diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-02-26 01:50:27 +0100 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-03-01 00:35:13 +0100 |
| commit | cf48b532b447faa969347fef183c6e8921c4ded2 (patch) | |
| tree | df0d4539325b6a7a89d0dac0b19c5a1c17293cc6 /src/Driver/Ntdriver.c | |
| parent | 29b749bdd96668d1aa9259b70be436e807b46af2 (diff) | |
| download | VeraCrypt-cf48b532b447faa969347fef183c6e8921c4ded2.tar.gz VeraCrypt-cf48b532b447faa969347fef183c6e8921c4ded2.zip | |
Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha)
Diffstat (limited to 'src/Driver/Ntdriver.c')
| -rw-r--r-- | src/Driver/Ntdriver.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index ba2de477..97fb1bf1 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -287,6 +287,24 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) TCfree (startKeyValue); } +#ifdef _WIN64 + if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 1)) + { + // we enable RAM encryption only starting from Windows 7 + if (IsRamEncryptionEnabled()) + { + if (t1ha_selfcheck__t1ha2() != 0) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + if (!InitializeSecurityParameters(GetDriverRandomSeed)) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + } + } + else + { + EnableRamEncryption (FALSE); + } +#endif + for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; ++i) { DriverObject->MajorFunction[i] = TCDispatchQueueIRP; @@ -326,7 +344,7 @@ NTSTATUS DriverAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo) return DriveFilterAddDevice (driverObject, pdo); } - +#if defined (DEBUG) || defined (DEBUG_TRACE) // Dumps a memory region to debug output void DumpMemory (void *mem, int size) { @@ -351,6 +369,7 @@ void DumpMemory (void *mem, int size) m+=8; } } +#endif BOOL IsAllZeroes (unsigned char* pbData, DWORD dwDataLen) { @@ -4453,6 +4472,8 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) flags ^= VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION; WriteRegistryConfigFlags (flags); } + + EnableRamEncryption ((flags & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); } EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); |