VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/Library/VeraCryptLib
diff options
context:
space:
mode:
authorkavsrf <kavsrf@gmail.com>2016-12-04 13:46:48 +0300
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2017-06-05 17:36:42 +0200
commit6701b862aa96775609a7d42662ae4a98e43071bb (patch)
tree3900fcd874625898d9ab921ec6f2e3f5f8ef4b97 /Library/VeraCryptLib
parentebe8c240166ef25ed0ca8898f8bfd34b415a75d0 (diff)
downloadVeraCrypt-DCS-6701b862aa96775609a7d42662ae4a98e43071bb.tar.gz
VeraCrypt-DCS-6701b862aa96775609a7d42662ae4a98e43071bb.zip
TPM12 support
Diffstat (limited to 'Library/VeraCryptLib')
-rw-r--r--Library/VeraCryptLib/DcsVeraCrypt.c176
-rw-r--r--Library/VeraCryptLib/DcsVeraCrypt.h3
-rw-r--r--Library/VeraCryptLib/VeraCryptLib.inf2
-rw-r--r--Library/VeraCryptLib/llmath.c4
4 files changed, 144 insertions, 41 deletions
diff --git a/Library/VeraCryptLib/DcsVeraCrypt.c b/Library/VeraCryptLib/DcsVeraCrypt.c
index 1b6cd35..02128df 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.c
+++ b/Library/VeraCryptLib/DcsVeraCrypt.c
@@ -26,24 +26,25 @@ https://opensource.org/licenses/Apache-2.0
#include "common/Xml.h"
#include "common/Crc.h"
#include "BootCommon.h"
+#include "Library/DcsTpmLib.h"
//////////////////////////////////////////////////////////////////////////
// Config
//////////////////////////////////////////////////////////////////////////
-char *ConfigBuffer = NULL;
-UINTN ConfigBufferSize = 0;
+char *gConfigBuffer = NULL;
+UINTN gConfigBufferSize = 0;
BOOL ConfigRead(char *configKey, char *configValue, int maxValueSize)
{
char *xml;
- if (ConfigBuffer == NULL) {
- if (FileLoad(NULL, L"\\EFI\\VeraCrypt\\DcsProp", &ConfigBuffer, &ConfigBufferSize) != EFI_SUCCESS) {
- return FALSE;
- }
- }
+ if (gConfigBuffer == NULL) {
+ if (FileLoad(NULL, L"\\EFI\\VeraCrypt\\DcsProp", &gConfigBuffer, &gConfigBufferSize) != EFI_SUCCESS) {
+ return FALSE;
+ }
+ }
- xml = ConfigBuffer;
+ xml = gConfigBuffer;
if (xml != NULL)
{
xml = XmlFindElementByAttributeValue(xml, "config", "key", configKey);
@@ -246,48 +247,145 @@ VCAuthLoadConfig()
}
+//////////////////////////////////////////////////////////////////////////
+// Configuration menu
+//////////////////////////////////////////////////////////////////////////
+PMENU_ITEM gCfgMenu = NULL;
+BOOLEAN gCfgMenuContinue = TRUE;
+
+EFI_STATUS
+ActionCfgReboot(IN VOID *ctx) {
+ gST->RuntimeServices->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL);
+ return EFI_DEVICE_ERROR;
+}
+
+EFI_STATUS
+ActionCfgTpm(IN VOID *ctx) {
+ return gTpm->Configure(gTpm);
+}
+
+EFI_STATUS
+ActionBoot(IN VOID *ctx) {
+ gCfgMenuContinue = FALSE;
+ gAuthPwdCode = AskPwdRetCancel;
+ return EFI_SUCCESS;
+}
+
+EFI_STATUS
+ActionNewPassword(IN VOID *ctx) {
+ gCfgMenuContinue = FALSE;
+ gAuthPwdCode = AskPwdRetLogin;
+ return EFI_SUCCESS;
+}
+
+VOID
+CfgMenuCreate() {
+ PMENU_ITEM item = NULL;
+ item = DcsMenuAppend(item, L"Boot", 'b', ActionBoot, NULL);
+ gCfgMenu = item;
+ item = DcsMenuAppend(item, L"Hard reset", 'r', ActionCfgReboot, NULL);
+ item = DcsMenuAppend(item, L"New password", 'n', ActionNewPassword, NULL);
+ if (gTpm != NULL) {
+ item = DcsMenuAppend(item, L"Configure TPM", 't', ActionCfgTpm, NULL);
+ }
+}
+
VOID
VCAskPwd(
IN UINTN pwdType,
OUT Password* vcPwd) {
+ BOOL pwdReady;
if (gAuthPasswordMsg == NULL) VCAuthLoadConfig();
- if (gAuthPasswordType == 1 &&
- gGraphOut != NULL &&
- ((gTouchPointer != NULL) || (gTouchSimulate != 0))) {
- AskPictPwdInt(pwdType, sizeof(vcPwd->Text), vcPwd->Text, &vcPwd->Length, &gAuthPwdCode);
- } else {
- switch (pwdType) {
- case AskPwdNew:
- OUT_PRINT(L"New password:");
- break;
- case AskPwdConfirm:
- OUT_PRINT(L"Confirm password:");
- break;
- case AskPwdLogin:
- default:
- OUT_PRINT(L"%a", gAuthPasswordMsg);
- break;
+ do {
+ pwdReady = TRUE;
+ if (pwdType == AskPwdNew) {
+ EFI_INPUT_KEY key;
+ key = KeyWait(L"Press 'c' to configure, others to skip %1d\r", 9, 0, 0);
+ if (key.UnicodeChar == 'c') {
+ PMENU_ITEM item = NULL;
+ EFI_STATUS res;
+ OUT_PRINT(L"\n%V%a %a configuration%N\n", TC_APP_NAME, VERSION_STRING);
+ if (gCfgMenu == NULL) CfgMenuCreate();
+ do {
+ DcsMenuPrint(gCfgMenu);
+ item = NULL;
+ key.UnicodeChar = 0;
+ while (item == NULL) {
+ item = gCfgMenu;
+ key = GetKey();
+ while (item != NULL) {
+ if (item->Select == key.UnicodeChar) break;
+ item = item->Next;
+ }
+ }
+ OUT_PRINT(L"%c\n", key.UnicodeChar);
+ res = item->Action(item->Context);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"%r\n", res);
+ }
+ } while (gCfgMenuContinue);
+ if (gAuthPwdCode == AskPwdRetCancel) {
+ return;
+ }
+ }
}
- AskConsolePwdInt(&vcPwd->Length, vcPwd->Text, &gAuthPwdCode, sizeof(vcPwd->Text), gPasswordVisible);
- }
- if (gAuthPwdCode == AskPwdRetCancel) {
- return;
- }
+ if (gAuthPasswordType == 1 &&
+ gGraphOut != NULL &&
+ ((gTouchPointer != NULL) || (gTouchSimulate != 0))) {
+ AskPictPwdInt(pwdType, sizeof(vcPwd->Text), vcPwd->Text, &vcPwd->Length, &gAuthPwdCode);
+ }
+ else {
+ switch (pwdType) {
+ case AskPwdNew:
+ OUT_PRINT(L"New password:");
+ break;
+ case AskPwdConfirm:
+ OUT_PRINT(L"Confirm password:");
+ break;
+ case AskPwdLogin:
+ default:
+ OUT_PRINT(L"%a", gAuthPasswordMsg);
+ break;
+ }
+ AskConsolePwdInt(&vcPwd->Length, vcPwd->Text, &gAuthPwdCode, sizeof(vcPwd->Text), gPasswordVisible);
+ }
- if (gPlatformLocked) {
- if (gPlatformKeyFile == NULL) {
- ERR_PRINT(L"Platform key file absent\n");
- } else {
- ApplyKeyFile(vcPwd, gPlatformKeyFile, gPlatformKeyFileSize);
+ if (gAuthPwdCode == AskPwdRetCancel) {
+ return;
}
- }
- if (gTPMLocked) {
- // TO DO
- ERR_PRINT(L"TPM lock is not implemented\n");
- }
+ if (gSCLocked) {
+ ERR_PRINT(L"Smart card is not configured\n");
+ }
+
+ if (gPlatformLocked) {
+ if (gPlatformKeyFile == NULL) {
+ ERR_PRINT(L"Platform key file is absent\n");
+ }
+ else {
+ ApplyKeyFile(vcPwd, gPlatformKeyFile, gPlatformKeyFileSize);
+ }
+ }
+
+ if (gTPMLocked) {
+ if (gTpm != NULL) {
+ pwdReady = !EFI_ERROR(gTpm->Apply(gTpm, vcPwd));
+ if (!pwdReady) {
+ ERR_PRINT(L"TPM error: DCS configuration ");
+ if (!gTpm->IsConfigured(gTpm)) {
+ ERR_PRINT(L"absent\n");
+ }
+ else {
+ ERR_PRINT(L"locked\n");
+ }
+ }
+ } else {
+ ERR_PRINT(L"No TPM found\n");
+ }
+ }
+ } while (!pwdReady);
}
VOID
diff --git a/Library/VeraCryptLib/DcsVeraCrypt.h b/Library/VeraCryptLib/DcsVeraCrypt.h
index aae0152..fffe67c 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.h
+++ b/Library/VeraCryptLib/DcsVeraCrypt.h
@@ -19,6 +19,9 @@ https://opensource.org/licenses/Apache-2.0
#include <common/Tcdefs.h>
#include <common/Password.h>
+extern char *gConfigBuffer;
+extern UINTN gConfigBufferSize;
+
//////////////////////////////////////////////////////////////////////////
// Auth
//////////////////////////////////////////////////////////////////////////
diff --git a/Library/VeraCryptLib/VeraCryptLib.inf b/Library/VeraCryptLib/VeraCryptLib.inf
index 04eedf5..529043f 100644
--- a/Library/VeraCryptLib/VeraCryptLib.inf
+++ b/Library/VeraCryptLib/VeraCryptLib.inf
@@ -79,11 +79,13 @@ LIB|Twofish_x64.obj|*
[Packages]
MdePkg/MdePkg.dec
DcsPkg/DcsPkg.dec
+ CryptoPkg/CryptoPkg.dec
[LibraryClasses]
MemoryAllocationLib
UefiLib
RngLib
+ BaseCryptLib
[Protocols]
diff --git a/Library/VeraCryptLib/llmath.c b/Library/VeraCryptLib/llmath.c
index 6b4360c..7d79657 100644
--- a/Library/VeraCryptLib/llmath.c
+++ b/Library/VeraCryptLib/llmath.c
@@ -227,7 +227,7 @@ __declspec(naked) void __cdecl _aulldiv()
//////////////////////////////////////////////////////////////////////////
// Shifts
//////////////////////////////////////////////////////////////////////////
-__declspec(naked) void __cdecl _aullshr() {
+__declspec(naked) void __cdecl _aullshr1() {
_asm {
;
; Checking: Only handle 64bit shifting or more
@@ -264,7 +264,7 @@ _Exit:
}
}
-__declspec(naked) void __cdecl _allshl() {
+__declspec(naked) void __cdecl _allshl1() {
_asm {
;
; Handle shifting of 64 or more bits (return 0)