Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 19:08:26 -06:00
Code Activity

Implement detection of volumes with vulnerable XTS master key.

Browse Source 
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
This commit is contained in:
Mounir IDRASSI
2024-08-02 00:20:53 +02:00
parent 6121ca0239
commit ed1263bf8c
24 changed files with 186 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/Main/GraphicUserInterface.cpp
View File

@@ -191,6 +191,7 @@ namespace VeraCrypt
hiddenVolumeMountOptions.Path = volumePath;
VolumeType::Enum volumeType = VolumeType::Normal;
bool masterKeyVulnerable = false;
// Open both types of volumes
while (true)
@@ -273,6 +274,13 @@ namespace VeraCrypt
}
}
// check if volume master key is vulnerable
if (volume->IsMasterKeyVulnerable())
{
masterKeyVulnerable = true;
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
}
if (volumeType == VolumeType::Hidden)
hiddenVolume = volume;
else
@@ -366,6 +374,10 @@ namespace VeraCrypt
}
ShowWarning ("VOL_HEADER_BACKED_UP");
// display again warning that master key is vulnerable
if (masterKeyVulnerable)
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
}
void GraphicUserInterface::BeginInteractiveBusyState (wxWindow *window)
@@ -1440,6 +1452,7 @@ namespace VeraCrypt
/* force the display of the random enriching interface */
RandomNumberGenerator::SetEnrichedByUserStatus (false);
bool masterKeyVulnerable = false;
if (restoreInternalBackup)
{
// Restore header from the internal backup
@@ -1492,6 +1505,8 @@ namespace VeraCrypt
return;
}
masterKeyVulnerable = volume->IsMasterKeyVulnerable();
RandomNumberGenerator::Start();
UserEnrichRandomPool (nullptr);
@@ -1590,6 +1605,7 @@ namespace VeraCrypt
if (decryptRoutine.m_bResult)
{
masterKeyVulnerable = layout->GetHeader()->IsMasterKeyVulnerable();
decryptedLayout = layout;
break;
}
@@ -1645,6 +1661,12 @@ namespace VeraCrypt
}
ShowInfo ("VOL_HEADER_RESTORED");
// display warning if the volume master key is vulnerable
if (masterKeyVulnerable)
{
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
}
}
DevicePath GraphicUserInterface::SelectDevice (wxWindow *parent) const