diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index 833a67fd..e6c1b1dd 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -4322,7 +4322,7 @@ namespace VeraCrypt DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); - if (GetHeaderField32 (RescueVolumeHeader, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + if (GetHeaderField32 (RescueVolumeHeader, TC_HEADER_OFFSET_MAGIC) != TC_HEADER_MAGIC_NUMBER) throw ParameterIncorrect (SRC_POS); uint8 *fieldPos = RescueVolumeHeader + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH; diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index 10f03636..e2323d34 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -457,8 +457,8 @@ KeyReady: ; DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); - // Magic 'VERA' - if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + // Magic number + if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != TC_HEADER_MAGIC_NUMBER) continue; // Header version @@ -768,7 +768,7 @@ int ReadVolumeHeader (BOOL bBoot, unsigned char *header, Password *password, int DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); // Check magic 'VERA' and CRC-32 of header fields and master keydata - if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241 + if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != TC_HEADER_MAGIC_NUMBER || (GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION) >= 4 && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC)) || GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE)) { @@ -1040,8 +1040,8 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, unsigned char *header, // Salt mputBytes (p, keyInfo.salt, PKCS5_SALT_SIZE); - // Magic - mputLong (p, 0x56455241); + // Magic number + mputLong (p, TC_HEADER_MAGIC_NUMBER); // Header version mputWord (p, VOLUME_HEADER_VERSION); diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h index 98b2f8d6..7530072f 100644 --- a/src/Common/Volumes.h +++ b/src/Common/Volumes.h @@ -21,6 +21,12 @@ extern "C" { // Volume header version #define VOLUME_HEADER_VERSION 0x0005 +// Volume header magic identifiers +// 32-bit magic number identifying a valid VeraCrypt volume header ("VERA" in ASCII) +#define TC_HEADER_MAGIC_NUMBER 0x56455241 +// 64-bit magic number identifier for boot drive filter extension ("VERABEXT" in ASCII) +#define TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER 0x5645524142455854ULL + // Version number written to volume header during format; // specifies the minimum program version required to mount the volume #define TC_VOLUME_MIN_REQUIRED_PROGRAM_VERSION 0x010b diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index f8f06b37..3f2c6a07 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -730,7 +730,7 @@ static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension) DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); - if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != TC_HEADER_MAGIC_NUMBER) { Dump ("Header not decrypted"); status = STATUS_UNKNOWN_REVISION; diff --git a/src/Driver/DriveFilter.h b/src/Driver/DriveFilter.h index 60ec9a05..83b66c74 100644 --- a/src/Driver/DriveFilter.h +++ b/src/Driver/DriveFilter.h @@ -49,8 +49,6 @@ typedef struct _DriveFilterExtension } DriveFilterExtension; -#define TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER 0x5645524142455854 - extern BOOL BootArgsValid; extern BootArguments BootArgs; extern PKTHREAD EncryptionSetupThread; diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 0c35ccce..5e87db23 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c @@ -1870,7 +1870,7 @@ int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_IN DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); - if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != TC_HEADER_MAGIC_NUMBER) { nStatus = ERR_PARAMETER_INCORRECT; goto closing_seq;