nihilist/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt synced 2024-11-24 12:03:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Windows: Implement Rescue Disk support for EFI system encryption

Browse Source
This commit is contained in:
Mounir IDRASSI 2016-08-14 23:01:26 +02:00
parent 71a38563ae
commit 2d72e42c6c
No known key found for this signature in database
GPG Key ID: DD0C382D5FCFB8FC
8 changed files with 633 additions and 289 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

623
src/Common/BootEncryption.cpp
View File

@ -29,6 +29,8 @@
#include "Registry.h"
#include "Volumes.h"
#include "Xml.h"
#include "XZip.h"
#include "XUnzip.h"
#ifdef VOLFORMAT
#include "Format/FormatCom.h"
@ -575,10 +577,17 @@ namespace VeraCrypt
LARGE_INTEGER lSize;
lSize.QuadPart = 0;
throw_sys_if (!GetFileSizeEx (Handle, &lSize));
size = (size_t) lSize.QuadPart;
size = (unsigned __int64) lSize.QuadPart;
}
}
void File::GetFileSize (DWORD& dwSize)
{
unsigned __int64 size64;
GetFileSize (size64);
dwSize = (DWORD) size64;
}
void File::Write (byte *buffer, DWORD size)
{
DWORD bytesWritten;
@ -682,6 +691,8 @@ namespace VeraCrypt
ParentWindow (parent),
RealSystemDriveSizeValid (false),
RescueIsoImage (nullptr),
RescueZipData (nullptr),
RescueZipSize (0),
RescueVolumeHeaderValid (false),
SelectedEncryptionAlgorithmId (0),
SelectedPrfAlgorithmId (0),
@ -701,7 +712,15 @@ namespace VeraCrypt
BootEncryption::~BootEncryption ()
{
if (RescueIsoImage)
{
burn (RescueIsoImage, RescueIsoImageSize);
delete[] RescueIsoImage;
}
if (RescueZipData)
{
burn (RescueZipData, RescueZipSize);
delete [] RescueZipData;
}
Elevator::Release();
}
@ -2515,6 +2534,10 @@ namespace VeraCrypt
byte *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker);
if (!LegacySpeakerImg)
throw ErrorException(L"Out of resource LegacySpeaker", SRC_POS);
DWORD sizeBootMenuLocker;
byte *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker);
if (!BootMenuLockerImg)
throw ErrorException(L"Out of resource DcsBml", SRC_POS);
finally_do ({ EfiBootInst.DismountBootPartition(); });
EfiBootInst.MountBootPartition(0);
@ -2530,6 +2553,7 @@ namespace VeraCrypt
EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsInt.dcs", dcsIntImg, sizeDcsInt);
EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsCfg.dcs", dcsCfgImg, sizeDcsCfg);
EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\LegacySpeaker.dcs", LegacySpeakerImg, sizeLegacySpeaker);
EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsBml.dcs", BootMenuLockerImg, sizeBootMenuLocker);
EfiBootInst.SetStartExec(L"VeraCrypt BootLoader (DcsBoot)", L"\\EFI\\VeraCrypt\\DcsBoot.efi");
// move configuration file from old location (if it exists) to new location
@ -2683,126 +2707,255 @@ namespace VeraCrypt
BootEncryptionStatus encStatus = GetStatus();
if (encStatus.SetupInProgress)
throw ParameterIncorrect (SRC_POS);
Buffer imageBuf (RescueIsoImageSize);
byte *image = imageBuf.Ptr();
memset (image, 0, RescueIsoImageSize);
// Primary volume descriptor
const char* szPrimVolDesc = "\001CD001\001";
const char* szPrimVolLabel = "VeraCrypt Rescue Disk ";
memcpy (image + 0x8000, szPrimVolDesc, strlen(szPrimVolDesc) + 1);
memcpy (image + 0x7fff + 41, szPrimVolLabel, strlen(szPrimVolLabel) + 1);
*(uint32 *) (image + 0x7fff + 81) = RescueIsoImageSize / 2048;
*(uint32 *) (image + 0x7fff + 85) = BE32 (RescueIsoImageSize / 2048);
image[0x7fff + 121] = 1;
image[0x7fff + 124] = 1;
image[0x7fff + 125] = 1;
image[0x7fff + 128] = 1;
image[0x7fff + 130] = 8;
image[0x7fff + 131] = 8;
image[0x7fff + 133] = 10;
image[0x7fff + 140] = 10;
image[0x7fff + 141] = 0x14;
image[0x7fff + 157] = 0x22;
image[0x7fff + 159] = 0x18;
// Boot record volume descriptor
const char* szBootRecDesc = "CD001\001EL TORITO SPECIFICATION";
memcpy (image + 0x8801, szBootRecDesc, strlen(szBootRecDesc) + 1);
image[0x8800 + 0x47] = 0x19;
// Volume descriptor set terminator
const char* szVolDescTerm = "\377CD001\001";
memcpy (image + 0x9000, szVolDescTerm, strlen(szVolDescTerm) + 1);
// Path table
image[0xA000 + 0] = 1;
image[0xA000 + 2] = 0x18;
image[0xA000 + 6] = 1;
// Root directory
image[0xc000 + 0] = 0x22;
image[0xc000 + 2] = 0x18;
image[0xc000 + 9] = 0x18;
image[0xc000 + 11] = 0x08;
image[0xc000 + 16] = 0x08;
image[0xc000 + 25] = 0x02;
image[0xc000 + 28] = 0x01;
image[0xc000 + 31] = 0x01;
image[0xc000 + 32] = 0x01;
image[0xc000 + 34] = 0x22;
image[0xc000 + 36] = 0x18;
image[0xc000 + 43] = 0x18;
image[0xc000 + 45] = 0x08;
image[0xc000 + 50] = 0x08;
image[0xc000 + 59] = 0x02;
image[0xc000 + 62] = 0x01;
*(uint32 *) (image + 0xc000 + 65) = 0x010101;
// Validation entry
image[0xc800] = 1;
int offset = 0xc800 + 0x1c;
image[offset++] = 0xaa;
image[offset++] = 0x55;
image[offset++] = 0x55;
image[offset] = 0xaa;
// Initial entry
offset = 0xc820;
image[offset++] = 0x88;
image[offset++] = 2;
image[0xc820 + 6] = 1;
image[0xc820 + 8] = TC_CD_BOOT_LOADER_SECTOR;
// TrueCrypt Boot Loader
CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, true);
// Volume header
if (initialSetup)
BOOL bIsGPT = GetSystemDriveConfiguration().SystemPartition.IsGPT;
if (bIsGPT)
{
if (!RescueVolumeHeaderValid)
// create EFI disk structure
DWORD sizeDcsBoot;
byte *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot);
if (!dcsBootImg)
throw ParameterIncorrect (SRC_POS);
DWORD sizeDcsInt;
byte *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt);
if (!dcsIntImg)
throw ParameterIncorrect (SRC_POS);
DWORD sizeDcsCfg;
byte *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg);
if (!dcsCfgImg)
throw ParameterIncorrect (SRC_POS);
DWORD sizeLegacySpeaker;
byte *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker);
if (!LegacySpeakerImg)
throw ParameterIncorrect (SRC_POS);
DWORD sizeBootMenuLocker;
byte *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker);
if (!BootMenuLockerImg)
throw ParameterIncorrect (SRC_POS);
DWORD sizeDcsRescue;
byte *DcsRescueImg = MapResource(L"BIN", IDR_EFI_DCSRE, &sizeDcsRescue);
if (!DcsRescueImg)
throw ParameterIncorrect (SRC_POS);
memcpy (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, RescueVolumeHeader, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
unsigned int maxRescueZipSize = 4 * 1024 * 1024;
ZRESULT res;
HZIP hz = CreateZip (0, maxRescueZipSize, ZIP_MEMORY);
if (!hz)
throw ParameterIncorrect (SRC_POS);
finally_do_arg (HZIP, hz, { CloseZip (finally_arg); });
if (ZR_OK != ZipAdd (hz, L"EFI/Boot/bootx64.efi", DcsRescueImg, sizeDcsRescue, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
if (ZR_OK !=ZipAdd (hz, L"EFI/VeraCrypt/DcsBml.dcs", BootMenuLockerImg, sizeBootMenuLocker, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
if (ZR_OK != ZipAdd (hz, L"EFI/VeraCrypt/DcsBoot.efi", dcsBootImg, sizeDcsBoot, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
if (ZR_OK != ZipAdd (hz, L"EFI/VeraCrypt/DcsCfg.dcs", dcsCfgImg, sizeDcsCfg, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
if (ZR_OK != ZipAdd (hz, L"EFI/VeraCrypt/DcsInt.dcs", dcsIntImg, sizeDcsInt, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
if (ZR_OK != ZipAdd (hz, L"EFI/VeraCrypt/LegacySpeaker.dcs", LegacySpeakerImg, sizeLegacySpeaker, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
Buffer volHeader(TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
// Volume header
if (initialSetup)
{
if (!RescueVolumeHeaderValid)
throw ParameterIncorrect (SRC_POS);
memcpy (volHeader.Ptr (), RescueVolumeHeader, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
}
else
{
Device bootDevice (GetSystemDriveConfiguration().DevicePath, true);
bootDevice.CheckOpened (SRC_POS);
bootDevice.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET);
bootDevice.Read (volHeader.Ptr (), TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
}
if (ZR_OK != ZipAdd (hz, L"EFI/VeraCrypt/svh_bak", volHeader.Ptr (), TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
// Original system loader
res = ZR_WRITE;
try
{
DWORD fileSize = 0;
File sysBakFile (GetSystemLoaderBackupPath(), true);
sysBakFile.CheckOpened (SRC_POS);
sysBakFile.GetFileSize(fileSize);
Buffer fileBuf ((DWORD) fileSize);
DWORD sizeLoader = sysBakFile.Read (fileBuf.Ptr (), fileSize);
res = ZipAdd (hz, L"EFI/Boot/original_bootx64.vc_backup", fileBuf.Ptr (), sizeLoader, ZIP_MEMORY);
}
catch (Exception &e)
{
e.Show (ParentWindow);
Warning ("SYS_LOADER_UNAVAILABLE_FOR_RESCUE_DISK", ParentWindow);
}
if (res != ZR_OK)
throw ParameterIncorrect (SRC_POS);
EfiBootConf conf;
wstring dcsPropFileName = GetTempPathString() + L"_dcsproprescue";
finally_do_arg (wstring, dcsPropFileName, { DeleteFileW (finally_arg.c_str()); });
if (conf.Save(dcsPropFileName.c_str(), ParentWindow))
{
DWORD fileSize = 0;
File propFile (dcsPropFileName, true, false);
propFile.CheckOpened (SRC_POS);
propFile.GetFileSize(fileSize);
Buffer propBuf (fileSize);
DWORD sizeDcsProp = propFile.Read (propBuf.Ptr (), fileSize);
if (ZR_OK != ZipAdd (hz, L"EFI/VeraCrypt/DcsProp", propBuf.Ptr (), sizeDcsProp, ZIP_MEMORY))
throw ParameterIncorrect (SRC_POS);
}
else
throw ParameterIncorrect (SRC_POS);
void* pZipContent = NULL;
unsigned long ulZipSize = 0;
if (ZR_OK != ZipGetMemory (hz, &pZipContent, &ulZipSize))
throw ParameterIncorrect (SRC_POS);
RescueZipData = new byte[ulZipSize];
if (!RescueZipData)
throw bad_alloc();
memcpy (RescueZipData, pZipContent, ulZipSize);
RescueZipSize = ulZipSize;
if (!isoImagePath.empty())
{
File isoFile (isoImagePath, false, true);
isoFile.Write (RescueZipData, RescueZipSize);
}
}
else
{
Device bootDevice (GetSystemDriveConfiguration().DevicePath, true);
bootDevice.CheckOpened (SRC_POS);
bootDevice.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET);
bootDevice.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
}
// Original system loader
try
{
File sysBakFile (GetSystemLoaderBackupPath(), true);
sysBakFile.CheckOpened (SRC_POS);
sysBakFile.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE);
image[TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER;
}
catch (Exception &e)
{
e.Show (ParentWindow);
Warning ("SYS_LOADER_UNAVAILABLE_FOR_RESCUE_DISK", ParentWindow);
}
Buffer imageBuf (RescueIsoImageSize);
// Boot loader backup
CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, false);
byte *image = imageBuf.Ptr();
memset (image, 0, RescueIsoImageSize);
RescueIsoImage = new byte[RescueIsoImageSize];
if (!RescueIsoImage)
throw bad_alloc();
memcpy (RescueIsoImage, image, RescueIsoImageSize);
// Primary volume descriptor
const char* szPrimVolDesc = "\001CD001\001";
const char* szPrimVolLabel = "VeraCrypt Rescue Disk ";
memcpy (image + 0x8000, szPrimVolDesc, strlen(szPrimVolDesc) + 1);
memcpy (image + 0x7fff + 41, szPrimVolLabel, strlen(szPrimVolLabel) + 1);
*(uint32 *) (image + 0x7fff + 81) = RescueIsoImageSize / 2048;
*(uint32 *) (image + 0x7fff + 85) = BE32 (RescueIsoImageSize / 2048);
image[0x7fff + 121] = 1;
image[0x7fff + 124] = 1;
image[0x7fff + 125] = 1;
image[0x7fff + 128] = 1;
image[0x7fff + 130] = 8;
image[0x7fff + 131] = 8;
if (!isoImagePath.empty())
{
File isoFile (isoImagePath, false, true);
isoFile.Write (image, RescueIsoImageSize);
image[0x7fff + 133] = 10;
image[0x7fff + 140] = 10;
image[0x7fff + 141] = 0x14;
image[0x7fff + 157] = 0x22;
image[0x7fff + 159] = 0x18;
// Boot record volume descriptor
const char* szBootRecDesc = "CD001\001EL TORITO SPECIFICATION";
memcpy (image + 0x8801, szBootRecDesc, strlen(szBootRecDesc) + 1);
image[0x8800 + 0x47] = 0x19;
// Volume descriptor set terminator
const char* szVolDescTerm = "\377CD001\001";
memcpy (image + 0x9000, szVolDescTerm, strlen(szVolDescTerm) + 1);
// Path table
image[0xA000 + 0] = 1;
image[0xA000 + 2] = 0x18;
image[0xA000 + 6] = 1;
// Root directory
image[0xc000 + 0] = 0x22;
image[0xc000 + 2] = 0x18;
image[0xc000 + 9] = 0x18;
image[0xc000 + 11] = 0x08;
image[0xc000 + 16] = 0x08;
image[0xc000 + 25] = 0x02;
image[0xc000 + 28] = 0x01;
image[0xc000 + 31] = 0x01;
image[0xc000 + 32] = 0x01;
image[0xc000 + 34] = 0x22;
image[0xc000 + 36] = 0x18;
image[0xc000 + 43] = 0x18;
image[0xc000 + 45] = 0x08;
image[0xc000 + 50] = 0x08;
image[0xc000 + 59] = 0x02;
image[0xc000 + 62] = 0x01;
*(uint32 *) (image + 0xc000 + 65) = 0x010101;
// Validation entry
image[0xc800] = 1;
int offset = 0xc800 + 0x1c;
image[offset++] = 0xaa;
image[offset++] = 0x55;
image[offset++] = 0x55;
image[offset] = 0xaa;
// Initial entry
offset = 0xc820;
image[offset++] = 0x88;
image[offset++] = 2;
image[0xc820 + 6] = 1;
image[0xc820 + 8] = TC_CD_BOOT_LOADER_SECTOR;
// TrueCrypt Boot Loader
CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, true);
// Volume header
if (initialSetup)
{
if (!RescueVolumeHeaderValid)
throw ParameterIncorrect (SRC_POS);
memcpy (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, RescueVolumeHeader, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
}
else
{
Device bootDevice (GetSystemDriveConfiguration().DevicePath, true);
bootDevice.CheckOpened (SRC_POS);
bootDevice.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET);
bootDevice.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
}
// Original system loader
try
{
File sysBakFile (GetSystemLoaderBackupPath(), true);
sysBakFile.CheckOpened (SRC_POS);
sysBakFile.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE);
image[TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER;
}
catch (Exception &e)
{
e.Show (ParentWindow);
Warning ("SYS_LOADER_UNAVAILABLE_FOR_RESCUE_DISK", ParentWindow);
}
// Boot loader backup
CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, false);
RescueIsoImage = new byte[RescueIsoImageSize];
if (!RescueIsoImage)
throw bad_alloc();
memcpy (RescueIsoImage, image, RescueIsoImageSize);
if (!isoImagePath.empty())
{
File isoFile (isoImagePath, false, true);
isoFile.Write (image, RescueIsoImageSize);
}
}
}
#endif
@ -2827,61 +2980,240 @@ namespace VeraCrypt
bool BootEncryption::VerifyRescueDisk ()
{
if (!RescueIsoImage)
BOOL bIsGPT = GetSystemDriveConfiguration().SystemPartition.IsGPT;
if ((bIsGPT && !RescueZipData) || (!bIsGPT && !RescueIsoImage))
throw ParameterIncorrect (SRC_POS);
for (WCHAR drive = L'Z'; drive >= L'C'; --drive)
if (bIsGPT)
{
try
const wchar_t* efiFiles[] = {
L"EFI/Boot/bootx64.efi",
L"EFI/VeraCrypt/DcsBml.dcs",
L"EFI/VeraCrypt/DcsBoot.efi",
L"EFI/VeraCrypt/DcsCfg.dcs",
L"EFI/VeraCrypt/DcsInt.dcs",
L"EFI/VeraCrypt/LegacySpeaker.dcs",
L"EFI/VeraCrypt/svh_bak",
L"EFI/Boot/original_bootx64.vc_backup"
};
ZRESULT res;
HZIP hz = OpenZip(RescueZipData, RescueZipSize, ZIP_MEMORY);
if (!hz)
throw ParameterIncorrect (SRC_POS);
finally_do_arg (HZIP, hz, { CloseZip (finally_arg); });
for (WCHAR drive = L'Z'; drive >= L'C'; --drive)
{
WCHAR rootPath[4] = { drive, L':', L'\\', 0};
UINT driveType = GetDriveType (rootPath);
// check that it is a CD/DVD drive or a removable media in case a bootable
// USB key was created from the rescue disk ISO file
if ((DRIVE_CDROM == driveType) || (DRIVE_REMOVABLE == driveType))
try
{
rootPath[2] = 0; // remove trailing backslash
WCHAR rootPath[4] = { drive, L':', L'\\', 0};
UINT driveType = GetDriveType (rootPath);
if (DRIVE_REMOVABLE == driveType)
{
// check if it is FAT/FAT32
WCHAR szNameBuffer[TC_MAX_PATH];
if (GetVolumeInformationW (rootPath, NULL, 0, NULL, NULL, NULL, szNameBuffer, ARRAYSIZE(szNameBuffer))
&& !wcsncmp (szNameBuffer, L"FAT", 3))
{
int index, i;
ZIPENTRYW ze;
for (i = 0; i < ARRAYSIZE(efiFiles); i++)
{
bool bMatch = false;
res = FindZipItemW (hz, efiFiles[i], true, &index, &ze);
if ((res == ZR_OK) && (index >= 0))
{
// check that the file exists on the disk and that it has the same content
StringCbCopyW (szNameBuffer, sizeof (szNameBuffer), rootPath);
StringCbCatW (szNameBuffer, sizeof (szNameBuffer), efiFiles[i]);
Device driveDevice (rootPath, true);
driveDevice.CheckOpened (SRC_POS);
size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048;
Buffer buffer ((verifiedSectorCount + 1) * 2048);
try
{
DWORD dwSize = 0;
File diskFile (szNameBuffer, true);
diskFile.CheckOpened (SRC_POS);
diskFile.GetFileSize (dwSize);
if (dwSize == (DWORD) ze.unc_size)
{
Buffer fileBuf (dwSize);
if (dwSize == diskFile.Read (fileBuf.Ptr (), dwSize))
{
Buffer efiBuf (dwSize);
res = UnzipItem (hz, ze.index, efiBuf.Ptr (), dwSize, ZIP_MEMORY);
if (res == ZR_OK)
{
bMatch = (memcmp (efiBuf.Ptr(), fileBuf.Ptr(), dwSize) == 0);
}
}
}
}
catch (...)
{
}
DWORD bytesRead = driveDevice.Read (buffer.Ptr(), (DWORD) buffer.Size());
if (bytesRead != buffer.Size())
continue;
}
else
{
// entry not found in our Rescue ZIP image. Skip it.
bMatch = true;
}
if (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0)
return true;
if (!bMatch)
break;
}
if (i == ARRAYSIZE(efiFiles))
{
// All entries processed
return true;
}
}
}
}
catch (...) { }
}
}
else
{
size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048;
Buffer buffer ((verifiedSectorCount + 1) * 2048);
for (WCHAR drive = L'Z'; drive >= L'C'; --drive)
{
try
{
WCHAR rootPath[4] = { drive, L':', L'\\', 0};
UINT driveType = GetDriveType (rootPath);
// check that it is a CD/DVD drive or a removable media in case a bootable
// USB key was created from the rescue disk ISO file
if ((DRIVE_CDROM == driveType) || (DRIVE_REMOVABLE == driveType))
{
rootPath[2] = 0; // remove trailing backslash
Device driveDevice (rootPath, true);
driveDevice.CheckOpened (SRC_POS);
DWORD bytesRead = driveDevice.Read (buffer.Ptr(), (DWORD) buffer.Size());
if (bytesRead != buffer.Size())
continue;
if (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0)
return true;
}
}
catch (...) { }
}
catch (...) { }
}
return false;
}
bool BootEncryption::VerifyRescueDiskIsoImage (const wchar_t* imageFile)
bool BootEncryption::VerifyRescueDiskImage (const wchar_t* imageFile)
{
if (!RescueIsoImage)
BOOL bIsGPT = GetSystemDriveConfiguration().SystemPartition.IsGPT;
if ((bIsGPT && !RescueZipData) || (!bIsGPT && !RescueIsoImage))
throw ParameterIncorrect (SRC_POS);
try
if (bIsGPT)
{
File isoFile (imageFile, true);
isoFile.CheckOpened (SRC_POS);
size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048;
Buffer buffer ((verifiedSectorCount + 1) * 2048);
DWORD bytesRead = isoFile.Read (buffer.Ptr(), (DWORD) buffer.Size());
if ( (bytesRead == buffer.Size())
&& (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0)
)
try
{
return true;
DWORD dwSize = 0;
File rescueFile (imageFile, true);
rescueFile.CheckOpened (SRC_POS);
rescueFile.GetFileSize (dwSize);
Buffer rescueData (dwSize);
if (dwSize == rescueFile.Read (rescueData.Ptr (), dwSize))
{
ZRESULT res;
HZIP hzFile = OpenZip(rescueData.Ptr (), dwSize, ZIP_MEMORY);
if (hzFile)
{
finally_do_arg (HZIP, hzFile, { CloseZip (finally_arg); });
HZIP hzMem = OpenZip(RescueZipData, RescueZipSize, ZIP_MEMORY);
if (hzMem)
{
finally_do_arg (HZIP, hzMem, { CloseZip (finally_arg); });
const wchar_t* efiFiles[] = {
L"EFI/Boot/bootx64.efi",
L"EFI/VeraCrypt/DcsBml.dcs",
L"EFI/VeraCrypt/DcsBoot.efi",
L"EFI/VeraCrypt/DcsCfg.dcs",
L"EFI/VeraCrypt/DcsInt.dcs",
L"EFI/VeraCrypt/LegacySpeaker.dcs",
L"EFI/VeraCrypt/svh_bak",
L"EFI/Boot/original_bootx64.vc_backup"
};
int index, i;
ZIPENTRYW zeFile, zeMem;
for (i = 0; i < ARRAYSIZE(efiFiles); i++)
{
bool bMatch = false;
res = FindZipItemW (hzMem, efiFiles[i], true, &index, &zeMem);
if ((res == ZR_OK) && (index >= 0))
{
res = FindZipItemW (hzFile, efiFiles[i], true, &index, &zeFile);
if ((res == ZR_OK) && (index >= 0) && (zeMem.unc_size == zeFile.unc_size))
{
Buffer fileBuf (zeFile.unc_size);
Buffer memBuf (zeFile.unc_size);
res = UnzipItem (hzMem, zeMem.index, memBuf.Ptr (), zeMem.unc_size, ZIP_MEMORY);
if (res == ZR_OK)
{
res = UnzipItem (hzFile, zeFile.index, fileBuf.Ptr (), zeFile.unc_size, ZIP_MEMORY);
if (res == ZR_OK)
{
bMatch = (memcmp (memBuf.Ptr (), fileBuf.Ptr (), zeMem.unc_size) == 0);
}
}
}
}
else
{
// entry not found in our internal Rescue ZIP image. Skip it.
bMatch = true;
}
if (!bMatch)
break;
}
if (i == ARRAYSIZE(efiFiles))
{
// All entries processed
return true;
}
}
}
}
}
catch (...) { }
}
else
{
try
{
File rescueFile (imageFile, true);
rescueFile.CheckOpened (SRC_POS);
size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048;
Buffer buffer ((verifiedSectorCount + 1) * 2048);
DWORD bytesRead = rescueFile.Read (buffer.Ptr(), (DWORD) buffer.Size());
if ( (bytesRead == buffer.Size())
&& (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0)
)
{
return true;
}
}
catch (...) { }
}
catch (...) { }
return false;
}
@ -3063,6 +3395,7 @@ namespace VeraCrypt
EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsInt.dcs");
EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsCfg.dcs");
EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\LegacySpeaker.dcs");
EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsBml.dcs");
EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsBoot");
EfiBootInst.DelFile(L"\\EFI\\VeraCrypt\\DcsProp");
}

5
src/Common/BootEncryption.h
View File

@ -46,6 +46,7 @@ namespace VeraCrypt
void Write (byte *buffer, DWORD size);
void SeekAt (int64 position);
void GetFileSize (unsigned __int64& size);
void GetFileSize (DWORD& dwSize);
bool IoCtl(DWORD code, void* inBuf, DWORD inBufSize, void* outBuf, DWORD outBufSize);
protected:
@ -277,7 +278,7 @@ namespace VeraCrypt
bool SystemPartitionCoversWholeDrive ();
bool SystemDriveIsDynamic ();
bool VerifyRescueDisk ();
bool VerifyRescueDiskIsoImage (const wchar_t* imageFile);
bool VerifyRescueDiskImage (const wchar_t* imageFile);
void WipeHiddenOSCreationConfig ();
void WriteBootDriveSector (uint64 offset, byte *data);
void WriteBootSectorConfig (const byte newConfig[]);
@ -308,6 +309,8 @@ namespace VeraCrypt
int SelectedPrfAlgorithmId;
Partition HiddenOSCandidatePartition;
byte *RescueIsoImage;
byte *RescueZipData;
unsigned long RescueZipSize;
byte RescueVolumeHeader[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE];
byte VolumeHeader[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE];
bool DriveConfigValid;

2
src/Common/Common.rc
View File

@ -536,6 +536,8 @@ IDR_EFI_DCSBOOT BIN "..\\Boot\\EFI\\DcsBoot.efi"
IDR_EFI_DCSINT BIN "..\\Boot\\EFI\\DcsInt.efi"
IDR_EFI_DCSCFG BIN "..\\Boot\\EFI\\DcsCfg.efi"
IDR_EFI_LEGACYSPEAKER BIN "..\\Boot\\EFI\\LegacySpeaker.efi"
IDR_EFI_DCSBML BIN "..\\Boot\\EFI\\DcsBml.efi"
IDR_EFI_DCSRE BIN "..\\Boot\\EFI\\DcsRe.efi"
/////////////////////////////////////////////////////////////////////////////
//

17
src/Common/Language.xml
View File

@ -261,7 +261,7 @@
<control lang="en" key="IDM_UNMOUNTALL">Dismount All Mounted Volumes</control>
<control lang="en" key="IDM_UNMOUNT_VOLUME">Dismount Volume</control>
<control lang="en" key="IDM_VERIFY_RESCUE_DISK">Verify Rescue Disk</control>
<control lang="en" key="IDM_VERIFY_RESCUE_DISK_ISO">Verify Rescue Disk ISO Image</control>
<control lang="en" key="IDM_VERIFY_RESCUE_DISK_ISO">Verify Rescue Disk Image</control>
<control lang="en" key="IDM_VERSION_HISTORY">Version History</control>
<control lang="en" key="IDM_VOLUME_EXPANDER">Volume Expander</control>
<control lang="en" key="IDM_VOLUME_PROPERTIES">Volume Properties</control>
@ -962,14 +962,14 @@
<string lang="en" key="VOLUME_HAS_NO_BACKUP_HEADER">There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers).</string>
<string lang="en" key="BACKUP_HEADER_NOT_FOR_SYS_DEVICE">You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk?</string>
<string lang="en" key="RESTORE_HEADER_NOT_FOR_SYS_DEVICE">You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk?</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CREATION_SELECT_PATH">After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it.</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CREATION_SELECT_PATH">After you click OK, you will select a filename for the new VeraCrypt Rescue Disk image and the location where you wish to place it.</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CREATION_BURN">The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned.</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN">The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned.</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CHECK_INSERT">Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it.</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CHECK_INSERT">Please insert your VeraCrypt Rescue Disk and click OK to verify it.</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CHECK_PASSED">The VeraCrypt Rescue Disk has been successfully verified.</string>
<string lang="en" key="RESCUE_DISK_NON_WIZARD_CHECK_FAILED">Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'.</string>
<string lang="en" key="RESCUE_DISK_ISO_IMAGE_CHECK_PASSED">The VeraCrypt Rescue Disk ISO image has been successfully verified.</string>
<string lang="en" key="RESCUE_DISK_ISO_IMAGE_CHECK_FAILED">The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'.</string>
<string lang="en" key="RESCUE_DISK_ISO_IMAGE_CHECK_PASSED">The VeraCrypt Rescue Disk image has been successfully verified.</string>
<string lang="en" key="RESCUE_DISK_ISO_IMAGE_CHECK_FAILED">The Rescue Disk image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk image created for a different master key, password, salt, etc., please note that such Rescue Disk image will always fail this verification. To create a new Rescue Disk image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'.</string>
<string lang="en" key="ERROR_CREATING_RESCUE_DISK">Error creating VeraCrypt Rescue Disk.</string>
<string lang="en" key="CANNOT_CREATE_RESCUE_DISK_ON_HIDDEN_OS">VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'.</string>
<string lang="en" key="RESCUE_DISK_CHECK_FAILED">Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk.</string>
@ -1406,6 +1406,13 @@
<string lang="en" key="TIME">Time</string>
<string lang="en" key="ITERATIONS">Iterations</string>
<string lang="en" key="PRE-BOOT">Pre-Boot</string>
<string lang="en" key="RESCUE_DISK_EFI_INFO">Before you can encrypt the partition, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition before Windows starts.\n\n- The VRD will contain a backup of the present EFI boot loader and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ZIP image will be created in the location specified below.</string>
<string lang="en" key="RESCUE_DISK_EFI_EXTRACT_INFO">The Rescue Disk ZIP image has been created and stored in this file:\n%s\n\nNow you need to extract it to a USB stick that is formatted as FAT/FAT32.\n\n%lsAfter you create the Rescue Disk, click Next to verify that it has been correctly created.</string>
<string lang="en" key="RESCUE_DISK_EFI_EXTRACT_INFO_NO_CHECK">The Rescue Disk ZIP image has been created and stored in this file:\n%s\n\nNow you should either extract the image to a USB stick that is formatted as FAT/FAT32 or move it to a safe location for later use.\n\n%lsClick Next to continue.</string>
<string lang="en" key="RESCUE_DISK_EFI_EXTRACT_INFO_NOTE">IMPORTANT: Note that the zip file must be extracted directly to the root of the USB stick. For example, if the drive letter of the USB stick is E: then extracting the zip file should create a folder E:\\EFI on the USB stick.\n\n</string>
<string lang="en" key="RESCUE_DISK_EFI_CHECK_FAILED">Cannot verify that the Rescue Disk has been correctly extracted.\n\nIf you have extracted the Rescue Disk, please eject and reinsert the USB stick; then click Next to try again. If this does not help, please try another USB stick and/or another ZIP software.\n\nIf you have not extracted the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to extract the newly generated Rescue Disk ZIP image.</string>
<string lang="en" key="RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED">Cannot verify that the Rescue Disk has been correctly extracted.\n\nIf you have extracted the Rescue Disk image to a USB stick, please eject it and reinsert it; then try again. If this does not help, please try other ZIP software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'.</string>
<string lang="en" key="RESCUE_DISK_EFI_NON_WIZARD_CREATION">The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to extract the Rescue Disk image to a USB stick that is formatted as FAT/FAT32.\n\nIMPORTANT: Note that the zip file must be extracted directly to the root of the USB stick. For example, if the drive letter of the USB stick is E: then extracting the zip file should create a folder E:\\EFI on the USB stick.\n\nAfter you create the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly created.</string>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">

4
src/Common/Resource.h
View File

@ -71,6 +71,8 @@
#define IDR_EFI_DCSINT 567
#define IDR_EFI_DCSCFG 568
#define IDR_EFI_LEGACYSPEAKER 569
#define IDR_EFI_DCSBML 570
#define IDR_EFI_DCSRE 571
#define IDC_HW_AES_LABEL_LINK 5000
#define IDC_HW_AES 5001
#define IDC_PARALLELIZATION_LABEL_LINK 5002
@ -218,7 +220,7 @@
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 570
#define _APS_NEXT_RESOURCE_VALUE 572
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 5141
#define _APS_NEXT_SYMED_VALUE 101

148
src/Format/Tcformat.c
View File

@ -255,6 +255,8 @@ BOOL bOperationSuccess = FALSE;
BOOL bGuiMode = TRUE;
BOOL bSystemIsGPT = FALSE;
int nPbar = 0; /* Control ID of progress bar:- for format code */
wchar_t HeaderKeyGUIView [KEY_GUI_VIEW_SIZE];
@ -4060,9 +4062,6 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
int ea, hid;
wchar_t buf[100];
BOOL bIsGPT = FALSE;
if (SysEncInEffect ())
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
// Encryption algorithms
@ -4075,7 +4074,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
{
if (EAIsFormatEnabled (ea) && (!SysEncInEffect () || bIsGPT || EAIsMbrSysEncEnabled (ea)))
if (EAIsFormatEnabled (ea) && (!SysEncInEffect () || bSystemIsGPT || EAIsMbrSysEncEnabled (ea)))
AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX), EAGetName (buf, ea, 1), ea);
}
@ -4089,13 +4088,13 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (SysEncInEffect ())
{
hash_algo = bIsGPT? SHA512 : DEFAULT_HASH_ALGORITHM_BOOT;
hash_algo = bSystemIsGPT? SHA512 : DEFAULT_HASH_ALGORITHM_BOOT;
RandSetHashFunction (hash_algo);
for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)
{
// For now, we keep RIPEMD160 for system encryption
if (((hid == RIPEMD160) || !HashIsDeprecated (hid)) && (bIsGPT || HashForSystemEncryption (hid)))
if (((hid == RIPEMD160) || !HashIsDeprecated (hid)) && (bSystemIsGPT || HashForSystemEncryption (hid)))
AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid);
}
}
@ -4485,18 +4484,11 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("RESCUE_DISK"));
SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_INFO), GetString ("RESCUE_DISK_INFO"));
SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_INFO), bSystemIsGPT? GetString ("RESCUE_DISK_EFI_INFO"): GetString ("RESCUE_DISK_INFO"));
SetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO);
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1));
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
// For now, disable verification of Rescue Disk for GPT system encryption
{
SystemDriveConfiguration config = BootEncObj->GetSystemDriveConfiguration();
bDontVerifyRescueDisk = config.SystemPartition.IsGPT;
SetCheckBox (hCurPage, IDC_SKIP_RESCUE_VERIFICATION, bDontVerifyRescueDisk);
EnableWindow(GetDlgItem (hwndDlg, IDC_SKIP_RESCUE_VERIFICATION), !config.SystemPartition.IsGPT);
}
break;
case SYSENC_RESCUE_DISK_BURN_PAGE:
@ -4507,10 +4499,19 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
StringCbPrintfW (szTmp, sizeof szTmp,
GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_BURN_INFO_NO_CHECK" : "RESCUE_DISK_BURN_INFO"),
szRescueDiskISO, IsWindowsIsoBurnerAvailable() ? L"" : GetString ("RESCUE_DISK_BURN_INFO_NONWIN_ISO_BURNER"));
if (bSystemIsGPT)
{
StringCbPrintfW (szTmp, sizeof szTmp,
GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_EFI_EXTRACT_INFO_NO_CHECK" : "RESCUE_DISK_EFI_EXTRACT_INFO"),
szRescueDiskISO, GetString ("RESCUE_DISK_EFI_EXTRACT_INFO_NOTE"));
}
else
{
StringCbPrintfW (szTmp, sizeof szTmp,
GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_BURN_INFO_NO_CHECK" : "RESCUE_DISK_BURN_INFO"),
szRescueDiskISO, IsWindowsIsoBurnerAvailable() ? L"" : GetString ("RESCUE_DISK_BURN_INFO_NONWIN_ISO_BURNER"));
}
SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_BURN_INFO), szTmp);
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
@ -4519,14 +4520,21 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
would be confusion and bug reports). */
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE);
if (IsWindowsIsoBurnerAvailable())
SetWindowTextW (GetDlgItem (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE), GetString ("LAUNCH_WIN_ISOBURN"));
if (bSystemIsGPT)
{
ShowWindow (GetDlgItem (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE), SW_HIDE);
}
else
{
if (IsWindowsIsoBurnerAvailable())
SetWindowTextW (GetDlgItem (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE), GetString ("LAUNCH_WIN_ISOBURN"));
ToHyperlink (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE);
ToHyperlink (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE);
if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk)
LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO);
}
if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk)
LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO);
}
}
break;
case SYSENC_RESCUE_DISK_VERIFIED_PAGE:
@ -5477,20 +5485,13 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (lw == IDC_BENCHMARK && nCurPageNo == CIPHER_PAGE)
{
BOOL bIsGPT = FALSE;
try
{
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...) {}
// Reduce CPU load
bFastPollEnabled = FALSE;
bRandmixEnabled = FALSE;
DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg,
(DLGPROC) BenchmarkDlgProc, (LPARAM) bIsGPT);
(DLGPROC) BenchmarkDlgProc, (LPARAM) bSystemIsGPT);
bFastPollEnabled = TRUE;
bRandmixEnabled = TRUE;
@ -5838,8 +5839,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
HWND hHashAlgoItem = GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO);
int selectedAlgo = (int) SendMessage (hHashAlgoItem, CB_GETITEMDATA, SendMessage (hHashAlgoItem, CB_GETCURSEL, 0, 0), 0);
BOOL bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
if (!bIsGPT && !HashForSystemEncryption(selectedAlgo))
if (!bSystemIsGPT && !HashForSystemEncryption(selectedAlgo))
{
hash_algo = DEFAULT_HASH_ALGORITHM_BOOT;
RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT);
@ -6027,6 +6027,14 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
return 0;
}
try
{
bSystemIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...)
{
}
SendMessageW (GetDlgItem (hwndDlg, IDC_BOX_TITLE), WM_SETFONT, (WPARAM) hTitleFont, (LPARAM) TRUE);
SetWindowTextW (hwndDlg, lpszTitle);
@ -6208,7 +6216,10 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
}
SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, szRescueDiskISO);
StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.iso");
if (bSystemIsGPT)
StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.zip");
else
StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.iso");
if (IsOSAtLeast (WIN_VISTA))
{
@ -7378,11 +7389,10 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
else if (nCurPageNo == CIPHER_PAGE)
{
LPARAM nIndex;
BOOL bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0);
nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0);
if (!bIsGPT && SysEncInEffect ()
if (!bSystemIsGPT && SysEncInEffect ()
&& EAGetCipherCount (nVolumeEA) > 1) // Cascade?
{
if (AskWarnNoYes ("CONFIRM_CASCADE_FOR_SYS_ENCRYPTION", hwndDlg) == IDNO)
@ -7966,40 +7976,43 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
return 1;
}
retryCDDriveCheck:
if (!bDontVerifyRescueDisk && !BootEncObj->IsCDRecorderPresent())
if (!bSystemIsGPT)
{
char *multiChoiceStr[] = { 0, "CD_BURNER_NOT_PRESENT",
"CD_BURNER_NOT_PRESENT_WILL_STORE_ISO",
"CD_BURNER_NOT_PRESENT_WILL_CONNECT_LATER",
"CD_BURNER_NOT_PRESENT_CONNECTED_NOW",
0 };
switch (AskMultiChoice ((void **) multiChoiceStr, FALSE, hwndDlg))
retryCDDriveCheck:
if (!bDontVerifyRescueDisk && !BootEncObj->IsCDRecorderPresent())
{
case 1:
wchar_t msg[8192];
StringCchPrintfW (msg, array_capacity (msg), GetString ("CD_BURNER_NOT_PRESENT_WILL_STORE_ISO_INFO"), szRescueDiskISO);
WarningDirect (msg, hwndDlg);
char *multiChoiceStr[] = { 0, "CD_BURNER_NOT_PRESENT",
"CD_BURNER_NOT_PRESENT_WILL_STORE_ISO",
"CD_BURNER_NOT_PRESENT_WILL_CONNECT_LATER",
"CD_BURNER_NOT_PRESENT_CONNECTED_NOW",
0 };
Warning ("RESCUE_DISK_BURN_NO_CHECK_WARN", hwndDlg);
bDontVerifyRescueDisk = TRUE;
nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE;
break;
switch (AskMultiChoice ((void **) multiChoiceStr, FALSE, hwndDlg))
{
case 1:
wchar_t msg[8192];
StringCchPrintfW (msg, array_capacity (msg), GetString ("CD_BURNER_NOT_PRESENT_WILL_STORE_ISO_INFO"), szRescueDiskISO);
WarningDirect (msg, hwndDlg);
case 2:
AbortProcessSilent();
Warning ("RESCUE_DISK_BURN_NO_CHECK_WARN", hwndDlg);
bDontVerifyRescueDisk = TRUE;
nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE;
break;
case 3:
break;
case 2:
AbortProcessSilent();
default:
goto retryCDDriveCheck;
case 3:
break;
default:
goto retryCDDriveCheck;
}
}
}
if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk)
Info ("RESCUE_DISK_WIN_ISOBURN_PRELAUNCH_NOTE", hwndDlg);
if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk)
Info ("RESCUE_DISK_WIN_ISOBURN_PRELAUNCH_NOTE", hwndDlg);
}
NormalCursor ();
}
@ -8017,8 +8030,15 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
wchar_t szTmp[8000];
StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("RESCUE_DISK_CHECK_FAILED"),
IsWindowsIsoBurnerAvailable () ? L"" : GetString ("RESCUE_DISK_CHECK_FAILED_SENTENCE_APPENDIX"));
if (bSystemIsGPT)
{
StringCbCopyW (szTmp, sizeof(szTmp), GetString ("RESCUE_DISK_EFI_CHECK_FAILED"));
}
else
{
StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("RESCUE_DISK_CHECK_FAILED"),
IsWindowsIsoBurnerAvailable () ? L"" : GetString ("RESCUE_DISK_CHECK_FAILED_SENTENCE_APPENDIX"));
}
ErrorDirect (szTmp, hwndDlg);

121
src/Mount/Mount.c
View File

@ -121,6 +121,10 @@ BOOL ComServerMode = FALSE;
BOOL ServiceMode = FALSE;
BOOL UsePreferences = TRUE;
BOOL bSystemIsGPT = FALSE;
wchar_t szDefaultRescueDiskName[TC_MAX_PATH+1];
wchar_t szRescueDiskExtension[4];
int HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE;
int MaxVolumeIdleTime = -120;
int nCurrentShowType = 0; /* current display mode, mount, unmount etc */
@ -347,23 +351,10 @@ static void InitMainDialog (HWND hwndDlg)
}
{
BOOL bIsGPT = FALSE;
try
{
SystemDriveConfiguration config = BootEncObj->GetSystemDriveConfiguration();
bIsGPT = config.SystemPartition.IsGPT;
}
catch (Exception &)
{
}
// disable rescue disk operation for GPT system encryption
if (bIsGPT)
// disable hidden OS creation for GPT system encryption
if (bSystemIsGPT)
{
EnableMenuItem (GetMenu (hwndDlg), IDM_CREATE_HIDDEN_OS, MF_GRAYED);
EnableMenuItem (GetMenu (hwndDlg), IDM_CREATE_RESCUE_DISK, MF_GRAYED);
EnableMenuItem (GetMenu (hwndDlg), IDM_VERIFY_RESCUE_DISK, MF_GRAYED);
EnableMenuItem (GetMenu (hwndDlg), IDM_VERIFY_RESCUE_DISK_ISO, MF_GRAYED);
}
}
@ -1134,7 +1125,7 @@ static void PopulateSysEncContextMenu (HMENU popup, BOOL bToolsOnly)
AppendMenu (popup, MF_SEPARATOR, 0, L"");
AppendMenuW (popup, MF_STRING, IDM_SYS_ENC_SETTINGS, GetString ("IDM_SYS_ENC_SETTINGS"));
if (!IsHiddenOSRunning() && !config.SystemPartition.IsGPT)
if (!IsHiddenOSRunning())
{
AppendMenu (popup, MF_SEPARATOR, 0, L"");
AppendMenuW (popup, MF_STRING, IDM_CREATE_RESCUE_DISK, GetString ("IDM_CREATE_RESCUE_DISK"));
@ -2460,14 +2451,8 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
{
int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
BOOL bIsGPT = FALSE;
try
{
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...) {}
if (new_hash_algo_id != 0 && !bIsGPT && !HashForSystemEncryption(new_hash_algo_id))
if (new_hash_algo_id != 0 && !bSystemIsGPT && !HashForSystemEncryption(new_hash_algo_id))
{
int new_hash_algo_id = DEFAULT_HASH_ALGORITHM_BOOT;
Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg);
@ -2799,16 +2784,9 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
int i, defaultPrfIndex = 0, nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
BOOL bIsGPT = FALSE;
try
{
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...) {}
for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
{
if (bIsGPT || HashForSystemEncryption(i))
if (bSystemIsGPT || HashForSystemEncryption(i))
{
nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
@ -5829,7 +5807,7 @@ void CreateRescueDisk (HWND hwndDlg)
wchar_t initialDir[MAX_PATH];
SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir);
if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso"))
if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, szDefaultRescueDiskName, szRescueDiskExtension))
{
CloseSysEncMutex ();
return;
@ -5838,17 +5816,25 @@ void CreateRescueDisk (HWND hwndDlg)
WaitCursor();
BootEncObj->CreateRescueIsoImage (false, szRescueDiskISO);
StringCbPrintfW (szTmp, sizeof szTmp,
GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"),
szRescueDiskISO);
if (IsWindowsIsoBurnerAvailable())
if (bSystemIsGPT)
{
if (AskYesNoString (szTmp, hwndDlg) == IDYES)
LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO);
StringCbPrintfW (szTmp, sizeof szTmp, GetString ("RESCUE_DISK_EFI_NON_WIZARD_CREATION"), szRescueDiskISO);
InfoDirect (szTmp, hwndDlg);
}
else
InfoDirect (szTmp, hwndDlg);
{
StringCbPrintfW (szTmp, sizeof szTmp,
GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"),
szRescueDiskISO);
if (IsWindowsIsoBurnerAvailable())
{
if (AskYesNoString (szTmp, hwndDlg) == IDYES)
LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO);
}
else
InfoDirect (szTmp, hwndDlg);
}
}
catch (Exception &e)
{
@ -5863,7 +5849,7 @@ void CreateRescueDisk (HWND hwndDlg)
Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg);
}
static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
static void VerifyRescueDisk (HWND hwndDlg, bool checkImageFile)
{
try
{
@ -5894,7 +5880,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
{
try
{
if (!checkIsoFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK))
if (!checkImageFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK))
{
CloseSysEncMutex ();
return;
@ -5904,20 +5890,20 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
BootEncObj->CreateRescueIsoImage (false, L"");
if (checkIsoFile)
if (checkImageFile)
{
wchar_t szRescueDiskISO [TC_MAX_PATH+1];
wchar_t szRescueDiskImage [TC_MAX_PATH+1];
wchar_t initialDir[MAX_PATH];
SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir);
if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, FALSE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso"))
if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskImage, FALSE, FALSE, NULL,szDefaultRescueDiskName, szRescueDiskExtension))
{
CloseSysEncMutex ();
return;
}
WaitCursor();
if (!BootEncObj->VerifyRescueDiskIsoImage (szRescueDiskISO))
if (!BootEncObj->VerifyRescueDiskImage (szRescueDiskImage))
Error ("RESCUE_DISK_ISO_IMAGE_CHECK_FAILED", hwndDlg);
else
Info ("RESCUE_DISK_ISO_IMAGE_CHECK_PASSED", hwndDlg);
@ -5926,7 +5912,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
{
WaitCursor();
if (!BootEncObj->VerifyRescueDisk ())
Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
Error (bSystemIsGPT? "RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED" : "RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
else
Info ("RESCUE_DISK_NON_WIZARD_CHECK_PASSED", hwndDlg);
}
@ -5934,7 +5920,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile)
catch (Exception &e)
{
e.Show (MainDlg);
Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
Error (bSystemIsGPT? "RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED" : "RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg);
}
CloseSysEncMutex ();
@ -6048,15 +6034,9 @@ static void WipeCache (HWND hwndDlg, BOOL silent)
static void Benchmark (HWND hwndDlg)
{
BOOL bIsGPT = FALSE;
try
{
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...) {}
DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg,
(DLGPROC) BenchmarkDlgProc, (LPARAM) bIsGPT);
(DLGPROC) BenchmarkDlgProc, (LPARAM) bSystemIsGPT);
}
@ -6453,12 +6433,21 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
BootEncObj->SetParentWindow (hwndDlg);
BootEncStatus = BootEncObj->GetStatus();
RecentBootEncStatus = BootEncStatus;
bSystemIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...)
{
// NOP
}
if (bSystemIsGPT)
StringCbCopyW (szRescueDiskExtension, sizeof (szRescueDiskExtension), L"zip");
else
StringCbCopyW (szRescueDiskExtension, sizeof (szRescueDiskExtension), L"iso");
StringCbCopyW (szDefaultRescueDiskName, sizeof (szDefaultRescueDiskName), L"VeraCrypt Rescue Disk.");
StringCbCatW (szDefaultRescueDiskName, sizeof (szDefaultRescueDiskName), szRescueDiskExtension);
if (UsePreferences)
{
// General preferences
@ -8087,14 +8076,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (lw == IDM_SYSENC_SETTINGS || lw == IDM_SYS_ENC_SETTINGS)
{
BOOL bIsGPT = FALSE;
try
{
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...) {}
DialogBoxParamW (hInst, MAKEINTRESOURCEW (bIsGPT? IDD_EFI_SYSENC_SETTINGS : IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0);
DialogBoxParamW (hInst, MAKEINTRESOURCEW (bSystemIsGPT? IDD_EFI_SYSENC_SETTINGS : IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0);
return 1;
}
@ -10504,19 +10486,17 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
try
{
VOLUME_PROPERTIES_STRUCT prop;
BOOL bIsGPT = FALSE;
try
{
BootEncStatus = BootEncObj->GetStatus();
BootEncObj->GetVolumeProperties (&prop);
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (...)
{
BootEncStatus.DriveMounted = false;
}
if (BootEncStatus.DriveMounted && !bIsGPT)
if (BootEncStatus.DriveMounted && !bSystemIsGPT)
{
byte userConfig;
string customUserMessage;
@ -10855,7 +10835,6 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
return 1;
}
BOOL bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
try
{
LocalizeDialog (hwndDlg, "IDD_SYSENC_SETTINGS");
@ -10877,7 +10856,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
if (bootLoaderVersion != VERSION_NUM)
Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg);
if (bIsGPT)
if (bSystemIsGPT)
{
CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT, (userConfig & TC_BOOT_USER_CFG_FLAG_STORE_HASH) ? BST_CHECKED : BST_UNCHECKED);
}
@ -10916,7 +10895,6 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
case IDOK:
{
VOLUME_PROPERTIES_STRUCT prop;
BOOL bIsGPT = FALSE;
if (!BootEncObj->GetStatus().DriveMounted)
{
@ -10927,7 +10905,6 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
try
{
BootEncObj->GetVolumeProperties (&prop);
bIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (Exception &e)
{
@ -10937,7 +10914,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
}
char customUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1] = {0};
if (!bIsGPT)
if (!bSystemIsGPT)
GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage));
byte userConfig;
@ -10957,7 +10934,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
else
userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_PIM;
if (bIsGPT)
if (bSystemIsGPT)
{
if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT))
userConfig |= TC_BOOT_USER_CFG_FLAG_STORE_HASH;

2
src/Mount/Mount.rc
View File

@ -633,7 +633,7 @@ BEGIN
MENUITEM SEPARATOR
MENUITEM "Create Rescue Disk...", IDM_CREATE_RESCUE_DISK
MENUITEM "Verify Rescue Disk", IDM_VERIFY_RESCUE_DISK
MENUITEM "Verify Rescue Disk ISO Image", IDM_VERIFY_RESCUE_DISK_ISO
MENUITEM "Verify Rescue Disk Image", IDM_VERIFY_RESCUE_DISK_ISO
MENUITEM SEPARATOR
MENUITEM "Mount Without Pre-Boot &Authentication...", IDM_MOUNT_SYSENC_PART_WITHOUT_PBA
MENUITEM SEPARATOR