diff options
41 files changed, 127 insertions, 521 deletions
diff --git a/src/Boot/EFI/DcsBoot32.efi b/src/Boot/EFI/DcsBoot32.efi Binary files differdeleted file mode 100644 index 1447e98b..00000000 --- a/src/Boot/EFI/DcsBoot32.efi +++ /dev/null diff --git a/src/Boot/EFI/DcsCfg32.efi b/src/Boot/EFI/DcsCfg32.efi Binary files differdeleted file mode 100644 index 899197ff..00000000 --- a/src/Boot/EFI/DcsCfg32.efi +++ /dev/null diff --git a/src/Boot/EFI/DcsInfo32.efi b/src/Boot/EFI/DcsInfo32.efi Binary files differdeleted file mode 100644 index ddb1e64b..00000000 --- a/src/Boot/EFI/DcsInfo32.efi +++ /dev/null diff --git a/src/Boot/EFI/DcsInt32.efi b/src/Boot/EFI/DcsInt32.efi Binary files differdeleted file mode 100644 index 36d7b61f..00000000 --- a/src/Boot/EFI/DcsInt32.efi +++ /dev/null diff --git a/src/Boot/EFI/DcsRe32.efi b/src/Boot/EFI/DcsRe32.efi Binary files differdeleted file mode 100644 index f2a935b7..00000000 --- a/src/Boot/EFI/DcsRe32.efi +++ /dev/null diff --git a/src/Boot/EFI/LegacySpeaker32.efi b/src/Boot/EFI/LegacySpeaker32.efi Binary files differdeleted file mode 100644 index 5b52ba9f..00000000 --- a/src/Boot/EFI/LegacySpeaker32.efi +++ /dev/null diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index ae881039..e6e36f12 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -3332,53 +3332,29 @@ namespace VeraCrypt } } DWORD sizeDcsBoot; -#ifdef _WIN64 uint8 *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot); -#else - uint8 *dcsBootImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBOOT : IDR_EFI_DCSBOOT32, &sizeDcsBoot); -#endif if (!dcsBootImg) throw ErrorException(L"Out of resource DcsBoot", SRC_POS); DWORD sizeDcsInt; -#ifdef _WIN64 uint8 *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt); -#else - uint8 *dcsIntImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINT: IDR_EFI_DCSINT32, &sizeDcsInt); -#endif if (!dcsIntImg) throw ErrorException(L"Out of resource DcsInt", SRC_POS); DWORD sizeDcsCfg; -#ifdef _WIN64 uint8 *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg); -#else - uint8 *dcsCfgImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSCFG: IDR_EFI_DCSCFG32, &sizeDcsCfg); -#endif if (!dcsCfgImg) throw ErrorException(L"Out of resource DcsCfg", SRC_POS); DWORD sizeLegacySpeaker; -#ifdef _WIN64 uint8 *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker); -#else - uint8 *LegacySpeakerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_LEGACYSPEAKER: IDR_EFI_LEGACYSPEAKER32, &sizeLegacySpeaker); -#endif if (!LegacySpeakerImg) throw ErrorException(L"Out of resource LegacySpeaker", SRC_POS); #ifdef VC_EFI_CUSTOM_MODE DWORD sizeBootMenuLocker; -#ifdef _WIN64 uint8 *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker); -#else - uint8 *BootMenuLockerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBML: IDR_EFI_DCSBML32, &sizeBootMenuLocker); -#endif if (!BootMenuLockerImg) throw ErrorException(L"Out of resource DcsBml", SRC_POS); #endif DWORD sizeDcsInfo; -#ifdef _WIN64 uint8 *DcsInfoImg = MapResource(L"BIN", IDR_EFI_DCSINFO, &sizeDcsInfo); -#else - uint8 *DcsInfoImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINFO: IDR_EFI_DCSINFO32, &sizeDcsInfo); -#endif if (!DcsInfoImg) throw ErrorException(L"Out of resource DcsInfo", SRC_POS); @@ -3390,8 +3366,8 @@ namespace VeraCrypt bool bAlreadyExist; const char* g_szMsBootString = "bootmgfw.pdb"; unsigned __int64 loaderSize = 0; - const wchar_t * szStdEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi": L"\\EFI\\Boot\\bootia32.efi"; - const wchar_t * szBackupEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\original_bootx64.vc_backup": L"\\EFI\\Boot\\original_bootia32.vc_backup"; + const wchar_t * szStdEfiBootloader = L"\\EFI\\Boot\\bootx64.efi"; + const wchar_t * szBackupEfiBootloader = L"\\EFI\\Boot\\original_bootx64.vc_backup"; if (preserveUserConfig) { @@ -3547,10 +3523,7 @@ namespace VeraCrypt // move the original bootloader backup from old location (if it exists) to new location // we don't force the move operation if the new location already exists - if (Is64BitOs()) - EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootx64_vc_backup.efi", L"\\EFI\\Boot\\original_bootx64.vc_backup", FALSE); - else - EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootia32_vc_backup.efi", L"\\EFI\\Boot\\original_bootia32.vc_backup", FALSE); + EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootx64_vc_backup.efi", L"\\EFI\\Boot\\original_bootx64.vc_backup", FALSE); // Clean beta9 EfiBootInst.DelFile(L"\\DcsBoot.efi"); @@ -3729,61 +3702,33 @@ namespace VeraCrypt { // create EFI disk structure DWORD sizeDcsBoot; -#ifdef _WIN64 uint8 *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot); -#else - uint8 *dcsBootImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBOOT : IDR_EFI_DCSBOOT32, &sizeDcsBoot); -#endif if (!dcsBootImg) throw ParameterIncorrect (SRC_POS); DWORD sizeDcsInt; -#ifdef _WIN64 uint8 *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt); -#else - uint8 *dcsIntImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINT: IDR_EFI_DCSINT32, &sizeDcsInt); -#endif if (!dcsIntImg) throw ParameterIncorrect (SRC_POS); DWORD sizeDcsCfg; -#ifdef _WIN64 uint8 *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg); -#else - uint8 *dcsCfgImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSCFG: IDR_EFI_DCSCFG32, &sizeDcsCfg); -#endif if (!dcsCfgImg) throw ParameterIncorrect (SRC_POS); DWORD sizeLegacySpeaker; -#ifdef _WIN64 uint8 *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker); -#else - uint8 *LegacySpeakerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_LEGACYSPEAKER: IDR_EFI_LEGACYSPEAKER32, &sizeLegacySpeaker); -#endif if (!LegacySpeakerImg) throw ParameterIncorrect (SRC_POS); #ifdef VC_EFI_CUSTOM_MODE DWORD sizeBootMenuLocker; -#ifdef _WIN64 uint8 *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker); -#else - uint8 *BootMenuLockerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBML: IDR_EFI_DCSBML32, &sizeBootMenuLocker); -#endif if (!BootMenuLockerImg) throw ParameterIncorrect (SRC_POS); #endif DWORD sizeDcsRescue; -#ifdef _WIN64 uint8 *DcsRescueImg = MapResource(L"BIN", IDR_EFI_DCSRE, &sizeDcsRescue); -#else - uint8 *DcsRescueImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSRE: IDR_EFI_DCSRE32, &sizeDcsRescue); -#endif if (!DcsRescueImg) throw ParameterIncorrect (SRC_POS); DWORD sizeDcsInfo; -#ifdef _WIN64 uint8 *DcsInfoImg = MapResource(L"BIN", IDR_EFI_DCSINFO, &sizeDcsInfo); -#else - uint8 *DcsInfoImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINFO: IDR_EFI_DCSINFO32, &sizeDcsInfo); -#endif if (!DcsInfoImg) throw ParameterIncorrect (SRC_POS); @@ -3809,7 +3754,7 @@ namespace VeraCrypt finally_do_arg (zip_t**, &z, { if (*finally_arg) zip_discard (*finally_arg);}); - if (!ZipAdd (z, Is64BitOs()? "EFI/Boot/bootx64.efi": "EFI/Boot/bootia32.efi", DcsRescueImg, sizeDcsRescue)) + if (!ZipAdd (z, "EFI/Boot/bootx64.efi", DcsRescueImg, sizeDcsRescue)) throw ParameterIncorrect (SRC_POS); #ifdef VC_EFI_CUSTOM_MODE if (!ZipAdd (z, "EFI/VeraCrypt/DcsBml.dcs", BootMenuLockerImg, sizeBootMenuLocker)) @@ -3858,7 +3803,7 @@ namespace VeraCrypt sysBakFile.GetFileSize(fileSize); fileBuf.Resize ((DWORD) fileSize); DWORD sizeLoader = sysBakFile.Read (fileBuf.Ptr (), fileSize); - bLoadAdded = ZipAdd (z, Is64BitOs()? "EFI/Boot/original_bootx64.vc_backup": "EFI/Boot/original_bootia32.vc_backup", fileBuf.Ptr (), sizeLoader); + bLoadAdded = ZipAdd (z, "EFI/Boot/original_bootx64.vc_backup", fileBuf.Ptr (), sizeLoader); } catch (Exception &e) { @@ -4085,19 +4030,6 @@ namespace VeraCrypt L"EFI/VeraCrypt/svh_bak", L"EFI/Boot/original_bootx64.vc_backup" }; - - const wchar_t* efi32Files[] = { - L"EFI/Boot/bootia32.efi", -#ifdef VC_EFI_CUSTOM_MODE - L"EFI/VeraCrypt/DcsBml.dcs", -#endif - L"EFI/VeraCrypt/DcsBoot.efi", - L"EFI/VeraCrypt/DcsCfg.dcs", - L"EFI/VeraCrypt/DcsInt.dcs", - L"EFI/VeraCrypt/LegacySpeaker.dcs", - L"EFI/VeraCrypt/svh_bak", - L"EFI/Boot/original_bootia32.vc_backup" - }; zip_error_t zerr; zip_source_t* zsrc = zip_source_buffer_create (RescueZipData, RescueZipSize, 0, &zerr); @@ -4126,8 +4058,8 @@ namespace VeraCrypt && !wcsncmp (szNameBuffer, L"FAT", 3)) { int i; - const wchar_t** efiFiles = Is64BitOs()? efi64Files: efi32Files; - int efiFilesSize = Is64BitOs()? ARRAYSIZE(efi64Files): ARRAYSIZE(efi32Files); + const wchar_t** efiFiles = efi64Files; + int efiFilesSize = ARRAYSIZE(efi64Files); for (i = 0; i < efiFilesSize; i++) { bool bMatch = false; @@ -4280,25 +4212,12 @@ namespace VeraCrypt L"EFI/VeraCrypt/svh_bak", L"EFI/Boot/original_bootx64.vc_backup" }; - - const wchar_t* efi32Files[] = { - L"EFI/Boot/bootia32.efi", -#ifdef VC_EFI_CUSTOM_MODE - L"EFI/VeraCrypt/DcsBml.dcs", -#endif - L"EFI/VeraCrypt/DcsBoot.efi", - L"EFI/VeraCrypt/DcsCfg.dcs", - L"EFI/VeraCrypt/DcsInt.dcs", - L"EFI/VeraCrypt/LegacySpeaker.dcs", - L"EFI/VeraCrypt/svh_bak", - L"EFI/Boot/original_bootia32.vc_backup" - }; int i; zip_stat_t statMem, statFile; zip_int64_t indexMem, indexFile; - const wchar_t** efiFiles = Is64BitOs()? efi64Files: efi32Files; - int efiFilesSize = Is64BitOs()? ARRAYSIZE(efi64Files): ARRAYSIZE(efi32Files); + const wchar_t** efiFiles = efi64Files; + int efiFilesSize = ARRAYSIZE(efi64Files); for (i = 0; i < efiFilesSize; i++) { bool bMatch = false; @@ -4573,10 +4492,7 @@ namespace VeraCrypt EfiBootInst.DeleteStartExec(); EfiBootInst.DeleteStartExec(0xDC5B, L"Driver"); // remove DcsBml boot driver it was installed - if (Is64BitOs()) - EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootx64.vc_backup", L"\\EFI\\Boot\\bootx64.efi", TRUE); - else - EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootia32.vc_backup", L"\\EFI\\Boot\\bootia32.efi", TRUE); + EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootx64.vc_backup", L"\\EFI\\Boot\\bootx64.efi", TRUE); if (!EfiBootInst.RenameFile(L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc", L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", TRUE)) { diff --git a/src/Common/Cache.c b/src/Common/Cache.c index 0d7a221f..c72aa79d 100644 --- a/src/Common/Cache.c +++ b/src/Common/Cache.c @@ -24,8 +24,6 @@ int CachedPim[CACHE_SIZE]; int cacheEmpty = 1; static int nPasswordIdx = 0; -#ifdef _WIN64 - uint64 VcGetPasswordEncryptionID (Password* pPassword) { return ((uint64) pPassword->Text) + ((uint64) pPassword); @@ -41,8 +39,6 @@ void VcUnprotectPassword (Password* pPassword, uint64 encID) VcProtectPassword (pPassword, encID); } -#endif - int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo) { int nReturnCode = ERR_PASSWORD_WRONG; @@ -56,37 +52,29 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch /* Save mount passwords back into cache if asked to do so */ if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY)) { -#ifdef _WIN64 Password tmpPass; -#endif for (i = 0; i < CACHE_SIZE; i++) { Password* pCurrentPassword = &CachedPasswords[i]; -#ifdef _WIN64 if (IsRamEncryptionEnabled()) { memcpy (&tmpPass, pCurrentPassword, sizeof (Password)); VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword)); pCurrentPassword = &tmpPass; } -#endif if (memcmp (pCurrentPassword, password, sizeof (Password)) == 0) break; } -#ifdef _WIN64 if (IsRamEncryptionEnabled()) burn (&tmpPass, sizeof (Password)); -#endif if (i == CACHE_SIZE) { /* Store the password */ CachedPasswords[nPasswordIdx] = *password; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectPassword (&CachedPasswords[nPasswordIdx], VcGetPasswordEncryptionID (&CachedPasswords[nPasswordIdx])); -#endif /* Store also PIM if requested, otherwise set to default */ if (bCachePim && (pim > 0)) @@ -107,21 +95,18 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch } else if (!cacheEmpty) { -#ifdef _WIN64 Password tmpPass; -#endif /* Attempt to recognize volume using cached passwords */ for (i = 0; i < CACHE_SIZE; i++) { Password* pCurrentPassword = &CachedPasswords[i]; -#ifdef _WIN64 if (IsRamEncryptionEnabled()) { memcpy (&tmpPass, pCurrentPassword, sizeof (Password)); VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword)); pCurrentPassword = &tmpPass; } -#endif + if ((pCurrentPassword->Length > 0) && (pCurrentPassword->Length <= (unsigned int) ((bBoot? MAX_LEGACY_PASSWORD: MAX_PASSWORD)))) { if (pim == -1) @@ -134,10 +119,10 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch break; } } -#ifdef _WIN64 + if (IsRamEncryptionEnabled()) burn (&tmpPass, sizeof (Password)); -#endif + } return nReturnCode; @@ -146,21 +131,18 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch void AddPasswordToCache (Password *password, int pim, BOOL bCachePim) { -#ifdef _WIN64 Password tmpPass; -#endif int i; for (i = 0; i < CACHE_SIZE; i++) { Password* pCurrentPassword = &CachedPasswords[i]; -#ifdef _WIN64 if (IsRamEncryptionEnabled()) { memcpy (&tmpPass, pCurrentPassword, sizeof (Password)); VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword)); pCurrentPassword = &tmpPass; } -#endif + if (memcmp (pCurrentPassword, password, sizeof (Password)) == 0) break; } @@ -168,10 +150,9 @@ void AddPasswordToCache (Password *password, int pim, BOOL bCachePim) if (i == CACHE_SIZE) { CachedPasswords[nPasswordIdx] = *password; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectPassword (&CachedPasswords[nPasswordIdx], VcGetPasswordEncryptionID (&CachedPasswords[nPasswordIdx])); -#endif + /* Store also PIM if requested, otherwise set to default */ if (bCachePim && (pim > 0)) CachedPim[nPasswordIdx] = pim; @@ -184,10 +165,9 @@ void AddPasswordToCache (Password *password, int pim, BOOL bCachePim) { CachedPim[i] = pim > 0? pim : 0; } -#ifdef _WIN64 + if (IsRamEncryptionEnabled()) burn (&tmpPass, sizeof (Password)); -#endif } void AddLegacyPasswordToCache (PasswordLegacy *password, int pim) diff --git a/src/Common/Cmdline.c b/src/Common/Cmdline.c index f0dcf7cf..f34b3bfb 100644 --- a/src/Common/Cmdline.c +++ b/src/Common/Cmdline.c @@ -51,12 +51,7 @@ BOOL CALLBACK CommandHelpDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM *tmp = 0; - StringCchCopyW (tmp, 8192, L"VeraCrypt " _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX)); -#ifdef _WIN64 - StringCchCatW (tmp, 8192, L" (64-bit)"); -#else - StringCchCatW (tmp, 8192, L" (32-bit)"); -#endif + StringCchCopyW (tmp, 8192, L"VeraCrypt " _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX) L" (64-bit)"); #if (defined(_DEBUG) || defined(DEBUG)) StringCchCatW (tmp, 8192, L" (debug)"); #endif diff --git a/src/Common/Common.rc b/src/Common/Common.rc index 41778dfc..12570e94 100644 --- a/src/Common/Common.rc +++ b/src/Common/Common.rc @@ -565,17 +565,6 @@ IDR_EFI_DCSBML BIN "..\\Boot\\EFI\\DcsBml.efi" #endif IDR_EFI_DCSRE BIN "..\\Boot\\EFI\\DcsRe.efi" IDR_EFI_DCSINFO BIN "..\\Boot\\EFI\\DcsInfo.efi" -#ifndef WIN64 -IDR_EFI_DCSBOOT32 BIN "..\\Boot\\EFI\\DcsBoot32.efi" -IDR_EFI_DCSINT32 BIN "..\\Boot\\EFI\\DcsInt32.efi" -IDR_EFI_DCSCFG32 BIN "..\\Boot\\EFI\\DcsCfg32.efi" -IDR_EFI_LEGACYSPEAKER32 BIN "..\\Boot\\EFI\\LegacySpeaker32.efi" -#ifdef VC_EFI_CUSTOM_MODE -IDR_EFI_DCSBML32 BIN "..\\Boot\\EFI\\DcsBml32.efi" -#endif -IDR_EFI_DCSRE32 BIN "..\\Boot\\EFI\\DcsRe32.efi" -IDR_EFI_DCSINFO32 BIN "..\\Boot\\EFI\\DcsInfo32.efi" -#endif #endif ///////////////////////////////////////////////////////////////////////////// // diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index ed63a9a6..9ae841eb 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -193,8 +193,7 @@ void EncipherBlock(int cipher, void *data, void *ks) switch (cipher) { case AES: - // In 32-bit kernel mode, due to KeSaveFloatingPointState() overhead, AES instructions can be used only when processing the whole data unit. -#if (defined (_WIN64) || !defined (TC_WINDOWS_DRIVER)) && !defined (TC_WINDOWS_BOOT) +#if !defined (TC_WINDOWS_BOOT) if (IsAesHwCpuSupported()) aes_hw_cpu_encrypt (ks, data); else @@ -221,16 +220,10 @@ void EncipherBlock(int cipher, void *data, void *ks) void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) { uint8 *data = dataPtr; -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; -#endif if (cipher == AES && (blockCount & (32 - 1)) == 0 && IsAesHwCpuSupported() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif ) { while (blockCount > 0) @@ -241,24 +234,15 @@ void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) blockCount -= 32; } -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif } #ifndef WOLFCRYPT_BACKEND #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) else if (cipher == SERPENT && (blockCount >= 4) && HasSSE2() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif ) { serpent_encrypt_blocks (data, data, blockCount, ks); -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif } #endif #if CRYPTOPP_BOOL_X64 && !defined(CRYPTOPP_DISABLE_ASM) @@ -272,15 +256,9 @@ void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) else if (cipher == KUZNYECHIK && HasSSE2() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && (blockCount >= 4) && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif ) { kuznyechik_encrypt_blocks (data, data, blockCount, ks); -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif } #endif #endif @@ -316,11 +294,9 @@ void DecipherBlock(int cipher, void *data, void *ks) #ifndef TC_WINDOWS_BOOT case AES: -#if defined (_WIN64) || !defined (TC_WINDOWS_DRIVER) if (IsAesHwCpuSupported()) aes_hw_cpu_decrypt ((uint8 *) ks + sizeof (aes_encrypt_ctx), data); else -#endif aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx))); break; @@ -336,16 +312,10 @@ void DecipherBlock(int cipher, void *data, void *ks) void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) { uint8 *data = dataPtr; -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; -#endif if (cipher == AES && (blockCount & (32 - 1)) == 0 && IsAesHwCpuSupported() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif ) { while (blockCount > 0) @@ -356,24 +326,15 @@ void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) blockCount -= 32; } -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif } #ifndef WOLFCRYPT_BACKEND #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) else if (cipher == SERPENT && (blockCount >= 4) && HasSSE2() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif ) { serpent_decrypt_blocks (data, data, blockCount, ks); -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif } #endif #if CRYPTOPP_BOOL_X64 && !defined(CRYPTOPP_DISABLE_ASM) @@ -387,15 +348,9 @@ void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) else if (cipher == KUZNYECHIK && HasSSE2() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && (blockCount >= 4) && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif ) { kuznyechik_decrypt_blocks (data, data, blockCount, ks); -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif } #endif #endif @@ -1260,14 +1215,10 @@ BOOL IsCpuRngEnabled () BOOL IsRamEncryptionSupported () { -#ifdef _WIN64 if (t1ha_selfcheck__t1ha2() == 0) return TRUE; else return FALSE; -#else - return FALSE; -#endif } void EnableRamEncryption (BOOL enable) diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index 6fc75b43..03921da3 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -208,9 +208,7 @@ typedef struct # include "Camellia.h" #if !defined (_UEFI) # include "chachaRng.h" -# ifdef _WIN64 # include "t1ha.h" -# endif #endif #else # include "CamelliaSmall.h" @@ -386,7 +384,7 @@ void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *s void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); -#if defined(_WIN64) && !defined (_UEFI) +#if !defined (TC_WINDOWS_BOOT) && !defined (_UEFI) BOOL InitializeSecurityParameters(GetRandSeedFn rngCallback); void ClearSecurityParameters(); #ifdef TC_WINDOWS_DRIVER diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index e56c6b46..4738e6e1 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -2126,12 +2126,8 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam // Version SendMessage (GetDlgItem (hwndDlg, IDT_ABOUT_VERSION), WM_SETFONT, (WPARAM) hUserBoldFont, 0); - StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX)); -#ifdef _WIN64 - StringCbCatW (szTmp, sizeof(szTmp), L" (64-bit)"); -#else - StringCbCatW (szTmp, sizeof(szTmp), L" (32-bit)"); -#endif + StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX) L" (64-bit)"); + #if (defined(_DEBUG) || defined(DEBUG)) StringCbCatW (szTmp, sizeof(szTmp), L" (debug)"); #endif @@ -3602,6 +3598,12 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) AbortProcessDirect(L"VeraCrypt requires at least Windows 10 to run."); } + if (!Is64BitOs()) + { + // abort using a message that says that VeraCrypt can run only on 64-bit Windows + AbortProcessDirect(L"VeraCrypt requires a 64-bit version of Windows to run."); + } + SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories"); if (!SetDefaultDllDirectoriesFn) { @@ -3787,14 +3789,14 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) InitHelpFileName (); #ifndef SETUP -#ifdef _WIN64 + EnableRamEncryption ((ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); if (IsRamEncryptionEnabled()) { if (!InitializeSecurityParameters(GetAppRandomSeed)) AbortProcess("OUTOFMEMORY"); } -#endif + if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit())) { handleWin32Error (NULL, SRC_POS); @@ -4864,7 +4866,7 @@ static int DriverLoad () else *tmp = 0; - StringCbCatW (driverPath, sizeof(driverPath), !Is64BitOs () ? L"\\veracrypt.sys" : IsARM()? L"\\veracrypt-arm64.sys" : L"\\veracrypt-x64.sys"); + StringCbCatW (driverPath, sizeof(driverPath), IsARM()? L"\\veracrypt-arm64.sys" : L"\\veracrypt-x64.sys"); file = FindFirstFile (driverPath, &find); @@ -6322,19 +6324,11 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) { if (thid == SHA256) { -#ifdef _WIN64 benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 26); -#else - benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 24); -#endif } else { -#ifdef _WIN64 benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 21) / 5; -#else - benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 18) / 5; -#endif } } } @@ -6357,10 +6351,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) if (EAInitMode (ci, ci->k2)) { int i; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (ci, VcGetEncryptionID (ci)); -#endif for (i = 0; i < 10; i++) { @@ -6382,10 +6374,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) if (!EAInitMode (ci, ci->k2)) goto counter_error; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (ci, VcGetEncryptionID (ci)); -#endif if (QueryPerformanceCounter (&performanceCountStart) == 0) goto counter_error; @@ -10198,7 +10188,7 @@ std::wstring GetServiceConfigPath (const wchar_t *fileName, bool useLegacy) { wchar_t sysPath[TC_MAX_PATH]; - if (Is64BitOs() && useLegacy) + if (useLegacy) { typedef UINT (WINAPI *GetSystemWow64Directory_t) (LPWSTR lpBuffer, UINT uSize); @@ -11098,8 +11088,7 @@ std::wstring GetWindowsEdition () else if (wcsstr(productName, L"Basic") != 0) osname += L"-basic"; - if (Is64BitOs()) - osname += IsARM() ? L"-arm64" : L"-x64"; + osname += IsARM() ? L"-arm64" : L"-x64"; if (CurrentOSServicePack > 0) { @@ -14237,17 +14226,14 @@ void GetInstallationPath (HWND hwndDlg, wchar_t* szInstallPath, DWORD cchSize, B SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList); SHGetPathFromIDList (itemList, path); - if (Is64BitOs()) + // Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable) + wstring s = path; + size_t p = s.find (L" (x86)"); + if (p != wstring::npos) { - // Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable) - wstring s = path; - size_t p = s.find (L" (x86)"); - if (p != wstring::npos) - { - s = s.substr (0, p); - if (_waccess (s.c_str(), 0) != -1) - StringCbCopyW (path, sizeof (path), s.c_str()); - } + s = s.substr (0, p); + if (_waccess (s.c_str(), 0) != -1) + StringCbCopyW (path, sizeof (path), s.c_str()); } StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\"); @@ -14820,7 +14806,7 @@ void SafeOpenURL (LPCWSTR szUrl) } } -#if !defined(SETUP) && defined(_WIN64) +#if !defined(SETUP) #define RtlGenRandom SystemFunction036 extern "C" BOOLEAN NTAPI RtlGenRandom(PVOID RandomBuffer, ULONG RandomBufferLength); diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 1b2ead2a..ecf1bbd4 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -594,7 +594,7 @@ BitLockerEncryptionStatus GetBitLockerEncryptionStatus(WCHAR driveLetter); BOOL IsTestSigningModeEnabled (); DWORD SendServiceNotification (DWORD dwNotificationCmd); DWORD FastResizeFile (const wchar_t* filePath, __int64 fileSize); -#ifdef _WIN64 +#if !defined(SETUP) void GetAppRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed); #endif BOOL IsInternetConnected(); diff --git a/src/Common/EncryptionThreadPool.c b/src/Common/EncryptionThreadPool.c index 3078e895..8a0c6e78 100644 --- a/src/Common/EncryptionThreadPool.c +++ b/src/Common/EncryptionThreadPool.c @@ -143,7 +143,6 @@ static TC_MUTEX DequeueMutex; static TC_EVENT WorkItemReadyEvent; static TC_EVENT WorkItemCompletedEvent; -#if defined(_WIN64) void EncryptDataUnitsCurrentThreadEx (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) { if (IsRamEncryptionEnabled()) @@ -176,11 +175,6 @@ void DecryptDataUnitsCurrentThreadEx (unsigned __int8 *buf, const UINT64_STRUCT DecryptDataUnitsCurrentThread (buf, structUnitNo, nbrUnits, ci); } -#else -#define EncryptDataUnitsCurrentThreadEx EncryptDataUnitsCurrentThread -#define DecryptDataUnitsCurrentThreadEx DecryptDataUnitsCurrentThread -#endif - static WorkItemState GetWorkItemState (EncryptionThreadPoolWorkItem *workItem) { return InterlockedExchangeAdd ((LONG *) &workItem->State, 0); diff --git a/src/Common/Fat.c b/src/Common/Fat.c index 19720b17..dec2ccee 100644 --- a/src/Common/Fat.c +++ b/src/Common/Fat.c @@ -445,10 +445,8 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void return ERR_MODE_INIT_FAILED; } -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); -#endif x = ft->num_sectors - ft->reserved - ft->size_root_dir / ft->sector_size - ft->fat_length * 2; while (x--) diff --git a/src/Common/Format.c b/src/Common/Format.c index 482a87cd..f1550e6b 100644 --- a/src/Common/Format.c +++ b/src/Common/Format.c @@ -100,10 +100,8 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams) LARGE_INTEGER offset; BOOL bFailedRequiredDASD = FALSE; HWND hwndDlg = volParams->hwndDlg; -#ifdef _WIN64 CRYPTO_INFO tmpCI; PCRYPTO_INFO cryptoInfoBackup = NULL; -#endif FormatSectorSize = volParams->sectorSize; @@ -175,12 +173,10 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams) return nStatus? nStatus : ERR_OUTOFMEMORY; } -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); } -#endif begin_format: @@ -640,7 +636,6 @@ begin_format: goto error; } -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { VirtualLock (&tmpCI, sizeof (tmpCI)); @@ -649,7 +644,6 @@ begin_format: cryptoInfoBackup = cryptoInfo; cryptoInfo = &tmpCI; } -#endif nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, header, @@ -669,14 +663,12 @@ begin_format: FormatSectorSize, FALSE); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { cryptoInfo = cryptoInfoBackup; burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (tmpCI)); } -#endif if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header)) { @@ -689,7 +681,6 @@ begin_format: { BOOL bUpdateBackup = FALSE; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { VirtualLock (&tmpCI, sizeof (tmpCI)); @@ -698,18 +689,15 @@ begin_format: cryptoInfoBackup = cryptoInfo; cryptoInfo = &tmpCI; } -#endif nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { cryptoInfo = cryptoInfoBackup; burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (tmpCI)); } -#endif if (nStatus != ERR_SUCCESS) goto error; @@ -915,9 +903,7 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num LARGE_INTEGER startOffset; LARGE_INTEGER newOffset; -#ifdef _WIN64 CRYPTO_INFO tmpCI; -#endif // Seek to start sector startOffset.QuadPart = startSector * FormatSectorSize; @@ -936,7 +922,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num memset (sector, 0, sizeof (sector)); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { VirtualLock (&tmpCI, sizeof (tmpCI)); @@ -944,7 +929,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num VcUnprotectKeys (&tmpCI, VcGetEncryptionID (cryptoInfo)); cryptoInfo = &tmpCI; } -#endif // Remember the original secondary key (XTS mode) before generating a temporary one memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); @@ -975,10 +959,8 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num goto fail; } -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); -#endif while (num_sectors--) { @@ -1051,13 +1033,11 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (originalK2, sizeof (originalK2)); TCfree (write_buf); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (tmpCI)); } -#endif return 0; @@ -1069,13 +1049,11 @@ fail: VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (originalK2, sizeof (originalK2)); TCfree (write_buf); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (tmpCI)); } -#endif SetLastError (err); return (retVal ? retVal : ERR_OS_ERROR); diff --git a/src/Common/Random.c b/src/Common/Random.c index 0be4d601..0cd6bfa0 100644 --- a/src/Common/Random.c +++ b/src/Common/Random.c @@ -43,11 +43,7 @@ static HANDLE PeriodicFastPollThreadHandle = NULL; /* Macro to add four bytes to the pool */ #define RandaddInt32(x) RandAddInt((unsigned __int32)x); -#ifdef _WIN64 #define RandaddIntPtr(x) RandAddInt64((unsigned __int64)x); -#else -#define RandaddIntPtr(x) RandAddInt((unsigned __int32)x); -#endif void RandAddInt (unsigned __int32 x) { diff --git a/src/Common/Resource.h b/src/Common/Resource.h index 0098542e..bc9fd94b 100644 --- a/src/Common/Resource.h +++ b/src/Common/Resource.h @@ -73,14 +73,7 @@ #define IDR_EFI_LEGACYSPEAKER 569 #define IDR_EFI_DCSBML 570 #define IDR_EFI_DCSRE 571 -#define IDR_EFI_DCSBOOT32 572 -#define IDR_EFI_DCSINT32 573 -#define IDR_EFI_DCSCFG32 574 -#define IDR_EFI_LEGACYSPEAKER32 575 -#define IDR_EFI_DCSBML32 576 -#define IDR_EFI_DCSRE32 577 #define IDR_EFI_DCSINFO 578 -#define IDR_EFI_DCSINFO32 579 #define IDC_HW_AES_LABEL_LINK 5000 #define IDC_HW_AES 5001 #define IDC_PARALLELIZATION_LABEL_LINK 5002 diff --git a/src/Common/Tests.c b/src/Common/Tests.c index fee80f89..1f4178c6 100644 --- a/src/Common/Tests.c +++ b/src/Common/Tests.c @@ -725,10 +725,8 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) if (!EAInitMode (ci, key2)) return FALSE; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (ci, VcGetEncryptionID (ci)); -#endif // Each data unit will contain the same plaintext for (i = 0; i < nbrUnits; i++) diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index 3a836787..60d1b417 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -559,21 +559,11 @@ KeyReady: ; #ifdef TC_WINDOWS_DRIVER { blake2s_state ctx; -#ifndef _WIN64 - NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; - KFLOATING_SAVE floatingPointState; - if (HasSSE2()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif blake2s_init (&ctx); blake2s_update (&ctx, keyInfo->master_keydata, MASTER_KEYDATA_SIZE); blake2s_update (&ctx, header, sizeof(header)); blake2s_final (&ctx, cryptoInfo->master_keydata_hash); burn(&ctx, sizeof (ctx)); -#ifndef _WIN64 - if (NT_SUCCESS (saveStatus)) - KeRestoreFloatingPointState (&floatingPointState); -#endif } #else memcpy (cryptoInfo->master_keydata, keyInfo->master_keydata, MASTER_KEYDATA_SIZE); diff --git a/src/Crypto/chacha256.c b/src/Crypto/chacha256.c index f32e607b..685f7886 100644 --- a/src/Crypto/chacha256.c +++ b/src/Crypto/chacha256.c @@ -20,7 +20,7 @@ void chacha_ECRYPT_encrypt_bytes(size_t bytes, uint32* x, const unsigned char* m static VC_INLINE void xor_block_512(const unsigned char* in, const unsigned char* prev, unsigned char* out) { -#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) +#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG))) if (HasSSE2()) { __m128i b1 = _mm_loadu_si128((const __m128i*) in); @@ -161,7 +161,7 @@ static VC_INLINE void do_encrypt(const unsigned char* in, size_t len, unsigned c if (len) pos = 0; -#if CRYPTOPP_SSSE3_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) +#if CRYPTOPP_SSSE3_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG))) if (HasSSSE3()) { size_t fullblocks = len - len % 64; diff --git a/src/Crypto/cpu.c b/src/Crypto/cpu.c index 30263361..e611e9bb 100644 --- a/src/Crypto/cpu.c +++ b/src/Crypto/cpu.c @@ -140,11 +140,6 @@ static int TrySSE2() return 1; #elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY) && !defined(_UEFI) volatile int result = 1; -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; - if (NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))) - { -#endif __try { #if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE @@ -158,12 +153,6 @@ static int TrySSE2() { result = 0; } -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); - } - else - return 0; -#endif return result; #elif !defined(_UEFI) // longjmp and clobber warnings. Volatile is required. @@ -293,17 +282,7 @@ static int Detect_MS_HyperV_AES () HvProductName[12] = 0; if (_stricmp(HvProductName, "Microsoft Hv") == 0) { -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; - if (NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))) - { -#endif hasAesNI = TryAESNI (); - -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); - } -#endif } return hasAesNI; diff --git a/src/Crypto/kuznyechik.c b/src/Crypto/kuznyechik.c index fb76142b..1ba38abe 100644 --- a/src/Crypto/kuznyechik.c +++ b/src/Crypto/kuznyechik.c @@ -2201,7 +2201,7 @@ void kuznyechik_decrypt_blocks_simd(uint8* out, const uint8* in, size_t blocks, void kuznyechik_set_key(const uint8* key, kuznyechik_kds* kds) { -#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) +#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG))) if(HasSSE2()) { kuznyechik_set_key_simd (key, kds); @@ -2260,7 +2260,7 @@ void kuznyechik_decrypt_blocks_simd(uint8* out, const uint8* in, size_t blocks, void kuznyechik_encrypt_block(uint8* out, const uint8* in, kuznyechik_kds* kds) { -#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) +#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG))) if(HasSSE2()) { kuznyechik_encrypt_block_simd (out, in, kds); @@ -2327,7 +2327,7 @@ void kuznyechik_decrypt_blocks_simd(uint8* out, const uint8* in, size_t blocks, void kuznyechik_decrypt_block(uint8* out, const uint8* in, kuznyechik_kds* kds) { -#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) +#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG))) if(HasSSE2()) { kuznyechik_decrypt_block_simd (out, in, kds); diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index 140c31d1..f549cc08 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -644,13 +644,11 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, Extension->Queue.MaxReadAheadOffset = BootDriveLength; /* encrypt keys */ -#ifdef _WIN64 if (IsRamEncryptionEnabled()) { VcProtectKeys (Extension->HeaderCryptoInfo, VcGetEncryptionID (Extension->HeaderCryptoInfo)); VcProtectKeys (Extension->Queue.CryptoInfo, VcGetEncryptionID (Extension->Queue.CryptoInfo)); } -#endif status = EncryptedIoQueueStart (&Extension->Queue); if (!NT_SUCCESS (status)) @@ -722,7 +720,6 @@ static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension) uint64 encryptedAreaLength = Extension->Queue.EncryptedAreaEnd + 1 - Extension->Queue.EncryptedAreaStart; uint8 *fieldPos = header + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH; PCRYPTO_INFO pCryptoInfo = Extension->HeaderCryptoInfo; -#ifdef _WIN64 CRYPTO_INFO tmpCI; if (IsRamEncryptionEnabled()) { @@ -730,7 +727,6 @@ static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension) VcUnprotectKeys (&tmpCI, VcGetEncryptionID (pCryptoInfo)); pCryptoInfo = &tmpCI; } -#endif DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); @@ -748,12 +744,10 @@ static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension) mputLong (fieldPos, headerCrc32); EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); -#ifdef _WIN64 if (IsRamEncryptionEnabled()) { burn (&tmpCI, sizeof (CRYPTO_INFO)); } -#endif } status = TCWriteDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); @@ -991,9 +985,7 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte && irpSp->Parameters.Power.Type == DevicePowerState) { DismountDrive (Extension, TRUE); -#ifdef _WIN64 ClearSecurityParameters (); -#endif } PoStartNextPowerIrp (Irp); @@ -1224,15 +1216,9 @@ typedef NTSTATUS (*HiberDriverWriteFunctionB) (PLARGE_INTEGER writeOffset, PMDL typedef struct { -#ifdef _WIN64 uint8 FieldPad1[64]; HiberDriverWriteFunctionB WriteFunctionB; uint8 FieldPad2[56]; -#else - uint8 FieldPad1[48]; - HiberDriverWriteFunctionB WriteFunctionB; - uint8 FieldPad2[32]; -#endif HiberDriverWriteFunctionA WriteFunctionA; uint8 FieldPad3[24]; LARGE_INTEGER PartitionStartOffset; @@ -1243,18 +1229,10 @@ typedef NTSTATUS (*HiberDriverEntry) (PVOID arg0, HiberDriverContext *hiberDrive typedef struct { LIST_ENTRY ModuleList; -#ifdef _WIN64 uint8 FieldPad1[32]; -#else - uint8 FieldPad1[16]; -#endif PVOID ModuleBaseAddress; HiberDriverEntry ModuleEntryAddress; -#ifdef _WIN64 uint8 FieldPad2[24]; -#else - uint8 FieldPad2[12]; -#endif UNICODE_STRING ModuleName; } ModuleTableItem; @@ -2180,10 +2158,8 @@ static VOID DecoySystemWipeThreadProc (PVOID threadArg) goto err; } -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (wipeCryptoInfo, VcGetEncryptionID (wipeCryptoInfo)); -#endif EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo); memcpy (wipeRandChars, wipeRandBuffer, sizeof (wipeRandChars)); diff --git a/src/Driver/DumpFilter.c b/src/Driver/DumpFilter.c index 94a130d9..f858bb7c 100644 --- a/src/Driver/DumpFilter.c +++ b/src/Driver/DumpFilter.c @@ -61,15 +61,6 @@ NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZAT goto err; } - // KeSaveFloatingPointState() may generate a bug check during crash dump -#if !defined (_WIN64) - if (filterExtension->DumpType == DumpTypeCrashdump) - { - dumpConfig.HwEncryptionEnabled = FALSE; - // disable also CPU extended features used in optimizations - DisableCPUExtendedFeatures (); - } -#endif EnableHwEncryption (dumpConfig.HwEncryptionEnabled); @@ -129,11 +120,7 @@ NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZAT WriteFilterBufferSize = ((SIZE_T)filterInitData->MaxPagesPerWrite) * PAGE_SIZE; -#ifdef _WIN64 highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL; -#else - highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFLL; -#endif WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr); if (!WriteFilterBuffer) diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index 0edc6941..63e95d69 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -217,13 +217,6 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed) WHIRLPOOL_CTX tctx; size_t count; -#ifndef _WIN64 - KFLOATING_SAVE floatingPointState; - NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; - if (HasISSE()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif - while (cbRandSeed) { WHIRLPOOL_init (&tctx); @@ -279,11 +272,6 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed) pbRandSeed += count; } -#if !defined (_WIN64) - if (NT_SUCCESS (saveStatus)) - KeRestoreFloatingPointState (&floatingPointState); -#endif - FAST_ERASE64 (digest, sizeof (digest)); FAST_ERASE64 (&iSeed.QuadPart, 8); FAST_ERASE64 (&iSeed2.QuadPart, 8); diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index 0486219e..7bd59831 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -634,10 +634,8 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, goto error; } -#ifdef _WIN64 if (IsRamEncryptionEnabled() && (volumeType == TC_VOLUME_TYPE_NORMAL || !mount->bProtectHiddenVolume)) VcProtectKeys (Extension->cryptoInfo, VcGetEncryptionID (Extension->cryptoInfo)); -#endif Dump ("Volume header decrypted\n"); Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion); diff --git a/src/ExpandVolume/ExpandVolume.c b/src/ExpandVolume/ExpandVolume.c index 34184dda..084de5f3 100644 --- a/src/ExpandVolume/ExpandVolume.c +++ b/src/ExpandVolume/ExpandVolume.c @@ -520,11 +520,9 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas BOOL backupHeader; uint8 *wipeBuffer = NULL; uint32 workChunkSize = TC_VOLUME_HEADER_GROUP_SIZE; -#ifdef _WIN64 CRYPTO_INFO tmpCI; PCRYPTO_INFO cryptoInfoBackup = NULL; BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); -#endif if (pVolumePassword->Length == 0) return -1; @@ -703,12 +701,10 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas goto error; } -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); } -#endif if (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM) { @@ -875,7 +871,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas else DebugAddProgressDlgStatus(hwndDlg, GetString("EXPANDER_WRITING_ENCRYPTED_PRIMARY")); -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { VirtualLock (&tmpCI, sizeof (CRYPTO_INFO)); @@ -884,7 +879,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas cryptoInfoBackup = cryptoInfo; cryptoInfo = &tmpCI; } -#endif // Prepare new volume header nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, @@ -905,14 +899,12 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas cryptoInfo->SectorSize, FALSE ); // use slow poll -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { cryptoInfo = cryptoInfoBackup; burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO)); } -#endif if (ci != NULL) crypto_close (ci); @@ -945,7 +937,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas PCRYPTO_INFO dummyInfo = NULL; LARGE_INTEGER hiddenOffset; -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { VirtualLock (&tmpCI, sizeof (CRYPTO_INFO)); @@ -954,17 +945,14 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas cryptoInfoBackup = cryptoInfo; cryptoInfo = &tmpCI; } -#endif nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, newDataAreaSize, !backupHeader, backupHeader); -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { cryptoInfo = cryptoInfoBackup; burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO)); } -#endif if (nStatus != ERR_SUCCESS) goto error; diff --git a/src/ExpandVolume/InitDataArea.c b/src/ExpandVolume/InitDataArea.c index 7237754a..d937e3fb 100644 --- a/src/ExpandVolume/InitDataArea.c +++ b/src/ExpandVolume/InitDataArea.c @@ -56,9 +56,7 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, LARGE_INTEGER startOffset; LARGE_INTEGER newOffset; -#ifdef _WIN64 CRYPTO_INFO tmpCI; -#endif // Seek to start sector startOffset.QuadPart = startSector * FormatSectorSize; @@ -77,7 +75,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, memset (sector, 0, sizeof (sector)); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { VirtualLock (&tmpCI, sizeof (tmpCI)); @@ -85,7 +82,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, VcUnprotectKeys (&tmpCI, VcGetEncryptionID (cryptoInfo)); cryptoInfo = &tmpCI; } -#endif // Remember the original secondary key (XTS mode) before generating a temporary one memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); @@ -116,10 +112,8 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, goto fail; } -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); -#endif while (num_sectors--) { @@ -154,13 +148,11 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (originalK2, sizeof (originalK2)); TCfree (write_buf); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (tmpCI)); } -#endif return 0; @@ -172,13 +164,11 @@ fail: VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (originalK2, sizeof (originalK2)); TCfree (write_buf); -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) { burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (tmpCI)); } -#endif SetLastError (err); return (retVal ? retVal : ERR_OS_ERROR); diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 60c6bbbd..873ae067 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c @@ -776,9 +776,7 @@ int EncryptPartitionInPlaceResume (HANDLE dev, int pim = volParams->pim; DISK_GEOMETRY driveGeometry; HWND hwndDlg = volParams->hwndDlg; -#ifdef _WIN64 BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); -#endif bInPlaceEncNonSysResumed = TRUE; @@ -874,13 +872,11 @@ int EncryptPartitionInPlaceResume (HANDLE dev, if (nStatus != ERR_SUCCESS) goto closing_seq; -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { VcProtectKeys (masterCryptoInfo, VcGetEncryptionID (masterCryptoInfo)); VcProtectKeys (headerCryptoInfo, VcGetEncryptionID (headerCryptoInfo)); } -#endif remainingBytes = masterCryptoInfo->VolumeSize.Value - masterCryptoInfo->EncryptedAreaLength.Value; @@ -1102,7 +1098,6 @@ inplace_enc_read: { PCRYPTO_INFO dummyInfo = NULL; -#ifdef _WIN64 CRYPTO_INFO tmpCI; PCRYPTO_INFO cryptoInfoBackup = NULL; if (bIsRamEncryptionEnabled) @@ -1113,7 +1108,6 @@ inplace_enc_read: cryptoInfoBackup = masterCryptoInfo; masterCryptoInfo = &tmpCI; } -#endif nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, header, @@ -1133,14 +1127,12 @@ inplace_enc_read: masterCryptoInfo->SectorSize, wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { masterCryptoInfo = cryptoInfoBackup; burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof(tmpCI)); } -#endif if (nStatus != ERR_SUCCESS) goto closing_seq; @@ -1155,7 +1147,6 @@ inplace_enc_read: goto closing_seq; } -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { VirtualLock (&tmpCI, sizeof(tmpCI)); @@ -1164,18 +1155,16 @@ inplace_enc_read: cryptoInfoBackup = headerCryptoInfo; headerCryptoInfo = &tmpCI; } -#endif + // Fill the reserved sectors of the header area with random data nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE); -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { headerCryptoInfo = cryptoInfoBackup; burn (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof(tmpCI)); } -#endif if (nStatus != ERR_SUCCESS) goto closing_seq; @@ -1336,9 +1325,7 @@ int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile int pkcs5_prf = volParams->pkcs5; int pim = volParams->pim; DISK_GEOMETRY driveGeometry; -#ifdef _WIN64 BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); -#endif buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); @@ -1445,13 +1432,11 @@ int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile if (nStatus != ERR_SUCCESS) goto closing_seq; -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { VcProtectKeys (masterCryptoInfo, VcGetEncryptionID (masterCryptoInfo)); VcProtectKeys (headerCryptoInfo, VcGetEncryptionID (headerCryptoInfo)); } -#endif if (masterCryptoInfo->LegacyVolume) { @@ -1848,9 +1833,7 @@ int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_IN uint32 headerCrc32; uint8 *fieldPos; PCRYPTO_INFO pCryptoInfo = headerCryptoInfo; -#ifdef _WIN64 BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); -#endif header = (uint8 *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); @@ -1871,7 +1854,6 @@ int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_IN goto closing_seq; } -#ifdef _WIN64 if (bIsRamEncryptionEnabled) { pCryptoInfo = crypto_open(); @@ -1884,7 +1866,6 @@ int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_IN memcpy (pCryptoInfo, headerCryptoInfo, sizeof (CRYPTO_INFO)); VcUnprotectKeys (pCryptoInfo, VcGetEncryptionID (headerCryptoInfo)); } -#endif DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); @@ -1925,12 +1906,10 @@ closing_seq: dwError = GetLastError(); -#ifdef _WIN64 if (bIsRamEncryptionEnabled && pCryptoInfo) { crypto_close(pCryptoInfo); } -#endif burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); diff --git a/src/Setup/Portable.vcxproj b/src/Setup/Portable.vcxproj index 0a163ecd..a493c304 100644 --- a/src/Setup/Portable.vcxproj +++ b/src/Setup/Portable.vcxproj @@ -77,7 +77,7 @@ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)PortableRelease\</OutDir> <OutDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)PortableRelease\</OutDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir> - <IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)PortableRelease\</IntDir> + <IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">false</LinkIncremental> diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c index f6c1fb62..0a66dccd 100644 --- a/src/Setup/Setup.c +++ b/src/Setup/Setup.c @@ -785,7 +785,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) for (i = 0; i < sizeof (szFiles) / sizeof (szFiles[0]); i++) { - BOOL bResult, driver64 = FALSE, zipFile = FALSE; + BOOL bResult, zipFile = FALSE; wchar_t szDir[TC_MAX_PATH]; if (wcsstr (szFiles[i], L"VeraCrypt Setup") != 0) @@ -801,9 +801,6 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) StringCbCopyW (szDir, sizeof(szDir), szDestDir); else if (*szFiles[i] == L'D') { - if (Is64BitOs ()) - driver64 = TRUE; - if (!GetSystemDirectory (szDir, ARRAYSIZE (szDir))) StringCbCopyW(szDir, sizeof(szDir), L"C:\\Windows\\System32"); @@ -814,7 +811,10 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) StringCbCatW (szDir, sizeof(szDir), L"Drivers\\"); } else if (*szFiles[i] == L'W') - GetWindowsDirectory (szDir, ARRAYSIZE (szDir)); + { + if (!GetWindowsDirectory(szDir, ARRAYSIZE(szDir))) + StringCbCopyW(szDir, sizeof(szDir), L"C:\\Windows"); + } if (*szFiles[i] == L'I') continue; @@ -854,17 +854,15 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) StringCchCopyNW (curFileName, ARRAYSIZE(curFileName), szFiles[i] + 1, wcslen (szFiles[i]) - 1); curFileName [wcslen (szFiles[i]) - 1] = 0; - if (Is64BitOs () - && ((wcscmp (szFiles[i], L"Dveracrypt.sys") == 0) || (wcscmp (szFiles[i], L"Averacrypt.sys") == 0))) + if ((wcscmp (szFiles[i], L"Dveracrypt.sys") == 0) || (wcscmp (szFiles[i], L"Averacrypt.sys") == 0)) { if (IsARM()) StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-arm64.sys", sizeof(L"veracrypt-arm64.sys")); else - StringCbCopyNW (curFileName, sizeof(curFileName), FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER)); + StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-x64.sys", sizeof(L"veracrypt-x64.sys")); } - if (Is64BitOs () - && wcscmp (szFiles[i], L"Averacrypt.cat") == 0) + if (wcscmp (szFiles[i], L"Averacrypt.cat") == 0) { if (IsARM()) StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-arm64.cat", sizeof(L"veracrypt-arm64.cat")); @@ -872,8 +870,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-x64.cat", sizeof (L"veracrypt-x64.cat")); } - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) + if (wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) { if (IsARM()) StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-arm64.exe", sizeof(L"VeraCrypt-arm64.exe")); @@ -881,8 +878,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-x64.exe", sizeof (L"VeraCrypt-x64.exe")); } - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCryptExpander.exe") == 0) + if (wcscmp (szFiles[i], L"AVeraCryptExpander.exe") == 0) { if (IsARM()) StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-arm64.exe", sizeof(L"VeraCryptExpander-arm64.exe")); @@ -890,8 +886,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-x64.exe", sizeof (L"VeraCryptExpander-x64.exe")); } - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCrypt Format.exe") == 0) + if (wcscmp (szFiles[i], L"AVeraCrypt Format.exe") == 0) { if (IsARM()) StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt Format-arm64.exe", sizeof(L"VeraCrypt Format-arm64.exe")); @@ -914,7 +909,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) min (wcslen (curFileName), (size_t) Decompressed_Files[fileNo].fileNameLength)) == 0) { // Dump filter driver cannot be installed to SysWOW64 directory - if (driver64 && !EnableWow64FsRedirection (FALSE)) + if (!EnableWow64FsRedirection (FALSE)) { handleWin32Error (hwndDlg, SRC_POS); bResult = FALSE; @@ -939,46 +934,40 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) TRUE); } - if (driver64) - { - if (!EnableWow64FsRedirection (TRUE)) - { - handleWin32Error (hwndDlg, SRC_POS); - bResult = FALSE; - goto err; - } - - if (!bResult) - goto err; + if (!EnableWow64FsRedirection (TRUE)) + { + handleWin32Error (hwndDlg, SRC_POS); + bResult = FALSE; + goto err; } + if (!bResult) + goto err; + break; } } } else { - if (driver64) - EnableWow64FsRedirection (FALSE); + EnableWow64FsRedirection (FALSE); bResult = TCCopyFile (curFileName, szTmp); - if (driver64) - EnableWow64FsRedirection (TRUE); + EnableWow64FsRedirection (TRUE); } if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) { - if (Is64BitOs ()) - EnableWow64FsRedirection (FALSE); + EnableWow64FsRedirection (FALSE); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); - if (bResult && Is64BitOs () + if (bResult && FileExists (favoritesLegacyFile.c_str()) && !FileExists (favoritesFile.c_str())) { @@ -1027,41 +1016,35 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) catch (...) {} } - if (Is64BitOs ()) + // delete files from legacy path + if (FileExists (favoritesLegacyFile.c_str())) { - // delete files from legacy path - if (FileExists (favoritesLegacyFile.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); - ForceDeleteFile (favoritesLegacyFile.c_str()); - } - - if (FileExists (serviceLegacyPath.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); - ForceDeleteFile (serviceLegacyPath.c_str()); - } + RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); + ForceDeleteFile (favoritesLegacyFile.c_str()); + } - EnableWow64FsRedirection (TRUE); + if (FileExists (serviceLegacyPath.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); + ForceDeleteFile (serviceLegacyPath.c_str()); } + + EnableWow64FsRedirection (TRUE); } } } else { - if (driver64) - EnableWow64FsRedirection (FALSE); + EnableWow64FsRedirection (FALSE); if (zipFile) bResult = StatRemoveDirectory (szTmp); else bResult = StatDeleteFile (szTmp, TRUE); - if (driver64) - EnableWow64FsRedirection (TRUE); + EnableWow64FsRedirection (TRUE); if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) { - if (Is64BitOs ()) - EnableWow64FsRedirection (FALSE); + EnableWow64FsRedirection (FALSE); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); @@ -1081,22 +1064,19 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) ForceDeleteFile (servicePath.c_str()); } - if (Is64BitOs ()) + if (FileExists (favoritesLegacyFile.c_str())) { - if (FileExists (favoritesLegacyFile.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); - ForceDeleteFile (favoritesLegacyFile.c_str()); - } - - if (FileExists (serviceLegacyPath.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); - ForceDeleteFile (serviceLegacyPath.c_str()); - } + RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); + ForceDeleteFile (favoritesLegacyFile.c_str()); + } - EnableWow64FsRedirection (TRUE); + if (FileExists (serviceLegacyPath.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); + ForceDeleteFile (serviceLegacyPath.c_str()); } + + EnableWow64FsRedirection (TRUE); } } diff --git a/src/Setup/Setup.h b/src/Setup/Setup.h index 70a04555..5ab62bb6 100644 --- a/src/Setup/Setup.h +++ b/src/Setup/Setup.h @@ -42,9 +42,6 @@ static wchar_t *szCompressedFiles[]= L"License.txt", L"LICENSE", L"NOTICE", - L"VeraCrypt.exe", - L"VeraCryptExpander.exe", - L"VeraCrypt Format.exe", L"VeraCrypt-x64.exe", L"VeraCryptExpander-x64.exe", L"VeraCrypt Format-x64.exe", @@ -52,8 +49,6 @@ static wchar_t *szCompressedFiles[]= L"VeraCryptExpander-arm64.exe", L"VeraCrypt Format-arm64.exe", L"veracrypt.inf", - L"veracrypt.cat", - L"veracrypt.sys", L"veracrypt-x64.cat", L"veracrypt-x64.sys", L"veracrypt-arm64.cat", @@ -74,7 +69,6 @@ static wchar_t *szLegacyFiles[]= L"veracrypt-x64.sys", }; -#define FILENAME_64BIT_DRIVER L"veracrypt-x64.sys" #define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0])) void localcleanup (void); diff --git a/src/Setup/Setup.vcxproj b/src/Setup/Setup.vcxproj index f76efd6b..a82b967d 100644 --- a/src/Setup/Setup.vcxproj +++ b/src/Setup/Setup.vcxproj @@ -77,7 +77,7 @@ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)Release\</OutDir> <OutDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)Release\</OutDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(ProjectDir)Release\Int\</IntDir> - <IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)Release\</IntDir> + <IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)Release\Int\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)Release\Int\</IntDir> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">false</LinkIncremental> diff --git a/src/SetupDLL/Setup.c b/src/SetupDLL/Setup.c index 4cbb11aa..195c9ec3 100644 --- a/src/SetupDLL/Setup.c +++ b/src/SetupDLL/Setup.c @@ -2499,16 +2499,14 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostInstall(MSIHANDLE hInstaller) StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szInstallDir.c_str(), L"VeraCrypt.exe"); - if (Is64BitOs ()) - EnableWow64FsRedirection (FALSE); + EnableWow64FsRedirection (FALSE); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); - if (Is64BitOs () - && FileExists (favoritesLegacyFile.c_str()) + if (FileExists (favoritesLegacyFile.c_str()) && !FileExists (favoritesFile.c_str())) { // copy the favorites XML file to the native system directory @@ -2565,24 +2563,21 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostInstall(MSIHANDLE hInstaller) catch (...) {} } - if (Is64BitOs ()) + // delete files from legacy path + if (FileExists (favoritesLegacyFile.c_str())) { - // delete files from legacy path - if (FileExists (favoritesLegacyFile.c_str())) - { - MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", favoritesLegacyFile.c_str()); - ForceDeleteFile (favoritesLegacyFile.c_str()); - } - - if (FileExists (serviceLegacyPath.c_str())) - { - MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", serviceLegacyPath.c_str()); - ForceDeleteFile (serviceLegacyPath.c_str()); - } + MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", favoritesLegacyFile.c_str()); + ForceDeleteFile (favoritesLegacyFile.c_str()); + } - EnableWow64FsRedirection (TRUE); + if (FileExists (serviceLegacyPath.c_str())) + { + MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", serviceLegacyPath.c_str()); + ForceDeleteFile (serviceLegacyPath.c_str()); } + EnableWow64FsRedirection (TRUE); + if (bResult == FALSE) { LPVOID lpMsgBuf; @@ -3223,8 +3218,7 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostUninstall(MSIHANDLE hInstaller) // Last part of DoFilesInstall() { - if (Is64BitOs ()) - EnableWow64FsRedirection (FALSE); + EnableWow64FsRedirection (FALSE); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); @@ -3244,23 +3238,20 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostUninstall(MSIHANDLE hInstaller) ForceDeleteFile (servicePath.c_str()); } - if (Is64BitOs ()) + if (FileExists (favoritesLegacyFile.c_str())) { - if (FileExists (favoritesLegacyFile.c_str())) - { - MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", favoritesLegacyFile.c_str()); - ForceDeleteFile (favoritesLegacyFile.c_str()); - } - - if (FileExists (serviceLegacyPath.c_str())) - { - MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", serviceLegacyPath.c_str()); - ForceDeleteFile (serviceLegacyPath.c_str()); - } + MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", favoritesLegacyFile.c_str()); + ForceDeleteFile (favoritesLegacyFile.c_str()); + } - EnableWow64FsRedirection (TRUE); + if (FileExists (serviceLegacyPath.c_str())) + { + MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", serviceLegacyPath.c_str()); + ForceDeleteFile (serviceLegacyPath.c_str()); } + EnableWow64FsRedirection (TRUE); + // remove the installation folder is case it remains after uninstall if (DirectoryExists (szInstallDir.c_str())) { diff --git a/src/SetupDLL/Setup.h b/src/SetupDLL/Setup.h index e38dd75a..603c3e63 100644 --- a/src/SetupDLL/Setup.h +++ b/src/SetupDLL/Setup.h @@ -42,9 +42,6 @@ static wchar_t *szCompressedFiles[]= L"License.txt", L"LICENSE", L"NOTICE", - L"VeraCrypt.exe", - L"VeraCryptExpander.exe", - L"VeraCrypt Format.exe", L"VeraCrypt-x64.exe", L"VeraCryptExpander-x64.exe", L"VeraCrypt Format-x64.exe", @@ -52,8 +49,6 @@ static wchar_t *szCompressedFiles[]= L"VeraCryptExpander-arm64.exe", L"VeraCrypt Format-arm64.exe", L"veracrypt.inf", - L"veracrypt.cat", - L"veracrypt.sys", L"veracrypt-x64.cat", L"veracrypt-x64.sys", L"veracrypt-arm64.cat", @@ -74,7 +69,6 @@ static wchar_t *szLegacyFiles[]= L"veracrypt-x64.sys", }; -#define FILENAME_64BIT_DRIVER L"veracrypt-x64.sys" #define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0])) void localcleanup (void); diff --git a/src/Signing/sign.bat b/src/Signing/sign.bat index 7205849d..80140111 100644 --- a/src/Signing/sign.bat +++ b/src/Signing/sign.bat @@ -10,7 +10,7 @@ call "..\..\doc\chm\create_chm.bat" cd %SIGNINGPATH% rem sign using SHA-256 -signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCryptSetup.dll" +signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCryptSetup.dll" rem create setup and MSI cd "..\Release\Setup Files\" diff --git a/src/Signing/sign_TESTSIGNING.bat b/src/Signing/sign_TESTSIGNING.bat index ac8d8390..150b84e5 100644 --- a/src/Signing/sign_TESTSIGNING.bat +++ b/src/Signing/sign_TESTSIGNING.bat @@ -6,9 +6,9 @@ set SIGNINGPATH=%~dp0 cd %SIGNINGPATH% rem sign using SHA-256 -signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" +signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys" -signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" "..\Release\Setup Files\VeraCryptSetup.dll" +signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" "..\Release\Setup Files\VeraCryptSetup.dll" rem create setup and MSI cd "..\Release\Setup Files\" diff --git a/src/Signing/sign_test.bat b/src/Signing/sign_test.bat index c3e89a9f..632b3f6e 100644 --- a/src/Signing/sign_test.bat +++ b/src/Signing/sign_test.bat @@ -16,12 +16,12 @@ call "..\..\doc\chm\create_chm.bat" cd %SIGNINGPATH% rem sign using SHA-1 -signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.digicert.com "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" +signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.digicert.com "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" timeout /t 10 rem sign using SHA-256 -signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" +signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" rem create setup and MSI cd "..\Release\Setup Files\" diff --git a/src/Signing/sign_test_debug.bat b/src/Signing/sign_test_debug.bat index fa701681..817f483a 100644 --- a/src/Signing/sign_test_debug.bat +++ b/src/Signing/sign_test_debug.bat @@ -17,7 +17,7 @@ cd %SIGNINGPATH% rem sign using SHA-256 -signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Debug\Setup Files\veracrypt.sys" "..\Debug\Setup Files\veracrypt-x64.sys" "..\Debug\Setup Files\veracrypt-arm64.sys" "..\Debug\Setup Files\VeraCrypt.exe" "..\Debug\Setup Files\VeraCrypt Format.exe" "..\Debug\Setup Files\VeraCryptExpander.exe" "..\Debug\Setup Files\VeraCrypt-x64.exe" "..\Debug\Setup Files\VeraCrypt Format-x64.exe" "..\Debug\Setup Files\VeraCryptExpander-x64.exe" "..\Debug\Setup Files\VeraCrypt-arm64.exe" "..\Debug\Setup Files\VeraCrypt Format-arm64.exe" "..\Debug\Setup Files\VeraCryptExpander-arm64.exe" "..\Debug\Setup Files\VeraCrypt COMReg.exe" +signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Debug\Setup Files\veracrypt-x64.sys" "..\Debug\Setup Files\veracrypt-arm64.sys" "..\Debug\Setup Files\VeraCrypt-x64.exe" "..\Debug\Setup Files\VeraCrypt Format-x64.exe" "..\Debug\Setup Files\VeraCryptExpander-x64.exe" "..\Debug\Setup Files\VeraCrypt-arm64.exe" "..\Debug\Setup Files\VeraCrypt Format-arm64.exe" "..\Debug\Setup Files\VeraCryptExpander-arm64.exe" "..\Debug\Setup Files\VeraCrypt COMReg.exe" rem create setup and MSI cd "..\Debug\Setup Files\" |