public void testClone()
{
var mac = testMac.Clone();
var pc = testPC.Clone();
Assert.AreEqual(mac.ToString(), testMac.ToString());
Assert.AreEqual(pc.ToString(), testPC.ToString());
}
//public const int FILE_FLAG_NO_BUFFERING = 0x20000000;
//[DllImport("kernel32", SetLastError = true)]
//static extern IntPtr CreateFile(string FileName, FileAccess DesiredAccess, FileShare ShareMode, IntPtr SecurityAttributes,
// FileMode CreationDisposition, int FlagsAndAttributes, IntPtr hTemplate);
#region Get HASH AND SALT
//public enum version_t : ushort
//{
// V_VISTA = 1,
// V_SEVEN = 2 // Same version used by Windows 8
//};
//public enum state_types : ushort
//{
// DECRYPTED = 1,
// SWITCHING_ENCRYPTION = 2,
// ENCRYPTED = 4,
// SWITCH_ENCRYPTION_PAUSED = 5
//};
//[StructLayout(LayoutKind.Sequential, Pack = 1)]
//public unsafe struct _bitlocker_header
//{
// public fixed byte signature[8]; // = "-FVE-FS-" -- offset 0
// public fixed byte size[2]; // Total size (has to be multiplied by 16 when the version is 2) -- offset 8
// public /*version_t*/ fixed byte version[2]; // = 0x0002 for Windows 7 and 1 for Windows Vista -- offset 0xa
// /* Not sure about the next two fields */
// public /*state_types*/ fixed byte curr_state[2]; // Current encryption state -- offset 0xc
// public /*state_types*/ fixed byte next_state[2]; // Next encryption state -- offset 0xe
// public fixed byte encrypted_volume_size[8]; // Size of the encrypted volume -- offset 0x10
// /*
// * This size describe a virtualized region. This region is only checked when
// * this->curr_state == 2. It begins at the offset described by
// * this->encrypted_volume_size
// */
// public fixed byte unknown_size[4]; // -- offset 0x18
// public fixed byte nb_backup_sectors[4]; // -- offset 0x1c
// public fixed byte offset_bl_header[24]; // -- offset 0x20
// //union {
// // uint64_t boot_sectors_backup; // Address where the boot sectors have been backed up -- offset 0x38
// public fixed byte mftmirror_backup[8]; // This is the address of the MftMirror for Vista -- offset 0x38
// //};
// public _bitlocker_dataset dataset; // See above -- offset 0x40
//}
//[StructLayout(LayoutKind.Sequential, Pack = 1)]
//public unsafe struct _bitlocker_dataset
//{
// public fixed byte size[4]; // -- offset 0
// public fixed byte unknown1[4]; // = 0x0001 FIXME -- offset 4
// public fixed byte header_size[4]; // = 0x0030 -- offset 8
// public fixed byte copy_size[4]; // = dataset_size -- offset 0xc
// public fixed byte guid[16]; // dataset GUID -- offset 0x10
// public fixed byte next_counter[4]; // -- offset 0x20
// public fixed byte algorithm[2]; // -- offset 0x24
// public fixed byte trash[2]; // -- offset 0x26
// public fixed byte timestamp[8]; // -- offset 0x28
//} ;
//[StructLayout(LayoutKind.Sequential, Pack = 1)]
//public unsafe struct _volume_header
//{
// /* 512 bytes long */
// public fixed byte jump[3]; // -- offset 0
// public fixed byte signature[8]; // = "-FVE-FS-" (without 0 at the string's end) -- offset 3
// // = "NTFS " (idem) for NTFS volumes (ORLY?)
// public fixed byte sector_size[2]; // = 0x0200 = 512 bytes -- offset 0xb
// public byte sectors_per_cluster; // -- offset 0xd
// public fixed byte reserved_clusters[2]; // -- offset 0xe
// public byte fat_count; // -- offset 0x10
// public fixed byte root_entries[2]; // -- offset 0x11
// public fixed byte nb_sectors_16b[2]; // -- offset 0x13
// public byte media_descriptor; // -- offset 0x15
// public fixed byte sectors_per_fat[2]; // -- offset 0x16
// public fixed byte sectors_per_track[2]; // -- offset 0x18
// public fixed byte nb_of_heads[2]; // -- offset 0x1a
// public fixed byte hidden_sectors[4]; // -- offset 0x1c
// public fixed byte nb_sectors_32b[4]; // -- offset 0x20
// public fixed byte unknown2[4]; // For NTFS, always 0x00800080 (little endian) -- offset 0x24
// public fixed byte nb_sectors_64b[8]; // -- offset 0x28
// public fixed byte mft_start_cluster[8]; // -- offset 0x30
// //union { // Metadata LCN or MFT Mirror -- offset 0x38
// // uint64_t metadata_lcn; // depending on whether we're talking about a Vista volume
// public fixed byte mft_mirror[8]; // or an NTFS one
// //};
// public fixed byte unknown3[96]; // FIXME -- offset 0x40
// public fixed byte guid[16]; // -- offset 0xa0
// public fixed byte offset_bl_header[24]; // NOT for Vista -- offset 0xb0
// public fixed byte offset_eow_information[16]; // NOT for Vista nor 7 -- offset 0xc8
// public fixed byte unknown4[294]; // FIXME -- offset 0xd8
// public fixed byte boot_partition_identifier[2]; // = 0xaa55 -- offset 0x1fe
//} ;
#endregion
#region VALIDATE PASSWORD
public bool CheckPassword(string password)
{
//uint8_t *user_password = NULL;
//uint8_t salt[16] = {0,};
//uint8_t *result_key = NULL;
//char good_key[] = {
// '\x39', '\xf5', '\x3f', '\xaf', '\x64', '\x09', '\x97', '\x2b',
// '\xb1', '\x2b', '\x8e', '\xb2', '\x44', '\xcb', '\x04', '\x40',
// '\x63', '\x57', '\x5c', '\xe5', '\xca', '\x3f', '\xce', '\x7f',
// '\xac', '\xc6', '\x8c', '\x66', '\x96', '\x2d', '\x94', '\xb6'
//};
//int ret = FALSE;
byte[] result_key = new byte[32];
//user_password = (uint8_t*) ck_password;
///* From function's documentation, size should be 32 */
//result_key = xmalloc(32 * sizeof(char));
//memset(result_key, 0, 32 * sizeof(char));
///* Tested unit */
//ret = user_key(user_password, salt, result_key);
byte[] utf16_password = Encoding.Unicode.GetBytes(password);
//if (HashHelper.user_key(utf16_password, Salt, result_key))
if (user_key(utf16_password, Salt, result_key))
{
// xprintf(L_DEBUG, "}--------[ Data passed to aes_ccm_encrypt_decrypt ]--------{\n");
//xprintf(L_DEBUG, "-- Nonce:\n");
//hexdump(L_DEBUG, input->nonce, 0xc);
//xprintf(L_DEBUG, "-- Input buffer:\n");
//hexdump(L_DEBUG, aes_input_buffer, input_size);
//xprintf(L_DEBUG, "-- MAC:\n");
//hexdump(L_DEBUG, mac_first, AUTHENTICATOR_LENGTH);
//xprintf(L_DEBUG, "}----------------------------------------------------------{\n");
//aes_ccm_encrypt_decrypt(&ctx, input->nonce, 0xc, aes_input_buffer, input_size, mac_first, AUTHENTICATOR_LENGTH, (unsigned char*) *output);
byte[] mac_first = (byte[])Mac.Clone();
byte[] inputBuffer = (byte[])InputBuffer.Clone();
//Array.Copy(Mac, mac_first, AUTHENTICATOR_LENGTH);
byte[] output = aes_ccm_encrypt_decrypt(Nonce, 0xc, inputBuffer, InputBufferLength, mac_first, AUTHENTICATOR_LENGTH, result_key);
if (output == null)
{
return(false);
}
//xfree(aes_input_buffer);
///*
// * Compute to check decryption
// */
//memset(mac_second, 0, AUTHENTICATOR_LENGTH);
//aes_ccm_compute_unencrypted_tag(&ctx, input->nonce, 0xc, (unsigned char*) *output, *output_size, mac_second);
byte[] mac_second = aes_ccm_compute_unencrypted_tag(Nonce, 0xc, output, output.Length, result_key);
/*
* Check if the MACs correspond, if not,
* we didn't decrypt correctly the input buffer
*/
//xprintf(L_INFO, "Looking if MACs match...\n");
//xprintf(L_DEBUG, "They are just below:\n");
//hexdump(L_DEBUG, mac_first, AUTHENTICATOR_LENGTH);
//hexdump(L_DEBUG, mac_second, AUTHENTICATOR_LENGTH);
//if (memcmp(mac_first, mac_second, AUTHENTICATOR_LENGTH) != 0)
//{
// xprintf(L_ERROR, "The MACs don't match.\n");
// return FALSE;
//}
if (mac_second == null)
{
return(false);
}
for (byte b = 0; b < 16; b++)
{
if (mac_second[b] != mac_first[b])
{
return(false);
}
}
}
///* Check unit outputs */
//ck_assert_int_eq(ret, TRUE);
//if(memcmp(result_key, good_key, 32) != 0)
//{
// xfree(result_key);
// ck_abort_msg("Found result key doesn't match what it should");
//}
//xfree(result_key);
return(true);
}
