From 538319051857a8fb8e9e8c4f1048ab53e9c26b40 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 20 Mar 2022 20:53:20 +0100
Subject: Windows: Block upgrade of VeraCrypt is the system is encrypted using
 RIPEMD-160 or GOST89 since they are not supported anymore.

---
 src/Common/BootEncryption.cpp | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'src/Common/BootEncryption.cpp')

diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 9a16db53..079eacc6 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -5832,4 +5832,32 @@ namespace VeraCrypt
 	{
 		return (::RestartComputer(bShutdown) != FALSE);
 	}
+
+	bool BootEncryption::IsUsingUnsupportedAlgorithm(LONG driverVersion)
+	{
+		bool bRet = false;
+
+		try
+		{
+			if (driverVersion <= 0x125)
+			{
+				// version 1.25 is last version to support RIPEMD160 and GOST89
+				static int GOST89_EA = 5;
+				static int RIPEMD160_PRF = 4;
+
+				VOLUME_PROPERTIES_STRUCT props = {0};
+				GetVolumeProperties(&props);
+
+				//
+				if (props.ea == GOST89_EA || props.pkcs5 == RIPEMD160_PRF)
+					bRet = true;
+			}
+		}
+		catch(...)
+		{
+
+		}
+
+		return bRet;
+	}
 }
-- 
cgit v1.2.3