mirror of
https://github.com/veracrypt/VeraCrypt
synced 2024-09-19 20:36:18 +02:00
Implement detection of volumes with vulnerable XTS master key.
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
This commit is contained in:
parent
6121ca0239
commit
ed1263bf8c
@ -177,6 +177,7 @@ typedef struct
|
||||
ULONG MaximumTransferLength;
|
||||
ULONG MaximumPhysicalPages;
|
||||
ULONG AlignmentMask;
|
||||
BOOL VolumeMasterKeyVulnerable;
|
||||
} MOUNT_STRUCT;
|
||||
|
||||
typedef struct
|
||||
@ -316,6 +317,8 @@ typedef struct
|
||||
// is read-only (or mounted an outer/normal TrueCrypt volume as read only)
|
||||
uint32 HiddenSysLeakProtectionCount;
|
||||
|
||||
BOOL MasterKeyVulnerable;
|
||||
|
||||
} BootEncryptionStatus;
|
||||
|
||||
|
||||
|
@ -1462,6 +1462,7 @@ namespace VeraCrypt
|
||||
/* IMPORTANT: Do NOT add any potentially time-consuming operations to this function. */
|
||||
|
||||
BootEncryptionStatus status;
|
||||
memset (&status, 0, sizeof(status));
|
||||
CallDriver (TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS, NULL, 0, &status, sizeof (status));
|
||||
return status;
|
||||
}
|
||||
@ -5401,6 +5402,10 @@ namespace VeraCrypt
|
||||
int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, &cryptoInfo, NULL);
|
||||
finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });
|
||||
|
||||
// if the XTS master key is vulnerable, return error and do not allow the user to change the password since the master key will not be changed
|
||||
if (cryptoInfo->bVulnerableMasterKey)
|
||||
status = ERR_SYSENC_XTS_MASTERKEY_VULNERABLE;
|
||||
|
||||
if (status != 0)
|
||||
{
|
||||
handleError (hwndDlg, status, SRC_POS);
|
||||
|
@ -277,6 +277,8 @@ typedef struct CRYPTO_INFO_t
|
||||
|
||||
uint32 SectorSize;
|
||||
|
||||
BOOL bVulnerableMasterKey; // TRUE if XTS primary key is identical to secondary key (i.e. the volume is vulnerable to attack on XTS mode)
|
||||
|
||||
#endif // !TC_WINDOWS_BOOT
|
||||
|
||||
UINT64_STRUCT VolumeSize;
|
||||
|
@ -5577,6 +5577,14 @@ void handleError (HWND hwndDlg, int code, const char* srcPos)
|
||||
break;
|
||||
#endif
|
||||
|
||||
case ERR_XTS_MASTERKEY_VULNERABLE:
|
||||
MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ERR_XTS_MASTERKEY_VULNERABLE"), srcPos).c_str(), lpszTitle, ICON_HAND);
|
||||
break;
|
||||
|
||||
case ERR_SYSENC_XTS_MASTERKEY_VULNERABLE:
|
||||
MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ERR_SYSENC_XTS_MASTERKEY_VULNERABLE"), srcPos).c_str(), lpszTitle, ICON_HAND);
|
||||
break;
|
||||
|
||||
default:
|
||||
StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("ERR_UNKNOWN"), code);
|
||||
MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, ICON_HAND);
|
||||
@ -8953,6 +8961,12 @@ int MountVolume (HWND hwndDlg,
|
||||
|
||||
LastMountedVolumeDirty = mount.FilesystemDirty;
|
||||
|
||||
if (mount.VolumeMasterKeyVulnerable
|
||||
&& !Silent)
|
||||
{
|
||||
Warning ("ERR_XTS_MASTERKEY_VULNERABLE", hwndDlg);
|
||||
}
|
||||
|
||||
if (mount.FilesystemDirty)
|
||||
{
|
||||
wchar_t msg[1024];
|
||||
|
@ -1638,6 +1638,9 @@
|
||||
<entry lang="en" key="LINUX_LANGUAGE">Language</entry>
|
||||
<entry lang="en" key="LINUX_SELECT_SYS_DEFAULT_LANG">Select system's default language</entry>
|
||||
<entry lang="en" key="LINUX_RESTART_FOR_LANGUAGE_CHANGE">For the language change to come into effect, VeraCrypt needs to be restarted.</entry>
|
||||
<entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry>
|
||||
<entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry>
|
||||
<entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry>
|
||||
</localization>
|
||||
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
|
||||
<xs:element name="VeraCrypt">
|
||||
|
@ -371,6 +371,10 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
|
||||
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
|
||||
nStatus = 0; // We can ignore this error here
|
||||
|
||||
// if the XTS master key is vulnerable, return error and do not allow the user to change the password since the master key will not be changed
|
||||
if (cryptoInfo->bVulnerableMasterKey)
|
||||
nStatus = ERR_XTS_MASTERKEY_VULNERABLE;
|
||||
|
||||
if (nStatus == ERR_PASSWORD_WRONG)
|
||||
{
|
||||
continue; // Try next volume type
|
||||
|
@ -494,7 +494,9 @@ enum
|
||||
ERR_NONSYS_INPLACE_ENC_INCOMPLETE = 32,
|
||||
ERR_USER_ABORT = 33,
|
||||
ERR_RAND_INIT_FAILED = 34,
|
||||
ERR_CAPI_INIT_FAILED = 35
|
||||
ERR_CAPI_INIT_FAILED = 35,
|
||||
ERR_XTS_MASTERKEY_VULNERABLE = 36,
|
||||
ERR_SYSENC_XTS_MASTERKEY_VULNERABLE = 37
|
||||
};
|
||||
|
||||
#endif // #ifndef TCDEFS_H
|
||||
|
@ -597,6 +597,14 @@ KeyReady: ;
|
||||
goto err;
|
||||
}
|
||||
|
||||
// check that first half of keyInfo.master_keydata is different from the second half. If they are the same return error
|
||||
if (memcmp (keyInfo->master_keydata, keyInfo->master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)) == 0)
|
||||
{
|
||||
cryptoInfo->bVulnerableMasterKey = TRUE;
|
||||
if (retHeaderCryptoInfo)
|
||||
retHeaderCryptoInfo->bVulnerableMasterKey = TRUE;
|
||||
}
|
||||
|
||||
status = ERR_SUCCESS;
|
||||
goto ret;
|
||||
}
|
||||
|
@ -82,9 +82,13 @@ namespace VeraCrypt
|
||||
shared_ptr <Pkcs5Kdf> m_newPkcs5Kdf;
|
||||
int m_wipeCount;
|
||||
bool m_emvSupportEnabled;
|
||||
ChangePasswordThreadRoutine(shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount, bool emvSupportEnabled) : m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_pim(pim), m_kdf(kdf), m_keyfiles(keyfiles), m_newPassword(newPassword), m_newPim(newPim), m_newKeyfiles(newKeyfiles), m_newPkcs5Kdf(newPkcs5Kdf), m_wipeCount(wipeCount), m_emvSupportEnabled(emvSupportEnabled) {}
|
||||
bool m_masterKeyVulnerable;
|
||||
ChangePasswordThreadRoutine(shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount, bool emvSupportEnabled) : m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_pim(pim), m_kdf(kdf), m_keyfiles(keyfiles), m_newPassword(newPassword), m_newPim(newPim), m_newKeyfiles(newKeyfiles), m_newPkcs5Kdf(newPkcs5Kdf), m_wipeCount(wipeCount), m_emvSupportEnabled(emvSupportEnabled), m_masterKeyVulnerable(false) {}
|
||||
virtual ~ChangePasswordThreadRoutine() { }
|
||||
virtual void ExecutionCode(void) { Core->ChangePassword(m_volumePath, m_preserveTimestamps, m_password, m_pim, m_kdf, m_keyfiles, m_newPassword, m_newPim, m_newKeyfiles, m_emvSupportEnabled, m_newPkcs5Kdf, m_wipeCount); }
|
||||
virtual void ExecutionCode(void) {
|
||||
shared_ptr <Volume> openVolume = Core->ChangePassword(m_volumePath, m_preserveTimestamps, m_password, m_pim, m_kdf, m_keyfiles, m_newPassword, m_newPim, m_newKeyfiles, m_emvSupportEnabled, m_newPkcs5Kdf, m_wipeCount);
|
||||
m_masterKeyVulnerable = openVolume->IsMasterKeyVulnerable();
|
||||
}
|
||||
};
|
||||
|
||||
class OpenVolumeThreadRoutine : public WaitThreadRoutine
|
||||
|
@ -77,10 +77,11 @@ namespace VeraCrypt
|
||||
}
|
||||
}
|
||||
|
||||
void CoreBase::ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, bool emvSupportEnabled, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const
|
||||
shared_ptr <Volume> CoreBase::ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, bool emvSupportEnabled, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const
|
||||
{
|
||||
shared_ptr <Volume> volume = OpenVolume (volumePath, preserveTimestamps, password, pim, kdf, keyfiles, emvSupportEnabled);
|
||||
ChangePassword (volume, newPassword, newPim, newKeyfiles, emvSupportEnabled, newPkcs5Kdf, wipeCount);
|
||||
return volume;
|
||||
}
|
||||
|
||||
void CoreBase::CoalesceSlotNumberAndMountPoint (MountOptions &options) const
|
||||
|
@ -34,7 +34,7 @@ namespace VeraCrypt
|
||||
virtual ~CoreBase ();
|
||||
|
||||
virtual void ChangePassword (shared_ptr <Volume> openVolume, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, bool emvSupportEnabled, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const;
|
||||
virtual void ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, bool emvSupportEnabled, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const;
|
||||
virtual shared_ptr <Volume> ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, bool emvSupportEnabled, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const;
|
||||
virtual void CheckFilesystem (shared_ptr <VolumeInfo> mountedVolume, bool repair = false) const = 0;
|
||||
virtual void CoalesceSlotNumberAndMountPoint (MountOptions &options) const;
|
||||
virtual void CreateKeyfile (const FilePath &keyfilePath) const;
|
||||
|
@ -522,10 +522,16 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
||||
|
||||
if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
|
||||
{
|
||||
// Header decrypted
|
||||
// Header decrypted
|
||||
status = STATUS_SUCCESS;
|
||||
Dump ("Header decrypted\n");
|
||||
|
||||
if (Extension->HeaderCryptoInfo->bVulnerableMasterKey)
|
||||
{
|
||||
// The volume header master key is vulnerable
|
||||
Dump ("The volume header master key is vulnerable\n");
|
||||
}
|
||||
|
||||
// calculate Fingerprint
|
||||
ComputeBootLoaderFingerprint (Extension->LowerDeviceObject, header);
|
||||
|
||||
@ -2017,6 +2023,7 @@ void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp)
|
||||
bootEncStatus->ConfiguredEncryptedAreaStart = Extension->ConfiguredEncryptedAreaStart;
|
||||
bootEncStatus->ConfiguredEncryptedAreaEnd = Extension->ConfiguredEncryptedAreaEnd;
|
||||
bootEncStatus->EncryptedAreaStart = Extension->Queue.EncryptedAreaStart;
|
||||
bootEncStatus->MasterKeyVulnerable = Extension->HeaderCryptoInfo->bVulnerableMasterKey;
|
||||
|
||||
if (SetupInProgress)
|
||||
{
|
||||
|
@ -89,6 +89,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
|
||||
|
||||
mount->VolumeMountedReadOnlyAfterDeviceWriteProtected = FALSE;
|
||||
mount->VolumeMountedReadOnlyAfterPartialSysEnc = FALSE;
|
||||
mount->VolumeMasterKeyVulnerable = FALSE;
|
||||
|
||||
// If we are opening a device, query its size first
|
||||
if (bRawDevice)
|
||||
@ -648,6 +649,9 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
|
||||
Dump ("Volume header decrypted\n");
|
||||
Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion);
|
||||
Dump ("Legacy volume = %d\n", (int) Extension->cryptoInfo->LegacyVolume);
|
||||
Dump ("Master key vulnerable = %d\n", (int) Extension->cryptoInfo->bVulnerableMasterKey);
|
||||
|
||||
mount->VolumeMasterKeyVulnerable = Extension->cryptoInfo->bVulnerableMasterKey;
|
||||
|
||||
if (IsHiddenSystemRunning() && !Extension->cryptoInfo->hiddenVolume)
|
||||
{
|
||||
|
@ -691,6 +691,12 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
|
||||
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
|
||||
nStatus = 0; // We can ignore this error here
|
||||
|
||||
// if the volume master key is vulnerable, print a warning to inform the user
|
||||
if (cryptoInfo->bVulnerableMasterKey)
|
||||
{
|
||||
DebugAddProgressDlgStatus(hwndDlg, GetString ("ERR_XTS_MASTERKEY_VULNERABLE_SHORT"));
|
||||
}
|
||||
|
||||
if (nStatus != 0)
|
||||
{
|
||||
cryptoInfo = NULL;
|
||||
|
@ -171,6 +171,7 @@ namespace VeraCrypt
|
||||
RandomNumberGenerator::SetEnrichedByUserStatus (false);
|
||||
Gui->UserEnrichRandomPool (this, NewPasswordPanel->GetPkcs5Kdf() ? NewPasswordPanel->GetPkcs5Kdf()->GetHash() : shared_ptr <Hash>());
|
||||
|
||||
bool masterKeyVulnerable = false;
|
||||
{
|
||||
#ifdef TC_UNIX
|
||||
// Temporarily take ownership of a device if the user is not an administrator
|
||||
@ -193,6 +194,7 @@ namespace VeraCrypt
|
||||
CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(), CurrentPasswordPanel->GetKeyfiles(),
|
||||
newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().EMVSupportEnabled);
|
||||
Gui->ExecuteWaitThreadRoutine (this, &routine);
|
||||
masterKeyVulnerable = routine.m_masterKeyVulnerable;
|
||||
}
|
||||
|
||||
switch (DialogMode)
|
||||
@ -214,6 +216,9 @@ namespace VeraCrypt
|
||||
throw ParameterIncorrect (SRC_POS);
|
||||
}
|
||||
|
||||
if (masterKeyVulnerable)
|
||||
Gui->ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
|
||||
EndModal (wxID_OK);
|
||||
}
|
||||
catch (UnportablePassword &e)
|
||||
|
@ -191,6 +191,7 @@ namespace VeraCrypt
|
||||
hiddenVolumeMountOptions.Path = volumePath;
|
||||
|
||||
VolumeType::Enum volumeType = VolumeType::Normal;
|
||||
bool masterKeyVulnerable = false;
|
||||
|
||||
// Open both types of volumes
|
||||
while (true)
|
||||
@ -273,6 +274,13 @@ namespace VeraCrypt
|
||||
}
|
||||
}
|
||||
|
||||
// check if volume master key is vulnerable
|
||||
if (volume->IsMasterKeyVulnerable())
|
||||
{
|
||||
masterKeyVulnerable = true;
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
|
||||
if (volumeType == VolumeType::Hidden)
|
||||
hiddenVolume = volume;
|
||||
else
|
||||
@ -366,6 +374,10 @@ namespace VeraCrypt
|
||||
}
|
||||
|
||||
ShowWarning ("VOL_HEADER_BACKED_UP");
|
||||
|
||||
// display again warning that master key is vulnerable
|
||||
if (masterKeyVulnerable)
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
|
||||
void GraphicUserInterface::BeginInteractiveBusyState (wxWindow *window)
|
||||
@ -1440,6 +1452,7 @@ namespace VeraCrypt
|
||||
/* force the display of the random enriching interface */
|
||||
RandomNumberGenerator::SetEnrichedByUserStatus (false);
|
||||
|
||||
bool masterKeyVulnerable = false;
|
||||
if (restoreInternalBackup)
|
||||
{
|
||||
// Restore header from the internal backup
|
||||
@ -1492,6 +1505,8 @@ namespace VeraCrypt
|
||||
return;
|
||||
}
|
||||
|
||||
masterKeyVulnerable = volume->IsMasterKeyVulnerable();
|
||||
|
||||
RandomNumberGenerator::Start();
|
||||
UserEnrichRandomPool (nullptr);
|
||||
|
||||
@ -1590,6 +1605,7 @@ namespace VeraCrypt
|
||||
|
||||
if (decryptRoutine.m_bResult)
|
||||
{
|
||||
masterKeyVulnerable = layout->GetHeader()->IsMasterKeyVulnerable();
|
||||
decryptedLayout = layout;
|
||||
break;
|
||||
}
|
||||
@ -1645,6 +1661,12 @@ namespace VeraCrypt
|
||||
}
|
||||
|
||||
ShowInfo ("VOL_HEADER_RESTORED");
|
||||
|
||||
// display warning if the volume master key is vulnerable
|
||||
if (masterKeyVulnerable)
|
||||
{
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
}
|
||||
|
||||
DevicePath GraphicUserInterface::SelectDevice (wxWindow *parent) const
|
||||
|
@ -314,6 +314,7 @@ namespace VeraCrypt
|
||||
hiddenVolumeMountOptions.EMVSupportEnabled = true;
|
||||
|
||||
VolumeType::Enum volumeType = VolumeType::Normal;
|
||||
bool masterKeyVulnerable = false;
|
||||
|
||||
// Open both types of volumes
|
||||
while (true)
|
||||
@ -387,6 +388,13 @@ namespace VeraCrypt
|
||||
}
|
||||
}
|
||||
|
||||
// check if volume master key is vulnerable
|
||||
if (volume->IsMasterKeyVulnerable())
|
||||
{
|
||||
masterKeyVulnerable = true;
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
|
||||
if (volumeType == VolumeType::Hidden)
|
||||
hiddenVolume = volume;
|
||||
else
|
||||
@ -454,6 +462,10 @@ namespace VeraCrypt
|
||||
|
||||
ShowString (L"\n");
|
||||
ShowInfo ("VOL_HEADER_BACKED_UP");
|
||||
|
||||
// display again warning that master key is vulnerable
|
||||
if (masterKeyVulnerable)
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
|
||||
void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, int pim, shared_ptr <Hash> currentHash, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const
|
||||
@ -532,6 +544,12 @@ namespace VeraCrypt
|
||||
break;
|
||||
}
|
||||
|
||||
// display warning if volume master key is vulnerable
|
||||
if (volume->IsMasterKeyVulnerable())
|
||||
{
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
|
||||
// New password
|
||||
if (!newPassword.get() && !Preferences.NonInteractive)
|
||||
newPassword = AskPassword (_("Enter new password"), true);
|
||||
@ -1539,6 +1557,7 @@ namespace VeraCrypt
|
||||
/* force the display of the random enriching interface */
|
||||
RandomNumberGenerator::SetEnrichedByUserStatus (false);
|
||||
|
||||
bool masterKeyVulnerable = false;
|
||||
if (restoreInternalBackup)
|
||||
{
|
||||
// Restore header from the internal backup
|
||||
@ -1586,6 +1605,8 @@ namespace VeraCrypt
|
||||
throw_err (LangString ["VOLUME_HAS_NO_BACKUP_HEADER"]);
|
||||
}
|
||||
|
||||
masterKeyVulnerable = volume->IsMasterKeyVulnerable();
|
||||
|
||||
RandomNumberGenerator::Start();
|
||||
UserEnrichRandomPool();
|
||||
|
||||
@ -1673,6 +1694,7 @@ namespace VeraCrypt
|
||||
if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, layout->GetSupportedKeyDerivationFunctions(), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
|
||||
{
|
||||
decryptedLayout = layout;
|
||||
masterKeyVulnerable = layout->GetHeader()->IsMasterKeyVulnerable();
|
||||
break;
|
||||
}
|
||||
}
|
||||
@ -1723,6 +1745,11 @@ namespace VeraCrypt
|
||||
|
||||
ShowString (L"\n");
|
||||
ShowInfo ("VOL_HEADER_RESTORED");
|
||||
// display warning if the volume master key is vulnerable
|
||||
if (masterKeyVulnerable)
|
||||
{
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
}
|
||||
|
||||
void TextUserInterface::SetTerminalEcho (bool enable)
|
||||
|
@ -652,6 +652,7 @@ namespace VeraCrypt
|
||||
|
||||
bool protectedVolumeMounted = false;
|
||||
bool legacyVolumeMounted = false;
|
||||
bool vulnerableVolumeMounted = false;
|
||||
|
||||
foreach_ref (const HostDevice &device, devices)
|
||||
{
|
||||
@ -694,6 +695,10 @@ namespace VeraCrypt
|
||||
|
||||
if (newMountedVolumes.back()->EncryptionAlgorithmMinBlockSize == 8)
|
||||
legacyVolumeMounted = true;
|
||||
|
||||
if (newMountedVolumes.back()->MasterKeyVulnerable)
|
||||
vulnerableVolumeMounted = true;
|
||||
|
||||
}
|
||||
catch (DriverError&) { }
|
||||
catch (MissingVolumeData&) { }
|
||||
@ -708,6 +713,9 @@ namespace VeraCrypt
|
||||
}
|
||||
else
|
||||
{
|
||||
if (vulnerableVolumeMounted)
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
|
||||
if (someVolumesShared)
|
||||
ShowWarning ("DEVICE_IN_USE_INFO");
|
||||
|
||||
@ -741,10 +749,12 @@ namespace VeraCrypt
|
||||
|
||||
favorite.ToMountOptions (options);
|
||||
|
||||
bool mountPerformed = false;
|
||||
if (Preferences.NonInteractive)
|
||||
{
|
||||
BusyScope busy (this);
|
||||
newMountedVolumes.push_back (Core->MountVolume (options));
|
||||
mountPerformed = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -752,6 +762,7 @@ namespace VeraCrypt
|
||||
{
|
||||
BusyScope busy (this);
|
||||
newMountedVolumes.push_back (Core->MountVolume (options));
|
||||
mountPerformed = true;
|
||||
}
|
||||
catch (...)
|
||||
{
|
||||
@ -769,6 +780,9 @@ namespace VeraCrypt
|
||||
newMountedVolumes.push_back (volume);
|
||||
}
|
||||
}
|
||||
|
||||
if (mountPerformed && newMountedVolumes.back()->MasterKeyVulnerable)
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
}
|
||||
|
||||
if (!newMountedVolumes.empty() && GetPreferences().CloseSecurityTokenSessionsAfterMount)
|
||||
@ -805,6 +819,9 @@ namespace VeraCrypt
|
||||
}
|
||||
}
|
||||
|
||||
if (volume->MasterKeyVulnerable)
|
||||
ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE");
|
||||
|
||||
if (volume->EncryptionAlgorithmMinBlockSize == 8)
|
||||
ShowWarning ("WARN_64_BIT_BLOCK_CIPHER");
|
||||
|
||||
|
@ -1259,6 +1259,20 @@ static BOOL SysEncryptionOrDecryptionRequired (void)
|
||||
);
|
||||
}
|
||||
|
||||
// Returns TRUE if system encryption master key is vulnerable
|
||||
static BOOL SysEncryptionMasterKeyVulnerable (void)
|
||||
{
|
||||
try
|
||||
{
|
||||
BootEncStatus = BootEncObj->GetStatus();
|
||||
return (BootEncStatus.DriveMounted || BootEncStatus.DriveEncrypted) && BootEncStatus.MasterKeyVulnerable;
|
||||
}
|
||||
catch (Exception &)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
// Returns TRUE if the system partition/drive is completely encrypted
|
||||
static BOOL SysDriveOrPartitionFullyEncrypted (BOOL bSilent)
|
||||
{
|
||||
@ -7435,10 +7449,12 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
|
||||
|
||||
if (!Quit) // Do not care about system encryption or in-place encryption if we were launched from the system startup sequence (the wizard was added to it too).
|
||||
{
|
||||
BOOL bActionPerformed = FALSE;
|
||||
if (SysEncryptionOrDecryptionRequired ())
|
||||
{
|
||||
if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption
|
||||
{
|
||||
bActionPerformed = TRUE;
|
||||
// We shouldn't block the mutex at this point
|
||||
|
||||
if (SystemEncryptionStatus == SYSENC_STATUS_PRETEST
|
||||
@ -7465,7 +7481,17 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
|
||||
{
|
||||
BOOL bDecrypt = FALSE;
|
||||
if (AskNonSysInPlaceEncryptionResume(hwndDlg, &bDecrypt) == IDYES)
|
||||
{
|
||||
bActionPerformed = TRUE;
|
||||
ResumeInterruptedNonSysInplaceEncProcess (bDecrypt);
|
||||
}
|
||||
}
|
||||
|
||||
if (!bActionPerformed)
|
||||
{
|
||||
// display warning if the master key is vulnerable
|
||||
if (SysEncryptionMasterKeyVulnerable())
|
||||
WarningTopMost ("ERR_SYSENC_XTS_MASTERKEY_VULNERABLE", hwndDlg);
|
||||
}
|
||||
}
|
||||
|
||||
@ -11447,6 +11473,12 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
|
||||
handleError (hwndDlg, nStatus, SRC_POS);
|
||||
}
|
||||
|
||||
// display a warning if the master key is vulnerable
|
||||
if (restoredCryptoInfo->bVulnerableMasterKey)
|
||||
{
|
||||
Warning ("ERR_XTS_MASTERKEY_VULNERABLE", hwndDlg);
|
||||
}
|
||||
|
||||
BOOL hiddenVol = restoredCryptoInfo->hiddenVolume;
|
||||
|
||||
if (legacyBackup)
|
||||
|
@ -114,6 +114,7 @@ namespace VeraCrypt
|
||||
void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
|
||||
void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
|
||||
bool IsEncryptionNotCompleted () const { return EncryptionNotCompleted; }
|
||||
bool IsMasterKeyVulnerable() const { return Header && Header->IsMasterKeyVulnerable(); }
|
||||
|
||||
protected:
|
||||
void CheckProtectedRange (uint64 writeHostOffset, uint64 writeLength);
|
||||
|
@ -47,6 +47,7 @@ namespace VeraCrypt
|
||||
EncryptedAreaLength = 0;
|
||||
Flags = 0;
|
||||
SectorSize = 0;
|
||||
XtsKeyVulnerable = false;
|
||||
}
|
||||
|
||||
void VolumeHeader::Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options)
|
||||
@ -62,6 +63,9 @@ namespace VeraCrypt
|
||||
DataAreaKey.Zero();
|
||||
DataAreaKey.CopyFrom (options.DataKey);
|
||||
|
||||
// check if the XTS key is vulnerable by comparing the two parts of the key
|
||||
XtsKeyVulnerable = (memcmp (options.DataKey.Get() + options.EA->GetKeySize(), options.DataKey.Get(), options.EA->GetKeySize()) == 0);
|
||||
|
||||
VolumeCreationTime = 0;
|
||||
HiddenVolumeDataSize = (options.Type == VolumeType::Hidden ? options.VolumeDataSize : 0);
|
||||
VolumeDataSize = options.VolumeDataSize;
|
||||
@ -235,6 +239,9 @@ namespace VeraCrypt
|
||||
ea->SetKeyXTS (header.GetRange (offset + ea->GetKeySize(), ea->GetKeySize()));
|
||||
#endif
|
||||
mode->SetKey (header.GetRange (offset + ea->GetKeySize(), ea->GetKeySize()));
|
||||
|
||||
// check if the XTS key is vulnerable by comparing the two parts of the key
|
||||
XtsKeyVulnerable = (memcmp (DataAreaKey.Ptr() + ea->GetKeySize(), DataAreaKey.Ptr(), ea->GetKeySize()) == 0);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -76,6 +76,7 @@ namespace VeraCrypt
|
||||
uint64 GetVolumeDataSize () const { return VolumeDataSize; }
|
||||
VolumeTime GetVolumeCreationTime () const { return VolumeCreationTime; }
|
||||
void SetSize (uint32 headerSize);
|
||||
bool IsMasterKeyVulnerable () const { return XtsKeyVulnerable; }
|
||||
|
||||
protected:
|
||||
bool Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode);
|
||||
@ -120,6 +121,7 @@ namespace VeraCrypt
|
||||
uint32 SectorSize;
|
||||
|
||||
SecureBuffer DataAreaKey;
|
||||
bool XtsKeyVulnerable;
|
||||
|
||||
private:
|
||||
VolumeHeader (const VolumeHeader &);
|
||||
|
@ -55,6 +55,7 @@ namespace VeraCrypt
|
||||
VirtualDevice = sr.DeserializeWString ("VirtualDevice");
|
||||
sr.Deserialize ("VolumeCreationTime", VolumeCreationTime);
|
||||
sr.Deserialize ("Pim", Pim);
|
||||
sr.Deserialize ("MasterKeyVulnerable", MasterKeyVulnerable);
|
||||
}
|
||||
|
||||
bool VolumeInfo::FirstVolumeMountedAfterSecond (shared_ptr <VolumeInfo> first, shared_ptr <VolumeInfo> second)
|
||||
@ -95,6 +96,7 @@ namespace VeraCrypt
|
||||
sr.Serialize ("VirtualDevice", wstring (VirtualDevice));
|
||||
sr.Serialize ("VolumeCreationTime", VolumeCreationTime);
|
||||
sr.Serialize ("Pim", Pim);
|
||||
sr.Serialize ("MasterKeyVulnerable", MasterKeyVulnerable);
|
||||
}
|
||||
|
||||
void VolumeInfo::Set (const Volume &volume)
|
||||
@ -119,6 +121,7 @@ namespace VeraCrypt
|
||||
TotalDataRead = volume.GetTotalDataRead();
|
||||
TotalDataWritten = volume.GetTotalDataWritten();
|
||||
Pim = volume.GetPim ();
|
||||
MasterKeyVulnerable = volume.IsMasterKeyVulnerable();
|
||||
}
|
||||
|
||||
TC_SERIALIZER_FACTORY_ADD_CLASS (VolumeInfo);
|
||||
|
@ -61,7 +61,7 @@ namespace VeraCrypt
|
||||
DevicePath VirtualDevice;
|
||||
VolumeTime VolumeCreationTime;
|
||||
int Pim;
|
||||
|
||||
bool MasterKeyVulnerable;
|
||||
private:
|
||||
VolumeInfo (const VolumeInfo &);
|
||||
VolumeInfo &operator= (const VolumeInfo &);
|
||||
|
Loading…
Reference in New Issue
Block a user