VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorkavsrf <kavsrf@gmail.com>2016-12-31 13:49:59 +0300
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2017-06-05 17:36:51 +0200
commitf2e878683655b885f8ab2d365a40993ef942dea7 (patch)
tree22dbf411fc9d99a7ad23aae489eb491bb37fe387
parent659af8b2c1ee88a9ee78dd1b1a5fa7cae2302984 (diff)
downloadVeraCrypt-DCS-f2e878683655b885f8ab2d365a40993ef942dea7.tar.gz
VeraCrypt-DCS-f2e878683655b885f8ab2d365a40993ef942dea7.zip
DcsProp configuration keys
AutoLogin AutoPassword AuthorizeProgress AuthStartMsg AuthErrorMsg Random Authorization retry bug fix
-rw-r--r--DcsInt/DcsInt.c14
-rw-r--r--Include/Library/PasswordLib.h1
-rw-r--r--Library/DcsCfgLib/DcsRandom.c9
-rw-r--r--Library/PasswordLib/ConsolePassword.c21
-rw-r--r--Library/PasswordLib/PicturePassword.c21
-rw-r--r--Library/VeraCryptLib/DcsVeraCrypt.c70
-rw-r--r--Library/VeraCryptLib/DcsVeraCrypt.h8
7 files changed, 96 insertions, 48 deletions
diff --git a/DcsInt/DcsInt.c b/DcsInt/DcsInt.c
index af2391b..672997f 100644
--- a/DcsInt/DcsInt.c
+++ b/DcsInt/DcsInt.c
@@ -637,7 +637,7 @@ SecRegionTryDecrypt()
if (gAuthPwdCode == AskPwdRetCancel) {
return EFI_NOT_READY;
}
- OUT_PRINT(L"Authorizing...\n\r");
+ OUT_PRINT(L"%a", gAuthStartMsg);
do {
CopyMem(Header, SecRegionData + SecRegionOffset, 512);
vcres = ReadVolumeHeader(gAuthBoot, Header, &gAuthPassword, gAuthHash, gAuthPim, gAuthTc, &SecRegionCryptInfo, NULL);
@@ -648,9 +648,10 @@ SecRegionTryDecrypt()
OUT_PRINT(L"Start %d %lld len %lld\n", SecRegionOffset / (1024*128), SecRegionCryptInfo->EncryptedAreaStart.Value, SecRegionCryptInfo->EncryptedAreaLength.Value);
break;
} else {
- ERR_PRINT(L"Authorization failed. Wrong password, PIM or hash. Decrypt error(%x)\n\r", vcres);
+ ERR_PRINT(L"%a", gAuthErrorMsg);
}
- } while (vcres != 0 && gAuthRetry != 0);
+ gAuthRetry--;
+ } while (vcres != 0 && gAuthRetry > 0);
if (vcres != 0) {
return EFI_CRC_ERROR;
}
@@ -977,6 +978,7 @@ UefiMain(
if (!EFI_ERROR(res) && id != NULL) {
INT32 rud;
rud = GetCrc32((unsigned char*)id, (int)AsciiStrLen(id));
+ OUT_PRINT(L"%d ? %d\n", gRUD, rud);
MEM_FREE(id);
if (rud == gRUD) {
devFound = TRUE;
@@ -985,7 +987,8 @@ UefiMain(
}
}
if (!devFound) return OnExit(gOnExitNotFound, OnExitAuthNotFound, EFI_NOT_FOUND);
- }
+ KeyWait(L"%2d \r", 12, 0, 0);
+ }
// Try to find by OS partition GUID
if (SecRegionData == NULL && gPartitionGuidOS != NULL) {
@@ -1022,12 +1025,13 @@ UefiMain(
return res;
}
+ RndInit(gRndDefault, NULL, 0, &gRnd);
+
res = GetTpm(); // Try to get TPM
if (!EFI_ERROR(res)) {
if (gConfigBuffer != NULL) {
TpmMeasure(gConfigBuffer, gConfigBufferSize); // Measure configuration
}
- RndInit(RndTypeTpm, NULL, 0, &gRnd);
if (gTpm->IsConfigured(gTpm) && !gTpm->IsOpen(gTpm)) {
ERR_PRINT(L"TPM is configured but locked. Probably boot chain is modified!\n");
KeyWait(L"%1d\r", 9, 0, 0);
diff --git a/Include/Library/PasswordLib.h b/Include/Library/PasswordLib.h
index 62cad21..3396164 100644
--- a/Include/Library/PasswordLib.h
+++ b/Include/Library/PasswordLib.h
@@ -23,6 +23,7 @@ extern CHAR8* gPasswordPictureChars;
extern CHAR8* gPasswordPictureCharsDefault;
extern UINTN gPasswordPictureCharsLen;
extern UINT8 gPasswordVisible;
+extern UINT8 gPasswordProgress;
extern int gPasswordShowMark;
extern int gPlatformLocked;
diff --git a/Library/DcsCfgLib/DcsRandom.c b/Library/DcsCfgLib/DcsRandom.c
index 084a8cf..eceba8d 100644
--- a/Library/DcsCfgLib/DcsRandom.c
+++ b/Library/DcsCfgLib/DcsRandom.c
@@ -68,13 +68,14 @@ RndFileInit(
)
{
EFI_STATUS res = EFI_NOT_FOUND;
- ZeroMem(rnd, sizeof(DCS_RND));
- rnd->Type = RndTypeFile;
- rnd->GetBytes = RndFileGetBytes;
- rnd->Prepare = RndFilePrepare;
if (Context != NULL) {
+ ZeroMem(rnd, sizeof(DCS_RND));
+ rnd->Type = RndTypeFile;
+ rnd->GetBytes = RndFileGetBytes;
+ rnd->Prepare = RndFilePrepare;
rnd->State.File.Data = Context;
rnd->State.File.Size = ContextSize;
+ res = EFI_SUCCESS;
}
return res;
}
diff --git a/Library/PasswordLib/ConsolePassword.c b/Library/PasswordLib/ConsolePassword.c
index 1d82fd0..797ee4a 100644
--- a/Library/PasswordLib/ConsolePassword.c
+++ b/Library/PasswordLib/ConsolePassword.c
@@ -59,8 +59,10 @@ AskConsolePwdInt(
for (i = 0; i < count; i++) {
OUT_PRINT(L"\b");
}
- for (i = 0; i < count; i++) {
- OUT_PRINT(L"*");
+ if (gPasswordProgress) {
+ for (i = 0; i < count; i++) {
+ OUT_PRINT(L"*");
+ }
}
}
}
@@ -98,7 +100,9 @@ AskConsolePwdInt(
continue;
}
else if (key.UnicodeChar == CHAR_BACKSPACE) {
- OUT_PRINT(L"\b \b");
+ if (gPasswordProgress || show) {
+ OUT_PRINT(L"\b \b");
+ }
if (asciiLine != NULL) asciiLine[--count] = '\0';
continue;
}
@@ -107,8 +111,7 @@ AskConsolePwdInt(
if (count < line_max - 1) {
if (show) {
OUT_PRINT(L"%c", key.UnicodeChar);
- }
- else {
+ } else if (gPasswordProgress) {
OUT_PRINT(L"*");
}
// save char
@@ -124,10 +127,12 @@ AskConsolePwdInt(
// Set end of line
if (asciiLine != NULL) {
asciiLine[count] = '\0';
- for (i = 0; i < count; i++) {
- OUT_PRINT(L"\b \b");
+ if (gPasswordProgress || show) {
+ for (i = 0; i < count; i++) {
+ OUT_PRINT(L"\b \b");
+ }
+ OUT_PRINT(L"*");
}
- OUT_PRINT(L"*");
}
OUT_PRINT(L"\n");
}
diff --git a/Library/PasswordLib/PicturePassword.c b/Library/PasswordLib/PicturePassword.c
index e737a99..f40b095 100644
--- a/Library/PasswordLib/PicturePassword.c
+++ b/Library/PasswordLib/PicturePassword.c
@@ -30,6 +30,7 @@ UINTN gPasswordPictureCharsLen = 95;
UINT8 gPasswordVisible = 0;
int gPasswordShowMark = 1;
+UINT8 gPasswordProgress = 1;
int gPlatformLocked = 0;
int gTPMLocked = 0;
@@ -172,15 +173,17 @@ DrawPwdZone(
{
INT32 pwdGrphMaxLen = (INT32)(sWidth - 2 * step);
BltFill(bltScrn, gColorBlack, 0, 0, (INT32)(sWidth - 2 * step), (INT32)(posPictY));
- if (gPasswordVisible) {
- BltText(bltScrn, &ctxCell, 0, 0, 256, pwd);
- }
- else {
- INT32 pwdGrphLen = (INT32)(pwdGrphMaxLen * picPwdIdx / pwdMax);
- INT32 pwdGrphHeight = (INT32)(posPictY) / 2;
- INT32 pwdGrphTop = (INT32)(posPictY) / 4;
- BltFill(bltScrn, gColorGreen, 0, pwdGrphTop, pwdGrphLen, pwdGrphHeight + pwdGrphTop);
- BltFill(bltScrn, gColorBlack, pwdGrphLen, pwdGrphTop, pwdGrphMaxLen, pwdGrphHeight + pwdGrphTop);
+ if (gPasswordProgress || gPasswordVisible) {
+ if (gPasswordVisible) {
+ BltText(bltScrn, &ctxCell, 0, 0, 256, pwd);
+ }
+ else {
+ INT32 pwdGrphLen = (INT32)(pwdGrphMaxLen * picPwdIdx / pwdMax);
+ INT32 pwdGrphHeight = (INT32)(posPictY) / 2;
+ INT32 pwdGrphTop = (INT32)(posPictY) / 4;
+ BltFill(bltScrn, gColorGreen, 0, pwdGrphTop, pwdGrphLen, pwdGrphHeight + pwdGrphTop);
+ BltFill(bltScrn, gColorBlack, pwdGrphLen, pwdGrphTop, pwdGrphMaxLen, pwdGrphHeight + pwdGrphTop);
+ }
}
}
diff --git a/Library/VeraCryptLib/DcsVeraCrypt.c b/Library/VeraCryptLib/DcsVeraCrypt.c
index 02128df..2979064 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.c
+++ b/Library/VeraCryptLib/DcsVeraCrypt.c
@@ -89,6 +89,9 @@ int gAuthPasswordType = 0;
char* gAuthPasswordMsg = NULL;
Password gAuthPassword;
+UINT8 gAutoLogin = 0;
+char* gAutoPassword = NULL;
+
char* gAuthPimMsg = NULL;
int gAuthPimRqt = 1;
int gAuthPim = 0;
@@ -105,6 +108,10 @@ int gAuthBoot = 1;
int gAuthRetry = 10;
int gAuthPwdCode = 1;
+int gRndDefault = 0;
+
+char* gAuthErrorMsg = NULL;
+char* gAuthStartMsg = NULL;
INT32 gRUD = 0;
@@ -182,6 +189,10 @@ VCAuthLoadConfig()
gAuthPasswordMsg = MEM_ALLOC(MAX_MSG);
ConfigReadString("PasswordMsg", "Password:", gAuthPasswordMsg, MAX_MSG);
+ gAutoLogin = (UINT8)ConfigReadInt("AutoLogin", 0);
+ gAutoPassword = MEM_ALLOC(MAX_PASSWORD);
+ ConfigReadString("AutoPassword", "", gAutoPassword, MAX_PASSWORD);
+
gAuthPimMsg = MEM_ALLOC(MAX_MSG);
gAuthPimRqt = ConfigReadInt("PimRqt", 1);
gAuthPim = ConfigReadInt("Pim", 0);
@@ -192,12 +203,20 @@ VCAuthLoadConfig()
gAuthHash = ConfigReadInt("Hash", 0);
ConfigReadString("HashMsg", "(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) RIPEMD160\n\rHash:", gAuthHashMsg, MAX_MSG);
- gPasswordVisible = (UINT8)ConfigReadInt("AuthorizeVisible", 0);
+ gPasswordProgress = (UINT8)ConfigReadInt("AuthorizeProgress", 1);
+ gPasswordVisible = (UINT8)ConfigReadInt("AuthorizeVisible", 0);
gPasswordShowMark = ConfigReadInt("AuthorizeMarkTouch", 1);
- gAuthBootRqt = ConfigReadInt("BootRqt", 0);
+
+ gAuthStartMsg = MEM_ALLOC(MAX_MSG);
+ ConfigReadString("AuthStartMsg", "Authorizing...\n\r", gAuthStartMsg, MAX_MSG);
+ gAuthErrorMsg = MEM_ALLOC(MAX_MSG);
+ ConfigReadString("AuthErrorMsg", "Authorization failed. Wrong password, PIM or hash.\n\r", gAuthErrorMsg, MAX_MSG);
+
+ gAuthBootRqt = ConfigReadInt("BootRqt", 0);
gAuthTcRqt = ConfigReadInt("TcRqt", 0);
gRUD = ConfigReadInt("RUD", 0);
gAuthRetry = ConfigReadInt("AuthorizeRetry", 10);
+ gRndDefault = ConfigReadInt("Random", 0);
// touch
tmp = ConfigReadInt("TouchDevice", -1);
@@ -331,31 +350,38 @@ VCAskPwd(
}
}
- if (gAuthPasswordType == 1 &&
- gGraphOut != NULL &&
- ((gTouchPointer != NULL) || (gTouchSimulate != 0))) {
- AskPictPwdInt(pwdType, sizeof(vcPwd->Text), vcPwd->Text, &vcPwd->Length, &gAuthPwdCode);
+ if (gAutoLogin) {
+ gAutoLogin = 0;
+ gAuthPwdCode = AskPwdRetLogin;
+ vcPwd->Length = (unsigned int)strlen(gAutoPassword);
+ strcpy(vcPwd->Text, gAutoPassword);
}
else {
- switch (pwdType) {
- case AskPwdNew:
- OUT_PRINT(L"New password:");
- break;
- case AskPwdConfirm:
- OUT_PRINT(L"Confirm password:");
- break;
- case AskPwdLogin:
- default:
- OUT_PRINT(L"%a", gAuthPasswordMsg);
- break;
+ if (gAuthPasswordType == 1 &&
+ gGraphOut != NULL &&
+ ((gTouchPointer != NULL) || (gTouchSimulate != 0))) {
+ AskPictPwdInt(pwdType, sizeof(vcPwd->Text), vcPwd->Text, &vcPwd->Length, &gAuthPwdCode);
+ }
+ else {
+ switch (pwdType) {
+ case AskPwdNew:
+ OUT_PRINT(L"New password:");
+ break;
+ case AskPwdConfirm:
+ OUT_PRINT(L"Confirm password:");
+ break;
+ case AskPwdLogin:
+ default:
+ OUT_PRINT(L"%a", gAuthPasswordMsg);
+ break;
+ }
+ AskConsolePwdInt(&vcPwd->Length, vcPwd->Text, &gAuthPwdCode, sizeof(vcPwd->Text), gPasswordVisible);
}
- AskConsolePwdInt(&vcPwd->Length, vcPwd->Text, &gAuthPwdCode, sizeof(vcPwd->Text), gPasswordVisible);
- }
- if (gAuthPwdCode == AskPwdRetCancel) {
- return;
+ if (gAuthPwdCode == AskPwdRetCancel) {
+ return;
+ }
}
-
if (gSCLocked) {
ERR_PRINT(L"Smart card is not configured\n");
}
diff --git a/Library/VeraCryptLib/DcsVeraCrypt.h b/Library/VeraCryptLib/DcsVeraCrypt.h
index fffe67c..23eb4a2 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.h
+++ b/Library/VeraCryptLib/DcsVeraCrypt.h
@@ -30,6 +30,9 @@ extern CHAR16* gPasswordPictureFileName;
extern char* gAuthPasswordMsg;
extern Password gAuthPassword;
+extern UINT8 gAutoLogin;
+extern char* gAutoPassword;
+
extern char* gAuthPimMsg;
extern int gAuthPimRqt;
extern int gAuthPim;
@@ -45,6 +48,11 @@ extern int gAuthBootRqt;
extern int gAuthBoot;
extern int gAuthRetry;
+extern int gRndDefault;
+
+extern char* gAuthStartMsg;
+extern char* gAuthErrorMsg;
+
extern INT32 gRUD;
extern int gAuthSecRegionSearch;