From b4465b80e6039ef3b0bf5e93089fabf3d50f501d Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Mon, 22 Jun 2020 01:54:28 +0200
Subject: Linux/MacOSX: take into account keyfiles when comparing Outer and
 Hidden volumes passwords

---
 src/Main/Forms/VolumeCreationWizard.cpp | 40 +++++++++++++++++++++++++--------
 1 file changed, 31 insertions(+), 9 deletions(-)

(limited to 'src/Main')

diff --git a/src/Main/Forms/VolumeCreationWizard.cpp b/src/Main/Forms/VolumeCreationWizard.cpp
index 66556e36..240f08dc 100644
--- a/src/Main/Forms/VolumeCreationWizard.cpp
+++ b/src/Main/Forms/VolumeCreationWizard.cpp
@@ -774,16 +774,31 @@ namespace VeraCrypt
 				Kdf = page->GetPkcs5Kdf();
 				Keyfiles = page->GetKeyfiles();
 
-				if (forward && Password && !Password->IsEmpty())
+				if (forward && !OuterVolume && SelectedVolumeType == VolumeType::Hidden)
 				{
-					if (!OuterVolume && SelectedVolumeType == VolumeType::Hidden)
+					shared_ptr <VolumePassword> hiddenPassword;
+					try
 					{
-						if (*(OuterPassword.get()) == *(Password.get()))
-						{
-							Gui->ShowError (_("The Hidden volume password can not be identical to the Outer volume password"));
-							return GetCurrentStep();
-						}
+						hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password);
 					}
+					catch (...)
+					{
+						hiddenPassword = Password;
+					}
+
+					// check if Outer and Hidden passwords are the same
+					if ( 	(hiddenPassword && !hiddenPassword->IsEmpty() && OuterPassword && !OuterPassword->IsEmpty() && (*(OuterPassword.get()) == *(hiddenPassword.get())))
+						||
+							((!hiddenPassword || hiddenPassword->IsEmpty()) && (!OuterPassword || OuterPassword->IsEmpty()))
+						)
+					{
+						Gui->ShowError (_("The Hidden volume password can not be identical to the Outer volume password"));
+						return GetCurrentStep();
+					}
+				}
+
+				if (forward && Password && !Password->IsEmpty())
+				{
 					if (Password->Size() < VolumePassword::WarningSizeThreshold)
 					{
 						if (!Gui->AskYesNo (LangString["PASSWORD_LENGTH_WARNING"], false, true))
@@ -1088,8 +1103,15 @@ namespace VeraCrypt
 
 				MaxHiddenVolumeSize -= MaxHiddenVolumeSize % outerVolume->GetSectorSize();		// Must be a multiple of the sector size
 
-				// remember Outer password in order to be able to compare it with Hidden password
-				OuterPassword = Password;
+				// remember Outer password and keyfiles in order to be able to compare it with those of Hidden volume
+				try
+				{
+					OuterPassword = Keyfile::ApplyListToPassword (Keyfiles, Password);
+				}
+				catch (...)
+				{
+					OuterPassword = Password;
+				}
 			}
 			catch (exception &e)
 			{
-- 
cgit v1.2.3