diff options
author | Alex <kavsrf@gmail.com> | 2016-08-09 22:08:47 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-08-15 01:09:12 +0200 |
commit | 246233c40262c5be2edfa916cf841dd4bce6598e (patch) | |
tree | 75f17aeeb2aca66ac1cda709311ae710ae3d10d3 /src/Common/Volumes.c | |
parent | 58cff70724e9d90902a33b0718ccbe8ee4c7b329 (diff) | |
download | VeraCrypt-246233c40262c5be2edfa916cf841dd4bce6598e.tar.gz VeraCrypt-246233c40262c5be2edfa916cf841dd4bce6598e.zip |
Windows EFI Bootloader: modifications to prepare EFI system encryption support (common files with DcsBoot)
Diffstat (limited to 'src/Common/Volumes.c')
-rw-r--r-- | src/Common/Volumes.c | 58 |
1 files changed, 42 insertions, 16 deletions
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index 21b34f6d..35ba5bd2 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -12,8 +12,8 @@ code distribution packages. */ #include "Tcdefs.h" - -#ifndef TC_WINDOWS_BOOT +#if !defined(_UEFI) +#if !defined(TC_WINDOWS_BOOT) #include <fcntl.h> #include <sys/types.h> #include <sys/stat.h> @@ -28,6 +28,7 @@ #ifndef DEVICE_DRIVER #include "Random.h" #endif +#endif // !defined(_UEFI) #include "Crc.h" #include "Crypto.h" @@ -35,7 +36,7 @@ #include "Volumes.h" #include "Pkcs5.h" -#ifdef _WIN32 +#if defined(_WIN32) && !defined(_UEFI) #include <Strsafe.h> #include "../Boot/Windows/BootCommon.h" #endif @@ -176,16 +177,17 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int uint16 headerVersion; int status = ERR_PARAMETER_INCORRECT; int primaryKeyOffset; - + int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1; +#if !defined(_UEFI) TC_EVENT keyDerivationCompletedEvent; TC_EVENT noOutstandingWorkItemEvent; KeyDerivationWorkItem *keyDerivationWorkItems; KeyDerivationWorkItem *item; - int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1; size_t encryptionThreadCount = GetEncryptionThreadCount(); - size_t queuedWorkItems = 0; LONG outstandingWorkItemCount = 0; int i; +#endif + size_t queuedWorkItems = 0; // if no PIM specified, use default value if (pim < 0) @@ -212,7 +214,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int if (cryptoInfo == NULL) return ERR_OUTOFMEMORY; } - +#if !defined(_UEFI) /* use thread pool only if no PRF was specified */ if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) { @@ -244,10 +246,11 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int #endif } -#ifndef DEVICE_DRIVER +#if !defined(DEVICE_DRIVER) VirtualLock (&keyInfo, sizeof (keyInfo)); VirtualLock (&dk, sizeof (dk)); #endif +#endif // !defined(_UEFI) crypto_loadkey (&keyInfo, password->Text, (int) password->Length); @@ -264,7 +267,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int // skip SHA-256 in case of TrueCrypt mode if (truecryptMode && (enqPkcs5Prf == SHA256)) continue; - +#if !defined(_UEFI) if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) { // Enqueue key derivation on thread pool @@ -319,6 +322,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int KeyReady: ; } else +#endif // !defined(_UEFI) { pkcs5_prf = enqPkcs5Prf; keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot); @@ -568,11 +572,12 @@ ret: burn (&keyInfo, sizeof (keyInfo)); burn (dk, sizeof(dk)); -#ifndef DEVICE_DRIVER +#if !defined(DEVICE_DRIVER) && !defined(_UEFI) VirtualUnlock (&keyInfo, sizeof (keyInfo)); VirtualUnlock (&dk, sizeof (dk)); #endif +#if !defined(_UEFI) if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) { TC_WAIT_EVENT (noOutstandingWorkItemEvent); @@ -580,16 +585,16 @@ ret: burn (keyDerivationWorkItems, sizeof (KeyDerivationWorkItem) * pkcs5PrfCount); TCfree (keyDerivationWorkItems); -#ifndef DEVICE_DRIVER +#if !defined(DEVICE_DRIVER) CloseHandle (keyDerivationCompletedEvent); CloseHandle (noOutstandingWorkItemEvent); #endif } - +#endif return status; } -#ifdef _WIN32 +#if defined(_WIN32) && !defined(_UEFI) void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint) { // compute Whirlpool+SHA512 fingerprint of bootloader including MBR @@ -805,10 +810,17 @@ ret: #endif // Creates a volume header in memory +#if defined(_UEFI) +int CreateVolumeHeaderInMemory(BOOL bBoot, char *header, int ea, int mode, Password *password, + int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, + unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, + unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode) +#else int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode) +#endif // !defined(_UEFI) { unsigned char *p = (unsigned char *) header; static CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo; @@ -828,9 +840,10 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, pim = 0; memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - +#if !defined(_UEFI) VirtualLock (&keyInfo, sizeof (keyInfo)); VirtualLock (&dk, sizeof (dk)); +#endif // !defined(_UEFI) /* Encryption setup */ @@ -847,7 +860,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, bytesNeeded = EAGetKeySize (ea) * 2; // Size of primary + secondary key(s) } +#if !defined(_UEFI) if (!RandgetBytes (hwndDlg, keyInfo.master_keydata, bytesNeeded, TRUE)) +#else + if (!RandgetBytes(keyInfo.master_keydata, bytesNeeded, TRUE)) +#endif { crypto_close (cryptoInfo); return ERR_CIPHER_INIT_WEAK_KEY; @@ -885,7 +902,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, cryptoInfo->mode = mode; // Salt for header key derivation - if (!RandgetBytes (hwndDlg, keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode)) +#if !defined(_UEFI) + if (!RandgetBytes(hwndDlg, keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode)) +#else + if (!RandgetBytes(keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode)) +#endif { crypto_close (cryptoInfo); return ERR_CIPHER_INIT_WEAK_KEY; @@ -930,7 +951,11 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, else { // generate a random key +#if !defined(_UEFI) if (!RandgetBytes(hwndDlg, dk, GetMaxPkcs5OutSize(), !bWipeMode)) +#else + if (!RandgetBytes(dk, GetMaxPkcs5OutSize(), !bWipeMode)) +#endif { crypto_close (cryptoInfo); return ERR_CIPHER_INIT_WEAK_KEY; @@ -1111,7 +1136,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, return 0; } - +#if !defined(_UEFI) BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead) { #if TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE @@ -1324,4 +1349,5 @@ final_seq: return nStatus; } +#endif // !defined(_UEFI) #endif // !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) |