private byte[] DecryptHeader(byte[] headerBytes, byte[] password)
{
Pbkdf2 pbkdf2;
KeyValuePairList <HMAC, int> hmacs = new KeyValuePairList <HMAC, int>();
hmacs.Add(new HMACSHA512(), 1000);
hmacs.Add(new HMACRIPEMD160(), 2000);
hmacs.Add(new HMACWhirlpool(), 1000);
foreach (KeyValuePair <HMAC, int> entry in hmacs)
{
HMAC hmac = entry.Key;
int iterations = entry.Value;
pbkdf2 = new Pbkdf2(hmac, password, Salt, iterations);
byte[] key = pbkdf2.GetBytes(192);
List <KeyValuePairList <SymmetricAlgorithm, byte[]> > algorithms = GetAlgorithms(key);
foreach (KeyValuePairList <SymmetricAlgorithm, byte[]> algorithmChain in algorithms)
{
byte[] decrypt = (byte[])headerBytes.Clone();
// TrueCrypt 7.1a Source (Common\Crypto.c):
// ----------------------------------------
// When encrypting/decrypting a buffer (typically a volume header) the sequential number
// of the first XTS data unit in the buffer is always 0 and the start of the buffer is
// always assumed to be aligned with the start of the data unit 0.
decrypt = XTSHelper.XTSChainDecrypt(algorithmChain, 0, decrypt, 0, 448);
string signature = ByteReader.ReadAnsiString(decrypt, 0, 4);
ushort formatVersion = BigEndianConverter.ToUInt16(decrypt, 4);
uint checksum256 = BigEndianConverter.ToUInt32(decrypt, 8);
byte[] temp = ByteReader.ReadBytes(decrypt, 192, 256);
uint computedChecksum = Utilities.CRC32.Compute(temp);
if (signature == TrueCryptSignature && checksum256 == computedChecksum)
{
m_isValid = true;
if (formatVersion == SupportedFormatVersion)
{
m_isSupported = true;
}
m_algorithmChain = algorithmChain;
m_hmac = hmac;
return(decrypt);
}
}
}
return(null);
}
public override byte[] ReadSectors(long sectorIndex, int sectorCount)
{
CheckBoundaries(sectorIndex, sectorCount);
long imageSectorIndex = sectorIndex + (long)m_header.MasterKeyScopeOffset / m_volume.BytesPerSector;
byte[] sectors = m_volume.ReadSectors(imageSectorIndex, sectorCount);
Parallel.For(0, sectorCount, delegate(int index){
int offset = index * m_volume.BytesPerSector;
XTSHelper.XTSChainDecrypt(m_header.AlgorithmChain, (ulong)(imageSectorIndex + index), sectors, offset, m_volume.BytesPerSector, sectors, offset);
});
return(sectors);
}
public static bool TestXTS()
{
Rijndael rijndael = Rijndael.Create();
// http://social.msdn.microsoft.com/Forums/vstudio/en-US/aa02f456-db79-4cf0-9cee-4e04c0ac11a8/strange-behaviour-with-transformblock-and-rijndaelmanaged
rijndael.Padding = PaddingMode.None;
rijndael.Mode = CipherMode.ECB;
byte[] result1 = XTSHelper.XTSEncrypt(rijndael, KEY1, KEY2, DataUnitIndex, Plaintext, 0, Plaintext.Length);
byte[] result2 = XTSHelper.XTSDecrypt(rijndael, KEY1, KEY2, DataUnitIndex, Ciphertext, 0, Ciphertext.Length);
return(ByteUtils.AreByteArraysEqual(Ciphertext, result1) && ByteUtils.AreByteArraysEqual(Plaintext, result2));
}
public override void WriteSectors(long sectorIndex, byte[] data)
{
CheckBoundaries(sectorIndex, data.Length / this.BytesPerSector);
int sectorCount = data.Length / m_volume.BytesPerSector;
long imageSectorIndex = sectorIndex + (long)m_header.MasterKeyScopeOffset / m_volume.BytesPerSector;
byte[] encryptedData = new byte[data.Length];
Parallel.For(0, sectorCount, delegate(int index)
{
int offset = index * m_volume.BytesPerSector;
XTSHelper.XTSChainEncrypt(m_header.AlgorithmChain, (ulong)(imageSectorIndex + index), data, offset, m_volume.BytesPerSector, encryptedData, offset);
});
m_volume.WriteSectors(imageSectorIndex, encryptedData);
}
/// <summary>
/// Including the prefixed salt
/// </summary>
public byte[] GetBytes(byte[] password)
{
byte[] headerBytes = GetDecryptedHeaderBytes();
int iterations = m_hmac is HMACRIPEMD160 ? 2000 : 1000;
Pbkdf2 pbkdf2 = new Pbkdf2(m_hmac, password, Salt, iterations);
byte[] headerKey = pbkdf2.GetBytes(192);
AssignKey(m_algorithmChain, headerKey);
byte[] encrypted = XTSHelper.XTSChainEncrypt(m_algorithmChain, 0, headerBytes, 0, headerBytes.Length);
AssignKey(m_algorithmChain, MasterKey);
byte[] buffer = new byte[512];
ByteWriter.WriteBytes(buffer, 0, Salt);
ByteWriter.WriteBytes(buffer, 64, encrypted);
return(buffer);
}
