//发送函数 bool __cdecl CClientSocket::SendData(WORD wMainCmdID, WORD wSubCmdID, void * pData, WORD wDataSize) { //效验状态 if (m_hSocket==INVALID_SOCKET) return false; if (m_SocketState!=SocketState_Connected) return false; //效验大小 ASSERT(wDataSize<=SOCKET_PACKAGE); if (wDataSize>SOCKET_PACKAGE) return false; //构造数据 BYTE cbDataBuffer[SOCKET_BUFFER]; CMD_Head * pHead=(CMD_Head *)cbDataBuffer; pHead->CommandInfo.wMainCmdID=wMainCmdID; pHead->CommandInfo.wSubCmdID=wSubCmdID; if (wDataSize>0) { ASSERT(pData!=NULL); CopyMemory(pHead+1,pData,wDataSize); } //加密数据 WORD wSendSize=EncryptBuffer(cbDataBuffer,sizeof(CMD_Head)+wDataSize,sizeof(cbDataBuffer)); //发送数据 return SendBuffer(cbDataBuffer,wSendSize); }
//发送函数 bool CServerSocketItem::SendData(WORD wMainCmdID, WORD wSubCmdID, WORD wRountID) { //效验状态 if (m_bCloseIng==true) return false; if (m_wRountID!=wRountID) return false; if (m_dwRecvPacketCount==0) return false; if (IsValidSocket()==false) return false; //寻找发送结构 COverLappedSend * pOverLappedSend=GetSendOverLapped(); ASSERT(pOverLappedSend!=NULL); if (pOverLappedSend==NULL) return false; //构造数据 CMD_Head * pHead=(CMD_Head *)pOverLappedSend->m_cbBuffer; pHead->CommandInfo.wMainCmdID=wMainCmdID; pHead->CommandInfo.wSubCmdID=wSubCmdID; WORD wSendSize=EncryptBuffer(pOverLappedSend->m_cbBuffer,sizeof(CMD_Head),sizeof(pOverLappedSend->m_cbBuffer)); pOverLappedSend->m_WSABuffer.len=wSendSize; //发送数据 if (m_OverLappedSendActive.GetCount()==1) { DWORD dwThancferred=0; int iRetCode=WSASend(m_hSocket,&pOverLappedSend->m_WSABuffer,1,&dwThancferred,0,&pOverLappedSend->m_OverLapped,NULL); if ((iRetCode==SOCKET_ERROR)&&(WSAGetLastError()!=WSA_IO_PENDING)) { OnSendCompleted(pOverLappedSend,0L); return false; } } return true; }
//发送函数 bool __cdecl CTCPSocketService::SendData(WORD wMainCmdID, WORD wSubCmdID, VOID * pData, WORD wDataSize) { //效验状态 if (m_hSocket == INVALID_SOCKET) return false; // if (m_cbSocketStatus != SOCKET_STATUS_CONNECT) return false; //效验大小 ASSERT(wDataSize <= SOCKET_BUFFER); if (wDataSize > SOCKET_BUFFER) return false; //构造数据 BYTE cbDataBuffer[SOCKET_BUFFER]; CMD_Head * pHead = (CMD_Head *)cbDataBuffer; pHead->CommandInfo.wMainCmdID = wMainCmdID; pHead->CommandInfo.wSubCmdID = wSubCmdID; if (wDataSize > 0) { ASSERT(pData != NULL); CopyMemory(pHead + 1, pData, wDataSize); } //加密数据 WORD wSendSize = EncryptBuffer(cbDataBuffer, sizeof(CMD_Head) + wDataSize, sizeof(cbDataBuffer)); //发送数据 return SendDataBuffer(cbDataBuffer, wSendSize); }
void EncryptionModeLRW::EncryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const { if_debug (ValidateState ()); if_debug (ValidateParameters (data, sectorCount, sectorSize)); EncryptBuffer (data, sectorCount * sectorSize, SectorToBlockIndex (sectorIndex)); }
int LogBookData::SaveData(void) { FILE *fp; _TCHAR path[_MAX_PATH]; _stprintf(path,_T("%s\\config\\%s.lbk"),FalconDataDirectory,Pilot.Callsign); if((fp = _tfopen(path,_T("wb"))) == NULL) { MonoPrint(_T("Couldn't save logbook")); return FALSE; } EncryptBuffer(0x58,(uchar*)&Pilot,sizeof(LB_PILOT)); fwrite(&Pilot, sizeof(LB_PILOT), 1, fp); fclose(fp); DecryptBuffer(0x58,(uchar*)&Pilot,sizeof(LB_PILOT)); if(gCommsMgr) { sprintf(path,"%s\\config\\%s.plc",FalconDataDirectory,Pilot.Callsign); gCommsMgr->SetStatsFile(path); } #if _USE_REGISTRY_ DWORD size; HKEY theKey; long retval; retval = RegOpenKeyEx(HKEY_LOCAL_MACHINE, FALCON_REGISTRY_KEY, 0, KEY_ALL_ACCESS, &theKey); size = _NAME_LEN_; if(retval == ERROR_SUCCESS) retval = RegSetValueEx (theKey, "PilotName", 0, REG_BINARY, (LPBYTE)Name(), size); size = _CALLSIGN_LEN_; if(retval == ERROR_SUCCESS) retval = RegSetValueEx (theKey, "PilotCallsign", 0, REG_BINARY, (LPBYTE)Callsign(), size); RegCloseKey(theKey); #endif if(this == &LogBook) { FalconLocalSession->SetPlayerName(NameWRank()); FalconLocalSession->SetPlayerCallsign(Callsign()); FalconLocalSession->SetAceFactor(AceFactor()); FalconLocalSession->SetInitAceFactor(LogBook.AceFactor()); FalconLocalSession->SetVoiceID(static_cast<uchar>(Voice())); } return TRUE; }
/** Saves settings to the configuration file */ void FTaskBrowserSettings::SaveSettings() { GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "ServerName" ), *ServerName, GEditorUserSettingsIni ); GConfig->SetInt( TEXT( "TaskBrowser" ), TEXT( "ServerPort" ), ServerPort, GEditorUserSettingsIni ); GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "UserName" ), *UserName, GEditorUserSettingsIni ); bool bHaveValidPassword = false; if( Password.Len() > 0 ) { // Store the user's password encrypted on disk const uint32 MaxEncryptedPasswordSize = 2048; uint8 EncryptedPasswordBuffer[ MaxEncryptedPasswordSize ]; uint32 EncryptedPasswordSize = MaxEncryptedPasswordSize; if( EncryptBuffer( ( const uint8* )&Password[ 0 ], ( Password.Len() + 1 ) * sizeof( TCHAR ), EncryptedPasswordBuffer, EncryptedPasswordSize ) ) { FString EncryptedPasswordBlob = FString::FromBlob( EncryptedPasswordBuffer, EncryptedPasswordSize ); GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "Password" ), *EncryptedPasswordBlob, GEditorUserSettingsIni ); bHaveValidPassword = true; } } if( !bHaveValidPassword ) { // Empty password GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "Password" ), TEXT( "" ), GEditorUserSettingsIni ); } GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "ProjectName" ), *ProjectName, GEditorUserSettingsIni ); GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "AutoConnectAtStartup" ), bAutoConnectAtStartup, GEditorUserSettingsIni ); GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "UseSingleSignOn" ), bUseSingleSignOn, GEditorUserSettingsIni ); GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "DBFilterName" ), *DBFilterName, GEditorUserSettingsIni ); GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterOnlyOpen" ), bFilterOnlyOpen, GEditorUserSettingsIni ); GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterAssignedToMe" ), bFilterAssignedToMe, GEditorUserSettingsIni ); GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterCreatedByMe" ), bFilterCreatedByMe, GEditorUserSettingsIni ); GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterCurrentMap" ), bFilterCurrentMap, GEditorUserSettingsIni ); GConfig->SetInt( TEXT( "TaskBrowser" ), TEXT( "TaskListSortColumn" ), TaskListSortColumn, GEditorUserSettingsIni ); GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "TaskListSortAscending" ), bTaskListSortAscending, GEditorUserSettingsIni ); }
// Send a packet to this client void CClientSocket::SendPacket( CPacket *P ) { // :WARNING: IF WE ADD A CRYPT FUNCTION HERE WE MUST COPY THE // PACKET AND NOT USE THE ORIGINAL, IT WILL F**K UP // THE SENDTOALL FUNCTIONS unsigned char* Buffer = (unsigned char*)P; unsigned Size = P->Size; #ifndef USE124 EncryptBuffer( CryptTable, Buffer ); #endif send( sock, (char*)Buffer, Size, 0 ); }
//发送函数 bool __cdecl CClientSocket::SendData(WORD wMainCmdID, WORD wSubCmdID) { //效验状态 if (m_hSocket==INVALID_SOCKET) return false; if (m_SocketState!=SocketState_Connected) return false; //构造数据 BYTE cbDataBuffer[SOCKET_BUFFER]; CMD_Head * pHead=(CMD_Head *)cbDataBuffer; pHead->CommandInfo.wMainCmdID=wMainCmdID; pHead->CommandInfo.wSubCmdID=wSubCmdID; //加密数据 WORD wSendSize=EncryptBuffer(cbDataBuffer,sizeof(CMD_Head),sizeof(cbDataBuffer)); //发送数据 return SendBuffer(cbDataBuffer,wSendSize); }
//发送函数 bool __cdecl CTCPSocketService::SendData(WORD wMainCmdID, WORD wSubCmdID) { //效验状态 if (m_hSocket == INVALID_SOCKET) return false; if (m_cbSocketStatus != SOCKET_STATUS_CONNECT) return false; //构造数据 BYTE cbDataBuffer[SOCKET_BUFFER]; CMD_Head * pHead = (CMD_Head *)cbDataBuffer; pHead->CommandInfo.wMainCmdID = wMainCmdID; pHead->CommandInfo.wSubCmdID = wSubCmdID; //加密数据 WORD wSendSize = EncryptBuffer(cbDataBuffer, sizeof(CMD_Head), sizeof(cbDataBuffer)); //发送数据 return SendDataBuffer(cbDataBuffer, wSendSize); }
BOOL Log_WriteFile(HANDLE handle, BYTE *clear_buffer, DWORD clear_len) { DWORD dwTmp; BOOL ret_val; DWORD crypt_len = 0; BYTE *crypt_buffer = NULL; if (handle == INVALID_HANDLE_VALUE || clear_len == 0 || clear_buffer == NULL) return FALSE; if (!(crypt_buffer = EncryptBuffer(clear_buffer, clear_len, &crypt_len))) { SAFE_FREE(crypt_buffer); return FALSE; } ret_val = WriteFile(handle, crypt_buffer, crypt_len, &dwTmp, NULL); SAFE_FREE(crypt_buffer); return ret_val; }
void CCNetDelegate::sendPacket(WORD wMainCmdID,WORD wSubCmdID,void* data,WORD size) { //构造数据 BYTE cbDataBuffer[4096]; CMD_Head * pHead=(CMD_Head *)cbDataBuffer; pHead->CommandInfo.wMainCmdID=wMainCmdID; pHead->CommandInfo.wSubCmdID=wSubCmdID; if (size>0 && data != NULL) { memcpy(pHead+1,data,size); } //加密数据 WORD wSendSize=EncryptBuffer(cbDataBuffer,sizeof(CMD_Head)+size,sizeof(cbDataBuffer)); CCLOG("Main:%d sub:%d",wMainCmdID, wSubCmdID); //发送数据 send((char *)cbDataBuffer, (unsigned int)wSendSize); }
/*---------------------------------------------------------------------- | AP4_CbcStreamCipher::ProcessBuffer +---------------------------------------------------------------------*/ AP4_Result AP4_CbcStreamCipher::ProcessBuffer(const AP4_UI08* in, AP4_Size in_size, AP4_UI08* out, AP4_Size* out_size, bool is_last_buffer) { // check the parameters if (out_size == NULL) return AP4_ERROR_INVALID_PARAMETERS; // check the state if (m_BlockCipher == NULL || m_Eos) { *out_size = 0; return AP4_ERROR_INVALID_STATE; } if (is_last_buffer) m_Eos = true; if (m_BlockCipher->GetDirection() == AP4_BlockCipher::ENCRYPT) { return EncryptBuffer(in, in_size, out, out_size, is_last_buffer); } else { return DecryptBuffer(in, in_size, out, out_size, is_last_buffer); } }
int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) { #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE char dk[32 * 2]; // 2 * 256-bit key char masterKey[32 * 2]; #else char dk[32 * 2 * 3]; // 6 * 256-bit key char masterKey[32 * 2 * 3]; #endif PCRYPTO_INFO cryptoInfo; int status; if (retHeaderCryptoInfo != NULL) cryptoInfo = retHeaderCryptoInfo; else cryptoInfo = *retInfo = crypto_open (); // PKCS5 PRF derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET, PKCS5_SALT_SIZE, bBoot ? 1000 : 2000, dk, sizeof (dk)); // Mode of operation cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID; // Test all available encryption algorithms for (cryptoInfo->ea = EAGetFirst (); cryptoInfo->ea != 0; cryptoInfo->ea = EAGetNext (cryptoInfo->ea)) { status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks); if (status == ERR_CIPHER_INIT_FAILURE) goto err; // Secondary key schedule EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); // Try to decrypt header DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); // Check magic 'TRUE' and CRC-32 of header fields and master keydata if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545 || (GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION) >= 4 && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC)) || GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE)) { EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); continue; } // Header decrypted status = 0; // Hidden volume status cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE); cryptoInfo->hiddenVolume = (cryptoInfo->VolumeSize.LowPart != 0 || cryptoInfo->VolumeSize.HighPart != 0); // Volume size cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE); // Encrypted area size and length cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START); cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH); // Flags cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS); memcpy (masterKey, header + HEADER_MASTER_KEYDATA_OFFSET, sizeof (masterKey)); EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); if (retHeaderCryptoInfo) goto ret; // Init the encryption algorithm with the decrypted master key status = EAInit (cryptoInfo->ea, masterKey, cryptoInfo->ks); if (status == ERR_CIPHER_INIT_FAILURE) goto err; // The secondary master key (if cascade, multiple concatenated) EAInit (cryptoInfo->ea, masterKey + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); goto ret; } status = ERR_PASSWORD_WRONG; err: if (cryptoInfo != retHeaderCryptoInfo) { crypto_close(cryptoInfo); *retInfo = NULL; } ret: burn (dk, sizeof(dk)); burn (masterKey, sizeof(masterKey)); return status; }
void EncryptionModeLRW::Encrypt (byte *data, uint64 length) const { ValidateState (); EncryptBuffer (data, length, 1); }
void BuildMessage( bf_write& buf, byte msgtype, char const *mapname, unsigned int uSessionID ) { bf_write encrypted; byte encrypted_data[ 2048 ]; buf.WriteByte( C2M_PHONEHOME ); buf.WriteByte( '\n' ); buf.WriteByte( C2M_PHONEHOME_PROTOCOL_VERSION ); buf.WriteLong( uSessionID ); // sessionid (request new id by sending 0) // encryption object IceKey cipher(1); /* medium encryption level */ unsigned char ucEncryptionKey[8] = { 191, 1, 0, 222, 85, 39, 154, 1 }; cipher.set( ucEncryptionKey ); encrypted.StartWriting( encrypted_data, sizeof( encrypted_data ) ); byte corruption_identifier = 0x01; encrypted.WriteByte( corruption_identifier ); // Data version protocol encrypted.WriteByte( 1 ); // Write the "build identifier" -- unique to each person we give a build to. encrypted.WriteString( m_szBuildIdentifier ); { char computername[ 64 ]; Q_memset( computername, 0, sizeof( computername ) ); #if defined ( _WIN32 ) DWORD length = sizeof( computername ) - 1; if ( !GetComputerName( computername, &length ) ) { Q_strncpy( computername, "???", sizeof( computername ) ); } #else if ( gethostname( computername, sizeof(computername) ) == -1 ) { Q_strncpy( computername, "Linux????", sizeof( computername ) ); } computername[sizeof(computername)-1] = '\0'; #endif encrypted.WriteString( computername ); } { char username[ 64 ]; Q_memset( username, 0, sizeof( username ) ); #if defined ( _WIN32 ) DWORD length = sizeof( username ) - 1; if ( !GetUserName( username, &length ) ) { Q_strncpy( username, "???", sizeof( username ) ); } #else struct passwd *pass = getpwuid( getuid() ); if ( pass ) { Q_strncpy( username, pass->pw_name, sizeof( username ) ); } else { Q_strncpy( username, "LinuxUser??", sizeof( username ) ); } username[sizeof(username)-1] = '\0'; #endif encrypted.WriteString( username ); } char gamedir[ 64 ]; Q_FileBase( com_gamedir, gamedir, sizeof( gamedir ) ); encrypted.WriteString( gamedir ); unsigned int uBuildNumber = build_number(); encrypted.WriteLong( (int)uBuildNumber ); // WRite timestamp of engine encrypted.WriteFloat( (float)realtime ); encrypted.WriteByte( msgtype ); if ( mapname != NULL ) { encrypted.WriteString( mapname ); } int isDebugUser = ( Sys_IsDebuggerPresent() || CommandLine()->FindParm( "-allowdebug" ) ) ? 1 : 0; encrypted.WriteByte( isDebugUser ); while ( encrypted.GetNumBytesWritten() % 8 ) { encrypted.WriteByte( 0 ); } EncryptBuffer( cipher, (unsigned char *)encrypted.GetData(), encrypted.GetNumBytesWritten() ); buf.WriteShort( (int)encrypted.GetNumBytesWritten() ); buf.WriteBytes( (unsigned char *)encrypted.GetData(), encrypted.GetNumBytesWritten() ); }
void EncryptionModeXTS::EncryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const { EncryptBuffer (data, sectorCount * sectorSize, sectorIndex * sectorSize / ENCRYPTION_DATA_UNIT_SIZE); }
// Creates a volume header in memory int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Password *password, int pkcs5_prf, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode) { unsigned char *p = (unsigned char *) header; static KEY_INFO keyInfo; int nUserKeyLen = password->Length; PCRYPTO_INFO cryptoInfo = crypto_open (); static char dk[MASTER_KEYDATA_SIZE]; int x; int retVal = 0; int primaryKeyOffset; if (cryptoInfo == NULL) return ERR_OUTOFMEMORY; memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); VirtualLock (&keyInfo, sizeof (keyInfo)); VirtualLock (&dk, sizeof (dk)); /* Encryption setup */ if (masterKeydata == NULL) { // We have no master key data (creating a new volume) so we'll use the TrueCrypt RNG to generate them int bytesNeeded; switch (mode) { case LRW: case CBC: case INNER_CBC: case OUTER_CBC: // Deprecated/legacy modes of operation bytesNeeded = LEGACY_VOL_IV_SIZE + EAGetKeySize (ea); // In fact, this should never be the case since volumes being newly created are not // supposed to use any deprecated mode of operation. TC_THROW_FATAL_EXCEPTION; break; default: bytesNeeded = EAGetKeySize (ea) * 2; // Size of primary + secondary key(s) } if (!RandgetBytes (keyInfo.master_keydata, bytesNeeded, TRUE)) return ERR_CIPHER_INIT_WEAK_KEY; } else { // We already have existing master key data (the header is being re-encrypted) memcpy (keyInfo.master_keydata, masterKeydata, MASTER_KEYDATA_SIZE); } // User key memcpy (keyInfo.userKey, password->Text, nUserKeyLen); keyInfo.keyLength = nUserKeyLen; keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, bBoot); // User selected encryption algorithm cryptoInfo->ea = ea; // Mode of operation cryptoInfo->mode = mode; // Salt for header key derivation if (!RandgetBytes (keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode)) return ERR_CIPHER_INIT_WEAK_KEY; // PBKDF2 (PKCS5) is used to derive primary header key(s) and secondary header key(s) (XTS) from the password/keyfiles switch (pkcs5_prf) { case SHA512: derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); break; case SHA1: // Deprecated/legacy derive_key_sha1 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); break; case RIPEMD160: derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); break; case WHIRLPOOL: derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); break; default: // Unknown/wrong ID TC_THROW_FATAL_EXCEPTION; } /* Header setup */ // Salt mputBytes (p, keyInfo.salt, PKCS5_SALT_SIZE); // Magic mputLong (p, 0x54525545); // Header version mputWord (p, VOLUME_HEADER_VERSION); cryptoInfo->HeaderVersion = VOLUME_HEADER_VERSION; // Required program version to handle this volume switch (mode) { case LRW: // Deprecated/legacy mputWord (p, 0x0410); break; case OUTER_CBC: case INNER_CBC: // Deprecated/legacy mputWord (p, 0x0300); break; case CBC: // Deprecated/legacy mputWord (p, hiddenVolumeSize > 0 ? 0x0300 : 0x0100); break; default: mputWord (p, requiredProgramVersion != 0 ? requiredProgramVersion : TC_VOLUME_MIN_REQUIRED_PROGRAM_VERSION); } // CRC of the master key data x = GetCrc32(keyInfo.master_keydata, MASTER_KEYDATA_SIZE); mputLong (p, x); // Reserved fields p += 2 * 8; // Size of hidden volume (if any) cryptoInfo->hiddenVolumeSize = hiddenVolumeSize; mputInt64 (p, cryptoInfo->hiddenVolumeSize); cryptoInfo->hiddenVolume = cryptoInfo->hiddenVolumeSize != 0; // Volume size cryptoInfo->VolumeSize.Value = volumeSize; mputInt64 (p, volumeSize); // Encrypted area start cryptoInfo->EncryptedAreaStart.Value = encryptedAreaStart; mputInt64 (p, encryptedAreaStart); // Encrypted area size cryptoInfo->EncryptedAreaLength.Value = encryptedAreaLength; mputInt64 (p, encryptedAreaLength); // Flags cryptoInfo->HeaderFlags = headerFlags; mputLong (p, headerFlags); // Sector size if (sectorSize < TC_MIN_VOLUME_SECTOR_SIZE || sectorSize > TC_MAX_VOLUME_SECTOR_SIZE || sectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) { TC_THROW_FATAL_EXCEPTION; } cryptoInfo->SectorSize = sectorSize; mputLong (p, sectorSize); // CRC of the header fields x = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); p = header + TC_HEADER_OFFSET_HEADER_CRC; mputLong (p, x); // The master key data memcpy (header + HEADER_MASTER_KEYDATA_OFFSET, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); /* Header encryption */ switch (mode) { case LRW: case CBC: case INNER_CBC: case OUTER_CBC: // For LRW (deprecated/legacy), the tweak key // For CBC (deprecated/legacy), the IV/whitening seed memcpy (cryptoInfo->k2, dk, LEGACY_VOL_IV_SIZE); primaryKeyOffset = LEGACY_VOL_IV_SIZE; break; default: // The secondary key (if cascade, multiple concatenated) memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); primaryKeyOffset = 0; } retVal = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks); if (retVal != ERR_SUCCESS) return retVal; // Mode of operation if (!EAInitMode (cryptoInfo)) return ERR_OUTOFMEMORY; // Encrypt the entire header (except the salt) EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); /* cryptoInfo setup for further use (disk format) */ // Init with the master key(s) retVal = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks); if (retVal != ERR_SUCCESS) return retVal; memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); switch (cryptoInfo->mode) { case LRW: case CBC: case INNER_CBC: case OUTER_CBC: // For LRW (deprecated/legacy), the tweak key // For CBC (deprecated/legacy), the IV/whitening seed memcpy (cryptoInfo->k2, keyInfo.master_keydata, LEGACY_VOL_IV_SIZE); break; default: // The secondary master key (if cascade, multiple concatenated) memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); } // Mode of operation if (!EAInitMode (cryptoInfo)) return ERR_OUTOFMEMORY; #ifdef VOLFORMAT if (showKeys && !bInPlaceEncNonSys) { BOOL dots3 = FALSE; int i, j; j = EAGetKeySize (ea); if (j > NBR_KEY_BYTES_TO_DISPLAY) { dots3 = TRUE; j = NBR_KEY_BYTES_TO_DISPLAY; } MasterKeyGUIView[0] = 0; for (i = 0; i < j; i++) { char tmp2[8] = {0}; sprintf (tmp2, "%02X", (int) (unsigned char) keyInfo.master_keydata[i + primaryKeyOffset]); strcat (MasterKeyGUIView, tmp2); } HeaderKeyGUIView[0] = 0; for (i = 0; i < NBR_KEY_BYTES_TO_DISPLAY; i++) { char tmp2[8]; sprintf (tmp2, "%02X", (int) (unsigned char) dk[primaryKeyOffset + i]); strcat (HeaderKeyGUIView, tmp2); } if (dots3) { DisplayPortionsOfKeys (hHeaderKey, hMasterKey, HeaderKeyGUIView, MasterKeyGUIView, !showKeys); } else { SendMessage (hMasterKey, WM_SETTEXT, 0, (LPARAM) MasterKeyGUIView); SendMessage (hHeaderKey, WM_SETTEXT, 0, (LPARAM) HeaderKeyGUIView); } } #endif // #ifdef VOLFORMAT burn (dk, sizeof(dk)); burn (&keyInfo, sizeof (keyInfo)); *retInfo = cryptoInfo; return 0; }
// Writes randomly generated data to unused/reserved header areas. // When bPrimaryOnly is TRUE, then only the primary header area (not the backup header area) is filled with random data. // When bBackupOnly is TRUE, only the backup header area (not the primary header area) is filled with random data. int WriteRandomDataToReservedHeaderAreas (HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly) { char temporaryKey[MASTER_KEYDATA_SIZE]; char originalK2[MASTER_KEYDATA_SIZE]; byte buf[TC_VOLUME_HEADER_GROUP_SIZE]; LARGE_INTEGER offset; int nStatus = ERR_SUCCESS; DWORD dwError; DWORD bytesDone; BOOL backupHeaders = bBackupOnly; if (bPrimaryOnly && bBackupOnly) TC_THROW_FATAL_EXCEPTION; memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); while (TRUE) { // Temporary keys if (!RandgetBytes (temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE) || !RandgetBytes (cryptoInfo->k2, sizeof (cryptoInfo->k2), FALSE)) { nStatus = ERR_PARAMETER_INCORRECT; goto final_seq; } nStatus = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks); if (nStatus != ERR_SUCCESS) goto final_seq; if (!EAInitMode (cryptoInfo)) { nStatus = ERR_MODE_INIT_FAILED; goto final_seq; } offset.QuadPart = backupHeaders ? dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET; if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) { nStatus = ERR_OS_ERROR; goto final_seq; } if (!ReadFile (dev, buf, sizeof (buf), &bytesDone, NULL)) { nStatus = ERR_OS_ERROR; goto final_seq; } if (bytesDone < TC_VOLUME_HEADER_EFFECTIVE_SIZE) { SetLastError (ERROR_INVALID_PARAMETER); nStatus = ERR_OS_ERROR; goto final_seq; } EncryptBuffer (buf + TC_VOLUME_HEADER_EFFECTIVE_SIZE, sizeof (buf) - TC_VOLUME_HEADER_EFFECTIVE_SIZE, cryptoInfo); if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) { nStatus = ERR_OS_ERROR; goto final_seq; } if (!WriteFile (dev, buf, sizeof (buf), &bytesDone, NULL)) { nStatus = ERR_OS_ERROR; goto final_seq; } if (bytesDone != sizeof (buf)) { nStatus = ERR_PARAMETER_INCORRECT; goto final_seq; } if (backupHeaders || bPrimaryOnly) break; backupHeaders = TRUE; } memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2)); nStatus = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks); if (nStatus != ERR_SUCCESS) goto final_seq; if (!EAInitMode (cryptoInfo)) { nStatus = ERR_MODE_INIT_FAILED; goto final_seq; } final_seq: dwError = GetLastError(); burn (temporaryKey, sizeof (temporaryKey)); burn (originalK2, sizeof (originalK2)); if (nStatus != ERR_SUCCESS) SetLastError (dwError); return nStatus; }
int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) { #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE char dk[32 * 2]; // 2 * 256-bit key #else char dk[32 * 2 * 3]; // 6 * 256-bit key #endif PCRYPTO_INFO cryptoInfo; int status = ERR_SUCCESS; uint32 iterations = pim; iterations <<= 16; iterations |= bBoot; if (retHeaderCryptoInfo != NULL) cryptoInfo = retHeaderCryptoInfo; else cryptoInfo = *retInfo = crypto_open (); // PKCS5 PRF #ifdef TC_WINDOWS_BOOT_SHA2 derive_key_sha256 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET, PKCS5_SALT_SIZE, iterations, dk, sizeof (dk)); #else derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET, PKCS5_SALT_SIZE, iterations, dk, sizeof (dk)); #endif // Mode of operation cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID; #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE cryptoInfo->ea = 1; #else // Test all available encryption algorithms for (cryptoInfo->ea = EAGetFirst (); cryptoInfo->ea != 0; cryptoInfo->ea = EAGetNext (cryptoInfo->ea)) #endif { #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE #if defined (TC_WINDOWS_BOOT_SERPENT) serpent_set_key (dk, cryptoInfo->ks); #elif defined (TC_WINDOWS_BOOT_TWOFISH) twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk); #elif defined (TC_WINDOWS_BOOT_CAMELLIA) camellia_set_key (dk, cryptoInfo->ks); #else status = EAInit (dk, cryptoInfo->ks); if (status == ERR_CIPHER_INIT_FAILURE) goto err; #endif #else status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks); if (status == ERR_CIPHER_INIT_FAILURE) goto err; #endif // Secondary key schedule #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE #if defined (TC_WINDOWS_BOOT_SERPENT) serpent_set_key (dk + 32, cryptoInfo->ks2); #elif defined (TC_WINDOWS_BOOT_TWOFISH) twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32)); #elif defined (TC_WINDOWS_BOOT_CAMELLIA) camellia_set_key (dk + 32, cryptoInfo->ks2); #else EAInit (dk + 32, cryptoInfo->ks2); #endif #else EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); #endif // Try to decrypt header DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); // Check magic 'VERA' and CRC-32 of header fields and master keydata if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241 || (GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION) >= 4 && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC)) || GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE)) { EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE status = ERR_PASSWORD_WRONG; goto err; #else continue; #endif } // Header decrypted status = 0; // Hidden volume status cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE); cryptoInfo->hiddenVolume = (cryptoInfo->VolumeSize.LowPart != 0 || cryptoInfo->VolumeSize.HighPart != 0); // Volume size cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE); // Encrypted area size and length cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START); cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH); // Flags cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS); #ifdef TC_WINDOWS_BOOT_SHA2 cryptoInfo->pkcs5 = SHA256; #else cryptoInfo->pkcs5 = RIPEMD160; #endif memcpy (dk, header + HEADER_MASTER_KEYDATA_OFFSET, sizeof (dk)); EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); if (retHeaderCryptoInfo) goto ret; // Init the encryption algorithm with the decrypted master key #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE #if defined (TC_WINDOWS_BOOT_SERPENT) serpent_set_key (dk, cryptoInfo->ks); #elif defined (TC_WINDOWS_BOOT_TWOFISH) twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk); #elif defined (TC_WINDOWS_BOOT_CAMELLIA) camellia_set_key (dk, cryptoInfo->ks); #else status = EAInit (dk, cryptoInfo->ks); if (status == ERR_CIPHER_INIT_FAILURE) goto err; #endif #else status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks); if (status == ERR_CIPHER_INIT_FAILURE) goto err; #endif // The secondary master key (if cascade, multiple concatenated) #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE #if defined (TC_WINDOWS_BOOT_SERPENT) serpent_set_key (dk + 32, cryptoInfo->ks2); #elif defined (TC_WINDOWS_BOOT_TWOFISH) twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32)); #elif defined (TC_WINDOWS_BOOT_CAMELLIA) camellia_set_key (dk + 32, cryptoInfo->ks2); #else EAInit (dk + 32, cryptoInfo->ks2); #endif #else EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); #endif goto ret; } status = ERR_PASSWORD_WRONG; err: if (cryptoInfo != retHeaderCryptoInfo) { crypto_close(cryptoInfo); *retInfo = NULL; } ret: burn (dk, sizeof(dk)); return status; }