VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-07-29 00:09:14 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-07-29 00:33:10 +0200
commit6ca598f8418a1ab12ff7353c534d610b4dbac943 (patch)
treec7c58d7fbd700e3ab4fef078a58c83c2430d847d /src
parent69a8ad5bbaa1be2b3a6548c2b3f930d3aa4379e3 (diff)
downloadVeraCrypt-6ca598f8418a1ab12ff7353c534d610b4dbac943.tar.gz
VeraCrypt-6ca598f8418a1ab12ff7353c534d610b4dbac943.zip
Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct bootloader when changing the system encryption password: this enables to recover if an attack is detected.
Diffstat (limited to 'src')
-rw-r--r--src/Common/Apidrvr.h6
-rw-r--r--src/Common/BootEncryption.cpp59
-rw-r--r--src/Common/BootEncryption.h4
-rw-r--r--src/Common/Language.xml1
-rw-r--r--src/Common/Volumes.c37
-rw-r--r--src/Common/Volumes.h3
-rw-r--r--src/Driver/DriveFilter.c97
-rw-r--r--src/Driver/DriveFilter.h1
-rw-r--r--src/Driver/Ntdriver.c6
-rw-r--r--src/Mount/Mount.c15
10 files changed, 221 insertions, 8 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index ee40aa8a..16b1641f 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -62,6 +62,7 @@
#define TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY TC_IOCTL (36)
#define TC_IOCTL_REREAD_DRIVER_CONFIG TC_IOCTL (37)
#define TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG TC_IOCTL (38)
+#define VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT TC_IOCTL (39)
// Legacy IOCTLs used before version 5.0
#define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968
@@ -256,6 +257,11 @@ typedef struct
typedef struct
{
+ byte Fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE];
+} BootLoaderFingerprintRequest;
+
+typedef struct
+{
wchar_t DevicePath[TC_MAX_PATH];
byte Configuration;
BOOL DriveIsDynamic;
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index a83db22d..d9570062 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -826,6 +826,12 @@ namespace VeraCrypt
return version;
}
+ void BootEncryption::GetInstalledBootLoaderFingerprint (byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE])
+ {
+ BootLoaderFingerprintRequest request;
+ CallDriver (VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT, NULL, 0, &request, sizeof (request));
+ memcpy (fingerprint, request.Fingerprint, sizeof (request.Fingerprint));
+ }
// Note that this does not require admin rights (it just requires the driver to be running)
bool BootEncryption::IsBootLoaderOnDrive (char *devicePath)
@@ -1492,12 +1498,18 @@ namespace VeraCrypt
void BootEncryption::InstallBootLoader (bool preserveUserConfig, bool hiddenOSCreation)
{
- byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE];
+ Device device (GetSystemDriveConfiguration().DevicePath);
+ device.CheckOpened (SRC_POS);
+
+ InstallBootLoader (device, preserveUserConfig, hiddenOSCreation);
+ }
+
+ void BootEncryption::InstallBootLoader (Device& device, bool preserveUserConfig, bool hiddenOSCreation)
+ {
+ byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE] = {0};
CreateBootLoaderInMemory (bootLoaderBuf, sizeof (bootLoaderBuf), false, hiddenOSCreation);
// Write MBR
- Device device (GetSystemDriveConfiguration().DevicePath);
- device.CheckOpened (SRC_POS);
byte mbr[TC_SECTOR_SIZE_BIOS];
device.SeekAt (0);
@@ -1530,6 +1542,38 @@ namespace VeraCrypt
device.Write (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, sizeof (bootLoaderBuf) - TC_SECTOR_SIZE_BIOS);
}
+#ifndef SETUP
+ bool BootEncryption::CheckBootloaderFingerprint (bool bSilent)
+ {
+ byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE] = {0};
+ byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE];
+ byte expectedFingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE];
+ bool bRet = false;
+
+ try
+ {
+ // read bootloader fingerprint
+ GetInstalledBootLoaderFingerprint (fingerprint);
+
+ // compute expected fingerprint
+ CreateBootLoaderInMemory (bootLoaderBuf, sizeof (bootLoaderBuf), false, false);
+ ::ComputeBootloaderFingerprint (bootLoaderBuf, sizeof (bootLoaderBuf), expectedFingerprint);
+
+ // compare values
+ if (0 == memcmp (fingerprint, expectedFingerprint, sizeof (expectedFingerprint)))
+ {
+ bRet = true;
+ }
+ }
+ catch (Exception& e)
+ {
+ if (!bSilent)
+ e.Show (ParentWindow);
+ }
+
+ return bRet;
+ }
+#endif
string BootEncryption::GetSystemLoaderBackupPath ()
{
@@ -2415,6 +2459,15 @@ namespace VeraCrypt
reopenRequest.pim = pim;
finally_do_arg (ReopenBootVolumeHeaderRequest*, &reopenRequest, { burn (finally_arg, sizeof (*finally_arg)); });
+ try
+ {
+ // force update of bootloader if fingerprint doesn't match
+ if (!CheckBootloaderFingerprint (true))
+ InstallBootLoader (device, true);
+ }
+ catch (...)
+ {}
+
CallDriver (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER, &reopenRequest, sizeof (reopenRequest));
}
diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h
index 6ac42cd3..c93058ad 100644
--- a/src/Common/BootEncryption.h
+++ b/src/Common/BootEncryption.h
@@ -140,6 +140,7 @@ namespace VeraCrypt
DumpFilter
};
+ void SetParentWindow (HWND parent) { ParentWindow = parent; }
void AbortDecoyOSWipe ();
void AbortSetup ();
void AbortSetupWait ();
@@ -157,6 +158,7 @@ namespace VeraCrypt
DWORD GetDriverServiceStartType ();
unsigned int GetHiddenOSCreationPhase ();
uint16 GetInstalledBootLoaderVersion ();
+ void GetInstalledBootLoaderFingerprint (byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]);
Partition GetPartitionForHiddenOS ();
bool IsBootLoaderOnDrive (char *devicePath);
BootEncryptionStatus GetStatus ();
@@ -164,7 +166,9 @@ namespace VeraCrypt
void GetVolumeProperties (VOLUME_PROPERTIES_STRUCT *properties);
SystemDriveConfiguration GetSystemDriveConfiguration ();
void Install (bool hiddenSystem);
+ void InstallBootLoader (Device& device, bool preserveUserConfig = false, bool hiddenOSCreation = false);
void InstallBootLoader (bool preserveUserConfig = false, bool hiddenOSCreation = false);
+ bool CheckBootloaderFingerprint (bool bSilent = false);
void InvalidateCachedSysDriveProperties ();
bool IsCDDrivePresent ();
bool IsHiddenSystemRunning ();
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index a02da93c..b84b54cd 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -1059,6 +1059,7 @@
<string lang="en" key="SYS_LOADER_RESTORE_FAILED">Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader.</string>
<string lang="en" key="SYS_LOADER_UNAVAILABLE_FOR_RESCUE_DISK">The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file).</string>
<string lang="en" key="ERROR_MBR_PROTECTED">Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection.</string>
+ <string lang="en" key="BOOT_LOADER_FINGERPRINT_CHECK_FAILED">WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities.</string>
<string lang="en" key="BOOT_LOADER_VERSION_INCORRECT_PREFERENCES">The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved.</string>
<string lang="en" key="CUSTOM_BOOT_LOADER_MESSAGE_HELP">Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader.</string>
<string lang="en" key="CUSTOM_BOOT_LOADER_MESSAGE_PROMPT">WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option?</string>
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index d557d171..545f6c62 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -35,6 +35,7 @@
#ifdef _WIN32
#include <Strsafe.h>
+#include "../Boot/Windows/BootCommon.h"
#endif
/* Volume header v5 structure (used since TrueCrypt 7.0): */
@@ -578,6 +579,42 @@ ret:
return status;
}
+#ifdef _WIN32
+void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint)
+{
+ // compute Whirlpool+SHA512 fingerprint of bootloader including MBR
+ // we skip user configuration fields:
+ // TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET = 402
+ // => TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE = 4
+ // TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = 406
+ // => TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH = 24
+ // TC_BOOT_SECTOR_USER_CONFIG_OFFSET = 438
+ //
+ // we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE
+
+ WHIRLPOOL_CTX whirlpool;
+ sha512_ctx sha2;
+
+ WHIRLPOOL_init (&whirlpool);
+ sha512_begin (&sha2);
+
+ WHIRLPOOL_add (bootLoaderBuf, TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET * 8, &whirlpool);
+ sha512_hash (bootLoaderBuf, TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET, &sha2);
+
+ WHIRLPOOL_add (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)) * 8, &whirlpool);
+ sha512_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2);
+
+ WHIRLPOOL_add (bootLoaderBuf + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)) * 8, &whirlpool);
+ sha512_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)), &sha2);
+
+ WHIRLPOOL_add (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS) * 8, &whirlpool);
+ sha512_hash (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS), &sha2);
+
+ WHIRLPOOL_finalize (&whirlpool, fingerprint);
+ sha512_end (&fingerprint [WHIRLPOOL_DIGESTSIZE], &sha2);
+}
+#endif
+
#else // TC_WINDOWS_BOOT
int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h
index 76a14966..016d989f 100644
--- a/src/Common/Volumes.h
+++ b/src/Common/Volumes.h
@@ -130,6 +130,9 @@ UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#else
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
+#ifdef _WIN32
+void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint);
+#endif
#endif
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index d3bc2dc2..4b9117eb 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -35,6 +35,7 @@ static KMUTEX MountMutex;
static volatile BOOL BootDriveFound = FALSE;
static DriveFilterExtension *BootDriveFilterExtension = NULL;
static LARGE_INTEGER BootDriveLength;
+static byte BootLoaderFingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE];
static BOOL CrashDumpEnabled = FALSE;
static BOOL HibernationEnabled = FALSE;
@@ -121,6 +122,9 @@ NTSTATUS LoadBootArguments ()
if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
AddPasswordToCache (&BootArgs.BootPassword);
+ // clear fingerprint
+ burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
+
status = STATUS_SUCCESS;
}
}
@@ -216,6 +220,77 @@ static void DismountDrive (DriveFilterExtension *Extension, BOOL stopIoQueue)
Extension->DriveMounted = FALSE;
}
+static void ComputeBootLoaderFingerprint(PDEVICE_OBJECT LowerDeviceObject, byte* ioBuffer /* ioBuffer must be at least 512 bytes long */)
+{
+ NTSTATUS status;
+ LARGE_INTEGER offset;
+ WHIRLPOOL_CTX whirlpool;
+ sha512_ctx sha2;
+ ULONG bytesToRead, remainingBytes, bootloaderTotalSize = TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE;
+
+ // clear fingerprint
+ burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
+
+ // compute Whirlpool+SHA512 fingerprint of bootloader including MBR
+ // we skip user configuration fields:
+ // TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET = 402
+ // => TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE = 4
+ // TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = 406
+ // => TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH = 24
+ // TC_BOOT_SECTOR_USER_CONFIG_OFFSET = 438
+ //
+ // we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE
+
+ WHIRLPOOL_init (&whirlpool);
+ sha512_begin (&sha2);
+ // read the first 512 bytes
+ offset.QuadPart = 0;
+
+ status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, TC_SECTOR_SIZE_BIOS);
+ if (NT_SUCCESS (status))
+ {
+ WHIRLPOOL_add (ioBuffer, TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET * 8, &whirlpool);
+ WHIRLPOOL_add (ioBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)) * 8, &whirlpool);
+ WHIRLPOOL_add (ioBuffer + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)) * 8, &whirlpool);
+
+ sha512_hash (ioBuffer, TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET, &sha2);
+ sha512_hash (ioBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2);
+ sha512_hash (ioBuffer + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)), &sha2);
+
+ // we has the reste of the bootloader, 512 bytes at a time
+ offset.QuadPart = TC_SECTOR_SIZE_BIOS;
+ remainingBytes = bootloaderTotalSize - TC_SECTOR_SIZE_BIOS;
+
+ while (NT_SUCCESS (status) && (remainingBytes > 0))
+ {
+ bytesToRead = (remainingBytes >= TC_SECTOR_SIZE_BIOS)? TC_SECTOR_SIZE_BIOS : remainingBytes;
+ status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, bytesToRead);
+ if (NT_SUCCESS (status))
+ {
+ remainingBytes -= bytesToRead;
+ offset.QuadPart += bytesToRead;
+ WHIRLPOOL_add (ioBuffer, bytesToRead * 8, &whirlpool);
+ sha512_hash (ioBuffer, bytesToRead, &sha2);
+ }
+ else
+ {
+ Dump ("TCReadDevice error %x during ComputeBootLoaderFingerprint call\n", status);
+ break;
+ }
+ }
+
+ if (NT_SUCCESS (status))
+ {
+ WHIRLPOOL_finalize (&whirlpool, BootLoaderFingerprint);
+ sha512_end (&BootLoaderFingerprint [WHIRLPOOL_DIGESTSIZE], &sha2);
+ }
+ }
+ else
+ {
+ Dump ("TCReadDevice error %x during ComputeBootLoaderFingerprint call\n", status);
+ }
+}
+
static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, uint32 *headerSaltCrc32)
{
@@ -302,6 +377,9 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
// Header decrypted
status = STATUS_SUCCESS;
Dump ("Header decrypted\n");
+
+ // calculate Fingerprint
+ ComputeBootLoaderFingerprint (Extension->LowerDeviceObject, header);
if (Extension->Queue.CryptoInfo->hiddenVolume)
{
@@ -807,6 +885,7 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, FALSE, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
{
Dump ("Header reopened\n");
+ ComputeBootLoaderFingerprint (BootDriveFilterExtension->LowerDeviceObject, header);
BootDriveFilterExtension->Queue.CryptoInfo->header_creation_time = BootDriveFilterExtension->HeaderCryptoInfo->header_creation_time;
BootDriveFilterExtension->Queue.CryptoInfo->pkcs5 = BootDriveFilterExtension->HeaderCryptoInfo->pkcs5;
@@ -1681,6 +1760,24 @@ void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp)
}
}
+void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp)
+{
+ if (ValidateIOBufferSize (irp, sizeof (BootLoaderFingerprintRequest), ValidateOutput))
+ {
+ if (BootArgsValid)
+ {
+ BootLoaderFingerprintRequest *bootLoaderFingerprint = (BootLoaderFingerprintRequest *) irp->AssociatedIrp.SystemBuffer;
+ memcpy (bootLoaderFingerprint->Fingerprint, BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
+ irp->IoStatus.Information = sizeof (BootLoaderFingerprintRequest);
+ irp->IoStatus.Status = STATUS_SUCCESS;
+ }
+ else
+ {
+ irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
+ irp->IoStatus.Information = 0;
+ }
+ }
+}
void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp)
{
diff --git a/src/Driver/DriveFilter.h b/src/Driver/DriveFilter.h
index 96ec00ef..7ae0d47d 100644
--- a/src/Driver/DriveFilter.h
+++ b/src/Driver/DriveFilter.h
@@ -59,6 +59,7 @@ void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp);
+void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp);
NTSTATUS GetSetupResult ();
DriveFilterExtension *GetBootDriveFilterExtension ();
CRYPTO_INFO *GetSystemDriveCryptoInfo ();
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index a9f15b78..a99ac6d4 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -1029,7 +1029,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
IO_STATUS_BLOCK IoStatus;
LARGE_INTEGER offset;
byte readBuffer [TC_SECTOR_SIZE_BIOS];
-
+
if (!ValidateIOBufferSize (Irp, sizeof (GetSystemDriveConfigurationRequest), ValidateInputOutput))
break;
@@ -1493,6 +1493,10 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
ReopenBootVolumeHeader (Irp, irpSp);
break;
+ case VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT:
+ GetBootLoaderFingerprint (Irp, irpSp);
+ break;
+
case TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME:
GetBootEncryptionAlgorithmName (Irp, irpSp);
break;
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 66941b15..bebb18d7 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -5769,6 +5769,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
try
{
+ BootEncObj->SetParentWindow (hwndDlg);
BootEncStatus = BootEncObj->GetStatus();
RecentBootEncStatus = BootEncStatus;
}
@@ -5808,13 +5809,19 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (IsHiddenOSRunning())
{
- if (BootEncObj->GetInstalledBootLoaderVersion() > VERSION_NUM)
+ if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
Warning ("UPDATE_TC_IN_HIDDEN_OS_TOO", hwndDlg);
+ if (!BootEncObj->CheckBootloaderFingerprint ())
+ Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg);
}
- else if (SysDriveOrPartitionFullyEncrypted (TRUE)
- && BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
+ else if (SysDriveOrPartitionFullyEncrypted (TRUE))
{
- Warning ("BOOT_LOADER_VERSION_DIFFERENT_FROM_DRIVER_VERSION", hwndDlg);
+ if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
+ {
+ Warning ("BOOT_LOADER_VERSION_DIFFERENT_FROM_DRIVER_VERSION", hwndDlg);
+ }
+ if (!BootEncObj->CheckBootloaderFingerprint ())
+ Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg);
}
}
catch (...) { }