diff options
Diffstat (limited to 'src/Driver')
| -rw-r--r-- | src/Driver/DriveFilter.c | 9 | ||||
| -rw-r--r-- | src/Driver/Ntvol.c | 4 |
2 files changed, 12 insertions, 1 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index a615797a..6fda3c37 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -522,10 +522,16 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0) { - // Header decrypted + // Header decrypted status = STATUS_SUCCESS; Dump ("Header decrypted\n"); + if (Extension->HeaderCryptoInfo->bVulnerableMasterKey) + { + // The volume header master key is vulnerable + Dump ("The volume header master key is vulnerable\n"); + } + // calculate Fingerprint ComputeBootLoaderFingerprint (Extension->LowerDeviceObject, header); @@ -2017,6 +2023,7 @@ void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp) bootEncStatus->ConfiguredEncryptedAreaStart = Extension->ConfiguredEncryptedAreaStart; bootEncStatus->ConfiguredEncryptedAreaEnd = Extension->ConfiguredEncryptedAreaEnd; bootEncStatus->EncryptedAreaStart = Extension->Queue.EncryptedAreaStart; + bootEncStatus->MasterKeyVulnerable = Extension->HeaderCryptoInfo->bVulnerableMasterKey; if (SetupInProgress) { diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index c26fcebf..68f63f16 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -89,6 +89,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, mount->VolumeMountedReadOnlyAfterDeviceWriteProtected = FALSE; mount->VolumeMountedReadOnlyAfterPartialSysEnc = FALSE; + mount->VolumeMasterKeyVulnerable = FALSE; // If we are opening a device, query its size first if (bRawDevice) @@ -648,6 +649,9 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, Dump ("Volume header decrypted\n"); Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion); Dump ("Legacy volume = %d\n", (int) Extension->cryptoInfo->LegacyVolume); + Dump ("Master key vulnerable = %d\n", (int) Extension->cryptoInfo->bVulnerableMasterKey); + + mount->VolumeMasterKeyVulnerable = Extension->cryptoInfo->bVulnerableMasterKey; if (IsHiddenSystemRunning() && !Extension->cryptoInfo->hiddenVolume) { |