From a494228407d3ebc52bda56ae7bd9b1e71d0c6649 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vojt=C4=9Bch=20Trefn=C3=BD?= Date: Fri, 25 Oct 2019 10:20:32 +0200 Subject: [PATCH] Do not try to activate partially decrypted BitLocker devices --- lib/bitlk/bitlk.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/lib/bitlk/bitlk.c b/lib/bitlk/bitlk.c index b2be0bae..d2fce6bc 100644 --- a/lib/bitlk/bitlk.c +++ b/lib/bitlk/bitlk.c @@ -891,6 +891,16 @@ int BITLK_activate(struct crypt_device *cd, return r; } + next_vmk = params->vmks; + while (next_vmk) { + if (next_vmk->protection == BITLK_PROTECTION_CLEAR_KEY) { + crypt_free_volume_key(open_fvek_key); + log_err(cd, _("Activation of partially decrypted BitLocker devices is not supported.")); + return -ENOTSUP; + } + next_vmk = next_vmk->next; + } + if (strcmp(params->cipher_mode, "cbc-elephant") == 0) { log_err(cd, _("Activation of BitLocker devices encrypted using AES-CBC with " \ "the Elephant Diffuser is currently not supported"));