Performs Encryption on input and output.
Salts and IV(s) are created and stored in memory
Random salts and IVs (initilization vectors) are created and stored in memory for encryption a) 32bit Salt (file header encryption) is created and store in memory b) 32bit Salt (data encryption) is created and store in memory c) 32bit IV (header IV) is created and store in memory d) 32bit IV (data IV) is created and store in memoryData Encryption Password Derivitation:
A 'Pre' password is created using the hash algorithms(s) supplied via the command line (default is sha1). If multiple hashing algorithms are defined then they will be cascaded. ex: ./tomb --hash sha1 whirlpool tiger -p test would look like this: digest = hash_with_sha1( pass ); digest = hash_with_whirlpool( digest ); digest = hash_with_tiger( digest ); After all passwords and keyfiles have been hashed, then the master hash is created in a similar way, but using the master hash algorithms(s) supplied via the command line (default is sha512). A master hash is created using hashed password(s) and hashed password file(s) (if any). After all of this the master password is created using PBKDF2 with HMAC and SHA512 (Password Based Key Derivitation Function #2) with 32210 iterations. 1) all hashed password(s) are concated together :> passwords = password_hash1 + password_hash2; 2) all key file hashes are concated to the password hashes that were concated together to make one long string of bytes. :> passwords = key_file_hash1 + key_file_hash2; 3) master password is created using 'passwords' and hash algorithm(s) :> master_hash = hash_with_sha1( passwords ); :> master_hash = hash_with_whirlpool( master_hash ); 4) the master password created using PBKDF2 with HMAC and SHA512 with 32210 iterations with the salt for the data. :> master_password = PBKDF2_HMAC_SHA512( master_hash, with_iteration_32210, SALT_DATA );Encrypted Header Password Derivitation
IN PROGRESS
|