//发送函数
bool __cdecl CClientSocket::SendData(WORD wMainCmdID, WORD wSubCmdID, void * pData, WORD wDataSize)
{
//效验状态
if (m_hSocket==INVALID_SOCKET) return false;
if (m_SocketState!=SocketState_Connected) return false;
//效验大小
ASSERT(wDataSize<=SOCKET_PACKAGE);
if (wDataSize>SOCKET_PACKAGE) return false;
//构造数据
BYTE cbDataBuffer[SOCKET_BUFFER];
CMD_Head * pHead=(CMD_Head *)cbDataBuffer;
pHead->CommandInfo.wMainCmdID=wMainCmdID;
pHead->CommandInfo.wSubCmdID=wSubCmdID;
if (wDataSize>0)
{
ASSERT(pData!=NULL);
CopyMemory(pHead+1,pData,wDataSize);
}
//加密数据
WORD wSendSize=EncryptBuffer(cbDataBuffer,sizeof(CMD_Head)+wDataSize,sizeof(cbDataBuffer));
//发送数据
return SendBuffer(cbDataBuffer,wSendSize);
}
//发送函数
bool CServerSocketItem::SendData(WORD wMainCmdID, WORD wSubCmdID, WORD wRountID)
{
//效验状态
if (m_bCloseIng==true) return false;
if (m_wRountID!=wRountID) return false;
if (m_dwRecvPacketCount==0) return false;
if (IsValidSocket()==false) return false;
//寻找发送结构
COverLappedSend * pOverLappedSend=GetSendOverLapped();
ASSERT(pOverLappedSend!=NULL);
if (pOverLappedSend==NULL) return false;
//构造数据
CMD_Head * pHead=(CMD_Head *)pOverLappedSend->m_cbBuffer;
pHead->CommandInfo.wMainCmdID=wMainCmdID;
pHead->CommandInfo.wSubCmdID=wSubCmdID;
WORD wSendSize=EncryptBuffer(pOverLappedSend->m_cbBuffer,sizeof(CMD_Head),sizeof(pOverLappedSend->m_cbBuffer));
pOverLappedSend->m_WSABuffer.len=wSendSize;
//发送数据
if (m_OverLappedSendActive.GetCount()==1)
{
DWORD dwThancferred=0;
int iRetCode=WSASend(m_hSocket,&pOverLappedSend->m_WSABuffer,1,&dwThancferred,0,&pOverLappedSend->m_OverLapped,NULL);
if ((iRetCode==SOCKET_ERROR)&&(WSAGetLastError()!=WSA_IO_PENDING))
{
OnSendCompleted(pOverLappedSend,0L);
return false;
}
}
return true;
}
//发送函数
bool __cdecl CTCPSocketService::SendData(WORD wMainCmdID, WORD wSubCmdID, VOID * pData, WORD wDataSize)
{
//效验状态
if (m_hSocket == INVALID_SOCKET) return false;
// if (m_cbSocketStatus != SOCKET_STATUS_CONNECT) return false;
//效验大小
ASSERT(wDataSize <= SOCKET_BUFFER);
if (wDataSize > SOCKET_BUFFER) return false;
//构造数据
BYTE cbDataBuffer[SOCKET_BUFFER];
CMD_Head * pHead = (CMD_Head *)cbDataBuffer;
pHead->CommandInfo.wMainCmdID = wMainCmdID;
pHead->CommandInfo.wSubCmdID = wSubCmdID;
if (wDataSize > 0)
{
ASSERT(pData != NULL);
CopyMemory(pHead + 1, pData, wDataSize);
}
//加密数据
WORD wSendSize = EncryptBuffer(cbDataBuffer, sizeof(CMD_Head) + wDataSize, sizeof(cbDataBuffer));
//发送数据
return SendDataBuffer(cbDataBuffer, wSendSize);
}
void EncryptionModeLRW::EncryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const
{
if_debug (ValidateState ());
if_debug (ValidateParameters (data, sectorCount, sectorSize));
EncryptBuffer (data,
sectorCount * sectorSize,
SectorToBlockIndex (sectorIndex));
}
int LogBookData::SaveData(void)
{
FILE *fp;
_TCHAR path[_MAX_PATH];
_stprintf(path,_T("%s\\config\\%s.lbk"),FalconDataDirectory,Pilot.Callsign);
if((fp = _tfopen(path,_T("wb"))) == NULL)
{
MonoPrint(_T("Couldn't save logbook"));
return FALSE;
}
EncryptBuffer(0x58,(uchar*)&Pilot,sizeof(LB_PILOT));
fwrite(&Pilot, sizeof(LB_PILOT), 1, fp);
fclose(fp);
DecryptBuffer(0x58,(uchar*)&Pilot,sizeof(LB_PILOT));
if(gCommsMgr)
{
sprintf(path,"%s\\config\\%s.plc",FalconDataDirectory,Pilot.Callsign);
gCommsMgr->SetStatsFile(path);
}
#if _USE_REGISTRY_
DWORD size;
HKEY theKey;
long retval;
retval = RegOpenKeyEx(HKEY_LOCAL_MACHINE, FALCON_REGISTRY_KEY,
0, KEY_ALL_ACCESS, &theKey);
size = _NAME_LEN_;
if(retval == ERROR_SUCCESS)
retval = RegSetValueEx (theKey, "PilotName", 0, REG_BINARY, (LPBYTE)Name(), size);
size = _CALLSIGN_LEN_;
if(retval == ERROR_SUCCESS)
retval = RegSetValueEx (theKey, "PilotCallsign", 0, REG_BINARY, (LPBYTE)Callsign(), size);
RegCloseKey(theKey);
#endif
if(this == &LogBook)
{
FalconLocalSession->SetPlayerName(NameWRank());
FalconLocalSession->SetPlayerCallsign(Callsign());
FalconLocalSession->SetAceFactor(AceFactor());
FalconLocalSession->SetInitAceFactor(LogBook.AceFactor());
FalconLocalSession->SetVoiceID(static_cast<uchar>(Voice()));
}
return TRUE;
}
/** Saves settings to the configuration file */
void FTaskBrowserSettings::SaveSettings()
{
GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "ServerName" ), *ServerName, GEditorUserSettingsIni );
GConfig->SetInt( TEXT( "TaskBrowser" ), TEXT( "ServerPort" ), ServerPort, GEditorUserSettingsIni );
GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "UserName" ), *UserName, GEditorUserSettingsIni );
bool bHaveValidPassword = false;
if( Password.Len() > 0 )
{
// Store the user's password encrypted on disk
const uint32 MaxEncryptedPasswordSize = 2048;
uint8 EncryptedPasswordBuffer[ MaxEncryptedPasswordSize ];
uint32 EncryptedPasswordSize = MaxEncryptedPasswordSize;
if( EncryptBuffer(
( const uint8* )&Password[ 0 ],
( Password.Len() + 1 ) * sizeof( TCHAR ),
EncryptedPasswordBuffer,
EncryptedPasswordSize ) )
{
FString EncryptedPasswordBlob = FString::FromBlob( EncryptedPasswordBuffer, EncryptedPasswordSize );
GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "Password" ), *EncryptedPasswordBlob, GEditorUserSettingsIni );
bHaveValidPassword = true;
}
}
if( !bHaveValidPassword )
{
// Empty password
GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "Password" ), TEXT( "" ), GEditorUserSettingsIni );
}
GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "ProjectName" ), *ProjectName, GEditorUserSettingsIni );
GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "AutoConnectAtStartup" ), bAutoConnectAtStartup, GEditorUserSettingsIni );
GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "UseSingleSignOn" ), bUseSingleSignOn, GEditorUserSettingsIni );
GConfig->SetString( TEXT( "TaskBrowser" ), TEXT( "DBFilterName" ), *DBFilterName, GEditorUserSettingsIni );
GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterOnlyOpen" ), bFilterOnlyOpen, GEditorUserSettingsIni );
GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterAssignedToMe" ), bFilterAssignedToMe, GEditorUserSettingsIni );
GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterCreatedByMe" ), bFilterCreatedByMe, GEditorUserSettingsIni );
GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "FilterCurrentMap" ), bFilterCurrentMap, GEditorUserSettingsIni );
GConfig->SetInt( TEXT( "TaskBrowser" ), TEXT( "TaskListSortColumn" ), TaskListSortColumn, GEditorUserSettingsIni );
GConfig->SetBool( TEXT( "TaskBrowser" ), TEXT( "TaskListSortAscending" ), bTaskListSortAscending, GEditorUserSettingsIni );
}
// Send a packet to this client
void CClientSocket::SendPacket( CPacket *P )
{
// :WARNING: IF WE ADD A CRYPT FUNCTION HERE WE MUST COPY THE
// PACKET AND NOT USE THE ORIGINAL, IT WILL F**K UP
// THE SENDTOALL FUNCTIONS
unsigned char* Buffer = (unsigned char*)P;
unsigned Size = P->Size;
#ifndef USE124
EncryptBuffer( CryptTable, Buffer );
#endif
send( sock, (char*)Buffer, Size, 0 );
}
//发送函数
bool __cdecl CClientSocket::SendData(WORD wMainCmdID, WORD wSubCmdID)
{
//效验状态
if (m_hSocket==INVALID_SOCKET) return false;
if (m_SocketState!=SocketState_Connected) return false;
//构造数据
BYTE cbDataBuffer[SOCKET_BUFFER];
CMD_Head * pHead=(CMD_Head *)cbDataBuffer;
pHead->CommandInfo.wMainCmdID=wMainCmdID;
pHead->CommandInfo.wSubCmdID=wSubCmdID;
//加密数据
WORD wSendSize=EncryptBuffer(cbDataBuffer,sizeof(CMD_Head),sizeof(cbDataBuffer));
//发送数据
return SendBuffer(cbDataBuffer,wSendSize);
}
//发送函数
bool __cdecl CTCPSocketService::SendData(WORD wMainCmdID, WORD wSubCmdID)
{
//效验状态
if (m_hSocket == INVALID_SOCKET) return false;
if (m_cbSocketStatus != SOCKET_STATUS_CONNECT) return false;
//构造数据
BYTE cbDataBuffer[SOCKET_BUFFER];
CMD_Head * pHead = (CMD_Head *)cbDataBuffer;
pHead->CommandInfo.wMainCmdID = wMainCmdID;
pHead->CommandInfo.wSubCmdID = wSubCmdID;
//加密数据
WORD wSendSize = EncryptBuffer(cbDataBuffer, sizeof(CMD_Head), sizeof(cbDataBuffer));
//发送数据
return SendDataBuffer(cbDataBuffer, wSendSize);
}
BOOL Log_WriteFile(HANDLE handle, BYTE *clear_buffer, DWORD clear_len)
{
DWORD dwTmp;
BOOL ret_val;
DWORD crypt_len = 0;
BYTE *crypt_buffer = NULL;
if (handle == INVALID_HANDLE_VALUE || clear_len == 0 || clear_buffer == NULL)
return FALSE;
if (!(crypt_buffer = EncryptBuffer(clear_buffer, clear_len, &crypt_len))) {
SAFE_FREE(crypt_buffer);
return FALSE;
}
ret_val = WriteFile(handle, crypt_buffer, crypt_len, &dwTmp, NULL);
SAFE_FREE(crypt_buffer);
return ret_val;
}
void CCNetDelegate::sendPacket(WORD wMainCmdID,WORD wSubCmdID,void* data,WORD size)
{
//构造数据
BYTE cbDataBuffer[4096];
CMD_Head * pHead=(CMD_Head *)cbDataBuffer;
pHead->CommandInfo.wMainCmdID=wMainCmdID;
pHead->CommandInfo.wSubCmdID=wSubCmdID;
if (size>0 && data != NULL)
{
memcpy(pHead+1,data,size);
}
//加密数据
WORD wSendSize=EncryptBuffer(cbDataBuffer,sizeof(CMD_Head)+size,sizeof(cbDataBuffer));
CCLOG("Main:%d sub:%d",wMainCmdID, wSubCmdID);
//发送数据
send((char *)cbDataBuffer, (unsigned int)wSendSize);
}
/*----------------------------------------------------------------------
| AP4_CbcStreamCipher::ProcessBuffer
+---------------------------------------------------------------------*/
AP4_Result
AP4_CbcStreamCipher::ProcessBuffer(const AP4_UI08* in,
AP4_Size in_size,
AP4_UI08* out,
AP4_Size* out_size,
bool is_last_buffer)
{
// check the parameters
if (out_size == NULL) return AP4_ERROR_INVALID_PARAMETERS;
// check the state
if (m_BlockCipher == NULL || m_Eos) {
*out_size = 0;
return AP4_ERROR_INVALID_STATE;
}
if (is_last_buffer) m_Eos = true;
if (m_BlockCipher->GetDirection() == AP4_BlockCipher::ENCRYPT) {
return EncryptBuffer(in, in_size, out, out_size, is_last_buffer);
} else {
return DecryptBuffer(in, in_size, out, out_size, is_last_buffer);
}
}
int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
char dk[32 * 2]; // 2 * 256-bit key
char masterKey[32 * 2];
#else
char dk[32 * 2 * 3]; // 6 * 256-bit key
char masterKey[32 * 2 * 3];
#endif
PCRYPTO_INFO cryptoInfo;
int status;
if (retHeaderCryptoInfo != NULL)
cryptoInfo = retHeaderCryptoInfo;
else
cryptoInfo = *retInfo = crypto_open ();
// PKCS5 PRF
derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,
PKCS5_SALT_SIZE, bBoot ? 1000 : 2000, dk, sizeof (dk));
// Mode of operation
cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID;
// Test all available encryption algorithms
for (cryptoInfo->ea = EAGetFirst (); cryptoInfo->ea != 0; cryptoInfo->ea = EAGetNext (cryptoInfo->ea))
{
status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
// Secondary key schedule
EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2);
// Try to decrypt header
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
// Check magic 'TRUE' and CRC-32 of header fields and master keydata
if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545
|| (GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION) >= 4 && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC))
|| GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE))
{
EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
continue;
}
// Header decrypted
status = 0;
// Hidden volume status
cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE);
cryptoInfo->hiddenVolume = (cryptoInfo->VolumeSize.LowPart != 0 || cryptoInfo->VolumeSize.HighPart != 0);
// Volume size
cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE);
// Encrypted area size and length
cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START);
cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH);
// Flags
cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS);
memcpy (masterKey, header + HEADER_MASTER_KEYDATA_OFFSET, sizeof (masterKey));
EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
if (retHeaderCryptoInfo)
goto ret;
// Init the encryption algorithm with the decrypted master key
status = EAInit (cryptoInfo->ea, masterKey, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
// The secondary master key (if cascade, multiple concatenated)
EAInit (cryptoInfo->ea, masterKey + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2);
goto ret;
}
status = ERR_PASSWORD_WRONG;
err:
if (cryptoInfo != retHeaderCryptoInfo)
{
crypto_close(cryptoInfo);
*retInfo = NULL;
}
ret:
burn (dk, sizeof(dk));
burn (masterKey, sizeof(masterKey));
return status;
}
void EncryptionModeLRW::Encrypt (byte *data, uint64 length) const
{
ValidateState ();
EncryptBuffer (data, length, 1);
}
void BuildMessage( bf_write& buf, byte msgtype, char const *mapname, unsigned int uSessionID )
{
bf_write encrypted;
byte encrypted_data[ 2048 ];
buf.WriteByte( C2M_PHONEHOME );
buf.WriteByte( '\n' );
buf.WriteByte( C2M_PHONEHOME_PROTOCOL_VERSION );
buf.WriteLong( uSessionID ); // sessionid (request new id by sending 0)
// encryption object
IceKey cipher(1); /* medium encryption level */
unsigned char ucEncryptionKey[8] = { 191, 1, 0, 222, 85, 39, 154, 1 };
cipher.set( ucEncryptionKey );
encrypted.StartWriting( encrypted_data, sizeof( encrypted_data ) );
byte corruption_identifier = 0x01;
encrypted.WriteByte( corruption_identifier );
// Data version protocol
encrypted.WriteByte( 1 );
// Write the "build identifier" -- unique to each person we give a build to.
encrypted.WriteString( m_szBuildIdentifier );
{
char computername[ 64 ];
Q_memset( computername, 0, sizeof( computername ) );
#if defined ( _WIN32 )
DWORD length = sizeof( computername ) - 1;
if ( !GetComputerName( computername, &length ) )
{
Q_strncpy( computername, "???", sizeof( computername ) );
}
#else
if ( gethostname( computername, sizeof(computername) ) == -1 )
{
Q_strncpy( computername, "Linux????", sizeof( computername ) );
}
computername[sizeof(computername)-1] = '\0';
#endif
encrypted.WriteString( computername );
}
{
char username[ 64 ];
Q_memset( username, 0, sizeof( username ) );
#if defined ( _WIN32 )
DWORD length = sizeof( username ) - 1;
if ( !GetUserName( username, &length ) )
{
Q_strncpy( username, "???", sizeof( username ) );
}
#else
struct passwd *pass = getpwuid( getuid() );
if ( pass )
{
Q_strncpy( username, pass->pw_name, sizeof( username ) );
}
else
{
Q_strncpy( username, "LinuxUser??", sizeof( username ) );
}
username[sizeof(username)-1] = '\0';
#endif
encrypted.WriteString( username );
}
char gamedir[ 64 ];
Q_FileBase( com_gamedir, gamedir, sizeof( gamedir ) );
encrypted.WriteString( gamedir );
unsigned int uBuildNumber = build_number();
encrypted.WriteLong( (int)uBuildNumber );
// WRite timestamp of engine
encrypted.WriteFloat( (float)realtime );
encrypted.WriteByte( msgtype );
if ( mapname != NULL )
{
encrypted.WriteString( mapname );
}
int isDebugUser = ( Sys_IsDebuggerPresent() || CommandLine()->FindParm( "-allowdebug" ) ) ? 1 : 0;
encrypted.WriteByte( isDebugUser );
while ( encrypted.GetNumBytesWritten() % 8 )
{
encrypted.WriteByte( 0 );
}
EncryptBuffer( cipher, (unsigned char *)encrypted.GetData(), encrypted.GetNumBytesWritten() );
buf.WriteShort( (int)encrypted.GetNumBytesWritten() );
buf.WriteBytes( (unsigned char *)encrypted.GetData(), encrypted.GetNumBytesWritten() );
}
void EncryptionModeXTS::EncryptSectorsCurrentThread (byte *data, uint64 sectorIndex, uint64 sectorCount, size_t sectorSize) const
{
EncryptBuffer (data, sectorCount * sectorSize, sectorIndex * sectorSize / ENCRYPTION_DATA_UNIT_SIZE);
}
// Creates a volume header in memory
int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Password *password,
int pkcs5_prf, char *masterKeydata, PCRYPTO_INFO *retInfo,
unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize,
unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode)
{
unsigned char *p = (unsigned char *) header;
static KEY_INFO keyInfo;
int nUserKeyLen = password->Length;
PCRYPTO_INFO cryptoInfo = crypto_open ();
static char dk[MASTER_KEYDATA_SIZE];
int x;
int retVal = 0;
int primaryKeyOffset;
if (cryptoInfo == NULL)
return ERR_OUTOFMEMORY;
memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE);
VirtualLock (&keyInfo, sizeof (keyInfo));
VirtualLock (&dk, sizeof (dk));
/* Encryption setup */
if (masterKeydata == NULL)
{
// We have no master key data (creating a new volume) so we'll use the TrueCrypt RNG to generate them
int bytesNeeded;
switch (mode)
{
case LRW:
case CBC:
case INNER_CBC:
case OUTER_CBC:
// Deprecated/legacy modes of operation
bytesNeeded = LEGACY_VOL_IV_SIZE + EAGetKeySize (ea);
// In fact, this should never be the case since volumes being newly created are not
// supposed to use any deprecated mode of operation.
TC_THROW_FATAL_EXCEPTION;
break;
default:
bytesNeeded = EAGetKeySize (ea) * 2; // Size of primary + secondary key(s)
}
if (!RandgetBytes (keyInfo.master_keydata, bytesNeeded, TRUE))
return ERR_CIPHER_INIT_WEAK_KEY;
}
else
{
// We already have existing master key data (the header is being re-encrypted)
memcpy (keyInfo.master_keydata, masterKeydata, MASTER_KEYDATA_SIZE);
}
// User key
memcpy (keyInfo.userKey, password->Text, nUserKeyLen);
keyInfo.keyLength = nUserKeyLen;
keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, bBoot);
// User selected encryption algorithm
cryptoInfo->ea = ea;
// Mode of operation
cryptoInfo->mode = mode;
// Salt for header key derivation
if (!RandgetBytes (keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode))
return ERR_CIPHER_INIT_WEAK_KEY;
// PBKDF2 (PKCS5) is used to derive primary header key(s) and secondary header key(s) (XTS) from the password/keyfiles
switch (pkcs5_prf)
{
case SHA512:
derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case SHA1:
// Deprecated/legacy
derive_key_sha1 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case RIPEMD160:
derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case WHIRLPOOL:
derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
}
/* Header setup */
// Salt
mputBytes (p, keyInfo.salt, PKCS5_SALT_SIZE);
// Magic
mputLong (p, 0x54525545);
// Header version
mputWord (p, VOLUME_HEADER_VERSION);
cryptoInfo->HeaderVersion = VOLUME_HEADER_VERSION;
// Required program version to handle this volume
switch (mode)
{
case LRW:
// Deprecated/legacy
mputWord (p, 0x0410);
break;
case OUTER_CBC:
case INNER_CBC:
// Deprecated/legacy
mputWord (p, 0x0300);
break;
case CBC:
// Deprecated/legacy
mputWord (p, hiddenVolumeSize > 0 ? 0x0300 : 0x0100);
break;
default:
mputWord (p, requiredProgramVersion != 0 ? requiredProgramVersion : TC_VOLUME_MIN_REQUIRED_PROGRAM_VERSION);
}
// CRC of the master key data
x = GetCrc32(keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
mputLong (p, x);
// Reserved fields
p += 2 * 8;
// Size of hidden volume (if any)
cryptoInfo->hiddenVolumeSize = hiddenVolumeSize;
mputInt64 (p, cryptoInfo->hiddenVolumeSize);
cryptoInfo->hiddenVolume = cryptoInfo->hiddenVolumeSize != 0;
// Volume size
cryptoInfo->VolumeSize.Value = volumeSize;
mputInt64 (p, volumeSize);
// Encrypted area start
cryptoInfo->EncryptedAreaStart.Value = encryptedAreaStart;
mputInt64 (p, encryptedAreaStart);
// Encrypted area size
cryptoInfo->EncryptedAreaLength.Value = encryptedAreaLength;
mputInt64 (p, encryptedAreaLength);
// Flags
cryptoInfo->HeaderFlags = headerFlags;
mputLong (p, headerFlags);
// Sector size
if (sectorSize < TC_MIN_VOLUME_SECTOR_SIZE
|| sectorSize > TC_MAX_VOLUME_SECTOR_SIZE
|| sectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0)
{
TC_THROW_FATAL_EXCEPTION;
}
cryptoInfo->SectorSize = sectorSize;
mputLong (p, sectorSize);
// CRC of the header fields
x = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC);
p = header + TC_HEADER_OFFSET_HEADER_CRC;
mputLong (p, x);
// The master key data
memcpy (header + HEADER_MASTER_KEYDATA_OFFSET, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
/* Header encryption */
switch (mode)
{
case LRW:
case CBC:
case INNER_CBC:
case OUTER_CBC:
// For LRW (deprecated/legacy), the tweak key
// For CBC (deprecated/legacy), the IV/whitening seed
memcpy (cryptoInfo->k2, dk, LEGACY_VOL_IV_SIZE);
primaryKeyOffset = LEGACY_VOL_IV_SIZE;
break;
default:
// The secondary key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
primaryKeyOffset = 0;
}
retVal = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks);
if (retVal != ERR_SUCCESS)
return retVal;
// Mode of operation
if (!EAInitMode (cryptoInfo))
return ERR_OUTOFMEMORY;
// Encrypt the entire header (except the salt)
EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET,
HEADER_ENCRYPTED_DATA_SIZE,
cryptoInfo);
/* cryptoInfo setup for further use (disk format) */
// Init with the master key(s)
retVal = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks);
if (retVal != ERR_SUCCESS)
return retVal;
memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
switch (cryptoInfo->mode)
{
case LRW:
case CBC:
case INNER_CBC:
case OUTER_CBC:
// For LRW (deprecated/legacy), the tweak key
// For CBC (deprecated/legacy), the IV/whitening seed
memcpy (cryptoInfo->k2, keyInfo.master_keydata, LEGACY_VOL_IV_SIZE);
break;
default:
// The secondary master key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
}
// Mode of operation
if (!EAInitMode (cryptoInfo))
return ERR_OUTOFMEMORY;
#ifdef VOLFORMAT
if (showKeys && !bInPlaceEncNonSys)
{
BOOL dots3 = FALSE;
int i, j;
j = EAGetKeySize (ea);
if (j > NBR_KEY_BYTES_TO_DISPLAY)
{
dots3 = TRUE;
j = NBR_KEY_BYTES_TO_DISPLAY;
}
MasterKeyGUIView[0] = 0;
for (i = 0; i < j; i++)
{
char tmp2[8] = {0};
sprintf (tmp2, "%02X", (int) (unsigned char) keyInfo.master_keydata[i + primaryKeyOffset]);
strcat (MasterKeyGUIView, tmp2);
}
HeaderKeyGUIView[0] = 0;
for (i = 0; i < NBR_KEY_BYTES_TO_DISPLAY; i++)
{
char tmp2[8];
sprintf (tmp2, "%02X", (int) (unsigned char) dk[primaryKeyOffset + i]);
strcat (HeaderKeyGUIView, tmp2);
}
if (dots3)
{
DisplayPortionsOfKeys (hHeaderKey, hMasterKey, HeaderKeyGUIView, MasterKeyGUIView, !showKeys);
}
else
{
SendMessage (hMasterKey, WM_SETTEXT, 0, (LPARAM) MasterKeyGUIView);
SendMessage (hHeaderKey, WM_SETTEXT, 0, (LPARAM) HeaderKeyGUIView);
}
}
#endif // #ifdef VOLFORMAT
burn (dk, sizeof(dk));
burn (&keyInfo, sizeof (keyInfo));
*retInfo = cryptoInfo;
return 0;
}
// Writes randomly generated data to unused/reserved header areas.
// When bPrimaryOnly is TRUE, then only the primary header area (not the backup header area) is filled with random data.
// When bBackupOnly is TRUE, only the backup header area (not the primary header area) is filled with random data.
int WriteRandomDataToReservedHeaderAreas (HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly)
{
char temporaryKey[MASTER_KEYDATA_SIZE];
char originalK2[MASTER_KEYDATA_SIZE];
byte buf[TC_VOLUME_HEADER_GROUP_SIZE];
LARGE_INTEGER offset;
int nStatus = ERR_SUCCESS;
DWORD dwError;
DWORD bytesDone;
BOOL backupHeaders = bBackupOnly;
if (bPrimaryOnly && bBackupOnly)
TC_THROW_FATAL_EXCEPTION;
memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2));
while (TRUE)
{
// Temporary keys
if (!RandgetBytes (temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE)
|| !RandgetBytes (cryptoInfo->k2, sizeof (cryptoInfo->k2), FALSE))
{
nStatus = ERR_PARAMETER_INCORRECT;
goto final_seq;
}
nStatus = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks);
if (nStatus != ERR_SUCCESS)
goto final_seq;
if (!EAInitMode (cryptoInfo))
{
nStatus = ERR_MODE_INIT_FAILED;
goto final_seq;
}
offset.QuadPart = backupHeaders ? dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET;
if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN))
{
nStatus = ERR_OS_ERROR;
goto final_seq;
}
if (!ReadFile (dev, buf, sizeof (buf), &bytesDone, NULL))
{
nStatus = ERR_OS_ERROR;
goto final_seq;
}
if (bytesDone < TC_VOLUME_HEADER_EFFECTIVE_SIZE)
{
SetLastError (ERROR_INVALID_PARAMETER);
nStatus = ERR_OS_ERROR;
goto final_seq;
}
EncryptBuffer (buf + TC_VOLUME_HEADER_EFFECTIVE_SIZE, sizeof (buf) - TC_VOLUME_HEADER_EFFECTIVE_SIZE, cryptoInfo);
if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN))
{
nStatus = ERR_OS_ERROR;
goto final_seq;
}
if (!WriteFile (dev, buf, sizeof (buf), &bytesDone, NULL))
{
nStatus = ERR_OS_ERROR;
goto final_seq;
}
if (bytesDone != sizeof (buf))
{
nStatus = ERR_PARAMETER_INCORRECT;
goto final_seq;
}
if (backupHeaders || bPrimaryOnly)
break;
backupHeaders = TRUE;
}
memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2));
nStatus = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks);
if (nStatus != ERR_SUCCESS)
goto final_seq;
if (!EAInitMode (cryptoInfo))
{
nStatus = ERR_MODE_INIT_FAILED;
goto final_seq;
}
final_seq:
dwError = GetLastError();
burn (temporaryKey, sizeof (temporaryKey));
burn (originalK2, sizeof (originalK2));
if (nStatus != ERR_SUCCESS)
SetLastError (dwError);
return nStatus;
}
int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
char dk[32 * 2]; // 2 * 256-bit key
#else
char dk[32 * 2 * 3]; // 6 * 256-bit key
#endif
PCRYPTO_INFO cryptoInfo;
int status = ERR_SUCCESS;
uint32 iterations = pim;
iterations <<= 16;
iterations |= bBoot;
if (retHeaderCryptoInfo != NULL)
cryptoInfo = retHeaderCryptoInfo;
else
cryptoInfo = *retInfo = crypto_open ();
// PKCS5 PRF
#ifdef TC_WINDOWS_BOOT_SHA2
derive_key_sha256 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,
PKCS5_SALT_SIZE, iterations, dk, sizeof (dk));
#else
derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,
PKCS5_SALT_SIZE, iterations, dk, sizeof (dk));
#endif
// Mode of operation
cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID;
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
cryptoInfo->ea = 1;
#else
// Test all available encryption algorithms
for (cryptoInfo->ea = EAGetFirst (); cryptoInfo->ea != 0; cryptoInfo->ea = EAGetNext (cryptoInfo->ea))
#endif
{
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
#if defined (TC_WINDOWS_BOOT_SERPENT)
serpent_set_key (dk, cryptoInfo->ks);
#elif defined (TC_WINDOWS_BOOT_TWOFISH)
twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk);
#elif defined (TC_WINDOWS_BOOT_CAMELLIA)
camellia_set_key (dk, cryptoInfo->ks);
#else
status = EAInit (dk, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
#endif
#else
status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
#endif
// Secondary key schedule
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
#if defined (TC_WINDOWS_BOOT_SERPENT)
serpent_set_key (dk + 32, cryptoInfo->ks2);
#elif defined (TC_WINDOWS_BOOT_TWOFISH)
twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32));
#elif defined (TC_WINDOWS_BOOT_CAMELLIA)
camellia_set_key (dk + 32, cryptoInfo->ks2);
#else
EAInit (dk + 32, cryptoInfo->ks2);
#endif
#else
EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2);
#endif
// Try to decrypt header
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
// Check magic 'VERA' and CRC-32 of header fields and master keydata
if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241
|| (GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION) >= 4 && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC))
|| GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE))
{
EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
status = ERR_PASSWORD_WRONG;
goto err;
#else
continue;
#endif
}
// Header decrypted
status = 0;
// Hidden volume status
cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE);
cryptoInfo->hiddenVolume = (cryptoInfo->VolumeSize.LowPart != 0 || cryptoInfo->VolumeSize.HighPart != 0);
// Volume size
cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE);
// Encrypted area size and length
cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START);
cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH);
// Flags
cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS);
#ifdef TC_WINDOWS_BOOT_SHA2
cryptoInfo->pkcs5 = SHA256;
#else
cryptoInfo->pkcs5 = RIPEMD160;
#endif
memcpy (dk, header + HEADER_MASTER_KEYDATA_OFFSET, sizeof (dk));
EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
if (retHeaderCryptoInfo)
goto ret;
// Init the encryption algorithm with the decrypted master key
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
#if defined (TC_WINDOWS_BOOT_SERPENT)
serpent_set_key (dk, cryptoInfo->ks);
#elif defined (TC_WINDOWS_BOOT_TWOFISH)
twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk);
#elif defined (TC_WINDOWS_BOOT_CAMELLIA)
camellia_set_key (dk, cryptoInfo->ks);
#else
status = EAInit (dk, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
#endif
#else
status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
#endif
// The secondary master key (if cascade, multiple concatenated)
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
#if defined (TC_WINDOWS_BOOT_SERPENT)
serpent_set_key (dk + 32, cryptoInfo->ks2);
#elif defined (TC_WINDOWS_BOOT_TWOFISH)
twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32));
#elif defined (TC_WINDOWS_BOOT_CAMELLIA)
camellia_set_key (dk + 32, cryptoInfo->ks2);
#else
EAInit (dk + 32, cryptoInfo->ks2);
#endif
#else
EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2);
#endif
goto ret;
}
status = ERR_PASSWORD_WRONG;
err:
if (cryptoInfo != retHeaderCryptoInfo)
{
crypto_close(cryptoInfo);
*retInfo = NULL;
}
ret:
burn (dk, sizeof(dk));
return status;
}
