diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-10-07 04:35:03 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-10-07 12:56:01 +0200 |
| commit | 9a6fc789eb2ee9213c9373146a3efa708300de87 (patch) | |
| tree | ab29483e1b00fbc83604216f974f3a84e7077da6 /src/Mount/Mount.c | |
| parent | f3c91cb05c9a3ba2651438f576d707f7a48d507b (diff) | |
| download | VeraCrypt-9a6fc789eb2ee9213c9373146a3efa708300de87.tar.gz VeraCrypt-9a6fc789eb2ee9213c9373146a3efa708300de87.zip | |
Windows: Add option to disable detection of "Evil Maid" attacks. This is helpful for users who have software running the modifies the bootloader, like FLEXnet.
Diffstat (limited to 'src/Mount/Mount.c')
| -rw-r--r-- | src/Mount/Mount.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index ddf03faf..30be6f0d 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -6206,18 +6206,22 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa {
if (IsHiddenOSRunning())
{
+ uint32 driverConfig = ReadDriverConfigurationFlags();
if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
Warning ("UPDATE_TC_IN_HIDDEN_OS_TOO", hwndDlg);
- if (!BootEncObj->CheckBootloaderFingerprint ())
+ if ( !(driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION)
+ && !BootEncObj->CheckBootloaderFingerprint ())
Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg);
}
else if (SysDriveOrPartitionFullyEncrypted (TRUE))
{
+ uint32 driverConfig = ReadDriverConfigurationFlags();
if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM)
{
Warning ("BOOT_LOADER_VERSION_DIFFERENT_FROM_DRIVER_VERSION", hwndDlg);
}
- if (!BootEncObj->CheckBootloaderFingerprint ())
+ if ( !(driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION)
+ && !BootEncObj->CheckBootloaderFingerprint ())
Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg);
}
}
@@ -10424,6 +10428,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED);
CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED);
CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD) ? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED);
SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP"));
}
@@ -10480,6 +10485,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA {
BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD));
+ SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION));
}
catch (Exception &e)
{
|