From ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Fri, 2 Aug 2024 00:20:53 +0200
Subject: Implement detection of volumes with vulnerable XTS master key.

If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
---
 src/Volume/Volume.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/Volume/Volume.h')

diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h
index c816da58..4b91e435 100644
--- a/src/Volume/Volume.h
+++ b/src/Volume/Volume.h
@@ -114,6 +114,7 @@ namespace VeraCrypt
 		void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
 		void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
 		bool IsEncryptionNotCompleted () const { return EncryptionNotCompleted; }
+		bool IsMasterKeyVulnerable() const { return Header && Header->IsMasterKeyVulnerable(); }
 
 	protected:
 		void CheckProtectedRange (uint64 writeHostOffset, uint64 writeLength);
-- 
cgit v1.2.3