Implement detection of volumes with vulnerable XTS master key.

If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
author: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2024-08-02 00:20:53 +0200
committer: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2024-08-02 00:20:53 +0200
commit: ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c (patch)
tree: 14dfb134969574b7f0d869c455981418c652780e /src/Common/Volumes.c
parent: 6121ca02397e75fe51b2c76111ef836556fedb49 (diff)
download: VeraCrypt-ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c.tar.gz
VeraCrypt-ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index df1cd1e3..7ee519f6 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -597,6 +597,14 @@ KeyReady:	;
 					goto err;
 				}
 
+				// check that first half of keyInfo.master_keydata is different from the second half. If they are the same return error
+				if (memcmp (keyInfo->master_keydata, keyInfo->master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)) == 0)
+				{
+					cryptoInfo->bVulnerableMasterKey = TRUE;
+					if (retHeaderCryptoInfo)
+						retHeaderCryptoInfo->bVulnerableMasterKey = TRUE;
+				}
+
 				status = ERR_SUCCESS;
 				goto ret;
 			}
author	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2024-08-02 00:20:53 +0200
committer	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2024-08-02 00:20:53 +0200
commit	ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c (patch)
tree	14dfb134969574b7f0d869c455981418c652780e /src/Common/Volumes.c
parent	6121ca02397e75fe51b2c76111ef836556fedb49 (diff)
download	VeraCrypt-ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c.tar.gz VeraCrypt-ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c.zip