring GetName () const { return L"HMAC-SHA-256"; }
+		virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256(); }
 
 	private:
 		Pkcs5HmacSha256 (const Pkcs5HmacSha256 &);
@@ -117,6 +122,7 @@ namespace VeraCrypt
 		virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); }
 		virtual int GetIterationCount () const { return 500000; }
 		virtual wstring GetName () const { return L"HMAC-SHA-512"; }
+		virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(); }
 
 	private:
 		Pkcs5HmacSha512 (const Pkcs5HmacSha512 &);
@@ -133,6 +139,7 @@ namespace VeraCrypt
 		virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); }
 		virtual int GetIterationCount () const { return 500000; }
 		virtual wstring GetName () const { return L"HMAC-Whirlpool"; }
+		virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool; }
 
 	private:
 		Pkcs5HmacWhirlpool (const Pkcs5HmacWhirlpool &);
diff --git a/src/Volume/Volume.cpp b/src/Volume/Volume.cpp
old mode 100644
new mode 100755
index 2c319ad9..12bc9a14
--- a/src/Volume/Volume.cpp
+++ b/src/Volume/Volume.cpp
@@ -62,7 +62,7 @@ namespace VeraCrypt
 		return EA->GetMode();
 	}
 
-	void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+	void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
 	{
 		make_shared_auto (File, file);
 
@@ -93,10 +93,10 @@ namespace VeraCrypt
 				throw;
 		}
 
-		return Open (file, password, keyfiles, protection, protectionPassword, protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
+		return Open (file, password, kdf, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
 	}
 
-	void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+	void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
 	{
 		if (!volumeFile)
 			throw ParameterIncorrect (SRC_POS);
@@ -189,7 +189,7 @@ namespace VeraCrypt
 
 				shared_ptr <VolumeHeader> header = layout->GetHeader();
 
-				if (header->Decrypt (headerBuffer, *passwordKey, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes))
+				if (header->Decrypt (headerBuffer, *passwordKey, kdf, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes))
 				{
 					// Header decrypted
 
@@ -238,9 +238,9 @@ namespace VeraCrypt
 								Volume protectedVolume;
 
 								protectedVolume.Open (VolumeFile,
-									protectionPassword, protectionKeyfiles,
+									protectionPassword, protectionKdf, protectionKeyfiles,
 									VolumeProtection::ReadOnly,
-									shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> (),
+									shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (),
 									VolumeType::Hidden,
 									useBackupHeaders);
 
diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h
old mode 100644
new mode 100755
index dce2aa3b..dcc6eb01
--- a/src/Volume/Volume.h
+++ b/src/Volume/Volume.h
@@ -89,8 +89,8 @@ namespace VeraCrypt
 		uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); }
 		bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; }
 		bool IsInSystemEncryptionScope () const { return SystemEncryption; }
-		void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
-		void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+		void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+		void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
 		void ReadSectors (const BufferPtr &buffer, uint64 byteOffset);
 		void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
 		void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp
old mode 100644
new mode 100755
index e7a47d29..fbdece50
--- a/src/Volume/VolumeHeader.cpp
+++ b/src/Volume/VolumeHeader.cpp
@@ -78,7 +78,7 @@ namespace VeraCrypt
 		EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf);
 	}
 
-	bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
+	bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
 	{
 		if (password.Size() < 1)
 			throw PasswordEmpty (SRC_POS);
@@ -89,6 +89,9 @@ namespace VeraCrypt
 
 		foreach (shared_ptr <Pkcs5Kdf> pkcs5, keyDerivationFunctions)
 		{
+			if (kdf && (kdf->GetName() != pkcs5->GetName()))
+				continue;
+
 			pkcs5->DeriveKey (headerKey, password, salt);
 
 			foreach (shared_ptr <EncryptionMode> mode, encryptionModes)
diff --git a/src/Volume/VolumeHeader.h b/src/Volume/VolumeHeader.h
old mode 100644
new mode 100755
index 8ce56fd8..cb567f22
--- a/src/Volume/VolumeHeader.h
+++ b/src/Volume/VolumeHeader.h
@@ -56,7 +56,7 @@ namespace VeraCrypt
 		virtual ~VolumeHeader ();
 
 		void Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options);
-		bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
+		bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
 		void EncryptNew (const BufferPtr &newHeaderBuffer, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
 		uint64 GetEncryptedAreaStart () const { return EncryptedAreaStart; }
 		uint64 GetEncryptedAreaLength () const { return EncryptedAreaLength; }
-- 
cgit v1.2.3