From d200f27ac3b8a4f58e52a5ee798e11e3fdf74924 Mon Sep 17 00:00:00 2001 From: kavsrf Date: Thu, 2 Feb 2017 11:40:40 +0300 Subject: double reboot in pre-test phase force boot messages --- DcsBoot/DcsBoot.c | 52 +++++++++------- DcsInt/DcsInt.c | 33 ++++++---- Library/DcsCfgLib/DcsRandom.c | 2 +- Library/VeraCryptLib/DcsVeraCrypt.c | 117 +++++++++++++++++++++--------------- Library/VeraCryptLib/DcsVeraCrypt.h | 3 + 5 files changed, 125 insertions(+), 82 deletions(-) diff --git a/DcsBoot/DcsBoot.c b/DcsBoot/DcsBoot.c index 30bc4a9..4650ae6 100644 --- a/DcsBoot/DcsBoot.c +++ b/DcsBoot/DcsBoot.c @@ -17,6 +17,7 @@ https://opensource.org/licenses/LGPL-3.0 #include #include #include +#include #include "DcsConfig.h" #include #include @@ -25,6 +26,27 @@ EFI_GUID ImagePartGuid; EFI_GUID *gEfiExecPartGuid = &ImagePartGuid; CHAR16 *gEfiExecCmdDefault = L"\\EFI\\Microsoft\\Boot\\Bootmgfw.efi"; CHAR16 *gEfiExecCmd = NULL; +CHAR8 gDoExecCmdMsg[256]; + +EFI_STATUS +DoExecCmd() +{ + EFI_STATUS res; + gDoExecCmdMsg[0] = 0; + res = EfiFindPartByGUID(gEfiExecPartGuid, &gFileRootHandle); + if (!EFI_ERROR(res)) { + res = FileOpenRoot(gFileRootHandle, &gFileRoot); + if (!EFI_ERROR(res)) { + res = EfiExec(NULL, gEfiExecCmd); + AsciiSPrint(gDoExecCmdMsg, sizeof(gDoExecCmdMsg), "\nCan't exec %s start partition %g\n", gEfiExecCmd, gEfiExecPartGuid); + } else { + AsciiSPrint(gDoExecCmdMsg, sizeof(gDoExecCmdMsg), "\nCan't open start partition %g\n", gEfiExecPartGuid); + } + } else { + AsciiSPrint(gDoExecCmdMsg, sizeof(gDoExecCmdMsg), "\nCan't find start partition %g\n", gEfiExecPartGuid); + } + return res; +} CHAR16* sDcsBootEfi = L"EFI\\VeraCrypt\\DcsBoot.efi"; CHAR16* sDcsDriverEfiDesc = L"VeraCrypt(DCS) driver"; @@ -106,6 +128,10 @@ DcsBootMain( if (EFI_ERROR(FileExist(NULL, L"\\EFI\\VeraCrypt\\PlatformInfo")) && !EFI_ERROR(FileExist(NULL, L"\\EFI\\VeraCrypt\\DcsInfo.dcs"))) { res = EfiExec(NULL, L"\\EFI\\VeraCrypt\\DcsInfo.dcs"); + if (!EFI_ERROR(res) && + !EFI_ERROR(FileExist(NULL, L"\\EFI\\VeraCrypt\\PlatformInfo"))) { + gST->RuntimeServices->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL); + } } // Load all drivers @@ -161,34 +187,18 @@ DcsBootMain( if (CompareGuid(&gptEntry[i].PartitionTypeGUID, &gEfiPartTypeSystemPartGuid)) { // select ESP GUID CopyGuid(gEfiExecPartGuid, &gptEntry[i].UniquePartitionGUID); - break; + res = DoExecCmd(); + if(EFI_ERROR(res)) continue; } } } } } + } else { + res = DoExecCmd(); } - // OUT_PRINT(L"."); - res = EfiFindPartByGUID(gEfiExecPartGuid, &gFileRootHandle); - if (EFI_ERROR(res)) { - ERR_PRINT(L"\nCan't find start partition %g\n", gEfiExecPartGuid); - EfiCpuHalt(); - } -// OUT_PRINT(L"."); - res = FileOpenRoot(gFileRootHandle, &gFileRoot); - if (EFI_ERROR(res)) { - ERR_PRINT(L"\nCan't open start partition\n"); - EfiCpuHalt(); - } -// OUT_PRINT(L"."); - // Try to exec windows loader... - res = EfiExec(NULL, gEfiExecCmd); - if (EFI_ERROR(res)) { - ERR_PRINT(L"\nStart %s - %r\n", gEfiExecCmd, res); - EfiCpuHalt(); - } - ERR_PRINT(L"???%r"); + ERR_PRINT(L"%a\nStatus - %r", gDoExecCmdMsg, res); EfiCpuHalt(); return EFI_INVALID_PARAMETER; } diff --git a/DcsInt/DcsInt.c b/DcsInt/DcsInt.c index 1499069..e792993 100644 --- a/DcsInt/DcsInt.c +++ b/DcsInt/DcsInt.c @@ -994,20 +994,31 @@ UefiMain( if (!devFound) return OnExit(gOnExitNotFound, OnExitAuthNotFound, EFI_NOT_FOUND); } - // Try to find by OS partition GUID - if (SecRegionData == NULL && gPartitionGuidOS != NULL) { - UINTN i; - for (i = 0; i < gBIOCount; ++i) { - EFI_GUID guid; - res = EfiGetPartGUID(gBIOHandles[i], &guid); - if(EFI_ERROR(res)) continue; - if (memcmp(gPartitionGuidOS, &guid, sizeof(guid)) == 0) { - res = SecRegionLoadDefault(gBIOHandles[i]); - if (EFI_ERROR(res)) { - return OnExit(gOnExitNotFound, OnExitAuthNotFound, res); + // Force authorization + if (SecRegionData == NULL && gDcsBootForce != 0) { + res = EFI_NOT_FOUND; + if (gPartitionGuidOS != NULL) { + // Try to find by OS partition GUID + UINTN i; + for (i = 0; i < gBIOCount; ++i) { + EFI_GUID guid; + res = EfiGetPartGUID(gBIOHandles[i], &guid); + if (EFI_ERROR(res)) continue; + if (memcmp(gPartitionGuidOS, &guid, sizeof(guid)) == 0) { + res = SecRegionLoadDefault(gBIOHandles[i]); + break; } } + } else { + res = SecRegionLoadDefault(gFileRootHandle); + } + if (EFI_ERROR(res)) { + return OnExit(gOnExitNotFound, OnExitAuthNotFound, res); } + // force password type and message + gAuthPasswordType = gForcePasswordType; + gAuthPasswordMsg = gForcePasswordMsg; + gPasswordProgress = gForcePasswordProgress; } // ask any way? (by DcsBoot flag) diff --git a/Library/DcsCfgLib/DcsRandom.c b/Library/DcsCfgLib/DcsRandom.c index eceba8d..f4eb2e0 100644 --- a/Library/DcsCfgLib/DcsRandom.c +++ b/Library/DcsCfgLib/DcsRandom.c @@ -22,7 +22,7 @@ https://opensource.org/licenses/LGPL-3.0 #include #include -#include "../../Include/Library/DcsTpmLib.h" +#include DCS_RND* gRnd = NULL; diff --git a/Library/VeraCryptLib/DcsVeraCrypt.c b/Library/VeraCryptLib/DcsVeraCrypt.c index d5680ba..cc85f4e 100644 --- a/Library/VeraCryptLib/DcsVeraCrypt.c +++ b/Library/VeraCryptLib/DcsVeraCrypt.c @@ -15,6 +15,7 @@ https://opensource.org/licenses/Apache-2.0 #include #include #include +#include #include #include @@ -72,6 +73,9 @@ UINTN gPlatformKeyFileSize = 0; EFI_GUID *gPartitionGuidOS = NULL; int gDcsBootForce = 1; +char* gForcePasswordMsg = NULL; +int gForcePasswordType = 0; +UINT8 gForcePasswordProgress = 1; CHAR8* gOnExitFailed = NULL; CHAR8* gOnExitSuccess = NULL; @@ -85,56 +89,24 @@ VOID VCAuthLoadConfig() { int tmp; + char* strTemp = NULL; if (gAuthPasswordMsg != NULL) return; // Already loaded SetMem(&gAuthPassword, sizeof(gAuthPassword), 0); - { - char* passwordPictureAscii = NULL; - passwordPictureAscii = MEM_ALLOC(MAX_MSG); - gPasswordPictureFileName = MEM_ALLOC(MAX_MSG * 2); - ConfigReadString("PasswordPicture", "\\EFI\\VeraCrypt\\login.bmp", passwordPictureAscii, MAX_MSG); - AsciiStrToUnicodeStr(passwordPictureAscii, gPasswordPictureFileName); - MEM_FREE(passwordPictureAscii); - } - SetMem(&gAuthPassword, sizeof(gAuthPassword), 0); - - // - gAuthSecRegionSearch = ConfigReadInt("SecRegionSearch", 0); - gPlatformLocked = ConfigReadInt("PlatformLocked", 0); - gTPMLocked = ConfigReadInt("TPMLocked", 0); - gSCLocked = ConfigReadInt("SCLocked", 0); - gDcsBootForce = ConfigReadInt("DcsBootForce", 1); - - // Actions for DcsInt - gOnExitSuccess = MEM_ALLOC(MAX_MSG); - ConfigReadString("ActionSuccess", "Exit", gOnExitSuccess, MAX_MSG); - gOnExitNotFound = MEM_ALLOC(MAX_MSG); - ConfigReadString("ActionNotFound", "Exit", gOnExitNotFound, MAX_MSG); - gOnExitFailed = MEM_ALLOC(MAX_MSG); - ConfigReadString("ActionFailed", "Exit", gOnExitFailed, MAX_MSG); - { - char* strTemp = NULL; - strTemp = MEM_ALLOC(MAX_MSG); - ConfigReadString("PartitionGuidOS", "", strTemp, MAX_MSG); - if (strTemp[0] != 0) { - EFI_GUID g; - if (AsciiStrToGuid(&g, strTemp)) { - gPartitionGuidOS = MEM_ALLOC(sizeof(EFI_GUID)); - if (gPartitionGuidOS != NULL) { - memcpy(gPartitionGuidOS, &g, sizeof(g)); - } - } - } - MEM_FREE(strTemp); - } + strTemp = MEM_ALLOC(MAX_MSG); + gPasswordPictureFileName = MEM_ALLOC(MAX_MSG * 2); + ConfigReadString("PasswordPicture", "\\EFI\\VeraCrypt\\login.bmp", strTemp, MAX_MSG); + AsciiStrToUnicodeStr(strTemp, gPasswordPictureFileName); + MEM_FREE(strTemp); gPasswordPictureChars = MEM_ALLOC(MAX_MSG); ConfigReadString("PictureChars", gPasswordPictureCharsDefault, gPasswordPictureChars, MAX_MSG); gPasswordPictureCharsLen = strlen(gPasswordPictureChars); gAuthPasswordType = ConfigReadInt("PasswordType", 0); + gAuthPasswordMsg = MEM_ALLOC(MAX_MSG); ConfigReadString("PasswordMsg", "Password:", gAuthPasswordMsg, MAX_MSG); @@ -150,23 +122,70 @@ VCAuthLoadConfig() gAuthHashMsg = MEM_ALLOC(MAX_MSG); gAuthHashRqt = ConfigReadInt("HashRqt", 1); gAuthHash = ConfigReadInt("Hash", 0); - ConfigReadString("HashMsg", "(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) RIPEMD160\n\rHash:", gAuthHashMsg, MAX_MSG); - gPasswordProgress = (UINT8)ConfigReadInt("AuthorizeProgress", 1); - gPasswordVisible = (UINT8)ConfigReadInt("AuthorizeVisible", 0); - gPasswordShowMark = ConfigReadInt("AuthorizeMarkTouch", 1); + strTemp = MEM_ALLOC(MAX_MSG); + tmp = 1; + AsciiSPrint(strTemp, MAX_MSG, "(0) TEST ALL"); + while (HashGetName(tmp) != NULL && *HashGetName(tmp) != 0) + { + AsciiSPrint(strTemp, MAX_MSG, "%a (%d) %s", strTemp, tmp, HashGetName(tmp)); + ++tmp; + }; + AsciiSPrint(strTemp, MAX_MSG, "%a \n\rHash:", strTemp); + ConfigReadString("HashMsg", strTemp, gAuthHashMsg, MAX_MSG); + MEM_FREE(strTemp); - gAuthStartMsg = MEM_ALLOC(MAX_MSG); - ConfigReadString("AuthStartMsg", "Authorizing...\n\r", gAuthStartMsg, MAX_MSG); - gAuthErrorMsg = MEM_ALLOC(MAX_MSG); - ConfigReadString("AuthErrorMsg", "Authorization failed. Wrong password, PIM or hash.\n\r", gAuthErrorMsg, MAX_MSG); - gAuthBootRqt = ConfigReadInt("BootRqt", 0); + gAuthBootRqt = ConfigReadInt("BootRqt", 0); gAuthTcRqt = ConfigReadInt("TcRqt", 0); - gRUD = ConfigReadInt("RUD", 0); + + gPasswordProgress = (UINT8)ConfigReadInt("AuthorizeProgress", 1); // print "*" + gPasswordVisible = (UINT8)ConfigReadInt("AuthorizeVisible", 0); // show chars + gPasswordShowMark = ConfigReadInt("AuthorizeMarkTouch", 1); // show touch points + + gDcsBootForce = ConfigReadInt("DcsBootForce", 1); // Ask password even if no USB marked found. + + gForcePasswordMsg = MEM_ALLOC(MAX_MSG); + ConfigReadString("ForcePasswordMsg", gAuthPasswordMsg, gForcePasswordMsg, MAX_MSG); + gForcePasswordType = ConfigReadInt("ForcePasswordType", gAuthPasswordType); + gForcePasswordProgress = (UINT8)ConfigReadInt("ForcePasswordProgress", gPasswordProgress); + gAuthRetry = ConfigReadInt("AuthorizeRetry", 10); + gAuthStartMsg = MEM_ALLOC(MAX_MSG); + ConfigReadString("AuthStartMsg", "Authorizing...\n\r", gAuthStartMsg, MAX_MSG); + gAuthErrorMsg = MEM_ALLOC(MAX_MSG); + ConfigReadString("AuthErrorMsg", "Authorization failed. Wrong password, PIM or hash.\n\r", gAuthErrorMsg, MAX_MSG); + + gRUD = ConfigReadInt("RUD", 0); + gRndDefault = ConfigReadInt("Random", 0); + gAuthSecRegionSearch = ConfigReadInt("SecRegionSearch", 0); + gPlatformLocked = ConfigReadInt("PlatformLocked", 0); + gTPMLocked = ConfigReadInt("TPMLocked", 0); + gSCLocked = ConfigReadInt("SCLocked", 0); + + // Actions for DcsInt + gOnExitSuccess = MEM_ALLOC(MAX_MSG); + ConfigReadString("ActionSuccess", "Exit", gOnExitSuccess, MAX_MSG); + gOnExitNotFound = MEM_ALLOC(MAX_MSG); + ConfigReadString("ActionNotFound", "Exit", gOnExitNotFound, MAX_MSG); + gOnExitFailed = MEM_ALLOC(MAX_MSG); + ConfigReadString("ActionFailed", "Exit", gOnExitFailed, MAX_MSG); + + strTemp = MEM_ALLOC(MAX_MSG); + ConfigReadString("PartitionGuidOS", "", strTemp, MAX_MSG); + if (strTemp[0] != 0) { + EFI_GUID g; + if (AsciiStrToGuid(&g, strTemp)) { + gPartitionGuidOS = MEM_ALLOC(sizeof(EFI_GUID)); + if (gPartitionGuidOS != NULL) { + memcpy(gPartitionGuidOS, &g, sizeof(g)); + } + } + } + MEM_FREE(strTemp); + // touch tmp = ConfigReadInt("TouchDevice", -1); if (tmp == -1) InitTouch(); diff --git a/Library/VeraCryptLib/DcsVeraCrypt.h b/Library/VeraCryptLib/DcsVeraCrypt.h index 41dc6c2..e6ee57c 100644 --- a/Library/VeraCryptLib/DcsVeraCrypt.h +++ b/Library/VeraCryptLib/DcsVeraCrypt.h @@ -65,6 +65,9 @@ extern UINTN gPlatformKeyFileSize; extern EFI_GUID *gPartitionGuidOS; extern int gDcsBootForce; +extern char* gForcePasswordMsg; +extern int gForcePasswordType; +extern UINT8 gForcePasswordProgress; extern CHAR8* gOnExitFailed; extern CHAR8* gOnExitSuccess; -- cgit v1.2.3