From ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Fri, 2 Aug 2024 00:20:53 +0200 Subject: Implement detection of volumes with vulnerable XTS master key. If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key. --- src/Main/Forms/ChangePasswordDialog.cpp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/Main/Forms') diff --git a/src/Main/Forms/ChangePasswordDialog.cpp b/src/Main/Forms/ChangePasswordDialog.cpp index 397ee693..39da8e60 100644 --- a/src/Main/Forms/ChangePasswordDialog.cpp +++ b/src/Main/Forms/ChangePasswordDialog.cpp @@ -171,6 +171,7 @@ namespace VeraCrypt RandomNumberGenerator::SetEnrichedByUserStatus (false); Gui->UserEnrichRandomPool (this, NewPasswordPanel->GetPkcs5Kdf() ? NewPasswordPanel->GetPkcs5Kdf()->GetHash() : shared_ptr ()); + bool masterKeyVulnerable = false; { #ifdef TC_UNIX // Temporarily take ownership of a device if the user is not an administrator @@ -193,6 +194,7 @@ namespace VeraCrypt CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(), CurrentPasswordPanel->GetKeyfiles(), newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().EMVSupportEnabled); Gui->ExecuteWaitThreadRoutine (this, &routine); + masterKeyVulnerable = routine.m_masterKeyVulnerable; } switch (DialogMode) @@ -214,6 +216,9 @@ namespace VeraCrypt throw ParameterIncorrect (SRC_POS); } + if (masterKeyVulnerable) + Gui->ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + EndModal (wxID_OK); } catch (UnportablePassword &e) -- cgit v1.2.3