VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Mount/Mount.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-07-29 00:09:14 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-07-29 00:33:10 +0200
commit6ca598f8418a1ab12ff7353c534d610b4dbac943 (patch)
treec7c58d7fbd700e3ab4fef078a58c83c2430d847d /src/Mount/Mount.c
parent69a8ad5bbaa1be2b3a6548c2b3f930d3aa4379e3 (diff)
downloadVeraCrypt-6ca598f8418a1ab12ff7353c534d610b4dbac943.tar.gz
VeraCrypt-6ca598f8418a1ab12ff7353c534d610b4dbac943.zip
Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct bootloader when changing the system encryption password: this enables to recover if an attack is detected.
Diffstat (limited to 'src/Mount/Mount.c')
-rw-r--r--src/Mount/Mount.c15
1 files changed, 11 insertions, 4 deletions
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 66941b15..bebb18d7 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -5768,8 +5768,9 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
ExtractCommandLine (hwndDlg, (char *) lParam);
try
{
+ BootEncObj->SetParentWindow (hwndDlg);
BootEncStatus = BootEncObj->GetStatus();
RecentBootEncStatus = BootEncStatus;
}
catch (...)
@@ -5807,15 +5808,21 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
try
{
if (IsHiddenOSRunning())
{
- if (BootEncObj->GetInstalledBootLoaderVersion() > VERSION_NUM)
+ if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
Warning ("UPDATE_TC_IN_HIDDEN_OS_TOO", hwndDlg);
+ if (!BootEncObj->CheckBootloaderFingerprint ())
+ Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg);
}
- else if (SysDriveOrPartitionFullyEncrypted (TRUE)
- && BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
+ else if (SysDriveOrPartitionFullyEncrypted (TRUE))
{
- Warning ("BOOT_LOADER_VERSION_DIFFERENT_FROM_DRIVER_VERSION", hwndDlg);
+ if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
+ {
+ Warning ("BOOT_LOADER_VERSION_DIFFERENT_FROM_DRIVER_VERSION", hwndDlg);
+ }
+ if (!BootEncObj->CheckBootloaderFingerprint ())
+ Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg);
}
}
catch (...) { }