diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-04-05 22:21:59 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-04-06 00:22:36 +0200 |
| commit | 2784652ab880dcea82aa212096b64d39695012fc (patch) | |
| tree | b6cc4636a3e47efaeae338dca1fca87a347b82b8 /src/Common/BootEncryption.cpp | |
| parent | a284922ce45ca777dd98b53e846603c63cb44904 (diff) | |
| download | VeraCrypt-2784652ab880dcea82aa212096b64d39695012fc.tar.gz VeraCrypt-2784652ab880dcea82aa212096b64d39695012fc.zip | |
Windows vulnerability fix: CryptAcquireContext vulnerability fix. Add checks to random generator to abort in case of error and display a diagnose message to the user.
Diffstat (limited to 'src/Common/BootEncryption.cpp')
| -rw-r--r-- | src/Common/BootEncryption.cpp | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index c01a8b4b..ae57dc37 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -1383,7 +1383,12 @@ namespace VeraCrypt request.WipeAlgorithm = wipeAlgorithm;
if (Randinit() != ERR_SUCCESS)
- throw ParameterIncorrect (SRC_POS);
+ {
+ if (CryptoAPILastError == ERROR_SUCCESS)
+ throw RandInitFailed (SRC_POS, GetLastError ());
+ else
+ throw CryptoApiFailed (SRC_POS, CryptoAPILastError);
+ }
/* force the display of the random enriching dialog */
SetRandomPoolEnrichedByUserStatus (FALSE);
@@ -1421,9 +1426,17 @@ namespace VeraCrypt void BootEncryption::WipeHiddenOSCreationConfig ()
{
- if (IsHiddenOSRunning() || Randinit() != ERR_SUCCESS)
+ if (IsHiddenOSRunning())
throw ParameterIncorrect (SRC_POS);
+ if (Randinit() != ERR_SUCCESS)
+ {
+ if (CryptoAPILastError == ERROR_SUCCESS)
+ throw RandInitFailed (SRC_POS, GetLastError ());
+ else
+ throw CryptoApiFailed (SRC_POS, CryptoAPILastError);
+ }
+
Device device (GetSystemDriveConfiguration().DevicePath);
device.CheckOpened();
byte mbr[TC_SECTOR_SIZE_BIOS];
@@ -2280,7 +2293,13 @@ namespace VeraCrypt RandSetHashFunction (pkcs5);
}
- throw_sys_if (Randinit () != 0);
+ if (Randinit() != 0)
+ {
+ if (CryptoAPILastError == ERROR_SUCCESS)
+ throw RandInitFailed (SRC_POS, GetLastError ());
+ else
+ throw CryptoApiFailed (SRC_POS, CryptoAPILastError);
+ }
finally_do ({ RandStop (FALSE); });
/* force the display of the random enriching dialog */
|