From 2ddc37416416894bf085edc6ca4a0b3862fae2c2 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 17 Oct 2016 16:26:34 +0200 Subject: Windows: Remove VeraCrypt from EFI boot partition after decrypting the system --- src/Common/BootEncryption.cpp | 21 ++++++++++++++------- src/Common/BootEncryption.h | 15 ++++++++------- src/Common/Dlgcode.c | 23 ++++++++++++++++++++++- src/Common/Dlgcode.h | 1 + src/Setup/Setup.c | 18 +----------------- 5 files changed, 46 insertions(+), 32 deletions(-) diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index 8aa40605..b1d55e01 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -2351,7 +2351,7 @@ namespace VeraCrypt } - void EfiBoot::SaveFile(wchar_t* name, byte* data, DWORD size) { + void EfiBoot::SaveFile(const wchar_t* name, byte* data, DWORD size) { wstring path = EfiBootPartPath; path += name; File f(path, false, true); @@ -2389,7 +2389,7 @@ namespace VeraCrypt throw_sys_if (!::CopyFileW (path.c_str(), targetPath.c_str(), FALSE)); } - BOOL EfiBoot::RenameFile(wchar_t* name, wchar_t* nameNew, BOOL bForce) { + BOOL EfiBoot::RenameFile(const wchar_t* name, wchar_t* nameNew, BOOL bForce) { wstring path = EfiBootPartPath; path += name; wstring pathNew = EfiBootPartPath; @@ -2397,13 +2397,13 @@ namespace VeraCrypt return MoveFileExW(path.c_str(), pathNew.c_str(), bForce? MOVEFILE_REPLACE_EXISTING : 0); } - BOOL EfiBoot::DelFile(wchar_t* name) { + BOOL EfiBoot::DelFile(const wchar_t* name) { wstring path = EfiBootPartPath; path += name; return DeleteFile(path.c_str()); } - BOOL EfiBoot::MkDir(wchar_t* name, bool& bAlreadyExists) { + BOOL EfiBoot::MkDir(const wchar_t* name, bool& bAlreadyExists) { wstring path = EfiBootPartPath; path += name; bAlreadyExists = false; @@ -2416,7 +2416,13 @@ namespace VeraCrypt return bRet; } - BOOL EfiBoot::ReadConfig (wchar_t* name, EfiBootConf& conf) + BOOL EfiBoot::DelDir(const wchar_t* name) { + wstring path = EfiBootPartPath; + path += name; + return DeleteDirectory (path.c_str()); + } + + BOOL EfiBoot::ReadConfig (const wchar_t* name, EfiBootConf& conf) { wstring path = EfiBootPartPath; path += name; @@ -2424,7 +2430,7 @@ namespace VeraCrypt return conf.Load (path.c_str()); } - BOOL EfiBoot::UpdateConfig (wchar_t* name, int pim, int hashAlgo, HWND hwndDlg) + BOOL EfiBoot::UpdateConfig (const wchar_t* name, int pim, int hashAlgo, HWND hwndDlg) { BOOL bRet = FALSE; EfiBootConf conf; @@ -2461,7 +2467,7 @@ namespace VeraCrypt return bRet; } - BOOL EfiBoot::WriteConfig (wchar_t* name, bool preserveUserConfig, int pim, int hashAlgo, const char* passPromptMsg, HWND hwndDlg) + BOOL EfiBoot::WriteConfig (const wchar_t* name, bool preserveUserConfig, int pim, int hashAlgo, const char* passPromptMsg, HWND hwndDlg) { EfiBootConf conf; wstring path = EfiBootPartPath; @@ -3483,6 +3489,7 @@ namespace VeraCrypt EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsBml.dcs"); EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsBoot"); EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsProp"); + EfiBootInst.DelDir (L"\\EFI\\VeraCrypt"); } else { diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h index 4bf31fec..f7f2ec1a 100644 --- a/src/Common/BootEncryption.h +++ b/src/Common/BootEncryption.h @@ -196,17 +196,18 @@ namespace VeraCrypt void DeleteStartExec(uint16 statrtOrderNum = 0xDC5B, wchar_t* type = NULL); void SetStartExec(wstring description, wstring execPath, uint16 statrtOrderNum = 0xDC5B, wchar_t* type = NULL, uint32 attr = 1); - void SaveFile(wchar_t* name, byte* data, DWORD size); + void SaveFile(const wchar_t* name, byte* data, DWORD size); void GetFileSize(const wchar_t* name, unsigned __int64& size); void ReadFile(const wchar_t* name, byte* data, DWORD size); void CopyFile(const wchar_t* name, const wchar_t* targetName); - BOOL RenameFile(wchar_t* name, wchar_t* nameNew, BOOL bForce); - BOOL DelFile(wchar_t* name); - BOOL MkDir(wchar_t* name, bool& bAlreadyExists); - BOOL ReadConfig (wchar_t* name, EfiBootConf& conf); - BOOL UpdateConfig (wchar_t* name, int pim, int hashAlgo, HWND hwndDlg); - BOOL WriteConfig (wchar_t* name, bool preserveUserConfig, int pim, int hashAlgo, const char* passPromptMsg, HWND hwndDlg); + BOOL RenameFile(const wchar_t* name, wchar_t* nameNew, BOOL bForce); + BOOL DelFile(const wchar_t* name); + BOOL MkDir(const wchar_t* name, bool& bAlreadyExists); + BOOL ReadConfig (const wchar_t* name, EfiBootConf& conf); + BOOL UpdateConfig (const wchar_t* name, int pim, int hashAlgo, HWND hwndDlg); + BOOL WriteConfig (const wchar_t* name, bool preserveUserConfig, int pim, int hashAlgo, const char* passPromptMsg, HWND hwndDlg); + BOOL DelDir(const wchar_t* name); PSTORAGE_DEVICE_NUMBER GetStorageDeviceNumber () { return &sdn;} diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index ae6fcd2d..04fec471 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -12203,4 +12203,25 @@ BOOL RaisePrivileges(void) SetLastError (dwLastError); return bRet; -} \ No newline at end of file +} + +BOOL DeleteDirectory (const wchar_t* szDirName) +{ + BOOL bStatus = RemoveDirectory (szDirName); + if (!bStatus) + { + /* force removal of the non empty directory */ + wchar_t szOpPath[TC_MAX_PATH + 1] = {0}; + SHFILEOPSTRUCTW op; + + StringCchCopyW(szOpPath, ARRAYSIZE(szOpPath)-1, szDirName); + ZeroMemory(&op, sizeof(op)); + op.wFunc = FO_DELETE; + op.pFrom = szOpPath; + op.fFlags = FOF_SILENT | FOF_NOCONFIRMATION | FOF_NOERRORUI | FOF_NOCONFIRMMKDIR; + + if ((0 == SHFileOperation(&op)) && (!op.fAnyOperationsAborted)) + bStatus = TRUE; + } + return bStatus; +} diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index a950ae22..86afbe0f 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -513,6 +513,7 @@ BOOL CopyTextToClipboard (const wchar_t* txtValue); BOOL LaunchElevatedProcess (HWND hwndDlg, const wchar_t* szModPath, const wchar_t* args); BOOL GetFreeDriveLetter(WCHAR* pCh); BOOL RaisePrivileges(void); +BOOL DeleteDirectory (const wchar_t* szDirName); #ifdef __cplusplus } diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c index 331b8ea4..6f35e282 100644 --- a/src/Setup/Setup.c +++ b/src/Setup/Setup.c @@ -128,23 +128,7 @@ BOOL StatRemoveDirectory (wchar_t *lpszDir) if (_wstat64 (lpszDir, &st) == 0) { - BOOL bStatus = RemoveDirectory (lpszDir); - if (!bStatus) - { - /* force removal of the non empty directory */ - wchar_t szOpPath[TC_MAX_PATH + 1] = {0}; - SHFILEOPSTRUCTW op; - - StringCchCopyW(szOpPath, ARRAYSIZE(szOpPath)-1, lpszDir); - ZeroMemory(&op, sizeof(op)); - op.wFunc = FO_DELETE; - op.pFrom = szOpPath; - op.fFlags = FOF_SILENT | FOF_NOCONFIRMATION | FOF_NOERRORUI | FOF_NOCONFIRMMKDIR; - - if ((0 == SHFileOperation(&op)) && (!op.fAnyOperationsAborted)) - bStatus = TRUE; - } - return bStatus; + return DeleteDirectory (lpszDir); } else return TRUE; -- cgit v1.2.3