From c4d4ade9d00e65112b93640bd3a0eeb50279a202 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sat, 13 Aug 2016 02:40:45 +0200 Subject: Windows: Show only supported encryption algorithm in the system encryption wizard for MBR --- src/Common/Crypto.c | 32 +++++++++++++++++++------------- src/Common/Crypto.h | 6 ++++++ src/Format/Tcformat.c | 6 ++++-- 3 files changed, 29 insertions(+), 15 deletions(-) diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index e9a3da68..f3045d0c 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -73,21 +73,21 @@ static EncryptionAlgorithm EncryptionAlgorithms[] = #ifndef TC_WINDOWS_BOOT - { { 0, 0 }, { 0, 0}, 0 }, // Must be all-zero - { { AES, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, 0 }, { XTS, 0 }, 1 }, - { { TWOFISH, 0 }, { XTS, 0 }, 1 }, - { { CAMELLIA, 0 }, { XTS, 0 }, 1 }, + { { 0, 0 }, { 0, 0}, 0, 0 }, // Must be all-zero + { { AES, 0 }, { XTS, 0 }, 1, 1 }, + { { SERPENT, 0 }, { XTS, 0 }, 1, 1 }, + { { TWOFISH, 0 }, { XTS, 0 }, 1, 1 }, + { { CAMELLIA, 0 }, { XTS, 0 }, 1, 1 }, #if defined(CIPHER_GOST89) - { { GOST89, 0 }, { XTS, 0 }, 1 }, + { { GOST89, 0 }, { XTS, 0 }, 0, 1 }, #endif // defined(CIPHER_GOST89) - { { KUZNYECHIK, 0 }, { XTS, 0 }, 1 }, - { { TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, - { { AES, SERPENT, 0 }, { XTS, 0 }, 1 }, - { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 }, - { { 0, 0 }, { 0, 0}, 0 } // Must be all-zero + { { KUZNYECHIK, 0 }, { XTS, 0 }, 0, 1 }, + { { TWOFISH, AES, 0 }, { XTS, 0 }, 1, 1 }, + { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1, 1 }, + { { AES, SERPENT, 0 }, { XTS, 0 }, 1, 1 }, + { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1, 1 }, + { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1, 1 }, + { { 0, 0 }, { 0, 0}, 0, 0 } // Must be all-zero #else // TC_WINDOWS_BOOT @@ -684,6 +684,12 @@ int EAIsFormatEnabled (int ea) return EncryptionAlgorithms[ea].FormatEnabled; } +#ifndef TC_WINDOWS_BOOT +int EAIsMbrSysEncEnabled (int ea) +{ + return EncryptionAlgorithms[ea].MbrSysEncEnabled; +} +#endif // Returns TRUE if the mode of operation is supported for the encryption algorithm BOOL EAIsModeSupported (int ea, int testedMode) diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index c4bc4fa9..7d99f233 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -133,6 +133,9 @@ typedef struct { int Ciphers[4]; // Null terminated array of ciphers used by encryption algorithm int Modes[LAST_MODE_OF_OPERATION + 1]; // Null terminated array of modes of operation +#ifndef TC_WINDOWS_BOOT + BOOL MbrSysEncEnabled; +#endif int FormatEnabled; } EncryptionAlgorithm; @@ -348,6 +351,9 @@ int EAGetLastCipher (int ea); int EAGetNextCipher (int ea, int previousCipherId); int EAGetPreviousCipher (int ea, int previousCipherId); int EAIsFormatEnabled (int ea); +#ifndef TC_WINDOWS_BOOT +int EAIsMbrSysEncEnabled (int ea); +#endif BOOL EAIsModeSupported (int ea, int testedMode); diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index 186c1199..248898c3 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -4060,6 +4060,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa { int ea, hid; wchar_t buf[100]; + BOOL bIsGPT = FALSE; + if (SysEncInEffect ()) + bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT; // Encryption algorithms @@ -4072,7 +4075,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) { - if (EAIsFormatEnabled (ea)) + if (EAIsFormatEnabled (ea) && (!SysEncInEffect () || bIsGPT || EAIsMbrSysEncEnabled (ea))) AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX), EAGetName (buf, ea, 1), ea); } @@ -4086,7 +4089,6 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa if (SysEncInEffect ()) { - BOOL bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT; hash_algo = bIsGPT? SHA512 : DEFAULT_HASH_ALGORITHM_BOOT; RandSetHashFunction (hash_algo); -- cgit v1.2.3