mirror of
https://github.com/veracrypt/VeraCrypt
synced 2024-11-10 13:13:34 +01:00
Linux/MacOSX: Similar fix to Windows one. Write fake hidden volume header that is created from same data format as legitimate one in order to metigate attack that are able to detect the presence of TrueCrypt/VeraCrypt hidden volumes (reported by Ivanov Alexey Mikhailovich from Moscow, Russia)
This commit is contained in:
parent
5b381ce7d7
commit
f32f65d4f7
@ -151,9 +151,37 @@ namespace VeraCrypt
|
||||
|
||||
if (Options->Type == VolumeType::Normal)
|
||||
{
|
||||
// Write random data to space reserved for hidden volume backup header
|
||||
Core->RandomizeEncryptionAlgorithmKey (Options->EA);
|
||||
Options->EA->Encrypt (backupHeader);
|
||||
// Write fake random header to space reserved for hidden volume header
|
||||
VolumeLayoutV2Hidden hiddenLayout;
|
||||
shared_ptr <VolumeHeader> hiddenHeader (hiddenLayout.GetHeader());
|
||||
SecureBuffer hiddenHeaderBuffer (hiddenLayout.GetHeaderSize());
|
||||
|
||||
VolumeHeaderCreationOptions headerOptions;
|
||||
headerOptions.EA = Options->EA;
|
||||
headerOptions.Kdf = Options->VolumeHeaderKdf;
|
||||
headerOptions.Type = VolumeType::Hidden;
|
||||
|
||||
headerOptions.SectorSize = Options->SectorSize;
|
||||
|
||||
headerOptions.VolumeDataStart = HostSize - hiddenLayout.GetHeaderSize() * 2 - Options->Size;
|
||||
headerOptions.VolumeDataSize = hiddenLayout.GetMaxDataSize (Options->Size);
|
||||
|
||||
// Master data key
|
||||
SecureBuffer hiddenMasterKey(Options->EA->GetKeySize() * 2);
|
||||
RandomNumberGenerator::GetData (hiddenMasterKey);
|
||||
headerOptions.DataKey = hiddenMasterKey;
|
||||
|
||||
// PKCS5 salt
|
||||
SecureBuffer hiddenSalt (VolumeHeader::GetSaltSize());
|
||||
RandomNumberGenerator::GetData (hiddenSalt);
|
||||
headerOptions.Salt = hiddenSalt;
|
||||
|
||||
// Header key
|
||||
SecureBuffer hiddenHeaderKey (VolumeHeader::GetLargestSerializedKeySize());
|
||||
RandomNumberGenerator::GetData (hiddenHeaderKey);
|
||||
headerOptions.HeaderKey = hiddenHeaderKey;
|
||||
|
||||
hiddenHeader->Create (backupHeader, headerOptions);
|
||||
|
||||
VolumeFile->Write (backupHeader);
|
||||
}
|
||||
@ -295,9 +323,32 @@ namespace VeraCrypt
|
||||
|
||||
if (options->Type == VolumeType::Normal)
|
||||
{
|
||||
// Write random data to space reserved for hidden volume header
|
||||
Core->RandomizeEncryptionAlgorithmKey (options->EA);
|
||||
options->EA->Encrypt (headerBuffer);
|
||||
// Write fake random header to space reserved for hidden volume header
|
||||
VolumeLayoutV2Hidden hiddenLayout;
|
||||
shared_ptr <VolumeHeader> hiddenHeader (hiddenLayout.GetHeader());
|
||||
SecureBuffer hiddenHeaderBuffer (hiddenLayout.GetHeaderSize());
|
||||
|
||||
headerOptions.Type = VolumeType::Hidden;
|
||||
|
||||
headerOptions.VolumeDataStart = HostSize - hiddenLayout.GetHeaderSize() * 2 - options->Size;
|
||||
headerOptions.VolumeDataSize = hiddenLayout.GetMaxDataSize (options->Size);
|
||||
|
||||
// Master data key
|
||||
SecureBuffer hiddenMasterKey(options->EA->GetKeySize() * 2);
|
||||
RandomNumberGenerator::GetData (hiddenMasterKey);
|
||||
headerOptions.DataKey = hiddenMasterKey;
|
||||
|
||||
// PKCS5 salt
|
||||
SecureBuffer hiddenSalt (VolumeHeader::GetSaltSize());
|
||||
RandomNumberGenerator::GetData (hiddenSalt);
|
||||
headerOptions.Salt = hiddenSalt;
|
||||
|
||||
// Header key
|
||||
SecureBuffer hiddenHeaderKey (VolumeHeader::GetLargestSerializedKeySize());
|
||||
RandomNumberGenerator::GetData (hiddenHeaderKey);
|
||||
headerOptions.HeaderKey = hiddenHeaderKey;
|
||||
|
||||
hiddenHeader->Create (headerBuffer, headerOptions);
|
||||
|
||||
VolumeFile->Write (headerBuffer);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user