diff options
Diffstat (limited to 'src/Common/Dlgcode.c')
-rw-r--r-- | src/Common/Dlgcode.c | 2236 |
1 files changed, 1136 insertions, 1100 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 2fd18606..4ea10aaa 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -18,6 +18,7 @@ #include <dbt.h> #include <Setupapi.h> #include <aclapi.h> +#include <Netlistmgr.h> #include <fcntl.h> #include <io.h> #include <math.h> @@ -32,6 +33,9 @@ #include <process.h> #include <Tlhelp32.h> #endif +#if _WIN32_WINNT >= 0x0602 +#include "processthreadsapi.h" +#endif #include "Resource.h" @@ -87,7 +91,10 @@ #include <Wbemidl.h> #pragma comment(lib, "wbemuuid.lib") -#pragma comment( lib, "setupapi.lib" ) +#pragma comment(lib, "Shlwapi.lib") +#pragma comment(lib, "setupapi.lib" ) +#pragma comment(lib, "Wintrust.lib" ) +#pragma comment(lib, "Comctl32.lib" ) #ifndef TTI_INFO_LARGE #define TTI_INFO_LARGE 4 @@ -207,11 +214,14 @@ BOOL LastMountedVolumeDirty; BOOL MountVolumesAsSystemFavorite = FALSE; BOOL FavoriteMountOnArrivalInProgress = FALSE; BOOL MultipleMountOperationInProgress = FALSE; +BOOL EMVSupportEnabled = FALSE; volatile BOOL NeedPeriodicDeviceListUpdate = FALSE; BOOL DisablePeriodicDeviceListUpdate = FALSE; BOOL EnableMemoryProtection = FALSE; +BOOL MemoryProtectionActivated = FALSE; + BOOL WaitDialogDisplaying = FALSE; /* Handle to the device driver */ @@ -284,139 +294,13 @@ DWORD SystemFileSelectorCallerThreadId; #define RANDPOOL_DISPLAY_ROWS 16 #define RANDPOOL_DISPLAY_COLUMNS 20 -HMODULE hRichEditDll = NULL; -HMODULE hComctl32Dll = NULL; -HMODULE hSetupDll = NULL; -HMODULE hShlwapiDll = NULL; -HMODULE hProfApiDll = NULL; -HMODULE hUsp10Dll = NULL; -HMODULE hCryptSpDll = NULL; -HMODULE hUXThemeDll = NULL; -HMODULE hUserenvDll = NULL; -HMODULE hRsaenhDll = NULL; -HMODULE himm32dll = NULL; -HMODULE hMSCTFdll = NULL; -HMODULE hfltlibdll = NULL; -HMODULE hframedyndll = NULL; -HMODULE hpsapidll = NULL; -HMODULE hsecur32dll = NULL; -HMODULE hnetapi32dll = NULL; -HMODULE hauthzdll = NULL; -HMODULE hxmllitedll = NULL; -HMODULE hmprdll = NULL; -HMODULE hsppdll = NULL; -HMODULE vssapidll = NULL; -HMODULE hvsstracedll = NULL; -HMODULE hcfgmgr32dll = NULL; -HMODULE hdevobjdll = NULL; -HMODULE hpowrprofdll = NULL; -HMODULE hsspiclidll = NULL; -HMODULE hcryptbasedll = NULL; -HMODULE hdwmapidll = NULL; -HMODULE hmsasn1dll = NULL; -HMODULE hcrypt32dll = NULL; -HMODULE hbcryptdll = NULL; -HMODULE hbcryptprimitivesdll = NULL; -HMODULE hMsls31 = NULL; -HMODULE hntmartadll = NULL; -HMODULE hwinscarddll = NULL; -HMODULE hmsvcrtdll = NULL; -HMODULE hWinTrustLib = NULL; -HMODULE hAdvapi32Dll = NULL; - -#define FREE_DLL(h) if (h) { FreeLibrary (h); h = NULL;} - -#ifndef BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE -#define BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE 0x00000001 -#endif - -#ifndef BASE_SEARCH_PATH_PERMANENT -#define BASE_SEARCH_PATH_PERMANENT 0x00008000 -#endif #ifndef LOAD_LIBRARY_SEARCH_SYSTEM32 #define LOAD_LIBRARY_SEARCH_SYSTEM32 0x00000800 #endif - -typedef BOOL (WINAPI *SetDllDirectoryPtr)(LPCWSTR lpPathName); -typedef BOOL (WINAPI *SetSearchPathModePtr)(DWORD Flags); typedef BOOL (WINAPI *SetDefaultDllDirectoriesPtr)(DWORD DirectoryFlags); - -typedef void (WINAPI *InitCommonControlsPtr)(void); -typedef HIMAGELIST (WINAPI *ImageList_CreatePtr)(int cx, int cy, UINT flags, int cInitial, int cGrow); -typedef int (WINAPI *ImageList_AddPtr)(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask); - -typedef VOID (WINAPI *SetupCloseInfFilePtr)(HINF InfHandle); -typedef HKEY (WINAPI *SetupDiOpenClassRegKeyPtr)(CONST GUID *ClassGuid,REGSAM samDesired); -typedef BOOL (WINAPI *SetupInstallFromInfSectionWPtr)(HWND,HINF,PCWSTR,UINT,HKEY,PCWSTR,UINT,PSP_FILE_CALLBACK_W,PVOID,HDEVINFO,PSP_DEVINFO_DATA); -typedef HINF (WINAPI *SetupOpenInfFileWPtr)(PCWSTR FileName,PCWSTR InfClass,DWORD InfStyle,PUINT ErrorLine); - -typedef LSTATUS (STDAPICALLTYPE *SHDeleteKeyWPtr)(HKEY hkey, LPCWSTR pszSubKey); - -typedef HRESULT (STDAPICALLTYPE *SHStrDupWPtr)(LPCWSTR psz, LPWSTR *ppwsz); - -typedef HRESULT (STDAPICALLTYPE *UrlUnescapeWPtr)( - PWSTR pszUrl, - PWSTR pszUnescaped, - DWORD *pcchUnescaped, - DWORD dwFlags -); - -// ChangeWindowMessageFilter -typedef BOOL (WINAPI *ChangeWindowMessageFilterPtr) (UINT, DWORD); - -typedef BOOL (WINAPI *CreateProcessWithTokenWFn)( - __in HANDLE hToken, - __in DWORD dwLogonFlags, - __in_opt LPCWSTR lpApplicationName, - __inout_opt LPWSTR lpCommandLine, - __in DWORD dwCreationFlags, - __in_opt LPVOID lpEnvironment, - __in_opt LPCWSTR lpCurrentDirectory, - __in LPSTARTUPINFOW lpStartupInfo, - __out LPPROCESS_INFORMATION lpProcessInformation - ); - -typedef HRESULT (WINAPI *IUnknown_QueryServiceFn)( - __in IUnknown* punk, - __in REFGUID guidService, - __in REFIID riid, - __deref_out void ** ppvOut); - -SetDllDirectoryPtr SetDllDirectoryFn = NULL; -SetSearchPathModePtr SetSearchPathModeFn = NULL; -SetDefaultDllDirectoriesPtr SetDefaultDllDirectoriesFn = NULL; - -ImageList_CreatePtr ImageList_CreateFn = NULL; -ImageList_AddPtr ImageList_AddFn = NULL; - -SetupCloseInfFilePtr SetupCloseInfFileFn = NULL; -SetupDiOpenClassRegKeyPtr SetupDiOpenClassRegKeyFn = NULL; -SetupInstallFromInfSectionWPtr SetupInstallFromInfSectionWFn = NULL; -SetupOpenInfFileWPtr SetupOpenInfFileWFn = NULL; -SHDeleteKeyWPtr SHDeleteKeyWFn = NULL; -SHStrDupWPtr SHStrDupWFn = NULL; -UrlUnescapeWPtr UrlUnescapeWFn = NULL; -ChangeWindowMessageFilterPtr ChangeWindowMessageFilterFn = NULL; -CreateProcessWithTokenWFn CreateProcessWithTokenWPtr = NULL; -IUnknown_QueryServiceFn IUnknown_QueryServicePtr = NULL; - -typedef LONG (WINAPI *WINVERIFYTRUST)(HWND hwnd, GUID *pgActionID, LPVOID pWVTData); -typedef CRYPT_PROVIDER_DATA* (WINAPI *WTHELPERPROVDATAFROMSTATEDATA)(HANDLE hStateData); -typedef CRYPT_PROVIDER_SGNR* (WINAPI *WTHELPERGETPROVSIGNERFROMCHAIN)(CRYPT_PROVIDER_DATA *pProvData, - DWORD idxSigner, - BOOL fCounterSigner, - DWORD idxCounterSigner); -typedef CRYPT_PROVIDER_CERT* (WINAPI *WTHELPERGETPROVCERTFROMCHAIN)(CRYPT_PROVIDER_SGNR *pSgnr, - DWORD idxCert); - -static WINVERIFYTRUST WinVerifyTrustFn = NULL; -static WTHELPERPROVDATAFROMSTATEDATA WTHelperProvDataFromStateDataFn = NULL; -static WTHELPERGETPROVSIGNERFROMCHAIN WTHelperGetProvSignerFromChainFn = NULL; -static WTHELPERGETPROVCERTFROMCHAIN WTHelperGetProvCertFromChainFn = NULL; - -static unsigned char gpbSha256CodeSignCertFingerprint[64] = { +static unsigned char gpbSha512CodeSignCertFingerprint[64] = { 0x9C, 0xA0, 0x21, 0xD3, 0x7C, 0x90, 0x61, 0x88, 0xEF, 0x5F, 0x99, 0x3D, 0x54, 0x9F, 0xB8, 0xCE, 0x72, 0x32, 0x4F, 0x57, 0x4F, 0x19, 0xD2, 0xA4, 0xDC, 0x84, 0xFF, 0xE2, 0x84, 0x2B, 0xD4, 0x30, 0xAB, 0xA7, 0xE4, 0x63, @@ -425,23 +309,15 @@ static unsigned char gpbSha256CodeSignCertFingerprint[64] = { 0xDB, 0x6F, 0xC0, 0x62 }; -static unsigned char gpbSha256MSCodeSignCertFingerprint[64] = { - 0x9C, 0x96, 0x81, 0x3B, 0x88, 0x54, 0xCB, 0x81, 0xB5, 0x94, 0x40, 0x4E, - 0x15, 0x81, 0x20, 0xA1, 0x19, 0x00, 0x4E, 0x49, 0x8A, 0xA8, 0x98, 0x13, - 0x9D, 0xE2, 0x86, 0x6A, 0xC1, 0xFA, 0xD3, 0x00, 0x0D, 0xAC, 0xE9, 0xE3, - 0x3B, 0xFC, 0x6B, 0x26, 0xCE, 0xC8, 0xE2, 0x36, 0x3B, 0x60, 0x9C, 0x8E, - 0x0A, 0x2A, 0x74, 0x20, 0xD7, 0x4E, 0x0F, 0xEE, 0x2E, 0x79, 0xE2, 0xAF, - 0x1C, 0x90, 0x0B, 0x9C +static unsigned char gpbSha512MSCodeSignCertFingerprint[64] = { + 0xEB, 0x76, 0x2E, 0xD3, 0x5B, 0x4A, 0xB1, 0x0E, 0xF5, 0x3B, 0x99, 0x4E, + 0xC1, 0xF7, 0x48, 0x88, 0xF6, 0xA0, 0xE9, 0xAC, 0x32, 0x69, 0xCF, 0x20, + 0xE1, 0x60, 0xC4, 0x0C, 0xEF, 0x01, 0x1F, 0xCB, 0x41, 0x95, 0x72, 0xB9, + 0xED, 0x63, 0x0C, 0x6B, 0xB9, 0xE9, 0xA2, 0x72, 0xA6, 0x78, 0x96, 0x4C, + 0x69, 0x9F, 0x90, 0x3F, 0xB1, 0x3C, 0x64, 0xF2, 0xAB, 0xCF, 0x14, 0x1D, + 0xEC, 0x7C, 0xB0, 0xC7 }; - -typedef HRESULT (WINAPI *SHGETKNOWNFOLDERPATH) ( - _In_ REFKNOWNFOLDERID rfid, - _In_ DWORD dwFlags, - _In_opt_ HANDLE hToken, - _Out_ PWSTR *ppszPath -); - /* Windows dialog class */ #define WINDOWS_DIALOG_CLASS L"#32770" @@ -972,54 +848,6 @@ BOOL TCCopyFile (wchar_t *sourceFileName, wchar_t *destinationFile) return TCCopyFileBase (src, dst); } -#if defined(NDEBUG) && !defined(VC_SKIP_OS_DRIVER_REQ_CHECK) -static BOOL InitializeWintrust() -{ - if (!hWinTrustLib) - { - wchar_t szPath[MAX_PATH] = {0}; - - if (GetSystemDirectory(szPath, MAX_PATH)) - StringCchCatW (szPath, MAX_PATH, L"\\Wintrust.dll"); - else - StringCchCopyW (szPath, MAX_PATH, L"C:\\Windows\\System32\\Wintrust.dll"); - - hWinTrustLib = LoadLibrary (szPath); - if (hWinTrustLib) - { - WinVerifyTrustFn = (WINVERIFYTRUST) GetProcAddress (hWinTrustLib, "WinVerifyTrust"); - WTHelperProvDataFromStateDataFn = (WTHELPERPROVDATAFROMSTATEDATA) GetProcAddress (hWinTrustLib, "WTHelperProvDataFromStateData"); - WTHelperGetProvSignerFromChainFn = (WTHELPERGETPROVSIGNERFROMCHAIN) GetProcAddress (hWinTrustLib, "WTHelperGetProvSignerFromChain"); - WTHelperGetProvCertFromChainFn = (WTHELPERGETPROVCERTFROMCHAIN) GetProcAddress (hWinTrustLib, "WTHelperGetProvCertFromChain"); - - if ( !WinVerifyTrustFn - || !WTHelperProvDataFromStateDataFn - || !WTHelperGetProvSignerFromChainFn - || !WTHelperGetProvCertFromChainFn) - { - FreeLibrary (hWinTrustLib); - hWinTrustLib = NULL; - } - - } - } - - if (hWinTrustLib) - return TRUE; - else - return FALSE; -} - -static void FinalizeWintrust() -{ - if (hWinTrustLib) - { - FreeLibrary (hWinTrustLib); - hWinTrustLib = NULL; - } -} - -#endif BOOL VerifyModuleSignature (const wchar_t* path) { @@ -1050,9 +878,6 @@ BOOL VerifyModuleSignature (const wchar_t* path) if (filePath [wcslen (filePath) - 1] == L'"') filePath [wcslen (filePath) - 1] = 0; - if (!InitializeWintrust ()) - return FALSE; - fileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO); fileInfo.pcwszFilePath = filePath; fileInfo.hFile = NULL; @@ -1065,23 +890,23 @@ BOOL VerifyModuleSignature (const wchar_t* path) WVTData.dwStateAction = WTD_STATEACTION_VERIFY; WVTData.dwProvFlags = WTD_REVOCATION_CHECK_NONE | WTD_CACHE_ONLY_URL_RETRIEVAL; - hResult = WinVerifyTrustFn(0, &gActionID, &WVTData); + hResult = WinVerifyTrust(0, &gActionID, &WVTData); if (0 == hResult) { - PCRYPT_PROVIDER_DATA pProviderData = WTHelperProvDataFromStateDataFn (WVTData.hWVTStateData); + PCRYPT_PROVIDER_DATA pProviderData = WTHelperProvDataFromStateData (WVTData.hWVTStateData); if (pProviderData) { - PCRYPT_PROVIDER_SGNR pProviderSigner = WTHelperGetProvSignerFromChainFn (pProviderData, 0, FALSE, 0); + PCRYPT_PROVIDER_SGNR pProviderSigner = WTHelperGetProvSignerFromChain (pProviderData, 0, FALSE, 0); if (pProviderSigner) { - PCRYPT_PROVIDER_CERT pProviderCert = WTHelperGetProvCertFromChainFn (pProviderSigner, 0); + PCRYPT_PROVIDER_CERT pProviderCert = WTHelperGetProvCertFromChain (pProviderSigner, 0); if (pProviderCert && (pProviderCert->pCert)) { BYTE hashVal[64]; sha512 (hashVal, pProviderCert->pCert->pbCertEncoded, pProviderCert->pCert->cbCertEncoded); - if ( (0 == memcmp (hashVal, gpbSha256CodeSignCertFingerprint, 64)) - || (0 == memcmp (hashVal, gpbSha256MSCodeSignCertFingerprint, 64)) + if ( (0 == memcmp (hashVal, gpbSha512CodeSignCertFingerprint, 64)) + || (0 == memcmp (hashVal, gpbSha512MSCodeSignCertFingerprint, 64)) ) { bResult = TRUE; @@ -1093,9 +918,7 @@ BOOL VerifyModuleSignature (const wchar_t* path) WVTData.dwUIChoice = WTD_UI_NONE; WVTData.dwStateAction = WTD_STATEACTION_CLOSE; - WinVerifyTrustFn(0, &gActionID, &WVTData); - - FinalizeWintrust (); + WinVerifyTrust(0, &gActionID, &WVTData); return bResult; #else @@ -1364,47 +1187,6 @@ void AbortProcessDirect (wchar_t *abortMsg) // Note that this function also causes localcleanup() to be called (see atexit()) MessageBeep (MB_ICONEXCLAMATION); MessageBoxW (NULL, abortMsg, lpszTitle, ICON_HAND); -#ifndef VC_COMREG - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); - FREE_DLL (hmsvcrtdll); - FREE_DLL (hAdvapi32Dll); -#endif exit (1); } @@ -1423,46 +1205,6 @@ void AbortProcess (char *stringId) #ifndef VC_COMREG void AbortProcessSilent (void) { - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); - FREE_DLL (hmsvcrtdll); - FREE_DLL (hAdvapi32Dll); - // Note that this function also causes localcleanup() to be called (see atexit()) exit (1); } @@ -1583,11 +1325,11 @@ void LowerCaseCopy (wchar_t *lpszDest, const wchar_t *lpszSource) void UpperCaseCopy (wchar_t *lpszDest, size_t cbDest, const wchar_t *lpszSource) { - if (lpszDest && cbDest) + if (lpszDest && (cbDest >= 2)) { size_t i = wcslen (lpszSource); - if (i >= cbDest) - i = cbDest - 1; + if (i >= (cbDest/2)) + i = (cbDest/2) - 1; lpszDest[i] = 0; i++; @@ -2018,6 +1760,88 @@ void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT h } } +// Resizes width of a checkbox according to actual width in pixels of its label text (font size is taken into account) +void AccommodateCheckBoxTextWidth (HWND hwndDlg, UINT ctrlId) +{ + RECT rec; + HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); + int width, origWidth, origHeight; + int horizSubOffset; + wchar_t text [MAX_URL_LENGTH]; + HFONT hFont = (HFONT) SendDlgItemMessage (hwndDlg, ctrlId, WM_GETFONT, 0, 0); + + // Resize the field according to its length and font size and move if centered or right-aligned + + GetWindowTextW (hwndCtrl, text, sizeof (text) / sizeof (wchar_t)); + + width = GetTextGfxWidth (hwndCtrl, text, hFont); + + // add to width variable value the width of the checkbox square. We use SM_CXMENUCHECK which is a little larger than actual width + width += GetSystemMetrics(SM_CXMENUCHECK); + + + GetClientRect (hwndCtrl, &rec); + origWidth = rec.right; + origHeight = rec.bottom; + + if (width >= 0 + && (origWidth > width)) // The original width of the field is the maximum allowed size + { + horizSubOffset = origWidth - width; + + // Resize the text field + SetWindowPos (hwndCtrl, 0, 0, 0, + origWidth - horizSubOffset, + origHeight, + SWP_NOMOVE | SWP_NOZORDER); + + InvalidateRect (hwndCtrl, NULL, TRUE); + } +} + +// makes controls contiguous by moving the second control right next to the first one horizontally +void MakeControlsContiguous(HWND hwndDlg, UINT ctrl1ID, UINT ctrl2ID) { + HWND hwndCtrl1 = GetDlgItem(hwndDlg, ctrl1ID); + HWND hwndCtrl2 = GetDlgItem(hwndDlg, ctrl2ID); + RECT rect1, rect2; + POINT pt1, pt2; + int newLeftPosition; + + // Exit silently if one or both controls are missing + if (!hwndCtrl1 || !hwndCtrl2) { + return; + } + + + GetWindowRect(hwndCtrl1, &rect1); + GetWindowRect(hwndCtrl2, &rect2); + + // Convert the top-right point of the first control from screen to client coordinates + pt1.x = rect1.right; + pt1.y = rect1.top; + if (!ScreenToClient(hwndDlg, &pt1)) { + return; // Exit if the conversion fails + } + + // Convert the top-left point of the second control from screen to client coordinates + pt2.x = rect2.left; + pt2.y = rect2.top; + if (!ScreenToClient(hwndDlg, &pt2)) { + return; // Exit if the conversion fails + } + + // Ensure the second control is always placed to the right of the first one + newLeftPosition = pt1.x + 1; + + if (pt2.x < pt1.x) { // if the second control is to the left of the first one + newLeftPosition += (pt1.x - pt2.x); + } + + // Move the second control to its new position + SetWindowPos(hwndCtrl2, NULL, newLeftPosition, pt2.y, 0, 0, SWP_NOZORDER | SWP_NOSIZE); +} + + // Note that the user can still close the window by right-clicking its taskbar icon and selecting 'Close window', or by pressing Alt-F4, or using the Task Manager. void DisableCloseButton (HWND hwndDlg) { @@ -2336,13 +2160,13 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam L"Copyright \xA9 2003-2012 TrueCrypt Developers Association. All Rights Reserved.\r\n" L"Copyright \xA9 1998-2000 Paul Le Roux. All Rights Reserved.\r\n" L"Copyright \xA9 1998-2008 Brian Gladman. All Rights Reserved.\r\n" - L"Copyright \xA9 1995-2017 Jean-loup Gailly and Mark Adler.\r\n" + L"Copyright \xA9 1995-2023 Jean-loup Gailly and Mark Adler.\r\n" L"Copyright \xA9 2016 Disk Cryptography Services for EFI (DCS), Alex Kolotnikov.\r\n" - L"Copyright \xA9 1999-2020 Dieter Baron and Thomas Klausner.\r\n" + L"Copyright \xA9 1999-2023 Dieter Baron and Thomas Klausner.\r\n" L"Copyright \xA9 2013, Alexey Degtyarev. All rights reserved.\r\n" L"Copyright \xA9 1999-2016 Jack Lloyd. All rights reserved.\r\n" L"Copyright \xA9 2013-2019 Stephan Mueller <smueller@chronox.de>\r\n" - L"Copyright \xA9 1999-2021 Igor Pavlov\r\n\r\n" + L"Copyright \xA9 1999-2023 Igor Pavlov\r\n\r\n" L"This software as a whole:\r\n" L"Copyright \xA9 2013-2023 IDRIX. All rights reserved.\r\n\r\n" @@ -2388,6 +2212,42 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam return 0; } +HWND CreateToolTip(int toolID, HWND hDlg, const char* strID) +{ + if (!toolID || !hDlg) + { + return FALSE; + } + + // Create the tooltip. + HWND hwndTip = CreateWindowExW(NULL, TOOLTIPS_CLASS, NULL, + WS_POPUP | TTS_ALWAYSTIP | TTS_NOPREFIX | TTS_BALLOON, + CW_USEDEFAULT, CW_USEDEFAULT, + CW_USEDEFAULT, CW_USEDEFAULT, + hDlg, NULL, + hInst, NULL); + + if (!hwndTip) + { + return (HWND)NULL; + } + + // Associate the tooltip with the tool. + TOOLINFOW toolInfo = { 0 }; + toolInfo.cbSize = sizeof(toolInfo); + toolInfo.hwnd = hDlg; + toolInfo.uFlags = TTF_SUBCLASS | TTF_IDISHWND; + toolInfo.uId = (UINT_PTR) GetDlgItem(hDlg, toolID); + toolInfo.lpszText = GetString(strID); + + // set tooltip maximum width + SendMessage(hwndTip, TTM_SETMAXTIPWIDTH, 0, (LPARAM) 300); + + SendMessage(hwndTip, TTM_ADDTOOL, 0, (LPARAM)&toolInfo); + + return hwndTip; +} + static HWND StaticModelessWaitDlgHandle = NULL; @@ -2507,7 +2367,7 @@ void InitDialog (HWND hwndDlg) { StringCbCopyW ((WCHAR *)metric.lfMessageFont.lfFaceName, sizeof (metric.lfMessageFont.lfFaceName), font->FaceName); } - else if (IsOSAtLeast (WIN_VISTA)) + else { // Vista's new default font (size and spacing) breaks compatibility with Windows 2k/XP applications. // Force use of Tahoma (as Microsoft does in many dialogs) until a native Vista look is implemented. @@ -3502,6 +3362,24 @@ uint32 ReadEncryptionThreadPoolFreeCpuCountLimit () return count; } +BOOL ReadMemoryProtectionConfig () +{ + DWORD config; + + if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", VC_ENABLE_MEMORY_PROTECTION, &config)) + { + // enabled by default + config = 1; + } + return (config)? TRUE: FALSE; +} + +BOOL WriteMemoryProtectionConfig (BOOL bEnable) +{ + DWORD config = bEnable? 1: 0; + + return WriteLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", VC_ENABLE_MEMORY_PROTECTION, config); +} BOOL LoadSysEncSettings () { @@ -3678,24 +3556,38 @@ void DoPostInstallTasks (HWND hwndDlg) SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_REMOVE_ALL); } -static void LoadSystemDll (LPCTSTR szModuleName, HMODULE *pHandle, BOOL bIgnoreError, const char* srcPos) -{ - wchar_t dllPath[MAX_PATH]; +#ifndef SETUP_DLL +// Use an idea proposed in https://medium.com/@1ndahous3/safe-code-pitfalls-dll-side-loading-winapi-and-c-73baaf48bdf5 +// it allows to set safe DLL search mode for the entire process very early on, before even the CRT is initialized and global constructors are called +#pragma comment(linker, "/ENTRY:CustomMainCrtStartup") +extern "C" { + int wWinMainCRTStartup(); + int APIENTRY CustomMainCrtStartup() + { + SetDefaultDllDirectoriesPtr SetDefaultDllDirectoriesFn = NULL; + SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories"); + if (SetDefaultDllDirectoriesFn) + { + /* remove current directory from dll search path */ + SetDllDirectoryW (L""); + // Force loading dlls from system32 directory only + SetDefaultDllDirectoriesFn (LOAD_LIBRARY_SEARCH_SYSTEM32); + } - /* Load dll explictely from System32 to avoid Dll hijacking attacks*/ - if (!GetSystemDirectory(dllPath, MAX_PATH)) - StringCbCopyW(dllPath, sizeof(dllPath), L"C:\\Windows\\System32"); + // activate process mitigations (currently only ASLR, dynamic code and extensions points) + ActivateProcessMitigations(); - StringCbCatW(dllPath, sizeof(dllPath), L"\\"); - StringCbCatW(dllPath, sizeof(dllPath), szModuleName); - - if (((*pHandle = LoadLibrary(dllPath)) == NULL) && !bIgnoreError) - { - // This error is fatal - handleWin32Error (NULL, srcPos); - AbortProcess ("INIT_DLL"); +#ifndef SETUP + // call ActivateMemoryProtection if corresponding setting has been enabled (default is enabled) + if (ReadMemoryProtectionConfig()) + { + ActivateMemoryProtection(); + } +#endif + return wWinMainCRTStartup(); } } +#endif /* InitApp - initialize the application, this function is called once in the applications WinMain function, but before the main dialog has been created */ @@ -3703,170 +3595,61 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) { WNDCLASSW wc; char langId[6]; - InitCommonControlsPtr InitCommonControlsFn = NULL; + SetDefaultDllDirectoriesPtr SetDefaultDllDirectoriesFn = NULL; +#if !defined(SETUP) wchar_t modPath[MAX_PATH]; - - GetModuleFileNameW (NULL, modPath, ARRAYSIZE (modPath)); - - /* remove current directory from dll search path */ - SetDllDirectoryFn = (SetDllDirectoryPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDllDirectoryW"); - SetSearchPathModeFn = (SetSearchPathModePtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetSearchPathMode"); - SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories"); - - if (SetDllDirectoryFn) - SetDllDirectoryFn (L""); - if (SetSearchPathModeFn) - SetSearchPathModeFn (BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE | BASE_SEARCH_PATH_PERMANENT); - if (SetDefaultDllDirectoriesFn) - SetDefaultDllDirectoriesFn (LOAD_LIBRARY_SEARCH_SYSTEM32); - - InitOSVersionInfo(); - - VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin)); - - InitGlobalLocks (); - - LoadSystemDll (L"msvcrt.dll", &hmsvcrtdll, TRUE, SRC_POS); - LoadSystemDll (L"ntmarta.dll", &hntmartadll, TRUE, SRC_POS); - LoadSystemDll (L"MPR.DLL", &hmprdll, TRUE, SRC_POS); -#ifdef SETUP - if (IsOSAtLeast (WIN_7)) - { - LoadSystemDll (L"ProfApi.DLL", &hProfApiDll, TRUE, SRC_POS); - LoadSystemDll (L"cryptbase.dll", &hcryptbasedll, TRUE, SRC_POS); - LoadSystemDll (L"sspicli.dll", &hsspiclidll, TRUE, SRC_POS); - } #endif - LoadSystemDll (L"psapi.dll", &hpsapidll, TRUE, SRC_POS); - LoadSystemDll (L"secur32.dll", &hsecur32dll, TRUE, SRC_POS); - LoadSystemDll (L"msasn1.dll", &hmsasn1dll, TRUE, SRC_POS); - LoadSystemDll (L"Usp10.DLL", &hUsp10Dll, TRUE, SRC_POS); - if (IsOSAtLeast (WIN_7)) - LoadSystemDll (L"dwmapi.dll", &hdwmapidll, TRUE, SRC_POS); - LoadSystemDll (L"UXTheme.dll", &hUXThemeDll, TRUE, SRC_POS); - - LoadSystemDll (L"msls31.dll", &hMsls31, TRUE, SRC_POS); - LoadSystemDll (L"SETUPAPI.DLL", &hSetupDll, FALSE, SRC_POS); - LoadSystemDll (L"SHLWAPI.DLL", &hShlwapiDll, FALSE, SRC_POS); + INITCOMMONCONTROLSEX InitCtrls; - LoadSystemDll (L"userenv.dll", &hUserenvDll, TRUE, SRC_POS); - LoadSystemDll (L"rsaenh.dll", &hRsaenhDll, TRUE, SRC_POS); + InitOSVersionInfo(); -#ifdef SETUP - if (nCurrentOS < WIN_7) + if (!IsOSAtLeast (WIN_7)) { - if (nCurrentOS == WIN_XP) - { - LoadSystemDll (L"imm32.dll", &himm32dll, TRUE, SRC_POS); - LoadSystemDll (L"MSCTF.dll", &hMSCTFdll, TRUE, SRC_POS); - LoadSystemDll (L"fltlib.dll", &hfltlibdll, TRUE, SRC_POS); - LoadSystemDll (L"wbem\\framedyn.dll", &hframedyndll, TRUE, SRC_POS); - } - - if (IsOSAtLeast (WIN_VISTA)) - { - LoadSystemDll (L"netapi32.dll", &hnetapi32dll, TRUE, SRC_POS); - LoadSystemDll (L"authz.dll", &hauthzdll, TRUE, SRC_POS); - LoadSystemDll (L"xmllite.dll", &hxmllitedll, TRUE, SRC_POS); - } + // abort using a message that says that VeraCrypt can run only on Windows 7 and later and that it is officially supported only on Windows 10 and later + AbortProcessDirect(L"VeraCrypt requires at least Windows 7 to run."); } - if (IsOSAtLeast (WIN_VISTA)) - { - LoadSystemDll (L"atl.dll", &hsppdll, TRUE, SRC_POS); - LoadSystemDll (L"vsstrace.dll", &hvsstracedll, TRUE, SRC_POS); - LoadSystemDll (L"vssapi.dll", &vssapidll, TRUE, SRC_POS); - LoadSystemDll (L"spp.dll", &hsppdll, TRUE, SRC_POS); - } -#endif - - LoadSystemDll (L"crypt32.dll", &hcrypt32dll, TRUE, SRC_POS); - - if (IsOSAtLeast (WIN_7)) + SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories"); + if (!SetDefaultDllDirectoriesFn) { - LoadSystemDll (L"CryptSP.dll", &hCryptSpDll, TRUE, SRC_POS); - - LoadSystemDll (L"cfgmgr32.dll", &hcfgmgr32dll, TRUE, SRC_POS); - LoadSystemDll (L"devobj.dll", &hdevobjdll, TRUE, SRC_POS); - LoadSystemDll (L"powrprof.dll", &hpowrprofdll, TRUE, SRC_POS); - - LoadSystemDll (L"bcrypt.dll", &hbcryptdll, TRUE, SRC_POS); - LoadSystemDll (L"bcryptprimitives.dll", &hbcryptprimitivesdll, TRUE, SRC_POS); - } + // This can happen only if KB2533623 is missing from Windows 7 + AbortProcessDirect(L"VeraCrypt requires KB2533623 to be installed on Windows 7 and Windows Server 2008 R2 in order to run."); + } -#ifndef SETUP - LoadSystemDll (L"WINSCARD.DLL", &hwinscarddll, TRUE, SRC_POS); -#endif + VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin)); - LoadSystemDll (L"COMCTL32.DLL", &hComctl32Dll, FALSE, SRC_POS); + InitGlobalLocks (); - // call InitCommonControls function - InitCommonControlsFn = (InitCommonControlsPtr) GetProcAddress (hComctl32Dll, "InitCommonControls"); - ImageList_AddFn = (ImageList_AddPtr) GetProcAddress (hComctl32Dll, "ImageList_Add"); - ImageList_CreateFn = (ImageList_CreatePtr) GetProcAddress (hComctl32Dll, "ImageList_Create"); - - if (InitCommonControlsFn && ImageList_AddFn && ImageList_CreateFn) - { - InitCommonControlsFn(); - } - else - AbortProcess ("INIT_DLL"); + // call InitCommonControlsEx function to initialize the common controls + InitCtrls.dwSize = sizeof (InitCtrls); + InitCtrls.dwICC = ICC_WIN95_CLASSES | ICC_PAGESCROLLER_CLASS | ICC_NATIVEFNTCTL_CLASS | ICC_STANDARD_CLASSES | ICC_LINK_CLASS; + InitCommonControlsEx (&InitCtrls); - LoadSystemDll (L"Riched20.dll", &hRichEditDll, FALSE, SRC_POS); - LoadSystemDll (L"Advapi32.dll", &hAdvapi32Dll, FALSE, SRC_POS); + // Load RichEdit library in order to be able to use RichEdit20W class + LoadLibraryEx (L"Riched20.dll", NULL, LOAD_LIBRARY_SEARCH_SYSTEM32); #if !defined(SETUP) + GetModuleFileNameW (NULL, modPath, ARRAYSIZE (modPath)); if (!VerifyModuleSignature (modPath)) - AbortProcess ("DIST_PACKAGE_CORRUPTED"); + AbortProcessDirect (L"This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://www.veracrypt.fr)."); #endif - // Get SetupAPI functions pointers - SetupCloseInfFileFn = (SetupCloseInfFilePtr) GetProcAddress (hSetupDll, "SetupCloseInfFile"); - SetupDiOpenClassRegKeyFn = (SetupDiOpenClassRegKeyPtr) GetProcAddress (hSetupDll, "SetupDiOpenClassRegKey"); - SetupInstallFromInfSectionWFn = (SetupInstallFromInfSectionWPtr) GetProcAddress (hSetupDll, "SetupInstallFromInfSectionW"); - SetupOpenInfFileWFn = (SetupOpenInfFileWPtr) GetProcAddress (hSetupDll, "SetupOpenInfFileW"); - - if (!SetupCloseInfFileFn || !SetupDiOpenClassRegKeyFn || !SetupInstallFromInfSectionWFn || !SetupOpenInfFileWFn) - AbortProcess ("INIT_DLL"); - - // Get SHDeleteKeyW,SHStrDupW, UrlUnescapeW functions pointers - SHDeleteKeyWFn = (SHDeleteKeyWPtr) GetProcAddress (hShlwapiDll, "SHDeleteKeyW"); - SHStrDupWFn = (SHStrDupWPtr) GetProcAddress (hShlwapiDll, "SHStrDupW"); - UrlUnescapeWFn = (UrlUnescapeWPtr) GetProcAddress(hShlwapiDll, "UrlUnescapeW"); - IUnknown_QueryServicePtr = (IUnknown_QueryServiceFn) GetProcAddress(hShlwapiDll, "IUnknown_QueryService"); - if (!IUnknown_QueryServicePtr) - IUnknown_QueryServicePtr = (IUnknown_QueryServiceFn) GetProcAddress(hShlwapiDll, MAKEINTRESOURCEA(176)); - if (!SHDeleteKeyWFn || !SHStrDupWFn || !UrlUnescapeWFn || !IUnknown_QueryServicePtr) - AbortProcess ("INIT_DLL"); - - if (IsOSAtLeast (WIN_VISTA)) - { - /* Get ChangeWindowMessageFilter used to enable some messages bypasss UIPI (User Interface Privilege Isolation) */ - ChangeWindowMessageFilterFn = (ChangeWindowMessageFilterPtr) GetProcAddress (GetModuleHandle (L"user32.dll"), "ChangeWindowMessageFilter"); #ifndef SETUP - /* enable drag-n-drop when we are running elevated */ - AllowMessageInUIPI (WM_DROPFILES); - AllowMessageInUIPI (WM_COPYDATA); - AllowMessageInUIPI (WM_COPYGLOBALDATA); + /* enable drag-n-drop when we are running elevated */ + AllowMessageInUIPI (WM_DROPFILES); + AllowMessageInUIPI (WM_COPYDATA); + AllowMessageInUIPI (WM_COPYGLOBALDATA); #endif - } - - // Get CreateProcessWithTokenW function pointer - CreateProcessWithTokenWPtr = (CreateProcessWithTokenWFn) GetProcAddress(hAdvapi32Dll, "CreateProcessWithTokenW"); /* Save the instance handle for later */ hInst = hInstance; SetErrorMode (SetErrorMode (0) | SEM_FAILCRITICALERRORS | SEM_NOOPENFILEERRORBOX); - CoInitialize (NULL); + CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); #ifndef SETUP // Application ID - typedef HRESULT (WINAPI *SetAppId_t) (PCWSTR appID); - SetAppId_t setAppId = (SetAppId_t) GetProcAddress (GetModuleHandle (L"shell32.dll"), "SetCurrentProcessExplicitAppUserModelID"); - - if (setAppId) - setAppId (TC_APPLICATION_ID); + SetCurrentProcessExplicitAppUserModelID (TC_APPLICATION_ID); #endif // Language @@ -3944,10 +3727,10 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) exit (1); } #else - // in TESTSIGNING mode, we support only Windows Vista, Windows 7, Windows 8/8.1 - if ( !IsOSVersionAtLeast(WIN_VISTA, 0) + // in TESTSIGNING mode, we support only Windows 7 and Windows 8/8.1 + if ( #ifndef SETUP - || IsOSVersionAtLeast(WIN_10, 0) + IsOSVersionAtLeast(WIN_10, 0) #else || (IsOSVersionAtLeast(WIN_10, 0) && !bMakePackage) #endif @@ -3966,24 +3749,6 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) exit (1); } #endif - else - { - // Service pack check & warnings about critical MS issues - switch (nCurrentOS) - { - case WIN_XP: - if (CurrentOSServicePack < 1) - { - HKEY k; - // PE environment does not report version of SP - if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, L"System\\CurrentControlSet\\Control\\minint", 0, KEY_READ, &k) != ERROR_SUCCESS) - Warning ("LARGE_IDE_WARNING_XP", NULL); - else - RegCloseKey (k); - } - break; - } - } /* Get the attributes for the standard dialog class */ if ((GetClassInfoW (hInst, WINDOWS_DIALOG_CLASS, &wc)) == 0) @@ -4030,106 +3795,21 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) #ifndef SETUP #ifdef _WIN64 - if (IsOSAtLeast (WIN_7)) + EnableRamEncryption ((ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); + if (IsRamEncryptionEnabled()) { - EnableRamEncryption ((ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); - if (IsRamEncryptionEnabled()) - { - if (!InitializeSecurityParameters(GetAppRandomSeed)) - AbortProcess("OUTOFMEMORY"); - } + if (!InitializeSecurityParameters(GetAppRandomSeed)) + AbortProcess("OUTOFMEMORY"); } #endif if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit())) { handleWin32Error (NULL, SRC_POS); - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); - FREE_DLL (hmsvcrtdll); - FREE_DLL (hAdvapi32Dll); exit (1); } #endif } -void FinalizeApp (void) -{ - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); - FREE_DLL (hmsvcrtdll); - FREE_DLL (hAdvapi32Dll); -} - void InitHelpFileName (void) { wchar_t *lpszTmp; @@ -4265,24 +3945,21 @@ BOOL GetSysDevicePaths (HWND hwndDlg) StringCchCopyW (device.IsPartition ? SysPartitionDevicePath : SysDriveDevicePath, TC_MAX_PATH, device.Path.c_str()); } - if (IsOSAtLeast (WIN_7)) + // Find extra boot partition + foreach (const HostDevice &drive, GetAvailableHostDevices (false, false)) { - // Find extra boot partition - foreach (const HostDevice &drive, GetAvailableHostDevices (false, false)) + if (drive.ContainsSystem) { - if (drive.ContainsSystem) + foreach (const HostDevice &sysDrivePartition, drive.Partitions) { - foreach (const HostDevice &sysDrivePartition, drive.Partitions) + if (sysDrivePartition.Bootable) { - if (sysDrivePartition.Bootable) - { - if (sysDrivePartition.Size <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE) - ExtraBootPartitionDevicePath = sysDrivePartition.Path; - break; - } + if (sysDrivePartition.Size <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE) + ExtraBootPartitionDevicePath = sysDrivePartition.Path; + break; } - break; } + break; } } @@ -5208,7 +4885,6 @@ static int DriverLoad () BOOL DriverUnload () { - MOUNT_LIST_STRUCT driver; int refCount; int volumesMounted; DWORD dwResult; @@ -5233,13 +4909,6 @@ BOOL DriverUnload () // Test for mounted volumes bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL); - if (!bResult) - { - bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL); - if (bResult) - volumesMounted = driver.ulMountedDrives; - } - if (bResult) { if (volumesMounted != 0) @@ -5406,9 +5075,6 @@ load: BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL); - if (!bResult) - bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL); - #ifndef SETUP // Don't check version during setup to allow removal of another version if (bResult == FALSE) { @@ -5456,144 +5122,139 @@ void ResetCurrentDirectory () } -BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter) +BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode) { - return BrowseFilesInDir (hwndDlg, stringId, NULL, lpszFileName, keepHistory, saveMode, browseFilter); + return BrowseFilesInDir (hwndDlg, stringId, NULL, lpszFileName, keepHistory, saveMode, NULL); } - -BOOL BrowseFilesInDir (HWND hwndDlg, char *stringId, wchar_t *initialDir, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter, const wchar_t *initialFileName, const wchar_t *defaultExtension) +BOOL BrowseFilesInDir(HWND hwndDlg, char *stringId, wchar_t *initialDir, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter, const wchar_t *initialFileName, const wchar_t *defaultExtension) { - OPENFILENAMEW ofn; - wchar_t file[TC_MAX_PATH] = { 0 }; + IFileDialog *pfd = NULL; + HRESULT hr; wchar_t filter[1024]; BOOL status = FALSE; - CoInitialize (NULL); - - ZeroMemory (&ofn, sizeof (ofn)); - *lpszFileName = 0; - - if (initialDir) + hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); + if (FAILED(hr)) { - ofn.lpstrInitialDir = initialDir; + return FALSE; } - if (initialFileName) - StringCchCopyW (file, array_capacity (file), initialFileName); - - ofn.lStructSize = sizeof (ofn); - ofn.hwndOwner = hwndDlg; - - StringCbPrintfW (filter, sizeof(filter), L"%ls (*.*)%c*.*%c%ls (*.hc)%c*.hc%c%c", - GetString ("ALL_FILES"), 0, 0, GetString ("TC_VOLUMES"), 0, 0, 0); - ofn.lpstrFilter = browseFilter ? browseFilter : filter; - ofn.nFilterIndex = 1; - ofn.lpstrFile = file; - ofn.nMaxFile = sizeof (file) / sizeof (file[0]); - ofn.lpstrTitle = GetString (stringId); - ofn.lpstrDefExt = defaultExtension; - ofn.Flags = OFN_HIDEREADONLY - | OFN_PATHMUSTEXIST - | (keepHistory ? 0 : OFN_DONTADDTORECENT) - | (saveMode ? OFN_OVERWRITEPROMPT : 0); - - if (!keepHistory) - CleanLastVisitedMRU (); - - SystemFileSelectorCallerThreadId = GetCurrentThreadId(); - SystemFileSelectorCallPending = TRUE; - - if (!saveMode) + // Choose between the File Open or File Save dialog depending on the saveMode. + if (saveMode) { - if (!GetOpenFileNameW (&ofn)) - goto ret; + hr = CoCreateInstance(CLSID_FileSaveDialog, NULL, CLSCTX_INPROC_SERVER, IID_PPV_ARGS(&pfd)); } else { - if (!GetSaveFileNameW (&ofn)) - goto ret; + hr = CoCreateInstance(CLSID_FileOpenDialog, NULL, CLSCTX_INPROC_SERVER, IID_PPV_ARGS(&pfd)); } - SystemFileSelectorCallPending = FALSE; + if (SUCCEEDED(hr)) + { + // Set the options for the dialog. + DWORD dwFlags; + hr = pfd->GetOptions(&dwFlags); + if (SUCCEEDED(hr)) + { + dwFlags |= FOS_NOCHANGEDIR | FOS_FILEMUSTEXIST | FOS_PATHMUSTEXIST | FOS_FORCEFILESYSTEM | FOS_NOVALIDATE; + if (!keepHistory) + dwFlags |= FOS_DONTADDTORECENT; + if (saveMode) + dwFlags |= FOS_NOTESTFILECREATE | FOS_OVERWRITEPROMPT | FOS_DEFAULTNOMINIMODE; + hr = pfd->SetOptions(dwFlags); + } - StringCchCopyW (lpszFileName, MAX_PATH, file); + // Set the initial directory, if provided. + if (initialDir) + { + IShellItem *psi; + hr = SHCreateItemFromParsingName(initialDir, NULL, IID_PPV_ARGS(&psi)); + if (SUCCEEDED(hr)) + { + pfd->SetFolder(psi); + psi->Release(); + } + } - if (!keepHistory) - CleanLastVisitedMRU (); + // Set the initial file name, if provided. + if (initialFileName) + { + pfd->SetFileName(initialFileName); + } - status = TRUE; + // Set the title. + pfd->SetTitle(GetString(stringId)); -ret: - SystemFileSelectorCallPending = FALSE; - ResetCurrentDirectory(); - CoUninitialize(); + // Set the default extension. + if (defaultExtension) + { + pfd->SetDefaultExtension(defaultExtension); + } - return status; -} + // Prepare the filter + COMDLG_FILTERSPEC filterSpec[5]; + UINT cfilterSpec = 0; + if (!browseFilter) + { + StringCbPrintfW(filter, sizeof(filter), L"%ls (*.*)%c*.*%c%ls (*.hc)%c*.hc%c%c", + GetString("ALL_FILES"), 0, 0, GetString("TC_VOLUMES"), 0, 0, 0); + browseFilter = filter; + } -static wchar_t SelectMultipleFilesPath[131072]; -static int SelectMultipleFilesOffset; + // Assume browseFilter is a formatted wide string like L"Text Files (*.txt)\0*.txt\0" + // loop over all the filters in the string and add them to filterSpec array + while (*browseFilter) + { + filterSpec[cfilterSpec].pszName = browseFilter; + browseFilter += wcslen(browseFilter) + 1; + filterSpec[cfilterSpec].pszSpec = browseFilter; + browseFilter += wcslen(browseFilter) + 1; + cfilterSpec++; -BOOL SelectMultipleFiles (HWND hwndDlg, const char *stringId, wchar_t *lpszFileName, size_t cbFileName,BOOL keepHistory) -{ - OPENFILENAMEW ofn; - wchar_t filter[1024]; - BOOL status = FALSE; + if (cfilterSpec >= ARRAYSIZE(filterSpec)) + break; + } - CoInitialize (NULL); - - ZeroMemory (&ofn, sizeof (ofn)); - - SelectMultipleFilesPath[0] = 0; - *lpszFileName = 0; - ofn.lStructSize = sizeof (ofn); - ofn.hwndOwner = hwndDlg; - StringCbPrintfW (filter, sizeof(filter), L"%ls (*.*)%c*.*%c%ls (*.hc)%c*.hc%c%c", - GetString ("ALL_FILES"), 0, 0, GetString ("TC_VOLUMES"), 0, 0, 0); - ofn.lpstrFilter = filter; - ofn.nFilterIndex = 1; - ofn.lpstrFile = SelectMultipleFilesPath; - ofn.nMaxFile = 0xffff * 2; // The size must not exceed 0xffff*2 due to a bug in Windows 2000 and XP SP1 - ofn.lpstrTitle = GetString (stringId); - ofn.Flags = OFN_HIDEREADONLY - | OFN_EXPLORER - | OFN_PATHMUSTEXIST - | OFN_ALLOWMULTISELECT - | (keepHistory ? 0 : OFN_DONTADDTORECENT); - - if (!keepHistory) - CleanLastVisitedMRU (); + // Set the file types filter. + hr = pfd->SetFileTypes(cfilterSpec, filterSpec); + hr = pfd->SetFileTypeIndex(1); - SystemFileSelectorCallerThreadId = GetCurrentThreadId(); - SystemFileSelectorCallPending = TRUE; + if (!keepHistory) + CleanLastVisitedMRU(); - if (!GetOpenFileNameW (&ofn)) - goto ret; + SystemFileSelectorCallerThreadId = GetCurrentThreadId(); + SystemFileSelectorCallPending = TRUE; - SystemFileSelectorCallPending = FALSE; + // Show the dialog. + hr = pfd->Show(hwndDlg); - if (SelectMultipleFilesPath[ofn.nFileOffset - 1] != 0) - { - // Single file selected - StringCbCopyW (lpszFileName, cbFileName, SelectMultipleFilesPath); - SelectMultipleFilesOffset = 0; - SecureZeroMemory (SelectMultipleFilesPath, sizeof (SelectMultipleFilesPath)); - } - else - { - // Multiple files selected - SelectMultipleFilesOffset = ofn.nFileOffset; - SelectMultipleFilesNext (lpszFileName, cbFileName); - } + // Obtain the result if the user clicked the "OK" button. + if (SUCCEEDED(hr)) + { + IShellItem *pItem; + hr = pfd->GetResult(&pItem); + if (SUCCEEDED(hr)) + { + PWSTR pszFilePath; + hr = pItem->GetDisplayName(SIGDN_FILESYSPATH, &pszFilePath); + if (SUCCEEDED(hr)) + { + StringCchCopyW(lpszFileName, MAX_PATH, pszFilePath); + CoTaskMemFree(pszFilePath); + status = TRUE; + } + pItem->Release(); + } + } - if (!keepHistory) - CleanLastVisitedMRU (); + pfd->Release(); + + if (!keepHistory) + CleanLastVisitedMRU(); + } - status = TRUE; - -ret: SystemFileSelectorCallPending = FALSE; ResetCurrentDirectory(); CoUninitialize(); @@ -5601,101 +5262,173 @@ ret: return status; } - -BOOL SelectMultipleFilesNext (wchar_t *lpszFileName, size_t cbFileName) +BOOL SelectMultipleFiles(HWND hwndDlg, const char *stringId, BOOL keepHistory, std::vector<std::wstring> &filesList) { - if (SelectMultipleFilesOffset == 0) + IFileOpenDialog *pfd = NULL; + HRESULT hr; + BOOL status = FALSE; + + filesList.clear(); + + hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); + if (FAILED(hr)) + { return FALSE; + } - StringCbCopyW (lpszFileName, cbFileName,SelectMultipleFilesPath); - lpszFileName[TC_MAX_PATH - 1] = 0; + // Create the File Open Dialog object. + hr = CoCreateInstance(CLSID_FileOpenDialog, NULL, CLSCTX_INPROC_SERVER, IID_PPV_ARGS(&pfd)); + if (SUCCEEDED(hr)) + { + DWORD dwFlags; + hr = pfd->GetOptions(&dwFlags); + if (SUCCEEDED(hr)) + { + dwFlags |= FOS_ALLOWMULTISELECT | FOS_NOCHANGEDIR | FOS_FILEMUSTEXIST | FOS_PATHMUSTEXIST | FOS_FORCEFILESYSTEM | FOS_NOVALIDATE; + if (!keepHistory) + dwFlags |= FOS_DONTADDTORECENT; - if (lpszFileName[wcslen (lpszFileName) - 1] != L'\\') - StringCbCatW (lpszFileName, cbFileName,L"\\"); + hr = pfd->SetOptions(dwFlags); + } - StringCbCatW (lpszFileName, cbFileName,SelectMultipleFilesPath + SelectMultipleFilesOffset); + // Set the title and filter + pfd->SetTitle(GetString(stringId)); - SelectMultipleFilesOffset += (int) wcslen (SelectMultipleFilesPath + SelectMultipleFilesOffset) + 1; - if (SelectMultipleFilesPath[SelectMultipleFilesOffset] == 0) - { - SelectMultipleFilesOffset = 0; - SecureZeroMemory (SelectMultipleFilesPath, sizeof (SelectMultipleFilesPath)); - } + wchar_t allFilesfilter[512]; + wchar_t volumesfilter[512]; - return TRUE; -} + StringCbPrintfW(allFilesfilter, sizeof(allFilesfilter), L"%ls (*.*)", GetString("ALL_FILES")); + StringCbPrintfW(volumesfilter, sizeof(volumesfilter), L"%ls (*.hc)", GetString("TC_VOLUMES")); + COMDLG_FILTERSPEC rgSpec[] = + { + {allFilesfilter, L"*.*"}, + {volumesfilter, L"*.hc"}}; + hr = pfd->SetFileTypes(ARRAYSIZE(rgSpec), rgSpec); -static int CALLBACK BrowseCallbackProc(HWND hwnd,UINT uMsg,LPARAM lp, LPARAM pData) -{ - switch(uMsg) { - case BFFM_INITIALIZED: - { - /* WParam is TRUE since we are passing a path. - It would be FALSE if we were passing a pidl. */ - SendMessageW (hwnd,BFFM_SETSELECTION,TRUE,(LPARAM)pData); - break; - } + if (!keepHistory) + CleanLastVisitedMRU(); - case BFFM_SELCHANGED: - { - wchar_t szDir[TC_MAX_PATH]; + // Show the dialog + hr = pfd->Show(hwndDlg); + if (SUCCEEDED(hr)) + { + IShellItemArray *psiaResults; + hr = pfd->GetResults(&psiaResults); + if (SUCCEEDED(hr)) + { + DWORD count; + hr = psiaResults->GetCount(&count); + if (SUCCEEDED(hr)) + { + for (DWORD i = 0; i < count; ++i) + { + IShellItem *psi; + hr = psiaResults->GetItemAt(i, &psi); + if (SUCCEEDED(hr)) + { + PWSTR pszFilePath; + hr = psi->GetDisplayName(SIGDN_FILESYSPATH, &pszFilePath); + if (SUCCEEDED(hr)) + { + filesList.push_back(pszFilePath); + CoTaskMemFree(pszFilePath); + } + psi->Release(); + } + } - /* Set the status window to the currently selected path. */ - if (SHGetPathFromIDList((LPITEMIDLIST) lp ,szDir)) - { - SendMessage (hwnd,BFFM_SETSTATUSTEXT,0,(LPARAM)szDir); - } - break; - } + status = TRUE; + } + psiaResults->Release(); + } + } - default: - break; + if (!keepHistory) + CleanLastVisitedMRU(); + + pfd->Release(); } - return 0; + CoUninitialize(); + return status; } - -BOOL BrowseDirectories (HWND hwndDlg, char *lpszTitle, wchar_t *dirName) +BOOL BrowseDirectories(HWND hwndDlg, char *lpszTitle, wchar_t *dirName, const wchar_t *initialDir) { - BROWSEINFOW bi; - LPITEMIDLIST pidl; - LPMALLOC pMalloc; - BOOL bOK = FALSE; + IFileDialog *pfd = NULL; + HRESULT hr; + BOOL bOK = FALSE; - CoInitialize (NULL); + hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); + if (FAILED(hr)) + { + return FALSE; + } - if (SUCCEEDED (SHGetMalloc (&pMalloc))) + hr = CoCreateInstance(CLSID_FileOpenDialog, NULL, CLSCTX_INPROC_SERVER, IID_PPV_ARGS(&pfd)); + if (SUCCEEDED(hr)) { - ZeroMemory (&bi, sizeof(bi)); - bi.hwndOwner = hwndDlg; - bi.pszDisplayName = 0; - bi.lpszTitle = GetString (lpszTitle); - bi.pidlRoot = 0; - bi.ulFlags = BIF_RETURNONLYFSDIRS | BIF_STATUSTEXT; - bi.lpfn = BrowseCallbackProc; - bi.lParam = (LPARAM)dirName; + // Set the options on the dialog. + DWORD dwFlags; + hr = pfd->GetOptions(&dwFlags); + if (SUCCEEDED(hr)) + { + dwFlags |= FOS_PICKFOLDERS | FOS_FORCEFILESYSTEM | FOS_NOCHANGEDIR; // Important to enable folder-picking mode + hr = pfd->SetOptions(dwFlags); + } - pidl = SHBrowseForFolderW (&bi); - if (pidl != NULL) + // Set the title. + if (lpszTitle) { - if (SHGetPathFromIDList(pidl, dirName)) + pfd->SetTitle(GetString(lpszTitle)); + } + + IShellItem *psi; + if (initialDir) + { + // Set the initial directory, if provided. + hr = SHCreateItemFromParsingName(initialDir, NULL, IID_PPV_ARGS(&psi)); + } + else + { + // set folder to "This PC" shel item + hr = SHCreateItemInKnownFolder(FOLDERID_ComputerFolder, 0, NULL, IID_PPV_ARGS(&psi)); + } + if (SUCCEEDED(hr)) + { + pfd->SetFolder(psi); + psi->Release(); + } + + // Show the dialog. + hr = pfd->Show(hwndDlg); + if (SUCCEEDED(hr)) + { + // Obtain the result when the user clicks the "OK" button. + // The result is an IShellItem object. + IShellItem *pItem; + hr = pfd->GetResult(&pItem); + if (SUCCEEDED(hr)) { - bOK = TRUE; + PWSTR pszFolderPath; + hr = pItem->GetDisplayName(SIGDN_FILESYSPATH, &pszFolderPath); + if (SUCCEEDED(hr)) + { + StringCchCopyW(dirName, MAX_PATH, pszFolderPath); + CoTaskMemFree(pszFolderPath); + bOK = TRUE; + } + pItem->Release(); } - - pMalloc->Free (pidl); - pMalloc->Release(); } + pfd->Release(); } CoUninitialize(); - return bOK; } - std::wstring GetWrongPasswordErrorMessage (HWND hwndDlg) { WCHAR szTmp[8192]; @@ -5832,11 +5565,6 @@ void handleError (HWND hwndDlg, int code, const char* srcPos) // A non-error break; - case ERR_UNSUPPORTED_TRUECRYPT_FORMAT: - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("UNSUPPORTED_TRUECRYPT_FORMAT"), (code >> 24), (code >> 16) & 0x000000FF); - MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, ICON_HAND); - break; - #ifndef SETUP case ERR_RAND_INIT_FAILED: StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("INIT_RAND"), SRC_POS, GetLastError ()); @@ -6415,11 +6143,13 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) */ { BYTE digest [MAX_DIGESTSIZE]; - WHIRLPOOL_CTX wctx; - blake2s_state bctx; + #ifndef WOLFCRYPT_BACKEND + WHIRLPOOL_CTX wctx; + STREEBOG_CTX stctx; + blake2s_state bctx; + #endif sha512_ctx s2ctx; sha256_ctx s256ctx; - STREEBOG_CTX stctx; int hid, i; @@ -6444,7 +6174,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) sha256_hash (lpTestBuffer, benchmarkBufferSize, &s256ctx); sha256_end ((unsigned char *) digest, &s256ctx); break; - + #ifndef WOLFCRYPT_BACKEND case BLAKE2S: blake2s_init(&bctx); blake2s_update(&bctx, lpTestBuffer, benchmarkBufferSize); @@ -6464,7 +6194,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) break; } - } + #endif + } if (QueryPerformanceCounter (&performanceCountEnd) == 0) goto counter_error; @@ -6505,37 +6236,38 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) case SHA512: /* PKCS-5 test with HMAC-SHA-512 used as the PRF */ - derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case SHA256: /* PKCS-5 test with HMAC-SHA-256 used as the PRF */ - derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; - + #ifndef WOLFCRYPT_BACKEND case BLAKE2S: /* PKCS-5 test with HMAC-BLAKE2s used as the PRF */ - derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case WHIRLPOOL: /* PKCS-5 test with HMAC-Whirlpool used as the PRF */ - derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case STREEBOG: /* PKCS-5 test with HMAC-STREEBOG used as the PRF */ - derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; } - } + #endif + } if (QueryPerformanceCounter (&performanceCountEnd) == 0) goto counter_error; benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; benchmarkTable[benchmarkTotalItems].id = thid; - benchmarkTable[benchmarkTotalItems].decSpeed = get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot); + benchmarkTable[benchmarkTotalItems].decSpeed = get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot); benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (unsigned __int64) (1000 * ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart / 2)); if (benchmarkPreBoot) { @@ -7167,6 +6899,7 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP case WM_INITDIALOG: { HWND hComboBox = GetDlgItem (hwndDlg, IDC_PRF_ID); + HWND hSizeUnit = GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE_UNIT); HCRYPTPROV hRngProv = NULL; VirtualLock (randPool, sizeof(randPool)); @@ -7196,6 +6929,16 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP } SelectAlgo (hComboBox, &hash_algo); + // populate keyfiles size unit combo + SendMessage (hSizeUnit, CB_RESETCONTENT, 0, 0); + AddComboPair (hSizeUnit, GetString ("BYTES"), 0); + AddComboPair (hSizeUnit, GetString ("KB"), 1); + AddComboPair (hSizeUnit, GetString ("MB"), 2); + AddComboPair (hSizeUnit, GetString ("GB"), 3); + + // set default keyfiles size unit + SendMessage (hSizeUnit, CB_SETCURSEL, 0, 0); + SetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS, bDisplayPoolContents); hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); @@ -7219,6 +6962,8 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP SetWindowText(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), L"64"); // set the maximum length of the keyfile base name to (TC_MAX_PATH - 1) SendMessage (GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), EM_SETLIMITTEXT, (WPARAM) (TC_MAX_PATH - 1), 0); + + ToHyperlink (hwndDlg, IDC_LINK_KEYFILES_EXTENSIONS_WARNING); return 1; } @@ -7303,6 +7048,13 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP if (lw == IDC_KEYFILES_RANDOM_SIZE) { EnableWindow(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), !GetCheckBox (hwndDlg, IDC_KEYFILES_RANDOM_SIZE)); + EnableWindow(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE_UNIT), !GetCheckBox (hwndDlg, IDC_KEYFILES_RANDOM_SIZE)); + } + + if (lw == IDC_LINK_KEYFILES_EXTENSIONS_WARNING) + { + Applink ("keyfilesextensions"); + return 1; } if (lw == IDC_GENERATE_AND_SAVE_KEYFILE) @@ -7313,7 +7065,10 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP wchar_t szFileName [2*TC_MAX_PATH + 16]; unsigned char *keyfile = NULL; int fhKeyfile = -1, status; - long keyfilesCount = 0, keyfilesSize = 0, i; + long keyfilesCount = 0, i; + unsigned long long keyfilesSize = 0, remainingBytes = 0; + int selectedUnitIndex, selectedUnitFactor, loopIndex, rndBytesLength; + DWORD dwLastError = 0; wchar_t* fileExtensionPtr = 0; wchar_t szSuffix[32]; BOOL bRandomSize = GetCheckBox (hwndDlg, IDC_KEYFILES_RANDOM_SIZE); @@ -7335,7 +7090,16 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP szNumber[0] = 0; keyfilesSize = wcstoul(szNumber, NULL, 0); - if (keyfilesSize < 64 || keyfilesSize > 1024*1024) + // multiply by the unit factor + selectedUnitIndex = ComboBox_GetCurSel (GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE_UNIT)); + if (selectedUnitIndex != CB_ERR) + { + selectedUnitFactor = (CK_SLOT_ID) ComboBox_GetItemData (GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE_UNIT), selectedUnitIndex); + for (loopIndex = 0; loopIndex < selectedUnitFactor; loopIndex++) + keyfilesSize *= 1024ULL; + } + + if (keyfilesSize < 64) { Warning("KEYFILE_INCORRECT_SIZE", hwndDlg); SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), TRUE); @@ -7364,7 +7128,7 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP fileExtensionPtr = wcsrchr(szFileBaseName, L'.'); /* Select directory */ - if (!BrowseDirectories (hwndDlg, "SELECT_KEYFILE_GENERATION_DIRECTORY", szDirName)) + if (!BrowseDirectories (hwndDlg, "SELECT_KEYFILE_GENERATION_DIRECTORY", szDirName, NULL)) return 1; if (szDirName[wcslen(szDirName) - 1] != L'\\' && szDirName[wcslen(szDirName) - 1] != L'/') @@ -7372,7 +7136,7 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP WaitCursor(); - keyfile = (unsigned char*) TCalloc( bRandomSize? KEYFILE_MAX_READ_LEN : keyfilesSize ); + keyfile = (unsigned char*) TCalloc(KEYFILE_MAX_READ_LEN); for (i= 0; i < keyfilesCount; i++) { @@ -7435,32 +7199,46 @@ BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP return 1; } - /* since keyfilesSize < 1024 * 1024, we mask with 0x000FFFFF */ - keyfilesSize = (long) (((unsigned long) keyfilesSize) & 0x000FFFFF); + /* since random keyfilesSize < 1024 * 1024, we mask with 0x000FFFFF */ + keyfilesSize = (unsigned long long) (((unsigned long) keyfilesSize) & 0x000FFFFF); keyfilesSize %= ((KEYFILE_MAX_READ_LEN - 64) + 1); keyfilesSize += 64; + } - /* Generate the keyfile */ - if (!RandgetBytesFull (hwndDlg, keyfile, keyfilesSize, TRUE, TRUE)) - { - _close (fhKeyfile); - DeleteFile (szFileName); - TCfree(keyfile); - NormalCursor(); - return 1; - } + remainingBytes = keyfilesSize; - /* Write the keyfile */ - status = _write (fhKeyfile, keyfile, keyfilesSize); - burn (keyfile, keyfilesSize); + do { + rndBytesLength = (int) min (remainingBytes, (unsigned long long) KEYFILE_MAX_READ_LEN); + + /* Generate the keyfile */ + if (!RandgetBytesFull (hwndDlg, keyfile, rndBytesLength, TRUE, TRUE)) + { + _close (fhKeyfile); + DeleteFile (szFileName); + TCfree(keyfile); + NormalCursor(); + return 1; + } + + /* Write the keyfile */ + status = _write (fhKeyfile, keyfile, rndBytesLength); + } while (status != -1 && (remainingBytes -= (unsigned long long) rndBytesLength) > 0); + + /* save last error code */ + if (status == -1) + dwLastError = GetLastError(); + + burn (keyfile, KEYFILE_MAX_READ_LEN); _close (fhKeyfile); if (status == -1) { TCfree(keyfile); NormalCursor(); + /* restore last error code */ + SetLastError(dwLastError); handleWin32Error (hwndDlg, SRC_POS); return 1; } @@ -8195,15 +7973,6 @@ BOOL CheckFileExtension (wchar_t *fileName) return FALSE; } -BOOL IsTrueCryptFileExtension (wchar_t *fileName) -{ - wchar_t *ext = wcsrchr (fileName, L'.'); - if (ext && !_wcsicmp (ext, L".tc")) - return TRUE; - else - return FALSE; -} - void CorrectFileName (wchar_t* fileName) { /* replace '/' by '\' */ @@ -8432,7 +8201,7 @@ void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap) eventId = SHCNE_DRIVEADD; else if (message == DBT_DEVICEREMOVECOMPLETE) eventId = SHCNE_DRIVEREMOVED; - else if (IsOSAtLeast (WIN_7) && message == DBT_DEVICEREMOVEPENDING) // Explorer on Windows 7 holds open handles of all drives when 'Computer' is expanded in navigation pane. SHCNE_DRIVEREMOVED must be used as DBT_DEVICEREMOVEPENDING is ignored. + else if (message == DBT_DEVICEREMOVEPENDING) // Explorer on Windows 7 holds open handles of all drives when 'Computer' is expanded in navigation pane. SHCNE_DRIVEREMOVED must be used as DBT_DEVICEREMOVEPENDING is ignored. eventId = SHCNE_DRIVEREMOVED; if (driveMap == 0) @@ -8847,7 +8616,6 @@ int MountVolume (HWND hwndDlg, Password *password, int pkcs5, int pim, - BOOL truecryptMode, BOOL cachePassword, BOOL cachePim, BOOL sharedAccess, @@ -8928,7 +8696,6 @@ retry: else mount.bMountManager = TRUE; mount.pkcs5_prf = pkcs5; - mount.bTrueCryptMode = truecryptMode; mount.VolumePim = pim; wstring path = volumePath; @@ -8995,47 +8762,44 @@ retry: mount.BytesPerPhysicalSector = bps; } - if (IsOSAtLeast (WIN_VISTA)) + if ( (wcslen(root) >= 2) + && (root[1] == L':') + && (towupper(root[0]) >= L'A' && towupper(root[0]) <= L'Z') + ) { - if ( (wcslen(root) >= 2) - && (root[1] == L':') - && (towupper(root[0]) >= L'A' && towupper(root[0]) <= L'Z') - ) - { - wstring drivePath = L"\\\\.\\X:"; - HANDLE dev = INVALID_HANDLE_VALUE; - VOLUME_DISK_EXTENTS extents = {0}; - DWORD dwResult = 0; - drivePath[4] = root[0]; + wstring drivePath = L"\\\\.\\X:"; + HANDLE dev = INVALID_HANDLE_VALUE; + VOLUME_DISK_EXTENTS extents = {0}; + DWORD dwResult = 0; + drivePath[4] = root[0]; - if ((dev = CreateFile (drivePath.c_str(),0, 0, NULL, OPEN_EXISTING, 0, NULL)) != INVALID_HANDLE_VALUE) + if ((dev = CreateFile (drivePath.c_str(),0, 0, NULL, OPEN_EXISTING, 0, NULL)) != INVALID_HANDLE_VALUE) + { + if (DeviceIoControl (dev, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, &extents, sizeof(extents), &dwResult, NULL)) { - if (DeviceIoControl (dev, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, &extents, sizeof(extents), &dwResult, NULL)) + if (extents.NumberOfDiskExtents > 0) { - if (extents.NumberOfDiskExtents > 0) + STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR accessDesc; + STORAGE_ADAPTER_DESCRIPTOR adapterDesc; + + if (GetPhysicalDriveStorageInformation (extents.Extents[0].DiskNumber, &accessDesc, &adapterDesc)) { - STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR accessDesc; - STORAGE_ADAPTER_DESCRIPTOR adapterDesc; + if (accessDesc.Size >= sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR)) + { + mount.BytesPerSector = accessDesc.BytesPerLogicalSector; + mount.BytesPerPhysicalSector = accessDesc.BytesPerPhysicalSector; + } - if (GetPhysicalDriveStorageInformation (extents.Extents[0].DiskNumber, &accessDesc, &adapterDesc)) + if (adapterDesc.Size >= sizeof (STORAGE_ADAPTER_DESCRIPTOR)) { - if (accessDesc.Size >= sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR)) - { - mount.BytesPerSector = accessDesc.BytesPerLogicalSector; - mount.BytesPerPhysicalSector = accessDesc.BytesPerPhysicalSector; - } - - if (adapterDesc.Size >= sizeof (STORAGE_ADAPTER_DESCRIPTOR)) - { - mount.MaximumTransferLength = adapterDesc.MaximumTransferLength; - mount.MaximumPhysicalPages = adapterDesc.MaximumPhysicalPages; - mount.AlignmentMask = adapterDesc.AlignmentMask; - } + mount.MaximumTransferLength = adapterDesc.MaximumTransferLength; + mount.MaximumPhysicalPages = adapterDesc.MaximumPhysicalPages; + mount.AlignmentMask = adapterDesc.AlignmentMask; } } } - CloseHandle (dev); } + CloseHandle (dev); } } @@ -9049,8 +8813,7 @@ retry: { if (mount.wszVolume == NULL || swscanf_s ((const wchar_t *) mount.wszVolume, WIDE("\\Device\\Harddisk%d\\Partition"), - &mount.nPartitionInInactiveSysEncScopeDriveNo, - sizeof(mount.nPartitionInInactiveSysEncScopeDriveNo)) != 1) + &mount.nPartitionInInactiveSysEncScopeDriveNo) != 1) { if (!quiet) Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg); @@ -9084,7 +8847,6 @@ retry: burn (&mount.VolumePassword, sizeof (mount.VolumePassword)); burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword)); burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf)); - burn (&mount.bTrueCryptMode, sizeof (mount.bTrueCryptMode)); burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf)); SetLastError (dwLastError); @@ -9243,6 +9005,17 @@ retry: } } + if (mount.VolumeMountedReadOnlyAfterPartialSysEnc + && !Silent + && bDevice) + { + wchar_t msg[1024]; + wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + StringCbPrintfW (msg, sizeof(msg), GetString ("PARTIAL_SYSENC_MOUNT_READONLY"), mountPoint); + + WarningDirect (msg, hwndDlg); + } + if (mount.wszLabel[0] && !mount.bDriverSetLabel) { // try setting the drive label on user-mode using registry @@ -9329,12 +9102,9 @@ retry: goto retry; } - if (IsOSAtLeast (WIN_7)) - { - // Undo SHCNE_DRIVEREMOVED - wchar_t root[] = { (wchar_t) nDosDriveNo + L'A', L':', L'\\', 0 }; - SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL); - } + // Undo SHCNE_DRIVEREMOVED + wchar_t root[] = { (wchar_t) nDosDriveNo + L'A', L':', L'\\', 0 }; + SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL); return FALSE; } @@ -9534,9 +9304,6 @@ BOOL IsUacSupported () HKEY hkey; DWORD value = 1, size = sizeof (DWORD); - if (!IsOSAtLeast (WIN_VISTA)) - return FALSE; - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0, KEY_READ, &hkey) == ERROR_SUCCESS) { if (RegQueryValueEx (hkey, L"EnableLUA", 0, 0, (LPBYTE) &value, &size) != ERROR_SUCCESS) @@ -10203,12 +9970,12 @@ void CleanLastVisitedMRU (void) GetModuleFileNameW (NULL, exeFilename, sizeof (exeFilename) / sizeof(exeFilename[0])); strToMatch = wcsrchr (exeFilename, L'\\') + 1; - StringCbPrintfW (regPath, sizeof(regPath), L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisited%sMRU", IsOSAtLeast (WIN_VISTA) ? L"Pidl" : L""); + StringCbCopyW (regPath, sizeof(regPath), L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU"); - for (id = (IsOSAtLeast (WIN_VISTA) ? 0 : L'a'); id <= (IsOSAtLeast (WIN_VISTA) ? 1000 : L'z'); id++) + for (id = 0; id <= 1000; id++) { *strTmp = 0; - StringCbPrintfW (key, sizeof(key), (IsOSAtLeast (WIN_VISTA) ? L"%d" : L"%c"), id); + StringCbPrintfW (key, sizeof(key), L"%d", id); if ((len = ReadRegistryBytes (regPath, key, (char *) strTmp, sizeof (strTmp))) > 0) { @@ -10224,48 +9991,26 @@ void CleanLastVisitedMRU (void) DeleteRegistryValue (regPath, key); // Remove ID from MRUList - if (IsOSAtLeast (WIN_VISTA)) - { - int *p = (int *)buf; - int *pout = (int *)bufout; - int l; - - l = len = ReadRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", buf, sizeof (buf)); - while (l > 0) - { - l -= sizeof (int); - - if (*p == id) - { - p++; - len -= sizeof (int); - continue; - } - *pout++ = *p++; - } + int *p = (int *)buf; + int *pout = (int *)bufout; + int l; - WriteRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", bufout, len); - } - else + l = len = ReadRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", buf, sizeof (buf)); + while (l > 0) { - wchar_t *p = (wchar_t*) buf; - wchar_t *pout = (wchar_t*) bufout; + l -= sizeof (int); - ReadRegistryString (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedMRU", L"MRUList", L"", (wchar_t*) buf, sizeof (buf)); - while (*p) + if (*p == id) { - if (*p == id) - { - p++; - continue; - } - *pout++ = *p++; + p++; + len -= sizeof (int); + continue; } - *pout++ = 0; - - WriteRegistryString (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedMRU", L"MRUList", (wchar_t*) bufout); + *pout++ = *p++; } + WriteRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", bufout, len); + break; } } @@ -10446,7 +10191,7 @@ void TaskBarIconDisplayBalloonTooltip (HWND hwnd, wchar_t *headline, wchar_t *te tnid.uFlags = NIF_INFO; tnid.dwInfoFlags = (warning ? NIIF_WARNING : NIIF_INFO); - tnid.uTimeout = (IsOSAtLeast (WIN_VISTA) ? 1000 : 5000); // in ms + tnid.uTimeout = 1000; // in ms StringCbCopyW (tnid.szInfoTitle, sizeof(tnid.szInfoTitle), headline); StringCbCopyW (tnid.szInfo, sizeof(tnid.szInfo),text); @@ -11043,17 +10788,8 @@ BOOL IsSupportedOS () else MessageBoxW (NULL, L"SHA-2 support missing from Windows.\n\nPlease Install KB3033929 or KB4474419", lpszTitle, MB_ICONWARNING); } - else if (IsOSAtLeast(WIN_VISTA)) - { - if (OneOfKBsInstalled(szWinVistaKBs, 2)) - bRet = TRUE; - else - MessageBoxW (NULL, L"SHA-2 support missing from Windows.\n\nPlease Install KB4039648 or KB4474419", lpszTitle, MB_ICONWARNING); - } - else if (IsOSAtLeast(WIN_XP)) - bRet = TRUE; #else - if (IsOSAtLeast(WIN_XP)) + if (IsOSAtLeast(WIN_7)) bRet = TRUE; #endif @@ -11391,6 +11127,10 @@ void Applink (const char *dest) { StringCbCopyW (page, sizeof (page),L"Keyfiles.html"); } + else if (strcmp(dest, "keyfilesextensions") == 0) + { + StringCbCopyW (page, sizeof (page),L"Avoid%20Third-Party%20File%20Extensions.html"); + } else if (strcmp(dest, "introcontainer") == 0) { StringCbCopyW (page, sizeof (page),L"Creating%20New%20Volumes.html"); @@ -11476,6 +11216,10 @@ void Applink (const char *dest) { StringCbCopyW (page, sizeof (page),L"Personal%20Iterations%20Multiplier%20%28PIM%29.html"); } + else if (strcmp(dest, "memoryprotection") == 0) + { + StringCbCopyW (page, sizeof (page),L"VeraCrypt%20Memory%20Protection.html"); + } else { StringCbCopyW (url, sizeof (url),TC_APPLINK); @@ -11484,11 +11228,25 @@ void Applink (const char *dest) if (buildUrl) { + // in case of setup, open the online documentation if we are connected to Internet because existing documentation may be outdated +#ifdef SETUP + if (IsInternetConnected()) + { + StringCbPrintfW (url, sizeof (url), L"https://www.veracrypt.fr/en/%s", page); + buildUrl = FALSE; + } + else + { + StringCbPrintfW (url, sizeof (url), L"file:///%sdocs/html/en/%s", installDir, page); + CorrectURL (url); + } +#else StringCbPrintfW (url, sizeof (url), L"file:///%sdocs/html/en/%s", installDir, page); CorrectURL (url); +#endif } - if (IsOSAtLeast (WIN_VISTA) && IsAdmin ()) + if (IsAdmin ()) { int openDone = 0; if (buildUrl) @@ -11498,7 +11256,7 @@ void Applink (const char *dest) StringCbCopyW (pageFileName, sizeof(pageFileName), page); /* remove escape sequences from the page name before calling FileExists function */ - if (S_OK == UrlUnescapeWFn (pageFileName, pageFileName, &cchUnescaped, URL_UNESCAPE_INPLACE)) + if (S_OK == UrlUnescapeW (pageFileName, pageFileName, &cchUnescaped, URL_UNESCAPE_INPLACE)) { std::wstring pageFullPath = installDir; pageFullPath += L"docs\\html\\en\\"; @@ -11570,8 +11328,6 @@ void HandleDriveNotReadyError (HWND hwnd) { Warning ("SYS_AUTOMOUNT_DISABLED", hwnd); } - else if (nCurrentOS == WIN_VISTA && CurrentOSServicePack < 1) - Warning ("SYS_ASSIGN_DRIVE_LETTER", hwnd); else Warning ("DEVICE_NOT_READY_ERROR", hwnd); @@ -11586,7 +11342,8 @@ BOOL CALLBACK CloseTCWindowsEnum (HWND hwnd, LPARAM lParam) { wchar_t name[1024] = { 0 }; GetWindowText (hwnd, name, ARRAYSIZE (name) - 1); - if (hwnd != MainDlg && wcsstr (name, L"VeraCrypt")) + // check if the window is a VeraCrypt window, excluding current process main dialog and VeraCrypt Setup window + if (hwnd != MainDlg && wcsstr (name, L"VeraCrypt") && !wcsstr (name, L"VeraCrypt Setup")) { PostMessage (hwnd, TC_APPMSG_CLOSE_BKG_TASK, 0, 0); @@ -11663,7 +11420,7 @@ void ReportUnexpectedState (const char *techInfo) #ifndef SETUP -int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader) +int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader) { int status = ERR_PARAMETER_INCORRECT; int volumeType; @@ -11838,7 +11595,7 @@ int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password } // Decrypt volume header - status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, truecryptMode, &context->CryptoInfo, NULL); + status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, &context->CryptoInfo, NULL); if (status == ERR_PASSWORD_WRONG) continue; // Try next volume type @@ -12167,11 +11924,11 @@ static BOOL CALLBACK NewSecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPA WaitCursor(); finally_do ({ NormalCursor(); }); - list <SecurityTokenInfo> tokens; + list <shared_ptr<TokenInfo>> tokens; try { - tokens = SecurityToken::GetAvailableTokens(); + tokens = Token::GetAvailableTokens(); } catch (Exception &e) { @@ -12185,12 +11942,12 @@ static BOOL CALLBACK NewSecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPA return 1; } - foreach (const SecurityTokenInfo &token, tokens) + foreach (const shared_ptr<TokenInfo> token, tokens) { wstringstream tokenLabel; - tokenLabel << L"[" << token.SlotId << L"] " << token.Label; + tokenLabel << L"[" << token->SlotId << L"] " << token->Label; - AddComboPair (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), tokenLabel.str().c_str(), token.SlotId); + AddComboPair (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), tokenLabel.str().c_str(), token->SlotId); } ComboBox_SetCurSel (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), 0); @@ -12244,7 +12001,7 @@ static BOOL CALLBACK NewSecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPA } -static void SecurityTokenKeyfileDlgFillList (HWND hwndDlg, const vector <SecurityTokenKeyfile> &keyfiles) +static void SecurityTokenKeyfileDlgFillList (HWND hwndDlg, const vector <shared_ptr<TokenKeyfile>> &keyfiles) { HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); LVITEMW lvItem; @@ -12252,18 +12009,18 @@ static void SecurityTokenKeyfileDlgFillList (HWND hwndDlg, const vector <Securit ListView_DeleteAllItems (tokenListControl); - foreach (const SecurityTokenKeyfile &keyfile, keyfiles) + foreach (const shared_ptr<TokenKeyfile> keyfile, keyfiles) { memset (&lvItem, 0, sizeof(lvItem)); lvItem.mask = LVIF_TEXT; lvItem.iItem = line++; wstringstream s; - s << keyfile.SlotId; + s << keyfile->Token->SlotId; ListItemAdd (tokenListControl, lvItem.iItem, (wchar_t *) s.str().c_str()); - ListSubItemSet (tokenListControl, lvItem.iItem, 1, (wchar_t *) keyfile.Token.Label.c_str()); - ListSubItemSet (tokenListControl, lvItem.iItem, 2, (wchar_t *) keyfile.Id.c_str()); + ListSubItemSet (tokenListControl, lvItem.iItem, 1, (wchar_t *) keyfile->Token->Label.c_str()); + ListSubItemSet (tokenListControl, lvItem.iItem, 2, (wchar_t *) keyfile->Id.c_str()); } BOOL selected = (ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST), -1, LVIS_SELECTED) != -1); @@ -12272,10 +12029,10 @@ static void SecurityTokenKeyfileDlgFillList (HWND hwndDlg, const vector <Securit } -static list <SecurityTokenKeyfile> SecurityTokenKeyfileDlgGetSelected (HWND hwndDlg, const vector <SecurityTokenKeyfile> &keyfiles) +static list <shared_ptr<TokenKeyfile>> SecurityTokenKeyfileDlgGetSelected (HWND hwndDlg, const vector <shared_ptr<TokenKeyfile>> &keyfiles) { HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); - list <SecurityTokenKeyfile> selectedKeyfiles; + list <shared_ptr<TokenKeyfile>> selectedKeyfiles; int itemId = -1; while ((itemId = ListView_GetNextItem (tokenListControl, itemId, LVIS_SELECTED)) != -1) @@ -12289,8 +12046,8 @@ static list <SecurityTokenKeyfile> SecurityTokenKeyfileDlgGetSelected (HWND hwnd BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) { - static list <SecurityTokenKeyfilePath> *selectedTokenKeyfiles; - static vector <SecurityTokenKeyfile> keyfiles; + static list <TokenKeyfilePath> *selectedTokenKeyfiles; + static vector <shared_ptr<TokenKeyfile>> keyfiles; WORD lw = LOWORD (wParam); @@ -12298,7 +12055,7 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam { case WM_INITDIALOG: { - selectedTokenKeyfiles = (list <SecurityTokenKeyfilePath> *) lParam; + selectedTokenKeyfiles = (list <TokenKeyfilePath> *) lParam; LVCOLUMNW LvCol; HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); @@ -12333,7 +12090,7 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam WaitCursor(); finally_do ({ NormalCursor(); }); - keyfiles = SecurityToken::GetAvailableKeyfiles(); + keyfiles = Token::GetAvailableKeyfiles(EMVSupportEnabled? true : false); } catch (UserAbort&) { @@ -12361,9 +12118,9 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam { if (selectedTokenKeyfiles) { - foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) + foreach (const shared_ptr<TokenKeyfile> &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) { - selectedTokenKeyfiles->push_back (SecurityTokenKeyfilePath (keyfile)); + selectedTokenKeyfiles->push_back (TokenKeyfilePath (*keyfile)); } } @@ -12374,8 +12131,19 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam if (msg == WM_NOTIFY && ((LPNMHDR) lParam)->code == LVN_ITEMCHANGED) { BOOL selected = (ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST), -1, LVIS_SELECTED) != -1); + BOOL deletable = selected; + // Multiple key files can be selected. + // Therefore, if one of them is not deletable, it means the delete button must be disabled for all. + foreach (const shared_ptr<TokenKeyfile> &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) + { + if (!keyfile->Token->isEditable()) + { + deletable = false; + break; + } + } EnableWindow (GetDlgItem (hwndDlg, IDC_EXPORT), selected); - EnableWindow (GetDlgItem (hwndDlg, IDC_DELETE), selected); + EnableWindow (GetDlgItem (hwndDlg, IDC_DELETE), deletable); return 1; } @@ -12391,7 +12159,7 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam { wchar_t keyfilePath[TC_MAX_PATH]; - if (BrowseFiles (hwndDlg, "SELECT_KEYFILE", keyfilePath, bHistory, FALSE, NULL)) + if (BrowseFiles (hwndDlg, "SELECT_KEYFILE", keyfilePath, bHistory, FALSE)) { DWORD keyfileSize; byte *keyfileData = (byte *) LoadFile (keyfilePath, &keyfileSize); @@ -12422,7 +12190,7 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam SecurityToken::CreateKeyfile (newParams.SlotId, keyfileDataVector, newParams.Name); - keyfiles = SecurityToken::GetAvailableKeyfiles(); + keyfiles = Token::GetAvailableKeyfiles(EMVSupportEnabled? true : false); SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); } catch (Exception &e) @@ -12450,11 +12218,11 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam { try { - foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) + foreach (const shared_ptr<TokenKeyfile> &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) { wchar_t keyfilePath[TC_MAX_PATH]; - if (!BrowseFiles (hwndDlg, "OPEN_TITLE", keyfilePath, bHistory, TRUE, NULL)) + if (!BrowseFiles (hwndDlg, "OPEN_TITLE", keyfilePath, bHistory, TRUE)) break; { @@ -12463,7 +12231,7 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam vector <byte> keyfileData; - SecurityToken::GetKeyfileData (keyfile, keyfileData); + keyfile->GetKeyfileData (keyfileData); if (keyfileData.empty()) { @@ -12499,12 +12267,12 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam WaitCursor(); finally_do ({ NormalCursor(); }); - foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) + foreach (const shared_ptr<TokenKeyfile> keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) { - SecurityToken::DeleteKeyfile (keyfile); + SecurityToken::DeleteKeyfile (dynamic_cast<SecurityTokenKeyfile&>(*keyfile.get())); } - keyfiles = SecurityToken::GetAvailableKeyfiles(); + keyfiles = Token::GetAvailableKeyfiles(EMVSupportEnabled? true : false); SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); } catch (Exception &e) @@ -13469,11 +13237,6 @@ BOOL IsWindowsIsoBurnerAvailable () { wchar_t path[MAX_PATH*2] = { 0 }; - if (!IsOSAtLeast (WIN_7)) - { - return FALSE; - } - if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_SYSTEM, NULL, 0, path))) { StringCbCatW (path, MAX_PATH*2, L"\\" ISO_BURNER_TOOL); @@ -13747,36 +13510,36 @@ void RegisterDriverInf (bool registerFilter, const string& filter, const string& infFile.Write ((byte *) infTxt.c_str(), (DWORD) infTxt.size()); infFile.Close(); - HINF hInf = SetupOpenInfFileWFn (infFileName.c_str(), NULL, INF_STYLE_OLDNT | INF_STYLE_WIN4, NULL); + HINF hInf = SetupOpenInfFileW (infFileName.c_str(), NULL, INF_STYLE_OLDNT | INF_STYLE_WIN4, NULL); throw_sys_if (hInf == INVALID_HANDLE_VALUE); - finally_do_arg (HINF, hInf, { SetupCloseInfFileFn (finally_arg); }); + finally_do_arg (HINF, hInf, { SetupCloseInfFile (finally_arg); }); - throw_sys_if (!SetupInstallFromInfSectionWFn (ParentWindow, hInf, L"veracrypt", SPINST_REGISTRY, regKey, NULL, 0, NULL, NULL, NULL, NULL)); + throw_sys_if (!SetupInstallFromInfSectionW (ParentWindow, hInf, L"veracrypt", SPINST_REGISTRY, regKey, NULL, 0, NULL, NULL, NULL, NULL)); } HKEY OpenDeviceClassRegKey (const GUID *deviceClassGuid) { - return SetupDiOpenClassRegKeyFn (deviceClassGuid, KEY_READ | KEY_WRITE); + return SetupDiOpenClassRegKey (deviceClassGuid, KEY_READ | KEY_WRITE); } LSTATUS DeleteRegistryKey (HKEY hKey, LPCTSTR keyName) { - return SHDeleteKeyWFn(hKey, keyName); + return SHDeleteKeyW(hKey, keyName); } HIMAGELIST CreateImageList(int cx, int cy, UINT flags, int cInitial, int cGrow) { - return ImageList_CreateFn(cx, cy, flags, cInitial, cGrow); + return ImageList_Create(cx, cy, flags, cInitial, cGrow); } int AddBitmapToImageList(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask) { - return ImageList_AddFn(himl, hbmImage, hbmMask); + return ImageList_Add(himl, hbmImage, hbmMask); } HRESULT VCStrDupW(LPCWSTR psz, LPWSTR *ppwsz) { - return SHStrDupWFn (psz, ppwsz); + return SHStrDupW (psz, ppwsz); } @@ -13799,16 +13562,13 @@ void ProcessEntropyEstimate (HWND hProgress, DWORD* pdwInitialValue, DWORD dwCou else *pdwEntropy = dwMaxLevel; - if (IsOSAtLeast (WIN_VISTA)) - { - int state = PBST_ERROR; - if (*pdwEntropy >= (dwMaxLevel/2)) - state = PBST_NORMAL; - else if (*pdwEntropy >= (dwMaxLevel/4)) - state = PBST_PAUSED; + int state = PBST_ERROR; + if (*pdwEntropy >= (dwMaxLevel/2)) + state = PBST_NORMAL; + else if (*pdwEntropy >= (dwMaxLevel/4)) + state = PBST_PAUSED; - SendMessage (hProgress, PBM_SETSTATE, state, 0); - } + SendMessage (hProgress, PBM_SETSTATE, state, 0); SendMessage (hProgress, PBM_SETPOS, (WPARAM) (*pdwEntropy), @@ -13818,10 +13578,8 @@ void ProcessEntropyEstimate (HWND hProgress, DWORD* pdwInitialValue, DWORD dwCou void AllowMessageInUIPI (UINT msg) { - if (ChangeWindowMessageFilterFn) - { - ChangeWindowMessageFilterFn (msg, MSGFLT_ADD); - } + /* ChangeWindowMessageFilter is used to enable some messages bypasss UIPI (User Interface Privilege Isolation) */ + ChangeWindowMessageFilter (msg, MSGFLT_ADD); } BOOL IsRepeatedByteArray (byte value, const byte* buffer, size_t bufferSize) @@ -13937,7 +13695,45 @@ BOOL SetPrivilege(LPTSTR szPrivilegeName, BOOL bEnable) tkp.Privileges[0].Attributes = bEnable? SE_PRIVILEGE_ENABLED : SE_PRIVILEGE_REMOVED; bRet = AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, NULL, NULL); - if (!bRet) + dwLastError = GetLastError (); + if ( ERROR_SUCCESS != dwLastError) + { + bRet = FALSE; + } + } + else + dwLastError = GetLastError (); + + CloseHandle(hToken); + } + else + dwLastError = GetLastError (); + + SetLastError (dwLastError); + + return bRet; +} + +BOOL IsPrivilegeEnabled (LPTSTR szPrivilegeName) +{ + HANDLE hToken; + TOKEN_PRIVILEGES tkp; + BOOL bRet = FALSE; + DWORD dwLastError = 0; + + if (OpenProcessToken(GetCurrentProcess(), + TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, + &hToken)) + { + if (LookupPrivilegeValue(NULL, szPrivilegeName, + &tkp.Privileges[0].Luid)) + { + DWORD dwSize = sizeof (tkp); + if (GetTokenInformation (hToken, TokenPrivileges, &tkp, dwSize, &dwSize)) + { + bRet = (tkp.Privileges[0].Attributes & SE_PRIVILEGE_ENABLED) != 0; + } + else dwLastError = GetLastError (); } else @@ -13991,7 +13787,7 @@ static BOOL GenerateRandomString (HWND hwndDlg, LPTSTR szName, DWORD maxCharsCou bRet = RandgetBytesFull (hwndDlg, indexes, maxCharsCount + 1, TRUE, TRUE); if (bRet) { - static LPCTSTR chars = _T("0123456789@#$%^&_-*abcdefghijklmnopqrstuvwxyz"); + static LPCTSTR chars = _T("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_"); DWORD i, charsLen = (DWORD) _tcslen (chars); DWORD effectiveLen = (indexes[0] % (64 - 16)) + 16; // random length between 16 to 64 effectiveLen = (effectiveLen > maxCharsCount)? maxCharsCount : effectiveLen; @@ -14032,13 +13828,14 @@ typedef struct DLGPROC lpDialogFunc; LPARAM dwInitParam; INT_PTR retValue; + BOOL bDlgDisplayed; // set to TRUE if the dialog was displayed on secure desktop } SecureDesktopThreadParam; typedef struct { LPCWSTR szVCDesktopName; HDESK hVcDesktop; - volatile BOOL* pbStopMonitoring; + HANDLE hStopEvent; // event to signal when to stop monitoring } SecureDesktopMonitoringThreadParam; #define SECUREDESKTOP_MONOTIR_PERIOD 500 @@ -14050,11 +13847,12 @@ static unsigned int __stdcall SecureDesktopMonitoringThread( LPVOID lpThreadPara SecureDesktopMonitoringThreadParam* pMonitorParam = (SecureDesktopMonitoringThreadParam*) lpThreadParameter; if (pMonitorParam) { - volatile BOOL* pbStopMonitoring = pMonitorParam->pbStopMonitoring; + HANDLE hStopEvent = pMonitorParam->hStopEvent; LPCWSTR szVCDesktopName = pMonitorParam->szVCDesktopName; HDESK hVcDesktop = pMonitorParam->hVcDesktop; - while (!*pbStopMonitoring) + // loop until the stop event is signaled + while (WaitForSingleObject (hStopEvent, SECUREDESKTOP_MONOTIR_PERIOD) == WAIT_TIMEOUT) { // check that our secure desktop is still the input desktop // otherwise, switch to it @@ -14071,7 +13869,9 @@ static unsigned int __stdcall SecureDesktopMonitoringThread( LPVOID lpThreadPara { if (GetUserObjectInformation (currentDesk, UOI_NAME, szName, dwLen, &dwLen)) { - if (0 != _wcsicmp (szName, szVCDesktopName)) + if (0 == _wcsicmp(szName, L"Default")) // default input desktop for the interactive window station + bPerformSwitch = TRUE; + else if (0 != _wcsicmp (szName, szVCDesktopName)) bPerformSwitch = TRUE; } free (szName); @@ -14082,61 +13882,78 @@ static unsigned int __stdcall SecureDesktopMonitoringThread( LPVOID lpThreadPara if (bPerformSwitch) SwitchDesktop (hVcDesktop); - - Sleep (SECUREDESKTOP_MONOTIR_PERIOD); } } return 0; } -static DWORD WINAPI SecureDesktopThread(LPVOID lpThreadParameter) +static unsigned int __stdcall SecureDesktopThread( LPVOID lpThreadParameter ) { - volatile BOOL bStopMonitoring = FALSE; HANDLE hMonitoringThread = NULL; unsigned int monitoringThreadID = 0; SecureDesktopThreadParam* pParam = (SecureDesktopThreadParam*) lpThreadParameter; SecureDesktopMonitoringThreadParam monitorParam; - HDESK hOriginalDesk = GetThreadDesktop (GetCurrentThreadId ()); BOOL bNewDesktopSet = FALSE; + HDESK hSecureDesk; + DWORD desktopAccess = DESKTOP_CREATEMENU | DESKTOP_CREATEWINDOW | DESKTOP_READOBJECTS | DESKTOP_SWITCHDESKTOP | DESKTOP_WRITEOBJECTS; + + hSecureDesk = CreateDesktop (pParam->szDesktopName, NULL, NULL, 0, desktopAccess, NULL); + if (!hSecureDesk) + { + return 0; + } + + StringCbCopy(SecureDesktopName, sizeof (SecureDesktopName), pParam->szDesktopName); + pParam->hDesk = hSecureDesk; // wait for SwitchDesktop to succeed before using it for current thread while (true) { - if (SwitchDesktop (pParam->hDesk)) + if (SwitchDesktop (hSecureDesk)) { - bNewDesktopSet = TRUE; break; } Sleep (SECUREDESKTOP_MONOTIR_PERIOD); } + bNewDesktopSet = SetThreadDesktop (hSecureDesk); + if (bNewDesktopSet) { - SetThreadDesktop (pParam->hDesk); - // create the thread that will ensure that VeraCrypt secure desktop has always user input - monitorParam.szVCDesktopName = pParam->szDesktopName; - monitorParam.hVcDesktop = pParam->hDesk; - monitorParam.pbStopMonitoring = &bStopMonitoring; - hMonitoringThread = (HANDLE) _beginthreadex (NULL, 0, SecureDesktopMonitoringThread, (LPVOID) &monitorParam, 0, &monitoringThreadID); - } + // this is done only if the stop event is created successfully + HANDLE hStopEvent = CreateEvent(NULL, TRUE, FALSE, NULL); + if (hStopEvent) + { + monitorParam.szVCDesktopName = pParam->szDesktopName; + monitorParam.hVcDesktop = hSecureDesk; + monitorParam.hStopEvent = hStopEvent; + hMonitoringThread = (HANDLE) _beginthreadex (NULL, 0, SecureDesktopMonitoringThread, (LPVOID) &monitorParam, 0, &monitoringThreadID); + } - pParam->retValue = DialogBoxParamW (pParam->hInstance, pParam->lpTemplateName, - NULL, pParam->lpDialogFunc, pParam->dwInitParam); + pParam->retValue = DialogBoxParamW (pParam->hInstance, pParam->lpTemplateName, + NULL, pParam->lpDialogFunc, pParam->dwInitParam); - if (hMonitoringThread) - { - bStopMonitoring = TRUE; + if (hMonitoringThread) + { + // notify the monitoring thread to stop + SetEvent(hStopEvent); - WaitForSingleObject (hMonitoringThread, INFINITE); - CloseHandle (hMonitoringThread); - } + WaitForSingleObject (hMonitoringThread, INFINITE); + CloseHandle (hMonitoringThread); + } - if (bNewDesktopSet) + if (hStopEvent) + { + CloseHandle (hStopEvent); + } + + pParam->bDlgDisplayed = TRUE; + } + else { - SetThreadDesktop (hOriginalDesk); - SwitchDesktop (hOriginalDesk); + pParam->bDlgDisplayed = FALSE; } return 0; @@ -14187,17 +14004,36 @@ INT_PTR SecureDesktopDialogBoxParam( if (bEffectiveUseSecureDesktop && !IsThreadInSecureDesktop(GetCurrentThreadId())) { + BOOL bRandomNameGenerated = FALSE; + HDESK existedDesk = NULL; EnterCriticalSection (&csSecureDesktop); bSecureDesktopOngoing = TRUE; finally_do ({ bSecureDesktopOngoing = FALSE; LeaveCriticalSection (&csSecureDesktop); }); - if (GenerateRandomString (hWndParent, szDesktopName, 64)) + // ensure that the randomly generated name is not already used + do + { + if (existedDesk) + { + CloseDesktop (existedDesk); + existedDesk = NULL; + } + if (GenerateRandomString (hWndParent, szDesktopName, 64)) + { + existedDesk = OpenDesktop (szDesktopName, 0, FALSE, GENERIC_READ); + if (!existedDesk) + { + bRandomNameGenerated = TRUE; + } + } + } while (existedDesk); + + if (bRandomNameGenerated) { map<DWORD, BOOL> ctfmonBeforeList, ctfmonAfterList; - DWORD desktopAccess = DESKTOP_CREATEMENU | DESKTOP_CREATEWINDOW | DESKTOP_READOBJECTS | DESKTOP_SWITCHDESKTOP | DESKTOP_WRITEOBJECTS; - HDESK hSecureDesk; + HDESK hOriginalDesk = NULL; + SecureDesktopThreadParam param; - HDESK hInputDesk = NULL; // wait for the input desktop to be available before switching to // secure desktop. Under Windows 10, the user session can be started @@ -14205,59 +14041,66 @@ INT_PTR SecureDesktopDialogBoxParam( // case, we wait for the user to be really authenticated before starting // secure desktop mechanism - while (!(hInputDesk = OpenInputDesktop (0, TRUE, GENERIC_READ))) + while (!(hOriginalDesk = OpenInputDesktop (0, TRUE, GENERIC_ALL))) { Sleep (SECUREDESKTOP_MONOTIR_PERIOD); } - - CloseDesktop (hInputDesk); // get the initial list of ctfmon.exe processes before creating new desktop GetCtfMonProcessIdList (ctfmonBeforeList); - hSecureDesk = CreateDesktop (szDesktopName, NULL, NULL, 0, desktopAccess, NULL); - if (hSecureDesk) - { - SecureDesktopThreadParam param; - - param.hDesk = hSecureDesk; - param.szDesktopName = szDesktopName; - param.hInstance = hInstance; - param.lpTemplateName = lpTemplateName; - param.lpDialogFunc = lpDialogFunc; - param.dwInitParam = dwInitParam; - param.retValue = 0; - - HANDLE hThread = ::CreateThread (NULL, 0, SecureDesktopThread, (LPVOID) ¶m, 0, NULL); - if (hThread) - { - StringCbCopy(SecureDesktopName, sizeof (SecureDesktopName), szDesktopName); + param.hDesk = NULL; + param.szDesktopName = szDesktopName; + param.hInstance = hInstance; + param.lpTemplateName = lpTemplateName; + param.lpDialogFunc = lpDialogFunc; + param.dwInitParam = dwInitParam; + param.retValue = 0; + param.bDlgDisplayed = FALSE; - WaitForSingleObject (hThread, INFINITE); - CloseHandle (hThread); + // use _beginthreadex instead of CreateThread because lpDialogFunc may be using the C runtime library + HANDLE hThread = (HANDLE) _beginthreadex (NULL, 0, SecureDesktopThread, (LPVOID) ¶m, 0, NULL); + if (hThread) + { + WaitForSingleObject (hThread, INFINITE); + CloseHandle (hThread); + if (param.bDlgDisplayed) + { + // dialog box was indeed displayed in Secure Desktop retValue = param.retValue; bSuccess = TRUE; } + } - CloseDesktop (hSecureDesk); + if (param.hDesk) + { + while (!SwitchDesktop (hOriginalDesk)) + { + Sleep (SECUREDESKTOP_MONOTIR_PERIOD); + } - // get the new list of ctfmon.exe processes in order to find the ID of the - // ctfmon.exe instance that corresponds to the desktop we create so that - // we can kill it, otherwise it would remain running - GetCtfMonProcessIdList (ctfmonAfterList); + SetThreadDesktop (hOriginalDesk); - for (map<DWORD, BOOL>::iterator It = ctfmonAfterList.begin(); - It != ctfmonAfterList.end(); It++) + CloseDesktop (param.hDesk); + } + + // get the new list of ctfmon.exe processes in order to find the ID of the + // ctfmon.exe instance that corresponds to the desktop we create so that + // we can kill it, otherwise it would remain running + GetCtfMonProcessIdList (ctfmonAfterList); + + for (map<DWORD, BOOL>::iterator It = ctfmonAfterList.begin(); + It != ctfmonAfterList.end(); It++) + { + if (ctfmonBeforeList[It->first] != TRUE) { - if (ctfmonBeforeList[It->first] != TRUE) - { - // Kill process - KillProcess (It->first); - } + // Kill process + KillProcess (It->first); } } + CloseDesktop(hOriginalDesk); burn (szDesktopName, sizeof (szDesktopName)); } } @@ -14352,37 +14195,26 @@ void GetInstallationPath (HWND hwndDlg, wchar_t* szInstallPath, DWORD cchSize, B BOOL GetSetupconfigLocation (wchar_t* path, DWORD cchSize) { - wchar_t szShell32Path[MAX_PATH] = {0}; - HMODULE hShell32 = NULL; BOOL bResult = FALSE; path[0] = 0; - if (GetSystemDirectory(szShell32Path, MAX_PATH)) - StringCchCatW (szShell32Path, MAX_PATH, L"\\Shell32.dll"); - else - StringCchCopyW (szShell32Path, MAX_PATH, L"C:\\Windows\\System32\\Shell32.dll"); - - hShell32 = LoadLibrary (szShell32Path); - if (hShell32) + wchar_t* pszUsersPath = NULL; + if (S_OK == SHGetKnownFolderPath (FOLDERID_UserProfiles, 0, NULL, &pszUsersPath)) { - SHGETKNOWNFOLDERPATH SHGetKnownFolderPathFn = (SHGETKNOWNFOLDERPATH) GetProcAddress (hShell32, "SHGetKnownFolderPath"); - if (SHGetKnownFolderPathFn) - { - wchar_t* pszUsersPath = NULL; - if (S_OK == SHGetKnownFolderPathFn (FOLDERID_UserProfiles, 0, NULL, &pszUsersPath)) - { - StringCchPrintfW (path, cchSize, L"%s\\Default\\AppData\\Local\\Microsoft\\Windows\\WSUS\\", pszUsersPath); - CoTaskMemFree (pszUsersPath); - bResult = TRUE; - } - } - FreeLibrary (hShell32); + StringCchPrintfW (path, cchSize, L"%s\\Default\\AppData\\Local\\Microsoft\\Windows\\WSUS\\", pszUsersPath); + CoTaskMemFree (pszUsersPath); + bResult = TRUE; } if (!bResult && CurrentOSMajor >= 10) { - StringCchPrintfW (path, cchSize, L"%c:\\Users\\Default\\AppData\\Local\\Microsoft\\Windows\\WSUS\\", szShell32Path[0]); + wchar_t szSys32Path[MAX_PATH]; + if (!GetSystemDirectory (szSys32Path, ARRAYSIZE (szSys32Path))) + { + StringCchCopy(szSys32Path, ARRAYSIZE (szSys32Path), L"C:\\Windows\\System32"); + } + StringCchPrintfW (path, cchSize, L"%c:\\Users\\Default\\AppData\\Local\\Microsoft\\Windows\\WSUS\\", szSys32Path[0]); bResult = TRUE; } @@ -14408,11 +14240,13 @@ BOOL BufferHasPattern (const unsigned char* buffer, size_t bufferLen, const void return bRet; } -/* Implementation borrowed from KeePassXC source code (https://github.com/keepassxreboot/keepassxc/blob/release/2.4.0/src/core/Bootstrap.cpp#L150) +/* Implementation borrowed from KeePassXC source code (https://github.com/keepassxreboot/keepassxc/blob/2.7.8/src/core/Bootstrap.cpp#L121) * * Reduce current user acess rights for this process to the minimum in order to forbid non-admin users from reading the process memory. + * Restrict access to changing DACL's after the process is started. This prevents the creator of veracrypt process from simply adding + * the permission to read memory back to the DACL list. */ -BOOL EnableProcessProtection() +BOOL ActivateMemoryProtection() { BOOL bSuccess = FALSE; @@ -14420,6 +14254,8 @@ BOOL EnableProcessProtection() HANDLE hToken = NULL; PTOKEN_USER pTokenUser = NULL; DWORD cbBufferSize = 0; + PSID pOwnerRightsSid = NULL; + DWORD pOwnerRightsSidSize = SECURITY_MAX_SID_SIZE; // Access control list PACL pACL = NULL; @@ -14427,7 +14263,10 @@ BOOL EnableProcessProtection() // Acces mask DWORD dwAccessMask = SYNCHRONIZE | PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_TERMINATE; // same as protected process - + + if (MemoryProtectionActivated) + return TRUE; + if (IsAdmin ()) { // if we are running elevated, we allow CreateProcessXXX calls alongside PROCESS_DUP_HANDLE and PROCESS_QUERY_INFORMATION in order to be able @@ -14457,8 +14296,19 @@ BOOL EnableProcessProtection() goto Cleanup; } + // Retrieve CreaterOwnerRights SID + pOwnerRightsSid = (PSID) HeapAlloc(GetProcessHeap(), 0, pOwnerRightsSidSize); + if (pOwnerRightsSid == NULL) { + goto Cleanup; + } + + if (!CreateWellKnownSid(WinCreatorOwnerRightsSid, NULL, pOwnerRightsSid, &pOwnerRightsSidSize)) { + goto Cleanup; + } + // Calculate the amount of memory that must be allocated for the DACL - cbACL = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pTokenUser->User.Sid); + cbACL = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pTokenUser->User.Sid) + + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pOwnerRightsSid); // Create and initialize an ACL pACL = (PACL) HeapAlloc(GetProcessHeap(), 0, cbACL); @@ -14480,6 +14330,17 @@ BOOL EnableProcessProtection() goto Cleanup; } + // Explicitly set "Process Owner" rights to Read Only. The default is Full Control. + if (!AddAccessAllowedAce( + pACL, + ACL_REVISION, + READ_CONTROL, + pOwnerRightsSid + )) { + goto Cleanup; + } + + // Set discretionary access control list bSuccess = (ERROR_SUCCESS == SetSecurityInfo(GetCurrentProcess(), // object handle SE_KERNEL_OBJECT, // type of object @@ -14490,11 +14351,17 @@ BOOL EnableProcessProtection() NULL // do not change SACL ))? TRUE: FALSE; + if (bSuccess) + MemoryProtectionActivated = TRUE; + Cleanup: if (pACL != NULL) { HeapFree(GetProcessHeap(), 0, pACL); } + if (pOwnerRightsSid != NULL) { + HeapFree(GetProcessHeap(), 0, pOwnerRightsSid); + } if (pTokenUser != NULL) { HeapFree(GetProcessHeap(), 0, pTokenUser); } @@ -14505,6 +14372,92 @@ Cleanup: return bSuccess; } +// define missing structures Windows 8 +#if (_WIN32_WINNT < 0x0602) + +typedef struct _PROCESS_MITIGATION_ASLR_POLICY { + union { + DWORD Flags; + struct { + DWORD EnableBottomUpRandomization : 1; + DWORD EnableForceRelocateImages : 1; + DWORD EnableHighEntropy : 1; + DWORD DisallowStrippedImages : 1; + DWORD ReservedFlags : 28; + } DUMMYSTRUCTNAME; + } DUMMYUNIONNAME; +} PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY; + +typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY { + union { + DWORD Flags; + struct { + DWORD DisableExtensionPoints : 1; + DWORD ReservedFlags : 31; + } DUMMYSTRUCTNAME; + } DUMMYUNIONNAME; +} PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY; + +typedef struct _PROCESS_MITIGATION_DYNAMIC_CODE_POLICY { + union { + DWORD Flags; + struct { + DWORD ProhibitDynamicCode : 1; + DWORD AllowThreadOptOut : 1; + DWORD AllowRemoteDowngrade : 1; + DWORD AuditProhibitDynamicCode : 1; + DWORD ReservedFlags : 28; + } DUMMYSTRUCTNAME; + } DUMMYUNIONNAME; +} PROCESS_MITIGATION_DYNAMIC_CODE_POLICY, *PPROCESS_MITIGATION_DYNAMIC_CODE_POLICY; + +typedef enum _PROCESS_MITIGATION_POLICY { + ProcessDEPPolicy, + ProcessASLRPolicy, + ProcessDynamicCodePolicy, + ProcessStrictHandleCheckPolicy, + ProcessSystemCallDisablePolicy, + ProcessMitigationOptionsMask, + ProcessExtensionPointDisablePolicy, + ProcessControlFlowGuardPolicy, + ProcessSignaturePolicy, + ProcessFontDisablePolicy, + ProcessImageLoadPolicy, + ProcessSystemCallFilterPolicy, + ProcessPayloadRestrictionPolicy, + ProcessChildProcessPolicy, + ProcessSideChannelIsolationPolicy, + ProcessUserShadowStackPolicy, + MaxProcessMitigationPolicy +} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY; + +#endif + +void ActivateProcessMitigations() +{ + // we load the function pointer of SetProcessMitigationPolicy dynamically because we are building with Windows 7 SDK that does not have the definition of this function + typedef BOOL (WINAPI *SetProcessMitigationPolicyFunc) (PROCESS_MITIGATION_POLICY MitigationPolicy, PVOID lpBuffer, SIZE_T dwLength); + SetProcessMitigationPolicyFunc SetProcessMitigationPolicyPtr = (SetProcessMitigationPolicyFunc) GetProcAddress (GetModuleHandle (L"kernel32.dll"), "SetProcessMitigationPolicy"); + if (SetProcessMitigationPolicyPtr) + { + PROCESS_MITIGATION_ASLR_POLICY aslrPolicy = { 0 }; + PROCESS_MITIGATION_DYNAMIC_CODE_POLICY dynCodePolicy = { 0 }; + PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY extensionPointDisablePolicy = { 0 }; + + aslrPolicy.EnableBottomUpRandomization = TRUE; + aslrPolicy.EnableForceRelocateImages = TRUE; + aslrPolicy.EnableHighEntropy = TRUE; + + dynCodePolicy.ProhibitDynamicCode = TRUE; + + extensionPointDisablePolicy.DisableExtensionPoints = TRUE; + + SetProcessMitigationPolicyPtr (ProcessASLRPolicy, &aslrPolicy, sizeof (aslrPolicy)); + SetProcessMitigationPolicyPtr (ProcessDynamicCodePolicy, &dynCodePolicy, sizeof (dynCodePolicy)); + SetProcessMitigationPolicyPtr (ProcessExtensionPointDisablePolicy, &extensionPointDisablePolicy, sizeof (extensionPointDisablePolicy)); + } +} + // Based on sample code from: // https://blogs.msdn.microsoft.com/aaron_margosis/2009/06/06/faq-how-do-i-start-a-program-as-the-desktop-user-from-an-elevated-app/ // start a program non-elevated as the desktop user from an elevated app @@ -14525,12 +14478,6 @@ static bool RunAsDesktopUser( SecureZeroMemory(&pi, sizeof(pi)); si.cb = sizeof(si); - // locate CreateProcessWithTokenW in Advapi32.dll - if (!CreateProcessWithTokenWPtr) - { - return false; - } - if (!ImpersonateSelf (SecurityImpersonation)) { return false; @@ -14608,7 +14555,7 @@ static bool RunAsDesktopUser( } // Start the target process with the new token. - ret = CreateProcessWithTokenWPtr( + ret = CreateProcessWithTokenW( hPrimaryToken, 0, szApp, @@ -14682,7 +14629,7 @@ HRESULT GetShellViewForDesktop(REFIID riid, void **ppv) if (S_OK == psw->FindWindowSW(&vEmpty, &vEmpty, SWC_DESKTOP, (long*)&hwnd, SWFO_NEEDDISPATCH, &pdisp)) { IShellBrowser *psb; - hr = IUnknown_QueryServicePtr(pdisp, SID_STopLevelBrowser, IID_PPV_ARGS(&psb)); + hr = IUnknown_QueryService(pdisp, SID_STopLevelBrowser, IID_PPV_ARGS(&psb)); if (SUCCEEDED(hr)) { IShellView *psv; @@ -14734,7 +14681,7 @@ HRESULT GetShellDispatchFromView(IShellView *psv, REFIID riid, void **ppv) HRESULT ShellExecInExplorerProcess(PCWSTR pszFile) { IShellView *psv; - CoInitialize(NULL); + CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); HRESULT hr = GetShellViewForDesktop(IID_PPV_ARGS(&psv)); if (SUCCEEDED(hr)) { @@ -14766,7 +14713,7 @@ HRESULT ShellExecInExplorerProcess(PCWSTR pszFile) void SafeOpenURL (LPCWSTR szUrl) { BOOL bFallback = TRUE; - if (IsOSAtLeast (WIN_VISTA) && IsUacSupported() && IsAdmin () && IsElevated() && GetShellWindow()) + if (IsUacSupported() && IsAdmin () && IsElevated() && GetShellWindow()) { WCHAR szRunDllPath[TC_MAX_PATH]; WCHAR szUrlDllPath[TC_MAX_PATH]; @@ -14906,69 +14853,49 @@ BitLockerEncryptionStatus GetBitLockerEncryptionStatus(WCHAR driveLetter) { HRESULT hr; BitLockerEncryptionStatus blStatus = BL_Status_Unknown; - wchar_t szDllPath[MAX_PATH] = { 0 }; - HMODULE hShell32 = NULL; + wchar_t szDllPath[MAX_PATH] = { 0 }; + HMODULE hPropsys = NULL; - CoInitialize(NULL); + CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); if (GetSystemDirectory(szDllPath, MAX_PATH)) - StringCchCatW(szDllPath, MAX_PATH, L"\\Shell32.dll"); + StringCchCatW(szDllPath, MAX_PATH, L"\\Propsys.dll"); else - StringCchCopyW(szDllPath, MAX_PATH, L"C:\\Windows\\System32\\Shell32.dll"); + StringCchCopyW(szDllPath, MAX_PATH, L"C:\\Windows\\System32\\Propsys.dll"); - hShell32 = LoadLibrary(szDllPath); - if (hShell32) + hPropsys = LoadLibrary(szDllPath); + if (hPropsys) { - SHCreateItemFromParsingNameFn SHCreateItemFromParsingNamePtr = (SHCreateItemFromParsingNameFn)GetProcAddress(hShell32, "SHCreateItemFromParsingName"); - if (SHCreateItemFromParsingNamePtr) + PSGetPropertyKeyFromNameFn PSGetPropertyKeyFromNamePtr = (PSGetPropertyKeyFromNameFn)GetProcAddress(hPropsys, "PSGetPropertyKeyFromName"); + if (PSGetPropertyKeyFromNamePtr) { - HMODULE hPropsys = NULL; - - if (GetSystemDirectory(szDllPath, MAX_PATH)) - StringCchCatW(szDllPath, MAX_PATH, L"\\Propsys.dll"); - else - StringCchCopyW(szDllPath, MAX_PATH, L"C:\\Windows\\System32\\Propsys.dll"); - - hPropsys = LoadLibrary(szDllPath); - if (hPropsys) - { - PSGetPropertyKeyFromNameFn PSGetPropertyKeyFromNamePtr = (PSGetPropertyKeyFromNameFn)GetProcAddress(hPropsys, "PSGetPropertyKeyFromName"); - if (PSGetPropertyKeyFromNamePtr) - { - WCHAR parsingName[3] = {driveLetter, L':', 0}; - IShellItem2* drive = NULL; - hr = SHCreateItemFromParsingNamePtr(parsingName, NULL, IID_PPV_ARGS(&drive)); + WCHAR parsingName[3] = {driveLetter, L':', 0}; + IShellItem2* drive = NULL; + hr = SHCreateItemFromParsingName(parsingName, NULL, IID_PPV_ARGS(&drive)); + if (SUCCEEDED(hr)) { + PROPERTYKEY pKey; + hr = PSGetPropertyKeyFromNamePtr(L"System.Volume.BitLockerProtection", &pKey); + if (SUCCEEDED(hr)) { + PROPVARIANT prop; + PropVariantInit(&prop); + hr = drive->GetProperty(pKey, &prop); if (SUCCEEDED(hr)) { - PROPERTYKEY pKey; - hr = PSGetPropertyKeyFromNamePtr(L"System.Volume.BitLockerProtection", &pKey); - if (SUCCEEDED(hr)) { - PROPVARIANT prop; - PropVariantInit(&prop); - hr = drive->GetProperty(pKey, &prop); - if (SUCCEEDED(hr)) { - int status = prop.intVal; - if (status == BL_State_FullyEncrypted || status == BL_State_DecryptionInProgress || status == BL_State_DecryptionSuspended) - blStatus = BL_Status_Protected; - else - blStatus = BL_Status_Unprotected; - } - } + int status = prop.intVal; + if (status == BL_State_FullyEncrypted || status == BL_State_DecryptionInProgress || status == BL_State_DecryptionSuspended) + blStatus = BL_Status_Protected; + else + blStatus = BL_Status_Unprotected; } - if (drive) - drive->Release(); } - - FreeLibrary(hPropsys); } - } - else - { - blStatus = BL_Status_Unprotected; // before Vista, there was no Bitlocker + if (drive) + drive->Release(); } - FreeLibrary(hShell32); + FreeLibrary(hPropsys); } + CoUninitialize(); return blStatus; } @@ -15377,6 +15304,33 @@ void PasswordEditDropTarget::GotDrop(CLIPFORMAT format) } +// check if the PC is connected to the internet using INetworkListManager interface +BOOL IsInternetConnected() +{ + HRESULT hr; + BOOL isConnected = FALSE; + INetworkListManager* pNetworkListManager = nullptr; + + hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); + if (SUCCEEDED(hr)) + { + hr = CoCreateInstance(CLSID_NetworkListManager, NULL, CLSCTX_ALL, IID_PPV_ARGS(&pNetworkListManager)); + if (SUCCEEDED(hr)) + { + VARIANT_BOOL isConnectedVariant; + hr = pNetworkListManager->get_IsConnectedToInternet(&isConnectedVariant); + if (SUCCEEDED(hr)) + { + isConnected = isConnectedVariant == VARIANT_TRUE; + } + pNetworkListManager->Release(); + } + CoUninitialize(); + } + + return isConnected; +} + /* * Query the status of Hibernate and Fast Startup */ @@ -15485,7 +15439,7 @@ bool GetKbList (std::vector<std::wstring>& kbList) kbList.clear(); // Initialize COM. - hres = CoInitialize(NULL); + hres = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); if (FAILED(hres)) { return false; @@ -15668,4 +15622,86 @@ bool OneOfKBsInstalled (const wchar_t* szKBs[], int count) return bRet; } -#endif // VC_COMREG
\ No newline at end of file + +DWORD SendServiceNotification (DWORD dwNotificationCmd) +{ + DWORD dwRet = ERROR_INVALID_PARAMETER; + // We only support clearing keys on new device insertion + if (VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION == dwNotificationCmd) + { + DWORD dwServiceControlCode = VC_SERVICE_CONTROL_BUILD_DEVICE_LIST; + // send this control code to VeraCrypt SystemFavorites service + SC_HANDLE hSCManager = OpenSCManager (NULL, NULL, SC_MANAGER_CONNECT); + if (hSCManager != NULL) + { + SC_HANDLE hService = OpenService (hSCManager, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS); + if (hService != NULL) + { + SERVICE_STATUS ss; + if (ControlService (hService, dwServiceControlCode, &ss)) + dwRet = ERROR_SUCCESS; + else + dwRet = GetLastError (); + CloseServiceHandle (hService); + } + else + dwRet = GetLastError (); + CloseServiceHandle (hSCManager); + } + else + dwRet = GetLastError (); + } + + return dwRet; +} + +DWORD FastResizeFile (const wchar_t* filePath, __int64 fileSize) +{ + DWORD dwRet = ERROR_INVALID_PARAMETER; + if (filePath && fileSize > 0) + { + // we set required privileges to speedup file creation before we create the file so that the file handle inherits the privileges + BOOL bPrivilegesSet = IsPrivilegeEnabled (SE_MANAGE_VOLUME_NAME); + if (!bPrivilegesSet && !SetPrivilege(SE_MANAGE_VOLUME_NAME, TRUE)) + { + dwRet = GetLastError (); + } + else + { + HANDLE dev = CreateFile (filePath, GENERIC_WRITE | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); + if (dev != INVALID_HANDLE_VALUE) + { + LARGE_INTEGER liSize; + liSize.QuadPart = fileSize; + // Preallocate the file with desired size + if (!SetFilePointerEx (dev, liSize, NULL, FILE_BEGIN) + || !SetEndOfFile (dev)) + { + dwRet = GetLastError (); + } + else + { + if (!SetFileValidData (dev, fileSize)) + { + dwRet = GetLastError (); + } + else + { + dwRet = ERROR_SUCCESS; + } + } + + FlushFileBuffers (dev); + CloseHandle (dev); + } + else + dwRet = GetLastError (); + + if (!bPrivilegesSet) + SetPrivilege(SE_MANAGE_VOLUME_NAME, FALSE); + } + } + + return dwRet; +} +#endif // VC_COMREG |