From ee0a2659da24b4b7543f52647fb2d8cbbd12408c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 21 Jan 2019 00:42:53 +0100 Subject: Windows driver: remove volumes master keys from CRYPTO_INFO since they are not needed after their key schedule is created --- src/Driver/DriveFilter.c | 4 +--- src/Driver/Ntvol.c | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) (limited to 'src/Driver') diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index c1f38322..7105838a 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -2181,10 +2181,8 @@ static VOID DecoySystemWipeThreadProc (PVOID threadArg) DecoySystemWipeResult = STATUS_INVALID_PARAMETER; goto ret; } - - memcpy (wipeCryptoInfo->k2, WipeDecoyRequest.WipeKey + EAGetKeySize (ea), EAGetKeySize (ea)); - if (!EAInitMode (wipeCryptoInfo)) + if (!EAInitMode (wipeCryptoInfo, WipeDecoyRequest.WipeKey + EAGetKeySize (ea))) { DecoySystemWipeResult = STATUS_INVALID_PARAMETER; goto err; diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index 852aafd0..a317d8be 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -663,7 +663,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, if (Extension->cryptoInfo->hiddenVolume && IsHiddenSystemRunning()) { // Prevent mount of a hidden system partition if the system hosted on it is currently running - if (memcmp (Extension->cryptoInfo->master_keydata, GetSystemDriveCryptoInfo()->master_keydata, EAGetKeySize (Extension->cryptoInfo->ea)) == 0) + if (memcmp (Extension->cryptoInfo->master_keydata_hash, GetSystemDriveCryptoInfo()->master_keydata_hash, sizeof(Extension->cryptoInfo->master_keydata_hash)) == 0) { mount->nReturnCode = ERR_VOL_ALREADY_MOUNTED; ntStatus = STATUS_SUCCESS; -- cgit v1.2.3