kblock.h

BestCrypt开源加密原代码

/*******************************************************************
 *
 *	Copyright (c) 1994-1999 Jetico, Inc., Finland
 *	All rights reserved.
 *
 *	File: kblock.h
 *	Revision:  $Id: kblock.h,v 1.2 2005/05/14 10:39:28 crypt Rel-1.6-5 $
 *	Created:
 *	Description: declaration of DATA_BLOCK structure and 
 *		procedures to work with Data Block that stores 
 *		encryption keys
 *
 *******************************************************************/

#ifndef __KBLOCK
#define __KBLOCK

#include <bc_ioctl.h>

/*******************************************************
 *
 *	Structures that describe format of the Data block 
 *	used in the CreateKeyHandle(). The DataBlock contains
 *	information in encrypted form and is stored inside 
 *	file-container
 *
 *******************************************************/

#define SIGNATURE98 	"LOCOS98"
#define SIGNATURE03 	"LOCOS03"
#define SIGNATURE04 	"LOCOS04"

#define FORMAT_VERSION	0x00000001

#define SHA256_ID			0x53323536
#define SHA1_ID                 	0x53484131

#define KATTRIBUTE_MASK             0xfffffff0

#define KATTRIBUTE_KEY_EMPTY        0x00000001
#define KATTRIBUTE_KEY_FULL         0x00000002
#define KATTRIBUTE_KEY_PARTIAL      0x00000003
#define KATTRIBUTE_ALTERNATIVE_BLOCK 0x00000004



#define STATE_POOL_NOT_INITIALIZED 0x00000001
#define STATE_POOL_INITIALIZED     0x00000002

#define HIDDEN_POSITION_ANY 0xffffffff



typedef struct DB_HEADER
{
    char    signature[8];
    DWORD   formatVersion;
    DWORD   encrAlgorithmId;
    DWORD   hashAlgorithmId;
    DWORD   dataBlockSize;
    DWORD   keyBlockSize;
    DWORD   keyBlockNumber;
    DWORD   state;
} DB_HEADER, *PDB_HEADER;


typedef struct KEY_BLOCK_
{
    BYTE    key[ MAXIMUM_KEY_SIZE_BYTES ];
    BYTE    digest[ MAXIMUM_DIGEST_SIZE_BYTES ];
    DWORD   keyAttribute;
} KEY_BLOCK, *PKEY_BLOCK;

// KEY_BLOCK_ALTERNATIVE structure added for corporate version of BestCrypt.
// 'verifyBytes' field is used to verify if encryption key is valid for the container.
// 'verifyBytes' are generated randomly. Field 'digest' contains digest for 'verifyBytes'.
// Both 'verifyBytes' and 'digest' are encrypted with container's key.
// So when we receive encryption key from BCServer, we can decrypt 'verifyBytes' and 'digest'
// and check if the key is valid.
// NOTE: KEY_BLOCK_ALTERNATIVE must have the same size as KEY_BLOCK structure

typedef  struct KEY_BLOCK_ALTERNATIVE_
{
    BYTE  reserved[ ALTERNATIVE_BLOCK_RESERVED_LENGTH ];
    BYTE  containerID[ CONTAINER_ID_LENGTH ];
    BYTE  verifyBytes[ VERIFY_BYTES_LENGTH ];
    BYTE  digest[ MAXIMUM_DIGEST_SIZE_BYTES ];
    DWORD keyAttribute;
} KEY_BLOCK_ALTERNATIVE, *PKEY_BLOCK_ALTERNATIVE;


typedef struct DATA_BLOCK_
{
    DB_HEADER   header;
    KEY_BLOCK   keys[ MAXIMUM_NUMBER_OF_KEYS ];
    UCHAR       pool[ POOL_SIZE_BYTES ];
    BYTE        digest[ MAXIMUM_DIGEST_SIZE_BYTES ];
} DATA_BLOCK, *PDATA_BLOCK;


extern BOOL DataBlockAllocate(
                             DATA_BLOCK **DataBlock,
                             DWORD      *DataSize,
                             DWORD      AlgId
                             );

extern BOOL DataBlockFree( DATA_BLOCK **DataBlock );

extern DWORD DataBlockCheck(
                           DATA_BLOCK *DataBlock,
                           DWORD      DataSize,
                           DWORD      AlgId
                           );

extern DWORD DataBlockWriteKey(
                              DATA_BLOCK *DataBlock,
                              ALG_SERV   Alg,
                              DWORD      AlgKeyLength,
                              char *    Password,
                              BYTE       *Key,
                              DWORD      KeyAttribute,
                              BYTE       *PoolBuffer
                              );

extern DWORD DataBlockVerifyPasswordAndGetKey(
                                             DATA_BLOCK *DataBlock,
                                             ALG_SERV Alg,
                                             DWORD      AlgKeyLength,
                                             char *    password,
                                             BYTE       *key,
                                             BYTE       *PoolBuffer
                                             );

extern DWORD DataBlockChangePassword(
                                    DATA_BLOCK *DataBlock,
                                    ALG_SERV Alg,
                                    DWORD      AlgKeyLength,
                                    char *    password,
                                    char *    newPassword,
                                    BYTE       *PoolBuffer
                                    );

extern DWORD GenerateKey(   BYTE *Key,
                            int   KeyLength,
                            BYTE *Seed,
                            int   SeedLength );


extern DWORD DataBlockWriteKey_Hidden(
                                     DATA_BLOCK *DataBlock,
                                     ALG_SERV   Alg,
                                     DWORD      AlgKeyLength,
                                     char       *Password,
                                     BYTE       *Key,
                                     DWORD      KeyAttribute, // in the current release we don't use the parameter
                                     BYTE       *PoolBuffer,
                                     DWORD      Offset,
                                     DWORD      *BusyMask,
                                     DWORD      KeyBlockPositionMask
                                     );

DWORD DataBlockVerifyPasswordAndGetKey_Hidden(
                                             DATA_BLOCK *DataBlock,
                                             ALG_SERV   Alg,
                                             DWORD      AlgKeyLength,
                                             char       *Password,
                                             BYTE       *Key,
                                             BYTE       *PoolBuffer,
                                             DWORD      *Offset,
                                             DWORD      *BusyMask,
                                             DWORD      *KeyBlockPositionMask
                                             );

DWORD DataBlock_CheckFreeSpaceForNewPassword( DATA_BLOCK *DataBlock );

DWORD DataBlockAddPassword( DATA_BLOCK **DataBlock,
                            DWORD      *DataSize,
                            ALG_SERV   Alg,
                            DWORD      AlgKeyLength,
                            char       *Password,
                            BYTE       *Key,
                            DWORD      KeyAttribute,
                            BYTE       *PoolBuffer
                          );

DWORD DataBlockAddPassword_Hidden(
                                 DATA_BLOCK **DataBlock,
                                 DWORD      *DataSize,
                                 ALG_SERV    Alg,
                                 DWORD      AlgKeyLength,
                                 char       *Password,
                                 BYTE       *Key,
                                 DWORD      KeyAttribute, // in the current release we don't use the parameter
                                 BYTE       *PoolBuffer,
                                 DWORD      Offset,
                                 DWORD      *BusyMask
                                 );

DWORD DataBlockRemoveAdditionalPassword(
                                       DATA_BLOCK *DataBlock,
                                       ALG_SERV   Alg,
                                       DWORD      AlgKeyLength,
                                       char       *Password,
                                       BYTE       *Key,
                                       BYTE       *PoolBuffer
                                       );


#endif /* __KBLOCK */