Windows EFI Bootloader: modifications to prepare EFI system encryption support (common files with DcsBoot)

This commit is contained in:
Alex 2016-08-09 22:08:47 +02:00 committed by Mounir IDRASSI
parent 58cff70724
commit 246233c402
No known key found for this signature in database
GPG Key ID: DD0C382D5FCFB8FC
22 changed files with 492 additions and 217 deletions

View File

@ -78,5 +78,104 @@ typedef struct
#define TC_SET_BOOT_ARGUMENTS_SIGNATURE(SG) do { SG[0] = 'T'; SG[1] = 'R'; SG[2] = 'U'; SG[3] = 'E'; SG[4] = 0x11; SG[5] = 0x23; SG[6] = 0x45; SG[7] = 0x66; } while (FALSE)
#define TC_IS_BOOT_ARGUMENTS_SIGNATURE(SG) (SG[0] == 'T' && SG[1] == 'R' && SG[2] == 'U' && SG[3] == 'E' && SG[4] == 0x11 && SG[5] == 0x23 && SG[6] == 0x45 && SG[7] == 0x66)
#if !defined(TC_WINDOWS_BOOT)
#define DCS_DISK_ENTRY_LIST_HEADER_ID SIGNATURE_64 ('D','C','S','D','E','L','S','T')
#define DE_IDX_CRYPTOHEADER 0
#define DE_IDX_LIST 1
#define DE_IDX_DISKID 2
#define DE_IDX_MAINGPTHDR 3
#define DE_IDX_MAINGPTENTRYS 4
#define DE_IDX_ALTGPTHDR 5
#define DE_IDX_ALTGPTENTRYS 6
#define DE_IDX_EXECPARAMS 7
#define DE_IDX_PWDCACHE 8
#define DE_IDX_TOTAL 9
enum DcsDiskEntryTypes {
DE_Unused = 0,
DE_Sectors,
DE_List,
DE_DISKID,
DE_ExecParams,
DE_PwdCache
};
#pragma pack(1)
typedef struct _SECREGION_BOOT_PARAMS {
uint64 Ptr;
uint32 Size;
uint32 Crc;
} SECREGION_BOOT_PARAMS;
typedef struct _DCS_DISK_ENTRY_SECTORS {
uint32 Type;
uint32 Offset;
uint64 Reserved;
uint64 Start;
uint64 Length;
} DCS_DISK_ENTRY_SECTORS;
typedef struct {
uint32 Data1;
uint16 Data2;
uint16 Data3;
byte Data4[8];
} DCS_GUID;
typedef struct _DCS_DISK_ENTRY_DISKID {
uint32 Type;
uint32 MbrID;
uint64 ReservedDiskId;
DCS_GUID GptID;
} DCS_DISK_ENTRY_DISKID;
typedef struct _DCS_DISK_ENTRY_EXEC_PARAMS {
DCS_GUID ExecPartGuid;
uint16 ExecCmd[248];
} DCS_DISK_ENTRY_EXEC_PARAMS;
static_assert(sizeof(DCS_DISK_ENTRY_EXEC_PARAMS) == 512, "Wrong size DCS_DISK_ENTRY_EXEC_PARAMS");
#define DCS_DISK_ENTRY_PWD_CACHE_ID SIGNATURE_64 ('P','W','D','C','A','C','H','E')
typedef struct _DCS_DISK_ENTRY_PWD_CACHE {
uint64 Sign;
uint32 CRC;
uint32 Count;
Password Pwd[4];
int32 Pim[4];
byte pad[512 -8 - 4 - 4 - (sizeof(Password) + 4) * 4];
} DCS_DISK_ENTRY_PWD_CACHE;
static_assert(sizeof(DCS_DISK_ENTRY_PWD_CACHE) == 512, "Wrong size DCS_DISK_ENTRY_PWD_CACHE");
#pragma warning(disable:4201)
typedef struct _DCS_DISK_ENTRY {
union {
struct {
uint32 Type;
byte Data[28];
};
DCS_DISK_ENTRY_SECTORS Sectors;
DCS_DISK_ENTRY_DISKID DiskId;
};
} DCS_DISK_ENTRY;
#pragma warning(default:4201)
typedef struct _DCS_DISK_ENTRY_LIST {
// EFI_TABLE_HEADER
uint64 Signature;
uint32 Revision;
uint32 HeaderSize; //< The size, in bytes, of the entire table including the EFI_TABLE_HEADER.
uint32 CRC32; //< The 32-bit CRC for the entire table. This value is computed by setting this field to 0, and computing the 32-bit CRC for HeaderSize bytes.
uint32 Reserved; //< Reserved field that must be set to 0.
//
uint32 Count;
uint32 DataSize;
//
DCS_DISK_ENTRY DE[31];
} DCS_DISK_ENTRY_LIST;
#pragma pack()
#endif
#endif // TC_HEADER_Boot_BootCommon

View File

@ -102,6 +102,7 @@
#define TC__BOOT_USER_CFG_FLAG_DISABLE_ESC TC_HEX (02)
#define TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC_HEX (04)
#define TC__BOOT_USER_CFG_FLAG_DISABLE_PIM TC_HEX (08)
#define TC__BOOT_USER_CFG_FLAG_STORE_HASH TC_HEX (10)
// The following items are treated as a 2-bit value (apply TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE to obtain the value)
#define TC__HIDDEN_OS_CREATION_PHASE_NONE 0
@ -191,6 +192,7 @@ TC_HIDDEN_OS_CREATION_PHASE_WIPED = TC__HIDDEN_OS_CREATION_PHASE_WIPED
#define TC_BOOT_USER_CFG_FLAG_DISABLE_ESC TC__BOOT_USER_CFG_FLAG_DISABLE_ESC
#define TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION
#define TC_BOOT_USER_CFG_FLAG_DISABLE_PIM TC__BOOT_USER_CFG_FLAG_DISABLE_PIM
#define TC_BOOT_USER_CFG_FLAG_STORE_HASH TC__BOOT_USER_CFG_FLAG_STORE_HASH
#define TC_HIDDEN_OS_CREATION_PHASE_NONE TC__HIDDEN_OS_CREATION_PHASE_NONE
#define TC_HIDDEN_OS_CREATION_PHASE_CLONING TC__HIDDEN_OS_CREATION_PHASE_CLONING
#define TC_HIDDEN_OS_CREATION_PHASE_WIPING TC__HIDDEN_OS_CREATION_PHASE_WIPING
@ -198,4 +200,11 @@ TC_HIDDEN_OS_CREATION_PHASE_WIPED = TC__HIDDEN_OS_CREATION_PHASE_WIPED
#endif // TC_ASM_PREPROCESS
#define EFI_BOOTARGS_REGIONS_LOW 0x90000, 0x88000, 0x80000
#define EFI_BOOTARGS_REGIONS_HIGH \
0x100000, 0x200000, 0x300000, 0x400000, 0x500000, 0x600000, 0x700000, 0x800000, \
0x900000, 0xA00000, 0xB00000, 0xC00000, 0xD00000, 0xE00000, 0xF00000, 0x1000000
#define EFI_BOOTARGS_REGIONS EFI_BOOTARGS_REGIONS_LOW, EFI_BOOTARGS_REGIONS_HIGH
#endif // TC_HEADER_Boot_BootDefs

View File

@ -532,6 +532,10 @@ IDR_RESCUE_LOADER_AES_SHA2 BIN "..\\Boot\\Windows\\Rescue_AE
IDR_RESCUE_LOADER_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Rescue_Serpent_SHA2\\BootLoader.com.gz"
IDR_RESCUE_LOADER_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Rescue_Twofish_SHA2\\BootLoader.com.gz"
IDR_RESCUE_LOADER_CAMELLIA_SHA2 BIN "..\\Boot\\Windows\\Rescue_Camellia_SHA2\\BootLoader.com.gz"
IDR_EFI_DCSBOOT BIN "..\\Boot\\EFI\\DcsBoot.efi"
IDR_EFI_DCSINT BIN "..\\Boot\\EFI\\DcsInt.efi"
IDR_EFI_DCSCFG BIN "..\\Boot\\EFI\\DcsCfg.efi"
IDR_EFI_LEGACYSPEAKER BIN "..\\Boot\\EFI\\LegacySpeaker.efi"
/////////////////////////////////////////////////////////////////////////////
//

View File

@ -16,10 +16,12 @@
#include "Xts.h"
#include "Crc.h"
#include "Common/Endian.h"
#if !defined(_UEFI)
#include <string.h>
#ifndef TC_WINDOWS_BOOT
#include "EncryptionThreadPool.h"
#endif
#endif
#include "Volumes.h"
#include "cpu.h"
@ -507,8 +509,12 @@ int EAGetByName (wchar_t *name)
do
{
EAGetName (n, ea, 1);
if (_wcsicmp (n, name) == 0)
EAGetName(n, ea, 1);
#if defined(_UEFI)
if (wcscmp(n, name) == 0)
#else
if (_wcsicmp(n, name) == 0)
#endif
return ea;
}
while (ea = EAGetNext (ea));
@ -777,7 +783,7 @@ PCRYPTO_INFO crypto_open ()
memset (cryptoInfo, 0, sizeof (CRYPTO_INFO));
#ifndef DEVICE_DRIVER
#if !defined(DEVICE_DRIVER) && !defined(_UEFI)
VirtualLock (cryptoInfo, sizeof (CRYPTO_INFO));
#endif
@ -812,7 +818,7 @@ void crypto_close (PCRYPTO_INFO cryptoInfo)
if (cryptoInfo != NULL)
{
burn (cryptoInfo, sizeof (CRYPTO_INFO));
#ifndef DEVICE_DRIVER
#if !defined(DEVICE_DRIVER) && !defined(_UEFI)
VirtualUnlock (cryptoInfo, sizeof (CRYPTO_INFO));
#endif
TCfree (cryptoInfo);
@ -876,7 +882,7 @@ void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_
// unitNo: sequential number of the data unit with which the buffer starts
// nbrUnits: number of data units in the buffer
void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci)
#ifndef TC_WINDOWS_BOOT
#if !defined(TC_WINDOWS_BOOT) && !defined(_UEFI)
{
EncryptionThreadPoolDoWork (EncryptDataUnitsWork, buf, structUnitNo, nbrUnits, ci);
}
@ -957,7 +963,7 @@ void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_
// unitNo: sequential number of the data unit with which the buffer starts
// nbrUnits: number of data units in the buffer
void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci)
#ifndef TC_WINDOWS_BOOT
#if !defined(TC_WINDOWS_BOOT) && !defined(_UEFI)
{
EncryptionThreadPoolDoWork (DecryptDataUnitsWork, buf, structUnitNo, nbrUnits, ci);
}

View File

@ -279,7 +279,7 @@ typedef struct CRYPTO_INFO_t
} CRYPTO_INFO, *PCRYPTO_INFO;
#ifdef _WIN32
#if defined(_WIN32) || defined(_UEFI)
#pragma pack (push)
#pragma pack(1)

View File

@ -21,7 +21,7 @@ extern "C"
{
#endif
#ifdef _WIN32
#if defined(_WIN32) || defined(_UEFI)
# ifndef LITTLE_ENDIAN
# define LITTLE_ENDIAN 1234

View File

@ -36,14 +36,14 @@ typedef struct
char Pad[3]; // keep 64-bit alignment
} Password;
#if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)
#if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)
#ifdef __cplusplus
}

View File

@ -12,9 +12,10 @@
code distribution packages. */
#include "Tcdefs.h"
#if !defined(_UEFI)
#include <memory.h>
#include <stdlib.h>
#endif
#include "Rmd160.h"
#ifndef TC_WINDOWS_BOOT
#include "Sha2.h"

View File

@ -67,6 +67,10 @@
#define IDR_BOOT_LOADER_CAMELLIA_SHA2 563
#define IDR_RESCUE_BOOT_SECTOR_CAMELLIA_SHA2 564
#define IDR_RESCUE_LOADER_CAMELLIA_SHA2 565
#define IDR_EFI_DCSBOOT 566
#define IDR_EFI_DCSINT 567
#define IDR_EFI_DCSCFG 568
#define IDR_EFI_LEGACYSPEAKER 569
#define IDC_HW_AES_LABEL_LINK 5000
#define IDC_HW_AES 5001
#define IDC_PARALLELIZATION_LABEL_LINK 5002
@ -214,7 +218,7 @@
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 566
#define _APS_NEXT_RESOURCE_VALUE 570
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 5141
#define _APS_NEXT_SYMED_VALUE 101

View File

@ -14,6 +14,44 @@
#ifndef TCDEFS_H
#define TCDEFS_H
#if defined(_UEFI)
#undef _WIN32
#undef _WIN64
#undef _DEBUG
#include <Uefi.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
void* VeraCryptMemAlloc(IN UINTN size);
void VeraCryptMemFree(IN VOID* ptr);
#define BOOL int
#ifndef FALSE
#define FALSE 0
#define TRUE 1
#endif
#define max(a,b) ((a)>(b))?(a):(b)
#define min(a,b) ((a)<(b))?(a):(b)
#ifdef __cplusplus
extern "C" {
#endif
extern unsigned __int64 __cdecl _rotl64(unsigned __int64,int);
extern unsigned __int64 __cdecl _rotr64(unsigned __int64,int);
extern unsigned int __cdecl _rotl(unsigned int,int);
extern unsigned int __cdecl _rotr(unsigned int,int);
extern unsigned char _rotr8(unsigned char value, unsigned char shift);
extern unsigned short _rotr16(unsigned short value, unsigned char shift);
extern unsigned char _rotl8(unsigned char value, unsigned char shift);
extern unsigned short _rotl16(unsigned short value, unsigned char shift);
#ifdef __cplusplus
}
#endif
#endif // defined(_UEFI)
#define TC_APP_NAME "VeraCrypt"
// Version displayed to user
@ -55,6 +93,9 @@ typedef unsigned __int64 uint64;
#define LL(x) x##ui64
#endif
#pragma warning( disable : 4201 ) // disable: 4201 nonstandard extension used : nameless struct/union
#pragma warning( disable : 4324 ) // disable: 4324 structure was padded due to __declspec(align())
#else // !_MSC_VER
#include <inttypes.h>
@ -123,6 +164,41 @@ typedef union
#define __has_builtin(x) 0 // Compatibility with non-clang compilers
#endif
#if defined(_UEFI)
typedef UINTN size_t;
typedef uint64 uint_64t;
typedef CHAR16 wchar_t;
typedef int LONG;
#define wcscpy StrCpy
#define wcslen StrLen
#define wcscmp StrCmp
#define wcscat StrCat
#define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count))
#define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch))
#define memchr(buf,ch,count) ScanMem8(buf,(UINTN)(count),(UINT8)ch)
#define memcmp(buf1,buf2,count) (int)(CompareMem(buf1,buf2,(UINTN)(count)))
#define MAX_STRING_SIZE 0x1000
#define strcat(strDest,strSource) AsciiStrCatS(strDest,MAX_STRING_SIZE,strSource)
#define strchr(str,ch) ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch)
#define strcmp AsciiStrCmp
#define strncmp(string1,string2,count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count)))
#define strcpy(strDest,strSource) AsciiStrCpyS(strDest,MAX_STRING_SIZE,strSource)
#define strncpy(strDest,strSource,count) AsciiStrnCpyS(strDest,MAX_STRING_SIZE,strSource,(UINTN)count)
#define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE))
#define strstr AsciiStrStr
// #define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
// #define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
// #define rotr64(x,n) (((x) >> n) | ((x) << (64 - n)))
// #define rotl64(x,n) (((x) << n) | ((x) >> (64 - n)))
// #define bswap_32(x) (rotl32((((x) & 0xFF00FF00) >> 8) | (((x) & 0x00FF00FF) << 8), 16U))
// #define bswap_64(x) rotl64(((((((x & LL(0xFF00FF00FF00FF00)) >> 8) | ((x & LL(0x00FF00FF00FF00FF)) << 8)) & LL(0xFFFF0000FFFF0000)) >> 16) | (((((x & LL(0xFF00FF00FF00FF00)) >> 8) | ((x & LL(0x00FF00FF00FF00FF)) << 8)) & LL(0x0000FFFF0000FFFF)) << 16)), 32U)
#endif
#ifdef TC_WINDOWS_BOOT
# ifdef __cplusplus
@ -133,6 +209,9 @@ void ThrowFatalException (int line);
# define TC_THROW_FATAL_EXCEPTION ThrowFatalException (__LINE__)
#elif defined (TC_WINDOWS_DRIVER)
# define TC_THROW_FATAL_EXCEPTION KeBugCheckEx (SECURITY_SYSTEM, __LINE__, 0, 0, 'VC')
#elif defined(_UEFI)
void ThrowFatalException(int line);
# define TC_THROW_FATAL_EXCEPTION ThrowFatalException (__LINE__)
#elif (defined(__clang__) && __has_builtin(__builtin_trap)) \
|| (defined(__GNUC__ ) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 3))) \
|| (__has_builtin(__builtin_trap))
@ -170,9 +249,13 @@ typedef int BOOL;
#endif
#else /* !TC_WINDOWS_DRIVER */
#if !defined(_UEFI)
#define TCalloc malloc
#define TCfree free
#else
#define TCalloc VeraCryptMemAlloc
#define TCfree VeraCryptMemFree
#endif //!defined(_UEFI)
#ifdef _WIN32
@ -217,6 +300,8 @@ typedef int BOOL;
# define trace_msg Dump
# elif defined (_WIN32)
# define trace_msg(...) do { char msg[2048]; StringCbPrintfA (msg, sizeof (msg), __VA_ARGS__); OutputDebugString (msg); } while (0)
# else
# define trace_msg(...)
# endif
# define trace_point trace_msg (__FUNCTION__ ":" TC_TO_STRING(__LINE__) "\n")
# else
@ -233,7 +318,7 @@ typedef int BOOL;
# define TC_WAIT_EVENT(EVENT) WaitForSingleObject (EVENT, INFINITE)
#endif
#ifdef _WIN32
#if defined(_WIN32) && !defined(_UEFI)
#define burn(mem,size) do { volatile char *burnm = (volatile char *)(mem); size_t burnc = size; RtlSecureZeroMemory (mem, size); while (burnc--) *burnm++ = 0; } while (0)
#else
#define burn(mem,size) do { volatile char *burnm = (volatile char *)(mem); int burnc = size; while (burnc--) *burnm++ = 0; } while (0)
@ -251,7 +336,7 @@ typedef int BOOL;
# define max(a,b) (((a) > (b)) ? (a) : (b))
# endif
# ifdef __cplusplus
# if defined(__cplusplus) && !defined(_UEFI)
extern "C"
# endif
void EraseMemory (void *memory, int size);

View File

@ -12,8 +12,8 @@
code distribution packages. */
#include "Tcdefs.h"
#ifndef TC_WINDOWS_BOOT
#if !defined(_UEFI)
#if !defined(TC_WINDOWS_BOOT)
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
@ -28,6 +28,7 @@
#ifndef DEVICE_DRIVER
#include "Random.h"
#endif
#endif // !defined(_UEFI)
#include "Crc.h"
#include "Crypto.h"
@ -35,7 +36,7 @@
#include "Volumes.h"
#include "Pkcs5.h"
#ifdef _WIN32
#if defined(_WIN32) && !defined(_UEFI)
#include <Strsafe.h>
#include "../Boot/Windows/BootCommon.h"
#endif
@ -176,16 +177,17 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
uint16 headerVersion;
int status = ERR_PARAMETER_INCORRECT;
int primaryKeyOffset;
int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1;
#if !defined(_UEFI)
TC_EVENT keyDerivationCompletedEvent;
TC_EVENT noOutstandingWorkItemEvent;
KeyDerivationWorkItem *keyDerivationWorkItems;
KeyDerivationWorkItem *item;
int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1;
size_t encryptionThreadCount = GetEncryptionThreadCount();
size_t queuedWorkItems = 0;
LONG outstandingWorkItemCount = 0;
int i;
#endif
size_t queuedWorkItems = 0;
// if no PIM specified, use default value
if (pim < 0)
@ -212,7 +214,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (cryptoInfo == NULL)
return ERR_OUTOFMEMORY;
}
#if !defined(_UEFI)
/* use thread pool only if no PRF was specified */
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
@ -244,10 +246,11 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
#endif
}
#ifndef DEVICE_DRIVER
#if !defined(DEVICE_DRIVER)
VirtualLock (&keyInfo, sizeof (keyInfo));
VirtualLock (&dk, sizeof (dk));
#endif
#endif // !defined(_UEFI)
crypto_loadkey (&keyInfo, password->Text, (int) password->Length);
@ -264,7 +267,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
// skip SHA-256 in case of TrueCrypt mode
if (truecryptMode && (enqPkcs5Prf == SHA256))
continue;
#if !defined(_UEFI)
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
// Enqueue key derivation on thread pool
@ -319,6 +322,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
KeyReady: ;
}
else
#endif // !defined(_UEFI)
{
pkcs5_prf = enqPkcs5Prf;
keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot);
@ -568,11 +572,12 @@ KeyReady: ;
burn (&keyInfo, sizeof (keyInfo));
burn (dk, sizeof(dk));
#ifndef DEVICE_DRIVER
#if !defined(DEVICE_DRIVER) && !defined(_UEFI)
VirtualUnlock (&keyInfo, sizeof (keyInfo));
VirtualUnlock (&dk, sizeof (dk));
#endif
#if !defined(_UEFI)
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
TC_WAIT_EVENT (noOutstandingWorkItemEvent);
@ -580,16 +585,16 @@ KeyReady: ;
burn (keyDerivationWorkItems, sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
TCfree (keyDerivationWorkItems);
#ifndef DEVICE_DRIVER
#if !defined(DEVICE_DRIVER)
CloseHandle (keyDerivationCompletedEvent);
CloseHandle (noOutstandingWorkItemEvent);
#endif
}
#endif
return status;
}
#ifdef _WIN32
#if defined(_WIN32) && !defined(_UEFI)
void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint)
{
// compute Whirlpool+SHA512 fingerprint of bootloader including MBR
@ -805,10 +810,17 @@ int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCR
#endif
// Creates a volume header in memory
#if defined(_UEFI)
int CreateVolumeHeaderInMemory(BOOL bBoot, char *header, int ea, int mode, Password *password,
int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo,
unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize,
unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode)
#else
int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, int mode, Password *password,
int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo,
unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize,
unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode)
#endif // !defined(_UEFI)
{
unsigned char *p = (unsigned char *) header;
static CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo;
@ -828,9 +840,10 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
pim = 0;
memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE);
#if !defined(_UEFI)
VirtualLock (&keyInfo, sizeof (keyInfo));
VirtualLock (&dk, sizeof (dk));
#endif // !defined(_UEFI)
/* Encryption setup */
@ -847,7 +860,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
bytesNeeded = EAGetKeySize (ea) * 2; // Size of primary + secondary key(s)
}
#if !defined(_UEFI)
if (!RandgetBytes (hwndDlg, keyInfo.master_keydata, bytesNeeded, TRUE))
#else
if (!RandgetBytes(keyInfo.master_keydata, bytesNeeded, TRUE))
#endif
{
crypto_close (cryptoInfo);
return ERR_CIPHER_INIT_WEAK_KEY;
@ -885,7 +902,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
cryptoInfo->mode = mode;
// Salt for header key derivation
if (!RandgetBytes (hwndDlg, keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode))
#if !defined(_UEFI)
if (!RandgetBytes(hwndDlg, keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode))
#else
if (!RandgetBytes(keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode))
#endif
{
crypto_close (cryptoInfo);
return ERR_CIPHER_INIT_WEAK_KEY;
@ -930,7 +951,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
else
{
// generate a random key
#if !defined(_UEFI)
if (!RandgetBytes(hwndDlg, dk, GetMaxPkcs5OutSize(), !bWipeMode))
#else
if (!RandgetBytes(dk, GetMaxPkcs5OutSize(), !bWipeMode))
#endif
{
crypto_close (cryptoInfo);
return ERR_CIPHER_INIT_WEAK_KEY;
@ -1111,7 +1136,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
return 0;
}
#if !defined(_UEFI)
BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead)
{
#if TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE
@ -1324,4 +1349,5 @@ int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO
return nStatus;
}
#endif // !defined(_UEFI)
#endif // !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)

View File

@ -130,16 +130,20 @@ extern BOOL ReadVolumeHeaderRecoveryMode;
uint16 GetHeaderField16 (byte *header, int offset);
uint32 GetHeaderField32 (byte *header, int offset);
UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
#ifdef TC_WINDOWS_BOOT
#if defined(TC_WINDOWS_BOOT)
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#elif defined(_UEFI)
int ReadVolumeHeader(BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int CreateVolumeHeaderInMemory(BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
BOOL RandgetBytes(unsigned char *buf, int len, BOOL forceSlowPoll);
#else
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#ifdef _WIN32
#if defined(_WIN32) && !defined(_UEFI)
void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint);
#endif
#endif
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) && !defined(_UEFI)
int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead);
BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header);

View File

@ -9,9 +9,13 @@
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#if !defined(_UEFI)
#include <windows.h>
#include <stdio.h>
#else
#include "Tcdefs.h"
#pragma warning( disable : 4706 ) // assignment within conditional expression
#endif
#include "Xml.h"
@ -59,7 +63,7 @@ char *XmlFindElement (char *xmlNode, char *nodeName)
}
char *XmlFindElementByAttributeValue (char *xml, char *nodeName, char *attrName, char *attrValue)
char *XmlFindElementByAttributeValue (char *xml, char *nodeName, const char *attrName, const char *attrValue)
{
char attr[2048];
@ -76,7 +80,7 @@ char *XmlFindElementByAttributeValue (char *xml, char *nodeName, char *attrName,
}
char *XmlGetAttributeText (char *xmlNode, char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize)
char *XmlGetAttributeText (char *xmlNode, const char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize)
{
char *t = xmlNode;
char *e = xmlNode;
@ -105,7 +109,7 @@ char *XmlGetAttributeText (char *xmlNode, char *xmlAttrName, char *xmlAttrValue,
if (t == NULL || t > e) return NULL;
t = strchr (t, '"') + 1;
t = ((char*)strchr (t, '"')) + 1;
e = strchr (t, '"');
l = (int)(e - t);
if (e == NULL || l > xmlAttrValueSize) return NULL;
@ -128,7 +132,7 @@ char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize)
if (t[0] != '<')
return NULL;
t = strchr (t, '>');
t = (char*) strchr (t, '>');
if (t == NULL) return NULL;
t++;
@ -256,7 +260,8 @@ wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMax
return textDst;
}
#if !defined(_UEFI)
#pragma warning( default : 4706 )
int XmlWriteHeader (FILE *file)
{
return fputws (L"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<VeraCrypt>", file);
@ -267,3 +272,4 @@ int XmlWriteFooter (FILE *file)
{
return fputws (L"\n</VeraCrypt>", file);
}
#endif !defined(_UEFI)

View File

@ -16,14 +16,17 @@ extern "C" {
char *XmlNextNode (char *xmlNode);
char *XmlFindElement (char *xmlNode, char *nodeName);
char *XmlGetAttributeText (char *xmlNode, char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize);
char *XmlGetAttributeText (char *xmlNode, const char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize);
char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize);
int XmlWriteHeader (FILE *file);
int XmlWriteFooter (FILE *file);
char *XmlFindElementByAttributeValue (char *xml, char *nodeName, char *attrName, char *attrValue);
char *XmlFindElementByAttributeValue (char *xml, char *nodeName, const char *attrName, const char *attrValue);
char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize);
wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMaxSize);
#if !defined(_UEFI)
int XmlWriteHeader (FILE *file);
int XmlWriteFooter (FILE *file);
#endif !defined(_UEFI)
#ifdef __cplusplus
}
#endif

View File

@ -9,8 +9,10 @@
/* Adapted for TrueCrypt */
/* Adapted for VeraCrypt */
#if !defined(_UEFI)
#include <memory.h>
#endif !defined(_UEFI)
#include "Common/Tcdefs.h"
#include "Common/Endian.h"
#include "Rmd160.h"

View File

@ -19,7 +19,9 @@
#include "Crypto/misc.h"
#endif
#if !defined(_UEFI)
#include <memory.h>
#endif !defined(_UEFI)
// linear transformation
#define LT(i,a,b,c,d,e) {\

View File

@ -69,7 +69,9 @@
*/
#include "Common/Endian.h"
#include "Common/Tcdefs.h"
#include "Crypto/misc.h"
#define PLATFORM_BYTE_ORDER BYTE_ORDER
#define IS_LITTLE_ENDIAN LITTLE_ENDIAN
@ -77,7 +79,9 @@
#define UNROLL_SHA2 /* for SHA2 loop unroll */
#endif
#if !defined(_UEFI)
#include <string.h> /* for memcpy() etc. */
#endif !defined(_UEFI)
#include "Sha2.h"
@ -86,7 +90,7 @@ extern "C"
{
#endif
#if defined( _MSC_VER ) && ( _MSC_VER > 800 )
#if defined( _MSC_VER ) && ( _MSC_VER > 800 ) && !defined(_UEFI)
#pragma intrinsic(memcpy)
#endif

View File

@ -68,14 +68,16 @@
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "Common/Tcdefs.h"
#include "Common/Endian.h"
#include "cpu.h"
#include "misc.h"
#if !defined(_UEFI)
#include <memory.h>
#include <stdlib.h>
#endif
#include "cpu.h"
#include "misc.h"
#include "Whirlpool.h"
/*

View File

@ -60,8 +60,10 @@ static void SigIllHandlerSSE2(int p)
int CpuId(uint32 input, uint32 output[4])
{
#ifdef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY
#ifndef _UEFI
__try
{
#endif
__asm
{
mov eax, input
@ -73,11 +75,13 @@ int CpuId(uint32 input, uint32 output[4])
mov [edi+8], ecx
mov [edi+12], edx
}
#ifndef _UEFI
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
return 0;
}
#endif
// function 0 returns the highest basic function understood in EAX
if(input == 0)
@ -123,7 +127,7 @@ static int TrySSE2()
{
#if CRYPTOPP_BOOL_X64
return 1;
#elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY)
#elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY) && !defined(_UEFI)
volatile int result = 1;
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
@ -150,7 +154,7 @@ static int TrySSE2()
return 0;
#endif
return result;
#else
#elif !defined(_UEFI)
// longjmp and clobber warnings. Volatile is required.
// http://github.com/weidai11/cryptopp/issues/24
// http://stackoverflow.com/q/7721854
@ -174,6 +178,8 @@ static int TrySSE2()
signal(SIGILL, oldHandler);
return result;
#else
return 1;
#endif
}
@ -198,7 +204,7 @@ VC_INLINE int IsAMD(const uint32 output[4])
(output[3] /*EDX*/ == 0x444D4163);
}
#if (defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE
#if !defined (_UEFI) && ((defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE)
static int TryAESNI ()
{
@ -289,7 +295,7 @@ void DetectX86Features()
g_hasAESNI = g_hasSSE2 && (cpuid1[2] & (1<<25));
g_hasCLMUL = g_hasSSE2 && (cpuid1[2] & (1<<1));
#if (defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE
#if !defined (_UEFI) && ((defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE)
// Hypervisor = bit 31 of ECX of CPUID leaf 0x1
// reference: http://artemonsecurity.com/vmde.pdf
if (!g_hasAESNI && (cpuid1[2] & (1<<31)))
@ -337,7 +343,7 @@ int is_aes_hw_cpu_supported ()
{
if (cpuid[2] & (1<<25))
bHasAESNI = 1;
#if (defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE
#if !defined (_UEFI) && ((defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE)
// Hypervisor = bit 31 of ECX of CPUID leaf 0x1
// reference: http://artemonsecurity.com/vmde.pdf
if (!bHasAESNI && (cpuid[2] & (1<<31)))

View File

@ -13,7 +13,7 @@
#else
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
#if defined(TC_WINDOWS_DRIVER)
#if defined(TC_WINDOWS_DRIVER) || defined (_UEFI)
#if defined(__cplusplus)
extern "C" {
#endif
@ -82,7 +82,7 @@ extern __m128i _mm_setr_epi32(int _I0, int _I1, int _I2, int _I3);
#if CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE
#if defined(__SSSE3__) || defined(__INTEL_COMPILER)
#if defined(TC_WINDOWS_DRIVER)
#if defined(TC_WINDOWS_DRIVER) || defined (_UEFI)
#if defined(__cplusplus)
extern "C" {
#endif
@ -96,7 +96,7 @@ extern __m128i _mm_shuffle_epi8 (__m128i a, __m128i b);
#endif
#if defined(__SSE4_1__) || defined(__INTEL_COMPILER) || defined(_MSC_VER)
#if defined(TC_WINDOWS_DRIVER)
#if defined(TC_WINDOWS_DRIVER) || defined (_UEFI)
#if defined(__cplusplus)
extern "C" {
#endif
@ -114,7 +114,7 @@ extern __m128i _mm_insert_epi64(__m128i dst, __int64 s, const int ndx);
#endif
#if (defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE
#if defined(TC_WINDOWS_DRIVER)
#if defined(TC_WINDOWS_DRIVER) || defined (_UEFI)
#if defined(__cplusplus)
extern "C" {
#endif

View File

@ -2,15 +2,19 @@
#define CRYPTOPP_MISC_H
#include "config.h"
#if !defined(_UEFI)
#include <string.h> // for memcpy and memmove
#ifndef _WIN32
#include <strings.h> // for strcasecmp
#define _stricmp strcasecmp
#endif
#else
#include "Tcdefs.h"
#endif // !defined(_UEFI)
#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(_UEFI)
#if _MSC_VER >= 1400
#ifndef TC_WINDOWS_DRIVER
#if !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)
// VC2005 workaround: disable declarations that conflict with winnt.h
#define _interlockedbittestandset CRYPTOPP_DISABLED_INTRINSIC_1
#define _interlockedbittestandreset CRYPTOPP_DISABLED_INTRINSIC_2
@ -23,7 +27,7 @@
#undef _interlockedbittestandreset64
#endif
#define CRYPTOPP_FAST_ROTATE(x) 1
#elif _MSC_VER >= 1300
#elif !defined(_UEFI) && _MSC_VER >= 1300
#define CRYPTOPP_FAST_ROTATE(x) ((x) == 32 | (x) == 64)
#else
#define CRYPTOPP_FAST_ROTATE(x) ((x) == 32)
@ -37,7 +41,7 @@
#define CRYPTOPP_FAST_ROTATE(x) 0
#endif
#if defined( _MSC_VER ) && ( _MSC_VER > 800 )
#if defined( _MSC_VER ) && ( _MSC_VER > 800 ) && !defined(_UEFI)
#pragma intrinsic(memcpy,memset)
#endif
@ -80,7 +84,7 @@
#if defined(__GNUC__) && defined(__linux__)
#define CRYPTOPP_BYTESWAP_AVAILABLE
#include <byteswap.h>
#elif defined(_MSC_VER) && _MSC_VER >= 1300
#elif defined(_MSC_VER) && _MSC_VER >= 1300 && !defined(_UEFI)
#define CRYPTOPP_BYTESWAP_AVAILABLE
#define bswap_32(x) _byteswap_ulong(x)
#define bswap_64(x) _byteswap_uint64(x)

View File

@ -33,7 +33,7 @@ static BOOL DeviceFilterActive = FALSE;
BOOL BootArgsValid = FALSE;
BootArguments BootArgs;
static uint16 BootLoaderSegment;
static uint64 BootLoaderArgsPtr;
static BOOL BootDriveSignatureValid = FALSE;
static KMUTEX MountMutex;
@ -69,21 +69,22 @@ static int64 DecoySystemWipedAreaEnd;
PKTHREAD DecoySystemWipeThread = NULL;
static NTSTATUS DecoySystemWipeResult;
uint64 BootArgsRegions[] = { EFI_BOOTARGS_REGIONS };
NTSTATUS LoadBootArguments ()
{
NTSTATUS status = STATUS_UNSUCCESSFUL;
PHYSICAL_ADDRESS bootArgsAddr;
byte *mappedBootArgs;
uint16 bootLoaderSegment;
uint16 bootLoaderArgsIndex;
KeInitializeMutex (&MountMutex, 0);
for (bootLoaderSegment = TC_BOOT_LOADER_SEGMENT;
bootLoaderSegment >= TC_BOOT_LOADER_SEGMENT - 64 * 1024 / 16 && status != STATUS_SUCCESS;
bootLoaderSegment -= 32 * 1024 / 16)
for (bootLoaderArgsIndex = 0;
bootLoaderArgsIndex < sizeof(BootArgsRegions)/ sizeof(BootArgsRegions[1]) && status != STATUS_SUCCESS;
++bootLoaderArgsIndex)
{
bootArgsAddr.QuadPart = (bootLoaderSegment << 4) + TC_BOOT_LOADER_ARGS_OFFSET;
bootArgsAddr.QuadPart = BootArgsRegions[bootLoaderArgsIndex] + TC_BOOT_LOADER_ARGS_OFFSET;
Dump ("Checking BootArguments at 0x%x\n", bootArgsAddr.LowPart);
mappedBootArgs = MmMapIoSpace (bootArgsAddr, sizeof (BootArguments), MmCached);
@ -107,7 +108,7 @@ NTSTATUS LoadBootArguments ()
// Sanity check: for valid boot argument, the password is less than 64 bytes long
if (bootArguments->BootPassword.Length <= MAX_PASSWORD)
{
BootLoaderSegment = bootLoaderSegment;
BootLoaderArgsPtr = BootArgsRegions[bootLoaderArgsIndex];
BootArgs = *bootArguments;
BootArgsValid = TRUE;
@ -322,6 +323,8 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
char *header;
int pkcs5_prf = 0, pim = 0;
byte *mappedCryptoInfo = NULL;
PARTITION_INFORMATION_EX pi;
BOOL bIsGPT = FALSE;
Dump ("MountDrive pdo=%p\n", Extension->Pdo);
ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);
@ -372,11 +375,16 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
goto ret;
}
if (NT_SUCCESS(SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &pi, sizeof (pi))))
{
bIsGPT = (pi.PartitionStyle == PARTITION_STYLE_GPT)? TRUE : FALSE;
}
if (BootArgs.CryptoInfoLength > 0)
{
PHYSICAL_ADDRESS cryptoInfoAddress;
cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
cryptoInfoAddress.QuadPart = BootLoaderArgsPtr + BootArgs.CryptoInfoOffset;
#ifdef DEBUG
Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
#endif
@ -386,7 +394,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;
Hash* pHash = HashGet(pBootCryptoInfo->pkcs5);
if (pHash && pHash->SystemEncryption)
if (pHash && (bIsGPT || pHash->SystemEncryption))
pkcs5_prf = pBootCryptoInfo->pkcs5;
}
}