Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

Implement detection of volumes with vulnerable XTS master key.

Browse Source 
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
This commit is contained in:
Mounir IDRASSI
2024-08-02 00:20:53 +02:00
parent 6121ca0239
commit ed1263bf8c
24 changed files with 186 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Common/Password.c
View File

@@ -371,6 +371,10 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here
// if the XTS master key is vulnerable, return error and do not allow the user to change the password since the master key will not be changed
if (cryptoInfo->bVulnerableMasterKey)
nStatus = ERR_XTS_MASTERKEY_VULNERABLE;
if (nStatus == ERR_PASSWORD_WRONG)
{
continue; // Try next volume type