+static BOOL IsWindowsMBR (const byte *buffer, size_t bufferSize)

+{

+ BOOL bRet = FALSE;

+ byte g_pbMsSignature[4] = {0x33, 0xc0, 0x8e, 0xd0};

+ const char* g_szStr1 = "Invalid partition table";

+ const char* g_szStr2 = "Error loading operating system";

+ const char* g_szStr3 = "Missing operating system";

+

+ if ((0 == memcmp (buffer, g_pbMsSignature, 4)) &&

+ (BufferContainsString (buffer, bufferSize, g_szStr1)

+ || BufferContainsString (buffer, bufferSize, g_szStr2)

+ || BufferContainsString (buffer, bufferSize, g_szStr3)

+ )

+ )

+ {

+ bRet = TRUE;

+ }

+

+ return bRet;

+}

+

+ static void NotifyService (DWORD dwNotifyCmd)

+ {

+ Elevate();

+

+ DWORD result = ElevatedComInstance->NotifyService (dwNotifyCmd);

+ if (result != ERROR_SUCCESS)

+ {

+ SetLastError (result);

+ throw SystemException(SRC_POS);

+ }

+ }

+

+ CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE);

+ BootEncryption::BootEncryption (HWND parent, bool postOOBE, bool setBootEntry, bool forceFirstBootEntry, bool setBootNext)

+ PostOOBEMode (postOOBE),

+ SetBootNext (setBootNext),

+ SetBootEntry (setBootEntry),

+ ForceFirstBootEntry (forceFirstBootEntry)

+ if (config.ExtraBootPartitionPresent)

+ NULL,

+ if (config.Partitions.size() == 2

+ #ifndef WOLFCRYPT_BACKEND

+ else if (_stricmp (request.BootEncryptionAlgorithmName, "Camellia") == 0)

+ ea = CAMELLIA;

+ else if (_stricmp (request.BootEncryptionAlgorithmName, "Serpent") == 0)

+ #endif

+ else if (_stricmp(request.BootPrfAlgorithmName, "SHA-512") == 0)

+ #ifndef WOLFCRYPT_BACKEND

+ else if (_stricmp(request.BootPrfAlgorithmName, "BLAKE2s-256") == 0)

+ pkcs5_prf = BLAKE2S;

+ #endif

+ pkcs5_prf = BLAKE2S;

+ // Only BLAKE2s and SHA-256 are supported for MBR boot loader

+ if (!bIsGPT && pkcs5_prf != BLAKE2S && pkcs5_prf != SHA256)

+ buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER;

+ hashMsg ("(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) BLAKE2S (5) STREEBOG\nHash: "),

+ //hashMsg = ReadConfigString (configContent, "HashMsg", "(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) BLAKE2S (5) STREEBOG\nHash: ", buffer, sizeof (buffer));

+

+ string fieldValue;

+ if (IsPostExecFileField(actionSuccessValue, fieldValue) && (0 == _stricmp(fieldValue.c_str(), "\\EFI\\Microsoft\\Boot\\bootmgfw.efi")))

+ {

+ // fix wrong configuration file since bootmgfw.efi is now a copy of VeraCrypt and if we don't fix the DcsProp

+ // file, veraCrypt bootloader will call itself

+ // We first check if bootmgfw.efi is original Microsoft one. If yes, we don't do anything, otherwise we set the field to bootmgfw_ms.vc

+ unsigned __int64 loaderSize = 0;

+ bool bModifiedMsBoot = true;

+ EfiBootInst.GetFileSize(L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", loaderSize);

+

+ if (loaderSize > 32768)

+ {

+ std::vector<byte> bootLoaderBuf ((size_t) loaderSize);

+

+ EfiBootInst.ReadFile(L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", &bootLoaderBuf[0], (DWORD) loaderSize);

+

+ // look for bootmgfw.efi identifiant string

+ const char* g_szMsBootString = "bootmgfw.pdb";

+ if (BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, g_szMsBootString, strlen (g_szMsBootString)))

+ {

+ bModifiedMsBoot = false;

+ }

+ }

+

+ if (bModifiedMsBoot)

+ actionSuccessValue = "postexec file(EFI\\Microsoft\\Boot\\bootmgfw_ms.vc)";

+ }

+

+ BOOL EfiBootConf::IsPostExecFileField (const string& fieldValue, string& filePath)

+ {

+ BOOL bRet = FALSE;

+ filePath = "";

+

+ if (!fieldValue.empty() && strlen (fieldValue.c_str()))

+ {

+ string copieValue = fieldValue;

+ std::transform(copieValue.begin(), copieValue.end(), copieValue.begin(), ::tolower);

+

+ if (strstr (copieValue.c_str(), "postexec") && strstr (copieValue.c_str(), "file("))

+ {

+ char c;

+ const char* ptr = strstr (copieValue.c_str(), "file(");

+

+ filePath = "\\";

+ ptr += 5;

+ while ((c = *ptr))

+ {

+ if (c == ')')

+ break;

+ if (c == '/')

+ c = '\\';

+ filePath += c;

+ ptr++;

+ }

+

+ if (c == ')')

+ bRet = TRUE;

+ else

+ filePath = "";

+ }

+ }

+

+ return bRet;

+ }

+

+ BOOL EfiBootConf::IsPostExecFileField (const string& fieldValue, wstring& filePath)

+ {

+ string aPath;

+ BOOL bRet = IsPostExecFileField (fieldValue, aPath);

+ if (bRet)

+ filePath = wstring(aPath.begin(), aPath.end());

+ else

+ filePath = L"";

+

+ return bRet;

+ }

+

+ GetVolumeESP(wstring& path, wstring& bootVolumePath)

+ static wstring g_BootVolumePath;

+ NtQuerySystemInformationFn NtQuerySystemInformationPtr = (NtQuerySystemInformationFn) GetProcAddress (GetModuleHandle (L"ntdll.dll"), "NtQuerySystemInformation");

+ throw SystemException (SRC_POS);

+ /* try to convert the returned NTSTATUS to a WIN32 system error using RtlNtStatusToDosError */

+ RtlNtStatusToDosErrorFn RtlNtStatusToDosErrorPtr = (RtlNtStatusToDosErrorFn) GetProcAddress (GetModuleHandle (L"ntdll.dll"), "RtlNtStatusToDosError");

+ if (RtlNtStatusToDosErrorPtr)

+ {

+ ULONG win32err = RtlNtStatusToDosErrorPtr (res);

+ if (win32err != ERROR_MR_MID_NOT_FOUND)

+ res = (NTSTATUS) win32err;

+ }

+

+

+ g_BootVolumePath = pStr->Buffer;

+ bootVolumePath = g_BootVolumePath;

+ std::wstring pathESP, bootVolumePath;

+ GetVolumeESP(pathESP, bootVolumePath);

+ std::wstring pathESP, bootVolumePath;

+ GetVolumeESP(pathESP, bootVolumePath);

+ bDeviceInfoValid = false;

+ void EfiBoot::PrepareBootPartition(bool bDisableException) {

+

+ GetVolumeESP (EfiBootPartPath, BootVolumePath);

+ if (!bDisableException)

+ throw;

+ if (dev.IsOpened())

+ bDeviceInfoValid = dev.IoCtl(IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &sdn, sizeof(sdn))

+ && dev.IoCtl(IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partInfo, sizeof(partInfo));

+ DWORD dwLastError = GetLastError ();

+ dev.Close();

+ if (!bDeviceInfoValid && !bDisableException)

+ {

+ SetLastError (dwLastError);

+ throw SystemException(SRC_POS);

+ }

+ }

+ void EfiBoot::SetStartExec(wstring description, wstring execPath, bool setBootEntry, bool forceFirstBootEntry, bool setBootNext, uint16 statrtOrderNum , wchar_t* type, uint32 attr) {

+ if (bDeviceInfoValid)

+ {

+ uint32 varSize = 56;

+ varSize += ((uint32) description.length()) * 2 + 2;

+ varSize += ((uint32) execPath.length()) * 2 + 2;

+ byte *startVar = new byte[varSize];

+ byte *pVar = startVar;

+

+ // Attributes (1b Active, 1000b - Hidden)

+ *(uint32 *)pVar = attr;

+ pVar += sizeof(uint32);

+

+ // Size Of device path + file path

+ *(uint16 *)pVar = (uint16)(50 + execPath.length() * 2 + 2);

+ // description

+ for (uint32 i = 0; i < description.length(); i++) {

+ *(uint16 *)pVar = description[i];

+ pVar += sizeof(uint16);

+ }

+ *(uint16 *)pVar = 0;

+ pVar += sizeof(uint16);

+ /* EFI_DEVICE_PATH_PROTOCOL (HARDDRIVE_DEVICE_PATH \ FILE_PATH \ END) */

+ // Type

+ *(byte *)pVar = 0x04;

+ pVar += sizeof(byte);

+ // SubType

+ *(byte *)pVar = 0x01;

+ pVar += sizeof(byte);

+

+ // HDD dev path length

+ *(uint16 *)pVar = 0x2A; // 42

+ pVar += sizeof(uint16);

+ // PartitionNumber

+ *(uint32 *)pVar = (uint32)partInfo.PartitionNumber;

+ pVar += sizeof(uint32);

+ // PartitionStart

+ *(uint64 *)pVar = partInfo.StartingOffset.QuadPart >> 9;

+ pVar += sizeof(uint64);

+ // PartitiontSize

+ *(uint64 *)pVar = partInfo.PartitionLength.QuadPart >> 9;

+ pVar += sizeof(uint64);

+ // GptGuid

+ memcpy(pVar, &partInfo.Gpt.PartitionId, 16);

+ pVar += 16;

+ // MbrType

+ *(byte *)pVar = 0x02;

+ pVar += sizeof(byte);

+ // SigType

+ *(byte *)pVar = 0x02;

+ pVar += sizeof(byte);

+ // Type and sub type 04 04 (file path)

+ *(uint16 *)pVar = 0x0404;

+ pVar += sizeof(uint16);

+ // SizeOfFilePath ((CHAR16)FullPath.length + sizeof(EndOfrecord marker) )

+ *(uint16 *)pVar = (uint16)(execPath.length() * 2 + 2 + sizeof(uint32));

+ pVar += sizeof(uint16);

+ // FilePath

+ for (uint32 i = 0; i < execPath.length(); i++) {

+ *(uint16 *)pVar = execPath[i];

+ pVar += sizeof(uint16);

+ }

+ *(uint16 *)pVar = 0;

+ // EndOfrecord

+ *(uint32 *)pVar = 0x04ff7f;

+ pVar += sizeof(uint32);

+ // Set variable

+ wchar_t varName[256];

+ StringCchPrintfW(varName, ARRAYSIZE (varName), L"%s%04X", type == NULL ? L"Boot" : type, statrtOrderNum);

+

+ // only set value if it doesn't already exist

+ byte* existingVar = new byte[varSize];

+ DWORD existingVarLen = GetFirmwareEnvironmentVariableW (varName, EfiVarGuid, existingVar, varSize);

+ if ((existingVarLen != varSize) || (0 != memcmp (existingVar, startVar, varSize)))

+ SetFirmwareEnvironmentVariable(varName, EfiVarGuid, startVar, varSize);

+ delete [] startVar;

+ delete [] existingVar;

+ }

+ if (setBootEntry)

+ {

+ // check if first entry in BootOrder is Windows one

+ bool bFirstEntryIsWindows = false;

+ if (startOrderNumPos != 0)

+ {

+ wchar_t varName[256];

+ StringCchPrintfW(varName, ARRAYSIZE (varName), L"%s%04X", type == NULL ? L"Boot" : type, startOrder[0]);

+

+ byte* existingVar = new byte[512];

+ DWORD existingVarLen = GetFirmwareEnvironmentVariableW (varName, EfiVarGuid, existingVar, 512);

+ if (existingVarLen > 0)

+ {

+ if (BufferContainsWideString (existingVar, existingVarLen, L"EFI\\Microsoft\\Boot\\bootmgfw.efi"))

+ bFirstEntryIsWindows = true;

+ }

+

+ delete [] existingVar;

+

+

+ // Create new entry if absent

+ if (startOrderNumPos == UINT_MAX) {

+ if (bDeviceInfoValid)

+ {

+ if (forceFirstBootEntry && bFirstEntryIsWindows)

+ {

+ for (uint32 i = startOrderLen / 2; i > 0; --i) {

+ startOrder[i] = startOrder[i - 1];

+ }

+ startOrder[0] = statrtOrderNum;

+ }

+ else

+ {

+ startOrder[startOrderLen/2] = statrtOrderNum;

+ }

+ startOrderLen += 2;

+ startOrderUpdate = true;

+ }

+ } else if ((startOrderNumPos > 0) && forceFirstBootEntry && bFirstEntryIsWindows) {

+ for (uint32 i = startOrderNumPos; i > 0; --i) {

+ startOrder[i] = startOrder[i - 1];

+ }

+ startOrder[0] = statrtOrderNum;

+ startOrderUpdate = true;

+ }

+

+ if (startOrderUpdate) {

+ SetFirmwareEnvironmentVariable(order.c_str(), EfiVarGuid, startOrder, startOrderLen);

+ if (setBootNext)

+ {

+ // set BootNext value

+ wstring next = L"Next";

+ next.insert(0, type == NULL ? L"Boot" : type);

+

+ SetFirmwareEnvironmentVariable(next.c_str(), EfiVarGuid, &statrtOrderNum, 2);

+

+ }

+

+ bool EfiBoot::CompareFiles (const wchar_t* fileName1, const wchar_t* fileName2)

+ {

+ bool bRet = false;

+ File f1 (fileName1, true);

+ File f2 (fileName2, true);

+

+ if (f1.IsOpened() && f2.IsOpened())

+ {

+ try

+ {

+ DWORD size1, size2;

+ f1.GetFileSize (size1);

+ f2.GetFileSize (size2);

+

+ if (size1 == size2)

+ {

+ // same size, so now we compare content

+ std::vector<byte> file1Buf (8096);

+ std::vector<byte> file2Buf (8096);

+ DWORD remainingBytes = size1, dataToRead;

+

+ while (remainingBytes)

+ {

+ dataToRead = VC_MIN (remainingBytes, (DWORD) file1Buf.size());

+ DWORD f1Bytes = f1.Read (file1Buf.data(), dataToRead);

+ DWORD f2Bytes = f2.Read (file2Buf.data(), dataToRead);

+

+ if ((f1Bytes != f2Bytes) || memcmp (file1Buf.data(), file2Buf.data(), (size_t) f1Bytes))

+ {

+ break;

+ }

+ else

+ {

+ remainingBytes -= f1Bytes;

+ }

+ }

+

+ if (0 == remainingBytes)

+ {

+ // content is the same

+ bRet = true;

+ }

+ }

+ }

+ catch (...) {}

+ }

+

+ f1.Close();

+ f2.Close();

+

+ return bRet;

+ }

+

+ bool EfiBoot::CompareFileData (const wchar_t* fileName, const byte* data, DWORD size)

+ {

+ bool bRet = false;

+

+ File f(fileName, true);

+ if (f.IsOpened ())

+ {

+ try

+ {

+ // check if the file has the same content

+ // if yes, don't perform any write operation to avoid changing its timestamp

+ DWORD existingSize = 0;

+ f.GetFileSize(existingSize);

+

+ if (existingSize == size)

+ {

+ std::vector<byte> fileBuf (8096);

+ DWORD remainingBytes = size, dataOffset = 0, dataToRead;

+

+ while (remainingBytes)

+ {

+ dataToRead = VC_MIN (remainingBytes, (DWORD) fileBuf.size());

+ dataToRead = f.Read (fileBuf.data(), dataToRead);

+

+ if (memcmp (data + dataOffset, fileBuf.data(), (size_t) dataToRead))

+ {

+ break;

+ }

+ else

+ {

+ dataOffset += dataToRead;

+ remainingBytes -= dataToRead;

+ }

+ }

+ if (0 == remainingBytes)

+ {

+ // content is the same

+ bRet = true;

+ }

+ }

+ }

+ catch (...){}

+ }

+

+ f.Close();

+ return bRet;

+ if (!CompareFileData (path.c_str(), data, size))

+ {

+ File f(path, false, true);

+ f.Write(data, size);

+ f.Close();

+ }

+

+ // if both files are the same, we don't perform copy operation

+ if (!CompareFiles (path.c_str(), targetPath.c_str()))

+ throw_sys_if (!::CopyFileW (path.c_str(), targetPath.c_str(), FALSE));

+

+ BOOL bRet;

+ if (CompareFiles (path.c_str(), pathNew.c_str()))

+ {

+ // files identical. Delete source file only

+ bRet = DeleteFile (path.c_str());

+ }

+ else

+ bRet = MoveFileExW(path.c_str(), pathNew.c_str(), bForce? MOVEFILE_REPLACE_EXISTING : 0);

+ return bRet;

+ /* Before updating files, we check first if they already have the expected content. If yes, then we don't perform

+ * any write operation to avoid modifying file timestamps Unnecessarily.

+ */

+ bool bSkipWrite = false;

+ wchar_t wszBuffer [2 * TC_MAX_PATH] = {0};

+ if ( (0 < GetPrivateProfileStringW (L"SetupConfig", L"ReflectDrivers", L"", wszBuffer, ARRAYSIZE (wszBuffer), szSetupconfigLocation))

+ && (_wcsicmp (wszBuffer, szInstallPath) == 0)

+ )

+ {

+ bSkipWrite = true;

+ }

+

+ if (!bSkipWrite)

+ WritePrivateProfileStringW (L"SetupConfig", L"ReflectDrivers", szPathParam.c_str(), szSetupconfigLocation);

+

+ bSkipWrite = false;

+

+ wstring wszExpectedValue = L"\"";

+ wszExpectedValue += szInstallPath;

+ wszExpectedValue += L"\\VeraCrypt.exe\" /PostOOBE";

+

+ FILE* scriptFile = _wfopen (szPathParam.c_str(), L"r");

+ long fileSize = _filelength (_fileno (scriptFile));

+ if (fileSize < (2 * TC_MAX_PATH))

+ {

+ fgetws (wszBuffer, ARRAYSIZE (wszBuffer), scriptFile);

+

+ if (wszBuffer[wcslen (wszBuffer) - 1] == L'\n')

+ wszBuffer[wcslen (wszBuffer) - 1] = 0;

+

+ bSkipWrite = (0 == _wcsicmp (wszBuffer, wszExpectedValue.c_str()));

+ }

+ }

+ if (!bSkipWrite)

+ {

+ scriptFile = _wfopen (szPathParam.c_str(), L"w");

+ if (scriptFile)

+ {

+ fwprintf (scriptFile, L"%s\n", wszExpectedValue.c_str());

+ fclose (scriptFile);

+ }

+ }

+

+ bSkipWrite = false;

+

+ if ( (0 < GetPrivateProfileStringW (L"SetupConfig", L"PostOOBE", L"", wszBuffer, ARRAYSIZE (wszBuffer), szSetupconfigLocation))

+ && (_wcsicmp (wszBuffer, szPathParam.c_str()) == 0)

+ )

+ {

+ bSkipWrite = true;

+

+ if (!bSkipWrite)

+ WritePrivateProfileStringW (L"SetupConfig", L"PostOOBE", szPathParam.c_str(), szSetupconfigLocation);

+ EfiBootInst.PrepareBootPartition(PostOOBEMode);

+ bool bModifiedMsBoot = true, bMissingMsBoot = false;;

+ if (EfiBootInst.FileExists (L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi"))

+ EfiBootInst.GetFileSize(L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", loaderSize);

+ else

+ bMissingMsBoot = true;

+

+ // restore boot menu entry in case of PostOOBE

+ if (PostOOBEMode)

+ EfiBootInst.SetStartExec(L"VeraCrypt BootLoader (DcsBoot)", L"\\EFI\\VeraCrypt\\DcsBoot.efi", SetBootEntry, ForceFirstBootEntry, SetBootNext);

+ wstring loaderPath;

+ if (EfiBootConf::IsPostExecFileField (conf.actionSuccessValue, loaderPath))

+ // check that it is not bootmgfw.efi

+ if ( (0 != _wcsicmp (loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi"))

+ && (EfiBootInst.FileExists (loaderPath.c_str()))

+ )

+ // look for bootmgfw.efi identifiant string

+ EfiBootInst.GetFileSize(loaderPath.c_str(), loaderSize);

+ std::vector<byte> bootLoaderBuf ((size_t) loaderSize);

+

+ EfiBootInst.ReadFile(loaderPath.c_str(), &bootLoaderBuf[0], (DWORD) loaderSize);

+

+ // look for bootmgfw.efi identifiant string

+ if (BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, g_szMsBootString, strlen (g_szMsBootString)))

+ {

+ bFound = true;

+ EfiBootInst.RenameFile(loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc", TRUE);

+ }

+ if (!bFound && !PostOOBEMode)

+ if (PostOOBEMode && EfiBootInst.FileExists (L"\\EFI\\VeraCrypt\\DcsBoot.efi"))

+ {

+ if (!bModifiedMsBoot || bMissingMsBoot)

+ EfiBootInst.SetStartExec(L"VeraCrypt BootLoader (DcsBoot)", L"\\EFI\\VeraCrypt\\DcsBoot.efi", SetBootEntry, ForceFirstBootEntry, SetBootNext);

+ try

+ {

+ byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE] = {0};

+ CreateBootLoaderInMemory (bootLoaderBuf, sizeof (bootLoaderBuf), false, hiddenOSCreation);

+ // Write MBR

+ byte mbr[TC_SECTOR_SIZE_BIOS];

+ device.SeekAt (0);

+ device.Read (mbr, sizeof (mbr));

+ if (preserveUserConfig && BufferContainsString (mbr, sizeof (mbr), TC_APP_NAME))

+ uint16 version = BE16 (*(uint16 *) (mbr + TC_BOOT_SECTOR_VERSION_OFFSET));

+ if (version != 0)

+ bootLoaderBuf[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] = mbr[TC_BOOT_SECTOR_USER_CONFIG_OFFSET];

+ memcpy (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, mbr + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH);

+

+ if (bootLoaderBuf[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM)

+ if (pim >= 0)

+ {

+ memcpy (bootLoaderBuf + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &pim, TC_BOOT_SECTOR_PIM_VALUE_SIZE);

+ }

+ else

+ memcpy (bootLoaderBuf + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, mbr + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, TC_BOOT_SECTOR_PIM_VALUE_SIZE);

+ // perform actual write only if content is different and either we are not in PostOOBE mode or the MBR contains VeraCrypt/Windows signature.

+ // this last check is done to avoid interfering with multi-boot configuration where MBR belongs to a boot manager like Grub

+ if (memcmp (mbr, bootLoaderBuf, TC_MAX_MBR_BOOT_CODE_SIZE)

+ && (!PostOOBEMode || BufferContainsString (mbr, sizeof (mbr), TC_APP_NAME) || IsWindowsMBR (mbr, sizeof (mbr))))

+ {

+ memcpy (mbr, bootLoaderBuf, TC_MAX_MBR_BOOT_CODE_SIZE);

+ device.SeekAt (0);

+ device.Write (mbr, sizeof (mbr));

+ byte mbrVerificationBuf[TC_SECTOR_SIZE_BIOS];

+ device.SeekAt (0);

+ device.Read (mbrVerificationBuf, sizeof (mbr));

+ if (memcmp (mbr, mbrVerificationBuf, sizeof (mbr)) != 0)

+ throw ErrorException ("ERROR_MBR_PROTECTED", SRC_POS);

+ }

+ if (!PostOOBEMode)

+ {

+ // Write boot loader

+ device.SeekAt (TC_SECTOR_SIZE_BIOS);

+ device.Write (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, sizeof (bootLoaderBuf) - TC_SECTOR_SIZE_BIOS);

+ }

+ }

+ catch (...)

+ {

+ if (!PostOOBEMode)

+ throw;

+ }

+ WCHAR szTmpPath[MAX_PATH + 1], szTmpFilePath[MAX_PATH + 1];

+ if (!GetTempPathW (MAX_PATH, szTmpPath))

+ if (!GetTempFileNameW (szTmpPath, L"_vrd", 0, szTmpFilePath))

+ finally_do_arg (WCHAR*, szTmpFilePath, { DeleteFileW (finally_arg);});

+

+ // convert szTmpFilePath to UTF-8 since this is what zip_open expected

+ char szUtf8Path[2*MAX_PATH + 1];

+ int utf8Len = WideCharToMultiByte (CP_UTF8, 0, szTmpFilePath, -1, szUtf8Path, sizeof (szUtf8Path), NULL, NULL);

+ if (utf8Len <= 0)

+ throw SystemException (SRC_POS);

+

+ zip_t* z = zip_open (szUtf8Path, ZIP_CREATE | ZIP_TRUNCATE | ZIP_CHECKCONS, &ierr);

+ FILE* ftmpFile = _wfopen (szTmpFilePath, L"rb");

+ if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, NULL, cryptoInfo))

+ wstring loaderPath;

+ if (EfiBootConf::IsPostExecFileField (conf.actionSuccessValue, loaderPath))

+ // check that it is not bootmgfw_ms.vc or bootmgfw.efi

+ if ( (0 != _wcsicmp (loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc"))

+ && (0 != _wcsicmp (loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi"))

+ )

+ const char* g_szMsBootString = "bootmgfw.pdb";

+ unsigned __int64 loaderSize = 0;

+ EfiBootInst.GetFileSize(loaderPath.c_str(), loaderSize);

+ std::vector<byte> bootLoaderBuf ((size_t) loaderSize);

+

+ EfiBootInst.ReadFile(loaderPath.c_str(), &bootLoaderBuf[0], (DWORD) loaderSize);

+ // look for bootmgfw.efi identifiant string

+ if (BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, g_szMsBootString, strlen (g_szMsBootString)))

+ {

+ EfiBootInst.RenameFile(loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", TRUE);

+ }

+ }

+ // check if service already exists.

+ // If yes then start it immediatly after reinstalling it

+ bool bAlreadyExists = false;

+ SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, GENERIC_READ);

+ if (service)

+ {

+ bAlreadyExists = true;

+ CloseServiceHandle (service);

+ }

+

+ /* explicitely specify VeraCrypt.exe as the file to copy and don't rely

+ * on the fact we will be always called by VeraCrypt.exe because it's not

+ * always true.

+ */

+ wchar_t* ptr = wcsrchr (appPath, L'\\');

+ if (ptr)

+ ptr[1] = 0;

+ StringCchCatW (appPath, ARRAYSIZE (appPath), _T(TC_APP_NAME) L".exe");

+

+ service = CreateService (scm,

+ // start the service immediatly if it already existed before

+ if (bAlreadyExists)

+ StartService (service, 0, NULL);

+

+ bool BootEncryption::IsSystemFavoritesServiceRunning ()

+ {

+ bool bRet = false;

+ SC_HANDLE scm = OpenSCManager (NULL, NULL, SC_MANAGER_CONNECT);

+ if (scm)

+ {

+ SC_HANDLE service = OpenService(scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, GENERIC_READ);

+ if (service)

+ {

+ SERVICE_STATUS status;

+ if (QueryServiceStatus(service, &status))

+ {

+ bRet = (status.dwCurrentState == SERVICE_RUNNING);

+ }

+

+ CloseServiceHandle(service);

+ }

+

+ CloseServiceHandle (scm);

+ }

+

+ return bRet;

+ }

+

+ DWORD configMap = ReadServiceConfigurationFlags();

+ {

+ if (IsARM())

+ throw ErrorException ("SYS_ENCRYPTION_UNSUPPORTED_ON_CURRENT_OS", SRC_POS);

+

+ /* check if the system drive is already encrypted by BitLocker */

+ wchar_t windowsDrive = (wchar_t) towupper (GetWindowsDirectory()[0]);

+ BitLockerEncryptionStatus bitLockerStatus = GetBitLockerEncryptionStatus (windowsDrive);

+ if (bitLockerStatus == BL_Status_Protected)

+ throw ErrorException ("SYSENC_BITLOCKER_CONFLICT", SRC_POS);

+

+ int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, &cryptoInfo, NULL);

+

+ // check if Fast Startup is enabled and if yes then offer to disable it

+ BOOL bHibernateEnabled = FALSE, bHiberbootEnabled = FALSE;

+ if (GetHibernateStatus (bHibernateEnabled, bHiberbootEnabled) && bHiberbootEnabled)

+ {

+ if (AskWarnYesNo ("CONFIRM_DISABLE_FAST_STARTUP", ParentWindow) == IDYES)

+ {

+ WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Power", L"HiberbootEnabled", 0);

+ }

+ }

+ void BootEncryption::NotifyService (DWORD dwNotifyCmd)

+ {

+ if (!IsAdmin() && IsUacSupported())

+ {

+ Elevator::NotifyService (dwNotifyCmd);

+ return;

+ }

+

+ DWORD dwRet = SendServiceNotification(dwNotifyCmd);

+ if (dwRet != ERROR_SUCCESS)

+ {

+ SetLastError(dwRet);

+ throw SystemException (SRC_POS);

+ }

+ }

+

+

+ bool BootEncryption::IsUsingUnsupportedAlgorithm(LONG driverVersion)

+ {

+ bool bRet = false;

+

+ try

+ {

+ if (driverVersion <= 0x125)

+ {

+ // version 1.25 is last version to support RIPEMD160 and GOST89

+ static int GOST89_EA = 5;

+ static int RIPEMD160_PRF = 4;

+

+ VOLUME_PROPERTIES_STRUCT props = {0};

+ GetVolumeProperties(&props);

+

+ //

+ if (props.ea == GOST89_EA || props.pkcs5 == RIPEMD160_PRF)

+ bRet = true;

+ }

+ }

+ catch(...)

+ {

+

+ }

+

+ return bRet;

+ }