From 9e1e128b14dd51de4e036a8002d2cad40efaaf54 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Wed, 16 Sep 2015 01:17:03 +0200 Subject: Windows: Add functionality to verify Rescue Disk ISO image file. --- src/Common/BootEncryption.cpp | 25 +++++++++++++++++++++++++ src/Common/BootEncryption.h | 1 + src/Common/Language.xml | 3 +++ src/Mount/Mount.c | 40 +++++++++++++++++++++++++++++++++------- src/Mount/Mount.rc | 1 + src/Mount/Resource.h | 3 ++- 6 files changed, 65 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index d84dd05d..8b8c122c 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -1795,6 +1795,31 @@ namespace VeraCrypt return false; } + bool BootEncryption::VerifyRescueDiskIsoImage (const char* imageFile) + { + if (!RescueIsoImage) + throw ParameterIncorrect (SRC_POS); + + try + { + File isoFile (imageFile, true); + isoFile.CheckOpened (SRC_POS); + size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048; + Buffer buffer ((verifiedSectorCount + 1) * 2048); + + DWORD bytesRead = isoFile.Read (buffer.Ptr(), (DWORD) buffer.Size()); + if ( (bytesRead == buffer.Size()) + && (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0) + ) + { + return true; + } + } + catch (...) { } + + return false; + } + #ifndef SETUP diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h index eb546de2..c3eb3362 100644 --- a/src/Common/BootEncryption.h +++ b/src/Common/BootEncryption.h @@ -203,6 +203,7 @@ namespace VeraCrypt bool SystemPartitionCoversWholeDrive (); bool SystemDriveIsDynamic (); bool VerifyRescueDisk (); + bool VerifyRescueDiskIsoImage (const char* imageFile); void WipeHiddenOSCreationConfig (); void WriteBootDriveSector (uint64 offset, byte *data); void WriteBootSectorConfig (const byte newConfig[]); diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 4a111e84..e6193cc6 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -256,6 +256,7 @@ Dismount All Mounted Volumes Dismount Volume Verify Rescue Disk + Verify Rescue Disk ISO Image Version History Volume Expander Volume Properties @@ -961,6 +962,8 @@ Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. The VeraCrypt Rescue Disk has been successfully verified. Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. Error creating VeraCrypt Rescue Disk. VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 84baea17..2a4f8030 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -1092,6 +1092,7 @@ static void PopulateSysEncContextMenu (HMENU popup, BOOL bToolsOnly) AppendMenu (popup, MF_SEPARATOR, 0, ""); AppendMenuW (popup, MF_STRING, IDM_CREATE_RESCUE_DISK, GetString ("IDM_CREATE_RESCUE_DISK")); AppendMenuW (popup, MF_STRING, IDM_VERIFY_RESCUE_DISK, GetString ("IDM_VERIFY_RESCUE_DISK")); + AppendMenuW (popup, MF_STRING, IDM_VERIFY_RESCUE_DISK_ISO, GetString ("IDM_VERIFY_RESCUE_DISK_ISO")); } if (!bToolsOnly) @@ -5567,7 +5568,7 @@ void CreateRescueDisk (HWND hwndDlg) Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); } -static void VerifyRescueDisk (HWND hwndDlg) +static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) { try { @@ -5598,7 +5599,7 @@ static void VerifyRescueDisk (HWND hwndDlg) { try { - if (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK) + if (!checkIsoFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK)) { CloseSysEncMutex (); return; @@ -5607,11 +5608,33 @@ static void VerifyRescueDisk (HWND hwndDlg) // Create a temporary up-to-date rescue disk image in RAM (with it the CD/DVD content will be compared) BootEncObj->CreateRescueIsoImage (false, ""); - WaitCursor(); - if (!BootEncObj->VerifyRescueDisk ()) - Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); + + if (checkIsoFile) + { + char szRescueDiskISO [TC_MAX_PATH+1]; + char initialDir[MAX_PATH]; + SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir); + + if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, FALSE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso")) + { + CloseSysEncMutex (); + return; + } + + WaitCursor(); + if (!BootEncObj->VerifyRescueDiskIsoImage (szRescueDiskISO)) + Error ("RESCUE_DISK_ISO_IMAGE_CHECK_FAILED", hwndDlg); + else + Info ("RESCUE_DISK_ISO_IMAGE_CHECK_PASSED", hwndDlg); + } else - Info ("RESCUE_DISK_NON_WIZARD_CHECK_PASSED", hwndDlg); + { + WaitCursor(); + if (!BootEncObj->VerifyRescueDisk ()) + Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); + else + Info ("RESCUE_DISK_NON_WIZARD_CHECK_PASSED", hwndDlg); + } } catch (Exception &e) { @@ -7136,7 +7159,10 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa CreateRescueDisk (hwndDlg); break; case IDM_VERIFY_RESCUE_DISK: - VerifyRescueDisk (hwndDlg); + VerifyRescueDisk (hwndDlg, false); + break; + case IDM_VERIFY_RESCUE_DISK_ISO: + VerifyRescueDisk (hwndDlg, true); break; case IDM_MOUNT_SYSENC_PART_WITHOUT_PBA: diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index 4d40c358..2365998b 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -588,6 +588,7 @@ BEGIN MENUITEM SEPARATOR MENUITEM "Create Rescue Disk...", IDM_CREATE_RESCUE_DISK MENUITEM "Verify Rescue Disk", IDM_VERIFY_RESCUE_DISK + MENUITEM "Verify Rescue Disk ISO Image",IDM_VERIFY_RESCUE_DISK_ISO MENUITEM SEPARATOR MENUITEM "Mount Without Pre-Boot &Authentication...", IDM_MOUNT_SYSENC_PART_WITHOUT_PBA MENUITEM SEPARATOR diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h index 78642bf2..8301b2dc 100644 --- a/src/Mount/Resource.h +++ b/src/Mount/Resource.h @@ -239,6 +239,7 @@ #define IDM_VOLUME_EXPANDER 40065 #define IDM_DEFAULT_MOUNT_PARAMETERS 40066 #define IDM_DECRYPT_NONSYS_VOL 40067 +#define IDM_VERIFY_RESCUE_DISK_ISO 40068 // Next default values for new objects // @@ -246,7 +247,7 @@ #ifndef APSTUDIO_READONLY_SYMBOLS #define _APS_NO_MFC 1 #define _APS_NEXT_RESOURCE_VALUE 119 -#define _APS_NEXT_COMMAND_VALUE 40068 +#define _APS_NEXT_COMMAND_VALUE 40069 #define _APS_NEXT_CONTROL_VALUE 1151 #define _APS_NEXT_SYMED_VALUE 101 #endif -- cgit v1.2.3