diff options
31 files changed, 512 insertions, 777 deletions
diff --git a/src/Boot/Windows/BootCommon.h b/src/Boot/Windows/BootCommon.h index 45a1a650..c17058b8 100644 --- a/src/Boot/Windows/BootCommon.h +++ b/src/Boot/Windows/BootCommon.h @@ -58,7 +58,7 @@ typedef struct uint16 CryptoInfoOffset; uint16 CryptoInfoLength; uint32 HeaderSaltCrc32; - PasswordLegacy BootPassword; + __declspec(align(8)) PasswordLegacy BootPassword; uint64 HiddenSystemPartitionStart; uint64 DecoySystemPartitionStart; uint32 Flags; diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index f79e7339..ed185fc0 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -4382,14 +4382,14 @@ namespace VeraCrypt if (!IsRandomNumberGeneratorStarted()) throw ParameterIncorrect (SRC_POS); - throw_sys_if (CreateVolumeHeaderInMemory (ParentWindow, TRUE, (char *) VolumeHeader, ea, mode, password, pkcs5, pim, NULL, &cryptoInfo, + throw_sys_if (CreateVolumeHeaderInMemory (ParentWindow, TRUE, VolumeHeader, ea, mode, password, pkcs5, pim, NULL, &cryptoInfo, volumeSize, 0, encryptedAreaStart, 0, TC_SYSENC_KEYSCOPE_MIN_REQ_PROG_VERSION, TC_HEADER_FLAG_ENCRYPTED_SYSTEM, TC_SECTOR_SIZE_BIOS, FALSE) != 0); finally_do_arg (PCRYPTO_INFO*, &cryptoInfo, { crypto_close (*finally_arg); }); // Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize) memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader)); - if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, NULL, cryptoInfo)) + if (0 != ReadVolumeHeader (TRUE, RescueVolumeHeader, password, pkcs5, pim, NULL, cryptoInfo)) throw ParameterIncorrect (SRC_POS); DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); @@ -5391,7 +5391,7 @@ namespace VeraCrypt SystemDriveConfiguration config = GetSystemDriveConfiguration (); - char header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; + unsigned char header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; Device device (config.DevicePath); device.CheckOpened (SRC_POS); @@ -5421,7 +5421,7 @@ namespace VeraCrypt } device.SeekAt (headerOffset); - device.Read ((uint8 *) header, sizeof (header)); + device.Read (header, sizeof (header)); PCRYPTO_INFO cryptoInfo = NULL; diff --git a/src/Common/Cache.c b/src/Common/Cache.c index 46249b9c..0d7a221f 100644 --- a/src/Common/Cache.c +++ b/src/Common/Cache.c @@ -43,7 +43,7 @@ void VcUnprotectPassword (Password* pPassword, uint64 encID) #endif -int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo) +int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo) { int nReturnCode = ERR_PASSWORD_WRONG; int i, effectivePim; diff --git a/src/Common/Cache.h b/src/Common/Cache.h index 0988bf29..84bb6937 100644 --- a/src/Common/Cache.h +++ b/src/Common/Cache.h @@ -22,5 +22,5 @@ extern int cacheEmpty; void AddPasswordToCache (Password *password, int pim, BOOL bCachePim); void AddLegacyPasswordToCache (PasswordLegacy *password, int pim); -int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo); +int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo); void WipeCache (void); diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index 9c4ee5a3..5856df48 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -659,8 +659,8 @@ int EAGetNextMode (int ea, int previousModeId) return 0; } -// Returns the name of the mode of operation of the whole EA -wchar_t *EAGetModeName (int ea, int mode, BOOL capitalLetters) +// Returns the name of the mode of operation +const wchar_t *EAGetModeName (int mode) { switch (mode) { @@ -669,7 +669,7 @@ wchar_t *EAGetModeName (int ea, int mode, BOOL capitalLetters) return L"XTS"; } - return L"[unknown]"; + return L"[UNKNOWN]"; } #endif // TC_WINDOWS_BOOT @@ -891,7 +891,7 @@ PCRYPTO_INFO crypto_open () } #ifndef TC_WINDOWS_BOOT -void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen) +void crypto_loadkey (PKEY_INFO keyInfo, unsigned char *lpszUserKey, int nUserKeyLen) { keyInfo->keyLength = nUserKeyLen; burn (keyInfo->userKey, sizeof (keyInfo->userKey)); @@ -1239,9 +1239,11 @@ static BOOL RamEncryptionEnabled = FALSE; BOOL IsCpuRngSupported () { +#ifndef _M_ARM64 if (HasRDSEED() || HasRDRAND()) return TRUE; else +#endif return FALSE; } @@ -1313,7 +1315,7 @@ uint8 GetRandomIndex (ChaCha20RngCtx* pCtx, uint8 elementsCount) return index; } -#if defined(_WIN64) && !defined (_UEFI) +#if !defined (_UEFI) /* declaration of variables and functions used for RAM encryption on 64-bit build */ static uint8* pbKeyDerivationArea = NULL; static ULONG cbKeyDerivationArea = 0; diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index 89d22f0e..6fc75b43 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -228,9 +228,9 @@ typedef struct keyInfo_t int noIterations; /* Number of times to iterate (PKCS-5) */ int keyLength; /* Length of the key */ uint64 dummy; /* Dummy field to ensure 16-byte alignment of this structure */ - __int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */ - CRYPTOPP_ALIGN_DATA(16) __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ - CRYPTOPP_ALIGN_DATA(16) __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */ + unsigned __int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */ + CRYPTOPP_ALIGN_DATA(16) unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ + CRYPTOPP_ALIGN_DATA(16) unsigned __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */ } KEY_INFO, *PKEY_INFO; #endif @@ -309,7 +309,7 @@ typedef struct BOOT_CRYPTO_HEADER_t PCRYPTO_INFO crypto_open (void); #ifndef TC_WINDOWS_BOOT -void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen); +void crypto_loadkey (PKEY_INFO keyInfo, unsigned char *lpszUserKey, int nUserKeyLen); void crypto_eraseKeys (PCRYPTO_INFO cryptoInfo); #endif void crypto_close (PCRYPTO_INFO cryptoInfo); @@ -348,7 +348,7 @@ int EAGetKeySize (int ea); int EAGetFirstMode (int ea); int EAGetNextMode (int ea, int previousModeId); #ifndef TC_WINDOWS_BOOT -wchar_t * EAGetModeName (int ea, int mode, BOOL capitalLetters); +const wchar_t * EAGetModeName (int mode); #endif int EAGetKeyScheduleSize (int ea); int EAGetLargestKey (); diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index b91167d4..ba0173ac 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -859,11 +859,6 @@ BOOL VerifyModuleSignature (const wchar_t* path) WINTRUST_DATA WVTData = {0}; wchar_t filePath [TC_MAX_PATH + 1024]; - // we check our own authenticode signature only starting from Windows 10 since this is - // the minimal supported OS apart from XP where we can't verify SHA256 signatures - if (!IsOSAtLeast (WIN_10)) - return TRUE; - // Strip quotation marks (if any) if (path [0] == L'"') { @@ -3603,10 +3598,10 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) InitOSVersionInfo(); - if (!IsOSAtLeast (WIN_7)) + if (!IsOSAtLeast (WIN_10)) { - // abort using a message that says that VeraCrypt can run only on Windows 7 and later and that it is officially supported only on Windows 10 and later - AbortProcessDirect(L"VeraCrypt requires at least Windows 7 to run."); + // abort using a message that says that VeraCrypt can run only on Windows 10 and later + AbortProcessDirect(L"VeraCrypt requires at least Windows 10 to run."); } SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories"); @@ -6266,7 +6261,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) */ { int thid, i; - char dk[MASTER_KEYDATA_SIZE]; + unsigned char dk[MASTER_KEYDATA_SIZE]; char *tmp_salt = {"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"}; for (thid = FIRST_PRF_ID; thid <= LAST_PRF_ID; thid++) @@ -6284,27 +6279,27 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) case SHA512: /* PKCS-5 test with HMAC-SHA-512 used as the PRF */ - derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_sha512 ((unsigned char*) "passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case SHA256: /* PKCS-5 test with HMAC-SHA-256 used as the PRF */ - derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_sha256 ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; #ifndef WOLFCRYPT_BACKEND case BLAKE2S: /* PKCS-5 test with HMAC-BLAKE2s used as the PRF */ - derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_blake2s ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case WHIRLPOOL: /* PKCS-5 test with HMAC-Whirlpool used as the PRF */ - derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_whirlpool ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case STREEBOG: /* PKCS-5 test with HMAC-STREEBOG used as the PRF */ - derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_streebog((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; } #endif @@ -7639,7 +7634,7 @@ CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) else { - CipherInit2(idTestCipher, key, ks_tmp, ks); + CipherInit2(idTestCipher, key, ks_tmp); if (bEncrypt) { @@ -11480,7 +11475,7 @@ int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password int volumeType; wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; wchar_t szDosDevice[TC_MAX_PATH]; - char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + unsigned char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; LARGE_INTEGER headerOffset; DWORD dwResult; DISK_GEOMETRY_EX deviceGeometry; @@ -11694,7 +11689,7 @@ void CloseVolume (OpenVolumeContext *context) } -int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode) +int ReEncryptVolumeHeader (HWND hwndDlg, unsigned char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode) { CRYPTO_INFO *newCryptoInfo = NULL; diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 288daecd..1b2ead2a 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -540,7 +540,7 @@ BOOL GetSysDevicePaths (HWND hwndDlg); BOOL DoDriverInstall (HWND hwndDlg); int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader); void CloseVolume (OpenVolumeContext *context); -int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode); +int ReEncryptVolumeHeader (HWND hwndDlg, unsigned char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode); BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); BOOL IsPagingFileWildcardActive (); BOOL DisablePagingFile (); diff --git a/src/Common/EncryptionThreadPool.c b/src/Common/EncryptionThreadPool.c index 79f1c890..3078e895 100644 --- a/src/Common/EncryptionThreadPool.c +++ b/src/Common/EncryptionThreadPool.c @@ -98,14 +98,14 @@ typedef struct EncryptionThreadPoolWorkItemStruct { TC_EVENT *CompletionEvent; LONG *CompletionFlag; - char *DerivedKey; + unsigned char *DerivedKey; int IterationCount; TC_EVENT *NoOutstandingWorkItemEvent; LONG *OutstandingWorkItemCount; - char *Password; + unsigned char *Password; int PasswordLength; int Pkcs5Prf; - char *Salt; + unsigned char *Salt; } KeyDerivation; @@ -533,7 +533,7 @@ void EncryptionThreadPoolStop () } -void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey) +void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, unsigned char *password, int passwordLength, unsigned char *salt, int iterationCount, unsigned char *derivedKey) { EncryptionThreadPoolWorkItem *workItem; diff --git a/src/Common/EncryptionThreadPool.h b/src/Common/EncryptionThreadPool.h index 71df4e4d..2e727a74 100644 --- a/src/Common/EncryptionThreadPool.h +++ b/src/Common/EncryptionThreadPool.h @@ -32,7 +32,7 @@ typedef enum size_t GetCpuCount (WORD* pGroupCount); #endif -void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey); +void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, unsigned char *password, int passwordLength, unsigned char *salt, int iterationCount, unsigned char *derivedKey); void EncryptionThreadPoolBeginReadVolumeHeaderFinalization (TC_EVENT *keyDerivationCompletedEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG* outstandingWorkItemCount, void* keyInfoBuffer, int keyInfoBufferSize, void* keyDerivationWorkItems, int keyDerivationWorkItemsSize); void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, uint8 *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo); BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount); diff --git a/src/Common/Format.c b/src/Common/Format.c index 7eff80e6..635a2b09 100644 --- a/src/Common/Format.c +++ b/src/Common/Format.c @@ -84,7 +84,7 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams) PCRYPTO_INFO cryptoInfo = NULL; HANDLE dev = INVALID_HANDLE_VALUE; DWORD dwError; - char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + unsigned char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; unsigned __int64 num_sectors, startSector; fatparams ft; FILETIME ftCreationTime; diff --git a/src/Common/Password.c b/src/Common/Password.c index c0247207..aed7cfb9 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -173,7 +173,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR; wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; wchar_t szDosDevice[TC_MAX_PATH]; - char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + unsigned char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; PCRYPTO_INFO cryptoInfo = NULL, ci = NULL; void *dev = INVALID_HANDLE_VALUE; DWORD dwError; diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index d81078e8..7892a38a 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -43,13 +43,13 @@ typedef struct hmac_sha256_ctx_struct sha256_ctx ctx; sha256_ctx inner_digest_ctx; /*pre-computed inner digest context */ sha256_ctx outer_digest_ctx; /*pre-computed outer digest context */ - char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA256 hash */ - char u[SHA256_DIGESTSIZE]; + unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA256 hash */ + unsigned char u[SHA256_DIGESTSIZE]; } hmac_sha256_ctx; void hmac_sha256_internal ( - char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ + unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ int ld, /* length of input data in bytes */ hmac_sha256_ctx* hmac /* HMAC-SHA256 context which holds temporary variables */ ) @@ -60,44 +60,38 @@ void hmac_sha256_internal memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha256_ctx)); - sha256_hash ((unsigned char *) d, ld, ctx); + sha256_hash (d, ld, ctx); - sha256_end ((unsigned char *) d, ctx); /* d = inner digest */ + sha256_end (d, ctx); /* d = inner digest */ /**** Restore Precomputed Outer Digest Context ****/ memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha256_ctx)); - sha256_hash ((unsigned char *) d, SHA256_DIGESTSIZE, ctx); + sha256_hash (d, SHA256_DIGESTSIZE, ctx); - sha256_end ((unsigned char *) d, ctx); /* d = outer digest */ + sha256_end (d, ctx); /* d = outer digest */ } #ifndef TC_WINDOWS_BOOT void hmac_sha256 ( - char *k, /* secret key */ + unsigned char *k, /* secret key */ int lk, /* length of the key in bytes */ - char *d, /* data */ + unsigned char *d, /* data */ int ld /* length of data in bytes */ ) { hmac_sha256_ctx hmac; sha256_ctx* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b; - char key[SHA256_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) + unsigned char key[SHA256_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; -#ifdef _WIN64 XSTATE_SAVE SaveState; if (IsCpuIntel() && HasSAVX()) saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState); -#else - KFLOATING_SAVE floatingPointState; - if (HasSSE2()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif #endif /* If the key is longer than the hash algorithm block size, let key = sha256(key), as per HMAC specifications. */ @@ -106,8 +100,8 @@ void hmac_sha256 sha256_ctx tctx; sha256_begin (&tctx); - sha256_hash ((unsigned char *) k, lk, &tctx); - sha256_end ((unsigned char *) key, &tctx); + sha256_hash (k, lk, &tctx); + sha256_end (key, &tctx); k = key; lk = SHA256_DIGESTSIZE; @@ -122,10 +116,10 @@ void hmac_sha256 /* Pad the key for inner digest */ for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); + buf[b] = (unsigned char) (k[b] ^ 0x36); memset (&buf[lk], 0x36, SHA256_BLOCKSIZE - lk); - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + sha256_hash (buf, SHA256_BLOCKSIZE, ctx); /**** Precompute HMAC Outer Digest ****/ @@ -133,20 +127,16 @@ void hmac_sha256 sha256_begin (ctx); for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); + buf[b] = (unsigned char) (k[b] ^ 0x5C); memset (&buf[lk], 0x5C, SHA256_BLOCKSIZE - lk); - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + sha256_hash (buf, SHA256_BLOCKSIZE, ctx); hmac_sha256_internal(d, ld, &hmac); -#if defined (DEVICE_DRIVER) +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) if (NT_SUCCESS (saveStatus)) -#ifdef _WIN64 KeRestoreExtendedProcessorStateVC(&SaveState); -#else - KeRestoreFloatingPointState (&floatingPointState); -#endif #endif /* Prevent leaks */ @@ -155,10 +145,10 @@ void hmac_sha256 } #endif -static void derive_u_sha256 (char *salt, int salt_len, uint32 iterations, int b, hmac_sha256_ctx* hmac) +static void derive_u_sha256 (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_sha256_ctx* hmac) { - char* k = hmac->k; - char* u = hmac->u; + unsigned char* k = hmac->k; + unsigned char* u = hmac->u; uint32 c; int i; @@ -184,7 +174,7 @@ static void derive_u_sha256 (char *salt, int salt_len, uint32 iterations, int b, #ifdef TC_WINDOWS_BOOT /* specific case of 16-bit bootloader: b is a 16-bit integer that is always < 256 */ memset (&k[salt_len], 0, 3); - k[salt_len + 3] = (char) b; + k[salt_len + 3] = (unsigned char) b; #else b = bswap_32 (b); memcpy (&k[salt_len], &b, 4); @@ -206,25 +196,19 @@ static void derive_u_sha256 (char *salt, int salt_len, uint32 iterations, int b, } -void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +void derive_key_sha256 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen) { hmac_sha256_ctx hmac; sha256_ctx* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b, l, r; #ifndef TC_WINDOWS_BOOT - char key[SHA256_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) + unsigned char key[SHA256_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; -#ifdef _WIN64 XSTATE_SAVE SaveState; if (IsCpuIntel() && HasSAVX()) saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState); -#else - KFLOATING_SAVE floatingPointState; - if (HasSSE2()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif #endif /* If the password is longer than the hash algorithm block size, let pwd = sha256(pwd), as per HMAC specifications. */ @@ -233,8 +217,8 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 sha256_ctx tctx; sha256_begin (&tctx); - sha256_hash ((unsigned char *) pwd, pwd_len, &tctx); - sha256_end ((unsigned char *) key, &tctx); + sha256_hash (pwd, pwd_len, &tctx); + sha256_end (key, &tctx); pwd = key; pwd_len = SHA256_DIGESTSIZE; @@ -261,10 +245,10 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 /* Pad the key for inner digest */ for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); + buf[b] = (unsigned char) (pwd[b] ^ 0x36); memset (&buf[pwd_len], 0x36, SHA256_BLOCKSIZE - pwd_len); - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + sha256_hash (buf, SHA256_BLOCKSIZE, ctx); /**** Precompute HMAC Outer Digest ****/ @@ -272,10 +256,10 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 sha256_begin (ctx); for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); + buf[b] = (unsigned char) (pwd[b] ^ 0x5C); memset (&buf[pwd_len], 0x5C, SHA256_BLOCKSIZE - pwd_len); - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + sha256_hash (buf, SHA256_BLOCKSIZE, ctx); /* first l - 1 blocks */ for (b = 1; b < l; b++) @@ -289,13 +273,9 @@ void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 derive_u_sha256 (salt, salt_len, iterations, b, &hmac); memcpy (dk, hmac.u, r); -#if defined (DEVICE_DRIVER) +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) if (NT_SUCCESS (saveStatus)) -#ifdef _WIN64 KeRestoreExtendedProcessorStateVC(&SaveState); -#else - KeRestoreFloatingPointState (&floatingPointState); -#endif #endif /* Prevent possible leaks. */ @@ -314,13 +294,13 @@ typedef struct hmac_sha512_ctx_struct sha512_ctx ctx; sha512_ctx inner_digest_ctx; /*pre-computed inner digest context */ sha512_ctx outer_digest_ctx; /*pre-computed outer digest context */ - char k[SHA512_BLOCKSIZE]; /* enough to hold (salt_len + 4) and also the SHA512 hash */ - char u[SHA512_DIGESTSIZE]; + unsigned char k[SHA512_BLOCKSIZE]; /* enough to hold (salt_len + 4) and also the SHA512 hash */ + unsigned char u[SHA512_DIGESTSIZE]; } hmac_sha512_ctx; void hmac_sha512_internal ( - char *d, /* data and also output buffer of at least 64 bytes */ + unsigned char *d, /* data and also output buffer of at least 64 bytes */ int ld, /* length of data in bytes */ hmac_sha512_ctx* hmac ) @@ -331,43 +311,37 @@ void hmac_sha512_internal memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha512_ctx)); - sha512_hash ((unsigned char *) d, ld, ctx); + sha512_hash (d, ld, ctx); - sha512_end ((unsigned char *) d, ctx); + sha512_end (d, ctx); /**** Restore Precomputed Outer Digest Context ****/ memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha512_ctx)); - sha512_hash ((unsigned char *) d, SHA512_DIGESTSIZE, ctx); + sha512_hash (d, SHA512_DIGESTSIZE, ctx); - sha512_end ((unsigned char *) d, ctx); + sha512_end (d, ctx); } void hmac_sha512 ( - char *k, /* secret key */ + unsigned char *k, /* secret key */ int lk, /* length of the key in bytes */ - char *d, /* data and also output buffer of at least 64 bytes */ + unsigned char *d, /* data and also output buffer of at least 64 bytes */ int ld /* length of data in bytes */ ) { hmac_sha512_ctx hmac; sha512_ctx* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b; - char key[SHA512_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) + unsigned char key[SHA512_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; -#ifdef _WIN64 XSTATE_SAVE SaveState; if (IsCpuIntel() && HasSAVX()) saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState); -#else - KFLOATING_SAVE floatingPointState; - if (HasSSSE3() && HasMMX()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif #endif /* If the key is longer than the hash algorithm block size, @@ -377,8 +351,8 @@ void hmac_sha512 sha512_ctx tctx; sha512_begin (&tctx); - sha512_hash ((unsigned char *) k, lk, &tctx); - sha512_end ((unsigned char *) key, &tctx); + sha512_hash (k, lk, &tctx); + sha512_end (key, &tctx); k = key; lk = SHA512_DIGESTSIZE; @@ -393,10 +367,10 @@ void hmac_sha512 /* Pad the key for inner digest */ for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); + buf[b] = (unsigned char) (k[b] ^ 0x36); memset (&buf[lk], 0x36, SHA512_BLOCKSIZE - lk); - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + sha512_hash (buf, SHA512_BLOCKSIZE, ctx); /**** Precompute HMAC Outer Digest ****/ @@ -404,20 +378,16 @@ void hmac_sha512 sha512_begin (ctx); for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); + buf[b] = (unsigned char) (k[b] ^ 0x5C); memset (&buf[lk], 0x5C, SHA512_BLOCKSIZE - lk); - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + sha512_hash (buf, SHA512_BLOCKSIZE, ctx); hmac_sha512_internal (d, ld, &hmac); -#if defined (DEVICE_DRIVER) +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) if (NT_SUCCESS (saveStatus)) -#ifdef _WIN64 KeRestoreExtendedProcessorStateVC(&SaveState); -#else - KeRestoreFloatingPointState (&floatingPointState); -#endif #endif /* Prevent leaks */ @@ -425,10 +395,10 @@ void hmac_sha512 burn (key, sizeof(key)); } -static void derive_u_sha512 (char *salt, int salt_len, uint32 iterations, int b, hmac_sha512_ctx* hmac) +static void derive_u_sha512 (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_sha512_ctx* hmac) { - char* k = hmac->k; - char* u = hmac->u; + unsigned char* k = hmac->k; + unsigned char* u = hmac->u; uint32 c, i; /* iteration 1 */ @@ -452,24 +422,18 @@ static void derive_u_sha512 (char *salt, int salt_len, uint32 iterations, int b, } -void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +void derive_key_sha512 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen) { hmac_sha512_ctx hmac; sha512_ctx* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b, l, r; - char key[SHA512_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) + unsigned char key[SHA512_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; -#ifdef _WIN64 XSTATE_SAVE SaveState; if (IsCpuIntel() && HasSAVX()) saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState); -#else - KFLOATING_SAVE floatingPointState; - if (HasSSSE3() && HasMMX()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif #endif /* If the password is longer than the hash algorithm block size, @@ -479,8 +443,8 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 sha512_ctx tctx; sha512_begin (&tctx); - sha512_hash ((unsigned char *) pwd, pwd_len, &tctx); - sha512_end ((unsigned char *) key, &tctx); + sha512_hash (pwd, pwd_len, &tctx); + sha512_end (key, &tctx); pwd = key; pwd_len = SHA512_DIGESTSIZE; @@ -506,10 +470,10 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 /* Pad the key for inner digest */ for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); + buf[b] = (unsigned char) (pwd[b] ^ 0x36); memset (&buf[pwd_len], 0x36, SHA512_BLOCKSIZE - pwd_len); - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + sha512_hash (buf, SHA512_BLOCKSIZE, ctx); /**** Precompute HMAC Outer Digest ****/ @@ -517,10 +481,10 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 sha512_begin (ctx); for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); + buf[b] = (unsigned char) (pwd[b] ^ 0x5C); memset (&buf[pwd_len], 0x5C, SHA512_BLOCKSIZE - pwd_len); - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + sha512_hash (buf, SHA512_BLOCKSIZE, ctx); /* first l - 1 blocks */ for (b = 1; b < l; b++) @@ -534,13 +498,9 @@ void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 derive_u_sha512 (salt, salt_len, iterations, b, &hmac); memcpy (dk, hmac.u, r); -#if defined (DEVICE_DRIVER) +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) if (NT_SUCCESS (saveStatus)) -#ifdef _WIN64 KeRestoreExtendedProcessorStateVC(&SaveState); -#else - KeRestoreFloatingPointState (&floatingPointState); -#endif #endif /* Prevent possible leaks. */ @@ -557,13 +517,13 @@ typedef struct hmac_blake2s_ctx_struct blake2s_state ctx; blake2s_state inner_digest_ctx; /*pre-computed inner digest context */ blake2s_state outer_digest_ctx; /*pre-computed outer digest context */ - char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Blake2s hash */ - char u[BLAKE2S_DIGESTSIZE]; + unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Blake2s hash */ + unsigned char u[BLAKE2S_DIGESTSIZE]; } hmac_blake2s_ctx; void hmac_blake2s_internal ( - char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ + unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ int ld, /* length of input data in bytes */ hmac_blake2s_ctx* hmac /* HMAC-BLAKE2S context which holds temporary variables */ ) @@ -576,7 +536,7 @@ void hmac_blake2s_internal blake2s_update (ctx, d, ld); - blake2s_final (ctx, (unsigned char*) d); /* d = inner digest */ + blake2s_final (ctx, d); /* d = inner digest */ /**** Restore Precomputed Outer Digest Context ****/ @@ -584,34 +544,28 @@ void hmac_blake2s_internal blake2s_update (ctx, d, BLAKE2S_DIGESTSIZE); - blake2s_final (ctx, (unsigned char *) d); /* d = outer digest */ + blake2s_final (ctx, d); /* d = outer digest */ } #ifndef TC_WINDOWS_BOOT void hmac_blake2s ( - char *k, /* secret key */ + unsigned char *k, /* secret key */ int lk, /* length of the key in bytes */ - char *d, /* data */ + unsigned char *d, /* data */ int ld /* length of data in bytes */ ) { hmac_blake2s_ctx hmac; blake2s_state* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b; - char key[BLAKE2S_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) + unsigned char key[BLAKE2S_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; -#ifdef _WIN64 XSTATE_SAVE SaveState; if (IsCpuIntel() && HasSAVX()) saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState); -#else - KFLOATING_SAVE floatingPointState; - if (HasSSE2()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif #endif /* If the key is longer than the hash algorithm block size, let key = blake2s(key), as per HMAC specifications. */ @@ -621,7 +575,7 @@ void hmac_blake2s blake2s_init (&tctx); blake2s_update (&tctx, k, lk); - blake2s_final (&tctx, (unsigned char *) key); + blake2s_final (&tctx, key); k = key; lk = BLAKE2S_DIGESTSIZE; @@ -636,10 +590,10 @@ void hmac_blake2s /* Pad the key for inner digest */ for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); + buf[b] = (unsigned char) (k[b] ^ 0x36); memset (&buf[lk], 0x36, BLAKE2S_BLOCKSIZE - lk); - blake2s_update (ctx, (unsigned char *) buf, BLAKE2S_BLOCKSIZE); + blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE); /**** Precompute HMAC Outer Digest ****/ @@ -647,20 +601,16 @@ void hmac_blake2s blake2s_init (ctx); for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); + buf[b] = (unsigned char) (k[b] ^ 0x5C); memset (&buf[lk], 0x5C, BLAKE2S_BLOCKSIZE - lk); - blake2s_update (ctx, (unsigned char *) buf, BLAKE2S_BLOCKSIZE); + blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE); hmac_blake2s_internal(d, ld, &hmac); -#if defined (DEVICE_DRIVER) +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) if (NT_SUCCESS (saveStatus)) -#ifdef _WIN64 KeRestoreExtendedProcessorStateVC(&SaveState); -#else - KeRestoreFloatingPointState (&floatingPointState); -#endif #endif /* Prevent leaks */ @@ -669,10 +619,10 @@ void hmac_blake2s } #endif -static void derive_u_blake2s (char *salt, int salt_len, uint32 iterations, int b, hmac_blake2s_ctx* hmac) +static void derive_u_blake2s (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_blake2s_ctx* hmac) { - char* k = hmac->k; - char* u = hmac->u; + unsigned char* k = hmac->k; + unsigned char* u = hmac->u; uint32 c; int i; @@ -698,7 +648,7 @@ static void derive_u_blake2s (char *salt, int salt_len, uint32 iterations, int b #ifdef TC_WINDOWS_BOOT /* specific case of 16-bit bootloader: b is a 16-bit integer that is always < 256 */ memset (&k[salt_len], 0, 3); - k[salt_len + 3] = (char) b; + k[salt_len + 3] = (unsigned char) b; #else b = bswap_32 (b); memcpy (&k[salt_len], &b, 4); @@ -720,26 +670,23 @@ static void derive_u_blake2s (char *salt, int salt_len, uint32 iterations, int b } -void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +void derive_key_blake2s (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen) { hmac_blake2s_ctx hmac; blake2s_state* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b, l, r; #ifndef TC_WINDOWS_BOOT - char key[BLAKE2S_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) + unsigned char key[BLAKE2S_DIGESTSIZE]; +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; -#ifdef _WIN64 XSTATE_SAVE SaveState; if (IsCpuIntel() && HasSAVX()) saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState); -#else KFLOATING_SAVE floatingPointState; if (HasSSE2()) saveStatus = KeSaveFloatingPointState (&floatingPointState); #endif -#endif /* If the password is longer than the hash algorithm block size, let pwd = blake2s(pwd), as per HMAC specifications. */ if (pwd_len > BLAKE2S_BLOCKSIZE) @@ -748,7 +695,7 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3 blake2s_init (&tctx); blake2s_update (&tctx, pwd, pwd_len); - blake2s_final (&tctx, (unsigned char *) key); + blake2s_final (&tctx, key); pwd = key; pwd_len = BLAKE2S_DIGESTSIZE; @@ -775,7 +722,7 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3 /* Pad the key for inner digest */ for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); + buf[b] = (unsigned char) (pwd[b] ^ 0x36); memset (&buf[pwd_len], 0x36, BLAKE2S_BLOCKSIZE - pwd_len); blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE); @@ -786,7 +733,7 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3 blake2s_init (ctx); for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); + buf[b] = (unsigned char) (pwd[b] ^ 0x5C); memset (&buf[pwd_len], 0x5C, BLAKE2S_BLOCKSIZE - pwd_len); blake2s_update (ctx, buf, BLAKE2S_BLOCKSIZE); @@ -803,13 +750,9 @@ void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint3 derive_u_blake2s (salt, salt_len, iterations, b, &hmac); memcpy (dk, hmac.u, r); -#if defined (DEVICE_DRIVER) +#if defined (DEVICE_DRIVER) && !defined(_M_ARM64) if (NT_SUCCESS (saveStatus)) -#ifdef _WIN64 KeRestoreExtendedProcessorStateVC(&SaveState); -#else - KeRestoreFloatingPointState (&floatingPointState); -#endif #endif /* Prevent possible leaks. */ @@ -828,13 +771,13 @@ typedef struct hmac_whirlpool_ctx_struct WHIRLPOOL_CTX ctx; WHIRLPOOL_CTX inner_digest_ctx; /*pre-computed inner digest context */ WHIRLPOOL_CTX outer_digest_ctx; /*pre-computed outer digest context */ - CRYPTOPP_ALIGN_DATA(16) char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Whirlpool hash */ - char u[WHIRLPOOL_DIGESTSIZE]; + CRYPTOPP_ALIGN_DATA(16) unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Whirlpool hash */ + unsigned char u[WHIRLPOOL_DIGESTSIZE]; } hmac_whirlpool_ctx; void hmac_whirlpool_internal ( - char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */ + unsigned char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */ int ld, /* length of input data in bytes */ hmac_whirlpool_ctx* hmac /* HMAC-Whirlpool context which holds temporary variables */ ) @@ -845,38 +788,32 @@ void hmac_whirlpool_internal memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (WHIRLPOOL_CTX)); - WHIRLPOOL_add ((unsigned char *) d, ld, ctx); + WHIRLPOOL_add (d, ld, ctx); - WHIRLPOOL_finalize (ctx, (unsigned char *) d); + WHIRLPOOL_finalize (ctx, d); /**** Restore Precomputed Outer Digest Context ****/ memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (WHIRLPOOL_CTX)); - WHIRLPOOL_add ((unsigned char *) d, WHIRLPOOL_DIGESTSIZE, ctx); + WHIRLPOOL_add (d, WHIRLPOOL_DIGESTSIZE, ctx); - WHIRLPOOL_finalize (ctx, (unsigned char *) d); + WHIRLPOOL_finalize (ctx, d); } void hmac_whirlpool ( - char *k, /* secret key */ + unsigned char *k, /* secret key */ int lk, /* length of the key in bytes */ - char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ + unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ int ld /* length of data in bytes */ ) { hmac_whirlpool_ctx hmac; WHIRLPOOL_CTX* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b; - char key[WHIRLPOOL_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; - NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; - if (HasISSE()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif + unsigned char key[WHIRLPOOL_DIGESTSIZE]; /* If the key is longer than the hash algorithm block size, let key = whirlpool(key), as per HMAC specifications. */ if (lk > WHIRLPOOL_BLOCKSIZE) @@ -884,8 +821,8 @@ void hmac_whirlpool WHIRLPOOL_CTX tctx; WHIRLPOOL_init (&tctx); - WHIRLPOOL_add ((unsigned char *) k, lk, &tctx); - WHIRLPOOL_finalize (&tctx, (unsigned char *) key); + WHIRLPOOL_add (k, lk, &tctx); + WHIRLPOOL_finalize (&tctx, key); k = key; lk = WHIRLPOOL_DIGESTSIZE; @@ -900,10 +837,10 @@ void hmac_whirlpool /* Pad the key for inner digest */ for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); + buf[b] = (unsigned char) (k[b] ^ 0x36); memset (&buf[lk], 0x36, WHIRLPOOL_BLOCKSIZE - lk); - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx); + WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx); /**** Precompute HMAC Outer Digest ****/ @@ -911,25 +848,21 @@ void hmac_whirlpool WHIRLPOOL_init (ctx); for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); + buf[b] = (unsigned char) (k[b] ^ 0x5C); memset (&buf[lk], 0x5C, WHIRLPOOL_BLOCKSIZE - lk); - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx); + WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx); hmac_whirlpool_internal(d, ld, &hmac); -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - if (NT_SUCCESS (saveStatus)) - KeRestoreFloatingPointState (&floatingPointState); -#endif /* Prevent leaks */ burn(&hmac, sizeof(hmac)); } -static void derive_u_whirlpool (char *salt, int salt_len, uint32 iterations, int b, hmac_whirlpool_ctx* hmac) +static void derive_u_whirlpool (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_whirlpool_ctx* hmac) { - char* u = hmac->u; - char* k = hmac->k; + unsigned char* u = hmac->u; + unsigned char* k = hmac->k; uint32 c, i; /* iteration 1 */ @@ -952,19 +885,13 @@ static void derive_u_whirlpool (char *salt, int salt_len, uint32 iterations, int } } -void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +void derive_key_whirlpool (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen) { hmac_whirlpool_ctx hmac; WHIRLPOOL_CTX* ctx; - char* buf = hmac.k; - char key[WHIRLPOOL_DIGESTSIZE]; + unsigned char* buf = hmac.k; + unsigned char key[WHIRLPOOL_DIGESTSIZE]; int b, l, r; -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; - NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; - if (HasISSE()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif /* If the password is longer than the hash algorithm block size, let pwd = whirlpool(pwd), as per HMAC specifications. */ if (pwd_len > WHIRLPOOL_BLOCKSIZE) @@ -972,8 +899,8 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin WHIRLPOOL_CTX tctx; WHIRLPOOL_init (&tctx); - WHIRLPOOL_add ((unsigned char *) pwd, pwd_len, &tctx); - WHIRLPOOL_finalize (&tctx, (unsigned char *) key); + WHIRLPOOL_add (pwd, pwd_len, &tctx); + WHIRLPOOL_finalize (&tctx, key); pwd = key; pwd_len = WHIRLPOOL_DIGESTSIZE; @@ -999,10 +926,10 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin /* Pad the key for inner digest */ for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); + buf[b] = (unsigned char) (pwd[b] ^ 0x36); memset (&buf[pwd_len], 0x36, WHIRLPOOL_BLOCKSIZE - pwd_len); - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx); + WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx); /**** Precompute HMAC Outer Digest ****/ @@ -1010,10 +937,10 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin WHIRLPOOL_init (ctx); for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); + buf[b] = (unsigned char) (pwd[b] ^ 0x5C); memset (&buf[pwd_len], 0x5C, WHIRLPOOL_BLOCKSIZE - pwd_len); - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE, ctx); + WHIRLPOOL_add (buf, WHIRLPOOL_BLOCKSIZE, ctx); /* first l - 1 blocks */ for (b = 1; b < l; b++) @@ -1027,11 +954,6 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin derive_u_whirlpool (salt, salt_len, iterations, b, &hmac); memcpy (dk, hmac.u, r); -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - if (NT_SUCCESS (saveStatus)) - KeRestoreFloatingPointState (&floatingPointState); -#endif - /* Prevent possible leaks. */ burn (&hmac, sizeof(hmac)); burn (key, sizeof(key)); @@ -1043,13 +965,13 @@ typedef struct hmac_streebog_ctx_struct STREEBOG_CTX ctx; STREEBOG_CTX inner_digest_ctx; /*pre-computed inner digest context */ STREEBOG_CTX outer_digest_ctx; /*pre-computed outer digest context */ - CRYPTOPP_ALIGN_DATA(16) char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Streebog hash */ - char u[STREEBOG_DIGESTSIZE]; + CRYPTOPP_ALIGN_DATA(16) unsigned char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the Streebog hash */ + unsigned char u[STREEBOG_DIGESTSIZE]; } hmac_streebog_ctx; void hmac_streebog_internal ( - char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */ + unsigned char *d, /* input/output data. d pointer is guaranteed to be at least 64-bytes long */ int ld, /* length of input data in bytes */ hmac_streebog_ctx* hmac /* HMAC-Whirlpool context which holds temporary variables */ ) @@ -1060,38 +982,32 @@ void hmac_streebog_internal memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (STREEBOG_CTX)); - STREEBOG_add (ctx, (unsigned char *) d, ld); + STREEBOG_add (ctx, d, ld); - STREEBOG_finalize (ctx, (unsigned char *) d); + STREEBOG_finalize (ctx, d); /**** Restore Precomputed Outer Digest Context ****/ memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (STREEBOG_CTX)); - STREEBOG_add (ctx, (unsigned char *) d, STREEBOG_DIGESTSIZE); + STREEBOG_add (ctx, d, STREEBOG_DIGESTSIZE); - STREEBOG_finalize (ctx, (unsigned char *) d); + STREEBOG_finalize (ctx, d); } void hmac_streebog ( - char *k, /* secret key */ + unsigned char *k, /* secret key */ int lk, /* length of the key in bytes */ - char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ + unsigned char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ int ld /* length of data in bytes */ ) { hmac_streebog_ctx hmac; STREEBOG_CTX* ctx; - char* buf = hmac.k; + unsigned char* buf = hmac.k; int b; - CRYPTOPP_ALIGN_DATA(16) char key[STREEBOG_DIGESTSIZE]; -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; - NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; - if (HasSSE2() || HasSSE41()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif + CRYPTOPP_ALIGN_DATA(16) unsigned char key[STREEBOG_DIGESTSIZE]; /* If the key is longer than the hash algorithm block size, let key = streebog(key), as per HMAC specifications. */ if (lk > STREEBOG_BLOCKSIZE) @@ -1099,8 +1015,8 @@ void hmac_streebog STREEBOG_CTX tctx; STREEBOG_init (&tctx); - STREEBOG_add (&tctx, (unsigned char *) k, lk); - STREEBOG_finalize (&tctx, (unsigned char *) key); + STREEBOG_add (&tctx, k, lk); + STREEBOG_finalize (&tctx, key); k = key; lk = STREEBOG_DIGESTSIZE; @@ -1115,10 +1031,10 @@ void hmac_streebog /* Pad the key for inner digest */ for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); + buf[b] = (unsigned char) (k[b] ^ 0x36); memset (&buf[lk], 0x36, STREEBOG_BLOCKSIZE - lk); - STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE); + STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE); /**** Precompute HMAC Outer Digest ****/ @@ -1126,25 +1042,21 @@ void hmac_streebog STREEBOG_init (ctx); for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); + buf[b] = (unsigned char) (k[b] ^ 0x5C); memset (&buf[lk], 0x5C, STREEBOG_BLOCKSIZE - lk); - STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE); + STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE); hmac_streebog_internal(d, ld, &hmac); -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - if (NT_SUCCESS (saveStatus)) - KeRestoreFloatingPointState (&floatingPointState); -#endif /* Prevent leaks */ burn(&hmac, sizeof(hmac)); } -static void derive_u_streebog (char *salt, int salt_len, uint32 iterations, int b, hmac_streebog_ctx* hmac) +static void derive_u_streebog (unsigned char *salt, int salt_len, uint32 iterations, int b, hmac_streebog_ctx* hmac) { - char* u = hmac->u; - char* k = hmac->k; + unsigned char* u = hmac->u; + unsigned char* k = hmac->k; uint32 c, i; /* iteration 1 */ @@ -1167,19 +1079,13 @@ static void derive_u_streebog (char *salt, int salt_len, uint32 iterations, int } } -void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +void derive_key_streebog (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen) { hmac_streebog_ctx hmac; STREEBOG_CTX* ctx; - char* buf = hmac.k; - char key[STREEBOG_DIGESTSIZE]; + unsigned char* buf = hmac.k; + unsigned char key[STREEBOG_DIGESTSIZE]; int b, l, r; -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; - NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; - if (HasSSE2() || HasSSE41()) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif /* If the password is longer than the hash algorithm block size, let pwd = streebog(pwd), as per HMAC specifications. */ if (pwd_len > STREEBOG_BLOCKSIZE) @@ -1187,8 +1093,8 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint STREEBOG_CTX tctx; STREEBOG_init (&tctx); - STREEBOG_add (&tctx, (unsigned char *) pwd, pwd_len); - STREEBOG_finalize (&tctx, (unsigned char *) key); + STREEBOG_add (&tctx, pwd, pwd_len); + STREEBOG_finalize (&tctx, key); pwd = key; pwd_len = STREEBOG_DIGESTSIZE; @@ -1214,10 +1120,10 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint /* Pad the key for inner digest */ for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); + buf[b] = (unsigned char) (pwd[b] ^ 0x36); memset (&buf[pwd_len], 0x36, STREEBOG_BLOCKSIZE - pwd_len); - STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE); + STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE); /**** Precompute HMAC Outer Digest ****/ @@ -1225,10 +1131,10 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint STREEBOG_init (ctx); for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); + buf[b] = (unsigned char) (pwd[b] ^ 0x5C); memset (&buf[pwd_len], 0x5C, STREEBOG_BLOCKSIZE - pwd_len); - STREEBOG_add (ctx, (unsigned char *) buf, STREEBOG_BLOCKSIZE); + STREEBOG_add (ctx, buf, STREEBOG_BLOCKSIZE); /* first l - 1 blocks */ for (b = 1; b < l; b++) @@ -1242,11 +1148,6 @@ void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint derive_u_streebog (salt, salt_len, iterations, b, &hmac); memcpy (dk, hmac.u, r); -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - if (NT_SUCCESS (saveStatus)) - KeRestoreFloatingPointState (&floatingPointState); -#endif - /* Prevent possible leaks. */ burn (&hmac, sizeof(hmac)); burn (key, sizeof(key)); diff --git a/src/Common/Pkcs5.h b/src/Common/Pkcs5.h index a9abeec5..37a6caff 100644 --- a/src/Common/Pkcs5.h +++ b/src/Common/Pkcs5.h @@ -21,24 +21,24 @@ extern "C" { #endif /* output written to input_digest which must be at lease 32 bytes long */ -void hmac_blake2s (char *key, int keylen, char *input_digest, int len); -void derive_key_blake2s (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); +void hmac_blake2s (unsigned char *key, int keylen, unsigned char *input_digest, int len); +void derive_key_blake2s (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen); /* output written to d which must be at lease 32 bytes long */ -void hmac_sha256 (char *k, int lk, char *d, int ld); -void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); +void hmac_sha256 (unsigned char *k, int lk, unsigned char *d, int ld); +void derive_key_sha256 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen); #ifndef TC_WINDOWS_BOOT /* output written to d which must be at lease 64 bytes long */ -void hmac_sha512 (char *k, int lk, char *d, int ld); -void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); +void hmac_sha512 (unsigned char *k, int lk, unsigned char *d, int ld); +void derive_key_sha512 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen); /* output written to d which must be at lease 64 bytes long */ -void hmac_whirlpool (char *k, int lk, char *d, int ld); -void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); +void hmac_whirlpool (unsigned char *k, int lk, unsigned char *d, int ld); +void derive_key_whirlpool (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen); -void hmac_streebog (char *k, int32 lk, char *d, int32 ld); -void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); +void hmac_streebog (unsigned char *k, int32 lk, unsigned char *d, int32 ld); +void derive_key_streebog (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen); int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL bBoot); wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id); diff --git a/src/Common/Tcdefs.h b/src/Common/Tcdefs.h index 3fd18358..f88ff582 100644 --- a/src/Common/Tcdefs.h +++ b/src/Common/Tcdefs.h @@ -255,20 +255,10 @@ void ThrowFatalException(int line); #include <ntddk.h> /* Standard header file for nt drivers */ #include <ntdddisk.h> /* Standard I/O control codes */ -/* defines needed for using enhanced protection of NX pool under Windows 8 and later */ -#define NonPagedPoolNx 512 -#define MdlMappingNoExecute 0x40000000 - -/* variables used in the implementation of enhanced protection of NX pool under Windows 8 and later */ -extern POOL_TYPE ExDefaultNonPagedPoolType; -extern ULONG ExDefaultMdlProtection; -#ifdef _WIN64 + extern ULONG AllocTag; -#else -#define AllocTag 'MMCV' -#endif -#define TCalloc(size) ((void *) ExAllocatePoolWithTag( ExDefaultNonPagedPoolType, size, AllocTag )) +#define TCalloc(size) ((void *) ExAllocatePool2( POOL_FLAG_NON_PAGED, size, AllocTag )) #define TCfree(memblock) ExFreePoolWithTag( memblock, AllocTag ) #define DEVICE_DRIVER diff --git a/src/Common/Tests.c b/src/Common/Tests.c index 530e7577..8f851f62 100644 --- a/src/Common/Tests.c +++ b/src/Common/Tests.c @@ -567,19 +567,13 @@ unsigned long HexStringToByteArray(const char* hexStr, unsigned char* pbData) return count; } -BOOL RunHashTest (HashFunction fn, HashTestVector* vector, BOOL bUseSSE) +BOOL RunHashTest (HashFunction fn, HashTestVector* vector) { CRYPTOPP_ALIGN_DATA (16) unsigned char input[256]; unsigned char output[64]; unsigned char digest[64]; unsigned long i = 0, inputLen, outputLen, digestLen; BOOL bRet = TRUE; -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; - NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; - if (bUseSSE) - saveStatus = KeSaveFloatingPointState (&floatingPointState); -#endif while (vector[i].hexInput && vector[i].hexOutput) { inputLen = HexStringToByteArray (vector[i].hexInput, input); @@ -593,11 +587,6 @@ BOOL RunHashTest (HashFunction fn, HashTestVector* vector, BOOL bUseSSE) i++; } -#if defined (DEVICE_DRIVER) && !defined (_WIN64) - if (NT_SUCCESS (saveStatus)) - KeRestoreFloatingPointState (&floatingPointState); -#endif - return bRet; } @@ -651,7 +640,7 @@ HashTestVector Blake2sTestVectors[] = { unsigned char ks_tmp[MAX_EXPANDED_KEY]; -void CipherInit2(int cipher, void* key, void* ks, int key_len) +void CipherInit2(int cipher, void* key, void* ks) { switch (cipher) { @@ -1307,7 +1296,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) static BOOL DoAutoTestAlgorithms (void) { PCRYPTO_INFO ci; - CRYPTOPP_ALIGN_DATA(16) char key[32]; + CRYPTOPP_ALIGN_DATA(16) unsigned char key[32]; unsigned char tmp[16]; BOOL bFailed = FALSE; int i; @@ -1342,7 +1331,6 @@ static BOOL DoAutoTestAlgorithms (void) { uint8 testData[1024]; uint32 origCrc; - size_t i; for (i = 0; i < sizeof (testData); ++i) { @@ -1526,12 +1514,12 @@ BOOL test_hmac_sha256 () for (i = 0; i < sizeof (hmac_sha256_test_data) / sizeof(char *); i++) { - char digest[1024]; /* large enough to hold digets and test vector inputs */ + unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */ size_t dataLen = strlen (hmac_sha256_test_data[i]); if (dataLen <= sizeof(digest)) { memcpy (digest, hmac_sha256_test_data[i], dataLen); - hmac_sha256 (hmac_sha256_test_keys[i], (int) strlen (hmac_sha256_test_keys[i]), digest, (int) dataLen); + hmac_sha256 ((unsigned char*) hmac_sha256_test_keys[i], (int) strlen (hmac_sha256_test_keys[i]), digest, (int) dataLen); if (memcmp (digest, hmac_sha256_test_vectors[i], SHA256_DIGESTSIZE) != 0) return FALSE; else @@ -1553,12 +1541,12 @@ BOOL test_hmac_sha512 () for (i = 0; i < sizeof (hmac_sha512_test_data) / sizeof(char *); i++) { - char digest[1024]; /* large enough to hold digets and test vector inputs */ + unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */ size_t dataLen = strlen (hmac_sha512_test_data[i]); if (dataLen <= sizeof(digest)) { memcpy (digest, hmac_sha512_test_data[i], dataLen ); - hmac_sha512 (hmac_sha512_test_keys[i], (int) strlen (hmac_sha512_test_keys[i]), digest, (int) dataLen); + hmac_sha512 ((unsigned char*) hmac_sha512_test_keys[i], (int) strlen (hmac_sha512_test_keys[i]), digest, (int) dataLen); if (memcmp (digest, hmac_sha512_test_vectors[i], SHA512_DIGESTSIZE) != 0) return FALSE; else @@ -1581,12 +1569,12 @@ BOOL test_hmac_blake2s () for (i = 0; i < sizeof (hmac_blake2s_test_data) / sizeof(char *); i++) { - char digest[1024]; /* large enough to hold digets and test vector inputs */ + unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */ size_t dataLen = strlen (hmac_blake2s_test_data[i]); if (dataLen <= sizeof(digest)) { memcpy (digest, hmac_blake2s_test_data[i], dataLen); - hmac_blake2s (hmac_blake2s_test_keys[i], (int) strlen (hmac_blake2s_test_keys[i]), digest, (int) dataLen); + hmac_blake2s ((unsigned char*)(unsigned char*)hmac_blake2s_test_keys[i], (int) strlen (hmac_blake2s_test_keys[i]), digest, (int) dataLen); if (memcmp (digest, hmac_blake2s_test_vectors[i], BLAKE2S_DIGESTSIZE) != 0) return FALSE; else @@ -1612,7 +1600,7 @@ BOOL test_hmac_whirlpool () unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */ memcpy (digest, hmac_whirlpool_test_data, strlen (hmac_whirlpool_test_data)); - hmac_whirlpool (hmac_whirlpool_test_key, 64, digest, (int) strlen (hmac_whirlpool_test_data)); + hmac_whirlpool ((unsigned char*) hmac_whirlpool_test_key, 64, digest, (int) strlen (hmac_whirlpool_test_data)); if (memcmp (digest, hmac_whirlpool_test_vectors, WHIRLPOOL_DIGESTSIZE) != 0) return FALSE; @@ -1646,10 +1634,10 @@ static const unsigned char gost3411_2012_hmac_r1[] = { #ifndef WOLFCRYPT_BACKEND BOOL test_hmac_streebog () { - CRYPTOPP_ALIGN_DATA(16) char digest[64]; /* large enough to hold digets and test vector inputs */ + CRYPTOPP_ALIGN_DATA(16) unsigned char digest[64]; /* large enough to hold digets and test vector inputs */ memcpy (digest, gost3411_2012_hmac_m1, sizeof (gost3411_2012_hmac_m1)); - hmac_streebog ((char*) gost3411_2012_hmac_k1, sizeof(gost3411_2012_hmac_k1), digest, (int) sizeof (gost3411_2012_hmac_m1)); + hmac_streebog ((unsigned char*) gost3411_2012_hmac_k1, sizeof(gost3411_2012_hmac_k1), digest, (int) sizeof (gost3411_2012_hmac_m1)); if (memcmp (digest, gost3411_2012_hmac_r1, STREEBOG_DIGESTSIZE) != 0) return FALSE; @@ -1668,7 +1656,7 @@ int __cdecl StreebogHash (unsigned char* input, unsigned long inputLen, unsigned BOOL test_pkcs5 () { - char dk[144]; + unsigned char dk[144]; /* HMAC-SHA-256 tests */ if (!test_hmac_sha256()) @@ -1684,7 +1672,7 @@ BOOL test_pkcs5 () return FALSE; /* Blake2s hash tests */ - if (RunHashTest (Blake2sHash, Blake2sTestVectors, (HasSSE2())? TRUE : FALSE) == FALSE) + if (RunHashTest (Blake2sHash, Blake2sTestVectors)) return FALSE; /* HMAC-Whirlpool tests */ @@ -1696,68 +1684,68 @@ BOOL test_pkcs5 () return FALSE; /* STREEBOG hash tests */ - if (RunHashTest (StreebogHash, Streebog512TestVectors, (HasSSE2() || HasSSE41())? TRUE : FALSE) == FALSE) + if (RunHashTest (StreebogHash, Streebog512TestVectors)) return FALSE; #endif /* PKCS-5 test 1 with HMAC-SHA-256 used as the PRF (https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00) */ - derive_key_sha256 ("passwd", 6, "\x73\x61\x6C\x74", 4, 1, dk, 64); + derive_key_sha256 ((unsigned char*) "passwd", 6, (unsigned char*) "\x73\x61\x6C\x74", 4, 1, dk, 64); if (memcmp (dk, "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5\x09\x11\x20\x41\xd3\xa1\x97\x83", 64) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-SHA-256 used as the PRF (https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors) */ - derive_key_sha256 ("password", 8, "\x73\x61\x6C\x74", 4, 2, dk, 32); + derive_key_sha256 ((unsigned char*) "password", 8, (unsigned char*) "\x73\x61\x6C\x74", 4, 2, dk, 32); if (memcmp (dk, "\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9\x28\xf0\x6d\xd0\x2a\x30\x3f\x8e\xf3\xc2\x51\xdf\xd6\xe2\xd8\x5a\x95\x47\x4c\x43", 32) != 0) return FALSE; /* PKCS-5 test 3 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ - derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + derive_key_sha256 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\xf2\xa0\x4f\xb2", 4) != 0) return FALSE; /* PKCS-5 test 4 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ - derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); + derive_key_sha256 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 144); if (memcmp (dk, "\xf2\xa0\x4f\xb2\xd3\xe9\xa5\xd8\x51\x0b\x5c\x06\xdf\x70\x8e\x24\xe9\xc7\xd9\x15\x3d\x22\xcd\xde\xb8\xa6\xdb\xfd\x71\x85\xc6\x99\x32\xc0\xee\x37\x27\xf7\x24\xcf\xea\xa6\xac\x73\xa1\x4c\x4e\x52\x9b\x94\xf3\x54\x06\xfc\x04\x65\xa1\x0a\x24\xfe\xf0\x98\x1d\xa6\x22\x28\xeb\x24\x55\x74\xce\x6a\x3a\x28\xe2\x04\x3a\x59\x13\xec\x3f\xf2\xdb\xcf\x58\xdd\x53\xd9\xf9\x17\xf6\xda\x74\x06\x3c\x0b\x66\xf5\x0f\xf5\x58\xa3\x27\x52\x8c\x5b\x07\x91\xd0\x81\xeb\xb6\xbc\x30\x69\x42\x71\xf2\xd7\x18\x42\xbe\xe8\x02\x93\x70\x66\xad\x35\x65\xbc\xf7\x96\x8e\x64\xf1\xc6\x92\xda\xe0\xdc\x1f\xb5\xf4", 144) != 0) return FALSE; /* PKCS-5 test 1 with HMAC-SHA-512 used as the PRF */ - derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + derive_key_sha512 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\x13\x64\xae\xf8", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-SHA-512 used as the PRF (derives a key longer than the underlying hash output size and block size) */ - derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); + derive_key_sha512 ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 144); if (memcmp (dk, "\x13\x64\xae\xf8\x0d\xf5\x57\x6c\x30\xd5\x71\x4c\xa7\x75\x3f\xfd\x00\xe5\x25\x8b\x39\xc7\x44\x7f\xce\x23\x3d\x08\x75\xe0\x2f\x48\xd6\x30\xd7\x00\xb6\x24\xdb\xe0\x5a\xd7\x47\xef\x52\xca\xa6\x34\x83\x47\xe5\xcb\xe9\x87\xf1\x20\x59\x6a\xe6\xa9\xcf\x51\x78\xc6\xb6\x23\xa6\x74\x0d\xe8\x91\xbe\x1a\xd0\x28\xcc\xce\x16\x98\x9a\xbe\xfb\xdc\x78\xc9\xe1\x7d\x72\x67\xce\xe1\x61\x56\x5f\x96\x68\xe6\xe1\xdd\xf4\xbf\x1b\x80\xe0\x19\x1c\xf4\xc4\xd3\xdd\xd5\xd5\x57\x2d\x83\xc7\xa3\x37\x87\xf4\x4e\xe0\xf6\xd8\x6d\x65\xdc\xa0\x52\xa3\x13\xbe\x81\xfc\x30\xbe\x7d\x69\x58\x34\xb6\xdd\x41\xc6", 144) != 0) return FALSE; #ifndef WOLFCRYPT_BACKEND /* PKCS-5 test 1 with HMAC-BLAKE2s used as the PRF */ - derive_key_blake2s ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + derive_key_blake2s ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\x8d\x51\xfa\x31", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-BLAKE2s used as the PRF (derives a key longer than the underlying hash) */ - derive_key_blake2s ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 48); + derive_key_blake2s ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 48); if (memcmp (dk, "\x8d\x51\xfa\x31\x46\x25\x37\x67\xa3\x29\x6b\x3c\x6b\xc1\x5d\xb2\xee\xe1\x6c\x28\x00\x26\xea\x08\x65\x9c\x12\xf1\x07\xde\x0d\xb9\x9b\x4f\x39\xfa\xc6\x80\x26\xb1\x8f\x8e\x48\x89\x85\x2d\x24\x2d", 48) != 0) return FALSE; /* PKCS-5 test 1 with HMAC-Whirlpool used as the PRF */ - derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + derive_key_whirlpool ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\x50\x7c\x36\x6f", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-Whirlpool used as the PRF (derives a key longer than the underlying hash) */ - derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96); + derive_key_whirlpool ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 96); if (memcmp (dk, "\x50\x7c\x36\x6f\xee\x10\x2e\x9a\xe2\x8a\xd5\x82\x72\x7d\x27\x0f\xe8\x4d\x7f\x68\x7a\xcf\xb5\xe7\x43\x67\xaa\x98\x93\x52\x2b\x09\x6e\x42\xdf\x2c\x59\x4a\x91\x6d\x7e\x10\xae\xb2\x1a\x89\x8f\xb9\x8f\xe6\x31\xa9\xd8\x9f\x98\x26\xf4\xda\xcd\x7d\x65\x65\xde\x10\x95\x91\xb4\x84\x26\xae\x43\xa1\x00\x5b\x1e\xb8\x38\x97\xa4\x1e\x4b\xd2\x65\x64\xbc\xfa\x1f\x35\x85\xdb\x4f\x97\x65\x6f\xbd\x24", 96) != 0) return FALSE; /* PKCS-5 test 1 with HMAC-STREEBOG used as the PRF */ - derive_key_streebog ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + derive_key_streebog ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\xd0\x53\xa2\x30", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-STREEBOG used as the PRF (derives a key longer than the underlying hash) */ - derive_key_streebog ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96); + derive_key_streebog ((unsigned char*)"password", 8, (unsigned char*)"\x12\x34\x56\x78", 4, 5, dk, 96); if (memcmp (dk, "\xd0\x53\xa2\x30\x6f\x45\x81\xeb\xbc\x06\x81\xc5\xe7\x53\xa8\x5d\xc7\xf1\x23\x33\x1e\xbe\x64\x2c\x3b\x0f\x26\xd7\x00\xe1\x95\xc9\x65\x26\xb1\x85\xbe\x1e\xe2\xf4\x9b\xfc\x6b\x14\x84\xda\x24\x61\xa0\x1b\x9e\x79\x5c\xee\x69\x6e\xf9\x25\xb1\x1d\xca\xa0\x31\xba\x02\x6f\x9e\x99\x0f\xdb\x25\x01\x5b\xf1\xc7\x10\x19\x53\x3b\x29\x3f\x18\x00\xd6\xfc\x85\x03\xdc\xf2\xe5\xe9\x5a\xb1\x1e\x61\xde", 96) != 0) return FALSE; #endif diff --git a/src/Common/Tests.h b/src/Common/Tests.h index 356d54f4..bfdf7c40 100644 --- a/src/Common/Tests.h +++ b/src/Common/Tests.h @@ -17,7 +17,7 @@ extern "C" { extern unsigned char ks_tmp[MAX_EXPANDED_KEY]; -void CipherInit2(int cipher, void* key, void* ks, int key_len); +void CipherInit2(int cipher, void* key, void* ks); BOOL test_hmac_sha512 (void); BOOL test_hmac_blake2s (void); BOOL test_hmac_whirlpool (void); diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index 7ee519f6..3a836787 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -160,7 +160,7 @@ UINT64_STRUCT GetHeaderField64 (uint8 *header, int offset) typedef struct { - char DerivedKey[MASTER_KEYDATA_SIZE]; + unsigned char DerivedKey[MASTER_KEYDATA_SIZE]; BOOL Free; LONG KeyReady; int Pkcs5Prf; @@ -169,15 +169,15 @@ typedef struct BOOL ReadVolumeHeaderRecoveryMode = FALSE; -int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) +int ReadVolumeHeader (BOOL bBoot, unsigned char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) { - char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + unsigned char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; unsigned char* keyInfoBuffer = NULL; int keyInfoBufferSize = sizeof (KEY_INFO) + 16; size_t keyInfoBufferOffset; PKEY_INFO keyInfo; PCRYPTO_INFO cryptoInfo; - CRYPTOPP_ALIGN_DATA(16) char dk[MASTER_KEYDATA_SIZE]; + CRYPTOPP_ALIGN_DATA(16) unsigned char dk[MASTER_KEYDATA_SIZE]; int enqPkcs5Prf, pkcs5_prf; uint16 headerVersion; int status = ERR_PARAMETER_INCORRECT; @@ -704,12 +704,12 @@ void ComputeBootloaderFingerprint (uint8 *bootLoaderBuf, unsigned int bootLoader #else // TC_WINDOWS_BOOT -int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) +int ReadVolumeHeader (BOOL bBoot, unsigned char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) { #ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - char dk[32 * 2]; // 2 * 256-bit key + unsigned char dk[32 * 2]; // 2 * 256-bit key #else - char dk[32 * 2 * 3]; // 6 * 256-bit key + unsigned char dk[32 * 2 * 3]; // 6 * 256-bit key #endif PCRYPTO_INFO cryptoInfo; @@ -882,18 +882,18 @@ ret: // Creates a volume header in memory #if defined(_UEFI) -int CreateVolumeHeaderInMemory(BOOL bBoot, char *header, int ea, int mode, Password *password, +int CreateVolumeHeaderInMemory(BOOL bBoot, unsigned char *header, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode) #else -int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, int mode, Password *password, +int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, unsigned char *header, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode) #endif // !defined(_UEFI) { - unsigned char *p = (unsigned char *) header; + unsigned char *p = header; static CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo; int nUserKeyLen = password? password->Length : 0; diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h index daad25e3..07ed0fe8 100644 --- a/src/Common/Volumes.h +++ b/src/Common/Volumes.h @@ -133,20 +133,20 @@ uint16 GetHeaderField16 (uint8 *header, int offset); uint32 GetHeaderField32 (uint8 *header, int offset); UINT64_STRUCT GetHeaderField64 (uint8 *header, int offset); #if defined(TC_WINDOWS_BOOT) -int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); +int ReadVolumeHeader (BOOL bBoot, unsigned char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); #elif defined(_UEFI) -int ReadVolumeHeader(BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); -int CreateVolumeHeaderInMemory(BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode); +int ReadVolumeHeader(BOOL bBoot, unsigned char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); +int CreateVolumeHeaderInMemory(BOOL bBoot, unsigned char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode); BOOL RandgetBytes(unsigned char *buf, int len, BOOL forceSlowPoll); #else -int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); +int ReadVolumeHeader (BOOL bBoot, unsigned char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); #if defined(_WIN32) && !defined(_UEFI) void ComputeBootloaderFingerprint (uint8 *bootLoaderBuf, unsigned int bootLoaderSize, uint8* fingerprint); #endif #endif #if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) && !defined(_UEFI) -int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode); +int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, unsigned char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode); BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, uint8 *header, DWORD *bytesRead); BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, uint8 *header); int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly); diff --git a/src/Common/Wipe.c b/src/Common/Wipe.c index d68b517b..af3d15db 100644 --- a/src/Common/Wipe.c +++ b/src/Common/Wipe.c @@ -14,11 +14,6 @@ #include "Wipe.h" -static BOOL Wipe1PseudoRandom (int pass, uint8 *buffer, size_t size) -{ - return FALSE; -} - // Fill buffer with wipe patterns defined in "National Industrial Security Program Operating Manual", US DoD 5220.22-M. // Return: FALSE = buffer must be filled with random data @@ -173,7 +168,7 @@ BOOL WipeBuffer (WipeAlgorithmId algorithm, uint8 randChars[TC_WIPE_RAND_CHAR_CO { case TC_WIPE_1_RAND: case TC_WIPE_256: - return Wipe1PseudoRandom (pass, buffer, size); + return FALSE; // Delegate buffer filling to the caller case TC_WIPE_3_DOD_5220: return Wipe3Dod5220 (pass, buffer, size); diff --git a/src/Crypto/Whirlpool.c b/src/Crypto/Whirlpool.c index 6a1fe8b4..140c7c6f 100644 --- a/src/Crypto/Whirlpool.c +++ b/src/Crypto/Whirlpool.c @@ -957,28 +957,35 @@ void WHIRLPOOL_add(const unsigned char * input, } // now process the input data in blocks of 64 bytes and save the leftovers to ctx->data - if (len >= 64) - { - if (input == data) - { - HashMultipleBlocks(ctx, dataBuf, 64); - return; - } - else if (IsAligned16(input)) - { - uint64 leftOver = HashMultipleBlocks(ctx, (uint64 *)input, len); - input += (len - leftOver); - len = leftOver; - } - else - do - { // copy input first if it's not aligned correctly - memcpy(data, input, 64); - HashMultipleBlocks(ctx, dataBuf, 64); - input+=64; - len-=64; - } while (len >= 64); - } + if (len >= 64) + { + if (input == data) + { + HashMultipleBlocks(ctx, dataBuf, 64); + return; + } + else + { +#ifndef CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS + if (IsAligned16(input)) +#endif + { + uint64 leftOver = HashMultipleBlocks(ctx, (uint64*)input, len); + input += (len - leftOver); + len = leftOver; + } +#ifndef CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS + else + do + { // copy input first if it's not aligned correctly + memcpy(data, input, 64); + HashMultipleBlocks(ctx, dataBuf, 64); + input += 64; + len -= 64; + } while (len >= 64); +#endif + } + } if (len && data != input) memcpy(data, input, (size_t) len); diff --git a/src/Crypto/chacha-xmm.c b/src/Crypto/chacha-xmm.c index 54c3680c..980c2c81 100644 --- a/src/Crypto/chacha-xmm.c +++ b/src/Crypto/chacha-xmm.c @@ -81,45 +81,6 @@ static void salsa20_wordtobyte(uint8 output[64],const uint32 input[16], unsigned for (i = 0;i < 16;++i) U32TO8_LITTLE(output + 4 * i,x[i]); } -void chacha_ECRYPT_init(void) -{ - return; -} - -static const char sigma[17] = "expand 32-byte k"; -static const char tau[17] = "expand 16-byte k"; - -void chacha_ECRYPT_keysetup(uint32* input,const uint8 *k,uint32 kbits,uint32 ivbits) -{ - const char *constants; - - input[4] = U8TO32_LITTLE(k + 0); - input[5] = U8TO32_LITTLE(k + 4); - input[6] = U8TO32_LITTLE(k + 8); - input[7] = U8TO32_LITTLE(k + 12); - if (kbits == 256) { /* recommended */ - k += 16; - constants = sigma; - } else { /* kbits == 128 */ - constants = tau; - } - input[8] = U8TO32_LITTLE(k + 0); - input[9] = U8TO32_LITTLE(k + 4); - input[10] = U8TO32_LITTLE(k + 8); - input[11] = U8TO32_LITTLE(k + 12); - input[0] = U8TO32_LITTLE(constants + 0); - input[1] = U8TO32_LITTLE(constants + 4); - input[2] = U8TO32_LITTLE(constants + 8); - input[3] = U8TO32_LITTLE(constants + 12); -} - -void chacha_ECRYPT_ivsetup(uint32* input,const uint8 *iv) -{ - input[12] = 0; - input[13] = 0; - input[14] = U8TO32_LITTLE(iv + 0); - input[15] = U8TO32_LITTLE(iv + 4); -} void chacha_ECRYPT_encrypt_bytes(size_t bytes, uint32* x, const uint8* m, uint8* out, uint8* output, unsigned int r) { diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index 6fda3c37..140c31d1 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -359,15 +359,11 @@ static void ComputeBootLoaderFingerprint(PDEVICE_OBJECT LowerDeviceObject, uint8 status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, TC_SECTOR_SIZE_BIOS); if (NT_SUCCESS (status)) { +#ifndef _M_ARM64 NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; -#ifdef _WIN64 XSTATE_SAVE SaveState; if (IsCpuIntel() && HasSAVX()) saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState); -#else - KFLOATING_SAVE floatingPointState; - if (HasISSE() || (HasSSSE3() && HasMMX())) - saveStatus = KeSaveFloatingPointState (&floatingPointState); #endif WHIRLPOOL_add (ioBuffer, TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &whirlpool); WHIRLPOOL_add (ioBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &whirlpool); @@ -403,11 +399,9 @@ static void ComputeBootLoaderFingerprint(PDEVICE_OBJECT LowerDeviceObject, uint8 sha512_end (&BootLoaderFingerprint [WHIRLPOOL_DIGESTSIZE], &sha2); } - if (NT_SUCCESS (saveStatus)) -#ifdef _WIN64 +#ifndef _M_ARM64 + if (NT_SUCCESS(saveStatus)) KeRestoreExtendedProcessorStateVC(&SaveState); -#else - KeRestoreFloatingPointState (&floatingPointState); #endif } else @@ -423,7 +417,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, int64 hiddenHeaderOffset = BootArgs.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET; NTSTATUS status; LARGE_INTEGER offset; - char *header; + unsigned char *header; int pkcs5_prf = 0, pim = 0; PARTITION_INFORMATION_EX pi; BOOL bIsGPT = FALSE; @@ -662,19 +656,12 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, if (!NT_SUCCESS (status)) TC_BUG_CHECK (status); - if (IsOSAtLeast (WIN_VISTA)) + CrashDumpEnabled = TRUE; + HibernationEnabled = TRUE; + if (IsRamEncryptionEnabled()) { - CrashDumpEnabled = TRUE; - HibernationEnabled = TRUE; -#ifdef _WIN64 - if (IsRamEncryptionEnabled()) - { - HibernationEnabled = FALSE; - } -#endif + HibernationEnabled = FALSE; } - else if (!LegacyHibernationDriverFilterActive) - StartLegacyHibernationDriverFilter(); // Hidden system hibernation is not supported if an extra boot partition is present as the system is not allowed to update the boot partition if (IsHiddenSystemRunning() && (BootArgs.Flags & TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION)) @@ -866,6 +853,7 @@ static void CheckDeviceTypeAndMount (DriveFilterExtension *filterExtension) static VOID MountDriveWorkItemRoutine (PDEVICE_OBJECT deviceObject, DriveFilterExtension *filterExtension) { + UNREFERENCED_PARAMETER(deviceObject); CheckDeviceTypeAndMount (filterExtension); KeSetEvent (&filterExtension->MountWorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); } @@ -983,6 +971,7 @@ static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilterE static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilterExtension *Extension, PIO_STACK_LOCATION irpSp) { NTSTATUS status; + UNREFERENCED_PARAMETER(DeviceObject); Dump ("IRP_MJ_POWER minor=%d type=%d shutdown=%d\n", (int) irpSp->MinorFunction, (int) irpSp->Parameters.Power.Type, (int) irpSp->Parameters.Power.ShutdownType); if (SetupInProgress @@ -1024,6 +1013,7 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFil { BOOL bBlockTrim = BlockSystemTrimCommand || IsHiddenSystemRunning(); NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + UNREFERENCED_PARAMETER(DeviceObject); if (!NT_SUCCESS (status)) return TCCompleteIrp (Irp, status, 0); @@ -1033,7 +1023,6 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFil Dump ("DriverFilter-DispatchControl: IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES\n"); if (bBlockTrim) { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); DWORD inputLength = irpSp->Parameters.DeviceIoControl.InputBufferLength; if (inputLength >= sizeof (DEVICE_MANAGE_DATA_SET_ATTRIBUTES)) { @@ -1109,7 +1098,7 @@ NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp) return status; } -void EmergencyClearAllKeys (PIRP irp, PIO_STACK_LOCATION irpSp) +void EmergencyClearAllKeys (PIRP irp) { irp->IoStatus.Information = 0; @@ -1136,18 +1125,16 @@ void EmergencyClearAllKeys (PIRP irp, PIO_STACK_LOCATION irpSp) if (BootDriveFound && BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted) InvalidateDriveFilterKeys (BootDriveFilterExtension); -#ifdef _WIN64 ClearSecurityParameters(); -#endif irp->IoStatus.Status = STATUS_SUCCESS; } } -void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp) +void ReopenBootVolumeHeader (PIRP irp) { LARGE_INTEGER offset; - char *header; + unsigned char *header; ReopenBootVolumeHeaderRequest *request = (ReopenBootVolumeHeaderRequest *) irp->AssociatedIrp.SystemBuffer; irp->IoStatus.Information = 0; @@ -1192,22 +1179,20 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp) goto ret; } -#ifdef _WIN64 if (IsRamEncryptionEnabled()) { VcUnprotectKeys (BootDriveFilterExtension->HeaderCryptoInfo, VcGetEncryptionID (BootDriveFilterExtension->HeaderCryptoInfo)); } -#endif if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0) { Dump ("Header reopened\n"); -#ifdef _WIN64 + if (IsRamEncryptionEnabled()) { VcProtectKeys (BootDriveFilterExtension->HeaderCryptoInfo, VcGetEncryptionID(BootDriveFilterExtension->HeaderCryptoInfo)); } -#endif + ComputeBootLoaderFingerprint (BootDriveFilterExtension->LowerDeviceObject, header); BootDriveFilterExtension->Queue.CryptoInfo->pkcs5 = BootDriveFilterExtension->HeaderCryptoInfo->pkcs5; @@ -1458,6 +1443,8 @@ static VOID LoadImageNotifyRoutine (PUNICODE_STRING fullImageName, HANDLE proces ModuleTableItem *moduleItem; LIST_ENTRY *listEntry; KIRQL origIrql; + UNREFERENCED_PARAMETER(fullImageName); + UNREFERENCED_PARAMETER(processId); if (!imageInfo || !imageInfo->SystemModeImage || !imageInfo->ImageBase || !TCDriverObject->DriverSection) return; @@ -1512,62 +1499,6 @@ static VOID LoadImageNotifyRoutine (PUNICODE_STRING fullImageName, HANDLE proces } -void StartLegacyHibernationDriverFilter () -{ - PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr; - NTSTATUS status; - - ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); - ASSERT (!IsOSAtLeast (WIN_VISTA)); - - if (!TCDriverObject->DriverSection || !*(ModuleTableItem **) TCDriverObject->DriverSection) - goto err; - - // All buffers required for hibernation must be allocated here -#ifdef _WIN64 - highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFULL; -#else - highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFULL; -#endif - - HibernationWriteBuffer = MmAllocateContiguousMemory (TC_HIBERNATION_WRITE_BUFFER_SIZE, highestAcceptableWriteBufferAddr); - if (!HibernationWriteBuffer) - goto err; - - HibernationWriteBufferMdl = IoAllocateMdl (HibernationWriteBuffer, TC_HIBERNATION_WRITE_BUFFER_SIZE, FALSE, FALSE, NULL); - if (!HibernationWriteBufferMdl) - goto err; - - MmBuildMdlForNonPagedPool (HibernationWriteBufferMdl); - - status = PsSetLoadImageNotifyRoutine (LoadImageNotifyRoutine); - if (!NT_SUCCESS (status)) - goto err; - - LegacyHibernationDriverFilterActive = TRUE; - CrashDumpEnabled = FALSE; - HibernationEnabled = TRUE; - return; - -err: - LegacyHibernationDriverFilterActive = FALSE; - CrashDumpEnabled = FALSE; - HibernationEnabled = FALSE; - - if (HibernationWriteBufferMdl) - { - IoFreeMdl (HibernationWriteBufferMdl); - HibernationWriteBufferMdl = NULL; - } - - if (HibernationWriteBuffer) - { - MmFreeContiguousMemory (HibernationWriteBuffer); - HibernationWriteBuffer = NULL; - } -} - - static VOID SetupThreadProc (PVOID threadArg) { DriveFilterExtension *Extension = BootDriveFilterExtension; @@ -1590,6 +1521,7 @@ static VOID SetupThreadProc (PVOID threadArg) // wipeRandCharsUpdate instead of relying on uninitialized stack memory ChaCha20RngCtx rngCtx; uint8 pbSeed[CHACHA20RNG_KEYSZ + CHACHA20RNG_IVSZ]; + UNREFERENCED_PARAMETER(threadArg); GetDriverRandomSeed (pbSeed, sizeof (pbSeed)); ChaCha20RngInit (&rngCtx, pbSeed, GetDriverRandomSeed, 0); @@ -1951,7 +1883,7 @@ NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_ST } -void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp) +void GetBootDriveVolumeProperties (PIRP irp) { if (ValidateIOBufferSize (irp, sizeof (VOLUME_PROPERTIES_STRUCT), ValidateOutput)) { @@ -1989,7 +1921,7 @@ void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp) } -void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp) +void GetBootEncryptionStatus (PIRP irp) { /* IMPORTANT: Do NOT add any potentially time-consuming operations to this function. */ @@ -2051,7 +1983,7 @@ void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp) } -void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp) +void GetBootLoaderVersion (PIRP irp) { if (ValidateIOBufferSize (irp, sizeof (uint16), ValidateOutput)) { @@ -2069,7 +2001,7 @@ void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp) } } -void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp) +void GetBootLoaderFingerprint (PIRP irp) { if (ValidateIOBufferSize (irp, sizeof (BootLoaderFingerprintRequest), ValidateOutput)) { @@ -2079,7 +2011,7 @@ void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp) BootLoaderFingerprintRequest *bootLoaderFingerprint = (BootLoaderFingerprintRequest *) irp->AssociatedIrp.SystemBuffer; /* compute the fingerprint again and check if it is the same as the one retrieved during boot */ - char *header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + unsigned char *header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); if (!header) { irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; @@ -2111,7 +2043,7 @@ void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp) } } -void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp) +void GetBootEncryptionAlgorithmName (PIRP irp) { if (ValidateIOBufferSize (irp, sizeof (GetBootEncryptionAlgorithmNameRequest), ValidateOutput)) { @@ -2193,6 +2125,7 @@ NTSTATUS AbortBootEncryptionSetup () static VOID DecoySystemWipeThreadProc (PVOID threadArg) { + UNREFERENCED_PARAMETER(threadArg); DriveFilterExtension *Extension = BootDriveFilterExtension; LARGE_INTEGER offset; @@ -2376,7 +2309,7 @@ BOOL IsDecoySystemWipeInProgress() } -void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp) +void GetDecoySystemWipeStatus (PIRP irp) { if (ValidateIOBufferSize (irp, sizeof (DecoySystemWipeStatus), ValidateOutput)) { diff --git a/src/Driver/DriveFilter.h b/src/Driver/DriveFilter.h index b164fa5b..307880fb 100644 --- a/src/Driver/DriveFilter.h +++ b/src/Driver/DriveFilter.h @@ -59,11 +59,11 @@ extern PKTHREAD DecoySystemWipeThread; NTSTATUS AbortBootEncryptionSetup (); NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo); NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp); -void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp); +void GetBootDriveVolumeProperties (PIRP irp); +void GetBootEncryptionAlgorithmName (PIRP irp); +void GetBootEncryptionStatus (PIRP irp); +void GetBootLoaderVersion (PIRP irp); +void GetBootLoaderFingerprint (PIRP irp); NTSTATUS GetSetupResult (); DriveFilterExtension *GetBootDriveFilterExtension (); CRYPTO_INFO *GetSystemDriveCryptoInfo (); @@ -73,14 +73,13 @@ BOOL IsHiddenSystemRunning (); NTSTATUS LoadBootArguments (BOOL bIsEfi); static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension); NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp); -void EmergencyClearAllKeys (PIRP irp, PIO_STACK_LOCATION irpSp); -void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp); +void EmergencyClearAllKeys (PIRP irp); +void ReopenBootVolumeHeader (PIRP irp); NTSTATUS StartDecoySystemWipe (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp); -void StartLegacyHibernationDriverFilter (); NTSTATUS AbortDecoySystemWipe (); BOOL IsDecoySystemWipeInProgress(); NTSTATUS GetDecoySystemWipeResult(); -void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp); +void GetDecoySystemWipeStatus (PIRP irp); uint64 GetBootDriveLength (); NTSTATUS WriteBootDriveSector (PIRP irp, PIO_STACK_LOCATION irpSp); diff --git a/src/Driver/DumpFilter.c b/src/Driver/DumpFilter.c index aa059d9d..94a130d9 100644 --- a/src/Driver/DumpFilter.c +++ b/src/Driver/DumpFilter.c @@ -158,6 +158,7 @@ err: static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension) { + UNREFERENCED_PARAMETER(filterExtension); Dump ("DumpFilterStart type=%d\n", filterExtension->DumpType); if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) @@ -175,6 +176,7 @@ static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEG uint32 intersectLength; PVOID writeBuffer; CSHORT origMdlFlags; + UNREFERENCED_PARAMETER(filterExtension); if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) TC_BUG_CHECK (STATUS_CRC_ERROR); @@ -194,7 +196,7 @@ static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEG if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, (HighPagePriority | ExDefaultMdlProtection)); + writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, (HighPagePriority | MdlMappingNoExecute)); if (!writeBuffer) TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES); @@ -242,6 +244,7 @@ static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEG static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension) { + UNREFERENCED_PARAMETER(filterExtension); Dump ("DumpFilterFinish type=%d\n", filterExtension->DumpType); return STATUS_SUCCESS; @@ -250,6 +253,7 @@ static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension) static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension) { + UNREFERENCED_PARAMETER(filterExtension); Dump ("DumpFilterUnload type=%d\n", filterExtension->DumpType); if (WriteFilterBuffer) diff --git a/src/Driver/EncryptedIoQueue.c b/src/Driver/EncryptedIoQueue.c index 8c2e8a41..61bfe7dd 100644 --- a/src/Driver/EncryptedIoQueue.c +++ b/src/Driver/EncryptedIoQueue.c @@ -640,7 +640,7 @@ static VOID MainThreadProc (PVOID threadArg) { UINT64_STRUCT dataUnit; - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | ExDefaultMdlProtection)); + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | MdlMappingNoExecute)); if (!dataBuffer) { TCfree (buffer); @@ -760,7 +760,7 @@ static VOID MainThreadProc (PVOID threadArg) continue; } - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | ExDefaultMdlProtection)); + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | MdlMappingNoExecute)); if (dataBuffer == NULL) { diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index 96f60cdd..0edc6941 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -154,9 +154,6 @@ int EncryptionIoRequestCount = 0; int EncryptionItemCount = 0; int EncryptionFragmentSize = 0; -POOL_TYPE ExDefaultNonPagedPoolType = NonPagedPool; -ULONG ExDefaultMdlProtection = 0; - PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1]; BOOL AlignValue (ULONG ulValue, ULONG ulAlignment, ULONG *pulResult) @@ -241,7 +238,7 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed) WHIRLPOOL_add ((unsigned char *) &(iSeed2.QuadPart), sizeof(iSeed2.QuadPart), &tctx); if (KeQueryInterruptTimePrecisePtr) { - iSeed.QuadPart = KeQueryInterruptTimePrecisePtr (&iSeed2.QuadPart); + iSeed.QuadPart = KeQueryInterruptTimePrecisePtr ((PULONG64) & iSeed2.QuadPart); WHIRLPOOL_add ((unsigned char *) &(iSeed.QuadPart), sizeof(iSeed.QuadPart), &tctx); WHIRLPOOL_add ((unsigned char *) &(iSeed2.QuadPart), sizeof(iSeed2.QuadPart), &tctx); } @@ -294,26 +291,19 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed) } -NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) +NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) { PKEY_VALUE_PARTIAL_INFORMATION startKeyValue; LONG version; int i; - Dump ("DriverEntry " TC_APP_NAME " " VERSION_STRING VERSION_STRING_SUFFIX "\n"); - - DetectX86Features (); + Dump("DriverEntry " TC_APP_NAME " " VERSION_STRING VERSION_STRING_SUFFIX "\n"); - PsGetVersion (&OsMajorVersion, &OsMinorVersion, NULL, NULL); + DetectX86Features(); - Dump ("OsMajorVersion=%d OsMinorVersion=%d\n", OsMajorVersion, OsMinorVersion); + PsGetVersion(&OsMajorVersion, &OsMinorVersion, NULL, NULL); - // NX pool support is available starting from Windows 8 - if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 2)) - { - ExDefaultNonPagedPoolType = (POOL_TYPE) NonPagedPoolNx; - ExDefaultMdlProtection = MdlMappingNoExecute; - } + Dump("OsMajorVersion=%d OsMinorVersion=%d\n", OsMajorVersion, OsMinorVersion); // KeAreAllApcsDisabled is available starting from Windows Server 2003 if ((OsMajorVersion > 5) || (OsMajorVersion == 5 && OsMinorVersion >= 2)) @@ -321,7 +311,7 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) UNICODE_STRING KeAreAllApcsDisabledFuncName; RtlInitUnicodeString(&KeAreAllApcsDisabledFuncName, L"KeAreAllApcsDisabled"); - KeAreAllApcsDisabledPtr = (KeAreAllApcsDisabledFn) MmGetSystemRoutineAddress(&KeAreAllApcsDisabledFuncName); + KeAreAllApcsDisabledPtr = (KeAreAllApcsDisabledFn)MmGetSystemRoutineAddress(&KeAreAllApcsDisabledFuncName); } // KeSaveExtendedProcessorState/KeRestoreExtendedProcessorState are available starting from Windows 7 @@ -334,19 +324,19 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) RtlInitUnicodeString(&groupCountFuncName, L"KeQueryActiveGroupCount"); RtlInitUnicodeString(&procCountFuncName, L"KeQueryActiveProcessorCountEx"); RtlInitUnicodeString(&setAffinityFuncName, L"KeSetSystemGroupAffinityThread"); - KeSaveExtendedProcessorStatePtr = (KeSaveExtendedProcessorStateFn) MmGetSystemRoutineAddress(&saveFuncName); - KeRestoreExtendedProcessorStatePtr = (KeRestoreExtendedProcessorStateFn) MmGetSystemRoutineAddress(&restoreFuncName); - KeSetSystemGroupAffinityThreadPtr = (KeSetSystemGroupAffinityThreadFn) MmGetSystemRoutineAddress(&setAffinityFuncName); - KeQueryActiveGroupCountPtr = (KeQueryActiveGroupCountFn) MmGetSystemRoutineAddress(&groupCountFuncName); - KeQueryActiveProcessorCountExPtr = (KeQueryActiveProcessorCountExFn) MmGetSystemRoutineAddress(&procCountFuncName); + KeSaveExtendedProcessorStatePtr = (KeSaveExtendedProcessorStateFn)MmGetSystemRoutineAddress(&saveFuncName); + KeRestoreExtendedProcessorStatePtr = (KeRestoreExtendedProcessorStateFn)MmGetSystemRoutineAddress(&restoreFuncName); + KeSetSystemGroupAffinityThreadPtr = (KeSetSystemGroupAffinityThreadFn)MmGetSystemRoutineAddress(&setAffinityFuncName); + KeQueryActiveGroupCountPtr = (KeQueryActiveGroupCountFn)MmGetSystemRoutineAddress(&groupCountFuncName); + KeQueryActiveProcessorCountExPtr = (KeQueryActiveProcessorCountExFn)MmGetSystemRoutineAddress(&procCountFuncName); } - + // ExGetFirmwareEnvironmentVariable is available starting from Windows 8 if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 2)) { UNICODE_STRING funcName; RtlInitUnicodeString(&funcName, L"ExGetFirmwareEnvironmentVariable"); - ExGetFirmwareEnvironmentVariablePtr = (ExGetFirmwareEnvironmentVariableFn) MmGetSystemRoutineAddress(&funcName); + ExGetFirmwareEnvironmentVariablePtr = (ExGetFirmwareEnvironmentVariableFn)MmGetSystemRoutineAddress(&funcName); } // KeQueryInterruptTimePrecise is available starting from Windows 8.1 @@ -354,62 +344,57 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) { UNICODE_STRING funcName; RtlInitUnicodeString(&funcName, L"KeQueryInterruptTimePrecise"); - KeQueryInterruptTimePrecisePtr = (KeQueryInterruptTimePreciseFn) MmGetSystemRoutineAddress(&funcName); + KeQueryInterruptTimePrecisePtr = (KeQueryInterruptTimePreciseFn)MmGetSystemRoutineAddress(&funcName); } // Load dump filter if the main driver is already loaded - if (NT_SUCCESS (TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)))) - return DumpFilterEntry ((PFILTER_EXTENSION) DriverObject, (PFILTER_INITIALIZATION_DATA) RegistryPath); + if (NT_SUCCESS(TCDeviceIoControl(NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof(version)))) + return DumpFilterEntry((PFILTER_EXTENSION)DriverObject, (PFILTER_INITIALIZATION_DATA)RegistryPath); TCDriverObject = DriverObject; - memset (VirtualVolumeDeviceObjects, 0, sizeof (VirtualVolumeDeviceObjects)); + memset(VirtualVolumeDeviceObjects, 0, sizeof(VirtualVolumeDeviceObjects)); - ReadRegistryConfigFlags (TRUE); - EncryptionThreadPoolStart (EncryptionThreadPoolFreeCpuCountLimit); + ReadRegistryConfigFlags(TRUE); + EncryptionThreadPoolStart(EncryptionThreadPoolFreeCpuCountLimit); SelfTestsPassed = AutoTestAlgorithms(); // Enable device class filters and load boot arguments if the driver is set to start at system boot - if (NT_SUCCESS (TCReadRegistryKey (RegistryPath, L"Start", &startKeyValue))) + if (NT_SUCCESS(TCReadRegistryKey(RegistryPath, L"Start", &startKeyValue))) { - if (startKeyValue->Type == REG_DWORD && *((uint32 *) startKeyValue->Data) == SERVICE_BOOT_START) + if (startKeyValue->Type == REG_DWORD && *((uint32*)startKeyValue->Data) == SERVICE_BOOT_START) { if (!SelfTestsPassed) { // in case of system encryption, if self-tests fail, disable all extended CPU // features and try again in order to workaround faulty configurations - DisableCPUExtendedFeatures (); + DisableCPUExtendedFeatures(); SelfTestsPassed = AutoTestAlgorithms(); // BUG CHECK if the self-tests still fail if (!SelfTestsPassed) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + TC_BUG_CHECK(STATUS_INVALID_PARAMETER); } - LoadBootArguments(IsUefiBoot ()); + LoadBootArguments(IsUefiBoot()); VolumeClassFilterRegistered = IsVolumeClassFilterRegistered(); DriverObject->DriverExtension->AddDevice = DriverAddDevice; } - TCfree (startKeyValue); + TCfree(startKeyValue); } -#ifdef _WIN64 - if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 1)) + + if (RamEncryptionActivated) { - // we enable RAM encryption only starting from Windows 7 - if (RamEncryptionActivated) - { - if (t1ha_selfcheck__t1ha2() != 0) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - if (!InitializeSecurityParameters(GetDriverRandomSeed)) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + if (t1ha_selfcheck__t1ha2() != 0) + TC_BUG_CHECK(STATUS_INVALID_PARAMETER); + if (!InitializeSecurityParameters(GetDriverRandomSeed)) + TC_BUG_CHECK(STATUS_INVALID_PARAMETER); - EnableRamEncryption (TRUE); - } + EnableRamEncryption(TRUE); } -#endif for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; ++i) { @@ -417,7 +402,7 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) } DriverObject->DriverUnload = TCUnloadDriver; - return TCCreateRootDeviceObject (DriverObject); + return TCCreateRootDeviceObject(DriverObject); } @@ -878,6 +863,7 @@ IOCTL_STORAGE_QUERY_PROPERTY 0x002D1400 NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp) { PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + UNREFERENCED_PARAMETER(DeviceObject); switch (irpSp->Parameters.DeviceIoControl.IoControlCode) { @@ -929,7 +915,7 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION else { ULONG outLength; - UCHAR volId[128], tmp[] = { 0,0 }; + CHAR volId[128], tmp[] = { 0,0 }; PMOUNTDEV_UNIQUE_ID outputBuffer = (PMOUNTDEV_UNIQUE_ID) Irp->AssociatedIrp.SystemBuffer; RtlStringCbCopyA (volId, sizeof(volId),TC_UNIQUE_ID_PREFIX); @@ -1024,7 +1010,6 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION if (ValidateIOBufferSize (Irp, minOutputSize, ValidateOutput)) { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); BOOL bFullBuffer = (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= fullOutputSize)? TRUE : FALSE; PDISK_GEOMETRY_EX outputBuffer = (PDISK_GEOMETRY_EX) Irp->AssociatedIrp.SystemBuffer; @@ -1338,7 +1323,6 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Dump ("ProcessVolumeDeviceControlIrp (IOCTL_DISK_GET_DRIVE_LAYOUT)\n"); if (ValidateIOBufferSize (Irp, sizeof (DRIVE_LAYOUT_INFORMATION), ValidateOutput)) { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); BOOL bFullBuffer = (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= (sizeof (DRIVE_LAYOUT_INFORMATION) + 3*sizeof(PARTITION_INFORMATION)))? TRUE : FALSE; PDRIVE_LAYOUT_INFORMATION outputBuffer = (PDRIVE_LAYOUT_INFORMATION) Irp->AssociatedIrp.SystemBuffer; @@ -1373,7 +1357,6 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION { if (ValidateIOBufferSize (Irp, sizeof (DRIVE_LAYOUT_INFORMATION_EX), ValidateOutput)) { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); BOOL bFullBuffer = (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= (sizeof (DRIVE_LAYOUT_INFORMATION_EX) + 3*sizeof(PARTITION_INFORMATION_EX)))? TRUE : FALSE; PDRIVE_LAYOUT_INFORMATION_EX outputBuffer = (PDRIVE_LAYOUT_INFORMATION_EX) Irp->AssociatedIrp.SystemBuffer; @@ -1528,37 +1511,20 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION case IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS: Dump ("ProcessVolumeDeviceControlIrp (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS)\n"); // Vista's, Windows 8.1 and later filesystem defragmenter fails if IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS does not succeed. - if (!(OsMajorVersion == 6 && OsMinorVersion == 0) - && !(IsOSAtLeast (WIN_8_1) && AllowWindowsDefrag && Extension->bRawDevice) - ) + if (ValidateIOBufferSize(Irp, sizeof(VOLUME_DISK_EXTENTS), ValidateOutput)) { - Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; - Irp->IoStatus.Information = 0; - } - else if (ValidateIOBufferSize (Irp, sizeof (VOLUME_DISK_EXTENTS), ValidateOutput)) - { - VOLUME_DISK_EXTENTS *extents = (VOLUME_DISK_EXTENTS *) Irp->AssociatedIrp.SystemBuffer; - + VOLUME_DISK_EXTENTS* extents = (VOLUME_DISK_EXTENTS*)Irp->AssociatedIrp.SystemBuffer; - if (IsOSAtLeast (WIN_8_1)) - { - // Windows 10 filesystem defragmenter works only if we report an extent with a real disk number - // So in the case of a VeraCrypt disk based volume, we use the disk number - // of the underlaying physical disk and we report a single extent - extents->NumberOfDiskExtents = 1; - extents->Extents[0].DiskNumber = Extension->DeviceNumber; - extents->Extents[0].StartingOffset.QuadPart = BYTES_PER_MB; // Set offset to 1MB to emulate the partition offset on a real MBR disk - extents->Extents[0].ExtentLength.QuadPart = Extension->DiskLength; - } - else - { - // Vista: No extent data can be returned as this is not a physical drive. - memset (extents, 0, sizeof (*extents)); - extents->NumberOfDiskExtents = 0; - } + // Windows 10 filesystem defragmenter works only if we report an extent with a real disk number + // So in the case of a VeraCrypt disk based volume, we use the disk number + // of the underlaying physical disk and we report a single extent + extents->NumberOfDiskExtents = 1; + extents->Extents[0].DiskNumber = Extension->DeviceNumber; + extents->Extents[0].StartingOffset.QuadPart = BYTES_PER_MB; // Set offset to 1MB to emulate the partition offset on a real MBR disk + extents->Extents[0].ExtentLength.QuadPart = Extension->DiskLength; Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (*extents); + Irp->IoStatus.Information = sizeof(*extents); } break; @@ -1723,7 +1689,6 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION { if (ValidateIOBufferSize (Irp, sizeof (DEVICE_MANAGE_DATA_SET_ATTRIBUTES), ValidateInput)) { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); DWORD inputLength = irpSp->Parameters.DeviceIoControl.InputBufferLength; PDEVICE_MANAGE_DATA_SET_ATTRIBUTES pInputAttrs = (PDEVICE_MANAGE_DATA_SET_ATTRIBUTES) Irp->AssociatedIrp.SystemBuffer; DEVICE_DATA_MANAGEMENT_SET_ACTION action = pInputAttrs->Action; @@ -1955,6 +1920,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex { PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); NTSTATUS ntStatus; + UNREFERENCED_PARAMETER(Extension); switch (irpSp->Parameters.DeviceIoControl.IoControlCode) { @@ -1981,7 +1947,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex case TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED: if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) { - LONG deviceObjectCount = 0; + ULONG deviceObjectCount = 0; *(int *) Irp->AssociatedIrp.SystemBuffer = DriverUnloadDisabled; @@ -2025,7 +1991,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex IO_STATUS_BLOCK IoStatus; LARGE_INTEGER offset; ACCESS_MASK access = FILE_READ_ATTRIBUTES; - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); if (!ValidateIOBufferSize (Irp, sizeof (OPEN_TEST_STRUCT), ValidateInputOutput)) break; @@ -2266,7 +2231,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex if (readBuffer[510] == 0x55 && readBuffer[511] == 0xaa) { - int i; for (i = 0; i < 4; ++i) { if (readBuffer[446 + i * 16 + 4] == PARTITION_LDM) @@ -2459,16 +2423,16 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex { RESOLVE_SYMLINK_STRUCT *resolve = (RESOLVE_SYMLINK_STRUCT *) Irp->AssociatedIrp.SystemBuffer; { - NTSTATUS ntStatus; + NTSTATUS ntStatusLocal; EnsureNullTerminatedString (resolve->symLinkName, sizeof (resolve->symLinkName)); - ntStatus = SymbolicLinkToTarget (resolve->symLinkName, + ntStatusLocal = SymbolicLinkToTarget (resolve->symLinkName, resolve->targetName, sizeof (resolve->targetName)); Irp->IoStatus.Information = sizeof (RESOLVE_SYMLINK_STRUCT); - Irp->IoStatus.Status = ntStatus; + Irp->IoStatus.Status = ntStatusLocal; } } break; @@ -2479,12 +2443,12 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex DISK_PARTITION_INFO_STRUCT *info = (DISK_PARTITION_INFO_STRUCT *) Irp->AssociatedIrp.SystemBuffer; { PARTITION_INFORMATION_EX pi; - NTSTATUS ntStatus; + NTSTATUS ntStatusLocal; EnsureNullTerminatedString (info->deviceName, sizeof (info->deviceName)); - ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &pi, sizeof (pi)); - if (NT_SUCCESS(ntStatus)) + ntStatusLocal = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &pi, sizeof (pi)); + if (NT_SUCCESS(ntStatusLocal)) { memset (&info->partInfo, 0, sizeof (info->partInfo)); @@ -2503,16 +2467,16 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex else { // Windows 2000 does not support IOCTL_DISK_GET_PARTITION_INFO_EX - ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &info->partInfo, sizeof (info->partInfo)); + ntStatusLocal = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &info->partInfo, sizeof (info->partInfo)); info->IsGPT = FALSE; } - if (!NT_SUCCESS (ntStatus)) + if (!NT_SUCCESS (ntStatusLocal)) { GET_LENGTH_INFORMATION lengthInfo; - ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_LENGTH_INFO, NULL, 0, &lengthInfo, sizeof (lengthInfo)); + ntStatusLocal = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_LENGTH_INFO, NULL, 0, &lengthInfo, sizeof (lengthInfo)); - if (NT_SUCCESS (ntStatus)) + if (NT_SUCCESS (ntStatusLocal)) { memset (&info->partInfo, 0, sizeof (info->partInfo)); info->partInfo.PartitionLength = lengthInfo.Length; @@ -2521,7 +2485,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex info->IsDynamic = FALSE; - if (NT_SUCCESS (ntStatus) && OsMajorVersion >= 6) + if (NT_SUCCESS (ntStatusLocal)) { # define IOCTL_VOLUME_IS_DYNAMIC CTL_CODE(IOCTL_VOLUME_BASE, 18, METHOD_BUFFERED, FILE_ANY_ACCESS) if (!NT_SUCCESS (TCDeviceIoControl (info->deviceName, IOCTL_VOLUME_IS_DYNAMIC, NULL, 0, &info->IsDynamic, sizeof (info->IsDynamic)))) @@ -2529,7 +2493,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex } Irp->IoStatus.Information = sizeof (DISK_PARTITION_INFO_STRUCT); - Irp->IoStatus.Status = ntStatus; + Irp->IoStatus.Status = ntStatusLocal; } } break; @@ -2539,17 +2503,17 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex { DISK_GEOMETRY_STRUCT *g = (DISK_GEOMETRY_STRUCT *) Irp->AssociatedIrp.SystemBuffer; { - NTSTATUS ntStatus; + NTSTATUS ntStatusLocal; EnsureNullTerminatedString (g->deviceName, sizeof (g->deviceName)); Dump ("Calling IOCTL_DISK_GET_DRIVE_GEOMETRY on %ls\n", g->deviceName); - ntStatus = TCDeviceIoControl (g->deviceName, + ntStatusLocal = TCDeviceIoControl (g->deviceName, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &g->diskGeometry, sizeof (g->diskGeometry)); Irp->IoStatus.Information = sizeof (DISK_GEOMETRY_STRUCT); - Irp->IoStatus.Status = ntStatus; + Irp->IoStatus.Status = ntStatusLocal; } } break; @@ -2559,18 +2523,18 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex { DISK_GEOMETRY_EX_STRUCT *g = (DISK_GEOMETRY_EX_STRUCT *) Irp->AssociatedIrp.SystemBuffer; { - NTSTATUS ntStatus; + NTSTATUS ntStatusLocal; PVOID buffer = TCalloc (256); // enough for DISK_GEOMETRY_EX and padded data if (buffer) { EnsureNullTerminatedString (g->deviceName, sizeof (g->deviceName)); Dump ("Calling IOCTL_DISK_GET_DRIVE_GEOMETRY_EX on %ls\n", g->deviceName); - ntStatus = TCDeviceIoControl (g->deviceName, + ntStatusLocal = TCDeviceIoControl (g->deviceName, IOCTL_DISK_GET_DRIVE_GEOMETRY_EX, NULL, 0, buffer, 256); - if (NT_SUCCESS(ntStatus)) + if (NT_SUCCESS(ntStatusLocal)) { PDISK_GEOMETRY_EX pGeo = (PDISK_GEOMETRY_EX) buffer; memcpy (&g->diskGeometry, &pGeo->Geometry, sizeof (DISK_GEOMETRY)); @@ -2580,30 +2544,27 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex { DISK_GEOMETRY dg = {0}; Dump ("Failed. Calling IOCTL_DISK_GET_DRIVE_GEOMETRY on %ls\n", g->deviceName); - ntStatus = TCDeviceIoControl (g->deviceName, + ntStatusLocal = TCDeviceIoControl (g->deviceName, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &dg, sizeof (dg)); - if (NT_SUCCESS(ntStatus)) + if (NT_SUCCESS(ntStatusLocal)) { - memcpy (&g->diskGeometry, &dg, sizeof (DISK_GEOMETRY)); + memcpy(&g->diskGeometry, &dg, sizeof(DISK_GEOMETRY)); g->DiskSize.QuadPart = dg.Cylinders.QuadPart * dg.SectorsPerTrack * dg.TracksPerCylinder * dg.BytesPerSector; - if (OsMajorVersion >= 6) + STORAGE_READ_CAPACITY storage = { 0 }; + NTSTATUS lStatus; + storage.Version = sizeof(STORAGE_READ_CAPACITY); + Dump("Calling IOCTL_STORAGE_READ_CAPACITY on %ls\n", g->deviceName); + lStatus = TCDeviceIoControl(g->deviceName, + IOCTL_STORAGE_READ_CAPACITY, + NULL, 0, &storage, sizeof(STORAGE_READ_CAPACITY)); + if (NT_SUCCESS(lStatus) + && (storage.Size == sizeof(STORAGE_READ_CAPACITY)) + ) { - STORAGE_READ_CAPACITY storage = {0}; - NTSTATUS lStatus; - storage.Version = sizeof (STORAGE_READ_CAPACITY); - Dump ("Calling IOCTL_STORAGE_READ_CAPACITY on %ls\n", g->deviceName); - lStatus = TCDeviceIoControl (g->deviceName, - IOCTL_STORAGE_READ_CAPACITY, - NULL, 0, &storage, sizeof (STORAGE_READ_CAPACITY)); - if ( NT_SUCCESS(lStatus) - && (storage.Size == sizeof (STORAGE_READ_CAPACITY)) - ) - { - g->DiskSize.QuadPart = storage.DiskLength.QuadPart; - } + g->DiskSize.QuadPart = storage.DiskLength.QuadPart; } } } @@ -2611,7 +2572,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex TCfree (buffer); Irp->IoStatus.Information = sizeof (DISK_GEOMETRY_EX_STRUCT); - Irp->IoStatus.Status = ntStatus; + Irp->IoStatus.Status = ntStatusLocal; } else { @@ -2669,7 +2630,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex if (ValidateIOBufferSize (Irp, sizeof (MOUNT_STRUCT), ValidateInputOutput)) { MOUNT_STRUCT *mount = (MOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); if ((irpSp->Parameters.DeviceIoControl.InputBufferLength != sizeof (MOUNT_STRUCT)) || mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD @@ -2703,7 +2663,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex { UNMOUNT_STRUCT *unmount = (UNMOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; PDEVICE_OBJECT ListDevice = GetVirtualVolumeDeviceObject (unmount->nDosDriveNo); - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); if (irpSp->Parameters.DeviceIoControl.InputBufferLength != sizeof (UNMOUNT_STRUCT)) { @@ -2731,7 +2690,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex if (ValidateIOBufferSize (Irp, sizeof (UNMOUNT_STRUCT), ValidateInputOutput)) { UNMOUNT_STRUCT *unmount = (UNMOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); if (irpSp->Parameters.DeviceIoControl.InputBufferLength != sizeof (UNMOUNT_STRUCT)) { @@ -2748,7 +2706,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex break; case VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS: - EmergencyClearAllKeys (Irp, irpSp); + EmergencyClearAllKeys (Irp); WipeCache(); break; @@ -2763,7 +2721,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex break; case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS: - GetBootEncryptionStatus (Irp, irpSp); + GetBootEncryptionStatus (Irp); break; case TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT: @@ -2772,23 +2730,23 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex break; case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES: - GetBootDriveVolumeProperties (Irp, irpSp); + GetBootDriveVolumeProperties (Irp); break; case TC_IOCTL_GET_BOOT_LOADER_VERSION: - GetBootLoaderVersion (Irp, irpSp); + GetBootLoaderVersion (Irp); break; case TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER: - ReopenBootVolumeHeader (Irp, irpSp); + ReopenBootVolumeHeader (Irp); break; case VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT: - GetBootLoaderFingerprint (Irp, irpSp); + GetBootLoaderFingerprint (Irp); break; case TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME: - GetBootEncryptionAlgorithmName (Irp, irpSp); + GetBootEncryptionAlgorithmName (Irp); break; case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING: @@ -2816,7 +2774,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex break; case TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS: - GetDecoySystemWipeStatus (Irp, irpSp); + GetDecoySystemWipeStatus (Irp); break; case TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR: @@ -3505,11 +3463,13 @@ void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) if (Extension->SecurityClientContextValid) { - VOID (*PsDereferenceImpersonationTokenD) (PACCESS_TOKEN ImpersonationToken); + typedef VOID (*PsDereferenceImpersonationTokenDType) (PACCESS_TOKEN ImpersonationToken); + + PsDereferenceImpersonationTokenDType PsDereferenceImpersonationTokenD; UNICODE_STRING name; RtlInitUnicodeString (&name, L"PsDereferenceImpersonationToken"); - PsDereferenceImpersonationTokenD = MmGetSystemRoutineAddress (&name); + PsDereferenceImpersonationTokenD = (PsDereferenceImpersonationTokenDType) MmGetSystemRoutineAddress (&name); if (!PsDereferenceImpersonationTokenD) TC_BUG_CHECK (STATUS_NOT_IMPLEMENTED); @@ -3534,7 +3494,7 @@ void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) VOID TCUnloadDriver (PDRIVER_OBJECT DriverObject) { Dump ("TCUnloadDriver BEGIN\n"); - + UNREFERENCED_PARAMETER(DriverObject); OnShutdownPending(); if (IsBootDriveMounted()) @@ -3568,6 +3528,7 @@ typedef struct static VOID TCDeviceIoControlWorkItemRoutine (PDEVICE_OBJECT rootDeviceObject, TCDeviceIoControlWorkItemArgs *arg) { + UNREFERENCED_PARAMETER(rootDeviceObject); arg->Status = TCDeviceIoControl (arg->deviceName, arg->IoControlCode, arg->InputBuffer, arg->InputBufferSize, arg->OutputBuffer, arg->OutputBufferSize); KeSetEvent (&arg->WorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); } @@ -3654,6 +3615,7 @@ typedef struct static VOID SendDeviceIoControlRequestWorkItemRoutine (PDEVICE_OBJECT rootDeviceObject, SendDeviceIoControlRequestWorkItemArgs *arg) { + UNREFERENCED_PARAMETER(rootDeviceObject); arg->Status = SendDeviceIoControlRequest (arg->deviceObject, arg->ioControlCode, arg->inputBuffer, arg->inputBufferSize, arg->outputBuffer, arg->outputBufferSize); KeSetEvent (&arg->WorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); } @@ -3998,6 +3960,7 @@ static NTSTATUS UpdateFsVolumeInformation (MOUNT_STRUCT* mount, PEXTENSION NewEx static VOID UpdateFsVolumeInformationWorkItemRoutine (PDEVICE_OBJECT rootDeviceObject, UpdateFsVolumeInformationWorkItemArgs *arg) { + UNREFERENCED_PARAMETER(rootDeviceObject); arg->Status = UpdateFsVolumeInformation (arg->mount, arg->NewExtension); KeSetEvent (&arg->WorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); } @@ -4265,6 +4228,7 @@ typedef struct static VOID UnmountDeviceWorkItemRoutine (PDEVICE_OBJECT rootDeviceObject, UnmountDeviceWorkItemArgs *arg) { + UNREFERENCED_PARAMETER(rootDeviceObject); arg->Status = UnmountDevice (arg->unmountRequest, arg->deviceObject, arg->ignoreOpenFiles); KeSetEvent (&arg->WorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); } diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index 68f63f16..0486219e 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -53,7 +53,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, LARGE_INTEGER lDiskLength = { 0 }; __int64 partitionStartingOffset = 0; int volumeType; - char *readBuffer = 0; + unsigned char *readBuffer = 0; NTSTATUS ntStatus = 0; BOOL forceAccessCheck = !bRawDevice; BOOL disableBuffering = TRUE; @@ -98,65 +98,62 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, PARTITION_INFORMATION_EX pix; LARGE_INTEGER diskLengthInfo; DISK_GEOMETRY_EX dg; - STORAGE_PROPERTY_QUERY storagePropertyQuery = {0}; + STORAGE_PROPERTY_QUERY storagePropertyQuery = { 0 }; uint8* dgBuffer; STORAGE_DEVICE_NUMBER storageDeviceNumber; - ntStatus = IoGetDeviceObjectPointer (&FullFileName, + ntStatus = IoGetDeviceObjectPointer(&FullFileName, FILE_READ_DATA | FILE_READ_ATTRIBUTES, &Extension->pfoDeviceFile, &Extension->pFsdDevice); - if (!NT_SUCCESS (ntStatus)) + if (!NT_SUCCESS(ntStatus)) goto error; - dgBuffer = TCalloc (256); + dgBuffer = TCalloc(256); if (!dgBuffer) { ntStatus = STATUS_INSUFFICIENT_RESOURCES; goto error; } - ntStatus = TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY_EX, (char *) dgBuffer, 256); - if (!NT_SUCCESS (ntStatus)) + ntStatus = TCSendHostDeviceIoControlRequest(DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY_EX, (char*)dgBuffer, 256); + if (!NT_SUCCESS(ntStatus)) { DISK_GEOMETRY geo; - ntStatus = TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY, (char *) &geo, sizeof (geo)); - if (!NT_SUCCESS (ntStatus)) + ntStatus = TCSendHostDeviceIoControlRequest(DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY, (char*)&geo, sizeof(geo)); + if (!NT_SUCCESS(ntStatus)) { - TCfree (dgBuffer); + TCfree(dgBuffer); goto error; } - memset (&dg, 0, sizeof (dg)); - memcpy (&dg.Geometry, &geo, sizeof (geo)); + memset(&dg, 0, sizeof(dg)); + memcpy(&dg.Geometry, &geo, sizeof(geo)); dg.DiskSize.QuadPart = geo.Cylinders.QuadPart * geo.SectorsPerTrack * geo.TracksPerCylinder * geo.BytesPerSector; - if (OsMajorVersion >= 6) + STORAGE_READ_CAPACITY storage = { 0 }; + NTSTATUS lStatus; + + storage.Version = sizeof(STORAGE_READ_CAPACITY); + storage.Size = sizeof(STORAGE_READ_CAPACITY); + lStatus = TCSendHostDeviceIoControlRequest(DeviceObject, Extension, + IOCTL_STORAGE_READ_CAPACITY, + (char*)&storage, sizeof(STORAGE_READ_CAPACITY)); + if (NT_SUCCESS(lStatus) + && (storage.Size == sizeof(STORAGE_READ_CAPACITY)) + ) { - STORAGE_READ_CAPACITY storage = {0}; - NTSTATUS lStatus; - - storage.Version = sizeof (STORAGE_READ_CAPACITY); - storage.Size = sizeof (STORAGE_READ_CAPACITY); - lStatus = TCSendHostDeviceIoControlRequest (DeviceObject, Extension, - IOCTL_STORAGE_READ_CAPACITY, - (char*) &storage, sizeof (STORAGE_READ_CAPACITY)); - if ( NT_SUCCESS(lStatus) - && (storage.Size == sizeof (STORAGE_READ_CAPACITY)) - ) - { - dg.DiskSize.QuadPart = storage.DiskLength.QuadPart; - } + dg.DiskSize.QuadPart = storage.DiskLength.QuadPart; } } else - memcpy (&dg, dgBuffer, sizeof (DISK_GEOMETRY_EX)); + memcpy(&dg, dgBuffer, sizeof(DISK_GEOMETRY_EX)); - TCfree (dgBuffer); + TCfree(dgBuffer); - if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, - IOCTL_STORAGE_GET_DEVICE_NUMBER, - (char*) &storageDeviceNumber, sizeof (storageDeviceNumber)))) + if (NT_SUCCESS(TCSendHostDeviceIoControlRequest(DeviceObject, Extension, + IOCTL_STORAGE_GET_DEVICE_NUMBER, + (char*)&storageDeviceNumber, sizeof(storageDeviceNumber)))) { Extension->DeviceNumber = storageDeviceNumber.DeviceNumber; } @@ -165,76 +162,72 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, Extension->HostBytesPerSector = dg.Geometry.BytesPerSector; Extension->HostBytesPerPhysicalSector = dg.Geometry.BytesPerSector; - /* IOCTL_STORAGE_QUERY_PROPERTY supported only on Vista and above */ - if (OsMajorVersion >= 6) - { - STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR alignmentDesc = {0}; - STORAGE_ADAPTER_DESCRIPTOR adapterDesc = {0}; - DEVICE_SEEK_PENALTY_DESCRIPTOR penaltyDesc = {0}; - DEVICE_TRIM_DESCRIPTOR trimDesc = {0}; + STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR alignmentDesc = { 0 }; + STORAGE_ADAPTER_DESCRIPTOR adapterDesc = { 0 }; + DEVICE_SEEK_PENALTY_DESCRIPTOR penaltyDesc = { 0 }; + DEVICE_TRIM_DESCRIPTOR trimDesc = { 0 }; - storagePropertyQuery.PropertyId = StorageAccessAlignmentProperty; - storagePropertyQuery.QueryType = PropertyStandardQuery; + storagePropertyQuery.PropertyId = StorageAccessAlignmentProperty; + storagePropertyQuery.QueryType = PropertyStandardQuery; - alignmentDesc.Version = sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); - alignmentDesc.Size = sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); + alignmentDesc.Version = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); + alignmentDesc.Size = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); - if (NT_SUCCESS (TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, - (char*) &storagePropertyQuery, sizeof(storagePropertyQuery), - (char *) &alignmentDesc, sizeof (alignmentDesc)))) - { - Extension->HostBytesPerPhysicalSector = alignmentDesc.BytesPerPhysicalSector; - } + if (NT_SUCCESS(TCSendHostDeviceIoControlRequestEx(DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, + (char*)&storagePropertyQuery, sizeof(storagePropertyQuery), + (char*)&alignmentDesc, sizeof(alignmentDesc)))) + { + Extension->HostBytesPerPhysicalSector = alignmentDesc.BytesPerPhysicalSector; + } - storagePropertyQuery.PropertyId = StorageAdapterProperty; - adapterDesc.Version = sizeof (STORAGE_ADAPTER_DESCRIPTOR); - adapterDesc.Size = sizeof (STORAGE_ADAPTER_DESCRIPTOR); + storagePropertyQuery.PropertyId = StorageAdapterProperty; + adapterDesc.Version = sizeof(STORAGE_ADAPTER_DESCRIPTOR); + adapterDesc.Size = sizeof(STORAGE_ADAPTER_DESCRIPTOR); - if (NT_SUCCESS (TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, - (char*) &storagePropertyQuery, sizeof(storagePropertyQuery), - (char *) &adapterDesc, sizeof (adapterDesc)))) - { - Extension->HostMaximumTransferLength = adapterDesc.MaximumTransferLength; - Extension->HostMaximumPhysicalPages = adapterDesc.MaximumPhysicalPages; - Extension->HostAlignmentMask = adapterDesc.AlignmentMask; - } + if (NT_SUCCESS(TCSendHostDeviceIoControlRequestEx(DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, + (char*)&storagePropertyQuery, sizeof(storagePropertyQuery), + (char*)&adapterDesc, sizeof(adapterDesc)))) + { + Extension->HostMaximumTransferLength = adapterDesc.MaximumTransferLength; + Extension->HostMaximumPhysicalPages = adapterDesc.MaximumPhysicalPages; + Extension->HostAlignmentMask = adapterDesc.AlignmentMask; + } - storagePropertyQuery.PropertyId = StorageDeviceSeekPenaltyProperty; - penaltyDesc.Version = sizeof (DEVICE_SEEK_PENALTY_DESCRIPTOR); - penaltyDesc.Size = sizeof (DEVICE_SEEK_PENALTY_DESCRIPTOR); + storagePropertyQuery.PropertyId = StorageDeviceSeekPenaltyProperty; + penaltyDesc.Version = sizeof(DEVICE_SEEK_PENALTY_DESCRIPTOR); + penaltyDesc.Size = sizeof(DEVICE_SEEK_PENALTY_DESCRIPTOR); - if (NT_SUCCESS (TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, - (char*) &storagePropertyQuery, sizeof(storagePropertyQuery), - (char *) &penaltyDesc, sizeof (penaltyDesc)))) - { - Extension->IncursSeekPenalty = penaltyDesc.IncursSeekPenalty; - } + if (NT_SUCCESS(TCSendHostDeviceIoControlRequestEx(DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, + (char*)&storagePropertyQuery, sizeof(storagePropertyQuery), + (char*)&penaltyDesc, sizeof(penaltyDesc)))) + { + Extension->IncursSeekPenalty = penaltyDesc.IncursSeekPenalty; + } - storagePropertyQuery.PropertyId = StorageDeviceTrimProperty; - trimDesc.Version = sizeof (DEVICE_TRIM_DESCRIPTOR); - trimDesc.Size = sizeof (DEVICE_TRIM_DESCRIPTOR); + storagePropertyQuery.PropertyId = StorageDeviceTrimProperty; + trimDesc.Version = sizeof(DEVICE_TRIM_DESCRIPTOR); + trimDesc.Size = sizeof(DEVICE_TRIM_DESCRIPTOR); - if (NT_SUCCESS (TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, - (char*) &storagePropertyQuery, sizeof(storagePropertyQuery), - (char *) &trimDesc, sizeof (trimDesc)))) - { - Extension->TrimEnabled = trimDesc.TrimEnabled; - } + if (NT_SUCCESS(TCSendHostDeviceIoControlRequestEx(DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, + (char*)&storagePropertyQuery, sizeof(storagePropertyQuery), + (char*)&trimDesc, sizeof(trimDesc)))) + { + Extension->TrimEnabled = trimDesc.TrimEnabled; } // Drive geometry is used only when IOCTL_DISK_GET_PARTITION_INFO fails - if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO_EX, (char *) &pix, sizeof (pix)))) + if (NT_SUCCESS(TCSendHostDeviceIoControlRequest(DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO_EX, (char*)&pix, sizeof(pix)))) { lDiskLength.QuadPart = pix.PartitionLength.QuadPart; partitionStartingOffset = pix.StartingOffset.QuadPart; } // If IOCTL_DISK_GET_PARTITION_INFO_EX fails, switch to IOCTL_DISK_GET_PARTITION_INFO - else if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO, (char *) &pi, sizeof (pi)))) + else if (NT_SUCCESS(TCSendHostDeviceIoControlRequest(DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO, (char*)&pi, sizeof(pi)))) { lDiskLength.QuadPart = pi.PartitionLength.QuadPart; partitionStartingOffset = pi.StartingOffset.QuadPart; } - else if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_LENGTH_INFO, &diskLengthInfo, sizeof (diskLengthInfo)))) + else if (NT_SUCCESS(TCSendHostDeviceIoControlRequest(DeviceObject, Extension, IOCTL_DISK_GET_LENGTH_INFO, &diskLengthInfo, sizeof(diskLengthInfo)))) { lDiskLength = diskLengthInfo; } @@ -242,7 +235,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, ProbingHostDeviceForWrite = TRUE; if (!mount->bMountReadOnly - && TCSendHostDeviceIoControlRequest (DeviceObject, Extension, + && TCSendHostDeviceIoControlRequest(DeviceObject, Extension, IsHiddenSystemRunning() ? TC_IOCTL_DISK_IS_WRITABLE : IOCTL_DISK_IS_WRITABLE, NULL, 0) == STATUS_MEDIA_WRITE_PROTECTED) { mount->bMountReadOnly = TRUE; @@ -937,6 +930,7 @@ typedef struct static VOID TCSendHostDeviceIoControlRequestExWorkItemRoutine (PDEVICE_OBJECT rootDeviceObject, TCSendHostDeviceIoControlRequestExWorkItemArgs *arg) { + UNREFERENCED_PARAMETER(rootDeviceObject); /* Remove compiler warning */ arg->Status = TCSendHostDeviceIoControlRequestEx (arg->deviceObject, arg->Extension, arg->ioControlCode, arg->inputBuffer, arg->inputBufferSize, arg->outputBuffer, arg->outputBufferSize); KeSetEvent (&arg->WorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); } diff --git a/src/Driver/VolumeFilter.c b/src/Driver/VolumeFilter.c index 29d02673..b4bc8d2e 100644 --- a/src/Driver/VolumeFilter.c +++ b/src/Driver/VolumeFilter.c @@ -155,6 +155,7 @@ static BOOL IsSystemVolumePartition (VolumeFilterExtension *Extension) static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) { NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + UNREFERENCED_PARAMETER(DeviceObject); if (!NT_SUCCESS (status)) return TCCompleteIrp (Irp, status, 0); @@ -270,9 +271,10 @@ static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilter } -static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) +static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension) { NTSTATUS status; + UNREFERENCED_PARAMETER(DeviceObject); PoStartNextPowerIrp (Irp); status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); @@ -304,7 +306,7 @@ NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp) return DispatchPnp (DeviceObject, Irp, Extension, irpSp); case IRP_MJ_POWER: - return DispatchPower (DeviceObject, Irp, Extension, irpSp); + return DispatchPower (DeviceObject, Irp, Extension); default: status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 361b8aeb..2a5dc6a3 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c @@ -375,7 +375,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol PCRYPTO_INFO cryptoInfo2 = NULL; HANDLE dev = INVALID_HANDLE_VALUE; DWORD dwError; - char *header; + unsigned char *header; WCHAR dosDev[TC_MAX_PATH] = {0}; WCHAR devName[MAX_PATH] = {0}; int driveLetter = -1; @@ -393,7 +393,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol return ERR_DONT_REPORT; - header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); + header = (unsigned char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); if (!header) return ERR_OUTOFMEMORY; @@ -600,7 +600,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol } // Write the backup header to the partition - if (!WriteEffectiveVolumeHeader (TRUE, dev, (uint8 *) header)) + if (!WriteEffectiveVolumeHeader (TRUE, dev, header)) { nStatus = ERR_OS_ERROR; goto closing_seq; @@ -753,7 +753,7 @@ int EncryptPartitionInPlaceResume (HANDLE dev, { PCRYPTO_INFO masterCryptoInfo = NULL, headerCryptoInfo = NULL, tmpCryptoInfo = NULL; UINT64_STRUCT unitNo; - char *buf = NULL, *header = NULL; + unsigned char *buf = NULL, *header = NULL; uint8 *wipeBuffer = NULL; uint8 wipeRandChars [TC_WIPE_RAND_CHAR_COUNT]; uint8 wipeRandCharsUpdate [TC_WIPE_RAND_CHAR_COUNT]; @@ -783,14 +783,14 @@ int EncryptPartitionInPlaceResume (HANDLE dev, bInPlaceEncNonSysResumed = TRUE; - buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); + buf = (unsigned char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); if (!buf) { nStatus = ERR_OUTOFMEMORY; goto closing_seq; } - header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); + header = (unsigned char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); if (!header) { nStatus = ERR_OUTOFMEMORY; @@ -2301,10 +2301,10 @@ static int OpenBackupHeader (HANDLE dev, const wchar_t *devicePath, Password *pa LARGE_INTEGER offset; DWORD n; int nStatus = ERR_SUCCESS; - char *header; + unsigned char *header; DWORD dwError; - header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); + header = (unsigned char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); if (!header) return ERR_OUTOFMEMORY; @@ -2315,7 +2315,7 @@ static int OpenBackupHeader (HANDLE dev, const wchar_t *devicePath, Password *pa offset.QuadPart = deviceSize - TC_VOLUME_HEADER_GROUP_SIZE; if (MoveFilePointer (dev, offset) == 0 - || !ReadEffectiveVolumeHeader (TRUE, dev, (uint8 *) header, &n) || n < TC_VOLUME_HEADER_EFFECTIVE_SIZE) + || !ReadEffectiveVolumeHeader (TRUE, dev, header, &n) || n < TC_VOLUME_HEADER_EFFECTIVE_SIZE) { nStatus = ERR_OS_ERROR; goto closing_seq; diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index a851ebef..6ae6e417 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -4242,7 +4242,7 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP StringCbPrintfW (sw, sizeof(sw), L"%d %s", size * 8, GetString ("BITS")); ListSubItemSet (list, i++, 1, sw); - if (wcscmp (EAGetModeName (prop.ea, prop.mode, TRUE), L"XTS") == 0) + if (wcscmp (EAGetModeName (prop.mode), L"XTS") == 0) { // Secondary key (XTS) @@ -4260,7 +4260,7 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP // Mode ListItemAdd (list, i, GetString ("MODE_OF_OPERATION")); - ListSubItemSet (list, i++, 1, EAGetModeName (prop.ea, prop.mode, TRUE)); + ListSubItemSet (list, i++, 1, EAGetModeName (prop.mode)); // PKCS 5 PRF ListItemAdd (list, i, GetString ("PKCS5_PRF")); @@ -11047,13 +11047,13 @@ noHidden: } // Store header encrypted with a new key - nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup, FALSE, volume.CryptoInfo, &VolumePassword, VolumePim, FALSE); + nStatus = ReEncryptVolumeHeader (hwndDlg, backup, FALSE, volume.CryptoInfo, &VolumePassword, VolumePim, FALSE); if (nStatus != ERR_SUCCESS) goto error; if (hiddenVolume.VolumeIsOpen) { - nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup + (legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE), + nStatus = ReEncryptVolumeHeader (hwndDlg, backup + (legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE), FALSE, hiddenVolume.CryptoInfo, &hiddenVolPassword, hiddenVolPim, FALSE); if (nStatus != ERR_SUCCESS) @@ -11238,7 +11238,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume) } // Create a new header with a new salt - char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + unsigned char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, volume.CryptoInfo, &VolumePassword, VolumePim, FALSE); if (nStatus != 0) @@ -11398,7 +11398,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume) /* Read the volume header from the backup file */ - char buffer[TC_VOLUME_HEADER_GROUP_SIZE]; + unsigned char buffer[TC_VOLUME_HEADER_GROUP_SIZE]; DWORD bytesRead; if (!ReadFile (fBackup, buffer, sizeof (buffer), &bytesRead, NULL)) |