VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Mount/Mount.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/Mount/Mount.c')
-rw-r--r--src/Mount/Mount.c235
1 files changed, 160 insertions, 75 deletions
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 62ac5e0f..f725d32b 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -121,6 +121,10 @@ BOOL ComServerMode = FALSE;
BOOL ServiceMode = FALSE;
BOOL UsePreferences = TRUE;
+BOOL bSystemIsGPT = FALSE;
+wchar_t szDefaultRescueDiskName[TC_MAX_PATH+1];
+wchar_t szRescueDiskExtension[4];
+
int HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE;
int MaxVolumeIdleTime = -120;
int nCurrentShowType = 0; /* current display mode, mount, unmount etc */
@@ -129,7 +133,6 @@ int nSelectedDriveIndex = -1; /* Item number of selected drive */
int cmdUnmountDrive = -2; /* Volume drive letter to unmount (-1 = all) */
Password VolumePassword; /* Password used for mounting volumes */
Password CmdVolumePassword; /* Password passed from command line */
-char CmdTokenPin [SecurityToken::MaxPasswordLength + 1] = {0};
int VolumePkcs5 = 0;
int CmdVolumePkcs5 = 0;
int VolumePim = -1;
@@ -238,7 +241,6 @@ static void localcleanup (void)
burn (&mountOptions, sizeof (mountOptions));
burn (&defaultMountOptions, sizeof (defaultMountOptions));
burn (szFileName, sizeof(szFileName));
- burn (&CmdTokenPin, sizeof (CmdTokenPin));
/* Cleanup common code resources */
cleanup ();
@@ -348,6 +350,14 @@ static void InitMainDialog (HWND hwndDlg)
SetMenuItemInfoW (GetMenu (hwndDlg), i, TRUE, &info);
}
+ {
+ // disable hidden OS creation for GPT system encryption
+ if (bSystemIsGPT)
+ {
+ EnableMenuItem (GetMenu (hwndDlg), IDM_CREATE_HIDDEN_OS, MF_GRAYED);
+ }
+ }
+
// Disable menu item for changing system header key derivation algorithm until it's implemented
EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO, MF_GRAYED);
@@ -1083,9 +1093,11 @@ unsigned __int64 GetSysEncDeviceEncryptedPartSize (BOOL bSilent)
static void PopulateSysEncContextMenu (HMENU popup, BOOL bToolsOnly)
{
+ SystemDriveConfiguration config;
try
{
BootEncStatus = BootEncObj->GetStatus();
+ config = BootEncObj->GetSystemDriveConfiguration();
}
catch (Exception &e)
{
@@ -1316,7 +1328,7 @@ BOOL SelectItem (HWND hTree, wchar_t nLetter)
}
-static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg)
+static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg, BOOL bElevation)
{
wchar_t t[TC_MAX_PATH + 1024] = {L'"',0};
wchar_t *tmp;
@@ -1350,21 +1362,30 @@ static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg)
if (!FileExists(t))
Error ("VOL_CREATION_WIZARD_NOT_FOUND", hwndDlg); // Display a user-friendly error message and advise what to do
-
- if (wcslen (arg) > 0)
- {
- StringCbCatW (t, sizeof(t), L" ");
- StringCbCatW (t, sizeof(t), arg);
- }
-
- if (!CreateProcess (NULL, (LPWSTR) t, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, NULL, &si, &pi))
- {
- handleWin32Error (hwndDlg, SRC_POS);
- }
else
{
- CloseHandle (pi.hProcess);
- CloseHandle (pi.hThread);
+
+ if (bElevation && !IsAdmin() && IsUacSupported())
+ {
+ LaunchElevatedProcess (hwndDlg, t, arg);
+ }
+ else
+ {
+ if (wcslen (arg) > 0)
+ {
+ StringCbCatW (t, sizeof(t), L" ");
+ StringCbCatW (t, sizeof(t), arg);
+ }
+ if (!CreateProcess (NULL, (LPWSTR) t, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, NULL, &si, &pi))
+ {
+ handleWin32Error (hwndDlg, SRC_POS);
+ }
+ else
+ {
+ CloseHandle (pi.hProcess);
+ CloseHandle (pi.hThread);
+ }
+ }
}
}
}
@@ -2428,10 +2449,10 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
case IDC_PKCS5_PRF_ID:
if (bSysEncPwdChangeDlgMode)
{
- int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
+ int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
- if (new_hash_algo_id != 0 && !HashForSystemEncryption(new_hash_algo_id))
+ if (new_hash_algo_id != 0 && !bSystemIsGPT && !HashForSystemEncryption(new_hash_algo_id))
{
int new_hash_algo_id = DEFAULT_HASH_ALGORITHM_BOOT;
Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg);
@@ -2765,7 +2786,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
{
- if (HashForSystemEncryption(i))
+ if (bSystemIsGPT || HashForSystemEncryption(i))
{
nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
@@ -5471,16 +5492,18 @@ static void ChangeSysEncPassword (HWND hwndDlg, BOOL bOnlyChangeKDF)
// Initiates or resumes encryption of the system partition/drive
static void EncryptSystemDevice (HWND hwndDlg)
{
+ SystemDriveConfiguration config;
try
{
BootEncStatus = BootEncObj->GetStatus();
+ config = BootEncObj->GetSystemDriveConfiguration ();
}
catch (Exception &e)
{
e.Show (MainDlg);
}
- if (!BootEncStatus.DriveEncrypted
+ if (!BootEncStatus.DriveEncrypted
&& !BootEncStatus.DriveMounted
&& !SysEncryptionOrDecryptionRequired ())
{
@@ -5488,7 +5511,7 @@ static void EncryptSystemDevice (HWND hwndDlg)
if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption
{
- LaunchVolCreationWizard (hwndDlg, L"/sysenc");
+ LaunchVolCreationWizard (hwndDlg, L"/sysenc", FALSE);
}
else
Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg);
@@ -5502,7 +5525,7 @@ static void EncryptSystemDevice (HWND hwndDlg)
if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption
{
- LaunchVolCreationWizard (hwndDlg, L"/sysenc");
+ LaunchVolCreationWizard (hwndDlg, L"/sysenc",FALSE);
}
else
Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg);
@@ -5518,9 +5541,11 @@ static void EncryptSystemDevice (HWND hwndDlg)
// Initiates decryption of the system partition/drive
static void DecryptSystemDevice (HWND hwndDlg)
{
+ SystemDriveConfiguration config;
try
{
BootEncStatus = BootEncObj->GetStatus();
+ config = BootEncObj->GetSystemDriveConfiguration ();
}
catch (Exception &e)
{
@@ -5581,8 +5606,8 @@ static void DecryptSystemDevice (HWND hwndDlg)
return;
}
- CloseSysEncMutex ();
- LaunchVolCreationWizard (hwndDlg, L"/dsysenc");
+ CloseSysEncMutex ();
+ LaunchVolCreationWizard (hwndDlg, L"/dsysenc", FALSE);
}
else
Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg);
@@ -5597,7 +5622,7 @@ static void CreateHiddenOS (HWND hwndDlg)
// such information, but will exit (displaying only an error meessage).
Info("HIDDEN_OS_PREINFO", hwndDlg);
- LaunchVolCreationWizard (hwndDlg, L"/isysenc");
+ LaunchVolCreationWizard (hwndDlg, L"/isysenc", FALSE);
}
static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection, BOOL bUseDriveListSel)
@@ -5708,7 +5733,7 @@ static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection,
if (AskWarnNoYes ("CONFIRM_DECRYPT_NON_SYS_DEVICE_CAUTION", hwndDlg) == IDNO)
return;
- LaunchVolCreationWizard (hwndDlg, (wstring (L"/inplacedec \"") + scPath + L"\"").c_str ());
+ LaunchVolCreationWizard (hwndDlg, (wstring (L"/inplacedec \"") + scPath + L"\"").c_str (), FALSE);
}
// Blindly attempts (without any checks) to instruct the wizard to resume whatever system encryption process
@@ -5717,7 +5742,17 @@ static void ResumeInterruptedSysEncProcess (HWND hwndDlg)
{
if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption
{
- LaunchVolCreationWizard (MainDlg, L"/csysenc");
+ SystemDriveConfiguration config;
+ try
+ {
+ config = BootEncObj->GetSystemDriveConfiguration ();
+ }
+ catch (Exception &e)
+ {
+ e.Show (MainDlg);
+ }
+
+ LaunchVolCreationWizard (MainDlg, L"/csysenc", FALSE);
}
else
Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg);
@@ -5772,7 +5807,7 @@ void CreateRescueDisk (HWND hwndDlg)
wchar_t initialDir[MAX_PATH];
SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir);
- if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso"))
+ if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, szDefaultRescueDiskName, szRescueDiskExtension))
{
CloseSysEncMutex ();
return;
@@ -5781,17 +5816,25 @@ void CreateRescueDisk (HWND hwndDlg)
WaitCursor();
BootEncObj->CreateRescueIsoImage (false, szRescueDiskISO);
- StringCbPrintfW (szTmp, sizeof szTmp,
- GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"),
- szRescueDiskISO);
-
- if (IsWindowsIsoBurnerAvailable())
+ if (bSystemIsGPT)
{
- if (AskYesNoString (szTmp, hwndDlg) == IDYES)
- LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO);
+ StringCbPrintfW (szTmp, sizeof szTmp, GetString ("RESCUE_DISK_EFI_NON_WIZARD_CREATION"), szRescueDiskISO);
+ InfoDirect (szTmp, hwndDlg);
}
else
- InfoDirect (szTmp, hwndDlg);
+ {
+ StringCbPrintfW (szTmp, sizeof szTmp,
+ GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"),
+ szRescueDiskISO);
+
+ if (IsWindowsIsoBurnerAvailable())
+ {
+ if (AskYesNoString (szTmp, hwndDlg) == IDYES)
+ LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO);
+ }
+ else
+ InfoDirect (szTmp, hwndDlg);
+ }
}
catch (Exception &e)
{
@@ -5806,7 +5849,7 @@ void CreateRescueDisk (HWND hwndDlg)
Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg);
}
-static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
+static void VerifyRescueDisk (HWND hwndDlg, bool checkImageFile)
{
try
{
@@ -5837,7 +5880,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
{
try
{
- if (!checkIsoFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK))
+ if (!checkImageFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK))
{
CloseSysEncMutex ();
return;
@@ -5847,20 +5890,20 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
BootEncObj->CreateRescueIsoImage (false, L"");
- if (checkIsoFile)
+ if (checkImageFile)
{
- wchar_t szRescueDiskISO [TC_MAX_PATH+1];
+ wchar_t szRescueDiskImage [TC_MAX_PATH+1];
wchar_t initialDir[MAX_PATH];
SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir);
- if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, FALSE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso"))
+ if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskImage, FALSE, FALSE, NULL,szDefaultRescueDiskName, szRescueDiskExtension))
{
CloseSysEncMutex ();
return;
}
WaitCursor();
- if (!BootEncObj->VerifyRescueDiskIsoImage (szRescueDiskISO))
+ if (!BootEncObj->VerifyRescueDiskImage (szRescueDiskImage))
Error ("RESCUE_DISK_ISO_IMAGE_CHECK_FAILED", hwndDlg);
else
Info ("RESCUE_DISK_ISO_IMAGE_CHECK_PASSED", hwndDlg);
@@ -5869,7 +5912,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
{
WaitCursor();
if (!BootEncObj->VerifyRescueDisk ())
- Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
+ Error (bSystemIsGPT? "RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED" : "RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
else
Info ("RESCUE_DISK_NON_WIZARD_CHECK_PASSED", hwndDlg);
}
@@ -5877,7 +5920,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
catch (Exception &e)
{
e.Show (MainDlg);
- Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
+ Error (bSystemIsGPT? "RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED" : "RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
}
CloseSysEncMutex ();
@@ -5938,7 +5981,7 @@ static void ResumeInterruptedNonSysInplaceEncProcess (BOOL bDecrypt)
// IMPORTANT: This function must not check any config files! Otherwise, if a config file was lost or corrupt,
// the user would not be able resume encryption and the data on the volume would be inaccessible.
- LaunchVolCreationWizard (MainDlg, bDecrypt? L"/resumeinplacedec" : L"/zinplace");
+ LaunchVolCreationWizard (MainDlg, bDecrypt? L"/resumeinplacedec" : L"/zinplace", FALSE);
}
BOOL SelectContainer (HWND hwndDlg)
@@ -5991,8 +6034,9 @@ static void WipeCache (HWND hwndDlg, BOOL silent)
static void Benchmark (HWND hwndDlg)
{
+
DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg,
- (DLGPROC) BenchmarkDlgProc, (LPARAM) NULL);
+ (DLGPROC) BenchmarkDlgProc, (LPARAM) bSystemIsGPT);
}
@@ -6389,12 +6433,21 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
BootEncObj->SetParentWindow (hwndDlg);
BootEncStatus = BootEncObj->GetStatus();
RecentBootEncStatus = BootEncStatus;
+ bSystemIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...)
{
// NOP
}
+ if (bSystemIsGPT)
+ StringCbCopyW (szRescueDiskExtension, sizeof (szRescueDiskExtension), L"zip");
+ else
+ StringCbCopyW (szRescueDiskExtension, sizeof (szRescueDiskExtension), L"iso");
+
+ StringCbCopyW (szDefaultRescueDiskName, sizeof (szDefaultRescueDiskName), L"VeraCrypt Rescue Disk.");
+ StringCbCatW (szDefaultRescueDiskName, sizeof (szDefaultRescueDiskName), szRescueDiskExtension);
+
if (UsePreferences)
{
// General preferences
@@ -6513,7 +6566,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
BOOL reportBadPasswd = CmdVolumePassword.Length > 0;
if (FirstCmdKeyFile)
- KeyFilesApplyWithPin (hwndDlg, &CmdVolumePassword, CmdTokenPin, FirstCmdKeyFile, szFileName);
+ KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile, szFileName);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A',
szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount,
@@ -6558,7 +6611,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
WaitCursor ();
if (KeyFilesEnable && FirstKeyFile)
- KeyFilesApplyWithPin (hwndDlg, &VolumePassword, CmdTokenPin, FirstKeyFile, szFileName);
+ KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE);
@@ -6743,9 +6796,17 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
// The wizard was not launched during the system startup seq, or the user may have forgotten
// to resume the encryption/decryption process.
+ SystemDriveConfiguration config;
+ try
+ {
+ config = BootEncObj->GetSystemDriveConfiguration ();
+ }
+ catch (Exception &e)
+ {
+ e.Show (MainDlg);
+ }
-
- LaunchVolCreationWizard (hwndDlg, L"/csysenc");
+ LaunchVolCreationWizard (hwndDlg, L"/csysenc", FALSE);
}
}
}
@@ -7725,7 +7786,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (lw == IDC_CREATE_VOLUME || lw == IDM_CREATE_VOLUME || lw == IDM_VOLUME_WIZARD)
{
- LaunchVolCreationWizard (hwndDlg, L"");
+ LaunchVolCreationWizard (hwndDlg, L"", FALSE);
return 1;
}
@@ -8015,7 +8076,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (lw == IDM_SYSENC_SETTINGS || lw == IDM_SYS_ENC_SETTINGS)
{
- DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0);
+ DialogBoxParamW (hInst, MAKEINTRESOURCEW (bSystemIsGPT? IDD_EFI_SYSENC_SETTINGS : IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0);
return 1;
}
@@ -8695,7 +8756,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
wchar_t szTmp[SecurityToken::MaxPasswordLength + 1] = {0};
if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) == HAS_ARGUMENT)
{
- if (0 == WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, CmdTokenPin, array_capacity (CmdTokenPin), nullptr, nullptr))
+ if (0 == WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, CmdTokenPin, TC_MAX_PATH, nullptr, nullptr))
AbortProcess ("COMMAND_LINE_ERROR");
}
else
@@ -8924,7 +8985,6 @@ int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpsz
VirtualLock (&mountOptions, sizeof (mountOptions));
VirtualLock (&defaultMountOptions, sizeof (defaultMountOptions));
VirtualLock (&szFileName, sizeof(szFileName));
- VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin));
DetectX86Features ();
@@ -9649,8 +9709,8 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *
OpenVolumeContext hiddenVolume;
Password hiddenVolPassword;
int hiddenVolPkcs5 = 0, hiddenVolPim = 0;
- byte temporaryKey[MASTER_KEYDATA_SIZE];
- byte originalK2[MASTER_KEYDATA_SIZE];
+ CRYPTOPP_ALIGN_DATA(16) byte temporaryKey[MASTER_KEYDATA_SIZE];
+ CRYPTOPP_ALIGN_DATA(16) byte originalK2[MASTER_KEYDATA_SIZE];
int EffectiveVolumePkcs5 = CmdVolumePkcs5;
int EffectiveVolumePim = CmdVolumePim;
@@ -10433,16 +10493,17 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
}
catch (...)
{
- BootEncStatus.DriveMounted = false;
+ BootEncStatus.DriveMounted = false;
}
- if (BootEncStatus.DriveMounted)
+ if (BootEncStatus.DriveMounted && !bSystemIsGPT)
{
byte userConfig;
string customUserMessage;
uint16 bootLoaderVersion;
- BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion);
+ if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion))
+ return 1;
if (bootLoaderVersion != VERSION_NUM)
Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg);
@@ -10452,7 +10513,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
else
userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION;
- BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim);
+ BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5);
}
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION, disableHW);
@@ -10766,7 +10827,8 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
{
case WM_INITDIALOG:
{
- if (!BootEncObj->GetStatus().DriveMounted)
+ BootEncryptionStatus BootEncStatus = BootEncObj->GetStatus();
+ if (!BootEncStatus.DriveMounted)
{
Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg);
EndDialog (hwndDlg, IDCANCEL);
@@ -10780,27 +10842,38 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
uint32 driverConfig = ReadDriverConfigurationFlags();
byte userConfig;
string customUserMessage;
- uint16 bootLoaderVersion;
+ uint16 bootLoaderVersion = 0;
BOOL bPasswordCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)? TRUE : FALSE;
BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE;
- BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion);
+ if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion))
+ {
+ // operations canceled
+ EndDialog (hwndDlg, IDCANCEL);
+ return 1;
+ }
if (bootLoaderVersion != VERSION_NUM)
Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg);
- SendMessage (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE), EM_LIMITTEXT, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, 0);
- SetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage.c_str());
+ if (bSystemIsGPT)
+ {
+ CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT, (userConfig & TC_BOOT_USER_CFG_FLAG_STORE_HASH) ? BST_CHECKED : BST_UNCHECKED);
+ }
+ else
+ {
+ SendMessage (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE), EM_LIMITTEXT, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, 0);
+ SetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage.c_str());
+ CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED);
+ CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED);
+ SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP"));
+ }
CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) ? BST_CHECKED : BST_UNCHECKED);
- CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED);
- CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED);
CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, bPasswordCacheEnabled ? BST_CHECKED : BST_UNCHECKED);
- CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED);
EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), bPasswordCacheEnabled);
CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? BST_CHECKED : BST_UNCHECKED);
-
- SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP"));
}
catch (Exception &e)
{
@@ -10840,13 +10913,15 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
return 1;
}
- char customUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1];
- GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage));
+ char customUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1] = {0};
+ if (!bSystemIsGPT)
+ GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage));
byte userConfig;
try
{
- BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig);
+ if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig))
+ return 1;
}
catch (Exception &e)
{
@@ -10859,7 +10934,16 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
else
userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_PIM;
- if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT))
+ if (bSystemIsGPT)
+ {
+ if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT))
+ userConfig |= TC_BOOT_USER_CFG_FLAG_STORE_HASH;
+ else
+ userConfig &= ~TC_BOOT_USER_CFG_FLAG_STORE_HASH;
+ }
+ else
+ {
+ if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT))
userConfig |= TC_BOOT_USER_CFG_FLAG_SILENT_MODE;
else
userConfig &= ~TC_BOOT_USER_CFG_FLAG_SILENT_MODE;
@@ -10868,12 +10952,13 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;
else
userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;
+ }
try
{
BOOL bPasswordCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD);
BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM);
- BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim);
+ BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION));