diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2021-11-21 15:18:08 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2021-11-21 21:44:51 +0100 |
commit | 5f5b8a15fcd99b8e46d83c21335f2c6955f8aeb8 (patch) | |
tree | 27af66078a6956b6f90da2bb8efd1204945ec13a /src/Common/Dlgcode.c | |
parent | 5426160c94b175dbf475c634c4c1a98554d15342 (diff) | |
download | VeraCrypt-5f5b8a15fcd99b8e46d83c21335f2c6955f8aeb8.tar.gz VeraCrypt-5f5b8a15fcd99b8e46d83c21335f2c6955f8aeb8.zip |
Windows: Restrict supported Windows versions to XP, 10 and 11 because of new requirement on driver code signing.
For now, we are not able to put in place HCK/WLK certification of VeraCrypt driver that is needed for Windows 7, 8 and 8.1.
Diffstat (limited to 'src/Common/Dlgcode.c')
-rw-r--r-- | src/Common/Dlgcode.c | 29 |
1 files changed, 7 insertions, 22 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 9f68490f..6462e319 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -3259,8 +3259,8 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) RemoteSession = GetSystemMetrics (SM_REMOTESESSION) != 0; - // OS version check: from version 1.25, only Windows 8 and newer is supported - if (!IsOSVersionAtLeast(WIN_8, 0)) + // OS version check: from version 1.25, only Windows XP, Windows 10 and Windows 11 are supported because of new driver signing requirements + if (!(IsOSVersionAtLeast(WIN_10, 0) || (nCurrentOS == WIN_XP) || (nCurrentOS == WIN_XP64))) { MessageBoxW (NULL, GetString ("UNSUPPORTED_OS"), lpszTitle, MB_ICONSTOP); exit (1); @@ -3270,26 +3270,6 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) // Service pack check & warnings about critical MS issues switch (nCurrentOS) { - case WIN_2000: - if (CurrentOSServicePack < 3) - Warning ("LARGE_IDE_WARNING_2K", NULL); - else - { - DWORD val = 0, size = sizeof(val); - HKEY hkey; - - if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\Atapi\\Parameters", 0, KEY_READ, &hkey) == ERROR_SUCCESS) - { - if (RegQueryValueExW (hkey, L"EnableBigLba", 0, 0, (LPBYTE) &val, &size) != ERROR_SUCCESS - || val != 1) - { - Warning ("LARGE_IDE_WARNING_2K_REGISTRY", NULL); - } - RegCloseKey (hkey); - } - } - break; - case WIN_XP: if (CurrentOSServicePack < 1) { @@ -14114,6 +14094,11 @@ BOOL VerifyModuleSignature (const wchar_t* path) WINTRUST_DATA WVTData = {0}; wchar_t filePath [TC_MAX_PATH + 1024]; + // we check our own authenticode signature only starting from Windows 10 since this is + // the minimal supported OS apart from XP where we can't verify SHA256 signatures + if (!IsOSAtLeast (WIN_10)) + return TRUE; + // Strip quotation marks (if any) if (path [0] == L'"') { |