+ EAGetName(name, 128, ea, 1);

+ return EFI_DCS_USER_CANCELED;

+ }

+ if (gAuthPwdCode == AskPwdRetTimeout) {

+ return EFI_TIMEOUT;

+ return EFI_DCS_USER_CANCELED;

+ }

+ if (gAuthPwdCode == AskPwdRetTimeout) {

+ MEM_BURN(&newPassword, sizeof(newPassword));

+ return EFI_TIMEOUT;

+ BOOL bIsSystemEncyption = FALSE;

+

+ if (info->noIterations == get_pkcs5_iteration_count (info->pkcs5, info->volumePim, FALSE, TRUE))

+ bIsSystemEncyption = TRUE;

+ if (bIsSystemEncyption && (pos == start) && (0xEB52904E54465320 == BE64 (*(uint64 *) buf)))

+ {

+ // first sector is not encrypted (e.g. because of Windows repair).

+ // So we encrypt it so that decryption will lead to correct result

+ EncryptDataUnits(buf, (UINT64_STRUCT*)&pos, 1, info);

+ }

+

+ {

+ res = io->ReadBlocks(io, io->Media->MediaId, start, 512, buf);

+ if (!EFI_ERROR(res)) {

+ /*

+ * Case of OS decryption by Rescue Disk

+ * Check if NTFS marker exists. If not, then probably disk affected by

+ * either Windows Repair overwriting first sector or the bug in 1.19

+ * Rescue Disk which caused the first 50 MB of disk to be

+ * decrypted in a wrong way. In this case, try to reverse the faulty decryption

+ * and then perform correct decryption

+ */

+ if (0xEB52904E54465320 != BE64 (*(uint64 *) buf)) /* NTFS */

+ {

+ /* encrypt it to see if the first sector was unencrypted before decrypt done */

+ EncryptDataUnits(buf, (UINT64_STRUCT*)&start, 1, info);

+

+ if (0xEB52904E54465320 == BE64 (*(uint64 *) buf)) /* NTFS */

+ // Write corrected first sector

+ do {

+ res = io->WriteBlocks(io, io->Media->MediaId, start, 512, buf);

+ if (EFI_ERROR(res)) {

+ UINT8 ar;

+ ERR_PRINT(L"Write error: %r\n", res);

+ ar = AskAR();

+ if (ar != 'R' && ar != 'r')

+ break;

+ } while (EFI_ERROR(res));

+

+ if (EFI_ERROR(res))

+ {

+ OUT_PRINT(L"\r\nThe corrected first sector could not be written.");

+ }

+ }

+ else

+ {

+ /* restore original value */

+ DecryptDataUnits(buf, (UINT64_STRUCT*)&start, 1, info);

+ remains = size % CRYPT_BUF_SECTORS;

+ if (remains > 0)

+ {

+ /* 1.19 bug appears only when size not multiple of 50 MB */

+ if (AskConfirm("\r\nSystem already decrypted but partition can't be recognized.\r\nDid you use 1.19 Rescue Disk previously to decrypt OS?", 1)) {

+ OUT_PRINT(L"\r\nTrying to recover data corrupted by 1.19 Rescue Disk bug.");

+

+ pos = start + remains - CRYPT_BUF_SECTORS;

+ // Read

+ do {

+ res = io->ReadBlocks(io, io->Media->MediaId, pos, CRYPT_BUF_SECTORS << 9, buf);

+ if (EFI_ERROR(res)) {

+ UINT8 ar;

+ ERR_PRINT(L"Read error: %r\n", res);

+ ar = AskAR();

+ if (ar != 'R' && ar != 'r')

+ break;

+ }

+ } while (EFI_ERROR(res));

+ if (EFI_ERROR(res))

+ OUT_PRINT(L"\r\nNo corrective action performed.");

+ else

+ UINT8* realEncryptedData = buf + ((CRYPT_BUF_SECTORS - remains) << 9);

+ BOOL bPerformWrite = FALSE;

+

+ // reverse faulty decryption

+ EncryptDataUnits(buf, (UINT64_STRUCT*)&pos, (UINT32)(remains), info);

+ // decrypt the correct data

+ DecryptDataUnits(realEncryptedData, (UINT64_STRUCT*)&start, (UINT32)(remains), info);

+

+ if (0xEB52904E54465320 == BE64 (*(uint64 *) realEncryptedData)) /* NTFS */

+ bPerformWrite = TRUE;

+ else

+ if (AskConfirm("\r\nDecrypted data don't contain valid partition information. Proceeed anyway?", 1))

+ bPerformWrite = TRUE;

+

+ if (bPerformWrite)

+ {

+ // Write original encrypted data

+ res = io->WriteBlocks(io, io->Media->MediaId, pos, (UINTN)((CRYPT_BUF_SECTORS - remains) << 9), buf);

+

+ OUT_PRINT(L"\r\nNo corrective action performed.");

+ {

+ // Write correctly decrypted data

+ do {

+ res = io->WriteBlocks(io, io->Media->MediaId, start, (UINTN) (remains << 9), realEncryptedData);

+ if (EFI_ERROR(res)) {

+ UINT8 ar;

+ ERR_PRINT(L"Write error: %r\n", res);

+ ar = AskAR();

+ if (ar != 'R' && ar != 'r')

+ break;

+ }

+ } while (EFI_ERROR(res));

+

+ if (EFI_ERROR(res))

+ {

+ OUT_PRINT(L"\r\nFailed to write decrypted data.");

+ }

+ else

+ {

+ OUT_PRINT(L"\r\nData recovered successfully!");

+ }

+ else

+ {

+ OUT_PRINT(L"\r\nNo corrective action performed.");

+ }

+ }

+ }

+ else

+ {

+ OUT_PRINT(L"\n\rNo corrective action attempted.");

+ }

+

+ }

+ DcsStrHexToBytes(cmd + sizeof(CCID_HEADER_OUT), &cmdLen, hexString);

+SecRegionMark()

+SecRegionWipe()

+SecRegionDump(

+ UINT8* SecRegionDumpData = NULL;

+ UINTN SecRegionDumpSize = 0;

+ UINTN SecRegionDumpOffset = 0;

+ SecRegionDumpSize = adm->AuthDataSize * 128 * 1024;

+ SecRegionDumpData = MEM_ALLOC(SecRegionDumpSize);

+ if (SecRegionDumpData == NULL) {

+ CE(bio->ReadBlocks(bio, bio->Media->MediaId, 62, SecRegionDumpSize, SecRegionDumpData));

+ if (TablesVerify(SecRegionDumpSize - SecRegionDumpOffset, SecRegionDumpData + SecRegionDumpOffset)) {

+ EFI_TABLE_HEADER *mhdr = (EFI_TABLE_HEADER *)(SecRegionDumpData + SecRegionDumpOffset);

+ CE(FileSave(NULL, name, SecRegionDumpData + SecRegionDumpOffset, saveSize));

+ SecRegionDumpOffset += saveSize;

+ } while (SecRegionDumpOffset < SecRegionDumpSize);

+ MEM_FREE(SecRegionDumpData);

+SecRegionAdd(