VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2016-09-03 19:34:52 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2016-09-11 13:12:45 +0200
commit335f17b72f567f1bdb9dbc84a1d42d2cf18f1245 (patch)
tree1f9f5ba97fce7448dcdaf1691d7787c75e643182
parent735657a25478bb81ccbb7209c27679b93a2b98e4 (diff)
downloadVeraCrypt-335f17b72f567f1bdb9dbc84a1d42d2cf18f1245.tar.gz
VeraCrypt-335f17b72f567f1bdb9dbc84a1d42d2cf18f1245.zip
Windows: in case of In-Place encryption, encrypt random data instead of existing data when filling unused space like the other cases.
-rw-r--r--src/Common/Format.c2
-rw-r--r--src/Common/Password.c2
-rw-r--r--src/Common/Volumes.c10
-rw-r--r--src/Common/Volumes.h2
-rw-r--r--src/ExpandVolume/ExpandVolume.c2
-rw-r--r--src/Format/InPlace.c4
6 files changed, 9 insertions, 13 deletions
diff --git a/src/Common/Format.c b/src/Common/Format.c
index 4df27c1e..ead65463 100644
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@@ -568,7 +568,7 @@ begin_format:
{
BOOL bUpdateBackup = FALSE;
- nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE, FALSE);
+ nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE);
if (nStatus != ERR_SUCCESS)
goto error;
diff --git a/src/Common/Password.c b/src/Common/Password.c
index b0f44384..1c9083a3 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -440,7 +440,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
PCRYPTO_INFO dummyInfo = NULL;
LARGE_INTEGER hiddenOffset;
- nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, cryptoInfo->VolumeSize.Value, !backupHeader, backupHeader, FALSE);
+ nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, cryptoInfo->VolumeSize.Value, !backupHeader, backupHeader);
if (nStatus != ERR_SUCCESS)
goto error;
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 67b072d6..178f47f0 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -1239,7 +1239,7 @@ BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header)
// Writes randomly generated data to unused/reserved header areas.
// When bPrimaryOnly is TRUE, then only the primary header area (not the backup header area) is filled with random data.
// When bBackupOnly is TRUE, only the backup header area (not the primary header area) is filled with random data.
-int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly, BOOL bInPlaceEnc)
+int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly)
{
char temporaryKey[MASTER_KEYDATA_SIZE];
char originalK2[MASTER_KEYDATA_SIZE];
@@ -1298,12 +1298,8 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO
goto final_seq;
}
- if (backupHeaders || !bInPlaceEnc)
- {
- // encrypt random data instead of existing data for better entropy, except in case of primary
- // header of an in-place encrypted disk
- RandgetBytesFull (hwndDlg, buf + TC_VOLUME_HEADER_EFFECTIVE_SIZE, sizeof (buf) - TC_VOLUME_HEADER_EFFECTIVE_SIZE, FALSE, TRUE);
- }
+ // encrypt random data instead of existing data for better entropy
+ RandgetBytesFull (hwndDlg, buf + TC_VOLUME_HEADER_EFFECTIVE_SIZE, sizeof (buf) - TC_VOLUME_HEADER_EFFECTIVE_SIZE, FALSE, TRUE);
EncryptBuffer (buf + TC_VOLUME_HEADER_EFFECTIVE_SIZE, sizeof (buf) - TC_VOLUME_HEADER_EFFECTIVE_SIZE, cryptoInfo);
diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h
index 68ba6720..3fe3a450 100644
--- a/src/Common/Volumes.h
+++ b/src/Common/Volumes.h
@@ -147,7 +147,7 @@ void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderS
int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead);
BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header);
-int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly, BOOL bInPlaceEnc);
+int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly);
#endif
#endif // !TC_HEADER_Volume_VolumeHeader
diff --git a/src/ExpandVolume/ExpandVolume.c b/src/ExpandVolume/ExpandVolume.c
index 2235af1a..82c4207e 100644
--- a/src/ExpandVolume/ExpandVolume.c
+++ b/src/ExpandVolume/ExpandVolume.c
@@ -837,7 +837,7 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
PCRYPTO_INFO dummyInfo = NULL;
LARGE_INTEGER hiddenOffset;
- nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, newDataAreaSize, !backupHeader, backupHeader, FALSE);
+ nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, newDataAreaSize, !backupHeader, backupHeader);
if (nStatus != ERR_SUCCESS)
goto error;
diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c
index cfae573f..f37cb8be 100644
--- a/src/Format/InPlace.c
+++ b/src/Format/InPlace.c
@@ -605,7 +605,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol
}
// Fill the reserved sectors of the backup header area with random data
- nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, TRUE, TRUE);
+ nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, TRUE);
if (nStatus != ERR_SUCCESS)
goto closing_seq;
@@ -1122,7 +1122,7 @@ inplace_enc_read:
}
// Fill the reserved sectors of the header area with random data
- nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE, TRUE);
+ nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE);
if (nStatus != ERR_SUCCESS)
goto closing_seq;