From f043e6cbf0a9bdb0c4ded2ec45b1f5c5384c7744 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Tue, 14 Oct 2014 17:18:17 +0200
Subject: Display only allowed hashes when encrypting the system partition
 (now, SHA-256 and RIPEMD-160).

---
 src/Format/Tcformat.c | 39 +++++++++++++++++++++++++--------------
 1 file changed, 25 insertions(+), 14 deletions(-)

(limited to 'src')

diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index 1cf66b56..a3c596dd 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -3735,16 +3735,25 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				if (SysEncInEffect ())
 				{
 					hash_algo = DEFAULT_HASH_ALGORITHM_BOOT;
-					RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT);
+					RandSetHashFunction (hash_algo);
+
+					for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)
+					{
+						// For now, we keep RIPEMD160 for system encryption
+						if (((hid == RIPEMD160) || !HashIsDeprecated (hid)) && HashForSystemEncryption (hid))
+							AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid);
+					}					
 				}
 				else
-					hash_algo = RandGetHashFunction();
-
-				for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)
 				{
-					if (!HashIsDeprecated (hid))
-						AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid);
+					hash_algo = RandGetHashFunction();
+					for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)
+					{
+						if (!HashIsDeprecated (hid))
+							AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid);
+					}
 				}
+
 				SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo);
 
 				ToHyperlink (hwndDlg, IDC_LINK_HASH_INFO);
@@ -5227,15 +5236,17 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				break;
 
 			case IDC_COMBO_BOX_HASH_ALGO:
-				if (SysEncInEffect ()
-					&& SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), CB_GETITEMDATA, 
-					SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), CB_GETCURSEL, 0, 0), 0) 
-					!= DEFAULT_HASH_ALGORITHM_BOOT)
+				if (SysEncInEffect ())
 				{
-					hash_algo = DEFAULT_HASH_ALGORITHM_BOOT;
-					RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT);
-					Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION");
-					SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo);
+					HWND hHashAlgoItem = GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO);
+					LRESULT selectedAlgo = SendMessage (hHashAlgoItem, CB_GETITEMDATA, SendMessage (hHashAlgoItem, CB_GETCURSEL, 0, 0), 0);
+					if (!HashForSystemEncryption(selectedAlgo))
+					{
+						hash_algo = DEFAULT_HASH_ALGORITHM_BOOT;
+						RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT);
+						Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION");
+						SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo);
+					}
 				}
 				break;
 			}
-- 
cgit v1.2.3