1 files changed, 17 insertions, 4 deletions
diff --git a/src/Core/VolumeCreator.cpp b/src/Core/VolumeCreator.cpp
index 403e0c67..fefbddde 100644
--- a/src/Core/VolumeCreator.cpp
+++ b/src/Core/VolumeCreator.cpp
@@ -3,16 +3,19 @@
  Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
  by the TrueCrypt License 3.0.
 
  Modifications and additions to the original source code (contained in this file)
- and all other portions of this file are Copyright (c) 2013-2016 IDRIX
+ and all other portions of this file are Copyright (c) 2013-2017 IDRIX
  and are governed by the Apache License 2.0 the full text of which is
  contained in the file License.txt included in VeraCrypt binary and source
  code distribution packages.
 */
 
 #include "Volume/EncryptionTest.h"
 #include "Volume/EncryptionModeXTS.h"
+#ifdef WOLFCRYPT_BACKEND
+#include "Volume/EncryptionModeWolfCryptXTS.h"
+#endif
 #include "Core.h"
 
 #ifdef TC_UNIX
 #include <sys/types.h>
@@ -297,8 +300,13 @@ namespace VeraCrypt
 
 			// Master data key
 			MasterKey.Allocate (options->EA->GetKeySize() * 2);
 			RandomNumberGenerator::GetData (MasterKey);
+			// check that first half of MasterKey is different from its second half. If they are the same, through an exception
+			// cf CCSS,NSA comment at page 3: https://csrc.nist.gov/csrc/media/Projects/crypto-publication-review-project/documents/initial-comments/sp800-38e-initial-public-comments-2021.pdf
+			if (memcmp (MasterKey.Ptr(), MasterKey.Ptr() + MasterKey.Size() / 2, MasterKey.Size() / 2) == 0)
+				throw AssertionFailed (SRC_POS);
+
 			headerOptions.DataKey = MasterKey;
 
 			// PKCS5 salt
 			SecureBuffer salt (VolumeHeader::GetSaltSize());
@@ -306,9 +314,9 @@ namespace VeraCrypt
 			headerOptions.Salt = salt;
 
 			// Header key
 			HeaderKey.Allocate (VolumeHeader::GetLargestSerializedKeySize());
-			PasswordKey = Keyfile::ApplyListToPassword (options->Keyfiles, options->Password);
+			PasswordKey = Keyfile::ApplyListToPassword (options->Keyfiles, options->Password, options->EMVSupportEnabled);
 			options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, options->Pim, salt);
 			headerOptions.HeaderKey = HeaderKey;
 
 			header->Create (headerBuffer, headerOptions);
@@ -354,10 +362,15 @@ namespace VeraCrypt
 			}
 
 			// Data area keys
 			options->EA->SetKey (MasterKey.GetRange (0, options->EA->GetKeySize()));
-			shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
-			mode->SetKey (MasterKey.GetRange (options->EA->GetKeySize(), options->EA->GetKeySize()));
+                    #ifdef WOLFCRYPT_BACKEND
+                        shared_ptr <EncryptionMode> mode (new EncryptionModeWolfCryptXTS ());
+                        options->EA->SetKeyXTS (MasterKey.GetRange (options->EA->GetKeySize(), options->EA->GetKeySize()));
+                    #else
+                        shared_ptr <EncryptionMode> mode (new EncryptionModeXTS ());
+                    #endif
+                        mode->SetKey (MasterKey.GetRange (options->EA->GetKeySize(), options->EA->GetKeySize()));
 			options->EA->SetMode (mode);
 
 			Options = options;
 			AbortRequested = false;